From: Roger Dingledine Date: Sun, 7 Mar 2010 03:46:39 +0000 (-0500) Subject: Merge branch 'maint-0.2.1' X-Git-Tag: tor-0.2.2.10-alpha~1 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=407a9d419304d8996938339cb2efdc7cbb13e27d;p=thirdparty%2Ftor.git Merge branch 'maint-0.2.1' Conflicts: ChangeLog configure.in contrib/tor-mingw.nsi.in src/win32/orconfig.h --- 407a9d419304d8996938339cb2efdc7cbb13e27d diff --cc ChangeLog index c1237ed080,d2efce8c04..f8eb518a17 --- a/ChangeLog +++ b/ChangeLog @@@ -1,143 -1,23 +1,145 @@@ +Changes in version 0.2.2.10-alpha - 2010-??-?? + o Major features (performance): + - Alter the client path selection to use new consensus-generated + weightings to alter bandwidths when selecting Guard, Middle, Exit, + and Guard+Exit flagged nodes for entry, middle, and exit positions. + This should more evenly distribute the network load across these + different types of nodes, and give us the flexibility to globally + alter our node selection algorithms in the future. Extra thanks + to "outofwords" for finding some nasty security bugs in the + first implementation of this. + + o Minor features (performance): + - Always perform router selections using weighted node bandwidth, + even if we don't need a high capacity circuit at the time. Non-fast + circuits now only differ from fast ones in that they can use nodes + not marked with the Fast flag. + + o Minor features: + - Allow disabling building of the manpages. This speeds up the + build considerably. + + o Minor bugfixes: + - Fix a memleak in the EXTENDCIRCUIT logic. Spotted by coverity. + Bugfix on 0.2.2.9-alpha. + - Fix a dereference-then-NULL-check sequence when publishing + descriptors. Bugfix on tor-0.2.1.5-alpha. Discovered by ekir, + fixes bug 1255. + - Disallow values larger than INT32_MAX for PerConnBWRate|Burst + config option. Bugfix on 0.2.2.7-alpha. + - Ship the asciidoc-helper file in the tarball, so that people can + build from source if they want to, and touching the .1.txt files + doesn't break the build. Bugfix on 0.2.2.9-alpha. + + o Code simplifications and refactoring: + - Fix some urls in the exit notice file and make it XHTML1.1 strict + compliant. Based on a patch from Christian Kujau. + - Don't use sed in asciidoc-helper anymore. + - Make the build process fail if asciidoc cannot be found, and + building with asciidoc isn't disabled. + +Changes in version 0.2.2.9-alpha - 2010-02-22 + o Directory authority changes: + - Change IP address for dannenberg (v3 directory authority), and + remove moria2 (obsolete v1, v2 directory authority and v0 hidden + service directory authority) from the list. + + o Major bugfixes: + - Make Tor work again on the latest OS X: when deciding whether to + use strange flags to turn TLS renegotiation on, detect the OpenSSL + version at run-time, not compile time. We need to do this because + Apple doesn't update its dev-tools headers when it updates its + libraries in a security patch. + - Fix a potential buffer overflow in lookup_last_hid_serv_request() + that could happen on 32-bit platforms with 64-bit time_t. Also fix + a memory leak when requesting a hidden service descriptor we've + requested before. Fixes bug 1242, bugfix on 0.2.0.18-alpha. Found + by aakova. + - Authorities could be tricked into giving out the Exit flag to relays + that didn't allow exiting to any ports. This bug could screw + with load balancing and stats. Bugfix on 0.1.1.6-alpha; fixes bug + 1238. Bug discovered by Martin Kowalczyk. + - When freeing a cipher, zero it out completely. We only zeroed + the first ptrsize bytes. Bugfix on tor-0.0.2pre8. Discovered + and patched by ekir. Fixes bug 1254. + + o Minor bugfixes: + - Fix static compilation by listing the openssl libraries in the right + order. Bugfix on Tor 0.2.2.8-alpha; fixes bug 1237. + - Resume handling .exit hostnames in a special way: originally we + stripped the .exit part and used the requested exit relay. In + 0.2.2.1-alpha we stopped treating them in any special way, meaning + if you use a .exit address then Tor will pass it on to the exit + relay. Now we reject the .exit stream outright, since that behavior + might be more expected by the user. Found and diagnosed by Scott + Bennett and Downie on or-talk. + - Don't spam the controller with events when we have no file + descriptors available. Bugfix on 0.2.1.5-alpha. (Rate-limiting + for log messages was already solved from bug 748.) + - Avoid a bogus overlapped memcpy in tor_addr_copy(). Reported by + "memcpyfail". + - Make the DNSPort option work with libevent 2.x. Don't alter the + behaviour for libevent 1.x. Fixes bug 1143. Found by SwissTorExit. + - Emit a GUARD DROPPED controller event for a case we missed. + - Make more fields in the controller protocol case-insensitive, since + control-spec.txt said they were. + - Refactor resolve_my_address() to not use gethostbyname() anymore. + Fixes bug 1244; bugfix on 0.0.2pre25. Reported by Mike Mestnik. + - Fix a spec conformance issue: the network-status-version token + must be the first token in a v3 consensus or vote. Discovered by + parakeep. Bugfix on 0.2.0.3-alpha. + + o Code simplifications and refactoring: + - Generate our manpage and HTML documentation using Asciidoc. This + change should make it easier to maintain the documentation, and + produce nicer HTML. + - Remove the --enable-iphone option. According to reports from Marco + Bonetti, Tor builds fine without any special tweaking on recent + iPhone SDK versions. + - Removed some unnecessary files from the source distribution. The + AUTHORS file has now been merged into the people page on the + website. The roadmaps and design doc can now be found in the + projects directory in svn. + - Enabled various circuit build timeout constants to be controlled + by consensus parameters. Also set better defaults for these + parameters based on experimentation on broadband and simulated + high latency links. + + o Minor features: + - The 'EXTENDCIRCUIT' control port command can now be used with + a circ id of 0 and no path. This feature will cause Tor to build + a new 'fast' general purpose circuit using its own path selection + algorithms. + - Added a BUILDTIMEOUT_SET controller event to describe changes + to the circuit build timeout. + - Future-proof the controller protocol a bit by ignoring keyword + arguments we do not recognize. + - Expand homedirs passed to tor-checkkey. This should silence a + coverity complaint about passing a user-supplied string into + open() without checking it. + + - Changes in version 0.2.1.25 - 2010-??-?? + Changes in version 0.2.1.25 - 2010-03-?? o Major bugfixes: - - When freeing a cipher, zero it out completely. We only zeroed - the first ptrsize bytes. Bugfix on tor-0.0.2pre8. Discovered - and patched by ekir. Fixes bug 1254. - - Avoid a bug that set IPs incorrectly on relays that did't set - Address to an IP address, when that address fails to resolve. - Fixes bug 1269. + - Fix a regression from our patch for bug 1244 that caused relays + to guess their IP address incorrectly if they didn't set Address + in their torrc and/or their address fails to resolve. Bugfix on + 0.2.1.23; fixes bug 1269. + - When freeing a session key, zero it out completely. We only zeroed + the first ptrsize bytes. Bugfix on 0.0.2pre8. Discovered and + patched by ekir. Fixes bug 1254. o Minor bugfixes: - Fix a dereference-then-NULL-check sequence when publishing - descriptors. Bugfix on tor-0.2.1.5-alpha. Discovered by ekir, - fixes bug 1255. + descriptors. Bugfix on 0.2.1.5-alpha. Discovered by ekir; fixes + bug 1255. - Fix another dereference-then-NULL-check sequence. Bugfix on - 0.2.1.14-rc. Discovered by ekir, fixes bug 1256. + 0.2.1.14-rc. Discovered by ekir; fixes bug 1256. - Make sure we treat potentially not NUL-terminated strings correctly. - Bugfix on 0.1.1.13-alpha. Discovered by rieo, fixes bug 1257. + Bugfix on 0.1.1.13-alpha. Discovered by rieo; fixes bug 1257. + + Changes in version 0.2.1.24 - 2010-02-21 Tor 0.2.1.24 makes Tor work again on the latest OS X -- this time for sure!