The new version of Tor 0.3.5.7 arrives with several important changes

Tor Browser: DeviantArt Banner

Recently the new version of Tor 0.3.5.7 was released, which is used to organize the work of the anonymous Tor network.

Tor 0.3.5.7 is recognized as the first stable version of the 0.3.5 branch, which has been developing for the past four months.

At the same time, Corrective updates were also issued for the older Tor branches 0.3.4.10 and 0.3.3.11, which include accumulated bug fixes. The 0.3.5 branch will be accompanied by a long support cycle (LTS), which involves the release of updates for core functionality for three years (until February 1, 2022).

The Tor 0.3.5 series includes several new features and performance improvements, including client authorization for onion v3 services, cleanup of boot reports, support for improved bandwidth measurement tools, experimental support for NSS instead of OpenSSL, and much more.

Main new features of Tor 0.3.5.7

With this new release Added support for authorizing client connections to hidden services using the third version of the onion services protocol.

Authorization is implemented at the level of access to service descriptors, now the hidden service can be configured so that only preauthorized clients can decrypt the contents of the descriptor to obtain information about the connection.

Clients can make use of the "ClientOnionAuthDir" option added to torrc and the "authorized_clients /" directory has been proposed for services to store the list of authorized clients.

Hidden services based on the third version of the protocol, generation of revision counters has been improved to ensure scaling of services by running instances of the same service on different hosts without the need to configure data synchronization from the host.

To separate the client chains, a HiddenServiceExportCircuitID setting was proposed, which can be specified in relation to a hidden service when using the third version of the protocol.

This function allows you to access the hidden service through the HAProxy protocol to assign a virtual IP address to the incoming client strings.

Another important point is that Work has begun on a complete reorganization of the Tor code base structure to improve modularity and simplify project maintenance.

For example, the breakdown of large files into smaller files and the separation of a specific functionality began.

The "common" directory is divided into a set of libraries (the "lib" directory), the files in the "o" directory are moved to the base part (the "core" directory), the independent modules (the "feature" directory ) or applications (the "application" directory).

This has made optimizations to increase performance (startup time has been reduced by an average of 8%).

Other changes

By default, the third version of the protocol is enabled for onion services.

If it is necessary to create new hidden services based on the second version of the protocol, after installing the update, a configuration change will be required ("HiddenServiceVersion 2" option).

For existing services, the protocol version will remain unchanged, as it is indicated in the file with keys.

Finally default gateway stopped starting in exit node mode. If the ExitRelay parameter is set to "automatic", the exit node now requires explicit configuration of the traffic exit rules using the ExitPolicy and ReducedExitPolicy options.

Messages were modified during Tor startup, which could lead to a compatibility violation with external utilities for analyzing logs.

The information on the progress of receiving data from the directory server was terminated before a successful connection to the gateway (to relay or bridge) was established.

Y added support for improved bandwidth measurement tools and made a possibility expIt is erratic to use the NSS libraries developed by the Mozilla project instead of OpenSSL.


Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.