Tor 0.2.3.3-alpha adds a new "stream isolation" feature to improve Tor's
security, and provides client-side support for the microdescriptor
and optimistic data features introduced earlier in the 0.2.3.x
series. It also includes numerous critical bugfixes in the (optional)
bufferevent-based networking backend.
https://www.torproject.org/dist/tor-0.2.3.3-alpha.tar.gz
https://www.torproject.org/dist/tor-0.2.3.3-alpha.tar.gz.asc
Packages for 0.2.3.x aren't up yet, but hopefully they'll be up in a
few days.
Changes in version 0.2.3.3-alpha - 2011-09-01
o Major features (stream isolation):
- You can now configure Tor so that streams from different
applications are isolated on different circuits, to prevent an
attacker who sees your streams as they leave an exit node from
linking your sessions to one another. To do this, choose some way
to distinguish the applications: have them connect to different
SocksPorts, or have one of them use SOCKS4 while the other uses
SOCKS5, or have them pass different authentication strings to the
SOCKS proxy. Then, use the new SocksPort syntax to configure the
degree of isolation you need. This implements Proposal 171.
- There's a new syntax for specifying multiple client ports (such as
SOCKSPort, TransPort, DNSPort, NATDPort): you can now just declare
multiple *Port entries with full addr:port syntax on each.
The old *ListenAddress format is still supported, but you can't
mix it with the new *Port syntax.
o Major features (other):
- Enable microdescriptor fetching by default for clients. This allows
clients to download a much smaller amount of directory information.
To disable it (and go back to the old-style consensus and
descriptors), set "UseMicrodescriptors 0" in your torrc file.
- Tor's firewall-helper feature, introduced in 0.2.3.1-alpha (see the
"PortForwarding" config option), now supports Windows.
- When using an exit relay running 0.2.3.x, clients can now
"optimistically" send data before the exit relay reports that
the stream has opened. This saves a round trip when starting
connections where the client speaks first (such as web browsing).
This behavior is controlled by a consensus parameter (currently
disabled). To turn it on or off manually, use the "OptimisticData"
torrc option. Implements proposal 181; code by Ian Goldberg.
o Major bugfixes (bufferevents, fixes on 0.2.3.1-alpha):
- When using IOCP on Windows, we need to enable Libevent windows
threading support.
- The IOCP backend now works even when the user has not specified
the (internal, debugging-only) _UseFilteringSSLBufferevents option.
Fixes part of bug 3752.
- Correctly record the bytes we've read and written when using
bufferevents, so that we can include them in our bandwidth history
and advertised bandwidth. Fixes bug 3803.
- Apply rate-limiting only at the bottom of a chain of filtering
bufferevents. This prevents us from filling up internal read
buffers and violating rate-limits when filtering bufferevents
are enabled. Fixes part of bug 3804.
- Add high-watermarks to the output buffers for filtered
bufferevents. This prevents us from filling up internal write
buffers and wasting CPU cycles when filtering bufferevents are
enabled. Fixes part of bug 3804.
- Correctly notice when data has been written from a bufferevent
without flushing it completely. Fixes bug 3805.
- Fix a bug where server-side tunneled bufferevent-based directory
streams would get closed prematurely. Fixes bug 3814.
- Fix a use-after-free error with per-connection rate-limiting
buckets. Fixes bug 3888.
o Major bugfixes (also part of 0.2.2.31-rc):
- If we're configured to write our ControlPorts to disk, only write
them after switching UID and creating the data directory. This way,
we don't fail when starting up with a nonexistent DataDirectory
and a ControlPortWriteToFile setting based on that directory. Fixes
bug 3747; bugfix on Tor 0.2.2.26-beta.
o Minor features:
- Added a new CONF_CHANGED event so that controllers can be notified
of any configuration changes made by other controllers, or by the
user. Implements ticket 1692.
- Use evbuffer_copyout() in inspect_evbuffer(). This fixes a memory
leak when using bufferevents, and lets Libevent worry about how to
best copy data out of a buffer.
- Replace files in stats/ rather than appending to them. Now that we
include statistics in extra-info descriptors, it makes no sense to
keep old statistics forever. Implements ticket 2930.
o Minor features (build compatibility):
- Limited, experimental support for building with nmake and MSVC.
- Provide a substitute implementation of lround() for MSVC, which
apparently lacks it. Patch from Gisle Vanem.
o Minor features (also part of 0.2.2.31-rc):
- Update to the August 2 2011 Maxmind GeoLite Country database.
o Minor bugfixes (on 0.2.3.x-alpha):
- Fix a spurious warning when parsing SOCKS requests with
bufferevents enabled. Fixes bug 3615; bugfix on 0.2.3.2-alpha.
- Get rid of a harmless warning that could happen on relays running
with bufferevents. The warning was caused by someone doing an http
request to a relay's orport. Also don't warn for a few related
non-errors. Fixes bug 3700; bugfix on 0.2.3.1-alpha.
o Minor bugfixes (on 2.2.x and earlier):
- Correct the man page to explain that HashedControlPassword and
CookieAuthentication can both be set, in which case either method
is sufficient to authenticate to Tor. Bugfix on 0.2.0.7-alpha,
when we decided to allow these config options to both be set. Issue
raised by bug 3898.
- The "--quiet" and "--hush" options now apply not only to Tor's
behavior before logs are configured, but also to Tor's behavior in
the absense of configured logs. Fixes bug 3550; bugfix on
0.2.0.10-alpha.
o Minor bugfixes (also part of 0.2.2.31-rc):
- Write several files in text mode, on OSes that distinguish text
mode from binary mode (namely, Windows). These files are:
'buffer-stats', 'dirreq-stats', and 'entry-stats' on relays
that collect those statistics; 'client_keys' and 'hostname' for
hidden services that use authentication; and (in the tor-gencert
utility) newly generated identity and signing keys. Previously,
we wouldn't specify text mode or binary mode, leading to an
assertion failure. Fixes bug 3607. Bugfix on 0.2.1.1-alpha (when
the DirRecordUsageByCountry option which would have triggered
the assertion failure was added), although this assertion failure
would have occurred in tor-gencert on Windows in 0.2.0.1-alpha.
- Selectively disable deprecation warnings on OS X because Lion
started deprecating the shipped copy of openssl. Fixes bug 3643.
- Remove an extra pair of quotation marks around the error
message in control-port STATUS_GENERAL BUG events. Bugfix on
0.1.2.6-alpha; fixes bug 3732.
- When unable to format an address as a string, report its value
as "???" rather than reusing the last formatted address. Bugfix
on 0.2.1.5-alpha.
o Code simplifications and refactoring:
- Rewrite the listener-selection logic so that parsing which ports
we want to listen on is now separate from binding to the ports
we want.
o Build changes:
- Building Tor with bufferevent support now requires Libevent
2.0.13-stable or later. Previous versions of Libevent had bugs in
SSL-related bufferevents and related issues that would make Tor
work badly with bufferevents. Requiring 2.0.13-stable also allows
Tor with bufferevents to take advantage of Libevent APIs
introduced after 2.0.8-rc.
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk