您当前的位置：首页 > 免费翻墙软件

Tor 0.3.0.6 is released: a new series is stable!

时间：2017-05-03 来源：torproject 作者：nickm 条评论

Minor bugfixes (portability):

Use "OpenBSD" compiler macro instead of "OPENBSD" or "__OpenBSD__". It is supported by OpenBSD itself, and also by most OpenBSD variants (such as Bitrig). Fixes bug 20980; bugfix on 0.1.2.1-alpha.

Minor bugfixes (portability, also in 0.2.9.9):

Avoid crashing when Tor is built using headers that contain CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix on 0.2.9.1-alpha.
Fix Libevent detection on platforms without Libevent 1 headers installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha.

Minor bugfixes (relay):

Avoid a double-marked-circuit warning that could happen when we receive DESTROY cells under heavy load. Fixes bug 20059; bugfix on 0.1.0.1-rc.
Honor DataDirectoryGroupReadable when tor is a relay. Previously, initializing the keys would reset the DataDirectory to 0700 instead of 0750 even if DataDirectoryGroupReadable was set to 1. Fixes bug 19953; bugfix on 0.0.2pre16. Patch by "redfish".

Minor bugfixes (testing):

Fix Raspbian build issues related to missing socket errno in test_util.c. Fixes bug 21116; bugfix on 0.2.8.2. Patch by "hein".
Remove undefined behavior from the backtrace generator by removing its signal handler. Fixes bug 21026; bugfix on 0.2.5.2-alpha.
Use bash in src/test/test-network.sh. This ensures we reliably call chutney's newer tools/test-network.sh when available. Fixes bug 21562; bugfix on 0.2.9.1-alpha.

Minor bugfixes (tor-resolve):

The tor-resolve command line tool now rejects hostnames over 255 characters in length. Previously, it would silently truncate them, which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5. Patch by "junglefowl".

Minor bugfixes (unit tests):

Allow the unit tests to pass even when DNS lookups of bogus addresses do not fail as expected. Fixes bug 20862 and 20863; bugfix on unit tests introduced in 0.2.8.1-alpha through 0.2.9.4-alpha.

Minor bugfixes (util):

When finishing writing a file to disk, if we were about to replace the file with the temporary file created before and we fail to replace it, remove the temporary file so it doesn't stay on disk. Fixes bug 20646; bugfix on 0.2.0.7-alpha. Patch by fk.

Minor bugfixes (Windows services):

Be sure to initialize the monotonic time subsystem before using it, even when running as an NT service. Fixes bug 21356; bugfix on 0.2.9.1-alpha.

Minor bugfixes (Windows):

Check for getpagesize before using it to mmap files. This fixes compilation in some MinGW environments. Fixes bug 20530; bugfix on 0.1.2.1-alpha. Reported by "ice".

Code simplification and refactoring:

Abolish all global guard context in entrynodes.c; replace with new guard_selection_t structure as preparation for proposal 271. Closes ticket 19858.
Extract magic numbers in circuituse.c into defined variables.
Introduce rend_service_is_ephemeral() that tells if given onion service is ephemeral. Replace unclear NULL-checkings for service directory with this function. Closes ticket 20526.
Refactor circuit_is_available_for_use to remove unnecessary check.
Refactor circuit_predict_and_launch_new for readability and testability. Closes ticket 18873.
Refactor code to manipulate global_origin_circuit_list into separate functions. Closes ticket 20921.
Refactor large if statement in purpose_needs_anonymity to use switch statement instead. Closes part of ticket 20077.
Refactor the hashing API to return negative values for errors, as is done as throughout the codebase. Closes ticket 20717.
Remove data structures that were used to index or_connection objects by their RSA identity digests. These structures are fully redundant with the similar structures used in the channel abstraction.
Remove duplicate code in the channel_write_*cell() functions. Closes ticket 13827; patch from Pingl.
Remove redundant behavior of is_sensitive_dir_purpose, refactor to use only purpose_needs_anonymity. Closes part of ticket 20077.
The code to generate and parse EXTEND and EXTEND2 cells has been replaced with code automatically generated by the "trunnel" utility.

Documentation (formatting):

Clean up formatting of tor.1 man page and HTML doc, where <pre> blocks were incorrectly appearing. Closes ticket 20885.

Documentation (man page):

Clarify many options in tor.1 and add some min/max values for HiddenService options. Closes ticket 21058.

Documentation:

Change '1' to 'weight_scale' in consensus bw weights calculation comments, as that is reality. Closes ticket 20273. Patch from pastly.
Clarify that when ClientRejectInternalAddresses is enabled (which is the default), multicast DNS hostnames for machines on the local network (of the form *.local) are also rejected. Closes ticket 17070.
Correct the value for AuthDirGuardBWGuarantee in the manpage, from 250 KBytes to 2 MBytes. Fixes bug 20435; bugfix on 0.2.5.6-alpha.
Include the "TBits" unit in Tor's man page. Fixes part of bug 20622; bugfix on 0.2.5.1-alpha.
Small fixes to the fuzzing documentation. Closes ticket 21472.
Stop the man page from incorrectly stating that HiddenServiceDir must already exist. Fixes 20486.
Update the description of the directory server options in the manual page, to clarify that a relay no longer needs to set DirPort in order to be a directory cache. Closes ticket 21720.

Removed features:

The AuthDirMaxServersPerAuthAddr option no longer exists: The same limit for relays running on a single IP applies to authority IP addresses as well as to non-authority IP addresses. Closes ticket 20960.
The UseDirectoryGuards torrc option no longer exists: all users that use entry guards will also use directory guards. Related to proposal 271; implements part of ticket 20831.

Testing:

Add tests for networkstatus_compute_bw_weights_v10.
Add unit tests circuit_predict_and_launch_new.
Extract dummy_origin_circuit_new so it can be used by other test functions.
New unit tests for tor_htonll(). Closes ticket 19563. Patch from "overcaffeinated".
Perform the coding style checks when running the tests and fail when coding style violations are found. Closes ticket 5500.

来自https://blog.torproject.org/blog/tor-0306-released-new-series-stableJ0I免费翻墙网

Tor 0.3.0.6是Tor 0.3.0系列的第一个稳定版本。J0I免费翻墙网
J0I免费翻墙网
使用0.3.0系列，客户端和继电器现在使用Ed25519键验证其与继电器的链接连接，而不是以前使用的旧RSA1024密钥。（电路密码自从0.2.4.8-alpha以来一直是Curve25519认证的）。我们还替代了保护选择和替换算法，在存在不可靠的网络的情况下更强大地运行，并且抵抗了防护捕获攻击。J0I免费翻墙网
J0I免费翻墙网
该系列还包括许多其他小功能和错误修复，以及即将到来的隐藏服务改造的更多基础。J0I免费翻墙网
J0I免费翻墙网
根据我们的稳定发布政策，我们计划至少在未来九个月内支持Tor 0.3.0版本系列，或者在0.3.1系列首次稳定发布后三个月内以较长者为准。如果您需要长期支持的版本，我们建议您使用0.2.9系列。J0I免费翻墙网
J0I免费翻墙网
如果您从源头构建Tor，您可以在网站上的通常位置找到它。软件包应在接下来的几周内准备好，Tor浏览器版可能在5月下旬或6月上旬。J0I免费翻墙网
J0I免费翻墙网
以下是0.2.9.10以来的变化。有关仅0.3.0.5-rc之后的更改的列表，请参阅ChangeLog文件。J0I免费翻墙网
J0I免费翻墙网
版本0.3.0.6 - 2017-04-26中的更改J0I免费翻墙网
主要功能（目录权限，安全性）：J0I免费翻墙网
AuthDirPinKeys的默认值现在为1：目录管理机构将拒绝RSA身份密钥与以前看到的值相匹配的继电器，但Ed25519密钥已更改。关闭票18319。J0I免费翻墙网
主要功能（保护选择算法）：J0I免费翻墙网
Tor的保卫选择算法已经从头开始重新设计，更好地支持不可靠的网络和限制性的入口节点，并更好地抵御敌对局部网络的防护捕获攻击。执行建议271;关闭票19877。J0I免费翻墙网
J0I免费翻墙网
J0I免费翻墙网
主要功能（下一代隐藏服务）：J0I免费翻墙网
继电器现在可以处理由prop224“下一代隐藏服务”指定的v3 ESTABLISH_INTRO单元格。服务和客户端还没有使用此功能。关闭票19043.根据Alec Heifetz的初始代码。J0I免费翻墙网
继电器现在支持HSDir版本3协议，以便它们可以存储和服务v3描述符。这是提案224中提到的下一代洋葱服务工作的一部分。关闭票17238。J0I免费翻墙网
主要功能（协议，ed25519身份密钥）：J0I免费翻墙网
客户现在支持在它们生成的EXTEND2单元中包含Ed25519身份密钥。默认情况下，它由一个共识参数控制，目前已禁用。您可以通过在配置中设置ExtendByEd25519ID来打开此功能进行测试。但是，这可能会使您的流量与其他用户生成的流量不同。执行部分票15056;提案220的一部分。J0I免费翻墙网
继电器现在可以通过Ed25519身份密钥了解对其他继电器的要求。