mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 13:53:31 +01:00
Reformat the changelog
This commit is contained in:
parent
8cf756da63
commit
4ee4fe56ee
190
ChangeLog
190
ChangeLog
@ -1,58 +1,58 @@
|
||||
Changes in version 0.2.7.3-rc - 2015-09-2?
|
||||
|
||||
Tor 0.2.7.3-rc is the first release candidate in the 0.2.7 series. It
|
||||
contains numerous usability fixes for Ed25519 keys, safeguards against
|
||||
several misconfiguration problems, significant simplifications to Tor's
|
||||
callgraph, and numerous bugfixes and small
|
||||
features.
|
||||
several misconfiguration problems, significant simplifications to
|
||||
Tor's callgraph, and numerous bugfixes and small features.
|
||||
|
||||
This is the most tested release of Tor to date. The unit tests cover
|
||||
39.40% of the code, and the integration tests (accessible with "make
|
||||
test-full-online", requiring stem and chutney and a network connection)
|
||||
raise the coverage to XXX.
|
||||
test-full-online", requiring stem and chutney and a network
|
||||
connection) raise the coverage to XXX.
|
||||
|
||||
If this is your first time upgrading a relay to Tor 0.2.7, your Tor
|
||||
relay will, by default, generate a new Ed25519 identity key. If you
|
||||
would prefer to keep your Ed25519 identity key offline or encrypted
|
||||
for improved security, you can do so by following the instructions at
|
||||
XXX.
|
||||
for improved security, you can do so by following the instructions
|
||||
at XXX.
|
||||
|
||||
o Major features (security, hidden services):
|
||||
- Hidden services are required to use more than one EntryNode,
|
||||
to avoid a guard discovery attack. See ticket for more
|
||||
information. Fixes ticket 14917.
|
||||
|
||||
o Major features (relay, Ed25519):
|
||||
- Significant usability improvements for Ed25519
|
||||
key management. Log messages are better, and the code can recover
|
||||
from far more failure conditions. Thanks to "s7r" for reporting
|
||||
and diagnosing so many of these!
|
||||
- On receiving a HUP signal, check to see whether the Ed25519
|
||||
signing key has changed, and reload it if so. Closes ticket 16790.
|
||||
- Hidden services are required to use more than one EntryNode, to
|
||||
avoid a guard discovery attack. See ticket for more information.
|
||||
Fixes ticket 14917.
|
||||
|
||||
o Major features (ed25519 performance):
|
||||
- Improve the speed of Ed25519 operations and Curve25519
|
||||
keypair generation when built targeting 32 bit x86 platforms with
|
||||
SSE2 available. Implements ticket 16535.
|
||||
- Improve the speed of Ed25519 operations and Curve25519 keypair
|
||||
generation when built targeting 32 bit x86 platforms with SSE2
|
||||
available. Implements ticket 16535.
|
||||
- Improve the runtime speed of Ed25519 signature verification by
|
||||
using Ed25519-donna's batch verification support. Implements ticket 16533.
|
||||
using Ed25519-donna's batch verification support. Implements
|
||||
ticket 16533.
|
||||
|
||||
o Major features (performance testing):
|
||||
- The test-network.sh script now supports performance testing.
|
||||
Requires corresponding chutney performance testing changes.
|
||||
Patch by "teor". Closes ticket 14175.
|
||||
Requires corresponding chutney performance testing changes. Patch
|
||||
by "teor". Closes ticket 14175.
|
||||
|
||||
o Major features (relay, Ed25519):
|
||||
- Significant usability improvements for Ed25519 key management. Log
|
||||
messages are better, and the code can recover from far more
|
||||
failure conditions. Thanks to "s7r" for reporting and diagnosing
|
||||
so many of these!
|
||||
- On receiving a HUP signal, check to see whether the Ed25519
|
||||
signing key has changed, and reload it if so. Closes ticket 16790.
|
||||
|
||||
o Major bugfixes (relay, Ed25519):
|
||||
- Avoid crashing on 'tor --keygen'. Fixes bug 16679; bugfix on
|
||||
0.2.7.2-alpha. Reported by "s7r".
|
||||
- Improve handling of expired signing keys with offline master
|
||||
keys. Fixes bug 16685; bugfix on 0.2.7.2-alpha. Reported by "s7r".
|
||||
- Improve handling of expired signing keys with offline master keys.
|
||||
Fixes bug 16685; bugfix on 0.2.7.2-alpha. Reported by "s7r".
|
||||
|
||||
o Minor features (client-side privacy):
|
||||
- New KeyAliveSOCKSAuth option to indefinitely extend circuit lifespan
|
||||
when IsolateSOCKSAuth and streams with SOCKS authentication are attached
|
||||
to the circuit. This allows applications like TorBrowser to
|
||||
manage circuit lifetime on their own. Implements feature 15482.
|
||||
- New KeyAliveSOCKSAuth option to indefinitely extend circuit
|
||||
lifespan when IsolateSOCKSAuth and streams with SOCKS
|
||||
authentication are attached to the circuit. This allows
|
||||
applications like TorBrowser to manage circuit lifetime on their
|
||||
own. Implements feature 15482.
|
||||
- When logging malformed hostnames from SOCKS5 requests, respect
|
||||
SafeLogging configuration. Fixes bug 16891; bugfix on 0.1.1.16-rc.
|
||||
|
||||
@ -73,79 +73,39 @@ Changes in version 0.2.7.3-rc - 2015-09-2?
|
||||
option HiddenServiceStatistics to "1" by default. Closes
|
||||
ticket 15254.
|
||||
- Client now uses an introduction point failure cache to know when
|
||||
to fetch or keep a descriptor in their cache. Previously,
|
||||
failures were recorded implicitly, but not explicitly remembered.
|
||||
Closes ticket 16389.
|
||||
to fetch or keep a descriptor in their cache. Previously, failures
|
||||
were recorded implicitly, but not explicitly remembered. Closes
|
||||
ticket 16389.
|
||||
|
||||
o Minor features (testing, authorities, documentation):
|
||||
- New TestingDirAuthVote{Exit,Guard,HSDir}IsStrict flags to
|
||||
explicitly manage consensus flags in t3esting networks.
|
||||
Patch by "robgjansen", modified by "teor". Implements part of
|
||||
ticket 14882.
|
||||
explicitly manage consensus flags in t3esting networks. Patch by
|
||||
"robgjansen", modified by "teor". Implements part of ticket 14882.
|
||||
|
||||
o Minor bugfixes (security, exit policies):
|
||||
- ExitPolicyRejectPrivate now also rejects
|
||||
the relay's published IPv6 address (if any), and any publicly
|
||||
routable IPv4 or IPv6 addresses on any local interfacesn.
|
||||
ticket 17027. Patch by "teor". Fixes bug 17027; bugfix on 0.2.0.11-alpha.
|
||||
|
||||
o Minor bugfixes (portability):
|
||||
- Try harder to normalize the exit status of the Tor process to the
|
||||
standard-provided range. Fixes bug 16975; bugfix on every version
|
||||
of Tor ever.
|
||||
- Check correctly for windows socket errors in the workqueue
|
||||
backend. Fixes bug 16741; bugfix on 0.2.6.3-alpha.
|
||||
- Fix the behavior of crypto_rand_time_range() when told to consider times
|
||||
before 1970. (These times were possible when running in a
|
||||
simulated network environment where time()'s output starts at
|
||||
zero.) Fixes bug 16980; bugfix on 0.2.7.1-alpha.
|
||||
|
||||
o Minor bugfixes (documentation):
|
||||
- Fix the usage message of tor-resolve(1) so that it no longer lists
|
||||
the removed -F option. Fixes bug 16913; bugfix on
|
||||
0.2.2.28-beta.
|
||||
- Fix an error in the manual page and comments for
|
||||
TestingDirAuthVoteHSDir[IsStrict], which suggested that a HSDir
|
||||
required "ORPort connectivity". While this is true, it is in no
|
||||
way unique to the HSDir flag. Of all the flags, only HSDirs need a
|
||||
DirPort configured in order for the authorities to assign that
|
||||
particular flag. Patch by "teor". Fixed as part of 14882; bugfix on 0.2.6.3-alpha.
|
||||
|
||||
o Minor bugfixes (relay):
|
||||
- Ensure that worker threads actually exit when a fatal error or
|
||||
shutdown is indicated. This fix doesn't currently affect the behaviour
|
||||
of Tor, because Tor workers never indicates fatal error or shutdown except
|
||||
in the unit tests. Fixes bug 16868; bugfix on 0.2.6.3-alpha.
|
||||
|
||||
o Minor bugfixes (correctness):
|
||||
- When calling channel_free_list(), avoid calling smartlist_remove()
|
||||
while inside a FOREACH loop. This partially reverts commit
|
||||
17356fe7fd96af where the correct SMARTLIST_DEL_CURRENT was
|
||||
incorrectly removed. Fixes bug 16924; bugfix on 0.2.4.4-alpha.
|
||||
- ExitPolicyRejectPrivate now also rejects the relay's published
|
||||
IPv6 address (if any), and any publicly routable IPv4 or IPv6
|
||||
addresses on any local interfacesn. ticket 17027. Patch by "teor".
|
||||
Fixes bug 17027; bugfix on 0.2.0.11-alpha.
|
||||
|
||||
o Minor bug fixes (torrc exit policies):
|
||||
- In torrc, "accept6 *" and "reject6 *" ExitPolicy lines now
|
||||
only produce IPv6 wildcard addresses.
|
||||
Previously they would produce both IPv4 and IPv6
|
||||
wildcard addresses. Patch by "teor". Fixes part of bug 16069; bugfix on 0.2.4.7-alpha.
|
||||
- When parsing torrc ExitPolicies, we now warn for a number of
|
||||
cases where the user's intent is likely to differ from Tor's
|
||||
actual behavior. These include: using an IPv4 address
|
||||
with an accept6 or reject6 line; using "private" on an accept6
|
||||
or reject6 line; and including any ExitPolicy lines after
|
||||
accept *:* or reject *:*. Related to ticket 16069.
|
||||
- In torrc, "accept6 *" and "reject6 *" ExitPolicy lines now only
|
||||
produce IPv6 wildcard addresses. Previously they would produce
|
||||
both IPv4 and IPv6 wildcard addresses. Patch by "teor". Fixes part
|
||||
of bug 16069; bugfix on 0.2.4.7-alpha.
|
||||
- When parsing torrc ExitPolicies, we now warn for a number of cases
|
||||
where the user's intent is likely to differ from Tor's actual
|
||||
behavior. These include: using an IPv4 address with an accept6 or
|
||||
reject6 line; using "private" on an accept6 or reject6 line; and
|
||||
including any ExitPolicy lines after accept *:* or reject *:*.
|
||||
Related to ticket 16069.
|
||||
- When parsing torrc ExitPolicies, we now issue an info-level
|
||||
message: when expanding an "accept/reject *" line to include both
|
||||
IPv4 and IPv6 wildcard addresses. Related to ticket 16069.
|
||||
- In each instance above, usage advice is provided to avoid the message.
|
||||
Resolves ticket 16069. Patch by "teor". Fixes part of bug
|
||||
- In each instance above, usage advice is provided to avoid the
|
||||
message. Resolves ticket 16069. Patch by "teor". Fixes part of bug
|
||||
16069; bugfix on 0.2.4.7-alpha.
|
||||
|
||||
o Minor bugfixes (open file limit):
|
||||
- Fix set_max_file_descriptors() to set by default the max open file
|
||||
limit to the current limit when setrlimit() fails. Fixes bug 16274; bugfix on tor-
|
||||
0.2.0.10-alpha. Patch by dgoulet.
|
||||
|
||||
o Minor bugfixes (authority):
|
||||
- Don't assign "HSDir" to a router if it isn't Valid and Running.
|
||||
Fixes bug 16524; bugfix on 0.2.7.2-alpha.
|
||||
@ -157,8 +117,26 @@ Changes in version 0.2.7.3-rc - 2015-09-2?
|
||||
bug 16286; bugfix on 0.2.7.2-alpha.
|
||||
|
||||
o Minor bugfixes (control port):
|
||||
- Repair a warning and a spurious result when getting the maximum number of file descriptors
|
||||
from the controller. Fixes bug 16697; bugfix on 0.2.7.2-alpha.
|
||||
- Repair a warning and a spurious result when getting the maximum
|
||||
number of file descriptors from the controller. Fixes bug 16697;
|
||||
bugfix on 0.2.7.2-alpha.
|
||||
|
||||
o Minor bugfixes (correctness):
|
||||
- When calling channel_free_list(), avoid calling smartlist_remove()
|
||||
while inside a FOREACH loop. This partially reverts commit
|
||||
17356fe7fd96af where the correct SMARTLIST_DEL_CURRENT was
|
||||
incorrectly removed. Fixes bug 16924; bugfix on 0.2.4.4-alpha.
|
||||
|
||||
o Minor bugfixes (documentation):
|
||||
- Fix the usage message of tor-resolve(1) so that it no longer lists
|
||||
the removed -F option. Fixes bug 16913; bugfix on 0.2.2.28-beta.
|
||||
- Fix an error in the manual page and comments for
|
||||
TestingDirAuthVoteHSDir[IsStrict], which suggested that a HSDir
|
||||
required "ORPort connectivity". While this is true, it is in no
|
||||
way unique to the HSDir flag. Of all the flags, only HSDirs need a
|
||||
DirPort configured in order for the authorities to assign that
|
||||
particular flag. Patch by "teor". Fixed as part of 14882; bugfix
|
||||
on 0.2.6.3-alpha.
|
||||
|
||||
o Minor bugfixes (Ed25519):
|
||||
- Fix a memory leak when reading router descriptors with expired
|
||||
@ -170,13 +148,33 @@ Changes in version 0.2.7.3-rc - 2015-09-2?
|
||||
- Allow routers with ed25519 keys to run correctly under the
|
||||
seccomp2 sandbox. Fixes bug 16965; bugfix on 0.2.7.2-alpha.
|
||||
|
||||
o Minor bugfixes (open file limit):
|
||||
- Fix set_max_file_descriptors() to set by default the max open file
|
||||
limit to the current limit when setrlimit() fails. Fixes bug
|
||||
16274; bugfix on tor- 0.2.0.10-alpha. Patch by dgoulet.
|
||||
|
||||
o Minor bugfixes (portability):
|
||||
- Try harder to normalize the exit status of the Tor process to the
|
||||
standard-provided range. Fixes bug 16975; bugfix on every version
|
||||
of Tor ever.
|
||||
- Check correctly for windows socket errors in the workqueue
|
||||
backend. Fixes bug 16741; bugfix on 0.2.6.3-alpha.
|
||||
- Fix the behavior of crypto_rand_time_range() when told to consider
|
||||
times before 1970. (These times were possible when running in a
|
||||
simulated network environment where time()'s output starts at
|
||||
zero.) Fixes bug 16980; bugfix on 0.2.7.1-alpha.
|
||||
- Restore correct operation of TLS client-cipher detection on
|
||||
OpenSSL 1.1. Fixes bug 14047; bugfix on 0.2.7.2-alpha.
|
||||
|
||||
o Minor bugfixes (relay):
|
||||
- Unblock threads before releasing the work queue mutex to ensure predictable
|
||||
scheduling behavior. Fixes bug 16644; bugfix on 0.2.6.3-alpha.
|
||||
- Ensure that worker threads actually exit when a fatal error or
|
||||
shutdown is indicated. This fix doesn't currently affect the
|
||||
behaviour of Tor, because Tor workers never indicates fatal error
|
||||
or shutdown except in the unit tests. Fixes bug 16868; bugfix
|
||||
on 0.2.6.3-alpha.
|
||||
- Unblock threads before releasing the work queue mutex to ensure
|
||||
predictable scheduling behavior. Fixes bug 16644; bugfix
|
||||
on 0.2.6.3-alpha.
|
||||
|
||||
o Code simplification and refactoring:
|
||||
- Change the function that's called when we need to retry all
|
||||
|
Loading…
Reference in New Issue
Block a user