Tor 0.2.1.10-alpha released
Tor 0.2.1.10-alpha fixes two major bugs in bridge relays (one that would
make the bridge relay not so useful if it had DirPort set to 0, and one
that could let an attacker learn a little bit of information about the
bridge's users), and a bug that would cause your Tor relay to ignore a
circuit create request it can't decrypt (rather than reply with an error).
It also fixes a wide variety of other bugs.
Changes in version 0.2.1.10-alpha - 2009-01-06
- If the cached networkstatus consensus is more than five days old,
discard it rather than trying to use it. In theory it could
be useful because it lists alternate directory mirrors, but in
practice it just means we spend many minutes trying directory
mirrors that are long gone from the network. Helps bug 887 a bit;
bugfix on 0.2.0.x.
- Bridge relays that had DirPort set to 0 would stop fetching
descriptors shortly after startup, and then briefly resume
after a new bandwidth test and/or after publishing a new bridge
descriptor. Bridge users that try to bootstrap from them would
get a recent networkstatus but would get descriptors from up to
18 hours earlier, meaning most of the descriptors were obsolete
already. Reported by Tas; bugfix on 0.2.0.13-alpha.
- Prevent bridge relays from serving their 'extrainfo' document
to anybody who asks, now that extrainfo docs include potentially
sensitive aggregated client geoip summaries. Bugfix on
- New controller event "clients_seen" to report a geoip-based summary
of which countries we've seen clients from recently. Now controllers
like Vidalia can show bridge operators that they're actually making
- Build correctly against versions of OpenSSL 0.9.8 or later built
without support for deprecated functions.
- Update to the "December 19 2008" ip-to-country file.
Minor bugfixes (on 0.2.0.x):
- Authorities now vote for the Stable flag for any router whose
weighted MTBF is at least 5 days, regardless of the mean MTBF.
- Do not remove routers as too old if we do not have any consensus
document. Bugfix on 0.2.0.7-alpha.
- Do not accept incomplete ipv4 addresses (like 192.168.0) as valid.
Spec conformance issue. Bugfix on Tor 0.0.2pre27.
- When an exit relay resolves a stream address to a local IP address,
do not just keep retrying that same exit relay over and
over. Instead, just close the stream. Addresses bug 872. Bugfix
on 0.2.0.32. Patch from rovv.
- If a hidden service sends us an END cell, do not consider
retrying the connection; just close it. Patch from rovv.
- When we made bridge authorities stop serving bridge descriptors over
unencrypted links, we also broke DirPort reachability testing for
bridges. So bridges with a non-zero DirPort were printing spurious
warns to their logs. Bugfix on 0.2.0.16-alpha. Fixes bug 709.
- When a relay gets a create cell it can't decrypt (e.g. because it's
using the wrong onion key), we were dropping it and letting the
client time out. Now actually answer with a destroy cell. Fixes
bug 904. Bugfix on 0.0.2pre8.
- Squeeze 2-5% out of client performance (according to oprofile) by
improving the implementation of some policy-manipulation functions.
Minor bugfixes (on 0.2.1.x):
- Make get_interface_address() function work properly again; stop
guessing the wrong parts of our address as our address.
- Do not cannibalize a circuit if we're out of RELAY_EARLY cells to
send on that circuit. Otherwise we might violate the proposal-110
limit. Bugfix on 0.2.1.3-alpha. Partial fix for Bug 878. Diagnosis
thanks to Karsten.
- When we're sending non-EXTEND cells to the first hop in a circuit,
for example to use an encrypted directory connection, we don't need
to use RELAY_EARLY cells: the first hop knows what kind of cell
it is, and nobody else can even see the cell type. Conserving
RELAY_EARLY cells makes it easier to cannibalize circuits like
- Stop logging nameserver addresses in reverse order.
- If we are retrying a directory download slowly over and over, do
not automatically give up after the 254th failure. Bugfix on
- Resume reporting accurate "stream end" reasons to the local control
port. They were lost in the changes for Proposal 148. Bugfix on
Deprecated and removed features:
- The old "tor --version --version" command, which would print out
the subversion "Id" of most of the source files, is now removed. It
turned out to be less useful than we'd expected, and harder to
Code simplifications and refactoring:
- Change our header file guard macros to be less likely to conflict
with system headers. Adam Langley noticed that we were conflicting
with log.h on Android.
- Tool-assisted documentation cleanup. Nearly every function or
static variable in Tor should have its own documentation now.
The original announcement can be found at http://archives.seul.org/or/talk/Jan-2009/msg00078.html