mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-10 05:03:43 +01:00
changelog: Update it with latest releases
Signed-off-by: David Goulet <dgoulet@torproject.org>
This commit is contained in:
parent
f44fa27ba7
commit
9e17af91a3
64
ChangeLog
64
ChangeLog
@ -1,3 +1,67 @@
|
||||
Changes in version 0.4.7.12 - 2022-12-06
|
||||
This version contains a major change that is a new key for moria1. Also, new
|
||||
metrics are exported on the MetricsPort for the congestion control
|
||||
subsystem.
|
||||
|
||||
o Directory authority changes (moria1):
|
||||
- Rotate the relay identity key and v3 identity key for moria1. They
|
||||
have been online for more than a decade and refreshing keys
|
||||
periodically is good practice. Advertise new ports too, to avoid
|
||||
confusion. Closes ticket 40722.
|
||||
|
||||
o Minor feature (Congestion control metrics):
|
||||
- Add additional metricsport relay metrics for congestion control.
|
||||
Closes ticket 40724.
|
||||
|
||||
o Minor features (fallbackdir):
|
||||
- Regenerate fallback directories generated on December 06, 2022.
|
||||
|
||||
o Minor features (geoip data):
|
||||
- Update the geoip files to match the IPFire Location Database, as
|
||||
retrieved on 2022/12/06.
|
||||
|
||||
o Minor bugfixes (cpuworker, relay):
|
||||
- Fix an off by one overload calculation on the number of CPUs being
|
||||
used by our thread pool. Fixes bug 40719; bugfix on 0.3.5.1-alpha.
|
||||
|
||||
|
||||
Changes in version 0.4.5.15 - 2022-12-06
|
||||
This version has several major changes for directory authorities. And a
|
||||
major bugfix on OSX. Again, we strongly recommend to upgrade to our 0.4.7.x
|
||||
series latest stable. This series is EOL on February 15th, 2023.
|
||||
|
||||
o Directory authority changes (dizum):
|
||||
- Change dizum IP address. Closes ticket 40687.
|
||||
|
||||
o Directory authority changes (Faravahar):
|
||||
- Remove Faravahar until its operator, Sina, set it back up online
|
||||
outside of Team Cymru network. Closes ticket 40688.
|
||||
|
||||
o Directory authority changes (moria1):
|
||||
- Rotate the relay identity key and v3 identity key for moria1. They
|
||||
have been online for more than a decade and refreshing keys
|
||||
periodically is good practice. Advertise new ports too, to avoid
|
||||
confusion. Closes ticket 40722.
|
||||
|
||||
o Major bugfixes (OSX):
|
||||
- Fix coarse-time computation on Apple platforms (like Mac M1) where
|
||||
the Mach absolute time ticks do not correspond directly to
|
||||
nanoseconds. Previously, we computed our shift value wrong, which
|
||||
led us to give incorrect timing results. Fixes bug 40684; bugfix
|
||||
on 0.3.3.1-alpha.
|
||||
|
||||
o Major bugfixes (relay):
|
||||
- Improve security of our DNS cache by randomly clipping the TTL
|
||||
value. TROVE-2021-009. Fixes bug 40674; bugfix on 0.3.5.1-alpha.
|
||||
|
||||
o Minor features (fallbackdir):
|
||||
- Regenerate fallback directories generated on December 06, 2022.
|
||||
|
||||
o Minor features (geoip data):
|
||||
- Update the geoip files to match the IPFire Location Database, as
|
||||
retrieved on 2022/12/06.
|
||||
|
||||
|
||||
Changes in version 0.4.7.11 - 2022-11-10
|
||||
This version contains several major fixes aimed at helping defend against
|
||||
network denial of service. It is also extending drastically the MetricsPort
|
||||
|
227
ReleaseNotes
227
ReleaseNotes
@ -2,6 +2,233 @@ This document summarizes new features and bugfixes in each stable
|
||||
release of Tor. If you want to see more detailed descriptions of the
|
||||
changes in each development snapshot, see the ChangeLog file.
|
||||
|
||||
Changes in version 0.4.7.12 - 2022-12-06
|
||||
This version contains a major change that is a new key for moria1. Also, new
|
||||
metrics are exported on the MetricsPort for the congestion control
|
||||
subsystem.
|
||||
|
||||
o Directory authority changes (moria1):
|
||||
- Rotate the relay identity key and v3 identity key for moria1. They
|
||||
have been online for more than a decade and refreshing keys
|
||||
periodically is good practice. Advertise new ports too, to avoid
|
||||
confusion. Closes ticket 40722.
|
||||
|
||||
o Minor feature (Congestion control metrics):
|
||||
- Add additional metricsport relay metrics for congestion control.
|
||||
Closes ticket 40724.
|
||||
|
||||
o Minor features (fallbackdir):
|
||||
- Regenerate fallback directories generated on December 06, 2022.
|
||||
|
||||
o Minor features (geoip data):
|
||||
- Update the geoip files to match the IPFire Location Database, as
|
||||
retrieved on 2022/12/06.
|
||||
|
||||
o Minor bugfixes (cpuworker, relay):
|
||||
- Fix an off by one overload calculation on the number of CPUs being
|
||||
used by our thread pool. Fixes bug 40719; bugfix on 0.3.5.1-alpha.
|
||||
|
||||
|
||||
Changes in version 0.4.5.15 - 2022-12-06
|
||||
This version has several major changes for directory authorities. And a
|
||||
major bugfix on OSX. Again, we strongly recommend to upgrade to our 0.4.7.x
|
||||
series latest stable. This series is EOL on February 15th, 2023.
|
||||
|
||||
o Directory authority changes (dizum):
|
||||
- Change dizum IP address. Closes ticket 40687.
|
||||
|
||||
o Directory authority changes (Faravahar):
|
||||
- Remove Faravahar until its operator, Sina, set it back up online
|
||||
outside of Team Cymru network. Closes ticket 40688.
|
||||
|
||||
o Directory authority changes (moria1):
|
||||
- Rotate the relay identity key and v3 identity key for moria1. They
|
||||
have been online for more than a decade and refreshing keys
|
||||
periodically is good practice. Advertise new ports too, to avoid
|
||||
confusion. Closes ticket 40722.
|
||||
|
||||
o Major bugfixes (OSX):
|
||||
- Fix coarse-time computation on Apple platforms (like Mac M1) where
|
||||
the Mach absolute time ticks do not correspond directly to
|
||||
nanoseconds. Previously, we computed our shift value wrong, which
|
||||
led us to give incorrect timing results. Fixes bug 40684; bugfix
|
||||
on 0.3.3.1-alpha.
|
||||
|
||||
o Major bugfixes (relay):
|
||||
- Improve security of our DNS cache by randomly clipping the TTL
|
||||
value. TROVE-2021-009. Fixes bug 40674; bugfix on 0.3.5.1-alpha.
|
||||
|
||||
o Minor features (fallbackdir):
|
||||
- Regenerate fallback directories generated on December 06, 2022.
|
||||
|
||||
o Minor features (geoip data):
|
||||
- Update the geoip files to match the IPFire Location Database, as
|
||||
retrieved on 2022/12/06.
|
||||
|
||||
|
||||
Changes in version 0.4.7.11 - 2022-11-10
|
||||
This version contains several major fixes aimed at helping defend against
|
||||
network denial of service. It is also extending drastically the MetricsPort
|
||||
for relays to help us gather more internal data to investigate performance
|
||||
and attacks.
|
||||
|
||||
We strongly recommend to upgrade to this version especially for Exit relays
|
||||
in order to help the network defend against this ongoing DDoS.
|
||||
|
||||
o Directory authority changes (dizum, Faravahar):
|
||||
- Change dizum IP address. Closes ticket 40687.
|
||||
- Remove Faravahar until its operator, Sina, set it back up online
|
||||
outside of Team Cymru network. Closes ticket 40688.
|
||||
|
||||
o Major bugfixes (geoip data):
|
||||
- IPFire informed us on August 12th that databases generated after
|
||||
(including) August 10th did not have proper ARIN network
|
||||
allocations. We are updating the database to use the one generated
|
||||
on August 9th, 2022. Fixes bug 40658; bugfix on 0.4.5.13.
|
||||
|
||||
o Major bugfixes (onion service):
|
||||
- Set a much higher circuit build timeout for opened client rendezvous
|
||||
circuit. Before this, tor would time them out very quickly leading to
|
||||
unnecessary retries meaning more load on the network. Fixes bug 40694;
|
||||
bugfix on 0.3.5.1-alpha.
|
||||
|
||||
o Major bugfixes (OSX):
|
||||
- Fix coarse-time computation on Apple platforms (like Mac M1) where
|
||||
the Mach absolute time ticks do not correspond directly to
|
||||
nanoseconds. Previously, we computed our shift value wrong, which
|
||||
led us to give incorrect timing results. Fixes bug 40684; bugfix
|
||||
on 0.3.3.1-alpha.
|
||||
|
||||
o Major bugfixes (relay):
|
||||
- Improve security of our DNS cache by randomly clipping the TTL
|
||||
value. TROVE-2021-009. Fixes bug 40674; bugfix on 0.3.5.1-alpha.
|
||||
|
||||
o Minor feature (Mac and iOS build):
|
||||
- Change how combine_libs works on Darwin like platforms to make
|
||||
sure we don't include any `__.SYMDEF` and `__.SYMDEF SORTED`
|
||||
symbols on the archive before we repack and run ${RANLIB} on the
|
||||
archive. This fixes a build issue with recent Xcode versions on
|
||||
Mac Silicon and iOS. Closes ticket 40683.
|
||||
|
||||
o Minor feature (metrics):
|
||||
- Add various congestion control counters to the MetricsPort. Closes
|
||||
ticket 40708.
|
||||
|
||||
o Minor feature (performance):
|
||||
- Bump the maximum amount of CPU that can be used from 16 to 128. Note
|
||||
that NumCPUs torrc option overrides this hardcoded maximum. Fixes bug
|
||||
40703; bugfix on 0.3.5.1-alpha.
|
||||
|
||||
o Minor feature (relay):
|
||||
- Make an hardcoded value for the maximum of per CPU tasks into a
|
||||
consensus parameter.
|
||||
- Two new consensus parameters are added to control the wait time in
|
||||
queue of the onionskins. One of them is the torrc
|
||||
MaxOnionQueueDelay options which supersedes the consensus
|
||||
parameter. Closes ticket 40704.
|
||||
|
||||
o Minor feature (relay, DoS):
|
||||
- Apply circuit creation anti-DoS defenses if the outbound circuit
|
||||
max cell queue size is reached too many times. This introduces two
|
||||
new consensus parameters to control the queue size limit and
|
||||
number of times allowed to go over that limit. Closes ticket 40680.
|
||||
|
||||
o Minor feature (relay, metrics):
|
||||
- Add DoS defenses counter to MetricsPort.
|
||||
- Add congestion control RTT reset counter to MetricsPort.
|
||||
- Add counters to the MetricsPort how many connections, per type,
|
||||
are currently opened and how many were created.
|
||||
- Add relay flags from the consensus to the MetricsPort.
|
||||
- Add total number of opened circuits to MetricsPort.
|
||||
- Add total number of streams seen by an Exit to the MetricsPort.
|
||||
- Add traffic stats as in number of read/written bytes in total.
|
||||
- Related to ticket 40194.
|
||||
|
||||
o Minor features (fallbackdir):
|
||||
- Regenerate fallback directories generated on November 10, 2022.
|
||||
|
||||
o Minor features (geoip data):
|
||||
- Update the geoip files to match the IPFire Location Database, as
|
||||
retrieved on 2022/11/10.
|
||||
|
||||
o Minor bugfixes (authorities, sandbox):
|
||||
- Allow to write file my-consensus-<flavor-name> to disk when
|
||||
sandbox is activated. Fixes bug 40663; bugfix on 0.3.5.1-alpha.
|
||||
|
||||
o Minor bugfixes (dirauth):
|
||||
- Directory authorities stop voting a consensus "Measured" weight
|
||||
for relays with the Authority flag. Now these relays will be
|
||||
considered unmeasured, which should reserve their bandwidth for
|
||||
their dir auth role and minimize distractions from other roles. In
|
||||
place of the "Measured" weight, they now include a
|
||||
"MeasuredButAuthority" weight (not used by anything) so the
|
||||
bandwidth authority's opinion on this relay can be recorded for
|
||||
posterity. Lastly, remove the AuthDirDontVoteOnDirAuthBandwidth
|
||||
torrc option which never worked right. Fixes bugs 40698 and 40700;
|
||||
bugfix on 0.4.7.2-alpha.
|
||||
|
||||
o Minor bugfixes (onion service client):
|
||||
- A collapsing onion service circuit should be seen as an
|
||||
"unreachable" error so it can be retried. Fixes bug 40692; bugfix
|
||||
on 0.3.5.1-alpha.
|
||||
|
||||
o Minor bugfixes (onion service):
|
||||
- Make the service retry a rendezvous if the circuit is being
|
||||
repurposed for measurements. Fixes bug 40696; bugfix
|
||||
on 0.3.5.1-alpha.
|
||||
|
||||
o Minor bugfixes (relay overload statistics):
|
||||
- Count total create cells vs dropped create cells properly, when
|
||||
assessing if our fraction of dropped cells is too high. We only
|
||||
count non-client circuits in the denominator, but we would include
|
||||
client circuits in the numerator, leading to surprising log lines
|
||||
claiming that we had dropped more than 100% of incoming create
|
||||
cells. Fixes bug 40673; bugfix on 0.4.7.1-alpha.
|
||||
|
||||
o Code simplification and refactoring (bridges):
|
||||
- Remove unused code related to ExtPort connection ID. Fixes bug
|
||||
40648; bugfix on 0.3.5.1-alpha.
|
||||
|
||||
|
||||
Changes in version 0.4.7.10 - 2022-08-12
|
||||
This version updates the geoip cache that we generate from IPFire location
|
||||
database to use the August 9th, 2022 one. Everyone MUST update to this
|
||||
latest release else circuit path selection and relay metrics are badly
|
||||
affected.
|
||||
|
||||
o Major bugfixes (geoip data):
|
||||
- IPFire informed us on August 12th that databases generated after
|
||||
(including) August 10th did not have proper ARIN network allocations. We
|
||||
are updating the database to use the one generated on August 9th, 2022.
|
||||
Fixes bug 40658; bugfix on 0.4.7.9.
|
||||
|
||||
|
||||
Changes in version 0.4.6.12 - 2022-08-12
|
||||
This version updates the geoip cache that we generate from IPFire location
|
||||
database to use the August 9th, 2022 one. Everyone MUST update to this
|
||||
latest release else circuit path selection and relay metrics are badly
|
||||
affected.
|
||||
|
||||
o Major bugfixes (geoip data):
|
||||
- IPFire informed us on August 12th that databases generated after
|
||||
(including) August 10th did not have proper ARIN network allocations. We
|
||||
are updating the database to use the one generated on August 9th, 2022.
|
||||
Fixes bug 40658; bugfix on 0.4.6.11.
|
||||
|
||||
|
||||
Changes in version 0.4.5.14 - 2022-08-12
|
||||
This version updates the geoip cache that we generate from IPFire location
|
||||
database to use the August 9th, 2022 one. Everyone MUST update to this
|
||||
latest release else circuit path selection and relay metrics are badly
|
||||
affected.
|
||||
|
||||
o Major bugfixes (geoip data):
|
||||
- IPFire informed us on August 12th that databases generated after
|
||||
(including) August 10th did not have proper ARIN network allocations. We
|
||||
are updating the database to use the one generated on August 9th, 2022.
|
||||
Fixes bug 40658; bugfix on 0.4.5.13.
|
||||
|
||||
|
||||
Changes in version 0.4.7.9 - 2022-08-11
|
||||
This version contains several major fixes aimed at reducing memory pressure on
|
||||
relays and possible side-channel. It also contains a major bugfix related to
|
||||
|
Loading…
Reference in New Issue
Block a user