|
@@ -3,6 +3,1066 @@ This document summarizes new features and bugfixes in each stable release
|
|
|
of Tor. If you want to see more detailed descriptions of the changes in
|
|
|
each development snapshot, see the ChangeLog file.
|
|
|
|
|
|
+Changes in version 0.2.4.20 - 2013-12-22
|
|
|
+ Tor 0.2.4.20 fixes potentially poor random number generation for users
|
|
|
+ who 1) use OpenSSL 1.0.0 or later, 2) set "HardwareAccel 1" in their
|
|
|
+ torrc file, 3) have "Sandy Bridge" or "Ivy Bridge" Intel processors,
|
|
|
+ and 4) have no state file in their DataDirectory (as would happen on
|
|
|
+ first start). Users who generated relay or hidden service identity
|
|
|
+ keys in such a situation should discard them and generate new ones.
|
|
|
+
|
|
|
+ This release also fixes a logic error that caused Tor clients to build
|
|
|
+ many more preemptive circuits than they actually need.
|
|
|
+
|
|
|
+ o Major bugfixes:
|
|
|
+ - Do not allow OpenSSL engines to replace the PRNG, even when
|
|
|
+ HardwareAccel is set. The only default builtin PRNG engine uses
|
|
|
+ the Intel RDRAND instruction to replace the entire PRNG, and
|
|
|
+ ignores all attempts to seed it with more entropy. That's
|
|
|
+ cryptographically stupid: the right response to a new alleged
|
|
|
+ entropy source is never to discard all previously used entropy
|
|
|
+ sources. Fixes bug 10402; works around behavior introduced in
|
|
|
+ OpenSSL 1.0.0. Diagnosis and investigation thanks to "coderman"
|
|
|
+ and "rl1987".
|
|
|
+ - Avoid launching spurious extra circuits when a stream is pending.
|
|
|
+ This fixes a bug where any circuit that _wasn't_ unusable for new
|
|
|
+ streams would be treated as if it were, causing extra circuits to
|
|
|
+ be launched. Fixes bug 10456; bugfix on 0.2.4.12-alpha.
|
|
|
+
|
|
|
+ o Minor bugfixes:
|
|
|
+ - Avoid a crash bug when starting with a corrupted microdescriptor
|
|
|
+ cache file. Fixes bug 10406; bugfix on 0.2.2.6-alpha.
|
|
|
+ - If we fail to dump a previously cached microdescriptor to disk, avoid
|
|
|
+ freeing duplicate data later on. Fixes bug 10423; bugfix on
|
|
|
+ 0.2.4.13-alpha. Spotted by "bobnomnom".
|
|
|
+
|
|
|
+
|
|
|
+Changes in version 0.2.4.19 - 2013-12-11
|
|
|
+ The Tor 0.2.4 release series is dedicated to the memory of Aaron Swartz
|
|
|
+ (1986-2013). Aaron worked on diverse projects including helping to guide
|
|
|
+ Creative Commons, playing a key role in stopping SOPA/PIPA, bringing
|
|
|
+ transparency to the U.S government's PACER documents, and contributing
|
|
|
+ design and development for Tor and Tor2Web. Aaron was one of the latest
|
|
|
+ martyrs in our collective fight for civil liberties and human rights,
|
|
|
+ and his death is all the more painful because he was one of us.
|
|
|
+
|
|
|
+ Tor 0.2.4.19, the first stable release in the 0.2.4 branch, features
|
|
|
+ a new circuit handshake and link encryption that use ECC to provide
|
|
|
+ better security and efficiency; makes relays better manage circuit
|
|
|
+ creation requests; uses "directory guards" to reduce client enumeration
|
|
|
+ risks; makes bridges collect and report statistics about the pluggable
|
|
|
+ transports they support; cleans up and improves our geoip database;
|
|
|
+ gets much closer to IPv6 support for clients, bridges, and relays; makes
|
|
|
+ directory authorities use measured bandwidths rather than advertised
|
|
|
+ ones when computing flags and thresholds; disables client-side DNS
|
|
|
+ caching to reduce tracking risks; and fixes a big bug in bridge
|
|
|
+ reachability testing. This release introduces two new design
|
|
|
+ abstractions in the code: a new "channel" abstraction between circuits
|
|
|
+ and or_connections to allow for implementing alternate relay-to-relay
|
|
|
+ transports, and a new "circuitmux" abstraction storing the queue of
|
|
|
+ circuits for a channel. The release also includes many stability,
|
|
|
+ security, and privacy fixes.
|
|
|
+
|
|
|
+ o Major features (new circuit handshake):
|
|
|
+ - Tor now supports a new circuit extension handshake designed by Ian
|
|
|
+ Goldberg, Douglas Stebila, and Berkant Ustaoglu. Our original
|
|
|
+ circuit extension handshake, later called "TAP", was a bit slow
|
|
|
+ (especially on the relay side), had a fragile security proof, and
|
|
|
+ used weaker keys than we'd now prefer. The new circuit handshake
|
|
|
+ uses Dan Bernstein's "curve25519" elliptic-curve Diffie-Hellman
|
|
|
+ function, making it significantly more secure than the older
|
|
|
+ handshake, and significantly faster. Tor can use one of two built-in
|
|
|
+ pure-C curve25519-donna implementations by Adam Langley, or it
|
|
|
+ can link against the "nacl" library for a tuned version if present.
|
|
|
+
|
|
|
+ The built-in version is very fast for 64-bit systems when building
|
|
|
+ with GCC. The built-in 32-bit version is still faster than the
|
|
|
+ old TAP protocol, but using libnacl is better on most such hosts.
|
|
|
+
|
|
|
+ Implements proposal 216; closes ticket 7202.
|
|
|
+
|
|
|
+ o Major features (better link encryption):
|
|
|
+ - Relays can now enable the ECDHE TLS ciphersuites when available
|
|
|
+ and appropriate. These ciphersuites let us negotiate forward-secure
|
|
|
+ TLS secret keys more safely and more efficiently than with our
|
|
|
+ previous use of Diffie-Hellman modulo a 1024-bit prime. By default,
|
|
|
+ public relays prefer the (faster) P224 group, and bridges prefer
|
|
|
+ the (more common) P256 group; you can override this with the
|
|
|
+ TLSECGroup option.
|
|
|
+
|
|
|
+ This feature requires clients running 0.2.3.17-beta or later,
|
|
|
+ and requires both sides to be running OpenSSL 1.0.0 or later
|
|
|
+ with ECC support. OpenSSL 1.0.1, with the compile-time option
|
|
|
+ "enable-ec_nistp_64_gcc_128", is highly recommended.
|
|
|
+
|
|
|
+ Implements the relay side of proposal 198; closes ticket 7200.
|
|
|
+
|
|
|
+ - Re-enable TLS 1.1 and 1.2 when built with OpenSSL 1.0.1e or later.
|
|
|
+ Resolves ticket 6055. (OpenSSL before 1.0.1 didn't have TLS 1.1 or
|
|
|
+ 1.2, and OpenSSL from 1.0.1 through 1.0.1d had bugs that prevented
|
|
|
+ renegotiation from working with TLS 1.1 or 1.2, so we had disabled
|
|
|
+ them to solve bug 6033.)
|
|
|
+
|
|
|
+ o Major features (relay performance):
|
|
|
+ - Instead of limiting the number of queued onionskins (aka circuit
|
|
|
+ create requests) to a fixed, hard-to-configure number, we limit
|
|
|
+ the size of the queue based on how many we expect to be able to
|
|
|
+ process in a given amount of time. We estimate the time it will
|
|
|
+ take to process an onionskin based on average processing time
|
|
|
+ of previous onionskins. Closes ticket 7291. You'll never have to
|
|
|
+ configure MaxOnionsPending again.
|
|
|
+ - Relays process the new "NTor" circuit-level handshake requests
|
|
|
+ with higher priority than the old "TAP" circuit-level handshake
|
|
|
+ requests. We still process some TAP requests to not totally starve
|
|
|
+ 0.2.3 clients when NTor becomes popular. A new consensus parameter
|
|
|
+ "NumNTorsPerTAP" lets us tune the balance later if we need to.
|
|
|
+ Implements ticket 9574.
|
|
|
+
|
|
|
+ o Major features (client bootstrapping resilience):
|
|
|
+ - Add a new "FallbackDir" torrc option to use when we can't use
|
|
|
+ a directory mirror from the consensus (either because we lack a
|
|
|
+ consensus, or because they're all down). Currently, all authorities
|
|
|
+ are fallbacks by default, and there are no other default fallbacks,
|
|
|
+ but that will change. This option will allow us to give clients a
|
|
|
+ longer list of servers to try to get a consensus from when first
|
|
|
+ connecting to the Tor network, and thereby reduce load on the
|
|
|
+ directory authorities. Implements proposal 206, "Preconfigured
|
|
|
+ directory sources for bootstrapping". We also removed the old
|
|
|
+ "FallbackNetworkstatus" option, since we never got it working well
|
|
|
+ enough to use it. Closes bug 572.
|
|
|
+ - If we have no circuits open, use a relaxed timeout (the
|
|
|
+ 95th-percentile cutoff) until a circuit succeeds. This heuristic
|
|
|
+ should allow Tor to succeed at building circuits even when the
|
|
|
+ network connection drastically changes. Should help with bug 3443.
|
|
|
+
|
|
|
+ o Major features (use of guards):
|
|
|
+ - Support directory guards (proposal 207): when possible, clients now
|
|
|
+ use their entry guards for non-anonymous directory requests. This
|
|
|
+ can help prevent client enumeration. Note that this behavior only
|
|
|
+ works when we have a usable consensus directory, and when options
|
|
|
+ about what to download are more or less standard. In the future we
|
|
|
+ should re-bootstrap from our guards, rather than re-bootstrapping
|
|
|
+ from the preconfigured list of directory sources that ships with
|
|
|
+ Tor. Resolves ticket 6526.
|
|
|
+ - Raise the default time that a client keeps an entry guard from
|
|
|
+ "1-2 months" to "2-3 months", as suggested by Tariq Elahi's WPES
|
|
|
+ 2012 paper. (We would make it even longer, but we need better client
|
|
|
+ load balancing first.) Also, make the guard lifetime controllable
|
|
|
+ via a new GuardLifetime torrc option and a GuardLifetime consensus
|
|
|
+ parameter. Start of a fix for bug 8240; bugfix on 0.1.1.11-alpha.
|
|
|
+
|
|
|
+ o Major features (bridges with pluggable transports):
|
|
|
+ - Bridges now report the pluggable transports they support to the
|
|
|
+ bridge authority, so it can pass the supported transports on to
|
|
|
+ bridgedb and/or eventually do reachability testing. Implements
|
|
|
+ ticket 3589.
|
|
|
+ - Automatically forward the TCP ports of pluggable transport
|
|
|
+ proxies using tor-fw-helper if PortForwarding is enabled. Implements
|
|
|
+ ticket 4567.
|
|
|
+
|
|
|
+ o Major features (geoip database):
|
|
|
+ - Maxmind began labelling Tor relays as being in country "A1",
|
|
|
+ which breaks by-country node selection inside Tor. Now we use a
|
|
|
+ script to replace "A1" ("Anonymous Proxy") entries in our geoip
|
|
|
+ file with real country codes. This script fixes about 90% of "A1"
|
|
|
+ entries automatically and uses manual country code assignments to
|
|
|
+ fix the remaining 10%. See src/config/README.geoip for details.
|
|
|
+ Fixes bug 6266.
|
|
|
+ - Add GeoIP database for IPv6 addresses. The new config option
|
|
|
+ is GeoIPv6File.
|
|
|
+ - Update to the October 2 2013 Maxmind GeoLite Country database.
|
|
|
+
|
|
|
+ o Major features (IPv6):
|
|
|
+ - Clients who set "ClientUseIPv6 1" may connect to entry nodes over
|
|
|
+ IPv6. Set "ClientPreferIPv6ORPort 1" to make this even more likely
|
|
|
+ to happen. Implements ticket 5535.
|
|
|
+ - All kind of relays, not just bridges, can now advertise an IPv6
|
|
|
+ OR port. Implements ticket 6362.
|
|
|
+ - Relays can now exit to IPv6 addresses: make sure that you have IPv6
|
|
|
+ connectivity, then set the IPv6Exit flag to 1. Also make sure your
|
|
|
+ exit policy reads as you would like: the address * applies to all
|
|
|
+ address families, whereas *4 is IPv4 address only, and *6 is IPv6
|
|
|
+ addresses only. On the client side, you'll need to wait for enough
|
|
|
+ exits to support IPv6, apply the "IPv6Traffic" flag to a SocksPort,
|
|
|
+ and use Socks5. Closes ticket 5547, implements proposal 117 as
|
|
|
+ revised in proposal 208.
|
|
|
+ - Bridge authorities now accept IPv6 bridge addresses and include
|
|
|
+ them in network status documents. Implements ticket 5534.
|
|
|
+ - Directory authorities vote on IPv6 OR ports. Implements ticket 6363.
|
|
|
+
|
|
|
+ o Major features (directory authorities):
|
|
|
+ - Directory authorities now prefer using measured bandwidths to
|
|
|
+ advertised ones when computing flags and thresholds. Resolves
|
|
|
+ ticket 8273.
|
|
|
+ - Directory authorities that vote measured bandwidths about more
|
|
|
+ than a threshold number of relays now treat relays with
|
|
|
+ unmeasured bandwidths as having bandwidth 0 when computing their
|
|
|
+ flags. Resolves ticket 8435.
|
|
|
+ - Directory authorities now support a new consensus method (17)
|
|
|
+ where they cap the published bandwidth of relays for which
|
|
|
+ insufficient bandwidth measurements exist. Fixes part of bug 2286.
|
|
|
+ - Directory authorities that set "DisableV2DirectoryInfo_ 1" no longer
|
|
|
+ serve any v2 directory information. Now we can test disabling the
|
|
|
+ old deprecated v2 directory format, and see whether doing so has
|
|
|
+ any effect on network load. Begins to fix bug 6783.
|
|
|
+
|
|
|
+ o Major features (build and portability):
|
|
|
+ - Switch to a nonrecursive Makefile structure. Now instead of each
|
|
|
+ Makefile.am invoking other Makefile.am's, there is a master
|
|
|
+ Makefile.am that includes the others. This change makes our build
|
|
|
+ process slightly more maintainable, and improves parallelism for
|
|
|
+ building with make -j. Original patch by Stewart Smith; various
|
|
|
+ fixes by Jim Meyering.
|
|
|
+ - Where available, we now use automake's "silent" make rules by
|
|
|
+ default, so that warnings are easier to spot. You can get the old
|
|
|
+ behavior with "make V=1". Patch by Stewart Smith for ticket 6522.
|
|
|
+ - Resume building correctly with MSVC and Makefile.nmake. This patch
|
|
|
+ resolves numerous bugs and fixes reported by ultramage, including
|
|
|
+ 7305, 7308, 7309, 7310, 7312, 7313, 7315, 7316, and 7669.
|
|
|
+
|
|
|
+ o Security features:
|
|
|
+ - Switch to a completely time-invariant approach for picking nodes
|
|
|
+ weighted by bandwidth. Our old approach would run through the
|
|
|
+ part of the loop after it had made its choice slightly slower
|
|
|
+ than it ran through the part of the loop before it had made its
|
|
|
+ choice. Addresses ticket 6538.
|
|
|
+ - Disable the use of Guard nodes when in Tor2WebMode. Guard usage
|
|
|
+ by tor2web clients allows hidden services to identify tor2web
|
|
|
+ clients through their repeated selection of the same rendezvous
|
|
|
+ and introduction point circuit endpoints (their guards). Resolves
|
|
|
+ ticket 6888.
|
|
|
+
|
|
|
+ o Major bugfixes (relay denial of service):
|
|
|
+ - When we have too much memory queued in circuits (according to a new
|
|
|
+ MaxMemInCellQueues option), close the circuits that have the oldest
|
|
|
+ queued cells, on the theory that those are most responsible for
|
|
|
+ us running low on memory. This prevents us from running out of
|
|
|
+ memory as a relay if circuits fill up faster than they can be
|
|
|
+ drained. Fixes bugs 9063 and 9093; bugfix on the 54th commit of
|
|
|
+ Tor. This bug is a further fix beyond bug 6252, whose fix was
|
|
|
+ merged into 0.2.3.21-rc.
|
|
|
+ - Reject bogus create and relay cells with 0 circuit ID or 0 stream
|
|
|
+ ID: these could be used to create unexpected streams and circuits
|
|
|
+ which would count as "present" to some parts of Tor but "absent"
|
|
|
+ to others, leading to zombie circuits and streams or to a bandwidth
|
|
|
+ denial-of-service. Fixes bug 7889; bugfix on every released version
|
|
|
+ of Tor. Reported by "oftc_must_be_destroyed".
|
|
|
+ - Avoid a bug where our response to TLS renegotiation under certain
|
|
|
+ network conditions could lead to a busy-loop, with 100% CPU
|
|
|
+ consumption. Fixes bug 5650; bugfix on 0.2.0.16-alpha.
|
|
|
+
|
|
|
+ o Major bugfixes (asserts, crashes, leaks):
|
|
|
+ - Prevent the get_freelists() function from running off the end of
|
|
|
+ the list of freelists if it somehow gets an unrecognized
|
|
|
+ allocation. Fixes bug 8844; bugfix on 0.2.0.16-alpha. Reported by
|
|
|
+ eugenis.
|
|
|
+ - Avoid a memory leak where we would leak a consensus body when we
|
|
|
+ find that a consensus which we couldn't previously verify due to
|
|
|
+ missing certificates is now verifiable. Fixes bug 8719; bugfix
|
|
|
+ on 0.2.0.10-alpha.
|
|
|
+ - If we are unable to save a microdescriptor to the journal, do not
|
|
|
+ drop it from memory and then reattempt downloading it. Fixes bug
|
|
|
+ 9645; bugfix on 0.2.2.6-alpha.
|
|
|
+ - Fix an assertion failure that would occur when disabling the
|
|
|
+ ORPort setting on a running Tor process while accounting was
|
|
|
+ enabled. Fixes bug 6979; bugfix on 0.2.2.18-alpha.
|
|
|
+ - Avoid an assertion failure on OpenBSD (and perhaps other BSDs)
|
|
|
+ when an exit connection with optimistic data succeeds immediately
|
|
|
+ rather than returning EINPROGRESS. Fixes bug 9017; bugfix on
|
|
|
+ 0.2.3.1-alpha.
|
|
|
+ - Fix a memory leak that would occur whenever a configuration
|
|
|
+ option changed. Fixes bug 8718; bugfix on 0.2.3.3-alpha.
|
|
|
+
|
|
|
+ o Major bugfixes (relay rate limiting):
|
|
|
+ - When a TLS write is partially successful but incomplete, remember
|
|
|
+ that the flushed part has been flushed, and notice that bytes were
|
|
|
+ actually written. Reported and fixed pseudonymously. Fixes bug 7708;
|
|
|
+ bugfix on Tor 0.1.0.5-rc.
|
|
|
+ - Raise the default BandwidthRate/BandwidthBurst values from 5MB/10MB
|
|
|
+ to 1GB/1GB. The previous defaults were intended to be "basically
|
|
|
+ infinite", but it turns out they're now limiting our 100mbit+
|
|
|
+ relays and bridges. Fixes bug 6605; bugfix on 0.2.0.10-alpha (the
|
|
|
+ last time we raised it).
|
|
|
+ - No longer stop reading or writing on cpuworker connections when
|
|
|
+ our rate limiting buckets go empty. Now we should handle circuit
|
|
|
+ handshake requests more promptly. Resolves bug 9731.
|
|
|
+
|
|
|
+ o Major bugfixes (client-side privacy):
|
|
|
+ - When we mark a circuit as unusable for new circuits, have it
|
|
|
+ continue to be unusable for new circuits even if MaxCircuitDirtiness
|
|
|
+ is increased too much at the wrong time, or the system clock jumps
|
|
|
+ backwards. Fixes bug 6174; bugfix on 0.0.2pre26.
|
|
|
+ - If ClientDNSRejectInternalAddresses ("do not believe DNS queries
|
|
|
+ which have resolved to internal addresses") is set, apply that
|
|
|
+ rule to IPv6 as well. Fixes bug 8475; bugfix on 0.2.0.7-alpha.
|
|
|
+ - When an exit relay rejects a stream with reason "exit policy", but
|
|
|
+ we only know an exit policy summary (e.g. from the microdesc
|
|
|
+ consensus) for it, do not mark the relay as useless for all exiting.
|
|
|
+ Instead, mark just the circuit as unsuitable for that particular
|
|
|
+ address. Fixes part of bug 7582; bugfix on 0.2.3.2-alpha.
|
|
|
+
|
|
|
+ o Major bugfixes (stream isolation):
|
|
|
+ - Allow applications to get proper stream isolation with
|
|
|
+ IsolateSOCKSAuth. Many SOCKS5 clients that want to offer
|
|
|
+ username/password authentication also offer "no authentication". Tor
|
|
|
+ had previously preferred "no authentication", so the applications
|
|
|
+ never actually sent Tor their auth details. Now Tor selects
|
|
|
+ username/password authentication if it's offered. You can disable
|
|
|
+ this behavior on a per-SOCKSPort basis via PreferSOCKSNoAuth. Fixes
|
|
|
+ bug 8117; bugfix on 0.2.3.3-alpha.
|
|
|
+ - Follow the socks5 protocol when offering username/password
|
|
|
+ authentication. The fix for bug 8117 exposed this bug, and it
|
|
|
+ turns out real-world applications like Pidgin do care. Bugfix on
|
|
|
+ 0.2.3.2-alpha; fixes bug 8879.
|
|
|
+
|
|
|
+ o Major bugfixes (client circuit building):
|
|
|
+ - Alter circuit build timeout measurement to start at the point
|
|
|
+ where we begin the CREATE/CREATE_FAST step (as opposed to circuit
|
|
|
+ initialization). This should make our timeout measurements more
|
|
|
+ uniform. Previously, we were sometimes including ORconn setup time
|
|
|
+ in our circuit build time measurements. Should resolve bug 3443.
|
|
|
+ - If the circuit build timeout logic is disabled (via the consensus,
|
|
|
+ or because we are an authority), then don't build testing circuits.
|
|
|
+ Fixes bug 9657; bugfix on 0.2.2.14-alpha.
|
|
|
+
|
|
|
+ o Major bugfixes (client-side DNS):
|
|
|
+ - Turn off the client-side DNS cache by default. Updating and using
|
|
|
+ the DNS cache is now configurable on a per-client-port
|
|
|
+ level. SOCKSPort, DNSPort, etc lines may now contain
|
|
|
+ {No,}Cache{IPv4,IPv6,}DNS lines to indicate that we shouldn't
|
|
|
+ cache these types of DNS answers when we receive them from an
|
|
|
+ exit node in response to an application request on this port, and
|
|
|
+ {No,}UseCached{IPv4,IPv6,DNS} lines to indicate that if we have
|
|
|
+ cached DNS answers of these types, we shouldn't use them. It's
|
|
|
+ potentially risky to use cached DNS answers at the client, since
|
|
|
+ doing so can indicate to one exit what answers we've gotten
|
|
|
+ for DNS lookups in the past. With IPv6, this becomes especially
|
|
|
+ problematic. Using cached DNS answers for requests on the same
|
|
|
+ circuit would present less linkability risk, since all traffic
|
|
|
+ on a circuit is already linkable, but it would also provide
|
|
|
+ little performance benefit: the exit node caches DNS replies
|
|
|
+ too. Implements a simplified version of Proposal 205. Implements
|
|
|
+ ticket 7570.
|
|
|
+
|
|
|
+ o Major bugfixes (hidden service privacy):
|
|
|
+ - Limit hidden service descriptors to at most ten introduction
|
|
|
+ points, to slow one kind of guard enumeration. Fixes bug 9002;
|
|
|
+ bugfix on 0.1.1.11-alpha.
|
|
|
+
|
|
|
+ o Major bugfixes (directory fetching):
|
|
|
+ - If the time to download the next old-style networkstatus is in
|
|
|
+ the future, do not decline to consider whether to download the
|
|
|
+ next microdescriptor networkstatus. Fixes bug 9564; bugfix on
|
|
|
+ 0.2.3.14-alpha.
|
|
|
+ - We used to always request authority certificates by identity digest,
|
|
|
+ meaning we'd get the newest one even when we wanted one with a
|
|
|
+ different signing key. Then we would complain about being given
|
|
|
+ a certificate we already had, and never get the one we really
|
|
|
+ wanted. Now we use the "fp-sk/" resource as well as the "fp/"
|
|
|
+ resource to request the one we want. Fixes bug 5595; bugfix on
|
|
|
+ 0.2.0.8-alpha.
|
|
|
+
|
|
|
+ o Major bugfixes (bridge reachability):
|
|
|
+ - Bridges now send AUTH_CHALLENGE cells during their v3 handshakes;
|
|
|
+ previously they did not, which prevented them from receiving
|
|
|
+ successful connections from relays for self-test or bandwidth
|
|
|
+ testing. Also, when a relay is extending a circuit to a bridge,
|
|
|
+ it needs to send a NETINFO cell, even when the bridge hasn't sent
|
|
|
+ an AUTH_CHALLENGE cell. Fixes bug 9546; bugfix on 0.2.3.6-alpha.
|
|
|
+
|
|
|
+ o Major bugfixes (control interface):
|
|
|
+ - When receiving a new configuration file via the control port's
|
|
|
+ LOADCONF command, do not treat the defaults file as absent.
|
|
|
+ Fixes bug 9122; bugfix on 0.2.3.9-alpha.
|
|
|
+
|
|
|
+ o Major bugfixes (directory authorities):
|
|
|
+ - Stop marking every relay as having been down for one hour every
|
|
|
+ time we restart a directory authority. These artificial downtimes
|
|
|
+ were messing with our Stable and Guard flag calculations. Fixes
|
|
|
+ bug 8218 (introduced by the fix for 1035). Bugfix on 0.2.2.23-alpha.
|
|
|
+ - When computing directory thresholds, ignore any rejected-as-sybil
|
|
|
+ nodes during the computation so that they can't influence Fast,
|
|
|
+ Guard, etc. (We should have done this for proposal 109.) Fixes
|
|
|
+ bug 8146.
|
|
|
+ - When marking a node as a likely sybil, reset its uptime metrics
|
|
|
+ to zero, so that it cannot time towards getting marked as Guard,
|
|
|
+ Stable, or HSDir. (We should have done this for proposal 109.) Fixes
|
|
|
+ bug 8147.
|
|
|
+ - Fix a bug in the voting algorithm that could yield incorrect results
|
|
|
+ when a non-naming authority declared too many flags. Fixes bug 9200;
|
|
|
+ bugfix on 0.2.0.3-alpha.
|
|
|
+
|
|
|
+ o Internal abstraction features:
|
|
|
+ - Introduce new channel_t abstraction between circuits and
|
|
|
+ or_connection_t to allow for implementing alternate OR-to-OR
|
|
|
+ transports. A channel_t is an abstract object which can either be a
|
|
|
+ cell-bearing channel, which is responsible for authenticating and
|
|
|
+ handshaking with the remote OR and transmitting cells to and from
|
|
|
+ it, or a listening channel, which spawns new cell-bearing channels
|
|
|
+ at the request of remote ORs. Implements part of ticket 6465.
|
|
|
+ - Make a channel_tls_t subclass of channel_t, adapting it to the
|
|
|
+ existing or_connection_t code. The V2/V3 protocol handshaking
|
|
|
+ code which formerly resided in command.c has been moved below the
|
|
|
+ channel_t abstraction layer and may be found in channeltls.c now.
|
|
|
+ Implements the rest of ticket 6465.
|
|
|
+ - Introduce new circuitmux_t storing the queue of circuits for
|
|
|
+ a channel; this encapsulates and abstracts the queue logic and
|
|
|
+ circuit selection policy, and allows the latter to be overridden
|
|
|
+ easily by switching out a policy object. The existing EWMA behavior
|
|
|
+ is now implemented as a circuitmux_policy_t. Resolves ticket 6816.
|
|
|
+
|
|
|
+ o New build requirements:
|
|
|
+ - Tor now requires OpenSSL 0.9.8 or later. OpenSSL 1.0.0 or later is
|
|
|
+ strongly recommended.
|
|
|
+ - Tor maintainers now require Automake version 1.9 or later to build
|
|
|
+ Tor from the Git repository. (Automake is not required when building
|
|
|
+ from a source distribution.)
|
|
|
+
|
|
|
+ o Minor features (protocol):
|
|
|
+ - No longer include the "opt" prefix when generating routerinfos
|
|
|
+ or v2 directories: it has been needless since Tor 0.1.2. Closes
|
|
|
+ ticket 5124.
|
|
|
+ - Reject EXTEND cells sent to nonexistent streams. According to the
|
|
|
+ spec, an EXTEND cell sent to _any_ nonzero stream ID is invalid, but
|
|
|
+ we were only checking for stream IDs that were currently in use.
|
|
|
+ Found while hunting for more instances of bug 6271. Bugfix on
|
|
|
+ 0.0.2pre8, which introduced incremental circuit construction.
|
|
|
+ - Tor relays and clients now support a better CREATE/EXTEND cell
|
|
|
+ format, allowing the sender to specify multiple address, identity,
|
|
|
+ and handshake types. Implements Robert Ransom's proposal 200;
|
|
|
+ closes ticket 7199.
|
|
|
+ - Reject as invalid most directory objects containing a NUL.
|
|
|
+ Belt-and-suspender fix for bug 8037.
|
|
|
+
|
|
|
+ o Minor features (security):
|
|
|
+ - Clear keys and key-derived material left on the stack in
|
|
|
+ rendservice.c and rendclient.c. Check return value of
|
|
|
+ crypto_pk_write_private_key_to_string() in rend_service_load_keys().
|
|
|
+ These fixes should make us more forward-secure against cold-boot
|
|
|
+ attacks and the like. Fixes bug 2385.
|
|
|
+ - Use our own weak RNG when we need a weak RNG. Windows's rand() and
|
|
|
+ Irix's random() only return 15 bits; Solaris's random() returns more
|
|
|
+ bits but its RAND_MAX says it only returns 15, and so on. Motivated
|
|
|
+ by the fix for bug 7801; bugfix on 0.2.2.20-alpha.
|
|
|
+
|
|
|
+ o Minor features (control protocol):
|
|
|
+ - Add a "GETINFO signal/names" control port command. Implements
|
|
|
+ ticket 3842.
|
|
|
+ - Provide default values for all options via "GETINFO config/defaults".
|
|
|
+ Implements ticket 4971.
|
|
|
+ - Allow an optional $ before the node identity digest in the
|
|
|
+ controller command GETINFO ns/id/<identity>, for consistency with
|
|
|
+ md/id/<identity> and desc/id/<identity>. Resolves ticket 7059.
|
|
|
+ - Add CACHED keyword to ADDRMAP events in the control protocol
|
|
|
+ to indicate whether a DNS result will be cached or not. Resolves
|
|
|
+ ticket 8596.
|
|
|
+ - Generate bootstrapping status update events correctly when fetching
|
|
|
+ microdescriptors. Fixes bug 9927.
|
|
|
+
|
|
|
+ o Minor features (path selection):
|
|
|
+ - When deciding whether we have enough descriptors to build circuits,
|
|
|
+ instead of looking at raw relay counts, look at which fraction
|
|
|
+ of (bandwidth-weighted) paths we're able to build. This approach
|
|
|
+ keeps clients from building circuits if their paths are likely to
|
|
|
+ stand out statistically. The default fraction of paths needed is
|
|
|
+ taken from the consensus directory; you can override it with the
|
|
|
+ new PathsNeededToBuildCircuits option. Fixes ticket 5956.
|
|
|
+ - When any country code is listed in ExcludeNodes or ExcludeExitNodes,
|
|
|
+ and we have GeoIP information, also exclude all nodes with unknown
|
|
|
+ countries "??" and "A1". This behavior is controlled by the
|
|
|
+ new GeoIPExcludeUnknown option: you can make such nodes always
|
|
|
+ excluded with "GeoIPExcludeUnknown 1", and disable the feature
|
|
|
+ with "GeoIPExcludeUnknown 0". Setting "GeoIPExcludeUnknown auto"
|
|
|
+ gets you the default behavior. Implements feature 7706.
|
|
|
+
|
|
|
+ o Minor features (hidden services):
|
|
|
+ - Improve circuit build timeout handling for hidden services.
|
|
|
+ In particular: adjust build timeouts more accurately depending
|
|
|
+ upon the number of hop-RTTs that a particular circuit type
|
|
|
+ undergoes. Additionally, launch intro circuits in parallel
|
|
|
+ if they timeout, and take the first one to reply as valid.
|
|
|
+ - The Tor client now ignores sub-domain components of a .onion
|
|
|
+ address. This change makes HTTP "virtual" hosting
|
|
|
+ possible: http://foo.aaaaaaaaaaaaaaaa.onion/ and
|
|
|
+ http://bar.aaaaaaaaaaaaaaaa.onion/ can be two different websites
|
|
|
+ hosted on the same hidden service. Implements proposal 204.
|
|
|
+ - Enable Tor to read configuration, state, and key information from
|
|
|
+ a FIFO. Previously Tor would only read from files with a positive
|
|
|
+ stat.st_size. Code from meejah; fixes bug 6044.
|
|
|
+
|
|
|
+ o Minor features (clients):
|
|
|
+ - Teach bridge-using clients to avoid 0.2.2.x bridges when making
|
|
|
+ microdescriptor-related dir requests, and only fall back to normal
|
|
|
+ descriptors if none of their bridges can handle microdescriptors
|
|
|
+ (as opposed to the fix in ticket 4013, which caused them to fall
|
|
|
+ back to normal descriptors if *any* of their bridges preferred
|
|
|
+ them). Resolves ticket 4994.
|
|
|
+ - Tweak tor-fw-helper to accept an arbitrary amount of arbitrary
|
|
|
+ TCP ports to forward. In the past it only accepted two ports:
|
|
|
+ the ORPort and the DirPort.
|
|
|
+
|
|
|
+ o Minor features (protecting client timestamps):
|
|
|
+ - Clients no longer send timestamps in their NETINFO cells. These were
|
|
|
+ not used for anything, and they provided one small way for clients
|
|
|
+ to be distinguished from each other as they moved from network to
|
|
|
+ network or behind NAT. Implements part of proposal 222.
|
|
|
+ - Clients now round timestamps in INTRODUCE cells down to the nearest
|
|
|
+ 10 minutes. If a new Support022HiddenServices option is set to 0, or
|
|
|
+ if it's set to "auto" and the feature is disabled in the consensus,
|
|
|
+ the timestamp is sent as 0 instead. Implements part of proposal 222.
|
|
|
+ - Stop sending timestamps in AUTHENTICATE cells. This is not such
|
|
|
+ a big deal from a security point of view, but it achieves no actual
|
|
|
+ good purpose, and isn't needed. Implements part of proposal 222.
|
|
|
+ - Reduce down accuracy of timestamps in hidden service descriptors.
|
|
|
+ Implements part of proposal 222.
|
|
|
+
|
|
|
+ o Minor features (bridges):
|
|
|
+ - Make bridge relays check once a minute for whether their IP
|
|
|
+ address has changed, rather than only every 15 minutes. Resolves
|
|
|
+ bugs 1913 and 1992.
|
|
|
+ - Bridge statistics now count bridge clients connecting over IPv6:
|
|
|
+ bridge statistics files now list "bridge-ip-versions" and
|
|
|
+ extra-info documents list "geoip6-db-digest". The control protocol
|
|
|
+ "CLIENTS_SEEN" and "ip-to-country" queries now support IPv6. Initial
|
|
|
+ implementation by "shkoo", addressing ticket 5055.
|
|
|
+ - Add a new torrc option "ServerTransportListenAddr" to let bridge
|
|
|
+ operators select the address where their pluggable transports will
|
|
|
+ listen for connections. Resolves ticket 7013.
|
|
|
+ - Randomize the lifetime of our SSL link certificate, so censors can't
|
|
|
+ use the static value for filtering Tor flows. Resolves ticket 8443;
|
|
|
+ related to ticket 4014 which was included in 0.2.2.33.
|
|
|
+
|
|
|
+ o Minor features (relays):
|
|
|
+ - Option OutboundBindAddress can be specified multiple times and
|
|
|
+ accepts IPv6 addresses. Resolves ticket 6876.
|
|
|
+
|
|
|
+ o Minor features (IPv6, client side):
|
|
|
+ - AutomapHostsOnResolve now supports IPv6 addresses. By default, we
|
|
|
+ prefer to hand out virtual IPv6 addresses, since there are more of
|
|
|
+ them and we can't run out. To override this behavior and make IPv4
|
|
|
+ addresses preferred, set NoPreferIPv6Automap on whatever SOCKSPort
|
|
|
+ or DNSPort you're using for resolving. Implements ticket 7571.
|
|
|
+ - AutomapHostsOnResolve responses are now randomized, to avoid
|
|
|
+ annoying situations where Tor is restarted and applications
|
|
|
+ connect to the wrong addresses.
|
|
|
+ - Never try more than 1000 times to pick a new virtual address when
|
|
|
+ AutomapHostsOnResolve is set. That's good enough so long as we
|
|
|
+ aren't close to handing out our entire virtual address space;
|
|
|
+ if you're getting there, it's best to switch to IPv6 virtual
|
|
|
+ addresses anyway.
|
|
|
+
|
|
|
+ o Minor features (IPv6, relay/authority side):
|
|
|
+ - New config option "AuthDirHasIPv6Connectivity 1" that directory
|
|
|
+ authorities should set if they have IPv6 connectivity and want to
|
|
|
+ do reachability tests for IPv6 relays. Implements feature 5974.
|
|
|
+ - A relay with an IPv6 OR port now sends that address in NETINFO
|
|
|
+ cells (in addition to its other address). Implements ticket 6364.
|
|
|
+
|
|
|
+ o Minor features (directory authorities):
|
|
|
+ - Directory authorities no long accept descriptors for any version of
|
|
|
+ Tor before 0.2.2.35, or for any 0.2.3 release before 0.2.3.10-alpha.
|
|
|
+ These versions are insecure, unsupported, or both. Implements
|
|
|
+ ticket 6789.
|
|
|
+ - When directory authorities are computing thresholds for flags,
|
|
|
+ never let the threshold for the Fast flag fall below 4096
|
|
|
+ bytes. Also, do not consider nodes with extremely low bandwidths
|
|
|
+ when deciding thresholds for various directory flags. This change
|
|
|
+ should raise our threshold for Fast relays, possibly in turn
|
|
|
+ improving overall network performance; see ticket 1854. Resolves
|
|
|
+ ticket 8145.
|
|
|
+ - Directory authorities now include inside each vote a statement of
|
|
|
+ the performance thresholds they used when assigning flags.
|
|
|
+ Implements ticket 8151.
|
|
|
+ - Add an "ignoring-advertised-bws" boolean to the flag-threshold lines
|
|
|
+ in directory authority votes to describe whether they have enough
|
|
|
+ measured bandwidths to ignore advertised (relay descriptor)
|
|
|
+ bandwidth claims. Resolves ticket 8711.
|
|
|
+
|
|
|
+ o Minor features (path bias detection):
|
|
|
+ - Path Use Bias: Perform separate accounting for successful circuit
|
|
|
+ use. Keep separate statistics on stream attempt rates versus stream
|
|
|
+ success rates for each guard. Provide configurable thresholds to
|
|
|
+ determine when to emit log messages or disable use of guards that
|
|
|
+ fail too many stream attempts. Resolves ticket 7802.
|
|
|
+ - Create three levels of Path Bias log messages, as opposed to just
|
|
|
+ two. These are configurable via consensus as well as via the torrc
|
|
|
+ options PathBiasNoticeRate, PathBiasWarnRate, PathBiasExtremeRate.
|
|
|
+ The default values are 0.70, 0.50, and 0.30 respectively.
|
|
|
+ - Separate the log message levels from the decision to drop guards,
|
|
|
+ which also is available via torrc option PathBiasDropGuards.
|
|
|
+ PathBiasDropGuards still defaults to 0 (off).
|
|
|
+ - Deprecate PathBiasDisableRate in favor of PathBiasDropGuards
|
|
|
+ in combination with PathBiasExtremeRate.
|
|
|
+ - Increase the default values for PathBiasScaleThreshold and
|
|
|
+ PathBiasCircThreshold from (200, 20) to (300, 150).
|
|
|
+ - Add in circuit usage accounting to path bias. If we try to use a
|
|
|
+ built circuit but fail for any reason, it counts as path bias.
|
|
|
+ Certain classes of circuits where the adversary gets to pick your
|
|
|
+ destination node are exempt from this accounting. Usage accounting
|
|
|
+ can be specifically disabled via consensus parameter or torrc.
|
|
|
+ - Convert all internal path bias state to double-precision floating
|
|
|
+ point, to avoid roundoff error and other issues.
|
|
|
+ - Only record path bias information for circuits that have completed
|
|
|
+ *two* hops. Assuming end-to-end tagging is the attack vector, this
|
|
|
+ makes us more resilient to ambient circuit failure without any
|
|
|
+ detection capability loss.
|
|
|
+
|
|
|
+ o Minor features (build):
|
|
|
+ - Tor now builds correctly on Bitrig, an OpenBSD fork. Patch from
|
|
|
+ dhill. Resolves ticket 6982.
|
|
|
+ - Compile on win64 using mingw64. Fixes bug 7260; patches from
|
|
|
+ "yayooo".
|
|
|
+ - Work correctly on Unix systems where EAGAIN and EWOULDBLOCK are
|
|
|
+ separate error codes; or at least, don't break for that reason.
|
|
|
+ Fixes bug 7935. Reported by "oftc_must_be_destroyed".
|
|
|
+
|
|
|
+ o Build improvements (autotools):
|
|
|
+ - Warn if building on a platform with an unsigned time_t: there
|
|
|
+ are too many places where Tor currently assumes that time_t can
|
|
|
+ hold negative values. We'd like to fix them all, but probably
|
|
|
+ some will remain.
|
|
|
+ - Do not report status verbosely from autogen.sh unless the -v flag
|
|
|
+ is specified. Fixes issue 4664. Patch from Onizuka.
|
|
|
+ - Detect and reject attempts to build Tor with threading support
|
|
|
+ when OpenSSL has been compiled without threading support.
|
|
|
+ Fixes bug 6673.
|
|
|
+ - Try to detect if we are ever building on a platform where
|
|
|
+ memset(...,0,...) does not set the value of a double to 0.0. Such
|
|
|
+ platforms are permitted by the C standard, though in practice
|
|
|
+ they're pretty rare (since IEEE 754 is nigh-ubiquitous). We don't
|
|
|
+ currently support them, but it's better to detect them and fail
|
|
|
+ than to perform erroneously.
|
|
|
+ - We no longer warn so much when generating manpages from their
|
|
|
+ asciidoc source.
|
|
|
+ - Use Ville Laurikari's implementation of AX_CHECK_SIGN() to determine
|
|
|
+ the signs of types during autoconf. This is better than our old
|
|
|
+ approach, which didn't work when cross-compiling.
|
|
|
+
|
|
|
+ o Minor features (log messages, warnings):
|
|
|
+ - Detect when we're running with a version of OpenSSL other than the
|
|
|
+ one we compiled with. This conflict has occasionally given people
|
|
|
+ hard-to-track-down errors.
|
|
|
+ - Warn users who run hidden services on a Tor client with
|
|
|
+ UseEntryGuards disabled that their hidden services will be
|
|
|
+ vulnerable to http://freehaven.net/anonbib/#hs-attack06 (the
|
|
|
+ attack which motivated Tor to support entry guards in the first
|
|
|
+ place). Resolves ticket 6889.
|
|
|
+ - Warn when we are binding low ports when hibernation is enabled;
|
|
|
+ previously we had warned when we were _advertising_ low ports with
|
|
|
+ hibernation enabled. Fixes bug 7285; bugfix on 0.2.3.9-alpha.
|
|
|
+ - Issue a warning when running with the bufferevents backend enabled.
|
|
|
+ It's still not stable, and people should know that they're likely
|
|
|
+ to hit unexpected problems. Closes ticket 9147.
|
|
|
+
|
|
|
+ o Minor features (log messages, notices):
|
|
|
+ - Refactor resolve_my_address() so it returns the method by which we
|
|
|
+ decided our public IP address (explicitly configured, resolved from
|
|
|
+ explicit hostname, guessed from interfaces, learned by gethostname).
|
|
|
+ Now we can provide more helpful log messages when a relay guesses
|
|
|
+ its IP address incorrectly (e.g. due to unexpected lines in
|
|
|
+ /etc/hosts). Resolves ticket 2267.
|
|
|
+ - Track how many "TAP" and "NTor" circuit handshake requests we get,
|
|
|
+ and how many we complete, and log it every hour to help relay
|
|
|
+ operators follow trends in network load. Addresses ticket 9658.
|
|
|
+
|
|
|
+ o Minor features (log messages, diagnostics):
|
|
|
+ - If we fail to free a microdescriptor because of bug 7164, log
|
|
|
+ the filename and line number from which we tried to free it.
|
|
|
+ - We compute the overhead from passing onionskins back and forth to
|
|
|
+ cpuworkers, and report it when dumping statistics in response to
|
|
|
+ SIGUSR1. Supports ticket 7291.
|
|
|
+ - Add another diagnostic to the heartbeat message: track and log
|
|
|
+ overhead that TLS is adding to the data we write. If this is
|
|
|
+ high, we are sending too little data to SSL_write at a time.
|
|
|
+ Diagnostic for bug 7707.
|
|
|
+ - Log packaged cell fullness as part of the heartbeat message.
|
|
|
+ Diagnosis to try to determine the extent of bug 7743.
|
|
|
+ - Add more detail to a log message about relaxed timeouts, to help
|
|
|
+ track bug 7799.
|
|
|
+ - When learning a fingerprint for a bridge, log its corresponding
|
|
|
+ transport type. Implements ticket 7896.
|
|
|
+ - Warn more aggressively when flushing microdescriptors to a
|
|
|
+ microdescriptor cache fails, in an attempt to mitigate bug 8031,
|
|
|
+ or at least make it more diagnosable.
|
|
|
+ - Improve the log message when "Bug/attack: unexpected sendme cell
|
|
|
+ from client" occurs, to help us track bug 8093.
|
|
|
+ - Improve debugging output to help track down bug 8185 ("Bug:
|
|
|
+ outgoing relay cell has n_chan==NULL. Dropping.")
|
|
|
+
|
|
|
+ o Minor features (log messages, quieter bootstrapping):
|
|
|
+ - Log fewer lines at level "notice" about our OpenSSL and Libevent
|
|
|
+ versions and capabilities when everything is going right. Resolves
|
|
|
+ part of ticket 6736.
|
|
|
+ - Omit the first heartbeat log message, because it never has anything
|
|
|
+ useful to say, and it clutters up the bootstrapping messages.
|
|
|
+ Resolves ticket 6758.
|
|
|
+ - Don't log about reloading the microdescriptor cache at startup. Our
|
|
|
+ bootstrap warnings are supposed to tell the user when there's a
|
|
|
+ problem, and our bootstrap notices say when there isn't. Resolves
|
|
|
+ ticket 6759; bugfix on 0.2.2.6-alpha.
|
|
|
+ - Don't log "I learned some more directory information" when we're
|
|
|
+ reading cached directory information. Reserve it for when new
|
|
|
+ directory information arrives in response to a fetch. Resolves
|
|
|
+ ticket 6760.
|
|
|
+ - Don't complain about bootstrapping problems while hibernating.
|
|
|
+ These complaints reflect a general code problem, but not one
|
|
|
+ with any problematic effects (no connections are actually
|
|
|
+ opened). Fixes part of bug 7302; bugfix on 0.2.3.2-alpha.
|
|
|
+
|
|
|
+ o Minor features (testing):
|
|
|
+ - In our testsuite, create temporary directories with a bit more
|
|
|
+ entropy in their name to make name collisions less likely. Fixes
|
|
|
+ bug 8638.
|
|
|
+ - Add benchmarks for DH (1024-bit multiplicative group) and ECDH
|
|
|
+ (P-256) Diffie-Hellman handshakes to src/or/bench.
|
|
|
+ - Add benchmark functions to test onion handshake performance.
|
|
|
+
|
|
|
+ o Renamed options:
|
|
|
+ - The DirServer option is now DirAuthority, for consistency with
|
|
|
+ current naming patterns. You can still use the old DirServer form.
|
|
|
+
|
|
|
+ o Minor bugfixes (protocol):
|
|
|
+ - Fix the handling of a TRUNCATE cell when it arrives while the
|
|
|
+ circuit extension is in progress. Fixes bug 7947; bugfix on 0.0.7.1.
|
|
|
+ - When a Tor client gets a "truncated" relay cell, the first byte of
|
|
|
+ its payload specifies why the circuit was truncated. We were
|
|
|
+ ignoring this 'reason' byte when tearing down the circuit, resulting
|
|
|
+ in the controller not being told why the circuit closed. Now we
|
|
|
+ pass the reason from the truncated cell to the controller. Bugfix
|
|
|
+ on 0.1.2.3-alpha; fixes bug 7039.
|
|
|
+ - Fix a misframing issue when reading the version numbers in a
|
|
|
+ VERSIONS cell. Previously we would recognize [00 01 00 02] as
|
|
|
+ 'version 1, version 2, and version 0x100', when it should have
|
|
|
+ only included versions 1 and 2. Fixes bug 8059; bugfix on
|
|
|
+ 0.2.0.10-alpha. Reported pseudonymously.
|
|
|
+ - Make the format and order of STREAM events for DNS lookups
|
|
|
+ consistent among the various ways to launch DNS lookups. Fixes
|
|
|
+ bug 8203; bugfix on 0.2.0.24-rc. Patch by "Desoxy".
|
|
|
+
|
|
|
+ o Minor bugfixes (syscalls and disk interaction):
|
|
|
+ - Always check the return values of functions fcntl() and
|
|
|
+ setsockopt(). We don't believe these are ever actually failing in
|
|
|
+ practice, but better safe than sorry. Also, checking these return
|
|
|
+ values should please analysis tools like Coverity. Patch from
|
|
|
+ 'flupzor'. Fixes bug 8206; bugfix on all versions of Tor.
|
|
|
+ - Avoid double-closing the listener socket in our socketpair()
|
|
|
+ replacement (used on Windows) in the case where the addresses on
|
|
|
+ our opened sockets don't match what we expected. Fixes bug 9400;
|
|
|
+ bugfix on 0.0.2pre7. Found by Coverity.
|
|
|
+ - Correctly store microdescriptors and extrainfo descriptors that
|
|
|
+ include an internal NUL byte. Fixes bug 8037; bugfix on
|
|
|
+ 0.2.0.1-alpha. Bug reported by "cypherpunks".
|
|
|
+ - If for some reason we fail to write a microdescriptor while
|
|
|
+ rebuilding the cache, do not let the annotations from that
|
|
|
+ microdescriptor linger in the cache file, and do not let the
|
|
|
+ microdescriptor stay recorded as present in its old location.
|
|
|
+ Fixes bug 9047; bugfix on 0.2.2.6-alpha.
|
|
|
+ - Use direct writes rather than stdio when building microdescriptor
|
|
|
+ caches, in an attempt to mitigate bug 8031, or at least make it
|
|
|
+ less common.
|
|
|
+
|
|
|
+ o Minor fixes (config options):
|
|
|
+ - Warn and fail if a server is configured not to advertise any
|
|
|
+ ORPorts at all. (We need *something* to put in our descriptor,
|
|
|
+ or we just won't work.)
|
|
|
+ - Behave correctly when the user disables LearnCircuitBuildTimeout
|
|
|
+ but doesn't tell us what they would like the timeout to be. Fixes
|
|
|
+ bug 6304; bugfix on 0.2.2.14-alpha.
|
|
|
+ - Rename the (internal-use-only) UsingTestingNetworkDefaults option
|
|
|
+ to start with a triple-underscore so the controller won't touch it.
|
|
|
+ Patch by Meejah. Fixes bug 3155. Bugfix on 0.2.2.23-alpha.
|
|
|
+ - Rename the (testing-use-only) _UseFilteringSSLBufferevents option
|
|
|
+ so it doesn't start with _. Fixes bug 3155. Bugfix on 0.2.3.1-alpha.
|
|
|
+ - When autodetecting the number of CPUs, use the number of available
|
|
|
+ CPUs in preference to the number of configured CPUs. Inform the
|
|
|
+ user if this reduces the number of available CPUs. Fixes bug 8002;
|
|
|
+ bugfix on 0.2.3.1-alpha.
|
|
|
+ - Command-line option "--version" implies "--quiet". Fixes bug 6997.
|
|
|
+ - Make it an error when you set EntryNodes but disable UseGuardNodes,
|
|
|
+ since it will (surprisingly to some users) ignore EntryNodes. Fixes
|
|
|
+ bug 8180; bugfix on 0.2.3.11-alpha.
|
|
|
+ - Avoid overflows when the user sets MaxCircuitDirtiness to a
|
|
|
+ ridiculously high value, by imposing a (ridiculously high) 30-day
|
|
|
+ maximum on MaxCircuitDirtiness.
|
|
|
+
|
|
|
+ o Minor bugfixes (control protocol):
|
|
|
+ - Stop sending a stray "(null)" in some cases for the server status
|
|
|
+ "EXTERNAL_ADDRESS" controller event. Resolves bug 8200; bugfix
|
|
|
+ on 0.1.2.6-alpha.
|
|
|
+ - The ADDRMAP command can no longer generate an ill-formed error
|
|
|
+ code on a failed MAPADDRESS. It now says "internal" rather than
|
|
|
+ an English sentence fragment with spaces in the middle. Bugfix on
|
|
|
+ Tor 0.2.0.19-alpha.
|
|
|
+
|
|
|
+ o Minor bugfixes (clients / edges):
|
|
|
+ - When we receive a RELAY_END cell with the reason DONE, or with no
|
|
|
+ reason, before receiving a RELAY_CONNECTED cell, report the SOCKS
|
|
|
+ status as "connection refused". Previously we reported these cases
|
|
|
+ as success but then immediately closed the connection. Fixes bug
|
|
|
+ 7902; bugfix on 0.1.0.1-rc. Reported by "oftc_must_be_destroyed".
|
|
|
+ - If the guard we choose first doesn't answer, we would try the
|
|
|
+ second guard, but once we connected to the second guard we would
|
|
|
+ abandon it and retry the first one, slowing down bootstrapping.
|
|
|
+ The fix is to treat all our initially chosen guards as acceptable
|
|
|
+ to use. Fixes bug 9946; bugfix on 0.1.1.11-alpha.
|
|
|
+ - When choosing which stream on a formerly stalled circuit to wake
|
|
|
+ first, make better use of the platform's weak RNG. Previously,
|
|
|
+ we had been using the % ("modulo") operator to try to generate a
|
|
|
+ 1/N chance of picking each stream, but this behaves badly with
|
|
|
+ many platforms' choice of weak RNG. Fixes bug 7801; bugfix on
|
|
|
+ 0.2.2.20-alpha.
|
|
|
+
|
|
|
+ o Minor bugfixes (path bias detection):
|
|
|
+ - If the state file's path bias counts are invalid (presumably from a
|
|
|
+ buggy Tor prior to 0.2.4.10-alpha), make them correct. Also add
|
|
|
+ additional checks and log messages to the scaling of Path Bias
|
|
|
+ counts, in case there still are remaining issues with scaling.
|
|
|
+ Should help resolve bug 8235.
|
|
|
+ - Prevent rounding error in path bias counts when scaling
|
|
|
+ them down, and use the correct scale factor default. Also demote
|
|
|
+ some path bias related log messages down a level and make others
|
|
|
+ less scary sounding. Fixes bug 6647. Bugfix on 0.2.3.17-beta.
|
|
|
+ - Remove a source of rounding error during path bias count scaling;
|
|
|
+ don't count cannibalized circuits as used for path bias until we
|
|
|
+ actually try to use them; and fix a circuit_package_relay_cell()
|
|
|
+ warning message about n_chan==NULL. Fixes bug 7802.
|
|
|
+ - Paste the description for PathBias parameters from the man
|
|
|
+ page into or.h, so the code documents them too. Fixes bug 7982;
|
|
|
+ bugfix on 0.2.3.17-beta.
|
|
|
+
|
|
|
+ o Minor bugfixes (relays):
|
|
|
+ - Stop trying to resolve our hostname so often (e.g. every time we
|
|
|
+ think about doing a directory fetch). Now we reuse the cached
|
|
|
+ answer in some cases. Fixes bugs 1992 (bugfix on 0.2.0.20-rc)
|
|
|
+ and 2410 (bugfix on 0.1.2.2-alpha).
|
|
|
+ - When examining the list of network interfaces to find our address,
|
|
|
+ do not consider non-running or disabled network interfaces. Fixes
|
|
|
+ bug 9904; bugfix on 0.2.3.11-alpha. Patch from "hantwister".
|
|
|
+
|
|
|
+ o Minor bugfixes (blocking resistance):
|
|
|
+ - Only disable TLS session ticket support when running as a TLS
|
|
|
+ server. Now clients will blend better with regular Firefox
|
|
|
+ connections. Fixes bug 7189; bugfix on Tor 0.2.3.23-rc.
|
|
|
+
|
|
|
+ o Minor bugfixes (IPv6):
|
|
|
+ - Use square brackets around IPv6 addresses in numerous places
|
|
|
+ that needed them, including log messages, HTTPS CONNECT proxy
|
|
|
+ requests, TransportProxy statefile entries, and pluggable transport
|
|
|
+ extra-info lines. Fixes bug 7011; patch by David Fifield.
|
|
|
+
|
|
|
+ o Minor bugfixes (directory authorities):
|
|
|
+ - Reject consensus votes with more than 64 known-flags. We aren't even
|
|
|
+ close to that limit yet, and our code doesn't handle it correctly.
|
|
|
+ Fixes bug 6833; bugfix on 0.2.0.1-alpha.
|
|
|
+ - Correctly handle votes with more than 31 flags. Fixes bug 6853;
|
|
|
+ bugfix on 0.2.0.3-alpha.
|
|
|
+
|
|
|
+ o Minor bugfixes (memory leaks):
|
|
|
+ - Avoid leaking memory if we fail to compute a consensus signature
|
|
|
+ or we generate a consensus we can't parse. Bugfix on 0.2.0.5-alpha.
|
|
|
+ - Fix a memory leak when receiving headers from an HTTPS proxy. Bugfix
|
|
|
+ on 0.2.1.1-alpha; fixes bug 7816.
|
|
|
+ - Fix a memory leak during safe-cookie controller authentication.
|
|
|
+ Bugfix on 0.2.3.13-alpha; fixes bug 7816.
|
|
|
+ - Free some more still-in-use memory at exit, to make hunting for
|
|
|
+ memory leaks easier. Resolves bug 7029.
|
|
|
+
|
|
|
+ o Minor bugfixes (code correctness):
|
|
|
+ - Increase the width of the field used to remember a connection's
|
|
|
+ link protocol version to two bytes. Harmless for now, since the
|
|
|
+ only currently recognized versions are one byte long. Reported
|
|
|
+ pseudonymously. Fixes bug 8062; bugfix on 0.2.0.10-alpha.
|
|
|
+ - Fix a crash when debugging unit tests on Windows: deallocate a
|
|
|
+ shared library with FreeLibrary, not CloseHandle. Fixes bug 7306;
|
|
|
+ bugfix on 0.2.2.17-alpha. Reported by "ultramage".
|
|
|
+ - When detecting the largest possible file descriptor (in order to
|
|
|
+ close all file descriptors when launching a new program), actually
|
|
|
+ use _SC_OPEN_MAX. The old code for doing this was very, very broken.
|
|
|
+ Fixes bug 8209; bugfix on 0.2.3.1-alpha. Found by Coverity; this
|
|
|
+ is CID 743383.
|
|
|
+ - Avoid a crash if we fail to generate an extrainfo descriptor.
|
|
|
+ Fixes bug 8208; bugfix on 0.2.3.16-alpha. Found by Coverity;
|
|
|
+ this is CID 718634.
|
|
|
+ - Avoid an off-by-one error when checking buffer boundaries when
|
|
|
+ formatting the exit status of a pluggable transport helper.
|
|
|
+ This is probably not an exploitable bug, but better safe than
|
|
|
+ sorry. Fixes bug 9928; bugfix on 0.2.3.18-rc. Bug found by
|
|
|
+ Pedro Ribeiro.
|
|
|
+ - Get rid of a couple of harmless clang warnings, where we compared
|
|
|
+ enums to ints. These warnings are newly introduced in clang 3.2.
|
|
|
+
|
|
|
+ o Minor bugfixes (code cleanliness):
|
|
|
+ - Avoid use of reserved identifiers in our C code. The C standard
|
|
|
+ doesn't like us declaring anything that starts with an
|
|
|
+ underscore, so let's knock it off before we get in trouble. Fix
|
|
|
+ for bug 1031; bugfix on the first Tor commit.
|
|
|
+ - Fix round_to_power_of_2() so it doesn't invoke undefined behavior
|
|
|
+ with large values. This situation was untriggered, but nevertheless
|
|
|
+ incorrect. Fixes bug 6831; bugfix on 0.2.0.1-alpha.
|
|
|
+ - Fix an impossible buffer overrun in the AES unit tests. Fixes
|
|
|
+ bug 8845; bugfix on 0.2.0.7-alpha. Found by eugenis.
|
|
|
+ - Fix handling of rendezvous client authorization types over 8.
|
|
|
+ Fixes bug 6861; bugfix on 0.2.1.5-alpha.
|
|
|
+ - Remove a couple of extraneous semicolons that were upsetting the
|
|
|
+ cparser library. Patch by Christian Grothoff. Fixes bug 7115;
|
|
|
+ bugfix on 0.2.2.1-alpha.
|
|
|
+ - When complaining about a client port on a public address, log
|
|
|
+ which address we're complaining about. Fixes bug 4020; bugfix on
|
|
|
+ 0.2.3.3-alpha. Patch by Tom Fitzhenry.
|
|
|
+
|
|
|
+ o Minor bugfixes (log messages, warnings):
|
|
|
+ - If we encounter a write failure on a SOCKS connection before we
|
|
|
+ finish our SOCKS handshake, don't warn that we closed the
|
|
|
+ connection before we could send a SOCKS reply. Fixes bug 8427;
|
|
|
+ bugfix on 0.1.0.1-rc.
|
|
|
+ - Fix a directory authority warn caused when we have a large amount
|
|
|
+ of badexit bandwidth. Fixes bug 8419; bugfix on 0.2.2.10-alpha.
|
|
|
+ - Downgrade "Failed to hand off onionskin" messages to "debug"
|
|
|
+ severity, since they're typically redundant with the "Your computer
|
|
|
+ is too slow" messages. Fixes bug 7038; bugfix on 0.2.2.16-alpha.
|
|
|
+ - Avoid spurious warnings when configuring multiple client ports of
|
|
|
+ which only some are nonlocal. Previously, we had claimed that some
|
|
|
+ were nonlocal when in fact they weren't. Fixes bug 7836; bugfix on
|
|
|
+ 0.2.3.3-alpha.
|
|
|
+
|
|
|
+ o Minor bugfixes (log messages, other):
|
|
|
+ - Fix log messages and comments to avoid saying "GMT" when we mean
|
|
|
+ "UTC". Fixes bug 6113.
|
|
|
+ - When rejecting a configuration because we were unable to parse a
|
|
|
+ quoted string, log an actual error message. Fixes bug 7950; bugfix
|
|
|
+ on 0.2.0.16-alpha.
|
|
|
+ - Correctly recognize that [::1] is a loopback address. Fixes
|
|
|
+ bug 8377; bugfix on 0.2.1.3-alpha.
|
|
|
+ - Don't log inappropriate heartbeat messages when hibernating: a
|
|
|
+ hibernating node is _expected_ to drop out of the consensus,
|
|
|
+ decide it isn't bootstrapped, and so forth. Fixes bug 7302;
|
|
|
+ bugfix on 0.2.3.1-alpha.
|
|
|
+ - Eliminate several instances where we use "Nickname=ID" to refer to
|
|
|
+ nodes in logs. Use "Nickname (ID)" instead. (Elsewhere, we still use
|
|
|
+ "$ID=Nickname", which is also acceptable.) Fixes bug 7065. Bugfix
|
|
|
+ on 0.2.3.21-rc.
|
|
|
+
|
|
|
+ o Minor bugfixes (build):
|
|
|
+ - Fix some bugs in tor-fw-helper-natpmp when trying to build and
|
|
|
+ run it on Windows. More bugs likely remain. Patch from Gisle Vanem.
|
|
|
+ Fixes bug 7280; bugfix on 0.2.3.1-alpha.
|
|
|
+
|
|
|
+ o Documentation fixes:
|
|
|
+ - Make the torify manpage no longer refer to tsocks; torify hasn't
|
|
|
+ supported tsocks since 0.2.3.14-alpha.
|
|
|
+ - Make the tor manpage no longer reference tsocks.
|
|
|
+ - Fix the GeoIPExcludeUnknown documentation to refer to
|
|
|
+ ExcludeExitNodes rather than the currently nonexistent
|
|
|
+ ExcludeEntryNodes. Spotted by "hamahangi" on tor-talk.
|
|
|
+ - Resolve a typo in torrc.sample.in. Fixes bug 6819; bugfix on
|
|
|
+ 0.2.3.14-alpha.
|
|
|
+ - Say "KBytes" rather than "KB" in the man page (for various values
|
|
|
+ of K), to further reduce confusion about whether Tor counts in
|
|
|
+ units of memory or fractions of units of memory. Resolves ticket 7054.
|
|
|
+ - Update tor-fw-helper.1.txt and tor-fw-helper.c to make option
|
|
|
+ names match. Fixes bug 7768.
|
|
|
+ - Fix the documentation of HeartbeatPeriod to say that the heartbeat
|
|
|
+ message is logged at notice, not at info.
|
|
|
+ - Clarify the usage and risks of setting the ContactInfo torrc line
|
|
|
+ for your relay or bridge. Resolves ticket 9854.
|
|
|
+ - Add anchors to the manpage so we can link to the html version of
|
|
|
+ the documentation for specific options. Resolves ticket 9866.
|
|
|
+ - Replace remaining references to DirServer in man page and
|
|
|
+ log entries. Resolves ticket 10124.
|
|
|
+
|
|
|
+ o Removed features:
|
|
|
+ - Stop exporting estimates of v2 and v3 directory traffic shares
|
|
|
+ in extrainfo documents. They were unneeded and sometimes inaccurate.
|
|
|
+ Also stop exporting any v2 directory request statistics. Resolves
|
|
|
+ ticket 5823.
|
|
|
+ - Drop support for detecting and warning about versions of Libevent
|
|
|
+ before 1.3e. Nothing reasonable ships with them any longer; warning
|
|
|
+ the user about them shouldn't be needed. Resolves ticket 6826.
|
|
|
+ - Now that all versions before 0.2.2.x are disallowed, we no longer
|
|
|
+ need to work around their missing features. Remove a bunch of
|
|
|
+ compatibility code.
|
|
|
+
|
|
|
+ o Removed files:
|
|
|
+ - The tor-tsocks.conf is no longer distributed or installed. We
|
|
|
+ recommend that tsocks users use torsocks instead. Resolves
|
|
|
+ ticket 8290.
|
|
|
+ - Remove some of the older contents of doc/ as obsolete; move others
|
|
|
+ to torspec.git. Fixes bug 8965.
|
|
|
+
|
|
|
+ o Code simplification:
|
|
|
+ - Avoid using character buffers when constructing most directory
|
|
|
+ objects: this approach was unwieldy and error-prone. Instead,
|
|
|
+ build smartlists of strings, and concatenate them when done.
|
|
|
+ - Rename "isin" functions to "contains", for grammar. Resolves
|
|
|
+ ticket 5285.
|
|
|
+ - Rename Tor's logging function log() to tor_log(), to avoid conflicts
|
|
|
+ with the natural logarithm function from the system libm. Resolves
|
|
|
+ ticket 7599.
|
|
|
+ - Start using OpenBSD's implementation of queue.h, so that we don't
|
|
|
+ need to hand-roll our own pointer and list structures whenever we
|
|
|
+ need them. (We can't rely on a sys/queue.h, since some operating
|
|
|
+ systems don't have them, and the ones that do have them don't all
|
|
|
+ present the same extensions.)
|
|
|
+ - Start using OpenBSD's implementation of queue.h (originally by
|
|
|
+ Niels Provos).
|
|
|
+ - Enhance our internal sscanf replacement so that we can eliminate
|
|
|
+ the last remaining uses of the system sscanf. (Though those uses
|
|
|
+ of sscanf were safe, sscanf itself is generally error prone, so
|
|
|
+ we want to eliminate when we can.) Fixes ticket 4195 and Coverity
|
|
|
+ CID 448.
|
|
|
+ - Replace all calls to snprintf() outside of src/ext with
|
|
|
+ tor_snprintf(). Also remove the #define to replace snprintf with
|
|
|
+ _snprintf on Windows; they have different semantics, and all of
|
|
|
+ our callers should be using tor_snprintf() anyway. Fixes bug 7304.
|
|
|
+
|
|
|
+ o Refactoring:
|
|
|
+ - Add a wrapper function for the common "log a message with a
|
|
|
+ rate-limit" case.
|
|
|
+ - Split the onion.c file into separate modules for the onion queue
|
|
|
+ and the different handshakes it supports.
|
|
|
+ - Move the client-side address-map/virtual-address/DNS-cache code
|
|
|
+ out of connection_edge.c into a new addressmap.c module.
|
|
|
+ - Move the entry node code from circuitbuild.c to its own file.
|
|
|
+ - Move the circuit build timeout tracking code from circuitbuild.c
|
|
|
+ to its own file.
|
|
|
+ - Source files taken from other packages now reside in src/ext;
|
|
|
+ previously they were scattered around the rest of Tor.
|
|
|
+ - Move the generic "config" code into a new file, and have "config.c"
|
|
|
+ hold only torrc- and state-related code. Resolves ticket 6823.
|
|
|
+ - Move the core of our "choose a weighted element at random" logic
|
|
|
+ into its own function, and give it unit tests. Now the logic is
|
|
|
+ testable, and a little less fragile too.
|
|
|
+ - Move ipv6_preferred from routerinfo_t to node_t. Addresses bug 4620.
|
|
|
+ - Move last_reachable and testing_since from routerinfo_t to node_t.
|
|
|
+ Implements ticket 5529.
|
|
|
+ - Add replaycache_t structure, functions and unit tests, then refactor
|
|
|
+ rend_service_introduce() to be more clear to read, improve, debug,
|
|
|
+ and test. Resolves bug 6177.
|
|
|
+
|
|
|
+ o Removed code:
|
|
|
+ - Remove some now-needless code that tried to aggressively flush
|
|
|
+ OR connections as data was added to them. Since 0.2.0.1-alpha, our
|
|
|
+ cell queue logic has saved us from the failure mode that this code
|
|
|
+ was supposed to prevent. Removing this code will limit the number
|
|
|
+ of baroque control flow paths through Tor's network logic. Reported
|
|
|
+ pseudonymously on IRC. Fixes bug 6468; bugfix on 0.2.0.1-alpha.
|
|
|
+ - Remove unused code for parsing v1 directories and "running routers"
|
|
|
+ documents. Fixes bug 6887.
|
|
|
+ - Remove the marshalling/unmarshalling code for sending requests to
|
|
|
+ cpuworkers over a socket, and instead just send structs. The
|
|
|
+ recipient will always be the same Tor binary as the sender, so
|
|
|
+ any encoding is overkill.
|
|
|
+ - Remove the testing_since field of node_t, which hasn't been used
|
|
|
+ for anything since 0.2.0.9-alpha.
|
|
|
+ - Finally remove support for malloc_good_size and malloc_usable_size.
|
|
|
+ We had hoped that these functions would let us eke a little more
|
|
|
+ memory out of our malloc implementation. Unfortunately, the only
|
|
|
+ implementations that provided these functions are also ones that
|
|
|
+ are already efficient about not overallocation: they never got us
|
|
|
+ more than 7 or so bytes per allocation. Removing them saves us a
|
|
|
+ little code complexity and a nontrivial amount of build complexity.
|
|
|
+
|
|
|
+
|
|
|
Changes in version 0.2.3.25 - 2012-11-19
|
|
|
The Tor 0.2.3 release series is dedicated to the memory of Len "rabbi"
|
|
|
Sassaman (1980-2011), a long-time cypherpunk, anonymity researcher,
|