mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-24 04:13:28 +01:00
minor cleanups
svn:r9158
This commit is contained in:
Roger Dingledine
parent
baadf35c63
commit
858d7295e7
30
ChangeLog
30
ChangeLog
@ -23,12 +23,14 @@ Changes in version 0.1.2.5-xxxx - 200?-??-??
|
|||||||
options files.
|
options files.
|
||||||
- Reject *:563 (NTTPS) in the default exit policy. We already reject
|
- Reject *:563 (NTTPS) in the default exit policy. We already reject
|
||||||
NNTP by default, so this seems like a sensible addition.
|
NNTP by default, so this seems like a sensible addition.
|
||||||
- Authorities do not recommend exits as guards if this would shift excess
|
- Authorities do not recommend exits as guards if this would shift
|
||||||
load to the exit nodes.
|
excess load to the exit nodes.
|
||||||
- Avoid some inadvertent info leaks by making clients reject hostnames
|
- Avoid some inadvertent info leaks by making clients reject hostnames
|
||||||
with invalid characters. Add an option to disable this behavior,
|
with invalid characters. Add an option "AllowNonRFC953Hostnames"
|
||||||
in case somebody is running a private network with hosts called @, !,
|
to disable this behavior, in case somebody is running a private
|
||||||
and #.
|
network with hosts called @, !, and #.
|
||||||
|
- Add a new address-spec.txt document to describe our special-case
|
||||||
|
addresses: .exit, .onion, and .noconnnect.
|
||||||
|
|
||||||
o Security bugfixes:
|
o Security bugfixes:
|
||||||
- Stop sending the HttpProxyAuthenticator string to directory
|
- Stop sending the HttpProxyAuthenticator string to directory
|
||||||
@ -50,27 +52,23 @@ Changes in version 0.1.2.5-xxxx - 200?-??-??
|
|||||||
after that. (May fix bug 326.)
|
after that. (May fix bug 326.)
|
||||||
|
|
||||||
o Minor bugfixes:
|
o Minor bugfixes:
|
||||||
- Fix a bug when a PF socket is first used. (Patch from Fabian
|
- Fix a bug when a PF socket is first used. (Patch from Fabian Keil.)
|
||||||
Keil.)
|
|
||||||
- Fix an assert failure when a directory authority sets
|
- Fix an assert failure when a directory authority sets
|
||||||
AuthDirRejectUnlisted and then receives a descriptor from an
|
AuthDirRejectUnlisted and then receives a descriptor from an
|
||||||
unlisted router (reported by seeess).
|
unlisted router (reported by seeess).
|
||||||
- Fix a bug on the Windows implementation of tor_mmap_file that
|
- Fix a bug on the Windows implementation of tor_mmap_file that
|
||||||
would prevent the cached-routers file from ever loading. (reported by
|
would prevent the cached-routers file from ever loading (reported
|
||||||
John Kimble.)
|
by John Kimble).
|
||||||
- Fix a bug in 0.1.2.2-alpha that prevented clients from asking
|
- Fix a bug in 0.1.2.2-alpha that prevented clients from asking
|
||||||
to resolve an address at a given exit node even when they ask for
|
to resolve an address at a given exit node even when they ask for
|
||||||
it by name.
|
it by name.
|
||||||
- Routers no longer ever list themselves in their "family" line,
|
- Routers no longer ever list themselves in their "family" line,
|
||||||
even if configured to do so. This makes it easier to configure
|
even if configured to do so. This makes it easier to configure
|
||||||
family lists efficiently.
|
family lists efficiently.
|
||||||
- Remove an artificial (but quite high) restriction on expected
|
- When running as a server, don't fall back to 127.0.0.1 when no
|
||||||
bandwidth, so that accounting won't break once we all have gigabit
|
nameservers are configured in /etc/resolv.conf; instead, make the
|
||||||
connections to our homes.
|
user fix resolv.conf or specify nameservers explicitly. (Resolves
|
||||||
- When running as a server, don't fall back to 127.0.0.1 when
|
bug 363.)
|
||||||
no nameservers are configured in /etc/resolv.conf; instead, make
|
|
||||||
the user fix resolv.conf or specify nameservers explicitly. (Resolves
|
|
||||||
Bug 363.)
|
|
||||||
|
|
||||||
o Controller features:
|
o Controller features:
|
||||||
- Have GETINFO dir/status/* work on hosts with DirPort disabled.
|
- Have GETINFO dir/status/* work on hosts with DirPort disabled.
|
||||||
|
|||||||
6
doc/TODO
6
doc/TODO
@ -59,12 +59,15 @@ N - list versions in status page
|
|||||||
a new line in the status entry. "Tor 0.1.2.2-alpha". If it's
|
a new line in the status entry. "Tor 0.1.2.2-alpha". If it's
|
||||||
a version, treat it like one. If it's something else, assume
|
a version, treat it like one. If it's something else, assume
|
||||||
it's at least 0.1.2.x.
|
it's at least 0.1.2.x.
|
||||||
|
maybe we could have it be a new 'v' line in the status, with
|
||||||
|
key=value syntax. so we could have a 'tor' version, but we
|
||||||
|
could also have a 'conn' version, a 'dir' version, etc down
|
||||||
|
the road. and one day maybe the 'tor' key would be deprecated.
|
||||||
|
|
||||||
o Document .noconnect addresses...
|
o Document .noconnect addresses...
|
||||||
A new file 'address-spec.txt' that describes .exit, .onion,
|
A new file 'address-spec.txt' that describes .exit, .onion,
|
||||||
.noconnect, etc?
|
.noconnect, etc?
|
||||||
|
|
||||||
|
|
||||||
- Servers are easy to setup and run: being a relay is about as easy as
|
- Servers are easy to setup and run: being a relay is about as easy as
|
||||||
being a client.
|
being a client.
|
||||||
. Reduce resource load
|
. Reduce resource load
|
||||||
@ -102,6 +105,7 @@ d - Be a DNS proxy.
|
|||||||
o address_is_invalid_destination() is the right thing to call here
|
o address_is_invalid_destination() is the right thing to call here
|
||||||
(and feel free to make that function smarter)
|
(and feel free to make that function smarter)
|
||||||
o add a config option to turn it off.
|
o add a config option to turn it off.
|
||||||
|
- and a man page for that option
|
||||||
- Bug 364: notice when all the DNS requests we get back (including a few
|
- Bug 364: notice when all the DNS requests we get back (including a few
|
||||||
well-known sites) are all going to the same place.
|
well-known sites) are all going to the same place.
|
||||||
o Bug 363: Warn and die if we can't find a nameserver and we're running a
|
o Bug 363: Warn and die if we can't find a nameserver and we're running a
|
||||||
|
|||||||
@ -795,7 +795,7 @@ client_dns_set_addressmap(const char *address, uint32_t val,
|
|||||||
struct in_addr in;
|
struct in_addr in;
|
||||||
/* <address>.<hex or nickname>.exit\0 or just <address>\0 */
|
/* <address>.<hex or nickname>.exit\0 or just <address>\0 */
|
||||||
char extendedaddress[MAX_SOCKS_ADDR_LEN+MAX_VERBOSE_NICKNAME_LEN+10];
|
char extendedaddress[MAX_SOCKS_ADDR_LEN+MAX_VERBOSE_NICKNAME_LEN+10];
|
||||||
/* 123.123.123.123.<hex or nickname>.exit\0 or just 123.123.123.123\0 */
|
/* 123.123.123.123.<hex or nickname>.exit\0 or just 123.123.123.123\0 */
|
||||||
char extendedval[INET_NTOA_BUF_LEN+MAX_VERBOSE_NICKNAME_LEN+10];
|
char extendedval[INET_NTOA_BUF_LEN+MAX_VERBOSE_NICKNAME_LEN+10];
|
||||||
char valbuf[INET_NTOA_BUF_LEN];
|
char valbuf[INET_NTOA_BUF_LEN];
|
||||||
|
|
||||||
|
|||||||
@ -1656,8 +1656,8 @@ typedef struct {
|
|||||||
* same network zone in the same circuit. */
|
* same network zone in the same circuit. */
|
||||||
int TunnelDirConns; /**< If true, use BEGIN_DIR rather than BEGIN when
|
int TunnelDirConns; /**< If true, use BEGIN_DIR rather than BEGIN when
|
||||||
* possible. */
|
* possible. */
|
||||||
int AllowNonRFC953Hostnames; /**< If true, we allow connections to hostnames
|
int AllowNonRFC953Hostnames; /**< If true, we allow connections to hostnames
|
||||||
* with weird characters. */
|
* with weird characters. */
|
||||||
} or_options_t;
|
} or_options_t;
|
||||||
|
|
||||||
/** Persistent state for an onion router, as saved to disk. */
|
/** Persistent state for an onion router, as saved to disk. */
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user