From 6b5ef3889d83c715973dd2e08556d3467bc3055e Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 12 Mar 2014 15:53:58 -0400 Subject: [PATCH] Start work on an 0.2.5.3-alpha changelog. This collects all the changes file, and find the stuff that also appeared new in 0.2.4.21. --- ChangeLog | 193 +++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 192 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 78c509452f..e03205f9c7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,194 @@ +Changes in version 0.2.5.3-alpha - 2014-03-?? + + o Major features: + - Also consider stream buffer sizes when calculating OOM + conditions. Rename MaxMemInCellQueues to MaxMemInQueues. Fixes + bug 10169. + + o Minor bugfixes: + - Exit immediately when exiting because of dropped connection from + a process-owning controller. Previously, if we were running in + server mode, we would wait for a little while as in the when we + got an INT signal--but this was problematic, since there was no + feedback for the user. Controllers that want to do a clean + shutdown should send an INT signal, and let the user know what's + going on. Fix for bug 10449; bugfix on 0.2.2.28-beta. + + o Minor bugfixes: + - Log an improved message when excluding hidden service directory + nodes prevents a hidden service from working. + Improves on our fix for bug #10722, which was a bugfix on + 0.2.0.10-alpha. + + o Removed code + - Remove all code for hidden service authorities to accept and serve + version 0 descriptors and left-over code for hidden services and + hidden service clients to upload and fetch version 0 descriptors. + Version 0 descriptors are not in use anymore since 0.2.2.1-alpha. + Fixes the rest of bug 10841. + + o Minor features: + - Bridges write the SHA1 digest of their identity key fingerprint to + notice-level logs and to hashed-fingerprint, so that bridge + operators can look up their bridge in Globe and similar tools. + + o Minor bugfixes (new since 0.2.5.2-alpha, also in 0.2.4.21): + - Build without warnings under clang 3.4. (We have some macros that + define static functions only some of which will get used later in + the module. Starting with clang 3.4, these give a warning unless the + unused attribute is set on them.) Resolves ticket 10904. + - Fix build warnings about missing "a2x" comment when building the + manpages from scratch on OpenBSD; OpenBSD calls it "a2x.py". + Fixes bug 10929; bugfix on 0.2.2.9-alpha. Patch from Dana Koch. + + o Minor bugfixes (unit tests); + - Fix a small bug in the unit tests that might have made the tests + call 'chmod' with an uninitialized bitmask. + Fixes bug 10928; bugfix on 0.2.5.1-alpha. Patch from Dana Koch. + + o Minor bugfixes + - Fix IPv6 support when using the SocksPort with SOCKS5. Using IPv6 + through a SOCKS5 using the SocksPort option will now work with + this fix. This part of the code has never been updated to support + IPv6 thus this does not fix a previously introduced regression. + Fixes bug 10987; bugfix on 0.2.4.7-alpha. + + o Minor features (log messages): + - Improve the message that gets displayed when Tor as a bridge is + using pluggable transports but doesn't have an Extended ORPort + listener. Furthermore, we now log the message in the log file + too. Resolves ticket 11043. + + o Minor bugfixes: + - Build using the -fasynchronous-unwind-tables option so that more + platforms (in particular, ones like 32-bit Intel where the + -fomit-frame-pointer option is on by default and table + generation is not) will support generating backtraces. This + doesn't yet add Windows support yet; only Linux, OSX, and some BSD + are affected. Reported by 'cypherpunks'; fixes bug 11047; bugfix + on 0.2.5.2-alpha. + + o Minor bugfixes: + - Avoid strange behavior if two threads hit failed asswertions + at the same time and both try to log backtraces at + once. (Previously, if this had happened, both threads would + have stored their intermediate results in the same buffer, and + generated junk outputs.) Reported by "cypherpunks". Fixes bug + 11048; bugfix on 0.2.5.2-alpha. + + o Minor bugfixes (clients): + - Fix tor so that it raises a control port warning when we fail to + connect to all of our bridges. Fixes bug 11069; bugfix on + tor-0.2.1.2-alpha. + + o Minor features: + - Warn the user if they put any ports in the SocksPolicy, + DirPolicy, AuthDirReject, AuthDirInvalid, AuthDirBadDir, or + AuthDirBadExit options. Fixes ticket #11108. + + o Documentation: + - Explain that SocksPolicy, DirPolicy, and their allies don't take + port arguments. Fixes ticket #11108. + + o Documentation: + - Fix the max client name length in the manpage's description of + HiddenServiceAuthorizeClient description: it should have been + 16, not 19. Fixes bug 11118; bugfix on 0.2.1.6-alpha. + + o Minor bugfixes (clients): + - Fix a bug where we would attempt to connect to bridges before + our pluggable transports were configured, which resulted in some + erroneous log messages. Fixes bug 11156; bugfix on + 0.2.3.2-alpha. + + o Minor features: + - Don't log at warning severity when we refuse to launch a + pluggable transport proxy that we don't need. Resolves ticket + 5018; bugfix on 0.2.5.2-alpha. + + o Minor bugfixes: + - Bridges now never collect statistics that were designed for relays. + Fix for bug 5824; bugfix on 0.2.3.8-alpha. + + o Minor bugfixes: + - Bridges now report complete directory request statistics. Related to + bug 5824; bugfix on 0.2.2.1-alpha. + + o Minor bugfixes: + - Avoid crashing on a malformed resolv.conf file when running a + server using Libevent 1. Fixes bug 8788; bugfix on 0.1.1.23. + + o Minor bugfixes (testing): + - Improve the tinytest implementation of string operation tests + so that comparisons NULL strings no longer crash the tests; + they now just fail, normally. Fixes bug 9004; bugfix on + 0.2.2.4-alpha. + + o Minor bugfixes: + - Fix a comment about the rend_server_descriptor_t.protocols field + to more accurately describe its range. Also, make that + field unsigned, to more accurately reflect its usage. + Fixes bug 9099; bugfix on 0.2.1.5-alpha. + + o Documentation: + - Document in the manpage that "KBytes" may also be written as + "kilobytes" or "KB", that "Kbits" may also be written as + "kilobits", and so forth. Closes ticket #9222. + + o Minor bugfixes: + - Give the correct URL in the warning message that we present + when the user is trying to run a Tor relay on an ancient version + of Windows. Fixes bug 9393. + + o Minor bugfixes: + - Non-exit servers no longer launch mock DNS requests to check for + DNS hijacking. This has been unnecessary since 0.2.1.7-alpha, + when non-exit servers stopped servicing DNS requests. Fixes bug + 965; bugfix on 0.2.1.7-alpha. Patch from Matt Pagan. + + o Minor changes: + - Decrease the lower limit of MaxMemInQueues to 256 MBytes, to + appease raspberry pi users. Fixes bug 9686. + + o Minor features: + - Avoid hash-flooding denial-of-service attacks by using the secure + SipHash-2-4 hash function for our hashtables. Without this + feature, an attacker could degrade performance of a targeted + client or server by flooding their data structures with a large + number of data entries all calculated to be stored at the same + hash table position, thereby degrading hash table + performance. With this feature, hash table positions are derived + from a randomized cryptographic key using SipHash-2-4, and an + attacker cannot predict which entries will collide. + Closes ticket 4900. + + o Minor features: + - Update geoip6 to the February 7 2014 Maxmind GeoLite2 Country + database. + o Minor features: + - Update to the February 7 2014 Maxmind GeoLite2 Country database. + + o Minor features: + - Fix our version of the February 7 2014 Maxmind GeoLite2 Country database. + + o Minor bugfixes (compilation): + - Fix a 64-to-32-conversion warning in format_number_sigsafe(). + Bugfix on 0.2.5.2-alpha; patch from Nick Hopper. + + o Code simplifications and refactoring: + - Get rid of router->address, since in all cases it was just the + string representation of router->addr. Resolves ticket 5528. + + o Minor features: + - Made PREDICTED_CIRCS_RELEVANCE_TIME configurable from config + file with a new option, PredictedPortsRelevanceTime. Implements + ticket #9176. Patch by unixninja92. + + o Testing: + - Update to the latest version of tinytest. + + + Changes in version 0.2.4.21 - 2014-02-28 Tor 0.2.4.21 further improves security against potential adversaries who find breaking 1024-bit crypto doable, and backports several stability @@ -59,7 +250,7 @@ Changes in version 0.2.4.21 - 2014-02-28 flag set. Fixes bug 10470; bugfix on 0.2.3.3-alpha / 0.2.3.16-alpha. -Changes in version 0.2.5.2-alpha - 2013-02-13 +Changes in version 0.2.5.2-alpha - 2014-02-13 Tor 0.2.5.2-alpha includes all the fixes from 0.2.4.18-rc and 0.2.4.20, like the "poor random number generation" fix and the "building too many circuits" fix. It also further improves security against potential