[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-announce] Tor is released

The Tor 0.2.3 release series is dedicated to the memory of Len "rabbi"
Sassaman (1980-2011), a long-time cypherpunk, anonymity researcher,
Mixmaster maintainer, Pynchon Gate co-designer, CodeCon organizer,
programmer, and friend. Unstinting in his dedication to the cause of
freedom, he inspired and helped many of us as we began our work on
anonymity, and inspires us still. Please honor his memory by writing
software to protect people's freedoms, and by helping others to do so.

Tor, the first stable release in the 0.2.3 branch, features
significantly reduced directory overhead (via microdescriptors),
enormous crypto performance improvements for fast relays on new
enough hardware, a new v3 TLS handshake protocol that can better
resist fingerprinting, support for protocol obfuscation plugins (aka
pluggable transports), better scalability for hidden services, IPv6
support for bridges, performance improvements like allowing clients
to skip the first round-trip on the circuit ("optimistic data") and
refilling token buckets more often, a new "stream isolation" design
to isolate different applications on different circuits, and many
stability, security, and privacy fixes.

(I apologize for the delay in announcing the release to this list:
I was waiting for the Tor Browser Bundles with it to stabilize a bit,
but with the new integration to Firefox 17, it's become clear that TBB
will be in flux a while more.)


Changes in version - 2012-11-19
  Major features (v3 directory protocol):
    - Clients now use microdescriptors instead of regular descriptors
      to build circuits. Microdescriptors are authority-generated
      summaries of regular descriptors' contents, designed to change very
      rarely (see proposal 158 for details). This feature is designed
      to save bandwidth, especially for clients on slow internet
      connections. Use "UseMicrodescriptors 0" to disable it.
    - Caches now download, cache, and serve microdescriptors, as well
      as multiple "flavors" of the consensus, including a flavor that
      describes microdescriptors.

  o Major features (build hardening):
    - Enable gcc and ld hardening by default. Resolves ticket 5210.

  o Major features (relay scaling):
    - When built to use OpenSSL 1.0.1, and built for an x86 or x86_64
      instruction set, take advantage of OpenSSL's AESNI, bitsliced, or
      vectorized AES implementations as appropriate. These can be much,
      much faster than other AES implementations.
    - When using OpenSSL 1.0.0 or later, use OpenSSL's counter mode
      implementation. It makes AES_CTR about 7% faster than our old one
      (which was about 10% faster than the one OpenSSL used to provide).
      Resolves ticket 4526.
    - Use OpenSSL's EVP interface for AES encryption, so that all AES
      operations can use hardware acceleration (if present). Resolves
      ticket 4442.
    - Unconditionally use OpenSSL's AES implementation instead of our
      old built-in one. OpenSSL's AES has been better for a while, and
      relatively few servers should still be on any version of OpenSSL
      that doesn't have good optimized assembly AES.

  o Major features (blocking resistance):
    - Update TLS cipher list to match Firefox 8 and later. Resolves
      ticket 4744.
    - Remove support for clients falsely claiming to support standard
      ciphersuites that they can actually provide. As of modern OpenSSL
      versions, it's not necessary to fake any standard ciphersuite,
      and doing so prevents us from using better ciphersuites in the
      future, since servers can't know whether an advertised ciphersuite
      is really supported or not. Some hosts -- notably, ones with very
      old versions of OpenSSL or where OpenSSL has been built with ECC
      disabled -- will stand out because of this change; TBB users should
      not be affected. Implements the client side of proposal 198.
    - Implement a new handshake protocol (v3) for authenticating Tors to
      each other over TLS. It should be more resistant to fingerprinting
      than previous protocols, and should require less TLS hacking for
      future Tor implementations. Implements proposal 176.
    - Allow variable-length padding cells, to disguise the length of
      Tor's TLS records. Implements part of proposal 184.
    - While we're trying to bootstrap, record how many TLS connections
      fail in each state, and report which states saw the most failures
      in response to any bootstrap failures. This feature may speed up
      diagnosis of censorship events. Implements ticket 3116.

  o Major features (pluggable transports):
    - Clients and bridges can now be configured to use a separate
      "transport" proxy. This approach makes the censorship arms race
      easier by allowing bridges to use protocol obfuscation plugins.
      Implements proposal 180 (tickets 2841 and 3472).

  o Major features (DoS resistance):
    - Now that Tor 0.2.0.x is completely deprecated, enable the final
      part of "Proposal 110: Avoiding infinite length circuits" by
      refusing all circuit-extend requests that do not use a relay_early
      cell. This change helps Tor resist a class of denial-of-service
      attacks by limiting the maximum circuit length.
    - Tear down the circuit if we get an unexpected SENDME cell. Clients
      could use this trick to make their circuits receive cells faster
      than our flow control would have allowed, or to gum up the network,
      or possibly to do targeted memory denial-of-service attacks on
      entry nodes. Fixes bug 6252. Bugfix on the 54th commit on Tor --
      from July 2002, before the release of Tor 0.0.0.

  o Major features (hidden services):
    - Adjust the number of introduction points that a hidden service
      will try to maintain based on how long its introduction points
      remain in use and how many introductions they handle. Fixes
      part of bug 3825.
    - Add a "tor2web mode" for clients that want to connect to hidden
      services non-anonymously (and possibly more quickly). As a safety
      measure to try to keep users from turning this on without knowing
      what they are doing, tor2web mode must be explicitly enabled at
      compile time, and a copy of Tor compiled to run in tor2web mode
      cannot be used as a normal Tor client. Implements feature 2553.

  o Major features (IPv6):
    - Clients can now connect to private bridges over IPv6. Bridges
      still need at least one IPv4 address in order to connect to
      other relays. Note that we don't yet handle the case where the
      user has two bridge lines for the same bridge (one IPv4, one
      IPv6). Implements parts of proposal 186.

  o Major features (directory authorities):
    - Use a more secure consensus parameter voting algorithm. Now at
      least three directory authorities or a majority of them must
      vote on a given parameter before it will be included in the
      consensus. Implements proposal 178.
    - Remove the artificially low cutoff of 20KB to guarantee the Fast
      flag. In the past few years the average relay speed has picked
      up, and while the "top 7/8 of the network get the Fast flag" and
      "all relays with 20KB or more of capacity get the Fast flag" rules
      used to have the same result, now the top 7/8 of the network has
      a capacity more like 32KB. Bugfix on Fixes bug 4489.

  o Major features (performance):
    - Exit nodes now accept and queue data on not-yet-connected streams.
      Previously, the client wasn't allowed to send data until the
      stream was connected, which slowed down all connections. This
      change will enable clients to perform a "fast-start" on streams
      and send data without having to wait for a confirmation that the
      stream has opened. Patch from Ian Goldberg; implements the server
      side of Proposal 174.
    - When using an exit relay running 0.2.3.x, clients can now
      "optimistically" send data before the exit relay reports that
      the stream has opened. This saves a round trip when starting
      connections where the client speaks first (such as web browsing).
      This behavior is controlled by a consensus parameter (currently
      disabled). To turn it on or off manually, use the "OptimisticData"
      torrc option. Implements proposal 181; code by Ian Goldberg.
    - Add a new TokenBucketRefillInterval option to refill token buckets
      more frequently than once per second. This should improve network
      performance, alleviate queueing problems, and make traffic less
      bursty. Implements proposal 183; closes ticket 3630. Design by
      Florian Tschorsch and Björn Scheuermann; implementation by
      Florian Tschorsch.
    - Raise the threshold of server descriptors needed (75%) and exit
      server descriptors needed (50%) before we will declare ourselves
      bootstrapped. This will make clients start building circuits a
      little later, but makes the initially constructed circuits less
      skewed and less in conflict with further directory fetches. Fixes
      ticket 3196.

  o Major features (relays):
    - Relays now try regenerating and uploading their descriptor more
      frequently if they are not listed in the consensus, or if the
      version of their descriptor listed in the consensus is too
      old. This fix should prevent situations where a server declines
      to re-publish itself because it has done so too recently, even
      though the authorities decided not to list its recent-enough
      descriptor. Fix for bug 3327.

  o Major features (stream isolation):
    - You can now configure Tor so that streams from different
      applications are isolated on different circuits, to prevent an
      attacker who sees your streams as they leave an exit node from
      linking your sessions to one another. To do this, choose some way
      to distinguish the applications: have them connect to different
      SocksPorts, or have one of them use SOCKS4 while the other uses
      SOCKS5, or have them pass different authentication strings to the
      SOCKS proxy. Then, use the new SocksPort syntax to configure the
      degree of isolation you need. This implements Proposal 171.
    - There's a new syntax for specifying multiple client ports (such as
      SOCKSPort, TransPort, DNSPort, NATDPort): you can now just declare
      multiple *Port entries with full addr:port syntax on each.
      The old *ListenAddress format is still supported, but you can't
      mix it with the new *Port syntax.

  o Major features (bufferevents):
    - Tor can now optionally build with the "bufferevents" buffered IO
      backend provided by Libevent 2. To use this feature, make sure you
      have the latest possible version of Libevent, and pass the
      --enable-bufferevents flag to configure when building Tor from
      source. This feature will make our networking code more flexible,
      let us stack layers on each other, and let us use more efficient
      zero-copy transports where available.
    - Add experimental support for running on Windows with IOCP and no
      kernel-space socket buffers. This feature is controlled by a new
      "UserspaceIOCPBuffers" config option (off by default), which has
      no effect unless Tor has been built with bufferevents enabled,
      you're running on Windows, and you've set "DisableIOCP 0". In the
      long run, this may help solve or mitigate bug 98.

  o Major features (path selection):
    - The EntryNodes option can now include country codes like {de} or IP
      addresses or network masks. Previously we had disallowed these
      options because we didn't have an efficient way to keep the list up
      to date. Addresses ticket 1982, but see bug 2798 for an unresolved
      issue here.

  o Major features (port forwarding):
    - Add support for automatic port mapping on the many home routers
      that support NAT-PMP or UPnP. To build the support code, you'll
      need to have the libnatpnp library and/or the libminiupnpc library,
      and you'll need to enable the feature specifically by passing
      "--enable-upnp" and/or "--enable-natpnp" to ./configure. To turn
      it on, use the new PortForwarding option.

  o Major features (logging):
    - Add a new 'Heartbeat' log message type to periodically log a message
      describing Tor's status at level Notice. This feature is meant for
      operators who log at notice, and want to make sure that their Tor
      server is still working. Implementation by George Kadianakis.
    - Make logging resolution configurable with a new LogTimeGranularity
      option, and change the default from 1 millisecond to 1 second.
      Implements enhancement 1668.

  o Major features (other):
    - New "DisableNetwork" config option to prevent Tor from launching any
      connections or accepting any connections except on a control port.
      Bundles and controllers can set this option before letting Tor talk
      to the rest of the network, for example to prevent any connections
      to a non-bridge address. Packages like Orbot can also use this
      option to instruct Tor to save power when the network is off.
    - Try to use system facilities for enumerating local interface
      addresses, before falling back to our old approach (which was
      binding a UDP socket, and calling getsockname() on it). That
      approach was scaring OS X users whose draconian firewall
      software warned about binding to UDP sockets regardless of
      whether packets were sent. Now we try to use getifaddrs(),
      SIOCGIFCONF, or GetAdaptersAddresses(), depending on what the
      system supports. Resolves ticket 1827.
    - Add experimental support for a "defaults" torrc file to be parsed
      before the regular torrc. Torrc options override the defaults file's
      options in the same way that the command line overrides the torrc.
      The SAVECONF controller command saves only those options which
      differ between the current configuration and the defaults file. HUP
      reloads both files. Implements task 4552.

  o New directory authorities:
    - Add Faravahar (run by Sina Rabbani) as the ninth v3 directory
      authority. Closes ticket 5749.

  o Security/privacy fixes:
    - Avoid read-from-freed-memory and double-free bugs that could occur
      when a DNS request fails while launching it. Fixes bug 6480;
      bugfix on
    - Reject any attempt to extend to an internal address. Without
      this fix, a router could be used to probe addresses on an internal
      network to see whether they were accepting connections. Fixes bug
      6710; bugfix on 0.0.8pre1.
    - Close any connection that sends unrecognized junk before the TLS
      handshake. Solves an issue noted in bug 4369.
    - The advertised platform of a relay now includes only its operating
      system's name (e.g., "Linux", "Darwin", "Windows 7"), and not
      its service pack level (for Windows) or its CPU architecture
      (for Unix). Also drop the "git-XYZ" tag in the version. Packagers
      can insert an extra string in the platform line by setting the
      preprocessor variable TOR_BUILD_TAG. Resolves bug 2988.
    - Disable TLS session tickets. OpenSSL's implementation was giving
      our TLS session keys the lifetime of our TLS context objects, when
      perfect forward secrecy would want us to discard anything that
      could decrypt a link connection as soon as the link connection
      was closed. Fixes bug 7139; bugfix on all versions of Tor linked
      against OpenSSL 1.0.0 or later. Found by Florent Daignière.
    - Tor tries to wipe potentially sensitive data after using it, so
      that if some subsequent security failure exposes Tor's memory,
      the damage will be limited. But we had a bug where the compiler
      was eliminating these wipe operations when it decided that the
      memory was no longer visible to a (correctly running) program,
      hence defeating our attempt at defense in depth. We fix that
      by using OpenSSL's OPENSSL_cleanse() operation, which a compiler
      is unlikely to optimize away. Future versions of Tor may use
      a less ridiculously heavy approach for this. Fixes bug 7352.
      Reported in an article by Andrey Karpov.

  o Major bugfixes (crashes and asserts):
    - Avoid a pair of double-free and use-after-mark bugs that can
      occur with certain timings in canceled and re-received DNS
      requests. Fixes bug 6472; bugfix on 0.0.7rc1.
    - Fix a denial of service attack by which any directory authority
      could crash all the others, or by which a single v2 directory
      authority could crash everybody downloading v2 directory
      information. Fixes bug 7191; bugfix on
    - Fix an assert that directory authorities could trigger on sighup
      during some configuration state transitions. We now don't treat
      it as a fatal error when the new descriptor we just generated in
      init_keys() isn't accepted. Fixes bug 4438; bugfix on
    - Avoid segfault when starting up having run with an extremely old
      version of Tor and parsing its state file. Fixes bug 6801; bugfix

  o Major bugfixes (clients):
    - If we are unable to find any exit that supports our predicted ports,
      stop calling them predicted, so that we don't loop and build
      hopeless circuits indefinitely. Fixes bug 3296; bugfix on 0.0.9pre6,
      which introduced predicted ports.
    - Check at each new consensus whether our entry guards were picked
      long enough ago that we should rotate them. Previously, we only
      did this check at startup, which could lead to us holding a guard
      indefinitely. Fixes bug 5380; bugfix on
    - When fetching a bridge descriptor from a bridge authority,
      always do so anonymously, whether we have been able to open
      circuits or not. Partial fix for bug 1938; bugfix on
      This behavior makes it *safer* to use UpdateBridgesFromAuthority,
      but we'll need to wait for bug 6010 before it's actually usable.

  o Major bugfixes (directory voting):
    - Check more thoroughly to prevent a rogue authority from
      double-voting on any consensus directory parameter. Previously,
      authorities would crash in this case if the total number of
      votes for any parameter exceeded the number of active voters,
      but would let it pass otherwise. Partially fixes bug 5786; bugfix
    - When computing weight parameters, behave more robustly in the
      presence of a bad bwweightscale value. Previously, the authorities
      would crash if they agreed on a sufficiently broken weight_scale
      value; now, they use a reasonable default and carry on. Fixes the
      rest of bug 5786; bugfix on
    - If authorities are unable to get a v2 consensus document from other
      directory authorities, they no longer fall back to fetching
      them from regular directory caches. Fixes bug 5635; bugfix on, where routers stopped downloading v2 consensus
      documents entirely.

  o Major bugfixes (relays):
    - Fix a bug handling SENDME cells on nonexistent streams that could
      result in bizarre window values. Report and patch contributed
      pseudonymously. Fixes part of bug 6271. This bug was introduced
      before the first Tor release, in svn commit r152.
    - Don't update the AccountingSoftLimitHitAt state file entry whenever
      tor gets started. This prevents a wrong average bandwidth
      estimate, which would cause relays to always start a new accounting
      interval at the earliest possible moment. Fixes bug 2003; bugfix
      on Reported by Bryon Eldridge, who also helped
      immensely in tracking this bug down.
    - Fix a possible crash bug when checking for deactivated circuits
      in connection_or_flush_from_first_active_circuit(). Fixes bug 6341;
      bugfix on Bug report and fix received pseudonymously.
    - Set the SO_REUSEADDR socket option before we call bind() on outgoing
      connections. This change should allow busy exit relays to stop
      running out of available sockets as quickly. Fixes bug 4950;
      bugfix on

  o Major bugfixes (blocking resistance):
    - Bridges no longer include their address in NETINFO cells on outgoing
      OR connections, to allow them to blend in better with clients.
      Removes another avenue for enumerating bridges. Reported by
      "troll_un". Fixes bug 4348; bugfix on, when NETINFO
      cells were introduced.
    - Warn the user when HTTPProxy, but no other proxy type, is
      configured. This can cause surprising behavior: it doesn't send
      all of Tor's traffic over the HTTPProxy -- it sends unencrypted
      directory traffic only. Resolves ticket 4663.

  o Major bugfixes (hidden services):
    - Improve hidden service robustness: when an attempt to connect to
      a hidden service ends, be willing to refetch its hidden service
      descriptors from each of the HSDir relays responsible for them
      immediately. Previously, we would not consider refetching the
      service's descriptors from each HSDir for 15 minutes after the last
      fetch, which was inconvenient if the hidden service was not running
      during the first attempt. Bugfix on; fixes bug 3335.
    - Hidden services now ignore the timestamps on INTRODUCE2 cells.
      They used to check that the timestamp was within 30 minutes
      of their system clock, so they could cap the size of their
      replay-detection cache, but that approach unnecessarily refused
      service to clients with wrong clocks. Bugfix on, when
      the v3 intro-point protocol (the first one which sent a timestamp
      field in the INTRODUCE2 cell) was introduced; fixes bug 3460.
    - When one of a hidden service's introduction points appears to be
      unreachable, stop trying it. Previously, we would keep trying
      to build circuits to the introduction point until we lost the
      descriptor, usually because the user gave up and restarted Tor.
      Fixes part of bug 3825.

  o Changes to default torrc file:
    - Stop listing "socksport 9050" in torrc.sample. We open a socks
      port on 9050 by default anyway, so this should not change anything
      in practice.
    - Stop mentioning the deprecated *ListenAddress options in
      torrc.sample. Fixes bug 5438.
    - Document unit of bandwidth-related options in sample torrc.
      Fixes bug 5621.
    - Fix broken URLs in the sample torrc file, and tell readers about
      the OutboundBindAddress, ExitPolicyRejectPrivate, and
      PublishServerDescriptor options. Addresses bug 4652.

  o Minor features (directory authorities):
    - Consider new, removed or changed IPv6 OR ports a non-cosmetic
      change when the authority is deciding whether to accept a newly
      uploaded descriptor. Implements ticket 6423.
    - Directory authorities are now a little more lenient at accepting
      older router descriptors, or newer router descriptors that don't
      make big changes. This should help ameliorate past and future
      issues where routers think they have uploaded valid descriptors,
      but the authorities don't think so. Fix for ticket 2479.
    - Authority operators can now vote for all relays in a given
      set of countries to be BadDir/BadExit/Invalid/Rejected.
    - Provide two consensus parameters (FastFlagMinThreshold and
      FastFlagMaxThreshold) to control the range of allowable bandwidths
      for the Fast directory flag. These allow authorities to run
      experiments on appropriate requirements for being a "Fast" node.
      The AuthDirFastGuarantee config value still applies. Implements
      ticket 3946.

  o Minor features (bridges / bridge authorities):
    - Make bridge SSL certificates a bit more stealthy by using random
      serial numbers, in the same fashion as OpenSSL when generating
      self-signed certificates. Implements ticket 4584.
    - Tag a bridge's descriptor as "never to be sent unencrypted".
      This shouldn't matter, since bridges don't open non-anonymous
      connections to the bridge authority and don't allow unencrypted
      directory connections from clients, but we might as well make
      sure. Closes bug 5139.
    - The Bridge Authority now writes statistics on how many bridge
      descriptors it gave out in total, and how many unique descriptors
      it gave out. It also lists how often the most and least commonly
      fetched descriptors were given out, as well as the median and
      25th/75th percentile. Implements tickets 4200 and 4294.

  o Minor features (IPv6):
    - Make the code that clients use to detect an address change be
      IPv6-aware, so that it won't fill clients' logs with error
      messages when trying to get the IPv4 address of an IPv6
      connection. Implements ticket 5537.
    - Relays now understand an IPv6 address when they get one from a
      directory server. Resolves ticket 4875.

  o Minor features (hidden services):
    - Expire old or over-used hidden service introduction points.
      Required by fix for bug 3460.
    - Reduce the lifetime of elements of hidden services' Diffie-Hellman
      public key replay-detection cache from 60 minutes to 5 minutes. This
      replay-detection cache is now used only to detect multiple
      INTRODUCE2 cells specifying the same rendezvous point, so we can
      avoid launching multiple simultaneous attempts to connect to it.
    - When a hidden service's introduction point times out, consider
      trying it again during the next attempt to connect to the
      HS. Previously, we would not try it again unless a newly fetched
      descriptor contained it. Required by fixes for bugs 1297 and 3825.

  o Minor features (relays):
    - Relays now include a reason for regenerating their descriptors
      in an HTTP header when uploading to the authorities. This will
      make it easier to debug descriptor-upload issues in the future.
    - Turn on directory request statistics by default and include them in
      extra-info descriptors. Don't break if we have no GeoIP database.
    - Replace files in stats/ rather than appending to them. Now that we
      include statistics in extra-info descriptors, it makes no sense to
      keep old statistics forever. Implements ticket 2930.
    - Relays that set "ConnDirectionStatistics 1" write statistics on the
      bidirectional use of connections to disk every 24 hours.
    - Add a GeoIP file digest to the extra-info descriptor. Implements
      ticket 1883.

  o Minor features (new config options):
    - New config option "DynamicDHGroups" (disabled by default) provides
      each bridge with a unique prime DH modulus to be used during
      SSL handshakes. This option attempts to help against censors
      who might use the Apache DH modulus as a static identifier for
      bridges. Addresses ticket 4548.
    - New config option "DisableDebuggerAttachment" (on by default)
      to prevent basic debugging attachment attempts by other processes.
      Supports Mac OS X and Gnu/Linux. Resolves ticket 3313.
    - Ordinarily, Tor does not count traffic from private addresses (like or when calculating rate limits or accounting.
      There is now a new option, CountPrivateBandwidth, to disable this
      behavior. Patch from Daniel Cagara.

  o Minor features (different behavior for old config options):
    - Allow MapAddress directives to specify matches against super-domains,
      as in "MapAddress *.torproject.org *.torproject.org.torserver.exit".
      Implements issue 933.
    - Don't disable the DirPort when we cannot exceed our AccountingMax
      limit during this interval because the effective bandwidthrate is
      low enough. This is useful in a situation where AccountMax is only
      used as an additional safeguard or to provide statistics.
    - Add port 6523 (Gobby) to LongLivedPorts. Patch by intrigeri;
      implements ticket 3439.
    - When configuring a large set of nodes in EntryNodes, and there are
      enough of them listed as Guard so that we don't need to consider
      the non-guard entries, prefer the ones listed with the Guard flag.
    - If you set the NumCPUs option to 0, Tor will now try to detect how
      many CPUs you have. This is the new default behavior.
    - The NodeFamily option -- which let you declare that you want to
      consider nodes to be part of a family whether they list themselves
      that way or not -- now allows IP address ranges and country codes.

  o Minor features (new command-line config behavior):
    - Slightly change behavior of "list" options (that is, config
      options that can appear more than once) when they appear both in
      torrc and on the command line. Previously, the command-line options
      would be appended to the ones from torrc. Now, the command-line
      options override the torrc options entirely. This new behavior
      allows the user to override list options (like exit policies and
      ports to listen on) from the command line, rather than simply
      appending to the list.
    - You can get the old (appending) command-line behavior for "list"
      options by prefixing the option name with a "+".
    - You can remove all the values for a "list" option from the command
      line without adding any new ones by prefixing the option name
      with a "/".

  o Minor features (controller, new events):
    - Extend the control protocol to report flags that control a circuit's
      path selection in CIRC events and in replies to 'GETINFO
      circuit-status'. Implements part of ticket 2411.
    - Extend the control protocol to report the hidden service address
      and current state of a hidden-service-related circuit in CIRC
      events and in replies to 'GETINFO circuit-status'. Implements part
      of ticket 2411.
    - Include the creation time of a circuit in CIRC and CIRC2
      control-port events and the list produced by the 'GETINFO
      circuit-status' control-port command.
    - Add a new CONF_CHANGED event so that controllers can be notified
      of any configuration changes made by other controllers, or by the
      user. Implements ticket 1692.
    - Add a new SIGNAL event to the controller interface so that
      controllers can be notified when Tor handles a signal. Resolves
      issue 1955. Patch by John Brooks.

  o Minor features (controller, new getinfo options):
    - Expose our view of whether we have gone dormant to the controller,
      via a new "GETINFO dormant" value. Torbutton and other controllers
      can use this to avoid doing periodic requests through Tor while
      it's dormant (bug 4718). Resolves ticket 5954.
    - Add a new GETINFO option to get total bytes read and written. Patch
      from pipe, revised by atagar. Resolves ticket 2345.
    - Implement new GETINFO controller fields to provide information about
      the Tor process's pid, euid, username, and resource limits.

  o Minor features (controller, other):
    - Allow controllers to request an event notification whenever a
      circuit is cannibalized or its purpose is changed. Implements
      part of ticket 3457.
    - Use absolute path names when reporting the torrc filename in the
      control protocol, so a controller can more easily find the torrc
      file. Resolves bug 1101.
    - When reporting the path to the cookie file to the controller,
      give an absolute path. Resolves ticket 4881.

  o Minor features (log messages):
    - Add more information to a log statement that might help track down
      bug 4091. If you're seeing "Bug: tor_addr_is_internal() called with a
      non-IP address" messages (or any Bug messages, for that matter!),
      please let us know about it.
    - If EntryNodes are given, but UseEntryGuards is set to 0, warn that
      EntryNodes will have no effect. Resolves issue 2571.
    - Try to make the introductory warning message that Tor prints on
      startup more useful for actually finding help and information.
      Resolves ticket 2474.
    - When the system call to create a listener socket fails, log the
      error message explaining why. This may help diagnose bug 4027.

  o Minor features (other):
    - When we fail to initialize Libevent, retry with IOCP disabled so we
      don't need to turn on multi-threading support in Libevent, which in
      turn requires a working socketpair(). This is a workaround for bug
      4457, which affects Libevent versions from 2.0.1-alpha through
    - When starting as root and then changing our UID via the User
      control option, and we have a ControlSocket configured, make sure
      that the ControlSocket is owned by the same account that Tor will
      run under. Implements ticket 3421; fix by Jérémy Bobbio.
    - Accept attempts to include a password authenticator in the
      handshake, as supported by SOCKS5. This handles SOCKS clients that
      don't know how to omit a password when authenticating. Resolves
      bug 1666.
    - Check for and recover from inconsistency in the microdescriptor
      cache. This will make it harder for us to accidentally free a
      microdescriptor without removing it from the appropriate data
      structures. Fixes issue 3135; issue noted by "wanoskarnet".
    - Shorten links in the tor-exit-notice file. Patch by Christian Kujau.

  o Minor bugfixes (code security):
    - Prevent a null-pointer dereference when receiving a data cell
      for a nonexistent stream when the circuit in question has an
      empty deliver window. We don't believe this is triggerable,
      since we don't currently allow deliver windows to become empty,
      but the logic is tricky enough that it's better to make the code
      robust. Fixes bug 5541; bugfix on 0.0.2pre14.
    - Fix a (harmless) integer overflow in cell statistics reported by
      some fast relays. Fixes bug 5849; bugfix on
    - Fix our implementation of crypto_random_hostname() so it can't
      overflow on ridiculously large inputs. (No Tor version has ever
      provided this kind of bad inputs, but let's be correct in depth.)
      Fixes bug 4413; bugfix on Fix by Stephen Palmateer.
    - Add a (probably redundant) memory clear between iterations of
      the router status voting loop, to prevent future coding errors
      where data might leak between iterations of the loop. Resolves
      ticket 6514.

  o Minor bugfixes (wrapper functions):
    - Abort if tor_vasprintf() fails in connection_printf_to_buf() (a
      utility function used in the control-port code). This shouldn't
      ever happen unless Tor is completely out of memory, but if it did
      happen and Tor somehow recovered from it, Tor could have sent a log
      message to a control port in the middle of a reply to a controller
      command. Fixes part of bug 3428; bugfix on
    - Fix some (not actually triggerable) buffer size checks in usage of
      tor_inet_ntop(). Fixes bug 4434; bugfix on Tor Patch
      by Anders Sundman.
    - Fix parsing of some corner-cases with tor_inet_pton(). Fixes
      bug 4515; bugfix on; fix by Anders Sundman.
    - Enforce correct return behavior of tor_vsscanf() when the '%%'
      pattern is used. Fixes bug 5558. Bugfix on
    - Make our replacement implementation of strtok_r() compatible with
      the standard behavior of strtok_r(). Patch by nils. Fixes bug 5091;
      bugfix on
    - Find more places in the code that should have been testing for
      invalid sockets using the SOCKET_OK macro. Required for a fix
      for bug 4533. Bugfix on

  o Minor bugfixes (code correctness):
    - Check return value of fputs() when writing authority certificate
      file. Fixes Coverity issue 709056; bugfix on
    - When building Tor on Windows with -DUNICODE (not default), ensure
      that error messages, filenames, and DNS server names are always
      NUL-terminated when we convert them to a single-byte encoding.
      Fixes bug 5909; bugfix on
    - Fix a memory leak when trying to launch a DNS request when the
      nameservers are unconfigurable. Fixes bug 5916; bugfix on Tor
    - Correct file sizes when reading binary files on Cygwin, to avoid
      a bug where Tor would fail to read its state file. Fixes bug 6844;
      bugfix on
    - Make sure to set *socket_error in all error cases in
      connection_connect(), so it can't produce a warning about
      errno being zero from errno_to_orconn_end_reason(). Bugfix on; resolves ticket 6028.
    - Initialize conn->addr to a valid state in spawn_cpuworker(). Fixes
      bug 4532; found by "troll_un".

  o Minor bugfixes (clients):
    - Allow one-hop directory-fetching circuits the full "circuit build
      timeout" period, rather than just half of it, before failing them
      and marking the relay down. This fix should help reduce cases where
      clients declare relays (or worse, bridges) unreachable because
      the TLS handshake takes a few seconds to complete. Fixes bug 6743;
      bugfix on, where we changed the timeout from a static
      30 seconds.
    - Ensure we don't cannibalize circuits that are longer than three hops
      already, so we don't end up making circuits with 5 or more
      hops. Patch contributed by wanoskarnet. Fixes bug 5231; bugfix on which introduced cannibalization.

  o Minor bugfixes (relays):
    - Don't publish a new relay descriptor when we reload our onion key,
      unless the onion key has actually changed. Fixes bug 3263 and
      resolves another cause of bug 1810. Bugfix on
    - When relays refuse a "create" cell because their queue of pending
      create cells is too big (typically because their cpu can't keep up
      with the arrival rate), send back reason "resource limit" rather
      than reason "internal", so network measurement scripts can get a
      more accurate picture. Bugfix on; fixes bug 7037.
    - Exit nodes don't need to fetch certificates for authorities that
      they don't recognize; only directory authorities, bridges,
      and caches need to do that. Fixes part of bug 2297; bugfix on

  o Minor bugfixes (directory authority / mirrors):
    - Avoid O(n^2) performance characteristics when parsing a large
      extrainfo cache. Fixes bug 5828; bugfix on
    - Authorities no longer include any router in their microdescriptor
      consensuses for which they couldn't generate or agree on a
      microdescriptor. Fixes the second piece of bug 6404; fix on
    - When checking for requested signatures on the latest consensus
      before serving it to a client, make sure to check the right
      consensus flavor. Bugfix on
    - Fix an edge case where TestingTorNetwork is set but the authorities
      and relays all have an uptime of zero, so the private Tor network
      could briefly lack support for hidden services. Fixes bug 3886;
      bugfix on
    - Directory caches no longer refuse to clean out descriptors because
      of missing v2 networkstatus documents, unless they're configured
      to retrieve v2 networkstatus documents. Fixes bug 4838; bugfix on Patch by Daniel Bryg.
    - Don't serve or accept v2 hidden service descriptors over a relay's
      DirPort. It's never correct to do so, and disabling it might
      make it more annoying to exploit any bugs that turn up in the
      descriptor-parsing code. Fixes bug 7149.

  o Minor bugfixes (hidden services, client-side):
    - Assert that hidden-service-related operations are not performed
      using single-hop circuits. Previously, Tor would assert that
      client-side streams are not attached to single-hop circuits,
      but not that other sensitive operations on the client and service
      side are not performed using single-hop circuits. Fixes bug 3332;
      bugfix on 0.0.6.
    - Avoid undefined behaviour when parsing the list of supported
      rendezvous/introduction protocols in a hidden service descriptor.
      Previously, Tor would have confused (as-yet-unused) protocol version
      numbers greater than 32 with lower ones on many platforms. Fixes
      bug 6827; bugfix on Found by George Kadianakis.
    - Don't close hidden service client circuits which have almost
      finished connecting to their destination when they reach
      the normal circuit-build timeout. Previously, we would close
      introduction circuits which are waiting for an acknowledgement
      from the introduction point, and rendezvous circuits which have
      been specified in an INTRODUCE1 cell sent to a hidden service,
      after the normal CBT. Now, we mark them as 'timed out', and launch
      another rendezvous attempt in parallel. This behavior change can
      be disabled using the new CloseHSClientCircuitsImmediatelyOnTimeout
      option. Fixes part of bug 1297; bugfix on

  o Minor bugfixes (hidden services, service-side):
    - Don't close hidden-service-side rendezvous circuits when they
      reach the normal circuit-build timeout. This behaviour change can
      be disabled using the new
      CloseHSServiceRendCircuitsImmediatelyOnTimeout option. Fixes the
      remaining part of bug 1297; bugfix on
    - Don't launch more than 10 service-side introduction-point circuits
      for a hidden service in five minutes. Previously, we would consider
      launching more introduction-point circuits if at least one second
      had passed without any introduction-point circuits failing. Fixes
      bug 4607; bugfix on 0.0.7pre1.

  o Minor bugfixes (config option behavior):
    - If the user tries to set MyFamily on a bridge, refuse to
      do so, and warn about the security implications. Fixes bug 4657;
      bugfix on
    - The "--quiet" and "--hush" options now apply not only to Tor's
      behavior before logs are configured, but also to Tor's behavior in
      the absense of configured logs. Fixes bug 3550; bugfix on
    - Change the AllowDotExit rules so they should actually work.
      We now enforce AllowDotExit only immediately after receiving an
      address via SOCKS or DNSPort: other sources are free to provide
      .exit addresses after the resolution occurs. Fixes bug 3940;
      bugfix on
    - Make "LearnCircuitBuildTimeout 0" work more reliably. Specifically,
      don't depend on the consensus parameters or compute adaptive
      timeouts when it is disabled. Fixes bug 5049; bugfix on
    - After we pick a directory mirror, we would refuse to use it if
      it's in our ExcludeExitNodes list, resulting in mysterious failures
      to bootstrap for people who just wanted to avoid exiting from
      certain locations. Fixes bug 5623; bugfix on
    - When told to add a bridge with the same digest as a preexisting
      bridge but a different addr:port, change the addr:port as
      requested. Previously we would not notice the change. Fixes half
      of bug 5603; fix on

  o Minor bugfixes (controller):
    - Allow manual 'authenticate' commands to the controller interface
      from netcat (nc) as well as telnet. We were rejecting them because
      they didn't come with the expected whitespace at the end of the
      command. Bugfix on; fixes bug 2893.
    - Report a real bootstrap problem to the controller on router
      identity mismatch. Previously we just said "foo", which probably
      made a lot of sense at the time. Fixes bug 4169; bugfix on
    - When we receive a SIGHUP and the controller __ReloadTorrcOnSIGHUP
      option is set to 0 (which Vidalia version 0.2.16 now does when
      a SAVECONF attempt fails), perform other actions that SIGHUP
      usually causes (like reopening the logs). Fixes bug 5095; bugfix
    - Correctly handle checking the permissions on the parent
      directory of a control socket in the root directory. Bug found
      by Esteban Manchado Velázquez. Fixes bug 5089; bugfix on Tor
    - End AUTHCHALLENGE error messages (in the control protocol) with
      a CRLF. Fixes bug 5760; bugfix on

  o Minor bugfixes (network reading/writing):
    - Disable writing on marked-for-close connections when they are
      blocked on bandwidth, to prevent busy-looping in Libevent. Fixes
      bug 5263; bugfix on 0.0.2pre13, where we first added a special
      case for flushing marked connections.
    - Make sure that there are no unhandled pending TLS errors before
      reading from a TLS stream. We had checks in, but
      lost them in when we refactored read_to_buf_tls().
      Bugfix on; fixes bug 4528.
    - Detect SSL handshake even when the initial attempt to write the
      server hello fails. Fixes bug 4592; bugfix on
    - If the client fails to set a reasonable set of ciphersuites
      during its v2 handshake renegotiation, allow the renegotiation to
      continue nevertheless (i.e. send all the required certificates).
      Fixes bug 4591; bugfix on

  o Minor bugfixes (other):
    - Exit nodes now correctly report EADDRINUSE and EADDRNOTAVAIL as
      resource exhaustion, so that clients can adjust their load to
      try other exits. Fixes bug 4710; bugfix on, which
    - Don't check for whether the address we're using for outbound
      connections has changed until after the outbound connection has
      completed. On Windows, getsockname() doesn't succeed until the
      connection is finished. Fixes bug 5374; bugfix on
    - Don't hold a Windows file handle open for every file mapping;
      the file mapping handle is sufficient. Fixes bug 5951; bugfix on
    - Fix wrong TCP port range in parse_port_range(). Fixes bug 6218;
      bugfix on
    - If we fail to write a microdescriptor to the disk cache, do not
      continue replacing the old microdescriptor file. Fixes bug 2954;
      bugfix on

  o Minor bugfixes (log messages, path selection):
    - Downgrade "set buildtimeout to low value" messages to "info"
      severity; they were never an actual problem, there was never
      anything reasonable to do about them, and they tended to spam logs
      from time to time. Fixes bug 6251; bugfix on
    - Rate-limit the "Weighted bandwidth is 0.000000" message, and add
      more information to it, so that we can track it down in case it
      returns again. Mitigates bug 5235.
    - Check CircuitBuildTimeout and LearnCircuitBuildTimeout in
      options_validate(); warn if LearnCircuitBuildTimeout is disabled and
      CircuitBuildTimeout is set unreasonably low. Resolves ticket 5452.
    - Issue a log message if a guard completes less than 40% of your
      circuits. Threshold is configurable by torrc option
      PathBiasNoticeRate and consensus parameter pb_noticepct. There is
      additional, off-by-default code to disable guards which fail too
      many circuits. Addresses ticket 5458.

  o Minor bugfixes (log messages, client):
    - Downgrade "Got a certificate, but we already have it" log messages
      from warning to info, except when we're a dirauth. Fixes bug 5238;
      bugfix on
    - Fix the log message describing how we work around discovering
      that our version is the ill-fated OpenSSL 0.9.8l. Fixes bug
      4837; bugfix on
    - When logging about a disallowed .exit name, do not also call it
      an "invalid onion address". Fixes bug 3325; bugfix on
    - Fix a log message suggesting that people contact a non-existent
      email address. Fixes bug 3448.
    - Rephrase the log message emitted if the TestSocks check is
      successful. Patch from Fabian Keil; fixes bug 4094.
    - Log (at debug level) whenever a circuit's purpose is changed.
    - Log SSL state transitions at log level DEBUG, log domain
      HANDSHAKE. This can be useful for debugging censorship events.
      Implements ticket 3264.
    - We now log which torrc file we're using on startup. Implements
      ticket 2444.
    - Rate-limit log messages when asked to connect anonymously to
      a private address. When these hit, they tended to hit fast and
      often. Also, don't bother trying to connect to addresses that we
      are sure will resolve to getting in a directory
      reply makes us think we have been lied to, even when the address the
      client tried to connect to was "localhost." Resolves ticket 2822.

  o Minor bugfixes (log messages, non-client):
    - Downgrade "eventdns rejected address" message to LOG_PROTOCOL_WARN.
      Fixes bug 5932; bugfix on
    - Don't log that we have "decided to publish new relay descriptor"
      unless we are actually publishing a descriptor. Fixes bug 3942;
      bugfix on
    - Log which authority we're missing votes from when we go to fetch
      them from the other auths.
    - Replace "Sending publish request" log messages with "Launching
      upload", so that they no longer confusingly imply that we're
      sending something to a directory we might not even be connected
      to yet. Fixes bug 3311; bugfix on
    - Warn when Tor is configured to use accounting in a way that can
      link a hidden service to some other hidden service or public
      address. Resolves ticket 6490.
    - Fix a minor formatting issue in one of tor-gencert's error messages.
      Fixes bug 4574.

  o Testing:
    - Update to the latest version of the tinytest unit testing framework.
      This includes a couple of bugfixes that can be relevant for
      running forked unit tests on Windows, and removes all reserved
    - Avoid a false positive in the util/threads unit test by increasing
      the maximum timeout time. Fixes bug 6227; bugfix on
    - Make it possible to set the TestingTorNetwork configuration
      option using AlternateDirAuthority and AlternateBridgeAuthority
      as an alternative to setting DirServer. Addresses ticket 6377.
    - Add a unit test for the environment_variable_names_equal() function.
    - A wide variety of new unit tests by Esteban Manchado Velázquez.
    - Numerous new unit tests for functions in util.c and address.c by
      Anders Sundman.
    - The long-disabled benchmark tests are now split into their own
      ./src/test/bench binary.
    - The benchmark tests can now use more accurate timers than
      gettimeofday() when such timers are available.
    - Use tt_assert(), not tor_assert(), for checking for test failures.
      This makes the unit tests more able to go on in the event that
      one of them fails.

  o Build improvements:
    - Use the dead_strip option when building Tor on OS X. This reduces
      binary size by almost 19% when linking openssl and libevent
      statically, which we do for Tor Browser Bundle.
    - Provide a better error message about possible OSX Asciidoc failure
      reasons. Fixes bug 6436.
    - Detect attempts to build Tor on (as yet hypothetical) versions
      of Windows where sizeof(intptr_t) != sizeof(SOCKET). Partial
      fix for bug 4533. Bugfix on
    - On Windows, we now define the _WIN32_WINNT macros only if they
      are not already defined. This lets the person building Tor decide,
      if they want, to require a later version of Windows.
    - Our autogen.sh script now uses autoreconf to launch autoconf,
      automake, and so on. This is more robust against some of the failure
      modes associated with running the autotools pieces on their own.
    - Running "make version" now displays the version of Tor that
      we're about to build. Idea from katmagic; resolves issue 4400.
    - Make 'tor --digests' list hashes of all Tor source files. Bugfix
      on; fixes bug 3427.
    - New --enable-static-tor configure option for building Tor as
      statically as possible. Idea, general hackery and thoughts from
      Alexei Czeskis, John Gilmore, Jacob Appelbaum. Implements ticket
    - Limited, experimental support for building with nmake and MSVC.

  o Build requirements:
    - Building Tor with bufferevent support now requires Libevent
      2.0.13-stable or later. Previous versions of Libevent had bugs in
      SSL-related bufferevents and related issues that would make Tor
      work badly with bufferevents. Requiring 2.0.13-stable also allows
      Tor with bufferevents to take advantage of Libevent APIs
      introduced after 2.0.8-rc.
    - Our build system requires automake 1.6 or later to create the
      Makefile.in files. Previously, you could have used 1.4.
      This only affects developers and people building Tor from git;
      people who build Tor from the source distribution without changing
      the Makefile.am files should be fine.
    - Detect when we try to build on a platform that doesn't define
      AF_UNSPEC to 0. We don't work there, so refuse to compile.

  o Build fixes (compile/link):
    - Format more doubles with %f, not %lf. Patch from grarpamp to make
      Tor build correctly on older BSDs again. Fixes bug 3894; bugfix on
    - When building with --enable-static-tor on OpenBSD, do not
      erroneously attempt to link -lrt. Fixes bug 5103.
    - Set _WIN32_WINNT to 0x0501 consistently throughout the code, so
      that IPv6 stuff will compile on MSVC, and compilation issues
      will be easier to track down. Fixes bug 5861.
    - Fix build and 64-bit compile warnings from --enable-openbsd-malloc.
      Fixes bug 6379. Bugfix on
    - Make Tor build correctly again with -DUNICODE -D_UNICODE defined.
      Fixes bug 6097; bugfix on

  o Build fixes (other):
    - Use the _WIN32 macro throughout our code to detect Windows.
      (Previously we had used the obsolete 'WIN32' and the idiosyncratic
    - Properly handle the case where the build-tree is not the same
      as the source tree when generating src/common/common_sha1.i,
      src/or/micro-revision.i, and src/or/or_sha1.i. Fixes bug 3953;
      bugfix on
    - During configure, search for library containing cos function as
      libm lives in libcore on some platforms (BeOS/Haiku). Linking
      against libm was hard-coded before. Fixes the first part of bug
      4727; bugfix on Patch and analysis by Martin Hebnes
    - Prevent a false positive from the check-spaces script, by disabling
      the "whitespace between function name and (" check for functions
      named 'op()'.

  o Packaging (RPM) changes:
    - Update our default RPM spec files to work with mock and rpmbuild
      on RHEL/Fedora. They have an updated set of dependencies and
      conflicts, a fix for an ancient typo when creating the "_tor"
      user, and better instructions. Thanks to Ondrej Mikle for the
      patch series. Fixes bug 6043.
    - On OpenSUSE, create the /var/run/tor directory on startup if it
      is not already created. Patch from Andreas Stieger. Fixes bug 2573.

  o Code refactoring (safety):
    - Do not use SMARTLIST_FOREACH for any loop whose body exceeds
      10 lines. Also, don't nest them. Doing so in the past has
      led to hard-to-debug code. The new style is to use the
      SMARTLIST_FOREACH_{BEGIN,END} pair. Addresses issue 6400.
    - Use macros to indicate OpenSSL versions, so we don't need to worry
      about accidental hexadecimal bit shifts.
    - Use tor_sscanf() in place of scanf() in more places through the
      code. This makes us a little more locale-independent, and
      should help shut up code-analysis tools that can't tell
      a safe sscanf string from a dangerous one.
    - Convert more instances of tor_snprintf+tor_strdup into tor_asprintf.
    - Use the smartlist_add_asprintf() alias more consistently.

  o Code refactoring (consolidate):
    - A major revision to our internal node-selecting and listing logic.
      Tor already had at least two major ways to look at the question of
      "which Tor servers do we know about": a list of router descriptors,
      and a list of entries in the current consensus. With
      microdescriptors, we're adding a third. Having so many systems
      without an abstraction layer over them was hurting the codebase.
      Now, we have a new "node_t" abstraction that presents a consistent
      interface to a client's view of a Tor node, and holds (nearly) all
      of the mutable state formerly in routerinfo_t and routerstatus_t.
    - Move tor_gettimeofday_cached() into compat_libevent.c, and use
      Libevent's notion of cached time when possible.
    - Remove duplicate code for invoking getrlimit() from control.c.
    - Use OpenSSL's built-in SSL_state_string_long() instead of our
      own homebrewed ssl_state_to_string() replacement. Patch from
      Emile Snyder. Fixes bug 4653.
    - Change the symmetric cipher interface so that creating and
      initializing a stream cipher are no longer separate functions.

  o Code refactoring (separate):
    - Make a new "entry connection" struct as an internal subtype of "edge
      connection", to simplify the code and make exit connections smaller.
    - Split connection_about_to_close() into separate functions for each
      connection type.
    - Rewrite the listener-selection logic so that parsing which ports
      we want to listen on is now separate from binding to the ports
      we want.

  o Code refactoring (name changes):
    - Rename a handful of old identifiers, mostly related to crypto
      structures and crypto functions. By convention, our "create an
      object" functions are called "type_new()", our "free an object"
      functions are called "type_free()", and our types indicate that
      they are types only with a final "_t". But a handful of older
      types and functions broke these rules, with function names like
      "type_create" or "subsystem_op_type", or with type names like
    - Rename Tor functions that turn strings into addresses, so that
      "parse" indicates that no hostname resolution occurs, and
      "lookup" indicates that hostname resolution may occur. This
      should help prevent mistakes in the future. Fixes bug 3512.
    - Use the name "CERTS" consistently to refer to the new cell type;
      we were calling it CERT in some places and CERTS in others.
    - Use a TOR_INVALID_SOCKET macro when initializing a socket to an
      invalid value, rather than just -1.
    - Rename the bench_{aes,dmap} functions to test_*, so that tinytest
      can pick them up when the tests aren't disabled. Bugfix on which introduced tinytest.

  o Code refactoring (other):
    - Defensively refactor rend_mid_rendezvous() so that protocol
      violations and length checks happen in the beginning. Fixes
      bug 5645.
    - Remove the pure attribute from all functions that used it
      previously. In many cases we assigned it incorrectly, because the
      functions might assert or call impure functions, and we don't have
      evidence that keeping the pure attribute is worthwhile. Implements
      changes suggested in ticket 4421.
    - Move the replay-detection cache for the RSA-encrypted parts of
      INTRODUCE2 cells to the introduction point data structures.
      Previously, we would use one replay-detection cache per hidden
      service. Required by fix for bug 3460.
    - The helper programs tor-gencert, tor-resolve, and tor-checkkey
      no longer link against Libevent: they never used it, but
      our library structure used to force them to link it.

  o Removed features and files:
    - Remove all internal support for unpadded RSA. We never used it, and
      it would be a bad idea to start.
    - Remove some workaround code for OpenSSL 0.9.6 (which is no longer
    - Remove some redundant #include directives throughout the code.
      Patch from Andrea Gelmini.
    - Remove some old code to remember statistics about which descriptors
      we've served as a directory mirror. The feature wasn't used and
      is outdated now that microdescriptors are around.
    - Remove some old code to work around even older versions of Tor that
      used forked processes to handle DNS requests. Such versions of Tor
      are no longer in use as relays.
    - The "torify" script no longer supports the "tsocks" socksifier
      tool, since tsocks doesn't support DNS and UDP right for Tor.
      Everyone should be using torsocks instead. Fixes bugs 3530 and
      5180. Based on a patch by "ugh".
    - Remove the torrc.bridge file: we don't use it for anything, and
      it had become badly desynchronized from torrc.sample. Resolves
      bug 5622.

  o Documentation:
    - Begin a doc/state-contents.txt file to explain the contents of
      the Tor state file. Fixes bug 2987.
    - Clarify the documentation for the Alternate*Authority options.
      Fixes bug 6387.
    - Document the --defaults-torrc option, and the new semantics for
      overriding, extending, and clearing lists of options. Closes
      bug 4748.
    - Add missing man page documentation for consensus and microdesc
      files. Resolves ticket 6732.
    - Fix some typos in the manpages. Patch from A. Costa. Fixes bug 6500.

  o Documentation fixes:
    - Improve the manual's documentation for the NT Service command-line
      options. Addresses ticket 3964.
    - Clarify SessionGroup documentation slightly; resolves ticket 5437.
    - Document the changes to the ORPort and DirPort options, and the
      fact that {OR/Dir}ListenAddress is now unnecessary (and
      therefore deprecated). Resolves ticket 5597.
    - Correct a broken faq link in the INSTALL file. Fixes bug 2307.
    - Clarify that hidden services are TCP only. Fixes bug 6024.

Attachment: signature.asc
Description: Digital signature

tor-announce mailing list