|
Arti 是我们正在进行的项目,旨在创建下一代 Tor 客户端 锈。现在我们宣布最新版本Arti 1.1.5。cik免费翻墙网
在过去的几个月里, 我们的努力在洋葱服务之间分配 并开发新的 RPC API (C Tor 的“控制端口”的继承者) 这将为应用程序提供安全而强大的方式 与阿蒂合作 无需在 Rust 中编写代码 或将 Arti 链接为库(除非他们愿意)。cik免费翻墙网
对于本月的洋葱服务, 我们继续致力于我们的协议基础设施 支持加密握手和协议 用于洋葱服务, 并开始关键管理系统的设计工作 用于洋葱服务。cik免费翻墙网
我们的 RPC 代码仍处于“仅基础结构”状态: 后端取得了重大进展, 现在包括一个对象引用系统 我们将用于强制实施安全性 通过能力风格的设计, 但到目前为止,它不支持任何有用的功能。 (我们预计本月将推出初始功能。 有关我们设计的总体形状的信息, 请参阅在制品规范文档。cik免费翻墙网
最后,此版本还修复了一个安全问题: 我们的袜子代码中有一个错误 可被利用来造成拒绝服务攻击 针对 Arti 客户端。 我们将其归类为低严重性问题, 因为利用它需要攻击者拥有 访问本地主机。 感谢雅各布·莱尔报告此问题; 它被跟踪为 TROVE-2023-001。cik免费翻墙网
也有许多较小的变化; 对于这些,请参阅更新日志。cik免费翻墙网
有关使用 Arti 的更多信息,请参阅我们的顶级自述文件,以及 ARTI 二进制文件的文档。cik免费翻墙网
感谢所有为此版本做出贡献的人,包括 亚历山大·费罗伊、雅各布·莱尔、吉姆·纽瑟姆、萨克沙姆·米塔尔和三位一体 波因塔德。cik免费翻墙网
最后,我们非常感谢 Zcash 社区资助 阿蒂的发展!cik免费翻墙网
cik免费翻墙网
cik免费翻墙网
cik免费翻墙网
cik免费翻墙网
cik免费翻墙网
Arti 1.1.5 is released: Onion Services, RPC, and a security patchcik免费翻墙网
by nickmcik免费翻墙网 Arti is our ongoing project to create a next-generation Tor client in Rust. Now we're announcing the latest release, Arti 1.1.5.
In the past months, our efforts have been divided between onion services and work on a new RPC API (a successor to C Tor's "control port") that will give applications a safe and powerful way to work with Arti without having to write their code in Rust or link Arti as a library (unless they want to).cik免费翻墙网
For onion services this month, we have continued work on our protocol infrastructure to support the cryptographic handshakes and protocols used for onion services, and begun design work on a key management system for onion services.cik免费翻墙网
Our RPC code is still in an "infrastructure-only" state: the backend has progressed significantly, and now includes an object-reference system we'll use to enforce security via a capability-style design, but as of yet it supports no useful functionality. (We expect to land initial functionality this month.) For information on the general shape of our design, see the work-in-progress specification document.cik免费翻墙网
Finally, this release also fixes a security issue: there was a bug in our SOCKS code that could be exploited to cause a denial-of-service attack against an Arti client. We are classifying this as a low-severity issue, since exploiting it would require the attacker to have access to localhost. Thanks to Jakob Lell for reporting this issue; it is tracked as TROVE-2023-001.cik免费翻墙网
There have been many smaller changes as well; for those, please see the CHANGELOG.cik免费翻墙网
For more information on using Arti, see our top-level README, and the documentation for the arti binary.cik免费翻墙网
Thanks to everyone who has contributed to this release, including Alexander Færøy, Jakob Lell, Jim Newsome, Saksham Mittal, and Trinity Pointard.cik免费翻墙网
Finally, our deep thanks to Zcash Community Grants for funding the development of Arti!cik免费翻墙网
|
