checkpoint some cleanups

svn:r8599

ChangeLog

@@ -9,9 +9,7 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
       lookups; see doc/socks-extensions.txt for full information.
     - Add a BEGIN_DIR relay cell type for an easier in-protocol way to
       connect to directory servers through Tor. Previously, clients
-      could only connect to directory servers over Tor from exit nodes,
-      but couldn't get directory information anonymously from a non-exit
-      cache without getting a separate exit node involved.
+      could only connect to directory servers over Tor from exit nodes.
 
   o Minor features:
     - Check for name servers (like Earthlink's) that hijack failing DNS
@@ -21,44 +19,43 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
       "helpfully" decline to hijack known-invalid RFC2606 addresses.
       Config option "ServerDNSDetectHijacking 0" lets you turn it off.
     - When asked to resolve a hostname, don't use non-exit servers unless
-      requested to do so.  This allows servers with broken DNS to
-      be useful to the network.
+      requested to do so. This allows servers with broken DNS to be
+      useful to the network.
     - Add an "EnforceDistinctSubnets" option to control our "exclude
       servers on the same /16" behavior.  It's still on by default; this
       is mostly for people who want to operate private test networks with
       all the machines on the same subnet.
     - If one of our entry guards is on the ExcludeNodes list, or the
-      directory authorities don't think it's a good guard, treat it as if it
-      were unlisted: stop using it as a guard, and throw it off the guards
-      list if it stays that way for a long time.
-    - Allow directory authorities to be marked separately as authorities for
-      the v1 directory protocol, the v2 directory protocol, and as hidden
-      service directories, to make it easier to retire old authorities.
-      V1 authorities should set "HSAuthoritativeDir 1" to continue being
-      hidden service authorities too.
-    - Reserve the nickname "Unnamed" for routers that can't pick a hostname;
-      any router can call itself Unnamed; directory servers will never
-      allocate Unnamed to any particular router; clients won't believe that
-      any router is the canonical Unnamed.
-    - New controller event to alert the controller when our server descriptor
-      has changed.
+      directory authorities don't think it's a good guard, treat it as
+      if it were unlisted: stop using it as a guard, and throw it off
+      the guards list if it stays that way for a long time.
+    - Allow directory authorities to be marked separately as authorities
+      for the v1 directory protocol, the v2 directory protocol, and
+      as hidden service directories, to make it easier to retire old
+      authorities.  V1 authorities should set "HSAuthoritativeDir 1"
+      to continue being hidden service authorities too.
+    - Reserve the nickname "Unnamed" for routers that can't pick
+      a hostname; any router can call itself Unnamed; directory
+      authorities will never allocate Unnamed to any particular router;
+      clients won't believe that any router is the canonical Unnamed.
+    - New controller event to alert the controller when our server
+      descriptor has changed.
     - Only include function names in log messages for debugging messages;
-      in other cases, the content of the message should be clear on its own,
-      and including the function name only seems to confuse users.
-    - Fix CIRC controller events so that controllers can learn the identity
-      digests of non-Named servers used in circuit paths. (Fixes bug 336.)
-    - Avoid choosing Exit nodes for entry or middle hops when the bandwidth
-      available in non-Exit nodes is much higher then the bandwidth available
-      in Exit nodes. (Fixes bug 200.)
+      in other cases, the content of the message should be clear on its
+      own, and including the function name only seems to confuse users.
+    - Fix CIRC controller events so that controllers can learn the
+      identity digests of non-Named servers used in circuit paths.
+    - Avoid choosing Exit nodes for entry or middle hops when the
+      bandwidth available in non-Exit nodes is much higher than the
+      bandwidth available in Exit nodes.
     - Give more meaningful errors on control authentication failure.
     - Avoid possibility of controller-triggered crash when misusing certain
       commands from a v0 controller on platforms that do not handle
       printf("%s",NULL) gracefully.
-    - When deciding whether an IP is "local", check for IPs on the same /24
-      as us.  This prevents some false positives during reachability
-      detection.
-    - Avoid possibility of controller-triggered crash when misusing certain
-      commands from a v0 controller on platforms that do not handle
+    - Avoid some false positives during reachability testing: don't try
+      to test via a server that's on the same /24 as us.
+    - Avoid controller-triggered crash when misusing certain commands
+      from a v0 controller on platforms that do not handle
       printf("%s",NULL) gracefully.
     - Add an (off by default) feature so that controllers can get more useful
       identifiers for servers. Instead of learning identity digests for
@@ -67,22 +64,22 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
       control-spec.txt for more information.
 
   o Security Fixes, minor:
-    - If a client asked for a server by name, and we didn't have a
-      descriptor for a named server with that name, we might return an
-      old one.
+    - If a client asked for a server by name, and there's a named server
+      in our network-status but we don't have its descriptor yet, we
+      would return an unnamed one instead.
     - Fix NetBSD bug that could allow someone to force uninitialized RAM
       to be sent to a server's DNS resolver. This only affects NetBSD
       and other platforms that do not bounds-check tolower().
-    - Reject (most) attempts to use Tor as a one-hop proxy; if many people
-      start using Tor as a one-hop proxy, exit nodes become a more attractive
-      target for compromise. (Fixes bug 303.)
+    - Reject (most) attempts to use Tor circuits with length one. (If
+      many people start using Tor as a one-hop proxy, exit nodes become
+      a more attractive target for compromise.)
     - Just because your DirPort is open doesn't mean people should be
       able to remotely teach you about hidden service descriptors. Now
       only accept rendezvous posts if you've got HSAuthoritativeDir set.
 
   o Major bugfixes:
     - Avoiding crashing on race condition in dns.c:
-      tor_assert(! resolve->expire)
+      tor_assert(!resolve->expire)
     - When a client asks the server to resolve (not connect to)
       an address, and it has a cached answer, give them the cached answer.
       Previously, the server would give them no answer at all.

src/or/connection_edge.c

@@ -1885,7 +1885,7 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
        * and users who'd be better off with, well, single-hop proxies.
        */
       log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
-             "Attempt to open a stream on first hop of circuit. Rejecting.");
+             "Attempt to open a stream on first hop of circuit. Dropping.");
       tor_free(address);
       return 0;
     }