Tor 0.2.1.3-alpha implements most of the pieces to prevent infinite-length circuit attacks (see proposal 110); fixes a bug that might cause exit relays to corrupt streams they send back; allows address patterns (e.g. 255.128.0.0/16) to appear in ExcludeNodes and ExcludeExitNodes config options; and fixes a big pile of bugs. Tor 0.2.1.4-alpha fixes a pair of crash bugs in 0.2.1.3-alpha. https://www.torproject.org/download.html.en Changes in version 0.2.1.4-alpha - 2008-08-04 o Major bugfixes: - The address part of exit policies was not correctly written to router descriptors. This generated router descriptors that failed their self-checks. Noticed by phobos, fixed by Karsten. Bugfix on 0.2.1.3-alpha. - Tor triggered a false assert when extending a circuit to a relay but we already have a connection open to that relay. Noticed by phobos, fixed by Karsten. Bugfix on 0.2.1.3-alpha. o Minor bugfixes: - Fix a hidden service logging bug: in some edge cases, the router descriptor of a previously picked introduction point becomes obsolete and we need to give up on it rather than continually complaining that it has become obsolete. Observed by xiando. Bugfix on 0.2.1.3-alpha. o Removed features: - Take out the TestVia config option, since it was a workaround for a bug that was fixed in Tor 0.1.1.21. Changes in version 0.2.1.3-alpha - 2008-08-03 o Bootstrapping bugfixes (on 0.2.1.x-alpha): - Send a bootstrap problem "warn" event on the first problem if the reason is NO_ROUTE (that is, our network is down). o Major features: - Implement most of proposal 110: The first K cells to be sent along a circuit are marked as special "early" cells; only K "early" cells will be allowed. Once this code is universal, we can block certain kinds of DOS attack by requiring that EXTEND commands must be sent using an "early" cell. o Major bugfixes: - Try to attach connections immediately upon receiving a RENDEZVOUS2 or RENDEZVOUS_ESTABLISHED cell. This can save a second or two on the client side when connecting to a hidden service. Bugfix on 0.0.6pre1. Found and fixed by Christian Wilms; resolves bug 743. - Ensure that two circuits can never exist on the same connection with the same circuit ID, even if one is marked for close. This is conceivably a bugfix for bug 779; fixes a bug on 0.1.0.4-rc. o Minor features: - When relays do their initial bandwidth measurement, don't limit to just our entry guards for the test circuits. Otherwise we tend to have multiple test circuits going through a single entry guard, which makes our bandwidth test less accurate. Fixes part of bug 654; patch contributed by Josh Albrecht. - Add an ExcludeExitNodes option so users can list a set of nodes that should be be excluded from the exit node position, but allowed elsewhere. Implements proposal 151. - Allow address patterns (e.g., 255.128.0.0/16) to appear in ExcludeNodes and ExcludeExitNodes lists. - Change the implementation of ExcludeNodes and ExcludeExitNodes to be more efficient. Formerly it was quadratic in the number of servers; now it should be linear. Fixes bug 509. - Save 16-22 bytes per open circuit by moving the n_addr, n_port, and n_conn_id_digest fields into a separate structure that's only needed when the circuit has not yet attached to an n_conn. o Minor bugfixes: - Change the contrib/tor.logrotate script so it makes the new logs as "_tor:_tor" rather than the default, which is generally "root:wheel". Fixes bug 676, reported by Serge Koksharov. - Stop using __attribute__((nonnull)) with GCC: it can give us useful warnings (occasionally), but it can also cause the compiler to eliminate error-checking code. Suggested by Peter Gutmann. - When a hidden service is giving up on an introduction point candidate that was not included in the last published rendezvous descriptor, don't reschedule publication of the next descriptor. Fixes bug 763. Bugfix on 0.0.9.3. - Mark RendNodes, RendExcludeNodes, HiddenServiceNodes, and HiddenServiceExcludeNodes as obsolete: they never worked properly, and nobody claims to be using them. Fixes bug 754. Bugfix on 0.1.0.1-rc. Patch from Christian Wilms. - Fix a small alignment and memory-wasting bug on buffer chunks. Spotted by rovv. o Minor bugfixes (controller): - When closing an application-side connection because its circuit is getting torn down, generate the stream event correctly. Bugfix on 0.1.2.x. Anonymous patch. o Removed features: - Remove all backward-compatibility code to support relays running versions of Tor so old that they no longer work at all on the Tor network.
Description: Digital signature