Tor 0.2.6.2-alpha is released

by nickm | December 31, 2014

Tor 0.2.6.2-alpha is the second alpha release in the 0.2.6.x series. It introduces a major new backend for deciding when to send cells on channels, which should lead down the road to big performance increases. It contains security and statistics features for better work on hidden services, and numerous bugfixes.
This release contains many new unit tests, along with major performance improvements for running testing networks using Chutney. Thanks to a series of patches contributed by "teor", testing networks should now bootstrap in seconds, rather than minutes.
You can download the source from the usual place on the website. Packages should be up in a few days.
NOTE: This is an alpha release. Please expect bugs.

Changes in version 0.2.6.2-alpha - 2014-12-31

  • Major features (relay, infrastructure):
    • Complete revision of the code that relays use to decide which cell to send next. Formerly, we selected the best circuit to write on each channel, but we didn't select among channels in any sophisticated way. Now, we choose the best circuits globally from among those whose channels are ready to deliver traffic.
      This patch implements a new inter-cmux comparison API, a global high/low watermark mechanism and a global scheduler loop for transmission prioritization across all channels as well as among circuits on one channel. This schedule is currently tuned to (tolerantly) avoid making changes in network performance, but it should form the basis for major circuit performance increases in the future. Code by Andrea; tuning by Rob Jansen; implements ticket 9262.
  • Major features (hidden services):
    • Make HS port scanning more difficult by immediately closing the circuit when a user attempts to connect to a nonexistent port. Closes ticket 13667.
    • Add a HiddenServiceStatistics option that allows Tor relays to gather and publish statistics about the overall size and volume of hidden service usage. Specifically, when this option is turned on, an HSDir will publish an approximate number of hidden services that have published descriptors to it the past 24 hours. Also, if a relay has acted as a hidden service rendezvous point, it will publish the approximate amount of rendezvous cells it has relayed the past 24 hours. The statistics themselves are obfuscated so that the exact values cannot be derived. For more details see proposal 238, "Better hidden service stats from Tor relays". This feature is currently disabled by default. Implements feature 13192.

 

  • Major bugfixes (client, automap):
    • Repair automapping with IPv6 addresses. This automapping should have worked previously, but one piece of debugging code that we inserted to detect a regression actually caused the regression to manifest itself again. Fixes bug 13811 and bug 12831; bugfix on 0.2.4.7-alpha. Diagnosed and fixed by Francisco Blas Izquierdo Riera.
  • Major bugfixes (hidden services):
    • When closing an introduction circuit that was opened in parallel with others, don't mark the introduction point as unreachable. Previously, the first successful connection to an introduction point would make the other introduction points get marked as having timed out. Fixes bug 13698; bugfix on 0.0.6rc2.
  • Directory authority changes:
    • Remove turtles as a directory authority.
    • Add longclaw as a new (v3) directory authority. This implements ticket 13296. This keeps the directory authority count at 9.
  • Major removed features:
    • Tor clients no longer support connecting to hidden services running on Tor 0.2.2.x and earlier; the Support022HiddenServices option has been removed. (There shouldn't be any hidden services running these versions on the network.) Closes ticket 7803.
  • Minor features (client):
    • Validate hostnames in SOCKS5 requests more strictly. If SafeSocks is enabled, reject requests with IP addresses as hostnames. Resolves ticket 13315.
  • Minor features (controller):
    • Add a "SIGNAL HEARTBEAT" controller command that tells Tor to write an unscheduled heartbeat message to the log. Implements feature 9503.
  • Minor features (geoip):
    • Update geoip and geoip6 to the November 15 2014 Maxmind GeoLite2 Country database.
  • Minor features (hidden services):
    • When re-enabling the network, don't try to build introduction circuits until we have successfully built a circuit. This makes hidden services come up faster when the network is re-enabled. Patch from "akwizgran". Closes ticket 13447.
    • When we fail to a retrieve hidden service descriptor, send the controller an "HS_DESC FAILED" controller event. Implements feature 13212.
    • New HiddenServiceDirGroupReadable option to cause hidden service directories and hostname files to be created group-readable. Patch from "anon", David Stainton, and "meejah". Closes ticket 11291.
  • Minor features (systemd):
    • Where supported, when running with systemd, report successful startup to systemd. Part of ticket 11016. Patch by Michael Scherer.
    • When running with systemd, support systemd watchdog messages. Part of ticket 11016. Patch by Michael Scherer.
  • Minor features (transparent proxy):
    • Update the transparent proxy option checks to allow for both ipfw and pf on OS X. Closes ticket 14002.
    • Use the correct option when using IPv6 with transparent proxy support on Linux. Resolves 13808. Patch by Francisco Blas Izquierdo Riera.
  • Minor bugfixes (preventative security, C safety):
    • When reading a hexadecimal, base-32, or base-64 encoded value from a string, always overwrite the whole output buffer. This prevents some bugs where we would look at (but fortunately, not reveal) uninitialized memory on the stack. Fixes bug 14013; bugfix on all versions of Tor.
    • Clear all memory targetted by tor_addr_{to,from}_sockaddr(), not just the part that's used. This makes it harder for data leak bugs to occur in the event of other programming failures. Resolves ticket 14041.
  • Minor bugfixes (client, microdescriptors):
    • Use a full 256 bits of the SHA256 digest of a microdescriptor when computing which microdescriptors to download. This keeps us from erroneous download behavior if two microdescriptor digests ever have the same first 160 bits. Fixes part of bug 13399; bugfix on 0.2.3.1-alpha.
    • Reset a router's status if its microdescriptor digest changes, even if the first 160 bits remain the same. Fixes part of bug 13399; bugfix on 0.2.3.1-alpha.
  • Minor bugfixes (compilation):
    • Silence clang warnings under --enable-expensive-hardening, including implicit truncation of 64 bit values to 32 bit, const char assignment to self, tautological compare, and additional parentheses around equality tests. Fixes bug 13577; bugfix on 0.2.5.4-alpha.
    • Fix a clang warning about checking whether an address in the middle of a structure is NULL. Fixes bug 14001; bugfix on 0.2.1.2-alpha.
  • Minor bugfixes (hidden services):
    • Correctly send a controller event when we find that a rendezvous circuit has finished. Fixes bug 13936; bugfix on 0.1.1.5-alpha.
    • Pre-check directory permissions for new hidden-services to avoid at least one case of "Bug: Acting on config options left us in a broken state. Dying." Fixes bug 13942; bugfix on 0.0.6pre1.
    • When adding a new hidden service (for example, via SETCONF), Tor no longer congratulates the user for running a relay. Fixes bug 13941; bugfix on 0.2.6.1-alpha.
    • When fetching hidden service descriptors, we now check not only for whether we got the hidden service we had in mind, but also whether we got the particular descriptors we wanted. This prevents a class of inefficient but annoying DoS attacks by hidden service directories. Fixes bug 13214; bugfix on 0.2.1.6-alpha. Reported by "special".
  • Minor bugfixes (Linux seccomp2 sandbox):
    • Make transparent proxy support work along with the seccomp2 sandbox. Fixes part of bug 13808; bugfix on 0.2.5.1-alpha. Patch by Francisco Blas Izquierdo Riera.
    • Fix a memory leak in tor-resolve when running with the sandbox enabled. Fixes bug 14050; bugfix on 0.2.5.9-rc.
  • Minor bugfixes (logging):
    • Downgrade warnings about RSA signature failures to info log level. Emit a warning when an extra info document is found incompatible with a corresponding router descriptor. Fixes bug 9812; bugfix on 0.0.6rc3.
    • Make connection_ap_handshake_attach_circuit() log the circuit ID correctly. Fixes bug 13701; bugfix on 0.0.6.
  • Minor bugfixes (misc):
    • Stop allowing invalid address patterns like "*/24" that contain both a wildcard address and a bit prefix length. This affects all our address-range parsing code. Fixes bug 7484; bugfix on 0.0.2pre14.
  • Minor bugfixes (testing networks, fast startup):
    • Allow Tor to build circuits using a consensus with no exits. If the consensus has no exits (typical of a bootstrapping test network), allow Tor to build circuits once enough descriptors have been downloaded. This assists in bootstrapping a testing Tor network. Fixes bug 13718; bugfix on 0.2.4.10-alpha. Patch by "teor".
    • When V3AuthVotingInterval is low, give a lower If-Modified-Since header to directory servers. This allows us to obtain consensuses promptly when the consensus interval is very short. This assists in bootstrapping a testing Tor network. Fixes parts of bugs 13718 and 13963; bugfix on 0.2.0.3-alpha. Patch by "teor".
    • Stop assuming that private addresses are local when checking reachability in a TestingTorNetwork. Instead, when testing, assume all OR connections are remote. (This is necessary due to many test scenarios running all relays on localhost.) This assists in bootstrapping a testing Tor network. Fixes bug 13924; bugfix on 0.1.0.1-rc. Patch by "teor".
    • Avoid building exit circuits from a consensus with no exits. Now thanks to our fix for 13718, we accept a no-exit network as not wholly lost, but we need to remember not to try to build exit circuits on it. Closes ticket 13814; patch by "teor".
    • Stop requiring exits to have non-zero bandwithcapacity in a TestingTorNetwork. Instead, when TestingMinExitFlagThreshold is 0, ignore exit bandwidthcapacity. This assists in bootstrapping a testing Tor network. Fixes parts of bugs 13718 and 13839; bugfix on 0.2.0.3-alpha. Patch by "teor".
    • Add "internal" to some bootstrap statuses when no exits are available. If the consensus does not contain Exits, Tor will only build internal circuits. In this case, relevant statuses will contain the word "internal" as indicated in the Tor control- spec.txt. When bootstrap completes, Tor will be ready to build internal circuits. If a future consensus contains Exits, exit circuits may become available. Fixes part of bug 13718; bugfix on 0.2.4.10-alpha. Patch by "teor".
    • Decrease minimum consensus interval to 10 seconds when TestingTorNetwork is set, or 5 seconds for the first consensus. Fix assumptions throughout the code that assume larger intervals. Fixes bugs 13718 and 13823; bugfix on 0.2.0.3-alpha. Patch by "teor".
    • Avoid excluding guards from path building in minimal test networks, when we're in a test network and excluding guards would exclude all relays. This typically occurs in incredibly small tor networks, and those using "TestingAuthVoteGuard *". Fixes part of bug 13718; bugfix on 0.1.1.11-alpha. Patch by "teor".
  • Code simplification and refactoring:
    • Stop using can_complete_circuits as a global variable; access it with a function instead.
    • Avoid using operators directly as macro arguments: this lets us apply coccinelle transformations to our codebase more directly. Closes ticket 13172.
    • Combine the functions used to parse ClientTransportPlugin and ServerTransportPlugin into a single function. Closes ticket 6456.
    • Add inline functions and convenience macros for inspecting channel state. Refactor the code to use convenience macros instead of checking channel state directly. Fixes issue 7356.
    • Document all members of was_router_added_t and rename ROUTER_WAS_NOT_NEW to ROUTER_IS_ALREADY_KNOWN to make it less confusable with ROUTER_WAS_TOO_OLD. Fixes issue 13644.
    • In connection_exit_begin_conn(), use END_CIRC_REASON_TORPROTOCOL constant instead of hardcoded value. Fixes issue 13840.
    • Refactor our generic strmap and digestmap types into a single implementation, so that we can add a new digest256map type trivially.
  • Documentation:
    • Document the bridge-authority-only 'networkstatus-bridges' file. Closes ticket 13713; patch from "tom".
    • Fix typo in PredictedPortsRelevanceTime option description in manpage. Resolves issue 13707.
    • Stop suggesting that users specify relays by nickname: it isn't a good idea. Also, properly cross-reference how to specify relays in all parts of manual documenting options that take a list of relays. Closes ticket 13381.
    • Clarify the HiddenServiceDir option description in manpage to make it clear that relative paths are taken with respect to the current working directory. Also clarify that this behavior is not guaranteed to remain indefinitely. Fixes issue 13913.
  • Testing:
    • New tests for many parts of channel, relay, and circuitmux functionality. Code by Andrea; part of 9262.
    • New tests for parse_transport_line(). Part of ticket 6456.
    • In the unit tests, use chgrp() to change the group of the unit test temporary directory to the current user, so that the sticky bit doesn't interfere with tests that check directory groups. Closes 13678.
    • Add unit tests for resolve_my_addr(). Part of ticket 12376; patch by 'rl1987'.

Comments

Please note that the comment area below has been archived.

January 01, 2015

Permalink

It would be very wonderful if the MAC address is changed when we Run Tor! is it possible?

January 02, 2015

In reply to arma

Permalink

in windows, MadMACs does this and also randomly changes the network name on reboot

January 02, 2015

Permalink

HARMONY,
other strange topic:
the connection to the TOR network in France and swiss enters the network always with the IP address 77.207.11.206
i never saw another node first and i am beein using tor once a day for months now.
somebody has an idea why?

January 02, 2015

Permalink

Why do I sometimes get this error while using torbrowser "XML Parsing Error: unexpected parser state Location: jar:file:///Applications/TorBrowser.app/Contents/MacOS/omni.ja!/chrome/toolkit/content/global/netError.xhtml Line Number 308, Column 50: &netReset.longDesc; -------------------------------------------------^"? what does it mean?

January 02, 2015

Permalink

Why do I get redirected to the HTTP version of this website?
When I visit this website I always get redirected to the HTTP version.
I use Internet Explorer 11 and I have no malware on my Windows 8 computer, so what's causing this problem?

If you are using Tor, it could be a bad exit node. An evil exit node could redirect people to the http:// version, in order to grab passwords or infect downloads.
If this also happens without Tor, it might be a virus. Be careful!

January 04, 2015

Permalink

You get that error because some program is trying to run Java Script in your Tor Browser:

jar:file:///Applications/TorBrowser.app/Contents/MacOS/omni.ja!/chrome/toolkit/content/global/netError.xhtml

It is a security vulnerability.

January 06, 2015

Permalink

When you go to the download page it says
Version 4.0.2 - Linux, Unix, BSD (64-Bit) and so on.

and this realease is supposed to be
Tor 0.2.6.2-alpha

when will the new version be up?

January 07, 2015

Permalink

I got a question about the channel scheduling. In the past, Tor selected the best circuit from each tunnel. In a Tor relay, some channels exist simultaneously, so some best circuits will be chosen from different channels. Which of them will be scheduled to send the cell to the network? Do those circuits send cells in a parallel way because they are different channels?
Or do they send cells in a round-robin way? I wonder do different channels send cells to the network at the same time? Or one channel has to wait until the other channel finishes sending?

January 08, 2015

Permalink

I can't download Tor. I press "Run" but for some weird reason this website won't let me download it.
Maybe the NSA can crack 128 bit and 256 bit encryption and they are preventing me from downloading the Tor browser bundle.

January 09, 2015

Permalink

Hi guys i do got a few questiens in mind.
since the raid against the tor exist nodes accured
and since the attack on torproject accured, somewhere in between
there has been a few changes in the browsers behaviour.

for example sites i've never had any problems visiting before
is now giving a yellow warning page telling that the connection
may not be secure.

and the ip list inside the onion button on upper left corner
aint always showing what ip (country) that you are in.

i also find the browser slower now then usual, is that because of
the exit nodes they took?

cloudfare is killing me on sites using it, earlier i've been able to
be on for a while without cf asking for chaptcha. now it is asking
for that damn chaptcha every second min.

i hope this is not a serious security hole in the browser or somewhere else.
however something isn't as it is supposed to be any longer.

January 11, 2015

Permalink

Hi!

After connecting to AirVPN on Linux, I started Torbrowser as instructed at https://www.torproje...browser.html.en under "Linux Instructions" and regardless of the AirVPN server I was connected to, inside the terminal I see a message:

Jan 11 *:*:*.* [notice] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.

With this message, the Torbrowser wouldn't directly connect. After closing and restarting the Torbrowser and then selecting a pluggable transport prior to actually connecting to Tor, the Torbrowser worked OK.

Will someone discuss/explain this?

Thanks

January 11, 2015

Permalink

Add a HiddenServiceStatistics option that allows Tor relays to gather and publish statistics about the overall size and volume of hidden service usage. Specifically, when this option is turned on, an HSDir will publish an approximate number of hidden services that have published descriptors to it the past 24 hours. Also, if a relay has acted as a hidden service rendezvous point, it will publish the approximate amount of rendezvous cells it has relayed the past 24 hours. The statistics themselves are obfuscated so that the exact values cannot be derived. For more details see proposal 238, "Better hidden service stats from Tor relays". This feature is currently disabled by default. Implements feature 13192.

Doesn't this collect WWW : HS (ratio) usage statistics for users who are also running as a relay?

January 11, 2015

Permalink

Including the possible use TrueRND generator based on the sound card in the following editions TOR

January 11, 2015

Permalink

Tor can easily be comprised.
Send Malware to an anonymous Tor user while that Tor user is using the Tor browser and that will reveal the original IP address of that supposedly anonymous user.
NOTE: I have not made any attacks against the Tor network, a friend of mine who is a computer programmer and a White-hat hacker told me that's how one can reveal the real identity of a supposedly anonymous Tor user.

Yep. Don't run malware. Staying up-to-date on your software versions can help there, but of course it won't be perfect.

January 13, 2015

Permalink

I have a serious problem with Tor and I cannot download it.
Let me explain.
I visited this website, https://www.torproject.org, from a link given to the official Tor website from DuckDuckGo's privacy policy page.
I visited this website, then I clicked on "Download Tor", then when I clicked on Download Tor Browser, the webpage gave a message saying,
"HTTP 404 error"
"Page not found"
What does this mean?
Is my ISP preventing me from downloading Tor?
I live in Australia and using Tor here is perfectly legal.