mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
Run format_changelog again
This commit is contained in:
Nick Mathewson
parent
94754c5414
commit
363538e345
58
ChangeLog
58
ChangeLog
@ -41,10 +41,10 @@ Changes in version 0.3.1.1-alpha - 2017-05-??
|
|||||||
o Major features (traffic analysis resistance):
|
o Major features (traffic analysis resistance):
|
||||||
- Connections between clients and relays now send a padding cell in
|
- Connections between clients and relays now send a padding cell in
|
||||||
each direction every 1.5 to 9.5 seconds (tunable via consensus
|
each direction every 1.5 to 9.5 seconds (tunable via consensus
|
||||||
parameters). This padding will
|
parameters). This padding will not resist specialized
|
||||||
not resist specialized eavesdroppers, but it should be enough to
|
eavesdroppers, but it should be enough to make many ISPs' routine
|
||||||
make many ISPs' routine network flow logging less useful in
|
network flow logging less useful in traffic analysis against
|
||||||
traffic analysis against Tor users.
|
Tor users.
|
||||||
|
|
||||||
Padding is negotiated using Tor's link protocol, so both relays
|
Padding is negotiated using Tor's link protocol, so both relays
|
||||||
and clients must upgrade for this to take effect. Clients may
|
and clients must upgrade for this to take effect. Clients may
|
||||||
@ -74,9 +74,9 @@ Changes in version 0.3.1.1-alpha - 2017-05-??
|
|||||||
Otherwise it is at info.
|
Otherwise it is at info.
|
||||||
|
|
||||||
o Major bugfixes (entry guards):
|
o Major bugfixes (entry guards):
|
||||||
- Don't block bootstrapping when a primary bridge is offline and we can't
|
- Don't block bootstrapping when a primary bridge is offline and we
|
||||||
get its descriptor. Fixes bug 22325; fixes one case of bug 21969;
|
can't get its descriptor. Fixes bug 22325; fixes one case of bug
|
||||||
bugfix on 0.3.0.3-alpha.
|
21969; bugfix on 0.3.0.3-alpha.
|
||||||
|
|
||||||
o Major bugfixes (linux TPROXY support):
|
o Major bugfixes (linux TPROXY support):
|
||||||
- Fix a typo that had prevented TPROXY-based transparent proxying
|
- Fix a typo that had prevented TPROXY-based transparent proxying
|
||||||
@ -90,6 +90,16 @@ Changes in version 0.3.1.1-alpha - 2017-05-??
|
|||||||
(PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't
|
(PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't
|
||||||
affect us, but shouldn't do any harm. Closes ticket 21953.
|
affect us, but shouldn't do any harm. Closes ticket 21953.
|
||||||
|
|
||||||
|
o Minor features (config options):
|
||||||
|
- Allow "%include" directives in torrc configuration files. These
|
||||||
|
directives import the settings from other files, or from all the
|
||||||
|
files in a directory. Closes ticket 1922. Code by Daniel Pinto.
|
||||||
|
- Make SAVECONF return an error when overwriting a torrc that has
|
||||||
|
includes. Using SAVECONF with the FORCE option will allow it to
|
||||||
|
overwrite torrc even if includes are used. Related to ticket 1922.
|
||||||
|
- Add "GETINFO config-can-saveconf" to tell controllers if SAVECONF
|
||||||
|
will work without the FORCE option. Related to ticket 1922.
|
||||||
|
|
||||||
o Minor features (controller):
|
o Minor features (controller):
|
||||||
- Warn the first time that a controller requests data in the long-
|
- Warn the first time that a controller requests data in the long-
|
||||||
deprecated 'GETINFO network-status' format. Closes ticket 21703.
|
deprecated 'GETINFO network-status' format. Closes ticket 21703.
|
||||||
@ -126,16 +136,6 @@ Changes in version 0.3.1.1-alpha - 2017-05-??
|
|||||||
hidden service can be possibly harmful; for instance see ticket
|
hidden service can be possibly harmful; for instance see ticket
|
||||||
14917 or 21155. Closes ticket 21155.
|
14917 or 21155. Closes ticket 21155.
|
||||||
|
|
||||||
o Minor features (config options):
|
|
||||||
- Allow "%include" directives in torrc configuration files. These
|
|
||||||
directives import the settings from other files, or from all the
|
|
||||||
files in a directory. Closes ticket 1922. Code by Daniel Pinto.
|
|
||||||
- Make SAVECONF return an error when overwriting a torrc that has
|
|
||||||
includes. Using SAVECONF with the FORCE option will allow it to
|
|
||||||
overwrite torrc even if includes are used. Related to ticket 1922.
|
|
||||||
- Add "GETINFO config-can-saveconf" to tell controllers if SAVECONF
|
|
||||||
will work without the FORCE option. Related to ticket 1922.
|
|
||||||
|
|
||||||
o Minor features (linux seccomp2 sandbox):
|
o Minor features (linux seccomp2 sandbox):
|
||||||
- We now have a document storage backend compatible with the Linux
|
- We now have a document storage backend compatible with the Linux
|
||||||
seccomp2 sandbox. This backend is used for consensus documents and
|
seccomp2 sandbox. This backend is used for consensus documents and
|
||||||
@ -156,8 +156,8 @@ Changes in version 0.3.1.1-alpha - 2017-05-??
|
|||||||
|
|
||||||
o Minor features (performance):
|
o Minor features (performance):
|
||||||
- Our Keccak (SHA-3) implementation now accesses memory more
|
- Our Keccak (SHA-3) implementation now accesses memory more
|
||||||
efficiently,
|
efficiently, especially on little-endian systems. Closes
|
||||||
especially on little-endian systems. Closes ticket 21737.
|
ticket 21737.
|
||||||
- Add an O(1) implementation of channel_find_by_global_id(), to
|
- Add an O(1) implementation of channel_find_by_global_id(), to
|
||||||
speed some controller functions.
|
speed some controller functions.
|
||||||
|
|
||||||
@ -217,8 +217,8 @@ Changes in version 0.3.1.1-alpha - 2017-05-??
|
|||||||
a timeout before their orconn would expire. The initial testing
|
a timeout before their orconn would expire. The initial testing
|
||||||
rate was set back in the days of TAP and before the Tor Browser
|
rate was set back in the days of TAP and before the Tor Browser
|
||||||
updater, when we had to be much more careful about new clients
|
updater, when we had to be much more careful about new clients
|
||||||
making lots of circuits. With this change, a circuit build timeout is
|
making lots of circuits. With this change, a circuit build timeout
|
||||||
learned in about 15-20 minutes, instead of 100-120 minutes.
|
is learned in about 15-20 minutes, instead of 100-120 minutes.
|
||||||
|
|
||||||
o Minor bugfixes (controller):
|
o Minor bugfixes (controller):
|
||||||
- GETINFO onions/current and onions/detached no longer respond with
|
- GETINFO onions/current and onions/detached no longer respond with
|
||||||
@ -256,9 +256,9 @@ Changes in version 0.3.1.1-alpha - 2017-05-??
|
|||||||
selected. Fixes bug 20913; bugfix on 0.2.8.1-alpha.
|
selected. Fixes bug 20913; bugfix on 0.2.8.1-alpha.
|
||||||
|
|
||||||
o Minor bugfixes (hidden services):
|
o Minor bugfixes (hidden services):
|
||||||
- Stop printing a cryptic warning when a hidden service gets a request
|
- Stop printing a cryptic warning when a hidden service gets a
|
||||||
to connect to a virtual port that it hasn't configured. Fixes bug
|
request to connect to a virtual port that it hasn't configured.
|
||||||
16706; bugfix on 0.2.6.3-alpha.
|
Fixes bug 16706; bugfix on 0.2.6.3-alpha.
|
||||||
- Simplify hidden service descriptor creation by using an existing
|
- Simplify hidden service descriptor creation by using an existing
|
||||||
flag to check if an introduction point is established. Fixes bug
|
flag to check if an introduction point is established. Fixes bug
|
||||||
21599; bugfix on 0.2.7.2-alpha.
|
21599; bugfix on 0.2.7.2-alpha.
|
||||||
@ -301,9 +301,9 @@ Changes in version 0.3.1.1-alpha - 2017-05-??
|
|||||||
- Isolate our use of the openssl headers so that they are only
|
- Isolate our use of the openssl headers so that they are only
|
||||||
included from our crypto wrapper modules, and from tests that
|
included from our crypto wrapper modules, and from tests that
|
||||||
examine those modules' internals. Closes ticket 21841.
|
examine those modules' internals. Closes ticket 21841.
|
||||||
- Simplify our API to launch directory requests, making it
|
- Simplify our API to launch directory requests, making it more
|
||||||
more extensible and less error-prone. Now it's easier to add
|
extensible and less error-prone. Now it's easier to add extra
|
||||||
extra headers to directory requests. Closes ticket 21646.
|
headers to directory requests. Closes ticket 21646.
|
||||||
- Our base64 decoding functions no longer overestimate the output
|
- Our base64 decoding functions no longer overestimate the output
|
||||||
space that they need when parsing unpadded inputs. Closes
|
space that they need when parsing unpadded inputs. Closes
|
||||||
ticket 17868.
|
ticket 17868.
|
||||||
@ -336,8 +336,8 @@ Changes in version 0.3.1.1-alpha - 2017-05-??
|
|||||||
have any effect: AllowInvalidNodes, AllowSingleHopCircuits,
|
have any effect: AllowInvalidNodes, AllowSingleHopCircuits,
|
||||||
AllowSingleHopExits, ExcludeSingleHopRelays, FastFirstHopPK,
|
AllowSingleHopExits, ExcludeSingleHopRelays, FastFirstHopPK,
|
||||||
TLSECGroup, WarnUnsafeSocks. They were first marked as deprecated
|
TLSECGroup, WarnUnsafeSocks. They were first marked as deprecated
|
||||||
in 0.2.9.2-alpha and have now been removed. The previous
|
in 0.2.9.2-alpha and have now been removed. The previous default
|
||||||
default behavior is now always chosen; the previous (less secure) non-
|
behavior is now always chosen; the previous (less secure) non-
|
||||||
default behavior is now unavailable.
|
default behavior is now unavailable.
|
||||||
- CloseHSClientCircuitsImmediatelyOnTimeout and
|
- CloseHSClientCircuitsImmediatelyOnTimeout and
|
||||||
CloseHSServiceRendCircuitsImmediatelyOnTimeout were deprecated in
|
CloseHSServiceRendCircuitsImmediatelyOnTimeout were deprecated in
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user