fold in recent changelog entries

This commit is contained in:
Roger Dingledine 2012-01-22 00:15:45 -05:00
parent 8265a9e5b1
commit 110a953156
22 changed files with 118 additions and 151 deletions

155
ChangeLog
View File

@ -1,4 +1,4 @@
Changes in version 0.2.3.11-alpha - 2012-01-0? Changes in version 0.2.3.11-alpha - 2012-01-??
o Major features: o Major features:
- Now that Tor 0.2.0.x is completely deprecated, enable the final - Now that Tor 0.2.0.x is completely deprecated, enable the final
part of "Proposal 110: Avoiding infinite length circuits" by part of "Proposal 110: Avoiding infinite length circuits" by
@ -32,26 +32,24 @@ Changes in version 0.2.3.11-alpha - 2012-01-0?
to make sure that the bug can't happen. to make sure that the bug can't happen.
o Major bugfixes: o Major bugfixes:
- Fix the SOCKET_OK test that we use to tell when socket
creation fails so that it works on Win64. Fixes part of bug 4533;
bugfix on 0.2.2.29-beta. Bug found by wanoskarnet.
- Correct our replacements for the timeradd() and timersub() functions - Correct our replacements for the timeradd() and timersub() functions
on platforms that lack them (for example, Windows). The timersub() on platforms that lack them (for example, Windows). The timersub()
function is used when expiring circuits, while timeradd() is function is used when expiring circuits, while timeradd() is
currently unused. Bug report and patch by Vektor. Bugfix on currently unused. Bug report and patch by Vektor. Fixes bug 4778;
0.2.2.24-alpha and 0.2.3.1-alpha; fixes bug 4778. bugfix on 0.2.2.24-alpha and 0.2.3.1-alpha.
- Do not use OpenSSL 1.0.0's counter mode: it has a critical bug - Do not use OpenSSL 1.0.0's counter mode: it has a critical bug
that was fixed in OpenSSL 1.0.0a. Fixes bug 4779; bugfix on that was fixed in OpenSSL 1.0.0a. We test for the counter mode
Tor 0.2.3.9-alpha. Found by Pascal. bug at runtime, not compile time, because some distributions hack
their OpenSSL to mis-report its version. Fixes bug 4779; bugfix
on 0.2.3.9-alpha. Found by Pascal.
o Minor features: o Minor features (controller):
- Directory servers now reject versions of Tor older than 0.2.1.30,
and Tor versions between 0.2.2.1-alpha and 0.2.2.20-alpha
(inclusive). These versions accounted for only a small fraction of
the Tor network, and have numerous known security issues. Resolves
issue 4788.
- Use absolute path names when reporting the torrc filename in the - Use absolute path names when reporting the torrc filename in the
control protocol, so a controller can more easily find the torrc control protocol, so a controller can more easily find the torrc
file. Resolves bug 1101. file. Resolves bug 1101.
- If EntryNodes are given, but UseEntryGuards is set to 0, warn that
EntryNodes will have no effect. Resolves issue 2571.
- Extend the control protocol to report flags that control a circuit's - Extend the control protocol to report flags that control a circuit's
path selection in CIRC events and in replies to 'GETINFO path selection in CIRC events and in replies to 'GETINFO
circuit-status'. Implements part of ticket 2411. circuit-status'. Implements part of ticket 2411.
@ -59,6 +57,44 @@ Changes in version 0.2.3.11-alpha - 2012-01-0?
and current state of a hidden-service-related circuit in CIRC and current state of a hidden-service-related circuit in CIRC
events and in replies to 'GETINFO circuit-status'. Implements part events and in replies to 'GETINFO circuit-status'. Implements part
of ticket 2411. of ticket 2411.
- When reporting the path to the cookie file to the controller,
give an absolute path. Resolves ticket 4881.
- Allow controllers to request an event notification whenever a
circuit is cannibalized or its purpose is changed. Implements
part of ticket 3457.
- Include the creation time of a circuit in CIRC and CIRC2
control-port events and the list produced by the 'GETINFO
circuit-status' control-port command.
o Minor features (directory authorities):
- Directory authorities now reject versions of Tor older than
0.2.1.30, and Tor versions between 0.2.2.1-alpha and 0.2.2.20-alpha
inclusive. These versions accounted for only a small fraction of
the Tor network, and have numerous known security issues. Resolves
issue 4788.
- Authority operators can now vote for all routers in a given
country to be BadDir/BadExit/Invali/Rejected.
- Provide two consensus parameters (FastFlagMinThreshold and
FastFlagMaxThreshold) to control the range of allowable bandwidths
for the Fast directory flag. These allow authorities to run
experiments on appropriate requirements for being a "Fast" node.
The AuthDirFastGuarantee config value still applies.
- Document the GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays
directory authority option (introduced in Tor 0.2.2.34).
o Minor features (other):
- Don't disable the DirPort when we cannot exceed our AccountingMax
limit during this interval because the effective bandwidthrate is
low enough. This is useful in a situation where AccountMax is only
used as an additional safeguard or to provide statistics.
- Prepend an informative header to generated dynamic_dh_params files.
- If EntryNodes are given, but UseEntryGuards is set to 0, warn that
EntryNodes will have no effect. Resolves issue 2571.
- Log more useful messages when we fail to disable debugger
attachment.
- Log which authority we're missing votes from when we go to fetch
them from the other auths.
- Log (at debug level) whenever a circuit's purpose is changed.
- Update to the January 3 2012 Maxmind GeoLite Country database. - Update to the January 3 2012 Maxmind GeoLite Country database.
o Minor bugfixes (hidden services): o Minor bugfixes (hidden services):
@ -71,12 +107,12 @@ Changes in version 0.2.3.11-alpha - 2012-01-0?
after the normal CBT. Now, we mark them as 'timed out', and launch after the normal CBT. Now, we mark them as 'timed out', and launch
another rendezvous attempt in parallel. This behavior change can another rendezvous attempt in parallel. This behavior change can
be disabled using the new CloseHSClientCircuitsImmediatelyOnTimeout be disabled using the new CloseHSClientCircuitsImmediatelyOnTimeout
option. Bugfix on 0.2.2.2-alpha; fixes part of bug 1297. option. Fixes part of bug 1297; bugfix on 0.2.2.2-alpha.
- Don't close hidden-service-side rendezvous circuits when they - Don't close hidden-service-side rendezvous circuits when they
reach the normal circuit-build timeout. This behaviour change can reach the normal circuit-build timeout. This behaviour change can
be disabled using the new be disabled using the new
CloseHSServiceRendCircuitsImmediatelyOnTimeout option. Bugfix on CloseHSServiceRendCircuitsImmediatelyOnTimeout option. Fixes the
0.2.2.2-alpha; fixes the remaining part of bug 1297. remaining part of bug 1297; bugfix on 0.2.2.2-alpha.
- Make sure we never mark the wrong rendezvous circuit as having - Make sure we never mark the wrong rendezvous circuit as having
had its introduction cell acknowleged by the introduction-point had its introduction cell acknowleged by the introduction-point
relay. Previously, when we received an INTRODUCE_ACK cell on a relay. Previously, when we received an INTRODUCE_ACK cell on a
@ -84,15 +120,46 @@ Changes in version 0.2.3.11-alpha - 2012-01-0?
marked a rendezvous circuit other than the one we specified in marked a rendezvous circuit other than the one we specified in
the INTRODUCE1 cell as INTRO_ACKED, which would have produced the INTRODUCE1 cell as INTRO_ACKED, which would have produced
a warning message and interfered with the hidden service a warning message and interfered with the hidden service
connection-establishment process. Bugfix on 0.2.3.3-alpha, when we connection-establishment process. Fixes bug 4759; bugfix on
added the stream-isolation feature which might cause Tor to open 0.2.3.3-alpha, when we added the stream-isolation feature which
multiple rendezvous circuits for the same hidden service. Fixes might cause Tor to open multiple rendezvous circuits for the same
bug 4759. hidden service.
- Don't trigger an assertion failure when we mark a new client-side - Don't trigger an assertion failure when we mark a new client-side
hidden-service introduction circuit for close during the process hidden-service introduction circuit for close during the process
of creating it. Bugfix on 0.2.3.6-alpha. Fixes bug 4796; reported of creating it. Fixes bug 4796; bugfix on 0.2.3.6-alpha. Reported
by murb. by murb.
o Minor bugfixes (log messages):
- Correctly spell "connect" in a log message on failure to create a
controlsocket. Fixes bug 4803; bugfix on 0.2.2.26-beta and
0.2.3.2-alpha.
- Fix a typo in a log message in rend_service_rendezvous_has_opened().
Fixes bug 4856; bugfix on Tor 0.0.6.
- Fix the log message describing how we work around discovering
that our version is the ill-fated OpenSSL 0.9.8l. Fixes bug
4837; bugfix on 0.2.2.9-alpha.
- When logging about a disallowed .exit name, do not also call it
an "invalid onion address". Fixes bug 3325; bugfix on 0.2.2.9-alpha.
o Minor bugfixes (build fixes):
- During configure, search for library containing cos function as
libm lives in libcore on some platforms (BeOS/Haiku). Linking
against libm was hard-coded before. Fixes the first part of bug
4727; bugfix on 0.2.2.2-alpha. Patch and analysis by Martin Hebnes
Pedersen.
- Preprocessor directives should not be put inside the arguments
of a macro. This would break compilation with GCC releases prior
to version 3.3. We would never recommend such an old GCC version,
but it is apparently required for binary compatibility on some
platforms (namely, certain builds of Haiku). Fixes the other part
of bug 4727; bugfix on 0.2.3.3-alpha. Patch and analysis by Martin
Hebnes Pedersen.
- Use an appropriate-width type for sockets in tor-fw-helper on
win64. Fixes bug 1983 at last. Bugfix on 0.2.3.9-alpha.
- Detect attempts to build Tor on (as yet hypothetical) versions
of Windows where sizeof(intptr_t) != sizeof(SOCKET). Partial
fix for bug 4533. Bugfix on 0.2.2.28-beta.
o Minor bugfixes (other): o Minor bugfixes (other):
- Fix null-pointer access that could occur if TLS allocation failed. - Fix null-pointer access that could occur if TLS allocation failed.
Fixes bug 4531; bugfix on 0.2.0.20-rc. Found by "troll_un". This was Fixes bug 4531; bugfix on 0.2.0.20-rc. Found by "troll_un". This was
@ -113,23 +180,21 @@ Changes in version 0.2.3.11-alpha - 2012-01-0?
platform specific, and particularly the hurd has ENOENT at platform specific, and particularly the hurd has ENOENT at
0x40000002. Construct expected string at runtime, using the correct 0x40000002. Construct expected string at runtime, using the correct
value for ENOENT. Fixes bug 4733; bugfix on 0.2.3.1-alpha. value for ENOENT. Fixes bug 4733; bugfix on 0.2.3.1-alpha.
- Correctly spell "connect" in a log message on failure to create a - Fix our implementation of crypto_random_hostname() so it can't
controlsocket. Fixes bug 4803; bugfix on 0.2.2.26-beta and overflow on ridiculously large inputs. (No Tor version has ever
0.2.3.2-alpha. provided this kind of bad inputs, but let's be correct in depth.)
- During configure, search for library containing cos function as Fixes bug 4413; bugfix on 0.2.2.9-alpha. Fix by Stephen Palmateer.
libm lives in libcore on some platforms (BeOS/Haiku). - Reject attempts to disable DisableDebuggerAttachment while Tor is
Linking against libm was hard-coded before. Bugfix on running. Fixes bug 4650; bugfix on 0.2.3.9-alpha.
0.2.2.2-alpha; fixes the first part of bug 4727. Patch and - Find more places in the code that should have been testing for
analysis by Martin Hebnes Pedersen. invalid sockets using the SOCKET_OK macro. Required for a fix
- Preprocessor directives should not be put inside the arguments for bug 4533. Bugfix on 0.2.2.28-beta.
of a macro. This would break compilation with GCC releases prior - Add missing documentation for the MaxClientCircuitsPending,
to version 3.3. We would never recommend such an old GCC UseMicrodescriptors, UserspaceIOCPBuffers, and
version, but it is apparently required for binary compatibility _UseFilteringSSLBufferevents options, all introduced during
on some platforms (namely, certain builds of Haiku). Bugfix on the 0.2.3.x series.
0.2.3.3-alpha; fixes the other part of bug 4727. Patch and
analysis by Martin Hebnes Pedersen.
- Feature removal: o Feature removal:
- When sending or relaying a RELAY_EARLY cell, we used to convert - When sending or relaying a RELAY_EARLY cell, we used to convert
it to a RELAY cell if the connection was using the v1 link it to a RELAY cell if the connection was using the v1 link
protocol. This was a workaround for older versions of Tor, which protocol. This was a workaround for older versions of Tor, which
@ -145,6 +210,22 @@ Changes in version 0.2.3.11-alpha - 2012-01-0?
- Use OpenSSL's built-in SSL_state_string_long() instead of our - Use OpenSSL's built-in SSL_state_string_long() instead of our
own homebrewed ssl_state_to_string() replacement. Patch from own homebrewed ssl_state_to_string() replacement. Patch from
Emile Snyder. Fixes bug 4653. Emile Snyder. Fixes bug 4653.
- Use macros to indicate OpenSSL versions, so we don't need to worry
about accidental hexadecimal bit shifts.
- Remove some workaround code for OpenSSL 0.9.6 (which is no longer
supported).
- Convert more instances of tor_snprintf+tor_strdup into tor_asprintf.
- Use the smartlist_add_asprintf() alias more consistently.
- Use a TOR_INVALID_SOCKET macro when initializing a socket to an
invalid value, rather than just -1.
- Rename a handful of old identifiers, mostly related to crypto
structures and crypto functions. By convention, our "create an
object" functions are called "type_new()", our "free an object"
functions are called "type_free()", and our types indicate that
they are types only with a final "_t". But a handful of older
types and functions broke these rules, with function names like
"type_create" or "subsystem_op_type", or with type names like
type_env_t.
Changes in version 0.2.3.10-alpha - 2011-12-16 Changes in version 0.2.3.10-alpha - 2011-12-16

View File

@ -1,3 +0,0 @@
o Minor features (controller):
- When reporting the path to the cookie file to the controller,
give an absolute path. Resolves ticket 4881.

View File

@ -1,5 +0,0 @@
o Minor bugfixes
- Test for the OpenSSL 1.0.0 counter mode bug at runtime, not compile
time. This is necessary because OpenSSL has been hacked to mis-report
its version on a few distributions.
Bugfix on Tor 0.2.3.11-alpha.

View File

@ -1,3 +0,0 @@
o Minor features (directory authority):
- Authority operators can now vote for all routers in a given
country to be BadDir/BadExit/Invali/Rejected.

View File

@ -1,3 +0,0 @@
o Minor bugfixes
- Use an appropriate-width type for sockets in tor-fw-helper on
win664. Fixes bug 1983 at last. Bugfix on 0.2.3.9-alpha.

View File

@ -1,6 +0,0 @@
o Minor features:
- Don't disable the DirPort when we cannot exceed our AccountingMax
limit during this interval because the effective bandwidthrate is
low enough. This is useful in a situation where AccountMax is only
used as an additional safeguard or to provide statistics.

View File

@ -1,3 +0,0 @@
o Minor bugfixes:
- When logging about a disallowed .exit name, do not also call it
an "invalid onion address". Fixes bug 3325; bugfix on 0.2.2.9-alpha.

View File

@ -1,8 +0,0 @@
o Minor bugfixes (documentation):
- Add missing documentation for the MaxClientCircuitsPending,
UseMicrodescriptors, UserspaceIOCPBuffers, and
_UseFilteringSSLBufferevents options, all introduced during
the 0.2.3.x series.

View File

@ -1,3 +0,0 @@
o Minor bugfixes (documentation):
- Document the GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays
directory authority option (introduced in Tor 0.2.2.34).

View File

@ -1,5 +0,0 @@
o Minor bugfixes:
- Fix our implementation of crypto_random_hostname() so it can't
overflow on ridiculously large inputs. (No Tor version has ever
provided this kind of bad inputs, but let's be correct in depth.)
Fixes bug 4413; bugfix on 0.2.2.9-alpha. Fix by Stephen Palmateer.

View File

@ -1,5 +0,0 @@
o Major bugfixes:
- Fix the SOCKET_OK test that we use to tell when socket
creation fails so that it works on Win64. Fixes part of bug
4533; bugfix on 0.2.2.29-beta. Bug found by wanoskarnet.

View File

@ -1,7 +0,0 @@
o Minor features:
- Log more useful messages when we fail to disable debugger attachment.
o Minor bugfixes:
- Reject attempts to disable DisableDebuggerAttachment while Tor is
running. Fixes bug 4650; bugfix on 0.2.3.9-alpha.

View File

@ -1,2 +0,0 @@
o Minor features:
- Prepend an informative header to generated dynamic_dh_params files.

View File

@ -1,4 +0,0 @@
o Minor bugfixes:
- Fix the log message describing how we work around discovering
that our version is the ill-fated OpenSSL 0.9.8l. Fixes bug
4837; bugfix on 0.2.2.9-alpha.

View File

@ -1,3 +0,0 @@
o Trivial bugfixes
- Fix a typo in a log message in rend_service_rendezvous_has_opened().
Fixes bug 4856; bugfix on Tor 0.0.6.

View File

@ -1,5 +0,0 @@
o Code simplifications and refactoring
- Use the smartlist_add_asprintf alias more consistently
throughout the codebase.
- Convert more instances of tor_snprintf+tor_strdup into
tor_asprintf.

View File

@ -1,3 +0,0 @@
o Minor features:
- Log which authority we're missing votes from when we go to fetch them
from the other auths.

View File

@ -1,8 +0,0 @@
o Minor features (directory authority):
- Provide two consensus parameters (FastFlagMinThreshold and
FastFlagMaxThreshold) to control the range of allowable bandwidths for
the Fast directory flag. This allows authorities to run better
experiments on appropriate requirements for being a "Fast" node.
The AuthDirFastGuarantee flag still applies.

View File

@ -1,12 +0,0 @@
o Minor features:
- Log (at debug level) whenever a circuit's purpose is changed.
- Allow controllers to request an event notification whenever a
circuit is cannibalized or its purpose is changed. Implements
part of ticket 3457.
- Include the creation time of a circuit in CIRC and CIRC2
control-port events and the list produced by the 'GETINFO
circuit-status' control-port command.

View File

@ -1,6 +0,0 @@
o Code simplification and refactoring:
- Use macros to indicate OpenSSL versions, so we don't need to worry
about accidental hexadecimal bit shifts.
- Remove some workaround code for OpenSSL 0.9.6, which is no longer
supported.

View File

@ -1,9 +0,0 @@
o Code simplifications and refactorings:
- Rename a handful of old identifiers, mostly related to crypto
structures and crypto functions. By convention, our "create an
object" functions are called "type_new()", our "free an object"
functions are called "type_free()", and our types indicate that
they are types only with a final "_t". But a handful of older
types and functions broke these rules, with function names like
"type_create" or "subsystem_op_type", or with type names like
type_env_t.

View File

@ -1,11 +0,0 @@
o Minor bugfixes:
- Find more places in the code that should have been testing for
invalid sockets using the SOCKET_OK macro. Required for a fix
for bug 4533. Bugfix on 0.2.2.28-beta.
- Detect attempts to build Tor on (as yet hypothetical) versions
of Windows where sizeof(intptr_t) != sizeof(SOCKET). Partial
fix for bug 4533. Bugfix on 0.2.2.28-beta.
o Code simplification and refactoring:
- Use a TOR_INVALID_SOCKET macro when initializing a socket to an
invalid value, rather than just -1.