From 1d5b2da3a8273797817747e08a3a0b6726cb060a Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Tue, 29 Jun 2010 18:40:08 -0400 Subject: [PATCH] start an 0.2.2.14-alpha changelog --- ChangeLog | 66 ++++++++++++++++++++++++ changes/bait-and-switch-bridges | 8 --- changes/bug1522 | 3 -- changes/bug1524 | 3 -- changes/bug1526 | 3 -- changes/bug1532 | 4 -- changes/compileTimeHardening | 12 ----- changes/copy_key_log_bug1209 | 4 -- changes/dont_cannibalize_onehop_circuits | 6 --- changes/geoip-update-june2010 | 2 - changes/less_alloc_for_esc | 3 -- changes/maatuska-new-v3auth | 3 -- changes/new-geoip-db | 5 -- changes/nohostnamewarn | 5 -- changes/once_per_sec | 4 -- changes/port_to_wince | 4 -- changes/revise_HACKING | 4 -- 17 files changed, 66 insertions(+), 73 deletions(-) delete mode 100644 changes/bait-and-switch-bridges delete mode 100644 changes/bug1522 delete mode 100644 changes/bug1524 delete mode 100644 changes/bug1526 delete mode 100644 changes/bug1532 delete mode 100644 changes/compileTimeHardening delete mode 100644 changes/copy_key_log_bug1209 delete mode 100644 changes/dont_cannibalize_onehop_circuits delete mode 100644 changes/geoip-update-june2010 delete mode 100644 changes/less_alloc_for_esc delete mode 100644 changes/maatuska-new-v3auth delete mode 100644 changes/new-geoip-db delete mode 100644 changes/nohostnamewarn delete mode 100644 changes/once_per_sec delete mode 100644 changes/port_to_wince delete mode 100644 changes/revise_HACKING diff --git a/ChangeLog b/ChangeLog index 0a9e061941..3a55cbecdd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,69 @@ +Changes in version 0.2.2.14-alpha - 2010-06-30 + o Major bugfixes: + - Tor directory authorities no longer crash when started with a + cached-microdesc-consensus file in their data directory. Bugfix on + 0.2.2.6-alpha, fixes bug 1532. + - Treat an unset $HOME like an empty $HOME rather than triggering an + assert. Fixes bug 1522; bugfix on tor-0.0.8pre1. + + o Major features: + - Move to the June 2010 Maxmind GeoLite country db (rather than the + June 2009 ip-to-country GeoIP db) for our statistics that count + how many users relays are seeing from each country. Now we have + more accurate data for many African countries. + - Port Tor to build and run correctly on Windows CE systems, using + the wcecompat library. Contributed by Valerio Lupi. + - New "--enable-gcc-hardening" ./configure flag to turn on gcc + compile time hardening options. It ensures that signed ints have + defined behavior (-fwrapv), -D_FORTIFY_SOURCE=2 is enabled + (requiring -O2), stack smashing protection with canaries + (-fstack-protector-all), ASLR protection if supported by the + kernel (-fPIE, -pie). Additional security related warnings are + enabled. Verified to work on Mac OS X and Debian Lenny. + - New "--enable-linker-hardening" ./configure flag to turn on ELF + specific hardening features (relro, now). This does not work with + Mac OS X or any other non-ELF binary format. + + o New directory authorities: + - Set up maatuska (run by Linus Nordberg) as the eighth v3 directory + authority. + + o Minor features: + - New config option "WarnUnsafeSocks 0" disables the warning that + occurs whenever Tor receives only an IP address instead of a + hostname. Setups that do DNS locally over Tor are fine, and we + shouldn't spam the logs in that case. + - Convert the HACKING file to asciidoc, and add a few new sections + to it, explaining how we use Git, how we make changelogs, and + what should go in a patch. + + o Minor bugfixes: + - Build correctly on OSX with zlib 1.2.4 and higher with all warnings + enabled. + - When a2x fails, mention that the user could disable manpages instead + of trying to fix their asciidoc installation. + - Where available, use Libevent 2.0's periodic timers so that our + once-per-second cleanup code gets called even more closely to + once per second than it would otherwise. Fixes bug 943. + - If you run a bridge that listens on multiple IP addresses, and + some user configures a bridge address that uses a different IP + address than your bridge writes in its router descriptor, and the + user doesn't specify an identity key, their Tor would discard the + descriptor because "it isn't one of our configured bridges", and + fail to bootstrap. Now believe the descriptor and bootstrap anyway. + Bugfix on 0.2.0.3-alpha. + - If OpenSSL fails to make a duplicate of a private or public key, log + an error message and try to exit cleanly. May help with debugging + if bug 1209 ever remanifests. + - Save a couple bytes in memory allocation every time we escape + certain characters in a string. Patch from Florian Zumbiehl. + - Make it explicit that we don't cannibalize one-hop circuits. This + happens in the wild, but doesn't turn out to be a problem because + we fortunately don't use those circuits. Many thanks to outofwords + for the initial analysis and to swissknife who confirmed that + two-hop circuits are actually created. + + Changes in version 0.2.1.26 - 2010-05-02 Tor 0.2.1.26 addresses the recent connection and memory overload problems we've been seeing on relays, especially relays with their diff --git a/changes/bait-and-switch-bridges b/changes/bait-and-switch-bridges deleted file mode 100644 index 5b89c4e1b4..0000000000 --- a/changes/bait-and-switch-bridges +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes: - - If you run a bridge that listens on multiple IP addresses, and - some user configures a bridge address that uses a different IP - address than your bridge writes in its router descriptor, and the - user doesn't specify an identity key, their Tor would discard the - descriptor because "it isn't one of our configured bridges", and - fail to bootstrap. Now believe the descriptor and bootstrap anyway. - Bugfix on 0.2.0.3-alpha. diff --git a/changes/bug1522 b/changes/bug1522 deleted file mode 100644 index e120913382..0000000000 --- a/changes/bug1522 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes - - Treat an unset $HOME like an empty $HOME. Fixes bug 1522; bugfix on - tor-0.0.8pre1. diff --git a/changes/bug1524 b/changes/bug1524 deleted file mode 100644 index 03d6ff51b1..0000000000 --- a/changes/bug1524 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor documentation fixes - - When a2x fails, mention that the user could disable manpages instead - of trying to fix their asciidoc installation. diff --git a/changes/bug1526 b/changes/bug1526 deleted file mode 100644 index bae7104451..0000000000 --- a/changes/bug1526 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes: - - Build correctly on OSX with zlib 1.2.4 and higher with all warnings - enabled. \ No newline at end of file diff --git a/changes/bug1532 b/changes/bug1532 deleted file mode 100644 index ed2690418b..0000000000 --- a/changes/bug1532 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes - - Tor directory authorities no longer crash when started with a - cached-microdesc-consensus file in their data directory. Bugfix on - 0.2.2.6-alpha, fixes bug 1532. diff --git a/changes/compileTimeHardening b/changes/compileTimeHardening deleted file mode 100644 index 9e90dd2147..0000000000 --- a/changes/compileTimeHardening +++ /dev/null @@ -1,12 +0,0 @@ -Add two new configure flags: - --enable-gcc-hardening - This turns on gcc compile time hardening options. It ensures that - signed ints have defined behavior (-fwrapv), -D_FORTIFY_SOURCE=2 is - enabled (requiring -O2), stack smashing protection with canaries - (-fstack-protector-all), ASLR protection if supported by the kernel - (-fPIE, -pie). Additional security related warnings are enabled. - Verified as working on Mac OS X and Debian Lenny. - - --enable-linker-hardening - This turns on ELF specific hardening features (relro, now). This does - not work with Mac OS X or any other non-ELF binary format. diff --git a/changes/copy_key_log_bug1209 b/changes/copy_key_log_bug1209 deleted file mode 100644 index f77e6000eb..0000000000 --- a/changes/copy_key_log_bug1209 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - If OpenSSL fails to make a duplicate of a private or public key, log - an error message and try to exit cleanly. May help with debugging - if bug 1209 ever remanifests. diff --git a/changes/dont_cannibalize_onehop_circuits b/changes/dont_cannibalize_onehop_circuits deleted file mode 100644 index 10e5fe5f38..0000000000 --- a/changes/dont_cannibalize_onehop_circuits +++ /dev/null @@ -1,6 +0,0 @@ - o Refactorings: - - Make it explicit that we don't cannibalize one-hop circuits. This happens - in the wild, but doesn't turn out to be a problem because we fortunately - don't use those circuits. Many thanks to outofwords for the initial - analysis and to swissknife who confirmed that two-hop circuits are - actually created. diff --git a/changes/geoip-update-june2010 b/changes/geoip-update-june2010 deleted file mode 100644 index 7a15c0066d..0000000000 --- a/changes/geoip-update-june2010 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features - - Update to the June 1 2010 Maxmind GeoLite Country database. diff --git a/changes/less_alloc_for_esc b/changes/less_alloc_for_esc deleted file mode 100644 index b10953a30d..0000000000 --- a/changes/less_alloc_for_esc +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes - - Save a couple bytes in memory allocation every time we escape - certain characters in a string. Patch from Florian Zumbiehl. diff --git a/changes/maatuska-new-v3auth b/changes/maatuska-new-v3auth deleted file mode 100644 index 9508b30a24..0000000000 --- a/changes/maatuska-new-v3auth +++ /dev/null @@ -1,3 +0,0 @@ - o New directory authorities: - - Set up maatuska (run by Linus Nordberg) as the eighth v3 directory - authority. diff --git a/changes/new-geoip-db b/changes/new-geoip-db deleted file mode 100644 index 06d69ea476..0000000000 --- a/changes/new-geoip-db +++ /dev/null @@ -1,5 +0,0 @@ - o Major features: - - Move to the Maxmind GeoIP db (rather than the June 2009 - ip-to-country GeoIP db) for our statistics that count how many - users relays are seeing from each country. Now we have more accurate - data for many African countries. diff --git a/changes/nohostnamewarn b/changes/nohostnamewarn deleted file mode 100644 index 4cb56ea307..0000000000 --- a/changes/nohostnamewarn +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - Allow disabling the warning that occurs whenever Tor receives only - an IP address instead of a hostname. Setups that do DNS locally over - Tor are fine, and we shouldn't spam the logs in that case. - diff --git a/changes/once_per_sec b/changes/once_per_sec deleted file mode 100644 index abab6da0cd..0000000000 --- a/changes/once_per_sec +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features - - Where available, use Libevent 2.0's periodic timers so that our - once-per-second cleanup code gets called even more closely to - once per second than it would otherwise. Fix for bug 943. diff --git a/changes/port_to_wince b/changes/port_to_wince deleted file mode 100644 index fb6dc60108..0000000000 --- a/changes/port_to_wince +++ /dev/null @@ -1,4 +0,0 @@ - o Major features: - - Tor has now been ported to build and run correctly on Windows CE - systems, using the wcecompat library. (Valerio Lupi) - diff --git a/changes/revise_HACKING b/changes/revise_HACKING deleted file mode 100644 index 7cc68a1668..0000000000 --- a/changes/revise_HACKING +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Convert the HACKING file to asciidoc, and add a few new sections - to it, explaining how we use Git, how we make changelogs, and - what should go in a patch.