The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2022-06-16T18:03:18Zhttps://gitlab.torproject.org/tpo/core/tor/-/issues/27645Add unit tests for UTF-8 and invalid ContactInfo lines2022-06-16T18:03:18ZteorAdd unit tests for UTF-8 and invalid ContactInfo linesIn legacy/trac#27428, we reject non-UTF-8 ContactInfo lines.
We should add some tests to test_options.c for UTF-8 and invalid ContactInfo lines.In legacy/trac#27428, we reject non-UTF-8 ContactInfo lines.
We should add some tests to test_options.c for UTF-8 and invalid ContactInfo lines.https://gitlab.torproject.org/tpo/core/tor/-/issues/27644wrong documentation of networkstatus_read_cached_consensus_impl2020-06-27T13:52:14ZTracwrong documentation of networkstatus_read_cached_consensus_implIt says false when it meant to say 'true.'
**Trac**:
**Username**: cyberpunksIt says false when it meant to say 'true.'
**Trac**:
**Username**: cyberpunksTor: 0.3.5.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/27631Update to September GeoIP2 database2020-06-27T13:52:14ZKarsten LoesingUpdate to September GeoIP2 database[My geoip-2018-09-06 branch](https://gitweb.torproject.org/user/karsten/tor.git/log/?h=geoip-2018-09-06) contains the updated `geoip` and `geoip6` files with IPv4 and IPv6 ranges and is supposed to be merged into maint-0.2.9 and other b...[My geoip-2018-09-06 branch](https://gitweb.torproject.org/user/karsten/tor.git/log/?h=geoip-2018-09-06) contains the updated `geoip` and `geoip6` files with IPv4 and IPv6 ranges and is supposed to be merged into maint-0.2.9 and other branches that are still maintained.Tor: 0.2.9.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/27630use strcmpstart() in rend_parse_v2_service_descriptor2020-06-27T13:52:14ZTracuse strcmpstart() in rend_parse_v2_service_descriptor
**Trac**:
**Username**: cyberpunks
**Trac**:
**Username**: cyberpunksTor: 0.3.5.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/27629add len argument to consensus parsing functions2020-06-27T13:52:14ZTracadd len argument to consensus parsing functions
**Trac**:
**Username**: cyberpunks
**Trac**:
**Username**: cyberpunksTor: 0.4.0.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/27625add unit tests for tokenize_string() and get_next_token()2020-06-27T13:52:14ZTracadd unit tests for tokenize_string() and get_next_token()It looks like there aren't any.
**Trac**:
**Username**: cyberpunksIt looks like there aren't any.
**Trac**:
**Username**: cyberpunksTor: 0.4.0.x-finalrl1987rl1987https://gitlab.torproject.org/tpo/core/tor/-/issues/27620Use trunnel to parse and generate SOCKS wire format in tor-resolve2021-08-23T15:16:06Zrl1987Use trunnel to parse and generate SOCKS wire format in tor-resolveTor: 0.4.0.x-finalrl1987rl1987https://gitlab.torproject.org/tpo/core/tor/-/issues/27618LLVM scan-build: src/tools/tor-resolve.c:224:3: warning: Value stored to 'soc...2020-06-27T13:52:14Zrl1987LLVM scan-build: src/tools/tor-resolve.c:224:3: warning: Value stored to 'socklen' is never read```
src/tools/tor-resolve.c:224:3: warning: Value stored to 'socklen' is never read
socklen = tor_addr_to_sockaddr(sockshost, socksport,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
``````
src/tools/tor-resolve.c:224:3: warning: Value stored to 'socklen' is never read
socklen = tor_addr_to_sockaddr(sockshost, socksport,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
```Tor: 0.3.5.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/27615Travis cache sticky failures2020-07-28T22:58:00ZTaylor YuTravis cache sticky failuresIt looks like there's at least one example of Travis caching corrupt artifacts in a way that causes "sticky" failures when attempting to rebuild that subjob. I had to clear the caches to get it to rebuild.
We should keep track of futur...It looks like there's at least one example of Travis caching corrupt artifacts in a way that causes "sticky" failures when attempting to rebuild that subjob. I had to clear the caches to get it to rebuild.
We should keep track of future instances of this kind of failure. We should also decide whether the speedup from the cache is worth the time spent diagnosing persistent failures that turn out to be cached.
```
gcc -std=gnu99 -ftrapv -fsanitize=address -g -O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector-all -Wstack-protector --param ssp-buffer-size=1 -fPIE -fno-omit-frame-pointer -fasynchronous-unwind-tables -Wall -fno-strict-aliasing -Waddress -Warray-bounds -Wdouble-promotion -Wextra -Winit-self -Wlogical-op -Wmissing-field-initializers -Wmissing-format-attribute -Wmissing-noreturn -Wnormalized=nfkc -Woverlength-strings -Woverride-init -Wshadow -Wstrict-overflow=1 -Wsuggest-attribute=format -Wsuggest-attribute=noreturn -Wsync-nand -Wtrampolines -Wunused-but-set-parameter -Wunused-but-set-variable -Wunused-local-typedefs -Wvariadic-macros -W -Wfloat-equal -Wundef -Wpointer-arith -Wstrict-prototypes -Wmissing-prototypes -Wwrite-strings -Wredundant-decls -Wchar-subscripts -Wcomment -Wformat=2 -Wwrite-strings -Wnested-externs -Wbad-function-cast -Wswitch-enum -Waggregate-return -Wpacked -Wunused -Wunused-parameter -Wold-style-definition -Wmissing-declarations -Werror -pie -z relro -z now -rdynamic -o src/test/test src/test/src_test_test-log_test_helpers.o src/test/src_test_test-hs_test_helpers.o src/test/src_test_test-rend_test_helpers.o src/test/src_test_test-test.o src/test/src_test_test-test_accounting.o src/test/src_test_test-test_addr.o src/test/src_test_test-test_address.o src/test/src_test_test-test_address_set.o src/test/src_test_test-test_bridges.o src/test/src_test_test-test_buffers.o src/test/src_test_test-test_bwmgt.o src/test/src_test_test-test_cell_formats.o src/test/src_test_test-test_cell_queue.o src/test/src_test_test-test_channel.o src/test/src_test_test-test_channelpadding.o src/test/src_test_test-test_channeltls.o src/test/src_test_test-test_checkdir.o src/test/src_test_test-test_circuitlist.o src/test/src_test_test-test_circuitmux.o src/test/src_test_test-test_circuitbuild.o src/test/src_test_test-test_circuituse.o src/test/src_test_test-test_circuitstats.o src/test/src_test_test-test_compat_libevent.o src/test/src_test_test-test_config.o src/test/src_test_test-test_connection.o src/test/src_test_test-test_conscache.o src/test/src_test_test-test_consdiff.o src/test/src_test_test-test_consdiffmgr.o src/test/src_test_test-test_containers.o src/test/src_test_test-test_controller.o src/test/src_test_test-test_controller_events.o src/test/src_test_test-test_crypto.o src/test/src_test_test-test_crypto_ope.o src/test/src_test_test-test_data.o src/test/src_test_test-test_dir.o src/test/src_test_test-test_dir_common.o src/test/src_test_test-test_dir_handle_get.o src/test/src_test_test-test_dos.o src/test/src_test_test-test_entryconn.o src/test/src_test_test-test_entrynodes.o src/test/src_test_test-test_geoip.o src/test/src_test_test-test_guardfraction.o src/test/src_test_test-test_extorport.o src/test/src_test_test-test_hs.o src/test/src_test_test-test_hs_common.o src/test/src_test_test-test_hs_config.o src/test/src_test_test-test_hs_cell.o src/test/src_test_test-test_hs_ntor.o src/test/src_test_test-test_hs_service.o src/test/src_test_test-test_hs_client.o src/test/src_test_test-test_hs_intropoint.o src/test/src_test_test-test_hs_control.o src/test/src_test_test-test_handles.o src/test/src_test_test-test_hs_cache.o src/test/src_test_test-test_hs_descriptor.o src/test/src_test_test-test_introduce.o src/test/src_test_test-test_keypin.o src/test/src_test_test-test_link_handshake.o src/test/src_test_test-test_logging.o src/test/src_test_test-test_mainloop.o src/test/src_test_test-test_microdesc.o src/test/src_test_test-test_nodelist.o src/test/src_test_test-test_oom.o src/test/src_test_test-test_oos.o src/test/src_test_test-test_options.o src/test/src_test_test-test_pem.o src/test/src_test_test-test_periodic_event.o src/test/src_test_test-test_policy.o src/test/src_test_test-test_procmon.o src/test/src_test_test-test_proto_http.o src/test/src_test_test-test_proto_misc.o src/test/src_test_test-test_protover.o src/test/src_test_test-test_pt.o src/test/src_test_test-test_relay.o src/test/src_test_test-test_relaycell.o src/test/src_test_test-test_relaycrypt.o src/test/src_test_test-test_rendcache.o src/test/src_test_test-test_replay.o src/test/src_test_test-test_router.o src/test/src_test_test-test_routerkeys.o src/test/src_test_test-test_routerlist.o src/test/src_test_test-test_routerset.o src/test/src_test_test-test_scheduler.o src/test/src_test_test-test_shared_random.o src/test/src_test_test-test_socks.o src/test/src_test_test-test_status.o src/test/src_test_test-test_storagedir.o src/test/src_test_test-test_threads.o src/test/src_test_test-test_tortls.o src/test/src_test_test-test_util.o src/test/src_test_test-test_util_format.o src/test/src_test_test-test_util_process.o src/test/src_test_test-test_voting_schedule.o src/test/src_test_test-test_x509.o src/test/src_test_test-test_helpers.o src/test/src_test_test-test_dns.o src/test/src_test_test-testing_common.o src/test/src_test_test-testing_rsakeys.o src/ext/src_test_test-tinytest.o src/test/src_test_test-test_crypto_openssl.o src/test/src_test_test-test_tortls_openssl.o src/core/libtor-app-testing.a src/lib/libtor-compress-testing.a src/lib/libtor-evloop-testing.a src/lib/libtor-tls-testing.a src/lib/libtor-crypt-ops-testing.a src/ext/keccak-tiny/libkeccak-tiny.a src/lib/libcurve25519_donna.a src/ext/ed25519/ref10/libed25519_ref10.a src/ext/ed25519/donna/libed25519_donna.a src/lib/libtor-process-testing.a src/lib/libtor-time-testing.a src/lib/libtor-fs-testing.a src/lib/libtor-encoding-testing.a src/lib/libtor-sandbox-testing.a src/lib/libtor-container-testing.a src/lib/libtor-net-testing.a src/lib/libtor-thread-testing.a src/lib/libtor-memarea-testing.a src/lib/libtor-math-testing.a src/lib/libtor-meminfo-testing.a src/lib/libtor-osinfo-testing.a src/lib/libtor-term-testing.a src/lib/libtor-log-testing.a src/lib/libtor-lock-testing.a src/lib/libtor-fdio-testing.a src/lib/libtor-string-testing.a src/lib/libtor-smartlist-core-testing.a src/lib/libtor-malloc-testing.a src/lib/libtor-wallclock-testing.a src/lib/libtor-err-testing.a src/lib/libtor-intmath.a src/lib/libtor-ctime-testing.a src/trunnel/libor-trunnel-testing.a src/lib/libtor-trace.a -lz -lm -levent -lssl -lcrypto -llzma -lscrypt -lseccomp -lcap -lpthread -ldl
src/core/libtor-app.a(connection.o): In function `connection_process_inbuf':
/home/travis/build/tlyu/tor/src/core/mainloop/connection.c:4582: undefined reference to `TO_EDGE_CONN'
src/core/libtor-app.a(connection.o): In function `connection_flushed_some':
/home/travis/build/tlyu/tor/src/core/mainloop/connection.c:4608: undefined reference to `TO_EDGE_CONN'
/home/travis/build/tlyu/tor/src/core/mainloop/connection.c:4608: undefined reference to `connection_edge_flushed_some'
```
This seems to have been something like a corrupted libtor-app.a or connection_edge.o that got cached.Tor: unspecifiedhttps://gitlab.torproject.org/tpo/core/tor/-/issues/27606Handle coverity issues related to recently merged HS client auth2020-06-27T13:52:15ZGeorge KadianakisHandle coverity issues related to recently merged HS client authTor: 0.3.5.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/27594new warning: Requested exit point '<snip>' is not known. Closing.2020-07-28T22:58:32Ztoralfnew warning: Requested exit point '<snip>' is not known. Closing.Get this at a stable Debian with Tor 0.3.3.9 (git-ca1a436fa8e53a32) since today regularly every x hours at a bridge.
This didn't happened before.
It is always the same $snip key. There aren't other warnings in warn.logGet this at a stable Debian with Tor 0.3.3.9 (git-ca1a436fa8e53a32) since today regularly every x hours at a bridge.
This didn't happened before.
It is always the same $snip key. There aren't other warnings in warn.logTor: unspecifiedhttps://gitlab.torproject.org/tpo/core/tor/-/issues/27593Call CRYPTO_set_mem_functions with tor_malloc, tor_realloc and tor_free2020-07-28T22:58:51Zrl1987Call CRYPTO_set_mem_functions with tor_malloc, tor_realloc and tor_freelegacy/trac#8415 deals with attaching our memory management code to libevent. We should do the same with OpenSSL.
Note that OpenSSL had some API changes in last few years in this area.legacy/trac#8415 deals with attaching our memory management code to libevent. We should do the same with OpenSSL.
Note that OpenSSL had some API changes in last few years in this area.Tor: unspecifiedhttps://gitlab.torproject.org/tpo/core/tor/-/issues/27563cached_dir_t for consensus is redundant with conscache code2022-06-17T12:59:56ZNick Mathewsoncached_dir_t for consensus is redundant with conscache codeWe can throw away the cached_dir_t that we use to store our consensus as a directory cache, if we use the consensus cache code instead. This would save a few MB of ram.We can throw away the cached_dir_t that we use to store our consensus as a directory cache, if we use the consensus cache code instead. This would save a few MB of ram.https://gitlab.torproject.org/tpo/core/tor/-/issues/27550hs-v3: Don't warn so loudly when tor is unable to decode a descriptor2020-06-27T13:52:15ZDavid Gouletdgoulet@torproject.orghs-v3: Don't warn so loudly when tor is unable to decode a descriptorWith legacy/trac#20700, we introduce client authorization making tor client without it trying to access a .onion with it to be unable to decode the descriptor. This leads to big warnings:
```
Sep 07 13:55:44.156 [info] handle_response_f...With legacy/trac#20700, we introduce client authorization making tor client without it trying to access a .onion with it to be unable to decode the descriptor. This leads to big warnings:
```
Sep 07 13:55:44.156 [info] handle_response_fetch_hsdesc_v3(): Received v3 hsdesc (body size 14111, status 200 ("OK"))
Sep 07 13:55:44.157 [warn] Encrypted service descriptor MAC check failed
Sep 07 13:55:44.157 [warn] Decrypting encrypted desc failed.
Sep 07 13:55:44.157 [warn] Service descriptor decryption failed.
Sep 07 13:55:44.157 [warn] Could not parse received descriptor as client.
...
```
We should definitely not print warning if decoding fails but maybe a "unable to use descriptor" instead and the rest at info level.
Second, there is the retry behavior. Two cases:
1) Tor is configured with client authorization for A.onion:
If we get the descriptor and unable to decode A.onion while we know we have a client authorization configured, I think we should make Tor stop and just tell the user that it didn't worked.
2) Tor doesn't have client authorization for A.onion
In that case, if the decoding fails, we should *probably* make Tor stop trying on all HSDir and instead go at notice level saying "Unable to access A.onion. Maybe you need authorization?" kind of message.
Failing to decode a descriptor now is imo highly unlikely so we could assume that in this case, chances are that you'll get a better descriptor at the next HSDir are thin!Tor: 0.3.3.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/27549hs-v3: Refactor the descriptor cookie computation code2021-09-16T14:28:09ZDavid Gouletdgoulet@torproject.orghs-v3: Refactor the descriptor cookie computation codeThese functions have very very similar code for computing `hs_desc_build_authorized_client()` and `decrypt_descriptor_cookie()` for computing the keys for the client authorization.
We should refactor this and consolidate since they do ...These functions have very very similar code for computing `hs_desc_build_authorized_client()` and `decrypt_descriptor_cookie()` for computing the keys for the client authorization.
We should refactor this and consolidate since they do the same work on both sides (client and service).CollecTor 1.7.0David Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/issues/27547hs-v3: Client authorization feature needs a changes file and man page2020-06-27T13:52:16ZDavid Gouletdgoulet@torproject.orghs-v3: Client authorization feature needs a changes file and man pageTo remind ourselves that we can't release 035 without the changes file and man page entry for the v3 client authorization.To remind ourselves that we can't release 035 without the changes file and man page entry for the v3 client authorization.Tor: 0.3.5.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/27545hs-v3: Shuffle the client authorization ordering in the descriptor2020-06-27T13:52:16ZDavid Gouletdgoulet@torproject.orghs-v3: Shuffle the client authorization ordering in the descriptorIt would be desirable to shuffle the list of clients in a descriptor (if any) so no one can learn anything from the ordering.
haxxpop has already done code for this:
https://github.com/haxxpop/tor/commit/3ac776bd988
This can go post 03...It would be desirable to shuffle the list of clients in a descriptor (if any) so no one can learn anything from the ordering.
haxxpop has already done code for this:
https://github.com/haxxpop/tor/commit/3ac776bd988
This can go post 035 freeze.Tor: 0.3.5.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/27544hs-v3: Client authorization fixes and improvements post-merge2020-07-28T22:59:25ZDavid Gouletdgoulet@torproject.orghs-v3: Client authorization fixes and improvements post-mergeThe legacy/trac#20700 is soon to be merged upstream. Some fixes and improvement have been found during the review process.
This is the parent ticket that will collect them all in one place so we don't forget.The legacy/trac#20700 is soon to be merged upstream. Some fixes and improvement have been found during the review process.
This is the parent ticket that will collect them all in one place so we don't forget.Tor: unspecifiedhttps://gitlab.torproject.org/tpo/core/tor/-/issues/27532Bug: tor_tls_context_new: Assertion dh failed2020-06-27T13:52:16ZteorBug: tor_tls_context_new: Assertion dh failedI get an assertion failure on macOS 10.13:
```
$ gcc --version
Configured with: --prefix=/Applications/Xcode.app/Contents/Developer/usr --with-gxx-include-dir=/usr/include/c++/4.2.1
Apple LLVM version 9.1.0 (clang-902.0.39.2)
Target: x86...I get an assertion failure on macOS 10.13:
```
$ gcc --version
Configured with: --prefix=/Applications/Xcode.app/Contents/Developer/usr --with-gxx-include-dir=/usr/include/c++/4.2.1
Apple LLVM version 9.1.0 (clang-902.0.39.2)
Target: x86_64-apple-darwin17.7.0
Thread model: posix
InstalledDir: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin
$ brew list --versions | grep openssl
openssl 1.0.2o_2
```
(Yes, gcc is an alias for clang on macOS by default.)
Our macOS CI passes with:
```
$ gcc --version
...
Target: x86_64-apple-darwin17.4.0
...
$ if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew install openssl; fi
Warning: openssl 1.0.2p is already installed and up-to-date
To reinstall 1.0.2p, run `brew reinstall openssl`
```
https://travis-ci.org/teor2345/tor/jobs/425576549#L1132
Have we broken compatibility with 1.0.2o?
I've done a `make clean`, so it's probably not my machine.
Here is the tor log:
```
$ /Users/base/tor-master/build-c/src/app/tor --ignore-missing-torrc -f /Users/base/chutney/net/nodes/000a/torrc --list-fingerprint --orport 1 --datadirectory /Users/base/chutney/net/nodes/000a
Sep 06 07:32:14.174 [notice] Tor 0.3.5.0-alpha-dev (git-22e24031452d5785) running on Darwin with Libevent 2.1.8-stable, OpenSSL 1.0.2o, Zlib 1.2.11, Liblzma 5.2.4, and Libzstd 1.3.5.
...
Sep 06 07:32:14.176 [notice] Configuration file "/Users/base/chutney/net/nodes/000a/torrc" not present, using reasonable defaults.
...
Sep 06 07:27:13.545 [err] tor_assertion_failed_: Bug: ../src/lib/tls/tortls_openssl.c:632: tor_tls_context_new: Assertion dh failed; aborting. (on Tor 0.3.5.0-alpha-dev 22e24031452d5785)
Sep 06 07:27:13.547 [err] Bug: Assertion dh failed in tor_tls_context_new at ../src/lib/tls/tortls_openssl.c:632. Stack trace: (on Tor 0.3.5.0-alpha-dev 22e24031452d5785)
Sep 06 07:27:13.547 [err] Bug: 0 tor 0x000000010be5572c log_backtrace_impl + 76 (on Tor 0.3.5.0-alpha-dev 22e24031452d5785)
Sep 06 07:27:13.547 [err] Bug: 1 tor 0x000000010be45bd8 tor_assertion_failed_ + 392 (on Tor 0.3.5.0-alpha-dev 22e24031452d5785)
Sep 06 07:27:13.547 [err] Bug: 2 tor 0x000000010bd7454e tor_tls_context_new + 4190 (on Tor 0.3.5.0-alpha-dev 22e24031452d5785)
Sep 06 07:27:13.547 [err] Bug: 3 tor 0x000000010bd7050c tor_tls_context_init + 156 (on Tor 0.3.5.0-alpha-dev 22e24031452d5785)
Sep 06 07:27:13.547 [err] Bug: 4 tor 0x000000010bc8742f init_keys + 2191 (on Tor 0.3.5.0-alpha-dev 22e24031452d5785)
Sep 06 07:27:13.547 [err] Bug: 5 tor 0x000000010b8e6da6 tor_run_main + 1734 (on Tor 0.3.5.0-alpha-dev 22e24031452d5785)
Sep 06 07:27:13.547 [err] Bug: 6 tor 0x000000010ba48721 tor_main + 161 (on Tor 0.3.5.0-alpha-dev 22e24031452d5785)
Sep 06 07:27:13.547 [err] Bug: 7 tor 0x000000010b842bdb main + 27 (on Tor 0.3.5.0-alpha-dev 22e24031452d5785)
Sep 06 07:27:13.547 [err] Bug: 8 libdyld.dylib 0x00007fff54fbe015 start + 1 (on Tor 0.3.5.0-alpha-dev 22e24031452d5785)
Sep 06 07:27:13.547 [err] Bug: 9 ??? 0x0000000000000009 0x0 + 9 (on Tor 0.3.5.0-alpha-dev 22e24031452d5785)
Abort trap: 6
Exit 134
```Tor: 0.3.5.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/27530Configure: Use AC_TRY_RUN() to check that --enable-gcc-hardening works2020-06-27T13:52:16ZteorConfigure: Use AC_TRY_RUN() to check that --enable-gcc-hardening worksSplit off [comment:3:ticket:27460 legacy/trac#27460 Comment 3]:
> maybe in 0.3.5 we should change the implementation of gcc-hardening so that it does an AC_TRY_RUN() to see whether it can use these compiler flags safely. That could be a...Split off [comment:3:ticket:27460 legacy/trac#27460 Comment 3]:
> maybe in 0.3.5 we should change the implementation of gcc-hardening so that it does an AC_TRY_RUN() to see whether it can use these compiler flags safely. That could be another ticket, though.
When we merge to 0.3.5, we should also revert legacy/trac#27460.Tor: 0.4.1.x-finalNick MathewsonNick Mathewson