Tor 0.2.2.9-alpha and 0.2.2.10-alpha are out
Roger Dingledine
arma at mit.edu
Tue Mar 9 04:58:00 UTC 2010
Tor 0.2.2.9-alpha makes Tor work again on the latest OS X, updates the
location of a directory authority, and cleans up a bunch of small bugs.
Tor 0.2.2.10-alpha fixes a regression introduced in 0.2.2.9-alpha that
could prevent relays from guessing their IP address correctly. It also
starts the groundwork for another client-side performance boost, since
currently we're not making efficient use of relays that have both the
Guard flag and the Exit flag.
For those of you that build from the tarball, you'll notice that the
0.2.2.10-alpha tarball has a build dependency on asciidoc. We'll be
fixing that in the next alpha.
https://www.torproject.org/download.html.en
Changes in version 0.2.2.10-alpha - 2010-03-07
o Major bugfixes:
- Fix a regression from our patch for bug 1244 that caused relays
to guess their IP address incorrectly if they didn't set Address
in their torrc and/or their address fails to resolve. Bugfix on
0.2.2.9-alpha; fixes bug 1269.
o Major features (performance):
- Directory authorities now compute consensus weightings that instruct
clients how to weight relays flagged as Guard, Exit, Guard+Exit,
and no flag. Clients that use these weightings will distribute
network load more evenly across these different relay types. The
weightings are in the consensus so we can change them globally in
the future. Extra thanks to "outofwords" for finding some nasty
security bugs in the first implementation of this feature.
o Minor features (performance):
- Always perform router selections using weighted relay bandwidth,
even if we don't need a high capacity circuit at the time. Non-fast
circuits now only differ from fast ones in that they can use relays
not marked with the Fast flag. This "feature" could turn out to
be a horrible bug; we should investigate more before it goes into
a stable release.
o Minor features:
- Allow disabling building of the manpages. Skipping the manpage
speeds up the build considerably.
o Minor bugfixes (on 0.2.2.x):
- Fix a memleak in the EXTENDCIRCUIT logic. Spotted by coverity.
Bugfix on 0.2.2.9-alpha.
- Disallow values larger than INT32_MAX for PerConnBWRate|Burst
config option. Bugfix on 0.2.2.7-alpha.
- Ship the asciidoc-helper file in the tarball, so that people can
build from source if they want to, and touching the .1.txt files
doesn't break the build. Bugfix on 0.2.2.9-alpha.
o Minor bugfixes (on 0.2.1.x or earlier):
- Fix a dereference-then-NULL-check sequence when publishing
descriptors. Bugfix on 0.2.1.5-alpha. Discovered by ekir; fixes
bug 1255.
- Fix another dereference-then-NULL-check sequence. Bugfix on
0.2.1.14-rc. Discovered by ekir; fixes bug 1256.
- Make sure we treat potentially not NUL-terminated strings correctly.
Bugfix on 0.1.1.13-alpha. Discovered by rieo; fixes bug 1257.
o Code simplifications and refactoring:
- Fix some urls in the exit notice file and make it XHTML1.1 strict
compliant. Based on a patch from Christian Kujau.
- Don't use sed in asciidoc-helper anymore.
- Make the build process fail if asciidoc cannot be found and
building with asciidoc isn't disabled.
Changes in version 0.2.2.9-alpha - 2010-02-22
o Directory authority changes:
- Change IP address for dannenberg (v3 directory authority), and
remove moria2 (obsolete v1, v2 directory authority and v0 hidden
service directory authority) from the list.
o Major bugfixes:
- Make Tor work again on the latest OS X: when deciding whether to
use strange flags to turn TLS renegotiation on, detect the OpenSSL
version at run-time, not compile time. We need to do this because
Apple doesn't update its dev-tools headers when it updates its
libraries in a security patch.
- Fix a potential buffer overflow in lookup_last_hid_serv_request()
that could happen on 32-bit platforms with 64-bit time_t. Also fix
a memory leak when requesting a hidden service descriptor we've
requested before. Fixes bug 1242, bugfix on 0.2.0.18-alpha. Found
by aakova.
- Authorities could be tricked into giving out the Exit flag to relays
that didn't allow exiting to any ports. This bug could screw
with load balancing and stats. Bugfix on 0.1.1.6-alpha; fixes bug
1238. Bug discovered by Martin Kowalczyk.
- When freeing a session key, zero it out completely. We only zeroed
the first ptrsize bytes. Bugfix on 0.0.2pre8. Discovered and
patched by ekir. Fixes bug 1254.
o Minor bugfixes:
- Fix static compilation by listing the openssl libraries in the right
order. Bugfix on Tor 0.2.2.8-alpha; fixes bug 1237.
- Resume handling .exit hostnames in a special way: originally we
stripped the .exit part and used the requested exit relay. In
0.2.2.1-alpha we stopped treating them in any special way, meaning
if you use a .exit address then Tor will pass it on to the exit
relay. Now we reject the .exit stream outright, since that behavior
might be more expected by the user. Found and diagnosed by Scott
Bennett and Downie on or-talk.
- Don't spam the controller with events when we have no file
descriptors available. Bugfix on 0.2.1.5-alpha. (Rate-limiting
for log messages was already solved from bug 748.)
- Avoid a bogus overlapped memcpy in tor_addr_copy(). Reported by
"memcpyfail".
- Make the DNSPort option work with libevent 2.x. Don't alter the
behaviour for libevent 1.x. Fixes bug 1143. Found by SwissTorExit.
- Emit a GUARD DROPPED controller event for a case we missed.
- Make more fields in the controller protocol case-insensitive, since
control-spec.txt said they were.
- Refactor resolve_my_address() to not use gethostbyname() anymore.
Fixes bug 1244; bugfix on 0.0.2pre25. Reported by Mike Mestnik.
- Fix a spec conformance issue: the network-status-version token
must be the first token in a v3 consensus or vote. Discovered by
parakeep. Bugfix on 0.2.0.3-alpha.
o Code simplifications and refactoring:
- Generate our manpage and HTML documentation using Asciidoc. This
change should make it easier to maintain the documentation, and
produce nicer HTML.
- Remove the --enable-iphone option. According to reports from Marco
Bonetti, Tor builds fine without any special tweaking on recent
iPhone SDK versions.
- Removed some unnecessary files from the source distribution. The
AUTHORS file has now been merged into the people page on the
website. The roadmaps and design doc can now be found in the
projects directory in svn.
- Enabled various circuit build timeout constants to be controlled
by consensus parameters. Also set better defaults for these
parameters based on experimentation on broadband and simulated
high latency links.
o Minor features:
- The 'EXTENDCIRCUIT' control port command can now be used with
a circ id of 0 and no path. This feature will cause Tor to build
a new 'fast' general purpose circuit using its own path selection
algorithms.
- Added a BUILDTIMEOUT_SET controller event to describe changes
to the circuit build timeout.
- Future-proof the controller protocol a bit by ignoring keyword
arguments we do not recognize.
- Expand homedirs passed to tor-checkkey. This should silence a
coverity complaint about passing a user-supplied string into
open() without checking it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20100308/f3608733/attachment.pgp>
More information about the tor-talk
mailing list