mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 15:43:32 +01:00
Begin work on a changelog
This commit is contained in:
parent
abdf2a6f7f
commit
e5d78c70b0
151
ChangeLog
151
ChangeLog
@ -1,3 +1,154 @@
|
|||||||
|
Changes in version 0.3.3.2-alpha - 2018-02-09
|
||||||
|
Blurb here.
|
||||||
|
|
||||||
|
o Major features (denial-of-service mitigation):
|
||||||
|
- Give relays some defenses against the recent network overload. We
|
||||||
|
start with three defenses (default parameters in parentheses).
|
||||||
|
First: if a single client address makes too many concurrent
|
||||||
|
connections (>100), hang up on further connections. Second: if a
|
||||||
|
single client address makes circuits too quickly (more than 3 per
|
||||||
|
second, with an allowed burst of 90) while also having too many
|
||||||
|
connections open (3), refuse new create cells for the next while
|
||||||
|
(1-2 hours). Third: if a client asks to establish a rendezvous
|
||||||
|
point to you directly, ignore the request. These defenses can be
|
||||||
|
manually controlled by new torrc options, but relays will also
|
||||||
|
take guidance from consensus parameters, so there's no need to
|
||||||
|
configure anything manually. Implements ticket 24902.
|
||||||
|
|
||||||
|
o Major bugfixes (netflow padding):
|
||||||
|
- Stop adding unneeded channel padding right after we finish
|
||||||
|
flushing to a connection that has been trying to flush for many
|
||||||
|
seconds. Instead, treat all partial or complete flushes as
|
||||||
|
activity on the channel, which will defer the time until we need
|
||||||
|
to add padding. This fix should resolve confusing and scary log
|
||||||
|
messages like "Channel padding timeout scheduled 221453ms in the
|
||||||
|
past." Fixes bug 22212; bugfix on 0.3.1.1-alpha.
|
||||||
|
|
||||||
|
o Major bugfixes (protocol versions):
|
||||||
|
- Add Link protocol version 5 to the supported protocols list. Fixes
|
||||||
|
bug 25070; bugfix on 0.3.1.1-alpha.
|
||||||
|
|
||||||
|
o Major bugfixes (scheduler, consensus):
|
||||||
|
- A logic in the code was preventing the scheduler subystem to
|
||||||
|
properly make a decision based on the latest consensus when it
|
||||||
|
arrives. This lead to the scheduler failing to notice any
|
||||||
|
consensus parameters that might have changed between consensuses.
|
||||||
|
Fixes bug 24975; bugfix on 0.3.2.1-alpha.
|
||||||
|
|
||||||
|
o Minor features (denial-of-service avoidance):
|
||||||
|
- Make our OOM handler aware of the geoip client history cache so it
|
||||||
|
doesn't fill up the memory which is especially important for IPv6
|
||||||
|
and our DoS mitigation subsystem. Closes ticket 25122.
|
||||||
|
|
||||||
|
o Minor features (directory authority):
|
||||||
|
- When unable to add signatures to a pending consensus, log the
|
||||||
|
reason why. Closes ticket 24849.
|
||||||
|
|
||||||
|
o Minor features (geoip):
|
||||||
|
- Update geoip and geoip6 to the February 7 2018 Maxmind GeoLite2
|
||||||
|
Country database.
|
||||||
|
|
||||||
|
o Minor features (logging, diagnostic):
|
||||||
|
- When logging a failure to check a onion service's certificate,
|
||||||
|
also log what the problem with the certificate was. Diagnostic for
|
||||||
|
ticket 24972.
|
||||||
|
|
||||||
|
o Minor bugfix (channel connection):
|
||||||
|
- The accurate address of a connection is real_addr, not the addr
|
||||||
|
member. TLS Channel remote address is now real_addr content
|
||||||
|
instead of addr member. Fixes bug 24952; bugfix on 707c1e2e26 in
|
||||||
|
0.2.4.11-alpha. Patch by "ffmancera".
|
||||||
|
|
||||||
|
o Minor bugfix (directory authority, documentation):
|
||||||
|
- When a fingerprint or network address is marked as rejected, the
|
||||||
|
returned message by the authority now explicitly mention to set a
|
||||||
|
valid ContactInfo address and contact the bad-relays@ mailing
|
||||||
|
list. Fixes bug 25170; bugfix on 0.2.9.1.
|
||||||
|
|
||||||
|
o Minor bugfixes (all versions of Tor):
|
||||||
|
- Use the "misspell" tool to detect and fix typos throughout the
|
||||||
|
source code. Fixes bug 23650; bugfix on various versions of Tor.
|
||||||
|
Patch from Deepesh Pathak.
|
||||||
|
|
||||||
|
o Minor bugfixes (circuit, cannibalization):
|
||||||
|
- Don't cannibalize circuits for which we don't know the first hop
|
||||||
|
which can happen if our Guard relay went off the consensus after
|
||||||
|
the circuit was created preemptively. Fixes bug 24469; bugfix
|
||||||
|
on 0.0.6.
|
||||||
|
|
||||||
|
o Minor bugfixes (correctness):
|
||||||
|
- Remove a nonworking, unnecessary check to see whether a circuit
|
||||||
|
hop's identity was set when the circuit failed. Fixes bug 24927;
|
||||||
|
bugfix on 0.2.4.4-alpha.
|
||||||
|
|
||||||
|
o Minor bugfixes (onion services):
|
||||||
|
- Remove a BUG() statement which can be triggered in normal
|
||||||
|
circumstances where a client fetches a descriptor that has a lower
|
||||||
|
revision counter than the one in its cache. This can happen due to
|
||||||
|
HSDir desync. Fixes bug 24976; bugfix on 0.3.2.1-alpha.
|
||||||
|
- Don't log in the heartbeat any long term established one hop
|
||||||
|
rendezvous points if tor is a single onion service. Fixes bug
|
||||||
|
25116; bugfix on 0.2.9.6-rc;
|
||||||
|
|
||||||
|
o Minor bugfixes (logging):
|
||||||
|
- Don't treat inability to store a cached consensus object as a bug:
|
||||||
|
it can happen normally when we are out of disk space. Fixes bug
|
||||||
|
24859; bugfix on 0.3.1.1-alpha.
|
||||||
|
- Fix a (mostly harmless) race condition when invoking
|
||||||
|
LOG_PROTOCOL_WARN message from a subthread while the options are
|
||||||
|
changing. Fixes bug 23954; bugfix on 0.1.1.9-alpha.
|
||||||
|
|
||||||
|
o Minor bugfixes (performance):
|
||||||
|
- Avoid calling protocol_list_supports_protocol() from inside tight
|
||||||
|
loops when running with cached routerinfo_t objects. Instead,
|
||||||
|
summarize the relevant protocols as flags in the routerinfo_t, as
|
||||||
|
we do for routerstatus_t objects. This change simplifies our code
|
||||||
|
a little, and saves a large amount of short-term memory allocation
|
||||||
|
operations. Fixes bug 25008; bugfix on 0.2.9.4-alpha.
|
||||||
|
|
||||||
|
o Minor bugfixes (Rust FFI):
|
||||||
|
- Fix a minor memory leak which would happen whenever the C code
|
||||||
|
would call the Rust implementation of
|
||||||
|
protover_get_supported_protocols(). This was due to the C version
|
||||||
|
returning a static string, whereas the Rust version newly allocated
|
||||||
|
a CString to pass accross the FFI boundary. Consequently, the C
|
||||||
|
code was not expecting to need to free() what it was given. Fixes
|
||||||
|
bug 25127; bugfix on 0.3.2.1-alpha.
|
||||||
|
|
||||||
|
o Minor bugfixes (scheduler, KIST):
|
||||||
|
- Avoid adding the same channel twice in the KIST scheduler pending
|
||||||
|
list wasting CPU cycles at handling the same channel twice. Fixes
|
||||||
|
bug 24700; bugfix on 0.3.2.1-alpha.
|
||||||
|
|
||||||
|
o Minor bugfixes (unit test, monotonic time):
|
||||||
|
- Bump a gap of 1msec to 10msec used in the monotonic time test that
|
||||||
|
makes sure the nsec/usec/msec time read are synchronized. This
|
||||||
|
change was needed to accommodate slow system like armel or when
|
||||||
|
the clock_gettime() is not a VDSO on the running kernel. Fixes bug
|
||||||
|
25113; bugfix on 0.2.9.1.
|
||||||
|
|
||||||
|
o Minor bugfixes (v3 onion services):
|
||||||
|
- Look at the "HSRend" protocol version, not the "HSDir" protocol
|
||||||
|
version, when deciding whether a consensus entry can support the
|
||||||
|
v3 onion service protocol as a rendezvous point. Fixes bug 25105;
|
||||||
|
bugfix on 0.3.2.1-alpha.
|
||||||
|
|
||||||
|
o Code simplification and refactoring:
|
||||||
|
- Remove the unused nodelist_recompute_all_hsdir_indices(). Closes
|
||||||
|
ticket 25108.
|
||||||
|
|
||||||
|
o Documentation:
|
||||||
|
- HiddenServiceVersion only accepts one version to be specified.
|
||||||
|
This version can either be version 2 or 3. Closes ticket 25026;
|
||||||
|
bugfix on 0.3.2.2-alpha.
|
||||||
|
|
||||||
|
o Code simplification and refactoring (rephist):
|
||||||
|
- Remove a series of counters used to track circuit extend attemps
|
||||||
|
and connection status but that in reality we aren't using for
|
||||||
|
anything other than stats logged by a SIGUSR1 signal. Closes
|
||||||
|
ticket 25163.
|
||||||
|
|
||||||
|
|
||||||
Changes in version 0.3.3.1-alpha - 2018-01-25
|
Changes in version 0.3.3.1-alpha - 2018-01-25
|
||||||
Tor 0.3.3.1-alpha is the first release in the 0.3.3.x series. It adds
|
Tor 0.3.3.1-alpha is the first release in the 0.3.3.x series. It adds
|
||||||
several new features to Tor, including several improvements to
|
several new features to Tor, including several improvements to
|
||||||
|
@ -1,8 +0,0 @@
|
|||||||
o Major bugfixes (netflow padding):
|
|
||||||
- Stop adding unneeded channel padding right after we finish flushing
|
|
||||||
to a connection that has been trying to flush for many seconds.
|
|
||||||
Instead, treat all partial or complete flushes as activity on the
|
|
||||||
channel, which will defer the time until we need to add padding.
|
|
||||||
This fix should resolve confusing and scary log messages like
|
|
||||||
"Channel padding timeout scheduled 221453ms in the past." Fixes
|
|
||||||
bug 22212; bugfix on 0.3.1.1-alpha.
|
|
@ -1,4 +0,0 @@
|
|||||||
o Minor bugfixes (logging, race conditions):
|
|
||||||
- Fix a (mostly harmless) race condition when invoking
|
|
||||||
LOG_PROTOCOL_WARN message from a subthread while the options are
|
|
||||||
changing. Fixes bug 23954; bugfix on 0.1.1.9-alpha.
|
|
@ -1,4 +0,0 @@
|
|||||||
o Minor bugfixes (circuit, cannibalization):
|
|
||||||
- Don't cannibalize circuits for which we don't know the first hop which
|
|
||||||
can happen if our Guard relay went off the consensus after the circuit
|
|
||||||
was created preemptively. Fixes bug 24469; bugfix on 0.0.6.
|
|
@ -1,4 +0,0 @@
|
|||||||
o Minor bugfixes (scheduler, KIST):
|
|
||||||
- Avoid adding the same channel twice in the KIST scheduler pending list
|
|
||||||
wasting CPU cycles at handling the same channel twice. Fixes bug 24700;
|
|
||||||
bugfix on 0.3.2.1-alpha.
|
|
@ -1,4 +0,0 @@
|
|||||||
o Minor bugfixes (logging):
|
|
||||||
- Don't treat inability to store a cached consensus object as a
|
|
||||||
bug: it can happen normally when we are out of disk space.
|
|
||||||
Fixes bug 24859; bugfix on 0.3.1.1-alpha.
|
|
@ -1,4 +0,0 @@
|
|||||||
o Minor bugfixes (correctness):
|
|
||||||
- Remove nonworking, unnecessary check to see whether a circuit hop's
|
|
||||||
identity was set when the circuit failed. Fixes bug 24927; bugfix on
|
|
||||||
0.2.4.4-alpha.
|
|
@ -1,5 +0,0 @@
|
|||||||
o Minor bugfix (channel connection):
|
|
||||||
- The accurate address of a connection is real_addr, not the addr member.
|
|
||||||
TLS Channel remote address is now real_addr content instead of addr
|
|
||||||
member. Fixes bug 24952; bugfix on 707c1e2e26 in 0.2.4.11-alpha.
|
|
||||||
Patch by "ffmancera".
|
|
@ -1,4 +0,0 @@
|
|||||||
o Minor features (logging, diagnostic):
|
|
||||||
- When logging a failure to check a hidden service's certificate,
|
|
||||||
also log what the problem with the certificate was. Diagnostic
|
|
||||||
for ticket 24972.
|
|
@ -1,6 +0,0 @@
|
|||||||
o Major bugfixes (scheduler, consensus):
|
|
||||||
- A logic in the code was preventing the scheduler subystem to properly
|
|
||||||
make a decision based on the latest consensus when it arrives. This lead
|
|
||||||
to the scheduler failing to notice any consensus parameters that might
|
|
||||||
have changed between consensuses. Fixes bug 24975; bugfix on
|
|
||||||
0.3.2.1-alpha.
|
|
@ -1,5 +0,0 @@
|
|||||||
o Minor bugfixes (hidden service v3 client):
|
|
||||||
- Remove a BUG() statement which can be triggered in normal circumstances
|
|
||||||
where a client fetches a descriptor that has a lower revision counter
|
|
||||||
than the one in its cache. This can happen due to HSDir desync. Fixes
|
|
||||||
bug 24976; bugfix on 0.3.2.1-alpha.
|
|
@ -1,9 +0,0 @@
|
|||||||
o Minor bugfixes (performance):
|
|
||||||
- Avoid calling protocol_list_supports_protocol() from inside tight loops
|
|
||||||
when running with cached routerinfo_t objects. Instead,
|
|
||||||
summarize the relevant protocols as flags in the routerinfo_t, as we do
|
|
||||||
for routerstatus_t objects. This change simplifies our code a little,
|
|
||||||
and saves a large amount of short-term memory allocation operations.
|
|
||||||
Fixes bug 25008; bugfix on 0.2.9.4-alpha.
|
|
||||||
|
|
||||||
|
|
@ -1,4 +0,0 @@
|
|||||||
o Documentation:
|
|
||||||
- HiddenServiceVersion only accepts one version to be specified. This
|
|
||||||
version can either be version 2 or 3. Closes ticket 25026; bugfix on
|
|
||||||
0.3.2.2-alpha.
|
|
@ -1,3 +0,0 @@
|
|||||||
o Major bugfixes (protocol versions):
|
|
||||||
- Add Link protocol version 5 to the supported protocols list.
|
|
||||||
Fixes bug 25070; bugfix on 0.3.1.1-alpha.
|
|
@ -1,5 +0,0 @@
|
|||||||
o Minor bugfixes (v3 onion services):
|
|
||||||
- Look at the "HSRend" protocol version, not the "HSDir" protocol
|
|
||||||
version, when deciding whether a consensus entry can support
|
|
||||||
the v3 onion service protocol as a rendezvous point.
|
|
||||||
Fixes bug 25105; bugfix on 0.3.2.1-alpha.
|
|
@ -1,5 +0,0 @@
|
|||||||
o Minor bugfixes (unit test, monotonic time):
|
|
||||||
- Bump a gap of 1msec to 10msec used in the monotonic time test that makes
|
|
||||||
sure the nsec/usec/msec time read are synchronized. This change was
|
|
||||||
needed to accommodate slow system like armel or when the clock_gettime()
|
|
||||||
is not a VDSO on the running kernel. Fixes bug 25113; bugfix on 0.2.9.1.
|
|
@ -1,4 +0,0 @@
|
|||||||
o Minor bugfixes (hidden service, heartbeat):
|
|
||||||
- Don't log in the heartbeat any long term established one hop rendezvous
|
|
||||||
points if tor is a single onion service. Fixes bug 25116; bugfix on
|
|
||||||
0.2.9.6-rc;
|
|
@ -1,7 +0,0 @@
|
|||||||
o Minor bugfixes (Rust FFI):
|
|
||||||
- Fix a minor memory leak which would happen whenever the C code would call
|
|
||||||
the Rust implementation of protover_get_supported_protocols(). This was
|
|
||||||
due to the C version returning a static string, whereas the Rust version
|
|
||||||
newly allocated a CString to pass accross the FFI boundary. Consequently,
|
|
||||||
the C code was not expecting to need to free() what it was given. Fixes
|
|
||||||
bug 25127; bugfix on 0.3.2.1-alpha.
|
|
@ -1,4 +0,0 @@
|
|||||||
o Minor features (geoip):
|
|
||||||
- Update geoip and geoip6 to the February 7 2018 Maxmind GeoLite2
|
|
||||||
Country database.
|
|
||||||
|
|
@ -1,4 +0,0 @@
|
|||||||
o Minor bugfixes (all versions of Tor):
|
|
||||||
- Use the "misspell" tool to detect and fix typos throughout the source
|
|
||||||
code. Fixes bug 23650; bugfix on various versions of Tor. Patch
|
|
||||||
from Deepesh Pathak.
|
|
@ -1,3 +0,0 @@
|
|||||||
o Minor features (directory authority):
|
|
||||||
- When unable to add signatures to a pending consensus, log the reason
|
|
||||||
why. Closes ticket 24849.
|
|
@ -1,13 +0,0 @@
|
|||||||
o Major features (denial of service mitigation):
|
|
||||||
- Give relays some defenses against the recent network overload. We start
|
|
||||||
with three defenses (default parameters in parentheses). First: if a
|
|
||||||
single client address makes too many concurrent connections (>100), hang
|
|
||||||
up on further connections. Second: if a single client address makes
|
|
||||||
circuits too quickly (more than 3 per second, with an allowed burst of
|
|
||||||
90) while also having too many connections open (3), refuse new create
|
|
||||||
cells for the next while (1-2 hours). Third: if a client asks to
|
|
||||||
establish a rendezvous point to you directly, ignore the request. These
|
|
||||||
defenses can be manually controlled by new torrc options, but relays
|
|
||||||
will also take guidance from consensus parameters, so there's no need to
|
|
||||||
configure anything manually. Implements ticket 24902.
|
|
||||||
|
|
@ -1,3 +0,0 @@
|
|||||||
o Code simplification and refactoring:
|
|
||||||
- Remove the unused nodelist_recompute_all_hsdir_indices(). Closes ticket
|
|
||||||
25108.
|
|
@ -1,4 +0,0 @@
|
|||||||
o Minor feature (geoip cache):
|
|
||||||
- Make our OOM handler aware of the geoip client history cache so it
|
|
||||||
doesn't fill up the memory which is especially important for IPv6 and
|
|
||||||
our DoS mitigation subsystem. Closes ticket 25122.
|
|
@ -1,4 +0,0 @@
|
|||||||
o Code simplification and refactoring (rephist):
|
|
||||||
- Remove a series of counters used to track circuit extend attemps and
|
|
||||||
connection status but that in reality we aren't using for anything other
|
|
||||||
than stats logged by a SIGUSR1 signal. Closes ticket 25163.
|
|
@ -1,5 +0,0 @@
|
|||||||
o Minor bugfix (directory authority, documentation):
|
|
||||||
- When a fingerprint or network address is marked as rejected, the
|
|
||||||
returned message by the authority now explicitly mention to set a valid
|
|
||||||
ContactInfo address and contact the bad-relays@ mailing list. Fixes bug
|
|
||||||
25170; bugfix on 0.2.9.1.
|
|
Loading…
Reference in New Issue
Block a user