[tor-announce] Tor 0.3.5.7 is released
nickm at freehaven.net
Tue Jan 8 01:37:09 UTC 2019
(If you are about to reply saying "please take me off this list",
instead please follow these instructions:
. If you have trouble, it is probably because you subscribed using a
different address than the one you are trying to unsubscribe with. You
will have to enter the actual email address you used when you
After months of work, Tor 0.3.5.7 is now available! This is the first
stable release in the 0.3.5 series, and we hope you find it useful.
You can download the source code from the usual place on the website.
Packages should be available within the next several weeks, with a new
Tor Browser some time in the next month or so.
Changes in version 0.3.5.7 - 2019-01-07
Tor 0.3.5.7 is the first stable release in its series; it includes
compilation and portability fixes, and a fix for a severe problem
affecting directory caches.
The Tor 0.3.5 series includes several new features and performance
improvements, including client authorization for v3 onion services,
cleanups to bootstrap reporting, support for improved bandwidth-
measurement tools, experimental support for NSS in place of OpenSSL,
and much more. It also begins a full reorganization of Tor's code
layout, for improved modularity and maintainability in the future.
Finally, there is the usual set of performance improvements and
bugfixes that we try to do in every release series.
There are a couple of changes in the 0.3.5 that may affect
compatibility. First, the default version for newly created onion
services is now v3. Use the HiddenServiceVersion option if you want to
override this. Second, some log messages related to bootstrapping have
changed; if you use stem, you may need to update to the latest version
so it will recognize them.
We have designated 0.3.5 as a "long-term support" (LTS) series: we
will continue to patch major bugs in typical configurations of 0.3.5
until at least 1 Feb 2022. (We do not plan to provide long-term
support for embedding, Rust support, NSS support, running a directory
authority, or unsupported platforms. For these, you will need to stick
with the latest stable release.)
Below are the changes since 0.3.5.6-rc. For a complete list of changes
since 0.3.4.9, see the ReleaseNotes file.
o Major bugfixes (relay, directory):
- Always reactivate linked connections in the main loop so long as
any linked connection has been active. Previously, connections
serving directory information wouldn't get reactivated after the
first chunk of data was sent (usually 32KB), which would prevent
clients from bootstrapping. Fixes bug 28912; bugfix on
0.3.4.1-alpha. Patch by "cypherpunks3".
o Minor features (compilation):
- When possible, place our warning flags in a separate file, to
avoid flooding verbose build logs. Closes ticket 28924.
o Minor features (geoip):
- Update geoip and geoip6 to the January 3 2019 Maxmind GeoLite2
Country database. Closes ticket 29012.
o Minor features (OpenSSL bug workaround):
- Work around a bug in OpenSSL 1.1.1a, which prevented the TLS 1.3
key export function from handling long labels. When this bug is
detected, Tor will disable TLS 1.3. We recommend upgrading to a
version of OpenSSL without this bug when it becomes available.
Closes ticket 28973.
o Minor features (performance):
- Remove about 96% of the work from the function that we run at
startup to test our curve25519_basepoint implementation. Since
this function has yet to find an actual failure, we now only run
it for 8 iterations instead of 200. Based on our profile
information, this change should save around 8% of our startup time
on typical desktops, and may have a similar effect on other
platforms. Closes ticket 28838.
- Stop re-validating our hardcoded Diffie-Hellman parameters on
every startup. Doing this wasted time and cycles, especially on
low-powered devices. Closes ticket 28851.
o Minor bugfixes (compilation):
- Fix compilation for Android by adding a missing header to
freespace.c. Fixes bug 28974; bugfix on 0.3.5.1-alpha.
o Minor bugfixes (correctness):
- Fix an unreached code path where we checked the value of
"hostname" inside send_resolved_hostname_cell(). Previously, we
used it before checking it; now we check it first. Fixes bug
28879; bugfix on 0.1.2.7-alpha.
o Minor bugfixes (testing):
- Make sure that test_rebind.py actually obeys its timeout, even
when it receives a large number of log messages. Fixes bug 28883;
bugfix on 0.3.5.4-alpha.
- Stop running stem's unit tests as part of "make test-stem", but
continue to run stem's unit and online tests during "make test-
stem-full". Fixes bug 28568; bugfix on 0.2.6.3-alpha.
o Minor bugfixes (windows services):
- Make Tor start correctly as an NT service again: previously it was
broken by refactoring. Fixes bug 28612; bugfix on 0.3.5.3-alpha.
o Code simplification and refactoring:
- When parsing a port configuration, make it more obvious to static
analyzer tools that we always initialize the address. Closes
More information about the tor-announce