Isebe elitsha elizinzileyo leTor 0.4.4.5 ngoku liyafumaneka, yazi ezona nguqulelo zibalulekileyo

Darkcrizt

Imizuzu ye4

Mva nje ukukhutshwa kwenguqulelo entsha ezinzileyo yeTor 0.4.4.5 thaca, isetyenziselwa ukucwangcisa umsebenzi wenethiwekhi engaziwayo yeTor. Itheyibhile engu-0.4.4.5 ithathwa njengenguqulelo yokuqala ezinzileyo yesebe 0.4.4, iguqukile kwiinyanga ezintlanu ezidlulileyo.

Isebe 0.4.4 liya kugcinwa njengenxalenye yomjikelo wolondolozo rhoqo; Ukukhutshwa kohlaziyo kuya kuyekiswa emva kweenyanga ezili-9 (ngoJuni 2021) okanye kwiinyanga ezi-3 emva kokukhutshwa kwesebe le-0.4.5.x.

Ukongeza, umjikelo wenkxaso ende (i-LTS) ikwabonelelwe kwisebe le-0.3.5, uhlaziyo lwayo oluya kukhutshwa kude kube ngu-1 kaFebruwari 2022. Inkxaso ye-0.4.0.x, 0.2.9.x kunye no-0.4.2. Amasebe 0.4.1.x aphelisiwe. Inkxaso yesebe le-20.x liza kwaphulwa ngoMeyi 0.4.3 kunye no-15 ngoFebruwari 2021, XNUMX.

Kulungiselelwe abo bangaziyo ngeprojekthi yeTor (Umzila wamatswele). Le projekthi injongo yayo iphambili kuphuhliso lwenethiwekhi isasazwa nge-latency ephantsi kwaye ibekwe phezulu kwi-intanethi, apho ukuhanjiswa kwemiyalezo phakathi kwabasebenzisi kungabonakalisi ubuni babo, Oko kukuthi, idilesi ye-IP (ukungaziwa kwinqanaba lomnatha womnatha) kwaye, ukongeza, igcina ukuthembeka kunye nemfihlo yolwazi oluhamba ngalo.

Inkqubo yenzelwe uguquko oluyimfuneko ukuze ikwazi ukumilisela uphuculo, isasazwe kwilizwe lokwenyani kwaye inokumelana neentlobo ezahlukeneyo zokuhlaselwa. Nangona kunjalo, inamanqaku abuthathaka kwaye ayinakuthathwa njengenkqubo engenangqondo.

Iimpawu ezintsha eziphambili zeTor 0.4.4.5

Le nguqulo intsha yeTor iza notshintsho kunye nokulungiswa, kuzo sigqamisa ezona zibalulekileyo njenge ukuphucula i-algorithm yokukhetha i-sentinel node, apho ingxaki yokulinganisa umthwalo, kunye nokuphucula imveliso kunye nokhuseleko.

Olunye utshintsho olukhulu, kukuba amandla okulayisha ibhalansi iinkonzo ze-anyanisi zamiliselwa. Kuba inkonzo esekwe kuhlobo lwesithathu lweprotocol ngoku inokusebenza njengokubuyela umva kweOnionBalance, emiselweyo kusetyenziswa uHiddenServiceOnionBalanceInstance ukhetho.

Kuyacaciswa ukuba Uluhlu lweeseva zesikhombisi sokugcina luhlaziyiwe, engakhange ihlaziywe ukusukela kunyaka ophelileyo, kwaye i-105 yeeseva ezili-148 zihlala zisebenza (uluhlu olutsha lubandakanya ukungena okungu-144 okwenziwe ngoJulayi).

Kwiingcingo, kuvunyelwe ukusebenza ngeeseli ze-EXTEND2 ezifumanekayo kuphela kwidilesi ye-IPv6, kunye nokwandiswa kwetyathanga ngaphezulu kwe-IPv6 nayo iyavunyelwa ukuba umxhasi kunye nenkxaso yokudlulisa IPv6.

Ukuba, ngokwandisa imixokelelwane ye-node, iseli inokufikelelwa ngaxeshanye nge-IPv4 kunye ne-IPv6, ke idilesi ye-IPv4 okanye ye-IPv6 ikhethwe ngokungahleliwe. Unxibelelwano olukhoyo lwe-IPv6 lunokwandisa ikhonkco. Ukusetyenziswa kweedilesi zangaphakathi ze-IPv4 kunye ne-IPv6 akuvumelekanga.

Kwakhona wandise inani lekhowudi elinokukhubazeka xa uqala iTor ngaphandle kwenkxaso yokudlulisa.

Ngaphezu koko Ukuphathwa ngokuchanekileyo kweeparameter kukhuseleko lwe-DoS kwinkonzo ye-anyanisi ikhankanyiwe. Ewe, ngaphambili, iiparameter zemvumelwano yenkonzo ye-DoS yokhuseleko ibizakubhala ngaphezulu iiparameter ezibekwe ngumsebenzisi wenkonzo ngeHiddenServiceEnableIntroDoSDefense.

Olunye ulungiso olubalulekileyo lwe-bug yi-bug eyayithathela ingqalelo itrafikhi iyonke kwinkonzo yenethiwekhi ye-Tor ye-anyanisi, ukungahoyi nasiphi na isithuthi esivela kubaxhasi.

ngaphandle koko Iitshaneli ezisebenzisa iinguqulelo eziphelelwe lixesha zokuxhawulana kweTor azisakwazi ukudlula iitshekhi Ubungqina beedilesi. (Lo ngumcimbi nje omncinci, njengoko la majelo engenandlela yokumisela amaqhosha e-ed25519 kwaye ke kufuneka asoloko enqatshwa kwimijikelezo echaza i-ed25519 yesazisi.)

Olunye utshintsho ezibalaseleyo:

  • Abasemagunyeni ngoku bacebisa iinguqulelo zomgaqo-nkqubo ezihambelana neTor 0.3.5 kwaye kamva.
  • Cwangcisa kwakhona inkxaso YOKUGADA ENTSHA / EPHAKAMILEYO / YOLAWULO yeziganeko zezibuko.
  • Yongeza inkxaso ye-IPv6 kwi-tor_addr_is_valid ().
  • Yongeza iimvavanyo zotshintsho olungentla kunye tor_addr_is_null ().
  • Vumela abathengi kunye nokudlulisela ukuthumela i-IPv2 kuphela, istack-stack EXTEND6 iiseli.
  • Vumela iTor ukuba yakhe kumaqonga apho ingazi ukuba inike ingxelo yeyiphi i-syscall ebangele i-Linux seccomp2 sandbox crash.
  • Vumela unlinkat () inkqubo yomnxeba, ethi isetyenziselwe ezinye iLibc ukwenza unlink ().
  • Yongeze i-SocksPort eyandisiweyo yeeMpazamo ezi-3 (F2, F3, F7) ukunika ingxelo yoluhlobo olutsha lokusilela kunxibelelwano lwenkonzo.

Okokugqibela, ukuba ufuna ukwazi ngakumbi ngayo, ungajonga iinkcukacha kwi ukulandela ikhonkco.


Shiya uluvo lwakho

Idilesi yakho ye email aziyi kupapashwa. ezidingekayo ziphawulwe *

*

*

  1. Uxanduva lwedatha: UMiguel Ángel Gatón
  2. Injongo yedatha: Ulawulo lwe-SPAM, ulawulo lwezimvo.
  3. Umthetho: Imvume yakho
  4. Unxibelelwano lwedatha: Idatha ayizukuhanjiswa kubantu besithathu ngaphandle koxanduva lomthetho.
  5. Ukugcinwa kweenkcukacha
  6. Amalungelo: Ngalo naliphi na ixesha unganciphisa, uphinde uphinde ucime ulwazi lwakho.