Tor 0.2.2.6-alpha released

by phobos | December 3, 2009

On November 19, we released the latest in the Tor alpha series, version 0.2.2.6-alpha. This release lays the groundwork for many upcoming features:
support for the new lower-footprint "microdescriptor" directory design,
future-proofing our consensus format against new hash functions or
other changes, and an Android port. It also makes Tor compatible with
the upcoming OpenSSL 0.9.8l release, and fixes a variety of bugs.

It can be downloaded at https://sedvblmbog.tudasnich.de/download.html.en

Major features:

  • Directory authorities can now create, vote on, and serve multiple
    parallel formats of directory data as part of their voting process.
    Partially implements Proposal 162: "Publish the consensus in
    multiple flavors".
  • Directory authorities can now agree on and publish small summaries
    of router information that clients can use in place of regular
    server descriptors. This transition will eventually allow clients
    to use far less bandwidth for downloading information about the
    network. Begins the implementation of Proposal 158: "Clients
    download consensus + microdescriptors".
  • The directory voting system is now extensible to use multiple hash
    algorithms for signatures and resource selection. Newer formats
    are signed with SHA256, with a possibility for moving to a better
    hash algorithm in the future.
  • New DisableAllSwap option. If set to 1, Tor will attempt to lock all
    current and future memory pages via mlockall(). On supported
    platforms (modern Linux and probably BSD but not Windows or OS X),
    this should effectively disable any and all attempts to page out
    memory. This option requires that you start your Tor as root --
    if you use DisableAllSwap, please consider using the User option
    to properly reduce the privileges of your Tor.
  • Numerous changes, bugfixes, and workarounds from Nathan Freitas
    to help Tor build correctly for Android phones.

Major bugfixes:

  • Work around a security feature in OpenSSL 0.9.8l that prevents our
    handshake from working unless we explicitly tell OpenSSL that we
    are using SSL renegotiation safely. We are, but OpenSSL 0.9.8l
    won't work unless we say we are.

Minor bugfixes:

  • Fix a crash bug when trying to initialize the evdns module in
    Libevent 2. Bugfix on 0.2.1.16-rc.
  • Stop logging at severity 'warn' when some other Tor client tries
    to establish a circuit with us using weak DH keys. It's a protocol
    violation, but that doesn't mean ordinary users need to hear about
    it. Fixes the bug part of bug 1114. Bugfix on 0.1.0.13.
  • Do not refuse to learn about authority certs and v2 networkstatus
    documents that are older than the latest consensus. This bug might
    have degraded client bootstrapping. Bugfix on 0.2.0.10-alpha.
    Spotted and fixed by xmux.
  • Fix numerous small code-flaws found by Coverity Scan Rung 3.
  • If all authorities restart at once right before a consensus vote,
    nobody will vote about "Running", and clients will get a consensus
    with no usable relays. Instead, authorities refuse to build a
    consensus if this happens. Bugfix on 0.2.0.10-alpha; fixes bug 1066.
  • If your relay can't keep up with the number of incoming create
    cells, it would log one warning per failure into your logs. Limit
    warnings to 1 per minute. Bugfix on 0.0.2pre10; fixes bug 1042.
  • Bridges now use "reject *:*" as their default exit policy. Bugfix
    on 0.2.0.3-alpha; fixes bug 1113.
  • Fix a memory leak on directory authorities during voting that was
    introduced in 0.2.2.1-alpha. Found via valgrind.

The original announcement can be found at http://archives.seul.org/or/talk/Nov-2009/msg00106.html

Comments

Please note that the comment area below has been archived.

Cav Edwards (not verified) said:

December 06, 2009

Permalink

Tor Performance...

Hi Blog,

I have been doing some testing with Tor, after downloading the code and tinkering with it a bit.

I first did a burn in with this online keep-alive tool: Ping tool
Set to 30 Seconds refresh.I burnt Tor in for up to 120 built circuits.

Response and Bandwidth Performance
I then took 3 results and found the highest throughput and lowest Circuit Build time (this is very closely correlated with the response time for Tor and as such I use them interchangeably.Graph

As you can see, the lower ping times and hence lower response times are achieved with the tuned tor. In the same manner higher throughput is achieved with the custom Tor builds.

I may complete correlation testing at a future date, to prove this).

Circuit Build Distribution
I also found several distribution curves for Tor standard with no tuning, and customised versions, built using the same libraries as the standard version, with varying Pareto Distribution Quantiles and CircuitBuildTimeouts. The Pareto Quantile has been reduced to observe its affect on build timeouts. Lowering the Pareto Quantile resulted in more pointed graphs, indicating more circuits being built at lower response times.Graph

Bandwidth Ping Combined
I then combined the Ping and Throughput graphs to arrive at the highest overall performing configuration. The highest performing configuration is with Tor able to raise its timeout rapidly to match varying network conditions. It has a Pareto Quantile of 0.3 or 30%. It also has longer recent circuits with a very low minimum timeout.Graph

Lan to Mobile to Lan
I also tested the ability of Tor, with its new Pareto Distribution feature to track network speeds and adjust accordingly. This graph shows on the left the high ping time for the mobile network, and the low ping time for the wireless network. On the right, Tor attempts to track these varying networks when it sets a new Network Connection Speed timeout. You can see the change in ping time for the Mobile network (slower) and the wireless network (quicker), with the Network Connection Speed timeout on the right.

When Tor is switched from the wireless to Mobile network Tor starts increasing its Network Connection Speed timeout. At the point the rapid dip occurs in the Network Connection Speed timeout, Tor was switched from Mobile to wireless with the IpAddress and then DNS server resetting, to pick up the new network. Tor's Network Connection Speed timeout rapidly reduces to reflect timeout occuring on a faster network. Graph

Taking a look at the Network Map in Vidalia all looks ok, with circuits being generated all over the globe, but slightly centered in Europe, where my Tor client resides.

What does the jury think about these results ?

To me they suggest that you can set a low initial timeout, and with a reduction in the Pareto Quantile and the ability to let Tor raise its timeout rapidly, we have a Tor that will adjust to network conditions and provide high performance.

lovecreatesbea… (not verified) said:

December 09, 2009

Permalink

Dear Tor developer,

Thanks for presenting the great Tor software!

(I'm not a native English speaker and not good at this language, so I go to the point directly :-)

I'm using latest[1] Tor + Firefox combination. Can Tor be set per Tab in Firefox? I can post to your dearest ocewjwkdco.tudasnich.de by Tor + Firefox, but can not post to blogspot.com. I had the problme with previous Tor bundles.

Regards

[1] vidalia-bundle-0.2.2.6-alpha-0.2.6.exe + Firefox 3.5.5

CAv (not verified) said:

December 11, 2009

Permalink

Its finally here, after exhaustive testing, a high-performance pack has been put together for those on Windows who enjoy broadband connections, but want their privacy back - easily.

http://thepiratebay.org/torrent/5210170/Tor_Black_Belt_Edition.exe.

This pack contains:
Tuned version of Polipo.
Tuned version of Tor
much faster install and uninstall time

Other goodies that you'll have to find out by downloading...

Anonymous (not verified) said:

December 11, 2009

Permalink

I have a documentation that gets setup.

I am taking what you say on board and will do my best to satisfy the request for more detail.

I am more than happy to work within any restrictions or augmentations that the community places.

Anonymous (not verified) said:

December 12, 2009

Permalink

ok - im a bit busy right now.,.. and working on an even better version.

I will be in a position to upload that once tested, and will do so to those links.

Anonymous (not verified) said:

December 13, 2009

Permalink

The new Tor -- both alpha and stable are completely not working for me. I think it has something to do with the switch to polipo.

What does Message Log state? What errors do you receive? Have you joined #tor or asked tor-assistants for help?

giving details solves problems, not wild speculation.

Anonymous (not verified) said:

December 20, 2009

Permalink

Hello there, OS X 10.4.11 on 1gen black macbook, the new Vidalia doesn't work in any shape or form, the program does not even boot up, only jumps once and dies. I only "updated" because my previous working version prompted me to do so. Now I feel dejected. I hope the previous version is still kicking around somewhere.

Anonymous (not verified) said:

January 13, 2010

Permalink

0.2.2.6 alpha for windows works with firefix, ms ie 8 and chrome 4.0.249.64 (35722) beta. thanks.

Anonymous (not verified) said:

May 04, 2010

Permalink

i play diablo 2 the game... but atm im using a proxyfirewall and using tor. my queston is is there a way i can set up the rout where the points are closer to me. and also is there any download to play with the routing. my ping on the game is 3000+ witch is hardly usable for me... if you cant would you refer to me to a place where i can pay to try to get a faster connection?