[tor-packagers] Vanguards v0.2.1 is available for packaging

Mike Perry mikeperry at torproject.org
Mon Aug 13 21:56:34 UTC 2018 

Vanguards v0.2.1 is tagged on github at
https://github.com/mikeperry-tor/vanguards. The tag is signed with the
gpg key that signed this mail, and all of my other mails.

Again, the preferred interpreter for vanguards is pypy, but you must use
either stem 1.5.4 (or below), or stem 1.6.0 with this patch:
https://gitweb.torproject.org/stem.git/commit/?id=c52db04

The tests will fail on pypy with an affected stem (which is how I
discovered the stem issue).

If you previously had issues with the tests, please see:
https://github.com/mikeperry-tor/vanguards/blob/master/README_TESTS.md

Hopefully the new test README can help you ensure that you have working
versions of everything. 

Iain also wrote a systemd service wrapper that may be useful:
https://salsa.debian.org/pkg-privacy-team/vanguards/blob/master/debian/vanguards.service

I want to write a Tor blog post announcing this new version, but I want
to mention distribution packages in that blog post, since that was a FAQ
in the comments of the initial blogpost. If you are packaging this
addon, please let me know which repositories it will appear at, and give
me a link to instructions for how users can add or enable them on their
systems.

I haven't heard anything from Fedora/RPM people. That would be super
useful. :)

Overall, I think this release is a significant improvement over v0.1.1.
Here's the changelog:

- Read ExcludeNodes from Tor and don't pick layer2 or layer3 guards in
  this set. #11
- Add --one_shot_vanguards and --disable_vanguards options (to enable
  OnionBalance synchronization). #12
- Don't write to torrc by default. #18
- Keep attempting to reconnect if the control port dies. #19
- Support tighter bounds on dropped data to defend against DropMark,
  and change circ_max_dropped_bytes_percent to circ_max_dropped_cells.
  However, leave these at NOTICE pending Tor patch #25573. #20.
- Limit rend requests from relays that are not in our consensus. #22.
- Added connectivity accounting: WARN if we're disconnected or can't
  build circuits for more than 'conn_max_disconnected_secs' and
  'circ_max_disconnected_secs'. Also emit a NOTICE if a connection dies
  while there are live circuits on it. #23
- Fix several false positive cases in rendguard. More may remain, so
  demote logline to NOTICE for now. #24
- Change rendguard params to lower the false positive rate. If you use a
  conf file, be sure to update the values there, if specified. #24.
- Standardize using WARN for messages that we're confident represent
  serious issues, and use NOTICE for heuristics that may need more
  tuning.



-- 
Mike Perry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-packagers/attachments/20180813/5fc1fd0f/attachment.sig>

More information about the tor-packagers mailing list