From dfc1b62fc5975a4ab36768c3d16ed0df6a749393 Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Sat, 16 Nov 2013 23:02:26 -0500 Subject: [PATCH] forward-port the 0.2.4.18-rc changelog --- ChangeLog | 93 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 93 insertions(+) diff --git a/ChangeLog b/ChangeLog index afa70f841e..3bb89d299e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,96 @@ +Changes in version 0.2.4.18-rc - 2013-11-16 + Tor 0.2.4.18-rc is the fourth release candidate for the Tor 0.2.4.x + series. It takes a variety of fixes from the 0.2.5.x branch to improve + stability, performance, and better handling of edge cases. + + o Major features: + - Re-enable TLS 1.1 and 1.2 when built with OpenSSL 1.0.1e or later. + Resolves ticket 6055. (OpenSSL before 1.0.1 didn't have TLS 1.1 or + 1.2, and OpenSSL from 1.0.1 through 1.0.1d had bugs that prevented + renegotiation from working with TLS 1.1 or 1.2, so we had disabled + them to solve bug 6033.) + + o Major bugfixes: + - No longer stop reading or writing on cpuworker connections when + our rate limiting buckets go empty. Now we should handle circuit + handshake requests more promptly. Resolves bug 9731. + - If we are unable to save a microdescriptor to the journal, do not + drop it from memory and then reattempt downloading it. Fixes bug + 9645; bugfix on 0.2.2.6-alpha. + - Stop trying to bootstrap all our directory information from + only our first guard. Discovered while fixing bug 9946; bugfix + on 0.2.4.8-alpha. + - The new channel code sometimes lost track of in-progress circuits, + causing long-running clients to stop building new circuits. The + fix is to always call circuit_n_chan_done(chan, 0) from + channel_closed(). Fixes bug 9776; bugfix on 0.2.4.17-rc. + + o Minor bugfixes (on 0.2.4.x): + - Correctly log long IPv6 exit policies, instead of truncating them + or reporting an error. Fixes bug 9596; bugfix on 0.2.4.7-alpha. + - Our default TLS ecdhe groups were backwards: we meant to be using + P224 for relays (for performance win) and P256 for bridges (since + it is more common in the wild). Instead we had it backwards. After + reconsideration, we decided that the default should be P256 on all + hosts, since its security is probably better, and since P224 is + reportedly used quite little in the wild. Found by "skruffy" on + IRC. Fix for bug 9780; bugfix on 0.2.4.8-alpha. + - Free directory authority certificate download statuses on exit + rather than leaking them. Fixes bug 9644; bugfix on 0.2.4.13-alpha. + + o Minor bugfixes (on 0.2.3.x and earlier): + - If the guard we choose first doesn't answer, we would try the + second guard, but once we connected to the second guard we would + abandon it and retry the first one, slowing down bootstrapping. + The fix is to treat all our initially chosen guards as acceptable + to use. Fixes bug 9946; bugfix on 0.1.1.11-alpha. + - Fix an assertion failure that would occur when disabling the + ORPort setting on a running Tor process while accounting was + enabled. Fixes bug 6979; bugfix on 0.2.2.18-alpha. + - When examining the list of network interfaces to find our address, + do not consider non-running or disabled network interfaces. Fixes + bug 9904; bugfix on 0.2.3.11-alpha. Patch from "hantwister". + - Avoid an off-by-one error when checking buffer boundaries when + formatting the exit status of a pluggable transport helper. + This is probably not an exploitable bug, but better safe than + sorry. Fixes bug 9928; bugfix on 0.2.3.18-rc. Bug found by + Pedro Ribeiro. + + o Minor features (protecting client timestamps): + - Clients no longer send timestamps in their NETINFO cells. These were + not used for anything, and they provided one small way for clients + to be distinguished from each other as they moved from network to + network or behind NAT. Implements part of proposal 222. + - Clients now round timestamps in INTRODUCE cells down to the nearest + 10 minutes. If a new Support022HiddenServices option is set to 0, or + if it's set to "auto" and the feature is disabled in the consensus, + the timestamp is sent as 0 instead. Implements part of proposal 222. + - Stop sending timestamps in AUTHENTICATE cells. This is not such + a big deal from a security point of view, but it achieves no actual + good purpose, and isn't needed. Implements part of proposal 222. + - Reduce down accuracy of timestamps in hidden service descriptors. + Implements part of proposal 222. + + o Minor features (other): + - Improve the circuit queue out-of-memory handler. Previously, when + we ran low on memory, we'd close whichever circuits had the most + queued cells. Now, we close those that have the *oldest* queued + cells, on the theory that those are most responsible for us + running low on memory. Based on analysis from a forthcoming paper + by Jansen, Tschorsch, Johnson, and Scheuermann. Fixes bug 9093. + - Generate bootstrapping status update events correctly when fetching + microdescriptors. Fixes bug 9927. + - Update to the October 2 2013 Maxmind GeoLite Country database. + + o Documentation fixes: + - Clarify the usage and risks of setting the ContactInfo torrc line + for your relay or bridge. Resolves ticket 9854. + - Add anchors to the manpage so we can link to the html version of + the documentation for specific options. Resolves ticket 9866. + - Replace remaining references to DirServer in man page and + log entries. Resolves ticket 10124. + + Changes in version 0.2.5.1-alpha - 2013-10-02 Tor 0.2.5.1-alpha introduces experimental support for syscall sandboxing on Linux, allows bridges that offer pluggable transports to report usage