o Minor features:
-
- Add support for the TPROXY transparent proxying facility on Linux.
- See documentation for the new TransProxyType option for more details.
- Implementation by "thomo". Closes ticket 10582.
+ See documentation for the new TransProxyType option for more
+ details. Implementation by "thomo". Closes ticket 10582.
- - Minor bugfixes:
-
- - Treat ENETUNREACH, EACCES, and EPERM at an exit node as a
- NOROUTE error, not an INTERNAL error, since they can apparently
- happen when trying to connect to the wrong sort of
- netblocks. Fixes a part of bug 10777; bugfix on 0.1.0.1-rc.
+ o Minor bugfixes:
+ - Treat ENETUNREACH, EACCES, and EPERM connection failures at an
+ exit node as a NOROUTE error, not an INTERNAL error, since they
+ can apparently happen when trying to connect to the wrong sort
+ of netblocks. Fixes part of bug 10777; bugfix on 0.1.0.1-rc.
o Minor bugfixes:
- - Fix an always-true assertion in pluggable transports code. Fixes
- issue 10046. Found by dcb.
+ - Fix an always-true assertion in pluggable transports code so it
+ actually checks what it was trying to check. Fixes bug 10046;
+ bugfix on 0.2.3.9-alpha. Found by "dcb".
o Minor features:
- - Spawn background processes using the CREATE_NO_WINDOW flag on
- Windows, in order to prevent a console window from appearing.
- Resolves ticket 10297.
+ - On Windows, spawn background processes using the CREATE_NO_WINDOW
+ flag. Now Tor Browser Bundle 3.5 with pluggable transports enabled
+ doesn't pop up a blank console window. (In Tor Browser Bundle 2.x,
+ Vidalia set this option for us.) Implements ticket 10297.
o Minor bugfixes:
- - Fixed an erroneous pointer comparison that would have allowed
- compilers to remove a bounds check in channeltls.c. The fix
- was to remove the check entirely, since it was impossible for
- the code to overflow the bounds. Noticed by Jared L
- Wong. Fixes bug 10313 and 9980. Bugfix on 0.2.0.10-alpha.
-
+ - Remove an erroneous (but impossible and thus harmless) pointer
+ comparison that would have allowed compilers to skip a bounds
+ check in channeltls.c. Fixes bugs 10313 and 9980; bugfix on
+ 0.2.0.10-alpha. Noticed by Jared L Wong and David Fifield.
o Tool changes:
- - Make tor-gencert create 2048 bit signing keys. Addresses ticket #10324.
+ - Make the "tor-gencert" tool used by directory authority operators
+ create 2048-bit signing keys by default (rather than 1024-bit, since
+ 1024-bit is uncomfortably small these days). Addresses ticket 10324.
o Minor bugfixes:
-
- - When receving a VERSIONS cell with an odd number of bytes, close
- the connection immediately. Fix for bug 10365; bugfix on
- 0.2.0.10-alpha. Spotted by "bobnomnom"; fix by "rl1987".
+ - When receiving a VERSIONS cell with an odd number of bytes, close
+ the connection immediately since the cell is malformed. Fixes bug
+ 10365; bugfix on 0.2.0.10-alpha. Spotted by "bobnomnom"; fix by
+ "rl1987".
o Documentation fixes:
- - Note that all but one DirPort entry must have the NoAdvertise flag
- set. Fix for #10470.
+ - Document that all but one DirPort entry must have the NoAdvertise
+ flag set. Fixes bug 10470; bugfix on 0.2.3.3-alpha / 0.2.3.16-alpha.
-<<<<<<< HEAD
o Minor bugfixes:
- Turn "circuit handshake stats since last time" log messages into a
heartbeat message. Fixes bug 10485; bugfix on 0.2.4.17-rc.
-||||||| merged common ancestors
-=======
- o Minor bugfixes:
- - Move message about circuit handshake counts into the heartbeat
- message where it belongs, instead of logging it once per hour
- unconditionally. Fixes bug 10485; bugfix on 0.2.4.17-rc.
->>>>>>> origin/maint-0.2.4
- o Minor bugfixes:
- - Reject 0-lenth EXTEND2 cells more expicitly. Previously our code would
- reject them a bit later than it should have. This bug is
- harmless. Fixes bug 10536; bugfix on 0.2.4.8-alpha. Reported by
- "cypherpunks".
+ o Code simplification and refactoring:
+ - Reject 0-length EXTEND2 cells more explicitly. Fixes bug 10536;
+ bugfix on 0.2.4.8-alpha. Reported by "cypherpunks".
+
o Minor bugfixes:
- - If all nodes with the Exit flag have been disabled with the ExitNodes
- flag, consider nodes which can exit to other ports as well. Fixes bug
- 10543; bugfix on 0.2.4.10-alpha.
+ - If we set the ExitNodes option but it doesn't include any nodes
+ that have the Exit flag, we would choose not to bootstrap. Now we
+ bootstrap so long as ExitNodes includes nodes which can exit to
+ some port. Fixes bug 10543; bugfix on 0.2.4.10-alpha.
o Minor bugfixes:
- - Fix compilation on Solaris 9, which didn't like us to have an
- identifier namd "sun". Fixes bug 10565; bugfix in 0.2.5.1-alpha.
+ - Fix compilation on Solaris 9, which didn't like us having an
+ identifier named "sun". Fixes bug 10565; bugfix in 0.2.5.1-alpha.
o Minor bugfixes:
- - Consider non-excluded hidden service directory servers before
- excluded ones. Do not consider excluded hidden service directory
- servers at all if StrictNodes was set. (Previously, we would
- sometimes decide to connect to those servers, and then realize
- before we initiated a connection that we had excluded them.)
- Fix for bug #10722. Bugfix on 0.2.0.10-alpha. Reported by
- "mr-4".
+ - If ExcludeNodes is set, consider non-excluded hidden service
+ directory servers before excluded ones. Do not consider excluded
+ hidden service directory servers at all if StrictNodes is
+ set. (Previously, we would sometimes decide to connect to those
+ servers, and then realize before we initiated a connection that
+ we had excluded them.) Fixes bug 10722; bugfix on 0.2.0.10-alpha.
+ Reported by "mr-4".
- o Removed code
- - Remove all code that existed to support the v2 directory system:
- There are no longer any v2 directory authorities. Resolves
- bug 10758.
+ o Removed code and features:
+ - Remove all code that existed to support the v2 directory system,
+ since there are no longer any v2 directory authorities. Resolves
+ ticket 10758.
o Major bugfixes:
- - Do not treat END_STREAM_REASON_INTERNAL as indicating a definite
- circuit failure, since it could also indicate an ENETUNREACH
- error. Fixes part of bug 10777; bugfix on 0.2.4.8-alpha.
+ - Do not treat streams that fail with reason
+ END_STREAM_REASON_INTERNAL as indicating a definite circuit failure,
+ since it could also indicate an ENETUNREACH connection error. Fixes
+ part of bug 10777; bugfix on 0.2.4.8-alpha.
o Minor features (security):
- - Always clear OpenSSL bignums before freeing them--even bignums
+ - Always clear OpenSSL bignums before freeing them -- even bignums
that don't contain secrets. Resolves ticket 10793. Patch by
Florent Daigniere.
- o Minor bugfixes:
- - Suppress a warning that votes and signatures cannot be uploaded to
- other directory authorities if there's only one directory authority
- in the network. Bugfix on 0.2.2.26-beta. Resolves ticket 10842.
+ o Minor bugfixes (log messages):
+ - Suppress a warning where, if there's only one directory authority
+ in the network, we would complain that votes and signatures cannot
+ be uploaded to other directory authorities. Fixes bug 10842;
+ bugfix on 0.2.2.26-beta.
o Code simplification and refactoring:
- Remove data structures which were introduced to implement the
CellStatistics option: they are now redundant with the addition
- of timestamp to the regular packed_cell_t data structure, which
- we did in 0.2.4.18-rc in order to resolve #9093. Fixes bug
- 10870.
\ No newline at end of file
+ of a timestamp to the regular packed_cell_t data structure, which
+ we did in 0.2.4.18-rc in order to resolve ticket 9093. Implements
+ ticket 10870.
- o Removed code:
-
- - Remove code for designating authorities as "Hidden service
- authorities". There has been no use of hidden service authorities
- since 0.2.2.1-alpha, when we stopped uploading or downloading v0
- hidden service descriptors. Fixes bug 10881; part of a fix for bug
- 10841.
+ o Removed config options:
+ - Remove the HSAuthoritativeDir and AlternateHSAuthority torrc
+ options, which were used for designating authorities as "Hidden
+ service authorities". There has been no use of hidden service
+ authorities since 0.2.2.1-alpha, when we stopped uploading or
+ downloading v0 hidden service descriptors. Fixes bug 10881; also
+ part of a fix for bug 10841.
- o Minor bugfixes:
-
- - Added additional argument to write_chunks_to_file to optionally skip
- using a temp file to do non-atomic writes. Implements ticket #1376.
+ o Code simplification and refactoring:
+ - Previously we used two temporary files when writing descriptors to
+ disk; now we only use one. Implements ticket 1376.
o Minor bugfixes (build):
- Restore the ability to compile Tor with V2_HANDSHAKE_SERVER
- turned off. Fixes bug 4677; bugfix on 0.2.3.2-alpha. Patch
- from "piet".
+ turned off (that is, without support for v2 link handshakes). Fixes
+ bug 4677; bugfix on 0.2.3.2-alpha. Patch from "piet".
- o Minor features:
- - Don't launch pluggable transport proxies that contribute
- transports we don't need. Resolves ticket 5018.
+ o Major features:
+ - Don't launch pluggable transport proxies if we don't have any
+ bridges configured that would use them. Now we can list many
+ pluggable transports, and Tor will dynamically start one when it
+ hears a bridge address that needs it. Resolves ticket 5018.
-o Minor Bugfixes:
- - No longer writing control ports to file if updating reversible
- options fail. Fixes bug 5605; bugfix on 0.2.2.26-beta. Patch from
- Ryman.
+ o Minor bugfixes:
+ - If changing a config option via "setconf" fails in a recoverable
+ way, we used to nonetheless write our new control ports to the
+ file described by the "ControlPortWriteToFile" option. Now we only
+ write out that file if we successfully switch to the new config
+ option. Fixes bug 5605; bugfix on 0.2.2.26-beta. Patch from "Ryman".
- o Minor features (controller):
- - Extend ORCONN controller event by ID parameter and add four new
- controller event types CONN_BW, CIRC_BW, CELL_STATS, and TB_EMPTY
- that shall help understand connection and circuit usage. The new
- events are emitted in private Tor networks only. Implements
- proposal 218. Resolves ticket #7359.
+ o Major features (controller):
+ - Extend ORCONN controller event to include an "ID" parameter,
+ and add four new controller event types CONN_BW, CIRC_BW,
+ CELL_STATS, and TB_EMPTY that show connection and circuit usage.
+ The new events are emitted in private Tor networks only, with the
+ goal of being able to better track performance and load during
+ full-network simulations. Implements proposal 218. Resolves
+ ticket 7359.
o Minor bugfixes:
- - Fix a get_configured_bridge_by_addr_port_digest() function so
- that it would return a bridge with given address and port even
- if bridge digest is not specified by caller. Fixes bug 9162;
- bugfix on 0.2.0.3-alpha. Based on a patch from "rl1987".
+ - Fix a bug where the first connection works to a bridge that uses a
+ pluggable transport with client-side parameters, but we don't send
+ the client-side parameters on subsequent connections. (We don't
+ use any pluggable transports with client-side parameters yet,
+ but ScrambleSuit will soon become the first one.) Fixes bug 9162;
+ bugfix on 0.2.0.3-alpha. Based on a patch from "rl1987".
o Minor features (testing):
+ - When bootstrapping a test network, sometimes very few relays get
+ the Guard flag. Now a new option "TestingDirAuthVoteGuard" can
+ specify a set of relays which should be voted Guard regardless of
+ their uptime or bandwidth. Addresses ticket 9206.
- - When bootstrapping a test network, few relays get the Guard
- flag. There is now a new option, TestingDirAuthVoteGuard, which
- can be used to specify a set of relays which should be voted
- Guard regardless of uptime or bandwidth. Addresses ticket 9206.
o Minor bugfixes:
- - When a command-line option such as --version or --help that ordinarily
- implies --hush appears on the command line along with --quiet, obey
- --quiet. Previously, we obeyed --quiet only if it appeared later on the
- command line. Fixes bug 9578; bugfix on 0.2.5.1-alpha.
+ - When a command-line option such as --version or --help that
+ ordinarily implies --hush appears on the command line along with
+ --quiet, then actually obey --quiet. Previously, we obeyed --quiet
+ only if it appeared later on the command line. Fixes bug 9578;
+ bugfix on 0.2.5.1-alpha.
- o Bugfixes
- - Null out orconn->chan->conn when closing orconn in case orconn is freed
- before channel_run_cleanup() gets to orconn->chan, and handle the null
- conn edge case correctly in channel_tls_t methods. Fixes bug #9602;
- bugfix on 0.2.4.4-alpha.
+ o Minor bugfixes:
+ - Avoid a segfault on SIGUSR1, where we had freed a connection but did
+ not entirely remove it from the connection lists. Fixes bug 9602;
+ bugfix on 0.2.4.4-alpha.
o Minor features:
- - Warn when the Extended ORPort should be set, but it isn't. Resolves
- ticket 9651.
+ - When ServerTransportPlugin is set on a bridge, Tor can write more
+ useful statistics about bridge use in its extrainfo descriptors,
+ but only if the Extended ORPort ("ExtORPort") is set too. Add a
+ log message to inform the user in this case. Resolves ticket 9651.
- o Minor Feature
-
- - Assign status flags to bridges based on thresholds calculated
- over all bridges. Fixes bug 9859.
+ o Major features:
+ - The bridge directory authority now assigns status flags (Stable,
+ Guard, etc) to bridges based on thresholds calculated over all
+ Running bridges. Now bridgedb can finally make use of its features
+ to e.g. include at least one Stable bridge in its answers. Fixes
+ bug 9859.
+ o Minor features:
- Add threshold cutoffs to the networkstatus document created by
the Bridge Authority. Fixes bug 1117.
+
o Minor features (build):
-
- - Assume that a user using configure --host wants to cross-
- compile and error if we cannot find a properly named tool-
- chain. Add --disable-tool-name-check to enable the user
- to build nevertheless. Addresses ticket 9869. Patch by
- Benedikt Gollatz.
+ - Assume that a user using ./configure --host wants to cross-compile,
+ and give an error if we cannot find a properly named
+ tool-chain. Add a --disable-tool-name-check option to proceed
+ nevertheless. Addresses ticket 9869. Patch by Benedikt Gollatz.
- o Minor bugfixes:
+ o Code simplification and refactoring:
- Remove some old fallback code designed to keep Tor clients working
- in a network with only two working nodes. Elsewhere in the code we
+ in a network with only two working relays. Elsewhere in the code we
have long since stopped supporting such networks, so there wasn't
- much point in keeping it around. Fixes bug 9926.
+ much point in keeping it around. Addresses ticket 9926.
o Minor features (controller):
- - New DROPGUARDS command to forget all current entry guards. Not
- recommended for ordinary use, since replacing guards too frequently
- makes several attacks easier. Resolves ticket #9934; patch from "ra".
+ - New "DROPGUARDS" controller command to forget all current entry
+ guards. Not recommended for ordinary use, since replacing guards
+ too frequently makes several attacks easier. Resolves ticket 9934;
+ patch from "ra".
o Minor features (build):
-
- - Check in configure whether we can link an executable when
- stack protection is enabled so we can warn the user about a
- potentially missing libssp. Addresses ticket 9948. Patch
- from Benedikt Gollatz.
+ - If we run ./configure and the compiler recognizes -fstack-protector
+ but the linker rejects it, warn the user about a potentially missing
+ libssp package. Addresses ticket 9948. Patch from Benedikt Gollatz.
- o Minor features:
- - Avoid using circuit paths if no node in the path supports the ntor
- circuit extension handshake. Implements ticket 9777.
+ o Major features:
+ - When we choose a path for a 3-hop circuit, make sure it contains
+ at least one relay that supports the NTor circuit extension
+ handshake. Otherwise, there is a chance that we're building
+ a circuit that's worth attacking by an adversary who finds
+ breaking 1024-bit crypto doable, and that chance changes the game
+ theory. Implements ticket 9777.
- Clients now reject any directory authority certificates lacking
a dir-key-crosscert element. These have been included since
0.2.1.9-alpha, so there's no real reason for them to be optional
- any longer. Completes proposal 157.
+ any longer. Completes proposal 157. Resolves ticket 10162.
- o Minor features:
- - Stop sending the CREATE_FAST cells by default; instead, use a
- parameter in the consensus to decide whether to use
- CREATE_FAST. This can improve security on connections where
- Tor's circuit handshake is stronger than the available TLS
- connection security levels. Implements proposal 221.
+ o Major features:
+ - Clients now look at the "usecreatefast" consensus parameter to
+ decide whether to use CREATE_FAST or CREATE cells for the first hop
+ of their circuit. This approach can improve security on connections
+ where Tor's circuit handshake is stronger than the available TLS
+ connection security levels, but the tradeoff is more computational
+ load on guard relays. Implements proposal 221. Resolves ticket 9386.
o Minor features:
- - "make check" now runs extra tests beyond the unit test scripts if
- Python is installed.
+ - If Python is installed, "make check" now runs extra tests beyond
+ the unit test scripts.
o Minor bugfixes:
- Fix compilation warnings and startup issues when running with
- libseccomp-2.1.0. Fixes bug 10563.
+ "Sandbox 1" and libseccomp-2.1.0. Fixes bug 10563; bugfix on
+ 0.2.5.1-alpha.
Unix-like operating systems), Tor can now dump stack traces
when a crash occurs or an assertion fails. By default, traces
are dumped to stderr (if possible) and to any logs that are
- reporting errors.
+ reporting errors. Implements ticket 9299.
o Minor features:
- - Adding --allow-missing-torrc commandline option that allows Tor to
- run if configuration file specified by -f is not available.
+ - Add an --allow-missing-torrc commandline option that tells Tor to
+ run even if the configuration file specified by -f is not available.
Implements ticket 10060.
o Minor features:
- - Implement the HS_DESC async control event that notifies controller on
- activities related to hidden service descriptors. Partly resolves
- ticket 8510.
+ - Add a new "HS_DESC" controller event that reports activities
+ related to hidden service descriptors. Resolves ticket 8510.
o Documentation:
- - Update manpage to describe some of the files one could find
- in data directory. Fixes bug 9839.
+ - Update manpage to describe some of the files you can expect to
+ find in Tor's DataDirectory. Addresses ticket 9839.
projects / thirdparty / tor.git / commitdiff
