Skip to content

Tor change-log

4. Dec 2012

This is the official change-log for the Tor 0.2.3.x branch which is labeled “stable” now.

I can’t believe how long I’m already using the 0.2.3.x branch. Really many relays are already on 0.2.3.x already.

It contains all changes since the last stable branch.

Additionally I comment on changes and say why I think they are awesome.

The Tor 0.2.3 release series is dedicated to the memory of Len “rabbi”
Sassaman (1980-2011), a long-time cypherpunk, anonymity researcher,
Mixmaster maintainer, Pynchon Gate co-designer, CodeCon organizer,
programmer, and friend. Unstinting in his dedication to the cause of
freedom, he inspired and helped many of us as we began our work on
anonymity, and inspires us still. Please honor his memory by writing
software to protect people’s freedoms, and by helping others to do so.

Tor, the first stable release in the 0.2.3 branch, features
significantly reduced directory overhead (via microdescriptors),
enormous crypto performance improvements for fast relays on new
enough hardware, a new v3 TLS handshake protocol that can better
resist fingerprinting, support for protocol obfuscation plugins (aka
pluggable transports), better scalability for hidden services, IPv6
support for bridges, performance improvements like allowing clients
to skip the first round-trip on the circuit (“optimistic data”) and
refilling token buckets more often, a new “stream isolation” design
to isolate different applications on different circuits, and many
stability, security, and privacy fixes.

o Major features (v3 directory protocol):
– Clients now use microdescriptors instead of regular descriptors
to build circuits. Microdescriptors are authority-generated
summaries of regular descriptors’ contents, designed to change very
rarely (see proposal 158 for details). This feature is designed
to save bandwidth, especially for clients on slow internet
connections. Use “UseMicrodescriptors 0” to disable it.
– Caches now download, cache, and serve microdescriptors, as well
as multiple “flavors” of the consensus, including a flavor that
describes microdescriptors.

Microdescriptors are a good step forward. Instead of downloading “normal” descriptors every time clients make use of smaller microdescriptors.

o Major features (build hardening):
– Enable gcc and ld hardening by default. Resolves ticket 5210.

Use compiler features to make the resulting binary more robust against exploits.

o Major features (relay scaling):
– When built to use OpenSSL 1.0.1, and built for an x86 or x86_64
instruction set, take advantage of OpenSSL’s AESNI, bitsliced, or
vectorized AES implementations as appropriate. These can be much,
much faster than other AES implementations.
– When using OpenSSL 1.0.0 or later, use OpenSSL’s counter mode
implementation. It makes AES_CTR about 7% faster than our old one
(which was about 10% faster than the one OpenSSL used to provide).
Resolves ticket 4526.
– Use OpenSSL’s EVP interface for AES encryption, so that all AES
operations can use hardware acceleration (if present). Resolves
ticket 4442.
– Unconditionally use OpenSSL’s AES implementation instead of our
old built-in one. OpenSSL’s AES has been better for a while, and
relatively few servers should still be on any version of OpenSSL
that doesn’t have good optimized assembly AES.

Relays should be able to handle more users (circuits). CPU isn’t hit so hard.

o Major features (blocking resistance):

– Update TLS cipher list to match Firefox 8 and later. Resolves
ticket 4744.

Previously censors could fingerprint on the client’s advertised cipher list in the TLS hello. Now this list matches Firefox 8 and newer. Pretty good.

– Remove support for clients falsely claiming to support standard
ciphersuites that they can actually provide. As of modern OpenSSL
versions, it’s not necessary to fake any standard ciphersuite,
and doing so prevents us from using better ciphersuites in the
future, since servers can’t know whether an advertised ciphersuite
is really supported or not. Some hosts — notably, ones with very
old versions of OpenSSL or where OpenSSL has been built with ECC
disabled — will stand out because of this change; TBB users should
not be affected. Implements the client side of proposal 198.

Previously clients would report to support ciphers that they in fact do not support; this would make it hard for relays (with newer versions) to pick a stronger cipher, because it couldn’t be sure that the client actually supports it.

– Implement a new handshake protocol (v3) for authenticating Tors to
each other over TLS. It should be more resistant to fingerprinting
than previous protocols, and should require less TLS hacking for
future Tor implementations. Implements proposal 176.

Fingerprint resistance based on internal changes are good. Less stuff to fingerprint on is always nice. Even if that wouldn’t work as expected it change the fingerprint and censors would have to adapt.

– Allow variable-length padding cells, to disguise the length of
Tor’s TLS records. Implements part of proposal 184.

Hiding the length of the TLS record takes a fixes value out of the hands for people that fingerprint on it.

– While we’re trying to bootstrap, record how many TLS connections
fail in each state, and report which states saw the most failures
in response to any bootstrap failures. This feature may speed up
diagnosis of censorship events. Implements ticket 3116.

I assume it’s cool to know in which state Tor fails to connect, because it’s easier to assume what the censor is looking for.

o Major features (pluggable transports):
– Clients and bridges can now be configured to use a separate
“transport” proxy. This approach makes the censorship arms race
easier by allowing bridges to use protocol obfuscation plugins.
Implements proposal 180 (tickets 2841 and 3472).

This can make it difficult for censors to look for Tor connections. See the Glossary entry and my explanation.

o Major features (DoS resistance):
– Now that Tor 0.2.0.x is completely deprecated, enable the final
part of “Proposal 110: Avoiding infinite length circuits” by
refusing all circuit-extend requests that do not use a relay_early
cell. This change helps Tor resist a class of denial-of-service
attacks by limiting the maximum circuit length.
– Tear down the circuit if we get an unexpected SENDME cell. Clients
could use this trick to make their circuits receive cells faster
than our flow control would have allowed, or to gum up the network,
or possibly to do targeted memory denial-of-service attacks on
entry nodes. Fixes bug 6252. Bugfix on the 54th commit on Tor —
from July 2002, before the release of Tor 0.0.0.

o Major features (hidden services):
– Adjust the number of introduction points that a hidden service
will try to maintain based on how long its introduction points
remain in use and how many introductions they handle. Fixes
part of bug 3825.
– Add a “tor2web mode” for clients that want to connect to hidden
services non-anonymously (and possibly more quickly). As a safety
measure to try to keep users from turning this on without knowing
what they are doing, tor2web mode must be explicitly enabled at
compile time, and a copy of Tor compiled to run in tor2web mode
cannot be used as a normal Tor client. Implements feature 2553.

o Major features (IPv6):
– Clients can now connect to private bridges over IPv6. Bridges
still need at least one IPv4 address in order to connect to
other relays. Note that we don’t yet handle the case where the
user has two bridge lines for the same bridge (one IPv4, one
IPv6). Implements parts of proposal 186.

IPv6 is slowly rolling in.

o Major features (directory authorities):
– Use a more secure consensus parameter voting algorithm. Now at
least three directory authorities or a majority of them must
vote on a given parameter before it will be included in the
consensus. Implements proposal 178.
– Remove the artificially low cutoff of 20KB to guarantee the Fast
flag. In the past few years the average relay speed has picked
up, and while the “top 7/8 of the network get the Fast flag” and
“all relays with 20KB or more of capacity get the Fast flag” rules
used to have the same result, now the top 7/8 of the network has
a capacity more like 32KB. Bugfix on Fixes bug 4489.

o Major features (performance):

– Exit nodes now accept and queue data on not-yet-connected streams.
Previously, the client wasn’t allowed to send data until the
stream was connected, which slowed down all connections. This
change will enable clients to perform a “fast-start” on streams
and send data without having to wait for a confirmation that the
stream has opened. Patch from Ian Goldberg; implements the server
side of Proposal 174.

Once optimistic data is fully operating browsing should feel more responsive.

– When using an exit relay running 0.2.3.x, clients can now
“optimistically” send data before the exit relay reports that
the stream has opened. This saves a round trip when starting
connections where the client speaks first (such as web browsing).
This behavior is controlled by a consensus parameter (currently
disabled). To turn it on or off manually, use the “OptimisticData”
torrc option. Implements proposal 181; code by Ian Goldberg.

You can already play with it.

– Add a new TokenBucketRefillInterval option to refill token buckets
more frequently than once per second. This should improve network
performance, alleviate queueing problems, and make traffic less
bursty. Implements proposal 183; closes ticket 3630. Design by
Florian Tschorsch and Björn Scheuermann; implementation by
Florian Tschorsch.

Smoother rate-limiting should mean smoother flows (on relays whose token buckets run dry otherwise)

– Raise the threshold of server descriptors needed (75%) and exit
server descriptors needed (50%) before we will declare ourselves
bootstrapped. This will make clients start building circuits a
little later, but makes the initially constructed circuits less
skewed and less in conflict with further directory fetches. Fixes
ticket 3196.

o Major features (relays):
– Relays now try regenerating and uploading their descriptor more
frequently if they are not listed in the consensus, or if the
version of their descriptor listed in the consensus is too
old. This fix should prevent situations where a server declines
to re-publish itself because it has done so too recently, even
though the authorities decided not to list its recent-enough
descriptor. Fix for bug 3327.

o Major features (stream isolation):
– You can now configure Tor so that streams from different
applications are isolated on different circuits, to prevent an
attacker who sees your streams as they leave an exit node from
linking your sessions to one another. To do this, choose some way
to distinguish the applications: have them connect to different
SocksPorts, or have one of them use SOCKS4 while the other uses
SOCKS5, or have them pass different authentication strings to the
SOCKS proxy. Then, use the new SocksPort syntax to configure the
degree of isolation you need. This implements Proposal 171.
– There’s a new syntax for specifying multiple client ports (such as
SOCKSPort, TransPort, DNSPort, NATDPort): you can now just declare
multiple *Port entries with full addr:port syntax on each.
The old *ListenAddress format is still supported, but you can’t
mix it with the new *Port syntax.

Huge privacy enhancement; previously different applications would have shared a circuit. Now it’s possible to isolate them.

o Major features (bufferevents):
– Tor can now optionally build with the “bufferevents” buffered IO
backend provided by Libevent 2. To use this feature, make sure you
have the latest possible version of Libevent, and pass the
–enable-bufferevents flag to configure when building Tor from
source. This feature will make our networking code more flexible,
let us stack layers on each other, and let us use more efficient
zero-copy transports where available.
– Add experimental support for running on Windows with IOCP and no
kernel-space socket buffers. This feature is controlled by a new
“UserspaceIOCPBuffers” config option (off by default), which has
no effect unless Tor has been built with bufferevents enabled,
you’re running on Windows, and you’ve set “DisableIOCP 0”. In the
long run, this may help solve or mitigate bug 98.

o Major features (path selection):
– The EntryNodes option can now include country codes like {de} or IP
addresses or network masks. Previously we had disallowed these
options because we didn’t have an efficient way to keep the list up
to date. Addresses ticket 1982, but see bug 2798 for an unresolved
issue here.

Use with care, restricting or modifying the path selection too much makes you stick out.

o Major features (port forwarding):
– Add support for automatic port mapping on the many home routers
that support NAT-PMP or UPnP. To build the support code, you’ll
need to have the libnatpnp library and/or the libminiupnpc library,
and you’ll need to enable the feature specifically by passing
“–enable-upnp” and/or “–enable-natpnp” to ./configure. To turn
it on, use the new PortForwarding option.

Easier to use Tor then.

o Major features (logging):
– Add a new ‘Heartbeat’ log message type to periodically log a message
describing Tor’s status at level Notice. This feature is meant for
operators who log at notice, and want to make sure that their Tor
server is still working. Implementation by George Kadianakis.

Useful for relay/bridge operators to see what their relay/bridge was doing.

– Make logging resolution configurable with a new LogTimeGranularity
option, and change the default from 1 millisecond to 1 second.
Implements enhancement 1668.

o Major features (other):
– New “DisableNetwork” config option to prevent Tor from launching any
connections or accepting any connections except on a control port.
Bundles and controllers can set this option before letting Tor talk
to the rest of the network, for example to prevent any connections
to a non-bridge address. Packages like Orbot can also use this
option to instruct Tor to save power when the network is off.
– Try to use system facilities for enumerating local interface
addresses, before falling back to our old approach (which was
binding a UDP socket, and calling getsockname() on it). That
approach was scaring OS X users whose draconian firewall
software warned about binding to UDP sockets regardless of
whether packets were sent. Now we try to use getifaddrs(),
SIOCGIFCONF, or GetAdaptersAddresses(), depending on what the
system supports. Resolves ticket 1827.
– Add experimental support for a “defaults” torrc file to be parsed
before the regular torrc. Torrc options override the defaults file’s
options in the same way that the command line overrides the torrc.
The SAVECONF controller command saves only those options which
differ between the current configuration and the defaults file. HUP
reloads both files. Implements task 4552.

o New directory authorities:
– Add Faravahar (run by Sina Rabbani) as the ninth v3 directory
authority. Closes ticket 5749.

o Security/privacy fixes:

– Avoid read-from-freed-memory and double-free bugs that could occur
when a DNS request fails while launching it. Fixes bug 6480;
bugfix on

– Reject any attempt to extend to an internal address. Without
this fix, a router could be used to probe addresses on an internal
network to see whether they were accepting connections. Fixes bug
6710; bugfix on 0.0.8pre1.

Has been pretty long in there and apparently nobody (ab)used it.

– Close any connection that sends unrecognized junk before the TLS
handshake. Solves an issue noted in bug 4369.

– The advertised platform of a relay now includes only its operating
system’s name (e.g., “Linux”, “Darwin”, “Windows 7”), and not
its service pack level (for Windows) or its CPU architecture
(for Unix). Also drop the “git-XYZ” tag in the version. Packagers
can insert an extra string in the platform line by setting the
preprocessor variable TOR_BUILD_TAG. Resolves bug 2988.

More privacy for relays. In case of known weaknesses on certain platform it’s now harder to find vulnerable systems.

– Disable TLS session tickets. OpenSSL’s implementation was giving
our TLS session keys the lifetime of our TLS context objects, when
perfect forward secrecy would want us to discard anything that
could decrypt a link connection as soon as the link connection
was closed. Fixes bug 7139; bugfix on all versions of Tor linked
against OpenSSL 1.0.0 or later. Found by Florent Daignière.

– Tor tries to wipe potentially sensitive data after using it, so
that if some subsequent security failure exposes Tor’s memory,
the damage will be limited. But we had a bug where the compiler
was eliminating these wipe operations when it decided that the
memory was no longer visible to a (correctly running) program,
hence defeating our attempt at defense in depth. We fix that
by using OpenSSL’s OPENSSL_cleanse() operation, which a compiler
is unlikely to optimize away. Future versions of Tor may use
a less ridiculously heavy approach for this. Fixes bug 7352.
Reported in an article by Andrey Karpov.

Tor developers are paranoid and their in depth defense was removed by compilers. Now there’s another function in use that should not be touched by compilers.

o Major bugfixes (crashes and asserts):
– Avoid a pair of double-free and use-after-mark bugs that can
occur with certain timings in canceled and re-received DNS
requests. Fixes bug 6472; bugfix on 0.0.7rc1.
– Fix a denial of service attack by which any directory authority
could crash all the others, or by which a single v2 directory
authority could crash everybody downloading v2 directory
information. Fixes bug 7191; bugfix on
– Fix an assert that directory authorities could trigger on sighup
during some configuration state transitions. We now don’t treat
it as a fatal error when the new descriptor we just generated in
init_keys() isn’t accepted. Fixes bug 4438; bugfix on
– Avoid segfault when starting up having run with an extremely old
version of Tor and parsing its state file. Fixes bug 6801; bugfix

o Major bugfixes (clients):

– If we are unable to find any exit that supports our predicted ports,
stop calling them predicted, so that we don’t loop and build
hopeless circuits indefinitely. Fixes bug 3296; bugfix on 0.0.9pre6,
which introduced predicted ports.

– Check at each new consensus whether our entry guards were picked
long enough ago that we should rotate them. Previously, we only
did this check at startup, which could lead to us holding a guard
indefinitely. Fixes bug 5380; bugfix on

This is unlikely to happen. You would need to run Tor (as client) for 30 days or more without restarting Tor (or the system).

– When fetching a bridge descriptor from a bridge authority,
always do so anonymously, whether we have been able to open
circuits or not. Partial fix for bug 1938; bugfix on
This behavior makes it *safer* to use UpdateBridgesFromAuthority,
but we’ll need to wait for bug 6010 before it’s actually usable.

o Major bugfixes (directory voting):

– Check more thoroughly to prevent a rogue authority from
double-voting on any consensus directory parameter. Previously,
authorities would crash in this case if the total number of
votes for any parameter exceeded the number of active voters,
but would let it pass otherwise. Partially fixes bug 5786; bugfix

It appears funny to me that double-voting wasn’t considered earlier.

– When computing weight parameters, behave more robustly in the
presence of a bad bwweightscale value. Previously, the authorities
would crash if they agreed on a sufficiently broken weight_scale
value; now, they use a reasonable default and carry on. Fixes the
rest of bug 5786; bugfix on

– If authorities are unable to get a v2 consensus document from other
directory authorities, they no longer fall back to fetching
them from regular directory caches. Fixes bug 5635; bugfix on, where routers stopped downloading v2 consensus
documents entirely.

o Major bugfixes (relays):

– Fix a bug handling SENDME cells on nonexistent streams that could
result in bizarre window values. Report and patch contributed
pseudonymously. Fixes part of bug 6271. This bug was introduced
before the first Tor release, in svn commit r152.

– Don’t update the AccountingSoftLimitHitAt state file entry whenever
tor gets started. This prevents a wrong average bandwidth
estimate, which would cause relays to always start a new accounting
interval at the earliest possible moment. Fixes bug 2003; bugfix
on Reported by Bryon Eldridge, who also helped
immensely in tracking this bug down.

– Fix a possible crash bug when checking for deactivated circuits
in connection_or_flush_from_first_active_circuit(). Fixes bug 6341;
bugfix on Bug report and fix received pseudonymously.

– Set the SO_REUSEADDR socket option before we call bind() on outgoing
connections. This change should allow busy exit relays to stop
running out of available sockets as quickly. Fixes bug 4950;
bugfix on

o Major bugfixes (blocking resistance):

– Bridges no longer include their address in NETINFO cells on outgoing
OR connections, to allow them to blend in better with clients.
Removes another avenue for enumerating bridges. Reported by
“troll_un”. Fixes bug 4348; bugfix on, when NETINFO
cells were introduced.

Blending with the crowd is always good.

– Warn the user when HTTPProxy, but no other proxy type, is
configured. This can cause surprising behavior: it doesn’t send
all of Tor’s traffic over the HTTPProxy — it sends unencrypted
directory traffic only. Resolves ticket 4663.

o Major bugfixes (hidden services):
– Improve hidden service robustness: when an attempt to connect to
a hidden service ends, be willing to refetch its hidden service
descriptors from each of the HSDir relays responsible for them
immediately. Previously, we would not consider refetching the
service’s descriptors from each HSDir for 15 minutes after the last
fetch, which was inconvenient if the hidden service was not running
during the first attempt. Bugfix on; fixes bug 3335.
– Hidden services now ignore the timestamps on INTRODUCE2 cells.
They used to check that the timestamp was within 30 minutes
of their system clock, so they could cap the size of their
replay-detection cache, but that approach unnecessarily refused
service to clients with wrong clocks. Bugfix on, when
the v3 intro-point protocol (the first one which sent a timestamp
field in the INTRODUCE2 cell) was introduced; fixes bug 3460.
– When one of a hidden service’s introduction points appears to be
unreachable, stop trying it. Previously, we would keep trying
to build circuits to the introduction point until we lost the
descriptor, usually because the user gave up and restarted Tor.
Fixes part of bug 3825.

o Changes to default torrc file:
– Stop listing “socksport 9050” in torrc.sample. We open a socks
port on 9050 by default anyway, so this should not change anything
in practice.
– Stop mentioning the deprecated *ListenAddress options in
torrc.sample. Fixes bug 5438.
– Document unit of bandwidth-related options in sample torrc.
Fixes bug 5621.
– Fix broken URLs in the sample torrc file, and tell readers about
the OutboundBindAddress, ExitPolicyRejectPrivate, and
PublishServerDescriptor options. Addresses bug 4652.

o Minor features (directory authorities):
– Consider new, removed or changed IPv6 OR ports a non-cosmetic
change when the authority is deciding whether to accept a newly
uploaded descriptor. Implements ticket 6423.
– Directory authorities are now a little more lenient at accepting
older router descriptors, or newer router descriptors that don’t
make big changes. This should help ameliorate past and future
issues where routers think they have uploaded valid descriptors,
but the authorities don’t think so. Fix for ticket 2479.
– Authority operators can now vote for all relays in a given
set of countries to be BadDir/BadExit/Invalid/Rejected.
– Provide two consensus parameters (FastFlagMinThreshold and
FastFlagMaxThreshold) to control the range of allowable bandwidths
for the Fast directory flag. These allow authorities to run
experiments on appropriate requirements for being a “Fast” node.
The AuthDirFastGuarantee config value still applies. Implements
ticket 3946.

o Minor features (bridges / bridge authorities):

– Make bridge SSL certificates a bit more stealthy by using random
serial numbers, in the same fashion as OpenSSL when generating
self-signed certificates. Implements ticket 4584.

Again good to blend into the crowd.

– Tag a bridge’s descriptor as “never to be sent unencrypted”.
This shouldn’t matter, since bridges don’t open non-anonymous
connections to the bridge authority and don’t allow unencrypted
directory connections from clients, but we might as well make
sure. Closes bug 5139.

Again, being paranoid. (What is good)

– The Bridge Authority now writes statistics on how many bridge
descriptors it gave out in total, and how many unique descriptors
it gave out. It also lists how often the most and least commonly
fetched descriptors were given out, as well as the median and
25th/75th percentile. Implements tickets 4200 and 4294.

o Minor features (IPv6):
– Make the code that clients use to detect an address change be
IPv6-aware, so that it won’t fill clients’ logs with error
messages when trying to get the IPv4 address of an IPv6
connection. Implements ticket 5537.
– Relays now understand an IPv6 address when they get one from a
directory server. Resolves ticket 4875.

More IPv6 changes.

o Minor features (hidden services):
– Expire old or over-used hidden service introduction points.
Required by fix for bug 3460.
– Reduce the lifetime of elements of hidden services’ Diffie-Hellman
public key replay-detection cache from 60 minutes to 5 minutes. This
replay-detection cache is now used only to detect multiple
INTRODUCE2 cells specifying the same rendezvous point, so we can
avoid launching multiple simultaneous attempts to connect to it.
– When a hidden service’s introduction point times out, consider
trying it again during the next attempt to connect to the
HS. Previously, we would not try it again unless a newly fetched
descriptor contained it. Required by fixes for bugs 1297 and 3825.

o Minor features (relays):
– Relays now include a reason for regenerating their descriptors
in an HTTP header when uploading to the authorities. This will
make it easier to debug descriptor-upload issues in the future.
– Turn on directory request statistics by default and include them in
extra-info descriptors. Don’t break if we have no GeoIP database.
– Replace files in stats/ rather than appending to them. Now that we
include statistics in extra-info descriptors, it makes no sense to
keep old statistics forever. Implements ticket 2930.
– Relays that set “ConnDirectionStatistics 1” write statistics on the
bidirectional use of connections to disk every 24 hours.
– Add a GeoIP file digest to the extra-info descriptor. Implements
ticket 1883.

o Minor features (new config options):

– New config option “DynamicDHGroups” (disabled by default) provides
each bridge with a unique prime DH modulus to be used during
SSL handshakes. This option attempts to help against censors
who might use the Apache DH modulus as a static identifier for
bridges. Addresses ticket 4548.

In the case a censor fingerprints on the DH modulus this can be used to let this fail.

– New config option “DisableDebuggerAttachment” (on by default)
to prevent basic debugging attachment attempts by other processes.
Supports Mac OS X and Gnu/Linux. Resolves ticket 3313.

– Ordinarily, Tor does not count traffic from private addresses (like or when calculating rate limits or accounting.
There is now a new option, CountPrivateBandwidth, to disable this
behavior. Patch from Daniel Cagara.

o Minor features (different behavior for old config options):
– Allow MapAddress directives to specify matches against super-domains,
as in “MapAddress * *”.
Implements issue 933.
– Don’t disable the DirPort when we cannot exceed our AccountingMax
limit during this interval because the effective bandwidthrate is
low enough. This is useful in a situation where AccountMax is only
used as an additional safeguard or to provide statistics.
– Add port 6523 (Gobby) to LongLivedPorts. Patch by intrigeri;
implements ticket 3439.
– When configuring a large set of nodes in EntryNodes, and there are
enough of them listed as Guard so that we don’t need to consider
the non-guard entries, prefer the ones listed with the Guard flag.
– If you set the NumCPUs option to 0, Tor will now try to detect how
many CPUs you have. This is the new default behavior.
– The NodeFamily option — which let you declare that you want to
consider nodes to be part of a family whether they list themselves
that way or not — now allows IP address ranges and country codes.

o Minor features (new command-line config behavior):
– Slightly change behavior of “list” options (that is, config
options that can appear more than once) when they appear both in
torrc and on the command line. Previously, the command-line options
would be appended to the ones from torrc. Now, the command-line
options override the torrc options entirely. This new behavior
allows the user to override list options (like exit policies and
ports to listen on) from the command line, rather than simply
appending to the list.
– You can get the old (appending) command-line behavior for “list”
options by prefixing the option name with a “+”.
– You can remove all the values for a “list” option from the command
line without adding any new ones by prefixing the option name
with a “/”.

o Minor features (controller, new events):
– Extend the control protocol to report flags that control a circuit’s
path selection in CIRC events and in replies to ‘GETINFO
circuit-status’. Implements part of ticket 2411.
– Extend the control protocol to report the hidden service address
and current state of a hidden-service-related circuit in CIRC
events and in replies to ‘GETINFO circuit-status’. Implements part
of ticket 2411.
– Include the creation time of a circuit in CIRC and CIRC2
control-port events and the list produced by the ‘GETINFO
circuit-status’ control-port command.
– Add a new CONF_CHANGED event so that controllers can be notified
of any configuration changes made by other controllers, or by the
user. Implements ticket 1692.
– Add a new SIGNAL event to the controller interface so that
controllers can be notified when Tor handles a signal. Resolves
issue 1955. Patch by John Brooks.

o Minor features (controller, new getinfo options):
– Expose our view of whether we have gone dormant to the controller,
via a new “GETINFO dormant” value. Torbutton and other controllers
can use this to avoid doing periodic requests through Tor while
it’s dormant (bug 4718). Resolves ticket 5954.
– Add a new GETINFO option to get total bytes read and written. Patch
from pipe, revised by atagar. Resolves ticket 2345.
– Implement new GETINFO controller fields to provide information about
the Tor process’s pid, euid, username, and resource limits.

o Minor features (controller, other):
– Allow controllers to request an event notification whenever a
circuit is cannibalized or its purpose is changed. Implements
part of ticket 3457.
– Use absolute path names when reporting the torrc filename in the
control protocol, so a controller can more easily find the torrc
file. Resolves bug 1101.
– When reporting the path to the cookie file to the controller,
give an absolute path. Resolves ticket 4881.

o Minor features (log messages):
– Add more information to a log statement that might help track down
bug 4091. If you’re seeing “Bug: tor_addr_is_internal() called with a
non-IP address” messages (or any Bug messages, for that matter!),
please let us know about it.
– If EntryNodes are given, but UseEntryGuards is set to 0, warn that
EntryNodes will have no effect. Resolves issue 2571.
– Try to make the introductory warning message that Tor prints on
startup more useful for actually finding help and information.
Resolves ticket 2474.
– When the system call to create a listener socket fails, log the
error message explaining why. This may help diagnose bug 4027.

o Minor features (other):
– When we fail to initialize Libevent, retry with IOCP disabled so we
don’t need to turn on multi-threading support in Libevent, which in
turn requires a working socketpair(). This is a workaround for bug
4457, which affects Libevent versions from 2.0.1-alpha through
– When starting as root and then changing our UID via the User
control option, and we have a ControlSocket configured, make sure
that the ControlSocket is owned by the same account that Tor will
run under. Implements ticket 3421; fix by Jérémy Bobbio.
– Accept attempts to include a password authenticator in the
handshake, as supported by SOCKS5. This handles SOCKS clients that
don’t know how to omit a password when authenticating. Resolves
bug 1666.
– Check for and recover from inconsistency in the microdescriptor
cache. This will make it harder for us to accidentally free a
microdescriptor without removing it from the appropriate data
structures. Fixes issue 3135; issue noted by “wanoskarnet”.
– Shorten links in the tor-exit-notice file. Patch by Christian Kujau.

o Minor bugfixes (code security):
– Prevent a null-pointer dereference when receiving a data cell
for a nonexistent stream when the circuit in question has an
empty deliver window. We don’t believe this is triggerable,
since we don’t currently allow deliver windows to become empty,
but the logic is tricky enough that it’s better to make the code
robust. Fixes bug 5541; bugfix on 0.0.2pre14.
– Fix a (harmless) integer overflow in cell statistics reported by
some fast relays. Fixes bug 5849; bugfix on
– Fix our implementation of crypto_random_hostname() so it can’t
overflow on ridiculously large inputs. (No Tor version has ever
provided this kind of bad inputs, but let’s be correct in depth.)
Fixes bug 4413; bugfix on Fix by Stephen Palmateer.
– Add a (probably redundant) memory clear between iterations of
the router status voting loop, to prevent future coding errors
where data might leak between iterations of the loop. Resolves
ticket 6514.

o Minor bugfixes (wrapper functions):
– Abort if tor_vasprintf() fails in connection_printf_to_buf() (a
utility function used in the control-port code). This shouldn’t
ever happen unless Tor is completely out of memory, but if it did
happen and Tor somehow recovered from it, Tor could have sent a log
message to a control port in the middle of a reply to a controller
command. Fixes part of bug 3428; bugfix on
– Fix some (not actually triggerable) buffer size checks in usage of
tor_inet_ntop(). Fixes bug 4434; bugfix on Tor Patch
by Anders Sundman.
– Fix parsing of some corner-cases with tor_inet_pton(). Fixes
bug 4515; bugfix on; fix by Anders Sundman.
– Enforce correct return behavior of tor_vsscanf() when the ‘%%’
pattern is used. Fixes bug 5558. Bugfix on
– Make our replacement implementation of strtok_r() compatible with
the standard behavior of strtok_r(). Patch by nils. Fixes bug 5091;
bugfix on
– Find more places in the code that should have been testing for
invalid sockets using the SOCKET_OK macro. Required for a fix
for bug 4533. Bugfix on

o Minor bugfixes (code correctness):
– Check return value of fputs() when writing authority certificate
file. Fixes Coverity issue 709056; bugfix on
– When building Tor on Windows with -DUNICODE (not default), ensure
that error messages, filenames, and DNS server names are always
NUL-terminated when we convert them to a single-byte encoding.
Fixes bug 5909; bugfix on
– Fix a memory leak when trying to launch a DNS request when the
nameservers are unconfigurable. Fixes bug 5916; bugfix on Tor
– Correct file sizes when reading binary files on Cygwin, to avoid
a bug where Tor would fail to read its state file. Fixes bug 6844;
bugfix on
– Make sure to set *socket_error in all error cases in
connection_connect(), so it can’t produce a warning about
errno being zero from errno_to_orconn_end_reason(). Bugfix on; resolves ticket 6028.
– Initialize conn->addr to a valid state in spawn_cpuworker(). Fixes
bug 4532; found by “troll_un”.

o Minor bugfixes (clients):
– Allow one-hop directory-fetching circuits the full “circuit build
timeout” period, rather than just half of it, before failing them
and marking the relay down. This fix should help reduce cases where
clients declare relays (or worse, bridges) unreachable because
the TLS handshake takes a few seconds to complete. Fixes bug 6743;
bugfix on, where we changed the timeout from a static
30 seconds.
– Ensure we don’t cannibalize circuits that are longer than three hops
already, so we don’t end up making circuits with 5 or more
hops. Patch contributed by wanoskarnet. Fixes bug 5231; bugfix on which introduced cannibalization.

o Minor bugfixes (relays):
– Don’t publish a new relay descriptor when we reload our onion key,
unless the onion key has actually changed. Fixes bug 3263 and
resolves another cause of bug 1810. Bugfix on
– When relays refuse a “create” cell because their queue of pending
create cells is too big (typically because their cpu can’t keep up
with the arrival rate), send back reason “resource limit” rather
than reason “internal”, so network measurement scripts can get a
more accurate picture. Bugfix on; fixes bug 7037.
– Exit nodes don’t need to fetch certificates for authorities that
they don’t recognize; only directory authorities, bridges,
and caches need to do that. Fixes part of bug 2297; bugfix on

o Minor bugfixes (directory authority / mirrors):
– Avoid O(n^2) performance characteristics when parsing a large
extrainfo cache. Fixes bug 5828; bugfix on
– Authorities no longer include any router in their microdescriptor
consensuses for which they couldn’t generate or agree on a
microdescriptor. Fixes the second piece of bug 6404; fix on
– When checking for requested signatures on the latest consensus
before serving it to a client, make sure to check the right
consensus flavor. Bugfix on
– Fix an edge case where TestingTorNetwork is set but the authorities
and relays all have an uptime of zero, so the private Tor network
could briefly lack support for hidden services. Fixes bug 3886;
bugfix on
– Directory caches no longer refuse to clean out descriptors because
of missing v2 networkstatus documents, unless they’re configured
to retrieve v2 networkstatus documents. Fixes bug 4838; bugfix on Patch by Daniel Bryg.
– Don’t serve or accept v2 hidden service descriptors over a relay’s
DirPort. It’s never correct to do so, and disabling it might
make it more annoying to exploit any bugs that turn up in the
descriptor-parsing code. Fixes bug 7149.

o Minor bugfixes (hidden services, client-side):
– Assert that hidden-service-related operations are not performed
using single-hop circuits. Previously, Tor would assert that
client-side streams are not attached to single-hop circuits,
but not that other sensitive operations on the client and service
side are not performed using single-hop circuits. Fixes bug 3332;
bugfix on 0.0.6.
– Avoid undefined behaviour when parsing the list of supported
rendezvous/introduction protocols in a hidden service descriptor.
Previously, Tor would have confused (as-yet-unused) protocol version
numbers greater than 32 with lower ones on many platforms. Fixes
bug 6827; bugfix on Found by George Kadianakis.
– Don’t close hidden service client circuits which have almost
finished connecting to their destination when they reach
the normal circuit-build timeout. Previously, we would close
introduction circuits which are waiting for an acknowledgement
from the introduction point, and rendezvous circuits which have
been specified in an INTRODUCE1 cell sent to a hidden service,
after the normal CBT. Now, we mark them as ‘timed out’, and launch
another rendezvous attempt in parallel. This behavior change can
be disabled using the new CloseHSClientCircuitsImmediatelyOnTimeout
option. Fixes part of bug 1297; bugfix on

o Minor bugfixes (hidden services, service-side):
– Don’t close hidden-service-side rendezvous circuits when they
reach the normal circuit-build timeout. This behaviour change can
be disabled using the new
CloseHSServiceRendCircuitsImmediatelyOnTimeout option. Fixes the
remaining part of bug 1297; bugfix on
– Don’t launch more than 10 service-side introduction-point circuits
for a hidden service in five minutes. Previously, we would consider
launching more introduction-point circuits if at least one second
had passed without any introduction-point circuits failing. Fixes
bug 4607; bugfix on 0.0.7pre1.

o Minor bugfixes (config option behavior):
– If the user tries to set MyFamily on a bridge, refuse to
do so, and warn about the security implications. Fixes bug 4657;
bugfix on
– The “–quiet” and “–hush” options now apply not only to Tor’s
behavior before logs are configured, but also to Tor’s behavior in
the absense of configured logs. Fixes bug 3550; bugfix on
– Change the AllowDotExit rules so they should actually work.
We now enforce AllowDotExit only immediately after receiving an
address via SOCKS or DNSPort: other sources are free to provide
.exit addresses after the resolution occurs. Fixes bug 3940;
bugfix on
– Make “LearnCircuitBuildTimeout 0” work more reliably. Specifically,
don’t depend on the consensus parameters or compute adaptive
timeouts when it is disabled. Fixes bug 5049; bugfix on
– After we pick a directory mirror, we would refuse to use it if
it’s in our ExcludeExitNodes list, resulting in mysterious failures
to bootstrap for people who just wanted to avoid exiting from
certain locations. Fixes bug 5623; bugfix on
– When told to add a bridge with the same digest as a preexisting
bridge but a different addr:port, change the addr:port as
requested. Previously we would not notice the change. Fixes half
of bug 5603; fix on

o Minor bugfixes (controller):
– Allow manual ‘authenticate’ commands to the controller interface
from netcat (nc) as well as telnet. We were rejecting them because
they didn’t come with the expected whitespace at the end of the
command. Bugfix on; fixes bug 2893.
– Report a real bootstrap problem to the controller on router
identity mismatch. Previously we just said “foo”, which probably
made a lot of sense at the time. Fixes bug 4169; bugfix on
– When we receive a SIGHUP and the controller __ReloadTorrcOnSIGHUP
option is set to 0 (which Vidalia version 0.2.16 now does when
a SAVECONF attempt fails), perform other actions that SIGHUP
usually causes (like reopening the logs). Fixes bug 5095; bugfix
– Correctly handle checking the permissions on the parent
directory of a control socket in the root directory. Bug found
by Esteban Manchado Velázquez. Fixes bug 5089; bugfix on Tor
– End AUTHCHALLENGE error messages (in the control protocol) with
a CRLF. Fixes bug 5760; bugfix on

o Minor bugfixes (network reading/writing):
– Disable writing on marked-for-close connections when they are
blocked on bandwidth, to prevent busy-looping in Libevent. Fixes
bug 5263; bugfix on 0.0.2pre13, where we first added a special
case for flushing marked connections.
– Make sure that there are no unhandled pending TLS errors before
reading from a TLS stream. We had checks in, but
lost them in when we refactored read_to_buf_tls().
Bugfix on; fixes bug 4528.
– Detect SSL handshake even when the initial attempt to write the
server hello fails. Fixes bug 4592; bugfix on
– If the client fails to set a reasonable set of ciphersuites
during its v2 handshake renegotiation, allow the renegotiation to
continue nevertheless (i.e. send all the required certificates).
Fixes bug 4591; bugfix on

o Minor bugfixes (other):
– Exit nodes now correctly report EADDRINUSE and EADDRNOTAVAIL as
resource exhaustion, so that clients can adjust their load to
try other exits. Fixes bug 4710; bugfix on, which
– Don’t check for whether the address we’re using for outbound
connections has changed until after the outbound connection has
completed. On Windows, getsockname() doesn’t succeed until the
connection is finished. Fixes bug 5374; bugfix on
– Don’t hold a Windows file handle open for every file mapping;
the file mapping handle is sufficient. Fixes bug 5951; bugfix on
– Fix wrong TCP port range in parse_port_range(). Fixes bug 6218;
bugfix on
– If we fail to write a microdescriptor to the disk cache, do not
continue replacing the old microdescriptor file. Fixes bug 2954;
bugfix on

o Minor bugfixes (log messages, path selection):
– Downgrade “set buildtimeout to low value” messages to “info”
severity; they were never an actual problem, there was never
anything reasonable to do about them, and they tended to spam logs
from time to time. Fixes bug 6251; bugfix on
– Rate-limit the “Weighted bandwidth is 0.000000” message, and add
more information to it, so that we can track it down in case it
returns again. Mitigates bug 5235.
– Check CircuitBuildTimeout and LearnCircuitBuildTimeout in
options_validate(); warn if LearnCircuitBuildTimeout is disabled and
CircuitBuildTimeout is set unreasonably low. Resolves ticket 5452.
– Issue a log message if a guard completes less than 40% of your
circuits. Threshold is configurable by torrc option
PathBiasNoticeRate and consensus parameter pb_noticepct. There is
additional, off-by-default code to disable guards which fail too
many circuits. Addresses ticket 5458.

o Minor bugfixes (log messages, client):
– Downgrade “Got a certificate, but we already have it” log messages
from warning to info, except when we’re a dirauth. Fixes bug 5238;
bugfix on
– Fix the log message describing how we work around discovering
that our version is the ill-fated OpenSSL 0.9.8l. Fixes bug
4837; bugfix on
– When logging about a disallowed .exit name, do not also call it
an “invalid onion address”. Fixes bug 3325; bugfix on
– Fix a log message suggesting that people contact a non-existent
email address. Fixes bug 3448.
– Rephrase the log message emitted if the TestSocks check is
successful. Patch from Fabian Keil; fixes bug 4094.
– Log (at debug level) whenever a circuit’s purpose is changed.
– Log SSL state transitions at log level DEBUG, log domain
HANDSHAKE. This can be useful for debugging censorship events.
Implements ticket 3264.
– We now log which torrc file we’re using on startup. Implements
ticket 2444.
– Rate-limit log messages when asked to connect anonymously to
a private address. When these hit, they tended to hit fast and
often. Also, don’t bother trying to connect to addresses that we
are sure will resolve to getting in a directory
reply makes us think we have been lied to, even when the address the
client tried to connect to was “localhost.” Resolves ticket 2822.

o Minor bugfixes (log messages, non-client):
– Downgrade “eventdns rejected address” message to LOG_PROTOCOL_WARN.
Fixes bug 5932; bugfix on
– Don’t log that we have “decided to publish new relay descriptor”
unless we are actually publishing a descriptor. Fixes bug 3942;
bugfix on
– Log which authority we’re missing votes from when we go to fetch
them from the other auths.
– Replace “Sending publish request” log messages with “Launching
upload”, so that they no longer confusingly imply that we’re
sending something to a directory we might not even be connected
to yet. Fixes bug 3311; bugfix on
– Warn when Tor is configured to use accounting in a way that can
link a hidden service to some other hidden service or public
address. Resolves ticket 6490.
– Fix a minor formatting issue in one of tor-gencert’s error messages.
Fixes bug 4574.

o Testing:
– Update to the latest version of the tinytest unit testing framework.
This includes a couple of bugfixes that can be relevant for
running forked unit tests on Windows, and removes all reserved
– Avoid a false positive in the util/threads unit test by increasing
the maximum timeout time. Fixes bug 6227; bugfix on
– Make it possible to set the TestingTorNetwork configuration
option using AlternateDirAuthority and AlternateBridgeAuthority
as an alternative to setting DirServer. Addresses ticket 6377.
– Add a unit test for the environment_variable_names_equal() function.
– A wide variety of new unit tests by Esteban Manchado Velázquez.
– Numerous new unit tests for functions in util.c and address.c by
Anders Sundman.
– The long-disabled benchmark tests are now split into their own
./src/test/bench binary.
– The benchmark tests can now use more accurate timers than
gettimeofday() when such timers are available.
– Use tt_assert(), not tor_assert(), for checking for test failures.
This makes the unit tests more able to go on in the event that
one of them fails.

o Build improvements:
– Use the dead_strip option when building Tor on OS X. This reduces
binary size by almost 19% when linking openssl and libevent
statically, which we do for Tor Browser Bundle.
– Provide a better error message about possible OSX Asciidoc failure
reasons. Fixes bug 6436.
– Detect attempts to build Tor on (as yet hypothetical) versions
of Windows where sizeof(intptr_t) != sizeof(SOCKET). Partial
fix for bug 4533. Bugfix on
– On Windows, we now define the _WIN32_WINNT macros only if they
are not already defined. This lets the person building Tor decide,
if they want, to require a later version of Windows.
– Our script now uses autoreconf to launch autoconf,
automake, and so on. This is more robust against some of the failure
modes associated with running the autotools pieces on their own.
– Running “make version” now displays the version of Tor that
we’re about to build. Idea from katmagic; resolves issue 4400.
– Make ‘tor –digests’ list hashes of all Tor source files. Bugfix
on; fixes bug 3427.
– New –enable-static-tor configure option for building Tor as
statically as possible. Idea, general hackery and thoughts from
Alexei Czeskis, John Gilmore, Jacob Appelbaum. Implements ticket
– Limited, experimental support for building with nmake and MSVC.

o Build requirements:
– Building Tor with bufferevent support now requires Libevent
2.0.13-stable or later. Previous versions of Libevent had bugs in
SSL-related bufferevents and related issues that would make Tor
work badly with bufferevents. Requiring 2.0.13-stable also allows
Tor with bufferevents to take advantage of Libevent APIs
introduced after 2.0.8-rc.
– Our build system requires automake 1.6 or later to create the files. Previously, you could have used 1.4.
This only affects developers and people building Tor from git;
people who build Tor from the source distribution without changing
the files should be fine.
– Detect when we try to build on a platform that doesn’t define
AF_UNSPEC to 0. We don’t work there, so refuse to compile.

o Build fixes (compile/link):
– Format more doubles with %f, not %lf. Patch from grarpamp to make
Tor build correctly on older BSDs again. Fixes bug 3894; bugfix on
– When building with –enable-static-tor on OpenBSD, do not
erroneously attempt to link -lrt. Fixes bug 5103.
– Set _WIN32_WINNT to 0x0501 consistently throughout the code, so
that IPv6 stuff will compile on MSVC, and compilation issues
will be easier to track down. Fixes bug 5861.
– Fix build and 64-bit compile warnings from –enable-openbsd-malloc.
Fixes bug 6379. Bugfix on
– Make Tor build correctly again with -DUNICODE -D_UNICODE defined.
Fixes bug 6097; bugfix on

o Build fixes (other):
– Use the _WIN32 macro throughout our code to detect Windows.
(Previously we had used the obsolete ‘WIN32’ and the idiosyncratic
– Properly handle the case where the build-tree is not the same
as the source tree when generating src/common/common_sha1.i,
src/or/micro-revision.i, and src/or/or_sha1.i. Fixes bug 3953;
bugfix on
– During configure, search for library containing cos function as
libm lives in libcore on some platforms (BeOS/Haiku). Linking
against libm was hard-coded before. Fixes the first part of bug
4727; bugfix on Patch and analysis by Martin Hebnes
– Prevent a false positive from the check-spaces script, by disabling
the “whitespace between function name and (” check for functions named ‘op()’.

o Packaging (RPM) changes:
– Update our default RPM spec files to work with mock and rpmbuild
on RHEL/Fedora. They have an updated set of dependencies and
conflicts, a fix for an ancient typo when creating the “_tor”
user, and better instructions. Thanks to Ondrej Mikle for the
patch series. Fixes bug 6043.
– On OpenSUSE, create the /var/run/tor directory on startup if it
is not already created. Patch from Andreas Stieger. Fixes bug 2573.

o Code refactoring (safety):
– Do not use SMARTLIST_FOREACH for any loop whose body exceeds
10 lines. Also, don’t nest them. Doing so in the past has
led to hard-to-debug code. The new style is to use the
SMARTLIST_FOREACH_{BEGIN,END} pair. Addresses issue 6400.
– Use macros to indicate OpenSSL versions, so we don’t need to worry
about accidental hexadecimal bit shifts.
– Use tor_sscanf() in place of scanf() in more places through the
code. This makes us a little more locale-independent, and
should help shut up code-analysis tools that can’t tell
a safe sscanf string from a dangerous one.
– Convert more instances of tor_snprintf+tor_strdup into tor_asprintf.
– Use the smartlist_add_asprintf() alias more consistently.

o Code refactoring (consolidate):
– A major revision to our internal node-selecting and listing logic.
Tor already had at least two major ways to look at the question of
“which Tor servers do we know about”: a list of router descriptors,
and a list of entries in the current consensus. With
microdescriptors, we’re adding a third. Having so many systems
without an abstraction layer over them was hurting the codebase.
Now, we have a new “node_t” abstraction that presents a consistent
interface to a client’s view of a Tor node, and holds (nearly) all
of the mutable state formerly in routerinfo_t and routerstatus_t.
– Move tor_gettimeofday_cached() into compat_libevent.c, and use
Libevent’s notion of cached time when possible.
– Remove duplicate code for invoking getrlimit() from control.c.
– Use OpenSSL’s built-in SSL_state_string_long() instead of our
own homebrewed ssl_state_to_string() replacement. Patch from
Emile Snyder. Fixes bug 4653.
– Change the symmetric cipher interface so that creating and
initializing a stream cipher are no longer separate functions.

o Code refactoring (separate):
– Make a new “entry connection” struct as an internal subtype of “edge
connection”, to simplify the code and make exit connections smaller.
– Split connection_about_to_close() into separate functions for each
connection type.
– Rewrite the listener-selection logic so that parsing which ports
we want to listen on is now separate from binding to the ports
we want.

o Code refactoring (name changes):
– Rename a handful of old identifiers, mostly related to crypto
structures and crypto functions. By convention, our “create an
object” functions are called “type_new()”, our “free an object”
functions are called “type_free()”, and our types indicate that
they are types only with a final “_t”. But a handful of older
types and functions broke these rules, with function names like
“type_create” or “subsystem_op_type”, or with type names like
– Rename Tor functions that turn strings into addresses, so that
“parse” indicates that no hostname resolution occurs, and
“lookup” indicates that hostname resolution may occur. This
should help prevent mistakes in the future. Fixes bug 3512.
– Use the name “CERTS” consistently to refer to the new cell type;
we were calling it CERT in some places and CERTS in others.
– Use a TOR_INVALID_SOCKET macro when initializing a socket to an
invalid value, rather than just -1.
– Rename the bench_{aes,dmap} functions to test_*, so that tinytest
can pick them up when the tests aren’t disabled. Bugfix on which introduced tinytest.

o Code refactoring (other):
– Defensively refactor rend_mid_rendezvous() so that protocol
violations and length checks happen in the beginning. Fixes
bug 5645.
– Remove the pure attribute from all functions that used it
previously. In many cases we assigned it incorrectly, because the
functions might assert or call impure functions, and we don’t have
evidence that keeping the pure attribute is worthwhile. Implements
changes suggested in ticket 4421.
– Move the replay-detection cache for the RSA-encrypted parts of
INTRODUCE2 cells to the introduction point data structures.
Previously, we would use one replay-detection cache per hidden
service. Required by fix for bug 3460.
– The helper programs tor-gencert, tor-resolve, and tor-checkkey
no longer link against Libevent: they never used it, but
our library structure used to force them to link it.

o Removed features and files:
– Remove all internal support for unpadded RSA. We never used it, and
it would be a bad idea to start.
– Remove some workaround code for OpenSSL 0.9.6 (which is no longer
– Remove some redundant #include directives throughout the code.
Patch from Andrea Gelmini.
– Remove some old code to remember statistics about which descriptors
we’ve served as a directory mirror. The feature wasn’t used and
is outdated now that microdescriptors are around.
– Remove some old code to work around even older versions of Tor that
used forked processes to handle DNS requests. Such versions of Tor
are no longer in use as relays.
– The “torify” script no longer supports the “tsocks” socksifier
tool, since tsocks doesn’t support DNS and UDP right for Tor.
Everyone should be using torsocks instead. Fixes bugs 3530 and
5180. Based on a patch by “ugh”.
– Remove the torrc.bridge file: we don’t use it for anything, and
it had become badly desynchronized from torrc.sample. Resolves
bug 5622.

o Documentation:
– Begin a doc/state-contents.txt file to explain the contents of
the Tor state file. Fixes bug 2987.
– Clarify the documentation for the Alternate*Authority options.
Fixes bug 6387.
– Document the –defaults-torrc option, and the new semantics for
overriding, extending, and clearing lists of options. Closes
bug 4748.
– Add missing man page documentation for consensus and microdesc
files. Resolves ticket 6732.
– Fix some typos in the manpages. Patch from A. Costa. Fixes bug 6500.
– Improve the manual’s documentation for the NT Service command-line
options. Addresses ticket 3964.
– Clarify SessionGroup documentation slightly; resolves ticket 5437.
– Document the changes to the ORPort and DirPort options, and the
fact that {OR/Dir}ListenAddress is now unnecessary (and
therefore deprecated). Resolves ticket 5597.
– Correct a broken faq link in the INSTALL file. Fixes bug 2307.
– Clarify that hidden services are TCP only. Fixes bug 6024.


From → General

Comments are closed.

%d bloggers like this: