[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor is out

     On Mon, 11 Feb 2008 22:36:51 -0500 Roger Dingledine <arma@xxxxxxx>
>Tor makes more progress towards normalizing Tor's TLS
>handshake, makes path selection for relays more secure and IP address
>guessing more robust, and generally fixes a lot of bugs in preparation
>for calling the 0.2.0 branch stable.
>Changes in version - 2008-02-09
>  o Major features:
>    - Do not include recognizeable strings in the commonname part of
>      Tor's x509 certificates.
>  o Major bugfixes:
>    - If we're a relay, avoid picking ourselves as an introduction point,
>      a rendezvous point, or as the final hop for internal circuits. Bug
>      reported by taranis and lodger. Bugfix on 0.1.2.x.
>    - Patch from "Andrew S. Lists" to catch when we contact a directory
>      mirror at IP address X and he says we look like we're coming from
>      IP address X. Bugfix on 0.1.2.x.
>  o Minor features (security):
>    - Be more paranoid about overwriting sensitive memory on free(),
>      as a defensive programming tactic to ensure forward secrecy.
>  o Minor features (directory authority):
>    - Actually validate the options passed to AuthDirReject,
>      AuthDirInvalid, AuthDirBadDir, and AuthDirBadExit.
>    - Reject router descriptors with out-of-range bandwidthcapacity or
>      bandwidthburst values.
>  o Minor features (controller):
>    - Reject controller commands over 1MB in length.  This keeps rogue
>      processes from running us out of memory.
>  o Minor features (misc):
>    - Give more descriptive well-formedness errors for out-of-range
>      hidden service descriptor/protocol versions.
>    - Make memory debugging information describe more about history
>      of cell allocation, so we can help reduce our memory use.
>  o Deprecated features (controller):
>    - The status/version/num-versioning and status/version/num-concurring
>      GETINFO options are no longer useful in the v3 directory protocol:
>      treat them as deprecated, and warn when they're used.
>  o Minor bugfixes:
>    - When our consensus networkstatus has been expired for a while, stop
>      being willing to build circuits using it. Fixes bug 401. Bugfix
>      on 0.1.2.x.
>    - Directory caches now fetch certificates from all authorities
>      listed in a networkstatus consensus, even when they do not
>      recognize them. Fixes bug 571. Bugfix on 0.2.0.x.
>    - When connecting to a bridge without specifying its key, insert
>      the connection into the identity-to-connection map as soon as
>      a key is learned. Fixes bug 574. Bugfix on 0.2.0.x.
>    - Detect versions of OS X where malloc_good_size() is present in the
>      library but never actually declared. Resolves bug 587. Bugfix
>      on 0.2.0.x.
>    - Stop incorrectly truncating zlib responses to directory authority
>      signature download requests. Fixes bug 593. Bugfix on 0.2.0.x.
>    - Stop recommending that every server operator send mail to tor-ops.
>      Resolves bug 597. Bugfix on 0.1.2.x.
>    - Don't trigger an assert if we start a directory authority with a
>      private IP address (like
>    - Avoid possible failures when generating a directory with routers
>      with over-long versions strings, or too many flags set. Bugfix
>      on 0.1.2.x.
>    - If an attempt to launch a DNS resolve request over the control
>      port fails because we have overrun the limit on the number of
>      connections, tell the controller that the request has failed.
>    - Avoid using too little bandwidth when our clock skips a few
>      seconds. Bugfix on 0.1.2.x.
>    - Fix shell error when warning about missing packages in configure
>      script, on Fedora or Red Hat machines. Bugfix on 0.2.0.x.
>    - Do not become confused when receiving a spurious VERSIONS-like
>      cell from a confused v1 client.  Bugfix on 0.2.0.x.
>    - Re-fetch v2 (as well as v0) rendezvous descriptors when all
>      introduction points for a hidden service have failed. Patch from
>      Karsten Loesing. Bugfix on 0.2.0.x.
>  o Code simplifications and refactoring:
>    - Remove some needless generality from cpuworker code, for improved
>      type-safety.
>    - Stop overloading the circuit_t.onionskin field for both "onionskin
>      from a CREATE cell that we are waiting for a cpuworker to be
>      assigned" and "onionskin from an EXTEND cell that we are going to
>      send to an OR as soon as we are connected". Might help with bug 600.
>    - Add an in-place version of aes_crypt() so that we can avoid doing a
>      needless memcpy() call on each cell payload.
     Looks wonderful, Roger!  Thanks, you guys, very much!  I've now
built it on my FreeBSD system and will fire it up the next time I restart
my tor server, which should be within a couple of days.

                                  Scott Bennett, Comm. ASMELG, CFIAG
* Internet:       bennett at cs.niu.edu                              *
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *