--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: wheezy-pu: package tor/0.2.4.24-1~deb7u1
- From: Peter Palfrader <weasel@debian.org>
- Date: Tue, 23 Sep 2014 14:47:34 +0200
- Message-id: <20140923124733.GA6756@valiant.palfrader.org>
Package: release.debian.org
Severity: normal
Tags: wheezy
User: release.debian.org@packages.debian.org
Usertags: pu
Hi,
I'd like to update Tor in stable to 0.2.4.24. The current version
in stable-security is 0.2.4.23-1~deb7u1.
This new upstream version fixes an issue when connecting hidden
services, where an IPv4 address is sent in host byte order instead of
network byte order, see [1].
It also updates the IP address of one of the nine or so directory
authorities (whose IP addresses are hard-coded in the source), and it
updates to the most recent geoip database.
The relevant bits of the diff are below. (Updates to version numbers, geoipdb,
and manpage typo fixes dropped. Full diff at [2].)
May I prepare a package for 0.2.4.24, targeting stable, and upload it for the
next point release?
Cheers,
weasel
1 https://bugs.torproject.org/13151
2. https://www.palfrader.org/volatile/2014-09-23-dKeUhwZGS4Y/tor-0.2.4.24.diff
diff --git a/ChangeLog b/ChangeLog
index 18161ed..0270959 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,30 @@
+Changes in version 0.2.4.24 - 2014-09-22
+ Tor 0.2.4.24 fixes a bug that affects consistency and speed when
+ connecting to hidden services, and it updates the location of one of
+ the directory authorities.
+
+ o Major bugfixes:
+ - Clients now send the correct address for their chosen rendezvous
+ point when trying to access a hidden service. They used to send
+ the wrong address, which would still work some of the time because
+ they also sent the identity digest of the rendezvous point, and if
+ the hidden service happened to try connecting to the rendezvous
+ point from a relay that already had a connection open to it,
+ the relay would reuse that connection. Now connections to hidden
+ services should be more robust and faster. Also, this bug meant
+ that clients were leaking to the hidden service whether they were
+ on a little-endian (common) or big-endian (rare) system, which for
+ some users might have reduced their anonymity. Fixes bug 13151;
+ bugfix on 0.2.1.5-alpha.
+
+ o Directory authority changes:
+ - Change IP address for gabelmoo (v3 directory authority).
+
+ o Minor features (geoip):
+ - Update geoip and geoip6 to the August 7 2014 Maxmind GeoLite2
+ Country database.
+
+
Changes in version 0.2.4.23 - 2014-07-28
Tor 0.2.4.23 brings us a big step closer to slowing down the risk from
guard rotation, and also backports several important fixes from the
diff --git a/src/or/config.c b/src/or/config.c
index 1de9187..919dd27 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -801,7 +801,7 @@ add_default_trusted_dir_authorities(dirinfo_type_t type)
"76.73.17.194:9030 F397 038A DC51 3361 35E7 B80B D99C A384 4360 292B",
"gabelmoo orport=443 no-v2 "
"v3ident=ED03BB616EB2F60BEC80151114BB25CEF515B226 "
- "212.112.245.170:80 F204 4413 DAC2 E02E 3D6B CF47 35A1 9BCA 1DE9 7281",
+ "131.188.40.189:80 F204 4413 DAC2 E02E 3D6B CF47 35A1 9BCA 1DE9 7281",
"dannenberg orport=443 no-v2 "
"v3ident=585769C78764D58426B8B52B6651A5A71137189A "
"193.23.244.244:80 7BE6 83E6 5D48 1413 21C5 ED92 F075 C553 64AC 7123",
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index bb4bd9b..7abbfd6 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -269,7 +269,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
extend_info_t *extend_info = rendcirc->build_state->chosen_exit;
int klen;
/* nul pads */
- set_uint32(tmp+v3_shift+1, tor_addr_to_ipv4h(&extend_info->addr));
+ set_uint32(tmp+v3_shift+1, tor_addr_to_ipv4n(&extend_info->addr));
set_uint16(tmp+v3_shift+5, htons(extend_info->port));
memcpy(tmp+v3_shift+7, extend_info->identity_digest, DIGEST_LEN);
klen = crypto_pk_asn1_encode(extend_info->onion_key,
--- End Message ---