mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-23 20:03:31 +01:00
Start editing on the changelog entries
This commit is contained in:
parent
f087a895d3
commit
957cdb5469
67
ChangeLog
67
ChangeLog
@ -6,8 +6,9 @@ Changes in version 0.2.8.1-alpha - 2016-02-0?
|
||||
subsystem.
|
||||
|
||||
o Major key updates:
|
||||
- Update the V3 identity key for dannenberg: it was changed on 18
|
||||
November 2015. Closes task 17906. Patch by "teor".
|
||||
- Update the V3 identity key for the dannenberg directory authority:
|
||||
it was changed on 18 November 2015. Closes task 17906. Patch by
|
||||
"teor".
|
||||
|
||||
o Removed features:
|
||||
- Remove client-side support for connecting to Tor servers running
|
||||
@ -17,55 +18,57 @@ Changes in version 0.2.8.1-alpha - 2016-02-0?
|
||||
patches by Tom van der Woerdt.
|
||||
|
||||
o Major features (security, Linux):
|
||||
- When Tor is started as root on Linux and told to switch user ID,
|
||||
it can now retain the capabilitity to bind to low ports. By
|
||||
- When Tor starts as root on Linux and is told to switch user ID,
|
||||
it can now retain the capability to bind to low ports. By
|
||||
default, Tor will do this only when it's switching user ID and
|
||||
some low ports have been configured. You can change this behavior
|
||||
with the new option KeepBindCapabilities. Closes ticket 8195.
|
||||
|
||||
o Major features (directory system):
|
||||
- Schedule multiple in-progress consensus downloads during client
|
||||
bootstrap. Use the first one that starts downloading, close the
|
||||
rest. This reduces failures when authorities are slow or down.
|
||||
Together with the code for feature 15775, it reduces failures due
|
||||
to fallback churn. Implements ticket 4483 (reduce failures when
|
||||
authorities are down). Patch by "teor". Implements IPv4 portions
|
||||
- When bootstrapping we not launch multiple consensus downloads
|
||||
at a time, use the first one that starts downloading, and close the
|
||||
rest. This reduces failures when authorities or fallback directories are slow or down.
|
||||
Together with the code for feature 15775, this feature should reduces failures due
|
||||
to fallback churn. Implements ticket 4483.
|
||||
Patch by "teor". Implements IPv4 portions
|
||||
of proposal 210 by "mikeperry" and "teor".
|
||||
- Include an opt-in trial list of default fallback directories in
|
||||
add_default_fallback_dir_servers(). Doing this should improve
|
||||
client reliability and initial bootstrap performance, and reduce
|
||||
- Include a trial list of default fallback directories, based
|
||||
on an opt-in survey of suitable relays. Doing this should make
|
||||
clients bootstrap more quickly and reliably, and reduce the
|
||||
load on the directory authorities. Closes ticket 15775. Patch by
|
||||
"teor". OnionOO script by "weasel", "teor", "gsathya",
|
||||
"teor". Candidates identified using an OnionOO script by "weasel", "teor", "gsathya",
|
||||
and "karsten".
|
||||
- Previously only relays who explicitly opened a directory port
|
||||
- Previously only relays that explicitly opened a directory port
|
||||
(DirPort) accepted directory requests from clients. Now all
|
||||
relays, with and without a DirPort, who do not disable the
|
||||
DirCache option accept and serve directory requests sent
|
||||
(tunnelled) through their ORPort. Closes ticket 12538.
|
||||
relays, with and without a DirPort,
|
||||
accept and serve tunneled directory requests that they
|
||||
receive through their ORPort. You can disable this behavior using
|
||||
the new DirCache option.
|
||||
Closes ticket 12538.
|
||||
|
||||
o Minor features (security, clock):
|
||||
- Warn when the system clock is set back in time (when the state
|
||||
- Warn when the system clock appears to move back in time (when the state
|
||||
file was last written in the future). Tor doesn't know that
|
||||
consensuses have expired if the clock is in the past. Patch by
|
||||
"teor". Implements ticket 17188.
|
||||
|
||||
o Minor features (security, exit policies):
|
||||
- ExitPolicyRejectPrivate rejects more private addresses by default.
|
||||
Specifically, it rejects the relay's outbound bind addresses (if
|
||||
- ExitPolicyRejectPrivate now rejects more private addresses by default.
|
||||
Specifically, it now rejects the relay's outbound bind addresses (if
|
||||
configured), and the relay's configured port addresses (such as
|
||||
ORPort and DirPort). Fixes bug 17027; bugfix on 0.2.0.11-alpha.
|
||||
Patch by "teor".
|
||||
|
||||
o Minor features (security, memory erasure):
|
||||
- Set unused entires in a smartlist to NULL. This helped catch
|
||||
- Set the unused entires in a smartlist to NULL. This helped catch
|
||||
a (harmless) bug, and shouldn't affect performance too much.
|
||||
Implements ticket 17026.
|
||||
- Use SecureMemoryWipe() function to securely clean memory on
|
||||
Windows. Implements feature 17986.
|
||||
Windows. Previously we'd use OpenSSL's OPENSSL_cleanse() function. Implements feature 17986.
|
||||
- Use explicit_bzero or memset_s when present. Previously, we'd use
|
||||
OpenSSL's OPENSSL_cleanse() function. Closes ticket 7419; patches
|
||||
from <logan@hackers.mu> and <selven@hackers.mu>.
|
||||
- Make memwipe() do nothing when passed a NULL pointer or zero size.
|
||||
- Make memwipe() do nothing when passed a NULL pointer or buffer of zero size.
|
||||
Check size argument to memwipe() for underflow. Fixes bug 18089;
|
||||
bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", patch
|
||||
by "teor".
|
||||
@ -73,25 +76,27 @@ Changes in version 0.2.8.1-alpha - 2016-02-0?
|
||||
o Minor features (security, RNG):
|
||||
- Adjust Tor's use of OpenSSL's RNG APIs so that they absolutely,
|
||||
positively are not allowed to fail. Previously we depended on
|
||||
internals about OpenSSL behavior. Closes ticket 17686.
|
||||
internal details of OpenSSL's behavior. Closes ticket 17686.
|
||||
- Never use the system entropy output directly for anything besides
|
||||
seeding the PRNG. When we want to generate important keys, instead
|
||||
of using system entropy directly, hash it with the PRNG stream.
|
||||
of using system entropy directly, we now hash it with the PRNG stream.
|
||||
This may help resist certain attacks based on broken OS entropy
|
||||
implementations. Closes part of ticket 17694.
|
||||
- Use modern system calls to generate strong entropy on platforms
|
||||
that provide them. Closes ticket 13696.
|
||||
- Use modern system calls (like getentropy() or getrandom()) to generate strong entropy on platforms
|
||||
that have them. Closes ticket 13696.
|
||||
|
||||
o Minor features (accounting):
|
||||
- Added two modes to AccountingRule in torrc for limiting just input
|
||||
or just output. Closes ticket 15989; patch from "unixninja92".
|
||||
- Added two modes to AccountingRule in torrc for limiting just the
|
||||
number of bytes sent ("AccountingRule out") or the number of bytes
|
||||
received ("AccountingRule in").
|
||||
Closes ticket 15989; patch from "unixninja92".
|
||||
|
||||
o Minor features (build):
|
||||
- Since our build process now uses 'make distcheck', we no longer
|
||||
force "make dist" to depend on "make check". Closes ticket 17893;
|
||||
patch from "cypherpunks."
|
||||
- Repair some compilation issues with some recent (unreleased,
|
||||
alpha) vesions of OpenSSL 1.1. Closes ticket 17549.
|
||||
alpha) versions of OpenSSL 1.1. Closes ticket 17549.
|
||||
|
||||
o Minor features (controller):
|
||||
- Adds FallbackDir entries to 'GETINFO config/defaults'. Closes
|
||||
|
Loading…
Reference in New Issue
Block a user