[tor-talk] Tor 0.3.2.5-alpha is released
Nick Mathewson
nickm at torproject.org
Wed Nov 22 13:28:08 UTC 2017
Hello!
There's a fun new alpha you can run! Because it's an alpha, you
should only run it if you're ready to find more bugs than usual, and
report them on trac.torproject.org.
The source code is available from the usual place on
www.torproject.org ; if you build Tor from source, why not give it a
try? And if you don't build Tor from source, packages should be ready
over the coming days. There probably won't be a Tor Browser release
for this one -- it's likelier to include the next alpha instead, which
should be out in early December.
Here's what's new since 0.3.2.4-alpha:
Changes in version 0.3.2.5-alpha - 2017-11-22
Tor 0.3.2.5-alpha is the fifth alpha release in the 0.3.2.x series. It
fixes several stability and reliability bugs, including a fix for
intermittent bootstrapping failures that some people have been seeing
since the 0.3.0.x series.
Please test this alpha out -- many of these fixes will soon be
backported to stable Tor versions if no additional bugs are found
in them.
o Major bugfixes (bootstrapping):
- Fetch descriptors aggressively whenever we lack enough to build
circuits, regardless of how many descriptors we are missing.
Previously, we would delay launching the fetch when we had fewer
than 15 missing descriptors, even if some of those descriptors
were blocking circuits from building. Fixes bug 23985; bugfix on
0.1.1.11-alpha. The effects of this bug became worse in
0.3.0.3-alpha, when we began treating missing descriptors from our
primary guards as a reason to delay circuits.
- Don't try fetching microdescriptors from relays that have failed
to deliver them in the past. Fixes bug 23817; bugfix
on 0.3.0.1-alpha.
o Minor features (directory authority):
- Make the "Exit" flag assignment only depend on whether the exit
policy allows connections to ports 80 and 443. Previously relays
would get the Exit flag if they allowed connections to one of
these ports and also port 6667. Resolves ticket 23637.
o Minor features (geoip):
- Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
Country database.
o Minor features (linux seccomp2 sandbox):
- Update the sandbox rules so that they should now work correctly
with Glibc 2.26. Closes ticket 24315.
o Minor features (logging):
- Downgrade a pair of log messages that could occur when an exit's
resolver gave us an unusual (but not forbidden) response. Closes
ticket 24097.
- Improve the message we log when re-enabling circuit build timeouts
after having received a consensus. Closes ticket 20963.
o Minor bugfixes (compilation):
- Fix a memory leak warning in one of the libevent-related
configuration tests that could occur when manually specifying
-fsanitize=address. Fixes bug 24279; bugfix on 0.3.0.2-alpha.
Found and patched by Alex Xu.
- When detecting OpenSSL on Windows from our configure script, make
sure to try linking with the ws2_32 library. Fixes bug 23783;
bugfix on 0.3.2.2-alpha.
o Minor bugfixes (control port, linux seccomp2 sandbox):
- Avoid a crash when attempting to use the seccomp2 sandbox together
with the OwningControllerProcess feature. Fixes bug 24198; bugfix
on 0.2.5.1-alpha.
o Minor bugfixes (control port, onion services):
- Report "FAILED" instead of "UPLOAD_FAILED" "FAILED" for the
HS_DESC event when a service is not able to upload a descriptor.
Fixes bug 24230; bugfix on 0.2.7.1-alpha.
o Minor bugfixes (directory cache):
- Recover better from empty or corrupt files in the consensus cache
directory. Fixes bug 24099; bugfix on 0.3.1.1-alpha.
- When a consensus diff calculation is only partially successful,
only record the successful parts as having succeeded. Partial
success can happen if (for example) one compression method fails
but the others succeed. Previously we misrecorded all the
calculations as having succeeded, which would later cause a
nonfatal assertion failure. Fixes bug 24086; bugfix
on 0.3.1.1-alpha.
o Minor bugfixes (logging):
- Only log once if we notice that KIST support is gone. Fixes bug
24158; bugfix on 0.3.2.1-alpha.
- Suppress a log notice when relay descriptors arrive. We already
have a bootstrap progress for this so no need to log notice
everytime tor receives relay descriptors. Microdescriptors behave
the same. Fixes bug 23861; bugfix on 0.2.8.2-alpha.
o Minor bugfixes (network layer):
- When closing a connection via close_connection_immediately(), we
mark it as "not blocked on bandwidth", to prevent later calls from
trying to unblock it, and give it permission to read. This fixes a
backtrace warning that can happen on relays under various
circumstances. Fixes bug 24167; bugfix on 0.1.0.1-rc.
o Minor bugfixes (onion services):
- The introduction circuit was being timed out too quickly while
waiting for the rendezvous circuit to complete. Keep the intro
circuit around longer instead of timing out and reopening new ones
constantly. Fixes bug 23681; bugfix on 0.2.4.8-alpha.
- Rename the consensus parameter "hsdir-interval" to "hsdir_interval"
so it matches dir-spec.txt. Fixes bug 24262; bugfix
on 0.3.1.1-alpha.
- Silence a warning about failed v3 onion descriptor uploads that
can happen naturally under certain edge cases. Fixes part of bug
23662; bugfix on 0.3.2.1-alpha.
o Minor bugfixes (tests):
- Fix a memory leak in one of the bridge-distribution test cases.
Fixes bug 24345; bugfix on 0.3.2.3-alpha.
- Fix a bug in our fuzzing mock replacement for crypto_pk_checksig(),
to correctly handle cases where a caller gives it an RSA key of
under 160 bits. (This is not actually a bug in Tor itself, but
rather in our fuzzing code.) Fixes bug 24247; bugfix on
0.3.0.3-alpha. Found by OSS-Fuzz as issue 4177.
o Documentation:
- Add notes in man page regarding OS support for the various
scheduler types. Attempt to use less jargon in the scheduler
section. Closes ticket 24254.
More information about the tor-talk
mailing list