Fwd: [tor-talk] Tor is released.

coderman coderman at gmail.com
Thu Feb 4 17:44:29 PST 2016

good stuff in:
  Major features (security, Linux), and Major features (directory system),
   for those in challenging environments...

best regards,

> ---------- Forwarded message ----------
> From: Nick Mathewson <nickm at torproject.org>
> Date: Thu, 4 Feb 2016 18:24:03 -0500
> Subject: [tor-talk] Tor is released.
>   Tor is the first alpha release in its series. It
>   includes numerous small features and bugfixes against previous Tor
>   versions, and numerous small infrastructure improvements. The most
>   notable features are a set of improvements to the directory subsystem.
> You can download the source from the usual place on the website.
> Packages should be available over the next several days.
> PLEASE NOTE: This is an alpha release.  Expect a lot of bugs.  Only
> run this release if you're willing to find bugs and report them. :)
> Changes in version - 2016-02-04
>   Tor is the first alpha release in its series. It
>   includes numerous small features and bugfixes against previous Tor
>   versions, and numerous small infrastructure improvements. The most
>   notable features are a set of improvements to the directory subsystem.
>   o Major features (security, Linux):
>     - When Tor starts as root on Linux and is told to switch user ID, it
>       can now retain the capability to bind to low ports. By default,
>       Tor will do this only when it's switching user ID and some low
>       ports have been configured. You can change this behavior with the
>       new option KeepBindCapabilities. Closes ticket 8195.
>   o Major features (directory system):
>     - When bootstrapping multiple consensus downloads at a time, use the
>       first one that starts downloading, and close the rest. This
>       reduces failures when authorities or fallback directories are slow
>       or down. Together with the code for feature 15775, this feature
>       should reduces failures due to fallback churn. Implements ticket
>       4483. Patch by "teor". Implements IPv4 portions of proposal 210 by
>       "mikeperry" and "teor".
>     - Include a trial list of default fallback directories, based on an
>       opt-in survey of suitable relays. Doing this should make clients
>       bootstrap more quickly and reliably, and reduce the load on the
>       directory authorities. Closes ticket 15775. Patch by "teor".
>       Candidates identified using an OnionOO script by "weasel", "teor",
>       "gsathya", and "karsten".
>     - Previously only relays that explicitly opened a directory port
>       (DirPort) accepted directory requests from clients. Now all
>       relays, with and without a DirPort, accept and serve tunneled
>       directory requests that they receive through their ORPort. You can
>       disable this behavior using the new DirCache option. Closes
>       ticket 12538.
>   o Major key updates:
>     - Update the V3 identity key for the dannenberg directory authority:
>       it was changed on 18 November 2015. Closes task 17906. Patch
>       by "teor".
>   o Minor features (security, clock):
>     - Warn when the system clock appears to move back in time (when the
>       state file was last written in the future). Tor doesn't know that
>       consensuses have expired if the clock is in the past. Patch by
>       "teor". Implements ticket 17188.
>   o Minor features (security, exit policies):
>     - ExitPolicyRejectPrivate now rejects more private addresses by
>       default. Specifically, it now rejects the relay's outbound bind
>       addresses (if configured), and the relay's configured port
>       addresses (such as ORPort and DirPort). Fixes bug 17027; bugfix on
> Patch by "teor".
>   o Minor features (security, memory erasure):
>     - Set the unused entries in a smartlist to NULL. This helped catch
>       a (harmless) bug, and shouldn't affect performance too much.
>       Implements ticket 17026.
>     - Use SecureMemoryWipe() function to securely clean memory on
>       Windows. Previously we'd use OpenSSL's OPENSSL_cleanse() function.
>       Implements feature 17986.
>     - Use explicit_bzero or memset_s when present. Previously, we'd use
>       OpenSSL's OPENSSL_cleanse() function. Closes ticket 7419; patches
>       from <logan at hackers.mu> and <selven at hackers.mu>.
>     - Make memwipe() do nothing when passed a NULL pointer or buffer of
>       zero size. Check size argument to memwipe() for underflow. Fixes
>       bug 18089; bugfix on and Reported by "gk",
>       patch by "teor".
>   o Minor features (security, RNG):
>     - Adjust Tor's use of OpenSSL's RNG APIs so that they absolutely,
>       positively are not allowed to fail. Previously we depended on
>       internal details of OpenSSL's behavior. Closes ticket 17686.
>     - Never use the system entropy output directly for anything besides
>       seeding the PRNG. When we want to generate important keys, instead
>       of using system entropy directly, we now hash it with the PRNG
>       stream. This may help resist certain attacks based on broken OS
>       entropy implementations. Closes part of ticket 17694.
>     - Use modern system calls (like getentropy() or getrandom()) to
>       generate strong entropy on platforms that have them. Closes
>       ticket 13696.
>   o Minor features (accounting):
>     - Added two modes to the AccountingRule option: One for limiting
>       only the number of bytes sent ("AccountingRule out"), and one for
>       limiting only the number of bytes received ("AccountingRule in").
>       Closes ticket 15989; patch from "unixninja92".
>   o Minor features (build):
>     - Since our build process now uses "make distcheck", we no longer
>       force "make dist" to depend on "make check". Closes ticket 17893;
>       patch from "cypherpunks."
>     - Tor now builds successfully with the recent OpenSSL 1.1
>       development branch, and with the latest LibreSSL. Closes tickets
>       17549, 17921, and 17984.
>   o Minor features (controller):
>     - Adds the FallbackDir entries to 'GETINFO config/defaults'. Closes
>       tickets 16774 and 17817. Patch by George Tankersley.
>     - New 'GETINFO hs/service/desc/id/' command to retrieve a hidden
>       service descriptor from a service's local hidden service
>       descriptor cache. Closes ticket 14846.
>     - Add 'GETINFO exit-policy/reject-private/[default,relay]', so
>       controllers can examine the the reject rules added by
>       ExitPolicyRejectPrivate. This makes it easier for stem to display
>       exit policies.
>   o Minor features (crypto):
>     - Add SHA512 support to crypto.c. Closes ticket 17663; patch from
>       George Tankersley.
>     - Add SHA3 and SHAKE support to crypto.c. Closes ticket 17783.
>     - When allocating a digest state object, allocate no more space than
>       we actually need. Previously, we would allocate as much space as
>       the state for the largest algorithm would need. This change saves
>       up to 672 bytes per circuit. Closes ticket 17796.
>     - Improve performance when hashing non-multiple of 8 sized buffers,
>       based on Andrew Moon's public domain SipHash-2-4 implementation.
>       Fixes bug 17544; bugfix on
>   o Minor features (directory downloads):
>     - Wait for busy authorities and fallback directories to become non-
>       busy when bootstrapping. (A similar change was made in 6c443e987d
>       for directory caches chosen from the consensus.) Closes ticket
>       17864; patch by "teor".
>     - Add UseDefaultFallbackDirs, which enables any hard-coded fallback
>       directory mirrors. The default is 1; set it to 0 to disable
>       fallbacks. Implements ticket 17576. Patch by "teor".
>   o Minor features (geoip):
>     - Update geoip and geoip6 to the January 5 2016 Maxmind GeoLite2
>       Country database.
>   o Minor features (IPv6):
>     - Add an argument 'ipv6=address:orport' to the DirAuthority and
>       FallbackDir torrc options, to specify an IPv6 address for an
>       authority or fallback directory. Add hard-coded ipv6 addresses for
>       directory authorities that have them. Closes ticket 17327; patch
>       from Nick Mathewson and "teor".
>     - Add address policy assume_action support for IPv6 addresses.
>     - Limit IPv6 mask bits to 128.
>     - Warn when comparing against an AF_UNSPEC address in a policy, it's
>       almost always a bug. Closes ticket 17863; patch by "teor".
>     - Allow users to configure directory authorities and fallback
>       directory servers with IPv6 addresses and ORPorts. Resolves
>       ticket 6027.
>     - routerset_parse now accepts IPv6 literal addresses. Fixes bug
>       17060; bugfix on Patch by "teor".
>     - Make tor_ersatz_socketpair work on IPv6-only systems. Fixes bug
>       17638; bugfix on 0.0.2pre8. Patch by "teor".
>   o Minor features (logging):
>     - When logging to syslog, allow a tag to be added to the syslog
>       identity (the string prepended to every log message). The tag can
>       be configured with SyslogIdentityTag and defaults to none. Setting
>       it to "foo" will cause logs to be tagged as "Tor-foo". Closes
>       ticket 17194.
>   o Minor features (portability):
>     - Use timingsafe_memcmp() where available. Closes ticket 17944;
>       patch from <logan at hackers.mu>.
>   o Minor features (relay, address discovery):
>     - Add a family argument to get_interface_addresses_raw() and
>       subfunctions to make network interface address interogation more
>       efficient. Now Tor can specifically ask for IPv4, IPv6 or both
>       types of interfaces from the operating system. Resolves
>       ticket 17950.
>     - When get_interface_address6_list(.,AF_UNSPEC,.) is called and
>       fails to enumerate interface addresses using the platform-specific
>       API, have it rely on the UDP socket fallback technique to try and
>       find out what IP addresses (both IPv4 and IPv6) our machine has.
>       Resolves ticket 17951.
>   o Minor features (replay cache):
>     - The replay cache now uses SHA256 instead of SHA1. Implements
>       feature 8961. Patch by "teor", issue reported by "rransom".
>   o Minor features (unix file permissions):
>     - Defer creation of Unix sockets until after setuid. This avoids
>       needing CAP_CHOWN and CAP_FOWNER when using systemd's
>       CapabilityBoundingSet, or chown and fowner when using SELinux.
>       Implements part of ticket 17562. Patch from Jamie Nguyen.
>     - If any directory created by Tor is marked as group readable, the
>       filesystem group is allowed to be either the default GID or the
>       root user. Allowing root to read the DataDirectory prevents the
>       need for CAP_READ_SEARCH when using systemd's
>       CapabilityBoundingSet, or dac_read_search when using SELinux.
>       Implements part of ticket 17562. Patch from Jamie Nguyen.
>     - Introduce a new DataDirectoryGroupReadable option. If it is set to
>       1, the DataDirectory will be made readable by the default GID.
>       Implements part of ticket 17562. Patch from Jamie Nguyen.
>   o Minor bugfixes (accounting):
>     - The max bandwidth when using 'AccountRule sum' is now correctly
>       logged. Fixes bug 18024; bugfix on Patch
>       from "unixninja92".
>   o Minor bugfixes (code correctness):
>     - When closing an entry connection, generate a warning if we should
>       have sent an end cell for it but we haven't. Fixes bug 17876;
>       bugfix on
>     - Assert that allocated memory held by the reputation code is freed
>       according to its internal counters. Fixes bug 17753; bugfix
>       on tor-
>     - Assert when the TLS contexts fail to initialize. Fixes bug 17683;
>       bugfix on 0.0.6.
>   o Minor bugfixes (compilation):
>     - Mark all object files that include micro-revision.i as depending
>       on it, so as to make parallel builds more reliable. Fixes bug
>       17826; bugfix on
>     - Don't try to use the pthread_condattr_setclock() function unless
>       it actually exists. Fixes compilation on NetBSD-6.x. Fixes bug
>       17819; bugfix on
>     - Fix backtrace compilation on FreeBSD. Fixes bug 17827; bugfix
>       on tor-
>     - Fix compilation of sandbox.c with musl-libc. Fixes bug 17347;
>       bugfix on Patch from 'jamestk'.
>     - Fix search for libevent libraries on OpenBSD (and other systems
>       that install libevent 1 and libevent 2 in parallel). Fixes bug
>       16651; bugfix on Patch from "rubiate".
>     - Isolate environment variables meant for tests from the rest of the
>       build system. Fixes bug 17818; bugfix on tor-
>     - Replace usage of 'INLINE' with 'inline'. Fixes bug 17804; bugfix
>       on tor-0.0.2pre8.
>     - Remove config.log only from make distclean, not from make clean.
>       Fixes bug 17924; bugfix on
>   o Minor bugfixes (crypto):
>     - Check the return value of HMAC() and assert on failure. Fixes bug
>       17658; bugfix on Patch by "teor".
>   o Minor bugfixes (fallback directories):
>     - Mark fallbacks as "too busy" when they return a 503 response,
>       rather than just marking authorities. Fixes bug 17572; bugfix on
> Patch by "teor".
>   o Minor bugfixes (IPv6):
>     - Update the limits in max_dl_per_request for IPv6 address length.
>       Fixes bug 17573; bugfix on
>   o Minor bugfixes (linux seccomp2 sandbox):
>     - Fix a crash when using offline master ed25519 keys with the Linux
>       seccomp2 sandbox enabled. Fixes bug 17675; bugfix on
>   o Minor bugfixes (logging):
>     - In log messages that include a function name, use __FUNCTION__
>       instead of __PRETTY_FUNCTION__. In GCC, these are synonymous, but
>       with clang __PRETTY_FUNCTION__ has extra information we don't
>       need. Fixes bug 16563; bugfix on 0.0.2pre8. Fix by Tom van
>       der Woerdt.
>     - Remove needless quotes from a log message about unparseable
>       addresses. Fixes bug 17843; bugfix on
>   o Minor bugfixes (portability):
>     - Remove an #endif from configure.ac so that we correctly detect the
>       presence of in6_addr.s6_addr32. Fixes bug 17923; bugfix
>       on
>   o Minor bugfixes (relays):
>     - Check that both the ORPort and DirPort (if present) are reachable
>       before publishing a relay descriptor. Otherwise, relays publish a
>       descriptor with DirPort 0 when the DirPort reachability test takes
>       longer than the ORPort reachability test. Fixes bug 18050; bugfix
>       on Reported by "starlight", patch by "teor".
>   o Minor bugfixes (relays, hidden services):
>     - Refuse connection requests to private OR addresses unless
>       ExtendAllowPrivateAddresses is set. Previously, tor would connect,
>       then refuse to send any cells to a private address. Fixes bugs
>       17674 and 8976; bugfix on Patch by "teor".
>   o Minor bugfixes (safe logging):
>     - When logging a malformed hostname received through socks4, scrub
>       it if SafeLogging says we should. Fixes bug 17419; bugfix
>       on
>   o Minor bugfixes (statistics code):
>     - Consistently check for overflow in round_*_to_next_multiple_of
>       functions, and add unit tests with additional and maximal values.
>       Fixes part of bug 13192; bugfix on
>     - Handle edge cases in the laplace functions: avoid division by
>       zero, avoid taking the log of zero, and silence clang type
>       conversion warnings using round and trunc. Add unit tests for edge
>       cases with maximal values. Fixes part of bug 13192; bugfix
>       on
>   o Minor bugfixes (testing):
>     - The test for log_heartbeat was incorrectly failing in timezones
>       with non-integer offsets. Instead of comparing the end of the time
>       string against a constant, compare it to the output of
>       format_local_iso_time when given the correct input. Fixes bug
>       18039; bugfix on
>     - Make unit tests pass on IPv6-only systems, and systems without
>       localhost addresses (like some FreeBSD jails). Fixes bug 17632;
>       bugfix on Patch by "teor".
>     - Fix a memory leak in the ntor test. Fixes bug 17778; bugfix
>       on
>     - Check the full results of SHA256 and SHA512 digests in the unit
>       tests. Bugfix on Patch by "teor".
>   o Code simplification and refactoring:
>     - Move logging of redundant policy entries in
>       policies_parse_exit_policy_internal into its own function. Closes
>       ticket 17608; patch from "juce".
>     - Extract the more complicated parts of circuit_mark_for_close()
>       into a new function that we run periodically before circuits are
>       freed. This change removes more than half of the functions
>       currently in the "blob". Closes ticket 17218.
>     - Clean up a little duplicated code in
>       crypto_expand_key_material_TAP(). Closes ticket 17587; patch
>       from "pfrankw".
>     - Decouple the list of streams waiting to be attached to circuits
>       from the overall connection list. This change makes it possible to
>       attach streams quickly while simplifying Tor's callgraph and
>       avoiding O(N) scans of the entire connection list. Closes
>       ticket 17590.
>     - When a direct directory request fails immediately on launch,
>       instead of relaunching that request from inside the code that
>       launches it, instead mark the connection for teardown. This change
>       simplifies Tor's callback and prevents the directory-request
>       launching code from invoking itself recursively. Closes
>       ticket 17589
>     - Remove code for configuring OpenSSL dynamic locks; OpenSSL doesn't
>       use them. Closes ticket 17926.
>   o Documentation:
>     - Add a description of the correct use of the '--keygen' command-
>       line option. Closes ticket 17583; based on text by 's7r'.
>     - Document the minimum HeartbeatPeriod value. Closes ticket 15638.
>     - Explain actual minima for BandwidthRate. Closes ticket 16382.
>     - Fix a minor formatting typo in the manpage. Closes ticket 17791.
>     - Mention torspec URL in the manpage and point the reader to it
>       whenever we mention a document that belongs in torspce. Fixes
>       issue 17392.
>   o Removed features:
>     - Remove client-side support for connecting to Tor relays running
>       versions of Tor before These relays didn't support
>       the v3 TLS handshake protocol, and are no longer allowed on the
>       Tor network. Implements the client side of ticket 11150. Based on
>       patches by Tom van der Woerdt.
>   o Testing:
>     - Add unit tests to check for common RNG failure modes, such as
>       returning all zeroes, identical values, or incrementing values
>       (OpenSSL's rand_predictable feature). Patch by "teor".
>     - Log more information when the backtrace tests fail. Closes ticket
>       17892. Patch from "cypherpunks."
>     - Always test both ed25519 backends, so that we can be sure that our
>       batch-open replacement code works. Part of ticket 16794.
>     - Cover dns_resolve_impl() in dns.c with unit tests. Implements a
>       portion of ticket 16831.
>     - More unit tests for compat_libevent.c, procmon.c, tortls.c,
>       util_format.c, directory.c, and options_validate.c. Closes tickets
>       17075, 17082, 17084, 17003, and 17076 respectively. Patches from
>       Ola Bini.
>     - Unit tests for directory_handle_command_get. Closes ticket 17004.
>       Patch from Reinaldo de Souza Jr.

More information about the cypherpunks mailing list