Newer
Older
Changes in version 0.2.3.16-alpha - 2012-06-05
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
o Major bugfixes (general):
- Work around a bug in OpenSSL that broke renegotiation with TLS
1.1 and TLS 1.2. Without this workaround, all attempts to speak
the v2 Tor connection protocol when both sides were using OpenSSL
1.0.1 would fail. Resolves ticket 6033.
- When waiting for a client to renegotiate, don't allow it to add
any bytes to the input buffer. This fixes a potential DoS issue.
Fixes bugs 5934 and 6007; bugfix on 0.2.0.20-rc.
- Pass correct OR address to managed proxies (like obfsproxy),
even when ORListenAddress is used. Fixes bug 4865; bugfix on
0.2.3.9-alpha.
- The advertised platform of a router now includes only its operating
system's name (e.g., "Linux", "Darwin", "Windows 7"), and not its
service pack level (for Windows) or its CPU architecture (for Unix).
We also no longer include the "git-XYZ" tag in the version. Resolves
part of bug 2988.
o Major bugfixes (clients):
- If we are unable to find any exit that supports our predicted ports,
stop calling them predicted, so that we don't loop and build
hopeless circuits indefinitely. Fixes bug 3296; bugfix on 0.0.9pre6,
which introduced predicted ports.
- Fix an edge case where if we fetch or publish a hidden service
descriptor, we might build a 4-hop circuit and then use that circuit
for exiting afterwards -- even if the new last hop doesn't obey our
ExitNodes config option. Fixes bug 5283; bugfix on 0.2.0.10-alpha.
- Check at each new consensus whether our entry guards were picked
long enough ago that we should rotate them. Previously, we only
did this check at startup, which could lead to us holding a guard
indefinitely. Fixes bug 5380; bugfix on 0.2.1.14-rc.
- When fetching a bridge descriptor from a bridge authority,
always do so anonymously, whether we have been able to open
circuits or not. Partial fix for bug 1938; bugfix on 2.0.7-alpha.
This behavior makes it *safer* to use UpdateBridgesFromAuthority,
but we'll need to wait for bug 6010 before it's actually usable.
o Major bugfixes (directory authorities):
- When computing weight parameters, behave more robustly in the
presence of a bad bwweightscale value. Previously, the authorities
would crash if they agreed on a sufficiently broken weight_scale
value: now, they use a reasonable default and carry on. Partial
fix for 5786; bugfix on 0.2.2.17-alpha.
- Check more thoroughly to prevent a rogue authority from
double-voting on any consensus directory parameter. Previously,
authorities would crash in this case if the total number of
votes for any parameter exceeded the number of active voters,
but would let it pass otherwise. Partial fix for bug 5786; bugfix
on 0.2.2.2-alpha.
o Minor features:
- Rate-limit log messages when asked to connect anonymously to
a private address. When these hit, they tended to hit fast and
often. Also, don't bother trying to connect to addresses that we
are sure will resolve to 127.0.0.1: getting 127.0.0.1 in a directory
reply makes us think we have been lied to, even when the address the
client tried to connect to was "localhost." Resolves ticket 2822.
- Allow packagers to insert an extra string in server descriptor
platform lines by setting the preprocessor variable TOR_BUILD_TAG.
Resolves the rest of ticket 2988.
- Raise the threshold of server descriptors needed (75%) and exit
server descriptors needed (50%) before we will declare ourselves
bootstrapped. This will make clients start building circuits a
little later, but makes the initially constructed circuits less
skewed and less in conflict with further directory fetches. Fixes
ticket 3196.
- Close any connection that sends unrecognized junk before the
handshake. Solves an issue noted in bug 4369.
- Improve log messages about managed transports. Resolves ticket 5070.
- Tag a bridge's descriptor as "never to be sent unencrypted".
This shouldn't matter, since bridges don't open non-anonymous
connections to the bridge authority and don't allow unencrypted
directory connections from clients, but we might as well make
sure. Closes bug 5139.
- Expose our view of whether we have gone dormant to the controller,
via a new "GETINFO dormant" value. Torbutton and other controllers
can use this to avoid doing periodic requests through Tor while
it's dormant (bug 4718). Fixes bug 5954.
- Tell GCC and Clang to check for any errors in format strings passed
to the tor_v*(print|scan)f functions.
- Update to the May 1 2012 Maxmind GeoLite Country database.
o Minor bugfixes (already included in 0.2.2.36):
- Reject out-of-range times like 23:59:61 in parse_rfc1123_time().
Fixes bug 5346; bugfix on 0.0.8pre3.
- Correct parsing of certain date types in parse_http_time().
Without this patch, If-Modified-Since would behave
incorrectly. Fixes bug 5346; bugfix on 0.2.0.2-alpha. Patch from
Esteban Manchado Velázques.
- Make our number-parsing functions always treat too-large values
as an error, even when those values exceed the width of the
underlying type. Previously, if the caller provided these
functions with minima or maxima set to the extreme values of the
underlying integer type, these functions would return those
values on overflow rather than treating overflow as an error.
Fixes part of bug 5786; bugfix on 0.0.9.
- If we hit the error case where routerlist_insert() replaces an
existing (old) server descriptor, make sure to remove that
server descriptor from the old_routers list. Fix related to bug
1776. Bugfix on 0.2.2.18-alpha.
- Clarify the behavior of MaxCircuitDirtiness with hidden service
circuits. Fixes issue 5259.
o Minor bugfixes (coding cleanup, on 0.2.2.x and earlier):
- Prevent a null-pointer dereference when receiving a data cell
for a nonexistent stream when the circuit in question has an
empty deliver window. We don't believe this is triggerable,
since we don't currently allow deliver windows to become empty,
but the logic is tricky enough that it's better to make the code
robust. Fixes bug 5541; bugfix on 0.0.2pre14.
- Fix a memory leak when trying to launch a DNS request when the
network is disabled or the nameservers are unconfigurable. Fixes
bug 5916; bugfix on Tor 0.1.2.1-alpha (for the unconfigurable
nameserver case) and on 0.2.3.9-alpha (for the DisableNetwork case).
- Don't hold a windows file handle open for every file mapping;
the file mapping handle is sufficient. Fixes bug 5951; bugfix on
0.1.2.1-alpha.
- Avoid O(n^2) performance characteristics when parsing a large
extrainfo cache. Fixes bug 5828; bugfix on 0.2.0.1-alpha.
- Format more doubles with %f, not %lf. Patch from grarpamp to make
Tor build correctly on older BSDs again. Fixes bug 3894; bugfix on
Tor 0.2.0.8-alpha.
- Make our replacement implementation of strtok_r() compatible with
the standard behavior of strtok_r(). Patch by nils. Fixes bug 5091;
bugfix on 0.2.2.1-alpha.
- Fix a NULL-pointer dereference on a badly formed
SETCIRCUITPURPOSE command. Found by mikeyc. Fixes bug 5796;
bugfix on 0.2.2.9-alpha.
- Fix a build warning with Clang 3.1 related to our use of vasprint.
Fixes bug 5969. Bugfix on 0.2.2.11-alpha.
- Defensively refactor rend_mid_rendezvous() so that protocol
violations and length checks happen in the beginning. Fixes
bug 5645.
- Set _WIN32_WINNT to 0x0501 consistently throughout the code, so
that IPv6 stuff will compile on MSVC, and compilation issues
will be easier to track down. Fixes bug 5861.
o Minor bugfixes (correctness, on 0.2.2.x and earlier):
- Exit nodes now correctly report EADDRINUSE and EADDRNOTAVAIL as
resource exhaustion, so that clients can adjust their load to
try other exits. Fixes bug 4710; bugfix on 0.1.0.1-rc, which
started using END_STREAM_REASON_RESOURCELIMIT.
- Don't check for whether the address we're using for outbound
connections has changed until after the outbound connection has
completed. On Windows, getsockname() doesn't succeed until the
connection is finished. Fixes bug 5374; bugfix on 0.1.1.14-alpha.
- If the configuration tries to set MyFamily on a bridge, refuse to
do so, and warn about the security implications. Fixes bug 4657;
bugfix on 0.2.0.3-alpha.
- If the client fails to set a reasonable set of ciphersuites
during its v2 handshake renegotiation, allow the renegotiation to
continue nevertheless (i.e. send all the required certificates).
Fixes bug 4591; bugfix on 0.2.0.20-rc.
- When we receive a SIGHUP and the controller __ReloadTorrcOnSIGHUP
option is set to 0 (which Vidalia version 0.2.16 now does when
a SAVECONF attempt fails), perform other actions that SIGHUP
usually causes (like reopening the logs). Fixes bug 5095; bugfix
on 0.2.1.9-alpha.
- If we fail to write a microdescriptor to the disk cache, do not
continue replacing the old microdescriptor file. Fixes bug 2954;
bugfix on 0.2.2.6-alpha.
- Exit nodes don't need to fetch certificates for authorities that
they don't recognize; only directory authorities, bridges,
and caches need to do that. Fixes part of bug 2297; bugfix on
0.2.2.11-alpha.
- Correctly handle checking the permissions on the parent
directory of a control socket in the root directory. Bug found
by Esteban Manchado Velázquez. Fixes bug 5089; bugfix on Tor
0.2.2.26-beta.
- When told to add a bridge with the same digest as a preexisting
bridge but a different addr:port, change the addr:port as
requested. Previously we would not notice the change. Fixes half
of bug 5603; fix on 0.2.2.26-beta.
- End AUTHCHALLENGE error messages (in the control protocol) with
a CRLF. Fixes bug 5760; bugfix on 0.2.2.36 and 0.2.3.13-alpha.
o Minor bugfixes (on 0.2.3.x):
- Turn an assertion (that the number of handshakes received as a
server is not < 1) into a warning. Fixes bug 4873; bugfix on
0.2.3.1-alpha.
- Format IPv4 addresses correctly in ADDRMAP events. (Previously,
we had reversed them when the answer was cached.) Fixes bug
5723; bugfix on 0.2.3.1-alpha.
- Work correctly on Linux systems with accept4 support advertised in
their headers, but without accept4 support in the kernel. Fix
by murb. Fixes bug 5762; bugfix on 0.2.3.1-alpha.
- When told to add a bridge with the same addr:port as a preexisting
bridge but a different transport, change the transport as
requested. Previously we would not notice the change. Fixes half
of bug 5603; fix on 0.2.3.2-alpha.
- Avoid a "double-reply" warning when replying to a SOCKS request
with a parse error. Patch from Fabian Keil. Fixes bug 4108;
bugfix on 0.2.3.4-alpha.
- Fix a bug where a bridge authority crashes if it has seen no
directory requests when it's time to write statistics to disk.
Fixes bug 5891; bugfix on 0.2.3.6-alpha. Also fixes bug 5508 in
a better way.
- Don't try to open non-control listeners when DisableNetwork is set.
Previousy, we'd open all listeners, then immediately close them.
Fixes bug 5604; bugfix on 0.2.3.9-alpha.
- Don't abort the managed proxy protocol if the managed proxy
sends us an unrecognized line; ignore it instead. Fixes bug
5910; bugfix on 0.2.3.9-alpha.
- Fix a compile warning in crypto.c when compiling with clang 3.1.
Fixes bug 5969, bugfix on 0.2.3.9-alpha.
- Fix a compilation issue on GNU Hurd, which doesn't have PATH_MAX.
Fixes bug 5355; bugfix on 0.2.3.11-alpha.
- Remove bogus definition of "_WIN32" from src/win32/orconfig.h, to
unbreak the MSVC build. Fies bug 5858; bugfix on 0.2.3.12-alpha.
- Resolve numerous small warnings and build issues with MSVC. Resolves
bug 5859.
o Documentation fixes:
- Improve the manual's documentation for the NT Service command-line
options. Addresses ticket 3964.
- Clarify SessionGroup documentation slightly; resolves ticket 5437.
- Document the changes to the ORPort and DirPort options, and the
fact that {OR/Dir}ListenAddress is now unnecessary (and
therefore deprecated). Resolves ticket 5597.
o Removed files:
- Remove the torrc.bridge file: we don't use it for anything, and
it had become badly desynchronized from torrc.sample. Resolves
bug 5622.
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
Changes in version 0.2.2.36 - 2012-05-24
Tor 0.2.2.36 updates the addresses for two of the eight directory
authorities, fixes some potential anonymity and security issues,
and fixes several crash bugs.
Tor 0.2.1.x has reached its end-of-life. Those Tor versions have many
known flaws, and nobody should be using them. You should upgrade. If
you're using a Linux or BSD and its packages are obsolete, stop using
those packages and upgrade anyway.
o Directory authority changes:
- Change IP address for maatuska (v3 directory authority).
- Change IP address for ides (v3 directory authority), and rename
it to turtles.
o Security fixes:
- When building or running with any version of OpenSSL earlier
than 0.9.8s or 1.0.0f, disable SSLv3 support. These OpenSSL
versions have a bug (CVE-2011-4576) in which their block cipher
padding includes uninitialized data, potentially leaking sensitive
information to any peer with whom they make a SSLv3 connection. Tor
does not use SSL v3 by default, but a hostile client or server
could force an SSLv3 connection in order to gain information that
they shouldn't have been able to get. The best solution here is to
upgrade to OpenSSL 0.9.8s or 1.0.0f (or later). But when building
or running with a non-upgraded OpenSSL, we disable SSLv3 entirely
to make sure that the bug can't happen.
- Never use a bridge or a controller-supplied node as an exit, even
if its exit policy allows it. Found by wanoskarnet. Fixes bug
5342. Bugfix on 0.1.1.15-rc (for controller-purpose descriptors)
and 0.2.0.3-alpha (for bridge-purpose descriptors).
- Only build circuits if we have a sufficient threshold of the total
descriptors that are marked in the consensus with the "Exit"
flag. This mitigates an attack proposed by wanoskarnet, in which
all of a client's bridges collude to restrict the exit nodes that
the client knows about. Fixes bug 5343.
- Provide controllers with a safer way to implement the cookie
authentication mechanism. With the old method, if another locally
running program could convince a controller that it was the Tor
process, then that program could trick the contoller into telling
it the contents of an arbitrary 32-byte file. The new "SAFECOOKIE"
authentication method uses a challenge-response approach to prevent
this attack. Fixes bug 5185; implements proposal 193.
o Major bugfixes:
- Avoid logging uninitialized data when unable to decode a hidden
service descriptor cookie. Fixes bug 5647; bugfix on 0.2.1.5-alpha.
- Avoid a client-side assertion failure when receiving an INTRODUCE2
cell on a general purpose circuit. Fixes bug 5644; bugfix on
0.2.1.6-alpha.
- Fix builds when the path to sed, openssl, or sha1sum contains
spaces, which is pretty common on Windows. Fixes bug 5065; bugfix
on 0.2.2.1-alpha.
- Correct our replacements for the timeradd() and timersub() functions
on platforms that lack them (for example, Windows). The timersub()
function is used when expiring circuits, while timeradd() is
currently unused. Bug report and patch by Vektor. Fixes bug 4778;
bugfix on 0.2.2.24-alpha.
- Fix the SOCKET_OK test that we use to tell when socket
creation fails so that it works on Win64. Fixes part of bug 4533;
bugfix on 0.2.2.29-beta. Bug found by wanoskarnet.
o Minor bugfixes:
- Reject out-of-range times like 23:59:61 in parse_rfc1123_time().
Fixes bug 5346; bugfix on 0.0.8pre3.
- Make our number-parsing functions always treat too-large values
as an error, even when those values exceed the width of the
underlying type. Previously, if the caller provided these
functions with minima or maxima set to the extreme values of the
underlying integer type, these functions would return those
values on overflow rather than treating overflow as an error.
Fixes part of bug 5786; bugfix on 0.0.9.
- Older Linux kernels erroneously respond to strange nmap behavior
by having accept() return successfully with a zero-length
socket. When this happens, just close the connection. Previously,
we would try harder to learn the remote address: but there was
no such remote address to learn, and our method for trying to
learn it was incorrect. Fixes bugs 1240, 4745, and 4747. Bugfix
on 0.1.0.3-rc. Reported and diagnosed by "r1eo".
- Correct parsing of certain date types in parse_http_time().
Without this patch, If-Modified-Since would behave
incorrectly. Fixes bug 5346; bugfix on 0.2.0.2-alpha. Patch from
Esteban Manchado Velázques.
- Change the BridgePassword feature (part of the "bridge community"
design, which is not yet implemented) to use a time-independent
comparison. The old behavior might have allowed an adversary
to use timing to guess the BridgePassword value. Fixes bug 5543;
bugfix on 0.2.0.14-alpha.
- Detect and reject certain misformed escape sequences in
configuration values. Previously, these values would cause us
to crash if received in a torrc file or over an authenticated
control port. Bug found by Esteban Manchado Velázquez, and
independently by Robert Connolly from Matta Consulting who further
noted that it allows a post-authentication heap overflow. Patch
by Alexander Schrijver. Fixes bugs 5090 and 5402 (CVE 2012-1668);
bugfix on 0.2.0.16-alpha.
- Fix a compile warning when using the --enable-openbsd-malloc
configure option. Fixes bug 5340; bugfix on 0.2.0.20-rc.
- During configure, detect when we're building with clang version
3.0 or lower and disable the -Wnormalized=id and -Woverride-init
CFLAGS. clang doesn't support them yet.
- When sending an HTTP/1.1 proxy request, include a Host header.
Fixes bug 5593; bugfix on 0.2.2.1-alpha.
- Fix a NULL-pointer dereference on a badly formed SETCIRCUITPURPOSE
command. Found by mikeyc. Fixes bug 5796; bugfix on 0.2.2.9-alpha.
- If we hit the error case where routerlist_insert() replaces an
existing (old) server descriptor, make sure to remove that
server descriptor from the old_routers list. Fix related to bug
1776. Bugfix on 0.2.2.18-alpha.
o Minor bugfixes (documentation and log messages):
- Fix a typo in a log message in rend_service_rendezvous_has_opened().
Fixes bug 4856; bugfix on Tor 0.0.6.
- Update "ClientOnly" man page entry to explain that there isn't
really any point to messing with it. Resolves ticket 5005.
- Document the GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays
directory authority option (introduced in Tor 0.2.2.34).
- Downgrade the "We're missing a certificate" message from notice
to info: people kept mistaking it for a real problem, whereas it
is seldom the problem even when we are failing to bootstrap. Fixes
bug 5067; bugfix on 0.2.0.10-alpha.
- Correctly spell "connect" in a log message on failure to create a
controlsocket. Fixes bug 4803; bugfix on 0.2.2.26-beta.
- Clarify the behavior of MaxCircuitDirtiness with hidden service
circuits. Fixes issue 5259.
o Minor features:
- Directory authorities now reject versions of Tor older than
0.2.1.30, and Tor versions between 0.2.2.1-alpha and 0.2.2.20-alpha
inclusive. These versions accounted for only a small fraction of
the Tor network, and have numerous known security issues. Resolves
issue 4788.
- Update to the May 1 2012 Maxmind GeoLite Country database.
- Feature removal:
- When sending or relaying a RELAY_EARLY cell, we used to convert
it to a RELAY cell if the connection was using the v1 link
protocol. This was a workaround for older versions of Tor, which
didn't handle RELAY_EARLY cells properly. Now that all supported
versions can handle RELAY_EARLY cells, and now that we're enforcing
the "no RELAY_EXTEND commands except in RELAY_EARLY cells" rule,
remove this workaround. Addresses bug 4786.
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
Changes in version 0.2.3.15-alpha - 2012-04-30
Tor 0.2.3.15-alpha fixes a variety of smaller bugs, including making
the development branch build on Windows again.
o Minor bugfixes (on 0.2.2.x and earlier):
- Make sure that there are no unhandled pending TLS errors before
reading from a TLS stream. We had checks in 0.1.0.3-rc, but
lost them in 0.1.0.5-rc when we refactored read_to_buf_tls().
Bugfix on 0.1.0.5-rc; fixes bug 4528.
- Fix an assert that directory authorities could trigger on sighup
during some configuration state transitions. We now don't treat
it as a fatal error when the new descriptor we just generated in
init_keys() isn't accepted. Fixes bug 4438; bugfix on 0.2.1.9-alpha.
- After we pick a directory mirror, we would refuse to use it if
it's in our ExcludeExitNodes list, resulting in mysterious failures
to bootstrap for people who just wanted to avoid exiting from
certain locations. Fixes bug 5623; bugfix on 0.2.2.25-alpha.
- When building with --enable-static-tor on OpenBSD, do not
erroneously attempt to link -lrt. Fixes bug 5103.
o Minor bugfixes (on 0.2.3.x):
- When Tor is built with kernel headers from a recent (last few
years) Linux kernel, do not fail to run on older (pre-2.6.28
Linux kernels). Fixes bug 5112; bugfix on 0.2.3.1-alpha.
- Fix cross-compilation isssues with mingw. Bugfixes on 0.2.3.6-alpha
and 0.2.3.12-alpha.
- Fix compilation with miniupnpc version 1.6; patch from
Anthony G. Basile. Fixes bug 5434; bugfix on 0.2.3.12-alpha.
- Fix compilation with MSVC, which had defined MS_WINDOWS. Bugfix
on 0.2.3.13-alpha; found and fixed by Gisle Vanem.
- Fix compilation on platforms without unistd.h, or where environ
is defined in stdlib.h. Fixes bug 5704; bugfix on 0.2.3.13-alpha.
o Minor features:
- Directory authorities are now a little more lenient at accepting
older router descriptors, or newer router descriptors that don't
make big changes. This should help ameliorate past and future
issues where routers think they have uploaded valid descriptors,
but the authorities don't think so. Fix for ticket 2479.
- Make the code that clients use to detect an address change be
IPv6-aware, so that it won't fill clients' logs with error
messages when trying to get the IPv4 address of an IPv6
connection. Implements ticket 5537.
o Removed features:
- Remove the GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays option;
authorities needed to use it for a while to keep the network working
as people upgraded to 0.2.1.31, 0.2.2.34, or 0.2.3.6-alpha, but
that was six months ago. As of now, it should no longer be needed
or used.
Changes in version 0.2.3.14-alpha - 2012-04-23
Tor 0.2.3.14-alpha fixes yet more bugs to get us closer to a release
candidate. It also dramatically speeds up AES: fast relays should
consider switching to the newer OpenSSL library.
o Directory authority changes:
- Change IP address for ides (v3 directory authority), and rename
it to turtles.
o Major bugfixes:
- Avoid logging uninitialized data when unable to decode a hidden
service descriptor cookie. Fixes bug 5647; bugfix on 0.2.1.5-alpha.
- Avoid a client-side assertion failure when receiving an INTRODUCE2
cell on a general purpose circuit. Fixes bug 5644; bugfix on
0.2.1.6-alpha.
- If authorities are unable to get a v2 consensus document from other
directory authorities, they no longer fall back to fetching
them from regular directory caches. Fixes bug 5635; bugfix on
0.2.2.26-beta, where routers stopped downloading v2 consensus
documents entirely.
- When we start a Tor client with a normal consensus already cached,
be willing to download a microdescriptor consensus. Fixes bug 4011;
fix on 0.2.3.1-alpha.
o Major features (performance):
- When built to use OpenSSL 1.0.1, and built for an x86 or x86_64
instruction set, take advantage of OpenSSL's AESNI, bitsliced, or
vectorized AES implementations as appropriate. These can be much,
much faster than other AES implementations.
- Don't launch more than 10 service-side introduction-point circuits
for a hidden service in five minutes. Previously, we would consider
launching more introduction-point circuits if at least one second
had passed without any introduction-point circuits failing. Fixes
bug 4607; bugfix on 0.0.7pre1.
- Change the BridgePassword feature (part of the "bridge community"
design, which is not yet implemented) to use a time-independent
comparison. The old behavior might have allowed an adversary
to use timing to guess the BridgePassword value. Fixes bug 5543;
bugfix on 0.2.0.14-alpha.
- Enforce correct return behavior of tor_vsscanf() when the '%%'
pattern is used. Fixes bug 5558. Bugfix on 0.2.1.13.
- When sending an HTTP/1.1 proxy request, include a Host header.
Fixes bug 5593; bugfix on 0.2.2.1-alpha.
- Don't log that we have "decided to publish new relay descriptor"
unless we are actually publishing a descriptor. Fixes bug 3942;
bugfix on 0.2.2.28-beta.
o Minor bugfixes (0.2.3.x):
- Fix a bug where a bridge authority crashes (on a failed assert)
if it has seen no directory requests when it's time to write
statistics to disk. Fixes bug 5508. Bugfix on 0.2.3.6-alpha.
- Fix bug stomping on ORPort option NoListen and ignoring option
NoAdvertise. Fixes bug 5151; bugfix on 0.2.3.9-alpha.
- In the testsuite, provide a large enough buffer in the tor_sscanf
unit test. Otherwise we'd overrun that buffer and crash during
the unit tests. Found by weasel. Fixes bug 5449; bugfix on
0.2.3.12-alpha.
- Make sure we create the keys directory if it doesn't exist and we're
about to store the dynamic Diffie-Hellman parameters. Fixes bug
5572; bugfix on 0.2.3.13-alpha.
- Fix a small memory leak when trying to decode incorrect base16
authenticator during SAFECOOKIE authentication. Found by
Coverity Scan. Fixes CID 507. Bugfix on 0.2.3.13-alpha.
o Minor features:
- Add more information to a log statement that might help track down
bug 4091. If you're seeing "Bug: tor_addr_is_internal() called with a
non-IP address" messages (or any Bug messages, for that matter!),
please let us know about it.
- Relays now understand an IPv6 address when they get one from a
directory server. Resolves ticket 4875.
- Resolve IPv6 addresses in bridge and entry statistics to country
code "??" which means we at least count them. Resolves ticket 5053;
improves on 0.2.3.9-alpha.
- Update to the April 3 2012 Maxmind GeoLite Country database.
- Begin a doc/state-contents.txt file to explain the contents of
the Tor state file. Fixes bug 2987.
o Default torrc changes:
- Stop listing "socksport 9050" in torrc.sample. We open a socks
port on 9050 by default anyway, so this should not change anything
in practice.
- Stop mentioning the deprecated *ListenAddress options in
torrc.sample. Fixes bug 5438.
- Document unit of bandwidth related options in sample torrc.
Fixes bug 5621.
o Removed features:
- The "torify" script no longer supports the "tsocks" socksifier
tool, since tsocks doesn't support DNS and UDP right for Tor.
Everyone should be using torsocks instead. Fixes bugs 3530 and
5180. Based on a patch by "ugh".
o Code refactoring:
- Change the symmetric cipher interface so that creating and
initializing a stream cipher are no longer separate functions.
- Remove all internal support for unpadded RSA. We never used it, and
it would be a bad idea to start.
Changes in version 0.2.3.13-alpha - 2012-03-26
Tor 0.2.3.13-alpha fixes a variety of stability and correctness bugs
in managed pluggable transports, as well as providing other cleanups
that get us closer to a release candidate.
o Directory authority changes:
- Change IP address for maatuska (v3 directory authority).
o Security fixes:
- Provide controllers with a safer way to implement the cookie
authentication mechanism. With the old method, if another locally
running program could convince a controller that it was the Tor
process, then that program could trick the contoller into telling
it the contents of an arbitrary 32-byte file. The new "SAFECOOKIE"
authentication method uses a challenge-response approach to prevent
this attack. Fixes bug 5185, implements proposal 193.
- Never use a bridge or a controller-supplied node as an exit, even
if its exit policy allows it. Found by wanoskarnet. Fixes bug
5342. Bugfix on 0.1.1.15-rc (for controller-purpose descriptors)
and 0.2.0.3-alpha (for bridge-purpose descriptors).
- Only build circuits if we have a sufficient threshold of the total
descriptors that are marked in the consensus with the "Exit"
flag. This mitigates an attack proposed by wanoskarnet, in which
all of a client's bridges collude to restrict the exit nodes that
the client knows about. Fixes bug 5343.
- Avoid an assert when managed proxies like obfsproxy are configured,
and we receive HUP signals or setconf attempts too rapidly. This
situation happens most commonly when Vidalia tries to attach to
Tor or tries to configure the Tor it's attached to. Fixes bug 5084;
bugfix on 0.2.3.6-alpha.
- Fix a relay-side pluggable transports bug where managed proxies were
unreachable from the Internet, because Tor asked them to bind on
localhost. Fixes bug 4725; bugfix on 0.2.3.9-alpha.
- Stop discarding command-line arguments when TestingTorNetwork
is set. Discovered by Kevin Bauer. Fixes bug 5373; bugfix on
0.2.3.9-alpha, where task 4552 added support for two layers of
torrc files.
- Resume allowing the unit tests to run in gdb. This was accidentally
made impossible when the DisableDebuggerAttachment option was
introduced. Fixes bug 5448; bugfix on 0.2.3.9-alpha.
- Resume building with nat-pmp support. Fixes bug 4955; bugfix on
0.2.3.11-alpha. Reported by Anthony G. Basile.
o Minor bugfixes (on 0.2.2.x and earlier):
- Ensure we don't cannibalize circuits that are longer than three hops
already, so we don't end up making circuits with 5 or more
hops. Patch contributed by wanoskarnet. Fixes bug 5231; bugfix on
0.1.0.1-rc which introduced cannibalization.
- Detect and reject certain misformed escape sequences in
configuration values. Previously, these values would cause us
to crash if received in a torrc file or over an authenticated
control port. Bug found by Esteban Manchado Velázquez, and
independently by Robert Connolly from Matta Consulting who further
noted that it allows a post-authentication heap overflow. Patch
by Alexander Schrijver. Fixes bugs 5090 and 5402 (CVE 2012-1668);
bugfix on 0.2.0.16-alpha.
- Fix a compile warning when using the --enable-openbsd-malloc
configure option. Fixes bug 5340; bugfix on 0.2.0.20-rc.
- Directory caches no longer refuse to clean out descriptors because
of missing v2 networkstatus documents, unless they're configured
to retrieve v2 networkstatus documents. Fixes bug 4838; bugfix on
0.2.2.26-beta. Patch by Daniel Bryg.
- Update to the latest version of the tinytest unit testing framework.
This includes a couple of bugfixes that can be relevant for
running forked unit tests on Windows, and removes all reserved
identifiers.
o Minor bugfixes (on 0.2.3.x):
- On a failed pipe() call, don't leak file descriptors. Fixes bug
4296; bugfix on 0.2.3.1-alpha.
- Spec conformance: on a v3 handshake, do not send a NETINFO cell
until after we have received a CERTS cell. Fixes bug 4361; bugfix
on 0.2.3.6-alpha. Patch by "frosty".
- When binding to an IPv6 address, set the IPV6_V6ONLY socket
option, so that the IP stack doesn't decide to use it for IPv4
too. Fixes bug 4760; bugfix on 0.2.3.9-alpha.
- Ensure that variables set in Tor's environment cannot override
environment variables that Tor passes to a managed
pluggable-transport proxy. Previously, Tor would pass every
variable in its environment to managed proxies along with the new
ones, in such a way that on many operating systems, the inherited
environment variables would override those which Tor tried to
explicitly set. Bugfix on 0.2.3.12-alpha for most Unixoid systems;
bugfix on 0.2.3.9-alpha for Windows.
o Minor features:
- A wide variety of new unit tests by Esteban Manchado Velázquez.
- Shorten links in the tor-exit-notice file. Patch by Christian Kujau.
- Update to the March 6 2012 Maxmind GeoLite Country database.
Changes in version 0.2.3.12-alpha - 2012-02-13
Tor 0.2.3.12-alpha lets fast exit relays scale better, allows clients
to use bridges that run Tor 0.2.2.x, and resolves several big bugs
when Tor is configured to use a pluggable transport like obfsproxy.
- Fix builds when the path to sed, openssl, or sha1sum contains
spaces, which is pretty common on Windows. Fixes bug 5065; bugfix
on 0.2.2.1-alpha.
- Set the SO_REUSEADDR socket option before we call bind() on outgoing
connections. This change should allow busy exit relays to stop
running out of available sockets as quickly. Fixes bug 4950;
bugfix on 0.2.2.26-beta.
- Allow 0.2.3.x clients to use 0.2.2.x bridges. Previously the client
would ask the bridge for microdescriptors, which are only supported
in 0.2.3.x, and then fail to bootstrap when it didn't get the
answers it wanted. Fixes bug 4013; bugfix on 0.2.3.2-alpha.
- Properly set up obfsproxy's environment when in managed mode. The
Tor Browser Bundle needs LD_LIBRARY_PATH to be passed to obfsproxy,
and when you run your Tor as a daemon, there's no HOME. Fixes bugs
5076 and 5082; bugfix on 0.2.3.6-alpha.
o Minor features:
- Use the dead_strip option when building Tor on OS X. This reduces
binary size by almost 19% when linking openssl and libevent
statically, which we do for Tor Browser Bundle.
- Fix broken URLs in the sample torrc file, and tell readers about
the OutboundBindAddress, ExitPolicyRejectPrivate, and
PublishServerDescriptor options. Addresses bug 4652.
- Update to the February 7 2012 Maxmind GeoLite Country database.
o Minor bugfixes:
- Downgrade the "We're missing a certificate" message from notice
to info: people kept mistaking it for a real problem, whereas it
is seldom the problem even when we are failing to bootstrap. Fixes
bug 5067; bugfix on 0.2.0.10-alpha.
- Don't put "TOR_PT_EXTENDED_SERVER_PORT=127.0.0.1:4200" in a
managed pluggable transport server proxy's environment.
Previously, we would put it there, even though Tor doesn't
implement an 'extended server port' yet, and even though Tor
almost certainly isn't listening at that address. For now, we set
it to an empty string to avoid crashing older obfsproxies. Bugfix
- Log the heartbeat message every HeartbeatPeriod seconds, not every
HeartbeatPeriod + 1 seconds. Fixes bug 4942; bugfix on
0.2.3.1-alpha. Bug reported by Scott Bennett.
- Calculate absolute paths correctly on Windows. Fixes bug 4973;
bugfix on 0.2.3.11-alpha.
- Update "ClientOnly" man page entry to explain that there isn't
really any point to messing with it. Resolves ticket 5005.
- Use the correct CVE number for CVE-2011-4576 in our comments and
log messages. Found by "fermenthor". Resolves bug 5066; bugfix on
0.2.3.11-alpha.
o Code simplifications and refactoring:
- Use the _WIN32 macro throughout our code to detect Windows.
(Previously we had used the obsolete 'WIN32' and the idiosyncratic
'MS_WINDOWS'.)
Changes in version 0.2.3.11-alpha - 2012-01-22
Tor 0.2.3.11-alpha marks feature-freeze for the 0.2.3 tree. It deploys
the last step of the plan to limit maximum circuit length, includes
a wide variety of hidden service performance and correctness fixes,
works around an OpenSSL security flaw if your distro is too stubborn
to upgrade, and fixes a bunch of smaller issues.
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
o Major features:
- Now that Tor 0.2.0.x is completely deprecated, enable the final
part of "Proposal 110: Avoiding infinite length circuits" by
refusing all circuit-extend requests that do not use a relay_early
cell. This change helps Tor resist a class of denial-of-service
attacks by limiting the maximum circuit length.
- Adjust the number of introduction points that a hidden service
will try to maintain based on how long its introduction points
remain in use and how many introductions they handle. Fixes
part of bug 3825.
- Try to use system facilities for enumerating local interface
addresses, before falling back to our old approach (which was
binding a UDP socket, and calling getsockname() on it). That
approach was scaring OS X users whose draconian firewall
software warned about binding to UDP sockets, regardless of
whether packets were sent. Now we try to use getifaddrs(),
SIOCGIFCONF, or GetAdaptersAddresses(), depending on what the
system supports. Resolves ticket 1827.
o Major security workaround:
- When building or running with any version of OpenSSL earlier
than 0.9.8s or 1.0.0f, disable SSLv3 support. These OpenSSL
versions have a bug (CVE-2011-4576) in which their block cipher
padding includes uninitialized data, potentially leaking sensitive
information to any peer with whom they make a SSLv3 connection. Tor
does not use SSL v3 by default, but a hostile client or server
could force an SSLv3 connection in order to gain information that
they shouldn't have been able to get. The best solution here is to
upgrade to OpenSSL 0.9.8s or 1.0.0f (or later). But when building
or running with a non-upgraded OpenSSL, we disable SSLv3 entirely
to make sure that the bug can't happen.
o Major bugfixes:
- Fix the SOCKET_OK test that we use to tell when socket
creation fails so that it works on Win64. Fixes part of bug 4533;
bugfix on 0.2.2.29-beta. Bug found by wanoskarnet.
- Correct our replacements for the timeradd() and timersub() functions
on platforms that lack them (for example, Windows). The timersub()
function is used when expiring circuits, while timeradd() is
currently unused. Bug report and patch by Vektor. Fixes bug 4778;
bugfix on 0.2.2.24-alpha and 0.2.3.1-alpha.
- Do not use OpenSSL 1.0.0's counter mode: it has a critical bug
that was fixed in OpenSSL 1.0.0a. We test for the counter mode
bug at runtime, not compile time, because some distributions hack
their OpenSSL to mis-report its version. Fixes bug 4779; bugfix
on 0.2.3.9-alpha. Found by Pascal.
- Use absolute path names when reporting the torrc filename in the
control protocol, so a controller can more easily find the torrc
file. Resolves bug 1101.
- Extend the control protocol to report flags that control a circuit's
path selection in CIRC events and in replies to 'GETINFO
circuit-status'. Implements part of ticket 2411.
- Extend the control protocol to report the hidden service address
and current state of a hidden-service-related circuit in CIRC
events and in replies to 'GETINFO circuit-status'. Implements part
of ticket 2411.
- When reporting the path to the cookie file to the controller,
give an absolute path. Resolves ticket 4881.
- Allow controllers to request an event notification whenever a
circuit is cannibalized or its purpose is changed. Implements
part of ticket 3457.
- Include the creation time of a circuit in CIRC and CIRC2
control-port events and the list produced by the 'GETINFO
circuit-status' control-port command.
o Minor features (directory authorities):
- Directory authorities now reject versions of Tor older than
0.2.1.30, and Tor versions between 0.2.2.1-alpha and 0.2.2.20-alpha
inclusive. These versions accounted for only a small fraction of
the Tor network, and have numerous known security issues. Resolves
issue 4788.
- Authority operators can now vote for all relays in a given
set of countries to be BadDir/BadExit/Invalid/Rejected.
- Provide two consensus parameters (FastFlagMinThreshold and
FastFlagMaxThreshold) to control the range of allowable bandwidths
for the Fast directory flag. These allow authorities to run
experiments on appropriate requirements for being a "Fast" node.
The AuthDirFastGuarantee config value still applies.
- Document the GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays
directory authority option (introduced in Tor 0.2.2.34).
o Minor features (other):
- Don't disable the DirPort when we cannot exceed our AccountingMax
limit during this interval because the effective bandwidthrate is
low enough. This is useful in a situation where AccountMax is only
used as an additional safeguard or to provide statistics.
- Prepend an informative header to generated dynamic_dh_params files.
- If EntryNodes are given, but UseEntryGuards is set to 0, warn that
EntryNodes will have no effect. Resolves issue 2571.
- Log more useful messages when we fail to disable debugger
attachment.
- Log which authority we're missing votes from when we go to fetch
them from the other auths.
- Log (at debug level) whenever a circuit's purpose is changed.
- Add missing documentation for the MaxClientCircuitsPending,
UseMicrodescriptors, UserspaceIOCPBuffers, and
_UseFilteringSSLBufferevents options, all introduced during
the 0.2.3.x series.
- Update to the January 3 2012 Maxmind GeoLite Country database.
o Minor bugfixes (hidden services):
- Don't close hidden service client circuits which have almost
finished connecting to their destination when they reach
the normal circuit-build timeout. Previously, we would close
introduction circuits which are waiting for an acknowledgement
from the introduction point, and rendezvous circuits which have
been specified in an INTRODUCE1 cell sent to a hidden service,
after the normal CBT. Now, we mark them as 'timed out', and launch
another rendezvous attempt in parallel. This behavior change can
be disabled using the new CloseHSClientCircuitsImmediatelyOnTimeout
option. Fixes part of bug 1297; bugfix on 0.2.2.2-alpha.
- Don't close hidden-service-side rendezvous circuits when they
reach the normal circuit-build timeout. This behaviour change can
be disabled using the new
CloseHSServiceRendCircuitsImmediatelyOnTimeout option. Fixes the
remaining part of bug 1297; bugfix on 0.2.2.2-alpha.
- Make sure we never mark the wrong rendezvous circuit as having
had its introduction cell acknowleged by the introduction-point
relay. Previously, when we received an INTRODUCE_ACK cell on a
client-side hidden-service introduction circuit, we might have
marked a rendezvous circuit other than the one we specified in
the INTRODUCE1 cell as INTRO_ACKED, which would have produced
a warning message and interfered with the hidden service
connection-establishment process. Fixes bug 4759; bugfix on
0.2.3.3-alpha, when we added the stream-isolation feature which
might cause Tor to open multiple rendezvous circuits for the same
hidden service.
- Don't trigger an assertion failure when we mark a new client-side
hidden-service introduction circuit for close during the process
of creating it. Fixes bug 4796; bugfix on 0.2.3.6-alpha. Reported
o Minor bugfixes (log messages):
- Correctly spell "connect" in a log message on failure to create a
controlsocket. Fixes bug 4803; bugfix on 0.2.2.26-beta and
0.2.3.2-alpha.
- Fix a typo in a log message in rend_service_rendezvous_has_opened().
Fixes bug 4856; bugfix on Tor 0.0.6.
- Fix the log message describing how we work around discovering
that our version is the ill-fated OpenSSL 0.9.8l. Fixes bug
4837; bugfix on 0.2.2.9-alpha.
- When logging about a disallowed .exit name, do not also call it
an "invalid onion address". Fixes bug 3325; bugfix on 0.2.2.9-alpha.
o Minor bugfixes (build fixes):
- During configure, detect when we're building with clang version
3.0 or lower and disable the -Wnormalized=id and -Woverride-init
CFLAGS. clang doesn't support them yet.
- During configure, search for library containing cos function as
libm lives in libcore on some platforms (BeOS/Haiku). Linking
against libm was hard-coded before. Fixes the first part of bug
4727; bugfix on 0.2.2.2-alpha. Patch and analysis by Martin Hebnes
Pedersen.
- Detect attempts to build Tor on (as yet hypothetical) versions
of Windows where sizeof(intptr_t) != sizeof(SOCKET). Partial
fix for bug 4533. Bugfix on 0.2.2.28-beta.
- Preprocessor directives should not be put inside the arguments
of a macro. This would break compilation with GCC releases prior
to version 3.3. We would never recommend such an old GCC version,
but it is apparently required for binary compatibility on some
platforms (namely, certain builds of Haiku). Fixes the other part
of bug 4727; bugfix on 0.2.3.3-alpha. Patch and analysis by Martin
Hebnes Pedersen.
o Minor bugfixes (other):
- Older Linux kernels erroneously respond to strange nmap behavior
by having accept() return successfully with a zero-length
socket. When this happens, just close the connection. Previously,
we would try harder to learn the remote address: but there was
no such remote address to learn, and our method for trying to
learn it was incorrect. Fixes bugs 1240, 4745, and 4747. Bugfix
on 0.1.0.3-rc. Reported and diagnosed by "r1eo".
- Fix null-pointer access that could occur if TLS allocation failed.
Fixes bug 4531; bugfix on 0.2.0.20-rc. Found by "troll_un". This was
erroneously listed as fixed in 0.2.3.9-alpha, but the fix had
accidentally been reverted.
- Fix our implementation of crypto_random_hostname() so it can't
overflow on ridiculously large inputs. (No Tor version has ever
provided this kind of bad inputs, but let's be correct in depth.)
Fixes bug 4413; bugfix on 0.2.2.9-alpha. Fix by Stephen Palmateer.
- Find more places in the code that should have been testing for
invalid sockets using the SOCKET_OK macro. Required for a fix
for bug 4533. Bugfix on 0.2.2.28-beta.
- Fix an assertion failure when, while running with bufferevents, a
connection finishes connecting after it is marked for close, but
before it is closed. Fixes bug 4697; bugfix on 0.2.3.1-alpha.
- test_util_spawn_background_ok() hardcoded the expected value
for ENOENT to 2. This isn't portable as error numbers are
platform specific, and particularly the hurd has ENOENT at
0x40000002. Construct expected string at runtime, using the correct
value for ENOENT. Fixes bug 4733; bugfix on 0.2.3.1-alpha.
- Reject attempts to disable DisableDebuggerAttachment while Tor is
running. Fixes bug 4650; bugfix on 0.2.3.9-alpha.
- Use an appropriate-width type for sockets in tor-fw-helper on
win64. Fixes bug 1983 at last. Bugfix on 0.2.3.9-alpha.
- When sending or relaying a RELAY_EARLY cell, we used to convert
it to a RELAY cell if the connection was using the v1 link
protocol. This was a workaround for older versions of Tor, which
didn't handle RELAY_EARLY cells properly. Now that all supported
versions can handle RELAY_EARLY cells, and now that we're enforcing
the "no RELAY_EXTEND commands except in RELAY_EARLY cells" rule,
remove this workaround. Addresses bug 4786.
o Code simplifications and refactoring:
- Use OpenSSL's built-in SSL_state_string_long() instead of our
own homebrewed ssl_state_to_string() replacement. Patch from
Emile Snyder. Fixes bug 4653.
- Use macros to indicate OpenSSL versions, so we don't need to worry
about accidental hexadecimal bit shifts.
- Remove some workaround code for OpenSSL 0.9.6 (which is no longer
supported).
- Convert more instances of tor_snprintf+tor_strdup into tor_asprintf.
- Use the smartlist_add_asprintf() alias more consistently.
- Use a TOR_INVALID_SOCKET macro when initializing a socket to an
invalid value, rather than just -1.
- Rename a handful of old identifiers, mostly related to crypto
structures and crypto functions. By convention, our "create an
object" functions are called "type_new()", our "free an object"
functions are called "type_free()", and our types indicate that
they are types only with a final "_t". But a handful of older
types and functions broke these rules, with function names like
"type_create" or "subsystem_op_type", or with type names like
type_env_t.
Changes in version 0.2.3.10-alpha - 2011-12-16
Tor 0.2.3.10-alpha fixes a critical heap-overflow security issue in
Tor's buffers code. Absolutely everybody should upgrade.
The bug relied on an incorrect calculation when making data continuous
in one of our IO buffers, if the first chunk of the buffer was
misaligned by just the wrong amount. The miscalculation would allow an
attacker to overflow a piece of heap-allocated memory. To mount this
attack, the attacker would need to either open a SOCKS connection to
Tor's SocksPort (usually restricted to localhost), or target a Tor
instance configured to make its connections through a SOCKS proxy
(which Tor does not do by default).
Good security practice requires that all heap-overflow bugs should be
presumed to be exploitable until proven otherwise, so we are treating
this as a potential code execution attack. Please upgrade immediately!
This bug does not affect bufferevents-based builds of Tor. Special
thanks to "Vektor" for reporting this issue to us!
This release also contains a few minor bugfixes for issues discovered
in 0.2.3.9-alpha.
o Major bugfixes:
- Fix a heap overflow bug that could occur when trying to pull
data into the first chunk of a buffer, when that chunk had
already had some data drained from it. Fixes CVE-2011-2778;
bugfix on 0.2.0.16-alpha. Reported by "Vektor".
o Minor bugfixes:
- If we can't attach streams to a rendezvous circuit when we
finish connecting to a hidden service, clear the rendezvous
circuit's stream-isolation state and try to attach streams
again. Previously, we cleared rendezvous circuits' isolation
state either too early (if they were freshly built) or not at all
(if they had been built earlier and were cannibalized). Bugfix on
0.2.3.3-alpha; fixes bug 4655.
- Fix compilation of the libnatpmp helper on non-Windows. Bugfix on
0.2.3.9-alpha; fixes bug 4691. Reported by Anthony G. Basile.
- Fix an assertion failure when a relay with accounting enabled
starts up while dormant. Fixes bug 4702; bugfix on 0.2.3.9-alpha.
o Minor features:
- Update to the December 6 2011 Maxmind GeoLite Country database.
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
Changes in version 0.2.2.35 - 2011-12-16
Tor 0.2.2.35 fixes a critical heap-overflow security issue in Tor's
buffers code. Absolutely everybody should upgrade.
The bug relied on an incorrect calculation when making data continuous
in one of our IO buffers, if the first chunk of the buffer was
misaligned by just the wrong amount. The miscalculation would allow an
attacker to overflow a piece of heap-allocated memory. To mount this
attack, the attacker would need to either open a SOCKS connection to
Tor's SocksPort (usually restricted to localhost), or target a Tor
instance configured to make its connections through a SOCKS proxy
(which Tor does not do by default).
Good security practice requires that all heap-overflow bugs should be
presumed to be exploitable until proven otherwise, so we are treating
this as a potential code execution attack. Please upgrade immediately!
This bug does not affect bufferevents-based builds of Tor. Special
thanks to "Vektor" for reporting this issue to us!
Tor 0.2.2.35 also fixes several bugs in previous versions, including
crash bugs for unusual configurations, and a long-term bug that
would prevent Tor from starting on Windows machines with draconian
AV software.
With this release, we remind everyone that 0.2.0.x has reached its
formal end-of-life. Those Tor versions have many known flaws, and
nobody should be using them. You should upgrade -- ideally to the
0.2.2.x series. If you're using a Linux or BSD and its packages are
obsolete, stop using those packages and upgrade anyway.
The Tor 0.2.1.x series is also approaching its end-of-life: it will no
longer receive support after some time in early 2012.
o Major bugfixes:
- Fix a heap overflow bug that could occur when trying to pull
data into the first chunk of a buffer, when that chunk had
already had some data drained from it. Fixes CVE-2011-2778;
bugfix on 0.2.0.16-alpha. Reported by "Vektor".
- Initialize Libevent with the EVENT_BASE_FLAG_NOLOCK flag enabled, so
that it doesn't attempt to allocate a socketpair. This could cause
some problems on Windows systems with overzealous firewalls. Fix for
bug 4457; workaround for Libevent versions 2.0.1-alpha through