May 26th, 2012· corrected: a wrong timestamp verification prevented new introduction circuits from being built when accessing hidden services
· corrected: when calculating circuit build times, time() was used instead of get_time()
· address lengths in proxy requests are no longer limited to 256 bytes
· the list with directory authorities is no longer limited to 65536 bytes
· the list with banned hosts is no longer limited to 65536 bytes
· address policies are stored as a hash table instead of keeping the hash table separately
· all memory allocations are handled by tor_malloc() and tor_free() which checks for buffer overflows when freeing allocated memory
· all assertion failures are handled by tor_assert() which allows a crash report to be saved
· the exception handler can also save a list with all buffers allocated by tor_malloc()
May 8th, 2012· updated libraries: libevent-2.0.19-stable, openssl-1.0.1b
· geoip_c.h was updated with GeoIPCountryWhois.csv released on May 1st
April 30th, 2012· chunk sizes and content lengths are now 64-bit; AdvOR now supports downloading/uploading files larger than 2 GB
· added more verifications for negative chunk sizes and content lengths
April 30th, 2012· corrected: integer overflow when parsing an invalid chunk size in server data
· updated language strings: 3204
April 30th, 2012· corrected: integer overflow when parsing an invalid chunk size received from client
· updated language strings: 3203
April 30th, 2012· corrected: possible buffer overflow when writing cookies
· if StackWalk64() is available, it will be used instead of StackWalk() when saving crash reports
April 30th, 2012· added an exception handler that can save a full stack backtrace to help reporting crashes (seh.c)
· new command line parameter: --no-seh which disables the built-in exception handler
· geoip_c.h was updated with GeoIPCountryWhois.csv released on April 3rd
· updated language strings: 46
April 30th, 2012· corrected: timeradd() and timersub() used wrong operands for updating microseconds (bugfix for AdvOR and Tor, all versions)
· corrected: buffer overflow when loading language files for plugins
· geoip_c.h was updated with GeoIPCountryWhois.csv released on February 2nd
December 21st, 2011· corrected a change from version 0.3.0.6 in tor_addr_port_parse() that caused it to return errors when parsing proxy IP addresses
· improved the search algorithm for addresses that are added to the context menus related to strings selected in the "Debug" window
· all router selection dialogs will show bandwidth capacities instead of bandwidth rates for routers that are not banned
· the lists with favorite routers and with banned routers are no longer limited to 65536 characters
· added instructions for using TorChat with AdvOR and configuration samples to AdvOR\Help\TorChat (readme.txt, AdvOR.ini and torrc.txt)
December 17th, 2011Changes:
· [tor-0.2.2.35] (this change was not applied because AdvOR already had a better fix since 0.3.0.4b) Fix a heap overflow bug that could occur when trying to pull data into the first chunk of a buffer, when that chunk had already had some data drained from it. Fixes CVE-2011-2778; bugfix on 0.2.0.16-alpha. Reported by "Vektor".
· [tor-0.2.2.35] Initialize Libevent with the EVENT_BASE_FLAG_NOLOCK flag enabled, so that it doesn't attempt to allocate a socketpair. This could cause some problems on Windows systems with overzealous firewalls. Fix for bug 4457; workaround for Libevent versions 2.0.1-alpha through 2.0.15-stable.
· [tor-0.2.2.35] If we mark an OR connection for close based on a cell we process, don't process any further cells on it. We already avoid further reads on marked-for-close connections, but now we also discard the cells we'd already read. Fixes bug 4299; bugfix on 0.2.0.10-alpha, which was the first version where we might mark a connection for close based on processing a cell on it.
· [tor-0.2.2.35] Correctly sanity-check that we don't underflow on a memory allocation (and then assert) for hidden service introduction point decryption. Bug discovered by Dan Rosenberg. Fixes bug 4410; bugfix on 0.2.1.5-alpha.
· [tor-0.2.2.35] Fix a memory leak when we check whether a hidden service descriptor has any usable introduction points left. Fixes bug 4424. Bugfix on 0.2.2.25-alpha.
· [tor-0.2.2.35] Detect failure to initialize Libevent. This fix provides better detection for future instances of bug 4457.
· [tor-0.2.2.35] Avoid frequent calls to the fairly expensive cull_wedged_cpuworkers function. This was eating up hideously large amounts of time on some busy servers. Fixes bug 4518; bugfix on 0.0.9.8.
· [tor-0.2.2.35] Resolve an integer overflow bug in smartlist_ensure_capacity(). Fixes bug 4230; bugfix on Tor 0.1.0.1-rc. Based on a patch by Mansour Moufid.
· [tor-0.2.2.35] When configuring, starting, or stopping an NT service, stop immediately after the service configuration attempt has succeeded or failed. Fixes bug 3963; bugfix on 0.2.0.7-alpha.
· [tor-0.2.2.35] When sending a NETINFO cell, include the original address received for the other side, not its canonical address. Found by "troll_un"; fixes bug 4349; bugfix on 0.2.0.10-alpha.
· [tor-0.2.2.35] Fix a memory leak in launch_direct_bridge_descriptor_fetch() that occurred when a client tried to fetch a descriptor for a bridge in ExcludeNodes. Fixes bug 4383; bugfix on 0.2.2.25-alpha.
· [tor-0.2.2.35] If we had ever tried to call tor_addr_to_str on an address of unknown type, we would have done a strdup on an uninitialized buffer. Now we won't. Fixes bug 4529; bugfix on 0.2.1.3-alpha. Reported by "troll_un".
· [tor-0.2.2.35] Correctly detect and handle transient lookup failures from tor_addr_lookup. Fixes bug 4530; bugfix on 0.2.1.5-alpha. Reported by "troll_un".
· [tor-0.2.2.35] Fix null-pointer access that could occur if TLS allocation failed. Fixes bug 4531; bugfix on 0.2.0.20-rc. Found by "troll_un".
· [tor-0.2.2.35] Use tor_socket_t type for listener argument to accept(). Fixes bug 4535; bugfix on 0.2.2.28-beta. Found by "troll_un".
· [tor-0.2.2.35] Add two new config options for directory authorities: AuthDirFastGuarantee sets a bandwidth threshold for guaranteeing the Fast flag, and AuthDirGuardBWGuarantee sets a bandwidth threshold that is always sufficient to satisfy the bandwidth requirement for the Guard flag. Now it will be easier for researchers to simulate Tor networks with different values. Resolves ticket 4484.
· corrected: the OR port was set while initializing keys
· updated language strings: 3201, 3202
December 16th, 2011Changes:
· corrected: when the option to reject .exitname.exit hostnames was enabled, addresses that were mapped to exit nodes were also rejected (thanks to DavidWakelin for reporting this problem)
· when the circuit path length is set to 1, the option "Do not use the public key step for the entry node" will be disabled
· new configuration options: CorporateProxy, CorporateProxyDomain, CorporateProxyAuthenticator and CorporateProxyProtocol (supported protocols: NTLM)
· added support for NTLM proxies (libntlm 1.3)
· new options on the "Bypass ISP filtering" page: "Always use this NTLM proxy" (CorporateProxy, CorporateProxyProtocol), "workstation@domain" (CorporateProxyDomain), "Account (username:password)" (CorporateProxyAuthenticator)
· the NTLM proxy can be chained with ORProxy and/or DirProxy if needed; when enabled, the NTLM proxy is always the first proxy of a proxy chain
· updated language strings: 3191, 3192, 3193, 3194, 3195, 3196, 3197, 3198, 3199, 3200
December 16th, 2011Changes:
· corrected: buffer overflow when repacking the first chunk of a buf_t buffer (bugfix for AdvOR and Tor, all versions)
December 16th, 2011Changes:
· the option "Allow invalid certification authorities from certificates for bridges.torproject.org" was removed; on error, a message box will ask if the download should be retried ignoring unrecognized CA's
· the options TunnelDirConns (BOOL) and PreferTunneledDirConns (BOOL) were merged as TunnelDirConns (UINT)
· all procedures that handle proxy requests for OR and directory connections were moved to connection_proxy.c
· the options HttpsProxy, HttpsProxyAuthenticator, Socks4Proxy, Socks5Proxy, Socks5ProxyUsername and Socks5ProxyPassword were merged as ORProxy, ORProxyAuthenticator and ORProxyProtocol (supported protocols: HTTPS, Socks4 and Socks5)
· added support for HTTPS, Socks4 and Socks5 proxies for HTTP directory connections
· the options HttpProxy and HttpProxyAuthenticator were replaced with DirProxy, DirProxyAuthenticator and DirProxyProtocol (supported protocols: HTTP, HTTPS, Socks4 and Socks5)
· updated language strings: 656, 2540, 2541, 2542, 2875, 2991, 2992, 2993, 2994, 2995, 2996, 2998, 3031, 3190
· the instructions for making a "Tor browser" with Firefox and the AdvOR.ini sample for Firefox were updated to work with the latest "Tor Browser" package from torproject.org (tor-browser-2.2.34-3_en-US.exe)
· geoip_c.h was updated with GeoIPCountryWhois.csv released on December 7th
December 6th, 2011· corrected: when a duplicate router was found the plugins were notified with a structure that was already freed
· corrected: error loading hidden service keys
December 4th, 2011· corrected: when the options to reject hosts ending with ".exitname.exit" or ".onion" were enabled, the suffix was searched from a wrong position
November 21st, 2011· a value of 0 for circuit build timeout / expiration time will cause the circuit to never expire
· when downloading the network-status consensus, a failure to download from a directory server will cause a new download attempt from another directory server immediately if bootstrap_status is less than 80
November 21st, 2011· all files were updated with changes from tor-0.2.2.34 relative to tor-0.2.1.30; all changes were corrected to remove goto's and some bugs were fixed; all file I/Operations were modified to support UNICODE paths; latest versionsf Tor consider excluded nodes a banlist if "StrictNodes" is set - however, AdvOR already considered excluded nodes a "strict" banlist since 0.1.0.x, so "StrictNodes" is usednly for favorites
· [tor-0.2.2.34] new configurationptions: AllowDotExit, CellStatistics, LearnCircuitBuildTimeout, CircuitStreamTimeout, CircuitPriorityHalflife, ClientRejectInternalAddresses, ConsensusParams, ControlPortFileGroupReadable, ControlPortWriteToFile, ControlSocketsGroupWritable, DirReqStatistics, DisableAllSwap, EntryStatistics, ExitPortStatistics, ExtraInfoStatistics, FetchDirInfoExtraEarly, FetchV2Networkstatus, GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays, Socks4Proxy, Socks5Proxy, Socks5ProxyUsername, Socks5ProxyPassword, PerConnBWBurst, PerConnBWRate, RefuseUnknownExits, V3BandwidthsFile, __OwningControllerProcess, VoteOnHidServDirectoriesV2, _UsingTestNetworkDefaults, MinUptimeHidServDirectoryV2, AccountingSecondsToReachSoftLimit, AccountingSoftLimitHitAt, AccountingBytesAtSoftLimit
· [tor-0.2.2.34] new state settings: BWHistoryReadMaxima, BWHistoryWriteMaxima, BWHistoryDirReadEnds, BWHistoryDirReadInterval, BWHistoryDirReadValues, BWHistoryDirReadMaxima, BWHistoryDirWriteEnds, BWHistoryDirWriteInterval, BWHistoryDirWriteValues, BWHistoryDirWriteMaxima, TotalBuildTimes, CircuitBuildAbandonedCount, CircuitBuildTimeBin, BuildtimeHistogram
· [tor-0.2.2.34] configurationptions that were removed: DirRecordUsageByCountry, DirRecordUsageGranularity, DirRecordUsageRetainIPs, DirRecordUsageSaveInterval, HSAuthorityRecordStats, RunTesting
· [tor-0.2.2.34] the limits for HttpProxyAuthenticator and HttpsProxyAuthenticator were changed from 48 characters to 512 characters
· updated libraries: libevent-2.0.16-stable,penssl-1.0.0e
· geoip_c.h was updated with GeoIPCountryWhois.csv releasedn November 1st
· updated language strings: 190, 191, 192, 230, 256, 270, 503, 504, 507, 608, 615, 616, 617, 618, 619, 620, 637, 639, 705, 1003, 1058, 1172, 1188, 1203, 1238, 1239, 1240, 1300, 1310, 1658, 1807, 1994, 2931, 2932, 2933, 2934, 2935, 2936, 2937, 2938, 2939, 2940, 2941, 2942, 2943, 2944, 2945, 2946, 2947, 2948, 2949, 2950, 2951, 2952, 2953, 2954, 2955, 2956, 2957, 2958, 2959, 2960, 2961, 2962, 2963, 2964, 2965, 2966, 2967, 2968, 2969, 2970, 2971, 2972, 2973, 2974, 2975, 2976, 2977, 2978, 2979, 2980, 2981, 2982, 2983, 2984, 2985, 2986, 2987, 2988, 2989, 2990, 2991, 2992, 2993, 2994, 2995, 2996, 2997, 2998, 2999, 3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007, 3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015, 3016, 3017, 3018, 3019, 3020, 3021, 3022, 3023, 3024, 3025, 3026, 3027, 3028, 3029, 3030, 3031, 3032, 3033, 3034, 3035, 3036, 3037, 3038, 3039, 3040, 3041, 3042, 3043, 3044, 3045, 3046, 3047, 3048, 3049, 3050, 3051, 3052, 3053, 3054, 3055, 3056, 3057, 3058, 3059, 3060, 3061, 3062, 3063, 3064, 3065, 3066, 3067, 3068, 3069, 3070, 3071, 3072, 3073, 3074, 3075, 3076, 3077, 3078, 3079, 3080, 3081, 3082, 3083, 3084, 3085, 3086, 3087, 3088, 3089, 3090, 3091, 3092, 3093, 3094, 3095, 3096, 3097, 3098, 3099, 3100, 3101, 3102, 3103, 3104, 3105, 3106, 3107, 3108, 3109, 3110, 3111, 3112, 3113, 3114, 3115, 3116, 3117, 3118, 3119, 3120, 3121, 3122, 3123, 3124, 3125, 3126, 3127, 3128, 3129, 3130, 3131, 3132, 3133, 3134, 3135, 3136, 3137, 3138, 3139, 3140, 3141, 3142, 3143, 3144, 3145, 3146, 3147, 3148, 3149, 3150, 3151, 3152, 3153, 3154, 3155, 3156, 3157, 3158, 3159, 3160, 3161, 3162, 3163, 3164, 3165, 3166, 3167, 3168, 3169, 3170, 3171, 3172, 3173, 3174, 3175, 3176, 3177, 3178, 3179, 3180
August 29th, 2011· corrected: a negative status was assigned to an unsigned variable in proxy_handle_client_data()
August 29th, 2011· corrected: invalid pointer access if headers with different line terminators were received from a client in one request
· corrected: when a web redirect was sent as a response for a request on a connection that was already associated with a different host the client was expected to close the connection causing some clients to wait indefinitely for the remote connection to be closed
· the directory Tor-info was renamed to "Help" and the file tor-manual.html was removed; all text files related to the OR protocol were moved to Help\Tor
· added a help file with explanations for all GUI settings and commands ("Help\AdvOR.html", "Help\Img")
· geoip_c.h was updated with GeoIPCountryWhois.csv released on August 4th
August 29th, 2011· HTTP servers that don't send any information about the length of the message they return for statuses that allow/require an entity to be returned are assumed to close the connection after sending the response
August 29th, 2011· corrected: when processing server data, a wrong buffer size could had been returned to _connection_write_to_buf_impl()
· corrected: the capitalization for rewritten uTorrent HTTP headers did not match uTorrent's capitalization
August 29th, 2011· corrected the resize_info structure for the main dialog to make more room for child dialogs
· uTorrent is now autodetected and its headers are re-generated as uTorrent headers
· added uTorrent version pairs that are used to generate identity-dependent major browser versions when uTorrent is detected
· added: new browser type on the "HTTP headers" page: "Mask a BitTorrent client as uTorrent" which can be used with BitTorrent clients that are not supported yet
· updated language strings: 2930
July 23rd, 2011· new page: "HTTP headers" with options related to changing HTTP headers and showing HTTP requests and replies with or without full headers (LOG_NOTICE for headers, LOG_INFO for full HTTP traffic, original and adjusted)
· setting a public proxy in a client and intercepting it will cause AdvOR to chain the OR exit with that proxy (to bypass Tor blacklists)
· if proxy chains are detected, all requests for all proxies are rewritten to apply all configured restrictions for each proxy in a chain
· if Opera Turbo traffic is detected in a proxy chain, Opera's unique identifier and the screen resolution that are sent to the Opera Turbo servers are replaced with identity-dependent random values
· added support for keep-alive HTTP connections
· added support for chunked HTTP transfers
· added support for multipart HTTP content types
· added support for identity-dependent fake HTTP headers with custom user-agent, regional settings, fake extensions, fake OS, etc.; can generate fake headers to mask a web browser as Chrome, Firefox, Internet Explorer, Opera, Safari, Bing bot, Googlebot, Yahoo! bot and Yandex bot
· added options to show original and adjusted HTTP headers in Debug (LOG_INFO for full headers, LOG_NOTICE for requests)
· all HTTP cookies that are received during an identity session are cached; the cookie cache is cleared when changing identities; all cookies that are not found in cache are filtered from HTTP requests
· corrected: cookie lines were not always separated by new lines (thanks to Rex for reporting this error)
· all dialogs that display a message show the message in an edit control with a vertical scroll bar (requested by TT)
· when an application sends an HTTP request to a connection that is already attached to a circuit for a different host, HTTP status 302 is returned to cause the application to create a new connection for that request
· corrected: when the option to select a random user-agent using identity seeds is enabled, the browser type "unknown" is no longer selected (AdvOR 0.3.0.1 test 3)
· added probabilities for all languages from all countries to increase chances of national languages being generated more often than languages spoken by minorities
· fake IE extensions are generated using better frequencies taken from more header samples
· the generators for fake HTTP headers for Chrome, Firefox, Opera and Safari were improved with more version pairs using HTTP header samples from http://useragentstring.com
· the header "X-Requested-With" is no longer removed when the option to remove unknown headers is enabled
· new option on the "Private Identity" page: "Disallow cookies used with previous identities"; if this option is enabled AdvOR itself will cache all cookies and expire them when the identity is changed; cookies that are not found in cache are removed from all requests
· when the option to show full request headers is enabled, all HTTP traffic, including POST data, is logged if the log level is greater than "[6] Proxy"
· corrected: some settings from the "HTTP headers" page were not saved to AdvOR.ini (thanks to Rex for reporting this problem) (AdvOR 0.3.0.1 test 5)
· added restrictions for minimum widths and heights for all child dialogs
· added scroll bars for all child dialogs that are resized to dimensions smaller than minimum accepted values (requested by TT)
· the Blacklist plugin was updated to add support for scroll bars
· geoip_c.h was updated with GeoIPCountryWhois.csv released on July 5th
· updated language strings: 2896, 2897, 2898, 2899, 2900, 2901, 2902, 2903, 2904, 2905, 2906, 2907, 2908, 2909, 2910, 2911, 2912, 2913, 2914, 2915, 2916, 2917, 2918, 2919, 2920, 2921, 2922, 2923, 2924, 2925, 2926, 2927, 2928, 2929
July 4th, 2011· corrected: the parameter "--verify-lng" expected a language name instead of a language file name; now both are accepted
· corrected: the selection "No exit" was shown as an invalid exit in window title and in the Debug window
· if the option "Always on top" is enabled, popup message boxes are created with the MB_TOPMOST style
· new functions for plugins: lang_get_string(), lang_change_dialog_strings() and a new event for plugins: AdvTor_LanguageChange()
· the Blacklist plugin is updated to version 1.02 with multi-language support; added an example language file Blacklist-English.lng
· when hibernation mode is enabled, all connection requests from all intercepted processes are rejected and logged
· the list with child dialogs was replaced with a tree view
· some options from the "Proxy" page were moved to 2 different new pages: "Banned addresses" and "Advanced proxy settings"
· the lists with banned routers and favorite routers were moved to 2 separate pages
· tracked hosts and address maps were moved to a separate page
· new page: "Private identity" with options related to changes that happen when changing identities
· added an editor for QuickStart menus
· when a process is not allowed to get the real local time, AdvOR.dll also intercepts FindFirstFileW and FindNextFileW to adjust file times
· added support for deleting Flash cookies, history, website personalizations and cache when changing identities
· added support for deleting cookies saved by Internet Explorer, Chrome, Safari, Opera and Firefox when changing identities; cookie deletion procedures attempt to invoke browser API's via remote threads
· geoip_c.h was updated with GeoIPCountryWhois.csv released on June 2nd
· the procedure that downloads bridges was rewritten to work with invalid certificates received
· when disabling http/https proxies from the "Authorities" dialog, proxy addresses are no longer removed from configuration
· corrected: the function tor_malloc() was replaced with GlobalAlloc() which is thread-safe in procedures that convert UTF-8 language strings for GUI items
· new option on the "Bypass ISP filtering" page: "Allow invalid certification authorities for bridges.torproject.org" (default is disabled for security reasons; downloading the list of bridges fails when this option is disabled if Internet Explorer can't verify the certificate up to a trusted authority - when using WinInet functions for IE 6 on Windows XP SP2/3)
· if the language strings 0 and/or 1248 contain links to torproject.org they are removed because some translations say torproject.org is the official website for AdvOR (complaints were received from torproject.org that some users ask them about AdvTor/AdvOR problems instead of using our forums)
· corrected: buffer overflow in plugin_load_lng()
· corrected: UNICODE language files were not converted to UTF-8
· the resource file was updated to include the option "Allow invalid certification authorities from certificates for bridges.torproject.org"
· updated language strings: 1, 36, 50, 54, 59, 61, 97, 109, 110, 115, 117, 128, 130, 143, 144, 2677, 2799, 2800, 2801, 2802, 2803, 2804, 2805, 2806, 2807, 2808, 2809, 2810, 2811, 2812, 2813, 2814, 2815, 2816, 2817, 2818, 2819, 2820, 2821, 2822, 2823, 2824, 2825, 2826, 2827, 2828, 2829, 2830, 2831, 2832, 2833, 2834, 2835, 2836, 2837, 2838, 2839, 2840, 2841, 2842, 2843, 2844, 2845, 2846, 2847, 2848, 2849, 2850, 2851, 2852, 2853, 2854, 2855, 2856, 2857, 2858, 2859, 2860, 2861, 2862, 2863, 2864, 2865, 2866, 2867, 2868, 2869, 2870, 2871, 2872, 2873, 2874, 2875
· added mamont's changes to AdvOR-english.lng for special GUI effects (updated language strings: 47, 53, 57, 59, 60, 62, 1248, 2804, 2805, 2817)
May 7th, 2011· corrected: when an UNICODE language file was loaded, list view subitems for hidden services and plugins were not updated
· corrected: since language files were loaded using read_file_to_str(), language files were opened in text mode and had CRLF (\r\n) converted to LF (\n), which caused multi-line debug messages to be converted to single-line messages
· the restriction for minimum circuit bandwidth rate now uses BandwidthCapacity instead of BandwidthRate (it uses what the router is known to handle instead of what the router reported it can handle)
· the window title will show "Disconnected" when disconnecting from the OR network (suggested by TT)
· new option for circuit context menus on the "Network information" page: "Priority", which is used when deciding which circuits to use for a new client connection when more circuits with different priorities exist; low priority circuits are used only when no higher priority circuits are available
· new option for circuit context menus on the "Network information" page: "Availability" which can be used to change expiration times or to prevent a manually built circuit from expiring (the default expiration time can be changed from the "Circuit build" page)
· new option on the "System" page: "Encrypt all settings using AES"; if this option is enabled, all configuration files are gzipped and encrypted using a password or a key file and saved to AdvOR.dat, original configuration files are deleted; to revert the encryption and to save plain-text configuration files, after a successfull login, the encryption can be disabled from the System dialog
· new functions for plugins: tor_malloc(), tor_free(), safe_malloc(), safe_free() (the "safe" functions attempt to allocate memory that is not cached to the Windows swap file)
· new functions for plugins: write_protected_file(), append_to_protected_file(), read_protected_file(), protected_file_exists(); if encrypting configuration files is enabled, "protected files" are gzipped and encrypted and saved to AdvOR.dat
· an example plugin (C) that uses protected file operations was included in the source code archive - Notes.dll (a simple text editor which saves a text file to AdvOR.dat when encryption is enabled, and "AdvOR--notes.txt" when encryption is disabled)
· an example plugin (asm) that uses AdvTor_HandleRead() was included in the source code archive - ShowURL.dll (a plugin that shows the complete URLs used with HTTP proxy requests)
· new functions for plugins: tor_gzip_compress(), tor_gzip_uncompress(), tor_zlib_new(), tor_zlib_process(), tor_zlib_free(), detect_compression_method()
· the plugin Blacklist.dll can now download and uncompress gzipped blacklists
· updated language strings: 2777, 2778, 2779, 2780, 2781, 2782, 2783, 2784, 2785, 2786, 2787, 2788, 2789, 2790, 2791, 2792, 2793, 2794, 2795, 2796, 2797, 2798
April 26th, 2011· corrected: if an invalid hostname was requested, the connection state was not set (thanks to RoLex for reporting this error)
· the function CreateNewProcess() returns a process handle for the process that was created
· new configuration option: SynchronizeExit which can have QuickStart menu items as parameters, to start applications and to wait for them to terminate, then exit, or to exit when any of the SynchronizeExit applications exits, also terminating all intercepted processes (for situations where AdvOR is only needed for one application)
· added instructions on how to use the Tor Browser bundle from torproject.org with AdvOR and a sample AdvOR.ini to AdvOR\Tor-info\Firefox (readme.txt and AdvOR.ini).
· added instructions on how to use Opera as a portable "Tor Browser" and a sample AdvOR.ini to AdvOR\Tor-info\Opera (readme.txt and AdvOR.ini).
April 26th, 2011· corrected: when the option to verify AS paths was enabled, the option to avoid using nodes from same countries was no longer used
· all file I/O operations were moved to file_io.c
· all stdio file operations were replaced with Win32 UNICODE-enabled API; AdvOR can now open files that have non-ANSI characters in their file names or in their paths
· all process interception functions were modified to support UNICODE process names, module names and UNICODE file names / paths
· all AdvOR files can be renamed to file names that have non-ANSI characters (the "AdvOR" prefix can be replaced with any UNICODE prefix)
· new command line parameter: --read-only which prevents modifying / saving configuration files (if AdvOR is running from a read-only or write-protected location)
· when the read-only mode is enabled, the options to save settings and to save logs are disabled and all file operations are emulated
· geoip_c.h was updated with GeoIPCountryWhois.csv released on April 3rd
· updated language strings: 0046
April 13th, 2011· corrected: AdvOR.dll was checking for the old signature "AdvTor" instead of "AdvOR" when releasing intercepted processes
· corrected: the options to avoid using in same circuit nodes from same subnets and countries are no longer disabled when enabling the option to avoid AS path intersections
· the code was restructured to get rid of all goto's inherited from Tor; some functions were optimized and some memory leaks were corrected
· directory servers running AdvOR no longer accept requests for "/tor/bytes.txt", "/tor/mallinfo.txt" and "/tor/dbg-stability.txt" ; requests for them will result in 404 errors
· new configuation option: Confirmations; currently it is used to configure confirmation dialogs that are shown at exit and when closing non-proxy connections of an intercepted process
· when changing the identity, more information is shown about the new identity when possible
· the option "Circuit timeout when exiting program" was moved from the Circuit Build page to the "Become a Server" page as "Circuit timeout when entering hibernation"; this made room for a new option,
· new configuration option: CircuitBandwidthRate (default is disabled), which is used to configure the minimum required bandwidth rate for circuits
· new option on the Circuit Build page: "Minimum circuit bandwidth rate"; if this option is enabled, all circuits will be built with routers that have the minimum required bandwidth rate
· updated language strings: 123, 2690, 2767, 2768, 2769, 2770, 2771, 2772, 2773, 2774, 2775, 2776
April 13th, 2011· added: new parameter for connection_t structures, timestamp_lastcircuit, which must be greater than get_time()-MIN_CIRCUIT_PER_CONNECTION_TIME (default is 2 seconds); this verification prevents routers with fake policies from causing too many circuits for same connection to be build in a small period of time
· AS paths for all routers are shown on the Network Information page when selecting a router from the circuit tree
· estimated AS paths and AS path intersections for circuits are shown on the Network Information page when selecting a circuit from the circuit tree
· new option on the Router Restrictions page: "Estimate AS paths and avoid AS path intersections" to solve some of the problems described at http://blog.torproject.org/blog/research-problem-measuring-safety-tor-network
· if the options to use consecutive exits from the exit list and to avoid AS path intersections are enabled and no circuit can be built without AS path intersections, another exit is selected
· new functions for plugins: as_from_ip (2.34), get_as_paths (2.35) and is_as_path_safe (2.36)
· updated language strings: 2582, 2764, 2765, 2766
· the project was renamed from "Advanced TOR" to "Advanced Onion Router" (requested by torproject.org)
· updated language strings: 1, 14, 19, 40, 45, 54, 62, 68, 85, 97, 221, 222, 223, 935, 1246, 1247, 1248, 2511, 2515, 2529, 2671, 2688, 2689, 2692, 2718, 2740, 2762
April 13th, 2011· [tor-0.2.1.30] Stop sending a CLOCK_SKEW controller status event whenever we fetch directory information from a relay that has a wrong clock. Instead, only inform the controller when it's a trusted authority that claims our clock is wrong. Bugfix on 0.1.2.6-alpha; fixes the rest of bug 1074.
· tor-0.2.1.30] Fix a bounds-checking error that could allow an attacker to remotely crash a directory authority. Bugfix on 0.2.1.5-alpha. Found by "piebeer".
· [tor-0.2.1.30] If relays set RelayBandwidthBurst but not RelayBandwidthRate, Tor would ignore their RelayBandwidthBurst setting, potentially using more bandwidth than expected. Bugfix on 0.2.0.1-alpha. Reported by Paul Wouters. Fixes bug 2470.
· [tor-0.2.1.30] Adjust our TLS Diffie-Hellman parameters to match those used by Apache's mod_ssl.
· [tor-0.2.1.30] Check for and reject overly long directory certificates and directory tokens before they have a chance to hit any assertions. Bugfix on 0.2.1.28. Found by "doorss".
· [tor-0.2.1.30] Bring the logic that gathers routerinfos and assesses the acceptability of circuits into line. This prevents a Tor OP from getting locked in a cycle of choosing its local OR as an exit for a path (due to a .exit request) and then rejecting the circuit because its OR is not listed yet. It also prevents Tor clients from using an OR running in the same instance as an exit (due to a .exit request) if the OR does not meet the same requirements expected of an OR running elsewhere. Fixes bug 1859; bugfix on 0.1.0.1-rc.
· geoip_c.h was updated with GeoIPCountryWhois.csv released on March 2nd
· updated language strings: 2763
April 13th, 2011· the list with filtered debug strings was moved from "System" to "Debug"
· new configuration options: HotkeyRestore (default is Win+Ctrl+T, disabled), HotkeyNewIdentity (default is Win+N, disabled), HotkeyIntercept(default is Win+Ctrl+I, disabled), HotkeyRelease (default is Win+Ctrl+R, disabled)) (requested by jimjum)
· settings related to hot keys were added to the System dialog ("Hide / restore Advanced TOR window", "New identity", "Intercept focused application", "Release focused application")
· added: new option on exit node selection dialog: "Exit selection algorithm uses consecutive displayed nodes from this list", which updates IdentityFlags (disabled by default); this option affects chosen exits; if this option is enabled, AdvTor will always use a fixed exit that is changed only when choosing a new identity (requested by jimjum)
· the blacklist plugin no longer shows a warning if it cannot load blacklist.txt (the log level was changed from LOG_WARN to LOG_INFO)
· updated language strings: 2737, 2738, 2739, 2740, 2741, 2742, 2743, 2744, 2745, 2746, 2747, 2748, 2749, 2750, 2751, 2752, 2753, 2754, 2755, 2756, 2757, 2758, 2759, 2760, 2761, 2762
April 13th, 2011· corrected: if all options related to publishing router descriptor were disabled, the dialog initialization procedure for the "Become a Server" dialog was initializing publishing options from a null pointer (thanks to jimjum for reporting this error)
· corrected: if no name servers can be found when connecting to Tor network and Server mode is enabled, name servers will be configured at a later time (thanks to jimjum for reporting this error)
· corrected: the function retry_all_listeners() was called while initializing dialog controls for the "Become a Server" dialog (thanks to jimjum for reporting this error)
· corrected: changes from the "Become a Server" dialog that have non-reentrant calls to user32 and winsock32 functions are applied by run_scheduled_events() instead of being applied directly (thanks to jimjum for reporting this error)
· corrected: the list with server descriptor settings was not re-initialized after clearing it (thanks to jimjum for reporting this error)
· corrected: if no memory is allocated for packed_cell_t objects, statistics for cell pool memory usage are no longer logged
· when best time delta is changed, timestamps for all existing connections are adjusted to be relative to current fake local time
· the bandwith rate for banned routers is no longer shown in router selection dialogs
· if the router list is sorted, all routers that are banned are sorted at the bottom of the list
· if the router list is sorted and a router is selected, the list will be scrolled to place it in the center of the visible area
· if Tor is started, "Start Tor" becomes "Stop Tor" (requested by TT)
· new configuration option: WindowPos, which is used to store the size and position of the main dialog; this option is used only if it describes a window that has no parts outside the visible area of the screen (requested by TT)
· directory connections now have an exclusivity key EXCLUSIVITY_DIRCONN and internal connections have EXCLUSIVITY_INTERNAL
· plugins are not allowed to set EXCLUSIVITY_DIRCONN or EXCLUSIVITY_INTERNAL for accepted client connections (the connection will be closed)
· geoip_c.h was updated with GeoIPCountryWhois.csv released on February 1st
· updated language strings: 19, 1468, 2671, 2736
January 23rd, 2011· [tor-0.2.1.29] Fix a heap overflow bug where an adversary could cause heap corruption. This bug probably allows remote code execution attacks. Reported by "debuger". Fixes CVE-2011-0427. Bugfix on 0.1.2.10-rc.
· [tor-0.2.1.29] Prevent a denial-of-service attack by disallowing any zlib-compressed data whose compression factor is implausibly high. Fixes part of bug 2324; reported by "doorss".
· [tor-0.2.1.29] Zero out a few more keys in memory before freeing them. Fixes bug 2384 and part of bug 2385. These key instances found by "cypherpunks", based on Andrew Case's report about being able to find sensitive data in Tor's memory space if you have enough permissions. Bugfix on 0.0.2pre9.
· [tor-0.2.1.29] Add a check for SIZE_T_MAX to tor_realloc() to try to avoid underflow errors there too. Fixes the other part of bug 2324.
· [tor-0.2.1.29] Fix a bug where we would assert if we ever had a cached-descriptors.new file (or another file read directly into memory) of exactly SIZE_T_CEILING bytes. Fixes bug 2326; bugfix on 0.2.1.25. Found by doorss.
· [tor-0.2.1.29] Fix some potential asserts and parsing issues with grossly malformed router caches. Fixes bug 2352; bugfix on Tor 0.2.1.27. Found by doorss.
· [tor-0.2.1.29] Fix a bug with handling misformed replies to reverse DNS lookup requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related to a bug reported by doorss.
· [tor-0.2.1.29] Fix compilation on mingw when a pthreads compatibility library has been installed. (We don't want to use it, so we shouldn't be including pthread.h.) Fixes bug 2313; bugfix on 0.1.0.1-rc.
· [tor-0.2.1.29] Fix a bug where we would declare that we had run out of virtual addresses when the address space was only half-exhausted. Bugfix on 0.1.2.1-alpha.
· [tor-0.2.1.29] Correctly handle the case where AutomapHostsOnResolve is set but no virtual addresses are available. Fixes bug 2328; bugfix on 0.1.2.1-alpha. Bug found by doorss.
· [tor-0.2.1.29] Correctly handle wrapping around to when we run out of virtual address space. Found by cypherpunks, bugfix on 0.2.0.5-alpha.
· [tor-0.2.1.29] Introduce output size checks on all of our decryption functions.
· updated language strings: 2731, 2732, 2733, 2734, 2735
January 23rd, 2011· corrected: if no router descriptors were downloaded, the function choose_good_middle_server() no longer makes a list with excluded routers (used by the circuit builder dialog when estimating new circuits)
· if a single router is selected as exit, the system tray menu option associated with this router will be checked
· the circuit builder dialog has been re-designed; nodes can be edited or added using 3 new dialogs for selecting entry nodes, exit nodes and for selecting middle nodes from the big list of all nodes; details about estimated/inserted nodes are shown as comments
· when selecting a new exit, the selection is added to AdvTor's title before trying to use the selection to estimate new circuits
· updated language strings: 2727, 2728, 2729, 2730
January 23rd, 2011· [tor-0.2.1.28] Fix a remotely exploitable bug that could be used to crash instances of Tor remotely by overflowing on the heap. Remote-code execution hasn't been confirmed, but can't be ruled out. Everyone should upgrade. Bugfix on the 0.1.1 series and later.
· [tor-0.2.1.28] Change IP address and ports for gabelmoo (v3 directory authority).
· geoip_c.h was updated with GeoIPCountryWhois.csv released on Januray 3th
· corrected: AdvTor.dll did not disconnect the pipe after receiving a command from another instance of AdvTor.exe
· corrected: when TrackHostExits or AddressMap were used, circuit length became CircuitPathLength+1
· added: new options on exit node selection dialog: "close all existing connections" and "expire tracked hosts", which update a new configuration option "IdentityFlags" (both are enabled by default)
· added plugin callback functions that can be used by plugins, and plugin API, as described in plugins.txt (by default, newly added plugins have the rights for all functions enabled)
· new configuration dialog: "Plugins", which allows unloading / reloading / disabling plugins and changing plugin priorities and rights
· plugins can host hidden services without the need to open any ports on local machine; an example of a hidden service plugin is included in the source code archive (HiddenMessage.dll)
· the hidden service selection dialog allows selecting hidden services hosted by plugins, if any; a plugin can host different hidden services
· added: new plugin Blacklist.dll, which allows banning blacklisted routers and rejecting requests for addresses that resolve to a blacklisted IP
· the default value for FavoriteExitNodesPriority was changed from 100 to 50
· the default value for EnforceDistinctSubnets was changed from 1 to 2 (now the default is to use nodes from different countries in the same circuit)
· updated language strings: 2694, 2695, 2696, 2697, 2698, 2699, 2700, 2701, 2702, 2703, 2704, 2705, 2706, 2707, 2708, 2709, 2710, 2711, 2712, 2713, 2714, 2715, 2716, 2717, 2718, 2719, 2720, 2721, 2722, 2723, 2724, 2725, 2726
January 23rd, 2011· corrected: when a NotifyFilter string was edited manually, the string returned by WideCharToMultiByte was not terminated correctly
· corrected: when no NotifyFilter strings were added, a null pointer was used with SetDlgItemTextL when initializing the "System" dialog
· corrected: the dialog that asks for the private key of a hidden service did not show the last letter of the hidden service's name (thanks to cc for reporting this problem)
· corrected: when adding a new hidden service, the virtual ports were overwritten when registering the new service (thanks to cc for reporting this problem)
· corrected: the prototype of ShowOpenPorts was changed to allow the caller to specify a parent dialog window and the dialog that contains the edit boxes that need to be changed (thanks to cc for reporting this problem)
· new option for intercepting processes: "Exclusive exit", which determines AdvTor to always use exit nodes that are different than the exits used by other processes, to make sure that same exit node cannot know what different processes opened by same user are doing (default is off)
· each intercepted process has a new generated exclusivity key, which, if used, is inherited by child processes; a child process will use the exit nodes used by parent process if possible, or new exits that are not used by processes that have different exclusivity keys
· a process that is not intercepted or that was intercepted without using the exclusivity key has a default exclusivity key which causes its newly chosen exits to exclude exits associated with other keys
· if a process uses an exclusivity key and a single exit node is selected for all connections, that process will exclude selected exit node and use a different one
· if a process uses an exclusivity key and a random exit node from a country is selected for all connections, that process will always use a node from that country that is not already used by processes with different exclusivity keys or it will fail to choose an exit node
· if an exclusivity key is used, it will be shown in debug when a process is intercepted and when an intercepted process creates a new process
· updated language strings: 0100, 2693
December 4th, 2010· Resolve an incompatibility with OpenSSL 0.9.8p and OpenSSL 1.0.0b: No longer set the tlsext_host_name extension on server SSL objects; but continue to set it on client SSL objects. Our goal in setting it was to imitate a browser, not a vhosting server. Fixes bug 2204; bugfix on 0.2.1.1-alpha. (tortls.c)
· Do not log messages to the controller while shrinking buffer freelists. Doing so would sometimes make the controller connection try to allocate a buffer chunk, which would mess up the internals of the freelist and cause an assertion failure. Fixes bug 1125; fixed by Robert Ransom. Bugfix on 0.2.0.16-alpha. (buffers.c)
· Learn our external IP address when we're a relay or bridge, even if we set PublishServerDescriptor to 0. Bugfix on 0.2.0.3-alpha, where we introduced bridge relays that don't need to publish to be useful. Fixes bug 2050. (config.c)
· Allow handshaking OR connections to take a full KeepalivePeriod seconds to handshake. Previously, we would close them after IDLE_OR_CONN_TIMEOUT (180) seconds, the same timeout as if they were open. Bugfix on 0.2.1.26; fixes bug 1840. Thanks to mingw-san for analysis help. (main.c)
· When you're using bridges and your network goes away and your bridges get marked as down, recover when you attempt a new socks connection (if the network is back), rather than waiting up to an hour to try fetching new descriptors for your bridges. Bugfix on 0.2.0.3-alpha; fixes bug 1981. (circuitbuild.c)
· Fix an assertion failure that could occur in directory caches or bridge users when using a very short voting interval on a testing network. Fixes bug 1141; bugfix on 0.2.0.8-alpha. (networkstatus.c)
· Enforce multiplicity rules when parsing annotations. Bugfix on 0.2.0.8-alpha. Found by piebeer. (routerparse.c)
· Exit nodes didn't recognize EHOSTUNREACH as a plausible error code, and so sent back END_STREAM_REASON_MISC. Clients now recognize a new stream ending reason for this case: END_STREAM_REASON_NOROUTE. Servers can start sending this code when enough clients recognize it. Bugfix on 0.1.0.1-rc; fixes part of bug 1793. (or.h, reasons.c, relay.c)
· Set up maatuska (run by Linus Nordberg) as the eighth v3 directory authority. (dlg_authorities.c)
· corrected: the version of AdvTor.dll was not correctly verified
· geoip_c.h was updated with GeoIPCountryWhois.csv released on November 2th
· AdvTor.dll now keeps a cache with connection information received from intercepted processes
· if an intercepted program keeps its own DNS cache and the process is released then re-intercepted, a warning will be shown when a connection attempt is made for a fake IP given by a previous instance of AdvTor.dll
· if a program already has established connections before intercepting it, AdvTor.dll will give the option to close existing connections after intercepting it
· client-side HTTP header filtering has been improved; "proxy-connection" is converted to "connection"; "connection: keep-alive" is replaced with "Connection: Close"; the following headers are removed: "x-forwarded-for", "via", "from", "proxy*" and "keep-alive"
· all settings from all pages from main dialog window were moved to separate child dialogs; to improve startup time, AdvTor will only create and initialize a child dialog window when there is a need to show it
· all procedures from dlg.h, dlg_bridges.h, dlg_graph.h and dlg_lang.h were moved to separate files that have procedures for child dialog windows; the procedures for the main dialog were moved to dlg_main.c; the procedures for the "Proxy" dialog were moved to dlg_proxy.c; the procedures for the "Authorities" dialog were moved to dlg_authorities.c; the procedures for the "Router restrictions" dialog were moved to dlg_routerres.c; the procedures for the "Circuit build" dialog were moved to dlg_circuitbuild.c; the procedures for the "Connections" dialog were moved to dlg_connections.c; the procedures for the "Bypass ISP filtering" dialog were moved to dlg_bridges.c; the procedures for the "Hidden services" dialog were moved to dlg_hs.c; the procedures for the "System" dialog were moved to dlg_system.c; the procedures for the "Force TOR" dialog were moved to dlg_forcetor.c; the procedures for the "Become a Server" dialog were moved to dlg_server.c; the procedures for the "Network information" dialog were moved to dlg_netinfo.c; the procedures for the "Debug" dialog were moved to dlg_debug.c; the procedures for the "About" dialog were moved to dlg_about.c; the procedures for the "Select an Exit Node" dialog were moved to dlg_routers.c;
· the main AdvTor window and all child dialogs can be resized, each child dialog has its own resize information (dlg_resize.c)
· updated language strings: 0060, 2687, 2688, 2689, 2690, 2691, 2692
November 20th, 2010· when the exit is changed from system tray menu or from the exit node selection dialog, a notification message will show the selection in debug window
· all file operations now use absolute paths because on some systems GetOpenFileName changes the directory even with OFN_NOCHANGEDIR flag set
· addresses of websites can also be banned by IP
· favorite routers are now added to the "Select IP" system tray menu and if there are less than 30 IPs added, other routers are added that are not in banlist
· new configuration option: FavoriteExitNodesPriority which is a percent and it is used when selecting a random exit node to decide if an exit node from favorites will be selected when StrictExitNodes is disabled (default is 100)
· new option for favorite exit nodes on "Router restrictions" page: "Priority" which allows changing FavoriteExitNodesPriority
· added: context menus for circuit tree from "Network information" page that allow closing connections, destroying circuits, banning websites by hostname or IP, banning nodes, adding nodes to favorites, etc.
· updated language strings: 1248, 2672, 2673, 2674, 2675, 2676, 2677, 2678, 2679, 2680, 2681, 2682, 2683, 2684, 2685, 2686
November 17th, 2010· corrected: if the option to start Tor automatically was enabled, the state of "Start Tor" button was not set to BST_CHECKED (thanks to mamont for reporting this error)
· corrected: the option "Start Tor" from system tray menu did not set the state of "Start Tor" button to BST_CHECKED
· corrected: when showing opened ports in hidden service selection dialog, the function ShowOpenPorts() did not use the buffer it re-allocated
· the procedures that handle operations for connection tree items no longer use stored pointers related to last selected item
· when changing identity, all existing connections of types OR, AP and EXIT are marked for close
· the constant MAX_UNUSED_OPEN_CIRCUITS is now a configuration variable MaxUnusedOpenCircuits (default is 12)
· the configuration variable DisablePredictedCircuits was removed; a value of 0 for MaxUnusedOpenCircuits means that predicted circuits are disabled
· the option "Ports for services that have long-running connections" was moved from "Circuit build" to "Connections"
· new option on "Circuit build" page: "Maximum number of unused predicted open circuits"
· new bootstrap status: BOOTSTRAP_STATUS_STARTED; if MaxUnusedOpenCircuits is 0, starting Tor will set bootstrap status to 100% because no predicted circuits need to be created
· added: new option "Stop Tor" available on system tray menus when Tor is started
· updated language strings: 2669, 2670, 2671
November 17th, 2010· corrected: the function add_all_streams() did not initialize the buffer it allocated for the string added to connection tree on Network Information page
· the button "Start Tor" is no longer disabled after starting Tor, it is now a checkbox; stopping Tor means entering hibernation mode (requested by cc)
· if an .onion address is specified, AdvTor will search existing hidden services for its private key (requested by cc)
· if no private key for an entered .onion address is found, AdvTor will prompt the user to enter one (requested by cc)
· updated language strings: 2664, 2665, 2666, 2667, 2668
November 13th, 2010· corrected: if acting on one of config options failed, all remaining options were
· ignored
· added: new option to dump statistics to debug/log available in context menus
· added: new page "Network information" which contains information about
· circuits, processes that have their traffic redirected to OR network and bandwidth
· usage
· added: new circuit builder dialog which allows building a circuit by specifying all
· nodes and/or to estimate a new good circuit path having specified length
· updated language strings: 0059, 2534, 2556, 2557, 2558, 2559, 2560, 2561, 2562, 2563, 2564, 2565, 2566, 2567, 2568, 2569, 2570, 2571, 2572, 2573, 2574, 2575, 2576, 2577, 2578, 2579, 2580, 2581, 2582, 2583, 2584, 2585, 2586, 2587, 2588, 2589, 2590, 2591, 2592, 2593, 2594, 2595, 2596, 2597, 2598, 2599, 2600, 2601, 2602, 2603, 2604, 2605, 2606, 2607, 2608, 2609, 2610, 2611, 2612, 2613, 2614, 2615, 2616, 2617, 2618, 2619, 2620, 2621, 2622, 2623, 2624, 2625, 2626, 2627, 2628, 2629, 2630, 2631, 2632, 2633, 2634, 2635, 2636, 2637, 2638, 2639, 2640, 2641, 2642, 2643, 2644, 2645, 2646, 2647, 2648, 2649, 2650, 2651, 2652, 2653, 2654, 2655, 2656, 2657, 2658, 2659, 2660, 2661, 2662, 2663
November 13th, 2010· the function rend_client_get_random_intro() could had selected a banned router as introduction point to a hidden service
· the function onion_pick_cpath_exit() will no longer warn but fail if a requested exit router if found in banlist
· the procedure for clearing the debug edit window will also send EM_SETHANDLE when needed, to prevent drawing UNICODE \0 on some systems (tested with Windows XP SP2)
November 13th, 2010· corrected: if a banned node was requested as exit (using ".exit" suffix) it was used by AdvTor to connect to specified address (thanks to fonsjko for reporting this problem)
· updated language strings: 2555
November 13th, 2010· the strings for hidden service port selection dialog can now be loaded from language files (thanks to mamont for reporting this problem)
· updated language strings: 1248,2548,2549,2550,2551,2552,2553,2554
November 13th, 2010· new page: "Bypass ISP filtering" with options related to bridges and proxies
· the options "Use bridges", "Update bridges from authority" and "All directory actions are private" were moved to the "Bypass ISP filtering" page
· empty definitions found in loaded language file(s) are replaced with default strings
· Updated language strings: 0058,0124,0125,2536,2537,2538,2539,2540,2541,2542,2543,2544,2545,2546
November 13th, 2010· the procedure for showing messages in debug window has been optimized to reduce CPU usage if too many strings are shown in a short period of time (for example, when selecting log level to "[8] Debug")
· if no text is selected in debug window, the context menu will no longer show the option to filter selected text
October 25th, 2010· Corrected: the option LongLivedPorts could not be re-enabled after disabling it
September 7th, 2010· corrected: the pointer for PostMessage was not initialized when needed in other processes
· corrected: second different resolved .onion address by same process could not be accessed if "Force TOR" was enabled
· corrected: if the option to download network status manually was enabled, network status still expired
· corrected: if another instance of AdvTor was running from a different directory with the same name, AdvTor failed to create the pipe needed to communicate with intercepted processes
· corrected: problems with Delphi libraries when AdvTor was resolving addresses to fake IPs (thanks to RoLex for reporting these problems)
· corrected: high CPU usage when AdvTor could not create a pipe
· AdvTor.dll also intercepts WinExec and it converts calls to WinExec to calls to CreateProcessA (WinExec would call CreateProcessInternalA instead of CreateProcessA)
· AdvTor.dll now has a DNS cache; default expiration time for an entry that has a resolved IP is 120 seconds
· removed: the option "Detect ASLR" - ASLR will always be handled by AdvTor.dll
· if "no exit" is selected, no warnings will be shown about failure to select a good exit server
· new configuration option: ForceFlags - used to specify the default options for faking local time, address IPs and for disallowing non-TCP sockets
· new option: "Run" available on "Force TOR" page that allows starting a process protected by AdvTor
· new option: "Resolve only to fake IPs" available on "Force TOR" page, which if enabled, returns an IP within range 127.16.* for all resolve requests instead of sending them to OR network; cache entries that have 127.16.* as IPs don't expire as long as resolving to fake IPs is enabled
· new option: "Disallow non TCP sockets" available on "Force TOR" page, to protect against leaking the real IP through other protocols
· new menu: "Quick start" available on "Force TOR" page and on system tray menu that allows starting applications protected by AdvTor with different settings for each favorite process (requested by Meka][Meka)
· new configuration option: CircuitPathLength, also added to GUI on "Router restrictions" page - currently the maximum circuit length can be 10 routers, default is 3
September 7th, 2010· corrected: if LoadLibrary failed in target process, it was still shown as intercepted
· corrected: when unloading the AdvTor.dll, UnloadDLL did not wait for PipeThread to finish
· corrected: high CPU usage if no running exit nodes were found (thanks to RoLex for reporting this problem)
· corrected: system tray menus were not closed when the user clicked outside them
· corrected: AdvTor.dll did not always close handles of remote threads
· corrected: AdvTor.dll did not always free the memory it allocated in other processes
· corrected: AdvTor.dll did not intercept process creation functions if the option to fake local time was disabled
· corrected: intercepted processes that were not updated in GUI were not released when AdvTor exited
· corrected: intercepting functions in suspended processes sometimes failed
· corrected: AdvTor.dll could re-hook same procedure twice if a previous instance was terminated from task manager
· corrected: AdvTor.exe will no longer attempt to intercept itself if the user selects it from process list (thanks to RoLex for reporting this error)
· if no running exit nodes can be found for selected country, the notification message is shown only once, until a good exit node is found (thanks to RoLex for reporting this problem)
· the confusing message "attempt to bypass proxy settings" is replaced with "redirecting connection from address" (thanks to Meka][Meka for reporting this problem)
· system tray menu has a new submenu "Release" with all intercepted processes to allow unloading AdvTor.dll from them
· AdvTor.dll now shows more information about interception failures
· AdvTor.dll no longer loads user32.dll in intercepted processes
· AdvTor.dll also intercepts functions gethostbyname, WSAAsyncGetHostByName, gethostbyaddr, WSAAsyncGetHostByAddr (Windows 2000+), getnameinfo, GetNameInfoW, getaddrinfo, GetAddrInfoW (Windows XP SP2+) (thanks to RoLex for helping with tests)
· programs that are intercepted by AdvTor will have all DNS queries and reverse DNS queries resolved by OR network
· programs that are intercepted can access .onion addresses, AdvTor.dll will resolve them to an IP within range 127.16.* (localhost) and will keep a cache with geneated IPs and corresponding .onion addresses to use in connection requests
· process tree also shows PID values when selecting a window
· when AdvTor.dll sends a notification about an intercepted process that doesn't respect proxy settings, it also shows the PID for that process (requested by RoLex)
· the lists with exit nodes will also have an entry "no exit", for those who want only to see where an intercepted program would connect, but without allowing it to connect or to send anything
· added verification for "localhost" so an intercepted process won't try to use OR network to resolve it (Opera resolves "localhost" every time you save a file)
· added verification for "wpad" to prevent vulnerable applications from using OR network to resolve it (Chrome, IE, Yahoo Messenger, etc.)
September 7th, 2010· GeoIP information is included as a pre-compiled search tree, GeoIP lookup functions are written in asm; also, a conversion program is included to convert a downloaded GeoIPCountryWhois.csv to geoip_c.h (csv2asm)
· AdvTor now also intercepts CreateProcessAsUser from advapi32.dll
· context menu from debug window has more options related to selected text if an address is found in it: track exit for selected_host (config option: TrackHostExits), remember/forget exit for selected_host (config option: AddressMap)
· debug messages shown by AdvTor.dll have different severity levels
· current exit node is shown in title bar
· added a DialogBox for selecting a specific exit node or a country from which a random exit node will be chosen (accessible from "New identity" or from systray menu option "Advanced")
· added a "Process Finder" DialogBox to help selecting a process by selecting a window it created
· system tray menu has a list with 30 usable exit nodes
· AdvTor verifies the minimum required version of AdvTor.dll (version 0.1.0.4 requires AdvTor.dll 0.1.0.4)
August 11th, 2010· corrected: if Auto-Refresh was disabled, initialization progress was no longer shown
· corrected: if Auto-Refresh was disabled, all log messages were shown as popup MessageBox'es
· corrected: ASLR detection problems in Windows 2003 (thanks to RoLex for helping with tests)
· corrected: the nickname was reset to local computer name if server options were changed (thanks to The Architect for reporting this error)
· AdvTor can now force programs that use asynchronous sockets to use Tor
· AdvTor also intercepts process creation functions, to set proxy restrictions on child processes created by a restricted process
· if AdvTor.exe is renamed, AdvTor.dll must also be renamed
August 2nd, 2010· corrected: some cryptographic functions were called before OpenSSL's crypto was initialized (thanks to RoLex for reporting this problem)
· files were updated with changes relative to changelog for tor-0.2.1.26
· updated libraries: libevent-1.4.14b-stable, openssl-1.0.0a, zlib-1.2.5
· new page "Authorities" added for settings related to Directory Authorities
· lock file functions were removed in favour of WIN32 mutex objects the files "torrc" and "state" were merged as [torrc] and [state]
· sections of AdvTor.ini which is saved as a standard .ini file located in
· AdvTor's directory
· all saved files have the prefix of AdvTor's executable name
· changing file name of AdvTor.exe will cause it to change the names of all saved files (multiple different versions of AdvTor can exist in same directory, with different names).
· new option added "LocalHost" that will be used by intercepted programs to resolve local IP address
· added: new option for advertised OS: ">" which will select a random OS at startup from a list with most frequently used ones
· added: new option for advertised Tor version: ">" which will select a random recommended Tor version from the list received from authorities
· added: new option to randomize reported system time and to auto-adjust the time reported to authorities and to other routers
· added: new option to use a fake local address for intercepted processes AdvTor no longer requires an accurate clock to work
· AdvTor.dll can also force a process to use a fake local time
May 21st, 2009· AdvTor.dll can show the process name and the module that attempts to bypass proxy settings if "Force Tor" is enabled
· AdvTor.dll supports more operating systems, including Vista
· AdvTor.dll can also force system services to use Tor
· added new page: "Become a Server", with options related to sharing bandwidth to help OR network
· exit policies are split in 2 policy groups, "Accept only" and "Banned IPs / ports"
Find us on Google+
