tor-commits October 2021

tor-commits@lists.torproject.org

15 participants
2054 discussions

[translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
by translation＠torproject.org 26 Oct '21

26 Oct '21

commit 8e49b4bf1418f3be693ff54d7d7d044f81f4595c Author: Translation commit bot <translation(a)torproject.org> Date: Tue Oct 26 09:45:11 2021 +0000 https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-conten… --- contents+tr.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contents+tr.po b/contents+tr.po index 965760013c..ac1b31ae7e 100644 --- a/contents+tr.po +++ b/contents+tr.po @@ -5029,7 +5029,7 @@ msgid "" "by fewer people around the world, but it is still critical that we improve " "access to Tor for people who do not speak English." msgstr "" -"Birçok dilin çevirisi eksiktir. Bazı diller Dünya genelinde daha az kişi " +"Birçok dildeki çeviriler eksiktir. Bazı diller Dünya genelinde daha az kişi " "tarafından konuşuluyor olabilir. Gene de İngilizce bilmeyen kişilerin Tor " "uygulamasına daha kolay erişmesini sağlamak çok önemlidir."

1 0

[translation/support-portal_completed] https://gitweb.torproject.org/translation.git/commit/?h=support-portal_completed
by translation＠torproject.org 26 Oct '21

26 Oct '21

commit 780180db17a5bdf82d71a5d4cf3caac6858b31df Author: Translation commit bot <translation(a)torproject.org> Date: Tue Oct 26 09:18:44 2021 +0000 https://gitweb.torproject.org/translation.git/commit/?h=support-portal_comp… --- contents+tr.po | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/contents+tr.po b/contents+tr.po index 5b04beb3d4..e9b9716d3f 100644 --- a/contents+tr.po +++ b/contents+tr.po @@ -17856,8 +17856,8 @@ msgid "" msgstr "" "Özgür ve açık kaynaklı anonimlik sağlama ve kişisel gizliliği koruma " "teknolojileri geliştirerek insan hakları ve özgürlüklerini ilerletmek, bu " -"teknolojilerin herhangi bir kısıtlama olmadan erişilebilmesini ve bilimsel " -"ve yaygın olarak anlaşılmasını sağlamak." +"teknolojilere kısıtlamasız olarak erişilebilmesini sağlamak ve hem bilimsel " +"alanda hem de halk tarafından anlaşılırlığını artırmak." #: lego/templates/footer.html:64 lego/templates/footer.html:66 #: lego/templates/navbar.html:18 lego/templates/navbar.html:20

1 0

[translation/support-portal] https://gitweb.torproject.org/translation.git/commit/?h=support-portal
by translation＠torproject.org 26 Oct '21

26 Oct '21

commit 4de039b5681bb3a5c2522a5fd276b58a2bb98954 Author: Translation commit bot <translation(a)torproject.org> Date: Tue Oct 26 09:18:37 2021 +0000 https://gitweb.torproject.org/translation.git/commit/?h=support-portal --- contents+tr.po | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/contents+tr.po b/contents+tr.po index 5b04beb3d4..e9b9716d3f 100644 --- a/contents+tr.po +++ b/contents+tr.po @@ -17856,8 +17856,8 @@ msgid "" msgstr "" "Özgür ve açık kaynaklı anonimlik sağlama ve kişisel gizliliği koruma " "teknolojileri geliştirerek insan hakları ve özgürlüklerini ilerletmek, bu " -"teknolojilerin herhangi bir kısıtlama olmadan erişilebilmesini ve bilimsel " -"ve yaygın olarak anlaşılmasını sağlamak." +"teknolojilere kısıtlamasız olarak erişilebilmesini sağlamak ve hem bilimsel " +"alanda hem de halk tarafından anlaşılırlığını artırmak." #: lego/templates/footer.html:64 lego/templates/footer.html:66 #: lego/templates/navbar.html:18 lego/templates/navbar.html:20

1 0

[translation/tpo-web_completed] https://gitweb.torproject.org/translation.git/commit/?h=tpo-web_completed
by translation＠torproject.org 26 Oct '21

26 Oct '21

commit a1e310614deb3854430a85ad4a90a6871c884a69 Author: Translation commit bot <translation(a)torproject.org> Date: Tue Oct 26 09:18:34 2021 +0000 https://gitweb.torproject.org/translation.git/commit/?h=tpo-web_completed --- contents+tr.po | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/contents+tr.po b/contents+tr.po index 9b57effa3e..e832016873 100644 --- a/contents+tr.po +++ b/contents+tr.po @@ -1659,9 +1659,9 @@ msgid "" "understanding." msgstr "" "Özgür ve açık kaynaklı anonimlik sağlama ve kişisel gizliliği koruma " -"teknolojileri geliştirerek insan hakları ve özgürlükleri geliştirmek, bu " -"teknolojilere kısıtlamasız olarak erişilebilmesini sağlamak ile bilimsel ve " -"yaygın olarak anlaşılmasını sağlamak." +"teknolojileri geliştirerek insan hakları ve özgürlüklerini ilerletmek, bu " +"teknolojilere kısıtlamasız olarak erişilebilmesini sağlamak ve hem bilimsel " +"alanda hem de halk tarafından anlaşılırlığını artırmak." #: lego/templates/footer.html:75 templates/footer-min.html:46 #: templates/footer.html:75

1 0

[translation/tpo-web] https://gitweb.torproject.org/translation.git/commit/?h=tpo-web
by translation＠torproject.org 26 Oct '21

26 Oct '21

commit 8d60d2b1af898195e60ac9c6f2e7a3cacd7fb1bc Author: Translation commit bot <translation(a)torproject.org> Date: Tue Oct 26 09:18:30 2021 +0000 https://gitweb.torproject.org/translation.git/commit/?h=tpo-web --- contents+tr.po | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/contents+tr.po b/contents+tr.po index 9b57effa3e..e832016873 100644 --- a/contents+tr.po +++ b/contents+tr.po @@ -1659,9 +1659,9 @@ msgid "" "understanding." msgstr "" "Özgür ve açık kaynaklı anonimlik sağlama ve kişisel gizliliği koruma " -"teknolojileri geliştirerek insan hakları ve özgürlükleri geliştirmek, bu " -"teknolojilere kısıtlamasız olarak erişilebilmesini sağlamak ile bilimsel ve " -"yaygın olarak anlaşılmasını sağlamak." +"teknolojileri geliştirerek insan hakları ve özgürlüklerini ilerletmek, bu " +"teknolojilere kısıtlamasız olarak erişilebilmesini sağlamak ve hem bilimsel " +"alanda hem de halk tarafından anlaşılırlığını artırmak." #: lego/templates/footer.html:75 templates/footer-min.html:46 #: templates/footer.html:75

1 0

[translation/abouttor-homepage_completed] https://gitweb.torproject.org/translation.git/commit/?h=abouttor-homepage_completed
by translation＠torproject.org 26 Oct '21

26 Oct '21

commit d2bef1c2564babb182b8a1598f7d78e32d1c9a2d Author: Translation commit bot <translation(a)torproject.org> Date: Tue Oct 26 09:15:05 2021 +0000 https://gitweb.torproject.org/translation.git/commit/?h=abouttor-homepage_c… --- tr/aboutTor.dtd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tr/aboutTor.dtd b/tr/aboutTor.dtd index 66c47ece28..dc3eb89ea3 100644 --- a/tr/aboutTor.dtd +++ b/tr/aboutTor.dtd @@ -22,7 +22,7 @@ <!ENTITY aboutTor.torbrowser_user_manual.accesskey "M"> <!ENTITY aboutTor.torbrowser_user_manual.label "Tor Browser rehberi"> -<!ENTITY aboutTor.tor_mission.label "Tor Projesi, Birleşik Devletler 501(c)(3) vergi muafiyeti maddesi kapsamında, özgür ve açık kaynaklı anonimlik ve kişisel gizlilik teknolojileri geliştirerek insan hakları ve özgürlüklerini ileriye götürmeyi, bu teknolojilerin bilimsel ve kültürel olarak bilinirliğini arttırmayı ve herkes tarafından erişebilmesini sağlamak amacıyla çalışan, kar amacı gütmeyen bir kuruluştur."> +<!ENTITY aboutTor.tor_mission.label "Tor Projesi, Birleşik Devletler 501(c)(3) vergi muafiyeti maddesi kapsamında, özgür ve açık kaynaklı anonimlik ve kişisel gizlilik teknolojileri geliştirerek insan hakları ve özgürlüklerini ileriye götürmek, bu teknolojilerin bilimsel ve kültürel olarak bilinirliğini arttırmak ve herkes tarafından erişebilmesini sağlamak amacıyla çalışan, kar amacı gütmeyen bir kuruluştur."> <!ENTITY aboutTor.getInvolved.label "Katkıda bulunun »"> <!ENTITY aboutTor.newsletter.tagline "Tor gelişmeleri ile ilgili e-posta almak ister misiniz?">

1 0

[translation/abouttor-homepage] https://gitweb.torproject.org/translation.git/commit/?h=abouttor-homepage
by translation＠torproject.org 26 Oct '21

26 Oct '21

commit a617cc685028f867e0ab91cb1eb7b43a43d865e3 Author: Translation commit bot <translation(a)torproject.org> Date: Tue Oct 26 09:15:02 2021 +0000 https://gitweb.torproject.org/translation.git/commit/?h=abouttor-homepage --- tr/aboutTor.dtd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tr/aboutTor.dtd b/tr/aboutTor.dtd index 66c47ece28..dc3eb89ea3 100644 --- a/tr/aboutTor.dtd +++ b/tr/aboutTor.dtd @@ -22,7 +22,7 @@ <!ENTITY aboutTor.torbrowser_user_manual.accesskey "M"> <!ENTITY aboutTor.torbrowser_user_manual.label "Tor Browser rehberi"> -<!ENTITY aboutTor.tor_mission.label "Tor Projesi, Birleşik Devletler 501(c)(3) vergi muafiyeti maddesi kapsamında, özgür ve açık kaynaklı anonimlik ve kişisel gizlilik teknolojileri geliştirerek insan hakları ve özgürlüklerini ileriye götürmeyi, bu teknolojilerin bilimsel ve kültürel olarak bilinirliğini arttırmayı ve herkes tarafından erişebilmesini sağlamak amacıyla çalışan, kar amacı gütmeyen bir kuruluştur."> +<!ENTITY aboutTor.tor_mission.label "Tor Projesi, Birleşik Devletler 501(c)(3) vergi muafiyeti maddesi kapsamında, özgür ve açık kaynaklı anonimlik ve kişisel gizlilik teknolojileri geliştirerek insan hakları ve özgürlüklerini ileriye götürmek, bu teknolojilerin bilimsel ve kültürel olarak bilinirliğini arttırmak ve herkes tarafından erişebilmesini sağlamak amacıyla çalışan, kar amacı gütmeyen bir kuruluştur."> <!ENTITY aboutTor.getInvolved.label "Katkıda bulunun »"> <!ENTITY aboutTor.newsletter.tagline "Tor gelişmeleri ile ilgili e-posta almak ister misiniz?">

1 0

[tor/main] sort recent changelog stanzas by release date
by arma＠torproject.org 26 Oct '21

26 Oct '21

commit 172d5107942d20a9468a13b9d25ead47eb9dbc1c Author: Roger Dingledine <arma(a)torproject.org> Date: Tue Oct 26 04:50:59 2021 -0400 sort recent changelog stanzas by release date --- ChangeLog | 354 ++++++++++++++++++------------------- ReleaseNotes | 562 +++++++++++++++++++++++++++++------------------------------ 2 files changed, 458 insertions(+), 458 deletions(-) diff --git a/ChangeLog b/ChangeLog index a061775812..d1bc48dc0c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -150,100 +150,6 @@ Changes in version 0.4.7.2-alpha - 2021-10-26 ticket 40485. -Changes in version 0.4.7.1-alpha - 2021-09-17 - This version is the first alpha release of the 0.4.7.x series. One - major feature is Vanguards Lite, from proposal 333, to help mitigate - guard discovery attacks against onion services. It also includes - numerous bugfixes. - - o Major features (Proposal 332, onion services, guard selection algorithm): - - Clients and onion services now choose four long-lived "layer 2" - guard relays for use as the middle hop in all onion circuits. - These relays are kept in place for a randomized duration averaging - 1 week. This mitigates guard discovery attacks against clients and - short-lived onion services such as OnionShare. Long-lived onion - services that need high security should still use the Vanguards - addon (https://github.com/mikeperry-tor/vanguards). Closes ticket - 40363; implements proposal 333. - - o Minor features (bridge testing support): - - Let external bridge reachability testing tools discard cached - bridge descriptors when setting new bridges, so they can be sure - to get a clean reachability test. Implements ticket 40209. - - o Minor features (fuzzing): - - When building with --enable-libfuzzer, use a set of compiler flags - that works with more recent versions of the library. Previously we - were using a set of flags from 2017. Closes ticket 40407. - - o Minor features (testing configuration): - - When TestingTorNetwork is enabled, skip the permissions check on - hidden service directories. Closes ticket 40338. - - On a testing network, relays can now use the - TestingMinTimeToReportBandwidth option to change the smallest - amount of time over which they're willing to report their observed - maximum bandwidth. Previously, this was fixed at 1 day. For - safety, values under 2 hours are only supported on testing - networks. Part of a fix for ticket 40337. - - Relays on testing networks no longer rate-limit how frequently - they are willing to report new bandwidth measurements. Part of a - fix for ticket 40337. - - Relays on testing networks now report their observed bandwidths - immediately from startup. Previously, they waited until they had - been running for a full day. Closes ticket 40337. - - o Minor bugfixes (circuit padding): - - Don't send STOP circuit padding cells when the other side has - already shut down the corresponding padding machine. Fixes bug - 40435; bugfix on 0.4.0.1-alpha. - - o Minor bugfixes (compatibility): - - Fix compatibility with the most recent Libevent versions, which no - longer have an evdns_set_random_bytes() function. Because this - function has been a no-op since Libevent 2.0.4-alpha, it is safe - for us to just stop calling it. Fixes bug 40371; bugfix - on 0.2.1.7-alpha. - - o Minor bugfixes (control, sandbox): - - Allows the control command SAVECONF to succeed when the seccomp - sandbox is enabled. Makes SAVECONF keep only one backup file, to - simplify implementation. Fixes bug 40317; bugfix on 0.2.5.4-alpha. - Patch by Daniel Pinto. - - o Minor bugfixes (heartbeat): - - Adjust the heartbeat log message about distinct clients to - consider the HeartbeatPeriod rather than a flat 6-hour delay. - Fixes bug 40330; bugfix on 0.2.6.3-alpha. - - o Minor bugfixes (logging, relay): - - Add spaces between the "and" when logging the "Your server has not - managed to confirm reachability for its" on dual-stack relays. - Fixes bug 40453; bugfix on 0.4.5.1-alpha. Patch by Neel Chauhan. - - o Minor bugfixes (onion service): - - Do not flag an HSDir as non-running in case the descriptor upload - or fetch fails. An onion service closes pending directory - connections before uploading a new descriptor which leads to - wrongly flagging many relays and thus affecting circuit path - selection. Fixes bug 40434; bugfix on 0.2.0.13-alpha. - - o Minor bugfixes (statistics): - - Fix a fencepost issue when we check stability_last_downrated where - we called rep_hist_downrate_old_runs() twice. Fixes bug 40394; - bugfix on 0.2.0.5-alpha. Patch by Neel Chauhan. - - o Minor bugfixes (tests): - - Fix a bug that prevented some tests from running with the correct - names. Fixes bug 40365; bugfix on 0.4.3.1-alpha. - - o Documentation: - - Add links to original tor design paper and anonbib to - docs/HACKING/README.1st.md. Closes ticket 33742. Patch from - Emily Bones. - - Describe the "fingerprint-ed25519" file in the tor.1 man page. - Fixes bug 40467; bugfix on 0.4.3.1-alpha. Patch by Neel Chauhan. - - Changes in version 0.4.6.8 - 2021-10-26 This version fixes several bugs from earlier versions of Tor. One highlight is a fix on how we track DNS timeouts to report general @@ -303,52 +209,6 @@ Changes in version 0.4.6.8 - 2021-10-26 Fixes bug 40474; bugfix on 0.4.5.8. -Changes in version 0.4.6.7 - 2021-08-16 - This version fixes several bugs from earlier versions of Tor, - including one that could lead to a denial-of-service attack. Everyone - running an earlier version, whether as a client, a relay, or an onion - service, should upgrade to Tor 0.3.5.16, 0.4.5.10, or 0.4.6.7. - - o Major bugfixes (cryptography, security): - - Resolve an assertion failure caused by a behavior mismatch between - our batch-signature verification code and our single-signature - verification code. This assertion failure could be triggered - remotely, leading to a denial of service attack. We fix this issue - by disabling batch verification. Fixes bug 40078; bugfix on - 0.2.6.1-alpha. This issue is also tracked as TROVE-2021-007 and - CVE-2021-38385. Found by Henry de Valence. - - o Minor feature (fallbackdir): - - Regenerate fallback directories list. Close ticket 40447. - - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, as - retrieved on 2021/08/12. - - o Minor bugfix (crypto): - - Disable the unused batch verification feature of ed25519-donna. - Fixes bug 40078; bugfix on 0.2.6.1-alpha. Found by Henry - de Valence. - - o Minor bugfixes (onion service): - - Send back the extended SOCKS error 0xF6 (Onion Service Invalid - Address) for a v2 onion address. Fixes bug 40421; bugfix - on 0.4.6.2-alpha. - - o Minor bugfixes (relay): - - Reduce the compression level for data streaming from HIGH to LOW - in order to reduce CPU load on the directory relays. Fixes bug - 40301; bugfix on 0.3.5.1-alpha. - - o Minor bugfixes (timekeeping): - - Calculate the time of day correctly on systems where the time_t - type includes leap seconds. (This is not the case on most - operating systems, but on those where it occurs, our tor_timegm - function did not correctly invert the system's gmtime function, - which could result in assertion failures when calculating voting - schedules.) Fixes bug 40383; bugfix on 0.2.0.3-alpha. - - Changes in version 0.4.5.11 - 2021-10-26 The major change in this version is that v2 onion services are now disabled at the client, service, and relay: any Tor nodes running this @@ -430,6 +290,183 @@ Changes in version 0.4.5.11 - 2021-10-26 Fixes bug 40474; bugfix on 0.4.5.8. +Changes in version 0.3.5.17 - 2021-10-26 + The major change in this version is that v2 onion services are now + disabled at the client, service, and relay: any Tor nodes running this + version and onward will stop supporting v2 onion services. This is the + last step in the long deprecation process of v2 onion services. + Everyone running an earlier version, whether as a client, a relay, or + an onion service, should upgrade to Tor 0.3.5.17, 0.4.5.11, + or 0.4.6.8. + + o Major feature (onion service v2, backport from 0.4.5.11): + - See https://blog.torproject.org/v2-deprecation-timeline for + details on how to transition from v2 to v3. + - The control port commands HSFETCH and HSPOST no longer allow + version 2, and it is no longer possible to create a v2 service + with ADD_ONION. + - Tor no longer allows creating v2 services, or connecting as a + client to a v2 service. Relays will decline to be a v2 HSDir or + introduction point. This effectively disables onion service + version 2 Tor-wide. Closes ticket 40476. + + o Minor features (bridge, backport from 0.4.6.8): + - We now announce the URL to Tor's new bridge status at + https://bridges.torproject.org/ when Tor is configured to run as a + bridge relay. Closes ticket 30477. + + o Minor features (fallbackdir): + - Regenerate fallback directories for October 2021. Closes + ticket 40493. + + o Minor bugfixes (compatibility, backport from 0.4.6.8): + - Fix compatibility with the most recent Libevent versions, which no + longer have an evdns_set_random_bytes() function. Because this + function has been a no-op since Libevent 2.0.4-alpha, it is safe + for us to just stop calling it. Fixes bug 40371; bugfix + on 0.2.1.7-alpha. + + +Changes in version 0.4.7.1-alpha - 2021-09-17 + This version is the first alpha release of the 0.4.7.x series. One + major feature is Vanguards Lite, from proposal 333, to help mitigate + guard discovery attacks against onion services. It also includes + numerous bugfixes. + + o Major features (Proposal 332, onion services, guard selection algorithm): + - Clients and onion services now choose four long-lived "layer 2" + guard relays for use as the middle hop in all onion circuits. + These relays are kept in place for a randomized duration averaging + 1 week. This mitigates guard discovery attacks against clients and + short-lived onion services such as OnionShare. Long-lived onion + services that need high security should still use the Vanguards + addon (https://github.com/mikeperry-tor/vanguards). Closes ticket + 40363; implements proposal 333. + + o Minor features (bridge testing support): + - Let external bridge reachability testing tools discard cached + bridge descriptors when setting new bridges, so they can be sure + to get a clean reachability test. Implements ticket 40209. + + o Minor features (fuzzing): + - When building with --enable-libfuzzer, use a set of compiler flags + that works with more recent versions of the library. Previously we + were using a set of flags from 2017. Closes ticket 40407. + + o Minor features (testing configuration): + - When TestingTorNetwork is enabled, skip the permissions check on + hidden service directories. Closes ticket 40338. + - On a testing network, relays can now use the + TestingMinTimeToReportBandwidth option to change the smallest + amount of time over which they're willing to report their observed + maximum bandwidth. Previously, this was fixed at 1 day. For + safety, values under 2 hours are only supported on testing + networks. Part of a fix for ticket 40337. + - Relays on testing networks no longer rate-limit how frequently + they are willing to report new bandwidth measurements. Part of a + fix for ticket 40337. + - Relays on testing networks now report their observed bandwidths + immediately from startup. Previously, they waited until they had + been running for a full day. Closes ticket 40337. + + o Minor bugfixes (circuit padding): + - Don't send STOP circuit padding cells when the other side has + already shut down the corresponding padding machine. Fixes bug + 40435; bugfix on 0.4.0.1-alpha. + + o Minor bugfixes (compatibility): + - Fix compatibility with the most recent Libevent versions, which no + longer have an evdns_set_random_bytes() function. Because this + function has been a no-op since Libevent 2.0.4-alpha, it is safe + for us to just stop calling it. Fixes bug 40371; bugfix + on 0.2.1.7-alpha. + + o Minor bugfixes (control, sandbox): + - Allows the control command SAVECONF to succeed when the seccomp + sandbox is enabled. Makes SAVECONF keep only one backup file, to + simplify implementation. Fixes bug 40317; bugfix on 0.2.5.4-alpha. + Patch by Daniel Pinto. + + o Minor bugfixes (heartbeat): + - Adjust the heartbeat log message about distinct clients to + consider the HeartbeatPeriod rather than a flat 6-hour delay. + Fixes bug 40330; bugfix on 0.2.6.3-alpha. + + o Minor bugfixes (logging, relay): + - Add spaces between the "and" when logging the "Your server has not + managed to confirm reachability for its" on dual-stack relays. + Fixes bug 40453; bugfix on 0.4.5.1-alpha. Patch by Neel Chauhan. + + o Minor bugfixes (onion service): + - Do not flag an HSDir as non-running in case the descriptor upload + or fetch fails. An onion service closes pending directory + connections before uploading a new descriptor which leads to + wrongly flagging many relays and thus affecting circuit path + selection. Fixes bug 40434; bugfix on 0.2.0.13-alpha. + + o Minor bugfixes (statistics): + - Fix a fencepost issue when we check stability_last_downrated where + we called rep_hist_downrate_old_runs() twice. Fixes bug 40394; + bugfix on 0.2.0.5-alpha. Patch by Neel Chauhan. + + o Minor bugfixes (tests): + - Fix a bug that prevented some tests from running with the correct + names. Fixes bug 40365; bugfix on 0.4.3.1-alpha. + + o Documentation: + - Add links to original tor design paper and anonbib to + docs/HACKING/README.1st.md. Closes ticket 33742. Patch from + Emily Bones. + - Describe the "fingerprint-ed25519" file in the tor.1 man page. + Fixes bug 40467; bugfix on 0.4.3.1-alpha. Patch by Neel Chauhan. + + +Changes in version 0.4.6.7 - 2021-08-16 + This version fixes several bugs from earlier versions of Tor, + including one that could lead to a denial-of-service attack. Everyone + running an earlier version, whether as a client, a relay, or an onion + service, should upgrade to Tor 0.3.5.16, 0.4.5.10, or 0.4.6.7. + + o Major bugfixes (cryptography, security): + - Resolve an assertion failure caused by a behavior mismatch between + our batch-signature verification code and our single-signature + verification code. This assertion failure could be triggered + remotely, leading to a denial of service attack. We fix this issue + by disabling batch verification. Fixes bug 40078; bugfix on + 0.2.6.1-alpha. This issue is also tracked as TROVE-2021-007 and + CVE-2021-38385. Found by Henry de Valence. + + o Minor feature (fallbackdir): + - Regenerate fallback directories list. Close ticket 40447. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2021/08/12. + + o Minor bugfix (crypto): + - Disable the unused batch verification feature of ed25519-donna. + Fixes bug 40078; bugfix on 0.2.6.1-alpha. Found by Henry + de Valence. + + o Minor bugfixes (onion service): + - Send back the extended SOCKS error 0xF6 (Onion Service Invalid + Address) for a v2 onion address. Fixes bug 40421; bugfix + on 0.4.6.2-alpha. + + o Minor bugfixes (relay): + - Reduce the compression level for data streaming from HIGH to LOW + in order to reduce CPU load on the directory relays. Fixes bug + 40301; bugfix on 0.3.5.1-alpha. + + o Minor bugfixes (timekeeping): + - Calculate the time of day correctly on systems where the time_t + type includes leap seconds. (This is not the case on most + operating systems, but on those where it occurs, our tor_timegm + function did not correctly invert the system's gmtime function, + which could result in assertion failures when calculating voting + schedules.) Fixes bug 40383; bugfix on 0.2.0.3-alpha. + + Changes in version 0.4.5.10 - 2021-08-16 This version fixes several bugs from earlier versions of Tor, including one that could lead to a denial-of-service attack. Everyone @@ -479,43 +516,6 @@ Changes in version 0.4.5.10 - 2021-08-16 versions of NSS. Fixes bug 40409; bugfix on 0.3.5.1-alpha. -Changes in version 0.3.5.17 - 2021-10-26 - The major change in this version is that v2 onion services are now - disabled at the client, service, and relay: any Tor nodes running this - version and onward will stop supporting v2 onion services. This is the - last step in the long deprecation process of v2 onion services. - Everyone running an earlier version, whether as a client, a relay, or - an onion service, should upgrade to Tor 0.3.5.17, 0.4.5.11, - or 0.4.6.8. - - o Major feature (onion service v2, backport from 0.4.5.11): - - See https://blog.torproject.org/v2-deprecation-timeline for - details on how to transition from v2 to v3. - - The control port commands HSFETCH and HSPOST no longer allow - version 2, and it is no longer possible to create a v2 service - with ADD_ONION. - - Tor no longer allows creating v2 services, or connecting as a - client to a v2 service. Relays will decline to be a v2 HSDir or - introduction point. This effectively disables onion service - version 2 Tor-wide. Closes ticket 40476. - - o Minor features (bridge, backport from 0.4.6.8): - - We now announce the URL to Tor's new bridge status at - https://bridges.torproject.org/ when Tor is configured to run as a - bridge relay. Closes ticket 30477. - - o Minor features (fallbackdir): - - Regenerate fallback directories for October 2021. Closes - ticket 40493. - - o Minor bugfixes (compatibility, backport from 0.4.6.8): - - Fix compatibility with the most recent Libevent versions, which no - longer have an evdns_set_random_bytes() function. Because this - function has been a no-op since Libevent 2.0.4-alpha, it is safe - for us to just stop calling it. Fixes bug 40371; bugfix - on 0.2.1.7-alpha. - - Changes in version 0.3.5.16 - 2021-08-16 This version fixes several bugs from earlier versions of Tor, including one that could lead to a denial-of-service attack. Everyone diff --git a/ReleaseNotes b/ReleaseNotes index 73c351fa83..8401162ebe 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -61,54 +61,6 @@ Changes in version 0.4.6.8 - 2021-10-26 Fixes bug 40474; bugfix on 0.4.5.8. -Changes in version 0.4.6.7 - 2021-08-16 - This version fixes several bugs from earlier versions of Tor, including one - that could lead to a denial-of-service attack. Everyone running an earlier - version, whether as a client, a relay, or an onion service, should upgrade - to Tor 0.3.5.16, 0.4.5.10, or 0.4.6.7. - - o Major bugfixes (cryptography, security): - - Resolve an assertion failure caused by a behavior mismatch between our - batch-signature verification code and our single-signature verification - code. This assertion failure could be triggered remotely, leading to a - denial of service attack. We fix this issue by disabling batch - verification. Fixes bug 40078; bugfix on 0.2.6.1-alpha. This issue is - also tracked as TROVE-2021-007 and CVE-2021-38385. Found by Henry de - Valence. - - o Minor feature (fallbackdir): - - Regenerate fallback directories list. Close ticket 40447. - - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, - as retrieved on 2021/08/12. - - o Minor bugfix (crypto): - - Disable the unused batch verification feature of ed25519-donna. Fixes - bug 40078; bugfix on 0.2.6.1-alpha. Found by Henry de Valence. - - o Minor bugfixes (onion service): - - Send back the extended SOCKS error 0xF6 (Onion Service Invalid Address) - for a v2 onion address. Fixes bug 40421; bugfix on 0.4.6.2-alpha. - - o Minor bugfix (CI, onion service): - - Exclude onion service version 2 Stem tests in our CI. Fixes bug 40500; - bugfix on 0.3.2.1-alpha. - - o Minor bugfixes (relay): - - Reduce the compression level for data streaming from HIGH to LOW in - order to reduce CPU load on the directory relays. Fixes bug 40301; - bugfix on 0.3.5.1-alpha. - - o Minor bugfixes (timekeeping): - - Calculate the time of day correctly on systems where the time_t - type includes leap seconds. (This is not the case on most - operating systems, but on those where it occurs, our tor_timegm - function did not correctly invert the system's gmtime function, - which could result in assertion failures when calculating - voting schedules.) Fixes bug 40383; bugfix on 0.2.0.3-alpha. - - Changes in version 0.4.5.11 - 2021-10-26 The major change in this version is that v2 onion services are now disabled at the client, service, and relay: any Tor nodes running this @@ -190,53 +142,6 @@ Changes in version 0.4.5.11 - 2021-10-26 Fixes bug 40474; bugfix on 0.4.5.8. -Changes in version 0.4.5.10 - 2021-08-16 - This version fixes several bugs from earlier versions of Tor, including one - that could lead to a denial-of-service attack. Everyone running an earlier - version, whether as a client, a relay, or an onion service, should upgrade - to Tor 0.3.5.16, 0.4.5.10, or 0.4.6.7. - - o Major bugfixes (cryptography, security): - - Resolve an assertion failure caused by a behavior mismatch between our - batch-signature verification code and our single-signature verification - code. This assertion failure could be triggered remotely, leading to a - denial of service attack. We fix this issue by disabling batch - verification. Fixes bug 40078; bugfix on 0.2.6.1-alpha. This issue is - also tracked as TROVE-2021-007 and CVE-2021-38385. Found by Henry de - Valence. - - o Minor feature (fallbackdir): - - Regenerate fallback directories list. Close ticket 40447. - - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, - as retrieved on 2021/08/12. - - o Minor features (testing): - - Enable the deterministic RNG for unit tests that covers the address set - bloomfilter-based API's. Fixes bug 40419; bugfix on 0.3.3.2-alpha. - - o Minor bugfix (crypto): - - Disable the unused batch verification feature of ed25519-donna. Fixes - bug 40078; bugfix on 0.2.6.1-alpha. Found by Henry de Valence. - - o Minor bugfixes (relay, backport from 0.4.6.x): - - Reduce the compression level for data streaming from HIGH to LOW. Fixes - bug 40301; bugfix on 0.3.5.1-alpha. - - o Minor bugfixes (timekeeping, backport from 0.4.6.x): - - Calculate the time of day correctly on systems where the time_t - type includes leap seconds. (This is not the case on most - operating systems, but on those where it occurs, our tor_timegm - function did not correctly invert the system's gmtime function, - which could result in assertion failures when calculating - voting schedules.) Fixes bug 40383; bugfix on 0.2.0.3-alpha. - - o Minor bugfixes (warnings, portability, backport from 0.4.6.x): - - Suppress a strict-prototype warning when building with some versions - of NSS. Fixes bug 40409; bugfix on 0.3.5.1-alpha. - - Changes in version 0.3.5.17 - 2021-10-26 The major change in this version is that v2 onion services are now disabled at the client, service, and relay: any Tor nodes running this @@ -274,7 +179,7 @@ Changes in version 0.3.5.17 - 2021-10-26 on 0.2.1.7-alpha. -Changes in version 0.3.5.16 - 2021-08-16 +Changes in version 0.4.6.7 - 2021-08-16 This version fixes several bugs from earlier versions of Tor, including one that could lead to a denial-of-service attack. Everyone running an earlier version, whether as a client, a relay, or an onion service, should upgrade @@ -300,216 +205,123 @@ Changes in version 0.3.5.16 - 2021-08-16 - Disable the unused batch verification feature of ed25519-donna. Fixes bug 40078; bugfix on 0.2.6.1-alpha. Found by Henry de Valence. - o Minor bugfixes (relay, backport from 0.4.6.x): - - Reduce the compression level for data streaming from HIGH to LOW. Fixes - bug 40301; bugfix on 0.3.5.1-alpha. - - -Changes in version 0.4.6.6 - 2021-06-30 - Tor 0.4.6.6 makes several small fixes on 0.4.6.5, including one that - allows Tor to build correctly on older versions of GCC. You should - upgrade to this version if you were having trouble building Tor - 0.4.6.5; otherwise, there is probably no need. - - o Minor bugfixes (compilation): - - Fix a compilation error when trying to build Tor with a compiler - that does not support const variables in static initializers. - Fixes bug 40410; bugfix on 0.4.6.5. - - Suppress a strict-prototype warning when building with some - versions of NSS. Fixes bug 40409; bugfix on 0.3.5.1-alpha. + o Minor bugfixes (onion service): + - Send back the extended SOCKS error 0xF6 (Onion Service Invalid Address) + for a v2 onion address. Fixes bug 40421; bugfix on 0.4.6.2-alpha. - o Minor bugfixes (testing): - - Enable the deterministic RNG for unit tests that covers the - address set bloomfilter-based API's. Fixes bug 40419; bugfix - on 0.3.3.2-alpha. + o Minor bugfix (CI, onion service): + - Exclude onion service version 2 Stem tests in our CI. Fixes bug 40500; + bugfix on 0.3.2.1-alpha. + o Minor bugfixes (relay): + - Reduce the compression level for data streaming from HIGH to LOW in + order to reduce CPU load on the directory relays. Fixes bug 40301; + bugfix on 0.3.5.1-alpha. -Changes in version 0.4.5.9 - 2021-06-14 - Tor 0.4.5.9 fixes several security issues, including a - denial-of-service attack against onion service clients, and another - denial-of-service attack against relays. Everybody should upgrade to - one of 0.3.5.15, 0.4.4.9, 0.4.5.9, or 0.4.6.5. + o Minor bugfixes (timekeeping): + - Calculate the time of day correctly on systems where the time_t + type includes leap seconds. (This is not the case on most + operating systems, but on those where it occurs, our tor_timegm + function did not correctly invert the system's gmtime function, + which could result in assertion failures when calculating + voting schedules.) Fixes bug 40383; bugfix on 0.2.0.3-alpha. - o Major bugfixes (security, backport from 0.4.6.5): - - Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on - half-closed streams. Previously, clients failed to validate which - hop sent these cells: this would allow a relay on a circuit to end - a stream that wasn't actually built with it. Fixes bug 40389; - bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2021- - 003 and CVE-2021-34548. - o Major bugfixes (security, defense-in-depth, backport from 0.4.6.5): - - Detect more failure conditions from the OpenSSL RNG code. - Previously, we would detect errors from a missing RNG - implementation, but not failures from the RNG code itself. - Fortunately, it appears those failures do not happen in practice - when Tor is using OpenSSL's default RNG implementation. Fixes bug - 40390; bugfix on 0.2.8.1-alpha. This issue is also tracked as - TROVE-2021-004. Reported by Jann Horn at Google's Project Zero. +Changes in version 0.4.5.10 - 2021-08-16 + This version fixes several bugs from earlier versions of Tor, including one + that could lead to a denial-of-service attack. Everyone running an earlier + version, whether as a client, a relay, or an onion service, should upgrade + to Tor 0.3.5.16, 0.4.5.10, or 0.4.6.7. - o Major bugfixes (security, denial of service, backport from 0.4.6.5): - - Resist a hashtable-based CPU denial-of-service attack against - relays. Previously we used a naive unkeyed hash function to look - up circuits in a circuitmux object. An attacker could exploit this - to construct circuits with chosen circuit IDs, to create - collisions and make the hash table inefficient. Now we use a - SipHash construction here instead. Fixes bug 40391; bugfix on - 0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005 and - CVE-2021-34549. Reported by Jann Horn from Google's Project Zero. - - Fix an out-of-bounds memory access in v3 onion service descriptor - parsing. An attacker could exploit this bug by crafting an onion - service descriptor that would crash any client that tried to visit - it. Fixes bug 40392; bugfix on 0.3.0.1-alpha. This issue is also - tracked as TROVE-2021-006 and CVE-2021-34550. Reported by Sergei - Glazunov from Google's Project Zero. + o Major bugfixes (cryptography, security): + - Resolve an assertion failure caused by a behavior mismatch between our + batch-signature verification code and our single-signature verification + code. This assertion failure could be triggered remotely, leading to a + denial of service attack. We fix this issue by disabling batch + verification. Fixes bug 40078; bugfix on 0.2.6.1-alpha. This issue is + also tracked as TROVE-2021-007 and CVE-2021-38385. Found by Henry de + Valence. - o Minor features (compatibility, backport from 0.4.6.4-rc): - - Remove an assertion function related to TLS renegotiation. It was - used nowhere outside the unit tests, and it was breaking - compilation with recent alpha releases of OpenSSL 3.0.0. Closes - ticket 40399. + o Minor feature (fallbackdir): + - Regenerate fallback directories list. Close ticket 40447. o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, as - retrieved on 2021/06/10. - - o Minor bugfixes (control, sandbox, backport from 0.4.6.4-rc): - - Allow the control command SAVECONF to succeed when the seccomp - sandbox is enabled, and make SAVECONF keep only one backup file to - simplify implementation. Previously SAVECONF allowed a large - number of backup files, which made it incompatible with the - sandbox. Fixes bug 40317; bugfix on 0.2.5.4-alpha. Patch by - Daniel Pinto. - - o Minor bugfixes (metrics port, backport from 0.4.6.4-rc): - - Fix a bug that made tor try to re-bind() on an already open - MetricsPort every 60 seconds. Fixes bug 40370; bugfix - on 0.4.5.1-alpha. - - -Changes in version 0.4.4.9 - 2021-06-14 - Tor 0.4.4.9 fixes several security issues, including a - denial-of-service attack against onion service clients, and another - denial-of-service attack against relays. Everybody should upgrade to - one of 0.3.5.15, 0.4.4.9, 0.4.5.9, or 0.4.6.5. - - Note that the scheduled end-of-life date for the Tor 0.4.4.x series is - June 15. This is therefore the last release in its series. Everybody - still running 0.4.4.x should plan to upgrade to 0.4.5.x or later. - - o Major bugfixes (security, backport from 0.4.6.5): - - Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on - half-closed streams. Previously, clients failed to validate which - hop sent these cells: this would allow a relay on a circuit to end - a stream that wasn't actually built with it. Fixes bug 40389; - bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2021- - 003 and CVE-2021-34548. + - Update the geoip files to match the IPFire Location Database, + as retrieved on 2021/08/12. - o Major bugfixes (security, defense-in-depth, backport from 0.4.6.5): - - Detect more failure conditions from the OpenSSL RNG code. - Previously, we would detect errors from a missing RNG - implementation, but not failures from the RNG code itself. - Fortunately, it appears those failures do not happen in practice - when Tor is using OpenSSL's default RNG implementation. Fixes bug - 40390; bugfix on 0.2.8.1-alpha. This issue is also tracked as - TROVE-2021-004. Reported by Jann Horn at Google's Project Zero. + o Minor features (testing): + - Enable the deterministic RNG for unit tests that covers the address set + bloomfilter-based API's. Fixes bug 40419; bugfix on 0.3.3.2-alpha. - o Major bugfixes (security, denial of service, backport from 0.4.6.5): - - Resist a hashtable-based CPU denial-of-service attack against - relays. Previously we used a naive unkeyed hash function to look - up circuits in a circuitmux object. An attacker could exploit this - to construct circuits with chosen circuit IDs, to create - collisions and make the hash table inefficient. Now we use a - SipHash construction here instead. Fixes bug 40391; bugfix on - 0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005 and - CVE-2021-34549. Reported by Jann Horn from Google's Project Zero. - - Fix an out-of-bounds memory access in v3 onion service descriptor - parsing. An attacker could exploit this bug by crafting an onion - service descriptor that would crash any client that tried to visit - it. Fixes bug 40392; bugfix on 0.3.0.1-alpha. This issue is also - tracked as TROVE-2021-006 and CVE-2021-34550. Reported by Sergei - Glazunov from Google's Project Zero. + o Minor bugfix (crypto): + - Disable the unused batch verification feature of ed25519-donna. Fixes + bug 40078; bugfix on 0.2.6.1-alpha. Found by Henry de Valence. - o Minor features (compatibility, backport from 0.4.6.4-rc): - - Remove an assertion function related to TLS renegotiation. It was - used nowhere outside the unit tests, and it was breaking - compilation with recent alpha releases of OpenSSL 3.0.0. Closes - ticket 40399. + o Minor bugfixes (relay, backport from 0.4.6.x): + - Reduce the compression level for data streaming from HIGH to LOW. Fixes + bug 40301; bugfix on 0.3.5.1-alpha. - o Minor features (fallback directory list, backport from 0.4.6.2-alpha): - - Regenerate the list of fallback directories to contain a new set - of 200 relays. Closes ticket 40265. + o Minor bugfixes (timekeeping, backport from 0.4.6.x): + - Calculate the time of day correctly on systems where the time_t + type includes leap seconds. (This is not the case on most + operating systems, but on those where it occurs, our tor_timegm + function did not correctly invert the system's gmtime function, + which could result in assertion failures when calculating + voting schedules.) Fixes bug 40383; bugfix on 0.2.0.3-alpha. - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, as - retrieved on 2021/06/10. + o Minor bugfixes (warnings, portability, backport from 0.4.6.x): + - Suppress a strict-prototype warning when building with some versions + of NSS. Fixes bug 40409; bugfix on 0.3.5.1-alpha. - o Minor bugfixes (channel, DoS, backport from 0.4.6.2-alpha): - - Fix a non-fatal BUG() message due to a too-early free of a string, - when listing a client connection from the DoS defenses subsystem. - Fixes bug 40345; bugfix on 0.4.3.4-rc. - o Minor bugfixes (compiler warnings, backport from 0.4.6.3-rc): - - Fix an indentation problem that led to a warning from GCC 11.1.1. - Fixes bug 40380; bugfix on 0.3.0.1-alpha. +Changes in version 0.3.5.16 - 2021-08-16 + This version fixes several bugs from earlier versions of Tor, including one + that could lead to a denial-of-service attack. Everyone running an earlier + version, whether as a client, a relay, or an onion service, should upgrade + to Tor 0.3.5.16, 0.4.5.10, or 0.4.6.7. + o Major bugfixes (cryptography, security): + - Resolve an assertion failure caused by a behavior mismatch between our + batch-signature verification code and our single-signature verification + code. This assertion failure could be triggered remotely, leading to a + denial of service attack. We fix this issue by disabling batch + verification. Fixes bug 40078; bugfix on 0.2.6.1-alpha. This issue is + also tracked as TROVE-2021-007 and CVE-2021-38385. Found by Henry de + Valence. -Changes in version 0.3.5.15 - 2021-06-14 - Tor 0.3.5.15 fixes several security issues, including a - denial-of-service attack against onion service clients, and another - denial-of-service attack against relays. Everybody should upgrade to - one of 0.3.5.15, 0.4.4.9, 0.4.5.9, or 0.4.6.5. + o Minor feature (fallbackdir): + - Regenerate fallback directories list. Close ticket 40447. - o Major bugfixes (security, backport from 0.4.6.5): - - Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on - half-closed streams. Previously, clients failed to validate which - hop sent these cells: this would allow a relay on a circuit to end - a stream that wasn't actually built with it. Fixes bug 40389; - bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2021- - 003 and CVE-2021-34548. + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, + as retrieved on 2021/08/12. - o Major bugfixes (security, defense-in-depth, backport from 0.4.6.5): - - Detect more failure conditions from the OpenSSL RNG code. - Previously, we would detect errors from a missing RNG - implementation, but not failures from the RNG code itself. - Fortunately, it appears those failures do not happen in practice - when Tor is using OpenSSL's default RNG implementation. Fixes bug - 40390; bugfix on 0.2.8.1-alpha. This issue is also tracked as - TROVE-2021-004. Reported by Jann Horn at Google's Project Zero. + o Minor bugfix (crypto): + - Disable the unused batch verification feature of ed25519-donna. Fixes + bug 40078; bugfix on 0.2.6.1-alpha. Found by Henry de Valence. - o Major bugfixes (security, denial of service, backport from 0.4.6.5): - - Resist a hashtable-based CPU denial-of-service attack against - relays. Previously we used a naive unkeyed hash function to look - up circuits in a circuitmux object. An attacker could exploit this - to construct circuits with chosen circuit IDs, to create - collisions and make the hash table inefficient. Now we use a - SipHash construction here instead. Fixes bug 40391; bugfix on - 0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005 and - CVE-2021-34549. Reported by Jann Horn from Google's Project Zero. - - Fix an out-of-bounds memory access in v3 onion service descriptor - parsing. An attacker could exploit this bug by crafting an onion - service descriptor that would crash any client that tried to visit - it. Fixes bug 40392; bugfix on 0.3.0.1-alpha. This issue is also - tracked as TROVE-2021-006 and CVE-2021-34550. Reported by Sergei - Glazunov from Google's Project Zero. + o Minor bugfixes (relay, backport from 0.4.6.x): + - Reduce the compression level for data streaming from HIGH to LOW. Fixes + bug 40301; bugfix on 0.3.5.1-alpha. - o Minor bugfixes (compiler warnings, backport from 0.4.6.3-rc): - - Fix an indentation problem that led to a warning from GCC 11.1.1. - Fixes bug 40380; bugfix on 0.3.0.1-alpha. - o Minor features (compatibility, backport from 0.4.6.4-rc): - - Remove an assertion function related to TLS renegotiation. It was - used nowhere outside the unit tests, and it was breaking - compilation with recent alpha releases of OpenSSL 3.0.0. Closes - ticket 40399. +Changes in version 0.4.6.6 - 2021-06-30 + Tor 0.4.6.6 makes several small fixes on 0.4.6.5, including one that + allows Tor to build correctly on older versions of GCC. You should + upgrade to this version if you were having trouble building Tor + 0.4.6.5; otherwise, there is probably no need. - o Minor features (fallback directory list, backport from 0.4.6.2-alpha): - - Regenerate the list of fallback directories to contain a new set - of 200 relays. Closes ticket 40265. + o Minor bugfixes (compilation): + - Fix a compilation error when trying to build Tor with a compiler + that does not support const variables in static initializers. + Fixes bug 40410; bugfix on 0.4.6.5. + - Suppress a strict-prototype warning when building with some + versions of NSS. Fixes bug 40409; bugfix on 0.3.5.1-alpha. - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, as - retrieved on 2021/06/10. + o Minor bugfixes (testing): + - Enable the deterministic RNG for unit tests that covers the + address set bloomfilter-based API's. Fixes bug 40419; bugfix + on 0.3.3.2-alpha. Changes in version 0.4.6.5 - 2021-06-14 @@ -822,6 +634,194 @@ Changes in version 0.4.6.5 - 2021-06-14 for now.) Closes ticket 40282. +Changes in version 0.4.5.9 - 2021-06-14 + Tor 0.4.5.9 fixes several security issues, including a + denial-of-service attack against onion service clients, and another + denial-of-service attack against relays. Everybody should upgrade to + one of 0.3.5.15, 0.4.4.9, 0.4.5.9, or 0.4.6.5. + + o Major bugfixes (security, backport from 0.4.6.5): + - Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on + half-closed streams. Previously, clients failed to validate which + hop sent these cells: this would allow a relay on a circuit to end + a stream that wasn't actually built with it. Fixes bug 40389; + bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2021- + 003 and CVE-2021-34548. + + o Major bugfixes (security, defense-in-depth, backport from 0.4.6.5): + - Detect more failure conditions from the OpenSSL RNG code. + Previously, we would detect errors from a missing RNG + implementation, but not failures from the RNG code itself. + Fortunately, it appears those failures do not happen in practice + when Tor is using OpenSSL's default RNG implementation. Fixes bug + 40390; bugfix on 0.2.8.1-alpha. This issue is also tracked as + TROVE-2021-004. Reported by Jann Horn at Google's Project Zero. + + o Major bugfixes (security, denial of service, backport from 0.4.6.5): + - Resist a hashtable-based CPU denial-of-service attack against + relays. Previously we used a naive unkeyed hash function to look + up circuits in a circuitmux object. An attacker could exploit this + to construct circuits with chosen circuit IDs, to create + collisions and make the hash table inefficient. Now we use a + SipHash construction here instead. Fixes bug 40391; bugfix on + 0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005 and + CVE-2021-34549. Reported by Jann Horn from Google's Project Zero. + - Fix an out-of-bounds memory access in v3 onion service descriptor + parsing. An attacker could exploit this bug by crafting an onion + service descriptor that would crash any client that tried to visit + it. Fixes bug 40392; bugfix on 0.3.0.1-alpha. This issue is also + tracked as TROVE-2021-006 and CVE-2021-34550. Reported by Sergei + Glazunov from Google's Project Zero. + + o Minor features (compatibility, backport from 0.4.6.4-rc): + - Remove an assertion function related to TLS renegotiation. It was + used nowhere outside the unit tests, and it was breaking + compilation with recent alpha releases of OpenSSL 3.0.0. Closes + ticket 40399. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2021/06/10. + + o Minor bugfixes (control, sandbox, backport from 0.4.6.4-rc): + - Allow the control command SAVECONF to succeed when the seccomp + sandbox is enabled, and make SAVECONF keep only one backup file to + simplify implementation. Previously SAVECONF allowed a large + number of backup files, which made it incompatible with the + sandbox. Fixes bug 40317; bugfix on 0.2.5.4-alpha. Patch by + Daniel Pinto. + + o Minor bugfixes (metrics port, backport from 0.4.6.4-rc): + - Fix a bug that made tor try to re-bind() on an already open + MetricsPort every 60 seconds. Fixes bug 40370; bugfix + on 0.4.5.1-alpha. + + +Changes in version 0.4.4.9 - 2021-06-14 + Tor 0.4.4.9 fixes several security issues, including a + denial-of-service attack against onion service clients, and another + denial-of-service attack against relays. Everybody should upgrade to + one of 0.3.5.15, 0.4.4.9, 0.4.5.9, or 0.4.6.5. + + Note that the scheduled end-of-life date for the Tor 0.4.4.x series is + June 15. This is therefore the last release in its series. Everybody + still running 0.4.4.x should plan to upgrade to 0.4.5.x or later. + + o Major bugfixes (security, backport from 0.4.6.5): + - Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on + half-closed streams. Previously, clients failed to validate which + hop sent these cells: this would allow a relay on a circuit to end + a stream that wasn't actually built with it. Fixes bug 40389; + bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2021- + 003 and CVE-2021-34548. + + o Major bugfixes (security, defense-in-depth, backport from 0.4.6.5): + - Detect more failure conditions from the OpenSSL RNG code. + Previously, we would detect errors from a missing RNG + implementation, but not failures from the RNG code itself. + Fortunately, it appears those failures do not happen in practice + when Tor is using OpenSSL's default RNG implementation. Fixes bug + 40390; bugfix on 0.2.8.1-alpha. This issue is also tracked as + TROVE-2021-004. Reported by Jann Horn at Google's Project Zero. + + o Major bugfixes (security, denial of service, backport from 0.4.6.5): + - Resist a hashtable-based CPU denial-of-service attack against + relays. Previously we used a naive unkeyed hash function to look + up circuits in a circuitmux object. An attacker could exploit this + to construct circuits with chosen circuit IDs, to create + collisions and make the hash table inefficient. Now we use a + SipHash construction here instead. Fixes bug 40391; bugfix on + 0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005 and + CVE-2021-34549. Reported by Jann Horn from Google's Project Zero. + - Fix an out-of-bounds memory access in v3 onion service descriptor + parsing. An attacker could exploit this bug by crafting an onion + service descriptor that would crash any client that tried to visit + it. Fixes bug 40392; bugfix on 0.3.0.1-alpha. This issue is also + tracked as TROVE-2021-006 and CVE-2021-34550. Reported by Sergei + Glazunov from Google's Project Zero. + + o Minor features (compatibility, backport from 0.4.6.4-rc): + - Remove an assertion function related to TLS renegotiation. It was + used nowhere outside the unit tests, and it was breaking + compilation with recent alpha releases of OpenSSL 3.0.0. Closes + ticket 40399. + + o Minor features (fallback directory list, backport from 0.4.6.2-alpha): + - Regenerate the list of fallback directories to contain a new set + of 200 relays. Closes ticket 40265. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2021/06/10. + + o Minor bugfixes (channel, DoS, backport from 0.4.6.2-alpha): + - Fix a non-fatal BUG() message due to a too-early free of a string, + when listing a client connection from the DoS defenses subsystem. + Fixes bug 40345; bugfix on 0.4.3.4-rc. + + o Minor bugfixes (compiler warnings, backport from 0.4.6.3-rc): + - Fix an indentation problem that led to a warning from GCC 11.1.1. + Fixes bug 40380; bugfix on 0.3.0.1-alpha. + + +Changes in version 0.3.5.15 - 2021-06-14 + Tor 0.3.5.15 fixes several security issues, including a + denial-of-service attack against onion service clients, and another + denial-of-service attack against relays. Everybody should upgrade to + one of 0.3.5.15, 0.4.4.9, 0.4.5.9, or 0.4.6.5. + + o Major bugfixes (security, backport from 0.4.6.5): + - Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on + half-closed streams. Previously, clients failed to validate which + hop sent these cells: this would allow a relay on a circuit to end + a stream that wasn't actually built with it. Fixes bug 40389; + bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2021- + 003 and CVE-2021-34548. + + o Major bugfixes (security, defense-in-depth, backport from 0.4.6.5): + - Detect more failure conditions from the OpenSSL RNG code. + Previously, we would detect errors from a missing RNG + implementation, but not failures from the RNG code itself. + Fortunately, it appears those failures do not happen in practice + when Tor is using OpenSSL's default RNG implementation. Fixes bug + 40390; bugfix on 0.2.8.1-alpha. This issue is also tracked as + TROVE-2021-004. Reported by Jann Horn at Google's Project Zero. + + o Major bugfixes (security, denial of service, backport from 0.4.6.5): + - Resist a hashtable-based CPU denial-of-service attack against + relays. Previously we used a naive unkeyed hash function to look + up circuits in a circuitmux object. An attacker could exploit this + to construct circuits with chosen circuit IDs, to create + collisions and make the hash table inefficient. Now we use a + SipHash construction here instead. Fixes bug 40391; bugfix on + 0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005 and + CVE-2021-34549. Reported by Jann Horn from Google's Project Zero. + - Fix an out-of-bounds memory access in v3 onion service descriptor + parsing. An attacker could exploit this bug by crafting an onion + service descriptor that would crash any client that tried to visit + it. Fixes bug 40392; bugfix on 0.3.0.1-alpha. This issue is also + tracked as TROVE-2021-006 and CVE-2021-34550. Reported by Sergei + Glazunov from Google's Project Zero. + + o Minor bugfixes (compiler warnings, backport from 0.4.6.3-rc): + - Fix an indentation problem that led to a warning from GCC 11.1.1. + Fixes bug 40380; bugfix on 0.3.0.1-alpha. + + o Minor features (compatibility, backport from 0.4.6.4-rc): + - Remove an assertion function related to TLS renegotiation. It was + used nowhere outside the unit tests, and it was breaking + compilation with recent alpha releases of OpenSSL 3.0.0. Closes + ticket 40399. + + o Minor features (fallback directory list, backport from 0.4.6.2-alpha): + - Regenerate the list of fallback directories to contain a new set + of 200 relays. Closes ticket 40265. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2021/06/10. + + Changes in version 0.4.5.8 - 2021-05-10 Tor 0.4.5.8 fixes several bugs in earlier version, backporting fixes from the 0.4.6.x series.

1 0

[tor/main] Sync ReleaseNotes and ChangeLog from release-{0.3.5, 0.4.5, 0.4.6} to main.
by ahf＠torproject.org 25 Oct '21

25 Oct '21

commit ecb9cee26659996bb64c563e0e13f820e905804d Author: Alexander Færøy <ahf(a)torproject.org> Date: Mon Oct 25 23:41:05 2021 +0000 Sync ReleaseNotes and ChangeLog from release-{0.3.5, 0.4.5, 0.4.6} to main. --- ChangeLog | 177 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ReleaseNotes | 177 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 354 insertions(+) diff --git a/ChangeLog b/ChangeLog index 4239f86a31..a061775812 100644 --- a/ChangeLog +++ b/ChangeLog @@ -244,6 +244,65 @@ Changes in version 0.4.7.1-alpha - 2021-09-17 Fixes bug 40467; bugfix on 0.4.3.1-alpha. Patch by Neel Chauhan. +Changes in version 0.4.6.8 - 2021-10-26 + This version fixes several bugs from earlier versions of Tor. One + highlight is a fix on how we track DNS timeouts to report general + relay overload. + + o Major bugfixes (relay, overload state): + - Relays report the general overload state for DNS timeout errors + only if X% of all DNS queries over Y seconds are errors. Before + that, it only took 1 timeout to report the overload state which + was just too low of a threshold. The X and Y values are 1% and 10 + minutes respectively but they are also controlled by consensus + parameters. Fixes bug 40491; bugfix on 0.4.6.1-alpha. + + o Minor features (fallbackdir): + - Regenerate fallback directories for October 2021. Closes + ticket 40493. + + o Minor features (testing): + - On a testing network, relays can now use the + TestingMinTimeToReportBandwidth option to change the smallest + amount of time over which they're willing to report their observed + maximum bandwidth. Previously, this was fixed at 1 day. For + safety, values under 2 hours are only supported on testing + networks. Part of a fix for ticket 40337. + - Relays on testing networks no longer rate-limit how frequently + they are willing to report new bandwidth measurements. Part of a + fix for ticket 40337. + - Relays on testing networks now report their observed bandwidths + immediately from startup. Previously, they waited until they had + been running for a full day. Closes ticket 40337. + + o Minor bugfix (onion service): + - Do not flag an HSDir as non-running in case the descriptor upload + or fetch fails. An onion service closes pending directory + connections before uploading a new descriptor which can thus lead + to wrongly flagging many relays and thus affecting circuit building + path selection. Fixes bug 40434; bugfix on 0.2.0.13-alpha. + - Improve logging when a bad HS version is given. Fixes bug 40476; + bugfix on 0.4.6.1-alpha. + + o Minor bugfix (CI, onion service): + - Exclude onion service version 2 Stem tests in our CI. Fixes bug 40500; + bugfix on 0.3.2.1-alpha. + + o Minor bugfixes (compatibility): + - Fix compatibility with the most recent Libevent versions, which no + longer have an evdns_set_random_bytes() function. Because this + function has been a no-op since Libevent 2.0.4-alpha, it is safe + for us to just stop calling it. Fixes bug 40371; bugfix + on 0.2.1.7-alpha. + + o Minor bugfixes (onion service, TROVE-2021-008): + - Only log v2 access attempts once total, in order to not pollute + the logs with warnings and to avoid recording the times on disk + when v2 access was attempted. Note that the onion address was + _never_ logged. This counts as a Low-severity security issue. + Fixes bug 40474; bugfix on 0.4.5.8. + + Changes in version 0.4.6.7 - 2021-08-16 This version fixes several bugs from earlier versions of Tor, including one that could lead to a denial-of-service attack. Everyone @@ -290,6 +349,87 @@ Changes in version 0.4.6.7 - 2021-08-16 schedules.) Fixes bug 40383; bugfix on 0.2.0.3-alpha. +Changes in version 0.4.5.11 - 2021-10-26 + The major change in this version is that v2 onion services are now + disabled at the client, service, and relay: any Tor nodes running this + version and onward will stop supporting v2 onion services. This is the + last step in the long deprecation process of v2 onion services. + Everyone running an earlier version, whether as a client, a relay, or + an onion service, should upgrade to Tor 0.3.5.17, 0.4.5.11, + or 0.4.6.8. + + o Major feature (onion service v2): + - See https://blog.torproject.org/v2-deprecation-timeline for + details on how to transition from v2 to v3. + - The control port commands HSFETCH and HSPOST no longer allow + version 2, and it is no longer possible to create a v2 service + with ADD_ONION. + - Tor no longer allows creating v2 services, or connecting as a + client to a v2 service. Relays will decline to be a v2 HSDir or + introduction point. This effectively disables onion service + version 2 Tor-wide. Closes ticket 40476. + + o Minor features (bridge, backport from 0.4.6.8): + - We now announce the URL to Tor's new bridge status at + https://bridges.torproject.org/ when Tor is configured to run as a + bridge relay. Closes ticket 30477. + + o Minor features (fallbackdir): + - Regenerate fallback directories for October 2021. Closes + ticket 40493. + + o Minor features (logging, diagnostic, backport from 0.4.6.5): + - Log decompression failures at a higher severity level, since they + can help provide missing context for other warning messages. We + rate-limit these messages, to avoid flooding the logs if they + begin to occur frequently. Closes ticket 40175. + + o Minor features (testing, backport from 0.4.6.8): + - On a testing network, relays can now use the + TestingMinTimeToReportBandwidth option to change the smallest + amount of time over which they're willing to report their observed + maximum bandwidth. Previously, this was fixed at 1 day. For + safety, values under 2 hours are only supported on testing + networks. Part of a fix for ticket 40337. + - Relays on testing networks no longer rate-limit how frequently + they are willing to report new bandwidth measurements. Part of a + fix for ticket 40337. + - Relays on testing networks now report their observed bandwidths + immediately from startup. Previously, they waited until they had + been running for a full day. Closes ticket 40337. + + o Minor bugfix (CI, onion service): + - Exclude onion service version 2 Stem tests in our CI. Fixes bug 40500; + bugfix on 0.3.2.1-alpha. + + o Minor bugfix (onion service, backport from 0.4.6.8): + - Do not flag an HSDir as non-running in case the descriptor upload + or fetch fails. An onion service closes pending directory + connections before uploading a new descriptor which can thus lead + to wrongly flagging many relays and thus affecting circuit building + path selection. Fixes bug 40434; bugfix on 0.2.0.13-alpha. + + o Minor bugfixes (compatibility, backport from 0.4.6.8): + - Fix compatibility with the most recent Libevent versions, which no + longer have an evdns_set_random_bytes() function. Because this + function has been a no-op since Libevent 2.0.4-alpha, it is safe + for us to just stop calling it. Fixes bug 40371; bugfix + on 0.2.1.7-alpha. + + o Minor bugfixes (consensus handling, backport from 0.4.6.4-rc): + - Avoid a set of bugs that could be caused by inconsistently + preferring an out-of-date consensus stored in a stale directory + cache over a more recent one stored on disk as the latest + consensus. Fixes bug 40375; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (onion service, TROVE-2021-008, backport from 0.4.6.8): + - Only log v2 access attempts once total, in order to not pollute + the logs with warnings and to avoid recording the times on disk + when v2 access was attempted. Note that the onion address was + _never_ logged. This counts as a Low-severity security issue. + Fixes bug 40474; bugfix on 0.4.5.8. + + Changes in version 0.4.5.10 - 2021-08-16 This version fixes several bugs from earlier versions of Tor, including one that could lead to a denial-of-service attack. Everyone @@ -339,6 +479,43 @@ Changes in version 0.4.5.10 - 2021-08-16 versions of NSS. Fixes bug 40409; bugfix on 0.3.5.1-alpha. +Changes in version 0.3.5.17 - 2021-10-26 + The major change in this version is that v2 onion services are now + disabled at the client, service, and relay: any Tor nodes running this + version and onward will stop supporting v2 onion services. This is the + last step in the long deprecation process of v2 onion services. + Everyone running an earlier version, whether as a client, a relay, or + an onion service, should upgrade to Tor 0.3.5.17, 0.4.5.11, + or 0.4.6.8. + + o Major feature (onion service v2, backport from 0.4.5.11): + - See https://blog.torproject.org/v2-deprecation-timeline for + details on how to transition from v2 to v3. + - The control port commands HSFETCH and HSPOST no longer allow + version 2, and it is no longer possible to create a v2 service + with ADD_ONION. + - Tor no longer allows creating v2 services, or connecting as a + client to a v2 service. Relays will decline to be a v2 HSDir or + introduction point. This effectively disables onion service + version 2 Tor-wide. Closes ticket 40476. + + o Minor features (bridge, backport from 0.4.6.8): + - We now announce the URL to Tor's new bridge status at + https://bridges.torproject.org/ when Tor is configured to run as a + bridge relay. Closes ticket 30477. + + o Minor features (fallbackdir): + - Regenerate fallback directories for October 2021. Closes + ticket 40493. + + o Minor bugfixes (compatibility, backport from 0.4.6.8): + - Fix compatibility with the most recent Libevent versions, which no + longer have an evdns_set_random_bytes() function. Because this + function has been a no-op since Libevent 2.0.4-alpha, it is safe + for us to just stop calling it. Fixes bug 40371; bugfix + on 0.2.1.7-alpha. + + Changes in version 0.3.5.16 - 2021-08-16 This version fixes several bugs from earlier versions of Tor, including one that could lead to a denial-of-service attack. Everyone diff --git a/ReleaseNotes b/ReleaseNotes index 34b8113bcb..73c351fa83 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -2,6 +2,65 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file. +Changes in version 0.4.6.8 - 2021-10-26 + This version fixes several bugs from earlier versions of Tor. One + highlight is a fix on how we track DNS timeouts to report general + relay overload. + + o Major bugfixes (relay, overload state): + - Relays report the general overload state for DNS timeout errors + only if X% of all DNS queries over Y seconds are errors. Before + that, it only took 1 timeout to report the overload state which + was just too low of a threshold. The X and Y values are 1% and 10 + minutes respectively but they are also controlled by consensus + parameters. Fixes bug 40491; bugfix on 0.4.6.1-alpha. + + o Minor features (fallbackdir): + - Regenerate fallback directories for October 2021. Closes + ticket 40493. + + o Minor features (testing): + - On a testing network, relays can now use the + TestingMinTimeToReportBandwidth option to change the smallest + amount of time over which they're willing to report their observed + maximum bandwidth. Previously, this was fixed at 1 day. For + safety, values under 2 hours are only supported on testing + networks. Part of a fix for ticket 40337. + - Relays on testing networks no longer rate-limit how frequently + they are willing to report new bandwidth measurements. Part of a + fix for ticket 40337. + - Relays on testing networks now report their observed bandwidths + immediately from startup. Previously, they waited until they had + been running for a full day. Closes ticket 40337. + + o Minor bugfix (onion service): + - Do not flag an HSDir as non-running in case the descriptor upload + or fetch fails. An onion service closes pending directory + connections before uploading a new descriptor which can thus lead + to wrongly flagging many relays and thus affecting circuit building + path selection. Fixes bug 40434; bugfix on 0.2.0.13-alpha. + - Improve logging when a bad HS version is given. Fixes bug 40476; + bugfix on 0.4.6.1-alpha. + + o Minor bugfix (CI, onion service): + - Exclude onion service version 2 Stem tests in our CI. Fixes bug 40500; + bugfix on 0.3.2.1-alpha. + + o Minor bugfixes (compatibility): + - Fix compatibility with the most recent Libevent versions, which no + longer have an evdns_set_random_bytes() function. Because this + function has been a no-op since Libevent 2.0.4-alpha, it is safe + for us to just stop calling it. Fixes bug 40371; bugfix + on 0.2.1.7-alpha. + + o Minor bugfixes (onion service, TROVE-2021-008): + - Only log v2 access attempts once total, in order to not pollute + the logs with warnings and to avoid recording the times on disk + when v2 access was attempted. Note that the onion address was + _never_ logged. This counts as a Low-severity security issue. + Fixes bug 40474; bugfix on 0.4.5.8. + + Changes in version 0.4.6.7 - 2021-08-16 This version fixes several bugs from earlier versions of Tor, including one that could lead to a denial-of-service attack. Everyone running an earlier @@ -50,6 +109,87 @@ Changes in version 0.4.6.7 - 2021-08-16 voting schedules.) Fixes bug 40383; bugfix on 0.2.0.3-alpha. +Changes in version 0.4.5.11 - 2021-10-26 + The major change in this version is that v2 onion services are now + disabled at the client, service, and relay: any Tor nodes running this + version and onward will stop supporting v2 onion services. This is the + last step in the long deprecation process of v2 onion services. + Everyone running an earlier version, whether as a client, a relay, or + an onion service, should upgrade to Tor 0.3.5.17, 0.4.5.11, + or 0.4.6.8. + + o Major feature (onion service v2): + - See https://blog.torproject.org/v2-deprecation-timeline for + details on how to transition from v2 to v3. + - The control port commands HSFETCH and HSPOST no longer allow + version 2, and it is no longer possible to create a v2 service + with ADD_ONION. + - Tor no longer allows creating v2 services, or connecting as a + client to a v2 service. Relays will decline to be a v2 HSDir or + introduction point. This effectively disables onion service + version 2 Tor-wide. Closes ticket 40476. + + o Minor features (bridge, backport from 0.4.6.8): + - We now announce the URL to Tor's new bridge status at + https://bridges.torproject.org/ when Tor is configured to run as a + bridge relay. Closes ticket 30477. + + o Minor features (fallbackdir): + - Regenerate fallback directories for October 2021. Closes + ticket 40493. + + o Minor features (logging, diagnostic, backport from 0.4.6.5): + - Log decompression failures at a higher severity level, since they + can help provide missing context for other warning messages. We + rate-limit these messages, to avoid flooding the logs if they + begin to occur frequently. Closes ticket 40175. + + o Minor features (testing, backport from 0.4.6.8): + - On a testing network, relays can now use the + TestingMinTimeToReportBandwidth option to change the smallest + amount of time over which they're willing to report their observed + maximum bandwidth. Previously, this was fixed at 1 day. For + safety, values under 2 hours are only supported on testing + networks. Part of a fix for ticket 40337. + - Relays on testing networks no longer rate-limit how frequently + they are willing to report new bandwidth measurements. Part of a + fix for ticket 40337. + - Relays on testing networks now report their observed bandwidths + immediately from startup. Previously, they waited until they had + been running for a full day. Closes ticket 40337. + + o Minor bugfix (CI, onion service): + - Exclude onion service version 2 Stem tests in our CI. Fixes bug 40500; + bugfix on 0.3.2.1-alpha. + + o Minor bugfix (onion service, backport from 0.4.6.8): + - Do not flag an HSDir as non-running in case the descriptor upload + or fetch fails. An onion service closes pending directory + connections before uploading a new descriptor which can thus lead + to wrongly flagging many relays and thus affecting circuit building + path selection. Fixes bug 40434; bugfix on 0.2.0.13-alpha. + + o Minor bugfixes (compatibility, backport from 0.4.6.8): + - Fix compatibility with the most recent Libevent versions, which no + longer have an evdns_set_random_bytes() function. Because this + function has been a no-op since Libevent 2.0.4-alpha, it is safe + for us to just stop calling it. Fixes bug 40371; bugfix + on 0.2.1.7-alpha. + + o Minor bugfixes (consensus handling, backport from 0.4.6.4-rc): + - Avoid a set of bugs that could be caused by inconsistently + preferring an out-of-date consensus stored in a stale directory + cache over a more recent one stored on disk as the latest + consensus. Fixes bug 40375; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (onion service, TROVE-2021-008, backport from 0.4.6.8): + - Only log v2 access attempts once total, in order to not pollute + the logs with warnings and to avoid recording the times on disk + when v2 access was attempted. Note that the onion address was + _never_ logged. This counts as a Low-severity security issue. + Fixes bug 40474; bugfix on 0.4.5.8. + + Changes in version 0.4.5.10 - 2021-08-16 This version fixes several bugs from earlier versions of Tor, including one that could lead to a denial-of-service attack. Everyone running an earlier @@ -97,6 +237,43 @@ Changes in version 0.4.5.10 - 2021-08-16 of NSS. Fixes bug 40409; bugfix on 0.3.5.1-alpha. +Changes in version 0.3.5.17 - 2021-10-26 + The major change in this version is that v2 onion services are now + disabled at the client, service, and relay: any Tor nodes running this + version and onward will stop supporting v2 onion services. This is the + last step in the long deprecation process of v2 onion services. + Everyone running an earlier version, whether as a client, a relay, or + an onion service, should upgrade to Tor 0.3.5.17, 0.4.5.11, + or 0.4.6.8. + + o Major feature (onion service v2, backport from 0.4.5.11): + - See https://blog.torproject.org/v2-deprecation-timeline for + details on how to transition from v2 to v3. + - The control port commands HSFETCH and HSPOST no longer allow + version 2, and it is no longer possible to create a v2 service + with ADD_ONION. + - Tor no longer allows creating v2 services, or connecting as a + client to a v2 service. Relays will decline to be a v2 HSDir or + introduction point. This effectively disables onion service + version 2 Tor-wide. Closes ticket 40476. + + o Minor features (bridge, backport from 0.4.6.8): + - We now announce the URL to Tor's new bridge status at + https://bridges.torproject.org/ when Tor is configured to run as a + bridge relay. Closes ticket 30477. + + o Minor features (fallbackdir): + - Regenerate fallback directories for October 2021. Closes + ticket 40493. + + o Minor bugfixes (compatibility, backport from 0.4.6.8): + - Fix compatibility with the most recent Libevent versions, which no + longer have an evdns_set_random_bytes() function. Because this + function has been a no-op since Libevent 2.0.4-alpha, it is safe + for us to just stop calling it. Fixes bug 40371; bugfix + on 0.2.1.7-alpha. + + Changes in version 0.3.5.16 - 2021-08-16 This version fixes several bugs from earlier versions of Tor, including one that could lead to a denial-of-service attack. Everyone running an earlier

1 0

[community/master] Better markdown formatting
by gus＠torproject.org 25 Oct '21

25 Oct '21

commit 6d1053915ca2e55951bcd4c7faced2b0b085233c Author: gus <gus(a)torproject.org> Date: Mon Oct 25 18:57:13 2021 -0300 Better markdown formatting --- content/relay/setup/guard/centos-rhel/contents.lr | 20 ++++++++++---------- content/relay/setup/guard/debian-ubuntu/contents.lr | 14 +++++++------- content/relay/setup/guard/dragonflybsd/contents.lr | 20 ++++++++++---------- content/relay/setup/guard/fedora/contents.lr | 14 +++++++------- content/relay/setup/guard/freebsd/contents.lr | 19 ++++++++++--------- content/relay/setup/guard/netbsd/contents.lr | 16 +++++++++------- content/relay/setup/guard/openbsd/contents.lr | 19 ++++++++++--------- 7 files changed, 63 insertions(+), 59 deletions(-) diff --git a/content/relay/setup/guard/centos-rhel/contents.lr b/content/relay/setup/guard/centos-rhel/contents.lr index 0d8372b..fc5b7d8 100644 --- a/content/relay/setup/guard/centos-rhel/contents.lr +++ b/content/relay/setup/guard/centos-rhel/contents.lr @@ -6,19 +6,19 @@ title: CentOS/RHEL --- body: -# 1. Enable Automatic Software Updates +### 1. Enable Automatic Software Updates One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable [automatic software updates](updates) for your operating system. -# 2. Install `epel-release` +### 2. Install `epel-release` -To install `tor` on CentOS/RHEL, you need to enable the use of the [EPEL](https://fedoraproject.org/wiki/EPEL) Repository first. To do so, you must install the `epel-release` package: +To install `tor` package on CentOS/RHEL, you need to install the [EPEL](https://fedoraproject.org/wiki/EPEL) repository first: ``` # yum install epel-release ``` -Recent versions of CentOS/RHEL are using `dnf` instead of `yum`, so the command to install the package would be: +Recent versions of CentOS/RHEL are using `dnf` instead of `yum`: ``` # dnf install epel-release @@ -26,7 +26,7 @@ Recent versions of CentOS/RHEL are using `dnf` instead of `yum`, so the command If you are on a recent version that uses `dnf`, please keep using it for the following steps where `yum` is called on this setup guide. -# 3. Configure Tor Project's Repository +### 3. Configure Tor Project's Repository Configuring the Tor Project's Repository for CentOS/RHEL consists basically on setting up `/etc/yum.repos.d/Tor.repo` with the following content: @@ -42,7 +42,7 @@ cost=100 More information about it can be found [here](https://support.torproject.org/rpm/). -# 4. Install `tor` +### 4. Package installation Once you are set with EPEL and the Tor repositories, you are now able to install the package: @@ -52,9 +52,9 @@ Once you are set with EPEL and the Tor repositories, you are now able to install Please note that when you are installing the first package from the EPEL repository you will be asked about verifying the EPEL's GPG signing key. Please ensure the key matches with the one available on the [Fedora Project website](https://getfedora.org/keys/). This will also happens when installing packages from Tor's repository for the first time - again you must ensure the key matches. -# 5. Configure `/etc/tor/torrc` +### 5. Configuration file -This is a very simple version of the `torrc` configuration file in order to run a Middle/Guard relay on the Tor network: +Put the configuration file `/etc/tor/torrc` in place: ``` Nickname myNiceRelay # Change "myNiceRelay" to something you like @@ -64,7 +64,7 @@ ExitRelay 0 SocksPort 0 ``` -# 6. Enable and Start `tor` +### 6. Enable and Start `tor` Recent versions os CentOS/RHEL which ship with systemd: @@ -79,7 +79,7 @@ Should you use an older release like CentOS/RHEL 6, that will be: # service tor start ``` -# 7. Final Notes +### 7. Final Notes If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes. diff --git a/content/relay/setup/guard/debian-ubuntu/contents.lr b/content/relay/setup/guard/debian-ubuntu/contents.lr index a93ba19..95f9eef 100644 --- a/content/relay/setup/guard/debian-ubuntu/contents.lr +++ b/content/relay/setup/guard/debian-ubuntu/contents.lr @@ -6,16 +6,16 @@ title: Debian/Ubuntu --- body: -# 1. Enable Automatic Software Updates +### 1. Enable Automatic Software Updates One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable [automatic software updates](updates) for your operating system. -# 2. Configure Tor Project's Repository +### 2. Configure Tor Project's Repository Configuring the Tor Project's package repository for Debian/Ubuntu is documented **[here](https://support.torproject.org/apt/tor-deb-repo/)**. Please follow those instructions before proceeding. -# 3. Install `tor` +### 3. Package installation Ensure you update the packages database before installing the package, than call `apt` to install it: @@ -24,9 +24,9 @@ Ensure you update the packages database before installing the package, than call # apt install tor ``` -# 4. Configure `/etc/tor/torrc` +### 4. Configuration file -This is a very simple version of the `torrc` configuration file in order to run a Middle/Guard relay on the Tor network: +Put the configuration file `/etc/tor/torrc` in place ``` Nickname myNiceRelay # Change "myNiceRelay" to something you like @@ -36,7 +36,7 @@ ExitRelay 0 SocksPort 0 ``` -# 5. Restart the Service +### 5. Restart the service Restart the `tor` daemon, so your configuration changes take effect: @@ -44,7 +44,7 @@ Restart the `tor` daemon, so your configuration changes take effect: # systemctl restart tor@default ``` -# 6. Final Notes +### 6. Final Notes If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes. diff --git a/content/relay/setup/guard/dragonflybsd/contents.lr b/content/relay/setup/guard/dragonflybsd/contents.lr index d98ec6f..1b0c979 100644 --- a/content/relay/setup/guard/dragonflybsd/contents.lr +++ b/content/relay/setup/guard/dragonflybsd/contents.lr @@ -2,15 +2,15 @@ _model: page --- color: primary --- -title: DragonflyBSD +title: DragonFlyBSD --- body: -# 1. Enable Automatic Software Updates +### 1. Enable Automatic Software Updates One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable automatic software updates for your operating system. -# 2. Bootstrap `pkg` +### 2. Bootstrap `pkg` DragonFlyBSD's daily snapshots and releases (starting with 3.4) come with `pkg` already installed. Upgrades from earlier releases, however, will not have it. If `pkg` is missing on the system for any reason, it can be quickly bootstrapped without having to build it from source or even having **DPorts** installed: @@ -22,7 +22,7 @@ DragonFlyBSD's daily snapshots and releases (starting with 3.4) come with `pkg` # rehash ``` -### 2.1. Recommended Steps to Setup `pkg` +#### 2.1. Recommended Steps to Setup `pkg` Here, it will be similar to what we have on a **FreeBSD** system, and we are going to use HTTPS to fetch our packages, and updates - so here we also need an extra package to help us out (ca_root_nss). @@ -48,7 +48,7 @@ After applying all these changes, we update the packages list again and try to c # pkg upgrade -y -f ``` -# 3. Install `tor` DragonFlyBSD's Package +### 3. Package installation Install the `tor` package: @@ -63,9 +63,9 @@ Install the `tor` package: # pkg install tor-devel ``` -# 4. Configure `/usr/local/etc/tor/torrc` +### 4. Configuration file -This is a very simple version of the `torrc` configuration file in order to run a Middle/Guard relay on the Tor network: +Put the configuration file `/usr/local/etc/tor/torrc` in place ``` Nickname myNiceRelay # Change "myNiceRelay" to something you like @@ -76,7 +76,7 @@ SocksPort 0 Log notice syslog ``` -# 5. Start `tor` +### 5. Start the service Here we set `tor` to start at boot time and use the setuid feature, in order to bind to lower ports like 443 (the daemon itself will still run as a regular non-privileged user). @@ -86,7 +86,7 @@ Here we set `tor` to start at boot time and use the setuid feature, in order to # service tor start ``` -# 6. Final Notes +### 6. Final Notes If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes. @@ -99,4 +99,4 @@ section: Middle/Guard relay --- section_id: relay-operations --- -subtitle: How to deploy a Middle/Guard relay on DragonflyBSD +subtitle: How to deploy a Middle/Guard relay on DragonFlyBSD diff --git a/content/relay/setup/guard/fedora/contents.lr b/content/relay/setup/guard/fedora/contents.lr index a3fb9cd..26a016b 100644 --- a/content/relay/setup/guard/fedora/contents.lr +++ b/content/relay/setup/guard/fedora/contents.lr @@ -6,11 +6,11 @@ title: Fedora --- body: -# 1. Enable Automatic Software Updates +### 1. Enable Automatic Software Updates One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable [automatic software updates](updates) for your operating system. -# 2. Configure Tor Project's Repository +### 2. Configure Tor Project's Repository Configuring the Tor Project's Repository for Fedora consists basically on setting up `/etc/yum.repos.d/Tor.repo` with the following content: @@ -26,17 +26,17 @@ cost=100 More information about it can be found [here](https://support.torproject.org/rpm/). -# 3. Install `tor` +### 3. Package installation -Once you are set with EPEL and the Tor repositories, you are now able to install the package: +Install the `tor` package: ``` # dnf install tor ``` -# 4. Configure `/etc/tor/torrc` +### 4. Configuration file -This is a very simple version of the `torrc` configuration file in order to run a Middle/Guard relay on the Tor network: +Put the configuration file `/etc/tor/torrc` in place: ``` Nickname myNiceRelay # Change "myNiceRelay" to something you like @@ -46,7 +46,7 @@ ExitRelay 0 SocksPort 0 ``` -# 5. Enable and Start `tor` +# 5. Start the service ``` # systemctl enable --now tor diff --git a/content/relay/setup/guard/freebsd/contents.lr b/content/relay/setup/guard/freebsd/contents.lr index 7431c8c..9d05331 100644 --- a/content/relay/setup/guard/freebsd/contents.lr +++ b/content/relay/setup/guard/freebsd/contents.lr @@ -6,11 +6,11 @@ title: FreeBSD --- body: -# 1. Enable Automatic Software Updates +### 1. Enable Automatic Software Updates One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable [automatic software updates](updates) for your operating system. -# 2. Bootstrap `pkg` +### 2. Bootstrap `pkg` This article assumes we have already a base installation of FreeBSD running, and only the base system (here, we are running 12.2-RELEASE). That means we do not have any packages installed, or even the `pkg` packages manager itself (there's no `sudo` available - we are running commands as root). @@ -22,7 +22,7 @@ To bootstrap and install `pkg` we should run the following command: # pkg update -f ``` -### 2.1. Recommended Steps to Setup `pkg` +#### 2.1. Recommended Steps to Setup `pkg` To follow upstream updates in a "faster way" we recommend changing the 'quarterly' branch used by `pkg` to its 'latest' branch. @@ -59,8 +59,9 @@ After applying all these changes, we update the packages list again and try to c # pkg upgrade -y -f ``` -# 3. Install `tor` FreeBSD's Package +### 3. Package installation +Install `tor` FreeBSD's package. Here we can choose to install the latest stable version, like: ``` @@ -74,9 +75,9 @@ Here we can choose to install the latest stable version, like: # pkg install tor-devel ``` -# 4. Configure `/usr/local/etc/tor/torrc` +### 4. Configuration file -This is a very simple version of the `torrc` configuration file in order to run a Middle/Guard relay on the Tor network: +Put the configuration file `/usr/local/etc/tor/torrc` in place: ``` Nickname myNiceRelay # Change "myNiceRelay" to something you like @@ -87,14 +88,14 @@ SocksPort 0 Log notice syslog ``` -# 5. Enable `net.inet.ip.random_id` +### 5. Enable `net.inet.ip.random_id` ``` # echo "net.inet.ip.random_id=1" >> /etc/sysctl.conf # sysctl net.inet.ip.random_id=1 ``` -# 6. Start `tor` +### 6. Start the service Here we set `tor` to start at boot time and use the setuid feature, in order to bind to lower ports like 443 (the daemon itself will still run as a regular non-privileged user). @@ -104,7 +105,7 @@ Here we set `tor` to start at boot time and use the setuid feature, in order to # service tor start ``` -# 7. Final Notes +### 7. Final Notes If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes. diff --git a/content/relay/setup/guard/netbsd/contents.lr b/content/relay/setup/guard/netbsd/contents.lr index 9b8972d..199f6b2 100644 --- a/content/relay/setup/guard/netbsd/contents.lr +++ b/content/relay/setup/guard/netbsd/contents.lr @@ -6,11 +6,11 @@ title: NetBSD --- body: -# 1. Enable Automatic Software Updates +### 1. Enable Automatic Software Updates One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable automatic software updates for your operating system. -# 2. Setup `pkg_add` +### 2. Setup `pkg_add` Modern versions of the NetBSD operating system can be set to use `pkgin`, which is a piece of software aimed to be like `apt` or `yum` for managing pkgsrc binary packages. We are not convering its setup here, and opt to use plain `pkg_add` instead. @@ -18,15 +18,17 @@ Modern versions of the NetBSD operating system can be set to use `pkgin`, which # echo "PKG_PATH=http://cdn.netbsd.org/pub/pkgsrc/packages/NetBSD/$(uname -m)/$(uname -r)/All" > /etc/pkg_install.conf ``` -# 3. Install `tor` NetBSD's Package +### 3. Package installation + +Install `tor` NetBSD's package: ``` # pkg_add tor ``` -# 4. Configure `/usr/pkg/etc/tor/torrc` +### 4. Configuration file -This is a very simple version of the `torrc` configuration file in order to run a Middle/Guard relay on the Tor network: +Put the configuration file `/usr/pkg/etc/tor/torrc` in place: ``` Nickname myNiceRelay # Change "myNiceRelay" to something you like @@ -37,7 +39,7 @@ SocksPort 0 Log notice syslog ``` -# 5. Start `tor` +### 5. Start the service Here we set `tor` to start during boot and call it for the first time: @@ -47,7 +49,7 @@ Here we set `tor` to start during boot and call it for the first time: # /etc/rc.d/tor start ``` -# 6. Final Notes +### 6. Final Notes If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes. diff --git a/content/relay/setup/guard/openbsd/contents.lr b/content/relay/setup/guard/openbsd/contents.lr index 37dacf3..22bd9c5 100644 --- a/content/relay/setup/guard/openbsd/contents.lr +++ b/content/relay/setup/guard/openbsd/contents.lr @@ -6,11 +6,11 @@ title: OpenBSD --- body: -# 1. Enable Automatic Software Updates +### 1. Enable Automatic Software Updates One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable automatic software updates for your operating system. -# 2. Install `tor` OpenBSD's Package +### 2. Package installation Recent OpenBSD systems, since 6.5, already have the repository configured on `/etc/installurl` so we do not need to bother changing it. @@ -26,7 +26,7 @@ Proceed with `pkg_add` to install the package: # pkg_add tor ``` -### 2.1. Recommended Steps to Install `tor` on OpenBSD +#### 2.1. Recommended Steps to Install `tor` on OpenBSD If you want to install a newer version of the `tor` OpenBSD's package, you can use M:Tier's binary packages: @@ -42,9 +42,9 @@ Here is how you proceed with these steps: # ./openup ``` -# 3. Configure `/etc/tor/torrc` +### 3. Configuration file -This is a very simple version of the `torrc` configuration file in order to run a Middle/Guard relay on the Tor network: +Put the configuration file `/etc/tor/torrc` in place: ``` Nickname myNiceRelay # Change "myNiceRelay" to something you like @@ -58,9 +58,10 @@ User _tor RunAsDaemon 1 ``` -# 4. Change `openfiles-max` and `maxfiles` +### 4. Change `openfiles-max` and `maxfiles` -By default, OpenBSD maintains a rather low limit on the maximum number of open files for a process. For a daemon such as Tor's, that opens a connection to each and every other relay (currently around 7000 relays), these limits should be raised. +By default, OpenBSD maintains a rather low limit on the maximum number of open files for a process. +For a daemon such as Tor's, that opens a connection to each and every other relay (currently around 7000 relays), these limits should be raised. Append the following section to `/etc/login.conf`: @@ -79,7 +80,7 @@ Increase it from the default of 7030 to 16000: # sysctl kern.maxfiles=16000 ``` -# 5. Start `tor` +### 5. Start the service Here we set `tor` to start during boot and call it for the first time: @@ -88,7 +89,7 @@ Here we set `tor` to start during boot and call it for the first time: # rcctl start tor ``` -# 6. Final Notes +### 6. Final Notes If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes.

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-commits October 2021