[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Tor 0.2.0.18-alpha is out

To: or-talk@xxxxxxxxxxxxx
Subject: Tor 0.2.0.18-alpha is out
From: Roger Dingledine <arma@xxxxxxx>
Date: Mon, 28 Jan 2008 17:02:48 -0500
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Mon, 28 Jan 2008 17:02:57 -0500
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.5.13 (2006-08-11)

Tor 0.2.0.18-alpha adds a sixth v3 directory authority run by CCC,
fixes a big memory leak in 0.2.0.17-alpha, and adds new config options
that can warn or reject connections to ports generally associated with
vulnerable-plaintext protocols.

https://www.torproject.org/download#Dev

Changes in version 0.2.0.18-alpha - 2008-01-25
  o New directory authorities:
    - Set up dannenberg (run by CCC) as the sixth v3 directory
      authority.

  o Major bugfixes:
    - Fix a major memory leak when attempting to use the v2 TLS
      handshake code. Bugfix on 0.2.0.x; fixes bug 589.
    - We accidentally enabled the under-development v2 TLS handshake
      code, which was causing log entries like "TLS error while
      renegotiating handshake". Disable it again. Resolves bug 590.
    - We were computing the wrong Content-Length: header for directory
      responses that need to be compressed on the fly, causing clients
      asking for those items to always fail. Bugfix on 0.2.0.x; fixes
      bug 593.

  o Major features:
    - Avoid going directly to the directory authorities even if you're a
      relay, if you haven't found yourself reachable yet or if you've
      decided not to advertise your dirport yet. Addresses bug 556.
    - If we've gone 12 hours since our last bandwidth check, and we
      estimate we have less than 50KB bandwidth capacity but we could
      handle more, do another bandwidth test.
    - New config options WarnPlaintextPorts and RejectPlaintextPorts so
      Tor can warn and/or refuse connections to ports commonly used with
      vulnerable-plaintext protocols. Currently we warn on ports 23,
      109, 110, and 143, but we don't reject any.

  o Minor bugfixes:
    - When we setconf ClientOnly to 1, close any current OR and Dir
      listeners. Reported by mwenge.
    - When we get a consensus that's been signed by more people than
      we expect, don't log about it; it's not a big deal. Reported
      by Kyle Williams.

  o Minor features:
    - Don't answer "/tor/networkstatus-bridges" directory requests if
      the request isn't encrypted.
    - Make "ClientOnly 1" config option disable directory ports too.
    - Patches from Karsten Loesing to make v2 hidden services more
      robust: work even when there aren't enough HSDir relays available;
      retry when a v2 rend desc fetch fails; but don't retry if we
      already have a usable v0 rend desc.

Attachment: signature.asc
Description: Digital signature

Prev by Author: Re: quick circuit tear down question
Next by Author: Re: bridges.torproject.org certificate
Previous by thread: Re: Ethical considerations about parent proxies for Tor exit nodes [Was: Tor operator raided in Finland]
Next by thread: Tor 0.2.0.18-alpha log entries
Index(es):
- Author
- Thread