2006-11-06: Tor is out

From LinuxReviews
Jump to navigationJump to search

The third development snapshot for the 0.1.2.x series of Tor onion router (which allows you to use the Internet anonymously) is out.[1]

It starts preparing the Tor directory authorities to integrate with Mike Perry's new Tor controller, so we can autodetect broken exit relays. The bundles include the new Vidalia 0.0.9 release, which features an improved interface for setting up and configuring a Tor server. The Windows bundle also includes Torbutton for simpler installs.

Changes in version

  • Minor features:
    • Prepare for servers to publish descriptors less often: never discard a descriptor simply for being too old until either it is recommended by no authorities, or until we get a better one for the same router. Make caches consider retaining old recommended routers for even longer.
    • If most authorities set a BadExit flag for a server, clients don't think of it as a general-purpose exit. Clients only consider authorities that advertise themselves as listing bad exits.
    • Directory servers now provide 'Pragma: no-cache' and 'Expires' headers for content, so that we can work better in the presence of caching HTTP proxies.
    • Allow authorities to list nodes as bad exits by fingerprint or by address.
  • Minor features, controller:
    • Add a REASON field to CIRC events; for backward compatibility, this field is sent only to controllers that have enabled the extended event format. Also, add additional reason codes to explain why a given circuit has been destroyed or truncated. (Patches from Mike Perry)
    • Add a REMOTE_REASON field to extended CIRC events to tell the controller about why a remote OR told us to close a circuit.
    • Stream events also now have REASON and REMOTE_REASON fields, working much like those for circuit events.
    • There's now a GETINFO ns/... field so that controllers can ask Tor about the current status of a router.
    • A new event type "NS" to inform a controller when our opinion of a router's status has changed.
    • Add a GETINFO events/names and GETINFO features/names so controllers can tell which events and features are supported.
    • A new CLEARDNSCACHE signal to allow controllers to clear the client-side DNS cache without expiring circuits.
  • Security bugfixes:
    • When the user sends a NEWNYM signal, clear the client-side DNS cache too. Otherwise we continue to act on previous information.
  • Minor bugfixes:
    • Avoid sending junk to controllers or segfaulting when a controller uses EVENT_NEW_DESC with verbose nicknames.
    • Stop triggering asserts if the controller tries to extend hidden service circuits (reported by mwenge).
    • Avoid infinite loop on unexpected controller input.
    • When the controller does a "GETINFO network-status", tell it about even those routers whose descriptors are very old, and use long nicknames where appropriate.
    • Change NT service functions to be loaded on demand. This lets us build with MinGW without breaking Tor for Windows 98 users.
    • Do DirPort reachability tests less often, since a single test chews through many circuits before giving up.
    • In the hidden service example in torrc.sample, stop recommending esoteric and discouraged hidden service options.
    • When stopping an NT service, wait up to 10 sec for it to actually stop. (Patch from Matt Edman; resolves bug 295.)
    • Fix handling of verbose nicknames with ORCONN controller events: make them show up exactly when requested, rather than exactly when not requested.
    • When reporting verbose nicknames in entry_guards_getinfo(), avoid printing a duplicate "$" in the keys we send (reported by mwenge).
    • Correctly set maximum connection limit on Cygwin. (This time for sure!)
    • Try to detect Windows correctly when cross-compiling.
    • Detect the size of the routers file correctly even if it is corrupted (on systems without mmap) or not page-aligned (on systems with mmap). This bug was harmless.
    • Sometimes we didn't bother sending a RELAY_END cell when an attempt to open a stream fails; now we do in more cases. This should make clients able to find a good exit faster in some cases, since unhandleable requests will now get an error rather than timing out.
    • Resolve two memory leaks when rebuilding the on-disk router cache (reported by fookoowa).
    • Clean up minor code warnings suggested by the MIPSpro C compiler, and reported by some Centos users.
    • Controller signals now work on non-Unix platforms that don't define SIGUSR1 and SIGUSR2 the way we expect.
    • Patch from Michael Mohr to contrib/cross.sh, so it checks more values before failing, and always enables eventdns.
    • Libevent-1.2 exports, but does not define in its headers, strlcpy. Try to fix this in configure.in by checking for most functions before we check for libevent.