Tor is een netwerk dat gebruikt kan worden om anoniem over het internet te surfen. Al het tcp-verkeer van gebruikers wordt langs verschillende Tor-routers geleid, waarna het voor de ontvanger niet meer mogelijk is om na te gaan wie de oorspronkelijke verzender was. Binnen het Tor-netwerk is die informatie nog wel aanwezig, zodat antwoorden – uiteraard ook weer via het stelsel van routers – uiteindelijk weer op de juiste plek aankomen. De ontwikkelaars hebben onlangs versie 0.1.2.18 uitgebracht en voorzien van de volgende aankondiging:
Tor 0.1.2.18 fixes many problems including crash bugs, problems with hidden service introduction that were causing huge delays, and a big bug that was causing some servers to disappear from the network status lists for a few hours each day.
We also modified the default Privoxy config files in the bundles to avoid some security problems, so make sure to leave "install Privoxy" checked when you upgrade.
Bundle users should upgrade. People using Privoxy in other contexts should make sure to follow the configuration advice here.
The Tor 0.1.1.x branch is now officially obsolete and unsupported.
Major bugfixes (crashes):
Major bugfixes (hidden services):
- If a connection is shut down abruptly because of something that happened inside connection_flushed_some(), do not call connection_finished_flushing(). Should fix bug 451: "connection_stop_writing: Assertion conn->write_event failed". Bugfix on 0.1.2.7-alpha.
- Fix possible segfaults in functions called from rend_process_relay_cell().
Major bugfixes (other):
- Hidden services were choosing introduction points uniquely by hexdigest, but when constructing the hidden service descriptor they merely wrote the (potentially ambiguous) nickname.
- Clients now use the v2 intro format for hidden service connections: they specify their chosen rendezvous point by identity digest rather than by (potentially ambiguous) nickname. These changes could speed up hidden service connections dramatically.
- Stop publishing a new server descriptor just because we get a HUP signal. This led (in a roundabout way) to some servers getting dropped from the networkstatus lists for a few hours each day.
- When looking for a circuit to cannibalize, consider family as well as identity. Fixes bug 438. Bugfix on 0.1.0.x (which introduced circuit cannibalization).
- When a router wasn't listed in a new networkstatus, we were leaving the flags for that router alone -- meaning it remained Named, Running, etc -- even though absence from the networkstatus means that it shouldn't be considered to exist at all anymore. Now we clear all the flags for routers that fall out of the networkstatus consensus. Fixes bug 529.
- Don't try to access (or alter) the state file when running --list-fingerprint or --verify-config or --hash-password. Resolves bug 499.
- When generating information telling us how to extend to a given router, do not try to include the nickname if it is absent. (Resolves bug 467.)
- Fix a user-triggerable segfault in expand_filename(). (There isn't a way to trigger this remotely.)
- When sending a status event to the controller telling it that an OR address is readable, set the port correctly. (Previously we were reporting the dir port.)
- Fix a minor memory leak whenever a controller sends the PROTOCOLINFO command. Bugfix on 0.1.2.17.
- When loading bandwidth history, do not believe any information in the future. Fixes bug 434.
- When loading entry guard information, do not believe any information in the future.
- When we have our clock set far in the future and generate an onion key, then re-set our clock to be correct, we should not stop the onion key from getting rotated.
- On some platforms, accept() can return a broken address. Detect this more quietly, and deal accordingly. Fixes bug 483.
- It's not actually an error to find a non-pending entry in the DNS cache when canceling a pending resolve. Don't log unless stuff is fishy. Resolves bug 463.
- Don't reset trusted dir server list when we set a configuration option. Patch from Robert Hogan.