Tor 0.2.0.22-rc is the third release candidate for the 0.2.0 series. It enables encrypted directory connections by default for non-relays, fixes some broken TLS behavior we added in 0.2.0.20-rc, and resolves many other bugs. The bundles also include Vidalia 0.1.1 and Torbutton 1.1.17: http://trac.vidalia-project.net/browser/vidalia/trunk/CHANGELOG https://torbutton.torproject.org/dev/CHANGELOG This is a release candidate! That means that we don't know of any remaining show-stopping bugs, and this will become the new stable if there are no problems. Please test it, and tell us about any problems that you find. https://www.torproject.org/download#Dev Changes in version 0.2.0.22-rc - 2008-03-18 o Major features: - Enable encrypted directory connections by default for non-relays, so censor tools that block Tor directory connections based on their plaintext patterns will no longer work. This means Tor works in certain censored countries by default again. o Major bugfixes: - Make sure servers always request certificates from clients during TLS renegotiation. Reported by lodger; bugfix on 0.2.0.20-rc. - Do not enter a CPU-eating loop when a connection is closed in the middle of client-side TLS renegotiation. Fixes bug 622. Bug diagnosed by lodger; bugfix on 0.2.0.20-rc. - Fix assertion failure that could occur when a blocked circuit became unblocked, and it had pending client DNS requests. Bugfix on 0.2.0.1-alpha. Fixes bug 632. o Minor bugfixes (on 0.1.2.x): - Generate "STATUS_SERVER" events rather than misspelled "STATUS_SEVER" events. Caught by mwenge. - When counting the number of bytes written on a TLS connection, look at the BIO actually used for writing to the network, not at the BIO used (sometimes) to buffer data for the network. Looking at different BIOs could result in write counts on the order of ULONG_MAX. Fixes bug 614. - On Windows, correctly detect errors when listing the contents of a directory. Fix from lodger. o Minor bugfixes (on 0.2.0.x): - Downgrade "sslv3 alert handshake failure" message to INFO. - If we set RelayBandwidthRate and RelayBandwidthBurst very high but left BandwidthRate and BandwidthBurst at the default, we would be silently limited by those defaults. Now raise them to match the RelayBandwidth* values. - Fix the SVK version detection logic to work correctly on a branch. - Make --enable-openbsd-malloc work correctly on Linux with alpha CPUs. Fixes bug 625. - Logging functions now check that the passed severity is sane. - Use proper log levels in the testsuite call of get_interface_address6(). - When using a nonstandard malloc, do not use the platform values for HAVE_MALLOC_GOOD_SIZE or HAVE_MALLOC_USABLE_SIZE. - Make the openbsd malloc code use 8k pages on alpha CPUs and 16k pages on ia64. - Detect mismatched page sizes when using --enable-openbsd-malloc. - Avoid double-marked-for-close warning when certain kinds of invalid .in-addr.arpa addresses are passed to the DNSPort. Part of a fix for bug 617. Bugfix on 0.2.0.1-alpha. - Make sure that the "NULL-means-reject *:*" convention is followed by all the policy manipulation functions, avoiding some possible crash bugs. Bug found by lodger. Bugfix on 0.2.0.16-alpha. - Fix the implementation of ClientDNSRejectInternalAddresses so that it actually works, and doesn't warn about every single reverse lookup. Fixes the other part of bug 617. Bugfix on 0.2.0.1-alpha. o Minor features: - Only log guard node status when guard node status has changed. - Downgrade the 3 most common "INFO" messages to "DEBUG". This will make "INFO" 75% less verbose.
Description: Digital signature