- Update to version 1.2.5:
* Stop publishing the obsolete arti-hyper crate
* Update curve25519-dalek to avoid a low-severity timing
vulnerability. (TROVE-2024-007)
* With full vanguards, client rendezvous circuits
do not reuse the final vanguard as the rendezvous point.
(TROVE-2024-008)
* Some RPC development
* Add skeleton, including (experimental): arti-relay crate,
relay cargo feature in arti-client,
relay command line argument to arti
* Add a key material export facility for some of our TLS
implementations.
* Tolerate removal of files from Arti's cache directory.
OBS-URL: https://build.opensuse.org/request/show/1187408
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/arti?expand=0&rev=10
* Stop publishing the obsolete arti-hyper crate
* Update curve25519-dalek to avoid a low-severity timing
vulnerability. (TROVE-2024-007)
* With full vanguards, client rendezvous circuits
do not reuse the final vanguard as the rendezvous point.
(TROVE-2024-008)
* Some RPC development
* Add skeleton, including (experimental): arti-relay crate,
relay cargo feature in arti-client,
relay command line argument to arti
* Add a key material export facility for some of our TLS
implementations.
* Tolerate removal of files from Arti's cache directory.
OBS-URL: https://build.opensuse.org/package/show/network/arti?expand=0&rev=23
- Added LICENSE-APACHE and LICENSE-MIT to %files
- Added README.md and CHANGELOG.md to %files
- Update to version 1.2.1:
* Reorganize onion service code.
* Design work for out-of-memory handling, which is necessary for
onion service security.
* Initial implementation work for onion service [vanguards],
which are needed to improve onion service security.
This is not yet complete.
* Added support for unmanaged pluggable transports
* Begun work to improve Tor's relay cell protocol with support
for packed and fragmented messages
- Update to version 1.2.0
* Initial support for running onion services.
* Fixed a number of bugs and security issues.
* Made the onion-service-service feature non-experimental.
For a full changelog, refer to the package changelog
(/usr/share/doc/packages/arti/CHANGELOG.md)
OBS-URL: https://build.opensuse.org/request/show/1164178
OBS-URL: https://build.opensuse.org/package/show/network/arti?expand=0&rev=14
- Update to version 1.1.12~0:
Arti 1.1.12 continues work on support for running onion services.
You can now launch an onion service and expect it to run,
though the user experience leaves a lot to be desired.
Don't rely on this onion service implementation for security yet;
there are a number of [missing security features]
we will need to develop before we can recommend them
for actual use.
3c44d849f4/CHANGELOG.md
- Updated the ignored RUSTSEC advisories, as per the project
recommended way of building the crate
OBS-URL: https://build.opensuse.org/request/show/1138965
OBS-URL: https://build.opensuse.org/package/show/network/arti?expand=0&rev=12
- Update to version 1.1.11:
Arti 1.1.11 continues work on support for running onion services.
Onion services are now working in our testing, and we expect we'll
have something testable by others in our next release.
Arti 1.1.11 also increases our MSRV (Minimum Supported Rust Version)
to 1.70, in accordance with our [MSRV policy].
### Onion service development
- Correct our handling of BEGIN and END messages to bring them
into conformance with the C Tor implementation and the specification.
([#1077], [!1694], [!1738])
- In our key manager, use macros to define key specifiers, instead of
repeating the same boilerplate code. ([#1069], [#1093], [!1710],
[!1733])
- Refactoring and refinement on the definitions of onion-service-related
errors. ([!1718], [!1724], [!1750], [!1751], [!1779])
- Add a "time-store" mechanism for (as correctly as possible) storing and loading
future timestamps, even in the presence of system clock skew ([!1723], [!1774])
- Implement a replay-log backend to prevent INTRODUCE replay attacks
against onion services. ([!1725])
- Improved encoding for key-denotators in the key manager. ([#1063],
[#1070], [!1722])
- Allow a single key to have more than one denotator in its path.
([#1112], [!1747])
- Use an order-preserving-encryption back-end to generate
monotonically increasing revision counters for onion service
descriptors. We do this to ensure a reproducible series of counters
without leaking our clock skew. ([#1053], [!1741], [!1744])
- Deprecate key types for INTRODUCE-based authentication:
C tor has never implemented this, and we do not plan to implement it
without additional specification work. ([#1037], [!1749])
OBS-URL: https://build.opensuse.org/request/show/1132326
OBS-URL: https://build.opensuse.org/package/show/network/arti?expand=0&rev=10
