Tor 0.2.3.2-alpha introduces two new experimental features:
microdescriptors and pluggable transports. It also continues cleaning
up a variety of recently introduced features.
https://www.torproject.org/dist/tor-0.2.3.2-alpha.tar.gz
https://www.torproject.org/dist/tor-0.2.3.2-alpha.tar.gz.asc
I'm not sure yet what our plan is for packages -- until the 0.2.2 tree
becomes the new stable, it doesn't seem wise to try to squeeze three
different versions onto the download page.
Changes in version 0.2.3.2-alpha - 2011-07-18
o Major features:
- Clients can now use microdescriptors instead of regular descriptors
to build circuits. Microdescriptors are authority-generated
summaries of regular descriptors' contents, designed to change
very rarely (see proposal 158 for details). This feature is
designed to save bandwidth, especially for clients on slow internet
connections. It's off by default for now, since nearly no caches
support it, but it will be on-by-default for clients in a future
version. You can use the UseMicrodescriptors option to turn it on.
- Tor clients using bridges can now be configured to use a separate
'transport' proxy for each bridge. This approach helps to resist
censorship by allowing bridges to use protocol obfuscation
plugins. It implements part of proposal 180. Implements ticket 2841.
- While we're trying to bootstrap, record how many TLS connections
fail in each state, and report which states saw the most failures
in response to any bootstrap failures. This feature may speed up
diagnosis of censorship events. Implements ticket 3116.
o Major bugfixes (on 0.2.3.1-alpha):
- When configuring a large set of nodes in EntryNodes (as with
'EntryNodes {cc}' or 'EntryNodes 1.1.1.1/16'), choose only a
random subset to be guards, and choose them in random
order. Fixes bug 2798.
- Tor could crash when remembering a consensus in a non-used consensus
flavor without having a current consensus set. Fixes bug 3361.
- Comparing an unknown address to a microdescriptor's shortened exit
policy would always give a "rejected" result. Fixes bug 3599.
- Using microdescriptors as a client no longer prevents Tor from
uploading and downloading hidden service descriptors. Fixes
bug 3601.
o Minor features:
- Allow nameservers with IPv6 address. Resolves bug 2574.
- Accept attempts to include a password authenticator in the
handshake, as supported by SOCKS5. This handles SOCKS clients that
don't know how to omit a password when authenticating. Resolves
bug 1666.
- When configuring a large set of nodes in EntryNodes, and there are
enough of them listed as Guard so that we don't need to consider
the non-guard entries, prefer the ones listed with the Guard flag.
- Check for and recover from inconsistency in the microdescriptor
cache. This will make it harder for us to accidentally free a
microdescriptor without removing it from the appropriate data
structures. Fixes issue 3135; issue noted by "wanoskarnet".
- Log SSL state transitions at log level DEBUG, log domain
HANDSHAKE. This can be useful for debugging censorship events.
Implements ticket 3264.
- Add port 6523 (Gobby) to LongLivedPorts. Patch by intrigeri;
implements ticket 3439.
o Minor bugfixes (on 0.2.3.1-alpha):
- Do not free all general-purpose regular descriptors just
because microdescriptor use is enabled. Fixes bug 3113.
- Correctly link libevent_openssl when --enable-static-libevent
is passed to configure. Fixes bug 3118.
- Bridges should not complain during their heartbeat log messages that
they are unlisted in the consensus: that's more or less the point
of being a bridge. Fixes bug 3183.
- Report a SIGNAL event to controllers when acting on a delayed
SIGNAL NEWNYM command. Previously, we would report a SIGNAL
event to the controller if we acted on a SIGNAL NEWNYM command
immediately, and otherwise not report a SIGNAL event for the
command at all. Fixes bug 3349.
- Fix a crash when handling the SIGNAL controller command or
reporting ERR-level status events with bufferevents enabled. Found
by Robert Ransom. Fixes bug 3367.
- Always ship the tor-fw-helper manpage in our release tarballs.
Fixes bug 3389. Reported by Stephen Walker.
- Fix a class of double-mark-for-close bugs when bufferevents
are enabled. Fixes bug 3403.
- Update tor-fw-helper to support libnatpmp-20110618. Fixes bug 3434.
- Add SIGNAL to the list returned by the 'GETINFO events/names'
control-port command. Fixes part of bug 3465.
- Prevent using negative indices during unit test runs when read_all()
fails. Spotted by coverity.
- Fix a rare memory leak when checking the nodelist without it being
present. Found by coverity.
- Only try to download a microdescriptor-flavored consensus from
a directory cache that provides them.
o Minor bugfixes (on 0.2.2.x and earlier):
- Assert that hidden-service-related operations are not performed
using single-hop circuits. Previously, Tor would assert that
client-side streams are not attached to single-hop circuits,
but not that other sensitive operations on the client and service
side are not performed using single-hop circuits. Fixes bug 3332;
bugfix on 0.0.6.
- Don't publish a new relay descriptor when we reload our onion key,
unless the onion key has actually changed. Fixes bug 3263 and
resolves another cause of bug 1810. Bugfix on 0.1.1.11-alpha.
- Allow GETINFO fingerprint to return a fingerprint even when
we have not yet built a router descriptor. Fixes bug 3577;
bugfix on 0.2.0.1-alpha.
- Make 'tor --digests' list hashes of all Tor source files. Bugfix
on 0.2.2.4-alpha; fixes bug 3427.
o Code simplification and refactoring:
- Use tor_sscanf() in place of scanf() in more places through the
code. This makes us a little more locale-independent, and
should help shut up code-analysis tools that can't tell
a safe sscanf string from a dangerous one.
- Use tt_assert(), not tor_assert(), for checking for test failures.
This makes the unit tests more able to go on in the event that
one of them fails.
- Split connection_about_to_close() into separate functions for each
connection type.
o Build changes:
- On Windows, we now define the _WIN32_WINNT macros only if they
are not already defined. This lets the person building Tor decide,
if they want, to require a later version of Windows.
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk