[tor-talk] Tor is out

Roger Dingledine arma at mit.edu
Sat Nov 16 18:55:48 UTC 2013

Tor is the fourth release candidate for the Tor 0.2.4.x
series. It takes a variety of fixes from the 0.2.5.x branch to improve
stability, performance, and better handling of edge cases.


Changes in version - 2013-11-16
  o Major features:
    - Re-enable TLS 1.1 and 1.2 when built with OpenSSL 1.0.1e or later.
      Resolves ticket 6055. (OpenSSL before 1.0.1 didn't have TLS 1.1 or
      1.2, and OpenSSL from 1.0.1 through 1.0.1d had bugs that prevented
      renegotiation from working with TLS 1.1 or 1.2, so we had disabled
      them to solve bug 6033.)

  o Major bugfixes:
    - No longer stop reading or writing on cpuworker connections when
      our rate limiting buckets go empty. Now we should handle circuit
      handshake requests more promptly. Resolves bug 9731.
    - If we are unable to save a microdescriptor to the journal, do not
      drop it from memory and then reattempt downloading it. Fixes bug
      9645; bugfix on
    - Stop trying to bootstrap all our directory information from
      only our first guard. Discovered while fixing bug 9946; bugfix
    - The new channel code sometimes lost track of in-progress circuits,
      causing long-running clients to stop building new circuits. The
      fix is to always call circuit_n_chan_done(chan, 0) from
      channel_closed(). Fixes bug 9776; bugfix on

  o Minor bugfixes (on 0.2.4.x):
    - Correctly log long IPv6 exit policies, instead of truncating them
      or reporting an error. Fixes bug 9596; bugfix on
    - Our default TLS ecdhe groups were backwards: we meant to be using
      P224 for relays (for performance win) and P256 for bridges (since
      it is more common in the wild). Instead we had it backwards. After
      reconsideration, we decided that the default should be P256 on all
      hosts, since its security is probably better, and since P224 is
      reportedly used quite little in the wild.  Found by "skruffy" on
      IRC. Fix for bug 9780; bugfix on
    - Free directory authority certificate download statuses on exit
      rather than leaking them. Fixes bug 9644; bugfix on

  o Minor bugfixes (on 0.2.3.x and earlier):
    - If the guard we choose first doesn't answer, we would try the
      second guard, but once we connected to the second guard we would
      abandon it and retry the first one, slowing down bootstrapping.
      The fix is to treat all our initially chosen guards as acceptable
      to use. Fixes bug 9946; bugfix on
    - Fix an assertion failure that would occur when disabling the
      ORPort setting on a running Tor process while accounting was
      enabled. Fixes bug 6979; bugfix on
    - When examining the list of network interfaces to find our address,
      do not consider non-running or disabled network interfaces. Fixes
      bug 9904; bugfix on Patch from "hantwister".
    - Avoid an off-by-one error when checking buffer boundaries when
      formatting the exit status of a pluggable transport helper.
      This is probably not an exploitable bug, but better safe than
      sorry. Fixes bug 9928; bugfix on Bug found by
      Pedro Ribeiro.

  o Minor features (protecting client timestamps):
    - Clients no longer send timestamps in their NETINFO cells. These were
      not used for anything, and they provided one small way for clients
      to be distinguished from each other as they moved from network to
      network or behind NAT. Implements part of proposal 222.
    - Clients now round timestamps in INTRODUCE cells down to the nearest
      10 minutes. If a new Support022HiddenServices option is set to 0, or
      if it's set to "auto" and the feature is disabled in the consensus,
      the timestamp is sent as 0 instead. Implements part of proposal 222.
    - Stop sending timestamps in AUTHENTICATE cells. This is not such
      a big deal from a security point of view, but it achieves no actual
      good purpose, and isn't needed. Implements part of proposal 222.
    - Reduce down accuracy of timestamps in hidden service descriptors.
      Implements part of proposal 222.

  o Minor features (other):
    - Improve the circuit queue out-of-memory handler. Previously, when
      we ran low on memory, we'd close whichever circuits had the most
      queued cells. Now, we close those that have the *oldest* queued
      cells, on the theory that those are most responsible for us
      running low on memory. Based on analysis from a forthcoming paper
      by Jansen, Tschorsch, Johnson, and Scheuermann. Fixes bug 9093.
    - Generate bootstrapping status update events correctly when fetching
      microdescriptors. Fixes bug 9927.
    - Update to the October 2 2013 Maxmind GeoLite Country database.

  o Documentation fixes:
    - Clarify the usage and risks of setting the ContactInfo torrc line
      for your relay or bridge. Resolves ticket 9854.
    - Add anchors to the manpage so we can link to the html version of
      the documentation for specific options. Resolves ticket 9866.
    - Replace remaining references to DirServer in man page and
      log entries. Resolves ticket 10124.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20131116/51ed55c2/attachment.sig>

More information about the tor-talk mailing list