123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973297429752976297729782979298029812982298329842985298629872988298929902991299229932994299529962997299829993000300130023003300430053006300730083009301030113012301330143015301630173018301930203021302230233024302530263027302830293030303130323033303430353036303730383039304030413042304330443045304630473048304930503051305230533054305530563057305830593060306130623063306430653066306730683069307030713072307330743075307630773078307930803081308230833084308530863087308830893090309130923093309430953096309730983099310031013102310331043105310631073108310931103111311231133114311531163117311831193120312131223123312431253126312731283129313031313132313331343135313631373138313931403141314231433144314531463147314831493150315131523153315431553156315731583159316031613162316331643165316631673168316931703171317231733174317531763177317831793180318131823183318431853186318731883189319031913192319331943195319631973198319932003201320232033204320532063207320832093210321132123213321432153216321732183219322032213222322332243225322632273228322932303231323232333234323532363237323832393240324132423243324432453246324732483249325032513252325332543255325632573258325932603261326232633264326532663267326832693270327132723273327432753276327732783279328032813282328332843285328632873288328932903291329232933294329532963297329832993300330133023303330433053306330733083309331033113312331333143315331633173318331933203321332233233324332533263327332833293330333133323333333433353336333733383339334033413342334333443345334633473348334933503351335233533354335533563357335833593360336133623363336433653366336733683369337033713372337333743375337633773378337933803381338233833384338533863387338833893390339133923393339433953396339733983399340034013402340334043405340634073408340934103411341234133414341534163417341834193420342134223423342434253426342734283429343034313432343334343435343634373438343934403441344234433444344534463447344834493450345134523453345434553456345734583459346034613462346334643465346634673468346934703471347234733474347534763477347834793480348134823483348434853486348734883489349034913492349334943495349634973498349935003501350235033504350535063507350835093510351135123513351435153516351735183519352035213522352335243525352635273528352935303531353235333534353535363537353835393540354135423543354435453546354735483549355035513552355335543555355635573558355935603561356235633564356535663567356835693570357135723573357435753576357735783579358035813582358335843585358635873588358935903591359235933594359535963597359835993600360136023603360436053606360736083609361036113612361336143615361636173618361936203621362236233624362536263627362836293630363136323633363436353636363736383639364036413642364336443645364636473648364936503651365236533654365536563657365836593660366136623663366436653666366736683669367036713672367336743675367636773678367936803681368236833684368536863687368836893690369136923693369436953696369736983699370037013702370337043705370637073708370937103711371237133714371537163717371837193720372137223723372437253726372737283729373037313732373337343735373637373738373937403741374237433744374537463747374837493750375137523753375437553756375737583759376037613762376337643765376637673768376937703771377237733774377537763777377837793780378137823783378437853786378737883789379037913792379337943795379637973798379938003801380238033804380538063807380838093810381138123813381438153816381738183819382038213822382338243825382638273828382938303831383238333834383538363837383838393840384138423843384438453846384738483849385038513852385338543855385638573858385938603861386238633864386538663867386838693870387138723873387438753876387738783879388038813882388338843885388638873888388938903891389238933894389538963897389838993900390139023903390439053906390739083909391039113912391339143915391639173918391939203921392239233924392539263927392839293930393139323933393439353936393739383939394039413942394339443945394639473948394939503951395239533954395539563957395839593960396139623963396439653966396739683969397039713972397339743975397639773978397939803981398239833984398539863987398839893990399139923993399439953996399739983999400040014002400340044005400640074008400940104011401240134014401540164017401840194020402140224023402440254026402740284029403040314032403340344035403640374038403940404041404240434044404540464047404840494050405140524053405440554056405740584059406040614062406340644065406640674068406940704071407240734074407540764077407840794080408140824083408440854086408740884089409040914092409340944095409640974098409941004101410241034104410541064107410841094110411141124113411441154116411741184119412041214122412341244125412641274128412941304131413241334134413541364137413841394140414141424143414441454146414741484149415041514152415341544155415641574158415941604161416241634164416541664167416841694170417141724173417441754176417741784179418041814182418341844185418641874188418941904191419241934194419541964197419841994200420142024203420442054206420742084209421042114212421342144215421642174218421942204221422242234224422542264227422842294230423142324233423442354236423742384239424042414242424342444245424642474248424942504251425242534254425542564257425842594260426142624263426442654266426742684269427042714272427342744275427642774278427942804281428242834284428542864287428842894290429142924293429442954296429742984299430043014302430343044305430643074308430943104311431243134314431543164317431843194320432143224323432443254326432743284329433043314332433343344335433643374338433943404341434243434344434543464347434843494350435143524353435443554356435743584359436043614362436343644365436643674368436943704371437243734374437543764377437843794380438143824383438443854386438743884389439043914392439343944395439643974398439944004401440244034404440544064407440844094410441144124413441444154416441744184419442044214422442344244425442644274428442944304431443244334434443544364437443844394440444144424443444444454446444744484449445044514452445344544455445644574458445944604461446244634464446544664467446844694470447144724473447444754476447744784479448044814482448344844485448644874488448944904491449244934494449544964497449844994500450145024503450445054506450745084509451045114512451345144515451645174518451945204521452245234524452545264527452845294530453145324533453445354536453745384539454045414542454345444545454645474548454945504551455245534554455545564557455845594560456145624563456445654566456745684569457045714572457345744575457645774578457945804581458245834584458545864587458845894590459145924593459445954596459745984599460046014602460346044605460646074608460946104611461246134614461546164617461846194620462146224623462446254626462746284629463046314632463346344635463646374638463946404641464246434644464546464647464846494650465146524653465446554656465746584659466046614662466346644665466646674668466946704671467246734674467546764677467846794680468146824683468446854686468746884689469046914692469346944695469646974698469947004701470247034704470547064707470847094710471147124713471447154716471747184719472047214722472347244725472647274728472947304731473247334734473547364737473847394740474147424743474447454746474747484749475047514752475347544755475647574758475947604761476247634764476547664767476847694770477147724773477447754776477747784779478047814782478347844785478647874788478947904791479247934794479547964797479847994800480148024803480448054806480748084809481048114812481348144815481648174818481948204821482248234824482548264827482848294830483148324833483448354836483748384839484048414842484348444845484648474848484948504851485248534854485548564857485848594860486148624863486448654866486748684869487048714872487348744875487648774878487948804881488248834884488548864887488848894890489148924893489448954896489748984899490049014902490349044905490649074908490949104911491249134914491549164917491849194920492149224923492449254926492749284929493049314932493349344935493649374938493949404941494249434944494549464947494849494950495149524953495449554956495749584959496049614962496349644965496649674968496949704971497249734974497549764977497849794980498149824983498449854986498749884989499049914992499349944995499649974998499950005001500250035004500550065007500850095010501150125013501450155016501750185019502050215022502350245025502650275028502950305031503250335034503550365037503850395040504150425043504450455046504750485049505050515052505350545055505650575058505950605061506250635064506550665067506850695070507150725073507450755076507750785079508050815082508350845085508650875088508950905091509250935094509550965097509850995100510151025103510451055106510751085109511051115112511351145115511651175118511951205121512251235124512551265127512851295130513151325133513451355136513751385139514051415142514351445145514651475148514951505151515251535154515551565157515851595160516151625163516451655166516751685169517051715172517351745175517651775178517951805181518251835184518551865187518851895190519151925193519451955196519751985199520052015202520352045205520652075208520952105211521252135214521552165217521852195220522152225223522452255226522752285229523052315232523352345235523652375238523952405241524252435244524552465247524852495250525152525253525452555256525752585259526052615262526352645265526652675268526952705271527252735274527552765277527852795280528152825283528452855286528752885289529052915292529352945295529652975298529953005301530253035304530553065307530853095310531153125313531453155316531753185319532053215322532353245325532653275328532953305331533253335334533553365337533853395340534153425343534453455346534753485349535053515352535353545355535653575358535953605361536253635364536553665367536853695370537153725373537453755376537753785379538053815382538353845385538653875388538953905391539253935394539553965397539853995400540154025403540454055406540754085409541054115412541354145415541654175418541954205421542254235424542554265427542854295430543154325433543454355436543754385439544054415442544354445445544654475448544954505451545254535454545554565457545854595460546154625463546454655466546754685469547054715472547354745475547654775478547954805481548254835484548554865487548854895490549154925493549454955496549754985499550055015502550355045505550655075508550955105511551255135514551555165517551855195520552155225523552455255526552755285529553055315532553355345535553655375538553955405541554255435544554555465547554855495550555155525553555455555556555755585559556055615562556355645565556655675568556955705571557255735574557555765577557855795580558155825583558455855586558755885589559055915592559355945595559655975598559956005601560256035604560556065607560856095610561156125613561456155616561756185619562056215622562356245625562656275628562956305631563256335634563556365637563856395640564156425643564456455646564756485649565056515652565356545655565656575658565956605661566256635664566556665667566856695670567156725673567456755676567756785679568056815682568356845685568656875688568956905691569256935694569556965697569856995700570157025703570457055706570757085709571057115712571357145715571657175718571957205721572257235724572557265727572857295730573157325733573457355736573757385739574057415742574357445745574657475748574957505751575257535754575557565757575857595760576157625763576457655766576757685769577057715772577357745775577657775778577957805781578257835784578557865787578857895790579157925793579457955796579757985799580058015802580358045805580658075808580958105811581258135814581558165817581858195820582158225823582458255826582758285829583058315832583358345835583658375838583958405841584258435844584558465847584858495850585158525853585458555856585758585859586058615862586358645865586658675868586958705871587258735874587558765877587858795880588158825883588458855886588758885889589058915892589358945895589658975898589959005901590259035904590559065907590859095910591159125913591459155916591759185919592059215922592359245925592659275928592959305931593259335934593559365937593859395940594159425943594459455946594759485949595059515952595359545955595659575958595959605961596259635964596559665967596859695970597159725973597459755976597759785979598059815982598359845985598659875988598959905991599259935994599559965997599859996000600160026003600460056006600760086009601060116012601360146015601660176018601960206021602260236024602560266027602860296030603160326033603460356036603760386039604060416042604360446045604660476048604960506051605260536054605560566057605860596060606160626063606460656066606760686069607060716072607360746075607660776078607960806081608260836084608560866087608860896090609160926093609460956096609760986099610061016102610361046105610661076108610961106111611261136114611561166117611861196120612161226123612461256126612761286129613061316132613361346135613661376138613961406141614261436144614561466147614861496150615161526153615461556156615761586159616061616162616361646165616661676168616961706171617261736174617561766177617861796180618161826183618461856186618761886189619061916192619361946195619661976198619962006201620262036204620562066207620862096210621162126213621462156216621762186219622062216222622362246225622662276228622962306231623262336234623562366237623862396240624162426243624462456246624762486249625062516252625362546255625662576258625962606261626262636264626562666267626862696270627162726273627462756276627762786279628062816282628362846285628662876288628962906291629262936294629562966297629862996300630163026303630463056306630763086309631063116312631363146315631663176318631963206321632263236324632563266327632863296330633163326333633463356336633763386339634063416342634363446345634663476348634963506351635263536354635563566357635863596360636163626363636463656366636763686369637063716372637363746375637663776378637963806381638263836384638563866387638863896390639163926393639463956396639763986399640064016402640364046405640664076408640964106411641264136414641564166417641864196420642164226423642464256426642764286429643064316432643364346435643664376438643964406441644264436444644564466447644864496450645164526453645464556456645764586459646064616462646364646465646664676468646964706471647264736474647564766477647864796480648164826483648464856486648764886489649064916492649364946495649664976498649965006501650265036504650565066507650865096510651165126513651465156516651765186519652065216522652365246525652665276528652965306531653265336534653565366537653865396540654165426543654465456546654765486549655065516552655365546555655665576558655965606561656265636564656565666567656865696570657165726573657465756576657765786579658065816582658365846585658665876588658965906591659265936594659565966597659865996600660166026603660466056606660766086609661066116612661366146615661666176618661966206621662266236624662566266627662866296630663166326633663466356636663766386639664066416642664366446645664666476648664966506651665266536654665566566657665866596660666166626663666466656666666766686669667066716672667366746675667666776678667966806681668266836684668566866687668866896690669166926693669466956696669766986699670067016702670367046705670667076708670967106711671267136714671567166717671867196720672167226723672467256726672767286729673067316732673367346735673667376738673967406741674267436744674567466747674867496750675167526753675467556756675767586759676067616762676367646765676667676768676967706771677267736774677567766777677867796780678167826783678467856786678767886789679067916792679367946795679667976798679968006801680268036804680568066807680868096810681168126813681468156816681768186819682068216822682368246825682668276828682968306831683268336834683568366837683868396840684168426843684468456846684768486849685068516852685368546855685668576858685968606861686268636864686568666867686868696870687168726873687468756876687768786879688068816882688368846885688668876888688968906891689268936894689568966897689868996900690169026903690469056906690769086909691069116912691369146915691669176918691969206921692269236924692569266927692869296930693169326933693469356936693769386939694069416942694369446945694669476948694969506951695269536954695569566957695869596960696169626963696469656966696769686969697069716972697369746975697669776978697969806981698269836984698569866987698869896990699169926993699469956996699769986999700070017002700370047005700670077008700970107011701270137014701570167017701870197020702170227023702470257026702770287029703070317032703370347035703670377038703970407041704270437044704570467047704870497050705170527053705470557056705770587059706070617062706370647065706670677068706970707071707270737074707570767077707870797080708170827083708470857086708770887089709070917092709370947095709670977098709971007101710271037104710571067107710871097110711171127113711471157116711771187119712071217122712371247125712671277128712971307131713271337134713571367137713871397140714171427143714471457146714771487149715071517152715371547155715671577158715971607161716271637164716571667167716871697170717171727173717471757176717771787179718071817182718371847185718671877188718971907191719271937194719571967197719871997200720172027203720472057206720772087209721072117212721372147215721672177218721972207221722272237224722572267227722872297230723172327233723472357236723772387239724072417242724372447245724672477248724972507251725272537254725572567257725872597260726172627263726472657266726772687269727072717272727372747275727672777278727972807281728272837284728572867287728872897290729172927293729472957296729772987299730073017302730373047305730673077308730973107311731273137314731573167317731873197320732173227323732473257326732773287329733073317332733373347335733673377338733973407341734273437344734573467347734873497350735173527353735473557356735773587359736073617362736373647365736673677368736973707371737273737374737573767377737873797380738173827383738473857386738773887389739073917392739373947395739673977398739974007401740274037404740574067407740874097410741174127413741474157416741774187419742074217422742374247425742674277428742974307431743274337434743574367437743874397440744174427443744474457446744774487449745074517452745374547455745674577458745974607461746274637464746574667467746874697470747174727473747474757476747774787479748074817482748374847485748674877488748974907491749274937494749574967497749874997500750175027503750475057506750775087509751075117512751375147515751675177518751975207521752275237524752575267527752875297530753175327533753475357536753775387539754075417542754375447545754675477548754975507551755275537554755575567557755875597560756175627563756475657566756775687569757075717572757375747575757675777578757975807581758275837584758575867587758875897590759175927593759475957596759775987599760076017602760376047605760676077608760976107611761276137614761576167617761876197620762176227623762476257626762776287629763076317632763376347635763676377638763976407641764276437644764576467647764876497650765176527653765476557656765776587659766076617662766376647665766676677668766976707671767276737674767576767677767876797680768176827683768476857686768776887689769076917692769376947695769676977698769977007701770277037704770577067707770877097710771177127713771477157716771777187719772077217722772377247725772677277728772977307731773277337734773577367737773877397740774177427743774477457746774777487749775077517752775377547755775677577758775977607761776277637764776577667767776877697770777177727773777477757776777777787779778077817782778377847785778677877788778977907791779277937794779577967797779877997800780178027803780478057806780778087809781078117812781378147815781678177818781978207821782278237824782578267827782878297830783178327833783478357836783778387839784078417842784378447845784678477848784978507851785278537854785578567857785878597860786178627863786478657866786778687869787078717872787378747875787678777878787978807881788278837884788578867887788878897890789178927893789478957896789778987899790079017902790379047905790679077908790979107911791279137914791579167917791879197920792179227923792479257926792779287929793079317932793379347935793679377938793979407941794279437944794579467947794879497950795179527953795479557956795779587959796079617962796379647965796679677968796979707971797279737974797579767977797879797980798179827983798479857986798779887989799079917992799379947995799679977998799980008001800280038004800580068007800880098010801180128013801480158016801780188019802080218022802380248025802680278028802980308031803280338034803580368037803880398040804180428043804480458046804780488049805080518052805380548055805680578058805980608061806280638064806580668067806880698070807180728073807480758076807780788079808080818082808380848085808680878088808980908091809280938094809580968097809880998100810181028103810481058106810781088109811081118112811381148115811681178118811981208121812281238124812581268127812881298130813181328133813481358136813781388139814081418142814381448145814681478148814981508151815281538154815581568157815881598160816181628163816481658166816781688169817081718172817381748175817681778178817981808181818281838184818581868187818881898190819181928193819481958196819781988199820082018202820382048205820682078208820982108211821282138214821582168217821882198220822182228223822482258226822782288229823082318232823382348235823682378238823982408241824282438244824582468247824882498250825182528253825482558256825782588259826082618262826382648265826682678268826982708271827282738274827582768277827882798280828182828283828482858286828782888289829082918292829382948295829682978298829983008301830283038304830583068307830883098310831183128313831483158316831783188319832083218322832383248325832683278328832983308331833283338334833583368337833883398340834183428343834483458346834783488349835083518352835383548355835683578358835983608361836283638364836583668367836883698370837183728373837483758376837783788379838083818382838383848385838683878388838983908391839283938394839583968397839883998400840184028403840484058406840784088409841084118412841384148415841684178418841984208421842284238424842584268427842884298430843184328433843484358436843784388439844084418442844384448445844684478448844984508451845284538454845584568457845884598460846184628463846484658466846784688469847084718472847384748475847684778478847984808481848284838484848584868487848884898490849184928493849484958496849784988499850085018502850385048505850685078508850985108511851285138514851585168517851885198520852185228523852485258526852785288529853085318532853385348535853685378538853985408541854285438544854585468547854885498550855185528553855485558556855785588559856085618562856385648565856685678568856985708571857285738574857585768577857885798580858185828583858485858586858785888589859085918592859385948595859685978598859986008601860286038604860586068607860886098610861186128613861486158616861786188619862086218622862386248625862686278628862986308631863286338634863586368637863886398640864186428643864486458646864786488649865086518652865386548655865686578658865986608661866286638664866586668667866886698670867186728673867486758676867786788679868086818682868386848685868686878688868986908691869286938694869586968697869886998700870187028703870487058706870787088709871087118712871387148715871687178718871987208721872287238724872587268727872887298730873187328733873487358736873787388739874087418742874387448745874687478748874987508751875287538754875587568757875887598760876187628763876487658766876787688769877087718772877387748775877687778778877987808781878287838784878587868787878887898790879187928793879487958796879787988799880088018802880388048805880688078808880988108811881288138814881588168817881888198820882188228823882488258826882788288829883088318832883388348835883688378838883988408841884288438844884588468847884888498850885188528853885488558856885788588859886088618862886388648865886688678868886988708871887288738874887588768877887888798880888188828883888488858886888788888889889088918892889388948895889688978898889989008901890289038904890589068907890889098910891189128913891489158916891789188919892089218922892389248925892689278928892989308931893289338934893589368937893889398940894189428943894489458946894789488949895089518952895389548955895689578958895989608961896289638964896589668967896889698970897189728973897489758976897789788979898089818982898389848985898689878988898989908991899289938994899589968997899889999000900190029003900490059006900790089009901090119012901390149015901690179018901990209021902290239024902590269027902890299030903190329033903490359036903790389039904090419042904390449045904690479048904990509051905290539054905590569057905890599060906190629063906490659066906790689069907090719072907390749075907690779078907990809081908290839084908590869087908890899090909190929093909490959096909790989099910091019102910391049105910691079108910991109111911291139114911591169117911891199120912191229123912491259126912791289129913091319132913391349135913691379138913991409141914291439144914591469147914891499150915191529153915491559156915791589159916091619162916391649165916691679168916991709171917291739174917591769177917891799180918191829183918491859186918791889189919091919192919391949195919691979198919992009201920292039204920592069207920892099210921192129213921492159216921792189219922092219222922392249225922692279228922992309231923292339234923592369237923892399240924192429243924492459246924792489249925092519252925392549255925692579258925992609261926292639264926592669267926892699270927192729273927492759276927792789279928092819282928392849285928692879288928992909291929292939294929592969297929892999300930193029303930493059306930793089309931093119312931393149315931693179318931993209321932293239324932593269327932893299330933193329333933493359336933793389339934093419342934393449345934693479348934993509351935293539354935593569357935893599360936193629363936493659366936793689369937093719372937393749375937693779378937993809381938293839384938593869387938893899390939193929393939493959396939793989399940094019402940394049405940694079408940994109411941294139414941594169417941894199420942194229423942494259426942794289429943094319432943394349435943694379438943994409441944294439444944594469447944894499450945194529453945494559456945794589459946094619462946394649465946694679468946994709471947294739474947594769477947894799480948194829483948494859486948794889489949094919492949394949495949694979498949995009501950295039504950595069507950895099510951195129513951495159516951795189519952095219522952395249525952695279528952995309531953295339534953595369537953895399540954195429543954495459546954795489549955095519552955395549555955695579558955995609561956295639564956595669567956895699570957195729573957495759576957795789579958095819582958395849585958695879588958995909591959295939594959595969597959895999600960196029603960496059606960796089609961096119612961396149615961696179618961996209621962296239624962596269627962896299630963196329633963496359636963796389639964096419642964396449645964696479648964996509651965296539654965596569657965896599660966196629663966496659666966796689669967096719672967396749675967696779678967996809681968296839684968596869687968896899690969196929693969496959696969796989699970097019702970397049705970697079708970997109711971297139714971597169717971897199720972197229723972497259726972797289729973097319732973397349735973697379738973997409741974297439744974597469747974897499750975197529753975497559756975797589759976097619762976397649765976697679768976997709771977297739774977597769777977897799780978197829783978497859786978797889789979097919792979397949795979697979798979998009801980298039804980598069807980898099810981198129813981498159816981798189819982098219822982398249825982698279828982998309831983298339834983598369837983898399840984198429843984498459846984798489849985098519852985398549855985698579858985998609861986298639864986598669867986898699870987198729873987498759876987798789879988098819882988398849885988698879888988998909891989298939894989598969897989898999900990199029903990499059906990799089909991099119912991399149915991699179918991999209921992299239924992599269927992899299930993199329933993499359936993799389939994099419942994399449945994699479948994999509951995299539954995599569957995899599960996199629963996499659966996799689969997099719972997399749975997699779978997999809981998299839984998599869987998899899990999199929993999499959996999799989999100001000110002100031000410005100061000710008100091001010011100121001310014100151001610017100181001910020100211002210023100241002510026100271002810029100301003110032100331003410035100361003710038100391004010041100421004310044100451004610047100481004910050100511005210053100541005510056100571005810059100601006110062100631006410065100661006710068100691007010071100721007310074100751007610077100781007910080100811008210083100841008510086100871008810089100901009110092100931009410095100961009710098100991010010101101021010310104101051010610107101081010910110101111011210113101141011510116101171011810119101201012110122101231012410125101261012710128101291013010131101321013310134101351013610137101381013910140101411014210143101441014510146101471014810149101501015110152101531015410155101561015710158101591016010161101621016310164101651016610167101681016910170101711017210173101741017510176101771017810179101801018110182101831018410185101861018710188101891019010191101921019310194101951019610197101981019910200102011020210203102041020510206102071020810209102101021110212102131021410215102161021710218102191022010221102221022310224102251022610227102281022910230102311023210233102341023510236102371023810239102401024110242102431024410245102461024710248102491025010251102521025310254102551025610257102581025910260102611026210263102641026510266102671026810269102701027110272102731027410275102761027710278102791028010281102821028310284102851028610287102881028910290102911029210293102941029510296102971029810299103001030110302103031030410305103061030710308103091031010311103121031310314103151031610317103181031910320103211032210323103241032510326103271032810329103301033110332103331033410335103361033710338103391034010341103421034310344103451034610347103481034910350103511035210353103541035510356103571035810359103601036110362103631036410365103661036710368103691037010371103721037310374103751037610377103781037910380103811038210383103841038510386103871038810389103901039110392103931039410395103961039710398103991040010401104021040310404104051040610407104081040910410104111041210413104141041510416104171041810419104201042110422104231042410425104261042710428104291043010431104321043310434104351043610437104381043910440104411044210443104441044510446104471044810449104501045110452104531045410455104561045710458104591046010461104621046310464104651046610467104681046910470104711047210473104741047510476104771047810479104801048110482104831048410485104861048710488104891049010491104921049310494104951049610497104981049910500105011050210503105041050510506105071050810509105101051110512105131051410515105161051710518105191052010521105221052310524105251052610527105281052910530105311053210533105341053510536105371053810539105401054110542105431054410545105461054710548105491055010551105521055310554105551055610557105581055910560105611056210563105641056510566105671056810569105701057110572105731057410575105761057710578105791058010581105821058310584105851058610587105881058910590105911059210593105941059510596105971059810599106001060110602106031060410605106061060710608106091061010611106121061310614106151061610617106181061910620106211062210623106241062510626106271062810629106301063110632106331063410635106361063710638106391064010641106421064310644106451064610647106481064910650106511065210653106541065510656106571065810659106601066110662106631066410665106661066710668106691067010671106721067310674106751067610677106781067910680106811068210683106841068510686106871068810689106901069110692106931069410695106961069710698106991070010701107021070310704107051070610707107081070910710107111071210713107141071510716107171071810719107201072110722107231072410725107261072710728107291073010731107321073310734107351073610737107381073910740107411074210743107441074510746107471074810749107501075110752107531075410755107561075710758107591076010761107621076310764107651076610767107681076910770107711077210773107741077510776107771077810779107801078110782107831078410785107861078710788107891079010791107921079310794107951079610797107981079910800108011080210803108041080510806108071080810809108101081110812108131081410815108161081710818108191082010821108221082310824108251082610827108281082910830108311083210833108341083510836108371083810839108401084110842108431084410845108461084710848108491085010851108521085310854108551085610857108581085910860108611086210863108641086510866108671086810869108701087110872108731087410875108761087710878108791088010881108821088310884108851088610887108881088910890108911089210893108941089510896108971089810899109001090110902109031090410905109061090710908109091091010911109121091310914109151091610917109181091910920109211092210923109241092510926109271092810929109301093110932109331093410935109361093710938109391094010941109421094310944109451094610947109481094910950109511095210953109541095510956109571095810959109601096110962109631096410965109661096710968109691097010971109721097310974109751097610977109781097910980109811098210983109841098510986109871098810989109901099110992109931099410995109961099710998109991100011001110021100311004110051100611007110081100911010110111101211013110141101511016110171101811019110201102111022110231102411025110261102711028110291103011031110321103311034110351103611037110381103911040110411104211043110441104511046110471104811049110501105111052110531105411055110561105711058110591106011061110621106311064110651106611067110681106911070110711107211073110741107511076110771107811079110801108111082110831108411085110861108711088110891109011091110921109311094110951109611097110981109911100111011110211103111041110511106111071110811109111101111111112111131111411115111161111711118111191112011121111221112311124111251112611127111281112911130111311113211133111341113511136111371113811139111401114111142111431114411145111461114711148111491115011151111521115311154111551115611157111581115911160111611116211163111641116511166111671116811169111701117111172111731117411175111761117711178111791118011181111821118311184111851118611187111881118911190111911119211193111941119511196111971119811199112001120111202112031120411205112061120711208112091121011211112121121311214112151121611217112181121911220112211122211223112241122511226112271122811229112301123111232112331123411235112361123711238112391124011241112421124311244112451124611247112481124911250112511125211253112541125511256112571125811259112601126111262112631126411265112661126711268112691127011271112721127311274112751127611277112781127911280112811128211283112841128511286112871128811289112901129111292112931129411295112961129711298112991130011301113021130311304113051130611307113081130911310113111131211313113141131511316113171131811319113201132111322113231132411325113261132711328113291133011331113321133311334113351133611337113381133911340113411134211343113441134511346113471134811349113501135111352113531135411355113561135711358113591136011361113621136311364113651136611367113681136911370113711137211373113741137511376113771137811379113801138111382113831138411385113861138711388113891139011391113921139311394113951139611397113981139911400114011140211403114041140511406114071140811409114101141111412114131141411415114161141711418114191142011421114221142311424114251142611427114281142911430114311143211433114341143511436114371143811439114401144111442114431144411445114461144711448114491145011451114521145311454114551145611457114581145911460114611146211463114641146511466114671146811469114701147111472114731147411475114761147711478114791148011481114821148311484114851148611487114881148911490114911149211493114941149511496114971149811499115001150111502115031150411505115061150711508115091151011511115121151311514115151151611517115181151911520115211152211523115241152511526115271152811529115301153111532115331153411535115361153711538115391154011541115421154311544115451154611547115481154911550115511155211553115541155511556115571155811559115601156111562115631156411565115661156711568115691157011571115721157311574115751157611577115781157911580115811158211583115841158511586115871158811589115901159111592115931159411595115961159711598115991160011601116021160311604116051160611607116081160911610116111161211613116141161511616116171161811619116201162111622116231162411625116261162711628116291163011631116321163311634116351163611637116381163911640116411164211643116441164511646116471164811649116501165111652116531165411655116561165711658116591166011661116621166311664116651166611667116681166911670116711167211673116741167511676116771167811679116801168111682116831168411685116861168711688116891169011691116921169311694116951169611697116981169911700117011170211703117041170511706117071170811709117101171111712117131171411715117161171711718117191172011721117221172311724117251172611727117281172911730117311173211733117341173511736117371173811739117401174111742117431174411745117461174711748117491175011751117521175311754117551175611757117581175911760117611176211763117641176511766117671176811769117701177111772117731177411775117761177711778117791178011781117821178311784117851178611787117881178911790117911179211793117941179511796117971179811799118001180111802118031180411805118061180711808118091181011811118121181311814118151181611817118181181911820118211182211823118241182511826118271182811829118301183111832118331183411835118361183711838118391184011841118421184311844118451184611847118481184911850118511185211853118541185511856118571185811859118601186111862118631186411865118661186711868118691187011871118721187311874118751187611877118781187911880118811188211883118841188511886118871188811889118901189111892118931189411895118961189711898118991190011901119021190311904119051190611907119081190911910119111191211913119141191511916119171191811919119201192111922119231192411925119261192711928119291193011931119321193311934119351193611937119381193911940119411194211943119441194511946119471194811949119501195111952119531195411955119561195711958119591196011961119621196311964119651196611967119681196911970119711197211973119741197511976119771197811979119801198111982119831198411985119861198711988119891199011991119921199311994119951199611997119981199912000120011200212003120041200512006120071200812009120101201112012120131201412015120161201712018120191202012021120221202312024120251202612027120281202912030120311203212033120341203512036120371203812039120401204112042120431204412045120461204712048120491205012051120521205312054120551205612057120581205912060120611206212063120641206512066120671206812069120701207112072120731207412075120761207712078120791208012081120821208312084120851208612087120881208912090120911209212093120941209512096120971209812099121001210112102121031210412105121061210712108121091211012111121121211312114121151211612117121181211912120121211212212123121241212512126121271212812129121301213112132121331213412135121361213712138121391214012141121421214312144121451214612147121481214912150121511215212153121541215512156121571215812159121601216112162121631216412165121661216712168121691217012171121721217312174121751217612177121781217912180121811218212183121841218512186121871218812189121901219112192121931219412195121961219712198121991220012201122021220312204122051220612207122081220912210122111221212213122141221512216122171221812219122201222112222122231222412225122261222712228122291223012231122321223312234122351223612237122381223912240122411224212243122441224512246122471224812249122501225112252122531225412255122561225712258122591226012261122621226312264122651226612267122681226912270122711227212273122741227512276122771227812279122801228112282122831228412285122861228712288122891229012291122921229312294122951229612297122981229912300123011230212303123041230512306123071230812309123101231112312123131231412315123161231712318123191232012321123221232312324123251232612327123281232912330123311233212333123341233512336123371233812339123401234112342123431234412345123461234712348123491235012351123521235312354123551235612357123581235912360123611236212363123641236512366123671236812369123701237112372123731237412375123761237712378123791238012381123821238312384123851238612387123881238912390123911239212393 |
- This document summarizes new features and bugfixes in each stable release
- of Tor. If you want to see more detailed descriptions of the changes in
- each development snapshot, see the ChangeLog file.
- Changes in version 0.2.7.6 - 2015-12-10
- Tor version 0.2.7.6 fixes a major bug in entry guard selection, as
- well as a minor bug in hidden service reliability.
- o Major bugfixes (guard selection):
- - Actually look at the Guard flag when selecting a new directory
- guard. When we implemented the directory guard design, we
- accidentally started treating all relays as if they have the Guard
- flag during guard selection, leading to weaker anonymity and worse
- performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered
- by Mohsen Imani.
- o Minor features (geoip):
- - Update geoip and geoip6 to the December 1 2015 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (compilation):
- - When checking for net/pfvar.h, include netinet/in.h if possible.
- This fixes transparent proxy detection on OpenBSD. Fixes bug
- 17551; bugfix on 0.1.2.1-alpha. Patch from "rubiate".
- - Fix a compilation warning with Clang 3.6: Do not check the
- presence of an address which can never be NULL. Fixes bug 17781.
- o Minor bugfixes (correctness):
- - When displaying an IPv6 exit policy, include the mask bits
- correctly even when the number is greater than 31. Fixes bug
- 16056; bugfix on 0.2.4.7-alpha. Patch from "gturner".
- - The wrong list was used when looking up expired intro points in a
- rend service object, causing what we think could be reachability
- issues for hidden services, and triggering a BUG log. Fixes bug
- 16702; bugfix on 0.2.7.2-alpha.
- - Fix undefined behavior in the tor_cert_checksig function. Fixes
- bug 17722; bugfix on 0.2.7.2-alpha.
- Changes in version 0.2.7.5 - 2015-11-20
- The Tor 0.2.7 release series is dedicated to the memory of Tor user
- and privacy advocate Caspar Bowden (1961-2015). Caspar worked
- tirelessly to advocate human rights regardless of national borders,
- and oppose the encroachments of mass surveillance. He opposed national
- exceptionalism, he brought clarity to legal and policy debates, he
- understood and predicted the impact of mass surveillance on the world,
- and he laid the groundwork for resisting it. While serving on the Tor
- Project's board of directors, he brought us his uncompromising focus
- on technical excellence in the service of humankind. Caspar was an
- inimitable force for good and a wonderful friend. He was kind,
- humorous, generous, gallant, and believed we should protect one
- another without exception. We honor him here for his ideals, his
- efforts, and his accomplishments. Please honor his memory with works
- that would make him proud.
- Tor 0.2.7.5 is the first stable release in the Tor 0.2.7 series.
- The 0.2.7 series adds a more secure identity key type for relays,
- improves cryptography performance, resolves several longstanding
- hidden-service performance issues, improves controller support for
- hidden services, and includes small bugfixes and performance
- improvements throughout the program. This release series also includes
- more tests than before, and significant simplifications to which parts
- of Tor invoke which others. For a full list of changes, see below.
- o New system requirements:
- - Tor no longer includes workarounds to support Libevent versions
- before 1.3e. Libevent 2.0 or later is recommended. Closes
- ticket 15248.
- - Tor no longer supports copies of OpenSSL that are missing support
- for Elliptic Curve Cryptography. (We began using ECC when
- available in 0.2.4.8-alpha, for more safe and efficient key
- negotiation.) In particular, support for at least one of P256 or
- P224 is now required, with manual configuration needed if only
- P224 is available. Resolves ticket 16140.
- - Tor no longer supports versions of OpenSSL before 1.0. (If you are
- on an operating system that has not upgraded to OpenSSL 1.0 or
- later, and you compile Tor from source, you will need to install a
- more recent OpenSSL to link Tor against.) These versions of
- OpenSSL are still supported by the OpenSSL, but the numerous
- cryptographic improvements in later OpenSSL releases makes them a
- clear choice. Resolves ticket 16034.
- o Major features (controller):
- - Add the ADD_ONION and DEL_ONION commands that allow the creation
- and management of hidden services via the controller. Closes
- ticket 6411.
- - New "GETINFO onions/current" and "GETINFO onions/detached"
- commands to get information about hidden services created via the
- controller. Part of ticket 6411.
- - New HSFETCH command to launch a request for a hidden service
- descriptor. Closes ticket 14847.
- - New HSPOST command to upload a hidden service descriptor. Closes
- ticket 3523. Patch by "DonnchaC".
- o Major features (Ed25519 identity keys, Proposal 220):
- - Add support for offline encrypted Ed25519 master keys. To use this
- feature on your tor relay, run "tor --keygen" to make a new master
- key (or to make a new signing key if you already have a master
- key). Closes ticket 13642.
- - All relays now maintain a stronger identity key, using the Ed25519
- elliptic curve signature format. This master key is designed so
- that it can be kept offline. Relays also generate an online
- signing key, and a set of other Ed25519 keys and certificates.
- These are all automatically regenerated and rotated as needed.
- Implements part of ticket 12498.
- - Directory authorities now vote on Ed25519 identity keys along with
- RSA1024 keys. Implements part of ticket 12498.
- - Directory authorities track which Ed25519 identity keys have been
- used with which RSA1024 identity keys, and do not allow them to
- vary freely. Implements part of ticket 12498.
- - Microdescriptors now include Ed25519 identity keys. Implements
- part of ticket 12498.
- - Add a --newpass option to allow changing or removing the
- passphrase of an encrypted key with tor --keygen. Implements part
- of ticket 16769.
- - Add a new OfflineMasterKey option to tell Tor never to try loading
- or generating a secret Ed25519 identity key. You can use this in
- combination with tor --keygen to manage offline and/or encrypted
- Ed25519 keys. Implements ticket 16944.
- - On receiving a HUP signal, check to see whether the Ed25519
- signing key has changed, and reload it if so. Closes ticket 16790.
- - Significant usability improvements for Ed25519 key management. Log
- messages are better, and the code can recover from far more
- failure conditions. Thanks to "s7r" for reporting and diagnosing
- so many of these!
- o Major features (ECC performance):
- - Improve the runtime speed of Ed25519 signature verification by
- using Ed25519-donna's batch verification support. Implements
- ticket 16533.
- - Improve the speed of Ed25519 operations and Curve25519 keypair
- generation when built targeting 32 bit x86 platforms with SSE2
- available. Implements ticket 16535.
- - Improve the runtime speed of Ed25519 operations by using the
- public-domain Ed25519-donna by Andrew M. ("floodyberry").
- Implements ticket 16467.
- - Improve the runtime speed of the ntor handshake by using an
- optimized curve25519 basepoint scalarmult implementation from the
- public-domain Ed25519-donna by Andrew M. ("floodyberry"), based on
- ideas by Adam Langley. Implements ticket 9663.
- o Major features (Hidden services):
- - Hidden services, if using the EntryNodes option, are required to
- use more than one EntryNode, in order to avoid a guard discovery
- attack. (This would only affect people who had configured hidden
- services and manually specified the EntryNodes option with a
- single entry-node. The impact was that it would be easy to
- remotely identify the guard node used by such a hidden service.
- See ticket for more information.) Fixes ticket 14917.
- - Add the torrc option HiddenServiceNumIntroductionPoints, to
- specify a fixed number of introduction points. Its maximum value
- is 10 and default is 3. Using this option can increase a hidden
- service's reliability under load, at the cost of making it more
- visible that the hidden service is facing extra load. Closes
- ticket 4862.
- - Remove the adaptive algorithm for choosing the number of
- introduction points, which used to change the number of
- introduction points (poorly) depending on the number of
- connections the HS sees. Closes ticket 4862.
- o Major features (onion key cross-certification):
- - Relay descriptors now include signatures of their own identity
- keys, made using the TAP and ntor onion keys. These signatures
- allow relays to prove ownership of their own onion keys. Because
- of this change, microdescriptors will no longer need to include
- RSA identity keys. Implements proposal 228; closes ticket 12499.
- o Major bugfixes (client-side privacy, also in 0.2.6.9):
- - Properly separate out each SOCKSPort when applying stream
- isolation. The error occurred because each port's session group
- was being overwritten by a default value when the listener
- connection was initialized. Fixes bug 16247; bugfix on
- 0.2.6.3-alpha. Patch by "jojelino".
- o Major bugfixes (hidden service clients, stability, also in 0.2.6.10):
- - Stop refusing to store updated hidden service descriptors on a
- client. This reverts commit 9407040c59218 (which indeed fixed bug
- 14219, but introduced a major hidden service reachability
- regression detailed in bug 16381). This is a temporary fix since
- we can live with the minor issue in bug 14219 (it just results in
- some load on the network) but the regression of 16381 is too much
- of a setback. First-round fix for bug 16381; bugfix
- on 0.2.6.3-alpha.
- o Major bugfixes (hidden services):
- - Revert commit that made directory authorities assign the HSDir
- flag to relay without a DirPort; this was bad because such relays
- can't handle BEGIN_DIR cells. Fixes bug 15850; bugfix
- on 0.2.6.3-alpha.
- - When cannibalizing a circuit for an introduction point, always
- extend to the chosen exit node (creating a 4 hop circuit).
- Previously Tor would use the current circuit exit node, which
- changed the original choice of introduction point, and could cause
- the hidden service to skip excluded introduction points or
- reconnect to a skipped introduction point. Fixes bug 16260; bugfix
- on 0.1.0.1-rc.
- o Major bugfixes (memory leaks):
- - Fix a memory leak in ed25519 batch signature checking. Fixes bug
- 17398; bugfix on 0.2.6.1-alpha.
- o Major bugfixes (open file limit):
- - The open file limit wasn't checked before calling
- tor_accept_socket_nonblocking(), which would make Tor exceed the
- limit. Now, before opening a new socket, Tor validates the open
- file limit just before, and if the max has been reached, return an
- error. Fixes bug 16288; bugfix on 0.1.1.1-alpha.
- o Major bugfixes (security, correctness):
- - Fix an error that could cause us to read 4 bytes before the
- beginning of an openssl string. This bug could be used to cause
- Tor to crash on systems with unusual malloc implementations, or
- systems with unusual hardening installed. Fixes bug 17404; bugfix
- on 0.2.3.6-alpha.
- o Major bugfixes (stability, also in 0.2.6.10):
- - Stop crashing with an assertion failure when parsing certain kinds
- of malformed or truncated microdescriptors. Fixes bug 16400;
- bugfix on 0.2.6.1-alpha. Found by "torkeln"; fix based on a patch
- by "cypherpunks_backup".
- - Stop random client-side assertion failures that could occur when
- connecting to a busy hidden service, or connecting to a hidden
- service while a NEWNYM is in progress. Fixes bug 16013; bugfix
- on 0.1.0.1-rc.
- o Minor features (client, SOCKS):
- - Add GroupWritable and WorldWritable options to unix-socket based
- SocksPort and ControlPort options. These options apply to a single
- socket, and override {Control,Socks}SocketsGroupWritable. Closes
- ticket 15220.
- - Relax the validation done to hostnames in SOCKS5 requests, and
- allow a single trailing '.' to cope with clients that pass FQDNs
- using that syntax to explicitly indicate that the domain name is
- fully-qualified. Fixes bug 16674; bugfix on 0.2.6.2-alpha.
- - Relax the validation of hostnames in SOCKS5 requests, allowing the
- character '_' to appear, in order to cope with domains observed in
- the wild that are serving non-RFC compliant records. Resolves
- ticket 16430.
- o Minor features (client-side privacy):
- - New KeepAliveIsolateSOCKSAuth option to indefinitely extend circuit
- lifespan when IsolateSOCKSAuth and streams with SOCKS
- authentication are attached to the circuit. This allows
- applications like TorBrowser to manage circuit lifetime on their
- own. Implements feature 15482.
- - When logging malformed hostnames from SOCKS5 requests, respect
- SafeLogging configuration. Fixes bug 16891; bugfix on 0.1.1.16-rc.
- o Minor features (clock-jump tolerance):
- - Recover better when our clock jumps back many hours, like might
- happen for Tails or Whonix users who start with a very wrong
- hardware clock, use Tor to discover a more accurate time, and then
- fix their clock. Resolves part of ticket 8766.
- o Minor features (command-line interface):
- - Make --hash-password imply --hush to prevent unnecessary noise.
- Closes ticket 15542. Patch from "cypherpunks".
- - Print a warning whenever we find a relative file path being used
- as torrc option. Resolves issue 14018.
- o Minor features (compilation):
- - Give a warning as early as possible when trying to build with an
- unsupported OpenSSL version. Closes ticket 16901.
- - Use C99 variadic macros when the compiler is not GCC. This avoids
- failing compilations on MSVC, and fixes a log-file-based race
- condition in our old workarounds. Original patch from Gisle Vanem.
- o Minor features (control protocol):
- - Support network-liveness GETINFO key and NETWORK_LIVENESS event in
- the control protocol. Resolves ticket 15358.
- o Minor features (controller):
- - Add DirAuthority lines for default directory authorities to the
- output of the "GETINFO config/defaults" command if not already
- present. Implements ticket 14840.
- - Controllers can now use "GETINFO hs/client/desc/id/..." to
- retrieve items from the client's hidden service descriptor cache.
- Closes ticket 14845.
- - Implement a new controller command "GETINFO status/fresh-relay-
- descs" to fetch a descriptor/extrainfo pair that was generated on
- demand just for the controller's use. Implements ticket 14784.
- o Minor features (directory authorities):
- - Directory authorities no longer vote against the "Fast", "Stable",
- and "HSDir" flags just because they were going to vote against
- "Running": if the consensus turns out to be that the router was
- running, then the authority's vote should count. Patch from Peter
- Retzlaff; closes issue 8712.
- o Minor features (directory authorities, security, also in 0.2.6.9):
- - The HSDir flag given by authorities now requires the Stable flag.
- For the current network, this results in going from 2887 to 2806
- HSDirs. Also, it makes it harder for an attacker to launch a sybil
- attack by raising the effort for a relay to become Stable to
- require at the very least 7 days, while maintaining the 96 hours
- uptime requirement for HSDir. Implements ticket 8243.
- o Minor features (DoS-resistance):
- - Make it harder for attackers to overload hidden services with
- introductions, by blocking multiple introduction requests on the
- same circuit. Resolves ticket 15515.
- o Minor features (geoip):
- - Update geoip and geoip6 to the October 9 2015 Maxmind GeoLite2
- Country database.
- o Minor features (hidden services):
- - Add the new options "HiddenServiceMaxStreams" and
- "HiddenServiceMaxStreamsCloseCircuit" to allow hidden services to
- limit the maximum number of simultaneous streams per circuit, and
- optionally tear down the circuit when the limit is exceeded. Part
- of ticket 16052.
- - Client now uses an introduction point failure cache to know when
- to fetch or keep a descriptor in their cache. Previously, failures
- were recorded implicitly, but not explicitly remembered. Closes
- ticket 16389.
- - Relays need to have the Fast flag to get the HSDir flag. As this
- is being written, we'll go from 2745 HSDirs down to 2342, a ~14%
- drop. This change should make some attacks against the hidden
- service directory system harder. Fixes ticket 15963.
- - Turn on hidden service statistics collection by setting the torrc
- option HiddenServiceStatistics to "1" by default. (This keeps
- track only of the fraction of traffic used by hidden services, and
- the total number of hidden services in existence.) Closes
- ticket 15254.
- - To avoid leaking HS popularity, don't cycle the introduction point
- when we've handled a fixed number of INTRODUCE2 cells but instead
- cycle it when a random number of introductions is reached, thus
- making it more difficult for an attacker to find out the amount of
- clients that have used the introduction point for a specific HS.
- Closes ticket 15745.
- o Minor features (logging):
- - Include the Tor version in all LD_BUG log messages, since people
- tend to cut and paste those into the bugtracker. Implements
- ticket 15026.
- o Minor features (pluggable transports):
- - When launching managed pluggable transports on Linux systems,
- attempt to have the kernel deliver a SIGTERM on tor exit if the
- pluggable transport process is still running. Resolves
- ticket 15471.
- - When launching managed pluggable transports, setup a valid open
- stdin in the child process that can be used to detect if tor has
- terminated. The "TOR_PT_EXIT_ON_STDIN_CLOSE" environment variable
- can be used by implementations to detect this new behavior.
- Resolves ticket 15435.
- o Minor bugfixes (torrc exit policies):
- - In each instance above, usage advice is provided to avoid the
- message. Resolves ticket 16069. Patch by "teor". Fixes part of bug
- 16069; bugfix on 0.2.4.7-alpha.
- - In torrc, "accept6 *" and "reject6 *" ExitPolicy lines now only
- produce IPv6 wildcard addresses. Previously they would produce
- both IPv4 and IPv6 wildcard addresses. Patch by "teor". Fixes part
- of bug 16069; bugfix on 0.2.4.7-alpha.
- - When parsing torrc ExitPolicies, we now issue an info-level
- message when expanding an "accept/reject *" line to include both
- IPv4 and IPv6 wildcard addresses. Related to ticket 16069.
- - When parsing torrc ExitPolicies, we now warn for a number of cases
- where the user's intent is likely to differ from Tor's actual
- behavior. These include: using an IPv4 address with an accept6 or
- reject6 line; using "private" on an accept6 or reject6 line; and
- including any ExitPolicy lines after accept *:* or reject *:*.
- Related to ticket 16069.
- o Minor bugfixes (command-line interface):
- - When "--quiet" is provided along with "--validate-config", do not
- write anything to stdout on success. Fixes bug 14994; bugfix
- on 0.2.3.3-alpha.
- - When complaining about bad arguments to "--dump-config", use
- stderr, not stdout.
- - Print usage information for --dump-config when it is used without
- an argument. Also, fix the error message to use different wording
- and add newline at the end. Fixes bug 15541; bugfix
- on 0.2.5.1-alpha.
- o Minor bugfixes (compilation):
- - Fix compilation of sandbox.c with musl-libc. Fixes bug 17347;
- bugfix on 0.2.5.1-alpha. Patch from 'jamestk'.
- - Repair compilation with the most recent (unreleased, alpha)
- vesions of OpenSSL 1.1. Fixes part of ticket 17237.
- o Minor bugfixes (compilation, also in 0.2.6.9):
- - Build with --enable-systemd correctly when libsystemd is
- installed, but systemd is not. Fixes bug 16164; bugfix on
- 0.2.6.3-alpha. Patch from Peter Palfrader.
- o Minor bugfixes (configuration, unit tests):
- - Only add the default fallback directories when the DirAuthorities,
- AlternateDirAuthority, and FallbackDir directory config options
- are set to their defaults. The default fallback directory list is
- currently empty, this fix will only change tor's behavior when it
- has default fallback directories. Includes unit tests for
- consider_adding_dir_servers(). Fixes bug 15642; bugfix on
- 90f6071d8dc0 in 0.2.4.7-alpha. Patch by "teor".
- o Minor bugfixes (controller):
- - Add the descriptor ID in each HS_DESC control event. It was
- missing, but specified in control-spec.txt. Fixes bug 15881;
- bugfix on 0.2.5.2-alpha.
- o Minor bugfixes (correctness):
- - For correctness, avoid modifying a constant string in
- handle_control_postdescriptor. Fixes bug 15546; bugfix
- on 0.1.1.16-rc.
- - Remove side-effects from tor_assert() calls. This was harmless,
- because we never disable assertions, but it is bad style and
- unnecessary. Fixes bug 15211; bugfix on 0.2.5.5, 0.2.2.36,
- and 0.2.0.10.
- - When calling channel_free_list(), avoid calling smartlist_remove()
- while inside a FOREACH loop. This partially reverts commit
- 17356fe7fd96af where the correct SMARTLIST_DEL_CURRENT was
- incorrectly removed. Fixes bug 16924; bugfix on 0.2.4.4-alpha.
- o Minor bugfixes (crypto error-handling, also in 0.2.6.10):
- - Check for failures from crypto_early_init, and refuse to continue.
- A previous typo meant that we could keep going with an
- uninitialized crypto library, and would have OpenSSL initialize
- its own PRNG. Fixes bug 16360; bugfix on 0.2.5.2-alpha, introduced
- when implementing ticket 4900. Patch by "teor".
- o Minor bugfixes (hidden service):
- - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on
- a client authorized hidden service. Fixes bug 15823; bugfix
- on 0.2.1.6-alpha.
- - Remove an extraneous newline character from the end of hidden
- service descriptors. Fixes bug 15296; bugfix on 0.2.0.10-alpha.
- o Minor bugfixes (Linux seccomp2 sandbox):
- - Use the sandbox in tor_open_cloexec whether or not O_CLOEXEC is
- defined. Patch by "teor". Fixes bug 16515; bugfix on 0.2.3.1-alpha.
- - Allow bridge authorities to run correctly under the seccomp2
- sandbox. Fixes bug 16964; bugfix on 0.2.5.1-alpha.
- - Add the "hidserv-stats" filename to our sandbox filter for the
- HiddenServiceStatistics option to work properly. Fixes bug 17354;
- bugfix on 0.2.6.2-alpha. Patch from David Goulet.
- o Minor bugfixes (Linux seccomp2 sandbox, also in 0.2.6.10):
- - Allow pipe() and pipe2() syscalls in the seccomp2 sandbox: we need
- these when eventfd2() support is missing. Fixes bug 16363; bugfix
- on 0.2.6.3-alpha. Patch from "teor".
- o Minor bugfixes (Linux seccomp2 sandbox, also in 0.2.6.9):
- - Allow systemd connections to work with the Linux seccomp2 sandbox
- code. Fixes bug 16212; bugfix on 0.2.6.2-alpha. Patch by
- Peter Palfrader.
- - Fix sandboxing to work when running as a relay, by allowing the
- renaming of secret_id_key, and allowing the eventfd2 and futex
- syscalls. Fixes bug 16244; bugfix on 0.2.6.1-alpha. Patch by
- Peter Palfrader.
- o Minor bugfixes (logging):
- - When building Tor under Clang, do not include an extra set of
- parentheses in log messages that include function names. Fixes bug
- 15269; bugfix on every released version of Tor when compiled with
- recent enough Clang.
- o Minor bugfixes (network):
- - When attempting to use fallback technique for network interface
- lookup, disregard loopback and multicast addresses since they are
- unsuitable for public communications.
- o Minor bugfixes (open file limit):
- - Fix set_max_file_descriptors() to set by default the max open file
- limit to the current limit when setrlimit() fails. Fixes bug
- 16274; bugfix on tor- 0.2.0.10-alpha. Patch by dgoulet.
- o Minor bugfixes (portability):
- - Check correctly for Windows socket errors in the workqueue
- backend. Fixes bug 16741; bugfix on 0.2.6.3-alpha.
- - Try harder to normalize the exit status of the Tor process to the
- standard-provided range. Fixes bug 16975; bugfix on every version
- of Tor ever.
- - Use libexecinfo on FreeBSD to enable backtrace support. Fixes part
- of bug 17151; bugfix on 0.2.5.2-alpha. Patch from Marcin Cieślak.
- o Minor bugfixes (relay):
- - Ensure that worker threads actually exit when a fatal error or
- shutdown is indicated. This fix doesn't currently affect the
- behavior of Tor, because Tor workers never indicates fatal error
- or shutdown except in the unit tests. Fixes bug 16868; bugfix
- on 0.2.6.3-alpha.
- - Fix a rarely-encountered memory leak when failing to initialize
- the thread pool. Fixes bug 16631; bugfix on 0.2.6.3-alpha. Patch
- from "cypherpunks".
- - Unblock threads before releasing the work queue mutex to ensure
- predictable scheduling behavior. Fixes bug 16644; bugfix
- on 0.2.6.3-alpha.
- o Minor bugfixes (security, exit policies):
- - ExitPolicyRejectPrivate now also rejects the relay's published
- IPv6 address (if any), and any publicly routable IPv4 or IPv6
- addresses on any local interfaces. ticket 17027. Patch by "teor".
- Fixes bug 17027; bugfix on 0.2.0.11-alpha.
- o Minor bugfixes (statistics):
- - Disregard the ConnDirectionStatistics torrc options when Tor is
- not a relay since in that mode of operation no sensible data is
- being collected and because Tor might run into measurement hiccups
- when running as a client for some time, then becoming a relay.
- Fixes bug 15604; bugfix on 0.2.2.35.
- o Minor bugfixes (systemd):
- - Tor's systemd unit file no longer contains extraneous spaces.
- These spaces would sometimes confuse tools like deb-systemd-
- helper. Fixes bug 16162; bugfix on 0.2.5.5-alpha.
- o Minor bugfixes (test networks):
- - When self-testing reachability, use ExtendAllowPrivateAddresses to
- determine if local/private addresses imply reachability. The
- previous fix used TestingTorNetwork, which implies
- ExtendAllowPrivateAddresses, but this excluded rare configurations
- where ExtendAllowPrivateAddresses is set but TestingTorNetwork is
- not. Fixes bug 15771; bugfix on 0.2.6.1-alpha. Patch by "teor",
- issue discovered by CJ Ess.
- o Minor bugfixes (tests, also in 0.2.6.9):
- - Fix a crash in the unit tests when built with MSVC2013. Fixes bug
- 16030; bugfix on 0.2.6.2-alpha. Patch from "NewEraCracker".
- o Code simplification and refactoring:
- - Change the function that's called when we need to retry all
- downloads so that it only reschedules the downloads to happen
- immediately, rather than launching them all at once itself. This
- further simplifies Tor's callgraph.
- - Define WINVER and _WIN32_WINNT centrally, in orconfig.h, in order
- to ensure they remain consistent and visible everywhere.
- - Move some format-parsing functions out of crypto.c and
- crypto_curve25519.c into crypto_format.c and/or util_format.c.
- - Move the client-only parts of init_keys() into a separate
- function. Closes ticket 16763.
- - Move the hacky fallback code out of get_interface_address6() into
- separate function and get it covered with unit-tests. Resolves
- ticket 14710.
- - Refactor hidden service client-side cache lookup to intelligently
- report its various failure cases, and disentangle failure cases
- involving a lack of introduction points. Closes ticket 14391.
- - Remove some vestigial workarounds for the MSVC6 compiler. We
- haven't supported that in ages.
- - Remove the unused "nulterminate" argument from buf_pullup().
- - Simplify the microdesc_free() implementation so that it no longer
- appears (to code analysis tools) to potentially invoke a huge
- suite of other microdesc functions.
- - Simply the control graph further by deferring the inner body of
- directory_all_unreachable() into a callback. Closes ticket 16762.
- - The link authentication code has been refactored for better
- testability and reliability. It now uses code generated with the
- "trunnel" binary encoding generator, to reduce the risk of bugs
- due to programmer error. Done as part of ticket 12498.
- - Treat the loss of an owning controller as equivalent to a SIGTERM
- signal. This removes a tiny amount of duplicated code, and
- simplifies our callgraph. Closes ticket 16788.
- - Use our own Base64 encoder instead of OpenSSL's, to allow more
- control over the output. Part of ticket 15652.
- - When generating an event to send to the controller, we no longer
- put the event over the network immediately. Instead, we queue
- these events, and use a Libevent callback to deliver them. This
- change simplifies Tor's callgraph by reducing the number of
- functions from which all other Tor functions are reachable. Closes
- ticket 16695.
- - Wrap Windows-only C files inside '#ifdef _WIN32' so that tools
- that try to scan or compile every file on Unix won't decide that
- they are broken.
- o Documentation:
- - Fix capitalization of SOCKS in sample torrc. Closes ticket 15609.
- - Improve the descriptions of statistics-related torrc options in
- the manpage to describe rationale and possible uses cases. Fixes
- issue 15550.
- - Improve the layout and formatting of ./configure --help messages.
- Closes ticket 15024. Patch from "cypherpunks".
- - Include a specific and (hopefully) accurate documentation of the
- torrc file's meta-format in doc/torrc_format.txt. This is mainly
- of interest to people writing programs to parse or generate torrc
- files. This document is not a commitment to long-term
- compatibility; some aspects of the current format are a bit
- ridiculous. Closes ticket 2325.
- - Include the TUNING document in our source tarball. It is referred
- to in the ChangeLog and an error message. Fixes bug 16929; bugfix
- on 0.2.6.1-alpha.
- - Note that HiddenServicePorts can take a unix domain socket. Closes
- ticket 17364.
- - Recommend a 40 GB example AccountingMax in torrc.sample rather
- than a 4 GB max. Closes ticket 16742.
- - Standardize on the term "server descriptor" in the manual page.
- Previously, we had used "router descriptor", "server descriptor",
- and "relay descriptor" interchangeably. Part of ticket 14987.
- - Advise users on how to configure separate IPv4 and IPv6 exit
- policies in the manpage and sample torrcs. Related to ticket 16069.
- - Fix an error in the manual page and comments for
- TestingDirAuthVoteHSDir[IsStrict], which suggested that a HSDir
- required "ORPort connectivity". While this is true, it is in no
- way unique to the HSDir flag. Of all the flags, only HSDirs need a
- DirPort configured in order for the authorities to assign that
- particular flag. Patch by "teor". Fixed as part of 14882; bugfix
- on 0.2.6.3-alpha.
- - Fix the usage message of tor-resolve(1) so that it no longer lists
- the removed -F option. Fixes bug 16913; bugfix on 0.2.2.28-beta.
- o Removed code:
- - Remove `USE_OPENSSL_BASE64` and the corresponding fallback code
- and always use the internal Base64 decoder. The internal decoder
- has been part of tor since 0.2.0.10-alpha, and no one should
- be using the OpenSSL one. Part of ticket 15652.
- - Remove the 'tor_strclear()' function; use memwipe() instead.
- Closes ticket 14922.
- - Remove the code that would try to aggressively flush controller
- connections while writing to them. This code was introduced in
- 0.1.2.7-alpha, in order to keep output buffers from exceeding
- their limits. But there is no longer a maximum output buffer size,
- and flushing data in this way caused some undesirable recursions
- in our call graph. Closes ticket 16480.
- - The internal pure-C tor-fw-helper tool is now removed from the Tor
- distribution, in favor of the pure-Go clone available from
- https://gitweb.torproject.org/tor-fw-helper.git/ . The libraries
- used by the C tor-fw-helper are not, in our opinion, very
- confidence- inspiring in their secure-programming techniques.
- Closes ticket 13338.
- o Removed features:
- - Remove the (seldom-used) DynamicDHGroups feature. For anti-
- fingerprinting we now recommend pluggable transports; for forward-
- secrecy in TLS, we now use the P-256 group. Closes ticket 13736.
- - Remove the HidServDirectoryV2 option. Now all relays offer to
- store hidden service descriptors. Related to 16543.
- - Remove the VoteOnHidServDirectoriesV2 option, since all
- authorities have long set it to 1. Closes ticket 16543.
- - Remove the undocumented "--digests" command-line option. It
- complicated our build process, caused subtle build issues on
- multiple platforms, and is now redundant since we started
- including git version identifiers. Closes ticket 14742.
- - Tor no longer contains checks for ancient directory cache versions
- that didn't know about microdescriptors.
- - Tor no longer contains workarounds for stat files generated by
- super-old versions of Tor that didn't choose guards sensibly.
- o Testing:
- - The test-network.sh script now supports performance testing.
- Requires corresponding chutney performance testing changes. Patch
- by "teor". Closes ticket 14175.
- - Add a new set of callgraph analysis scripts that use clang to
- produce a list of which Tor functions are reachable from which
- other Tor functions. We're planning to use these to help simplify
- our code structure by identifying illogical dependencies.
- - Add new 'test-full' and 'test-full-online' targets to run all
- tests, including integration tests with stem and chutney.
- - Autodetect CHUTNEY_PATH if the chutney and Tor sources are side-
- by-side in the same parent directory. Closes ticket 16903. Patch
- by "teor".
- - Document use of coverity, clang static analyzer, and clang dynamic
- undefined behavior and address sanitizers in doc/HACKING. Include
- detailed usage instructions in the blacklist. Patch by "teor".
- Closes ticket 15817.
- - Make "bridges+hs" the default test network. This tests almost all
- tor functionality during make test-network, while allowing tests
- to succeed on non-IPv6 systems. Requires chutney commit 396da92 in
- test-network-bridges-hs. Closes tickets 16945 (tor) and 16946
- (chutney). Patches by "teor".
- - Make the test-workqueue test work on Windows by initializing the
- network before we begin.
- - New make target (make test-network-all) to run multiple applicable
- chutney test cases. Patch from Teor; closes 16953.
- - Now that OpenSSL has its own scrypt implementation, add an unit
- test that checks for interoperability between libscrypt_scrypt()
- and OpenSSL's EVP_PBE_scrypt() so that we could not use libscrypt
- and rely on EVP_PBE_scrypt() whenever possible. Resolves
- ticket 16189.
- - The link authentication protocol code now has extensive tests.
- - The relay descriptor signature testing code now has
- extensive tests.
- - The test_workqueue program now runs faster, and is enabled by
- default as a part of "make check".
- - Unit test dns_resolve(), dns_clip_ttl() and dns_get_expiry_ttl()
- functions in dns.c. Implements a portion of ticket 16831.
- - Use environment variables rather than autoconf substitutions to
- send variables from the build system to the test scripts. This
- change should be easier to maintain, and cause 'make distcheck' to
- work better than before. Fixes bug 17148.
- - When building Tor with testing coverage enabled, run Chutney tests
- (if any) using the 'tor-cov' coverage binary.
- - When running test-network or test-stem, check for the absence of
- stem/chutney before doing any build operations.
- - Add a test to verify that the compiler does not eliminate our
- memwipe() implementation. Closes ticket 15377.
- - Add make rule `check-changes` to verify the format of changes
- files. Closes ticket 15180.
- - Add unit tests for control_event_is_interesting(). Add a compile-
- time check that the number of events doesn't exceed the capacity
- of control_event_t.event_mask. Closes ticket 15431, checks for
- bugs similar to 13085. Patch by "teor".
- - Command-line argument tests moved to Stem. Resolves ticket 14806.
- - Integrate the ntor, backtrace, and zero-length keys tests into the
- automake test suite. Closes ticket 15344.
- - Remove assertions during builds to determine Tor's test coverage.
- We don't want to trigger these even in assertions, so including
- them artificially makes our branch coverage look worse than it is.
- This patch provides the new test-stem-full and coverage-html-full
- configure options. Implements ticket 15400.
- - New TestingDirAuthVote{Exit,Guard,HSDir}IsStrict flags to
- explicitly manage consensus flags in testing networks. Patch by
- "robgjansen", modified by "teor". Implements part of ticket 14882.
- - Check for matching value in server response in ntor_ref.py. Fixes
- bug 15591; bugfix on 0.2.4.8-alpha. Reported and fixed
- by "joelanders".
- - Set the severity correctly when testing
- get_interface_addresses_ifaddrs() and
- get_interface_addresses_win32(), so that the tests fail gracefully
- instead of triggering an assertion. Fixes bug 15759; bugfix on
- 0.2.6.3-alpha. Reported by Nicolas Derive.
- Changes in version 0.2.6.10 - 2015-07-12
- Tor version 0.2.6.10 fixes some significant stability and hidden
- service client bugs, bulletproofs the cryptography init process, and
- fixes a bug when using the sandbox code with some older versions of
- Linux. Everyone running an older version, especially an older version
- of 0.2.6, should upgrade.
- o Major bugfixes (hidden service clients, stability):
- - Stop refusing to store updated hidden service descriptors on a
- client. This reverts commit 9407040c59218 (which indeed fixed bug
- 14219, but introduced a major hidden service reachability
- regression detailed in bug 16381). This is a temporary fix since
- we can live with the minor issue in bug 14219 (it just results in
- some load on the network) but the regression of 16381 is too much
- of a setback. First-round fix for bug 16381; bugfix
- on 0.2.6.3-alpha.
- o Major bugfixes (stability):
- - Stop crashing with an assertion failure when parsing certain kinds
- of malformed or truncated microdescriptors. Fixes bug 16400;
- bugfix on 0.2.6.1-alpha. Found by "torkeln"; fix based on a patch
- by "cypherpunks_backup".
- - Stop random client-side assertion failures that could occur when
- connecting to a busy hidden service, or connecting to a hidden
- service while a NEWNYM is in progress. Fixes bug 16013; bugfix
- on 0.1.0.1-rc.
- o Minor features (geoip):
- - Update geoip to the June 3 2015 Maxmind GeoLite2 Country database.
- - Update geoip6 to the June 3 2015 Maxmind GeoLite2 Country database.
- o Minor bugfixes (crypto error-handling):
- - Check for failures from crypto_early_init, and refuse to continue.
- A previous typo meant that we could keep going with an
- uninitialized crypto library, and would have OpenSSL initialize
- its own PRNG. Fixes bug 16360; bugfix on 0.2.5.2-alpha, introduced
- when implementing ticket 4900. Patch by "teor".
- o Minor bugfixes (Linux seccomp2 sandbox):
- - Allow pipe() and pipe2() syscalls in the seccomp2 sandbox: we need
- these when eventfd2() support is missing. Fixes bug 16363; bugfix
- on 0.2.6.3-alpha. Patch from "teor".
- Changes in version 0.2.6.9 - 2015-06-11
- Tor 0.2.6.9 fixes a regression in the circuit isolation code, increases the
- requirements for receiving an HSDir flag, and addresses some other small
- bugs in the systemd and sandbox code. Clients using circuit isolation
- should upgrade; all directory authorities should upgrade.
- o Major bugfixes (client-side privacy):
- - Properly separate out each SOCKSPort when applying stream
- isolation. The error occurred because each port's session group was
- being overwritten by a default value when the listener connection
- was initialized. Fixes bug 16247; bugfix on 0.2.6.3-alpha. Patch
- by "jojelino".
- o Minor feature (directory authorities, security):
- - The HSDir flag given by authorities now requires the Stable flag.
- For the current network, this results in going from 2887 to 2806
- HSDirs. Also, it makes it harder for an attacker to launch a sybil
- attack by raising the effort for a relay to become Stable which
- takes at the very least 7 days to do so and by keeping the 96
- hours uptime requirement for HSDir. Implements ticket 8243.
- o Minor bugfixes (compilation):
- - Build with --enable-systemd correctly when libsystemd is
- installed, but systemd is not. Fixes bug 16164; bugfix on
- 0.2.6.3-alpha. Patch from Peter Palfrader.
- o Minor bugfixes (Linux seccomp2 sandbox):
- - Fix sandboxing to work when running as a relaymby renaming of
- secret_id_key, and allowing the eventfd2 and futex syscalls. Fixes
- bug 16244; bugfix on 0.2.6.1-alpha. Patch by Peter Palfrader.
- - Allow systemd connections to work with the Linux seccomp2 sandbox
- code. Fixes bug 16212; bugfix on 0.2.6.2-alpha. Patch by
- Peter Palfrader.
- o Minor bugfixes (tests):
- - Fix a crash in the unit tests when built with MSVC2013. Fixes bug
- 16030; bugfix on 0.2.6.2-alpha. Patch from "NewEraCracker".
- Changes in version 0.2.6.8 - 2015-05-21
- Tor 0.2.6.8 fixes a bit of dodgy code in parsing INTRODUCE2 cells, and
- fixes an authority-side bug in assigning the HSDir flag. All directory
- authorities should upgrade.
- o Major bugfixes (hidden services, backport from 0.2.7.1-alpha):
- - Revert commit that made directory authorities assign the HSDir
- flag to relay without a DirPort; this was bad because such relays
- can't handle BEGIN_DIR cells. Fixes bug 15850; bugfix
- on 0.2.6.3-alpha.
- o Minor bugfixes (hidden service, backport from 0.2.7.1-alpha):
- - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on
- a client authorized hidden service. Fixes bug 15823; bugfix
- on 0.2.1.6-alpha.
- o Minor features (geoip):
- - Update geoip to the April 8 2015 Maxmind GeoLite2 Country database.
- - Update geoip6 to the April 8 2015 Maxmind GeoLite2
- Country database.
- Changes in version 0.2.6.7 - 2015-04-06
- Tor 0.2.6.7 fixes two security issues that could be used by an
- attacker to crash hidden services, or crash clients visiting hidden
- services. Hidden services should upgrade as soon as possible; clients
- should upgrade whenever packages become available.
- This release also contains two simple improvements to make hidden
- services a bit less vulnerable to denial-of-service attacks.
- o Major bugfixes (security, hidden service):
- - Fix an issue that would allow a malicious client to trigger an
- assertion failure and halt a hidden service. Fixes bug 15600;
- bugfix on 0.2.1.6-alpha. Reported by "disgleirio".
- - Fix a bug that could cause a client to crash with an assertion
- failure when parsing a malformed hidden service descriptor. Fixes
- bug 15601; bugfix on 0.2.1.5-alpha. Found by "DonnchaC".
- o Minor features (DoS-resistance, hidden service):
- - Introduction points no longer allow multiple INTRODUCE1 cells to
- arrive on the same circuit. This should make it more expensive for
- attackers to overwhelm hidden services with introductions.
- Resolves ticket 15515.
- - Decrease the amount of reattempts that a hidden service performs
- when its rendezvous circuits fail. This reduces the computational
- cost for running a hidden service under heavy load. Resolves
- ticket 11447.
- Changes in version 0.2.5.12 - 2015-04-06
- Tor 0.2.5.12 backports two fixes from 0.2.6.7 for security issues that
- could be used by an attacker to crash hidden services, or crash clients
- visiting hidden services. Hidden services should upgrade as soon as
- possible; clients should upgrade whenever packages become available.
- This release also backports a simple improvement to make hidden
- services a bit less vulnerable to denial-of-service attacks.
- o Major bugfixes (security, hidden service):
- - Fix an issue that would allow a malicious client to trigger an
- assertion failure and halt a hidden service. Fixes bug 15600;
- bugfix on 0.2.1.6-alpha. Reported by "disgleirio".
- - Fix a bug that could cause a client to crash with an assertion
- failure when parsing a malformed hidden service descriptor. Fixes
- bug 15601; bugfix on 0.2.1.5-alpha. Found by "DonnchaC".
- o Minor features (DoS-resistance, hidden service):
- - Introduction points no longer allow multiple INTRODUCE1 cells to
- arrive on the same circuit. This should make it more expensive for
- attackers to overwhelm hidden services with introductions.
- Resolves ticket 15515.
- Changes in version 0.2.4.27 - 2015-04-06
- Tor 0.2.4.27 backports two fixes from 0.2.6.7 for security issues that
- could be used by an attacker to crash hidden services, or crash clients
- visiting hidden services. Hidden services should upgrade as soon as
- possible; clients should upgrade whenever packages become available.
- This release also backports a simple improvement to make hidden
- services a bit less vulnerable to denial-of-service attacks.
- o Major bugfixes (security, hidden service):
- - Fix an issue that would allow a malicious client to trigger an
- assertion failure and halt a hidden service. Fixes bug 15600;
- bugfix on 0.2.1.6-alpha. Reported by "disgleirio".
- - Fix a bug that could cause a client to crash with an assertion
- failure when parsing a malformed hidden service descriptor. Fixes
- bug 15601; bugfix on 0.2.1.5-alpha. Found by "DonnchaC".
- o Minor features (DoS-resistance, hidden service):
- - Introduction points no longer allow multiple INTRODUCE1 cells to
- arrive on the same circuit. This should make it more expensive for
- attackers to overwhelm hidden services with introductions.
- Resolves ticket 15515.
- Changes in version 0.2.6.6 - 2015-03-24
- Tor 0.2.6.6 is the first stable release in the 0.2.6 series.
- It adds numerous safety, security, correctness, and performance
- improvements. Client programs can be configured to use more kinds of
- sockets, AutomapHosts works better, the multithreading backend is
- improved, cell transmission is refactored, test coverage is much
- higher, more denial-of-service attacks are handled, guard selection is
- improved to handle long-term guards better, pluggable transports
- should work a bit better, and some annoying hidden service performance
- bugs should be addressed.
- o New compiler and system requirements:
- - Tor 0.2.6.x requires that your compiler support more of the C99
- language standard than before. The 'configure' script now detects
- whether your compiler supports C99 mid-block declarations and
- designated initializers. If it does not, Tor will not compile.
- We may revisit this requirement if it turns out that a significant
- number of people need to build Tor with compilers that don't
- bother implementing a 15-year-old standard. Closes ticket 13233.
- - Tor no longer supports systems without threading support. When we
- began working on Tor, there were several systems that didn't have
- threads, or where the thread support wasn't able to run the
- threads of a single process on multiple CPUs. That no longer
- holds: every system where Tor needs to run well now has threading
- support. Resolves ticket 12439.
- o Deprecated versions and removed support:
- - Tor relays older than 0.2.4.18-rc are no longer allowed to
- advertise themselves on the network. Closes ticket 13555.
- - Tor clients no longer support connecting to hidden services
- running on Tor 0.2.2.x and earlier; the Support022HiddenServices
- option has been removed. (There shouldn't be any hidden services
- running these versions on the network.) Closes ticket 7803.
- o Directory authority changes:
- - The directory authority Faravahar has a new IP address. This
- closes ticket 14487.
- - Remove turtles as a directory authority.
- - Add longclaw as a new (v3) directory authority. This implements
- ticket 13296. This keeps the directory authority count at 9.
- o Major features (bridges):
- - Expose the outgoing upstream HTTP/SOCKS proxy to pluggable
- transports if they are configured via the "TOR_PT_PROXY"
- environment variable. Implements proposal 232. Resolves
- ticket 8402.
- o Major features (changed defaults):
- - Prevent relay operators from unintentionally running exits: When a
- relay is configured as an exit node, we now warn the user unless
- the "ExitRelay" option is set to 1. We warn even more loudly if
- the relay is configured with the default exit policy, since this
- can indicate accidental misconfiguration. Setting "ExitRelay 0"
- stops Tor from running as an exit relay. Closes ticket 10067.
- o Major features (client performance, hidden services):
- - Allow clients to use optimistic data when connecting to a hidden
- service, which should remove a round-trip from hidden service
- initialization. See proposal 181 for details. Implements
- ticket 13211.
- o Major features (directory system):
- - Upon receiving an unparseable directory object, if its digest
- matches what we expected, then don't try to download it again.
- Previously, when we got a descriptor we didn't like, we would keep
- trying to download it over and over. Closes ticket 11243.
- - When downloading server- or microdescriptors from a directory
- server, we no longer launch multiple simultaneous requests to the
- same server. This reduces load on the directory servers,
- especially when directory guards are in use. Closes ticket 9969.
- - When downloading server- or microdescriptors over a tunneled
- connection, do not limit the length of our requests to what the
- Squid proxy is willing to handle. Part of ticket 9969.
- - Authorities can now vote on the correct digests and latest
- versions for different software packages. This allows packages
- that include Tor to use the Tor authority system as a way to get
- notified of updates and their correct digests. Implements proposal
- 227. Closes ticket 10395.
- o Major features (guards):
- - Introduce the Guardfraction feature to improves load balancing on
- guard nodes. Specifically, it aims to reduce the traffic gap that
- guard nodes experience when they first get the Guard flag. This is
- a required step if we want to increase the guard lifetime to 9
- months or greater. Closes ticket 9321.
- o Major features (hidden services):
- - Make HS port scanning more difficult by immediately closing the
- circuit when a user attempts to connect to a nonexistent port.
- Closes ticket 13667.
- - Add a HiddenServiceStatistics option that allows Tor relays to
- gather and publish statistics about the overall size and volume of
- hidden service usage. Specifically, when this option is turned on,
- an HSDir will publish an approximate number of hidden services
- that have published descriptors to it the past 24 hours. Also, if
- a relay has acted as a hidden service rendezvous point, it will
- publish the approximate amount of rendezvous cells it has relayed
- the past 24 hours. The statistics themselves are obfuscated so
- that the exact values cannot be derived. For more details see
- proposal 238, "Better hidden service stats from Tor relays". This
- feature is currently disabled by default. Implements feature 13192.
- o Major features (performance):
- - Make the CPU worker implementation more efficient by avoiding the
- kernel and lengthening pipelines. The original implementation used
- sockets to transfer data from the main thread to the workers, and
- didn't allow any thread to be assigned more than a single piece of
- work at once. The new implementation avoids communications
- overhead by making requests in shared memory, avoiding kernel IO
- where possible, and keeping more requests in flight at once.
- Implements ticket 9682.
- o Major features (relay):
- - Raise the minimum acceptable configured bandwidth rate for bridges
- to 50 KiB/sec and for relays to 75 KiB/sec. (The old values were
- 20 KiB/sec.) Closes ticket 13822.
- - Complete revision of the code that relays use to decide which cell
- to send next. Formerly, we selected the best circuit to write on
- each channel, but we didn't select among channels in any
- sophisticated way. Now, we choose the best circuits globally from
- among those whose channels are ready to deliver traffic.
- This patch implements a new inter-cmux comparison API, a global
- high/low watermark mechanism and a global scheduler loop for
- transmission prioritization across all channels as well as among
- circuits on one channel. This schedule is currently tuned to
- (tolerantly) avoid making changes in network performance, but it
- should form the basis for major circuit performance increases in
- the future. Code by Andrea; tuning by Rob Jansen; implements
- ticket 9262.
- o Major features (sample torrc):
- - Add a new, infrequently-changed "torrc.minimal". This file is
- similar to torrc.sample, but it will change as infrequently as
- possible, for the benefit of users whose systems prompt them for
- intervention whenever a default configuration file is changed.
- Making this change allows us to update torrc.sample to be a more
- generally useful "sample torrc".
- o Major features (security, unix domain sockets):
- - Allow SocksPort to be an AF_UNIX Unix Domain Socket. Now high risk
- applications can reach Tor without having to create AF_INET or
- AF_INET6 sockets, meaning they can completely disable their
- ability to make non-Tor network connections. To create a socket of
- this type, use "SocksPort unix:/path/to/socket". Implements
- ticket 12585.
- - Support mapping hidden service virtual ports to AF_UNIX sockets.
- The syntax is "HiddenServicePort 80 unix:/path/to/socket".
- Implements ticket 11485.
- o Major bugfixes (client, automap):
- - Repair automapping with IPv6 addresses. This automapping should
- have worked previously, but one piece of debugging code that we
- inserted to detect a regression actually caused the regression to
- manifest itself again. Fixes bug 13811 and bug 12831; bugfix on
- 0.2.4.7-alpha. Diagnosed and fixed by Francisco Blas
- Izquierdo Riera.
- o Major bugfixes (crash, OSX, security):
- - Fix a remote denial-of-service opportunity caused by a bug in
- OSX's _strlcat_chk() function. Fixes bug 15205; bug first appeared
- in OSX 10.9.
- o Major bugfixes (directory authorities):
- - Do not assign the HSDir flag to relays if they are not Valid, or
- currently hibernating. Fixes 12573; bugfix on 0.2.0.10-alpha.
- o Major bugfixes (directory bandwidth performance):
- - Don't flush the zlib buffer aggressively when compressing
- directory information for clients. This should save about 7% of
- the bandwidth currently used for compressed descriptors and
- microdescriptors. Fixes bug 11787; bugfix on 0.1.1.23.
- o Major bugfixes (exit node stability):
- - Fix an assertion failure that could occur under high DNS load.
- Fixes bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr";
- diagnosed and fixed by "cypherpunks".
- o Major bugfixes (FreeBSD IPFW transparent proxy):
- - Fix address detection with FreeBSD transparent proxies, when
- "TransProxyType ipfw" is in use. Fixes bug 15064; bugfix
- on 0.2.5.4-alpha.
- o Major bugfixes (hidden services):
- - When closing an introduction circuit that was opened in parallel
- with others, don't mark the introduction point as unreachable.
- Previously, the first successful connection to an introduction
- point would make the other introduction points get marked as
- having timed out. Fixes bug 13698; bugfix on 0.0.6rc2.
- o Major bugfixes (Linux seccomp2 sandbox):
- - Upon receiving sighup with the seccomp2 sandbox enabled, do not
- crash during attempts to call wait4. Fixes bug 15088; bugfix on
- 0.2.5.1-alpha. Patch from "sanic".
- o Major bugfixes (mixed relay-client operation):
- - When running as a relay and client at the same time (not
- recommended), if we decide not to use a new guard because we want
- to retry older guards, only close the locally-originating circuits
- passing through that guard. Previously we would close all the
- circuits through that guard. Fixes bug 9819; bugfix on
- 0.2.1.1-alpha. Reported by "skruffy".
- o Major bugfixes (pluggable transports):
- - Initialize the extended OR Port authentication cookie before
- launching pluggable transports. This prevents a race condition
- that occured when server-side pluggable transports would cache the
- authentication cookie before it has been (re)generated. Fixes bug
- 15240; bugfix on 0.2.5.1-alpha.
- o Major bugfixes (relay, stability, possible security):
- - Fix a bug that could lead to a relay crashing with an assertion
- failure if a buffer of exactly the wrong layout is passed to
- buf_pullup() at exactly the wrong time. Fixes bug 15083; bugfix on
- 0.2.0.10-alpha. Patch from "cypherpunks".
- - Do not assert if the 'data' pointer on a buffer is advanced to the
- very end of the buffer; log a BUG message instead. Only assert if
- it is past that point. Fixes bug 15083; bugfix on 0.2.0.10-alpha.
- o Minor features (build):
- - New --disable-system-torrc compile-time option to prevent Tor from
- looking for the system-wide torrc or torrc-defaults files.
- Resolves ticket 13037.
- o Minor features (client):
- - Clients are now willing to send optimistic data (before they
- receive a 'connected' cell) to relays of any version. (Relays
- without support for optimistic data are no longer supported on the
- Tor network.) Resolves ticket 13153.
- o Minor features (client):
- - Validate hostnames in SOCKS5 requests more strictly. If SafeSocks
- is enabled, reject requests with IP addresses as hostnames.
- Resolves ticket 13315.
- o Minor features (controller):
- - Add a "SIGNAL HEARTBEAT" controller command that tells Tor to
- write an unscheduled heartbeat message to the log. Implements
- feature 9503.
- - Include SOCKS_USERNAME and SOCKS_PASSWORD values in controller
- events so controllers can observe circuit isolation inputs. Closes
- ticket 8405.
- - ControlPort now supports the unix:/path/to/socket syntax as an
- alternative to the ControlSocket option, for consistency with
- SocksPort and HiddenServicePort. Closes ticket 14451.
- - New "GETINFO bw-event-cache" to get information about recent
- bandwidth events. Closes ticket 14128. Useful for controllers to
- get recent bandwidth history after the fix for ticket 13988.
- - Messages about problems in the bootstrap process now include
- information about the server we were trying to connect to when we
- noticed the problem. Closes ticket 15006.
- o Minor features (Denial of service resistance):
- - Count the total number of bytes used storing hidden service
- descriptors against the value of MaxMemInQueues. If we're low on
- memory, and more than 20% of our memory is used holding hidden
- service descriptors, free them until no more than 10% of our
- memory holds hidden service descriptors. Free the least recently
- fetched descriptors first. Resolves ticket 13806.
- - When we have recently been under memory pressure (over 3/4 of
- MaxMemInQueues is allocated), then allocate smaller zlib objects
- for small requests. Closes ticket 11791.
- o Minor features (directory authorities):
- - Don't list relays with a bandwidth estimate of 0 in the consensus.
- Implements a feature proposed during discussion of bug 13000.
- - In tor-gencert, report an error if the user provides the same
- argument more than once.
- - If a directory authority can't find a best consensus method in the
- votes that it holds, it now falls back to its favorite consensus
- method. Previously, it fell back to method 1. Neither of these is
- likely to get enough signatures, but "fall back to favorite"
- doesn't require us to maintain support an obsolete consensus
- method. Implements part of proposal 215.
- o Minor features (geoip):
- - Update geoip to the March 3 2015 Maxmind GeoLite2 Country database.
- - Update geoip6 to the March 3 2015 Maxmind GeoLite2
- Country database.
- o Minor features (guard nodes):
- - Reduce the time delay before saving guard status to disk from 10
- minutes to 30 seconds (or from one hour to 10 minutes if
- AvoidDiskWrites is set). Closes ticket 12485.
- o Minor features (heartbeat):
- - On relays, report how many connections we negotiated using each
- version of the Tor link protocols. This information will let us
- know if removing support for very old versions of the Tor
- protocols is harming the network. Closes ticket 15212.
- o Minor features (hidden service):
- - Make Sybil attacks against hidden services harder by changing the
- minimum time required to get the HSDir flag from 25 hours up to 96
- hours. Addresses ticket 14149.
- - New option "HiddenServiceAllowUnknownPorts" to allow hidden
- services to disable the anti-scanning feature introduced in
- 0.2.6.2-alpha. With this option not set, a connection to an
- unlisted port closes the circuit. With this option set, only a
- RELAY_DONE cell is sent. Closes ticket 14084.
- - When re-enabling the network, don't try to build introduction
- circuits until we have successfully built a circuit. This makes
- hidden services come up faster when the network is re-enabled.
- Patch from "akwizgran". Closes ticket 13447.
- - When we fail to retrieve a hidden service descriptor, send the
- controller an "HS_DESC FAILED" controller event. Implements
- feature 13212.
- - New HiddenServiceDirGroupReadable option to cause hidden service
- directories and hostname files to be created group-readable. Patch
- from "anon", David Stainton, and "meejah". Closes ticket 11291.
- o Minor features (interface):
- - Implement "-f -" command-line option to read torrc configuration
- from standard input, if you don't want to store the torrc file in
- the file system. Implements feature 13865.
- o Minor features (logging):
- - Add a count of unique clients to the bridge heartbeat message.
- Resolves ticket 6852.
- - Suppress "router info incompatible with extra info" message when
- reading extrainfo documents from cache. (This message got loud
- around when we closed bug 9812 in 0.2.6.2-alpha.) Closes
- ticket 13762.
- - Elevate hidden service authorized-client message from DEBUG to
- INFO. Closes ticket 14015.
- - On Unix-like systems, you can now use named pipes as the target of
- the Log option, and other options that try to append to files.
- Closes ticket 12061. Patch from "carlo von lynX".
- - When opening a log file at startup, send it every log message that
- we generated between startup and opening it. Previously, log
- messages that were generated before opening the log file were only
- logged to stdout. Closes ticket 6938.
- - Add a TruncateLogFile option to overwrite logs instead of
- appending to them. Closes ticket 5583.
- - Quiet some log messages in the heartbeat and at startup. Closes
- ticket 14950.
- o Minor features (portability, Solaris):
- - Threads are no longer disabled by default on Solaris; we believe
- that the versions of Solaris with broken threading support are all
- obsolete by now. Resolves ticket 9495.
- o Minor features (relay):
- - Re-check our address after we detect a changed IP address from
- getsockname(). This ensures that the controller command "GETINFO
- address" will report the correct value. Resolves ticket 11582.
- Patch from "ra".
- - A new AccountingRule option lets Relays set whether they'd like
- AccountingMax to be applied separately to inbound and outbound
- traffic, or applied to the sum of inbound and outbound traffic.
- Resolves ticket 961. Patch by "chobe".
- - When identity keypair is generated for first time, log a
- congratulatory message that links to the new relay lifecycle
- document. Implements feature 10427.
- o Minor features (security, memory wiping):
- - Ensure we securely wipe keys from memory after
- crypto_digest_get_digest and init_curve25519_keypair_from_file
- have finished using them. Resolves ticket 13477.
- o Minor features (security, out-of-memory handling):
- - When handling an out-of-memory condition, allocate less memory for
- temporary data structures. Fixes issue 10115.
- - When handling an out-of-memory condition, consider more types of
- buffers, including those on directory connections, and zlib
- buffers. Resolves ticket 11792.
- o Minor features (stability):
- - Add assertions in our hash-table iteration code to check for
- corrupted values that could cause infinite loops. Closes
- ticket 11737.
- o Minor features (systemd):
- - Various improvements and modernizations in systemd hardening
- support. Closes ticket 13805. Patch from Craig Andrews.
- - Where supported, when running with systemd, report successful
- startup to systemd. Part of ticket 11016. Patch by Michael Scherer.
- - When running with systemd, support systemd watchdog messages. Part
- of ticket 11016. Patch by Michael Scherer.
- o Minor features (testing networks):
- - Add the TestingDirAuthVoteExit option, which lists nodes to assign
- the "Exit" flag regardless of their uptime, bandwidth, or exit
- policy. TestingTorNetwork must be set for this option to have any
- effect. Previously, authorities would take up to 35 minutes to
- give nodes the Exit flag in a test network. Partially implements
- ticket 13161.
- - Drop the minimum RendPostPeriod on a testing network to 5 seconds,
- and the default on a testing network to 2 minutes. Drop the
- MIN_REND_INITIAL_POST_DELAY on a testing network to 5 seconds, but
- keep the default on a testing network at 30 seconds. This reduces
- HS bootstrap time to around 25 seconds. Also, change the default
- time in test-network.sh to match. Closes ticket 13401. Patch
- by "teor".
- - Create TestingDirAuthVoteHSDir to correspond to
- TestingDirAuthVoteExit/Guard. Ensures that authorities vote the
- HSDir flag for the listed relays regardless of uptime or ORPort
- connectivity. Respects the value of VoteOnHidServDirectoriesV2.
- Partial implementation for ticket 14067. Patch by "teor".
- o Minor features (tor2web mode):
- - Introduce the config option Tor2webRendezvousPoints, which allows
- clients in Tor2webMode to select a specific Rendezvous Point to be
- used in HS circuits. This might allow better performance for
- Tor2Web nodes. Implements ticket 12844.
- o Minor features (transparent proxy):
- - Update the transparent proxy option checks to allow for both ipfw
- and pf on OS X. Closes ticket 14002.
- - Use the correct option when using IPv6 with transparent proxy
- support on Linux. Resolves 13808. Patch by Francisco Blas
- Izquierdo Riera.
- o Minor features (validation):
- - Check all date/time values passed to tor_timegm and
- parse_rfc1123_time for validity, taking leap years into account.
- Improves HTTP header validation. Implemented with bug 13476.
- - In correct_tm(), limit the range of values returned by system
- localtime(_r) and gmtime(_r) to be between the years 1 and 8099.
- This means we don't have to deal with negative or too large dates,
- even if a clock is wrong. Otherwise we might fail to read a file
- written by us which includes such a date. Fixes bug 13476.
- - Stop allowing invalid address patterns like "*/24" that contain
- both a wildcard address and a bit prefix length. This affects all
- our address-range parsing code. Fixes bug 7484; bugfix
- on 0.0.2pre14.
- o Minor bugfixes (bridge clients):
- - When configured to use a bridge without an identity digest (not
- recommended), avoid launching an extra channel to it when
- bootstrapping. Fixes bug 7733; bugfix on 0.2.4.4-alpha.
- o Minor bugfixes (bridges):
- - When DisableNetwork is set, do not launch pluggable transport
- plugins, and if any are running, terminate them. Fixes bug 13213;
- bugfix on 0.2.3.6-alpha.
- o Minor bugfixes (C correctness):
- - Fix several instances of possible integer overflow/underflow/NaN.
- Fixes bug 13104; bugfix on 0.2.3.1-alpha and later. Patches
- from "teor".
- - In circuit_build_times_calculate_timeout() in circuitstats.c,
- avoid dividing by zero in the pareto calculations. This traps
- under clang's "undefined-trap" sanitizer. Fixes bug 13290; bugfix
- on 0.2.2.2-alpha.
- - Fix an integer overflow in format_time_interval(). Fixes bug
- 13393; bugfix on 0.2.0.10-alpha.
- - Set the correct day of year value when the system's localtime(_r)
- or gmtime(_r) functions fail to set struct tm. Not externally
- visible. Fixes bug 13476; bugfix on 0.0.2pre14.
- - Avoid unlikely signed integer overflow in tor_timegm on systems
- with 32-bit time_t. Fixes bug 13476; bugfix on 0.0.2pre14.
- o Minor bugfixes (certificate handling):
- - If an authority operator accidentally makes a signing certificate
- with a future publication time, do not discard its real signing
- certificates. Fixes bug 11457; bugfix on 0.2.0.3-alpha.
- - Remove any old authority certificates that have been superseded
- for at least two days. Previously, we would keep superseded
- certificates until they expired, if they were published close in
- time to the certificate that superseded them. Fixes bug 11454;
- bugfix on 0.2.1.8-alpha.
- o Minor bugfixes (client):
- - Fix smartlist_choose_node_by_bandwidth() so that relays with the
- BadExit flag are not considered worthy candidates. Fixes bug
- 13066; bugfix on 0.1.2.3-alpha.
- - Use the consensus schedule for downloading consensuses, and not
- the generic schedule. Fixes bug 11679; bugfix on 0.2.2.6-alpha.
- - Handle unsupported or malformed SOCKS5 requests properly by
- responding with the appropriate error message before closing the
- connection. Fixes bugs 12971 and 13314; bugfix on 0.0.2pre13.
- o Minor bugfixes (client, automapping):
- - Avoid crashing on torrc lines for VirtualAddrNetworkIPv[4|6] when
- no value follows the option. Fixes bug 14142; bugfix on
- 0.2.4.7-alpha. Patch by "teor".
- - Fix a memory leak when using AutomapHostsOnResolve. Fixes bug
- 14195; bugfix on 0.1.0.1-rc.
- - Prevent changes to other options from removing the wildcard value
- "." from "AutomapHostsSuffixes". Fixes bug 12509; bugfix
- on 0.2.0.1-alpha.
- - Allow MapAddress and AutomapHostsOnResolve to work together when
- an address is mapped into another address type (like .onion) that
- must be automapped at resolve time. Fixes bug 7555; bugfix
- on 0.2.0.1-alpha.
- o Minor bugfixes (client, bridges):
- - When we are using bridges and we had a network connectivity
- problem, only retry connecting to our currently configured
- bridges, not all bridges we know about and remember using. Fixes
- bug 14216; bugfix on 0.2.2.17-alpha.
- o Minor bugfixes (client, DNS):
- - Report the correct cached DNS expiration times on SOCKS port or in
- DNS replies. Previously, we would report everything as "never
- expires." Fixes bug 14193; bugfix on 0.2.3.17-beta.
- - Avoid a small memory leak when we find a cached answer for a
- reverse DNS lookup in a client-side DNS cache. (Remember, client-
- side DNS caching is off by default, and is not recommended.) Fixes
- bug 14259; bugfix on 0.2.0.1-alpha.
- o Minor bugfixes (client, IPv6):
- - Reject socks requests to literal IPv6 addresses when IPv6Traffic
- flag is not set; and not because the NoIPv4Traffic flag was set.
- Previously we'd looked at the NoIPv4Traffic flag for both types of
- literal addresses. Fixes bug 14280; bugfix on 0.2.4.7-alpha.
- o Minor bugfixes (client, microdescriptors):
- - Use a full 256 bits of the SHA256 digest of a microdescriptor when
- computing which microdescriptors to download. This keeps us from
- erroneous download behavior if two microdescriptor digests ever
- have the same first 160 bits. Fixes part of bug 13399; bugfix
- on 0.2.3.1-alpha.
- - Reset a router's status if its microdescriptor digest changes,
- even if the first 160 bits remain the same. Fixes part of bug
- 13399; bugfix on 0.2.3.1-alpha.
- o Minor bugfixes (client, torrc):
- - Stop modifying the value of our DirReqStatistics torrc option just
- because we're not a bridge or relay. This bug was causing Tor
- Browser users to write "DirReqStatistics 0" in their torrc files
- as if they had chosen to change the config. Fixes bug 4244; bugfix
- on 0.2.3.1-alpha.
- - When GeoIPExcludeUnknown is enabled, do not incorrectly decide
- that our options have changed every time we SIGHUP. Fixes bug
- 9801; bugfix on 0.2.4.10-alpha. Patch from "qwerty1".
- o Minor bugfixes (compilation):
- - Fix a compilation warning on s390. Fixes bug 14988; bugfix
- on 0.2.5.2-alpha.
- - Silence clang warnings under --enable-expensive-hardening,
- including implicit truncation of 64 bit values to 32 bit, const
- char assignment to self, tautological compare, and additional
- parentheses around equality tests. Fixes bug 13577; bugfix
- on 0.2.5.4-alpha.
- - Fix a clang warning about checking whether an address in the
- middle of a structure is NULL. Fixes bug 14001; bugfix
- on 0.2.1.2-alpha.
- - The address of an array in the middle of a structure will always
- be non-NULL. clang recognises this and complains. Disable the
- tautologous and redundant check to silence this warning. Fixes bug
- 14001; bugfix on 0.2.1.2-alpha.
- - Compile correctly with (unreleased) OpenSSL 1.1.0 headers.
- Addresses ticket 14188.
- - Build without warnings with the stock OpenSSL srtp.h header, which
- has a duplicate declaration of SSL_get_selected_srtp_profile().
- Fixes bug 14220; this is OpenSSL's bug, not ours.
- - Do not compile any code related to Tor2Web mode when Tor2Web mode
- is not enabled at compile time. Previously, this code was included
- in a disabled state. See discussion on ticket 12844.
- - Allow our configure script to build correctly with autoconf 2.62
- again. Fixes bug 12693; bugfix on 0.2.5.2-alpha.
- - Improve the error message from ./configure to make it clear that
- when asciidoc has not been found, the user will have to either add
- --disable-asciidoc argument or install asciidoc. Resolves
- ticket 13228.
- o Minor bugfixes (controller):
- - Report "down" in response to the "GETINFO entry-guards" command
- when relays are down with an unreachable_since value. Previously,
- we would report "up". Fixes bug 14184; bugfix on 0.1.2.2-alpha.
- - Avoid crashing on a malformed EXTENDCIRCUIT command. Fixes bug
- 14116; bugfix on 0.2.2.9-alpha.
- o Minor bugfixes (controller):
- - Return an error when the second or later arguments of the
- "setevents" controller command are invalid events. Previously we
- would return success while silently skipping invalid events. Fixes
- bug 13205; bugfix on 0.2.3.2-alpha. Reported by "fpxnns".
- o Minor bugfixes (directory authority):
- - Allow directory authorities to fetch more data from one another if
- they find themselves missing lots of votes. Previously, they had
- been bumping against the 10 MB queued data limit. Fixes bug 14261;
- bugfix on 0.1.2.5-alpha.
- - Do not attempt to download extrainfo documents which we will be
- unable to validate with a matching server descriptor. Fixes bug
- 13762; bugfix on 0.2.0.1-alpha.
- - Fix a bug that was truncating AUTHDIR_NEWDESC events sent to the
- control port. Fixes bug 14953; bugfix on 0.2.0.1-alpha.
- - Enlarge the buffer to read bwauth generated files to avoid an
- issue when parsing the file in dirserv_read_measured_bandwidths().
- Fixes bug 14125; bugfix on 0.2.2.1-alpha.
- - When running as a v3 directory authority, advertise that you serve
- extra-info documents so that clients who want them can find them
- from you too. Fixes part of bug 11683; bugfix on 0.2.0.1-alpha.
- o Minor bugfixes (directory system):
- - Always believe that v3 directory authorities serve extra-info
- documents, whether they advertise "caches-extra-info" or not.
- Fixes part of bug 11683; bugfix on 0.2.0.1-alpha.
- - Check the BRIDGE_DIRINFO flag bitwise rather than using equality.
- Previously, directories offering BRIDGE_DIRINFO and some other
- flag (i.e. microdescriptors or extrainfo) would be ignored when
- looking for bridges. Partially fixes bug 13163; bugfix
- on 0.2.0.7-alpha.
- o Minor bugfixes (file handling):
- - Stop failing when key files are zero-length. Instead, generate new
- keys, and overwrite the empty key files. Fixes bug 13111; bugfix
- on all versions of Tor. Patch by "teor".
- - Stop generating a fresh .old RSA onion key file when the .old file
- is missing. Fixes part of 13111; bugfix on 0.0.6rc1.
- - Avoid overwriting .old key files with empty key files.
- - Skip loading zero-length extrainfo store, router store, stats,
- state, and key files.
- - Avoid crashing when trying to reload a torrc specified as a
- relative path with RunAsDaemon turned on. Fixes bug 13397; bugfix
- on 0.2.3.11-alpha.
- o Minor bugfixes (hidden services):
- - Close the introduction circuit when we have no more usable intro
- points, instead of waiting for it to time out. This also ensures
- that no follow-up HS descriptor fetch is triggered when the
- circuit eventually times out. Fixes bug 14224; bugfix on 0.0.6.
- - When fetching a hidden service descriptor for a down service that
- was recently up, do not keep refetching until we try the same
- replica twice in a row. Fixes bug 14219; bugfix on 0.2.0.10-alpha.
- - Correctly send a controller event when we find that a rendezvous
- circuit has finished. Fixes bug 13936; bugfix on 0.1.1.5-alpha.
- - Pre-check directory permissions for new hidden-services to avoid
- at least one case of "Bug: Acting on config options left us in a
- broken state. Dying." Fixes bug 13942; bugfix on 0.0.6pre1.
- - When fetching hidden service descriptors, we now check not only
- for whether we got the hidden service we had in mind, but also
- whether we got the particular descriptors we wanted. This prevents
- a class of inefficient but annoying DoS attacks by hidden service
- directories. Fixes bug 13214; bugfix on 0.2.1.6-alpha. Reported
- by "special".
- o Minor bugfixes (Linux seccomp2 sandbox):
- - Make transparent proxy support work along with the seccomp2
- sandbox. Fixes part of bug 13808; bugfix on 0.2.5.1-alpha. Patch
- by Francisco Blas Izquierdo Riera.
- - Fix a memory leak in tor-resolve when running with the sandbox
- enabled. Fixes bug 14050; bugfix on 0.2.5.9-rc.
- - Allow glibc fatal errors to be sent to stderr before Tor exits.
- Previously, glibc would try to write them to /dev/tty, and the
- sandbox would trap the call and make Tor exit prematurely. Fixes
- bug 14759; bugfix on 0.2.5.1-alpha.
- o Minor bugfixes (logging):
- - Avoid crashing when there are more log domains than entries in
- domain_list. Bugfix on 0.2.3.1-alpha.
- - Downgrade warnings about RSA signature failures to info log level.
- Emit a warning when an extra info document is found incompatible
- with a corresponding router descriptor. Fixes bug 9812; bugfix
- on 0.0.6rc3.
- - Make connection_ap_handshake_attach_circuit() log the circuit ID
- correctly. Fixes bug 13701; bugfix on 0.0.6.
- o Minor bugfixes (networking):
- - Check for orconns and use connection_or_close_for_error() rather
- than connection_mark_for_close() directly in the getsockopt()
- failure case of connection_handle_write_impl(). Fixes bug 11302;
- bugfix on 0.2.4.4-alpha.
- o Minor bugfixes (parsing):
- - Stop accepting milliseconds (or other junk) at the end of
- descriptor publication times. Fixes bug 9286; bugfix on 0.0.2pre25.
- - Support two-number and three-number version numbers correctly, in
- case we change the Tor versioning system in the future. Fixes bug
- 13661; bugfix on 0.0.8pre1.
- o Minor bugfixes (portability):
- - Fix the ioctl()-based network interface lookup code so that it
- will work on systems that have variable-length struct ifreq, for
- example Mac OS X.
- - Use the correct datatype in the SipHash-2-4 function to prevent
- compilers from assuming any sort of alignment. Fixes bug 15436;
- bugfix on 0.2.5.3-alpha.
- o Minor bugfixes (preventative security, C safety):
- - When reading a hexadecimal, base-32, or base-64 encoded value from
- a string, always overwrite the whole output buffer. This prevents
- some bugs where we would look at (but fortunately, not reveal)
- uninitialized memory on the stack. Fixes bug 14013; bugfix on all
- versions of Tor.
- - Clear all memory targetted by tor_addr_{to,from}_sockaddr(), not
- just the part that's used. This makes it harder for data leak bugs
- to occur in the event of other programming failures. Resolves
- ticket 14041.
- o Minor bugfixes (relay):
- - When generating our family list, remove spaces from around the
- entries. Fixes bug 12728; bugfix on 0.2.1.7-alpha.
- - If our previous bandwidth estimate was 0 bytes, allow publishing a
- new relay descriptor immediately. Fixes bug 13000; bugfix
- on 0.1.1.6-alpha.
- o Minor bugfixes (shutdown):
- - When shutting down, always call event_del() on lingering read or
- write events before freeing them. Otherwise, we risk double-frees
- or read-after-frees in event_base_free(). Fixes bug 12985; bugfix
- on 0.1.0.2-rc.
- o Minor bugfixes (small memory leaks):
- - Avoid leaking memory when using IPv6 virtual address mappings.
- Fixes bug 14123; bugfix on 0.2.4.7-alpha. Patch by Tom van
- der Woerdt.
- o Minor bugfixes (statistics):
- - Increase period over which bandwidth observations are aggregated
- from 15 minutes to 4 hours. Fixes bug 13988; bugfix on 0.0.8pre1.
- o Minor bugfixes (systemd support):
- - Run correctly under systemd with the RunAsDaemon option set. Fixes
- part of bug 14141; bugfix on 0.2.5.7-rc. Patch from Tomasz Torcz.
- - Inform the systemd supervisor about more changes in the Tor
- process status. Implements part of ticket 14141. Patch from
- Tomasz Torcz.
- o Minor bugfixes (testing networks):
- - Fix TestingDirAuthVoteGuard to properly give out Guard flags in a
- testing network. Fixes bug 13064; bugfix on 0.2.5.2-alpha.
- - Stop using the default authorities in networks which provide both
- AlternateDirAuthority and AlternateBridgeAuthority. Partially
- fixes bug 13163; bugfix on 0.2.0.13-alpha.
- o Minor bugfixes (testing networks, fast startup):
- - Allow Tor to build circuits using a consensus with no exits. If
- the consensus has no exits (typical of a bootstrapping test
- network), allow Tor to build circuits once enough descriptors have
- been downloaded. This assists in bootstrapping a testing Tor
- network. Fixes bug 13718; bugfix on 0.2.4.10-alpha. Patch
- by "teor".
- - When V3AuthVotingInterval is low, give a lower If-Modified-Since
- header to directory servers. This allows us to obtain consensuses
- promptly when the consensus interval is very short. This assists
- in bootstrapping a testing Tor network. Fixes parts of bugs 13718
- and 13963; bugfix on 0.2.0.3-alpha. Patch by "teor".
- - Stop assuming that private addresses are local when checking
- reachability in a TestingTorNetwork. Instead, when testing, assume
- all OR connections are remote. (This is necessary due to many test
- scenarios running all relays on localhost.) This assists in
- bootstrapping a testing Tor network. Fixes bug 13924; bugfix on
- 0.1.0.1-rc. Patch by "teor".
- - Avoid building exit circuits from a consensus with no exits. Now
- thanks to our fix for 13718, we accept a no-exit network as not
- wholly lost, but we need to remember not to try to build exit
- circuits on it. Closes ticket 13814; patch by "teor".
- - Stop requiring exits to have non-zero bandwithcapacity in a
- TestingTorNetwork. Instead, when TestingMinExitFlagThreshold is 0,
- ignore exit bandwidthcapacity. This assists in bootstrapping a
- testing Tor network. Fixes parts of bugs 13718 and 13839; bugfix
- on 0.2.0.3-alpha. Patch by "teor".
- - Add "internal" to some bootstrap statuses when no exits are
- available. If the consensus does not contain Exits, Tor will only
- build internal circuits. In this case, relevant statuses will
- contain the word "internal" as indicated in the Tor control-
- spec.txt. When bootstrap completes, Tor will be ready to build
- internal circuits. If a future consensus contains Exits, exit
- circuits may become available. Fixes part of bug 13718; bugfix on
- 0.2.4.10-alpha. Patch by "teor".
- - Decrease minimum consensus interval to 10 seconds when
- TestingTorNetwork is set, or 5 seconds for the first consensus.
- Fix assumptions throughout the code that assume larger intervals.
- Fixes bugs 13718 and 13823; bugfix on 0.2.0.3-alpha. Patch
- by "teor".
- - Avoid excluding guards from path building in minimal test
- networks, when we're in a test network and excluding guards would
- exclude all relays. This typically occurs in incredibly small tor
- networks, and those using "TestingAuthVoteGuard *". Fixes part of
- bug 13718; bugfix on 0.1.1.11-alpha. Patch by "teor".
- o Minor bugfixes (testing):
- - Avoid a side-effect in a tor_assert() in the unit tests. Fixes bug
- 15188; bugfix on 0.1.2.3-alpha. Patch from Tom van der Woerdt.
- - Stop spawn test failures due to a race condition between the
- SIGCHLD handler updating the process status, and the test reading
- it. Fixes bug 13291; bugfix on 0.2.3.3-alpha.
- - Avoid passing an extra backslash when creating a temporary
- directory for running the unit tests on Windows. Fixes bug 12392;
- bugfix on 0.2.2.25-alpha. Patch from Gisle Vanem.
- o Minor bugfixes (TLS):
- - Check more thoroughly throughout the TLS code for possible
- unlogged TLS errors. Possible diagnostic or fix for bug 13319.
- o Minor bugfixes (transparent proxy):
- - Use getsockname, not getsockopt, to retrieve the address for a
- TPROXY-redirected connection. Fixes bug 13796; bugfix
- on 0.2.5.2-alpha.
- o Minor bugfixes (windows):
- - Remove code to special-case handling of NTE_BAD_KEYSET when
- acquiring windows CryptoAPI context. This error can't actually
- occur for the parameters we're providing. Fixes bug 10816; bugfix
- on 0.0.2pre26.
- o Minor bugfixes (zlib):
- - Avoid truncating a zlib stream when trying to finalize it with an
- empty output buffer. Fixes bug 11824; bugfix on 0.1.1.23.
- o Code simplification and refactoring:
- - Change the entry_is_live() function to take named bitfield
- elements instead of an unnamed list of booleans. Closes
- ticket 12202.
- - Refactor and unit-test entry_is_time_to_retry() in entrynodes.c.
- Resolves ticket 12205.
- - Use calloc and reallocarray functions instead of multiply-
- then-malloc. This makes it less likely for us to fall victim to an
- integer overflow attack when allocating. Resolves ticket 12855.
- - Use the standard macro name SIZE_MAX, instead of our
- own SIZE_T_MAX.
- - Document usage of the NO_DIRINFO and ALL_DIRINFO flags clearly in
- functions which take them as arguments. Replace 0 with NO_DIRINFO
- in a function call for clarity. Seeks to prevent future issues
- like 13163.
- - Avoid 4 null pointer errors under clang static analysis by using
- tor_assert() to prove that the pointers aren't null. Fixes
- bug 13284.
- - Rework the API of policies_parse_exit_policy() to use a bitmask to
- represent parsing options, instead of a confusing mess of
- booleans. Resolves ticket 8197.
- - Introduce a helper function to parse ExitPolicy in
- or_options_t structure.
- - Move fields related to isolating and configuring client ports into
- a shared structure. Previously, they were duplicated across
- port_cfg_t, listener_connection_t, and edge_connection_t. Failure
- to copy them correctly had been the cause of at least one bug in
- the past. Closes ticket 8546.
- - Refactor the get_interface_addresses_raw() doom-function into
- multiple smaller and simpler subfunctions. Cover the resulting
- subfunctions with unit-tests. Fixes a significant portion of
- issue 12376.
- - Remove workaround in dirserv_thinks_router_is_hs_dir() that was
- only for version <= 0.2.2.24 which is now deprecated. Closes
- ticket 14202.
- - Remove a test for a long-defunct broken version-one
- directory server.
- - Refactor main loop to extract the 'loop' part. This makes it
- easier to run Tor under Shadow. Closes ticket 15176.
- - Stop using can_complete_circuits as a global variable; access it
- with a function instead.
- - Avoid using operators directly as macro arguments: this lets us
- apply coccinelle transformations to our codebase more directly.
- Closes ticket 13172.
- - Combine the functions used to parse ClientTransportPlugin and
- ServerTransportPlugin into a single function. Closes ticket 6456.
- - Add inline functions and convenience macros for inspecting channel
- state. Refactor the code to use convenience macros instead of
- checking channel state directly. Fixes issue 7356.
- - Document all members of was_router_added_t and rename
- ROUTER_WAS_NOT_NEW to ROUTER_IS_ALREADY_KNOWN to make it less
- confusable with ROUTER_WAS_TOO_OLD. Fixes issue 13644.
- - In connection_exit_begin_conn(), use END_CIRC_REASON_TORPROTOCOL
- constant instead of hardcoded value. Fixes issue 13840.
- - Refactor our generic strmap and digestmap types into a single
- implementation, so that we can add a new digest256map
- type trivially.
- o Documentation:
- - Add a doc/TUNING document with tips for handling large numbers of
- TCP connections when running busy Tor relay. Update the warning
- message to point to this file when running out of sockets
- operating system is allowing to use simultaneously. Resolves
- ticket 9708.
- - Adding section on OpenBSD to our TUNING document. Thanks to mmcc
- for writing the OpenBSD-specific tips. Resolves ticket 13702.
- - Make the tor-resolve documentation match its help string and its
- options. Resolves part of ticket 14325.
- - Log a more useful error message from tor-resolve when failing to
- look up a hidden service address. Resolves part of ticket 14325.
- - Document the bridge-authority-only 'networkstatus-bridges' file.
- Closes ticket 13713; patch from "tom".
- - Fix typo in PredictedPortsRelevanceTime option description in
- manpage. Resolves issue 13707.
- - Stop suggesting that users specify relays by nickname: it isn't a
- good idea. Also, properly cross-reference how to specify relays in
- all parts of manual documenting options that take a list of
- relays. Closes ticket 13381.
- - Clarify the HiddenServiceDir option description in manpage to make
- it clear that relative paths are taken with respect to the current
- working directory. Also clarify that this behavior is not
- guaranteed to remain indefinitely. Fixes issue 13913.
- o Distribution (systemd):
- - systemd unit file: only allow tor to write to /var/lib/tor and
- /var/log/tor. The rest of the filesystem is accessible for reading
- only. Patch by intrigeri; resolves ticket 12751.
- - systemd unit file: ensure that the process and all its children
- can never gain new privileges. Patch by intrigeri; resolves
- ticket 12939.
- - systemd unit file: set up /var/run/tor as writable for the Tor
- service. Patch by intrigeri; resolves ticket 13196.
- o Downgraded warnings:
- - Don't warn when we've attempted to contact a relay using the wrong
- ntor onion key. Closes ticket 9635.
- o Removed code:
- - Remove some lingering dead code that once supported mempools.
- Mempools were disabled by default in 0.2.5, and removed entirely
- in 0.2.6.3-alpha. Closes more of ticket 14848; patch
- by "cypherpunks".
- o Removed features (directory authorities):
- - Remove code that prevented authorities from listing Tor relays
- affected by CVE-2011-2769 as guards. These relays are already
- rejected altogether due to the minimum version requirement of
- 0.2.3.16-alpha. Closes ticket 13152.
- - The "AuthDirRejectUnlisted" option no longer has any effect, as
- the fingerprints file (approved-routers) has been deprecated.
- - Directory authorities do not support being Naming dirauths anymore.
- The "NamingAuthoritativeDir" config option is now obsolete.
- - Directory authorities do not support giving out the BadDirectory
- flag anymore.
- - Directory authorities no longer advertise or support consensus
- methods 1 through 12 inclusive. These consensus methods were
- obsolete and/or insecure: maintaining the ability to support them
- served no good purpose. Implements part of proposal 215; closes
- ticket 10163.
- o Removed features:
- - To avoid confusion with the "ExitRelay" option, "ExitNode" is no
- longer silently accepted as an alias for "ExitNodes".
- - The --enable-mempool and --enable-buf-freelists options, which
- were originally created to work around bad malloc implementations,
- no longer exist. They were off-by-default in 0.2.5. Closes
- ticket 14848.
- - We no longer remind the user about configuration options that have
- been obsolete since 0.2.3.x or earlier. Patch by Adrien Bak.
- - Remove our old, non-weighted bandwidth-based node selection code.
- Previously, we used it as a fallback when we couldn't perform
- weighted bandwidth-based node selection. But that would only
- happen in the cases where we had no consensus, or when we had a
- consensus generated by buggy or ancient directory authorities. In
- either case, it's better to use the more modern, better maintained
- algorithm, with reasonable defaults for the weights. Closes
- ticket 13126.
- - Remove the --disable-curve25519 configure option. Relays and
- clients now are required to support curve25519 and the
- ntor handshake.
- - The old "StrictEntryNodes" and "StrictExitNodes" options, which
- used to be deprecated synonyms for "StrictNodes", are now marked
- obsolete. Resolves ticket 12226.
- - Clients don't understand the BadDirectory flag in the consensus
- anymore, and ignore it.
- o Removed platform support:
- - We no longer include special code to build on Windows CE; as far
- as we know, nobody has used Tor on Windows CE in a very long time.
- Closes ticket 11446.
- o Testing (test-network.sh):
- - Stop using "echo -n", as some shells' built-in echo doesn't
- support "-n". Instead, use "/bin/echo -n". Partially fixes
- bug 13161.
- - Stop an apparent test-network hang when used with make -j2. Fixes
- bug 13331.
- - Add a --delay option to test-network.sh, which configures the
- delay before the chutney network tests for data transmission.
- Partially implements ticket 13161.
- o Testing:
- - Test that tor does not fail when key files are zero-length. Check
- that tor generates new keys, and overwrites the empty key files.
- - Test that tor generates new keys when keys are missing
- (existing behavior).
- - Test that tor does not overwrite key files that already contain
- data (existing behavior). Tests bug 13111. Patch by "teor".
- - New "make test-stem" target to run stem integration tests.
- Requires that the "STEM_SOURCE_DIR" environment variable be set.
- Closes ticket 14107.
- - Make the test_cmdline_args.py script work correctly on Windows.
- Patch from Gisle Vanem.
- - Move the slower unit tests into a new "./src/test/test-slow"
- binary that can be run independently of the other tests. Closes
- ticket 13243.
- - New tests for many parts of channel, relay, and circuitmux
- functionality. Code by Andrea; part of 9262.
- - New tests for parse_transport_line(). Part of ticket 6456.
- - In the unit tests, use chgrp() to change the group of the unit
- test temporary directory to the current user, so that the sticky
- bit doesn't interfere with tests that check directory groups.
- Closes 13678.
- - Add unit tests for resolve_my_addr(). Part of ticket 12376; patch
- by 'rl1987'.
- - Refactor the function that chooses guard nodes so that it can more
- easily be tested; write some tests for it.
- - Fix and re-enable the fgets_eagain unit test. Fixes bug 12503;
- bugfix on 0.2.3.1-alpha. Patch from "cypherpunks."
- - Create unit tests for format_time_interval(). With bug 13393.
- - Add unit tests for tor_timegm signed overflow, tor_timegm and
- parse_rfc1123_time validity checks, correct_tm year clamping. Unit
- tests (visible) fixes in bug 13476.
- - Add a "coverage-html" make target to generate HTML-visualized
- coverage results when building with --enable-coverage. (Requires
- lcov.) Patch from Kevin Murray.
- - Enable the backtrace handler (where supported) when running the
- unit tests.
- - Revise all unit tests that used the legacy test_* macros to
- instead use the recommended tt_* macros. This patch was generated
- with coccinelle, to avoid manual errors. Closes ticket 13119.
- Changes in version 0.2.5.11 - 2015-03-17
- Tor 0.2.5.11 is the second stable release in the 0.2.5 series.
- It backports several bugfixes from the 0.2.6 branch, including a
- couple of medium-level security fixes for relays and exit nodes.
- It also updates the list of directory authorities.
- o Directory authority changes:
- - Remove turtles as a directory authority.
- - Add longclaw as a new (v3) directory authority. This implements
- ticket 13296. This keeps the directory authority count at 9.
- - The directory authority Faravahar has a new IP address. This
- closes ticket 14487.
- o Major bugfixes (crash, OSX, security):
- - Fix a remote denial-of-service opportunity caused by a bug in
- OSX's _strlcat_chk() function. Fixes bug 15205; bug first appeared
- in OSX 10.9.
- o Major bugfixes (relay, stability, possible security):
- - Fix a bug that could lead to a relay crashing with an assertion
- failure if a buffer of exactly the wrong layout was passed to
- buf_pullup() at exactly the wrong time. Fixes bug 15083; bugfix on
- 0.2.0.10-alpha. Patch from 'cypherpunks'.
- - Do not assert if the 'data' pointer on a buffer is advanced to the
- very end of the buffer; log a BUG message instead. Only assert if
- it is past that point. Fixes bug 15083; bugfix on 0.2.0.10-alpha.
- o Major bugfixes (exit node stability):
- - Fix an assertion failure that could occur under high DNS load.
- Fixes bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr";
- diagnosed and fixed by "cypherpunks".
- o Major bugfixes (Linux seccomp2 sandbox):
- - Upon receiving sighup with the seccomp2 sandbox enabled, do not
- crash during attempts to call wait4. Fixes bug 15088; bugfix on
- 0.2.5.1-alpha. Patch from "sanic".
- o Minor features (controller):
- - New "GETINFO bw-event-cache" to get information about recent
- bandwidth events. Closes ticket 14128. Useful for controllers to
- get recent bandwidth history after the fix for ticket 13988.
- o Minor features (geoip):
- - Update geoip to the March 3 2015 Maxmind GeoLite2 Country database.
- - Update geoip6 to the March 3 2015 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (client, automapping):
- - Avoid crashing on torrc lines for VirtualAddrNetworkIPv[4|6] when
- no value follows the option. Fixes bug 14142; bugfix on
- 0.2.4.7-alpha. Patch by "teor".
- - Fix a memory leak when using AutomapHostsOnResolve. Fixes bug
- 14195; bugfix on 0.1.0.1-rc.
- o Minor bugfixes (compilation):
- - Build without warnings with the stock OpenSSL srtp.h header, which
- has a duplicate declaration of SSL_get_selected_srtp_profile().
- Fixes bug 14220; this is OpenSSL's bug, not ours.
- o Minor bugfixes (directory authority):
- - Allow directory authorities to fetch more data from one another if
- they find themselves missing lots of votes. Previously, they had
- been bumping against the 10 MB queued data limit. Fixes bug 14261;
- bugfix on 0.1.2.5-alpha.
- - Enlarge the buffer to read bwauth generated files to avoid an
- issue when parsing the file in dirserv_read_measured_bandwidths().
- Fixes bug 14125; bugfix on 0.2.2.1-alpha.
- o Minor bugfixes (statistics):
- - Increase period over which bandwidth observations are aggregated
- from 15 minutes to 4 hours. Fixes bug 13988; bugfix on 0.0.8pre1.
- o Minor bugfixes (preventative security, C safety):
- - When reading a hexadecimal, base-32, or base-64 encoded value from
- a string, always overwrite the whole output buffer. This prevents
- some bugs where we would look at (but fortunately, not reveal)
- uninitialized memory on the stack. Fixes bug 14013; bugfix on all
- versions of Tor.
- Changes in version 0.2.4.26 - 2015-03-17
- Tor 0.2.4.26 includes an updated list of directory authorities. It
- also backports a couple of stability and security bugfixes from 0.2.5
- and beyond.
- o Directory authority changes:
- - Remove turtles as a directory authority.
- - Add longclaw as a new (v3) directory authority. This implements
- ticket 13296. This keeps the directory authority count at 9.
- - The directory authority Faravahar has a new IP address. This
- closes ticket 14487.
- o Major bugfixes (exit node stability, also in 0.2.6.3-alpha):
- - Fix an assertion failure that could occur under high DNS load.
- Fixes bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr";
- diagnosed and fixed by "cypherpunks".
- o Major bugfixes (relay, stability, possible security, also in 0.2.6.4-rc):
- - Fix a bug that could lead to a relay crashing with an assertion
- failure if a buffer of exactly the wrong layout was passed to
- buf_pullup() at exactly the wrong time. Fixes bug 15083; bugfix on
- 0.2.0.10-alpha. Patch from 'cypherpunks'.
- - Do not assert if the 'data' pointer on a buffer is advanced to the
- very end of the buffer; log a BUG message instead. Only assert if
- it is past that point. Fixes bug 15083; bugfix on 0.2.0.10-alpha.
- o Minor features (geoip):
- - Update geoip to the March 3 2015 Maxmind GeoLite2 Country database.
- - Update geoip6 to the March 3 2015 Maxmind GeoLite2
- Country database.
- Changes in version 0.2.5.10 - 2014-10-24
- Tor 0.2.5.10 is the first stable release in the 0.2.5 series.
- It adds several new security features, including improved
- denial-of-service resistance for relays, new compiler hardening
- options, and a system-call sandbox for hardened installations on Linux
- (requires seccomp2). The controller protocol has several new features,
- resolving IPv6 addresses should work better than before, and relays
- should be a little more CPU-efficient. We've added support for more
- OpenBSD and FreeBSD transparent proxy types. We've improved the build
- system and testing infrastructure to allow unit testing of more parts
- of the Tor codebase. Finally, we've addressed several nagging pluggable
- transport usability issues, and included numerous other small bugfixes
- and features mentioned below.
- This release marks end-of-life for Tor 0.2.3.x; those Tor versions
- have accumulated many known flaws; everyone should upgrade.
- o Major features (security):
- - The ntor handshake is now on-by-default, no matter what the
- directory authorities recommend. Implements ticket 8561.
- - Make the "tor-gencert" tool used by directory authority operators
- create 2048-bit signing keys by default (rather than 1024-bit, since
- 1024-bit is uncomfortably small these days). Addresses ticket 10324.
- - Warn about attempts to run hidden services and relays in the same
- process: that's probably not a good idea. Closes ticket 12908.
- - Disable support for SSLv3. All versions of OpenSSL in use with Tor
- today support TLS 1.0 or later, so we can safely turn off support
- for this old (and insecure) protocol. Fixes bug 13426.
- o Major features (relay security, DoS-resistance):
- - When deciding whether we have run out of memory and we need to
- close circuits, also consider memory allocated in buffers for
- streams attached to each circuit.
- This change, which extends an anti-DoS feature introduced in
- 0.2.4.13-alpha and improved in 0.2.4.14-alpha, lets Tor exit relays
- better resist more memory-based DoS attacks than before. Since the
- MaxMemInCellQueues option now applies to all queues, it is renamed
- to MaxMemInQueues. This feature fixes bug 10169.
- - Avoid hash-flooding denial-of-service attacks by using the secure
- SipHash-2-4 hash function for our hashtables. Without this
- feature, an attacker could degrade performance of a targeted
- client or server by flooding their data structures with a large
- number of entries to be stored at the same hash table position,
- thereby slowing down the Tor instance. With this feature, hash
- table positions are derived from a randomized cryptographic key,
- and an attacker cannot predict which entries will collide. Closes
- ticket 4900.
- - If you don't specify MaxMemInQueues yourself, Tor now tries to
- pick a good value based on your total system memory. Previously,
- the default was always 8 GB. You can still override the default by
- setting MaxMemInQueues yourself. Resolves ticket 11396.
- o Major features (bridges and pluggable transports):
- - Add support for passing arguments to managed pluggable transport
- proxies. Implements ticket 3594.
- - Bridges now track GeoIP information and the number of their users
- even when pluggable transports are in use, and report usage
- statistics in their extra-info descriptors. Resolves tickets 4773
- and 5040.
- - Don't launch pluggable transport proxies if we don't have any
- bridges configured that would use them. Now we can list many
- pluggable transports, and Tor will dynamically start one when it
- hears a bridge address that needs it. Resolves ticket 5018.
- - The bridge directory authority now assigns status flags (Stable,
- Guard, etc) to bridges based on thresholds calculated over all
- Running bridges. Now bridgedb can finally make use of its features
- to e.g. include at least one Stable bridge in its answers. Fixes
- bug 9859.
- o Major features (controller):
- - Extend ORCONN controller event to include an "ID" parameter,
- and add four new controller event types CONN_BW, CIRC_BW,
- CELL_STATS, and TB_EMPTY that show connection and circuit usage.
- The new events are emitted in private Tor networks only, with the
- goal of being able to better track performance and load during
- full-network simulations. Implements proposal 218 and ticket 7359.
- o Major features (relay performance):
- - Speed up server-side lookups of rendezvous and introduction point
- circuits by using hashtables instead of linear searches. These
- functions previously accounted between 3 and 7% of CPU usage on
- some busy relays. Resolves ticket 9841.
- - Avoid wasting CPU when extending a circuit over a channel that is
- nearly out of circuit IDs. Previously, we would do a linear scan
- over possible circuit IDs before finding one or deciding that we
- had exhausted our possibilities. Now, we try at most 64 random
- circuit IDs before deciding that we probably won't succeed. Fixes
- a possible root cause of ticket 11553.
- o Major features (seccomp2 sandbox, Linux only):
- - Use the seccomp2 syscall filtering facility on Linux to limit
- which system calls Tor can invoke. This is an experimental,
- Linux-only feature to provide defense-in-depth against unknown
- attacks. To try turning it on, set "Sandbox 1" in your torrc
- file. Please be ready to report bugs. We hope to add support
- for better sandboxing in the future, including more fine-grained
- filters, better division of responsibility, and support for more
- platforms. This work has been done by Cristian-Matei Toader for
- Google Summer of Code. Resolves tickets 11351 and 11465.
- o Major features (testing networks):
- - Make testing Tor networks bootstrap better: lower directory fetch
- retry schedules and maximum interval without directory requests,
- and raise maximum download tries. Implements ticket 6752.
- - Add make target 'test-network' to run tests on a Chutney network.
- Implements ticket 8530.
- o Major features (other):
- - On some platforms (currently: recent OSX versions, glibc-based
- platforms that support the ELF format, and a few other
- Unix-like operating systems), Tor can now dump stack traces
- when a crash occurs or an assertion fails. By default, traces
- are dumped to stderr (if possible) and to any logs that are
- reporting errors. Implements ticket 9299.
- o Deprecated versions:
- - Tor 0.2.3.x has reached end-of-life; it has received no patches or
- attention for some while.
- o Major bugfixes (security, directory authorities):
- - Directory authorities now include a digest of each relay's
- identity key as a part of its microdescriptor.
- This is a workaround for bug 11743 (reported by "cypherpunks"),
- where Tor clients do not support receiving multiple
- microdescriptors with the same SHA256 digest in the same
- consensus. When clients receive a consensus like this, they only
- use one of the relays. Without this fix, a hostile relay could
- selectively disable some client use of target relays by
- constructing a router descriptor with a different identity and the
- same microdescriptor parameters and getting the authorities to
- list it in a microdescriptor consensus. This fix prevents an
- attacker from causing a microdescriptor collision, because the
- router's identity is not forgeable.
- o Major bugfixes (openssl bug workaround):
- - Avoid crashing when using OpenSSL version 0.9.8zc, 1.0.0o, or
- 1.0.1j, built with the 'no-ssl3' configuration option. Fixes
- bug 13471. This is a workaround for an OpenSSL bug.
- o Major bugfixes (client):
- - Perform circuit cleanup operations even when circuit
- construction operations are disabled (because the network is
- disabled, or because there isn't enough directory information).
- Previously, when we were not building predictive circuits, we
- were not closing expired circuits either. Fixes bug 8387; bugfix on
- 0.1.1.11-alpha. This bug became visible in 0.2.4.10-alpha when we
- became more strict about when we have "enough directory information
- to build circuits".
- o Major bugfixes (client, pluggable transports):
- - When managing pluggable transports, use OS notification facilities
- to learn if they have crashed, and don't attempt to kill any
- process that has already exited. Fixes bug 8746; bugfix
- on 0.2.3.6-alpha.
- o Major bugfixes (relay denial of service):
- - Instead of writing destroy cells directly to outgoing connection
- buffers, queue them and intersperse them with other outgoing cells.
- This can prevent a set of resource starvation conditions where too
- many pending destroy cells prevent data cells from actually getting
- delivered. Reported by "oftc_must_be_destroyed". Fixes bug 7912;
- bugfix on 0.2.0.1-alpha.
- o Major bugfixes (relay):
- - Avoid queuing or sending destroy cells for circuit ID zero when we
- fail to send a CREATE cell. Fixes bug 12848; bugfix on 0.0.8pre1.
- Found and fixed by "cypherpunks".
- - Fix ORPort reachability detection on relays running behind a
- proxy, by correctly updating the "local" mark on the controlling
- channel when changing the address of an or_connection_t after the
- handshake. Fixes bug 12160; bugfix on 0.2.4.4-alpha.
- - Use a direct dirport connection when uploading non-anonymous
- descriptors to the directory authorities. Previously, relays would
- incorrectly use tunnel connections under a fairly wide variety of
- circumstances. Fixes bug 11469; bugfix on 0.2.4.3-alpha.
- - When a circuit accidentally has the same circuit ID for its
- forward and reverse direction, correctly detect the direction of
- cells using that circuit. Previously, this bug made roughly one
- circuit in a million non-functional. Fixes bug 12195; this is a
- bugfix on every version of Tor.
- o Minor features (security):
- - New --enable-expensive-hardening option to enable security
- hardening options that consume nontrivial amounts of CPU and
- memory. Right now, this includes AddressSanitizer and UbSan, which
- are supported in newer versions of GCC and Clang. Closes ticket
- 11477.
- - Authorities now assign the Guard flag to the fastest 25% of the
- network (it used to be the fastest 50%). Also raise the consensus
- weight that guarantees the Guard flag from 250 to 2000. For the
- current network, this results in about 1100 guards, down from 2500.
- This step paves the way for moving the number of entry guards
- down to 1 (proposal 236) while still providing reasonable expected
- performance for most users. Implements ticket 12690.
- o Minor features (security, memory management):
- - Memory allocation tricks (mempools and buffer freelists) are now
- disabled by default. You can turn them back on with
- --enable-mempools and --enable-buf-freelists respectively. We're
- disabling these features because malloc performance is good enough
- on most platforms, and a similar feature in OpenSSL exacerbated
- exploitation of the Heartbleed attack. Resolves ticket 11476.
- o Minor features (bridge client):
- - Report a more useful failure message when we can't connect to a
- bridge because we don't have the right pluggable transport
- configured. Resolves ticket 9665. Patch from Fábio J. Bertinatto.
- o Minor features (bridge):
- - Add an ExtORPortCookieAuthFileGroupReadable option to make the
- cookie file for the ExtORPort g+r by default.
- o Minor features (bridges, pluggable transports):
- - Bridges now write the SHA1 digest of their identity key
- fingerprint (that is, a hash of a hash of their public key) to
- notice-level logs, and to a new hashed-fingerprint file. This
- information will help bridge operators look up their bridge in
- Globe and similar tools. Resolves ticket 10884.
- - Improve the message that Tor displays when running as a bridge
- using pluggable transports without an Extended ORPort listener.
- Also, log the message in the log file too. Resolves ticket 11043.
- - Add threshold cutoffs to the networkstatus document created by
- the Bridge Authority. Fixes bug 1117.
- - On Windows, spawn background processes using the CREATE_NO_WINDOW
- flag. Now Tor Browser Bundle 3.5 with pluggable transports enabled
- doesn't pop up a blank console window. (In Tor Browser Bundle 2.x,
- Vidalia set this option for us.) Implements ticket 10297.
- o Minor features (build):
- - The configure script has a --disable-seccomp option to turn off
- support for libseccomp on systems that have it, in case it (or
- Tor's use of it) is broken. Resolves ticket 11628.
- - Assume that a user using ./configure --host wants to cross-compile,
- and give an error if we cannot find a properly named
- tool-chain. Add a --disable-tool-name-check option to proceed
- nevertheless. Addresses ticket 9869. Patch by Benedikt Gollatz.
- - If we run ./configure and the compiler recognizes -fstack-protector
- but the linker rejects it, warn the user about a potentially missing
- libssp package. Addresses ticket 9948. Patch from Benedikt Gollatz.
- - Add support for `--library-versions` flag. Implements ticket 6384.
- - Return the "unexpected sendme" warnings to a warn severity, but make
- them rate limited, to help diagnose ticket 8093.
- - Detect a missing asciidoc, and warn the user about it, during
- configure rather than at build time. Fixes issue 6506. Patch from
- Arlo Breault.
- o Minor features (client):
- - Add a new option, PredictedPortsRelevanceTime, to control how long
- after having received a request to connect to a given port Tor
- will try to keep circuits ready in anticipation of future requests
- for that port. Patch from "unixninja92"; implements ticket 9176.
- o Minor features (config options and command line):
- - Add an --allow-missing-torrc commandline option that tells Tor to
- run even if the configuration file specified by -f is not available.
- Implements ticket 10060.
- - Add support for the TPROXY transparent proxying facility on Linux.
- See documentation for the new TransProxyType option for more
- details. Implementation by "thomo". Closes ticket 10582.
- o Minor features (config options):
- - Config (torrc) lines now handle fingerprints which are missing
- their initial '$'. Resolves ticket 4341; improvement over 0.0.9pre5.
- - Support a --dump-config option to print some or all of the
- configured options. Mainly useful for debugging the command-line
- option parsing code. Helps resolve ticket 4647.
- - Raise awareness of safer logging: notify user of potentially
- unsafe config options, like logging more verbosely than severity
- "notice" or setting SafeLogging to 0. Resolves ticket 5584.
- - Add a new configuration option TestingV3AuthVotingStartOffset
- that bootstraps a network faster by changing the timing for
- consensus votes. Addresses ticket 8532.
- - Add a new torrc option "ServerTransportOptions" that allows
- bridge operators to pass configuration parameters to their
- pluggable transports. Resolves ticket 8929.
- - The config (torrc) file now accepts bandwidth and space limits in
- bits as well as bytes. (Anywhere that you can say "2 Kilobytes",
- you can now say "16 kilobits", and so on.) Resolves ticket 9214.
- Patch by CharlieB.
- o Minor features (controller):
- - Make the entire exit policy available from the control port via
- GETINFO exit-policy/*. Implements enhancement 7952. Patch from
- "rl1987".
- - Because of the fix for ticket 11396, the real limit for memory
- usage may no longer match the configured MaxMemInQueues value. The
- real limit is now exposed via GETINFO limits/max-mem-in-queues.
- - Add a new "HS_DESC" controller event that reports activities
- related to hidden service descriptors. Resolves ticket 8510.
- - New "DROPGUARDS" controller command to forget all current entry
- guards. Not recommended for ordinary use, since replacing guards
- too frequently makes several attacks easier. Resolves ticket 9934;
- patch from "ra".
- - Implement the TRANSPORT_LAUNCHED control port event that
- notifies controllers about new launched pluggable
- transports. Resolves ticket 5609.
- o Minor features (diagnostic):
- - When logging a warning because of bug 7164, additionally check the
- hash table for consistency (as proposed on ticket 11737). This may
- help diagnose bug 7164.
- - When we log a heartbeat, log how many one-hop circuits we have
- that are at least 30 minutes old, and log status information about
- a few of them. This is an attempt to track down bug 8387.
- - When encountering an unexpected CR while writing text to a file on
- Windows, log the name of the file. Should help diagnosing
- bug 11233.
- - Give more specific warnings when a client notices that an onion
- handshake has failed. Fixes ticket 9635.
- - Add significant new logging code to attempt to diagnose bug 12184,
- where relays seem to run out of available circuit IDs.
- - Improve the diagnostic log message for bug 8387 even further to
- try to improve our odds of figuring out why one-hop directory
- circuits sometimes do not get closed.
- - Add more log messages to diagnose bug 7164, which causes
- intermittent "microdesc_free() called but md was still referenced"
- warnings. We now include more information, to figure out why we
- might be cleaning a microdescriptor for being too old if it's
- still referenced by a live node_t object.
- - Log current accounting state (bytes sent and received + remaining
- time for the current accounting period) in the relay's heartbeat
- message. Implements ticket 5526; patch from Peter Retzlaff.
- o Minor features (geoip):
- - Update geoip and geoip6 to the August 7 2014 Maxmind GeoLite2
- Country database.
- o Minor features (interface):
- - Generate a warning if any ports are listed in the SocksPolicy,
- DirPolicy, AuthDirReject, AuthDirInvalid, AuthDirBadDir, or
- AuthDirBadExit options. (These options only support address
- ranges.) Fixes part of ticket 11108.
- o Minor features (kernel API usage):
- - Use the SOCK_NONBLOCK socket type, if supported, to open nonblocking
- sockets in a single system call. Implements ticket 5129.
- o Minor features (log messages):
- - When ServerTransportPlugin is set on a bridge, Tor can write more
- useful statistics about bridge use in its extrainfo descriptors,
- but only if the Extended ORPort ("ExtORPort") is set too. Add a
- log message to inform the user in this case. Resolves ticket 9651.
- - When receiving a new controller connection, log the origin address.
- Resolves ticket 9698; patch from "sigpipe".
- - When logging OpenSSL engine status at startup, log the status of
- more engines. Fixes ticket 10043; patch from Joshua Datko.
- o Minor features (log verbosity):
- - Demote the message that we give when a flushing connection times
- out for too long from NOTICE to INFO. It was usually meaningless.
- Resolves ticket 5286.
- - Don't log so many notice-level bootstrapping messages at startup
- about downloading descriptors. Previously, we'd log a notice
- whenever we learned about more routers. Now, we only log a notice
- at every 5% of progress. Fixes bug 9963.
- - Warn less verbosely when receiving a malformed
- ESTABLISH_RENDEZVOUS cell. Fixes ticket 11279.
- o Minor features (performance):
- - If we're using the pure-C 32-bit curve25519_donna implementation
- of curve25519, build it with the -fomit-frame-pointer option to
- make it go faster on register-starved hosts. This improves our
- handshake performance by about 6% on i386 hosts without nacl.
- Closes ticket 8109.
- o Minor features (relay):
- - If a circuit timed out for at least 3 minutes, check if we have a
- new external IP address, and publish a new descriptor with the new
- IP address if it changed. Resolves ticket 2454.
- o Minor features (testing):
- - If Python is installed, "make check" now runs extra tests beyond
- the unit test scripts.
- - When bootstrapping a test network, sometimes very few relays get
- the Guard flag. Now a new option "TestingDirAuthVoteGuard" can
- specify a set of relays which should be voted Guard regardless of
- their uptime or bandwidth. Addresses ticket 9206.
- o Minor features (transparent proxy, *BSD):
- - Support FreeBSD's ipfw firewall interface for TransPort ports on
- FreeBSD. To enable it, set "TransProxyType ipfw". Resolves ticket
- 10267; patch from "yurivict".
- - Support OpenBSD's divert-to rules with the pf firewall for
- transparent proxy ports. To enable it, set "TransProxyType
- pf-divert". This allows Tor to run a TransPort transparent proxy
- port on OpenBSD 4.4 or later without root privileges. See the
- pf.conf(5) manual page for information on configuring pf to use
- divert-to rules. Closes ticket 10896; patch from Dana Koch.
- o Minor bugfixes (bridge client):
- - Stop accepting bridge lines containing hostnames. Doing so would
- cause clients to perform DNS requests on the hostnames, which was
- not sensible behavior. Fixes bug 10801; bugfix on 0.2.0.1-alpha.
- o Minor bugfixes (bridges):
- - Avoid potential crashes or bad behavior when launching a
- server-side managed proxy with ORPort or ExtORPort temporarily
- disabled. Fixes bug 9650; bugfix on 0.2.3.16-alpha.
- - Fix a bug where the first connection works to a bridge that uses a
- pluggable transport with client-side parameters, but we don't send
- the client-side parameters on subsequent connections. (We don't
- use any pluggable transports with client-side parameters yet,
- but ScrambleSuit will soon become the first one.) Fixes bug 9162;
- bugfix on 0.2.0.3-alpha. Based on a patch from "rl1987".
- o Minor bugfixes (build, auxiliary programs):
- - Stop preprocessing the "torify" script with autoconf, since
- it no longer refers to LOCALSTATEDIR. Fixes bug 5505; patch
- from Guilhem.
- - The tor-fw-helper program now follows the standard convention and
- exits with status code "0" on success. Fixes bug 9030; bugfix on
- 0.2.3.1-alpha. Patch by Arlo Breault.
- - Corrected ./configure advice for what openssl dev package you should
- install on Debian. Fixes bug 9207; bugfix on 0.2.0.1-alpha.
- o Minor bugfixes (client):
- - Avoid "Tried to open a socket with DisableNetwork set" warnings
- when starting a client with bridges configured and DisableNetwork
- set. (Tor launcher starts Tor with DisableNetwork set the first
- time it runs.) Fixes bug 10405; bugfix on 0.2.3.9-alpha.
- - Improve the log message when we can't connect to a hidden service
- because all of the hidden service directory nodes hosting its
- descriptor are excluded. Improves on our fix for bug 10722, which
- was a bugfix on 0.2.0.10-alpha.
- - Raise a control port warning when we fail to connect to all of
- our bridges. Previously, we didn't inform the controller, and
- the bootstrap process would stall. Fixes bug 11069; bugfix on
- 0.2.1.2-alpha.
- - Exit immediately when a process-owning controller exits.
- Previously, tor relays would wait for a little while after their
- controller exited, as if they had gotten an INT signal -- but this
- was problematic, since there was no feedback for the user. To do a
- clean shutdown, controllers should send an INT signal and give Tor
- a chance to clean up. Fixes bug 10449; bugfix on 0.2.2.28-beta.
- - Stop attempting to connect to bridges before our pluggable
- transports are configured (harmless but resulted in some erroneous
- log messages). Fixes bug 11156; bugfix on 0.2.3.2-alpha.
- - Fix connections to IPv6 addresses over SOCKS5. Previously, we were
- generating incorrect SOCKS5 responses, and confusing client
- applications. Fixes bug 10987; bugfix on 0.2.4.7-alpha.
- o Minor bugfixes (client, DNSPort):
- - When using DNSPort, try to respond to AAAA requests with AAAA
- answers. Previously, we hadn't looked at the request type when
- deciding which answer type to prefer. Fixes bug 10468; bugfix on
- 0.2.4.7-alpha.
- - When receiving a DNS query for an unsupported record type, reply
- with no answer rather than with a NOTIMPL error. This behavior
- isn't correct either, but it will break fewer client programs, we
- hope. Fixes bug 10268; bugfix on 0.2.0.1-alpha. Original patch
- from "epoch".
- o Minor bugfixes (client, logging during bootstrap):
- - Only report the first fatal bootstrap error on a given OR
- connection. This stops us from telling the controller bogus error
- messages like "DONE". Fixes bug 10431; bugfix on 0.2.1.1-alpha.
- - Avoid generating spurious warnings when starting with
- DisableNetwork enabled. Fixes bug 11200 and bug 10405; bugfix on
- 0.2.3.9-alpha.
- o Minor bugfixes (closing OR connections):
- - If write_to_buf() in connection_write_to_buf_impl_() ever fails,
- check if it's an or_connection_t and correctly call
- connection_or_close_for_error() rather than
- connection_mark_for_close() directly. Fixes bug 11304; bugfix on
- 0.2.4.4-alpha.
- - When closing all connections on setting DisableNetwork to 1, use
- connection_or_close_normally() rather than closing OR connections
- out from under the channel layer. Fixes bug 11306; bugfix on
- 0.2.4.4-alpha.
- o Minor bugfixes (code correctness):
- - Previously we used two temporary files when writing descriptors to
- disk; now we only use one. Fixes bug 1376.
- - Remove an erroneous (but impossible and thus harmless) pointer
- comparison that would have allowed compilers to skip a bounds
- check in channeltls.c. Fixes bugs 10313 and 9980; bugfix on
- 0.2.0.10-alpha. Noticed by Jared L Wong and David Fifield.
- - Fix an always-true assertion in pluggable transports code so it
- actually checks what it was trying to check. Fixes bug 10046;
- bugfix on 0.2.3.9-alpha. Found by "dcb".
- o Minor bugfixes (command line):
- - Use a single command-line parser for parsing torrc options on the
- command line and for finding special command-line options to avoid
- inconsistent behavior for torrc option arguments that have the same
- names as command-line options. Fixes bugs 4647 and 9578; bugfix on
- 0.0.9pre5.
- - No longer allow 'tor --hash-password' with no arguments. Fixes bug
- 9573; bugfix on 0.0.9pre5.
- o Minor bugfixes (compilation):
- - Compile correctly with builds and forks of OpenSSL (such as
- LibreSSL) that disable compression. Fixes bug 12602; bugfix on
- 0.2.1.1-alpha. Patch from "dhill".
- - Restore the ability to compile Tor with V2_HANDSHAKE_SERVER
- turned off (that is, without support for v2 link handshakes). Fixes
- bug 4677; bugfix on 0.2.3.2-alpha. Patch from "piet".
- - In routerlist_assert_ok(), don't take the address of a
- routerinfo's cache_info member unless that routerinfo is non-NULL.
- Fixes bug 13096; bugfix on 0.1.1.9-alpha. Patch by "teor".
- - Fix a large number of false positive warnings from the clang
- analyzer static analysis tool. This should make real warnings
- easier for clang analyzer to find. Patch from "teor". Closes
- ticket 13036.
- - Resolve GCC complaints on OpenBSD about discarding constness in
- TO_{ORIGIN,OR}_CIRCUIT functions. Fixes part of bug 11633; bugfix
- on 0.1.1.23. Patch from Dana Koch.
- - Resolve clang complaints on OpenBSD with -Wshorten-64-to-32 due to
- treatment of long and time_t as comparable types. Fixes part of
- bug 11633. Patch from Dana Koch.
- - When deciding whether to build the 64-bit curve25519
- implementation, detect platforms where we can compile 128-bit
- arithmetic but cannot link it. Fixes bug 11729; bugfix on
- 0.2.4.8-alpha. Patch from "conradev".
- - Fix compilation when DNS_CACHE_DEBUG is enabled. Fixes bug 11761;
- bugfix on 0.2.3.13-alpha. Found by "cypherpunks".
- - Fix compilation with dmalloc. Fixes bug 11605; bugfix
- on 0.2.4.10-alpha.
- - Build and run correctly on systems like OpenBSD-current that have
- patched OpenSSL to remove get_cipher_by_char and/or its
- implementations. Fixes issue 13325.
- o Minor bugfixes (controller and command-line):
- - If changing a config option via "setconf" fails in a recoverable
- way, we used to nonetheless write our new control ports to the
- file described by the "ControlPortWriteToFile" option. Now we only
- write out that file if we successfully switch to the new config
- option. Fixes bug 5605; bugfix on 0.2.2.26-beta. Patch from "Ryman".
- o Minor bugfixes (directory server):
- - No longer accept malformed http headers when parsing urls from
- headers. Now we reply with Bad Request ("400"). Fixes bug 2767;
- bugfix on 0.0.6pre1.
- - When sending a compressed set of descriptors or microdescriptors,
- make sure to finalize the zlib stream. Previously, we would write
- all the compressed data, but if the last descriptor we wanted to
- send was missing or too old, we would not mark the stream as
- finished. This caused problems for decompression tools. Fixes bug
- 11648; bugfix on 0.1.1.23.
- o Minor bugfixes (hidden service):
- - Only retry attempts to connect to a chosen rendezvous point 8
- times, not 30. Fixes bug 4241; bugfix on 0.1.0.1-rc.
- o Minor bugfixes (interface):
- - Reject relative control socket paths and emit a warning. Previously,
- single-component control socket paths would be rejected, but Tor
- would not log why it could not validate the config. Fixes bug 9258;
- bugfix on 0.2.3.16-alpha.
- o Minor bugfixes (log messages):
- - Fix a bug where clients using bridges would report themselves
- as 50% bootstrapped even without a live consensus document.
- Fixes bug 9922; bugfix on 0.2.1.1-alpha.
- - Suppress a warning where, if there's only one directory authority
- in the network, we would complain that votes and signatures cannot
- be uploaded to other directory authorities. Fixes bug 10842;
- bugfix on 0.2.2.26-beta.
- - Report bootstrapping progress correctly when we're downloading
- microdescriptors. We had updated our "do we have enough microdescs
- to begin building circuits?" logic most recently in 0.2.4.10-alpha
- (see bug 5956), but we left the bootstrap status event logic at
- "how far through getting 1/4 of them are we?" Fixes bug 9958;
- bugfix on 0.2.2.36, which is where they diverged (see bug 5343).
- o Minor bugfixes (logging):
- - Downgrade "Unexpected onionskin length after decryption" warning
- to a protocol-warn, since there's nothing relay operators can do
- about a client that sends them a malformed create cell. Resolves
- bug 12996; bugfix on 0.0.6rc1.
- - Log more specific warnings when we get an ESTABLISH_RENDEZVOUS
- cell on a cannibalized or non-OR circuit. Resolves ticket 12997.
- - When logging information about an EXTEND2 or EXTENDED2 cell, log
- their names correctly. Fixes part of bug 12700; bugfix
- on 0.2.4.8-alpha.
- - When logging information about a relay cell whose command we don't
- recognize, log its command as an integer. Fixes part of bug 12700;
- bugfix on 0.2.1.10-alpha.
- - Escape all strings from the directory connection before logging
- them. Fixes bug 13071; bugfix on 0.1.1.15. Patch from "teor".
- - Squelch a spurious LD_BUG message "No origin circuit for
- successful SOCKS stream" in certain hidden service failure cases;
- fixes bug 10616.
- - Downgrade the severity of the 'unexpected sendme cell from client'
- from 'warn' to 'protocol warning'. Closes ticket 8093.
- o Minor bugfixes (misc code correctness):
- - In munge_extrainfo_into_routerinfo(), check the return value of
- memchr(). This would have been a serious issue if we ever passed
- it a non-extrainfo. Fixes bug 8791; bugfix on 0.2.0.6-alpha. Patch
- from Arlo Breault.
- - On the chance that somebody manages to build Tor on a
- platform where time_t is unsigned, correct the way that
- microdesc_add_to_cache() handles negative time arguments.
- Fixes bug 8042; bugfix on 0.2.3.1-alpha.
- - Fix various instances of undefined behavior in channeltls.c,
- tor_memmem(), and eventdns.c that would cause us to construct
- pointers to memory outside an allocated object. (These invalid
- pointers were not accessed, but C does not even allow them to
- exist.) Fixes bug 10363; bugfixes on 0.1.1.1-alpha, 0.1.2.1-alpha,
- 0.2.0.10-alpha, and 0.2.3.6-alpha. Reported by "bobnomnom".
- - Use the AddressSanitizer and Ubsan sanitizers (in clang-3.4) to
- fix some miscellaneous errors in our tests and codebase. Fixes bug
- 11232. Bugfixes on versions back as far as 0.2.1.11-alpha.
- - Always check return values for unlink, munmap, UnmapViewOfFile;
- check strftime return values more often. In some cases all we can
- do is report a warning, but this may help prevent deeper bugs from
- going unnoticed. Closes ticket 8787; bugfixes on many, many tor
- versions.
- - Fix numerous warnings from the clang "scan-build" static analyzer.
- Some of these are programming style issues; some of them are false
- positives that indicated awkward code; some are undefined behavior
- cases related to constructing (but not using) invalid pointers;
- some are assumptions about API behavior; some are (harmlessly)
- logging sizeof(ptr) bytes from a token when sizeof(*ptr) would be
- correct; and one or two are genuine bugs that weren't reachable
- from the rest of the program. Fixes bug 8793; bugfixes on many,
- many tor versions.
- o Minor bugfixes (node selection):
- - If ExcludeNodes is set, consider non-excluded hidden service
- directory servers before excluded ones. Do not consider excluded
- hidden service directory servers at all if StrictNodes is
- set. (Previously, we would sometimes decide to connect to those
- servers, and then realize before we initiated a connection that
- we had excluded them.) Fixes bug 10722; bugfix on 0.2.0.10-alpha.
- Reported by "mr-4".
- - If we set the ExitNodes option but it doesn't include any nodes
- that have the Exit flag, we would choose not to bootstrap. Now we
- bootstrap so long as ExitNodes includes nodes which can exit to
- some port. Fixes bug 10543; bugfix on 0.2.4.10-alpha.
- o Minor bugfixes (performance):
- - Avoid a bug where every successful connection made us recompute
- the flag telling us whether we have sufficient information to
- build circuits. Previously, we would forget our cached value
- whenever we successfully opened a channel (or marked a router as
- running or not running for any other reason), regardless of
- whether we had previously believed the router to be running. This
- forced us to run an expensive update operation far too often.
- Fixes bug 12170; bugfix on 0.1.2.1-alpha.
- - Avoid using tor_memeq() for checking relay cell integrity. This
- removes a possible performance bottleneck. Fixes part of bug
- 12169; bugfix on 0.2.1.31.
- o Minor bugfixes (platform-specific):
- - When dumping a malformed directory object to disk, save it in
- binary mode on Windows, not text mode. Fixes bug 11342; bugfix on
- 0.2.2.1-alpha.
- - Don't report failures from make_socket_reuseable() on incoming
- sockets on OSX: this can happen when incoming connections close
- early. Fixes bug 10081.
- o Minor bugfixes (pluggable transports):
- - Avoid another 60-second delay when starting Tor in a pluggable-
- transport-using configuration when we already have cached
- descriptors for our bridges. Fixes bug 11965; bugfix
- on 0.2.3.6-alpha.
- o Minor bugfixes (protocol correctness):
- - When receiving a VERSIONS cell with an odd number of bytes, close
- the connection immediately since the cell is malformed. Fixes bug
- 10365; bugfix on 0.2.0.10-alpha. Spotted by "bobnomnom"; fix by
- "rl1987".
- o Minor bugfixes (relay, other):
- - We now drop CREATE cells for already-existent circuit IDs and for
- zero-valued circuit IDs, regardless of other factors that might
- otherwise have called for DESTROY cells. Fixes bug 12191; bugfix
- on 0.0.8pre1.
- - When rejecting DATA cells for stream_id zero, still count them
- against the circuit's deliver window so that we don't fail to send
- a SENDME. Fixes bug 11246; bugfix on 0.2.4.10-alpha.
- o Minor bugfixes (relay, threading):
- - Check return code on spawn_func() in cpuworker code, so that we
- don't think we've spawned a nonworking cpuworker and write junk to
- it forever. Fix related to bug 4345; bugfix on all released Tor
- versions. Found by "skruffy".
- - Use a pthread_attr to make sure that spawn_func() cannot return an
- error while at the same time launching a thread. Fix related to
- bug 4345; bugfix on all released Tor versions. Reported
- by "cypherpunks".
- o Minor bugfixes (relays and bridges):
- - Avoid crashing on a malformed resolv.conf file when running a
- relay using Libevent 1. Fixes bug 8788; bugfix on 0.1.1.23.
- - Non-exit relays no longer launch mock DNS requests to check for
- DNS hijacking. This has been unnecessary since 0.2.1.7-alpha, when
- non-exit relays stopped servicing DNS requests. Fixes bug 965;
- bugfix on 0.2.1.7-alpha. Patch from Matt Pagan.
- - Bridges now report complete directory request statistics. Related
- to bug 5824; bugfix on 0.2.2.1-alpha.
- - Bridges now never collect statistics that were designed for
- relays. Fixes bug 5824; bugfix on 0.2.3.8-alpha.
- o Minor bugfixes (testing):
- - Fix all valgrind warnings produced by the unit tests. There were
- over a thousand memory leak warnings previously, mostly produced
- by forgetting to free things in the unit test code. Fixes bug
- 11618, bugfixes on many versions of Tor.
- o Minor bugfixes (tor-fw-helper):
- - Give a correct log message when tor-fw-helper fails to launch.
- (Previously, we would say something like "tor-fw-helper sent us a
- string we could not parse".) Fixes bug 9781; bugfix
- on 0.2.4.2-alpha.
- o Minor bugfixes (trivial memory leaks):
- - Fix a small memory leak when signing a directory object. Fixes bug
- 11275; bugfix on 0.2.4.13-alpha.
- - Resolve some memory leaks found by coverity in the unit tests, on
- exit in tor-gencert, and on a failure to compute digests for our
- own keys when generating a v3 networkstatus vote. These leaks
- should never have affected anyone in practice.
- o Code simplification and refactoring:
- - Remove some old fallback code designed to keep Tor clients working
- in a network with only two working relays. Elsewhere in the code we
- have long since stopped supporting such networks, so there wasn't
- much point in keeping it around. Addresses ticket 9926.
- - Reject 0-length EXTEND2 cells more explicitly. Fixes bug 10536;
- bugfix on 0.2.4.8-alpha. Reported by "cypherpunks".
- - Extract the common duplicated code for creating a subdirectory
- of the data directory and writing to a file in it. Fixes ticket
- 4282; patch from Peter Retzlaff.
- - Since OpenSSL 0.9.7, the i2d_*() functions support allocating output
- buffer. Avoid calling twice: i2d_RSAPublicKey(), i2d_DHparams(),
- i2d_X509(), and i2d_PublicKey(). Resolves ticket 5170.
- - Add a set of accessor functions for the circuit timeout data
- structure. Fixes ticket 6153; patch from "piet".
- - Clean up exit paths from connection_listener_new(). Closes ticket
- 8789. Patch from Arlo Breault.
- - Since we rely on OpenSSL 0.9.8 now, we can use EVP_PKEY_cmp()
- and drop our own custom pkey_eq() implementation. Fixes bug 9043.
- - Use a doubly-linked list to implement the global circuit list.
- Resolves ticket 9108. Patch from Marek Majkowski.
- - Remove contrib/id_to_fp.c since it wasn't used anywhere.
- - Remove constants and tests for PKCS1 padding; it's insecure and
- shouldn't be used for anything new. Fixes bug 8792; patch
- from Arlo Breault.
- - Remove instances of strcpy() from the unit tests. They weren't
- hurting anything, since they were only in the unit tests, but it's
- embarassing to have strcpy() in the code at all, and some analysis
- tools don't like it. Fixes bug 8790; bugfix on 0.2.3.6-alpha and
- 0.2.3.8-alpha. Patch from Arlo Breault.
- - Remove is_internal_IP() function. Resolves ticket 4645.
- - Remove unused function circuit_dump_by_chan from circuitlist.c.
- Closes issue 9107; patch from "marek".
- - Change our use of the ENUM_BF macro to avoid declarations that
- confuse Doxygen.
- - Get rid of router->address, since in all cases it was just the
- string representation of router->addr. Resolves ticket 5528.
- o Documentation:
- - Adjust the URLs in the README to refer to the new locations of
- several documents on the website. Fixes bug 12830. Patch from
- Matt Pagan.
- - Document 'reject6' and 'accept6' ExitPolicy entries. Resolves
- ticket 12878.
- - Update manpage to describe some of the files you can expect to
- find in Tor's DataDirectory. Addresses ticket 9839.
- - Clean up several option names in the manpage to match their real
- names, add the missing documentation for a couple of testing and
- directory authority options, remove the documentation for a
- V2-directory fetching option that no longer exists. Resolves
- ticket 11634.
- - Correct the documenation so that it lists the correct directory
- for the stats files. (They are in a subdirectory called "stats",
- not "status".)
- - In the manpage, move more authority-only options into the
- directory authority section so that operators of regular directory
- caches don't get confused.
- - Fix the layout of the SOCKSPort flags in the manpage. Fixes bug
- 11061; bugfix on 0.2.4.7-alpha.
- - Resolve warnings from Doxygen.
- - Document in the manpage that "KBytes" may also be written as
- "kilobytes" or "KB", that "Kbits" may also be written as
- "kilobits", and so forth. Closes ticket 9222.
- - Document that the ClientOnly config option overrides ORPort.
- Our old explanation made ClientOnly sound as though it did
- nothing at all. Resolves bug 9059.
- - Explain that SocksPolicy, DirPolicy, and similar options don't
- take port arguments. Fixes the other part of ticket 11108.
- - Fix a comment about the rend_server_descriptor_t.protocols field
- to more accurately describe its range. Also, make that field
- unsigned, to more accurately reflect its usage. Fixes bug 9099;
- bugfix on 0.2.1.5-alpha.
- - Fix the manpage's description of HiddenServiceAuthorizeClient:
- the maximum client name length is 16, not 19. Fixes bug 11118;
- bugfix on 0.2.1.6-alpha.
- o Package cleanup:
- - The contrib directory has been sorted and tidied. Before, it was
- an unsorted dumping ground for useful and not-so-useful things.
- Now, it is divided based on functionality, and the items which
- seemed to be nonfunctional or useless have been removed. Resolves
- ticket 8966; based on patches from "rl1987".
- o Removed code and features:
- - Clients now reject any directory authority certificates lacking
- a dir-key-crosscert element. These have been included since
- 0.2.1.9-alpha, so there's no real reason for them to be optional
- any longer. Completes proposal 157. Resolves ticket 10162.
- - Remove all code that existed to support the v2 directory system,
- since there are no longer any v2 directory authorities. Resolves
- ticket 10758.
- - Remove the HSAuthoritativeDir and AlternateHSAuthority torrc
- options, which were used for designating authorities as "Hidden
- service authorities". There has been no use of hidden service
- authorities since 0.2.2.1-alpha, when we stopped uploading or
- downloading v0 hidden service descriptors. Fixes bug 10881; also
- part of a fix for bug 10841.
- - Remove /tor/dbg-stability.txt URL that was meant to help debug WFU
- and MTBF calculations, but that nobody was using. Fixes bug 11742.
- - The TunnelDirConns and PreferTunnelledDirConns options no longer
- exist; tunneled directory connections have been available since
- 0.1.2.5-alpha, and turning them off is not a good idea. This is a
- brute-force fix for 10849, where "TunnelDirConns 0" would break
- hidden services.
- - Remove all code for the long unused v1 directory protocol.
- Resolves ticket 11070.
- - Remove all remaining code related to version-0 hidden service
- descriptors: they have not been in use since 0.2.2.1-alpha. Fixes
- the rest of bug 10841.
- - Remove migration code from when we renamed the "cached-routers"
- file to "cached-descriptors" back in 0.2.0.8-alpha. This
- incidentally resolves ticket 6502 by cleaning up the related code
- a bit. Patch from Akshay Hebbar.
- o Test infrastructure:
- - Tor now builds each source file in two modes: a mode that avoids
- exposing identifiers needlessly, and another mode that exposes
- more identifiers for testing. This lets the compiler do better at
- optimizing the production code, while enabling us to take more
- radical measures to let the unit tests test things.
- - The production builds no longer include functions used only in
- the unit tests; all functions exposed from a module only for
- unit-testing are now static in production builds.
- - Add an --enable-coverage configuration option to make the unit
- tests (and a new src/or/tor-cov target) to build with gcov test
- coverage support.
- - Update to the latest version of tinytest.
- - Improve the tinytest implementation of string operation tests so
- that comparisons with NULL strings no longer crash the tests; they
- now just fail, normally. Fixes bug 9004; bugfix on 0.2.2.4-alpha.
- - New macros in test.h to simplify writing mock-functions for unit
- tests. Part of ticket 11507. Patch from Dana Koch.
- - We now have rudimentary function mocking support that our unit
- tests can use to test functions in isolation. Function mocking
- lets the tests temporarily replace a function's dependencies with
- stub functions, so that the tests can check the function without
- invoking the other functions it calls.
- o Testing:
- - Complete tests for the status.c module. Resolves ticket 11507.
- Patch from Dana Koch.
- - Add more unit tests for the <circid,channel>->circuit map, and
- the destroy-cell-tracking code to fix bug 7912.
- - Unit tests for failing cases of the TAP onion handshake.
- - More unit tests for address-manipulation functions.
- o Distribution (systemd):
- - Include a tor.service file in contrib/dist for use with systemd.
- Some distributions will be able to use this file unmodified;
- others will need to tweak it, or write their own. Patch from Jamie
- Nguyen; resolves ticket 8368.
- - Verify configuration file via ExecStartPre in the systemd unit
- file. Patch from intrigeri; resolves ticket 12730.
- - Explicitly disable RunAsDaemon in the systemd unit file. Our
- current systemd unit uses "Type = simple", so systemd does not
- expect tor to fork. If the user has "RunAsDaemon 1" in their
- torrc, then things won't work as expected. This is e.g. the case
- on Debian (and derivatives), since there we pass "--defaults-torrc
- /usr/share/tor/tor-service-defaults-torrc" (that contains
- "RunAsDaemon 1") by default. Patch by intrigeri; resolves
- ticket 12731.
- Changes in version 0.2.4.25 - 2014-10-20
- Tor 0.2.4.25 disables SSL3 in response to the recent "POODLE" attack
- (even though POODLE does not affect Tor). It also works around a crash
- bug caused by some operating systems' response to the "POODLE" attack
- (which does affect Tor).
- o Major security fixes (also in 0.2.5.9-rc):
- - Disable support for SSLv3. All versions of OpenSSL in use with Tor
- today support TLS 1.0 or later, so we can safely turn off support
- for this old (and insecure) protocol. Fixes bug 13426.
- o Major bugfixes (openssl bug workaround, also in 0.2.5.9-rc):
- - Avoid crashing when using OpenSSL version 0.9.8zc, 1.0.0o, or
- 1.0.1j, built with the 'no-ssl3' configuration option. Fixes bug
- 13471. This is a workaround for an OpenSSL bug.
- Changes in version 0.2.4.24 - 2014-09-22
- Tor 0.2.4.24 fixes a bug that affects consistency and speed when
- connecting to hidden services, and it updates the location of one of
- the directory authorities.
- o Major bugfixes:
- - Clients now send the correct address for their chosen rendezvous
- point when trying to access a hidden service. They used to send
- the wrong address, which would still work some of the time because
- they also sent the identity digest of the rendezvous point, and if
- the hidden service happened to try connecting to the rendezvous
- point from a relay that already had a connection open to it,
- the relay would reuse that connection. Now connections to hidden
- services should be more robust and faster. Also, this bug meant
- that clients were leaking to the hidden service whether they were
- on a little-endian (common) or big-endian (rare) system, which for
- some users might have reduced their anonymity. Fixes bug 13151;
- bugfix on 0.2.1.5-alpha.
- o Directory authority changes:
- - Change IP address for gabelmoo (v3 directory authority).
- o Minor features (geoip):
- - Update geoip and geoip6 to the August 7 2014 Maxmind GeoLite2
- Country database.
- Changes in version 0.2.4.23 - 2014-07-28
- Tor 0.2.4.23 brings us a big step closer to slowing down the risk from
- guard rotation, and also backports several important fixes from the
- Tor 0.2.5 alpha release series.
- o Major features:
- - Clients now look at the "usecreatefast" consensus parameter to
- decide whether to use CREATE_FAST or CREATE cells for the first hop
- of their circuit. This approach can improve security on connections
- where Tor's circuit handshake is stronger than the available TLS
- connection security levels, but the tradeoff is more computational
- load on guard relays. Implements proposal 221. Resolves ticket 9386.
- - Make the number of entry guards configurable via a new
- NumEntryGuards consensus parameter, and the number of directory
- guards configurable via a new NumDirectoryGuards consensus
- parameter. Implements ticket 12688.
- o Major bugfixes:
- - Fix a bug in the bounds-checking in the 32-bit curve25519-donna
- implementation that caused incorrect results on 32-bit
- implementations when certain malformed inputs were used along with
- a small class of private ntor keys. This bug does not currently
- appear to allow an attacker to learn private keys or impersonate a
- Tor server, but it could provide a means to distinguish 32-bit Tor
- implementations from 64-bit Tor implementations. Fixes bug 12694;
- bugfix on 0.2.4.8-alpha. Bug found by Robert Ransom; fix from
- Adam Langley.
- o Minor bugfixes:
- - Warn and drop the circuit if we receive an inbound 'relay early'
- cell. Those used to be normal to receive on hidden service circuits
- due to bug 1038, but the buggy Tor versions are long gone from
- the network so we can afford to resume watching for them. Resolves
- the rest of bug 1038; bugfix on 0.2.1.19.
- - Correct a confusing error message when trying to extend a circuit
- via the control protocol but we don't know a descriptor or
- microdescriptor for one of the specified relays. Fixes bug 12718;
- bugfix on 0.2.3.1-alpha.
- - Avoid an illegal read from stack when initializing the TLS
- module using a version of OpenSSL without all of the ciphers
- used by the v2 link handshake. Fixes bug 12227; bugfix on
- 0.2.4.8-alpha. Found by "starlight".
- o Minor features:
- - Update geoip and geoip6 to the July 10 2014 Maxmind GeoLite2
- Country database.
- Changes in version 0.2.4.22 - 2014-05-16
- Tor 0.2.4.22 backports numerous high-priority fixes from the Tor 0.2.5
- alpha release series. These include blocking all authority signing
- keys that may have been affected by the OpenSSL "heartbleed" bug,
- choosing a far more secure set of TLS ciphersuites by default, closing
- a couple of memory leaks that could be used to run a target relay out
- of RAM, and several others.
- o Major features (security, backport from 0.2.5.4-alpha):
- - Block authority signing keys that were used on authorities
- vulnerable to the "heartbleed" bug in OpenSSL (CVE-2014-0160). (We
- don't have any evidence that these keys _were_ compromised; we're
- doing this to be prudent.) Resolves ticket 11464.
- o Major bugfixes (security, OOM):
- - Fix a memory leak that could occur if a microdescriptor parse
- fails during the tokenizing step. This bug could enable a memory
- exhaustion attack by directory servers. Fixes bug 11649; bugfix
- on 0.2.2.6-alpha.
- o Major bugfixes (TLS cipher selection, backport from 0.2.5.4-alpha):
- - The relay ciphersuite list is now generated automatically based on
- uniform criteria, and includes all OpenSSL ciphersuites with
- acceptable strength and forward secrecy. Previously, we had left
- some perfectly fine ciphersuites unsupported due to omission or
- typo. Resolves bugs 11513, 11492, 11498, 11499. Bugs reported by
- 'cypherpunks'. Bugfix on 0.2.4.8-alpha.
- - Relays now trust themselves to have a better view than clients of
- which TLS ciphersuites are better than others. (Thanks to bug
- 11513, the relay list is now well-considered, whereas the client
- list has been chosen mainly for anti-fingerprinting purposes.)
- Relays prefer: AES over 3DES; then ECDHE over DHE; then GCM over
- CBC; then SHA384 over SHA256 over SHA1; and last, AES256 over
- AES128. Resolves ticket 11528.
- - Clients now try to advertise the same list of ciphersuites as
- Firefox 28. This change enables selection of (fast) GCM
- ciphersuites, disables some strange old ciphers, and stops
- advertising the ECDH (not to be confused with ECDHE) ciphersuites.
- Resolves ticket 11438.
- o Minor bugfixes (configuration, security):
- - When running a hidden service, do not allow TunneledDirConns 0:
- trying to set that option together with a hidden service would
- otherwise prevent the hidden service from running, and also make
- it publish its descriptors directly over HTTP. Fixes bug 10849;
- bugfix on 0.2.1.1-alpha.
- o Minor bugfixes (controller, backport from 0.2.5.4-alpha):
- - Avoid sending a garbage value to the controller when a circuit is
- cannibalized. Fixes bug 11519; bugfix on 0.2.3.11-alpha.
- o Minor bugfixes (exit relay, backport from 0.2.5.4-alpha):
- - Stop leaking memory when we successfully resolve a PTR record.
- Fixes bug 11437; bugfix on 0.2.4.7-alpha.
- o Minor bugfixes (bridge client, backport from 0.2.5.4-alpha):
- - Avoid 60-second delays in the bootstrapping process when Tor is
- launching for a second time while using bridges. Fixes bug 9229;
- bugfix on 0.2.0.3-alpha.
- o Minor bugfixes (relays and bridges, backport from 0.2.5.4-alpha):
- - Give the correct URL in the warning message when trying to run a
- relay on an ancient version of Windows. Fixes bug 9393.
- o Minor bugfixes (compilation):
- - Fix a compilation error when compiling with --disable-curve25519.
- Fixes bug 9700; bugfix on 0.2.4.17-rc.
- o Minor bugfixes:
- - Downgrade the warning severity for the the "md was still
- referenced 1 node(s)" warning. Tor 0.2.5.4-alpha has better code
- for trying to diagnose this bug, and the current warning in
- earlier versions of tor achieves nothing useful. Addresses warning
- from bug 7164.
- o Minor features (log verbosity, backport from 0.2.5.4-alpha):
- - When we run out of usable circuit IDs on a channel, log only one
- warning for the whole channel, and describe how many circuits
- there were on the channel. Fixes part of ticket 11553.
- o Minor features (security, backport from 0.2.5.4-alpha):
- - Decrease the lower limit of MaxMemInCellQueues to 256 MBytes (but
- leave the default at 8GBytes), to better support Raspberry Pi
- users. Fixes bug 9686; bugfix on 0.2.4.14-alpha.
- o Documentation (backport from 0.2.5.4-alpha):
- - Correctly document that we search for a system torrc file before
- looking in ~/.torrc. Fixes documentation side of 9213; bugfix on
- 0.2.3.18-rc.
- Changes in version 0.2.4.21 - 2014-02-28
- Tor 0.2.4.21 further improves security against potential adversaries who
- find breaking 1024-bit crypto doable, and backports several stability
- and robustness patches from the 0.2.5 branch.
- o Major features (client security):
- - When we choose a path for a 3-hop circuit, make sure it contains
- at least one relay that supports the NTor circuit extension
- handshake. Otherwise, there is a chance that we're building
- a circuit that's worth attacking by an adversary who finds
- breaking 1024-bit crypto doable, and that chance changes the game
- theory. Implements ticket 9777.
- o Major bugfixes:
- - Do not treat streams that fail with reason
- END_STREAM_REASON_INTERNAL as indicating a definite circuit failure,
- since it could also indicate an ENETUNREACH connection error. Fixes
- part of bug 10777; bugfix on 0.2.4.8-alpha.
- o Code simplification and refactoring:
- - Remove data structures which were introduced to implement the
- CellStatistics option: they are now redundant with the new timestamp
- field in the regular packed_cell_t data structure, which we did
- in 0.2.4.18-rc in order to resolve bug 9093. Resolves ticket 10870.
- o Minor features:
- - Always clear OpenSSL bignums before freeing them -- even bignums
- that don't contain secrets. Resolves ticket 10793. Patch by
- Florent Daigniere.
- - Build without warnings under clang 3.4. (We have some macros that
- define static functions only some of which will get used later in
- the module. Starting with clang 3.4, these give a warning unless the
- unused attribute is set on them.) Resolves ticket 10904.
- - Update geoip and geoip6 files to the February 7 2014 Maxmind
- GeoLite2 Country database.
- o Minor bugfixes:
- - Set the listen() backlog limit to the largest actually supported
- on the system, not to the value in a header file. Fixes bug 9716;
- bugfix on every released Tor.
- - Treat ENETUNREACH, EACCES, and EPERM connection failures at an
- exit node as a NOROUTE error, not an INTERNAL error, since they
- can apparently happen when trying to connect to the wrong sort
- of netblocks. Fixes part of bug 10777; bugfix on 0.1.0.1-rc.
- - Fix build warnings about missing "a2x" comment when building the
- manpages from scratch on OpenBSD; OpenBSD calls it "a2x.py".
- Fixes bug 10929; bugfix on 0.2.2.9-alpha. Patch from Dana Koch.
- - Avoid a segfault on SIGUSR1, where we had freed a connection but did
- not entirely remove it from the connection lists. Fixes bug 9602;
- bugfix on 0.2.4.4-alpha.
- - Fix a segmentation fault in our benchmark code when running with
- Fedora's OpenSSL package, or any other OpenSSL that provides
- ECDH but not P224. Fixes bug 10835; bugfix on 0.2.4.8-alpha.
- - Turn "circuit handshake stats since last time" log messages into a
- heartbeat message. Fixes bug 10485; bugfix on 0.2.4.17-rc.
- o Documentation fixes:
- - Document that all but one DirPort entry must have the NoAdvertise
- flag set. Fixes bug 10470; bugfix on 0.2.3.3-alpha / 0.2.3.16-alpha.
- Changes in version 0.2.4.20 - 2013-12-22
- Tor 0.2.4.20 fixes potentially poor random number generation for users
- who 1) use OpenSSL 1.0.0 or later, 2) set "HardwareAccel 1" in their
- torrc file, 3) have "Sandy Bridge" or "Ivy Bridge" Intel processors,
- and 4) have no state file in their DataDirectory (as would happen on
- first start). Users who generated relay or hidden service identity
- keys in such a situation should discard them and generate new ones.
- This release also fixes a logic error that caused Tor clients to build
- many more preemptive circuits than they actually need.
- o Major bugfixes:
- - Do not allow OpenSSL engines to replace the PRNG, even when
- HardwareAccel is set. The only default builtin PRNG engine uses
- the Intel RDRAND instruction to replace the entire PRNG, and
- ignores all attempts to seed it with more entropy. That's
- cryptographically stupid: the right response to a new alleged
- entropy source is never to discard all previously used entropy
- sources. Fixes bug 10402; works around behavior introduced in
- OpenSSL 1.0.0. Diagnosis and investigation thanks to "coderman"
- and "rl1987".
- - Fix assertion failure when AutomapHostsOnResolve yields an IPv6
- address. Fixes bug 10465; bugfix on 0.2.4.7-alpha.
- - Avoid launching spurious extra circuits when a stream is pending.
- This fixes a bug where any circuit that _wasn't_ unusable for new
- streams would be treated as if it were, causing extra circuits to
- be launched. Fixes bug 10456; bugfix on 0.2.4.12-alpha.
- o Minor bugfixes:
- - Avoid a crash bug when starting with a corrupted microdescriptor
- cache file. Fixes bug 10406; bugfix on 0.2.2.6-alpha.
- - If we fail to dump a previously cached microdescriptor to disk, avoid
- freeing duplicate data later on. Fixes bug 10423; bugfix on
- 0.2.4.13-alpha. Spotted by "bobnomnom".
- Changes in version 0.2.4.19 - 2013-12-11
- The Tor 0.2.4 release series is dedicated to the memory of Aaron Swartz
- (1986-2013). Aaron worked on diverse projects including helping to guide
- Creative Commons, playing a key role in stopping SOPA/PIPA, bringing
- transparency to the U.S government's PACER documents, and contributing
- design and development for Tor and Tor2Web. Aaron was one of the latest
- martyrs in our collective fight for civil liberties and human rights,
- and his death is all the more painful because he was one of us.
- Tor 0.2.4.19, the first stable release in the 0.2.4 branch, features
- a new circuit handshake and link encryption that use ECC to provide
- better security and efficiency; makes relays better manage circuit
- creation requests; uses "directory guards" to reduce client enumeration
- risks; makes bridges collect and report statistics about the pluggable
- transports they support; cleans up and improves our geoip database;
- gets much closer to IPv6 support for clients, bridges, and relays; makes
- directory authorities use measured bandwidths rather than advertised
- ones when computing flags and thresholds; disables client-side DNS
- caching to reduce tracking risks; and fixes a big bug in bridge
- reachability testing. This release introduces two new design
- abstractions in the code: a new "channel" abstraction between circuits
- and or_connections to allow for implementing alternate relay-to-relay
- transports, and a new "circuitmux" abstraction storing the queue of
- circuits for a channel. The release also includes many stability,
- security, and privacy fixes.
- o Major features (new circuit handshake):
- - Tor now supports a new circuit extension handshake designed by Ian
- Goldberg, Douglas Stebila, and Berkant Ustaoglu. Our original
- circuit extension handshake, later called "TAP", was a bit slow
- (especially on the relay side), had a fragile security proof, and
- used weaker keys than we'd now prefer. The new circuit handshake
- uses Dan Bernstein's "curve25519" elliptic-curve Diffie-Hellman
- function, making it significantly more secure than the older
- handshake, and significantly faster. Tor can use one of two built-in
- pure-C curve25519-donna implementations by Adam Langley, or it
- can link against the "nacl" library for a tuned version if present.
- The built-in version is very fast for 64-bit systems when building
- with GCC. The built-in 32-bit version is still faster than the
- old TAP protocol, but using libnacl is better on most such hosts.
- Implements proposal 216; closes ticket 7202.
- o Major features (better link encryption):
- - Relays can now enable the ECDHE TLS ciphersuites when available
- and appropriate. These ciphersuites let us negotiate forward-secure
- TLS secret keys more safely and more efficiently than with our
- previous use of Diffie-Hellman modulo a 1024-bit prime. By default,
- public relays prefer the (faster) P224 group, and bridges prefer
- the (more common) P256 group; you can override this with the
- TLSECGroup option.
- This feature requires clients running 0.2.3.17-beta or later,
- and requires both sides to be running OpenSSL 1.0.0 or later
- with ECC support. OpenSSL 1.0.1, with the compile-time option
- "enable-ec_nistp_64_gcc_128", is highly recommended.
- Implements the relay side of proposal 198; closes ticket 7200.
- - Re-enable TLS 1.1 and 1.2 when built with OpenSSL 1.0.1e or later.
- Resolves ticket 6055. (OpenSSL before 1.0.1 didn't have TLS 1.1 or
- 1.2, and OpenSSL from 1.0.1 through 1.0.1d had bugs that prevented
- renegotiation from working with TLS 1.1 or 1.2, so we had disabled
- them to solve bug 6033.)
- o Major features (relay performance):
- - Instead of limiting the number of queued onionskins (aka circuit
- create requests) to a fixed, hard-to-configure number, we limit
- the size of the queue based on how many we expect to be able to
- process in a given amount of time. We estimate the time it will
- take to process an onionskin based on average processing time
- of previous onionskins. Closes ticket 7291. You'll never have to
- configure MaxOnionsPending again.
- - Relays process the new "NTor" circuit-level handshake requests
- with higher priority than the old "TAP" circuit-level handshake
- requests. We still process some TAP requests to not totally starve
- 0.2.3 clients when NTor becomes popular. A new consensus parameter
- "NumNTorsPerTAP" lets us tune the balance later if we need to.
- Implements ticket 9574.
- o Major features (client bootstrapping resilience):
- - Add a new "FallbackDir" torrc option to use when we can't use
- a directory mirror from the consensus (either because we lack a
- consensus, or because they're all down). Currently, all authorities
- are fallbacks by default, and there are no other default fallbacks,
- but that will change. This option will allow us to give clients a
- longer list of servers to try to get a consensus from when first
- connecting to the Tor network, and thereby reduce load on the
- directory authorities. Implements proposal 206, "Preconfigured
- directory sources for bootstrapping". We also removed the old
- "FallbackNetworkstatus" option, since we never got it working well
- enough to use it. Closes bug 572.
- - If we have no circuits open, use a relaxed timeout (the
- 95th-percentile cutoff) until a circuit succeeds. This heuristic
- should allow Tor to succeed at building circuits even when the
- network connection drastically changes. Should help with bug 3443.
- o Major features (use of guards):
- - Support directory guards (proposal 207): when possible, clients now
- use their entry guards for non-anonymous directory requests. This
- can help prevent client enumeration. Note that this behavior only
- works when we have a usable consensus directory, and when options
- about what to download are more or less standard. In the future we
- should re-bootstrap from our guards, rather than re-bootstrapping
- from the preconfigured list of directory sources that ships with
- Tor. Resolves ticket 6526.
- - Raise the default time that a client keeps an entry guard from
- "1-2 months" to "2-3 months", as suggested by Tariq Elahi's WPES
- 2012 paper. (We would make it even longer, but we need better client
- load balancing first.) Also, make the guard lifetime controllable
- via a new GuardLifetime torrc option and a GuardLifetime consensus
- parameter. Start of a fix for bug 8240; bugfix on 0.1.1.11-alpha.
- o Major features (bridges with pluggable transports):
- - Bridges now report the pluggable transports they support to the
- bridge authority, so it can pass the supported transports on to
- bridgedb and/or eventually do reachability testing. Implements
- ticket 3589.
- - Automatically forward the TCP ports of pluggable transport
- proxies using tor-fw-helper if PortForwarding is enabled. Implements
- ticket 4567.
- o Major features (geoip database):
- - Maxmind began labelling Tor relays as being in country "A1",
- which breaks by-country node selection inside Tor. Now we use a
- script to replace "A1" ("Anonymous Proxy") entries in our geoip
- file with real country codes. This script fixes about 90% of "A1"
- entries automatically and uses manual country code assignments to
- fix the remaining 10%. See src/config/README.geoip for details.
- Fixes bug 6266.
- - Add GeoIP database for IPv6 addresses. The new config option
- is GeoIPv6File.
- - Update to the October 2 2013 Maxmind GeoLite Country database.
- o Major features (IPv6):
- - Clients who set "ClientUseIPv6 1" may connect to entry nodes over
- IPv6. Set "ClientPreferIPv6ORPort 1" to make this even more likely
- to happen. Implements ticket 5535.
- - All kind of relays, not just bridges, can now advertise an IPv6
- OR port. Implements ticket 6362.
- - Relays can now exit to IPv6 addresses: make sure that you have IPv6
- connectivity, then set the IPv6Exit flag to 1. Also make sure your
- exit policy reads as you would like: the address * applies to all
- address families, whereas *4 is IPv4 address only, and *6 is IPv6
- addresses only. On the client side, you'll need to wait for enough
- exits to support IPv6, apply the "IPv6Traffic" flag to a SocksPort,
- and use Socks5. Closes ticket 5547, implements proposal 117 as
- revised in proposal 208.
- - Bridge authorities now accept IPv6 bridge addresses and include
- them in network status documents. Implements ticket 5534.
- - Directory authorities vote on IPv6 OR ports. Implements ticket 6363.
- o Major features (directory authorities):
- - Directory authorities now prefer using measured bandwidths to
- advertised ones when computing flags and thresholds. Resolves
- ticket 8273.
- - Directory authorities that vote measured bandwidths about more
- than a threshold number of relays now treat relays with
- unmeasured bandwidths as having bandwidth 0 when computing their
- flags. Resolves ticket 8435.
- - Directory authorities now support a new consensus method (17)
- where they cap the published bandwidth of relays for which
- insufficient bandwidth measurements exist. Fixes part of bug 2286.
- - Directory authorities that set "DisableV2DirectoryInfo_ 1" no longer
- serve any v2 directory information. Now we can test disabling the
- old deprecated v2 directory format, and see whether doing so has
- any effect on network load. Begins to fix bug 6783.
- o Major features (build and portability):
- - Switch to a nonrecursive Makefile structure. Now instead of each
- Makefile.am invoking other Makefile.am's, there is a master
- Makefile.am that includes the others. This change makes our build
- process slightly more maintainable, and improves parallelism for
- building with make -j. Original patch by Stewart Smith; various
- fixes by Jim Meyering.
- - Where available, we now use automake's "silent" make rules by
- default, so that warnings are easier to spot. You can get the old
- behavior with "make V=1". Patch by Stewart Smith for ticket 6522.
- - Resume building correctly with MSVC and Makefile.nmake. This patch
- resolves numerous bugs and fixes reported by ultramage, including
- 7305, 7308, 7309, 7310, 7312, 7313, 7315, 7316, and 7669.
- o Security features:
- - Switch to a completely time-invariant approach for picking nodes
- weighted by bandwidth. Our old approach would run through the
- part of the loop after it had made its choice slightly slower
- than it ran through the part of the loop before it had made its
- choice. Addresses ticket 6538.
- - Disable the use of Guard nodes when in Tor2WebMode. Guard usage
- by tor2web clients allows hidden services to identify tor2web
- clients through their repeated selection of the same rendezvous
- and introduction point circuit endpoints (their guards). Resolves
- ticket 6888.
- o Major bugfixes (relay denial of service):
- - When we have too much memory queued in circuits (according to a new
- MaxMemInCellQueues option), close the circuits that have the oldest
- queued cells, on the theory that those are most responsible for
- us running low on memory. This prevents us from running out of
- memory as a relay if circuits fill up faster than they can be
- drained. Fixes bugs 9063 and 9093; bugfix on the 54th commit of
- Tor. This bug is a further fix beyond bug 6252, whose fix was
- merged into 0.2.3.21-rc.
- - Reject bogus create and relay cells with 0 circuit ID or 0 stream
- ID: these could be used to create unexpected streams and circuits
- which would count as "present" to some parts of Tor but "absent"
- to others, leading to zombie circuits and streams or to a bandwidth
- denial-of-service. Fixes bug 7889; bugfix on every released version
- of Tor. Reported by "oftc_must_be_destroyed".
- - Avoid a bug where our response to TLS renegotiation under certain
- network conditions could lead to a busy-loop, with 100% CPU
- consumption. Fixes bug 5650; bugfix on 0.2.0.16-alpha.
- o Major bugfixes (asserts, crashes, leaks):
- - Prevent the get_freelists() function from running off the end of
- the list of freelists if it somehow gets an unrecognized
- allocation. Fixes bug 8844; bugfix on 0.2.0.16-alpha. Reported by
- eugenis.
- - Avoid a memory leak where we would leak a consensus body when we
- find that a consensus which we couldn't previously verify due to
- missing certificates is now verifiable. Fixes bug 8719; bugfix
- on 0.2.0.10-alpha.
- - If we are unable to save a microdescriptor to the journal, do not
- drop it from memory and then reattempt downloading it. Fixes bug
- 9645; bugfix on 0.2.2.6-alpha.
- - Fix an assertion failure that would occur when disabling the
- ORPort setting on a running Tor process while accounting was
- enabled. Fixes bug 6979; bugfix on 0.2.2.18-alpha.
- - Avoid an assertion failure on OpenBSD (and perhaps other BSDs)
- when an exit connection with optimistic data succeeds immediately
- rather than returning EINPROGRESS. Fixes bug 9017; bugfix on
- 0.2.3.1-alpha.
- - Fix a memory leak that would occur whenever a configuration
- option changed. Fixes bug 8718; bugfix on 0.2.3.3-alpha.
- o Major bugfixes (relay rate limiting):
- - When a TLS write is partially successful but incomplete, remember
- that the flushed part has been flushed, and notice that bytes were
- actually written. Reported and fixed pseudonymously. Fixes bug 7708;
- bugfix on Tor 0.1.0.5-rc.
- - Raise the default BandwidthRate/BandwidthBurst values from 5MB/10MB
- to 1GB/1GB. The previous defaults were intended to be "basically
- infinite", but it turns out they're now limiting our 100mbit+
- relays and bridges. Fixes bug 6605; bugfix on 0.2.0.10-alpha (the
- last time we raised it).
- - No longer stop reading or writing on cpuworker connections when
- our rate limiting buckets go empty. Now we should handle circuit
- handshake requests more promptly. Resolves bug 9731.
- o Major bugfixes (client-side privacy):
- - When we mark a circuit as unusable for new circuits, have it
- continue to be unusable for new circuits even if MaxCircuitDirtiness
- is increased too much at the wrong time, or the system clock jumps
- backwards. Fixes bug 6174; bugfix on 0.0.2pre26.
- - If ClientDNSRejectInternalAddresses ("do not believe DNS queries
- which have resolved to internal addresses") is set, apply that
- rule to IPv6 as well. Fixes bug 8475; bugfix on 0.2.0.7-alpha.
- - When an exit relay rejects a stream with reason "exit policy", but
- we only know an exit policy summary (e.g. from the microdesc
- consensus) for it, do not mark the relay as useless for all exiting.
- Instead, mark just the circuit as unsuitable for that particular
- address. Fixes part of bug 7582; bugfix on 0.2.3.2-alpha.
- o Major bugfixes (stream isolation):
- - Allow applications to get proper stream isolation with
- IsolateSOCKSAuth. Many SOCKS5 clients that want to offer
- username/password authentication also offer "no authentication". Tor
- had previously preferred "no authentication", so the applications
- never actually sent Tor their auth details. Now Tor selects
- username/password authentication if it's offered. You can disable
- this behavior on a per-SOCKSPort basis via PreferSOCKSNoAuth. Fixes
- bug 8117; bugfix on 0.2.3.3-alpha.
- - Follow the socks5 protocol when offering username/password
- authentication. The fix for bug 8117 exposed this bug, and it
- turns out real-world applications like Pidgin do care. Bugfix on
- 0.2.3.2-alpha; fixes bug 8879.
- o Major bugfixes (client circuit building):
- - Alter circuit build timeout measurement to start at the point
- where we begin the CREATE/CREATE_FAST step (as opposed to circuit
- initialization). This should make our timeout measurements more
- uniform. Previously, we were sometimes including ORconn setup time
- in our circuit build time measurements. Should resolve bug 3443.
- - If the circuit build timeout logic is disabled (via the consensus,
- or because we are an authority), then don't build testing circuits.
- Fixes bug 9657; bugfix on 0.2.2.14-alpha.
- o Major bugfixes (client-side DNS):
- - Turn off the client-side DNS cache by default. Updating and using
- the DNS cache is now configurable on a per-client-port
- level. SOCKSPort, DNSPort, etc lines may now contain
- {No,}Cache{IPv4,IPv6,}DNS lines to indicate that we shouldn't
- cache these types of DNS answers when we receive them from an
- exit node in response to an application request on this port, and
- {No,}UseCached{IPv4,IPv6,DNS} lines to indicate that if we have
- cached DNS answers of these types, we shouldn't use them. It's
- potentially risky to use cached DNS answers at the client, since
- doing so can indicate to one exit what answers we've gotten
- for DNS lookups in the past. With IPv6, this becomes especially
- problematic. Using cached DNS answers for requests on the same
- circuit would present less linkability risk, since all traffic
- on a circuit is already linkable, but it would also provide
- little performance benefit: the exit node caches DNS replies
- too. Implements a simplified version of Proposal 205. Implements
- ticket 7570.
- o Major bugfixes (hidden service privacy):
- - Limit hidden service descriptors to at most ten introduction
- points, to slow one kind of guard enumeration. Fixes bug 9002;
- bugfix on 0.1.1.11-alpha.
- o Major bugfixes (directory fetching):
- - If the time to download the next old-style networkstatus is in
- the future, do not decline to consider whether to download the
- next microdescriptor networkstatus. Fixes bug 9564; bugfix on
- 0.2.3.14-alpha.
- - We used to always request authority certificates by identity digest,
- meaning we'd get the newest one even when we wanted one with a
- different signing key. Then we would complain about being given
- a certificate we already had, and never get the one we really
- wanted. Now we use the "fp-sk/" resource as well as the "fp/"
- resource to request the one we want. Fixes bug 5595; bugfix on
- 0.2.0.8-alpha.
- o Major bugfixes (bridge reachability):
- - Bridges now send AUTH_CHALLENGE cells during their v3 handshakes;
- previously they did not, which prevented them from receiving
- successful connections from relays for self-test or bandwidth
- testing. Also, when a relay is extending a circuit to a bridge,
- it needs to send a NETINFO cell, even when the bridge hasn't sent
- an AUTH_CHALLENGE cell. Fixes bug 9546; bugfix on 0.2.3.6-alpha.
- o Major bugfixes (control interface):
- - When receiving a new configuration file via the control port's
- LOADCONF command, do not treat the defaults file as absent.
- Fixes bug 9122; bugfix on 0.2.3.9-alpha.
- o Major bugfixes (directory authorities):
- - Stop marking every relay as having been down for one hour every
- time we restart a directory authority. These artificial downtimes
- were messing with our Stable and Guard flag calculations. Fixes
- bug 8218 (introduced by the fix for 1035). Bugfix on 0.2.2.23-alpha.
- - When computing directory thresholds, ignore any rejected-as-sybil
- nodes during the computation so that they can't influence Fast,
- Guard, etc. (We should have done this for proposal 109.) Fixes
- bug 8146.
- - When marking a node as a likely sybil, reset its uptime metrics
- to zero, so that it cannot time towards getting marked as Guard,
- Stable, or HSDir. (We should have done this for proposal 109.) Fixes
- bug 8147.
- - Fix a bug in the voting algorithm that could yield incorrect results
- when a non-naming authority declared too many flags. Fixes bug 9200;
- bugfix on 0.2.0.3-alpha.
- o Internal abstraction features:
- - Introduce new channel_t abstraction between circuits and
- or_connection_t to allow for implementing alternate OR-to-OR
- transports. A channel_t is an abstract object which can either be a
- cell-bearing channel, which is responsible for authenticating and
- handshaking with the remote OR and transmitting cells to and from
- it, or a listening channel, which spawns new cell-bearing channels
- at the request of remote ORs. Implements part of ticket 6465.
- - Make a channel_tls_t subclass of channel_t, adapting it to the
- existing or_connection_t code. The V2/V3 protocol handshaking
- code which formerly resided in command.c has been moved below the
- channel_t abstraction layer and may be found in channeltls.c now.
- Implements the rest of ticket 6465.
- - Introduce new circuitmux_t storing the queue of circuits for
- a channel; this encapsulates and abstracts the queue logic and
- circuit selection policy, and allows the latter to be overridden
- easily by switching out a policy object. The existing EWMA behavior
- is now implemented as a circuitmux_policy_t. Resolves ticket 6816.
- o New build requirements:
- - Tor now requires OpenSSL 0.9.8 or later. OpenSSL 1.0.0 or later is
- strongly recommended.
- - Tor maintainers now require Automake version 1.9 or later to build
- Tor from the Git repository. (Automake is not required when building
- from a source distribution.)
- o Minor features (protocol):
- - No longer include the "opt" prefix when generating routerinfos
- or v2 directories: it has been needless since Tor 0.1.2. Closes
- ticket 5124.
- - Reject EXTEND cells sent to nonexistent streams. According to the
- spec, an EXTEND cell sent to _any_ nonzero stream ID is invalid, but
- we were only checking for stream IDs that were currently in use.
- Found while hunting for more instances of bug 6271. Bugfix on
- 0.0.2pre8, which introduced incremental circuit construction.
- - Tor relays and clients now support a better CREATE/EXTEND cell
- format, allowing the sender to specify multiple address, identity,
- and handshake types. Implements Robert Ransom's proposal 200;
- closes ticket 7199.
- - Reject as invalid most directory objects containing a NUL.
- Belt-and-suspender fix for bug 8037.
- o Minor features (security):
- - Clear keys and key-derived material left on the stack in
- rendservice.c and rendclient.c. Check return value of
- crypto_pk_write_private_key_to_string() in rend_service_load_keys().
- These fixes should make us more forward-secure against cold-boot
- attacks and the like. Fixes bug 2385.
- - Use our own weak RNG when we need a weak RNG. Windows's rand() and
- Irix's random() only return 15 bits; Solaris's random() returns more
- bits but its RAND_MAX says it only returns 15, and so on. Motivated
- by the fix for bug 7801; bugfix on 0.2.2.20-alpha.
- o Minor features (control protocol):
- - Add a "GETINFO signal/names" control port command. Implements
- ticket 3842.
- - Provide default values for all options via "GETINFO config/defaults".
- Implements ticket 4971.
- - Allow an optional $ before the node identity digest in the
- controller command GETINFO ns/id/<identity>, for consistency with
- md/id/<identity> and desc/id/<identity>. Resolves ticket 7059.
- - Add CACHED keyword to ADDRMAP events in the control protocol
- to indicate whether a DNS result will be cached or not. Resolves
- ticket 8596.
- - Generate bootstrapping status update events correctly when fetching
- microdescriptors. Fixes bug 9927.
- o Minor features (path selection):
- - When deciding whether we have enough descriptors to build circuits,
- instead of looking at raw relay counts, look at which fraction
- of (bandwidth-weighted) paths we're able to build. This approach
- keeps clients from building circuits if their paths are likely to
- stand out statistically. The default fraction of paths needed is
- taken from the consensus directory; you can override it with the
- new PathsNeededToBuildCircuits option. Fixes ticket 5956.
- - When any country code is listed in ExcludeNodes or ExcludeExitNodes,
- and we have GeoIP information, also exclude all nodes with unknown
- countries "??" and "A1". This behavior is controlled by the
- new GeoIPExcludeUnknown option: you can make such nodes always
- excluded with "GeoIPExcludeUnknown 1", and disable the feature
- with "GeoIPExcludeUnknown 0". Setting "GeoIPExcludeUnknown auto"
- gets you the default behavior. Implements feature 7706.
- o Minor features (hidden services):
- - Improve circuit build timeout handling for hidden services.
- In particular: adjust build timeouts more accurately depending
- upon the number of hop-RTTs that a particular circuit type
- undergoes. Additionally, launch intro circuits in parallel
- if they timeout, and take the first one to reply as valid.
- - The Tor client now ignores sub-domain components of a .onion
- address. This change makes HTTP "virtual" hosting
- possible: http://foo.aaaaaaaaaaaaaaaa.onion/ and
- http://bar.aaaaaaaaaaaaaaaa.onion/ can be two different websites
- hosted on the same hidden service. Implements proposal 204.
- - Enable Tor to read configuration, state, and key information from
- a FIFO. Previously Tor would only read from files with a positive
- stat.st_size. Code from meejah; fixes bug 6044.
- o Minor features (clients):
- - Teach bridge-using clients to avoid 0.2.2.x bridges when making
- microdescriptor-related dir requests, and only fall back to normal
- descriptors if none of their bridges can handle microdescriptors
- (as opposed to the fix in ticket 4013, which caused them to fall
- back to normal descriptors if *any* of their bridges preferred
- them). Resolves ticket 4994.
- - Tweak tor-fw-helper to accept an arbitrary amount of arbitrary
- TCP ports to forward. In the past it only accepted two ports:
- the ORPort and the DirPort.
- o Minor features (protecting client timestamps):
- - Clients no longer send timestamps in their NETINFO cells. These were
- not used for anything, and they provided one small way for clients
- to be distinguished from each other as they moved from network to
- network or behind NAT. Implements part of proposal 222.
- - Clients now round timestamps in INTRODUCE cells down to the nearest
- 10 minutes. If a new Support022HiddenServices option is set to 0, or
- if it's set to "auto" and the feature is disabled in the consensus,
- the timestamp is sent as 0 instead. Implements part of proposal 222.
- - Stop sending timestamps in AUTHENTICATE cells. This is not such
- a big deal from a security point of view, but it achieves no actual
- good purpose, and isn't needed. Implements part of proposal 222.
- - Reduce down accuracy of timestamps in hidden service descriptors.
- Implements part of proposal 222.
- o Minor features (bridges):
- - Make bridge relays check once a minute for whether their IP
- address has changed, rather than only every 15 minutes. Resolves
- bugs 1913 and 1992.
- - Bridge statistics now count bridge clients connecting over IPv6:
- bridge statistics files now list "bridge-ip-versions" and
- extra-info documents list "geoip6-db-digest". The control protocol
- "CLIENTS_SEEN" and "ip-to-country" queries now support IPv6. Initial
- implementation by "shkoo", addressing ticket 5055.
- - Add a new torrc option "ServerTransportListenAddr" to let bridge
- operators select the address where their pluggable transports will
- listen for connections. Resolves ticket 7013.
- - Randomize the lifetime of our SSL link certificate, so censors can't
- use the static value for filtering Tor flows. Resolves ticket 8443;
- related to ticket 4014 which was included in 0.2.2.33.
- o Minor features (relays):
- - Option OutboundBindAddress can be specified multiple times and
- accepts IPv6 addresses. Resolves ticket 6876.
- o Minor features (IPv6, client side):
- - AutomapHostsOnResolve now supports IPv6 addresses. By default, we
- prefer to hand out virtual IPv6 addresses, since there are more of
- them and we can't run out. To override this behavior and make IPv4
- addresses preferred, set NoPreferIPv6Automap on whatever SOCKSPort
- or DNSPort you're using for resolving. Implements ticket 7571.
- - AutomapHostsOnResolve responses are now randomized, to avoid
- annoying situations where Tor is restarted and applications
- connect to the wrong addresses.
- - Never try more than 1000 times to pick a new virtual address when
- AutomapHostsOnResolve is set. That's good enough so long as we
- aren't close to handing out our entire virtual address space;
- if you're getting there, it's best to switch to IPv6 virtual
- addresses anyway.
- o Minor features (IPv6, relay/authority side):
- - New config option "AuthDirHasIPv6Connectivity 1" that directory
- authorities should set if they have IPv6 connectivity and want to
- do reachability tests for IPv6 relays. Implements feature 5974.
- - A relay with an IPv6 OR port now sends that address in NETINFO
- cells (in addition to its other address). Implements ticket 6364.
- o Minor features (directory authorities):
- - Directory authorities no long accept descriptors for any version of
- Tor before 0.2.2.35, or for any 0.2.3 release before 0.2.3.10-alpha.
- These versions are insecure, unsupported, or both. Implements
- ticket 6789.
- - When directory authorities are computing thresholds for flags,
- never let the threshold for the Fast flag fall below 4096
- bytes. Also, do not consider nodes with extremely low bandwidths
- when deciding thresholds for various directory flags. This change
- should raise our threshold for Fast relays, possibly in turn
- improving overall network performance; see ticket 1854. Resolves
- ticket 8145.
- - Directory authorities now include inside each vote a statement of
- the performance thresholds they used when assigning flags.
- Implements ticket 8151.
- - Add an "ignoring-advertised-bws" boolean to the flag-threshold lines
- in directory authority votes to describe whether they have enough
- measured bandwidths to ignore advertised (relay descriptor)
- bandwidth claims. Resolves ticket 8711.
- o Minor features (path bias detection):
- - Path Use Bias: Perform separate accounting for successful circuit
- use. Keep separate statistics on stream attempt rates versus stream
- success rates for each guard. Provide configurable thresholds to
- determine when to emit log messages or disable use of guards that
- fail too many stream attempts. Resolves ticket 7802.
- - Create three levels of Path Bias log messages, as opposed to just
- two. These are configurable via consensus as well as via the torrc
- options PathBiasNoticeRate, PathBiasWarnRate, PathBiasExtremeRate.
- The default values are 0.70, 0.50, and 0.30 respectively.
- - Separate the log message levels from the decision to drop guards,
- which also is available via torrc option PathBiasDropGuards.
- PathBiasDropGuards still defaults to 0 (off).
- - Deprecate PathBiasDisableRate in favor of PathBiasDropGuards
- in combination with PathBiasExtremeRate.
- - Increase the default values for PathBiasScaleThreshold and
- PathBiasCircThreshold from (200, 20) to (300, 150).
- - Add in circuit usage accounting to path bias. If we try to use a
- built circuit but fail for any reason, it counts as path bias.
- Certain classes of circuits where the adversary gets to pick your
- destination node are exempt from this accounting. Usage accounting
- can be specifically disabled via consensus parameter or torrc.
- - Convert all internal path bias state to double-precision floating
- point, to avoid roundoff error and other issues.
- - Only record path bias information for circuits that have completed
- *two* hops. Assuming end-to-end tagging is the attack vector, this
- makes us more resilient to ambient circuit failure without any
- detection capability loss.
- o Minor features (build):
- - Tor now builds correctly on Bitrig, an OpenBSD fork. Patch from
- dhill. Resolves ticket 6982.
- - Compile on win64 using mingw64. Fixes bug 7260; patches from
- "yayooo".
- - Work correctly on Unix systems where EAGAIN and EWOULDBLOCK are
- separate error codes; or at least, don't break for that reason.
- Fixes bug 7935. Reported by "oftc_must_be_destroyed".
- o Build improvements (autotools):
- - Warn if building on a platform with an unsigned time_t: there
- are too many places where Tor currently assumes that time_t can
- hold negative values. We'd like to fix them all, but probably
- some will remain.
- - Do not report status verbosely from autogen.sh unless the -v flag
- is specified. Fixes issue 4664. Patch from Onizuka.
- - Detect and reject attempts to build Tor with threading support
- when OpenSSL has been compiled without threading support.
- Fixes bug 6673.
- - Try to detect if we are ever building on a platform where
- memset(...,0,...) does not set the value of a double to 0.0. Such
- platforms are permitted by the C standard, though in practice
- they're pretty rare (since IEEE 754 is nigh-ubiquitous). We don't
- currently support them, but it's better to detect them and fail
- than to perform erroneously.
- - We no longer warn so much when generating manpages from their
- asciidoc source.
- - Use Ville Laurikari's implementation of AX_CHECK_SIGN() to determine
- the signs of types during autoconf. This is better than our old
- approach, which didn't work when cross-compiling.
- o Minor features (log messages, warnings):
- - Detect when we're running with a version of OpenSSL other than the
- one we compiled with. This conflict has occasionally given people
- hard-to-track-down errors.
- - Warn users who run hidden services on a Tor client with
- UseEntryGuards disabled that their hidden services will be
- vulnerable to http://freehaven.net/anonbib/#hs-attack06 (the
- attack which motivated Tor to support entry guards in the first
- place). Resolves ticket 6889.
- - Warn when we are binding low ports when hibernation is enabled;
- previously we had warned when we were _advertising_ low ports with
- hibernation enabled. Fixes bug 7285; bugfix on 0.2.3.9-alpha.
- - Issue a warning when running with the bufferevents backend enabled.
- It's still not stable, and people should know that they're likely
- to hit unexpected problems. Closes ticket 9147.
- o Minor features (log messages, notices):
- - Refactor resolve_my_address() so it returns the method by which we
- decided our public IP address (explicitly configured, resolved from
- explicit hostname, guessed from interfaces, learned by gethostname).
- Now we can provide more helpful log messages when a relay guesses
- its IP address incorrectly (e.g. due to unexpected lines in
- /etc/hosts). Resolves ticket 2267.
- - Track how many "TAP" and "NTor" circuit handshake requests we get,
- and how many we complete, and log it every hour to help relay
- operators follow trends in network load. Addresses ticket 9658.
- o Minor features (log messages, diagnostics):
- - If we fail to free a microdescriptor because of bug 7164, log
- the filename and line number from which we tried to free it.
- - We compute the overhead from passing onionskins back and forth to
- cpuworkers, and report it when dumping statistics in response to
- SIGUSR1. Supports ticket 7291.
- - Add another diagnostic to the heartbeat message: track and log
- overhead that TLS is adding to the data we write. If this is
- high, we are sending too little data to SSL_write at a time.
- Diagnostic for bug 7707.
- - Log packaged cell fullness as part of the heartbeat message.
- Diagnosis to try to determine the extent of bug 7743.
- - Add more detail to a log message about relaxed timeouts, to help
- track bug 7799.
- - When learning a fingerprint for a bridge, log its corresponding
- transport type. Implements ticket 7896.
- - Warn more aggressively when flushing microdescriptors to a
- microdescriptor cache fails, in an attempt to mitigate bug 8031,
- or at least make it more diagnosable.
- - Improve the log message when "Bug/attack: unexpected sendme cell
- from client" occurs, to help us track bug 8093.
- - Improve debugging output to help track down bug 8185 ("Bug:
- outgoing relay cell has n_chan==NULL. Dropping.")
- o Minor features (log messages, quieter bootstrapping):
- - Log fewer lines at level "notice" about our OpenSSL and Libevent
- versions and capabilities when everything is going right. Resolves
- part of ticket 6736.
- - Omit the first heartbeat log message, because it never has anything
- useful to say, and it clutters up the bootstrapping messages.
- Resolves ticket 6758.
- - Don't log about reloading the microdescriptor cache at startup. Our
- bootstrap warnings are supposed to tell the user when there's a
- problem, and our bootstrap notices say when there isn't. Resolves
- ticket 6759; bugfix on 0.2.2.6-alpha.
- - Don't log "I learned some more directory information" when we're
- reading cached directory information. Reserve it for when new
- directory information arrives in response to a fetch. Resolves
- ticket 6760.
- - Don't complain about bootstrapping problems while hibernating.
- These complaints reflect a general code problem, but not one
- with any problematic effects (no connections are actually
- opened). Fixes part of bug 7302; bugfix on 0.2.3.2-alpha.
- o Minor features (testing):
- - In our testsuite, create temporary directories with a bit more
- entropy in their name to make name collisions less likely. Fixes
- bug 8638.
- - Add benchmarks for DH (1024-bit multiplicative group) and ECDH
- (P-256) Diffie-Hellman handshakes to src/or/bench.
- - Add benchmark functions to test onion handshake performance.
- o Renamed options:
- - The DirServer option is now DirAuthority, for consistency with
- current naming patterns. You can still use the old DirServer form.
- o Minor bugfixes (protocol):
- - Fix the handling of a TRUNCATE cell when it arrives while the
- circuit extension is in progress. Fixes bug 7947; bugfix on 0.0.7.1.
- - When a Tor client gets a "truncated" relay cell, the first byte of
- its payload specifies why the circuit was truncated. We were
- ignoring this 'reason' byte when tearing down the circuit, resulting
- in the controller not being told why the circuit closed. Now we
- pass the reason from the truncated cell to the controller. Bugfix
- on 0.1.2.3-alpha; fixes bug 7039.
- - Fix a misframing issue when reading the version numbers in a
- VERSIONS cell. Previously we would recognize [00 01 00 02] as
- 'version 1, version 2, and version 0x100', when it should have
- only included versions 1 and 2. Fixes bug 8059; bugfix on
- 0.2.0.10-alpha. Reported pseudonymously.
- - Make the format and order of STREAM events for DNS lookups
- consistent among the various ways to launch DNS lookups. Fixes
- bug 8203; bugfix on 0.2.0.24-rc. Patch by "Desoxy".
- o Minor bugfixes (syscalls and disk interaction):
- - Always check the return values of functions fcntl() and
- setsockopt(). We don't believe these are ever actually failing in
- practice, but better safe than sorry. Also, checking these return
- values should please analysis tools like Coverity. Patch from
- 'flupzor'. Fixes bug 8206; bugfix on all versions of Tor.
- - Avoid double-closing the listener socket in our socketpair()
- replacement (used on Windows) in the case where the addresses on
- our opened sockets don't match what we expected. Fixes bug 9400;
- bugfix on 0.0.2pre7. Found by Coverity.
- - Correctly store microdescriptors and extrainfo descriptors that
- include an internal NUL byte. Fixes bug 8037; bugfix on
- 0.2.0.1-alpha. Bug reported by "cypherpunks".
- - If for some reason we fail to write a microdescriptor while
- rebuilding the cache, do not let the annotations from that
- microdescriptor linger in the cache file, and do not let the
- microdescriptor stay recorded as present in its old location.
- Fixes bug 9047; bugfix on 0.2.2.6-alpha.
- - Use direct writes rather than stdio when building microdescriptor
- caches, in an attempt to mitigate bug 8031, or at least make it
- less common.
- o Minor fixes (config options):
- - Warn and fail if a server is configured not to advertise any
- ORPorts at all. (We need *something* to put in our descriptor,
- or we just won't work.)
- - Behave correctly when the user disables LearnCircuitBuildTimeout
- but doesn't tell us what they would like the timeout to be. Fixes
- bug 6304; bugfix on 0.2.2.14-alpha.
- - Rename the (internal-use-only) UsingTestingNetworkDefaults option
- to start with a triple-underscore so the controller won't touch it.
- Patch by Meejah. Fixes bug 3155. Bugfix on 0.2.2.23-alpha.
- - Rename the (testing-use-only) _UseFilteringSSLBufferevents option
- so it doesn't start with _. Fixes bug 3155. Bugfix on 0.2.3.1-alpha.
- - When autodetecting the number of CPUs, use the number of available
- CPUs in preference to the number of configured CPUs. Inform the
- user if this reduces the number of available CPUs. Fixes bug 8002;
- bugfix on 0.2.3.1-alpha.
- - Command-line option "--version" implies "--quiet". Fixes bug 6997.
- - Make it an error when you set EntryNodes but disable UseGuardNodes,
- since it will (surprisingly to some users) ignore EntryNodes. Fixes
- bug 8180; bugfix on 0.2.3.11-alpha.
- - Avoid overflows when the user sets MaxCircuitDirtiness to a
- ridiculously high value, by imposing a (ridiculously high) 30-day
- maximum on MaxCircuitDirtiness.
- o Minor bugfixes (control protocol):
- - Stop sending a stray "(null)" in some cases for the server status
- "EXTERNAL_ADDRESS" controller event. Resolves bug 8200; bugfix
- on 0.1.2.6-alpha.
- - The ADDRMAP command can no longer generate an ill-formed error
- code on a failed MAPADDRESS. It now says "internal" rather than
- an English sentence fragment with spaces in the middle. Bugfix on
- Tor 0.2.0.19-alpha.
- o Minor bugfixes (clients / edges):
- - When we receive a RELAY_END cell with the reason DONE, or with no
- reason, before receiving a RELAY_CONNECTED cell, report the SOCKS
- status as "connection refused". Previously we reported these cases
- as success but then immediately closed the connection. Fixes bug
- 7902; bugfix on 0.1.0.1-rc. Reported by "oftc_must_be_destroyed".
- - If the guard we choose first doesn't answer, we would try the
- second guard, but once we connected to the second guard we would
- abandon it and retry the first one, slowing down bootstrapping.
- The fix is to treat all our initially chosen guards as acceptable
- to use. Fixes bug 9946; bugfix on 0.1.1.11-alpha.
- - When choosing which stream on a formerly stalled circuit to wake
- first, make better use of the platform's weak RNG. Previously,
- we had been using the % ("modulo") operator to try to generate a
- 1/N chance of picking each stream, but this behaves badly with
- many platforms' choice of weak RNG. Fixes bug 7801; bugfix on
- 0.2.2.20-alpha.
- o Minor bugfixes (path bias detection):
- - If the state file's path bias counts are invalid (presumably from a
- buggy Tor prior to 0.2.4.10-alpha), make them correct. Also add
- additional checks and log messages to the scaling of Path Bias
- counts, in case there still are remaining issues with scaling.
- Should help resolve bug 8235.
- - Prevent rounding error in path bias counts when scaling
- them down, and use the correct scale factor default. Also demote
- some path bias related log messages down a level and make others
- less scary sounding. Fixes bug 6647. Bugfix on 0.2.3.17-beta.
- - Remove a source of rounding error during path bias count scaling;
- don't count cannibalized circuits as used for path bias until we
- actually try to use them; and fix a circuit_package_relay_cell()
- warning message about n_chan==NULL. Fixes bug 7802.
- - Paste the description for PathBias parameters from the man
- page into or.h, so the code documents them too. Fixes bug 7982;
- bugfix on 0.2.3.17-beta.
- o Minor bugfixes (relays):
- - Stop trying to resolve our hostname so often (e.g. every time we
- think about doing a directory fetch). Now we reuse the cached
- answer in some cases. Fixes bugs 1992 (bugfix on 0.2.0.20-rc)
- and 2410 (bugfix on 0.1.2.2-alpha).
- - When examining the list of network interfaces to find our address,
- do not consider non-running or disabled network interfaces. Fixes
- bug 9904; bugfix on 0.2.3.11-alpha. Patch from "hantwister".
- o Minor bugfixes (blocking resistance):
- - Only disable TLS session ticket support when running as a TLS
- server. Now clients will blend better with regular Firefox
- connections. Fixes bug 7189; bugfix on Tor 0.2.3.23-rc.
- o Minor bugfixes (IPv6):
- - Use square brackets around IPv6 addresses in numerous places
- that needed them, including log messages, HTTPS CONNECT proxy
- requests, TransportProxy statefile entries, and pluggable transport
- extra-info lines. Fixes bug 7011; patch by David Fifield.
- o Minor bugfixes (directory authorities):
- - Reject consensus votes with more than 64 known-flags. We aren't even
- close to that limit yet, and our code doesn't handle it correctly.
- Fixes bug 6833; bugfix on 0.2.0.1-alpha.
- - Correctly handle votes with more than 31 flags. Fixes bug 6853;
- bugfix on 0.2.0.3-alpha.
- o Minor bugfixes (memory leaks):
- - Avoid leaking memory if we fail to compute a consensus signature
- or we generate a consensus we can't parse. Bugfix on 0.2.0.5-alpha.
- - Fix a memory leak when receiving headers from an HTTPS proxy. Bugfix
- on 0.2.1.1-alpha; fixes bug 7816.
- - Fix a memory leak during safe-cookie controller authentication.
- Bugfix on 0.2.3.13-alpha; fixes bug 7816.
- - Free some more still-in-use memory at exit, to make hunting for
- memory leaks easier. Resolves bug 7029.
- o Minor bugfixes (code correctness):
- - Increase the width of the field used to remember a connection's
- link protocol version to two bytes. Harmless for now, since the
- only currently recognized versions are one byte long. Reported
- pseudonymously. Fixes bug 8062; bugfix on 0.2.0.10-alpha.
- - Fix a crash when debugging unit tests on Windows: deallocate a
- shared library with FreeLibrary, not CloseHandle. Fixes bug 7306;
- bugfix on 0.2.2.17-alpha. Reported by "ultramage".
- - When detecting the largest possible file descriptor (in order to
- close all file descriptors when launching a new program), actually
- use _SC_OPEN_MAX. The old code for doing this was very, very broken.
- Fixes bug 8209; bugfix on 0.2.3.1-alpha. Found by Coverity; this
- is CID 743383.
- - Avoid a crash if we fail to generate an extrainfo descriptor.
- Fixes bug 8208; bugfix on 0.2.3.16-alpha. Found by Coverity;
- this is CID 718634.
- - Avoid an off-by-one error when checking buffer boundaries when
- formatting the exit status of a pluggable transport helper.
- This is probably not an exploitable bug, but better safe than
- sorry. Fixes bug 9928; bugfix on 0.2.3.18-rc. Bug found by
- Pedro Ribeiro.
- - Get rid of a couple of harmless clang warnings, where we compared
- enums to ints. These warnings are newly introduced in clang 3.2.
- o Minor bugfixes (code cleanliness):
- - Avoid use of reserved identifiers in our C code. The C standard
- doesn't like us declaring anything that starts with an
- underscore, so let's knock it off before we get in trouble. Fix
- for bug 1031; bugfix on the first Tor commit.
- - Fix round_to_power_of_2() so it doesn't invoke undefined behavior
- with large values. This situation was untriggered, but nevertheless
- incorrect. Fixes bug 6831; bugfix on 0.2.0.1-alpha.
- - Fix an impossible buffer overrun in the AES unit tests. Fixes
- bug 8845; bugfix on 0.2.0.7-alpha. Found by eugenis.
- - Fix handling of rendezvous client authorization types over 8.
- Fixes bug 6861; bugfix on 0.2.1.5-alpha.
- - Remove a couple of extraneous semicolons that were upsetting the
- cparser library. Patch by Christian Grothoff. Fixes bug 7115;
- bugfix on 0.2.2.1-alpha.
- - When complaining about a client port on a public address, log
- which address we're complaining about. Fixes bug 4020; bugfix on
- 0.2.3.3-alpha. Patch by Tom Fitzhenry.
- o Minor bugfixes (log messages, warnings):
- - If we encounter a write failure on a SOCKS connection before we
- finish our SOCKS handshake, don't warn that we closed the
- connection before we could send a SOCKS reply. Fixes bug 8427;
- bugfix on 0.1.0.1-rc.
- - Fix a directory authority warn caused when we have a large amount
- of badexit bandwidth. Fixes bug 8419; bugfix on 0.2.2.10-alpha.
- - Downgrade "Failed to hand off onionskin" messages to "debug"
- severity, since they're typically redundant with the "Your computer
- is too slow" messages. Fixes bug 7038; bugfix on 0.2.2.16-alpha.
- - Avoid spurious warnings when configuring multiple client ports of
- which only some are nonlocal. Previously, we had claimed that some
- were nonlocal when in fact they weren't. Fixes bug 7836; bugfix on
- 0.2.3.3-alpha.
- o Minor bugfixes (log messages, other):
- - Fix log messages and comments to avoid saying "GMT" when we mean
- "UTC". Fixes bug 6113.
- - When rejecting a configuration because we were unable to parse a
- quoted string, log an actual error message. Fixes bug 7950; bugfix
- on 0.2.0.16-alpha.
- - Correctly recognize that [::1] is a loopback address. Fixes
- bug 8377; bugfix on 0.2.1.3-alpha.
- - Don't log inappropriate heartbeat messages when hibernating: a
- hibernating node is _expected_ to drop out of the consensus,
- decide it isn't bootstrapped, and so forth. Fixes bug 7302;
- bugfix on 0.2.3.1-alpha.
- - Eliminate several instances where we use "Nickname=ID" to refer to
- nodes in logs. Use "Nickname (ID)" instead. (Elsewhere, we still use
- "$ID=Nickname", which is also acceptable.) Fixes bug 7065. Bugfix
- on 0.2.3.21-rc.
- o Minor bugfixes (build):
- - Fix some bugs in tor-fw-helper-natpmp when trying to build and
- run it on Windows. More bugs likely remain. Patch from Gisle Vanem.
- Fixes bug 7280; bugfix on 0.2.3.1-alpha.
- o Documentation fixes:
- - Make the torify manpage no longer refer to tsocks; torify hasn't
- supported tsocks since 0.2.3.14-alpha.
- - Make the tor manpage no longer reference tsocks.
- - Fix the GeoIPExcludeUnknown documentation to refer to
- ExcludeExitNodes rather than the currently nonexistent
- ExcludeEntryNodes. Spotted by "hamahangi" on tor-talk.
- - Resolve a typo in torrc.sample.in. Fixes bug 6819; bugfix on
- 0.2.3.14-alpha.
- - Say "KBytes" rather than "KB" in the man page (for various values
- of K), to further reduce confusion about whether Tor counts in
- units of memory or fractions of units of memory. Resolves ticket 7054.
- - Update tor-fw-helper.1.txt and tor-fw-helper.c to make option
- names match. Fixes bug 7768.
- - Fix the documentation of HeartbeatPeriod to say that the heartbeat
- message is logged at notice, not at info.
- - Clarify the usage and risks of setting the ContactInfo torrc line
- for your relay or bridge. Resolves ticket 9854.
- - Add anchors to the manpage so we can link to the html version of
- the documentation for specific options. Resolves ticket 9866.
- - Replace remaining references to DirServer in man page and
- log entries. Resolves ticket 10124.
- o Removed features:
- - Stop exporting estimates of v2 and v3 directory traffic shares
- in extrainfo documents. They were unneeded and sometimes inaccurate.
- Also stop exporting any v2 directory request statistics. Resolves
- ticket 5823.
- - Drop support for detecting and warning about versions of Libevent
- before 1.3e. Nothing reasonable ships with them any longer; warning
- the user about them shouldn't be needed. Resolves ticket 6826.
- - Now that all versions before 0.2.2.x are disallowed, we no longer
- need to work around their missing features. Remove a bunch of
- compatibility code.
- o Removed files:
- - The tor-tsocks.conf is no longer distributed or installed. We
- recommend that tsocks users use torsocks instead. Resolves
- ticket 8290.
- - Remove some of the older contents of doc/ as obsolete; move others
- to torspec.git. Fixes bug 8965.
- o Code simplification:
- - Avoid using character buffers when constructing most directory
- objects: this approach was unwieldy and error-prone. Instead,
- build smartlists of strings, and concatenate them when done.
- - Rename "isin" functions to "contains", for grammar. Resolves
- ticket 5285.
- - Rename Tor's logging function log() to tor_log(), to avoid conflicts
- with the natural logarithm function from the system libm. Resolves
- ticket 7599.
- - Start using OpenBSD's implementation of queue.h, so that we don't
- need to hand-roll our own pointer and list structures whenever we
- need them. (We can't rely on a sys/queue.h, since some operating
- systems don't have them, and the ones that do have them don't all
- present the same extensions.)
- - Start using OpenBSD's implementation of queue.h (originally by
- Niels Provos).
- - Enhance our internal sscanf replacement so that we can eliminate
- the last remaining uses of the system sscanf. (Though those uses
- of sscanf were safe, sscanf itself is generally error prone, so
- we want to eliminate when we can.) Fixes ticket 4195 and Coverity
- CID 448.
- - Replace all calls to snprintf() outside of src/ext with
- tor_snprintf(). Also remove the #define to replace snprintf with
- _snprintf on Windows; they have different semantics, and all of
- our callers should be using tor_snprintf() anyway. Fixes bug 7304.
- o Refactoring:
- - Add a wrapper function for the common "log a message with a
- rate-limit" case.
- - Split the onion.c file into separate modules for the onion queue
- and the different handshakes it supports.
- - Move the client-side address-map/virtual-address/DNS-cache code
- out of connection_edge.c into a new addressmap.c module.
- - Move the entry node code from circuitbuild.c to its own file.
- - Move the circuit build timeout tracking code from circuitbuild.c
- to its own file.
- - Source files taken from other packages now reside in src/ext;
- previously they were scattered around the rest of Tor.
- - Move the generic "config" code into a new file, and have "config.c"
- hold only torrc- and state-related code. Resolves ticket 6823.
- - Move the core of our "choose a weighted element at random" logic
- into its own function, and give it unit tests. Now the logic is
- testable, and a little less fragile too.
- - Move ipv6_preferred from routerinfo_t to node_t. Addresses bug 4620.
- - Move last_reachable and testing_since from routerinfo_t to node_t.
- Implements ticket 5529.
- - Add replaycache_t structure, functions and unit tests, then refactor
- rend_service_introduce() to be more clear to read, improve, debug,
- and test. Resolves bug 6177.
- o Removed code:
- - Remove some now-needless code that tried to aggressively flush
- OR connections as data was added to them. Since 0.2.0.1-alpha, our
- cell queue logic has saved us from the failure mode that this code
- was supposed to prevent. Removing this code will limit the number
- of baroque control flow paths through Tor's network logic. Reported
- pseudonymously on IRC. Fixes bug 6468; bugfix on 0.2.0.1-alpha.
- - Remove unused code for parsing v1 directories and "running routers"
- documents. Fixes bug 6887.
- - Remove the marshalling/unmarshalling code for sending requests to
- cpuworkers over a socket, and instead just send structs. The
- recipient will always be the same Tor binary as the sender, so
- any encoding is overkill.
- - Remove the testing_since field of node_t, which hasn't been used
- for anything since 0.2.0.9-alpha.
- - Finally remove support for malloc_good_size and malloc_usable_size.
- We had hoped that these functions would let us eke a little more
- memory out of our malloc implementation. Unfortunately, the only
- implementations that provided these functions are also ones that
- are already efficient about not overallocation: they never got us
- more than 7 or so bytes per allocation. Removing them saves us a
- little code complexity and a nontrivial amount of build complexity.
- Changes in version 0.2.3.25 - 2012-11-19
- The Tor 0.2.3 release series is dedicated to the memory of Len "rabbi"
- Sassaman (1980-2011), a long-time cypherpunk, anonymity researcher,
- Mixmaster maintainer, Pynchon Gate co-designer, CodeCon organizer,
- programmer, and friend. Unstinting in his dedication to the cause of
- freedom, he inspired and helped many of us as we began our work on
- anonymity, and inspires us still. Please honor his memory by writing
- software to protect people's freedoms, and by helping others to do so.
- Tor 0.2.3.25, the first stable release in the 0.2.3 branch, features
- significantly reduced directory overhead (via microdescriptors),
- enormous crypto performance improvements for fast relays on new
- enough hardware, a new v3 TLS handshake protocol that can better
- resist fingerprinting, support for protocol obfuscation plugins (aka
- pluggable transports), better scalability for hidden services, IPv6
- support for bridges, performance improvements like allowing clients
- to skip the first round-trip on the circuit ("optimistic data") and
- refilling token buckets more often, a new "stream isolation" design
- to isolate different applications on different circuits, and many
- stability, security, and privacy fixes.
- Major features (v3 directory protocol):
- - Clients now use microdescriptors instead of regular descriptors
- to build circuits. Microdescriptors are authority-generated
- summaries of regular descriptors' contents, designed to change very
- rarely (see proposal 158 for details). This feature is designed
- to save bandwidth, especially for clients on slow internet
- connections. Use "UseMicrodescriptors 0" to disable it.
- - Caches now download, cache, and serve microdescriptors, as well
- as multiple "flavors" of the consensus, including a flavor that
- describes microdescriptors.
- o Major features (build hardening):
- - Enable gcc and ld hardening by default. Resolves ticket 5210.
- o Major features (relay scaling):
- - When built to use OpenSSL 1.0.1, and built for an x86 or x86_64
- instruction set, take advantage of OpenSSL's AESNI, bitsliced, or
- vectorized AES implementations as appropriate. These can be much,
- much faster than other AES implementations.
- - When using OpenSSL 1.0.0 or later, use OpenSSL's counter mode
- implementation. It makes AES_CTR about 7% faster than our old one
- (which was about 10% faster than the one OpenSSL used to provide).
- Resolves ticket 4526.
- - Use OpenSSL's EVP interface for AES encryption, so that all AES
- operations can use hardware acceleration (if present). Resolves
- ticket 4442.
- - Unconditionally use OpenSSL's AES implementation instead of our
- old built-in one. OpenSSL's AES has been better for a while, and
- relatively few servers should still be on any version of OpenSSL
- that doesn't have good optimized assembly AES.
- o Major features (blocking resistance):
- - Update TLS cipher list to match Firefox 8 and later. Resolves
- ticket 4744.
- - Remove support for clients falsely claiming to support standard
- ciphersuites that they can actually provide. As of modern OpenSSL
- versions, it's not necessary to fake any standard ciphersuite,
- and doing so prevents us from using better ciphersuites in the
- future, since servers can't know whether an advertised ciphersuite
- is really supported or not. Some hosts -- notably, ones with very
- old versions of OpenSSL or where OpenSSL has been built with ECC
- disabled -- will stand out because of this change; TBB users should
- not be affected. Implements the client side of proposal 198.
- - Implement a new handshake protocol (v3) for authenticating Tors to
- each other over TLS. It should be more resistant to fingerprinting
- than previous protocols, and should require less TLS hacking for
- future Tor implementations. Implements proposal 176.
- - Allow variable-length padding cells, to disguise the length of
- Tor's TLS records. Implements part of proposal 184.
- - While we're trying to bootstrap, record how many TLS connections
- fail in each state, and report which states saw the most failures
- in response to any bootstrap failures. This feature may speed up
- diagnosis of censorship events. Implements ticket 3116.
- o Major features (pluggable transports):
- - Clients and bridges can now be configured to use a separate
- "transport" proxy. This approach makes the censorship arms race
- easier by allowing bridges to use protocol obfuscation plugins.
- Implements proposal 180 (tickets 2841 and 3472).
- o Major features (DoS resistance):
- - Now that Tor 0.2.0.x is completely deprecated, enable the final
- part of "Proposal 110: Avoiding infinite length circuits" by
- refusing all circuit-extend requests that do not use a relay_early
- cell. This change helps Tor resist a class of denial-of-service
- attacks by limiting the maximum circuit length.
- - Tear down the circuit if we get an unexpected SENDME cell. Clients
- could use this trick to make their circuits receive cells faster
- than our flow control would have allowed, or to gum up the network,
- or possibly to do targeted memory denial-of-service attacks on
- entry nodes. Fixes bug 6252. Bugfix on the 54th commit on Tor --
- from July 2002, before the release of Tor 0.0.0.
- o Major features (hidden services):
- - Adjust the number of introduction points that a hidden service
- will try to maintain based on how long its introduction points
- remain in use and how many introductions they handle. Fixes
- part of bug 3825.
- - Add a "tor2web mode" for clients that want to connect to hidden
- services non-anonymously (and possibly more quickly). As a safety
- measure to try to keep users from turning this on without knowing
- what they are doing, tor2web mode must be explicitly enabled at
- compile time, and a copy of Tor compiled to run in tor2web mode
- cannot be used as a normal Tor client. Implements feature 2553.
- o Major features (IPv6):
- - Clients can now connect to private bridges over IPv6. Bridges
- still need at least one IPv4 address in order to connect to
- other relays. Note that we don't yet handle the case where the
- user has two bridge lines for the same bridge (one IPv4, one
- IPv6). Implements parts of proposal 186.
- o Major features (directory authorities):
- - Use a more secure consensus parameter voting algorithm. Now at
- least three directory authorities or a majority of them must
- vote on a given parameter before it will be included in the
- consensus. Implements proposal 178.
- - Remove the artificially low cutoff of 20KB to guarantee the Fast
- flag. In the past few years the average relay speed has picked
- up, and while the "top 7/8 of the network get the Fast flag" and
- "all relays with 20KB or more of capacity get the Fast flag" rules
- used to have the same result, now the top 7/8 of the network has
- a capacity more like 32KB. Bugfix on 0.2.1.14-rc. Fixes bug 4489.
- o Major features (performance):
- - Exit nodes now accept and queue data on not-yet-connected streams.
- Previously, the client wasn't allowed to send data until the
- stream was connected, which slowed down all connections. This
- change will enable clients to perform a "fast-start" on streams
- and send data without having to wait for a confirmation that the
- stream has opened. Patch from Ian Goldberg; implements the server
- side of Proposal 174.
- - When using an exit relay running 0.2.3.x, clients can now
- "optimistically" send data before the exit relay reports that
- the stream has opened. This saves a round trip when starting
- connections where the client speaks first (such as web browsing).
- This behavior is controlled by a consensus parameter (currently
- disabled). To turn it on or off manually, use the "OptimisticData"
- torrc option. Implements proposal 181; code by Ian Goldberg.
- - Add a new TokenBucketRefillInterval option to refill token buckets
- more frequently than once per second. This should improve network
- performance, alleviate queueing problems, and make traffic less
- bursty. Implements proposal 183; closes ticket 3630. Design by
- Florian Tschorsch and Björn Scheuermann; implementation by
- Florian Tschorsch.
- - Raise the threshold of server descriptors needed (75%) and exit
- server descriptors needed (50%) before we will declare ourselves
- bootstrapped. This will make clients start building circuits a
- little later, but makes the initially constructed circuits less
- skewed and less in conflict with further directory fetches. Fixes
- ticket 3196.
- o Major features (relays):
- - Relays now try regenerating and uploading their descriptor more
- frequently if they are not listed in the consensus, or if the
- version of their descriptor listed in the consensus is too
- old. This fix should prevent situations where a server declines
- to re-publish itself because it has done so too recently, even
- though the authorities decided not to list its recent-enough
- descriptor. Fix for bug 3327.
- o Major features (stream isolation):
- - You can now configure Tor so that streams from different
- applications are isolated on different circuits, to prevent an
- attacker who sees your streams as they leave an exit node from
- linking your sessions to one another. To do this, choose some way
- to distinguish the applications: have them connect to different
- SocksPorts, or have one of them use SOCKS4 while the other uses
- SOCKS5, or have them pass different authentication strings to the
- SOCKS proxy. Then, use the new SocksPort syntax to configure the
- degree of isolation you need. This implements Proposal 171.
- - There's a new syntax for specifying multiple client ports (such as
- SOCKSPort, TransPort, DNSPort, NATDPort): you can now just declare
- multiple *Port entries with full addr:port syntax on each.
- The old *ListenAddress format is still supported, but you can't
- mix it with the new *Port syntax.
- o Major features (bufferevents):
- - Tor can now optionally build with the "bufferevents" buffered IO
- backend provided by Libevent 2. To use this feature, make sure you
- have the latest possible version of Libevent, and pass the
- --enable-bufferevents flag to configure when building Tor from
- source. This feature will make our networking code more flexible,
- let us stack layers on each other, and let us use more efficient
- zero-copy transports where available.
- - Add experimental support for running on Windows with IOCP and no
- kernel-space socket buffers. This feature is controlled by a new
- "UserspaceIOCPBuffers" config option (off by default), which has
- no effect unless Tor has been built with bufferevents enabled,
- you're running on Windows, and you've set "DisableIOCP 0". In the
- long run, this may help solve or mitigate bug 98.
- o Major features (path selection):
- - The EntryNodes option can now include country codes like {de} or IP
- addresses or network masks. Previously we had disallowed these
- options because we didn't have an efficient way to keep the list up
- to date. Addresses ticket 1982, but see bug 2798 for an unresolved
- issue here.
- o Major features (port forwarding):
- - Add support for automatic port mapping on the many home routers
- that support NAT-PMP or UPnP. To build the support code, you'll
- need to have the libnatpnp library and/or the libminiupnpc library,
- and you'll need to enable the feature specifically by passing
- "--enable-upnp" and/or "--enable-natpnp" to ./configure. To turn
- it on, use the new PortForwarding option.
- o Major features (logging):
- - Add a new 'Heartbeat' log message type to periodically log a message
- describing Tor's status at level Notice. This feature is meant for
- operators who log at notice, and want to make sure that their Tor
- server is still working. Implementation by George Kadianakis.
- - Make logging resolution configurable with a new LogTimeGranularity
- option, and change the default from 1 millisecond to 1 second.
- Implements enhancement 1668.
- o Major features (other):
- - New "DisableNetwork" config option to prevent Tor from launching any
- connections or accepting any connections except on a control port.
- Bundles and controllers can set this option before letting Tor talk
- to the rest of the network, for example to prevent any connections
- to a non-bridge address. Packages like Orbot can also use this
- option to instruct Tor to save power when the network is off.
- - Try to use system facilities for enumerating local interface
- addresses, before falling back to our old approach (which was
- binding a UDP socket, and calling getsockname() on it). That
- approach was scaring OS X users whose draconian firewall
- software warned about binding to UDP sockets regardless of
- whether packets were sent. Now we try to use getifaddrs(),
- SIOCGIFCONF, or GetAdaptersAddresses(), depending on what the
- system supports. Resolves ticket 1827.
- - Add experimental support for a "defaults" torrc file to be parsed
- before the regular torrc. Torrc options override the defaults file's
- options in the same way that the command line overrides the torrc.
- The SAVECONF controller command saves only those options which
- differ between the current configuration and the defaults file. HUP
- reloads both files. Implements task 4552.
- o New directory authorities:
- - Add Faravahar (run by Sina Rabbani) as the ninth v3 directory
- authority. Closes ticket 5749.
- o Security/privacy fixes:
- - Avoid read-from-freed-memory and double-free bugs that could occur
- when a DNS request fails while launching it. Fixes bug 6480;
- bugfix on 0.2.0.1-alpha.
- - Reject any attempt to extend to an internal address. Without
- this fix, a router could be used to probe addresses on an internal
- network to see whether they were accepting connections. Fixes bug
- 6710; bugfix on 0.0.8pre1.
- - Close any connection that sends unrecognized junk before the TLS
- handshake. Solves an issue noted in bug 4369.
- - The advertised platform of a relay now includes only its operating
- system's name (e.g., "Linux", "Darwin", "Windows 7"), and not
- its service pack level (for Windows) or its CPU architecture
- (for Unix). Also drop the "git-XYZ" tag in the version. Packagers
- can insert an extra string in the platform line by setting the
- preprocessor variable TOR_BUILD_TAG. Resolves bug 2988.
- - Disable TLS session tickets. OpenSSL's implementation was giving
- our TLS session keys the lifetime of our TLS context objects, when
- perfect forward secrecy would want us to discard anything that
- could decrypt a link connection as soon as the link connection
- was closed. Fixes bug 7139; bugfix on all versions of Tor linked
- against OpenSSL 1.0.0 or later. Found by Florent Daignière.
- - Tor tries to wipe potentially sensitive data after using it, so
- that if some subsequent security failure exposes Tor's memory,
- the damage will be limited. But we had a bug where the compiler
- was eliminating these wipe operations when it decided that the
- memory was no longer visible to a (correctly running) program,
- hence defeating our attempt at defense in depth. We fix that
- by using OpenSSL's OPENSSL_cleanse() operation, which a compiler
- is unlikely to optimize away. Future versions of Tor may use
- a less ridiculously heavy approach for this. Fixes bug 7352.
- Reported in an article by Andrey Karpov.
- o Major bugfixes (crashes and asserts):
- - Avoid a pair of double-free and use-after-mark bugs that can
- occur with certain timings in canceled and re-received DNS
- requests. Fixes bug 6472; bugfix on 0.0.7rc1.
- - Fix a denial of service attack by which any directory authority
- could crash all the others, or by which a single v2 directory
- authority could crash everybody downloading v2 directory
- information. Fixes bug 7191; bugfix on 0.2.0.10-alpha.
- - Fix an assert that directory authorities could trigger on sighup
- during some configuration state transitions. We now don't treat
- it as a fatal error when the new descriptor we just generated in
- init_keys() isn't accepted. Fixes bug 4438; bugfix on 0.2.1.9-alpha.
- - Avoid segfault when starting up having run with an extremely old
- version of Tor and parsing its state file. Fixes bug 6801; bugfix
- on 0.2.2.23-alpha.
- o Major bugfixes (clients):
- - If we are unable to find any exit that supports our predicted ports,
- stop calling them predicted, so that we don't loop and build
- hopeless circuits indefinitely. Fixes bug 3296; bugfix on 0.0.9pre6,
- which introduced predicted ports.
- - Check at each new consensus whether our entry guards were picked
- long enough ago that we should rotate them. Previously, we only
- did this check at startup, which could lead to us holding a guard
- indefinitely. Fixes bug 5380; bugfix on 0.2.1.14-rc.
- - When fetching a bridge descriptor from a bridge authority,
- always do so anonymously, whether we have been able to open
- circuits or not. Partial fix for bug 1938; bugfix on 0.2.0.7-alpha.
- This behavior makes it *safer* to use UpdateBridgesFromAuthority,
- but we'll need to wait for bug 6010 before it's actually usable.
- o Major bugfixes (directory voting):
- - Check more thoroughly to prevent a rogue authority from
- double-voting on any consensus directory parameter. Previously,
- authorities would crash in this case if the total number of
- votes for any parameter exceeded the number of active voters,
- but would let it pass otherwise. Partially fixes bug 5786; bugfix
- on 0.2.2.2-alpha.
- - When computing weight parameters, behave more robustly in the
- presence of a bad bwweightscale value. Previously, the authorities
- would crash if they agreed on a sufficiently broken weight_scale
- value; now, they use a reasonable default and carry on. Fixes the
- rest of bug 5786; bugfix on 0.2.2.17-alpha.
- - If authorities are unable to get a v2 consensus document from other
- directory authorities, they no longer fall back to fetching
- them from regular directory caches. Fixes bug 5635; bugfix on
- 0.2.2.26-beta, where routers stopped downloading v2 consensus
- documents entirely.
- o Major bugfixes (relays):
- - Fix a bug handling SENDME cells on nonexistent streams that could
- result in bizarre window values. Report and patch contributed
- pseudonymously. Fixes part of bug 6271. This bug was introduced
- before the first Tor release, in svn commit r152.
- - Don't update the AccountingSoftLimitHitAt state file entry whenever
- tor gets started. This prevents a wrong average bandwidth
- estimate, which would cause relays to always start a new accounting
- interval at the earliest possible moment. Fixes bug 2003; bugfix
- on 0.2.2.7-alpha. Reported by Bryon Eldridge, who also helped
- immensely in tracking this bug down.
- - Fix a possible crash bug when checking for deactivated circuits
- in connection_or_flush_from_first_active_circuit(). Fixes bug 6341;
- bugfix on 0.2.2.7-alpha. Bug report and fix received pseudonymously.
- - Set the SO_REUSEADDR socket option before we call bind() on outgoing
- connections. This change should allow busy exit relays to stop
- running out of available sockets as quickly. Fixes bug 4950;
- bugfix on 0.2.2.26-beta.
- o Major bugfixes (blocking resistance):
- - Bridges no longer include their address in NETINFO cells on outgoing
- OR connections, to allow them to blend in better with clients.
- Removes another avenue for enumerating bridges. Reported by
- "troll_un". Fixes bug 4348; bugfix on 0.2.0.10-alpha, when NETINFO
- cells were introduced.
- - Warn the user when HTTPProxy, but no other proxy type, is
- configured. This can cause surprising behavior: it doesn't send
- all of Tor's traffic over the HTTPProxy -- it sends unencrypted
- directory traffic only. Resolves ticket 4663.
- o Major bugfixes (hidden services):
- - Improve hidden service robustness: when an attempt to connect to
- a hidden service ends, be willing to refetch its hidden service
- descriptors from each of the HSDir relays responsible for them
- immediately. Previously, we would not consider refetching the
- service's descriptors from each HSDir for 15 minutes after the last
- fetch, which was inconvenient if the hidden service was not running
- during the first attempt. Bugfix on 0.2.0.18-alpha; fixes bug 3335.
- - Hidden services now ignore the timestamps on INTRODUCE2 cells.
- They used to check that the timestamp was within 30 minutes
- of their system clock, so they could cap the size of their
- replay-detection cache, but that approach unnecessarily refused
- service to clients with wrong clocks. Bugfix on 0.2.1.6-alpha, when
- the v3 intro-point protocol (the first one which sent a timestamp
- field in the INTRODUCE2 cell) was introduced; fixes bug 3460.
- - When one of a hidden service's introduction points appears to be
- unreachable, stop trying it. Previously, we would keep trying
- to build circuits to the introduction point until we lost the
- descriptor, usually because the user gave up and restarted Tor.
- Fixes part of bug 3825.
- o Changes to default torrc file:
- - Stop listing "socksport 9050" in torrc.sample. We open a socks
- port on 9050 by default anyway, so this should not change anything
- in practice.
- - Stop mentioning the deprecated *ListenAddress options in
- torrc.sample. Fixes bug 5438.
- - Document unit of bandwidth-related options in sample torrc.
- Fixes bug 5621.
- - Fix broken URLs in the sample torrc file, and tell readers about
- the OutboundBindAddress, ExitPolicyRejectPrivate, and
- PublishServerDescriptor options. Addresses bug 4652.
- o Minor features (directory authorities):
- - Consider new, removed or changed IPv6 OR ports a non-cosmetic
- change when the authority is deciding whether to accept a newly
- uploaded descriptor. Implements ticket 6423.
- - Directory authorities are now a little more lenient at accepting
- older router descriptors, or newer router descriptors that don't
- make big changes. This should help ameliorate past and future
- issues where routers think they have uploaded valid descriptors,
- but the authorities don't think so. Fix for ticket 2479.
- - Authority operators can now vote for all relays in a given
- set of countries to be BadDir/BadExit/Invalid/Rejected.
- - Provide two consensus parameters (FastFlagMinThreshold and
- FastFlagMaxThreshold) to control the range of allowable bandwidths
- for the Fast directory flag. These allow authorities to run
- experiments on appropriate requirements for being a "Fast" node.
- The AuthDirFastGuarantee config value still applies. Implements
- ticket 3946.
- o Minor features (bridges / bridge authorities):
- - Make bridge SSL certificates a bit more stealthy by using random
- serial numbers, in the same fashion as OpenSSL when generating
- self-signed certificates. Implements ticket 4584.
- - Tag a bridge's descriptor as "never to be sent unencrypted".
- This shouldn't matter, since bridges don't open non-anonymous
- connections to the bridge authority and don't allow unencrypted
- directory connections from clients, but we might as well make
- sure. Closes bug 5139.
- - The Bridge Authority now writes statistics on how many bridge
- descriptors it gave out in total, and how many unique descriptors
- it gave out. It also lists how often the most and least commonly
- fetched descriptors were given out, as well as the median and
- 25th/75th percentile. Implements tickets 4200 and 4294.
- o Minor features (IPv6):
- - Make the code that clients use to detect an address change be
- IPv6-aware, so that it won't fill clients' logs with error
- messages when trying to get the IPv4 address of an IPv6
- connection. Implements ticket 5537.
- - Relays now understand an IPv6 address when they get one from a
- directory server. Resolves ticket 4875.
- o Minor features (hidden services):
- - Expire old or over-used hidden service introduction points.
- Required by fix for bug 3460.
- - Reduce the lifetime of elements of hidden services' Diffie-Hellman
- public key replay-detection cache from 60 minutes to 5 minutes. This
- replay-detection cache is now used only to detect multiple
- INTRODUCE2 cells specifying the same rendezvous point, so we can
- avoid launching multiple simultaneous attempts to connect to it.
- - When a hidden service's introduction point times out, consider
- trying it again during the next attempt to connect to the
- HS. Previously, we would not try it again unless a newly fetched
- descriptor contained it. Required by fixes for bugs 1297 and 3825.
- o Minor features (relays):
- - Relays now include a reason for regenerating their descriptors
- in an HTTP header when uploading to the authorities. This will
- make it easier to debug descriptor-upload issues in the future.
- - Turn on directory request statistics by default and include them in
- extra-info descriptors. Don't break if we have no GeoIP database.
- - Replace files in stats/ rather than appending to them. Now that we
- include statistics in extra-info descriptors, it makes no sense to
- keep old statistics forever. Implements ticket 2930.
- - Relays that set "ConnDirectionStatistics 1" write statistics on the
- bidirectional use of connections to disk every 24 hours.
- - Add a GeoIP file digest to the extra-info descriptor. Implements
- ticket 1883.
- o Minor features (new config options):
- - New config option "DynamicDHGroups" (disabled by default) provides
- each bridge with a unique prime DH modulus to be used during
- SSL handshakes. This option attempts to help against censors
- who might use the Apache DH modulus as a static identifier for
- bridges. Addresses ticket 4548.
- - New config option "DisableDebuggerAttachment" (on by default)
- to prevent basic debugging attachment attempts by other processes.
- Supports Mac OS X and Gnu/Linux. Resolves ticket 3313.
- - Ordinarily, Tor does not count traffic from private addresses (like
- 127.0.0.1 or 10.0.0.1) when calculating rate limits or accounting.
- There is now a new option, CountPrivateBandwidth, to disable this
- behavior. Patch from Daniel Cagara.
- o Minor features (different behavior for old config options):
- - Allow MapAddress directives to specify matches against super-domains,
- as in "MapAddress *.torproject.org *.torproject.org.torserver.exit".
- Implements issue 933.
- - Don't disable the DirPort when we cannot exceed our AccountingMax
- limit during this interval because the effective bandwidthrate is
- low enough. This is useful in a situation where AccountMax is only
- used as an additional safeguard or to provide statistics.
- - Add port 6523 (Gobby) to LongLivedPorts. Patch by intrigeri;
- implements ticket 3439.
- - When configuring a large set of nodes in EntryNodes, and there are
- enough of them listed as Guard so that we don't need to consider
- the non-guard entries, prefer the ones listed with the Guard flag.
- - If you set the NumCPUs option to 0, Tor will now try to detect how
- many CPUs you have. This is the new default behavior.
- - The NodeFamily option -- which let you declare that you want to
- consider nodes to be part of a family whether they list themselves
- that way or not -- now allows IP address ranges and country codes.
- o Minor features (new command-line config behavior):
- - Slightly change behavior of "list" options (that is, config
- options that can appear more than once) when they appear both in
- torrc and on the command line. Previously, the command-line options
- would be appended to the ones from torrc. Now, the command-line
- options override the torrc options entirely. This new behavior
- allows the user to override list options (like exit policies and
- ports to listen on) from the command line, rather than simply
- appending to the list.
- - You can get the old (appending) command-line behavior for "list"
- options by prefixing the option name with a "+".
- - You can remove all the values for a "list" option from the command
- line without adding any new ones by prefixing the option name
- with a "/".
- o Minor features (controller, new events):
- - Extend the control protocol to report flags that control a circuit's
- path selection in CIRC events and in replies to 'GETINFO
- circuit-status'. Implements part of ticket 2411.
- - Extend the control protocol to report the hidden service address
- and current state of a hidden-service-related circuit in CIRC
- events and in replies to 'GETINFO circuit-status'. Implements part
- of ticket 2411.
- - Include the creation time of a circuit in CIRC and CIRC2
- control-port events and the list produced by the 'GETINFO
- circuit-status' control-port command.
- - Add a new CONF_CHANGED event so that controllers can be notified
- of any configuration changes made by other controllers, or by the
- user. Implements ticket 1692.
- - Add a new SIGNAL event to the controller interface so that
- controllers can be notified when Tor handles a signal. Resolves
- issue 1955. Patch by John Brooks.
- o Minor features (controller, new getinfo options):
- - Expose our view of whether we have gone dormant to the controller,
- via a new "GETINFO dormant" value. Torbutton and other controllers
- can use this to avoid doing periodic requests through Tor while
- it's dormant (bug 4718). Resolves ticket 5954.
- - Add a new GETINFO option to get total bytes read and written. Patch
- from pipe, revised by atagar. Resolves ticket 2345.
- - Implement new GETINFO controller fields to provide information about
- the Tor process's pid, euid, username, and resource limits.
- o Minor features (controller, other):
- - Allow controllers to request an event notification whenever a
- circuit is cannibalized or its purpose is changed. Implements
- part of ticket 3457.
- - Use absolute path names when reporting the torrc filename in the
- control protocol, so a controller can more easily find the torrc
- file. Resolves bug 1101.
- - When reporting the path to the cookie file to the controller,
- give an absolute path. Resolves ticket 4881.
- o Minor features (log messages):
- - Add more information to a log statement that might help track down
- bug 4091. If you're seeing "Bug: tor_addr_is_internal() called with a
- non-IP address" messages (or any Bug messages, for that matter!),
- please let us know about it.
- - If EntryNodes are given, but UseEntryGuards is set to 0, warn that
- EntryNodes will have no effect. Resolves issue 2571.
- - Try to make the introductory warning message that Tor prints on
- startup more useful for actually finding help and information.
- Resolves ticket 2474.
- - When the system call to create a listener socket fails, log the
- error message explaining why. This may help diagnose bug 4027.
- o Minor features (other):
- - When we fail to initialize Libevent, retry with IOCP disabled so we
- don't need to turn on multi-threading support in Libevent, which in
- turn requires a working socketpair(). This is a workaround for bug
- 4457, which affects Libevent versions from 2.0.1-alpha through
- 2.0.15-stable.
- - When starting as root and then changing our UID via the User
- control option, and we have a ControlSocket configured, make sure
- that the ControlSocket is owned by the same account that Tor will
- run under. Implements ticket 3421; fix by Jérémy Bobbio.
- - Accept attempts to include a password authenticator in the
- handshake, as supported by SOCKS5. This handles SOCKS clients that
- don't know how to omit a password when authenticating. Resolves
- bug 1666.
- - Check for and recover from inconsistency in the microdescriptor
- cache. This will make it harder for us to accidentally free a
- microdescriptor without removing it from the appropriate data
- structures. Fixes issue 3135; issue noted by "wanoskarnet".
- - Shorten links in the tor-exit-notice file. Patch by Christian Kujau.
- o Minor bugfixes (code security):
- - Prevent a null-pointer dereference when receiving a data cell
- for a nonexistent stream when the circuit in question has an
- empty deliver window. We don't believe this is triggerable,
- since we don't currently allow deliver windows to become empty,
- but the logic is tricky enough that it's better to make the code
- robust. Fixes bug 5541; bugfix on 0.0.2pre14.
- - Fix a (harmless) integer overflow in cell statistics reported by
- some fast relays. Fixes bug 5849; bugfix on 0.2.2.1-alpha.
- - Fix our implementation of crypto_random_hostname() so it can't
- overflow on ridiculously large inputs. (No Tor version has ever
- provided this kind of bad inputs, but let's be correct in depth.)
- Fixes bug 4413; bugfix on 0.2.2.9-alpha. Fix by Stephen Palmateer.
- - Add a (probably redundant) memory clear between iterations of
- the router status voting loop, to prevent future coding errors
- where data might leak between iterations of the loop. Resolves
- ticket 6514.
- o Minor bugfixes (wrapper functions):
- - Abort if tor_vasprintf() fails in connection_printf_to_buf() (a
- utility function used in the control-port code). This shouldn't
- ever happen unless Tor is completely out of memory, but if it did
- happen and Tor somehow recovered from it, Tor could have sent a log
- message to a control port in the middle of a reply to a controller
- command. Fixes part of bug 3428; bugfix on 0.1.2.3-alpha.
- - Fix some (not actually triggerable) buffer size checks in usage of
- tor_inet_ntop(). Fixes bug 4434; bugfix on Tor 0.2.0.1-alpha. Patch
- by Anders Sundman.
- - Fix parsing of some corner-cases with tor_inet_pton(). Fixes
- bug 4515; bugfix on 0.2.0.1-alpha; fix by Anders Sundman.
- - Enforce correct return behavior of tor_vsscanf() when the '%%'
- pattern is used. Fixes bug 5558. Bugfix on 0.2.1.13.
- - Make our replacement implementation of strtok_r() compatible with
- the standard behavior of strtok_r(). Patch by nils. Fixes bug 5091;
- bugfix on 0.2.2.1-alpha.
- - Find more places in the code that should have been testing for
- invalid sockets using the SOCKET_OK macro. Required for a fix
- for bug 4533. Bugfix on 0.2.2.28-beta.
- o Minor bugfixes (code correctness):
- - Check return value of fputs() when writing authority certificate
- file. Fixes Coverity issue 709056; bugfix on 0.2.0.1-alpha.
- - When building Tor on Windows with -DUNICODE (not default), ensure
- that error messages, filenames, and DNS server names are always
- NUL-terminated when we convert them to a single-byte encoding.
- Fixes bug 5909; bugfix on 0.2.2.16-alpha.
- - Fix a memory leak when trying to launch a DNS request when the
- nameservers are unconfigurable. Fixes bug 5916; bugfix on Tor
- 0.1.2.1-alpha.
- - Correct file sizes when reading binary files on Cygwin, to avoid
- a bug where Tor would fail to read its state file. Fixes bug 6844;
- bugfix on 0.1.2.7-alpha.
- - Make sure to set *socket_error in all error cases in
- connection_connect(), so it can't produce a warning about
- errno being zero from errno_to_orconn_end_reason(). Bugfix on
- 0.2.1.1-alpha; resolves ticket 6028.
- - Initialize conn->addr to a valid state in spawn_cpuworker(). Fixes
- bug 4532; found by "troll_un".
- o Minor bugfixes (clients):
- - Allow one-hop directory-fetching circuits the full "circuit build
- timeout" period, rather than just half of it, before failing them
- and marking the relay down. This fix should help reduce cases where
- clients declare relays (or worse, bridges) unreachable because
- the TLS handshake takes a few seconds to complete. Fixes bug 6743;
- bugfix on 0.2.2.2-alpha, where we changed the timeout from a static
- 30 seconds.
- - Ensure we don't cannibalize circuits that are longer than three hops
- already, so we don't end up making circuits with 5 or more
- hops. Patch contributed by wanoskarnet. Fixes bug 5231; bugfix on
- 0.1.0.1-rc which introduced cannibalization.
- o Minor bugfixes (relays):
- - Don't publish a new relay descriptor when we reload our onion key,
- unless the onion key has actually changed. Fixes bug 3263 and
- resolves another cause of bug 1810. Bugfix on 0.1.1.11-alpha.
- - When relays refuse a "create" cell because their queue of pending
- create cells is too big (typically because their cpu can't keep up
- with the arrival rate), send back reason "resource limit" rather
- than reason "internal", so network measurement scripts can get a
- more accurate picture. Bugfix on 0.1.1.11-alpha; fixes bug 7037.
- - Exit nodes don't need to fetch certificates for authorities that
- they don't recognize; only directory authorities, bridges,
- and caches need to do that. Fixes part of bug 2297; bugfix on
- 0.2.2.11-alpha.
- o Minor bugfixes (directory authority / mirrors):
- - Avoid O(n^2) performance characteristics when parsing a large
- extrainfo cache. Fixes bug 5828; bugfix on 0.2.0.1-alpha.
- - Authorities no longer include any router in their microdescriptor
- consensuses for which they couldn't generate or agree on a
- microdescriptor. Fixes the second piece of bug 6404; fix on
- 0.2.2.6-alpha.
- - When checking for requested signatures on the latest consensus
- before serving it to a client, make sure to check the right
- consensus flavor. Bugfix on 0.2.2.6-alpha.
- - Fix an edge case where TestingTorNetwork is set but the authorities
- and relays all have an uptime of zero, so the private Tor network
- could briefly lack support for hidden services. Fixes bug 3886;
- bugfix on 0.2.2.18-alpha.
- - Directory caches no longer refuse to clean out descriptors because
- of missing v2 networkstatus documents, unless they're configured
- to retrieve v2 networkstatus documents. Fixes bug 4838; bugfix on
- 0.2.2.26-beta. Patch by Daniel Bryg.
- - Don't serve or accept v2 hidden service descriptors over a relay's
- DirPort. It's never correct to do so, and disabling it might
- make it more annoying to exploit any bugs that turn up in the
- descriptor-parsing code. Fixes bug 7149.
- o Minor bugfixes (hidden services, client-side):
- - Assert that hidden-service-related operations are not performed
- using single-hop circuits. Previously, Tor would assert that
- client-side streams are not attached to single-hop circuits,
- but not that other sensitive operations on the client and service
- side are not performed using single-hop circuits. Fixes bug 3332;
- bugfix on 0.0.6.
- - Avoid undefined behavior when parsing the list of supported
- rendezvous/introduction protocols in a hidden service descriptor.
- Previously, Tor would have confused (as-yet-unused) protocol version
- numbers greater than 32 with lower ones on many platforms. Fixes
- bug 6827; bugfix on 0.2.0.10-alpha. Found by George Kadianakis.
- - Don't close hidden service client circuits which have almost
- finished connecting to their destination when they reach
- the normal circuit-build timeout. Previously, we would close
- introduction circuits which are waiting for an acknowledgement
- from the introduction point, and rendezvous circuits which have
- been specified in an INTRODUCE1 cell sent to a hidden service,
- after the normal CBT. Now, we mark them as 'timed out', and launch
- another rendezvous attempt in parallel. This behavior change can
- be disabled using the new CloseHSClientCircuitsImmediatelyOnTimeout
- option. Fixes part of bug 1297; bugfix on 0.2.2.2-alpha.
- o Minor bugfixes (hidden services, service-side):
- - Don't close hidden-service-side rendezvous circuits when they
- reach the normal circuit-build timeout. This behavior change can
- be disabled using the new
- CloseHSServiceRendCircuitsImmediatelyOnTimeout option. Fixes the
- remaining part of bug 1297; bugfix on 0.2.2.2-alpha.
- - Don't launch more than 10 service-side introduction-point circuits
- for a hidden service in five minutes. Previously, we would consider
- launching more introduction-point circuits if at least one second
- had passed without any introduction-point circuits failing. Fixes
- bug 4607; bugfix on 0.0.7pre1.
- o Minor bugfixes (config option behavior):
- - If the user tries to set MyFamily on a bridge, refuse to
- do so, and warn about the security implications. Fixes bug 4657;
- bugfix on 0.2.0.3-alpha.
- - The "--quiet" and "--hush" options now apply not only to Tor's
- behavior before logs are configured, but also to Tor's behavior in
- the absense of configured logs. Fixes bug 3550; bugfix on
- 0.2.0.10-alpha.
- - Change the AllowDotExit rules so they should actually work.
- We now enforce AllowDotExit only immediately after receiving an
- address via SOCKS or DNSPort: other sources are free to provide
- .exit addresses after the resolution occurs. Fixes bug 3940;
- bugfix on 0.2.2.1-alpha.
- - Make "LearnCircuitBuildTimeout 0" work more reliably. Specifically,
- don't depend on the consensus parameters or compute adaptive
- timeouts when it is disabled. Fixes bug 5049; bugfix on
- 0.2.2.14-alpha.
- - After we pick a directory mirror, we would refuse to use it if
- it's in our ExcludeExitNodes list, resulting in mysterious failures
- to bootstrap for people who just wanted to avoid exiting from
- certain locations. Fixes bug 5623; bugfix on 0.2.2.25-alpha.
- - When told to add a bridge with the same digest as a preexisting
- bridge but a different addr:port, change the addr:port as
- requested. Previously we would not notice the change. Fixes half
- of bug 5603; fix on 0.2.2.26-beta.
- o Minor bugfixes (controller):
- - Allow manual 'authenticate' commands to the controller interface
- from netcat (nc) as well as telnet. We were rejecting them because
- they didn't come with the expected whitespace at the end of the
- command. Bugfix on 0.1.1.1-alpha; fixes bug 2893.
- - Report a real bootstrap problem to the controller on router
- identity mismatch. Previously we just said "foo", which probably
- made a lot of sense at the time. Fixes bug 4169; bugfix on
- 0.2.1.1-alpha.
- - When we receive a SIGHUP and the controller __ReloadTorrcOnSIGHUP
- option is set to 0 (which Vidalia version 0.2.16 now does when
- a SAVECONF attempt fails), perform other actions that SIGHUP
- usually causes (like reopening the logs). Fixes bug 5095; bugfix
- on 0.2.1.9-alpha.
- - Correctly handle checking the permissions on the parent
- directory of a control socket in the root directory. Bug found
- by Esteban Manchado Velázquez. Fixes bug 5089; bugfix on Tor
- 0.2.2.26-beta.
- - End AUTHCHALLENGE error messages (in the control protocol) with
- a CRLF. Fixes bug 5760; bugfix on 0.2.2.36.
- o Minor bugfixes (network reading/writing):
- - Disable writing on marked-for-close connections when they are
- blocked on bandwidth, to prevent busy-looping in Libevent. Fixes
- bug 5263; bugfix on 0.0.2pre13, where we first added a special
- case for flushing marked connections.
- - Make sure that there are no unhandled pending TLS errors before
- reading from a TLS stream. We had checks in 0.1.0.3-rc, but
- lost them in 0.1.0.5-rc when we refactored read_to_buf_tls().
- Bugfix on 0.1.0.5-rc; fixes bug 4528.
- - Detect SSL handshake even when the initial attempt to write the
- server hello fails. Fixes bug 4592; bugfix on 0.2.0.13-alpha.
- - If the client fails to set a reasonable set of ciphersuites
- during its v2 handshake renegotiation, allow the renegotiation to
- continue nevertheless (i.e. send all the required certificates).
- Fixes bug 4591; bugfix on 0.2.0.20-rc.
- o Minor bugfixes (other):
- - Exit nodes now correctly report EADDRINUSE and EADDRNOTAVAIL as
- resource exhaustion, so that clients can adjust their load to
- try other exits. Fixes bug 4710; bugfix on 0.1.0.1-rc, which
- started using END_STREAM_REASON_RESOURCELIMIT.
- - Don't check for whether the address we're using for outbound
- connections has changed until after the outbound connection has
- completed. On Windows, getsockname() doesn't succeed until the
- connection is finished. Fixes bug 5374; bugfix on 0.1.1.14-alpha.
- - Don't hold a Windows file handle open for every file mapping;
- the file mapping handle is sufficient. Fixes bug 5951; bugfix on
- 0.1.2.1-alpha.
- - Fix wrong TCP port range in parse_port_range(). Fixes bug 6218;
- bugfix on 0.2.1.10-alpha.
- - If we fail to write a microdescriptor to the disk cache, do not
- continue replacing the old microdescriptor file. Fixes bug 2954;
- bugfix on 0.2.2.6-alpha.
- o Minor bugfixes (log messages, path selection):
- - Downgrade "set buildtimeout to low value" messages to "info"
- severity; they were never an actual problem, there was never
- anything reasonable to do about them, and they tended to spam logs
- from time to time. Fixes bug 6251; bugfix on 0.2.2.2-alpha.
- - Rate-limit the "Weighted bandwidth is 0.000000" message, and add
- more information to it, so that we can track it down in case it
- returns again. Mitigates bug 5235.
- - Check CircuitBuildTimeout and LearnCircuitBuildTimeout in
- options_validate(); warn if LearnCircuitBuildTimeout is disabled and
- CircuitBuildTimeout is set unreasonably low. Resolves ticket 5452.
- - Issue a log message if a guard completes less than 40% of your
- circuits. Threshold is configurable by torrc option
- PathBiasNoticeRate and consensus parameter pb_noticepct. There is
- additional, off-by-default code to disable guards which fail too
- many circuits. Addresses ticket 5458.
- o Minor bugfixes (log messages, client):
- - Downgrade "Got a certificate, but we already have it" log messages
- from warning to info, except when we're a dirauth. Fixes bug 5238;
- bugfix on 0.2.1.7-alpha.
- - Fix the log message describing how we work around discovering
- that our version is the ill-fated OpenSSL 0.9.8l. Fixes bug
- 4837; bugfix on 0.2.2.9-alpha.
- - When logging about a disallowed .exit name, do not also call it
- an "invalid onion address". Fixes bug 3325; bugfix on 0.2.2.9-alpha.
- - Fix a log message suggesting that people contact a non-existent
- email address. Fixes bug 3448.
- - Rephrase the log message emitted if the TestSocks check is
- successful. Patch from Fabian Keil; fixes bug 4094.
- - Log (at debug level) whenever a circuit's purpose is changed.
- - Log SSL state transitions at log level DEBUG, log domain
- HANDSHAKE. This can be useful for debugging censorship events.
- Implements ticket 3264.
- - We now log which torrc file we're using on startup. Implements
- ticket 2444.
- - Rate-limit log messages when asked to connect anonymously to
- a private address. When these hit, they tended to hit fast and
- often. Also, don't bother trying to connect to addresses that we
- are sure will resolve to 127.0.0.1: getting 127.0.0.1 in a directory
- reply makes us think we have been lied to, even when the address the
- client tried to connect to was "localhost." Resolves ticket 2822.
- o Minor bugfixes (log messages, non-client):
- - Downgrade "eventdns rejected address" message to LOG_PROTOCOL_WARN.
- Fixes bug 5932; bugfix on 0.2.2.7-alpha.
- - Don't log that we have "decided to publish new relay descriptor"
- unless we are actually publishing a descriptor. Fixes bug 3942;
- bugfix on 0.2.2.28-beta.
- - Log which authority we're missing votes from when we go to fetch
- them from the other auths.
- - Replace "Sending publish request" log messages with "Launching
- upload", so that they no longer confusingly imply that we're
- sending something to a directory we might not even be connected
- to yet. Fixes bug 3311; bugfix on 0.2.0.10-alpha.
- - Warn when Tor is configured to use accounting in a way that can
- link a hidden service to some other hidden service or public
- address. Resolves ticket 6490.
- - Fix a minor formatting issue in one of tor-gencert's error messages.
- Fixes bug 4574.
- o Testing:
- - Update to the latest version of the tinytest unit testing framework.
- This includes a couple of bugfixes that can be relevant for
- running forked unit tests on Windows, and removes all reserved
- identifiers.
- - Avoid a false positive in the util/threads unit test by increasing
- the maximum timeout time. Fixes bug 6227; bugfix on 0.2.0.4-alpha.
- - Make it possible to set the TestingTorNetwork configuration
- option using AlternateDirAuthority and AlternateBridgeAuthority
- as an alternative to setting DirServer. Addresses ticket 6377.
- - Add a unit test for the environment_variable_names_equal() function.
- - A wide variety of new unit tests by Esteban Manchado Velázquez.
- - Numerous new unit tests for functions in util.c and address.c by
- Anders Sundman.
- - The long-disabled benchmark tests are now split into their own
- ./src/test/bench binary.
- - The benchmark tests can now use more accurate timers than
- gettimeofday() when such timers are available.
- - Use tt_assert(), not tor_assert(), for checking for test failures.
- This makes the unit tests more able to go on in the event that
- one of them fails.
- o Build improvements:
- - Use the dead_strip option when building Tor on OS X. This reduces
- binary size by almost 19% when linking openssl and libevent
- statically, which we do for Tor Browser Bundle.
- - Provide a better error message about possible OSX Asciidoc failure
- reasons. Fixes bug 6436.
- - Detect attempts to build Tor on (as yet hypothetical) versions
- of Windows where sizeof(intptr_t) != sizeof(SOCKET). Partial
- fix for bug 4533. Bugfix on 0.2.2.28-beta.
- - On Windows, we now define the _WIN32_WINNT macros only if they
- are not already defined. This lets the person building Tor decide,
- if they want, to require a later version of Windows.
- - Our autogen.sh script now uses autoreconf to launch autoconf,
- automake, and so on. This is more robust against some of the failure
- modes associated with running the autotools pieces on their own.
- - Running "make version" now displays the version of Tor that
- we're about to build. Idea from katmagic; resolves issue 4400.
- - Make 'tor --digests' list hashes of all Tor source files. Bugfix
- on 0.2.2.4-alpha; fixes bug 3427.
- - New --enable-static-tor configure option for building Tor as
- statically as possible. Idea, general hackery and thoughts from
- Alexei Czeskis, John Gilmore, Jacob Appelbaum. Implements ticket
- 2702.
- - Limited, experimental support for building with nmake and MSVC.
- o Build requirements:
- - Building Tor with bufferevent support now requires Libevent
- 2.0.13-stable or later. Previous versions of Libevent had bugs in
- SSL-related bufferevents and related issues that would make Tor
- work badly with bufferevents. Requiring 2.0.13-stable also allows
- Tor with bufferevents to take advantage of Libevent APIs
- introduced after 2.0.8-rc.
- - Our build system requires automake 1.6 or later to create the
- Makefile.in files. Previously, you could have used 1.4.
- This only affects developers and people building Tor from git;
- people who build Tor from the source distribution without changing
- the Makefile.am files should be fine.
- - Detect when we try to build on a platform that doesn't define
- AF_UNSPEC to 0. We don't work there, so refuse to compile.
- o Build fixes (compile/link):
- - Format more doubles with %f, not %lf. Patch from grarpamp to make
- Tor build correctly on older BSDs again. Fixes bug 3894; bugfix on
- Tor 0.2.0.8-alpha.
- - When building with --enable-static-tor on OpenBSD, do not
- erroneously attempt to link -lrt. Fixes bug 5103.
- - Set _WIN32_WINNT to 0x0501 consistently throughout the code, so
- that IPv6 stuff will compile on MSVC, and compilation issues
- will be easier to track down. Fixes bug 5861.
- - Fix build and 64-bit compile warnings from --enable-openbsd-malloc.
- Fixes bug 6379. Bugfix on 0.2.0.20-rc.
- - Make Tor build correctly again with -DUNICODE -D_UNICODE defined.
- Fixes bug 6097; bugfix on 0.2.2.16-alpha.
- o Build fixes (other):
- - Use the _WIN32 macro throughout our code to detect Windows.
- (Previously we had used the obsolete 'WIN32' and the idiosyncratic
- 'MS_WINDOWS'.)
- - Properly handle the case where the build-tree is not the same
- as the source tree when generating src/common/common_sha1.i,
- src/or/micro-revision.i, and src/or/or_sha1.i. Fixes bug 3953;
- bugfix on 0.2.0.1-alpha.
- - During configure, search for library containing cos function as
- libm lives in libcore on some platforms (BeOS/Haiku). Linking
- against libm was hard-coded before. Fixes the first part of bug
- 4727; bugfix on 0.2.2.2-alpha. Patch and analysis by Martin Hebnes
- Pedersen.
- - Prevent a false positive from the check-spaces script, by disabling
- the "whitespace between function name and (" check for functions
- named 'op()'.
- o Packaging (RPM) changes:
- - Update our default RPM spec files to work with mock and rpmbuild
- on RHEL/Fedora. They have an updated set of dependencies and
- conflicts, a fix for an ancient typo when creating the "_tor"
- user, and better instructions. Thanks to Ondrej Mikle for the
- patch series. Fixes bug 6043.
- - On OpenSUSE, create the /var/run/tor directory on startup if it
- is not already created. Patch from Andreas Stieger. Fixes bug 2573.
- o Code refactoring (safety):
- - Do not use SMARTLIST_FOREACH for any loop whose body exceeds
- 10 lines. Also, don't nest them. Doing so in the past has
- led to hard-to-debug code. The new style is to use the
- SMARTLIST_FOREACH_{BEGIN,END} pair. Addresses issue 6400.
- - Use macros to indicate OpenSSL versions, so we don't need to worry
- about accidental hexadecimal bit shifts.
- - Use tor_sscanf() in place of scanf() in more places through the
- code. This makes us a little more locale-independent, and
- should help shut up code-analysis tools that can't tell
- a safe sscanf string from a dangerous one.
- - Convert more instances of tor_snprintf+tor_strdup into tor_asprintf.
- - Use the smartlist_add_asprintf() alias more consistently.
- o Code refactoring (consolidate):
- - A major revision to our internal node-selecting and listing logic.
- Tor already had at least two major ways to look at the question of
- "which Tor servers do we know about": a list of router descriptors,
- and a list of entries in the current consensus. With
- microdescriptors, we're adding a third. Having so many systems
- without an abstraction layer over them was hurting the codebase.
- Now, we have a new "node_t" abstraction that presents a consistent
- interface to a client's view of a Tor node, and holds (nearly) all
- of the mutable state formerly in routerinfo_t and routerstatus_t.
- - Move tor_gettimeofday_cached() into compat_libevent.c, and use
- Libevent's notion of cached time when possible.
- - Remove duplicate code for invoking getrlimit() from control.c.
- - Use OpenSSL's built-in SSL_state_string_long() instead of our
- own homebrewed ssl_state_to_string() replacement. Patch from
- Emile Snyder. Fixes bug 4653.
- - Change the symmetric cipher interface so that creating and
- initializing a stream cipher are no longer separate functions.
- o Code refactoring (separate):
- - Make a new "entry connection" struct as an internal subtype of "edge
- connection", to simplify the code and make exit connections smaller.
- - Split connection_about_to_close() into separate functions for each
- connection type.
- - Rewrite the listener-selection logic so that parsing which ports
- we want to listen on is now separate from binding to the ports
- we want.
- o Code refactoring (name changes):
- - Rename a handful of old identifiers, mostly related to crypto
- structures and crypto functions. By convention, our "create an
- object" functions are called "type_new()", our "free an object"
- functions are called "type_free()", and our types indicate that
- they are types only with a final "_t". But a handful of older
- types and functions broke these rules, with function names like
- "type_create" or "subsystem_op_type", or with type names like
- type_env_t.
- - Rename Tor functions that turn strings into addresses, so that
- "parse" indicates that no hostname resolution occurs, and
- "lookup" indicates that hostname resolution may occur. This
- should help prevent mistakes in the future. Fixes bug 3512.
- - Use the name "CERTS" consistently to refer to the new cell type;
- we were calling it CERT in some places and CERTS in others.
- - Use a TOR_INVALID_SOCKET macro when initializing a socket to an
- invalid value, rather than just -1.
- - Rename the bench_{aes,dmap} functions to test_*, so that tinytest
- can pick them up when the tests aren't disabled. Bugfix on
- 0.2.2.4-alpha which introduced tinytest.
- o Code refactoring (other):
- - Defensively refactor rend_mid_rendezvous() so that protocol
- violations and length checks happen in the beginning. Fixes
- bug 5645.
- - Remove the pure attribute from all functions that used it
- previously. In many cases we assigned it incorrectly, because the
- functions might assert or call impure functions, and we don't have
- evidence that keeping the pure attribute is worthwhile. Implements
- changes suggested in ticket 4421.
- - Move the replay-detection cache for the RSA-encrypted parts of
- INTRODUCE2 cells to the introduction point data structures.
- Previously, we would use one replay-detection cache per hidden
- service. Required by fix for bug 3460.
- - The helper programs tor-gencert, tor-resolve, and tor-checkkey
- no longer link against Libevent: they never used it, but
- our library structure used to force them to link it.
- o Removed features and files:
- - Remove all internal support for unpadded RSA. We never used it, and
- it would be a bad idea to start.
- - Remove some workaround code for OpenSSL 0.9.6 (which is no longer
- supported).
- - Remove some redundant #include directives throughout the code.
- Patch from Andrea Gelmini.
- - Remove some old code to remember statistics about which descriptors
- we've served as a directory mirror. The feature wasn't used and
- is outdated now that microdescriptors are around.
- - Remove some old code to work around even older versions of Tor that
- used forked processes to handle DNS requests. Such versions of Tor
- are no longer in use as relays.
- - The "torify" script no longer supports the "tsocks" socksifier
- tool, since tsocks doesn't support DNS and UDP right for Tor.
- Everyone should be using torsocks instead. Fixes bugs 3530 and
- 5180. Based on a patch by "ugh".
- - Remove the torrc.bridge file: we don't use it for anything, and
- it had become badly desynchronized from torrc.sample. Resolves
- bug 5622.
- o Documentation:
- - Begin a doc/state-contents.txt file to explain the contents of
- the Tor state file. Fixes bug 2987.
- - Clarify the documentation for the Alternate*Authority options.
- Fixes bug 6387.
- - Document the --defaults-torrc option, and the new semantics for
- overriding, extending, and clearing lists of options. Closes
- bug 4748.
- - Add missing man page documentation for consensus and microdesc
- files. Resolves ticket 6732.
- - Fix some typos in the manpages. Patch from A. Costa. Fixes bug 6500.
- o Documentation fixes:
- - Improve the manual's documentation for the NT Service command-line
- options. Addresses ticket 3964.
- - Clarify SessionGroup documentation slightly; resolves ticket 5437.
- - Document the changes to the ORPort and DirPort options, and the
- fact that {OR/Dir}ListenAddress is now unnecessary (and
- therefore deprecated). Resolves ticket 5597.
- - Correct a broken faq link in the INSTALL file. Fixes bug 2307.
- - Clarify that hidden services are TCP only. Fixes bug 6024.
- Changes in version 0.2.2.39 - 2012-09-11
- Tor 0.2.2.39 fixes two more opportunities for remotely triggerable
- assertions.
- o Security fixes:
- - Fix an assertion failure in tor_timegm() that could be triggered
- by a badly formatted directory object. Bug found by fuzzing with
- Radamsa. Fixes bug 6811; bugfix on 0.2.0.20-rc.
- - Do not crash when comparing an address with port value 0 to an
- address policy. This bug could have been used to cause a remote
- assertion failure by or against directory authorities, or to
- allow some applications to crash clients. Fixes bug 6690; bugfix
- on 0.2.1.10-alpha.
- Changes in version 0.2.2.38 - 2012-08-12
- Tor 0.2.2.38 fixes a remotely triggerable crash bug, and fixes a timing
- attack that could in theory leak path information.
- o Security fixes:
- - Avoid an uninitialized memory read when reading a vote or consensus
- document that has an unrecognized flavor name. This read could
- lead to a remote crash bug. Fixes bug 6530; bugfix on 0.2.2.6-alpha.
- - Try to leak less information about what relays a client is
- choosing to a side-channel attacker. Previously, a Tor client would
- stop iterating through the list of available relays as soon as it
- had chosen one, thus finishing a little earlier when it picked
- a router earlier in the list. If an attacker can recover this
- timing information (nontrivial but not proven to be impossible),
- they could learn some coarse-grained information about which relays
- a client was picking (middle nodes in particular are likelier to
- be affected than exits). The timing attack might be mitigated by
- other factors (see bug 6537 for some discussion), but it's best
- not to take chances. Fixes bug 6537; bugfix on 0.0.8rc1.
- Changes in version 0.2.2.37 - 2012-06-06
- Tor 0.2.2.37 introduces a workaround for a critical renegotiation
- bug in OpenSSL 1.0.1 (where 20% of the Tor network can't talk to itself
- currently).
- o Major bugfixes:
- - Work around a bug in OpenSSL that broke renegotiation with TLS
- 1.1 and TLS 1.2. Without this workaround, all attempts to speak
- the v2 Tor connection protocol when both sides were using OpenSSL
- 1.0.1 would fail. Resolves ticket 6033.
- - When waiting for a client to renegotiate, don't allow it to add
- any bytes to the input buffer. This fixes a potential DoS issue.
- Fixes bugs 5934 and 6007; bugfix on 0.2.0.20-rc.
- - Fix an edge case where if we fetch or publish a hidden service
- descriptor, we might build a 4-hop circuit and then use that circuit
- for exiting afterwards -- even if the new last hop doesn't obey our
- ExitNodes config option. Fixes bug 5283; bugfix on 0.2.0.10-alpha.
- o Minor bugfixes:
- - Fix a build warning with Clang 3.1 related to our use of vasprintf.
- Fixes bug 5969. Bugfix on 0.2.2.11-alpha.
- o Minor features:
- - Tell GCC and Clang to check for any errors in format strings passed
- to the tor_v*(print|scan)f functions.
- Changes in version 0.2.2.36 - 2012-05-24
- Tor 0.2.2.36 updates the addresses for two of the eight directory
- authorities, fixes some potential anonymity and security issues,
- and fixes several crash bugs.
- Tor 0.2.1.x has reached its end-of-life. Those Tor versions have many
- known flaws, and nobody should be using them. You should upgrade. If
- you're using a Linux or BSD and its packages are obsolete, stop using
- those packages and upgrade anyway.
- o Directory authority changes:
- - Change IP address for maatuska (v3 directory authority).
- - Change IP address for ides (v3 directory authority), and rename
- it to turtles.
- o Security fixes:
- - When building or running with any version of OpenSSL earlier
- than 0.9.8s or 1.0.0f, disable SSLv3 support. These OpenSSL
- versions have a bug (CVE-2011-4576) in which their block cipher
- padding includes uninitialized data, potentially leaking sensitive
- information to any peer with whom they make a SSLv3 connection. Tor
- does not use SSL v3 by default, but a hostile client or server
- could force an SSLv3 connection in order to gain information that
- they shouldn't have been able to get. The best solution here is to
- upgrade to OpenSSL 0.9.8s or 1.0.0f (or later). But when building
- or running with a non-upgraded OpenSSL, we disable SSLv3 entirely
- to make sure that the bug can't happen.
- - Never use a bridge or a controller-supplied node as an exit, even
- if its exit policy allows it. Found by wanoskarnet. Fixes bug
- 5342. Bugfix on 0.1.1.15-rc (for controller-purpose descriptors)
- and 0.2.0.3-alpha (for bridge-purpose descriptors).
- - Only build circuits if we have a sufficient threshold of the total
- descriptors that are marked in the consensus with the "Exit"
- flag. This mitigates an attack proposed by wanoskarnet, in which
- all of a client's bridges collude to restrict the exit nodes that
- the client knows about. Fixes bug 5343.
- - Provide controllers with a safer way to implement the cookie
- authentication mechanism. With the old method, if another locally
- running program could convince a controller that it was the Tor
- process, then that program could trick the controller into telling
- it the contents of an arbitrary 32-byte file. The new "SAFECOOKIE"
- authentication method uses a challenge-response approach to prevent
- this attack. Fixes bug 5185; implements proposal 193.
- o Major bugfixes:
- - Avoid logging uninitialized data when unable to decode a hidden
- service descriptor cookie. Fixes bug 5647; bugfix on 0.2.1.5-alpha.
- - Avoid a client-side assertion failure when receiving an INTRODUCE2
- cell on a general purpose circuit. Fixes bug 5644; bugfix on
- 0.2.1.6-alpha.
- - Fix builds when the path to sed, openssl, or sha1sum contains
- spaces, which is pretty common on Windows. Fixes bug 5065; bugfix
- on 0.2.2.1-alpha.
- - Correct our replacements for the timeradd() and timersub() functions
- on platforms that lack them (for example, Windows). The timersub()
- function is used when expiring circuits, while timeradd() is
- currently unused. Bug report and patch by Vektor. Fixes bug 4778;
- bugfix on 0.2.2.24-alpha.
- - Fix the SOCKET_OK test that we use to tell when socket
- creation fails so that it works on Win64. Fixes part of bug 4533;
- bugfix on 0.2.2.29-beta. Bug found by wanoskarnet.
- o Minor bugfixes:
- - Reject out-of-range times like 23:59:61 in parse_rfc1123_time().
- Fixes bug 5346; bugfix on 0.0.8pre3.
- - Make our number-parsing functions always treat too-large values
- as an error, even when those values exceed the width of the
- underlying type. Previously, if the caller provided these
- functions with minima or maxima set to the extreme values of the
- underlying integer type, these functions would return those
- values on overflow rather than treating overflow as an error.
- Fixes part of bug 5786; bugfix on 0.0.9.
- - Older Linux kernels erroneously respond to strange nmap behavior
- by having accept() return successfully with a zero-length
- socket. When this happens, just close the connection. Previously,
- we would try harder to learn the remote address: but there was
- no such remote address to learn, and our method for trying to
- learn it was incorrect. Fixes bugs 1240, 4745, and 4747. Bugfix
- on 0.1.0.3-rc. Reported and diagnosed by "r1eo".
- - Correct parsing of certain date types in parse_http_time().
- Without this patch, If-Modified-Since would behave
- incorrectly. Fixes bug 5346; bugfix on 0.2.0.2-alpha. Patch from
- Esteban Manchado Velázques.
- - Change the BridgePassword feature (part of the "bridge community"
- design, which is not yet implemented) to use a time-independent
- comparison. The old behavior might have allowed an adversary
- to use timing to guess the BridgePassword value. Fixes bug 5543;
- bugfix on 0.2.0.14-alpha.
- - Detect and reject certain misformed escape sequences in
- configuration values. Previously, these values would cause us
- to crash if received in a torrc file or over an authenticated
- control port. Bug found by Esteban Manchado Velázquez, and
- independently by Robert Connolly from Matta Consulting who further
- noted that it allows a post-authentication heap overflow. Patch
- by Alexander Schrijver. Fixes bugs 5090 and 5402 (CVE 2012-1668);
- bugfix on 0.2.0.16-alpha.
- - Fix a compile warning when using the --enable-openbsd-malloc
- configure option. Fixes bug 5340; bugfix on 0.2.0.20-rc.
- - During configure, detect when we're building with clang version
- 3.0 or lower and disable the -Wnormalized=id and -Woverride-init
- CFLAGS. clang doesn't support them yet.
- - When sending an HTTP/1.1 proxy request, include a Host header.
- Fixes bug 5593; bugfix on 0.2.2.1-alpha.
- - Fix a NULL-pointer dereference on a badly formed SETCIRCUITPURPOSE
- command. Found by mikeyc. Fixes bug 5796; bugfix on 0.2.2.9-alpha.
- - If we hit the error case where routerlist_insert() replaces an
- existing (old) server descriptor, make sure to remove that
- server descriptor from the old_routers list. Fix related to bug
- 1776. Bugfix on 0.2.2.18-alpha.
- o Minor bugfixes (documentation and log messages):
- - Fix a typo in a log message in rend_service_rendezvous_has_opened().
- Fixes bug 4856; bugfix on Tor 0.0.6.
- - Update "ClientOnly" man page entry to explain that there isn't
- really any point to messing with it. Resolves ticket 5005.
- - Document the GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays
- directory authority option (introduced in Tor 0.2.2.34).
- - Downgrade the "We're missing a certificate" message from notice
- to info: people kept mistaking it for a real problem, whereas it
- is seldom the problem even when we are failing to bootstrap. Fixes
- bug 5067; bugfix on 0.2.0.10-alpha.
- - Correctly spell "connect" in a log message on failure to create a
- controlsocket. Fixes bug 4803; bugfix on 0.2.2.26-beta.
- - Clarify the behavior of MaxCircuitDirtiness with hidden service
- circuits. Fixes issue 5259.
- o Minor features:
- - Directory authorities now reject versions of Tor older than
- 0.2.1.30, and Tor versions between 0.2.2.1-alpha and 0.2.2.20-alpha
- inclusive. These versions accounted for only a small fraction of
- the Tor network, and have numerous known security issues. Resolves
- issue 4788.
- - Update to the May 1 2012 Maxmind GeoLite Country database.
- - Feature removal:
- - When sending or relaying a RELAY_EARLY cell, we used to convert
- it to a RELAY cell if the connection was using the v1 link
- protocol. This was a workaround for older versions of Tor, which
- didn't handle RELAY_EARLY cells properly. Now that all supported
- versions can handle RELAY_EARLY cells, and now that we're enforcing
- the "no RELAY_EXTEND commands except in RELAY_EARLY cells" rule,
- remove this workaround. Addresses bug 4786.
- Changes in version 0.2.2.35 - 2011-12-16
- Tor 0.2.2.35 fixes a critical heap-overflow security issue in Tor's
- buffers code. Absolutely everybody should upgrade.
- The bug relied on an incorrect calculation when making data continuous
- in one of our IO buffers, if the first chunk of the buffer was
- misaligned by just the wrong amount. The miscalculation would allow an
- attacker to overflow a piece of heap-allocated memory. To mount this
- attack, the attacker would need to either open a SOCKS connection to
- Tor's SocksPort (usually restricted to localhost), or target a Tor
- instance configured to make its connections through a SOCKS proxy
- (which Tor does not do by default).
- Good security practice requires that all heap-overflow bugs should be
- presumed to be exploitable until proven otherwise, so we are treating
- this as a potential code execution attack. Please upgrade immediately!
- This bug does not affect bufferevents-based builds of Tor. Special
- thanks to "Vektor" for reporting this issue to us!
- Tor 0.2.2.35 also fixes several bugs in previous versions, including
- crash bugs for unusual configurations, and a long-term bug that
- would prevent Tor from starting on Windows machines with draconian
- AV software.
- With this release, we remind everyone that 0.2.0.x has reached its
- formal end-of-life. Those Tor versions have many known flaws, and
- nobody should be using them. You should upgrade -- ideally to the
- 0.2.2.x series. If you're using a Linux or BSD and its packages are
- obsolete, stop using those packages and upgrade anyway.
- The Tor 0.2.1.x series is also approaching its end-of-life: it will no
- longer receive support after some time in early 2012.
- o Major bugfixes:
- - Fix a heap overflow bug that could occur when trying to pull
- data into the first chunk of a buffer, when that chunk had
- already had some data drained from it. Fixes CVE-2011-2778;
- bugfix on 0.2.0.16-alpha. Reported by "Vektor".
- - Initialize Libevent with the EVENT_BASE_FLAG_NOLOCK flag enabled, so
- that it doesn't attempt to allocate a socketpair. This could cause
- some problems on Windows systems with overzealous firewalls. Fix for
- bug 4457; workaround for Libevent versions 2.0.1-alpha through
- 2.0.15-stable.
- - If we mark an OR connection for close based on a cell we process,
- don't process any further cells on it. We already avoid further
- reads on marked-for-close connections, but now we also discard the
- cells we'd already read. Fixes bug 4299; bugfix on 0.2.0.10-alpha,
- which was the first version where we might mark a connection for
- close based on processing a cell on it.
- - Correctly sanity-check that we don't underflow on a memory
- allocation (and then assert) for hidden service introduction
- point decryption. Bug discovered by Dan Rosenberg. Fixes bug 4410;
- bugfix on 0.2.1.5-alpha.
- - Fix a memory leak when we check whether a hidden service
- descriptor has any usable introduction points left. Fixes bug
- 4424. Bugfix on 0.2.2.25-alpha.
- - Don't crash when we're running as a relay and don't have a GeoIP
- file. Bugfix on 0.2.2.34; fixes bug 4340. This backports a fix
- we've had in the 0.2.3.x branch already.
- - When running as a client, do not print a misleading (and plain
- wrong) log message that we're collecting "directory request"
- statistics: clients don't collect statistics. Also don't create a
- useless (because empty) stats file in the stats/ directory. Fixes
- bug 4353; bugfix on 0.2.2.34.
- o Minor bugfixes:
- - Detect failure to initialize Libevent. This fix provides better
- detection for future instances of bug 4457.
- - Avoid frequent calls to the fairly expensive cull_wedged_cpuworkers
- function. This was eating up hideously large amounts of time on some
- busy servers. Fixes bug 4518; bugfix on 0.0.9.8.
- - Resolve an integer overflow bug in smartlist_ensure_capacity().
- Fixes bug 4230; bugfix on Tor 0.1.0.1-rc. Based on a patch by
- Mansour Moufid.
- - Don't warn about unused log_mutex in log.c when building with
- --disable-threads using a recent GCC. Fixes bug 4437; bugfix on
- 0.1.0.6-rc which introduced --disable-threads.
- - When configuring, starting, or stopping an NT service, stop
- immediately after the service configuration attempt has succeeded
- or failed. Fixes bug 3963; bugfix on 0.2.0.7-alpha.
- - When sending a NETINFO cell, include the original address
- received for the other side, not its canonical address. Found
- by "troll_un"; fixes bug 4349; bugfix on 0.2.0.10-alpha.
- - Fix a typo in a hibernation-related log message. Fixes bug 4331;
- bugfix on 0.2.2.23-alpha; found by "tmpname0901".
- - Fix a memory leak in launch_direct_bridge_descriptor_fetch() that
- occurred when a client tried to fetch a descriptor for a bridge
- in ExcludeNodes. Fixes bug 4383; bugfix on 0.2.2.25-alpha.
- - Backport fixes for a pair of compilation warnings on Windows.
- Fixes bug 4521; bugfix on 0.2.2.28-beta and on 0.2.2.29-beta.
- - If we had ever tried to call tor_addr_to_str on an address of
- unknown type, we would have done a strdup on an uninitialized
- buffer. Now we won't. Fixes bug 4529; bugfix on 0.2.1.3-alpha.
- Reported by "troll_un".
- - Correctly detect and handle transient lookup failures from
- tor_addr_lookup. Fixes bug 4530; bugfix on 0.2.1.5-alpha.
- Reported by "troll_un".
- - Fix null-pointer access that could occur if TLS allocation failed.
- Fixes bug 4531; bugfix on 0.2.0.20-rc. Found by "troll_un".
- - Use tor_socket_t type for listener argument to accept(). Fixes bug
- 4535; bugfix on 0.2.2.28-beta. Found by "troll_un".
- o Minor features:
- - Add two new config options for directory authorities:
- AuthDirFastGuarantee sets a bandwidth threshold for guaranteeing the
- Fast flag, and AuthDirGuardBWGuarantee sets a bandwidth threshold
- that is always sufficient to satisfy the bandwidth requirement for
- the Guard flag. Now it will be easier for researchers to simulate
- Tor networks with different values. Resolves ticket 4484.
- - When Tor ignores a hidden service specified in its configuration,
- include the hidden service's directory in the warning message.
- Previously, we would only tell the user that some hidden service
- was ignored. Bugfix on 0.0.6; fixes bug 4426.
- - Update to the December 6 2011 Maxmind GeoLite Country database.
- o Packaging changes:
- - Make it easier to automate expert package builds on Windows,
- by removing an absolute path from makensis.exe command.
- Changes in version 0.2.1.32 - 2011-12-16
- Tor 0.2.1.32 backports important security and privacy fixes for
- oldstable. This release is intended only for package maintainers and
- others who cannot use the 0.2.2 stable series. All others should be
- using Tor 0.2.2.x or newer.
- The Tor 0.2.1.x series will reach formal end-of-life some time in
- early 2012; we will stop releasing patches for it then.
- o Major bugfixes (also included in 0.2.2.x):
- - Correctly sanity-check that we don't underflow on a memory
- allocation (and then assert) for hidden service introduction
- point decryption. Bug discovered by Dan Rosenberg. Fixes bug 4410;
- bugfix on 0.2.1.5-alpha.
- - Fix a heap overflow bug that could occur when trying to pull
- data into the first chunk of a buffer, when that chunk had
- already had some data drained from it. Fixes CVE-2011-2778;
- bugfix on 0.2.0.16-alpha. Reported by "Vektor".
- o Minor features:
- - Update to the December 6 2011 Maxmind GeoLite Country database.
- Changes in version 0.2.2.34 - 2011-10-26
- Tor 0.2.2.34 fixes a critical anonymity vulnerability where an attacker
- can deanonymize Tor users. Everybody should upgrade.
- The attack relies on four components: 1) Clients reuse their TLS cert
- when talking to different relays, so relays can recognize a user by
- the identity key in her cert. 2) An attacker who knows the client's
- identity key can probe each guard relay to see if that identity key
- is connected to that guard relay right now. 3) A variety of active
- attacks in the literature (starting from "Low-Cost Traffic Analysis
- of Tor" by Murdoch and Danezis in 2005) allow a malicious website to
- discover the guard relays that a Tor user visiting the website is using.
- 4) Clients typically pick three guards at random, so the set of guards
- for a given user could well be a unique fingerprint for her. This
- release fixes components #1 and #2, which is enough to block the attack;
- the other two remain as open research problems. Special thanks to
- "frosty_un" for reporting the issue to us!
- Clients should upgrade so they are no longer recognizable by the TLS
- certs they present. Relays should upgrade so they no longer allow a
- remote attacker to probe them to test whether unpatched clients are
- currently connected to them.
- This release also fixes several vulnerabilities that allow an attacker
- to enumerate bridge relays. Some bridge enumeration attacks still
- remain; see for example proposal 188.
- o Privacy/anonymity fixes (clients):
- - Clients and bridges no longer send TLS certificate chains on
- outgoing OR connections. Previously, each client or bridge would
- use the same cert chain for all outgoing OR connections until
- its IP address changes, which allowed any relay that the client
- or bridge contacted to determine which entry guards it is using.
- Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
- - If a relay receives a CREATE_FAST cell on a TLS connection, it
- no longer considers that connection as suitable for satisfying a
- circuit EXTEND request. Now relays can protect clients from the
- CVE-2011-2768 issue even if the clients haven't upgraded yet.
- - Directory authorities no longer assign the Guard flag to relays
- that haven't upgraded to the above "refuse EXTEND requests
- to client connections" fix. Now directory authorities can
- protect clients from the CVE-2011-2768 issue even if neither
- the clients nor the relays have upgraded yet. There's a new
- "GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays" config option
- to let us transition smoothly, else tomorrow there would be no
- guard relays.
- o Privacy/anonymity fixes (bridge enumeration):
- - Bridge relays now do their directory fetches inside Tor TLS
- connections, like all the other clients do, rather than connecting
- directly to the DirPort like public relays do. Removes another
- avenue for enumerating bridges. Fixes bug 4115; bugfix on 0.2.0.35.
- - Bridges relays now build circuits for themselves in a more similar
- way to how clients build them. Removes another avenue for
- enumerating bridges. Fixes bug 4124; bugfix on 0.2.0.3-alpha,
- when bridges were introduced.
- - Bridges now refuse CREATE or CREATE_FAST cells on OR connections
- that they initiated. Relays could distinguish incoming bridge
- connections from client connections, creating another avenue for
- enumerating bridges. Fixes CVE-2011-2769. Bugfix on 0.2.0.3-alpha.
- Found by "frosty_un".
- o Major bugfixes:
- - Fix a crash bug when changing node restrictions while a DNS lookup
- is in-progress. Fixes bug 4259; bugfix on 0.2.2.25-alpha. Bugfix
- by "Tey'".
- - Don't launch a useless circuit after failing to use one of a
- hidden service's introduction points. Previously, we would
- launch a new introduction circuit, but not set the hidden service
- which that circuit was intended to connect to, so it would never
- actually be used. A different piece of code would then create a
- new introduction circuit correctly. Bug reported by katmagic and
- found by Sebastian Hahn. Bugfix on 0.2.1.13-alpha; fixes bug 4212.
- o Minor bugfixes:
- - Change an integer overflow check in the OpenBSD_Malloc code so
- that GCC is less likely to eliminate it as impossible. Patch
- from Mansour Moufid. Fixes bug 4059.
- - When a hidden service turns an extra service-side introduction
- circuit into a general-purpose circuit, free the rend_data and
- intro_key fields first, so we won't leak memory if the circuit
- is cannibalized for use as another service-side introduction
- circuit. Bugfix on 0.2.1.7-alpha; fixes bug 4251.
- - Bridges now skip DNS self-tests, to act a little more stealthily.
- Fixes bug 4201; bugfix on 0.2.0.3-alpha, which first introduced
- bridges. Patch by "warms0x".
- - Fix internal bug-checking logic that was supposed to catch
- failures in digest generation so that it will fail more robustly
- if we ask for a nonexistent algorithm. Found by Coverity Scan.
- Bugfix on 0.2.2.1-alpha; fixes Coverity CID 479.
- - Report any failure in init_keys() calls launched because our
- IP address has changed. Spotted by Coverity Scan. Bugfix on
- 0.1.1.4-alpha; fixes CID 484.
- o Minor bugfixes (log messages and documentation):
- - Remove a confusing dollar sign from the example fingerprint in the
- man page, and also make the example fingerprint a valid one. Fixes
- bug 4309; bugfix on 0.2.1.3-alpha.
- - The next version of Windows will be called Windows 8, and it has
- a major version of 6, minor version of 2. Correctly identify that
- version instead of calling it "Very recent version". Resolves
- ticket 4153; reported by funkstar.
- - Downgrade log messages about circuit timeout calibration from
- "notice" to "info": they don't require or suggest any human
- intervention. Patch from Tom Lowenthal. Fixes bug 4063;
- bugfix on 0.2.2.14-alpha.
- o Minor features:
- - Turn on directory request statistics by default and include them in
- extra-info descriptors. Don't break if we have no GeoIP database.
- Backported from 0.2.3.1-alpha; implements ticket 3951.
- - Update to the October 4 2011 Maxmind GeoLite Country database.
- Changes in version 0.2.1.31 - 2011-10-26
- Tor 0.2.1.31 backports important security and privacy fixes for
- oldstable. This release is intended only for package maintainers and
- others who cannot use the 0.2.2 stable series. All others should be
- using Tor 0.2.2.x or newer.
- o Security fixes (also included in 0.2.2.x):
- - Replace all potentially sensitive memory comparison operations
- with versions whose runtime does not depend on the data being
- compared. This will help resist a class of attacks where an
- adversary can use variations in timing information to learn
- sensitive data. Fix for one case of bug 3122. (Safe memcmp
- implementation by Robert Ransom based partially on code by DJB.)
- - Fix an assert in parsing router descriptors containing IPv6
- addresses. This one took down the directory authorities when
- somebody tried some experimental code. Bugfix on 0.2.1.3-alpha.
- o Privacy/anonymity fixes (also included in 0.2.2.x):
- - Clients and bridges no longer send TLS certificate chains on
- outgoing OR connections. Previously, each client or bridge would
- use the same cert chain for all outgoing OR connections until
- its IP address changes, which allowed any relay that the client
- or bridge contacted to determine which entry guards it is using.
- Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
- - If a relay receives a CREATE_FAST cell on a TLS connection, it
- no longer considers that connection as suitable for satisfying a
- circuit EXTEND request. Now relays can protect clients from the
- CVE-2011-2768 issue even if the clients haven't upgraded yet.
- - Bridges now refuse CREATE or CREATE_FAST cells on OR connections
- that they initiated. Relays could distinguish incoming bridge
- connections from client connections, creating another avenue for
- enumerating bridges. Fixes CVE-2011-2769. Bugfix on 0.2.0.3-alpha.
- Found by "frosty_un".
- - When receiving a hidden service descriptor, check that it is for
- the hidden service we wanted. Previously, Tor would store any
- hidden service descriptors that a directory gave it, whether it
- wanted them or not. This wouldn't have let an attacker impersonate
- a hidden service, but it did let directories pre-seed a client
- with descriptors that it didn't want. Bugfix on 0.0.6.
- - Avoid linkability based on cached hidden service descriptors: forget
- all hidden service descriptors cached as a client when processing a
- SIGNAL NEWNYM command. Fixes bug 3000; bugfix on 0.0.6.
- - Make the bridge directory authority refuse to answer directory
- requests for "all" descriptors. It used to include bridge
- descriptors in its answer, which was a major information leak.
- Found by "piebeer". Bugfix on 0.2.0.3-alpha.
- - Don't attach new streams to old rendezvous circuits after SIGNAL
- NEWNYM. Previously, we would keep using an existing rendezvous
- circuit if it remained open (i.e. if it were kept open by a
- long-lived stream, or if a new stream were attached to it before
- Tor could notice that it was old and no longer in use). Bugfix on
- 0.1.1.15-rc; fixes bug 3375.
- o Minor bugfixes (also included in 0.2.2.x):
- - When we restart our relay, we might get a successful connection
- from the outside before we've started our reachability tests,
- triggering a warning: "ORPort found reachable, but I have no
- routerinfo yet. Failing to inform controller of success." This
- bug was harmless unless Tor is running under a controller
- like Vidalia, in which case the controller would never get a
- REACHABILITY_SUCCEEDED status event. Bugfix on 0.1.2.6-alpha;
- fixes bug 1172.
- - Build correctly on OSX with zlib 1.2.4 and higher with all warnings
- enabled. Fixes bug 1526.
- - Remove undocumented option "-F" from tor-resolve: it hasn't done
- anything since 0.2.1.16-rc.
- - Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned.
- None of the cases where we did this before were wrong, but by making
- this change we avoid warnings. Fixes bug 2475; bugfix on 0.2.1.28.
- - Fix a rare crash bug that could occur when a client was configured
- with a large number of bridges. Fixes bug 2629; bugfix on
- 0.2.1.2-alpha. Bugfix by trac user "shitlei".
- - Correct the warning displayed when a rendezvous descriptor exceeds
- the maximum size. Fixes bug 2750; bugfix on 0.2.1.5-alpha. Found by
- John Brooks.
- - Fix an uncommon assertion failure when running with DNSPort under
- heavy load. Fixes bug 2933; bugfix on 0.2.0.1-alpha.
- - When warning about missing zlib development packages during compile,
- give the correct package names. Bugfix on 0.2.0.1-alpha.
- - Require that introduction point keys and onion keys have public
- exponent 65537. Bugfix on 0.2.0.10-alpha.
- - Do not crash when our configuration file becomes unreadable, for
- example due to a permissions change, between when we start up
- and when a controller calls SAVECONF. Fixes bug 3135; bugfix
- on 0.0.9pre6.
- - Fix warnings from GCC 4.6's "-Wunused-but-set-variable" option.
- Fixes bug 3208.
- - Always NUL-terminate the sun_path field of a sockaddr_un before
- passing it to the kernel. (Not a security issue: kernels are
- smart enough to reject bad sockaddr_uns.) Found by Coverity;
- CID #428. Bugfix on Tor 0.2.0.3-alpha.
- - Don't stack-allocate the list of supplementary GIDs when we're
- about to log them. Stack-allocating NGROUPS_MAX gid_t elements
- could take up to 256K, which is way too much stack. Found by
- Coverity; CID #450. Bugfix on 0.2.1.7-alpha.
- o Minor bugfixes (only in 0.2.1.x):
- - Resume using micro-version numbers in 0.2.1.x: our Debian packages
- rely on them. Bugfix on 0.2.1.30.
- - Use git revisions instead of svn revisions when generating our
- micro-version numbers. Bugfix on 0.2.1.15-rc; fixes bug 2402.
- o Minor features (also included in 0.2.2.x):
- - Adjust the expiration time on our SSL session certificates to
- better match SSL certs seen in the wild. Resolves ticket 4014.
- - Allow nameservers with IPv6 address. Resolves bug 2574.
- - Update to the October 4 2011 Maxmind GeoLite Country database.
- Changes in version 0.2.2.33 - 2011-09-13
- Tor 0.2.2.33 fixes several bugs, and includes a slight tweak to Tor's
- TLS handshake that makes relays and bridges that run this new version
- reachable from Iran again.
- o Major bugfixes:
- - Avoid an assertion failure when reloading a configuration with
- TrackExitHosts changes. Found and fixed by 'laruldan'. Fixes bug
- 3923; bugfix on 0.2.2.25-alpha.
- o Minor features (security):
- - Check for replays of the public-key encrypted portion of an
- INTRODUCE1 cell, in addition to the current check for replays of
- the g^x value. This prevents a possible class of active attacks
- by an attacker who controls both an introduction point and a
- rendezvous point, and who uses the malleability of AES-CTR to
- alter the encrypted g^x portion of the INTRODUCE1 cell. We think
- that these attacks are infeasible (requiring the attacker to send
- on the order of zettabytes of altered cells in a short interval),
- but we'd rather block them off in case there are any classes of
- this attack that we missed. Reported by Willem Pinckaers.
- o Minor features:
- - Adjust the expiration time on our SSL session certificates to
- better match SSL certs seen in the wild. Resolves ticket 4014.
- - Change the default required uptime for a relay to be accepted as
- a HSDir (hidden service directory) from 24 hours to 25 hours.
- Improves on 0.2.0.10-alpha; resolves ticket 2649.
- - Add a VoteOnHidServDirectoriesV2 config option to allow directory
- authorities to abstain from voting on assignment of the HSDir
- consensus flag. Related to bug 2649.
- - Update to the September 6 2011 Maxmind GeoLite Country database.
- o Minor bugfixes (documentation and log messages):
- - Correct the man page to explain that HashedControlPassword and
- CookieAuthentication can both be set, in which case either method
- is sufficient to authenticate to Tor. Bugfix on 0.2.0.7-alpha,
- when we decided to allow these config options to both be set. Issue
- raised by bug 3898.
- - Demote the 'replay detected' log message emitted when a hidden
- service receives the same Diffie-Hellman public key in two different
- INTRODUCE2 cells to info level. A normal Tor client can cause that
- log message during its normal operation. Bugfix on 0.2.1.6-alpha;
- fixes part of bug 2442.
- - Demote the 'INTRODUCE2 cell is too {old,new}' log message to info
- level. There is nothing that a hidden service's operator can do
- to fix its clients' clocks. Bugfix on 0.2.1.6-alpha; fixes part
- of bug 2442.
- - Clarify a log message specifying the characters permitted in
- HiddenServiceAuthorizeClient client names. Previously, the log
- message said that "[A-Za-z0-9+-_]" were permitted; that could have
- given the impression that every ASCII character between "+" and "_"
- was permitted. Now we say "[A-Za-z0-9+_-]". Bugfix on 0.2.1.5-alpha.
- o Build fixes:
- - Provide a substitute implementation of lround() for MSVC, which
- apparently lacks it. Patch from Gisle Vanem.
- - Clean up some code issues that prevented Tor from building on older
- BSDs. Fixes bug 3894; reported by "grarpamp".
- - Search for a platform-specific version of "ar" when cross-compiling.
- Should fix builds on iOS. Resolves bug 3909, found by Marco Bonetti.
- Changes in version 0.2.2.32 - 2011-08-27
- The Tor 0.2.2 release series is dedicated to the memory of Andreas
- Pfitzmann (1958-2010), a pioneer in anonymity and privacy research,
- a founder of the PETS community, a leader in our field, a mentor,
- and a friend. He left us with these words: "I had the possibility
- to contribute to this world that is not as it should be. I hope I
- could help in some areas to make the world a better place, and that
- I could also encourage other people to be engaged in improving the
- world. Please, stay engaged. This world needs you, your love, your
- initiative -- now I cannot be part of that anymore."
- Tor 0.2.2.32, the first stable release in the 0.2.2 branch, is finally
- ready. More than two years in the making, this release features improved
- client performance and hidden service reliability, better compatibility
- for Android, correct behavior for bridges that listen on more than
- one address, more extensible and flexible directory object handling,
- better reporting of network statistics, improved code security, and
- many many other features and bugfixes.
- o Major features (client performance):
- - When choosing which cells to relay first, relays now favor circuits
- that have been quiet recently, to provide lower latency for
- low-volume circuits. By default, relays enable or disable this
- feature based on a setting in the consensus. They can override
- this default by using the new "CircuitPriorityHalflife" config
- option. Design and code by Ian Goldberg, Can Tang, and Chris
- Alexander.
- - Directory authorities now compute consensus weightings that instruct
- clients how to weight relays flagged as Guard, Exit, Guard+Exit,
- and no flag. Clients use these weightings to distribute network load
- more evenly across these different relay types. The weightings are
- in the consensus so we can change them globally in the future. Extra
- thanks to "outofwords" for finding some nasty security bugs in
- the first implementation of this feature.
- o Major features (client performance, circuit build timeout):
- - Tor now tracks how long it takes to build client-side circuits
- over time, and adapts its timeout to local network performance.
- Since a circuit that takes a long time to build will also provide
- bad performance, we get significant latency improvements by
- discarding the slowest 20% of circuits. Specifically, Tor creates
- circuits more aggressively than usual until it has enough data
- points for a good timeout estimate. Implements proposal 151.
- - Circuit build timeout constants can be controlled by consensus
- parameters. We set good defaults for these parameters based on
- experimentation on broadband and simulated high-latency links.
- - Circuit build time learning can be disabled via consensus parameter
- or by the client via a LearnCircuitBuildTimeout config option. We
- also automatically disable circuit build time calculation if either
- AuthoritativeDirectory is set, or if we fail to write our state
- file. Implements ticket 1296.
- o Major features (relays use their capacity better):
- - Set SO_REUSEADDR socket option on all sockets, not just
- listeners. This should help busy exit nodes avoid running out of
- useable ports just because all the ports have been used in the
- near past. Resolves issue 2850.
- - Relays now save observed peak bandwidth throughput rates to their
- state file (along with total usage, which was already saved),
- so that they can determine their correct estimated bandwidth on
- restart. Resolves bug 1863, where Tor relays would reset their
- estimated bandwidth to 0 after restarting.
- - Lower the maximum weighted-fractional-uptime cutoff to 98%. This
- should give us approximately 40-50% more Guard-flagged nodes,
- improving the anonymity the Tor network can provide and also
- decreasing the dropoff in throughput that relays experience when
- they first get the Guard flag.
- - Directory authorities now take changes in router IP address and
- ORPort into account when determining router stability. Previously,
- if a router changed its IP or ORPort, the authorities would not
- treat it as having any downtime for the purposes of stability
- calculation, whereas clients would experience downtime since the
- change would take a while to propagate to them. Resolves issue 1035.
- - New AccelName and AccelDir options add support for dynamic OpenSSL
- hardware crypto acceleration engines.
- o Major features (relays control their load better):
- - Exit relays now try harder to block exit attempts from unknown
- relays, to make it harder for people to use them as one-hop proxies
- a la tortunnel. Controlled by the refuseunknownexits consensus
- parameter (currently enabled), or you can override it on your
- relay with the RefuseUnknownExits torrc option. Resolves bug 1751;
- based on a variant of proposal 163.
- - Add separate per-conn write limiting to go with the per-conn read
- limiting. We added a global write limit in Tor 0.1.2.5-alpha,
- but never per-conn write limits.
- - New consensus params "bwconnrate" and "bwconnburst" to let us
- rate-limit client connections as they enter the network. It's
- controlled in the consensus so we can turn it on and off for
- experiments. It's starting out off. Based on proposal 163.
- o Major features (controllers):
- - Export GeoIP information on bridge usage to controllers even if we
- have not yet been running for 24 hours. Now Vidalia bridge operators
- can get more accurate and immediate feedback about their
- contributions to the network.
- - Add an __OwningControllerProcess configuration option and a
- TAKEOWNERSHIP control-port command. Now a Tor controller can ensure
- that when it exits, Tor will shut down. Implements feature 3049.
- o Major features (directory authorities):
- - Directory authorities now create, vote on, and serve multiple
- parallel formats of directory data as part of their voting process.
- Partially implements Proposal 162: "Publish the consensus in
- multiple flavors".
- - Directory authorities now agree on and publish small summaries
- of router information that clients can use in place of regular
- server descriptors. This transition will allow Tor 0.2.3 clients
- to use far less bandwidth for downloading information about the
- network. Begins the implementation of Proposal 158: "Clients
- download consensus + microdescriptors".
- - The directory voting system is now extensible to use multiple hash
- algorithms for signatures and resource selection. Newer formats
- are signed with SHA256, with a possibility for moving to a better
- hash algorithm in the future.
- - Directory authorities can now vote on arbitary integer values as
- part of the consensus process. This is designed to help set
- network-wide parameters. Implements proposal 167.
- o Major features and bugfixes (node selection):
- - Revise and reconcile the meaning of the ExitNodes, EntryNodes,
- ExcludeEntryNodes, ExcludeExitNodes, ExcludeNodes, and Strict*Nodes
- options. Previously, we had been ambiguous in describing what
- counted as an "exit" node, and what operations exactly "StrictNodes
- 0" would permit. This created confusion when people saw nodes built
- through unexpected circuits, and made it hard to tell real bugs from
- surprises. Now the intended behavior is:
- . "Exit", in the context of ExitNodes and ExcludeExitNodes, means
- a node that delivers user traffic outside the Tor network.
- . "Entry", in the context of EntryNodes, means a node used as the
- first hop of a multihop circuit. It doesn't include direct
- connections to directory servers.
- . "ExcludeNodes" applies to all nodes.
- . "StrictNodes" changes the behavior of ExcludeNodes only. When
- StrictNodes is set, Tor should avoid all nodes listed in
- ExcludeNodes, even when it will make user requests fail. When
- StrictNodes is *not* set, then Tor should follow ExcludeNodes
- whenever it can, except when it must use an excluded node to
- perform self-tests, connect to a hidden service, provide a
- hidden service, fulfill a .exit request, upload directory
- information, or fetch directory information.
- Collectively, the changes to implement the behavior fix bug 1090.
- - If EntryNodes, ExitNodes, ExcludeNodes, or ExcludeExitNodes
- change during a config reload, mark and discard all our origin
- circuits. This fix should address edge cases where we change the
- config options and but then choose a circuit that we created before
- the change.
- - Make EntryNodes config option much more aggressive even when
- StrictNodes is not set. Before it would prepend your requested
- entrynodes to your list of guard nodes, but feel free to use others
- after that. Now it chooses only from your EntryNodes if any of
- those are available, and only falls back to others if a) they're
- all down and b) StrictNodes is not set.
- - Now we refresh your entry guards from EntryNodes at each consensus
- fetch -- rather than just at startup and then they slowly rot as
- the network changes.
- - Add support for the country code "{??}" in torrc options like
- ExcludeNodes, to indicate all routers of unknown country. Closes
- bug 1094.
- - ExcludeNodes now takes precedence over EntryNodes and ExitNodes: if
- a node is listed in both, it's treated as excluded.
- - ExcludeNodes now applies to directory nodes -- as a preference if
- StrictNodes is 0, or an absolute requirement if StrictNodes is 1.
- Don't exclude all the directory authorities and set StrictNodes to 1
- unless you really want your Tor to break.
- - ExcludeNodes and ExcludeExitNodes now override exit enclaving.
- - ExcludeExitNodes now overrides .exit requests.
- - We don't use bridges listed in ExcludeNodes.
- - When StrictNodes is 1:
- . We now apply ExcludeNodes to hidden service introduction points
- and to rendezvous points selected by hidden service users. This
- can make your hidden service less reliable: use it with caution!
- . If we have used ExcludeNodes on ourself, do not try relay
- reachability self-tests.
- . If we have excluded all the directory authorities, we will not
- even try to upload our descriptor if we're a relay.
- . Do not honor .exit requests to an excluded node.
- - When the set of permitted nodes changes, we now remove any mappings
- introduced via TrackExitHosts to now-excluded nodes. Bugfix on
- 0.1.0.1-rc.
- - We never cannibalize a circuit that had excluded nodes on it, even
- if StrictNodes is 0. Bugfix on 0.1.0.1-rc.
- - Improve log messages related to excluded nodes.
- o Major features (misc):
- - Numerous changes, bugfixes, and workarounds from Nathan Freitas
- to help Tor build correctly for Android phones.
- - The options SocksPort, ControlPort, and so on now all accept a
- value "auto" that opens a socket on an OS-selected port. A
- new ControlPortWriteToFile option tells Tor to write its
- actual control port or ports to a chosen file. If the option
- ControlPortFileGroupReadable is set, the file is created as
- group-readable. Now users can run two Tor clients on the same
- system without needing to manually mess with parameters. Resolves
- part of ticket 3076.
- - Tor now supports tunneling all of its outgoing connections over
- a SOCKS proxy, using the SOCKS4Proxy and/or SOCKS5Proxy
- configuration options. Code by Christopher Davis.
- o Code security improvements:
- - Replace all potentially sensitive memory comparison operations
- with versions whose runtime does not depend on the data being
- compared. This will help resist a class of attacks where an
- adversary can use variations in timing information to learn
- sensitive data. Fix for one case of bug 3122. (Safe memcmp
- implementation by Robert Ransom based partially on code by DJB.)
- - Enable Address Space Layout Randomization (ASLR) and Data Execution
- Prevention (DEP) by default on Windows to make it harder for
- attackers to exploit vulnerabilities. Patch from John Brooks.
- - New "--enable-gcc-hardening" ./configure flag (off by default)
- to turn on gcc compile time hardening options. It ensures
- that signed ints have defined behavior (-fwrapv), enables
- -D_FORTIFY_SOURCE=2 (requiring -O2), adds stack smashing protection
- with canaries (-fstack-protector-all), turns on ASLR protection if
- supported by the kernel (-fPIE, -pie), and adds additional security
- related warnings. Verified to work on Mac OS X and Debian Lenny.
- - New "--enable-linker-hardening" ./configure flag (off by default)
- to turn on ELF specific hardening features (relro, now). This does
- not work with Mac OS X or any other non-ELF binary format.
- - Always search the Windows system directory for system DLLs, and
- nowhere else. Bugfix on 0.1.1.23; fixes bug 1954.
- - New DisableAllSwap option. If set to 1, Tor will attempt to lock all
- current and future memory pages via mlockall(). On supported
- platforms (modern Linux and probably BSD but not Windows or OS X),
- this should effectively disable any and all attempts to page out
- memory. This option requires that you start your Tor as root --
- if you use DisableAllSwap, please consider using the User option
- to properly reduce the privileges of your Tor.
- o Major bugfixes (crashes):
- - Fix crash bug on platforms where gmtime and localtime can return
- NULL. Windows 7 users were running into this one. Fixes part of bug
- 2077. Bugfix on all versions of Tor. Found by boboper.
- - Introduce minimum/maximum values that clients will believe
- from the consensus. Now we'll have a better chance to avoid crashes
- or worse when a consensus param has a weird value.
- - Fix a rare crash bug that could occur when a client was configured
- with a large number of bridges. Fixes bug 2629; bugfix on
- 0.2.1.2-alpha. Bugfix by trac user "shitlei".
- - Do not crash when our configuration file becomes unreadable, for
- example due to a permissions change, between when we start up
- and when a controller calls SAVECONF. Fixes bug 3135; bugfix
- on 0.0.9pre6.
- - If we're in the pathological case where there's no exit bandwidth
- but there is non-exit bandwidth, or no guard bandwidth but there
- is non-guard bandwidth, don't crash during path selection. Bugfix
- on 0.2.0.3-alpha.
- - Fix a crash bug when trying to initialize the evdns module in
- Libevent 2. Bugfix on 0.2.1.16-rc.
- o Major bugfixes (stability):
- - Fix an assert in parsing router descriptors containing IPv6
- addresses. This one took down the directory authorities when
- somebody tried some experimental code. Bugfix on 0.2.1.3-alpha.
- - Fix an uncommon assertion failure when running with DNSPort under
- heavy load. Fixes bug 2933; bugfix on 0.2.0.1-alpha.
- - Treat an unset $HOME like an empty $HOME rather than triggering an
- assert. Bugfix on 0.0.8pre1; fixes bug 1522.
- - More gracefully handle corrupt state files, removing asserts
- in favor of saving a backup and resetting state.
- - Instead of giving an assertion failure on an internal mismatch
- on estimated freelist size, just log a BUG warning and try later.
- Mitigates but does not fix bug 1125.
- - Fix an assert that got triggered when using the TestingTorNetwork
- configuration option and then issuing a GETINFO config-text control
- command. Fixes bug 2250; bugfix on 0.2.1.2-alpha.
- - If the cached cert file is unparseable, warn but don't exit.
- o Privacy fixes (relays/bridges):
- - Don't list Windows capabilities in relay descriptors. We never made
- use of them, and maybe it's a bad idea to publish them. Bugfix
- on 0.1.1.8-alpha.
- - If the Nickname configuration option isn't given, Tor would pick a
- nickname based on the local hostname as the nickname for a relay.
- Because nicknames are not very important in today's Tor and the
- "Unnamed" nickname has been implemented, this is now problematic
- behavior: It leaks information about the hostname without being
- useful at all. Fixes bug 2979; bugfix on 0.1.2.2-alpha, which
- introduced the Unnamed nickname. Reported by tagnaq.
- - Maintain separate TLS contexts and certificates for incoming and
- outgoing connections in bridge relays. Previously we would use the
- same TLS contexts and certs for incoming and outgoing connections.
- Bugfix on 0.2.0.3-alpha; addresses bug 988.
- - Maintain separate identity keys for incoming and outgoing TLS
- contexts in bridge relays. Previously we would use the same
- identity keys for incoming and outgoing TLS contexts. Bugfix on
- 0.2.0.3-alpha; addresses the other half of bug 988.
- - Make the bridge directory authority refuse to answer directory
- requests for "all descriptors". It used to include bridge
- descriptors in its answer, which was a major information leak.
- Found by "piebeer". Bugfix on 0.2.0.3-alpha.
- o Privacy fixes (clients):
- - When receiving a hidden service descriptor, check that it is for
- the hidden service we wanted. Previously, Tor would store any
- hidden service descriptors that a directory gave it, whether it
- wanted them or not. This wouldn't have let an attacker impersonate
- a hidden service, but it did let directories pre-seed a client
- with descriptors that it didn't want. Bugfix on 0.0.6.
- - Start the process of disabling ".exit" address notation, since it
- can be used for a variety of esoteric application-level attacks
- on users. To reenable it, set "AllowDotExit 1" in your torrc. Fix
- on 0.0.9rc5.
- - Reject attempts at the client side to open connections to private
- IP addresses (like 127.0.0.1, 10.0.0.1, and so on) with
- a randomly chosen exit node. Attempts to do so are always
- ill-defined, generally prevented by exit policies, and usually
- in error. This will also help to detect loops in transparent
- proxy configurations. You can disable this feature by setting
- "ClientRejectInternalAddresses 0" in your torrc.
- - Log a notice when we get a new control connection. Now it's easier
- for security-conscious users to recognize when a local application
- is knocking on their controller door. Suggested by bug 1196.
- o Privacy fixes (newnym):
- - Avoid linkability based on cached hidden service descriptors: forget
- all hidden service descriptors cached as a client when processing a
- SIGNAL NEWNYM command. Fixes bug 3000; bugfix on 0.0.6.
- - On SIGHUP, do not clear out all TrackHostExits mappings, client
- DNS cache entries, and virtual address mappings: that's what
- NEWNYM is for. Fixes bug 1345; bugfix on 0.1.0.1-rc.
- - Don't attach new streams to old rendezvous circuits after SIGNAL
- NEWNYM. Previously, we would keep using an existing rendezvous
- circuit if it remained open (i.e. if it were kept open by a
- long-lived stream, or if a new stream were attached to it before
- Tor could notice that it was old and no longer in use). Bugfix on
- 0.1.1.15-rc; fixes bug 3375.
- o Major bugfixes (relay bandwidth accounting):
- - Fix a bug that could break accounting on 64-bit systems with large
- time_t values, making them hibernate for impossibly long intervals.
- Fixes bug 2146. Bugfix on 0.0.9pre6; fix by boboper.
- - Fix a bug in bandwidth accounting that could make us use twice
- the intended bandwidth when our interval start changes due to
- daylight saving time. Now we tolerate skew in stored vs computed
- interval starts: if the start of the period changes by no more than
- 50% of the period's duration, we remember bytes that we transferred
- in the old period. Fixes bug 1511; bugfix on 0.0.9pre5.
- o Major bugfixes (bridges):
- - Bridges now use "reject *:*" as their default exit policy. Bugfix
- on 0.2.0.3-alpha. Fixes bug 1113.
- - If you configure your bridge with a known identity fingerprint,
- and the bridge authority is unreachable (as it is in at least
- one country now), fall back to directly requesting the descriptor
- from the bridge. Finishes the feature started in 0.2.0.10-alpha;
- closes bug 1138.
- - Fix a bug where bridge users who configure the non-canonical
- address of a bridge automatically switch to its canonical
- address. If a bridge listens at more than one address, it
- should be able to advertise those addresses independently and
- any non-blocked addresses should continue to work. Bugfix on Tor
- 0.2.0.3-alpha. Fixes bug 2510.
- - If you configure Tor to use bridge A, and then quit and
- configure Tor to use bridge B instead (or if you change Tor
- to use bridge B via the controller), it would happily continue
- to use bridge A if it's still reachable. While this behavior is
- a feature if your goal is connectivity, in some scenarios it's a
- dangerous bug. Bugfix on Tor 0.2.0.1-alpha; fixes bug 2511.
- - When the controller configures a new bridge, don't wait 10 to 60
- seconds before trying to fetch its descriptor. Bugfix on
- 0.2.0.3-alpha; fixes bug 3198 (suggested by 2355).
- o Major bugfixes (directory authorities):
- - Many relays have been falling out of the consensus lately because
- not enough authorities know about their descriptor for them to get
- a majority of votes. When we deprecated the v2 directory protocol,
- we got rid of the only way that v3 authorities can hear from each
- other about other descriptors. Now authorities examine every v3
- vote for new descriptors, and fetch them from that authority. Bugfix
- on 0.2.1.23.
- - Authorities could be tricked into giving out the Exit flag to relays
- that didn't allow exiting to any ports. This bug could screw
- with load balancing and stats. Bugfix on 0.1.1.6-alpha; fixes bug
- 1238. Bug discovered by Martin Kowalczyk.
- - If all authorities restart at once right before a consensus vote,
- nobody will vote about "Running", and clients will get a consensus
- with no usable relays. Instead, authorities refuse to build a
- consensus if this happens. Bugfix on 0.2.0.10-alpha; fixes bug 1066.
- o Major bugfixes (stream-level fairness):
- - When receiving a circuit-level SENDME for a blocked circuit, try
- to package cells fairly from all the streams that had previously
- been blocked on that circuit. Previously, we had started with the
- oldest stream, and allowed each stream to potentially exhaust
- the circuit's package window. This gave older streams on any
- given circuit priority over newer ones. Fixes bug 1937. Detected
- originally by Camilo Viecco. This bug was introduced before the
- first Tor release, in svn commit r152: it is the new winner of
- the longest-lived bug prize.
- - Fix a stream fairness bug that would cause newer streams on a given
- circuit to get preference when reading bytes from the origin or
- destination. Fixes bug 2210. Fix by Mashael AlSabah. This bug was
- introduced before the first Tor release, in svn revision r152.
- - When the exit relay got a circuit-level sendme cell, it started
- reading on the exit streams, even if had 500 cells queued in the
- circuit queue already, so the circuit queue just grew and grew in
- some cases. We fix this by not re-enabling reading on receipt of a
- sendme cell when the cell queue is blocked. Fixes bug 1653. Bugfix
- on 0.2.0.1-alpha. Detected by Mashael AlSabah. Original patch by
- "yetonetime".
- - Newly created streams were allowed to read cells onto circuits,
- even if the circuit's cell queue was blocked and waiting to drain.
- This created potential unfairness, as older streams would be
- blocked, but newer streams would gladly fill the queue completely.
- We add code to detect this situation and prevent any stream from
- getting more than one free cell. Bugfix on 0.2.0.1-alpha. Partially
- fixes bug 1298.
- o Major bugfixes (hidden services):
- - Apply circuit timeouts to opened hidden-service-related circuits
- based on the correct start time. Previously, we would apply the
- circuit build timeout based on time since the circuit's creation;
- it was supposed to be applied based on time since the circuit
- entered its current state. Bugfix on 0.0.6; fixes part of bug 1297.
- - Improve hidden service robustness: When we find that we have
- extended a hidden service's introduction circuit to a relay not
- listed as an introduction point in the HS descriptor we currently
- have, retry with an introduction point from the current
- descriptor. Previously we would just give up. Fixes bugs 1024 and
- 1930; bugfix on 0.2.0.10-alpha.
- - Directory authorities now use data collected from their own
- uptime observations when choosing whether to assign the HSDir flag
- to relays, instead of trusting the uptime value the relay reports in
- its descriptor. This change helps prevent an attack where a small
- set of nodes with frequently-changing identity keys can blackhole
- a hidden service. (Only authorities need upgrade; others will be
- fine once they do.) Bugfix on 0.2.0.10-alpha; fixes bug 2709.
- - Stop assigning the HSDir flag to relays that disable their
- DirPort (and thus will refuse to answer directory requests). This
- fix should dramatically improve the reachability of hidden services:
- hidden services and hidden service clients pick six HSDir relays
- to store and retrieve the hidden service descriptor, and currently
- about half of the HSDir relays will refuse to work. Bugfix on
- 0.2.0.10-alpha; fixes part of bug 1693.
- o Major bugfixes (misc):
- - Clients now stop trying to use an exit node associated with a given
- destination by TrackHostExits if they fail to reach that exit node.
- Fixes bug 2999. Bugfix on 0.2.0.20-rc.
- - Fix a regression that caused Tor to rebind its ports if it receives
- SIGHUP while hibernating. Bugfix in 0.1.1.6-alpha; closes bug 919.
- - Remove an extra pair of quotation marks around the error
- message in control-port STATUS_GENERAL BUG events. Bugfix on
- 0.1.2.6-alpha; fixes bug 3732.
- o Minor features (relays):
- - Ensure that no empty [dirreq-](read|write)-history lines are added
- to an extrainfo document. Implements ticket 2497.
- - When bandwidth accounting is enabled, be more generous with how
- much bandwidth we'll use up before entering "soft hibernation".
- Previously, we'd refuse new connections and circuits once we'd
- used up 95% of our allotment. Now, we use up 95% of our allotment,
- AND make sure that we have no more than 500MB (or 3 hours of
- expected traffic, whichever is lower) remaining before we enter
- soft hibernation.
- - Relays now log the reason for publishing a new relay descriptor,
- so we have a better chance of hunting down instances of bug 1810.
- Resolves ticket 3252.
- - Log a little more clearly about the times at which we're no longer
- accepting new connections (e.g. due to hibernating). Resolves
- bug 2181.
- - When AllowSingleHopExits is set, print a warning to explain to the
- relay operator why most clients are avoiding her relay.
- - Send END_STREAM_REASON_NOROUTE in response to EHOSTUNREACH errors.
- Clients before 0.2.1.27 didn't handle NOROUTE correctly, but such
- clients are already deprecated because of security bugs.
- o Minor features (network statistics):
- - Directory mirrors that set "DirReqStatistics 1" write statistics
- about directory requests to disk every 24 hours. As compared to the
- "--enable-geoip-stats" ./configure flag in 0.2.1.x, there are a few
- improvements: 1) stats are written to disk exactly every 24 hours;
- 2) estimated shares of v2 and v3 requests are determined as mean
- values, not at the end of a measurement period; 3) unresolved
- requests are listed with country code '??'; 4) directories also
- measure download times.
- - Exit nodes that set "ExitPortStatistics 1" write statistics on the
- number of exit streams and transferred bytes per port to disk every
- 24 hours.
- - Relays that set "CellStatistics 1" write statistics on how long
- cells spend in their circuit queues to disk every 24 hours.
- - Entry nodes that set "EntryStatistics 1" write statistics on the
- rough number and origins of connecting clients to disk every 24
- hours.
- - Relays that write any of the above statistics to disk and set
- "ExtraInfoStatistics 1" include the past 24 hours of statistics in
- their extra-info documents. Implements proposal 166.
- o Minor features (GeoIP and statistics):
- - Provide a log message stating which geoip file we're parsing
- instead of just stating that we're parsing the geoip file.
- Implements ticket 2432.
- - Make sure every relay writes a state file at least every 12 hours.
- Previously, a relay could go for weeks without writing its state
- file, and on a crash could lose its bandwidth history, capacity
- estimates, client country statistics, and so on. Addresses bug 3012.
- - Relays report the number of bytes spent on answering directory
- requests in extra-info descriptors similar to {read,write}-history.
- Implements enhancement 1790.
- - Report only the top 10 ports in exit-port stats in order not to
- exceed the maximum extra-info descriptor length of 50 KB. Implements
- task 2196.
- - If writing the state file to disk fails, wait up to an hour before
- retrying again, rather than trying again each second. Fixes bug
- 2346; bugfix on Tor 0.1.1.3-alpha.
- - Delay geoip stats collection by bridges for 6 hours, not 2 hours,
- when we switch from being a public relay to a bridge. Otherwise
- there will still be clients that see the relay in their consensus,
- and the stats will end up wrong. Bugfix on 0.2.1.15-rc; fixes
- bug 932.
- - Update to the August 2 2011 Maxmind GeoLite Country database.
- o Minor features (clients):
- - When expiring circuits, use microsecond timers rather than
- one-second timers. This can avoid an unpleasant situation where a
- circuit is launched near the end of one second and expired right
- near the beginning of the next, and prevent fluctuations in circuit
- timeout values.
- - If we've configured EntryNodes and our network goes away and/or all
- our entrynodes get marked down, optimistically retry them all when
- a new socks application request appears. Fixes bug 1882.
- - Always perform router selections using weighted relay bandwidth,
- even if we don't need a high capacity circuit at the time. Non-fast
- circuits now only differ from fast ones in that they can use relays
- not marked with the Fast flag. This "feature" could turn out to
- be a horrible bug; we should investigate more before it goes into
- a stable release.
- - When we run out of directory information such that we can't build
- circuits, but then get enough that we can build circuits, log when
- we actually construct a circuit, so the user has a better chance of
- knowing what's going on. Fixes bug 1362.
- - Log SSL state transitions at debug level during handshake, and
- include SSL states in error messages. This may help debug future
- SSL handshake issues.
- o Minor features (directory authorities):
- - When a router changes IP address or port, authorities now launch
- a new reachability test for it. Implements ticket 1899.
- - Directory authorities now reject relays running any versions of
- Tor between 0.2.1.3-alpha and 0.2.1.18 inclusive; they have
- known bugs that keep RELAY_EARLY cells from working on rendezvous
- circuits. Followup to fix for bug 2081.
- - Directory authorities now reject relays running any version of Tor
- older than 0.2.0.26-rc. That version is the earliest that fetches
- current directory information correctly. Fixes bug 2156.
- - Directory authorities now do an immediate reachability check as soon
- as they hear about a new relay. This change should slightly reduce
- the time between setting up a relay and getting listed as running
- in the consensus. It should also improve the time between setting
- up a bridge and seeing use by bridge users.
- - Directory authorities no longer launch a TLS connection to every
- relay as they startup. Now that we have 2k+ descriptors cached,
- the resulting network hiccup is becoming a burden. Besides,
- authorities already avoid voting about Running for the first half
- hour of their uptime.
- - Directory authorities now log the source of a rejected POSTed v3
- networkstatus vote, so we can track failures better.
- - Backport code from 0.2.3.x that allows directory authorities to
- clean their microdescriptor caches. Needed to resolve bug 2230.
- o Minor features (hidden services):
- - Use computed circuit-build timeouts to decide when to launch
- parallel introduction circuits for hidden services. (Previously,
- we would retry after 15 seconds.)
- - Don't allow v0 hidden service authorities to act as clients.
- Required by fix for bug 3000.
- - Ignore SIGNAL NEWNYM commands on relay-only Tor instances. Required
- by fix for bug 3000.
- - Make hidden services work better in private Tor networks by not
- requiring any uptime to join the hidden service descriptor
- DHT. Implements ticket 2088.
- - Log (at info level) when purging pieces of hidden-service-client
- state because of SIGNAL NEWNYM.
- o Minor features (controller interface):
- - New "GETINFO net/listeners/(type)" controller command to return
- a list of addresses and ports that are bound for listeners for a
- given connection type. This is useful when the user has configured
- "SocksPort auto" and the controller needs to know which port got
- chosen. Resolves another part of ticket 3076.
- - Have the controller interface give a more useful message than
- "Internal Error" in response to failed GETINFO requests.
- - Add a TIMEOUT_RATE keyword to the BUILDTIMEOUT_SET control port
- event, to give information on the current rate of circuit timeouts
- over our stored history.
- - The 'EXTENDCIRCUIT' control port command can now be used with
- a circ id of 0 and no path. This feature will cause Tor to build
- a new 'fast' general purpose circuit using its own path selection
- algorithms.
- - Added a BUILDTIMEOUT_SET controller event to describe changes
- to the circuit build timeout.
- - New controller command "getinfo config-text". It returns the
- contents that Tor would write if you send it a SAVECONF command,
- so the controller can write the file to disk itself.
- o Minor features (controller protocol):
- - Add a new ControlSocketsGroupWritable configuration option: when
- it is turned on, ControlSockets are group-writeable by the default
- group of the current user. Patch by Jérémy Bobbio; implements
- ticket 2972.
- - Tor now refuses to create a ControlSocket in a directory that is
- world-readable (or group-readable if ControlSocketsGroupWritable
- is 0). This is necessary because some operating systems do not
- enforce permissions on an AF_UNIX sockets. Permissions on the
- directory holding the socket, however, seems to work everywhere.
- - Warn when CookieAuthFileGroupReadable is set but CookieAuthFile is
- not. This would lead to a cookie that is still not group readable.
- Closes bug 1843. Suggested by katmagic.
- - Future-proof the controller protocol a bit by ignoring keyword
- arguments we do not recognize.
- o Minor features (more useful logging):
- - Revise most log messages that refer to nodes by nickname to
- instead use the "$key=nickname at address" format. This should be
- more useful, especially since nicknames are less and less likely
- to be unique. Resolves ticket 3045.
- - When an HTTPS proxy reports "403 Forbidden", we now explain
- what it means rather than calling it an unexpected status code.
- Closes bug 2503. Patch from Michael Yakubovich.
- - Rate-limit a warning about failures to download v2 networkstatus
- documents. Resolves part of bug 1352.
- - Rate-limit the "your application is giving Tor only an IP address"
- warning. Addresses bug 2000; bugfix on 0.0.8pre2.
- - Rate-limit "Failed to hand off onionskin" warnings.
- - When logging a rate-limited warning, we now mention how many messages
- got suppressed since the last warning.
- - Make the formerly ugly "2 unknown, 7 missing key, 0 good, 0 bad,
- 2 no signature, 4 required" messages about consensus signatures
- easier to read, and make sure they get logged at the same severity
- as the messages explaining which keys are which. Fixes bug 1290.
- - Don't warn when we have a consensus that we can't verify because
- of missing certificates, unless those certificates are ones
- that we have been trying and failing to download. Fixes bug 1145.
- o Minor features (log domains):
- - Add documentation for configuring logging at different severities in
- different log domains. We've had this feature since 0.2.1.1-alpha,
- but for some reason it never made it into the manpage. Fixes
- bug 2215.
- - Make it simpler to specify "All log domains except for A and B".
- Previously you needed to say "[*,~A,~B]". Now you can just say
- "[~A,~B]".
- - Add a "LogMessageDomains 1" option to include the domains of log
- messages along with the messages. Without this, there's no way
- to use log domains without reading the source or doing a lot
- of guessing.
- - Add a new "Handshake" log domain for activities that happen
- during the TLS handshake.
- o Minor features (build process):
- - Make compilation with clang possible when using
- "--enable-gcc-warnings" by removing two warning options that clang
- hasn't implemented yet and by fixing a few warnings. Resolves
- ticket 2696.
- - Detect platforms that brokenly use a signed size_t, and refuse to
- build there. Found and analyzed by doorss and rransom.
- - Fix a bunch of compile warnings revealed by mingw with gcc 4.5.
- Resolves bug 2314.
- - Add support for statically linking zlib by specifying
- "--enable-static-zlib", to go with our support for statically
- linking openssl and libevent. Resolves bug 1358.
- - Instead of adding the svn revision to the Tor version string, report
- the git commit (when we're building from a git checkout).
- - Rename the "log.h" header to "torlog.h" so as to conflict with fewer
- system headers.
- - New --digests command-line switch to output the digests of the
- source files Tor was built with.
- - Generate our manpage and HTML documentation using Asciidoc. This
- change should make it easier to maintain the documentation, and
- produce nicer HTML. The build process fails if asciidoc cannot
- be found and building with asciidoc isn't disabled (via the
- "--disable-asciidoc" argument to ./configure. Skipping the manpage
- speeds up the build considerably.
- o Minor features (options / torrc):
- - Warn when the same option is provided more than once in a torrc
- file, on the command line, or in a single SETCONF statement, and
- the option is one that only accepts a single line. Closes bug 1384.
- - Warn when the user configures two HiddenServiceDir lines that point
- to the same directory. Bugfix on 0.0.6 (the version introducing
- HiddenServiceDir); fixes bug 3289.
- - Add new "perconnbwrate" and "perconnbwburst" consensus params to
- do individual connection-level rate limiting of clients. The torrc
- config options with the same names trump the consensus params, if
- both are present. Replaces the old "bwconnrate" and "bwconnburst"
- consensus params which were broken from 0.2.2.7-alpha through
- 0.2.2.14-alpha. Closes bug 1947.
- - New config option "WarnUnsafeSocks 0" disables the warning that
- occurs whenever Tor receives a socks handshake using a version of
- the socks protocol that can only provide an IP address (rather
- than a hostname). Setups that do DNS locally over Tor are fine,
- and we shouldn't spam the logs in that case.
- - New config option "CircuitStreamTimeout" to override our internal
- timeout schedule for how many seconds until we detach a stream from
- a circuit and try a new circuit. If your network is particularly
- slow, you might want to set this to a number like 60.
- - New options for SafeLogging to allow scrubbing only log messages
- generated while acting as a relay. Specify "SafeLogging relay" if
- you want to ensure that only messages known to originate from
- client use of the Tor process will be logged unsafely.
- - Time and memory units in the configuration file can now be set to
- fractional units. For example, "2.5 GB" is now a valid value for
- AccountingMax.
- - Support line continuations in the torrc config file. If a line
- ends with a single backslash character, the newline is ignored, and
- the configuration value is treated as continuing on the next line.
- Resolves bug 1929.
- o Minor features (unit tests):
- - Revise our unit tests to use the "tinytest" framework, so we
- can run tests in their own processes, have smarter setup/teardown
- code, and so on. The unit test code has moved to its own
- subdirectory, and has been split into multiple modules.
- - Add a unit test for cross-platform directory-listing code.
- - Add some forgotten return value checks during unit tests. Found
- by coverity.
- - Use GetTempDir to find the proper temporary directory location on
- Windows when generating temporary files for the unit tests. Patch
- by Gisle Vanem.
- o Minor features (misc):
- - The "torify" script now uses torsocks where available.
- - Make Libevent log messages get delivered to controllers later,
- and not from inside the Libevent log handler. This prevents unsafe
- reentrant Libevent calls while still letting the log messages
- get through.
- - Certain Tor clients (such as those behind check.torproject.org) may
- want to fetch the consensus in an extra early manner. To enable this
- a user may now set FetchDirInfoExtraEarly to 1. This also depends on
- setting FetchDirInfoEarly to 1. Previous behavior will stay the same
- as only certain clients who must have this information sooner should
- set this option.
- - Expand homedirs passed to tor-checkkey. This should silence a
- coverity complaint about passing a user-supplied string into
- open() without checking it.
- - Make sure to disable DirPort if running as a bridge. DirPorts aren't
- used on bridges, and it makes bridge scanning somewhat easier.
- - Create the /var/run/tor directory on startup on OpenSUSE if it is
- not already created. Patch from Andreas Stieger. Fixes bug 2573.
- o Minor bugfixes (relays):
- - When a relay decides that its DNS is too broken for it to serve
- as an exit server, it advertised itself as a non-exit, but
- continued to act as an exit. This could create accidental
- partitioning opportunities for users. Instead, if a relay is
- going to advertise reject *:* as its exit policy, it should
- really act with exit policy "reject *:*". Fixes bug 2366.
- Bugfix on Tor 0.1.2.5-alpha. Bugfix by user "postman" on trac.
- - Publish a router descriptor even if generating an extra-info
- descriptor fails. Previously we would not publish a router
- descriptor without an extra-info descriptor; this can cause fast
- exit relays collecting exit-port statistics to drop from the
- consensus. Bugfix on 0.1.2.9-rc; fixes bug 2195.
- - When we're trying to guess whether we know our IP address as
- a relay, we would log various ways that we failed to guess
- our address, but never log that we ended up guessing it
- successfully. Now add a log line to help confused and anxious
- relay operators. Bugfix on 0.1.2.1-alpha; fixes bug 1534.
- - For bandwidth accounting, calculate our expected bandwidth rate
- based on the time during which we were active and not in
- soft-hibernation during the last interval. Previously, we were
- also considering the time spent in soft-hibernation. If this
- was a long time, we would wind up underestimating our bandwidth
- by a lot, and skewing our wakeup time towards the start of the
- accounting interval. Fixes bug 1789. Bugfix on 0.0.9pre5.
- - Demote a confusing TLS warning that relay operators might get when
- someone tries to talk to their ORPort. It is not the operator's
- fault, nor can they do anything about it. Fixes bug 1364; bugfix
- on 0.2.0.14-alpha.
- - Change "Application request when we're believed to be offline."
- notice to "Application request when we haven't used client
- functionality lately.", to clarify that it's not an error. Bugfix
- on 0.0.9.3; fixes bug 1222.
- o Minor bugfixes (bridges):
- - When a client starts or stops using bridges, never use a circuit
- that was built before the configuration change. This behavior could
- put at risk a user who uses bridges to ensure that her traffic
- only goes to the chosen addresses. Bugfix on 0.2.0.3-alpha; fixes
- bug 3200.
- - Do not reset the bridge descriptor download status every time we
- re-parse our configuration or get a configuration change. Fixes
- bug 3019; bugfix on 0.2.0.3-alpha.
- - Users couldn't configure a regular relay to be their bridge. It
- didn't work because when Tor fetched the bridge descriptor, it found
- that it already had it, and didn't realize that the purpose of the
- descriptor had changed. Now we replace routers with a purpose other
- than bridge with bridge descriptors when fetching them. Bugfix on
- 0.1.1.9-alpha. Fixes bug 1776.
- - In the special case where you configure a public exit relay as your
- bridge, Tor would be willing to use that exit relay as the last
- hop in your circuit as well. Now we fail that circuit instead.
- Bugfix on 0.2.0.12-alpha. Fixes bug 2403. Reported by "piebeer".
- o Minor bugfixes (clients):
- - We now ask the other side of a stream (the client or the exit)
- for more data on that stream when the amount of queued data on
- that stream dips low enough. Previously, we wouldn't ask the
- other side for more data until either it sent us more data (which
- it wasn't supposed to do if it had exhausted its window!) or we
- had completely flushed all our queued data. This flow control fix
- should improve throughput. Fixes bug 2756; bugfix on the earliest
- released versions of Tor (svn commit r152).
- - When a client finds that an origin circuit has run out of 16-bit
- stream IDs, we now mark it as unusable for new streams. Previously,
- we would try to close the entire circuit. Bugfix on 0.0.6.
- - Make it explicit that we don't cannibalize one-hop circuits. This
- happens in the wild, but doesn't turn out to be a problem because
- we fortunately don't use those circuits. Many thanks to outofwords
- for the initial analysis and to swissknife who confirmed that
- two-hop circuits are actually created.
- - Resolve an edge case in path weighting that could make us misweight
- our relay selection. Fixes bug 1203; bugfix on 0.0.8rc1.
- - Make the DNSPort option work with libevent 2.x. Don't alter the
- behavior for libevent 1.x. Fixes bug 1143. Found by SwissTorExit.
- o Minor bugfixes (directory authorities):
- - Make directory authorities more accurate at recording when
- relays that have failed several reachability tests became
- unreachable, so we can provide more accuracy at assigning Stable,
- Guard, HSDir, etc flags. Bugfix on 0.2.0.6-alpha. Resolves bug 2716.
- - Directory authorities are now more robust to hops back in time
- when calculating router stability. Previously, if a run of uptime
- or downtime appeared to be negative, the calculation could give
- incorrect results. Bugfix on 0.2.0.6-alpha; noticed when fixing
- bug 1035.
- - Directory authorities will now attempt to download consensuses
- if their own efforts to make a live consensus have failed. This
- change means authorities that restart will fetch a valid
- consensus, and it means authorities that didn't agree with the
- current consensus will still fetch and serve it if it has enough
- signatures. Bugfix on 0.2.0.9-alpha; fixes bug 1300.
- - Never vote for a server as "Running" if we have a descriptor for
- it claiming to be hibernating, and that descriptor was published
- more recently than our last contact with the server. Bugfix on
- 0.2.0.3-alpha; fixes bug 911.
- - Directory authorities no longer change their opinion of, or vote on,
- whether a router is Running, unless they have themselves been
- online long enough to have some idea. Bugfix on 0.2.0.6-alpha.
- Fixes bug 1023.
- o Minor bugfixes (hidden services):
- - Log malformed requests for rendezvous descriptors as protocol
- warnings, not warnings. Also, use a more informative log message
- in case someone sees it at log level warning without prior
- info-level messages. Fixes bug 2748; bugfix on 0.2.0.10-alpha.
- - Accept hidden service descriptors if we think we might be a hidden
- service directory, regardless of what our consensus says. This
- helps robustness, since clients and hidden services can sometimes
- have a more up-to-date view of the network consensus than we do,
- and if they think that the directory authorities list us a HSDir,
- we might actually be one. Related to bug 2732; bugfix on
- 0.2.0.10-alpha.
- - Correct the warning displayed when a rendezvous descriptor exceeds
- the maximum size. Fixes bug 2750; bugfix on 0.2.1.5-alpha. Found by
- John Brooks.
- - Clients and hidden services now use HSDir-flagged relays for hidden
- service descriptor downloads and uploads even if the relays have no
- DirPort set and the client has disabled TunnelDirConns. This will
- eventually allow us to give the HSDir flag to relays with no
- DirPort. Fixes bug 2722; bugfix on 0.2.1.6-alpha.
- - Only limit the lengths of single HS descriptors, even when multiple
- HS descriptors are published to an HSDir relay in a single POST
- operation. Fixes bug 2948; bugfix on 0.2.1.5-alpha. Found by hsdir.
- o Minor bugfixes (controllers):
- - Allow GETINFO fingerprint to return a fingerprint even when
- we have not yet built a router descriptor. Fixes bug 3577;
- bugfix on 0.2.0.1-alpha.
- - Send a SUCCEEDED stream event to the controller when a reverse
- resolve succeeded. Fixes bug 3536; bugfix on 0.0.8pre1. Issue
- discovered by katmagic.
- - Remove a trailing asterisk from "exit-policy/default" in the
- output of the control port command "GETINFO info/names". Bugfix
- on 0.1.2.5-alpha.
- - Make the SIGNAL DUMP controller command work on FreeBSD. Fixes bug
- 2917. Bugfix on 0.1.1.1-alpha.
- - When we restart our relay, we might get a successful connection
- from the outside before we've started our reachability tests,
- triggering a warning: "ORPort found reachable, but I have no
- routerinfo yet. Failing to inform controller of success." This
- bug was harmless unless Tor is running under a controller
- like Vidalia, in which case the controller would never get a
- REACHABILITY_SUCCEEDED status event. Bugfix on 0.1.2.6-alpha;
- fixes bug 1172.
- - When a controller changes TrackHostExits, remove mappings for
- hosts that should no longer have their exits tracked. Bugfix on
- 0.1.0.1-rc.
- - When a controller changes VirtualAddrNetwork, remove any mappings
- for hosts that were automapped to the old network. Bugfix on
- 0.1.1.19-rc.
- - When a controller changes one of the AutomapHosts* options, remove
- any mappings for hosts that should no longer be automapped. Bugfix
- on 0.2.0.1-alpha.
- - Fix an off-by-one error in calculating some controller command
- argument lengths. Fortunately, this mistake is harmless since
- the controller code does redundant NUL termination too. Found by
- boboper. Bugfix on 0.1.1.1-alpha.
- - Fix a bug in the controller interface where "GETINFO ns/asdaskljkl"
- would return "551 Internal error" rather than "552 Unrecognized key
- ns/asdaskljkl". Bugfix on 0.1.2.3-alpha.
- - Don't spam the controller with events when we have no file
- descriptors available. Bugfix on 0.2.1.5-alpha. (Rate-limiting
- for log messages was already solved from bug 748.)
- - Emit a GUARD DROPPED controller event for a case we missed.
- - Ensure DNS requests launched by "RESOLVE" commands from the
- controller respect the __LeaveStreamsUnattached setconf options. The
- same goes for requests launched via DNSPort or transparent
- proxying. Bugfix on 0.2.0.1-alpha; fixes bug 1525.
- o Minor bugfixes (config options):
- - Tor used to limit HttpProxyAuthenticator values to 48 characters.
- Change the limit to 512 characters by removing base64 newlines.
- Fixes bug 2752. Fix by Michael Yakubovich.
- - Complain if PublishServerDescriptor is given multiple arguments that
- include 0 or 1. This configuration will be rejected in the future.
- Bugfix on 0.2.0.1-alpha; closes bug 1107.
- - Disallow BridgeRelay 1 and ORPort 0 at once in the configuration.
- Bugfix on 0.2.0.13-alpha; closes bug 928.
- o Minor bugfixes (log subsystem fixes):
- - When unable to format an address as a string, report its value
- as "???" rather than reusing the last formatted address. Bugfix
- on 0.2.1.5-alpha.
- - Be more consistent in our treatment of file system paths. "~" should
- get expanded to the user's home directory in the Log config option.
- Fixes bug 2971; bugfix on 0.2.0.1-alpha, which introduced the
- feature for the -f and --DataDirectory options.
- o Minor bugfixes (memory management):
- - Don't stack-allocate the list of supplementary GIDs when we're
- about to log them. Stack-allocating NGROUPS_MAX gid_t elements
- could take up to 256K, which is way too much stack. Found by
- Coverity; CID #450. Bugfix on 0.2.1.7-alpha.
- - Save a couple bytes in memory allocation every time we escape
- certain characters in a string. Patch from Florian Zumbiehl.
- o Minor bugfixes (protocol correctness):
- - When checking for 1024-bit keys, check for 1024 bits, not 128
- bytes. This allows Tor to correctly discard keys of length 1017
- through 1023. Bugfix on 0.0.9pre5.
- - Require that introduction point keys and onion handshake keys
- have a public exponent of 65537. Starts to fix bug 3207; bugfix
- on 0.2.0.10-alpha.
- - Handle SOCKS messages longer than 128 bytes long correctly, rather
- than waiting forever for them to finish. Fixes bug 2330; bugfix
- on 0.2.0.16-alpha. Found by doorss.
- - Never relay a cell for a circuit we have already destroyed.
- Between marking a circuit as closeable and finally closing it,
- it may have been possible for a few queued cells to get relayed,
- even though they would have been immediately dropped by the next
- OR in the circuit. Fixes bug 1184; bugfix on 0.2.0.1-alpha.
- - Never queue a cell for a circuit that's already been marked
- for close.
- - Fix a spec conformance issue: the network-status-version token
- must be the first token in a v3 consensus or vote. Discovered by
- "parakeep". Bugfix on 0.2.0.3-alpha.
- - A networkstatus vote must contain exactly one signature. Spec
- conformance issue. Bugfix on 0.2.0.3-alpha.
- - When asked about a DNS record type we don't support via a
- client DNSPort, reply with NOTIMPL rather than an empty
- reply. Patch by intrigeri. Fixes bug 3369; bugfix on 2.0.1-alpha.
- - Make more fields in the controller protocol case-insensitive, since
- control-spec.txt said they were.
- o Minor bugfixes (log messages):
- - Fix a log message that said "bits" while displaying a value in
- bytes. Found by wanoskarnet. Fixes bug 3318; bugfix on
- 0.2.0.1-alpha.
- - Downgrade "no current certificates known for authority" message from
- Notice to Info. Fixes bug 2899; bugfix on 0.2.0.10-alpha.
- - Correctly describe errors that occur when generating a TLS object.
- Previously we would attribute them to a failure while generating a
- TLS context. Patch by Robert Ransom. Bugfix on 0.1.0.4-rc; fixes
- bug 1994.
- - Fix an instance where a Tor directory mirror might accidentally
- log the IP address of a misbehaving Tor client. Bugfix on
- 0.1.0.1-rc.
- - Stop logging at severity 'warn' when some other Tor client tries
- to establish a circuit with us using weak DH keys. It's a protocol
- violation, but that doesn't mean ordinary users need to hear about
- it. Fixes the bug part of bug 1114. Bugfix on 0.1.0.13.
- - If your relay can't keep up with the number of incoming create
- cells, it would log one warning per failure into your logs. Limit
- warnings to 1 per minute. Bugfix on 0.0.2pre10; fixes bug 1042.
- o Minor bugfixes (build fixes):
- - Fix warnings from GCC 4.6's "-Wunused-but-set-variable" option.
- - When warning about missing zlib development packages during compile,
- give the correct package names. Bugfix on 0.2.0.1-alpha.
- - Fix warnings that newer versions of autoconf produce during
- ./autogen.sh. These warnings appear to be harmless in our case,
- but they were extremely verbose. Fixes bug 2020.
- - Squash a compile warning on OpenBSD. Reported by Tas; fixes
- bug 1848.
- o Minor bugfixes (portability):
- - Write several files in text mode, on OSes that distinguish text
- mode from binary mode (namely, Windows). These files are:
- 'buffer-stats', 'dirreq-stats', and 'entry-stats' on relays
- that collect those statistics; 'client_keys' and 'hostname' for
- hidden services that use authentication; and (in the tor-gencert
- utility) newly generated identity and signing keys. Previously,
- we wouldn't specify text mode or binary mode, leading to an
- assertion failure. Fixes bug 3607. Bugfix on 0.2.1.1-alpha (when
- the DirRecordUsageByCountry option which would have triggered
- the assertion failure was added), although this assertion failure
- would have occurred in tor-gencert on Windows in 0.2.0.1-alpha.
- - Selectively disable deprecation warnings on OS X because Lion
- started deprecating the shipped copy of openssl. Fixes bug 3643.
- - Use a wide type to hold sockets when built for 64-bit Windows.
- Fixes bug 3270.
- - Fix an issue that prevented static linking of libevent on
- some platforms (notably Linux). Fixes bug 2698; bugfix on 0.2.1.23,
- where we introduced the "--with-static-libevent" configure option.
- - Fix a bug with our locking implementation on Windows that couldn't
- correctly detect when a file was already locked. Fixes bug 2504,
- bugfix on 0.2.1.6-alpha.
- - Build correctly on OSX with zlib 1.2.4 and higher with all warnings
- enabled.
- - Fix IPv6-related connect() failures on some platforms (BSD, OS X).
- Bugfix on 0.2.0.3-alpha; fixes first part of bug 2660. Patch by
- "piebeer".
- o Minor bugfixes (code correctness):
- - Always NUL-terminate the sun_path field of a sockaddr_un before
- passing it to the kernel. (Not a security issue: kernels are
- smart enough to reject bad sockaddr_uns.) Found by Coverity;
- CID #428. Bugfix on Tor 0.2.0.3-alpha.
- - Make connection_printf_to_buf()'s behavior sane. Its callers
- expect it to emit a CRLF iff the format string ends with CRLF;
- it actually emitted a CRLF iff (a) the format string ended with
- CRLF or (b) the resulting string was over 1023 characters long or
- (c) the format string did not end with CRLF *and* the resulting
- string was 1021 characters long or longer. Bugfix on 0.1.1.9-alpha;
- fixes part of bug 3407.
- - Make send_control_event_impl()'s behavior sane. Its callers
- expect it to always emit a CRLF at the end of the string; it
- might have emitted extra control characters as well. Bugfix on
- 0.1.1.9-alpha; fixes another part of bug 3407.
- - Make crypto_rand_int() check the value of its input correctly.
- Previously, it accepted values up to UINT_MAX, but could return a
- negative number if given a value above INT_MAX+1. Found by George
- Kadianakis. Fixes bug 3306; bugfix on 0.2.2pre14.
- - Fix a potential null-pointer dereference while computing a
- consensus. Bugfix on 0.2.0.3-alpha, found with the help of
- clang's analyzer.
- - If we fail to compute the identity digest of a v3 legacy keypair,
- warn, and don't use a buffer-full of junk instead. Bugfix on
- 0.2.1.1-alpha; fixes bug 3106.
- - Resolve an untriggerable issue in smartlist_string_num_isin(),
- where if the function had ever in the future been used to check
- for the presence of a too-large number, it would have given an
- incorrect result. (Fortunately, we only used it for 16-bit
- values.) Fixes bug 3175; bugfix on 0.1.0.1-rc.
- - Be more careful about reporting the correct error from a failed
- connect() system call. Under some circumstances, it was possible to
- look at an incorrect value for errno when sending the end reason.
- Bugfix on 0.1.0.1-rc.
- - Correctly handle an "impossible" overflow cases in connection byte
- counting, where we write or read more than 4GB on an edge connection
- in a single second. Bugfix on 0.1.2.8-beta.
- - Avoid a double mark-for-free warning when failing to attach a
- transparent proxy connection. Bugfix on 0.1.2.1-alpha. Fixes
- bug 2279.
- - Correctly detect failure to allocate an OpenSSL BIO. Fixes bug 2378;
- found by "cypherpunks". This bug was introduced before the first
- Tor release, in svn commit r110.
- - Fix a bug in bandwidth history state parsing that could have been
- triggered if a future version of Tor ever changed the timing
- granularity at which bandwidth history is measured. Bugfix on
- Tor 0.1.1.11-alpha.
- - Add assertions to check for overflow in arguments to
- base32_encode() and base32_decode(); fix a signed-unsigned
- comparison there too. These bugs are not actually reachable in Tor,
- but it's good to prevent future errors too. Found by doorss.
- - Avoid a bogus overlapped memcpy in tor_addr_copy(). Reported by
- "memcpyfail".
- - Set target port in get_interface_address6() correctly. Bugfix
- on 0.1.1.4-alpha and 0.2.0.3-alpha; fixes second part of bug 2660.
- - Fix an impossible-to-actually-trigger buffer overflow in relay
- descriptor generation. Bugfix on 0.1.0.15.
- - Fix numerous small code-flaws found by Coverity Scan Rung 3.
- o Minor bugfixes (code improvements):
- - After we free an internal connection structure, overwrite it
- with a different memory value than we use for overwriting a freed
- internal circuit structure. Should help with debugging. Suggested
- by bug 1055.
- - If OpenSSL fails to make a duplicate of a private or public key, log
- an error message and try to exit cleanly. May help with debugging
- if bug 1209 ever remanifests.
- - Some options used different conventions for uppercasing of acronyms
- when comparing manpage and source. Fix those in favor of the
- manpage, as it makes sense to capitalize acronyms.
- - Take a first step towards making or.h smaller by splitting out
- function definitions for all source files in src/or/. Leave
- structures and defines in or.h for now.
- - Remove a few dead assignments during router parsing. Found by
- coverity.
- - Don't use 1-bit wide signed bit fields. Found by coverity.
- - Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned.
- None of the cases where we did this before were wrong, but by making
- this change we avoid warnings. Fixes bug 2475; bugfix on 0.2.1.28.
- - The memarea code now uses a sentinel value at the end of each area
- to make sure nothing writes beyond the end of an area. This might
- help debug some conceivable causes of bug 930.
- - Always treat failure to allocate an RSA key as an unrecoverable
- allocation error.
- - Add some more defensive programming for architectures that can't
- handle unaligned integer accesses. We don't know of any actual bugs
- right now, but that's the best time to fix them. Fixes bug 1943.
- o Minor bugfixes (misc):
- - Fix a rare bug in rend_fn unit tests: we would fail a test when
- a randomly generated port is 0. Diagnosed by Matt Edman. Bugfix
- on 0.2.0.10-alpha; fixes bug 1808.
- - Where available, use Libevent 2.0's periodic timers so that our
- once-per-second cleanup code gets called even more closely to
- once per second than it would otherwise. Fixes bug 943.
- - Ignore OutboundBindAddress when connecting to localhost.
- Connections to localhost need to come _from_ localhost, or else
- local servers (like DNS and outgoing HTTP/SOCKS proxies) will often
- refuse to listen.
- - Update our OpenSSL 0.9.8l fix so that it works with OpenSSL 0.9.8m
- too.
- - If any of the v3 certs we download are unparseable, we should
- actually notice the failure so we don't retry indefinitely. Bugfix
- on 0.2.0.x; reported by "rotator".
- - When Tor fails to parse a descriptor of any kind, dump it to disk.
- Might help diagnosing bug 1051.
- - Make our 'torify' script more portable; if we have only one of
- 'torsocks' or 'tsocks' installed, don't complain to the user;
- and explain our warning about tsocks better.
- - Fix some urls in the exit notice file and make it XHTML1.1 strict
- compliant. Based on a patch from Christian Kujau.
- o Documentation changes:
- - Modernize the doxygen configuration file slightly. Fixes bug 2707.
- - Resolve all doxygen warnings except those for missing documentation.
- Fixes bug 2705.
- - Add doxygen documentation for more functions, fields, and types.
- - Convert the HACKING file to asciidoc, and add a few new sections
- to it, explaining how we use Git, how we make changelogs, and
- what should go in a patch.
- - Document the default socks host and port (127.0.0.1:9050) for
- tor-resolve.
- - Removed some unnecessary files from the source distribution. The
- AUTHORS file has now been merged into the people page on the
- website. The roadmaps and design doc can now be found in the
- projects directory in svn.
- o Deprecated and removed features (config):
- - Remove the torrc.complete file. It hasn't been kept up to date
- and users will have better luck checking out the manpage.
- - Remove the HSAuthorityRecordStats option that version 0 hidden
- service authorities could use to track statistics of overall v0
- hidden service usage.
- - Remove the obsolete "NoPublish" option; it has been flagged
- as obsolete and has produced a warning since 0.1.1.18-rc.
- - Caches no longer download and serve v2 networkstatus documents
- unless FetchV2Networkstatus flag is set: these documents haven't
- haven't been used by clients or relays since 0.2.0.x. Resolves
- bug 3022.
- o Deprecated and removed features (controller):
- - The controller no longer accepts the old obsolete "addr-mappings/"
- or "unregistered-servers-" GETINFO values.
- - The EXTENDED_EVENTS and VERBOSE_NAMES controller features are now
- always on; using them is necessary for correct forward-compatible
- controllers.
- o Deprecated and removed features (misc):
- - Hidden services no longer publish version 0 descriptors, and clients
- do not request or use version 0 descriptors. However, the old hidden
- service authorities still accept and serve version 0 descriptors
- when contacted by older hidden services/clients.
- - Remove undocumented option "-F" from tor-resolve: it hasn't done
- anything since 0.2.1.16-rc.
- - Remove everything related to building the expert bundle for OS X.
- It has confused many users, doesn't work right on OS X 10.6,
- and is hard to get rid of once installed. Resolves bug 1274.
- - Remove support for .noconnect style addresses. Nobody was using
- them, and they provided another avenue for detecting Tor users
- via application-level web tricks.
- - When we fixed bug 1038 we had to put in a restriction not to send
- RELAY_EARLY cells on rend circuits. This was necessary as long
- as relays using Tor 0.2.1.3-alpha through 0.2.1.18-alpha were
- active. Now remove this obsolete check. Resolves bug 2081.
- - Remove workaround code to handle directory responses from servers
- that had bug 539 (they would send HTTP status 503 responses _and_
- send a body too). Since only server versions before
- 0.2.0.16-alpha/0.1.2.19 were affected, there is no longer reason to
- keep the workaround in place.
- - Remove the old 'fuzzy time' logic. It was supposed to be used for
- handling calculations where we have a known amount of clock skew and
- an allowed amount of unknown skew. But we only used it in three
- places, and we never adjusted the known/unknown skew values. This is
- still something we might want to do someday, but if we do, we'll
- want to do it differently.
- - Remove the "--enable-iphone" option to ./configure. According to
- reports from Marco Bonetti, Tor builds fine without any special
- tweaking on recent iPhone SDK versions.
- Changes in version 0.2.1.30 - 2011-02-23
- Tor 0.2.1.30 fixes a variety of less critical bugs. The main other
- change is a slight tweak to Tor's TLS handshake that makes relays
- and bridges that run this new version reachable from Iran again.
- We don't expect this tweak will win the arms race long-term, but it
- buys us time until we roll out a better solution.
- o Major bugfixes:
- - Stop sending a CLOCK_SKEW controller status event whenever
- we fetch directory information from a relay that has a wrong clock.
- Instead, only inform the controller when it's a trusted authority
- that claims our clock is wrong. Bugfix on 0.1.2.6-alpha; fixes
- the rest of bug 1074.
- - Fix a bounds-checking error that could allow an attacker to
- remotely crash a directory authority. Bugfix on 0.2.1.5-alpha.
- Found by "piebeer".
- - If relays set RelayBandwidthBurst but not RelayBandwidthRate,
- Tor would ignore their RelayBandwidthBurst setting,
- potentially using more bandwidth than expected. Bugfix on
- 0.2.0.1-alpha. Reported by Paul Wouters. Fixes bug 2470.
- - Ignore and warn if the user mistakenly sets "PublishServerDescriptor
- hidserv" in her torrc. The 'hidserv' argument never controlled
- publication of hidden service descriptors. Bugfix on 0.2.0.1-alpha.
- o Minor features:
- - Adjust our TLS Diffie-Hellman parameters to match those used by
- Apache's mod_ssl.
- - Update to the February 1 2011 Maxmind GeoLite Country database.
- o Minor bugfixes:
- - Check for and reject overly long directory certificates and
- directory tokens before they have a chance to hit any assertions.
- Bugfix on 0.2.1.28. Found by "doorss".
- - Bring the logic that gathers routerinfos and assesses the
- acceptability of circuits into line. This prevents a Tor OP from
- getting locked in a cycle of choosing its local OR as an exit for a
- path (due to a .exit request) and then rejecting the circuit because
- its OR is not listed yet. It also prevents Tor clients from using an
- OR running in the same instance as an exit (due to a .exit request)
- if the OR does not meet the same requirements expected of an OR
- running elsewhere. Fixes bug 1859; bugfix on 0.1.0.1-rc.
- o Packaging changes:
- - Stop shipping the Tor specs files and development proposal documents
- in the tarball. They are now in a separate git repository at
- git://git.torproject.org/torspec.git
- - Do not include Git version tags as though they are SVN tags when
- generating a tarball from inside a repository that has switched
- between branches. Bugfix on 0.2.1.15-rc; fixes bug 2402.
- Changes in version 0.2.1.29 - 2011-01-15
- Tor 0.2.1.29 continues our recent code security audit work. The main
- fix resolves a remote heap overflow vulnerability that can allow remote
- code execution. Other fixes address a variety of assert and crash bugs,
- most of which we think are hard to exploit remotely.
- o Major bugfixes (security):
- - Fix a heap overflow bug where an adversary could cause heap
- corruption. This bug probably allows remote code execution
- attacks. Reported by "debuger". Fixes CVE-2011-0427. Bugfix on
- 0.1.2.10-rc.
- - Prevent a denial-of-service attack by disallowing any
- zlib-compressed data whose compression factor is implausibly
- high. Fixes part of bug 2324; reported by "doorss".
- - Zero out a few more keys in memory before freeing them. Fixes
- bug 2384 and part of bug 2385. These key instances found by
- "cypherpunks", based on Andrew Case's report about being able
- to find sensitive data in Tor's memory space if you have enough
- permissions. Bugfix on 0.0.2pre9.
- o Major bugfixes (crashes):
- - Prevent calls to Libevent from inside Libevent log handlers.
- This had potential to cause a nasty set of crashes, especially
- if running Libevent with debug logging enabled, and running
- Tor with a controller watching for low-severity log messages.
- Bugfix on 0.1.0.2-rc. Fixes bug 2190.
- - Add a check for SIZE_T_MAX to tor_realloc() to try to avoid
- underflow errors there too. Fixes the other part of bug 2324.
- - Fix a bug where we would assert if we ever had a
- cached-descriptors.new file (or another file read directly into
- memory) of exactly SIZE_T_CEILING bytes. Fixes bug 2326; bugfix
- on 0.2.1.25. Found by doorss.
- - Fix some potential asserts and parsing issues with grossly
- malformed router caches. Fixes bug 2352; bugfix on Tor 0.2.1.27.
- Found by doorss.
- o Minor bugfixes (other):
- - Fix a bug with handling misformed replies to reverse DNS lookup
- requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related to a
- bug reported by doorss.
- - Fix compilation on mingw when a pthreads compatibility library
- has been installed. (We don't want to use it, so we shouldn't
- be including pthread.h.) Fixes bug 2313; bugfix on 0.1.0.1-rc.
- - Fix a bug where we would declare that we had run out of virtual
- addresses when the address space was only half-exhausted. Bugfix
- on 0.1.2.1-alpha.
- - Correctly handle the case where AutomapHostsOnResolve is set but
- no virtual addresses are available. Fixes bug 2328; bugfix on
- 0.1.2.1-alpha. Bug found by doorss.
- - Correctly handle wrapping around when we run out of virtual
- address space. Found by cypherpunks; bugfix on 0.2.0.5-alpha.
- o Minor features:
- - Update to the January 1 2011 Maxmind GeoLite Country database.
- - Introduce output size checks on all of our decryption functions.
- o Build changes:
- - Tor does not build packages correctly with Automake 1.6 and earlier;
- added a check to Makefile.am to make sure that we're building with
- Automake 1.7 or later.
- - The 0.2.1.28 tarball was missing src/common/OpenBSD_malloc_Linux.c
- because we built it with a too-old version of automake. Thus that
- release broke ./configure --enable-openbsd-malloc, which is popular
- among really fast exit relays on Linux.
- Changes in version 0.2.1.28 - 2010-12-17
- Tor 0.2.1.28 does some code cleanup to reduce the risk of remotely
- exploitable bugs. We also took this opportunity to change the IP address
- for one of our directory authorities, and to update the geoip database
- we ship.
- o Major bugfixes:
- - Fix a remotely exploitable bug that could be used to crash instances
- of Tor remotely by overflowing on the heap. Remote-code execution
- hasn't been confirmed, but can't be ruled out. Everyone should
- upgrade. Bugfix on the 0.1.1 series and later.
- o Directory authority changes:
- - Change IP address and ports for gabelmoo (v3 directory authority).
- o Minor features:
- - Update to the December 1 2010 Maxmind GeoLite Country database.
- Changes in version 0.2.1.27 - 2010-11-23
- Yet another OpenSSL security patch broke its compatibility with Tor:
- Tor 0.2.1.27 makes relays work with openssl 0.9.8p and 1.0.0.b. We
- also took this opportunity to fix several crash bugs, integrate a new
- directory authority, and update the bundled GeoIP database.
- o Major bugfixes:
- - Resolve an incompatibility with OpenSSL 0.9.8p and OpenSSL 1.0.0b:
- No longer set the tlsext_host_name extension on server SSL objects;
- but continue to set it on client SSL objects. Our goal in setting
- it was to imitate a browser, not a vhosting server. Fixes bug 2204;
- bugfix on 0.2.1.1-alpha.
- - Do not log messages to the controller while shrinking buffer
- freelists. Doing so would sometimes make the controller connection
- try to allocate a buffer chunk, which would mess up the internals
- of the freelist and cause an assertion failure. Fixes bug 1125;
- fixed by Robert Ransom. Bugfix on 0.2.0.16-alpha.
- - Learn our external IP address when we're a relay or bridge, even if
- we set PublishServerDescriptor to 0. Bugfix on 0.2.0.3-alpha,
- where we introduced bridge relays that don't need to publish to
- be useful. Fixes bug 2050.
- - Do even more to reject (and not just ignore) annotations on
- router descriptors received anywhere but from the cache. Previously
- we would ignore such annotations at first, but cache them to disk
- anyway. Bugfix on 0.2.0.8-alpha. Found by piebeer.
- - When you're using bridges and your network goes away and your
- bridges get marked as down, recover when you attempt a new socks
- connection (if the network is back), rather than waiting up to an
- hour to try fetching new descriptors for your bridges. Bugfix on
- 0.2.0.3-alpha; fixes bug 1981.
- o Major features:
- - Move to the November 2010 Maxmind GeoLite country db (rather
- than the June 2009 ip-to-country GeoIP db) for our statistics that
- count how many users relays are seeing from each country. Now we'll
- have more accurate data, especially for many African countries.
- o New directory authorities:
- - Set up maatuska (run by Linus Nordberg) as the eighth v3 directory
- authority.
- o Minor bugfixes:
- - Fix an assertion failure that could occur in directory caches or
- bridge users when using a very short voting interval on a testing
- network. Diagnosed by Robert Hogan. Fixes bug 1141; bugfix on
- 0.2.0.8-alpha.
- - Enforce multiplicity rules when parsing annotations. Bugfix on
- 0.2.0.8-alpha. Found by piebeer.
- - Allow handshaking OR connections to take a full KeepalivePeriod
- seconds to handshake. Previously, we would close them after
- IDLE_OR_CONN_TIMEOUT (180) seconds, the same timeout as if they
- were open. Bugfix on 0.2.1.26; fixes bug 1840. Thanks to mingw-san
- for analysis help.
- - When building with --enable-gcc-warnings on OpenBSD, disable
- warnings in system headers. This makes --enable-gcc-warnings
- pass on OpenBSD 4.8.
- o Minor features:
- - Exit nodes didn't recognize EHOSTUNREACH as a plausible error code,
- and so sent back END_STREAM_REASON_MISC. Clients now recognize a new
- stream ending reason for this case: END_STREAM_REASON_NOROUTE.
- Servers can start sending this code when enough clients recognize
- it. Bugfix on 0.1.0.1-rc; fixes part of bug 1793.
- - Build correctly on mingw with more recent versions of OpenSSL 0.9.8.
- Patch from mingw-san.
- o Removed files:
- - Remove the old debian/ directory from the main Tor distribution.
- The official Tor-for-debian git repository lives at the URL
- https://git.torproject.org/debian/tor.git
- - Stop shipping the old doc/website/ directory in the tarball. We
- changed the website format in late 2010, and what we shipped in
- 0.2.1.26 really wasn't that useful anyway.
- Changes in version 0.2.1.26 - 2010-05-02
- Tor 0.2.1.26 addresses the recent connection and memory overload
- problems we've been seeing on relays, especially relays with their
- DirPort open. If your relay has been crashing, or you turned it off
- because it used too many resources, give this release a try.
- This release also fixes yet another instance of broken OpenSSL libraries
- that was causing some relays to drop out of the consensus.
- o Major bugfixes:
- - Teach relays to defend themselves from connection overload. Relays
- now close idle circuits early if it looks like they were intended
- for directory fetches. Relays are also more aggressive about closing
- TLS connections that have no circuits on them. Such circuits are
- unlikely to be re-used, and tens of thousands of them were piling
- up at the fast relays, causing the relays to run out of sockets
- and memory. Bugfix on 0.2.0.22-rc (where clients started tunneling
- their directory fetches over TLS).
- - Fix SSL renegotiation behavior on OpenSSL versions like on Centos
- that claim to be earlier than 0.9.8m, but which have in reality
- backported huge swaths of 0.9.8m or 0.9.8n renegotiation
- behavior. Possible fix for some cases of bug 1346.
- - Directory mirrors were fetching relay descriptors only from v2
- directory authorities, rather than v3 authorities like they should.
- Only 2 v2 authorities remain (compared to 7 v3 authorities), leading
- to a serious bottleneck. Bugfix on 0.2.0.9-alpha. Fixes bug 1324.
- o Minor bugfixes:
- - Finally get rid of the deprecated and now harmful notion of "clique
- mode", where directory authorities maintain TLS connections to
- every other relay.
- o Testsuite fixes:
- - In the util/threads test, no longer free the test_mutex before all
- worker threads have finished. Bugfix on 0.2.1.6-alpha.
- - The master thread could starve the worker threads quite badly on
- certain systems, causing them to run only partially in the allowed
- window. This resulted in test failures. Now the master thread sleeps
- occasionally for a few microseconds while the two worker-threads
- compete for the mutex. Bugfix on 0.2.0.1-alpha.
- Changes in version 0.2.1.25 - 2010-03-16
- Tor 0.2.1.25 fixes a regression introduced in 0.2.1.23 that could
- prevent relays from guessing their IP address correctly. It also fixes
- several minor potential security bugs.
- o Major bugfixes:
- - Fix a regression from our patch for bug 1244 that caused relays
- to guess their IP address incorrectly if they didn't set Address
- in their torrc and/or their address fails to resolve. Bugfix on
- 0.2.1.23; fixes bug 1269.
- - When freeing a session key, zero it out completely. We only zeroed
- the first ptrsize bytes. Bugfix on 0.0.2pre8. Discovered and
- patched by ekir. Fixes bug 1254.
- o Minor bugfixes:
- - Fix a dereference-then-NULL-check sequence when publishing
- descriptors. Bugfix on 0.2.1.5-alpha. Discovered by ekir; fixes
- bug 1255.
- - Fix another dereference-then-NULL-check sequence. Bugfix on
- 0.2.1.14-rc. Discovered by ekir; fixes bug 1256.
- - Make sure we treat potentially not NUL-terminated strings correctly.
- Bugfix on 0.1.1.13-alpha. Discovered by rieo; fixes bug 1257.
- Changes in version 0.2.1.24 - 2010-02-21
- Tor 0.2.1.24 makes Tor work again on the latest OS X -- this time
- for sure!
- o Minor bugfixes:
- - Work correctly out-of-the-box with even more vendor-patched versions
- of OpenSSL. In particular, make it so Debian and OS X don't need
- customized patches to run/build.
- Changes in version 0.2.1.23 - 2010-02-13
- Tor 0.2.1.23 fixes a huge client-side performance bug, makes Tor work
- again on the latest OS X, and updates the location of a directory
- authority.
- o Major bugfixes (performance):
- - We were selecting our guards uniformly at random, and then weighting
- which of our guards we'd use uniformly at random. This imbalance
- meant that Tor clients were severely limited on throughput (and
- probably latency too) by the first hop in their circuit. Now we
- select guards weighted by currently advertised bandwidth. We also
- automatically discard guards picked using the old algorithm. Fixes
- bug 1217; bugfix on 0.2.1.3-alpha. Found by Mike Perry.
- o Major bugfixes:
- - Make Tor work again on the latest OS X: when deciding whether to
- use strange flags to turn TLS renegotiation on, detect the OpenSSL
- version at run-time, not compile time. We need to do this because
- Apple doesn't update its dev-tools headers when it updates its
- libraries in a security patch.
- - Fix a potential buffer overflow in lookup_last_hid_serv_request()
- that could happen on 32-bit platforms with 64-bit time_t. Also fix
- a memory leak when requesting a hidden service descriptor we've
- requested before. Fixes bug 1242, bugfix on 0.2.0.18-alpha. Found
- by aakova.
- o Minor bugfixes:
- - Refactor resolve_my_address() to not use gethostbyname() anymore.
- Fixes bug 1244; bugfix on 0.0.2pre25. Reported by Mike Mestnik.
- o Minor features:
- - Avoid a mad rush at the beginning of each month when each client
- rotates half of its guards. Instead we spread the rotation out
- throughout the month, but we still avoid leaving a precise timestamp
- in the state file about when we first picked the guard. Improves
- over the behavior introduced in 0.1.2.17.
- Changes in version 0.2.1.22 - 2010-01-19
- Tor 0.2.1.22 fixes a critical privacy problem in bridge directory
- authorities -- it would tell you its whole history of bridge descriptors
- if you make the right directory request. This stable update also
- rotates two of the seven v3 directory authority keys and locations.
- o Directory authority changes:
- - Rotate keys (both v3 identity and relay identity) for moria1
- and gabelmoo.
- o Major bugfixes:
- - Stop bridge directory authorities from answering dbg-stability.txt
- directory queries, which would let people fetch a list of all
- bridge identities they track. Bugfix on 0.2.1.6-alpha.
- Changes in version 0.2.1.21 - 2009-12-21
- Tor 0.2.1.21 fixes an incompatibility with the most recent OpenSSL
- library. If you use Tor on Linux / Unix and you're getting SSL
- renegotiation errors, upgrading should help. We also recommend an
- upgrade if you're an exit relay.
- o Major bugfixes:
- - Work around a security feature in OpenSSL 0.9.8l that prevents our
- handshake from working unless we explicitly tell OpenSSL that we
- are using SSL renegotiation safely. We are, of course, but OpenSSL
- 0.9.8l won't work unless we say we are.
- - Avoid crashing if the client is trying to upload many bytes and the
- circuit gets torn down at the same time, or if the flip side
- happens on the exit relay. Bugfix on 0.2.0.1-alpha; fixes bug 1150.
- o Minor bugfixes:
- - Do not refuse to learn about authority certs and v2 networkstatus
- documents that are older than the latest consensus. This bug might
- have degraded client bootstrapping. Bugfix on 0.2.0.10-alpha.
- Spotted and fixed by xmux.
- - Fix a couple of very-hard-to-trigger memory leaks, and one hard-to-
- trigger platform-specific option misparsing case found by Coverity
- Scan.
- - Fix a compilation warning on Fedora 12 by removing an impossible-to-
- trigger assert. Fixes bug 1173.
- Changes in version 0.2.1.20 - 2009-10-15
- Tor 0.2.1.20 fixes a crash bug when you're accessing many hidden
- services at once, prepares for more performance improvements, and
- fixes a bunch of smaller bugs.
- The Windows and OS X bundles also include a more recent Vidalia,
- and switch from Privoxy to Polipo.
- The OS X installers are now drag and drop. It's best to un-install
- Tor/Vidalia and then install this new bundle, rather than upgrade. If
- you want to upgrade, you'll need to update the paths for Tor and Polipo
- in the Vidalia Settings window.
- o Major bugfixes:
- - Send circuit or stream sendme cells when our window has decreased
- by 100 cells, not when it has decreased by 101 cells. Bug uncovered
- by Karsten when testing the "reduce circuit window" performance
- patch. Bugfix on the 54th commit on Tor -- from July 2002,
- before the release of Tor 0.0.0. This is the new winner of the
- oldest-bug prize.
- - Fix a remotely triggerable memory leak when a consensus document
- contains more than one signature from the same voter. Bugfix on
- 0.2.0.3-alpha.
- - Avoid segfault in rare cases when finishing an introduction circuit
- as a client and finding out that we don't have an introduction key
- for it. Fixes bug 1073. Reported by Aaron Swartz.
- o Major features:
- - Tor now reads the "circwindow" parameter out of the consensus,
- and uses that value for its circuit package window rather than the
- default of 1000 cells. Begins the implementation of proposal 168.
- o New directory authorities:
- - Set up urras (run by Jacob Appelbaum) as the seventh v3 directory
- authority.
- - Move moria1 and tonga to alternate IP addresses.
- o Minor bugfixes:
- - Fix a signed/unsigned compile warning in 0.2.1.19.
- - Fix possible segmentation fault on directory authorities. Bugfix on
- 0.2.1.14-rc.
- - Fix an extremely rare infinite recursion bug that could occur if
- we tried to log a message after shutting down the log subsystem.
- Found by Matt Edman. Bugfix on 0.2.0.16-alpha.
- - Fix an obscure bug where hidden services on 64-bit big-endian
- systems might mis-read the timestamp in v3 introduce cells, and
- refuse to connect back to the client. Discovered by "rotor".
- Bugfix on 0.2.1.6-alpha.
- - We were triggering a CLOCK_SKEW controller status event whenever
- we connect via the v2 connection protocol to any relay that has
- a wrong clock. Instead, we should only inform the controller when
- it's a trusted authority that claims our clock is wrong. Bugfix
- on 0.2.0.20-rc; starts to fix bug 1074. Reported by SwissTorExit.
- - We were telling the controller about CHECKING_REACHABILITY and
- REACHABILITY_FAILED status events whenever we launch a testing
- circuit or notice that one has failed. Instead, only tell the
- controller when we want to inform the user of overall success or
- overall failure. Bugfix on 0.1.2.6-alpha. Fixes bug 1075. Reported
- by SwissTorExit.
- - Don't warn when we're using a circuit that ends with a node
- excluded in ExcludeExitNodes, but the circuit is not used to access
- the outside world. This should help fix bug 1090. Bugfix on
- 0.2.1.6-alpha.
- - Work around a small memory leak in some versions of OpenSSL that
- stopped the memory used by the hostname TLS extension from being
- freed.
- o Minor features:
- - Add a "getinfo status/accepted-server-descriptor" controller
- command, which is the recommended way for controllers to learn
- whether our server descriptor has been successfully received by at
- least on directory authority. Un-recommend good-server-descriptor
- getinfo and status events until we have a better design for them.
- Changes in version 0.2.1.19 - 2009-07-28
- Tor 0.2.1.19 fixes a major bug with accessing and providing hidden
- services.
- o Major bugfixes:
- - Make accessing hidden services on 0.2.1.x work right again.
- Bugfix on 0.2.1.3-alpha; workaround for bug 1038. Diagnosis and
- part of patch provided by "optimist".
- o Minor features:
- - When a relay/bridge is writing out its identity key fingerprint to
- the "fingerprint" file and to its logs, write it without spaces. Now
- it will look like the fingerprints in our bridges documentation,
- and confuse fewer users.
|