[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Tor is out

Tor fixes two major bugs in bridge relays (one that would
make the bridge relay not so useful if it had DirPort set to 0, and one
that could let an attacker learn a little bit of information about the
bridge's users), and a bug that would cause your Tor relay to ignore a
circuit create request it can't decrypt (rather than reply with an error).
It also fixes a wide variety of other bugs.


Changes in version - 2009-01-06
  o Major bugfixes:
    - If the cached networkstatus consensus is more than five days old,
      discard it rather than trying to use it. In theory it could
      be useful because it lists alternate directory mirrors, but in
      practice it just means we spend many minutes trying directory
      mirrors that are long gone from the network. Helps bug 887 a bit;
      bugfix on 0.2.0.x.
    - Bridge relays that had DirPort set to 0 would stop fetching
      descriptors shortly after startup, and then briefly resume
      after a new bandwidth test and/or after publishing a new bridge
      descriptor. Bridge users that try to bootstrap from them would
      get a recent networkstatus but would get descriptors from up to
      18 hours earlier, meaning most of the descriptors were obsolete
      already. Reported by Tas; bugfix on
    - Prevent bridge relays from serving their 'extrainfo' document
      to anybody who asks, now that extrainfo docs include potentially
      sensitive aggregated client geoip summaries. Bugfix on

  o Minor features:
    - New controller event "clients_seen" to report a geoip-based summary
      of which countries we've seen clients from recently. Now controllers
      like Vidalia can show bridge operators that they're actually making
      a difference.
    - Build correctly against versions of OpenSSL 0.9.8 or later built
      without support for deprecated functions.
    - Update to the "December 19 2008" ip-to-country file.

  o Minor bugfixes (on 0.2.0.x):
    - Authorities now vote for the Stable flag for any router whose
      weighted MTBF is at least 5 days, regardless of the mean MTBF.
    - Do not remove routers as too old if we do not have any consensus
      document. Bugfix on
    - Do not accept incomplete ipv4 addresses (like 192.168.0) as valid.
      Spec conformance issue. Bugfix on Tor 0.0.2pre27.
    - When an exit relay resolves a stream address to a local IP address,
      do not just keep retrying that same exit relay over and
      over. Instead, just close the stream. Addresses bug 872. Bugfix
      on Patch from rovv.
    - If a hidden service sends us an END cell, do not consider
      retrying the connection; just close it. Patch from rovv.
    - When we made bridge authorities stop serving bridge descriptors over
      unencrypted links, we also broke DirPort reachability testing for
      bridges. So bridges with a non-zero DirPort were printing spurious
      warns to their logs. Bugfix on Fixes bug 709.
    - When a relay gets a create cell it can't decrypt (e.g. because it's
      using the wrong onion key), we were dropping it and letting the
      client time out. Now actually answer with a destroy cell. Fixes
      bug 904. Bugfix on 0.0.2pre8.
    - Squeeze 2-5% out of client performance (according to oprofile) by
      improving the implementation of some policy-manipulation functions.

  o Minor bugfixes (on 0.2.1.x):
    - Make get_interface_address() function work properly again; stop
      guessing the wrong parts of our address as our address.
    - Do not cannibalize a circuit if we're out of RELAY_EARLY cells to
      send on that circuit. Otherwise we might violate the proposal-110
      limit. Bugfix on Partial fix for Bug 878. Diagnosis
      thanks to Karsten.
    - When we're sending non-EXTEND cells to the first hop in a circuit,
      for example to use an encrypted directory connection, we don't need
      to use RELAY_EARLY cells: the first hop knows what kind of cell
      it is, and nobody else can even see the cell type. Conserving
      RELAY_EARLY cells makes it easier to cannibalize circuits like
      this later.
    - Stop logging nameserver addresses in reverse order.
    - If we are retrying a directory download slowly over and over, do
      not automatically give up after the 254th failure. Bugfix on
    - Resume reporting accurate "stream end" reasons to the local control
      port. They were lost in the changes for Proposal 148. Bugfix on

  o Deprecated and removed features:
    - The old "tor --version --version" command, which would print out
      the subversion "Id" of most of the source files, is now removed. It
      turned out to be less useful than we'd expected, and harder to

  o Code simplifications and refactoring:
    - Change our header file guard macros to be less likely to conflict
      with system headers. Adam Langley noticed that we were conflicting
      with log.h on Android.
    - Tool-assisted documentation cleanup. Nearly every function or
      static variable in Tor should have its own documentation now.

Attachment: signature.asc
Description: Digital signature