nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-27 22:03:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Write a blurb, pull UI changes to the front, edit

Browse Source
This commit is contained in:
Nick Mathewson 2018-09-17 16:04:30 -04:00
parent 765caaea77
commit 3d80246a4e
1 changed files with 100 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

210
ChangeLog
View File

@ -1,12 +1,28 @@
Changes in version 0.3.5.1-alpha-2018-09-?? Changes in version 0.3.5.1-alpha-2018-09-18
BLURB HERE. NOTE ABOUT NSS. Tor 0.3.5.1-alpha is the first release of the 0.3.5.x series. It adds
client authorization for modern (v3) onion services, improves
bootstrap reporting, begins reorganizing Tor's codebase, adds optional
support for NSS in place of OpenSSL, and much more.
o Major features (onion services, UI change):
- For a newly created onion service, the default version is now 3.
Tor still supports existing version 2 services, but the operator
now needs to set "HiddenServiceVersion 2" in order to create a new
version 2 service. For existing services, Tor now learns the
version by reading the key file. Closes ticket 27215.
o Major features (relay, UI change):
- Relays no longer run as exits by default. If the "ExitRelay"
option is auto (or unset), and no exit policy is specified with
ExitPolicy or ReducedExitPolicy, we now treat ExitRelay as 0.
Previously in this case, we allowed exit traffic and logged a
warning message. Closes ticket 21530. Patch by Neel Chauhan.
o Major features (bootstrap): o Major features (bootstrap):
- Improve user experience by deferring directory progress reporting - Don't report directory progress until after a connection to a
until after a connection to a relay or bridge has succeeded. This relay or bridge has succeeded. Previously, we'd report 80%
avoids reporting 80% progress based on cached directory progress based on cached directory information when we couldn't
information when we can't even connect to a bridge or relay. even connect to the network. Closes ticket 27169.
Closes ticket 27169.
o Major features (new code layout): o Major features (new code layout):
- Nearly all of Tor's source code has been moved around into more - Nearly all of Tor's source code has been moved around into more
@ -22,59 +38,37 @@ Changes in version 0.3.5.1-alpha-2018-09-??
interconnected. We will attempt to improve this in the future. interconnected. We will attempt to improve this in the future.
o Major features (onion services v3): o Major features (onion services v3):
- Implement client authorization at the descriptor level. A new - Implement onion service client authorization at the descriptor
torrc option was added to control this client side: level: only authorized clients can decrypt a service's descriptor
ClientOnionAuthDir <path>. On the service side, if the to find out how to contact it. A new torrc option was added to
"authorized_clients/" directory exists in the onion service control this client side: ClientOnionAuthDir <path>. On the
directory path, client configuration are read from the files service side, if the "authorized_clients/" directory exists in the
within. See the manpage for more details. Closes ticket 27547. onion service directory path, client configuration are read from
Patch done by Suphanat Chunhapanya (haxxpop). the files within. See the manpage for more details. Closes ticket
27547. Patch done by Suphanat Chunhapanya (haxxpop).
- Improve revision counter generation in next-gen onion services. - Improve revision counter generation in next-gen onion services.
Onion services can now scale by hosting multiple instances on Onion services can now scale by hosting multiple instances on
different hosts without synchronization between them, which was different hosts without synchronization between them, which was
previously impossible because descriptors would get rejected by previously impossible because descriptors would get rejected by
HSDirs. Addresses ticket 25552. HSDirs. Addresses ticket 25552.
o Major features (onion services):
- For a newly created onion service, the default version is now 3.
Tor still supports version 2 service but the operator now needs to
specifically set "HiddenServiceVersion 2" in order to create a new
service. For existing services, tor now learns the version by
reading the key file so the HiddenServiceVersion is not mandatory
in that case. Closes ticket 27215.
o Major features (portability, cryptography, experimental, TLS): o Major features (portability, cryptography, experimental, TLS):
- Tor now has the option to compile with the NSS library instead of - Tor now has the option to compile with the NSS library instead of
OpenSSL. This feature is experimental, and we expect that bugs may OpenSSL. This feature is experimental, and we expect that bugs may
remain. It is mainly intended for environments where Tor's remain. It is mainly intended for environments where Tor's
performance is not CPU-bound, and where NSS is already known to be performance is not CPU-bound, and where NSS is already known to be
installed. To try it out, configure Tor with the --enable-nss installed. To try it out, configure Tor with the --enable-nss
flag. Closes ticket 26631. flag. Closes tickets 26631, 26815, and 26816.
- Tor now has _partial_ support for using the NSS cryptography and
TLS library in place of OpenSSL. When Tor is configured with
--enable-nss, it will use NSS for several (but not yet all) of its
cryptography. (It still relies on OpenSSL for the rest.)
Eventually, if all goes as planned, "--enable-nss" will produce a
version of Tor that does not depend on OpenSSL. Implements
ticket 26816.
WARNING: This feature is experimental. Don't use it for real If you are experimenting with this option and using an old cached
security yet, until the code has had much more review, and more consensus, Tor may fail to start. To solve this, delete your
bugs have been shaken out. "cached-microdesc-consensus" file, and restart Tor.
- When built with --enable-nss, Tor now uses the NSS library for
digests, AES, and pseudorandom numbers. Closes ticket 26815.
o Major features (relay):
- Relays no longer run as exits by default. If the "ExitRelay"
option is auto (or unset), and no exit policy is specified with
ExitPolicy or ReducedExitPolicy, we now treat ExitRelay as 0.
Previously in this case, we allowed exit traffic and logged a
warning message. Closes ticket 21530. Patch by Neel Chauhan.
o Major bugfixes (directory authority): o Major bugfixes (directory authority):
- Actually check that address we get from DirAuthority configuration - Actually check that the address we get from DirAuthority
line is valid IPv4. Explicitly disallow DirAuthority adress to be configuration line is valid IPv4. Explicitly disallow DirAuthority
DNS hostname. Fixes bug 26488; bugfix on 0.1.2.10-rc. adress to be a DNS hostname. Fixes bug 26488; bugfix
on 0.1.2.10-rc.
o Major bugfixes (restart-in-process): o Major bugfixes (restart-in-process):
- Fix a use-after-free error that could be caused by passing Tor an - Fix a use-after-free error that could be caused by passing Tor an
@ -82,14 +76,15 @@ Changes in version 0.3.5.1-alpha-2018-09-??
Fixes bug 27708; bugfix on 0.3.3.1-alpha. Fixes bug 27708; bugfix on 0.3.3.1-alpha.
o Minor features (admin tools): o Minor features (admin tools):
- Add new tool that prints expiration date of th signing cert in an - Add a new --key-expiration option to print the expiration date of
ed25519_signing_cert file. Resolves issue 19506. the signing cert in an ed25519_signing_cert file. Resolves
issue 19506.
o Minor features (build): o Minor features (build):
- If you pass the "--enable-pic" option to configure, Tor will try - If you pass the "--enable-pic" option to configure, Tor will try
to tell the compiler to build position-independent code suitable to tell the compiler to build position-independent code suitable
to link into a library. (The default remains -fPIE, for code to link into a dynamic library. (The default remains -fPIE, for
suitable for a relocatable executable.) Closes ticket 23846. code suitable for a relocatable executable.) Closes ticket 23846.
o Minor features (code correctness, testing): o Minor features (code correctness, testing):
- Tor's build process now includes a "check-includes" make target to - Tor's build process now includes a "check-includes" make target to
@ -98,10 +93,11 @@ Changes in version 0.3.5.1-alpha-2018-09-??
refactor our codebase. Closes ticket 26447. refactor our codebase. Closes ticket 26447.
o Minor features (code layout): o Minor features (code layout):
- Make a new lowest-level error-handling API for use by code invoked - We have a new "lowest-level" error-handling API for use by code
from within the logging module. This interface it makes it so the invoked from within the logging module. With this interface, the
logging code is no longer at risk of calling into itself if a logging code is no longer at risk of calling into itself if a
failure occurs while trying to log something. Closes ticket 26427. failure occurs while it is trying to log something. Closes
ticket 26427.
o Minor features (compilation): o Minor features (compilation):
- Tor's configure script now supports a --with-malloc= option to - Tor's configure script now supports a --with-malloc= option to
@ -111,7 +107,7 @@ Changes in version 0.3.5.1-alpha-2018-09-??
Alex Xu. Alex Xu.
o Minor features (config): o Minor features (config):
- The "auto" keyword in torrc is now case insensitive. Closes - The "auto" keyword in torrc is now case-insensitive. Closes
ticket 26663. ticket 26663.
o Minor features (continuous integration): o Minor features (continuous integration):
@ -122,10 +118,10 @@ Changes in version 0.3.5.1-alpha-2018-09-??
- Only run one online rust build in Travis, to reduce network - Only run one online rust build in Travis, to reduce network
errors. Skip offline rust builds on Travis for Linux gcc, because errors. Skip offline rust builds on Travis for Linux gcc, because
they're redundant. Implements ticket 27252. they're redundant. Implements ticket 27252.
- Skip gcc on OSX in Travis CI, it's rarely used. Skip a duplicate - Skip gcc on OSX in Travis CI, because it's rarely used. Skip a
hardening-off build in Travis on Tor 0.2.9. Skip gcc on Linux with duplicate hardening-off build in Travis on Tor 0.2.9. Skip gcc on
default settings, because all the non-default builds use gcc on Linux with default settings, because all the non-default builds
Linux. Implements ticket 27252. use gcc on Linux. Implements ticket 27252.
o Minor features (controller): o Minor features (controller):
- Emit CIRC_BW events as soon as we detect that we processed an - Emit CIRC_BW events as soon as we detect that we processed an
@ -137,7 +133,7 @@ Changes in version 0.3.5.1-alpha-2018-09-??
bias check cells to arrive without counting it as dropped until bias check cells to arrive without counting it as dropped until
either the END arrvies, or the windows are empty. Closes either the END arrvies, or the windows are empty. Closes
ticket 25573. ticket 25573.
- Implement 'GETINFO md/all' controller command to enable getting - Implement a 'GETINFO md/all' controller command to enable getting
all known microdesriptors. Closes ticket 8323. all known microdesriptors. Closes ticket 8323.
- The GETINFO command now support an "uptime" argument, to return - The GETINFO command now support an "uptime" argument, to return
Tor's uptime in seconds. Closes ticket 25132. Tor's uptime in seconds. Closes ticket 25132.
@ -148,8 +144,6 @@ Changes in version 0.3.5.1-alpha-2018-09-??
subsystem. Closes ticket 18642. Patch by Neel Chauhan subsystem. Closes ticket 18642. Patch by Neel Chauhan
o Minor features (development): o Minor features (development):
- Copy paragraph and URL to Tor's code of conduct document from
CONTRIBUTING to new CODE_OF_CONDUCT file. Resolves ticket 26638.
- Tor's makefile now supports running the "clippy" Rust style tool - Tor's makefile now supports running the "clippy" Rust style tool
on our Rust code. Closes ticket 22156. on our Rust code. Closes ticket 22156.
@ -168,17 +162,18 @@ Changes in version 0.3.5.1-alpha-2018-09-??
a preconstructed owning controller FD, so that embedding a preconstructed owning controller FD, so that embedding
applications don't need to manage controller ports and applications don't need to manage controller ports and
authentication. Closes ticket 24204. authentication. Closes ticket 24204.
- The tor_api now has a function that returns the name and version - The Tor controller API now has a function that returns the name
of the backend implementing the API. Closes ticket 26947. and version of the backend implementing the API. Closes
ticket 26947.
o Minor features (geoip): o Minor features (geoip):
- Update geoip and geoip6 to the September 6 2018 Maxmind GeoLite2 - Update geoip and geoip6 to the September 6 2018 Maxmind GeoLite2
Country database. Closes ticket 27631. Country database. Closes ticket 27631.
o Minor features (memory management): o Minor features (memory management):
- Get libevent code to use the same memory allocator that Tor code - Get Libevent to use the same memory allocator as Tor, by calling
is using by calling event_set_mem_functions() during event_set_mem_functions() during initialization. Resolves
initialization. Resolves ticket 8415. ticket 8415.
o Minor features (memory usage): o Minor features (memory usage):
- When not using them, store legacy TAP public onion keys in DER- - When not using them, store legacy TAP public onion keys in DER-
@ -189,7 +184,7 @@ Changes in version 0.3.5.1-alpha-2018-09-??
- When possible, use RFC5869 HKDF implementation from OpenSSL rather - When possible, use RFC5869 HKDF implementation from OpenSSL rather
than own own. Resolves ticket 19979. than own own. Resolves ticket 19979.
o Minor features (rust, code quality): o Minor features (Rust, code quality):
- Improve rust code quality in the rust protover implementation by - Improve rust code quality in the rust protover implementation by
making it more idiomatic. Includes changing an internal API to making it more idiomatic. Includes changing an internal API to
take &str instead of &String. Closes ticket 26492. take &str instead of &String. Closes ticket 26492.
@ -206,6 +201,8 @@ Changes in version 0.3.5.1-alpha-2018-09-??
- Log each included configuration file or directory as we read it, - Log each included configuration file or directory as we read it,
to provide more visibility about where Tor is reading from. Patch to provide more visibility about where Tor is reading from. Patch
from Unto Sten; closes ticket 27186. from Unto Sten; closes ticket 27186.
- Low log level of "Scheduler type KIST has been enabled" to INFO.
Closes ticket 26703.
o Minor bugfixes (bootstrap): o Minor bugfixes (bootstrap):
- Try harder to get descriptors in non-exit test networks, by using - Try harder to get descriptors in non-exit test networks, by using
@ -224,7 +221,7 @@ Changes in version 0.3.5.1-alpha-2018-09-??
o Minor bugfixes (client, memory usage): o Minor bugfixes (client, memory usage):
- When not running as a directory cache, there is no need to store - When not running as a directory cache, there is no need to store
the text of the current consensus networkstatus in RAM. the text of the current consensus networkstatus in RAM.
Previously, however, clients would store this anyway, at a cost of Previously, however, clients would store it anyway, at a cost of
over 5 MB. Now, they do not. Fixes bug 27247; bugfix over 5 MB. Now, they do not. Fixes bug 27247; bugfix
on 0.3.0.1-alpha. on 0.3.0.1-alpha.
@ -240,10 +237,6 @@ Changes in version 0.3.5.1-alpha-2018-09-??
misleadingly suggest that they are sandbox-only. Fixes bug 26525; misleadingly suggest that they are sandbox-only. Fixes bug 26525;
bugfix on 0.2.7.1-alpha. bugfix on 0.2.7.1-alpha.
o Minor bugfixes (compilation):
- Use Windows-compatible format strings in tor-print-ed-signing-
cert.c. Fixes bug 26986; bugfix on master.
o Minor bugfixes (configuration, Onion Services): o Minor bugfixes (configuration, Onion Services):
- In rend_service_parse_port_config(), disallow any input to remain - In rend_service_parse_port_config(), disallow any input to remain
after address-port pair was parsed. This will catch address and after address-port pair was parsed. This will catch address and
@ -251,9 +244,6 @@ Changes in version 0.3.5.1-alpha-2018-09-??
27044; bugfix on 0.2.9.10. 27044; bugfix on 0.2.9.10.
o Minor bugfixes (continuous integration): o Minor bugfixes (continuous integration):
- Improve Appveyor CI IRC logging. Generate correct branches and
URLs for pull requests and tags. Use unambiguous short commits.
Fixes bug 26979; bugfix on master.
- Stop reinstalling identical packages in our Windows CI. Fixes bug - Stop reinstalling identical packages in our Windows CI. Fixes bug
27464; bugfix on 0.3.4.1-alpha. 27464; bugfix on 0.3.4.1-alpha.
@ -284,8 +274,8 @@ Changes in version 0.3.5.1-alpha-2018-09-??
Tor is running as client. Also, log a stack trace for debugging as Tor is running as client. Also, log a stack trace for debugging as
this function should only be called when Tor runs as server. Fixes this function should only be called when Tor runs as server. Fixes
bug 26892; bugfix on 0.1.1.9-alpha. bug 26892; bugfix on 0.1.1.9-alpha.
- Refrain from mentioning bug 21018, as it is already fixed. Fixes - Refrain from mentioning bug 21018 in the logs, as it is already
bug 25477; bugfix on 0.2.9.8. fixed. Fixes bug 25477; bugfix on 0.2.9.8.
o Minor bugfixes (logging, documentation): o Minor bugfixes (logging, documentation):
- When SafeLogging is enabled, scrub IP address in - When SafeLogging is enabled, scrub IP address in
@ -298,22 +288,21 @@ Changes in version 0.3.5.1-alpha-2018-09-??
padding. Fixes bug 25505; bugfix on 0.3.1.1-alpha. padding. Fixes bug 25505; bugfix on 0.3.1.1-alpha.
o Minor bugfixes (onion service v2): o Minor bugfixes (onion service v2):
- Demote a log warning to info in case we do not have a consensus - Log at level "info", not "warning", in the case that we do not
when a .onion request comes in. This can happen while bootstrapping have a consensus when a .onion request comes in. This can happen
for instance. The request will follow through after so we really normally while bootstrapping. Fixes bug 27040; bugfix
don't need to warn the user loudly. Fixes bug 27040; bugfix
on 0.2.8.2-alpha. on 0.2.8.2-alpha.
o Minor bugfixes (onion service v3): o Minor bugfixes (onion service v3):
- In case the onion service directory can't be created or has wrong - When the onion service directory can't be created or has the wrong
permissions, do not BUG() on it which lead to a non fatal permissions, do not log a stack trace. Fixes bug 27335; bugfix
stacktrace. Fixes bug 27335; bugfix on 0.3.2.1. on 0.3.2.1-alpha.
o Minor bugfixes (OS compatibility): o Minor bugfixes (OS compatibility):
- On Linux and Windows properly handle configuration change that - Properly handle configuration changes that move a listener to/from
moves a listener to/from wildcard IP address. In case first wildcard IP address. If the first attempt to bind a socket fails,
attempt to bind a socket fails, close the old listener and try close the old listener and try binding the socket again. Fixes bug
binding a socket again. Fixes bug 17873; bugfix on 0.0.8pre-1. 17873; bugfix on 0.0.8pre-1.
o Minor bugfixes (performance):: o Minor bugfixes (performance)::
- Rework node_is_a_configured_bridge() to no longer call - Rework node_is_a_configured_bridge() to no longer call
@ -322,26 +311,27 @@ Changes in version 0.3.5.1-alpha-2018-09-??
o Minor bugfixes (relay statistics): o Minor bugfixes (relay statistics):
- Update relay descriptor on bandwidth changes only when the uptime - Update relay descriptor on bandwidth changes only when the uptime
is smaller than 24h in order to reduce the efficiency of guard is smaller than 24h, in order to reduce the efficiency of guard
discovery attacks. Fixes bug 24104; bugfix on 0.1.1.6-alpha. discovery attacks. Fixes bug 24104; bugfix on 0.1.1.6-alpha.
o Minor bugfixes (relays): o Minor bugfixes (relays):
- In frac_nodes_with_descriptors(), add for_direct_connect, and - Consider the fact that we'll be making direct connections to our
replace node_has_any_descriptor() with entry and guard nodes when computing the fraction of nodes that
node_has_preferred_descriptor(). Also, if we are using bridges and have their descriptors. Also, if we are using bridges and there is
there is at least one bridge with a full descriptor, set f_guard at least one bridge with a full descriptor, treat the fraction of
in compute_frac_paths_available() to 1.0. Fixes bug 25886; bugfix guards available as 100%. Fixes bug 25886; bugfix on 0.3.5.1-alpha.
on 0.3.5.1-alpha. Patch by Neel Chauhan. Patch by Neel Chauhan.
- Since 0.3.3.5-rc, authorities require DirCache (V2Dir) for the - Update the message logged on relays when DirCache is disabled.
Guard flag. Update the message logged on relays when DirCache is Since 0.3.3.5-rc, authorities require DirCache (V2Dir) for the
disabled. Fixes bug 24312; bugfix on 0.3.3.5-rc. Guard flag. Fixes bug 24312; bugfix on 0.3.3.5-rc.
o Minor bugfixes (rust): o Minor bugfixes (rust, protover):
- The protover rewrite in 24031 allowed repeated votes from the same - Compute protover votes correctly in the rust version of the
voter for the same protocol version to be counted multiple times protover code. Previously, the protover rewrite in 24031 allowed
in protover_compute_vote(). Fixes bug 27649; bugfix on 0.3.3.5-rc. repeated votes from the same voter for the same protocol version
- protover parsed and accepted unknown protocol names containing to be counted multiple times in protover_compute_vote(). Fixes bug
invalid characters outside the range [A-Za-z0-9-]. Fixes bug 27649; bugfix on 0.3.3.5-rc.
- Reject protover names that contain invalid characters. Fixes bug
27687; bugfix on 0.3.3.1-alpha. 27687; bugfix on 0.3.3.1-alpha.
o Minor bugfixes (testing): o Minor bugfixes (testing):
@ -367,8 +357,6 @@ Changes in version 0.3.5.1-alpha-2018-09-??
longer needed Closes ticket 26502. longer needed Closes ticket 26502.
- Include paths to header files within Tor are now qualified by - Include paths to header files within Tor are now qualified by
directory within the top-level src directory. directory within the top-level src directory.
- Low log level of "Scheduler type KIST has been enabled" to INFO.
Ticket 26703
- Many structures have been removed from the centralized "or.h" - Many structures have been removed from the centralized "or.h"
header, and moved into their own headers. This will allow us to header, and moved into their own headers. This will allow us to
reduce the number of places in the code that rely on each reduce the number of places in the code that rely on each
@ -399,6 +387,8 @@ Changes in version 0.3.5.1-alpha-2018-09-??
modules. Closes ticket 26526. modules. Closes ticket 26526.
o Documentation: o Documentation:
- Copy paragraph and URL to Tor's code of conduct document from
CONTRIBUTING to new CODE_OF_CONDUCT file. Resolves ticket 26638.
- Remove old instructions from INSTALL document. Closes ticket 26588. - Remove old instructions from INSTALL document. Closes ticket 26588.
- Warn users that they should not include MyFamily line(s) in their - Warn users that they should not include MyFamily line(s) in their
torrc when running Tor bridge. Closes ticket 26908. torrc when running Tor bridge. Closes ticket 26908.
@ -410,11 +400,11 @@ Changes in version 0.3.5.1-alpha-2018-09-??
- Tor no longer attempts to run on Windows environments without the - Tor no longer attempts to run on Windows environments without the
GetAdaptersAddresses() function. This function has existed since GetAdaptersAddresses() function. This function has existed since
Windows XP, which is itself already older than we support. Windows XP, which is itself already older than we support.
- Remove Tor2web functionalities. The Tor2webMode and - Remove Tor2web functionality. The Tor2webMode and
Tor2webRendezvousPoints options are now obsolete. Note that this Tor2webRendezvousPoints options are now obsolete. (This feature
feature was never shipped in vanilla Tor and it was only possible was never shipped in vanilla Tor and it was only possible to use
to use this feature by building the support at compile time. this feature by building the support at compile time.) Closes
Closes ticket 26367. ticket 26367.
Changes in version 0.2.9.17 - 2018-09-10 Changes in version 0.2.9.17 - 2018-09-10