The Tor 0.2.7 release series is dedicated to the memory of Tor user and privacy advocate Caspar Bowden (1961-2015). Caspar worked tirelessly to advocate human rights regardless of national borders, and oppose the encroachments of mass surveillance. He opposed national exceptionalism, he brought clarity to legal and policy debates, he understood and predicted the impact of mass surveillance on the world, and he laid the groundwork for resisting it. While serving on the Tor Project's board of directors, he brought us his uncompromising focus on technical excellence in the service of humankind. Caspar was an inimitable force for good and a wonderful friend. He was kind, humorous, generous, gallant, and believed we should protect one another without exception. We honor him here for his ideals, his efforts, and his accomplishments. Please honor his memory with works that would make him proud.

Tor 0.2.7.5 is the first stable release in the Tor 0.2.7 series. It makes no changes beyond those in 0.2.7.4-rc; the summary below lists all changes in the 0.2.7 series.

You can download the source from the usual place on the website.

Packages should be up in a few days.

The 0.2.7 series adds a more secure identity key type for relays, improves cryptography performance, resolves several longstanding hidden-service performance issues, improves controller support for hidden services, and includes small bugfixes and performance improvements throughout the program. This release series also includes more tests than before, and significant simplifications to which parts of Tor invoke which others. For a full list of changes, see below.

Changes in version 0.2.7.5 - 2015-11-20

New system requirements: Tor no longer includes workarounds to support Libevent versions before 1.3e. Libevent 2.0 or later is recommended. Closes ticket 15248. Tor no longer supports copies of OpenSSL that are missing support for Elliptic Curve Cryptography. (We began using ECC when available in 0.2.4.8-alpha, for more safe and efficient key negotiation.) In particular, support for at least one of P256 or P224 is now required, with manual configuration needed if only P224 is available. Resolves ticket 16140. Tor no longer supports versions of OpenSSL before 1.0. (If you are on an operating system that has not upgraded to OpenSSL 1.0 or later, and you compile Tor from source, you will need to install a more recent OpenSSL to link Tor against.) These versions of OpenSSL are still supported by the OpenSSL, but the numerous cryptographic improvements in later OpenSSL releases makes them a clear choice. Resolves ticket 16034.

Major features (controller): Add the ADD_ONION and DEL_ONION commands that allow the creation and management of hidden services via the controller. Closes ticket 6411. New "GETINFO onions/current" and "GETINFO onions/detached" commands to get information about hidden services created via the controller. Part of ticket 6411. New HSFETCH command to launch a request for a hidden service descriptor. Closes ticket 14847. New HSPOST command to upload a hidden service descriptor. Closes ticket 3523. Patch by "DonnchaC".

