./net/tor, Anonymizing overlay network for TCP

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2010Q1, Version: 0.2.1.26, Package name: tor-0.2.1.26, Maintainer: athaba

The simple version: Tor provides a distributed network of servers ("onion
routers"). Users bounce their TCP streams (web traffic, FTP, SSH, etc.) around
the routers. This makes it hard for recipients, observers, and even the onion
routers themselves to track the source of the stream.

The complex version: Onion Routing is a connection-oriented anonymizing
communication service. Users choose a source-routed path through a set of
nodes, and negotiate a "virtual circuit" through the network, in which each
node knows its predecessor and successor, but no others. Traffic flowing down
the circuit is unwrapped by a symmetric key at each node, which reveals the
downstream node.


Required to run:
[devel/libevent]


Package options: threads

Master sites:

SHA1: 87af7aa658774031d181340848a875e4fd8e27bf
RMD160: 6fe03ec4a8f72c9eda4a47370ebb240db78a4a39
Filesize: 2349.364 KB

Version history: (Expand)

CVS history: (Expand)


   2010-05-14 21:47:14 by Matthias Scheler | Files touched by this commit (2) | Package updated
Log message:
Pullup ticket #3115 - requested by wiz
net/tor: bug fix update

Revisions pulled up:
- net/tor/Makefile		1.73
- net/tor/distinfo		1.42
---
Module Name:	pkgsrc
Committed By:	wiz
Date:		Thu May 13 19:42:09 UTC 2010

Modified Files:
	pkgsrc/net/tor: Makefile distinfo

Log message:
Update to 0.2.1.26, from maintainer Christian Sturm in PR 43302:

Changes in version 0.2.1.26 - 2010-05-02
  Tor 0.2.1.26 addresses the recent connection and memory overload
  problems we've been seeing on relays, especially relays with their
  DirPort open. If your relay has been crashing, or you turned it off
  because it used too many resources, give this release a try.

  This release also fixes yet another instance of broken OpenSSL libraries
  that was causing some relays to drop out of the consensus.

  o Major bugfixes:
    - Teach relays to defend themselves from connection overload. Relays
      now close idle circuits early if it looks like they were intended
      for directory fetches. Relays are also more aggressive about closing
      TLS connections that have no circuits on them. Such circuits are
      unlikely to be re-used, and tens of thousands of them were piling
      up at the fast relays, causing the relays to run out of sockets
      and memory. Bugfix on 0.2.0.22-rc (where clients started tunneling
      their directory fetches over TLS).
    - Fix SSL renegotiation behavior on OpenSSL versions like on Centos
      that claim to be earlier than 0.9.8m, but which have in reality
      backported huge swaths of 0.9.8m or 0.9.8n renegotiation
      behavior. Possible fix for some cases of bug 1346.
    - Directory mirrors were fetching relay descriptors only from v2
      directory authorities, rather than v3 authorities like they should.
      Only 2 v2 authorities remain (compared to 7 v3 authorities), leading
      to a serious bottleneck. Bugfix on 0.2.0.9-alpha. Fixes bug 1324.

  o Minor bugfixes:
    - Finally get rid of the deprecated and now harmful notion of "clique
      mode", where directory authorities maintain TLS connections to
      every other relay.

  o Testsuite fixes:
    - In the util/threads test, no longer free the test_mutex before all
      worker threads have finished. Bugfix on 0.2.1.6-alpha.
    - The master thread could starve the worker threads quite badly on
      certain systems, causing them to run only partially in the allowed
      window. This resulted in test failures. Now the master thread sleeps
      occasionally for a few microseconds while the two worker-threads
      compete for the mutex. Bugfix on 0.2.0.1-alpha.