[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor is out

The win32 version of the bundle either is corrupted or has a bad
signature. Please fix this, and tell us if the signature or the bundle
was bad.

The win32 tor-only package has a good signature.

Roger Dingledine skrev:
> This eighth development snapshot fixes a crash bug that's been bothering
> us since February 2007, lets bridge authorities store a list of bridge
> descriptors they've seen, gets v3 directory voting closer to working,
> starts caching v3 directory consensus documents on directory mirrors,
> and fixes a variety of smaller issues including some minor memory leaks.
> The Windows bundle also includes the new development Torbutton
> version 1.1.8, which improves usability and compatibility over 1.1.7:
> http://torbutton.torproject.org/dev/ Windows users are encouraged to
> back up their Firefox settings before upgrading.
> https://tor.eff.org/download.html
> Changes in version - 2007-10-12
>   o Major features (router descriptor cache):
>     - Store routers in a file called cached-descriptors instead of in
>       cached-routers. Initialize cached-descriptors from cached-routers
>       if the old format is around. The new format allows us to store
>       annotations along with descriptors.
>     - Use annotations to record the time we received each descriptor, its
>       source, and its purpose.
>     - Disable the SETROUTERPURPOSE controller command: it is now
>       obsolete.
>     - Controllers should now specify cache=no or cache=yes when using
>       the +POSTDESCRIPTOR command.
>     - Bridge authorities now write bridge descriptors to disk, meaning
>       we can export them to other programs and begin distributing them
>       to blocked users.
>   o Major features (directory authorities):
>     - When a v3 authority is missing votes or signatures, it now tries
>       to fetch them.
>     - Directory authorities track weighted fractional uptime as well as
>       weighted mean-time-between failures.  WFU is suitable for deciding
>       whether a node is "usually up", while MTBF is suitable for deciding
>       whether a node is "likely to stay up."  We need both, because
>       "usually up" is a good requirement for guards, while "likely to
>       stay up" is a good requirement for long-lived connections.
>   o Major features (v3 directory system):
>     - Caches now download v3 network status documents as needed,
>       and download the descriptors listed in them.
>     - All hosts now attempt to download and keep fresh v3 authority
>       certificates, and re-attempt after failures.
>     - More internal-consistency checks for vote parsing.
>   o Major bugfixes (crashes):
>     - If a connection is shut down abruptly because of something that
>       happened inside connection_flushed_some(), do not call
>       connection_finished_flushing(). Should fix bug 451. Bugfix on
>   o Major bugfixes (performance):
>     - Fix really bad O(n^2) performance when parsing a long list of
>       routers: Instead of searching the entire list for an "extra-info "
>       string which usually wasn't there, once for every routerinfo
>       we read, just scan lines forward until we find one we like.
>       Bugfix on
>     - When we add data to a write buffer in response to the data on that
>       write buffer getting low because of a flush, do not consider the
>       newly added data as a candidate for immediate flushing, but rather
>       make it wait until the next round of writing. Otherwise, we flush
>       and refill recursively, and a single greedy TLS connection can
>       eat all of our bandwidth. Bugfix on
>   o Minor features (v3 authority system):
>     - Add more ways for tools to download the votes that lead to the
>       current consensus.
>     - Send a 503 when low on bandwidth and a vote, consensus, or
>       certificate is requested.
>     - If-modified-since is now implemented properly for all kinds of
>       certificate requests.
>   o Minor bugfixes (network statuses):
>     - Tweak the implementation of proposal 109 slightly: allow at most
>       two Tor servers on the same IP address, except if it's the location
>       of a directory authority, in which case allow five. Bugfix on
>   o Minor bugfixes (controller):
>     - When sending a status event to the controller telling it that an
>       OR address is readable, set the port correctly. (Previously we
>       were reporting the dir port.) Bugfix on 0.1.2.x.
>   o Minor bugfixes (v3 directory system):
>     - Fix logic to look up a cert by its signing key digest. Bugfix on
>     - Only change the reply to a vote to "OK" if it's not already
>       set. This gets rid of annoying "400 OK" log messages, which may
>       have been masking some deeper issue. Bugfix on
>     - When we get a valid consensus, recompute the voting schedule.
>     - Base the valid-after time of a vote on the consensus voting
>       schedule, not on our preferred schedule.
>     - Make the return values and messages from signature uploads and
>       downloads more sensible.
>     - Fix a memory leak when serving votes and consensus documents, and
>       another when serving certificates.
>   o Minor bugfixes (performance):
>     - Use a slightly simpler string hashing algorithm (copying Python's
>       instead of Java's) and optimize our digest hashing algorithm to take
>       advantage of 64-bit platforms and to remove some possibly-costly
>       voodoo.
>     - Fix a minor memory leak whenever we parse guards from our state
>       file. Bugfix on
>     - Fix a minor memory leak whenever we write out a file. Bugfix on
>     - Fix a minor memory leak whenever a controller sends the PROTOCOLINFO
>       command. Bugfix on
>   o Minor bugfixes (portability):
>     - On some platforms, accept() can return a broken address. Detect
>       this more quietly, and deal accordingly. Fixes bug 483.
>     - Stop calling tor_strlower() on uninitialized memory in some cases.
>       Bugfix in
>   o Minor bugfixes (usability):
>     - Treat some 403 responses from directory servers as INFO rather than
>       WARN-severity events.
>     - It's not actually an error to find a non-pending entry in the DNS
>       cache when canceling a pending resolve. Don't log unless stuff is
>       fishy. Resolves bug 463.
>   o Minor bugfixes (anonymity):
>     - Never report that we've used more bandwidth than we're willing to
>       relay: it leaks how much non-relay traffic we're using. Resolves
>       bug 516.
>     - When looking for a circuit to cannibalize, consider family as well
>       as identity. Fixes bug 438. Bugfix on 0.1.0.x (which introduced
>       circuit cannibalization).
>   o Code simplifications and refactoring:
>     - Make a bunch of functions static. Remove some dead code.
>     - Pull out about a third of the really big routerlist.c; put it in a
>       new module, networkstatus.c.
>     - Merge the extra fields in local_routerstatus_t back into
>       routerstatus_t: we used to need one routerstatus_t for each
>       authority's opinion, plus a local_routerstatus_t for the locally
>       computed consensus opinion. To save space, we put the locally
>       modified fields into local_routerstatus_t, and only the common
>       stuff into routerstatus_t. But once v3 directories are in use,
>       clients and caches will no longer need to hold authority opinions;
>       thus, the rationale for keeping the types separate is now gone.
>     - Make the code used to reschedule and reattempt downloads more
>       uniform.
>     - Turn all 'Are we a directory server/mirror?' logic into a call to
>       dirserver_mode().
>     - Remove the code to generate the oldest (v1) directory format.
>       The code has been disabled since