[tor-announce] Tor is released!

Nick Mathewson nickm at torproject.org
Sat Oct 25 17:17:12 UTC 2014

Hash: SHA1

Hello, all.  This is a release announcement for Tor, which I
released as source yesterday.  You can download the source from the usual
places on our website.  Some operating system packages should already be
available; others will likely be released over the next week.

(Usually, I'd wait for more packages to be available before announcing a
stable release, but people have been asking me questions about whether this
is official or not.  So there you have it!)

Changes in version - 2014-10-24
  Tor is the first stable release in the 0.2.5 series.

  It adds several new security features, including improved
  denial-of-service resistance for relays, new compiler hardening
  options, and a system-call sandbox for hardened installations on Linux
  (requires seccomp2). The controller protocol has several new features,
  resolving IPv6 addresses should work better than before, and relays
  should be a little more CPU-efficient. We've added support for more
  OpenBSD and FreeBSD transparent proxy types. We've improved the build
  system and testing infrastructure to allow unit testing of more parts
  of the Tor codebase. Finally, we've addressed several nagging pluggable
  transport usability issues, and included numerous other small bugfixes
  and features mentioned below.

  This release marks end-of-life for Tor 0.2.3.x; those Tor versions
  have accumulated many known flaws; everyone should upgrade.

  o Major features (security):
    - The ntor handshake is now on-by-default, no matter what the
      directory authorities recommend. Implements ticket 8561.
    - Make the "tor-gencert" tool used by directory authority operators
      create 2048-bit signing keys by default (rather than 1024-bit, since
      1024-bit is uncomfortably small these days). Addresses ticket 10324.
    - Warn about attempts to run hidden services and relays in the same
      process: that's probably not a good idea. Closes ticket 12908.
    - Disable support for SSLv3. All versions of OpenSSL in use with Tor
      today support TLS 1.0 or later, so we can safely turn off support
      for this old (and insecure) protocol. Fixes bug 13426.

  o Major features (relay security, DoS-resistance):
    - When deciding whether we have run out of memory and we need to
      close circuits, also consider memory allocated in buffers for
      streams attached to each circuit.

      This change, which extends an anti-DoS feature introduced in and improved in, lets Tor exit relays
      better resist more memory-based DoS attacks than before. Since the
      MaxMemInCellQueues option now applies to all queues, it is renamed
      to MaxMemInQueues. This feature fixes bug 10169.
    - Avoid hash-flooding denial-of-service attacks by using the secure
      SipHash-2-4 hash function for our hashtables. Without this
      feature, an attacker could degrade performance of a targeted
      client or server by flooding their data structures with a large
      number of entries to be stored at the same hash table position,
      thereby slowing down the Tor instance. With this feature, hash
      table positions are derived from a randomized cryptographic key,
      and an attacker cannot predict which entries will collide. Closes
      ticket 4900.
    - If you don't specify MaxMemInQueues yourself, Tor now tries to
      pick a good value based on your total system memory. Previously,
      the default was always 8 GB. You can still override the default by
      setting MaxMemInQueues yourself. Resolves ticket 11396.

  o Major features (bridges and pluggable transports):
    - Add support for passing arguments to managed pluggable transport
      proxies. Implements ticket 3594.
    - Bridges now track GeoIP information and the number of their users
      even when pluggable transports are in use, and report usage
      statistics in their extra-info descriptors. Resolves tickets 4773
      and 5040.
    - Don't launch pluggable transport proxies if we don't have any
      bridges configured that would use them. Now we can list many
      pluggable transports, and Tor will dynamically start one when it
      hears a bridge address that needs it. Resolves ticket 5018.
    - The bridge directory authority now assigns status flags (Stable,
      Guard, etc) to bridges based on thresholds calculated over all
      Running bridges. Now bridgedb can finally make use of its features
      to e.g. include at least one Stable bridge in its answers. Fixes
      bug 9859.

  o Major features (controller):
    - Extend ORCONN controller event to include an "ID" parameter,
      and add four new controller event types CONN_BW, CIRC_BW,
      CELL_STATS, and TB_EMPTY that show connection and circuit usage.
      The new events are emitted in private Tor networks only, with the
      goal of being able to better track performance and load during
      full-network simulations. Implements proposal 218 and ticket 7359.

  o Major features (relay performance):
    - Speed up server-side lookups of rendezvous and introduction point
      circuits by using hashtables instead of linear searches. These
      functions previously accounted between 3 and 7% of CPU usage on
      some busy relays. Resolves ticket 9841.
    - Avoid wasting CPU when extending a circuit over a channel that is
      nearly out of circuit IDs. Previously, we would do a linear scan
      over possible circuit IDs before finding one or deciding that we
      had exhausted our possibilities. Now, we try at most 64 random
      circuit IDs before deciding that we probably won't succeed. Fixes
      a possible root cause of ticket 11553.

  o Major features (seccomp2 sandbox, Linux only):
    - Use the seccomp2 syscall filtering facility on Linux to limit
      which system calls Tor can invoke. This is an experimental,
      Linux-only feature to provide defense-in-depth against unknown
      attacks. To try turning it on, set "Sandbox 1" in your torrc
      file. Please be ready to report bugs. We hope to add support
      for better sandboxing in the future, including more fine-grained
      filters, better division of responsibility, and support for more
      platforms. This work has been done by Cristian-Matei Toader for
      Google Summer of Code. Resolves tickets 11351 and 11465.

  o Major features (testing networks):
    - Make testing Tor networks bootstrap better: lower directory fetch
      retry schedules and maximum interval without directory requests,
      and raise maximum download tries. Implements ticket 6752.
    - Add make target 'test-network' to run tests on a Chutney network.
      Implements ticket 8530.

  o Major features (other):
    - On some platforms (currently: recent OSX versions, glibc-based
      platforms that support the ELF format, and a few other
      Unix-like operating systems), Tor can now dump stack traces
      when a crash occurs or an assertion fails. By default, traces
      are dumped to stderr (if possible) and to any logs that are
      reporting errors. Implements ticket 9299.

  o Deprecated versions:
    - Tor 0.2.3.x has reached end-of-life; it has received no patches or
      attention for some while.

  o Major bugfixes (security, directory authorities):
    - Directory authorities now include a digest of each relay's
      identity key as a part of its microdescriptor.

      This is a workaround for bug 11743 (reported by "cypherpunks"),
      where Tor clients do not support receiving multiple
      microdescriptors with the same SHA256 digest in the same
      consensus. When clients receive a consensus like this, they only
      use one of the relays. Without this fix, a hostile relay could
      selectively disable some client use of target relays by
      constructing a router descriptor with a different identity and the
      same microdescriptor parameters and getting the authorities to
      list it in a microdescriptor consensus. This fix prevents an
      attacker from causing a microdescriptor collision, because the
      router's identity is not forgeable.

  o Major bugfixes (openssl bug workaround):
    - Avoid crashing when using OpenSSL version 0.9.8zc, 1.0.0o, or
      1.0.1j, built with the 'no-ssl3' configuration option. Fixes
      bug 13471. This is a workaround for an OpenSSL bug.

  o Major bugfixes (client):
    - Perform circuit cleanup operations even when circuit
      construction operations are disabled (because the network is
      disabled, or because there isn't enough directory information).
      Previously, when we were not building predictive circuits, we
      were not closing expired circuits either. Fixes bug 8387; bugfix on This bug became visible in when we
      became more strict about when we have "enough directory information
      to build circuits".

  o Major bugfixes (client, pluggable transports):
    - When managing pluggable transports, use OS notification facilities
      to learn if they have crashed, and don't attempt to kill any
      process that has already exited. Fixes bug 8746; bugfix

  o Major bugfixes (relay denial of service):
    - Instead of writing destroy cells directly to outgoing connection
      buffers, queue them and intersperse them with other outgoing cells.
      This can prevent a set of resource starvation conditions where too
      many pending destroy cells prevent data cells from actually getting
      delivered. Reported by "oftc_must_be_destroyed". Fixes bug 7912;
      bugfix on

  o Major bugfixes (relay):
    - Avoid queuing or sending destroy cells for circuit ID zero when we
      fail to send a CREATE cell. Fixes bug 12848; bugfix on 0.0.8pre1.
      Found and fixed by "cypherpunks".
    - Fix ORPort reachability detection on relays running behind a
      proxy, by correctly updating the "local" mark on the controlling
      channel when changing the address of an or_connection_t after the
      handshake. Fixes bug 12160; bugfix on
    - Use a direct dirport connection when uploading non-anonymous
      descriptors to the directory authorities. Previously, relays would
      incorrectly use tunnel connections under a fairly wide variety of
      circumstances. Fixes bug 11469; bugfix on
    - When a circuit accidentally has the same circuit ID for its
      forward and reverse direction, correctly detect the direction of
      cells using that circuit. Previously, this bug made roughly one
      circuit in a million non-functional. Fixes bug 12195; this is a
      bugfix on every version of Tor.

  o Minor features (security):
    - New --enable-expensive-hardening option to enable security
      hardening options that consume nontrivial amounts of CPU and
      memory. Right now, this includes AddressSanitizer and UbSan, which
      are supported in newer versions of GCC and Clang. Closes ticket
    - Authorities now assign the Guard flag to the fastest 25% of the
      network (it used to be the fastest 50%). Also raise the consensus
      weight that guarantees the Guard flag from 250 to 2000. For the
      current network, this results in about 1100 guards, down from 2500.
      This step paves the way for moving the number of entry guards
      down to 1 (proposal 236) while still providing reasonable expected
      performance for most users. Implements ticket 12690.

  o Minor features (security, memory management):
    - Memory allocation tricks (mempools and buffer freelists) are now
      disabled by default. You can turn them back on with
      --enable-mempools and --enable-buf-freelists respectively. We're
      disabling these features because malloc performance is good enough
      on most platforms, and a similar feature in OpenSSL exacerbated
      exploitation of the Heartbleed attack. Resolves ticket 11476.

  o Minor features (bridge client):
    - Report a more useful failure message when we can't connect to a
      bridge because we don't have the right pluggable transport
      configured. Resolves ticket 9665. Patch from Fábio J. Bertinatto.

  o Minor features (bridge):
    - Add an ExtORPortCookieAuthFileGroupReadable option to make the
      cookie file for the ExtORPort g+r by default.

  o Minor features (bridges, pluggable transports):
    - Bridges now write the SHA1 digest of their identity key
      fingerprint (that is, a hash of a hash of their public key) to
      notice-level logs, and to a new hashed-fingerprint file. This
      information will help bridge operators look up their bridge in
      Globe and similar tools. Resolves ticket 10884.
    - Improve the message that Tor displays when running as a bridge
      using pluggable transports without an Extended ORPort listener.
      Also, log the message in the log file too. Resolves ticket 11043.
    - Add threshold cutoffs to the networkstatus document created by
      the Bridge Authority. Fixes bug 1117.
    - On Windows, spawn background processes using the CREATE_NO_WINDOW
      flag. Now Tor Browser Bundle 3.5 with pluggable transports enabled
      doesn't pop up a blank console window. (In Tor Browser Bundle 2.x,
      Vidalia set this option for us.) Implements ticket 10297.

  o Minor features (build):
    - The configure script has a --disable-seccomp option to turn off
      support for libseccomp on systems that have it, in case it (or
      Tor's use of it) is broken. Resolves ticket 11628.
    - Assume that a user using ./configure --host wants to cross-compile,
      and give an error if we cannot find a properly named
      tool-chain. Add a --disable-tool-name-check option to proceed
      nevertheless. Addresses ticket 9869. Patch by Benedikt Gollatz.
    - If we run ./configure and the compiler recognizes -fstack-protector
      but the linker rejects it, warn the user about a potentially missing
      libssp package. Addresses ticket 9948. Patch from Benedikt Gollatz.
    - Add support for `--library-versions` flag. Implements ticket 6384.
    - Return the "unexpected sendme" warnings to a warn severity, but make
      them rate limited, to help diagnose ticket 8093.
    - Detect a missing asciidoc, and warn the user about it, during
      configure rather than at build time. Fixes issue 6506. Patch from
      Arlo Breault.

  o Minor features (client):
    - Add a new option, PredictedPortsRelevanceTime, to control how long
      after having received a request to connect to a given port Tor
      will try to keep circuits ready in anticipation of future requests
      for that port. Patch from "unixninja92"; implements ticket 9176.

  o Minor features (config options and command line):
    - Add an --allow-missing-torrc commandline option that tells Tor to
      run even if the configuration file specified by -f is not available.
      Implements ticket 10060.
    - Add support for the TPROXY transparent proxying facility on Linux.
      See documentation for the new TransProxyType option for more
      details. Implementation by "thomo". Closes ticket 10582.

  o Minor features (config options):
    - Config (torrc) lines now handle fingerprints which are missing
      their initial '$'. Resolves ticket 4341; improvement over 0.0.9pre5.
    - Support a --dump-config option to print some or all of the
      configured options. Mainly useful for debugging the command-line
      option parsing code. Helps resolve ticket 4647.
    - Raise awareness of safer logging: notify user of potentially
      unsafe config options, like logging more verbosely than severity
      "notice" or setting SafeLogging to 0. Resolves ticket 5584.
    - Add a new configuration option TestingV3AuthVotingStartOffset
      that bootstraps a network faster by changing the timing for
      consensus votes. Addresses ticket 8532.
    - Add a new torrc option "ServerTransportOptions" that allows
      bridge operators to pass configuration parameters to their
      pluggable transports. Resolves ticket 8929.
    - The config (torrc) file now accepts bandwidth and space limits in
      bits as well as bytes. (Anywhere that you can say "2 Kilobytes",
      you can now say "16 kilobits", and so on.) Resolves ticket 9214.
      Patch by CharlieB.

  o Minor features (controller):
    - Make the entire exit policy available from the control port via
      GETINFO exit-policy/*. Implements enhancement 7952. Patch from
    - Because of the fix for ticket 11396, the real limit for memory
      usage may no longer match the configured MaxMemInQueues value. The
      real limit is now exposed via GETINFO limits/max-mem-in-queues.
    - Add a new "HS_DESC" controller event that reports activities
      related to hidden service descriptors. Resolves ticket 8510.
    - New "DROPGUARDS" controller command to forget all current entry
      guards. Not recommended for ordinary use, since replacing guards
      too frequently makes several attacks easier. Resolves ticket 9934;
      patch from "ra".
    - Implement the TRANSPORT_LAUNCHED control port event that
      notifies controllers about new launched pluggable
      transports. Resolves ticket 5609.

  o Minor features (diagnostic):
    - When logging a warning because of bug 7164, additionally check the
      hash table for consistency (as proposed on ticket 11737). This may
      help diagnose bug 7164.
    - When we log a heartbeat, log how many one-hop circuits we have
      that are at least 30 minutes old, and log status information about
      a few of them. This is an attempt to track down bug 8387.
    - When encountering an unexpected CR while writing text to a file on
      Windows, log the name of the file. Should help diagnosing
      bug 11233.
    - Give more specific warnings when a client notices that an onion
      handshake has failed. Fixes ticket 9635.
    - Add significant new logging code to attempt to diagnose bug 12184,
      where relays seem to run out of available circuit IDs.
    - Improve the diagnostic log message for bug 8387 even further to
      try to improve our odds of figuring out why one-hop directory
      circuits sometimes do not get closed.
    - Add more log messages to diagnose bug 7164, which causes
      intermittent "microdesc_free() called but md was still referenced"
      warnings. We now include more information, to figure out why we
      might be cleaning a microdescriptor for being too old if it's
      still referenced by a live node_t object.
    - Log current accounting state (bytes sent and received + remaining
      time for the current accounting period) in the relay's heartbeat
      message. Implements ticket 5526; patch from Peter Retzlaff.

  o Minor features (geoip):
    - Update geoip and geoip6 to the August 7 2014 Maxmind GeoLite2
      Country database.

  o Minor features (interface):
    - Generate a warning if any ports are listed in the SocksPolicy,
      DirPolicy, AuthDirReject, AuthDirInvalid, AuthDirBadDir, or
      AuthDirBadExit options. (These options only support address
      ranges.) Fixes part of ticket 11108.

  o Minor features (kernel API usage):
    - Use the SOCK_NONBLOCK socket type, if supported, to open nonblocking
      sockets in a single system call. Implements ticket 5129.

  o Minor features (log messages):
    - When ServerTransportPlugin is set on a bridge, Tor can write more
      useful statistics about bridge use in its extrainfo descriptors,
      but only if the Extended ORPort ("ExtORPort") is set too. Add a
      log message to inform the user in this case. Resolves ticket 9651.
    - When receiving a new controller connection, log the origin address.
      Resolves ticket 9698; patch from "sigpipe".
    - When logging OpenSSL engine status at startup, log the status of
      more engines. Fixes ticket 10043; patch from Joshua Datko.

  o Minor features (log verbosity):
    - Demote the message that we give when a flushing connection times
      out for too long from NOTICE to INFO. It was usually meaningless.
      Resolves ticket 5286.
    - Don't log so many notice-level bootstrapping messages at startup
      about downloading descriptors. Previously, we'd log a notice
      whenever we learned about more routers. Now, we only log a notice
      at every 5% of progress. Fixes bug 9963.
    - Warn less verbosely when receiving a malformed
      ESTABLISH_RENDEZVOUS cell. Fixes ticket 11279.

  o Minor features (performance):
    - If we're using the pure-C 32-bit curve25519_donna implementation
      of curve25519, build it with the -fomit-frame-pointer option to
      make it go faster on register-starved hosts. This improves our
      handshake performance by about 6% on i386 hosts without nacl.
      Closes ticket 8109.

  o Minor features (relay):
    - If a circuit timed out for at least 3 minutes, check if we have a
      new external IP address, and publish a new descriptor with the new
      IP address if it changed. Resolves ticket 2454.

  o Minor features (testing):
    - If Python is installed, "make check" now runs extra tests beyond
      the unit test scripts.
    - When bootstrapping a test network, sometimes very few relays get
      the Guard flag. Now a new option "TestingDirAuthVoteGuard" can
      specify a set of relays which should be voted Guard regardless of
      their uptime or bandwidth. Addresses ticket 9206.

  o Minor features (transparent proxy, *BSD):
    - Support FreeBSD's ipfw firewall interface for TransPort ports on
      FreeBSD. To enable it, set "TransProxyType ipfw". Resolves ticket
      10267; patch from "yurivict".
    - Support OpenBSD's divert-to rules with the pf firewall for
      transparent proxy ports. To enable it, set "TransProxyType
      pf-divert". This allows Tor to run a TransPort transparent proxy
      port on OpenBSD 4.4 or later without root privileges. See the
      pf.conf(5) manual page for information on configuring pf to use
      divert-to rules. Closes ticket 10896; patch from Dana Koch.

  o Minor bugfixes (bridge client):
    - Stop accepting bridge lines containing hostnames. Doing so would
      cause clients to perform DNS requests on the hostnames, which was
      not sensible behavior. Fixes bug 10801; bugfix on

  o Minor bugfixes (bridges):
    - Avoid potential crashes or bad behavior when launching a
      server-side managed proxy with ORPort or ExtORPort temporarily
      disabled. Fixes bug 9650; bugfix on
    - Fix a bug where the first connection works to a bridge that uses a
      pluggable transport with client-side parameters, but we don't send
      the client-side parameters on subsequent connections. (We don't
      use any pluggable transports with client-side parameters yet,
      but ScrambleSuit will soon become the first one.) Fixes bug 9162;
      bugfix on Based on a patch from "rl1987".

  o Minor bugfixes (build, auxiliary programs):
    - Stop preprocessing the "torify" script with autoconf, since
      it no longer refers to LOCALSTATEDIR. Fixes bug 5505; patch
      from Guilhem.
    - The tor-fw-helper program now follows the standard convention and
      exits with status code "0" on success. Fixes bug 9030; bugfix on Patch by Arlo Breault.
    - Corrected ./configure advice for what openssl dev package you should
      install on Debian. Fixes bug 9207; bugfix on

  o Minor bugfixes (client):
    - Avoid "Tried to open a socket with DisableNetwork set" warnings
      when starting a client with bridges configured and DisableNetwork
      set. (Tor launcher starts Tor with DisableNetwork set the first
      time it runs.) Fixes bug 10405; bugfix on
    - Improve the log message when we can't connect to a hidden service
      because all of the hidden service directory nodes hosting its
      descriptor are excluded. Improves on our fix for bug 10722, which
      was a bugfix on
    - Raise a control port warning when we fail to connect to all of
      our bridges. Previously, we didn't inform the controller, and
      the bootstrap process would stall. Fixes bug 11069; bugfix on
    - Exit immediately when a process-owning controller exits.
      Previously, tor relays would wait for a little while after their
      controller exited, as if they had gotten an INT signal -- but this
      was problematic, since there was no feedback for the user. To do a
      clean shutdown, controllers should send an INT signal and give Tor
      a chance to clean up. Fixes bug 10449; bugfix on
    - Stop attempting to connect to bridges before our pluggable
      transports are configured (harmless but resulted in some erroneous
      log messages). Fixes bug 11156; bugfix on
    - Fix connections to IPv6 addresses over SOCKS5. Previously, we were
      generating incorrect SOCKS5 responses, and confusing client
      applications. Fixes bug 10987; bugfix on

  o Minor bugfixes (client, DNSPort):
    - When using DNSPort, try to respond to AAAA requests with AAAA
      answers. Previously, we hadn't looked at the request type when
      deciding which answer type to prefer. Fixes bug 10468; bugfix on
    - When receiving a DNS query for an unsupported record type, reply
      with no answer rather than with a NOTIMPL error. This behavior
      isn't correct either, but it will break fewer client programs, we
      hope. Fixes bug 10268; bugfix on Original patch
      from "epoch".

  o Minor bugfixes (client, logging during bootstrap):
    - Only report the first fatal bootstrap error on a given OR
      connection. This stops us from telling the controller bogus error
      messages like "DONE". Fixes bug 10431; bugfix on
    - Avoid generating spurious warnings when starting with
      DisableNetwork enabled. Fixes bug 11200 and bug 10405; bugfix on

  o Minor bugfixes (closing OR connections):
    - If write_to_buf() in connection_write_to_buf_impl_() ever fails,
      check if it's an or_connection_t and correctly call
      connection_or_close_for_error() rather than
      connection_mark_for_close() directly. Fixes bug 11304; bugfix on
    - When closing all connections on setting DisableNetwork to 1, use
      connection_or_close_normally() rather than closing OR connections
      out from under the channel layer. Fixes bug 11306; bugfix on

  o Minor bugfixes (code correctness):
    - Previously we used two temporary files when writing descriptors to
      disk; now we only use one. Fixes bug 1376.
    - Remove an erroneous (but impossible and thus harmless) pointer
      comparison that would have allowed compilers to skip a bounds
      check in channeltls.c. Fixes bugs 10313 and 9980; bugfix on Noticed by Jared L Wong and David Fifield.
    - Fix an always-true assertion in pluggable transports code so it
      actually checks what it was trying to check. Fixes bug 10046;
      bugfix on Found by "dcb".

  o Minor bugfixes (command line):
    - Use a single command-line parser for parsing torrc options on the
      command line and for finding special command-line options to avoid
      inconsistent behavior for torrc option arguments that have the same
      names as command-line options. Fixes bugs 4647 and 9578; bugfix on
    - No longer allow 'tor --hash-password' with no arguments. Fixes bug
      9573; bugfix on 0.0.9pre5.

  o Minor bugfixes (compilation):
    - Compile correctly with builds and forks of OpenSSL (such as
      LibreSSL) that disable compression. Fixes bug 12602; bugfix on Patch from "dhill".
    - Restore the ability to compile Tor with V2_HANDSHAKE_SERVER
      turned off (that is, without support for v2 link handshakes). Fixes
      bug 4677; bugfix on Patch from "piet".
    - In routerlist_assert_ok(), don't take the address of a
      routerinfo's cache_info member unless that routerinfo is non-NULL.
      Fixes bug 13096; bugfix on Patch by "teor".
    - Fix a large number of false positive warnings from the clang
      analyzer static analysis tool. This should make real warnings
      easier for clang analyzer to find. Patch from "teor". Closes
      ticket 13036.
    - Resolve GCC complaints on OpenBSD about discarding constness in
      TO_{ORIGIN,OR}_CIRCUIT functions. Fixes part of bug 11633; bugfix
      on Patch from Dana Koch.
    - Resolve clang complaints on OpenBSD with -Wshorten-64-to-32 due to
      treatment of long and time_t as comparable types. Fixes part of
      bug 11633. Patch from Dana Koch.
    - When deciding whether to build the 64-bit curve25519
      implementation, detect platforms where we can compile 128-bit
      arithmetic but cannot link it. Fixes bug 11729; bugfix on Patch from "conradev".
    - Fix compilation when DNS_CACHE_DEBUG is enabled. Fixes bug 11761;
      bugfix on Found by "cypherpunks".
    - Fix compilation with dmalloc. Fixes bug 11605; bugfix
    - Build and run correctly on systems like OpenBSD-current that have
      patched OpenSSL to remove get_cipher_by_char and/or its
      implementations. Fixes issue 13325.

  o Minor bugfixes (controller and command-line):
    - If changing a config option via "setconf" fails in a recoverable
      way, we used to nonetheless write our new control ports to the
      file described by the "ControlPortWriteToFile" option. Now we only
      write out that file if we successfully switch to the new config
      option. Fixes bug 5605; bugfix on Patch from "Ryman".

  o Minor bugfixes (directory server):
    - No longer accept malformed http headers when parsing urls from
      headers. Now we reply with Bad Request ("400"). Fixes bug 2767;
      bugfix on 0.0.6pre1.
    - When sending a compressed set of descriptors or microdescriptors,
      make sure to finalize the zlib stream. Previously, we would write
      all the compressed data, but if the last descriptor we wanted to
      send was missing or too old, we would not mark the stream as
      finished. This caused problems for decompression tools. Fixes bug
      11648; bugfix on

  o Minor bugfixes (hidden service):
    - Only retry attempts to connect to a chosen rendezvous point 8
      times, not 30. Fixes bug 4241; bugfix on

  o Minor bugfixes (interface):
    - Reject relative control socket paths and emit a warning. Previously,
      single-component control socket paths would be rejected, but Tor
      would not log why it could not validate the config. Fixes bug 9258;
      bugfix on

  o Minor bugfixes (log messages):
    - Fix a bug where clients using bridges would report themselves
      as 50% bootstrapped even without a live consensus document.
      Fixes bug 9922; bugfix on
    - Suppress a warning where, if there's only one directory authority
      in the network, we would complain that votes and signatures cannot
      be uploaded to other directory authorities. Fixes bug 10842;
      bugfix on
    - Report bootstrapping progress correctly when we're downloading
      microdescriptors. We had updated our "do we have enough microdescs
      to begin building circuits?" logic most recently in
      (see bug 5956), but we left the bootstrap status event logic at
      "how far through getting 1/4 of them are we?" Fixes bug 9958;
      bugfix on, which is where they diverged (see bug 5343).

  o Minor bugfixes (logging):
    - Downgrade "Unexpected onionskin length after decryption" warning
      to a protocol-warn, since there's nothing relay operators can do
      about a client that sends them a malformed create cell. Resolves
      bug 12996; bugfix on 0.0.6rc1.
    - Log more specific warnings when we get an ESTABLISH_RENDEZVOUS
      cell on a cannibalized or non-OR circuit. Resolves ticket 12997.
    - When logging information about an EXTEND2 or EXTENDED2 cell, log
      their names correctly. Fixes part of bug 12700; bugfix
    - When logging information about a relay cell whose command we don't
      recognize, log its command as an integer. Fixes part of bug 12700;
      bugfix on
    - Escape all strings from the directory connection before logging
      them. Fixes bug 13071; bugfix on Patch from "teor".
    - Squelch a spurious LD_BUG message "No origin circuit for
      successful SOCKS stream" in certain hidden service failure cases;
      fixes bug 10616.
    - Downgrade the severity of the 'unexpected sendme cell from client'
      from 'warn' to 'protocol warning'. Closes ticket 8093.

  o Minor bugfixes (misc code correctness):
    - In munge_extrainfo_into_routerinfo(), check the return value of
      memchr(). This would have been a serious issue if we ever passed
      it a non-extrainfo. Fixes bug 8791; bugfix on Patch
      from Arlo Breault.
    - On the chance that somebody manages to build Tor on a
      platform where time_t is unsigned, correct the way that
      microdesc_add_to_cache() handles negative time arguments.
      Fixes bug 8042; bugfix on
    - Fix various instances of undefined behavior in channeltls.c,
      tor_memmem(), and eventdns.c that would cause us to construct
      pointers to memory outside an allocated object. (These invalid
      pointers were not accessed, but C does not even allow them to
      exist.) Fixes bug 10363; bugfixes on,,, and Reported by "bobnomnom".
    - Use the AddressSanitizer and Ubsan sanitizers (in clang-3.4) to
      fix some miscellaneous errors in our tests and codebase. Fixes bug
      11232. Bugfixes on versions back as far as
    - Always check return values for unlink, munmap, UnmapViewOfFile;
      check strftime return values more often. In some cases all we can
      do is report a warning, but this may help prevent deeper bugs from
      going unnoticed. Closes ticket 8787; bugfixes on many, many tor
    - Fix numerous warnings from the clang "scan-build" static analyzer.
      Some of these are programming style issues; some of them are false
      positives that indicated awkward code; some are undefined behavior
      cases related to constructing (but not using) invalid pointers;
      some are assumptions about API behavior; some are (harmlessly)
      logging sizeof(ptr) bytes from a token when sizeof(*ptr) would be
      correct; and one or two are genuine bugs that weren't reachable
      from the rest of the program. Fixes bug 8793; bugfixes on many,
      many tor versions.

  o Minor bugfixes (node selection):
    - If ExcludeNodes is set, consider non-excluded hidden service
      directory servers before excluded ones. Do not consider excluded
      hidden service directory servers at all if StrictNodes is
      set. (Previously, we would sometimes decide to connect to those
      servers, and then realize before we initiated a connection that
      we had excluded them.) Fixes bug 10722; bugfix on
      Reported by "mr-4".
    - If we set the ExitNodes option but it doesn't include any nodes
      that have the Exit flag, we would choose not to bootstrap. Now we
      bootstrap so long as ExitNodes includes nodes which can exit to
      some port. Fixes bug 10543; bugfix on

  o Minor bugfixes (performance):
    - Avoid a bug where every successful connection made us recompute
      the flag telling us whether we have sufficient information to
      build circuits. Previously, we would forget our cached value
      whenever we successfully opened a channel (or marked a router as
      running or not running for any other reason), regardless of
      whether we had previously believed the router to be running. This
      forced us to run an expensive update operation far too often.
      Fixes bug 12170; bugfix on
    - Avoid using tor_memeq() for checking relay cell integrity. This
      removes a possible performance bottleneck. Fixes part of bug
      12169; bugfix on

  o Minor bugfixes (platform-specific):
    - When dumping a malformed directory object to disk, save it in
      binary mode on Windows, not text mode. Fixes bug 11342; bugfix on
    - Don't report failures from make_socket_reuseable() on incoming
      sockets on OSX: this can happen when incoming connections close
      early. Fixes bug 10081.

  o Minor bugfixes (pluggable transports):
    - Avoid another 60-second delay when starting Tor in a pluggable-
      transport-using configuration when we already have cached
      descriptors for our bridges. Fixes bug 11965; bugfix

  o Minor bugfixes (protocol correctness):
    - When receiving a VERSIONS cell with an odd number of bytes, close
      the connection immediately since the cell is malformed. Fixes bug
      10365; bugfix on Spotted by "bobnomnom"; fix by

  o Minor bugfixes (relay, other):
    - We now drop CREATE cells for already-existent circuit IDs and for
      zero-valued circuit IDs, regardless of other factors that might
      otherwise have called for DESTROY cells. Fixes bug 12191; bugfix
      on 0.0.8pre1.
    - When rejecting DATA cells for stream_id zero, still count them
      against the circuit's deliver window so that we don't fail to send
      a SENDME. Fixes bug 11246; bugfix on

  o Minor bugfixes (relay, threading):
    - Check return code on spawn_func() in cpuworker code, so that we
      don't think we've spawned a nonworking cpuworker and write junk to
      it forever. Fix related to bug 4345; bugfix on all released Tor
      versions. Found by "skruffy".
    - Use a pthread_attr to make sure that spawn_func() cannot return an
      error while at the same time launching a thread. Fix related to
      bug 4345; bugfix on all released Tor versions. Reported
      by "cypherpunks".

  o Minor bugfixes (relays and bridges):
    - Avoid crashing on a malformed resolv.conf file when running a
      relay using Libevent 1. Fixes bug 8788; bugfix on
    - Non-exit relays no longer launch mock DNS requests to check for
      DNS hijacking. This has been unnecessary since, when
      non-exit relays stopped servicing DNS requests. Fixes bug 965;
      bugfix on Patch from Matt Pagan.
    - Bridges now report complete directory request statistics. Related
      to bug 5824; bugfix on
    - Bridges now never collect statistics that were designed for
      relays. Fixes bug 5824; bugfix on

  o Minor bugfixes (testing):
    - Fix all valgrind warnings produced by the unit tests. There were
      over a thousand memory leak warnings previously, mostly produced
      by forgetting to free things in the unit test code. Fixes bug
      11618, bugfixes on many versions of Tor.

  o Minor bugfixes (tor-fw-helper):
    - Give a correct log message when tor-fw-helper fails to launch.
      (Previously, we would say something like "tor-fw-helper sent us a
      string we could not parse".) Fixes bug 9781; bugfix

  o Minor bugfixes (trivial memory leaks):
    - Fix a small memory leak when signing a directory object. Fixes bug
      11275; bugfix on
    - Resolve some memory leaks found by coverity in the unit tests, on
      exit in tor-gencert, and on a failure to compute digests for our
      own keys when generating a v3 networkstatus vote. These leaks
      should never have affected anyone in practice.

  o Code simplification and refactoring:
    - Remove some old fallback code designed to keep Tor clients working
      in a network with only two working relays. Elsewhere in the code we
      have long since stopped supporting such networks, so there wasn't
      much point in keeping it around. Addresses ticket 9926.
    - Reject 0-length EXTEND2 cells more explicitly. Fixes bug 10536;
      bugfix on Reported by "cypherpunks".
    - Extract the common duplicated code for creating a subdirectory
      of the data directory and writing to a file in it. Fixes ticket
      4282; patch from Peter Retzlaff.
    - Since OpenSSL 0.9.7, the i2d_*() functions support allocating output
      buffer. Avoid calling twice: i2d_RSAPublicKey(), i2d_DHparams(),
      i2d_X509(), and i2d_PublicKey(). Resolves ticket 5170.
    - Add a set of accessor functions for the circuit timeout data
      structure. Fixes ticket 6153; patch from "piet".
    - Clean up exit paths from connection_listener_new(). Closes ticket
      8789. Patch from Arlo Breault.
    - Since we rely on OpenSSL 0.9.8 now, we can use EVP_PKEY_cmp()
      and drop our own custom pkey_eq() implementation. Fixes bug 9043.
    - Use a doubly-linked list to implement the global circuit list.
      Resolves ticket 9108. Patch from Marek Majkowski.
    - Remove contrib/id_to_fp.c since it wasn't used anywhere.
    - Remove constants and tests for PKCS1 padding; it's insecure and
      shouldn't be used for anything new. Fixes bug 8792; patch
      from Arlo Breault.
    - Remove instances of strcpy() from the unit tests. They weren't
      hurting anything, since they were only in the unit tests, but it's
      embarassing to have strcpy() in the code at all, and some analysis
      tools don't like it. Fixes bug 8790; bugfix on and Patch from Arlo Breault.
    - Remove is_internal_IP() function. Resolves ticket 4645.
    - Remove unused function circuit_dump_by_chan from circuitlist.c.
      Closes issue 9107; patch from "marek".
    - Change our use of the ENUM_BF macro to avoid declarations that
      confuse Doxygen.
    - Get rid of router->address, since in all cases it was just the
      string representation of router->addr. Resolves ticket 5528.

  o Documentation:
    - Adjust the URLs in the README to refer to the new locations of
      several documents on the website. Fixes bug 12830. Patch from
      Matt Pagan.
    - Document 'reject6' and 'accept6' ExitPolicy entries. Resolves
      ticket 12878.
    - Update manpage to describe some of the files you can expect to
      find in Tor's DataDirectory. Addresses ticket 9839.
    - Clean up several option names in the manpage to match their real
      names, add the missing documentation for a couple of testing and
      directory authority options, remove the documentation for a
      V2-directory fetching option that no longer exists. Resolves
      ticket 11634.
    - Correct the documenation so that it lists the correct directory
      for the stats files. (They are in a subdirectory called "stats",
      not "status".)
    - In the manpage, move more authority-only options into the
      directory authority section so that operators of regular directory
      caches don't get confused.
    - Fix the layout of the SOCKSPort flags in the manpage. Fixes bug
      11061; bugfix on
    - Resolve warnings from Doxygen.
    - Document in the manpage that "KBytes" may also be written as
      "kilobytes" or "KB", that "Kbits" may also be written as
      "kilobits", and so forth. Closes ticket 9222.
    - Document that the ClientOnly config option overrides ORPort.
      Our old explanation made ClientOnly sound as though it did
      nothing at all. Resolves bug 9059.
    - Explain that SocksPolicy, DirPolicy, and similar options don't
      take port arguments. Fixes the other part of ticket 11108.
    - Fix a comment about the rend_server_descriptor_t.protocols field
      to more accurately describe its range. Also, make that field
      unsigned, to more accurately reflect its usage. Fixes bug 9099;
      bugfix on
    - Fix the manpage's description of HiddenServiceAuthorizeClient:
      the maximum client name length is 16, not 19. Fixes bug 11118;
      bugfix on

  o Package cleanup:
    - The contrib directory has been sorted and tidied. Before, it was
      an unsorted dumping ground for useful and not-so-useful things.
      Now, it is divided based on functionality, and the items which
      seemed to be nonfunctional or useless have been removed. Resolves
      ticket 8966; based on patches from "rl1987".

  o Removed code and features:
    - Clients now reject any directory authority certificates lacking
      a dir-key-crosscert element. These have been included since, so there's no real reason for them to be optional
      any longer. Completes proposal 157. Resolves ticket 10162.
    - Remove all code that existed to support the v2 directory system,
      since there are no longer any v2 directory authorities. Resolves
      ticket 10758.
    - Remove the HSAuthoritativeDir and AlternateHSAuthority torrc
      options, which were used for designating authorities as "Hidden
      service authorities". There has been no use of hidden service
      authorities since, when we stopped uploading or
      downloading v0 hidden service descriptors. Fixes bug 10881; also
      part of a fix for bug 10841.
    - Remove /tor/dbg-stability.txt URL that was meant to help debug WFU
      and MTBF calculations, but that nobody was using. Fixes bug 11742.
    - The TunnelDirConns and PreferTunnelledDirConns options no longer
      exist; tunneled directory connections have been available since, and turning them off is not a good idea. This is a
      brute-force fix for 10849, where "TunnelDirConns 0" would break
      hidden services.
    - Remove all code for the long unused v1 directory protocol.
      Resolves ticket 11070.
    - Remove all remaining code related to version-0 hidden service
      descriptors: they have not been in use since Fixes
      the rest of bug 10841.
    - Remove migration code from when we renamed the "cached-routers"
      file to "cached-descriptors" back in This
      incidentally resolves ticket 6502 by cleaning up the related code
      a bit. Patch from Akshay Hebbar.

  o Test infrastructure:
    - Tor now builds each source file in two modes: a mode that avoids
      exposing identifiers needlessly, and another mode that exposes
      more identifiers for testing. This lets the compiler do better at
      optimizing the production code, while enabling us to take more
      radical measures to let the unit tests test things.
    - The production builds no longer include functions used only in
      the unit tests; all functions exposed from a module only for
      unit-testing are now static in production builds.
    - Add an --enable-coverage configuration option to make the unit
      tests (and a new src/or/tor-cov target) to build with gcov test
      coverage support.
    - Update to the latest version of tinytest.
    - Improve the tinytest implementation of string operation tests so
      that comparisons with NULL strings no longer crash the tests; they
      now just fail, normally. Fixes bug 9004; bugfix on
    - New macros in test.h to simplify writing mock-functions for unit
      tests. Part of ticket 11507. Patch from Dana Koch.
    - We now have rudimentary function mocking support that our unit
      tests can use to test functions in isolation. Function mocking
      lets the tests temporarily replace a function's dependencies with
      stub functions, so that the tests can check the function without
      invoking the other functions it calls.

  o Testing:
    - Complete tests for the status.c module. Resolves ticket 11507.
      Patch from Dana Koch.
    - Add more unit tests for the <circid,channel>->circuit map, and
      the destroy-cell-tracking code to fix bug 7912.
    - Unit tests for failing cases of the TAP onion handshake.
    - More unit tests for address-manipulation functions.

  o Distribution (systemd):
    - Include a tor.service file in contrib/dist for use with systemd.
      Some distributions will be able to use this file unmodified;
      others will need to tweak it, or write their own. Patch from Jamie
      Nguyen; resolves ticket 8368.
    - Verify configuration file via ExecStartPre in the systemd unit
      file. Patch from intrigeri; resolves ticket 12730.
    - Explicitly disable RunAsDaemon in the systemd unit file. Our
      current systemd unit uses "Type = simple", so systemd does not
      expect tor to fork. If the user has "RunAsDaemon 1" in their
      torrc, then things won't work as expected. This is e.g. the case
      on Debian (and derivatives), since there we pass "--defaults-torrc
      /usr/share/tor/tor-service-defaults-torrc" (that contains
      "RunAsDaemon 1") by default. Patch by intrigeri; resolves
      ticket 12731.
Version: GnuPG v1


More information about the tor-announce mailing list