- Changes in version 0.2.1.17-?? - 2009-??-??
+Changes in version 0.2.2.1-alpha - 2009-??-??
+ o Security fixes:
+ - Fix an edge case where a malicious exit relay could convince a
+ controller that the client's DNS question resolves to an internal IP
+ address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.
+
+ o Major features:
+ - Add support for dynamic OpenSSL hardware crypto acceleration engines
+ via new AccelName and AccelDir options.
+
+ o Minor features:
+ - New --digests command-line switch to output the digests of the
+ source files Tor was built with.
+ - The "torify" script now uses torsocks where available.
+ - The memarea code now uses a sentinel value at the end of each area
+ to make sure nothing writes beyond the end of an area. This might
+ help debug some conceivable causes of bug 930.
+ - Directories that are configured with the --enable-geoip-stats flag
+ now write their GeoIP stats to disk exactly every 24 hours.
+
+ o Minor bugfixes
+ - Hidden service clients didn't use a cached service descriptor that
+ was older than 15 minutes, but wouldn't fetch a new one either. Now,
+ use a cached descriptor no matter how old it is and only fetch a new
+ one when all introduction points fail. Fix for bug 997. Patch from
+ Marcus Griep.
+ - Fix refetching of hidden service descriptors when all introduction
+ points have turned out to not work. Fixes more of bug 997.
+
+ o Deprecated and removed features:
+ - The controller no longer accepts the old obsolete "addr-mappings/"
+ GETINFO value.
+ - Hidden services no longer publish version 0 descriptors, and clients
+ do not request or use version 0 descriptors. However, the authorities
+ still accept and serve version 0 descriptors when contacted by older
+ hidden services/clients.
+ - The EXTENDED_EVENTS and VERBOSE_NAMES controller features are now
+ always on; using them is necessary for correct forward-compatible
+ controllers.
+
+
+ Changes in version 0.2.1.17-rc - 2009-07-02
+ o Major features:
+ - Clients now use the bandwidth values in the consensus, rather than
+ the bandwidth values in each relay descriptor. This approach opens
+ the door to more accurate bandwidth estimates once the directory
+ authorities start doing active measurements. Implements more of
+ proposal 141.
+
o Major bugfixes:
+ - When Tor clients restart after 1-5 days, they discard all their
+ cached descriptors as too old, but they still use the cached
+ consensus document. This approach is good for robustness, but
+ bad for performance: since they don't know any bandwidths, they
+ end up choosing at random rather than weighting their choice by
+ speed. Fixed by the above feature of putting bandwidths in the
+ consensus. Bugfix on 0.2.0.x.
- Directory authorities were neglecting to mark relays down in their
internal histories if the relays fall off the routerlist without
ever being found unreachable. So there were relays in the histories
goto err;
}
- /* first 20 bytes of payload are the hash of Bob's pk */
- if (entry->parsed->version == 0) { /* un-versioned descriptor */
- intro_key = entry->parsed->pk;
- } else { /* versioned descriptor */
- intro_key = NULL;
- SMARTLIST_FOREACH(entry->parsed->intro_nodes, rend_intro_point_t *,
- intro, {
- if (!memcmp(introcirc->build_state->chosen_exit->identity_digest,
- intro->extend_info->identity_digest, DIGEST_LEN)) {
- intro_key = intro->intro_key;
- break;
- }
- });
- if (!intro_key) {
- if (rend_cache_lookup_entry(introcirc->rend_data->onion_address,
- 0, &entry) > 0) {
- log_warn(LD_BUG, "We have both a v0 and a v2 rend desc for this "
- "service. The v2 desc doesn't contain the introduction "
- "point (and key) to send an INTRODUCE1/2 cell to this "
- "introduction point. Assuming the introduction point "
- "is for v0 rend clients and using the service key "
- "from the v0 desc instead. (This is probably a bug, "
- "because we shouldn't even have both a v0 and a v2 "
- "descriptor for the same service.)");
- /* See flyspray task 1024. */
- intro_key = entry->parsed->pk;
- } else {
- log_warn(LD_BUG, "Internal error: could not find intro key; we "
- "only have a v2 rend desc with %d intro points.",
- smartlist_len(entry->parsed->intro_nodes));
- goto err;
- }
+ /* first 20 bytes of payload are the hash of the intro key */
+ intro_key = NULL;
+ SMARTLIST_FOREACH(entry->parsed->intro_nodes, rend_intro_point_t *,
+ intro, {
+ if (!memcmp(introcirc->build_state->chosen_exit->identity_digest,
+ intro->extend_info->identity_digest, DIGEST_LEN)) {
+ intro_key = intro->intro_key;
+ break;
}
- log_warn(LD_BUG, "Internal error: could not find intro key.");
+ });
+ if (!intro_key) {
++ log_warn(LD_BUG, "Internal error: could not find intro key; we "
++ "only have a v2 rend desc with %d intro points.",
++ smartlist_len(entry->parsed->intro_nodes));
+ goto err;
}
if (crypto_pk_get_digest(intro_key, payload)<0) {
log_warn(LD_BUG, "Internal error: couldn't hash public key.");
projects / thirdparty / tor.git / commitdiff
