|
@@ -1,5 +1,14 @@
|
|
|
Changes in version 0.3.0.3-alpha - 2017-02-03
|
|
|
- BLURB BLURB BLURB.
|
|
|
+ Tor 0.3.0.3-alpha fixes a few significant bugs introduced over the
|
|
|
+ 0.3.0.x development series, including some that could cause
|
|
|
+ authorities to behave badly. There is also a fix for a longstanding
|
|
|
+ bug that could prevent IPv6 exits from working. Tor 0.3.0.3-alpha also
|
|
|
+ includes some smaller features and bugfixes.
|
|
|
+
|
|
|
+ The Tor 0.3.0.x release series is now in patch-freeze: no additional
|
|
|
+ features will be considered for inclusion in 0.3.0.x. We suspect that
|
|
|
+ some bugs will probably remain, however, and we encourage people to
|
|
|
+ test this release.
|
|
|
|
|
|
o Major bugfixes (directory authority):
|
|
|
- During voting, when marking a node as a probable sybil, do not
|
|
@@ -14,20 +23,20 @@ Changes in version 0.3.0.3-alpha - 2017-02-03
|
|
|
|
|
|
o Major bugfixes (entry guards):
|
|
|
- Stop trying to build circuits through entry guards for which we
|
|
|
- have no descriptor yet. Also, stop crashing if we *do*
|
|
|
+ have no descriptor. Also, stop crashing in the case that we *do*
|
|
|
accidentally try to build a circuit in such a state. Fixes bug
|
|
|
21242; bugfix on 0.3.0.1-alpha.
|
|
|
|
|
|
o Major bugfixes (IPv6 Exits):
|
|
|
- Stop rejecting all IPv6 traffic on Exits whose exit policy rejects
|
|
|
- IPv6 addresses. Instead, only reject a port over IPv6 if the exit
|
|
|
- policy rejects that port on more than an IPv6 /16 of addresses.
|
|
|
- This bug was made worse by 17027 in 0.2.8.1-alpha, which rejects a
|
|
|
- relay's own IPv6 address by default. Fixes bug 21357; bugfix on
|
|
|
- commit 004f3f4e53 in 0.2.4.7-alpha.
|
|
|
+ any IPv6 addresses. Instead, only reject a port over IPv6 if the
|
|
|
+ exit policy rejects that port on more than an IPv6 /16 of
|
|
|
+ addresses. This bug was made worse by 17027 in 0.2.8.1-alpha,
|
|
|
+ which rejected a relay's own IPv6 address by default. Fixes bug
|
|
|
+ 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha.
|
|
|
|
|
|
o Minor feature (client):
|
|
|
- - Enable IPv6 traffic by default on the SocksPort. To disable this,
|
|
|
+ - Enable IPv6 traffic on the SocksPort by default. To disable this,
|
|
|
a user will have to specify "NoIPv6Traffic". Closes ticket 21269.
|
|
|
|
|
|
o Minor feature (fallback scripts):
|
|
@@ -36,10 +45,10 @@ Changes in version 0.3.0.3-alpha - 2017-02-03
|
|
|
20174. Patch by haxxpop.
|
|
|
|
|
|
o Minor features (ciphersuite selection):
|
|
|
+ - Clients now advertise a list of ciphersuites closer to the ones
|
|
|
+ preferred by Firefox. Closes part of ticket 15426.
|
|
|
- Allow servers to accept a wider range of ciphersuites, including
|
|
|
chacha20-poly1305 and AES-CCM. Closes the other part of 15426.
|
|
|
- - Clients now advertise a list of ciphersuites closer to the ones
|
|
|
- preferred by Firefox. Closes ticket 15426.
|
|
|
|
|
|
o Minor features (controller, configuration):
|
|
|
- Each of the *Port options, such as SocksPort, ORPort, ControlPort,
|
|
@@ -53,23 +62,24 @@ Changes in version 0.3.0.3-alpha - 2017-02-03
|
|
|
in feature 20956. Implements ticket 21300.
|
|
|
|
|
|
o Minor features (portability, compilation):
|
|
|
- - Autoconf now check to determine if OpenSSL structures are opaque,
|
|
|
+ - Autoconf now checks to determine if OpenSSL structures are opaque,
|
|
|
instead of explicitly checking for OpenSSL version numbers. Part
|
|
|
of ticket 21359.
|
|
|
- Support building with recent LibreSSL code that uses opaque
|
|
|
structures. Closes ticket 21359.
|
|
|
|
|
|
o Minor features (relay):
|
|
|
- - Allow separation of exit and relay traffic to different source IP
|
|
|
- addresses. Closes ticket 17975. Written by Michael Sonntag.
|
|
|
+ - We now allow separation of exit and relay traffic to different
|
|
|
+ source IP addresses, using the OutboundBindAddressExit and
|
|
|
+ OutboundBindAddressOR options respectively. Closes ticket 17975.
|
|
|
+ Written by Michael Sonntag.
|
|
|
|
|
|
o Minor bugfix (logging):
|
|
|
- - Don't recommend the use of Tor2web in non anonymous mode. In that
|
|
|
- mode, we disable client functionalities and recommending Tor2web
|
|
|
- as a solution is a bad idea because in that case client loses all
|
|
|
- anonymity. Tor2web should really only be used in very specific
|
|
|
- cases and with users *knowing* what they do. Fixes bug 21294;
|
|
|
- bugfix on 0.2.9.3-alpha.
|
|
|
+ - Don't recommend the use of Tor2web in non-anonymous mode.
|
|
|
+ Recommending Tor2web is a bad idea because the client loses all
|
|
|
+ anonymity. Tor2web shouldy only be used in specific cases by users
|
|
|
+ who *know* and understand the issues. Fixes bug 21294; bugfix
|
|
|
+ on 0.2.9.3-alpha.
|
|
|
|
|
|
o Minor bugfixes (client):
|
|
|
- Always recover from failures in extend_info_from_node(), in an
|
|
@@ -90,38 +100,39 @@ Changes in version 0.3.0.3-alpha - 2017-02-03
|
|
|
|
|
|
o Minor bugfixes (configure, autoconf):
|
|
|
- Rename the configure option --enable-expensive-hardening to
|
|
|
- --enable-fragile-hardening. TROVE-2017-001 was triggerable only
|
|
|
- through the expensive hardening which is making the tor daemon
|
|
|
- abort when the issue is detected. Thus, it makes tor more at risk
|
|
|
- of remote crashes but safer against RCE or heartbleed bug
|
|
|
- category. Fixes bug 21290; bugfix on 0.2.5.4-alpha.
|
|
|
+ --enable-fragile-hardening. Expensive hardening makes the tor
|
|
|
+ daemon abort when some kinds of issues are detected. Thus, it
|
|
|
+ makes tor more at risk of remote crashes but safer against RCE or
|
|
|
+ heartbleed bug category. We now try to explain this issue in a
|
|
|
+ message from the configure script. Fixes bug 21290; bugfix
|
|
|
+ on 0.2.5.4-alpha.
|
|
|
|
|
|
o Minor bugfixes (controller):
|
|
|
- Restore the (deprecated) DROPGUARDS controller command. Fixes bug
|
|
|
20824; bugfix on 0.3.0.1-alpha.
|
|
|
|
|
|
o Minor bugfixes (hidden service):
|
|
|
- - Cleanup expiring intro point nodes if no circuit is associated to
|
|
|
- it anymore. It was causing, rarely, the service to not open enough
|
|
|
- introduction points circuit in the case we had dead expiring
|
|
|
- nodes.; bugfix on 0.2.7.2-alpha.
|
|
|
- - Stop modifying the value of our torrc option
|
|
|
- HiddenServiceStatistics just because we're not a bridge or relay.
|
|
|
- Use an internal value for what tor should use and keep the torrc
|
|
|
- option intact. Fixes bug 21150; bugfix on 0.2.6.2-alpha.
|
|
|
+ - Clean up the code for expiring intro points with no associated
|
|
|
+ circuits. It was causing, rarely, a service with some expiring
|
|
|
+ nodes to not open enough introduction points. Fixes part of bug
|
|
|
+ 21302; bugfix on 0.2.7.2-alpha.
|
|
|
+ - Stop setting the torrc option HiddenServiceStatistics to "0" just
|
|
|
+ because we're not a bridge or relay. Instead, we preserve whatever
|
|
|
+ value the user set (or didn't set). Fixes bug 21150; bugfix
|
|
|
+ on 0.2.6.2-alpha.
|
|
|
- Two possible underflow which would ultimately lead to creating a
|
|
|
lot of introduction points circuits and closing them in a non stop
|
|
|
loop. Fixes bug 21302; bugfix on 0.2.7.2-alpha.
|
|
|
|
|
|
o Minor bugfixes (portability):
|
|
|
- - Use "OpenBSD" pre-defined compiler macro instead of "OPENBSD" or
|
|
|
- "__OpenBSD__". It is supported by OpenBSD itself and also most
|
|
|
- OpenBSD variants like Bitrig. Fixes bug 20980; bugfix
|
|
|
+ - Use "OpenBSD" compiler macro instead of "OPENBSD" or "__OpenBSD__".
|
|
|
+ It is supported by OpenBSD itself, and also by most OpenBSD
|
|
|
+ variants (such as Bitrig). Fixes bug 20980; bugfix
|
|
|
on 0.1.2.1-alpha.
|
|
|
- - Do not silently truncate content of files if they are larger than
|
|
|
- SIZE_MAX bytes. This issue could occur on 32 bit systems with
|
|
|
- large file support and files which are larger than 4 GB. Fixes bug
|
|
|
- 21134; bugfix on 0.3.0.1-alpha.
|
|
|
+ - When mapping a file of length greater than SIZE_MAX, do not
|
|
|
+ silently its contents. This issue could occur on 32 bit systems
|
|
|
+ with large file support and files which are larger than 4 GB.
|
|
|
+ Fixes bug 21134; bugfix on 0.3.0.1-alpha.
|
|
|
|
|
|
o Minor bugfixes (tor-resolve):
|
|
|
- The tor-resolve command line tool now rejects hostnames over 255
|