fold in changes files so far

2024-11-24 04:13:28 +01:00 · 2011-11-25 19:24:42 -05:00 · 2011-11-25 19:24:42 -05:00 · 58d1aa4402
commit 58d1aa4402
parent 9a88c0cd32
14 changed files with 77 additions and 91 deletions
--- a/77
+++ b/77
@ -1,3 +1,80 @@
 Changes in version 0.2.3.9-alpha - 2011-1?-??
  o Major features:
    - When using OpenSSL 1.0.0 or later, use OpenSSL's counter mode
      implementation. It makes AES_CTR about 7% faster than our old one
      (which was about 10% faster than the one OpenSSL used to provide).
      Resolves ticket 4526.
    - Tor clients and bridges can now be easily configured to use a
      separate 'transport' proxy. This approach helps to resist
      censorship by allowing bridges to use protocol obfuscation
      plugins. It implements the 'managed proxy' part of proposal
      180. Implements ticket 3472.
    - Block excess renegotiations even if they are RFC5746 compliant.
      This security fix mitigates potential SSL Denial of Service attacks
      that use SSL renegotiation as a way of forcing the server to perform
      unneeded computationally expensive SSL handshakes. Implements
      ticket 4312.
  o Major bugfixes:
    - Teach Tor how to notice excess renegotiation attempts before it
      receives the first data SSL record. Fixes part of ticket 4312.
    - Only use the EVP interface when AES acceleration is enabled,
      to avoid a 5-7% performance regression. Resolves issue 4525;
      bugfix on 0.2.3.8-alpha.
  o Minor features:
    - Experimental support for running on Windows with IOCP and no
      kernel-space socket buffers. This feature is controlled by a new
      UserspaceIOCPBuffers feature (off by default), which has no
      effect unless Tor has been built with support for bufferevents,
      is running on Windows, and has enabled IOCP. This may, in the
      long run, help solve or mitigate bug 98.
    - Try to make the introductory warning message that Tor prints on
      startup more useful for actually finding help and information.
      Resolves ticket 2474.
    - Running "make version" now displays the version of Tor that
      we're about to build. Idea from katmagic; resolves issue 4400.
    - If set to 1, Tor will attempt to prevent basic debugging
      attachment attempts by other processes. It has no impact for
      users who wish to attach if they have CAP_SYS_PTRACE or if they
      are root.  We believe that this feature works on modern
      Gnu/Linux distributions, and that it may also work on OSX and
      some *BSD systems (untested).  Some modern Gnu/Linux systems
      such as Ubuntu have the kernel.yama.ptrace_scope sysctl and by
      default enable it as an attempt to limit the PTRACE scope for
      all user processes by default. This feature will attempt to
      limit the PTRACE scope for Tor specifically - it will not
      attempt to alter the system wide ptrace scope as it may not even
      exist. If you wish to attach to Tor with a debugger such as gdb
      or strace you will want to set this to 0 for the duration of
      your debugging. Normal users should leave it on. (Default: 1)
  o Minor bugfixes:
    - Resolve an integer overflow bug in smartlist_ensure_capacity().
      Fixes bug 4230; bugfix on Tor 0.1.0.1-rc. Based on a patch by
      Mansour Moufid.
    - Fix a compile warning in tor_inet_pton(). Bugfix on 0.2.3.8-alpha;
      fixes bug 4554.
    - Fix a minor formatting issue in one of tor-gencert's error messages.
      Fixes bug 4574.
    - Prevent a false positive from the check-spaces script, by disabling
      the "whitespace between function name and (" check for functions
      named 'op()'.
  o Build fixes:
    - Properly handle the case where the build-tree is not the same
      as the source tree when generating src/common/common_sha1.i,
      src/or/micro-revision.i, and src/or/or_sha1.i. Fixes bug 3953;
      bugfix on 0.2.0.1-alpha.
  o Code simplifications and refactorings:
    - Remove the pure attribute from all functions that used it
      previously. In many cases we assigned it incorrectly, because the
      functions might assert or call impure functions, and we don't have
      evidence that keeping the pure attribute is worthwhile. Implements
      changes suggested in ticket 4421.
 Changes in version 0.2.3.8-alpha - 2011-11-22
  Tor 0.2.3.8-alpha fixes some crash and assert bugs, including a
  socketpair-related bug that has been bothering Windows users. It adds
--- a/changes/UserspaceIOCPBuffers
+++ b/changes/UserspaceIOCPBuffers
@ -1,7 +0,0 @@
  o Minor features:
    - Experimental support for running on Windows with IOCP and no
      kernel-space socket buffers. This feature is controlled by a new
      UserspaceIOCPBuffers feature (off by default), which has no
      effect unless Tor has been built with support for bufferevents,
      is running on Windows, and has enabled IOCP.  This may, in the
      long run, help solve or mitigate bug 98.
--- a/changes/aes_hackery
+++ b/changes/aes_hackery
@ -1,10 +0,0 @@
  o Major features (AES performance):
    - When using OpenSSL 1.0.0 or later, use OpenSSL's counter mode
      implementation; it makes AES_CTR about 7% faster than our old one
      (which was about 10% faster than the one OpenSSL used to provide).
      Resolves issue #4526.
  o Major bugfixes (AES performance):
    - Only use the EVP interface when AES acceleration is enabled,
      to avoid a 5-7% performance regression.  Resolves issue #4525,
      bugfix on 0.2.3.8-alpha.
--- a/changes/bug2474
+++ b/changes/bug2474
@ -1,5 +0,0 @@
  o Minor features
    - Try to make the introductory warning message that Tor prints on
      startup more useful for actually finding help and information.
      Resolves bug2474.
--- a/changes/bug3472
+++ b/changes/bug3472
@ -1,7 +0,0 @@
  o Major features:
    - Tor clients and bridges can now be easily configured to use a
      separate 'transport' proxy. This approach helps to resist
      censorship by allowing bridges to use protocol obfuscation
      plugins. It implements the 'managed proxy' part of proposal
      180. Implements ticket #3472.
--- a/changes/bug3953
+++ b/changes/bug3953
@ -1,6 +0,0 @@
  o Build fixes:
    - Properly handle the case where the build-tree is not the same
      as the source tree when generating src/common/common_sha1.i,
      src/or/micro-revision.i and src/or/or_sha1.i. Fixes bug 3953;
      bugfix on 0.2.0.1-alpha.
--- a/changes/bug4230
+++ b/changes/bug4230
@ -1,5 +0,0 @@
  o Minor bugfixes:
    - Resolve an integer overflow bug in smartlist_ensure_capacity.
      Fixes bug 4230; bugfix on Tor 0.1.0.1-rc. Based on a patch by 
      Mansour Moufid.
--- a/changes/bug4312
+++ b/changes/bug4312
@ -1,11 +0,0 @@
  o Security fixes:
    - Block excess renegotiations even if they are RFC5746 compliant.
      This mitigates potential SSL Denial of Service attacks that use
      SSL renegotiation as a way of forcing the server to perform
      unneeded computationally expensive SSL handshakes. Implements
      #4312.
    - Fix a bug where tor would not notice excess renegotiation
      attempts before it received the first data SSL record. Fixes
      part of #4312.
--- a/changes/bug4554
+++ b/changes/bug4554
@ -1,4 +0,0 @@
  o Minor bugfixes:
    - Fix a compile warning in tor_inet_pton(). Bugfix on 0.2.3.8-alpha;
      fixes bug 4554.
--- a/changes/bug4574
+++ b/changes/bug4574
@ -1,4 +0,0 @@
  o Minor bugfixes:
    - Fix a minor formatting issue in one of tor-gencert's error messages.
      Fixes bug 4574.
--- a/changes/checkSpaces
+++ b/changes/checkSpaces
@ -1,5 +0,0 @@
   o Minor bugfixes:
     - Prevent a false positive from the check-spaces script by disabling
       the "whitespace between function name and (" check for functions
       named 'op()'.
--- a/changes/disable_debugger_attachment
+++ b/changes/disable_debugger_attachment
@ -1,16 +0,0 @@
  o Minor features:
    - If set to 1, Tor will attempt to prevent basic debugging
      attachment attempts by other processes. It has no impact for
      users who wish to attach if they have CAP_SYS_PTRACE or if they
      are root.  We believe that this feature works on modern
      Gnu/Linux distributions, and that it may also work on OSX and
      some *BSD systems (untested).  Some modern Gnu/Linux systems
      such as Ubuntu have the kernel.yama.ptrace_scope sysctl and by
      default enable it as an attempt to limit the PTRACE scope for
      all user processes by default. This feature will attempt to
      limit the PTRACE scope for Tor specifically - it will not
      attempt to alter the system wide ptrace scope as it may not even
      exist. If you wish to attach to Tor with a debugger such as gdb
      or strace you will want to set this to 0 for the duration of
      your debugging. Normal users should leave it on. (Default: 1)
--- a/changes/make_version
+++ b/changes/make_version
@ -1,4 +0,0 @@
  o Minor features (build):
    - Running "make version" now displays the version of Tor that
      we're about to build. Idea from katmagic; resolves issue 4400.
--- a/changes/pure_removal
+++ b/changes/pure_removal
@ -1,7 +0,0 @@
  o Code simplifications and refactorings:
    - Remove the pure attribute from all functions that used it previously.
      In many cases this we assigned it incorrectly, because the functions
      might assert or call impure functions, and we don't have evidence
      that keeping the pure attribute is worthwhile. Implements changes
      suggested in ticket 4421.