Page MenuHomePhabricator
Create Task
Maniphest T777

torproject.org tlsv1.0 downgrade regressino breaks tb-updater breaks building Whonix
Closed, ResolvedPublic
Actions

Description

torproject.org SSL changes break tb-updater breaks Whonix build process.

https://trac.torproject.org/projects/tor/ticket/25426

https://forums.whonix.org/t/failure-to-download-tor-browser-ssl-fail

Downgrading from curl --tlsv1.2 to --tlsv1.0 seems weird.

What do we do? Download from torproject onion by default? That however would make building Whonix without being behing Tor fail since it couldn't connect to onions by default.

These users we would recommend to build using --tb none for "not install Tor Browser". Hopefully --tb none is even working. Not easy to propagate variable all the way down to tb-updater.

Details

Impact
High

Event Timeline

Patrick triaged this task as Unbreak Now! priority.Mar 5 2018, 11:48 PM
Patrick created this task.
Herald added a project: Whonix. · View Herald TranscriptMar 5 2018, 11:48 PM
Herald added subscribers: entr0py, WhonixQubes. · View Herald Transcript
iry added a subscriber: iry.Mar 21 2018, 8:37 PM
iry added a comment.Mar 21 2018, 8:41 PM

The ticket can be closed now since TPO has fixed the problem. (I do not have the permission to close it.)

Related ticket:
https://trac.torproject.org/projects/tor/ticket/25354

SSL status of www.torproject.org:
https://www.ssllabs.com/ssltest/analyze.html?d=www.torproject.org

Patrick closed this task as Resolved.Mar 23 2018, 2:41 PM
Patrick claimed this task.

Thanks! :)

Whonix OLD Issue Tracker · PLEASE DO NOT POST NEW TICKETS HERE · OLD Issue Tracker - Unread Notifications · OLD Issue Tracker - Feed · OLD Issue Tracker - Open Issues · NEW Issue Tracker · Homepage · Blog · Forum · Legal · Imprint · Privacy Policy · Terms of Use · Disclaimer