[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Tor is out

This seventh development snapshot makes bridges work again, makes bridge
authorities work for the first time, fixes two huge performance flaws
in hidden services, and fixes a variety of minor issues.

The Windows bundle also includes the new development Torbutton version
1.1.7, which clears cookies and disables a lot of other dangerous
web behavior: http://torbutton.torproject.org/dev/ Windows users are
encouraged to back up their Firefox settings before upgrading.


Changes in version - 2007-09-21
  o New directory authorities:
    - Set up moria1 and tor26 as the first v3 directory authorities. See
      doc/spec/dir-spec.txt for details on the new directory design.

  o Major bugfixes (crashes):
    - Fix possible segfaults in functions called from
      rend_process_relay_cell(). Bugfix on 0.1.2.x.

  o Major bugfixes (bridges):
    - Fix a bug that made servers send a "404 Not found" in response to
      attempts to fetch their server descriptor. This caused Tor servers
      to take many minutes to establish reachability for their DirPort,
      and it totally crippled bridges. Bugfix on
    - Make "UpdateBridgesFromAuthority" torrc option work: when bridge
      users configure that and specify a bridge with an identity
      fingerprint, now they will lookup the bridge descriptor at the
      default bridge authority via a one-hop tunnel, but once circuits
      are established they will switch to a three-hop tunnel for later
      connections to the bridge authority. Bugfix in

  o Major bugfixes (hidden services):
    - Hidden services were choosing introduction points uniquely by
      hexdigest, but when constructing the hidden service descriptor
      they merely wrote the (potentially ambiguous) nickname.
    - Clients now use the v2 intro format for hidden service
      connections: they specify their chosen rendezvous point by identity
      digest rather than by (potentially ambiguous) nickname. Both
      are bugfixes on 0.1.2.x, and they could speed up hidden service
      connections dramatically. Thanks to Karsten Loesing.

  o Minor features (security):
    - As a client, do not believe any server that tells us that an
      address maps to an internal address space.
    - Make it possible to enable HashedControlPassword and
      CookieAuthentication at the same time.

  o Minor features (guard nodes):
    - Tag every guard node in our state file with the version that
      we believe added it, or with our own version if we add it. This way,
      if a user temporarily runs an old version of Tor and then switches
      back to a new one, she doesn't automatically lose her guards.

  o Minor features (speed):
    - When implementing AES counter mode, update only the portions of the
      counter buffer that need to change, and don't keep separate
      network-order and host-order counters when they are the same (i.e.,
      on big-endian hosts.)

  o Minor features (controller):
    - Accept LF instead of CRLF on controller, since some software has a
      hard time generating real Internet newlines.
    - Add GETINFO values for the server status events
      Robert Hogan.

  o Removed features:
     - Routers no longer include bandwidth-history lines in their
       descriptors; this information is already available in extra-info
       documents, and including it in router descriptors took up 60%
       (!) of compressed router descriptor downloads. Completes
       implementation of proposal 104.
     - Remove the contrib scripts ExerciseServer.py, PathDemo.py,
       and TorControl.py, as they use the old v0 controller protocol,
       and are obsoleted by TorFlow anyway.
     - Drop support for v1 rendezvous descriptors, since we never used
       them anyway, and the code has probably rotted by now. Based on
       patch from Karsten Loesing.
     - On OSX, stop warning the user that kqueue support in libevent is
      "experimental", since it seems to have worked fine for ages.

  o Minor bugfixes:
    - When generating information telling us how to extend to a given
      router, do not try to include the nickname if it is absent. Fixes
      bug 467. Bugfix on
    - Fix a user-triggerable (but not remotely-triggerable) segfault
      in expand_filename(). Bugfix on 0.1.2.x.
    - Fix a memory leak when freeing incomplete requests from DNSPort.
      Found by Niels Provos with valgrind. Bugfix on
    - Don't try to access (or alter) the state file when running
      --list-fingerprint or --verify-config or --hash-password. (Resolves
      bug 499.) Bugfix on 0.1.2.x.
    - Servers used to decline to publish their DirPort if their
      BandwidthRate, RelayBandwidthRate, or MaxAdvertisedBandwidth
      were below a threshold. Now they only look at BandwidthRate and
      RelayBandwidthRate. Bugfix on 0.1.2.x.
    - Remove an optimization in the AES counter-mode code that assumed
      that the counter never exceeded 2^68. When the counter can be set
      arbitrarily as an IV (as it is by Karsten's new hidden services
      code), this assumption no longer holds. Bugfix on 0.1.2.x.
    - Resume listing "AUTHORITY" flag for authorities in network status.
      Bugfix on; reported by Alex de Joode.

  o Code simplifications and refactoring:
    - Revamp file-writing logic so we don't need to have the entire
      contents of a file in memory at once before we write to disk. Tor,
      meet stdio.
    - Turn "descriptor store" into a full-fledged type.
    - Move all NT services code into a separate source file.
    - Unify all code that computes medians, percentile elements, etc.
    - Get rid of a needless malloc when parsing address policies.

Attachment: signature.asc
Description: Digital signature