New Release: Tor 0.3.5.3-alpha
There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.3.5.3-alpha from the download page. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely in the next few weeks.
Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.
Tor 0.3.5.3-alpha fixes several bugs, mostly from previous 0.3.5.x versions. One important fix for relays addresses a problem with rate- limiting code from back in 0.3.4.x: If the fix works out, we'll be backporting it soon. This release is still an alpha, but we hope it's getting closer and closer to stability.
Changes in version 0.3.5.3-alpha - 2018-10-17
- Major features (onion services):
- Version 3 onion services can now use the per-service HiddenServiceExportCircuitID option to differentiate client circuits. It communicates with the service by using the HAProxy protocol to assign virtual IP addresses to inbound client circuits. Closes ticket 4700. Patch by Mahrud Sayrafi.
- Major bugfixes (compilation):
- Fix compilation on ARM (and other less-used CPUs) when compiling with OpenSSL before 1.1. Fixes bug 27781; bugfix on 0.3.4.1-alpha.
- Major bugfixes (initialization, crash):
- Fix an assertion crash that would stop Tor from starting up if it tried to activate a periodic event too early. Fixes bug 27861; bugfix on 0.3.5.1-alpha.
- Major bugfixes (mainloop, bootstrap):
- Make sure Tor bootstraps and works properly if only the ControlPort is set. Prior to this fix, Tor would only bootstrap when a client port was set (Socks, Trans, NATD, DNS or HTTPTunnel port). Fixes bug 27849; bugfix on 0.3.4.1-alpha.
- Major bugfixes (relay):
- When our write bandwidth limit is exhausted, stop writing on the connection. Previously, we had a typo in the code that would make us stop reading instead, leading to relay connections being stuck indefinitely and consuming kernel RAM. Fixes bug 28089; bugfix on 0.3.4.1-alpha.
- Minor features (continuous integration):
- Use the Travis Homebrew addon to install packages on macOS during Travis CI. The package list is the same, but the Homebrew addon does not do a `brew update` by default. Implements ticket 27738.
- Report what program produced the mysterious core file that we occasionally see on Travis CI during make distcheck. Closes ticket 28024.
- Minor features (geoip):
- Update geoip and geoip6 to the October 9 2018 Maxmind GeoLite2 Country database. Closes ticket 27991.
- Minor bugfixes (code safety):
- Rewrite our assertion macros so that they no longer suppress the compiler's -Wparentheses warnings. Fixes bug 27709; bugfix on 0.0.6.
- Minor bugfixes (compilation):
- Compile the ed25519-donna code with a correct declaration of crypto_strongest_rand(). Previously, we built it with one type, but linked it against another in the unit tests, which caused compilation failures with LTO enabled. This could have caused other undefined behavior in the tests. Fixes bug 27728; bugfix on 0.3.5.1-alpha.
- Minor bugfixes (compilation, netbsd):
- Add a missing include back into procmon.c. Fixes bug 27990; bugfix on 0.3.5.1-alpha.
- Minor bugfixes (continuous integration, appveyor):
- Install only the necessary mingw packages during our appveyor builds. This change makes the build a little faster, and prevents a conflict with a preinstalled mingw openssl that appveyor now ships. Fixes bugs 27765 and 27943; bugfix on 0.3.4.2-alpha.
- Minor bugfixes (directory permissions):
- When a user requests a group-readable DataDirectory, give it to them. Previously, when the DataDirectory and the CacheDirectory were the same, the default setting (0) for CacheDirectoryGroupReadable would override the setting for DataDirectoryGroupReadable. Fixes bug 26913; bugfix on 0.3.3.1-alpha.
- Minor bugfixes (memory leaks):
- Fix a small memory leak when calling Tor with --dump-config. Fixes bug 27893; bugfix on 0.3.2.1-alpha.
- Minor bugfixes (networking):
- Minor bugfixes (onion service v3):
- Stop dumping a stack trace when trying to connect to an intro point without having a descriptor for it. Fixes bug 27774; bugfix on 0.3.2.1-alpha.
- Don't warn so loudly when Tor is unable to decode an onion descriptor. This can now happen as a normal use case if a client gets a descriptor with client authorization but the client is not authorized. Fixes bug 27550; bugfix on 0.3.5.1-alpha.
- When selecting a v3 rendezvous point, don't only look at the protover, but also check whether the curve25519 onion key is present. This way we avoid picking a relay that supports the v3 rendezvous but for which we don't have the microdescriptor. Fixes bug 27797; bugfix on 0.3.2.1-alpha.
- Minor bugfixes (protover):
- Reject protocol names containing bytes other than alphanumeric characters and hyphens ([A-Za-z0-9-]). Fixes bug 27316; bugfix on 0.2.9.4-alpha.
- Minor bugfixes (testing):
- Make the hs_service tests use the same time source when creating the introduction point and when testing it. Now tests work better on very slow systems like ARM or Travis. Fixes bug 27810; bugfix on 0.3.2.1-alpha.
- In test_rebind.py, check if the Python version is in the supported range. Fixes bug 27675; bugfix on 0.3.5.1-alpha.
- Code simplification and refactoring:
- Divide more large Tor source files -- especially ones that span multiple areas of functionality -- into smaller parts, including onion.c and main.c. Closes ticket 26747.
- Divide the "routerparse.c" module into separate modules for each group of parsed objects. Closes ticket 27924.
- Move protover_rust.c to the same place protover.c was moved to. Closes ticket 27814.
- Split directory.c into separate pieces for client, server, and common functionality. Closes ticket 26744.
- Split the non-statistics-related parts from the rephist.c and geoip.c modules. Closes ticket 27892.
- Split the router.c file into relay-only and shared components, to help with future modularization. Closes ticket 27864.
SSLKeyLifetime applies to everybody.