[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Tor is out

Tor fixes another opportunity for a remotely triggerable
assertion, resumes letting relays test reachability of their DirPort,
and cleans up a bunch of smaller bugs.


Changes in version - 2012-09-22
  o Security fixes:
    - Fix an assertion failure in tor_timegm() that could be triggered
      by a badly formatted directory object. Bug found by fuzzing with
      Radamsa. Fixes bug 6811; bugfix on

  o Major bugfixes:
    - Fix a possible crash bug when checking for deactivated circuits
      in connection_or_flush_from_first_active_circuit(). Fixes bug 6341;
      bugfix on Bug report and fix received pseudonymously.
    - Allow routers to detect that their own DirPorts are running. When
      we removed support for versions_supports_begindir, we also
      accidentally removed the mechanism we used to self-test our
      DirPort. Diagnosed with help from kargig. Fixes bugs 6814 and 6815;
      bugfix on

  o Security features:
    - Switch to a completely time-invariant approach for picking nodes
      weighted by bandwidth. Our old approach would run through the
      part of the loop after it had made its choice slightly slower
      than it ran through the part of the loop before it had made its
      choice. Addresses ticket 6538.
    - Disable the use of Guard nodes when in Tor2WebMode. Guard usage
      by tor2web clients allows hidden services to identity tor2web
      clients through their repeated selection of the same rendezvous
      and introduction point circuit endpoints (their guards). Resolves
      ticket 6888.

  o Minor features:
    - Enable Tor to read configuration, state, and key information from
      a FIFO. Previously Tor would only read from files with a positive
      stat.st_size. Code from meejah; fixes bug 6044.

  o Minor bugfixes:
    - Correct file sizes when reading binary files on Cygwin, to avoid
      a bug where Tor would fail to read its state file. Fixes bug 6844;
      bugfix on
    - Correctly handle votes with more than 31 flags. Fixes bug 6853;
      bugfix on
    - When complaining about a client port on a public address, log
      which address we're complaining about. Fixes bug 4020; bugfix on Patch by Tom Fitzhenry.
    - Convert an assert in the pathbias code to a log message. The assert
      appears to only be triggerable by Tor2Web mode. Fixes bug 6866;
      bugfix on
    - Our new buildsystem was overzealous about rebuilding manpages: it
      would rebuild them all whenever any one of them changed. Now our
      dependency checking should be correct. Fixes bug 6843; bugfix on
    - Don't do reachability testing over IPv6 unless AuthDirPublishIPv6
      is set. Fixes bug 6880. Bugfix on
    - Correct log printout about which address family is preferred
      when connecting to a bridge with both an IPv4 and IPv6 OR port.
      Fixes bug 6884; bugfix on

  o Minor bugfixes (code cleanliness):
    - Fix round_to_power_of_2() so it doesn't invoke undefined behavior
      with large values. This situation was untriggered, but nevertheless
      incorrect. Fixes bug 6831; bugfix on
    - Reject consensus votes with more than 64 known-flags. We aren't even
      close to that limit yet, and our code doesn't handle it correctly.
      Fixes bug 6833; bugfix on
    - Avoid undefined behaviour when parsing the list of supported
      rendezvous/introduction protocols in a hidden service descriptor.
      Previously, Tor would have confused (as-yet-unused) protocol version
      numbers greater than 32 with lower ones on many platforms. Fixes
      bug 6827; bugfix on Found by George Kadianakis.
    - Fix handling of rendezvous client authorization types over 8.
      Fixes bug 6861; bugfix on
    - Fix building with older versions of GCC (2.95, for one) that don't
      like preprocessor directives inside macro arguments. Found by
      grarpamp. Fixes bug 6842; bugfix on
    - Switch weighted node selection rule from using a list of doubles
      to using a list of int64_t. This change should make the process
      slightly easier to debug and maintain. Needed to finish ticket 6538.

  o Code simplification and refactoring:
    - Move the generic "config" code into a new file, and have "config.c"
      hold only torrc- and state-related code. Resolves ticket 6823.
    - Move the core of our "choose a weighted element at random" logic
      into its own function, and give it unit tests. Now the logic is
      testable, and a little less fragile too.
    - Removed the testing_since field of node_t, which hasn't been used
      for anything since

  o Documentation fixes:
    - Clarify that hidden services are TCP only. Fixes bug 6024.
    - Resolve a typo in torrc.sample.in. Fixes bug 6819; bugfix on

Attachment: signature.asc
Description: Digital signature

tor-talk mailing list