Tor releases, free software for anonymous communications

Tor releases, free software for anonymous communications

Tor has been released. It introduces improved features for power and bandwidth conservation, more accurate reporting of bootstrap progress for user interfaces, and an experimental backend for an exciting new adaptive padding feature. There is also the usual assortment of bugfixes and minor features, all described below.



  • Major bugfixes (onion service v3):
    • Stop requiring a live consensus for v3 clients and services, and allow a “reasonably live” consensus instead. This allows v3 onion services to work even if the authorities fail to generate a consensus for more than 2 hours in a row. Fixes bug 40237; bugfix on
  • Minor features (crypto):
    • Fix undefined behavior on our Keccak library. The bug only appeared on platforms with 32-byte CPU cache lines (e.g. armv5tel) and would result in wrong digests. Fixes bug 40210; bugfix on Thanks to Bernhard Übelacker, Arnd Bergmann and weasel for diagnosing this.


  • Minor features (documentation):
    • Mention the “!badexit” directive that can appear in an authority’s approved-routers file, and update the description of the “!invalid” directive. Closes ticket 40188.
  • Minor bugfixes (compilation):
    • Fix a compilation warning about unreachable fallthrough annotations when building with “–enable-all-bugs-are-fatal” on some compilers. Fixes bug 40241; bugfix on
    • Fix the “–enable-static-tor” switch to properly set the “-static” compile option onto the tor binary only. Fixes bug 40111; bugfix on
  • Minor bugfixes (config, bridge):
    • Really fix the case where torrc has a missing ClientTransportPlugin but is configured with a Bridge line and UseBridges. Previously, we didn’t look at the managed proxy list and thus would fail for the “exec” case. Fixes bug 40106; bugfix on
  • Minor bugfixes (logging, relay):
    • Log our address as reported by the directory authorities, if none was configured or detected before. Fixes bug 40201; bugfix on
    • When a launching bandwidth testing circuit, don’t incorrectly call it a reachability test, or trigger a “CHECKING_REACHABILITY” control event. Fixes bug 40205; bugfix on
  • Minor bugfixes (relay, statistics):
    • Report the correct connection statistics in our extrainfo documents. Previously there was a problem in the file loading function which would wrongly truncate a state file, causing the wrong information to be reported. Fixes bug 40226; bugfix on
  • Minor bugfixes (SOCKS5):
    • Handle partial SOCKS5 messages correctly. Previously, our code would send an incorrect error message if it got a SOCKS5 request that wasn’t complete. Fixes bug 40190; bugfix on