mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-24 04:13:28 +01:00
Merge remote branch 'origin/maint-0.2.1'
Conflicts: ChangeLog configure.in contrib/tor-mingw.nsi.in src/win32/orconfig.h
This commit is contained in:
commit
715f104eeb
39
ChangeLog
39
ChangeLog
@ -53,7 +53,17 @@ Changes in version 0.2.2.8-alpha - 2010-01-26
|
||||
refuse to listen.
|
||||
|
||||
|
||||
Changes in version 0.2.1.23 - 2010-0?-??
|
||||
Changes in version 0.2.1.24 - 2010-??-??
|
||||
o Minor bugfixes:
|
||||
- Work correctly out-of-the-box with even more vendor-patched versions
|
||||
of OpenSSL.
|
||||
|
||||
|
||||
Changes in version 0.2.1.23 - 2010-02-13
|
||||
Tor 0.2.1.23 fixes a huge client-side performance bug, makes Tor work
|
||||
again on the latest OS X, and updates the location of a directory
|
||||
authority.
|
||||
|
||||
o Major bugfixes (performance):
|
||||
- We were selecting our guards uniformly at random, and then weighting
|
||||
which of our guards we'd use uniformly at random. This imbalance
|
||||
@ -64,20 +74,25 @@ Changes in version 0.2.1.23 - 2010-0?-??
|
||||
bug 1217; bugfix on 0.2.1.3-alpha. Found by Mike Perry.
|
||||
|
||||
o Major bugfixes:
|
||||
- Make Tor work again on the latest OS X: when deciding whether to
|
||||
use strange flags to turn TLS renegotiation on, detect the OpenSSL
|
||||
version at run-time, not compile time. We need to do this because
|
||||
Apple doesn't update its dev-tools headers when it updates its
|
||||
libraries in a security patch.
|
||||
- Fix a potential buffer overflow in lookup_last_hid_serv_request()
|
||||
that could happen on 32-bit platforms with 64-bit time_t. Also fix
|
||||
a memory leak when requesting a hidden service descriptor we've
|
||||
requested before. Fixes bug 1242, bugfix on 0.2.0.18-alpha. Found
|
||||
by aakova.
|
||||
that could happen on 32-bit platforms with 64-bit time_t. Also fix
|
||||
a memory leak when requesting a hidden service descriptor we've
|
||||
requested before. Fixes bug 1242, bugfix on 0.2.0.18-alpha. Found
|
||||
by aakova.
|
||||
|
||||
o Directory authority changes:
|
||||
- Change IP address for dannenberg (v3 directory authority), and
|
||||
remove moria2 (obsolete v1, v2 directory authority and v0 hidden
|
||||
service directory authority) from the list.
|
||||
|
||||
o Minor bugfixes:
|
||||
- When deciding whether to use strange flags to turn TLS renegotiation
|
||||
on, detect the OpenSSL version at run-time, not compile time. We
|
||||
need to do this because Apple doesn't update its dev-tools headers
|
||||
when it updates its libraries in a security patch.
|
||||
- Refactor resolve_my_address() a little, to not use gethostbyname()
|
||||
anymore. Fixes bug 1244; bugfix on 0.0.2pre25. Reported by Mike
|
||||
Mestnik.
|
||||
- Refactor resolve_my_address() to not use gethostbyname() anymore.
|
||||
Fixes bug 1244; bugfix on 0.0.2pre25. Reported by Mike Mestnik.
|
||||
|
||||
o Minor features:
|
||||
- Avoid a mad rush at the beginning of each month when each client
|
||||
|
38
ReleaseNotes
38
ReleaseNotes
@ -3,6 +3,44 @@ This document summarizes new features and bugfixes in each stable release
|
||||
of Tor. If you want to see more detailed descriptions of the changes in
|
||||
each development snapshot, see the ChangeLog file.
|
||||
|
||||
Changes in version 0.2.1.23 - 2010-02-13
|
||||
Tor 0.2.1.23 fixes a huge client-side performance bug, makes Tor work
|
||||
again on the latest OS X, and updates the location of a directory
|
||||
authority.
|
||||
|
||||
o Major bugfixes (performance):
|
||||
- We were selecting our guards uniformly at random, and then weighting
|
||||
which of our guards we'd use uniformly at random. This imbalance
|
||||
meant that Tor clients were severely limited on throughput (and
|
||||
probably latency too) by the first hop in their circuit. Now we
|
||||
select guards weighted by currently advertised bandwidth. We also
|
||||
automatically discard guards picked using the old algorithm. Fixes
|
||||
bug 1217; bugfix on 0.2.1.3-alpha. Found by Mike Perry.
|
||||
|
||||
o Major bugfixes:
|
||||
- Make Tor work again on the latest OS X: when deciding whether to
|
||||
use strange flags to turn TLS renegotiation on, detect the OpenSSL
|
||||
version at run-time, not compile time. We need to do this because
|
||||
Apple doesn't update its dev-tools headers when it updates its
|
||||
libraries in a security patch.
|
||||
- Fix a potential buffer overflow in lookup_last_hid_serv_request()
|
||||
that could happen on 32-bit platforms with 64-bit time_t. Also fix
|
||||
a memory leak when requesting a hidden service descriptor we've
|
||||
requested before. Fixes bug 1242, bugfix on 0.2.0.18-alpha. Found
|
||||
by aakova.
|
||||
|
||||
o Minor bugfixes:
|
||||
- Refactor resolve_my_address() to not use gethostbyname() anymore.
|
||||
Fixes bug 1244; bugfix on 0.0.2pre25. Reported by Mike Mestnik.
|
||||
|
||||
o Minor features:
|
||||
- Avoid a mad rush at the beginning of each month when each client
|
||||
rotates half of its guards. Instead we spread the rotation out
|
||||
throughout the month, but we still avoid leaving a precise timestamp
|
||||
in the state file about when we first picked the guard. Improves
|
||||
over the behavior introduced in 0.1.2.17.
|
||||
|
||||
|
||||
Changes in version 0.2.1.22 - 2010-01-19
|
||||
Tor 0.2.1.22 fixes a critical privacy problem in bridge directory
|
||||
authorities -- it would tell you its whole history of bridge descriptors
|
||||
|
@ -8,6 +8,7 @@
|
||||
!include "LogicLib.nsh"
|
||||
!include "FileFunc.nsh"
|
||||
!insertmacro GetParameters
|
||||
|
||||
!define VERSION "0.2.2.8-alpha-dev"
|
||||
!define INSTALLER "tor-${VERSION}-win32.exe"
|
||||
!define WEBSITE "https://www.torproject.org/"
|
||||
|
@ -368,7 +368,7 @@ tor_tls_init(void)
|
||||
* OpenSSL 0.9.8l.
|
||||
*
|
||||
* No, we can't just set flag 0x0010 everywhere. It breaks Tor with
|
||||
* OpenSSL 1.0.0beta, since i. No, we can't just set option
|
||||
* OpenSSL 1.0.0beta3 and later. No, we can't just set option
|
||||
* 0x00040000L everywhere: before 0.9.8m, it meant something else.
|
||||
*
|
||||
* No, we can't simply detect whether the flag or the option is present
|
||||
@ -381,7 +381,7 @@ tor_tls_init(void)
|
||||
*/
|
||||
if (version >= 0x009080c0L && version < 0x009080d0L) {
|
||||
log_notice(LD_GENERAL, "OpenSSL %s looks like version 0.9.8l; "
|
||||
"I will try SSL3_FLAGS to enable renegotation.",
|
||||
"I will try SSL3_FLAGS to enable renegotation.",
|
||||
SSLeay_version(SSLEAY_VERSION));
|
||||
use_unsafe_renegotiation_flag = 1;
|
||||
use_unsafe_renegotiation_op = 1;
|
||||
@ -390,6 +390,13 @@ tor_tls_init(void)
|
||||
"I will try SSL_OP to enable renegotiation",
|
||||
SSLeay_version(SSLEAY_VERSION));
|
||||
use_unsafe_renegotiation_op = 1;
|
||||
} else if (version < 0x009080c0L) {
|
||||
log_notice(LD_GENERAL, "OpenSSL %s [%lx] looks like it's older than "
|
||||
"0.9.8l, but some vendors have backported 0.9.8l's "
|
||||
"renegotiation code to earlier versions. I'll set "
|
||||
"SSL3_FLAGS just to be safe.",
|
||||
SSLeay_version(SSLEAY_VERSION), version);
|
||||
use_unsafe_renegotiation_flag = 1;
|
||||
} else {
|
||||
log_info(LD_GENERAL, "OpenSSL %s has version %lx",
|
||||
SSLeay_version(SSLEAY_VERSION), version);
|
||||
|
@ -738,8 +738,6 @@ add_default_trusted_dir_authorities(authority_type_t type)
|
||||
"moria1 orport=9101 no-v2 "
|
||||
"v3ident=D586D18309DED4CD6D57C18FDB97EFA96D330566 "
|
||||
"128.31.0.39:9131 9695 DFC3 5FFE B861 329B 9F1A B04C 4639 7020 CE31",
|
||||
"moria2 v1 orport=9002 128.31.0.34:9032 "
|
||||
"719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF",
|
||||
"tor26 v1 orport=443 v3ident=14C131DFC5C6F93646BE72FA1401C02A8DF2E8B4 "
|
||||
"86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D",
|
||||
"dizum orport=443 v3ident=E8A9C45EDE6D711294FADF8E7951F4DE6CA56B58 "
|
||||
@ -753,7 +751,7 @@ add_default_trusted_dir_authorities(authority_type_t type)
|
||||
"80.190.246.100:8180 F204 4413 DAC2 E02E 3D6B CF47 35A1 9BCA 1DE9 7281",
|
||||
"dannenberg orport=443 no-v2 "
|
||||
"v3ident=585769C78764D58426B8B52B6651A5A71137189A "
|
||||
"213.73.91.31:80 7BE6 83E6 5D48 1413 21C5 ED92 F075 C553 64AC 7123",
|
||||
"193.23.244.244:80 7BE6 83E6 5D48 1413 21C5 ED92 F075 C553 64AC 7123",
|
||||
"urras orport=80 no-v2 v3ident=80550987E1D626E3EBA5E5E75A458DE0626D088C "
|
||||
"208.83.223.34:443 0AD3 FA88 4D18 F89E EA2D 89C0 1937 9E0E 7FD9 4417",
|
||||
NULL
|
||||
|
Loading…
Reference in New Issue
Block a user