New alpha release: Tor 0.4.5.2-alpha

by nickm | November 23, 2020

*Note: The Tor Project's postal address has changed since this post was published. Find the most current address in our FAQ.

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.5.2-alpha from the download page on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release by mid-December.

Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.

Tor 0.4.5.2-alpha is the second alpha release in the 0.4.5.x series. It fixes several bugs present in earlier releases, including one that made it impractical to run relays on Windows. It also adds a few small safety features to improve Tor's behavior in the presence of strange compile-time options, misbehaving proxies, and future versions of OpenSSL.

Changes in version 0.4.5.2-alpha - 2020-11-23

  • Major bugfixes (relay, windows):
    • Fix a bug in our implementation of condition variables on Windows. Previously, a relay on Windows would use 100% CPU after running for some time. Because of this change, Tor now require Windows Vista or later to build and run. Fixes bug 30187; bugfix on 0.2.6.3-alpha. (This bug became more serious in 0.3.1.1-alpha with the introduction of consensus diffs.) Patch by Daniel Pinto.
  • Minor features (compilation):
    • Disable deprecation warnings when building with OpenSSL 3.0.0 or later. There are a number of APIs newly deprecated in OpenSSL 3.0.0 that Tor still requires. (A later version of Tor will try to stop depending on these APIs.) Closes ticket 40165.

 

  • Minor features (protocol, proxy support, defense in depth):
    • Respond more deliberately to misbehaving proxies that leave leftover data on their connections, so as to make Tor even less likely to allow the proxies to pass their data off as having come from a relay. Closes ticket 40017.
  • Minor features (safety):
    • Log a warning at startup if Tor is built with compile-time options that are likely to make it less stable or reliable. Closes ticket 18888.
  • Minor bugfixes (circuit, handshake):
    • In the v3 handshaking code, use connection_or_change_state() to change the state. Previously, we changed the state directly, but this did not pass the state change to the pubsub or channel objects, potentially leading to bugs. Fixes bug 32880; bugfix on 0.2.3.6-alpha. Patch by Neel Chauhan.
  • Minor bugfixes (compilation):
    • Use the correct 'ranlib' program when building libtor.a. Previously we used the default ranlib, which broke some kinds of cross-compilation. Fixes bug 40172; bugfix on 0.4.5.1-alpha.
    • Remove a duplicate typedef in metrics_store.c. Fixes bug 40177; bugfix on 0.4.5.1-alpha.
    • When USDT tracing is enabled, and STAP_PROBEV() is missing, don't attempt to build. Linux supports that macro but not the BSDs. Fixes bug 40174; bugfix on 0.4.5.1-alpha.
  • Minor bugfixes (configuration):
    • Exit Tor on a misconfiguration when the Bridge line is configured to use a transport but no corresponding ClientTransportPlugin can be found. Prior to this fix, Tor would attempt to connect to the bridge directly without using the transport, making it easier for adversaries to notice the bridge. Fixes bug 25528; bugfix on 0.2.6.1-alpha.
    • Fix an issue where an ORPort was compared with other kinds of ports, when it should have been only checked against other ORPorts. This bug would lead to "DirPort auto" getting ignored. Fixes bug 40195; bugfix on 0.4.5.1-alpha.
    • Fix a bug where a second non-ORPort with a variant family (ex: SocksPort [::1]:9050) would be ignored due to a configuration parsing error. Fixes bug 40183; bugfix on 0.4.5.1-alpha.
  • Minor bugfixes (crash, relay, signing key):
    • Avoid assertion failures when we run Tor from the command line with `--key-expiration sign`, but an ORPort is not set. Fixes bug 40015; bugfix on 0.3.2.1-alpha. Patch by Neel Chauhan.
  • Minor bugfixes (logging):
    • Remove trailing whitespace from control event log messages. Fixes bug 32178; bugfix on 0.1.1.1-alpha. Based on a patch by Amadeusz Pawlik.
    • Turn warning-level log message about SENDME failure into a debug- level message. (This event can happen naturally, and is no reason for concern). Fixes bug 40142; bugfix on 0.4.1.1-alpha.
  • Minor bugfixes (relay, address discovery):
    • Don't trigger an IP change when no new valid IP can be found. Fixes bug 40071; bugfix on 0.4.5.1-alpha.
    • When attempting to discover our IP, use a simple test circuit, rather than a descriptor fetch: the same address information is present in NETINFO cells, and is better authenticated there. Fixes bug 40071; bugfix on 0.4.5.1-alpha.
  • Minor bugfixes (testing):
    • Fix the `config/parse_tcp_proxy_line` test so that it works correctly on systems where the DNS provider hijacks invalid queries. Fixes part of bug 40179; bugfix on 0.4.3.1-alpha.
    • Fix unit tests that used newly generated list of routers so that they check them with respect to the date when they were generated, not with respect to the current time. Fixes bug 40187; bugfix on 0.4.5.1-alpha.
    • Fix our Python reference-implementation for the v3 onion service handshake so that it works correctly with the version of hashlib provided by Python 3.9. Fixes part of bug 40179; bugfix on 0.3.1.6-rc.
    • Fix the `tortls/openssl/log_one_error` test to work with OpenSSL 3.0.0. Fixes bug 40170; bugfix on 0.2.8.1-alpha.
  • Removed features (controller):
    • Remove the "GETINFO network-status" controller command. It has been deprecated since 0.3.1.1-alpha. Closes ticket 22473.
  • Tor 0.4.5.2-alpha is the second alpha release in the 0.4.5.x series. It fixes several bugs present in earlier releases, including one that made it impractical to run relays on Windows. It also adds a few small safety features to improve Tor's behavior in the presence of strange compile-time options, misbehaving proxies, and future versions of OpenSSL.

    Changes in version 0.4.5.2-alpha - 2020-11-23

    • Major bugfixes (relay, windows):
      • Fix a bug in our implementation of condition variables on Windows. Previously, a relay on Windows would use 100% CPU after running for some time. Because of this change, Tor now require Windows Vista or later to build and run. Fixes bug 30187; bugfix on 0.2.6.3-alpha. (This bug became more serious in 0.3.1.1-alpha with the introduction of consensus diffs.) Patch by Daniel Pinto.
    • Minor features (compilation):
      • Disable deprecation warnings when building with OpenSSL 3.0.0 or later. There are a number of APIs newly deprecated in OpenSSL 3.0.0 that Tor still requires. (A later version of Tor will try to stop depending on these APIs.) Closes ticket 40165.

     

    • Minor features (protocol, proxy support, defense in depth):
      • Respond more deliberately to misbehaving proxies that leave leftover data on their connections, so as to make Tor even less likely to allow the proxies to pass their data off as having come from a relay. Closes ticket 40017.
    • Minor features (safety):
      • Log a warning at startup if Tor is built with compile-time options that are likely to make it less stable or reliable. Closes ticket 18888.
    • Minor bugfixes (circuit, handshake):
      • In the v3 handshaking code, use connection_or_change_state() to change the state. Previously, we changed the state directly, but this did not pass the state change to the pubsub or channel objects, potentially leading to bugs. Fixes bug 32880; bugfix on 0.2.3.6-alpha. Patch by Neel Chauhan.
    • Minor bugfixes (compilation):
      • Use the correct 'ranlib' program when building libtor.a. Previously we used the default ranlib, which broke some kinds of cross-compilation. Fixes bug 40172; bugfix on 0.4.5.1-alpha.
      • Remove a duplicate typedef in metrics_store.c. Fixes bug 40177; bugfix on 0.4.5.1-alpha.
      • When USDT tracing is enabled, and STAP_PROBEV() is missing, don't attempt to build. Linux supports that macro but not the BSDs. Fixes bug 40174; bugfix on 0.4.5.1-alpha.
    • Minor bugfixes (configuration):
      • Exit Tor on a misconfiguration when the Bridge line is configured to use a transport but no corresponding ClientTransportPlugin can be found. Prior to this fix, Tor would attempt to connect to the bridge directly without using the transport, making it easier for adversaries to notice the bridge. Fixes bug 25528; bugfix on 0.2.6.1-alpha.
      • Fix an issue where an ORPort was compared with other kinds of ports, when it should have been only checked against other ORPorts. This bug would lead to "DirPort auto" getting ignored. Fixes bug 40195; bugfix on 0.4.5.1-alpha.
      • Fix a bug where a second non-ORPort with a variant family (ex: SocksPort [::1]:9050) would be ignored due to a configuration parsing error. Fixes bug 40183; bugfix on 0.4.5.1-alpha.
    • Minor bugfixes (crash, relay, signing key):
      • Avoid assertion failures when we run Tor from the command line with `--key-expiration sign`, but an ORPort is not set. Fixes bug 40015; bugfix on 0.3.2.1-alpha. Patch by Neel Chauhan.
    • Minor bugfixes (logging):
      • Remove trailing whitespace from control event log messages. Fixes bug 32178; bugfix on 0.1.1.1-alpha. Based on a patch by Amadeusz Pawlik.
      • Turn warning-level log message about SENDME failure into a debug- level message. (This event can happen naturally, and is no reason for concern). Fixes bug 40142; bugfix on 0.4.1.1-alpha.
    • Minor bugfixes (relay, address discovery):
      • Don't trigger an IP change when no new valid IP can be found. Fixes bug 40071; bugfix on 0.4.5.1-alpha.
      • When attempting to discover our IP, use a simple test circuit, rather than a descriptor fetch: the same address information is present in NETINFO cells, and is better authenticated there. Fixes bug 40071; bugfix on 0.4.5.1-alpha.
    • Minor bugfixes (testing):
      • Fix the `config/parse_tcp_proxy_line` test so that it works correctly on systems where the DNS provider hijacks invalid queries. Fixes part of bug 40179; bugfix on 0.4.3.1-alpha.
      • Fix unit tests that used newly generated list of routers so that they check them with respect to the date when they were generated, not with respect to the current time. Fixes bug 40187; bugfix on 0.4.5.1-alpha.
      • Fix our Python reference-implementation for the v3 onion service handshake so that it works correctly with the version of hashlib provided by Python 3.9. Fixes part of bug 40179; bugfix on 0.3.1.6-rc.
      • Fix the `tortls/openssl/log_one_error` test to work with OpenSSL 3.0.0. Fixes bug 40170; bugfix on 0.2.8.1-alpha.
    • Removed features (controller):
      • Remove the "GETINFO network-status" controller command. It has been deprecated since 0.3.1.1-alpha. Closes ticket 22473.

Comments

Please note that the comment area below has been archived.

November 23, 2020

Permalink

Hey could someone look into this? I got this since recently and this never happened before! Using latest stable version of OS.

> apt update

Err: https://deb.torproject.org/torproject.org buster InRelease
The following signatures were invalid: EXPKEYSIG 74A941BA219EC810 deb.torproject.org archive signing key
W: Failed to fetch https://deb.torproject.org/torproject.org/dists/buster/InRelease The following signatures were invalid: EXPKEYSIG 74A941BA219EC810 deb.torproject.org archive signing key

> dpkg --list|grep deb.torproject.org-keyring

Already have v2018.08.06

> apt-key adv --keyserver keyserver.ubuntu.com --recv-key 74A941BA219EC810

Executing: /000.sh --keyserver keyserver.ubuntu.com --recv-key 74A941BA219EC810
gpg: key EE8CBC9E886DDD89: "deb.torproject.org archive signing key" not changed
gpg: Total number processed: 1
gpg: unchanged: 1

Your log says EXPKEYSIG, short for "expired key signature". That means your copy of key 0x74A941BA219EC810 is expired. The package, deb.torproject.org-keyring, is hosted on deb.torproject.org whose file listings your apt is unable to import because of the expired key. Being unable to import it, your dpkg thinks your 2018 copy of the key is up to date. In the repository, its version is no longer v2018.08.06 but 2020.11.18.

Your final command, apt-key adv ..., should have updated your copy of the key, but the output doesn't mention new signatures on the key. Tor Project has been saving their keys to torproject.org servers since a key-signature flooding/poisoning attack in 2019. If it isn't the fault of something on your end, it's also possible that they could have not been sending it to the keyservers lately, but they might have done so after you wrote your comment. Try to update the key now, and then run apt update. The copy of the key on keyserver.ubuntu.com at the time I write this appears to expire on 2022-06-11.

Full instructions are here: https://jqlsbiwihs.oedi.net/apt/tor-deb-repo/

i also used the deb.torproject.org-keyring package but apt broke.

tor://sdscoq7snqtznauu.onion/torproject.org/dists/bullseye/InRelease failed: EXPKEYSIG 74A941BA219EC810 deb.torproject.org archive signing key

Manually fixed by:

  1. torsocks wget <a href="http://sdscoq7snqtznauu.onion/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc" rel="nofollow">http://sdscoq7snqtznauu.onion/torproject.org/A3C4F0F979CAA22CDBA8F512EE…</a><br />
  2. sudo apt-key add A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc

November 25, 2020

Permalink

Stuck at asking for relay descriptors. Was connecting before but anymore no matter trials. This for Linux connecting to H20 Att.

December 02, 2020

Permalink

> Exit Tor on a misconfiguration when the Bridge line is configured to use a transport but no corresponding ClientTransportPlugin can be found.

$ cat torrc
ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy
Bridge obfs4 192.95.36.142:443 CDF2E852BF539B82BD10E27E9115A31734E378C2
UseBridges 1

$ tor -f torrc --verify-config
[notice] Tor 0.4.5.2-alpha running on Linux with Libevent 2.1.12-stable, OpenSSL 1.1.1h, Zlib 1.2.11, Liblzma 5.2.4, Libzstd 1.4.5 and Glibc 2.31 as libc.
[...]
[warn] Bridge line with transport obfs4 is missing a ClientTransportPlugin line
[err] set_options(): Bug: Acting on config options left us in a broken state. Dying. (on Tor 0.4.5.2-alpha )
[err] Reading config failed--see warnings above.

This also breaks the default Tor Browser configuration
https://gitweb.torproject.org/builders/tor-browser-build.git/plain/proj…

December 03, 2020

Permalink

> Because of this change, Tor now require Windows Vista or later to build and run.
Could you make such changes AFTER the next LTS tor?

For the convenience of relay operators and package maintainers, here is LTS information from the ChangeLog (ReleaseNotes doesn't include alphas):

Per our support policy, we support each stable release series for nine months after its first stable release, or three months after the first stable release of the next series: whichever is longer. This means that 0.4.4.x will be supported until around June 2021--or later, if 0.4.5.x is later than anticipated.

Note also that support for 0.4.2.x has just ended; support for 0.4.3.x will continue until Feb 15, 2021. We still plan to continue supporting 0.3.5.x, our long-term stable series, until Feb 2022.

December 07, 2020

Permalink

[Moderator: Fifth attempt to post. TP is asking for money but your mail address is not working!]

Tor Project is in the middle of a funding drive with time limited matching grant. The Board of Directors needs to immediately look into this issue:

USPS is claiming that the mailing address given in your website

https://decvnxytmk.oedi.net/contact/

> Send us Mail
>
> The Tor Project
> 217 1st Ave South #4903
> Seattle, WA 98194 USA

is invalid. They claim someone apparently asked the private mailbox company at that street address to forward mail to a second address, but this expired more than a year ago so USPS is no longer honoring the forwarding address.

December 16, 2020

Permalink

I compiled this version using Libevent 2.1.12-stable, OpenSSL 1.1.1h, and zlib 1.2.11.
The moment I run Tor with Bridge enabled, I receive the error below:

  1. Dec 16 18:22:30.447 [Warning] Problem bootstrapping. Stuck at 10% (conn_done): Connected to a relay. (TLS_ERROR; TLS_ERROR; count 4; recommendation warn; host 22DEB9BEA09A1EF652777DFD987405D9314596C9 at 185.220.101.154:19263)<br />
  2. Dec 16 18:22:30.448 [Warning] 4 connections have failed:<br />
  3. Dec 16 18:22:30.448 [Warning] 4 connections died in state handshaking (TLS) with SSL state SSLv3/TLS write client hello in HANDSHAKE

I also had to edit some lines in the torrc file because it will not accept the previous settings.

Old Settings

  1. Bridge obfs4 XX.XXX.XX.XXX:XXXXX EC4F9DA66F520A094E5B534AA08DFC1AB5E95B64 cert=OJJtSTddonrjXMCWGX97lIagsGtGiFnUI6t/OGFbKtpvWiFEfS0sLBnhLmHUENLoW1soeg iat-mode=1<br />
  2. ClientTransportPlugin obfs2,obfs3,obfs4,scramblesuit exec X:\PluggableTransports\obfs4proxy

New Settings

  1. Bridge XX.XXX.XX.XXX:XXXXX EC4F9DA66F520A094E5B534AA08DFC1AB5E95B64<br />
  2. ClientTransportPlugin obfs4 exec D:\OS1\Proxy\PluggableTransports\obfs4proxy

Even thought it's accepting the new lines, I'm still receiving the error above.

If i run Tor with Bridge disabled, I don't receive any error.

When I use 0.4.3.5, I don't receive any error. My OS is Windows 10 x64.
I tried compiling 0.4.4.5 and 0.4.5.1-alpha, but they will not detect Libevent 2.1.12-stable.