[tor-announce] Tor is released

Nick Mathewson nickm at freehaven.net
Tue Jan 8 01:37:09 UTC 2019

Hello, everyone!

(If you are about to reply saying "please take me off this list",
instead please follow these instructions:


. If you have trouble, it is probably because you subscribed using a
different address than the one you are trying to unsubscribe with. You
will have to enter the actual email address you used when you

After months of work, Tor is now available! This is the first
stable release in the 0.3.5 series, and we hope you find it useful.

You can download the source code from the usual place on the website.
Packages should be available within the next several weeks, with a new
Tor Browser some time in the next month or so.

Changes in version - 2019-01-07
  Tor is the first stable release in its series; it includes
  compilation and portability fixes, and a fix for a severe problem
  affecting directory caches.

  The Tor 0.3.5 series includes several new features and performance
  improvements, including client authorization for v3 onion services,
  cleanups to bootstrap reporting, support for improved bandwidth-
  measurement tools, experimental support for NSS in place of OpenSSL,
  and much more. It also begins a full reorganization of Tor's code
  layout, for improved modularity and maintainability in the future.
  Finally, there is the usual set of performance improvements and
  bugfixes that we try to do in every release series.

  There are a couple of changes in the 0.3.5 that may affect
  compatibility. First, the default version for newly created onion
  services is now v3. Use the HiddenServiceVersion option if you want to
  override this. Second, some log messages related to bootstrapping have
  changed; if you use stem, you may need to update to the latest version
  so it will recognize them.

  We have designated 0.3.5 as a "long-term support" (LTS) series: we
  will continue to patch major bugs in typical configurations of 0.3.5
  until at least 1 Feb 2022. (We do not plan to provide long-term
  support for embedding, Rust support, NSS support, running a directory
  authority, or unsupported platforms. For these, you will need to stick
  with the latest stable release.)

  Below are the changes since For a complete list of changes
  since, see the ReleaseNotes file.

  o Major bugfixes (relay, directory):
    - Always reactivate linked connections in the main loop so long as
      any linked connection has been active. Previously, connections
      serving directory information wouldn't get reactivated after the
      first chunk of data was sent (usually 32KB), which would prevent
      clients from bootstrapping. Fixes bug 28912; bugfix on Patch by "cypherpunks3".

  o Minor features (compilation):
    - When possible, place our warning flags in a separate file, to
      avoid flooding verbose build logs. Closes ticket 28924.

  o Minor features (geoip):
    - Update geoip and geoip6 to the January 3 2019 Maxmind GeoLite2
      Country database. Closes ticket 29012.

  o Minor features (OpenSSL bug workaround):
    - Work around a bug in OpenSSL 1.1.1a, which prevented the TLS 1.3
      key export function from handling long labels. When this bug is
      detected, Tor will disable TLS 1.3. We recommend upgrading to a
      version of OpenSSL without this bug when it becomes available.
      Closes ticket 28973.

  o Minor features (performance):
    - Remove about 96% of the work from the function that we run at
      startup to test our curve25519_basepoint implementation. Since
      this function has yet to find an actual failure, we now only run
      it for 8 iterations instead of 200. Based on our profile
      information, this change should save around 8% of our startup time
      on typical desktops, and may have a similar effect on other
      platforms. Closes ticket 28838.
    - Stop re-validating our hardcoded Diffie-Hellman parameters on
      every startup. Doing this wasted time and cycles, especially on
      low-powered devices. Closes ticket 28851.

  o Minor bugfixes (compilation):
    - Fix compilation for Android by adding a missing header to
      freespace.c. Fixes bug 28974; bugfix on

  o Minor bugfixes (correctness):
    - Fix an unreached code path where we checked the value of
      "hostname" inside send_resolved_hostname_cell(). Previously, we
      used it before checking it; now we check it first. Fixes bug
      28879; bugfix on

  o Minor bugfixes (testing):
    - Make sure that test_rebind.py actually obeys its timeout, even
      when it receives a large number of log messages. Fixes bug 28883;
      bugfix on
    - Stop running stem's unit tests as part of "make test-stem", but
      continue to run stem's unit and online tests during "make test-
      stem-full". Fixes bug 28568; bugfix on

  o Minor bugfixes (windows services):
    - Make Tor start correctly as an NT service again: previously it was
      broken by refactoring. Fixes bug 28612; bugfix on

  o Code simplification and refactoring:
    - When parsing a port configuration, make it more obvious to static
      analyzer tools that we always initialize the address. Closes
      ticket 28881.

More information about the tor-announce mailing list