Nick Mathewson
2018-10-17 18:49:47 UTC
Hi!
There's a new alpha Tor release! Because it's an alpha, you should
only run it if you're ready to find more bugs than usual, and report
them on trac.torproject.org.
The source code is available from the usual place on
www.torproject.org; if you build Tor from source, why not give it a
try? And if you don't build Tor from source, packages should be ready
over the coming days, with a Tor Browser alpha release likely in a
couple of weeks.
Here's what's new:
Changes in version 0.3.5.3-alpha - 2018-10-17
Tor 0.3.5.3-alpha fixes several bugs, mostly from previous 0.3.5.x
versions. One important fix for relays addresses a problem with rate-
limiting code from back in 0.3.4.x: If the fix works out, we'll be
backporting it soon. This release is still an alpha, but we hope it's
getting closer and closer to stability.
o Major features (onion services):
- Version 3 onion services can now use the per-service
HiddenServiceExportCircuitID option to differentiate client
circuits. It communicates with the service by using the HAProxy
protocol to assign virtual IP addresses to inbound client
circuits. Closes ticket 4700. Patch by Mahrud Sayrafi.
o Major bugfixes (compilation):
- Fix compilation on ARM (and other less-used CPUs) when compiling
with OpenSSL before 1.1. Fixes bug 27781; bugfix on 0.3.4.1-alpha.
o Major bugfixes (initialization, crash):
- Fix an assertion crash that would stop Tor from starting up if it
tried to activate a periodic event too early. Fixes bug 27861;
bugfix on 0.3.5.1-alpha.
o Major bugfixes (mainloop, bootstrap):
- Make sure Tor bootstraps and works properly if only the
ControlPort is set. Prior to this fix, Tor would only bootstrap
when a client port was set (Socks, Trans, NATD, DNS or HTTPTunnel
port). Fixes bug 27849; bugfix on 0.3.4.1-alpha.
o Major bugfixes (relay):
- When our write bandwidth limit is exhausted, stop writing on the
connection. Previously, we had a typo in the code that would make
us stop reading instead, leading to relay connections being stuck
indefinitely and consuming kernel RAM. Fixes bug 28089; bugfix
on 0.3.4.1-alpha.
o Minor features (continuous integration):
- Use the Travis Homebrew addon to install packages on macOS during
Travis CI. The package list is the same, but the Homebrew addon
does not do a `brew update` by default. Implements ticket 27738.
- Report what program produced the mysterious core file that we
occasionally see on Travis CI during make distcheck. Closes
ticket 28024.
o Minor features (geoip):
- Update geoip and geoip6 to the October 9 2018 Maxmind GeoLite2
Country database. Closes ticket 27991.
o Minor bugfixes (code safety):
- Rewrite our assertion macros so that they no longer suppress the
compiler's -Wparentheses warnings. Fixes bug 27709; bugfix
on 0.0.6.
o Minor bugfixes (compilation):
- Compile the ed25519-donna code with a correct declaration of
crypto_strongest_rand(). Previously, we built it with one type,
but linked it against another in the unit tests, which caused
compilation failures with LTO enabled. This could have caused
other undefined behavior in the tests. Fixes bug 27728; bugfix
on 0.3.5.1-alpha.
o Minor bugfixes (compilation, netbsd):
- Add a missing include back into procmon.c. Fixes bug 27990; bugfix
on 0.3.5.1-alpha.
o Minor bugfixes (continuous integration, appveyor):
- Install only the necessary mingw packages during our appveyor
builds. This change makes the build a little faster, and prevents
a conflict with a preinstalled mingw openssl that appveyor now
ships. Fixes bugs 27765 and 27943; bugfix on 0.3.4.2-alpha.
o Minor bugfixes (directory permissions):
- When a user requests a group-readable DataDirectory, give it to
them. Previously, when the DataDirectory and the CacheDirectory
were the same, the default setting (0) for
CacheDirectoryGroupReadable would override the setting for
DataDirectoryGroupReadable. Fixes bug 26913; bugfix
on 0.3.3.1-alpha.
o Minor bugfixes (memory leaks):
- Fix a small memory leak when calling Tor with --dump-config. Fixes
bug 27893; bugfix on 0.3.2.1-alpha.
o Minor bugfixes (networking):
- In retry_listeners_ports(), make sure that we're removing a member
of old_conns smartlist at most once. Fixes bug 27808; bugfix
on 0.3.5.1-alpha.
- Refrain from attempting socket rebinding when old and new
listeners are in different address families. Fixes bug 27928;
bugfix on 0.3.5.1-alpha.
o Minor bugfixes (onion service v3):
- Stop dumping a stack trace when trying to connect to an intro
point without having a descriptor for it. Fixes bug 27774; bugfix
on 0.3.2.1-alpha.
- Don't warn so loudly when Tor is unable to decode an onion
descriptor. This can now happen as a normal use case if a client
gets a descriptor with client authorization but the client is not
authorized. Fixes bug 27550; bugfix on 0.3.5.1-alpha.
- When selecting a v3 rendezvous point, don't only look at the
protover, but also check whether the curve25519 onion key is
present. This way we avoid picking a relay that supports the v3
rendezvous but for which we don't have the microdescriptor. Fixes
bug 27797; bugfix on 0.3.2.1-alpha.
o Minor bugfixes (protover):
- Reject protocol names containing bytes other than alphanumeric
characters and hyphens ([A-Za-z0-9-]). Fixes bug 27316; bugfix
on 0.2.9.4-alpha.
o Minor bugfixes (testing):
- Make the hs_service tests use the same time source when creating
the introduction point and when testing it. Now tests work better
on very slow systems like ARM or Travis. Fixes bug 27810; bugfix
on 0.3.2.1-alpha.
- In test_rebind.py, check if the Python version is in the supported
range. Fixes bug 27675; bugfix on 0.3.5.1-alpha.
o Code simplification and refactoring:
- Divide more large Tor source files -- especially ones that span
multiple areas of functionality -- into smaller parts, including
onion.c and main.c. Closes ticket 26747.
- Divide the "routerparse.c" module into separate modules for each
group of parsed objects. Closes ticket 27924.
- Move protover_rust.c to the same place protover.c was moved to.
Closes ticket 27814.
- Split directory.c into separate pieces for client, server, and
common functionality. Closes ticket 26744.
- Split the non-statistics-related parts from the rephist.c and
geoip.c modules. Closes ticket 27892.
- Split the router.c file into relay-only and shared components, to
help with future modularization. Closes ticket 27864.
o Documentation:
- In the tor-resolve(1) manpage, fix the reference to socks-
extensions.txt by adding a web URL. Resolves ticket 27853.
- Mention that we require Python to be 2.7 or newer for some
integration tests that we ship with Tor. Resolves ticket 27677.
There's a new alpha Tor release! Because it's an alpha, you should
only run it if you're ready to find more bugs than usual, and report
them on trac.torproject.org.
The source code is available from the usual place on
www.torproject.org; if you build Tor from source, why not give it a
try? And if you don't build Tor from source, packages should be ready
over the coming days, with a Tor Browser alpha release likely in a
couple of weeks.
Here's what's new:
Changes in version 0.3.5.3-alpha - 2018-10-17
Tor 0.3.5.3-alpha fixes several bugs, mostly from previous 0.3.5.x
versions. One important fix for relays addresses a problem with rate-
limiting code from back in 0.3.4.x: If the fix works out, we'll be
backporting it soon. This release is still an alpha, but we hope it's
getting closer and closer to stability.
o Major features (onion services):
- Version 3 onion services can now use the per-service
HiddenServiceExportCircuitID option to differentiate client
circuits. It communicates with the service by using the HAProxy
protocol to assign virtual IP addresses to inbound client
circuits. Closes ticket 4700. Patch by Mahrud Sayrafi.
o Major bugfixes (compilation):
- Fix compilation on ARM (and other less-used CPUs) when compiling
with OpenSSL before 1.1. Fixes bug 27781; bugfix on 0.3.4.1-alpha.
o Major bugfixes (initialization, crash):
- Fix an assertion crash that would stop Tor from starting up if it
tried to activate a periodic event too early. Fixes bug 27861;
bugfix on 0.3.5.1-alpha.
o Major bugfixes (mainloop, bootstrap):
- Make sure Tor bootstraps and works properly if only the
ControlPort is set. Prior to this fix, Tor would only bootstrap
when a client port was set (Socks, Trans, NATD, DNS or HTTPTunnel
port). Fixes bug 27849; bugfix on 0.3.4.1-alpha.
o Major bugfixes (relay):
- When our write bandwidth limit is exhausted, stop writing on the
connection. Previously, we had a typo in the code that would make
us stop reading instead, leading to relay connections being stuck
indefinitely and consuming kernel RAM. Fixes bug 28089; bugfix
on 0.3.4.1-alpha.
o Minor features (continuous integration):
- Use the Travis Homebrew addon to install packages on macOS during
Travis CI. The package list is the same, but the Homebrew addon
does not do a `brew update` by default. Implements ticket 27738.
- Report what program produced the mysterious core file that we
occasionally see on Travis CI during make distcheck. Closes
ticket 28024.
o Minor features (geoip):
- Update geoip and geoip6 to the October 9 2018 Maxmind GeoLite2
Country database. Closes ticket 27991.
o Minor bugfixes (code safety):
- Rewrite our assertion macros so that they no longer suppress the
compiler's -Wparentheses warnings. Fixes bug 27709; bugfix
on 0.0.6.
o Minor bugfixes (compilation):
- Compile the ed25519-donna code with a correct declaration of
crypto_strongest_rand(). Previously, we built it with one type,
but linked it against another in the unit tests, which caused
compilation failures with LTO enabled. This could have caused
other undefined behavior in the tests. Fixes bug 27728; bugfix
on 0.3.5.1-alpha.
o Minor bugfixes (compilation, netbsd):
- Add a missing include back into procmon.c. Fixes bug 27990; bugfix
on 0.3.5.1-alpha.
o Minor bugfixes (continuous integration, appveyor):
- Install only the necessary mingw packages during our appveyor
builds. This change makes the build a little faster, and prevents
a conflict with a preinstalled mingw openssl that appveyor now
ships. Fixes bugs 27765 and 27943; bugfix on 0.3.4.2-alpha.
o Minor bugfixes (directory permissions):
- When a user requests a group-readable DataDirectory, give it to
them. Previously, when the DataDirectory and the CacheDirectory
were the same, the default setting (0) for
CacheDirectoryGroupReadable would override the setting for
DataDirectoryGroupReadable. Fixes bug 26913; bugfix
on 0.3.3.1-alpha.
o Minor bugfixes (memory leaks):
- Fix a small memory leak when calling Tor with --dump-config. Fixes
bug 27893; bugfix on 0.3.2.1-alpha.
o Minor bugfixes (networking):
- In retry_listeners_ports(), make sure that we're removing a member
of old_conns smartlist at most once. Fixes bug 27808; bugfix
on 0.3.5.1-alpha.
- Refrain from attempting socket rebinding when old and new
listeners are in different address families. Fixes bug 27928;
bugfix on 0.3.5.1-alpha.
o Minor bugfixes (onion service v3):
- Stop dumping a stack trace when trying to connect to an intro
point without having a descriptor for it. Fixes bug 27774; bugfix
on 0.3.2.1-alpha.
- Don't warn so loudly when Tor is unable to decode an onion
descriptor. This can now happen as a normal use case if a client
gets a descriptor with client authorization but the client is not
authorized. Fixes bug 27550; bugfix on 0.3.5.1-alpha.
- When selecting a v3 rendezvous point, don't only look at the
protover, but also check whether the curve25519 onion key is
present. This way we avoid picking a relay that supports the v3
rendezvous but for which we don't have the microdescriptor. Fixes
bug 27797; bugfix on 0.3.2.1-alpha.
o Minor bugfixes (protover):
- Reject protocol names containing bytes other than alphanumeric
characters and hyphens ([A-Za-z0-9-]). Fixes bug 27316; bugfix
on 0.2.9.4-alpha.
o Minor bugfixes (testing):
- Make the hs_service tests use the same time source when creating
the introduction point and when testing it. Now tests work better
on very slow systems like ARM or Travis. Fixes bug 27810; bugfix
on 0.3.2.1-alpha.
- In test_rebind.py, check if the Python version is in the supported
range. Fixes bug 27675; bugfix on 0.3.5.1-alpha.
o Code simplification and refactoring:
- Divide more large Tor source files -- especially ones that span
multiple areas of functionality -- into smaller parts, including
onion.c and main.c. Closes ticket 26747.
- Divide the "routerparse.c" module into separate modules for each
group of parsed objects. Closes ticket 27924.
- Move protover_rust.c to the same place protover.c was moved to.
Closes ticket 27814.
- Split directory.c into separate pieces for client, server, and
common functionality. Closes ticket 26744.
- Split the non-statistics-related parts from the rephist.c and
geoip.c modules. Closes ticket 27892.
- Split the router.c file into relay-only and shared components, to
help with future modularization. Closes ticket 27864.
o Documentation:
- In the tor-resolve(1) manpage, fix the reference to socks-
extensions.txt by adding a web URL. Resolves ticket 27853.
- Mention that we require Python to be 2.7 or newer for some
integration tests that we ship with Tor. Resolves ticket 27677.
--
tor-talk mailing list - tor-***@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-
tor-talk mailing list - tor-***@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-