[tor-talk] Tor 0.3.0.3-alpha is released!
Nick Mathewson
nickm at freehaven.net
Fri Feb 3 19:22:07 UTC 2017
Hi! There's yet another new alpha release. I think we're closing in
on stability for this series, which is a pretty nice feeling.
You can download the source code from the usual place on the website.
It's an alpha, so please expect bugs and be ready to report them.
Packages should be out over the next several weeks.
=============
Changes in version 0.3.0.3-alpha - 2017-02-03
Tor 0.3.0.3-alpha fixes a few significant bugs introduced over the
0.3.0.x development series, including some that could cause
authorities to behave badly. There is also a fix for a longstanding
bug that could prevent IPv6 exits from working. Tor 0.3.0.3-alpha also
includes some smaller features and bugfixes.
The Tor 0.3.0.x release series is now in patch-freeze: no additional
features will be considered for inclusion in 0.3.0.x. We suspect that
some bugs will probably remain, however, and we encourage people to
test this release.
o Major bugfixes (directory authority):
- During voting, when marking a relay as a probable sybil, do not
clear its BadExit flag: sybils can still be bad in other ways
too. (We still clear the other flags.) Fixes bug 21108; bugfix
on 0.2.0.13-alpha.
- When deciding whether we have just found a router to be reachable,
do not penalize it for not having performed an Ed25519 link
handshake if it does not claim to support an Ed25519 handshake.
Previously, we would treat such relays as non-running. Fixes bug
21107; bugfix on 0.3.0.1-alpha.
o Major bugfixes (entry guards):
- Stop trying to build circuits through entry guards for which we
have no descriptor. Also, stop crashing in the case that we *do*
accidentally try to build a circuit in such a state. Fixes bug
21242; bugfix on 0.3.0.1-alpha.
o Major bugfixes (IPv6 Exits):
- Stop rejecting all IPv6 traffic on Exits whose exit policy rejects
any IPv6 addresses. Instead, only reject a port over IPv6 if the
exit policy rejects that port on more than an IPv6 /16 of
addresses. This bug was made worse by 17027 in 0.2.8.1-alpha,
which rejected a relay's own IPv6 address by default. Fixes bug
21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha.
o Minor feature (client):
- Enable IPv6 traffic on the SocksPort by default. To disable this,
a user will have to specify "NoIPv6Traffic". Closes ticket 21269.
o Minor feature (fallback scripts):
- Add a check_existing mode to updateFallbackDirs.py, which checks
if fallbacks in the hard-coded list are working. Closes ticket
20174. Patch by haxxpop.
o Minor features (ciphersuite selection):
- Clients now advertise a list of ciphersuites closer to the ones
preferred by Firefox. Closes part of ticket 15426.
- Allow relays to accept a wider range of ciphersuites, including
chacha20-poly1305 and AES-CCM. Closes the other part of 15426.
o Minor features (controller, configuration):
- Each of the *Port options, such as SocksPort, ORPort, ControlPort,
and so on, now comes with a __*Port variant that will not be saved
to the torrc file by the controller's SAVECONF command. This
change allows TorBrowser to set up a single-use domain socket for
each time it launches Tor. Closes ticket 20956.
- The GETCONF command can now query options that may only be
meaningful in context-sensitive lists. This allows the controller
to query the mixed SocksPort/__SocksPort style options introduced
in feature 20956. Implements ticket 21300.
o Minor features (portability, compilation):
- Autoconf now checks to determine if OpenSSL structures are opaque,
instead of explicitly checking for OpenSSL version numbers. Part
of ticket 21359.
- Support building with recent LibreSSL code that uses opaque
structures. Closes ticket 21359.
o Minor features (relay):
- We now allow separation of exit and relay traffic to different
source IP addresses, using the OutboundBindAddressExit and
OutboundBindAddressOR options respectively. Closes ticket 17975.
Written by Michael Sonntag.
o Minor bugfix (logging):
- Don't recommend the use of Tor2web in non-anonymous mode.
Recommending Tor2web is a bad idea because the client loses all
anonymity. Tor2web should only be used in specific cases by users
who *know* and understand the issues. Fixes bug 21294; bugfix
on 0.2.9.3-alpha.
o Minor bugfixes (client):
- Always recover from failures in extend_info_from_node(), in an
attempt to prevent any recurrence of bug 21242. Fixes bug 21372;
bugfix on 0.2.3.1-alpha.
o Minor bugfixes (client, entry guards):
- Fix a bug warning (with backtrace) when we fail a channel that
circuits to fallback directories on it. Fixes bug 21128; bugfix
on 0.3.0.1-alpha.
- Fix a spurious bug warning (with backtrace) when removing an
expired entry guard. Fixes bug 21129; bugfix on 0.3.0.1-alpha.
- Fix a bug of the new guard algorithm where tor could stall for up
to 10 minutes before retrying a guard after a long period of no
network. Fixes bug 21052; bugfix on 0.3.0.1-alpha.
- Do not try to build circuits until we have descriptors for our
primary entry guards. Related to fix for bug 21242.
o Minor bugfixes (configure, autoconf):
- Rename the configure option --enable-expensive-hardening to
--enable-fragile-hardening. Expensive hardening makes the tor
daemon abort when some kinds of issues are detected. Thus, it
makes tor more at risk of remote crashes but safer against RCE or
heartbleed bug category. We now try to explain this issue in a
message from the configure script. Fixes bug 21290; bugfix
on 0.2.5.4-alpha.
o Minor bugfixes (controller):
- Restore the (deprecated) DROPGUARDS controller command. Fixes bug
20824; bugfix on 0.3.0.1-alpha.
o Minor bugfixes (hidden service):
- Clean up the code for expiring intro points with no associated
circuits. It was causing, rarely, a service with some expiring
introduction points to not open enough additional introduction
points. Fixes part of bug 21302; bugfix on 0.2.7.2-alpha.
- Stop setting the torrc option HiddenServiceStatistics to "0" just
because we're not a bridge or relay. Instead, we preserve whatever
value the user set (or didn't set). Fixes bug 21150; bugfix
on 0.2.6.2-alpha.
- Resolve two possible underflows which could lead to creating and
closing a lot of introduction point circuits in a non-stop loop.
Fixes bug 21302; bugfix on 0.2.7.2-alpha.
o Minor bugfixes (portability):
- Use "OpenBSD" compiler macro instead of "OPENBSD" or "__OpenBSD__".
It is supported by OpenBSD itself, and also by most OpenBSD
variants (such as Bitrig). Fixes bug 20980; bugfix
on 0.1.2.1-alpha.
- When mapping a file of length greater than SIZE_MAX, do not
silently truncate its contents. This issue could occur on 32 bit
systems with large file support and files which are larger than 4
GB. Fixes bug 21134; bugfix on 0.3.0.1-alpha.
o Minor bugfixes (tor-resolve):
- The tor-resolve command line tool now rejects hostnames over 255
characters in length. Previously, it would silently truncate them,
which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5.
Patch by "junglefowl".
o Minor bugfixes (Windows services):
- Be sure to initialize the monotonic time subsystem before using
it, even when running as an NT service. Fixes bug 21356; bugfix
on 0.2.9.1-alpha.
More information about the tor-talk
mailing list