April 2011 - tor-commits - lists.torproject.org

[tor/maint-0.2.2] Update hacking file with terse notes on formatting changelog
by nickm＠torproject.org 28 Apr '11

28 Apr '11

commit 676190e895a94978fbda82527f7ba2dbf8ccda80 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Apr 28 23:44:48 2011 -0400 Update hacking file with terse notes on formatting changelog --- doc/HACKING | 33 +++++++++++++++++++++++++++++++++ 1 files changed, 33 insertions(+), 0 deletions(-) diff --git a/doc/HACKING b/doc/HACKING index b612953..6407ff2 100644 --- a/doc/HACKING +++ b/doc/HACKING @@ -414,10 +414,43 @@ Here are the steps Roger takes when putting out a new Tor release: and as a directory authority. See if it has any obvious bugs, and resolve those. +1.5) As applicable, merge the maint-X branch into the release-X branch. + 2) Gather the changes/* files into a changelog entry, rewriting many of them and reordering to focus on what users and funders would find interesting and understandable. + 2.1) Make sure that everything that wants a bug number has one. + 2.2) Concatenate them. + 2.3) Sort them by section. Within each section, try to make the + first entry or two and the last entry most interesting: they're + the ones that skimmers tend to read. + + 2.4) Clean them up + + Standard idioms: + "Fixes bug 9999; Bugfix on 0.3.3.3-alpha." + + One period after a space. + + Make stuff very terse + + Describe the user-visible problem right away + + Mention relevant config options by name. If they're rare or unusual, + remind people what they're for + + Avoid starting lines with open-paren + + Present and imperative tense: not past. + + 2.5) Merge them in. + + 2.6) Clean everything one last time. + + 2.7) Run it through fmt to make it pretty. + + 3) Compose a short release blurb to highlight the user-facing changes. Insert said release blurb into the ChangeLog stanza. If it's a stable release, add it to the ReleaseNotes file too. If we're adding

1 0

[tor/release-0.2.2] Bump version to 0.2.2.25-alpha
by nickm＠torproject.org 28 Apr '11

28 Apr '11

commit 10d45f8d45accdd920918e1980ee45fde1a3d8c4 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Apr 28 23:35:07 2011 -0400 Bump version to 0.2.2.25-alpha --- configure.in | 2 +- contrib/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.in b/configure.in index fd101cb..7bf14bd 100644 --- a/configure.in +++ b/configure.in @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2008, The Tor Project, Inc. dnl See LICENSE for licensing information AC_INIT -AM_INIT_AUTOMAKE(tor, 0.2.2.24-alpha) +AM_INIT_AUTOMAKE(tor, 0.2.2.25-alpha) AM_CONFIG_HEADER(orconfig.h) AC_CANONICAL_HOST diff --git a/contrib/tor-mingw.nsi.in b/contrib/tor-mingw.nsi.in index 0f87c43..78e4820 100644 --- a/contrib/tor-mingw.nsi.in +++ b/contrib/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.2.24-alpha" +!define VERSION "0.2.2.25-alpha" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/" !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index 1df3758..8d5b969 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -233,5 +233,5 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.2.24-alpha" +#define VERSION "0.2.2.25-alpha"

1 0

[tor/release-0.2.2] Actually, let's sleep on 0.2.2.25-alpha and put it out in the morning
by nickm＠torproject.org 28 Apr '11

28 Apr '11

commit d715984a04ed943d50da92478b33cb337342e9d1 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Apr 28 23:32:38 2011 -0400 Actually, let's sleep on 0.2.2.25-alpha and put it out in the morning (Bump release date) --- ChangeLog | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/ChangeLog b/ChangeLog index 83f95cb..7e95671 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,4 @@ -Changes in version 0.2.2.25-alpha - 2011-04-28 +Changes in version 0.2.2.25-alpha - 2011-04-29 Tor 0.2.2.25-alpha fixes many bugs: hidden service clients are more robust, routers no longer overreport their bandwidth, Win7 should crash a little less, and NEWNYM (as used by Vidalia's "new identity" button)

1 0

[tor/master] relays checkpoint their state file twice a day
by nickm＠torproject.org 28 Apr '11

28 Apr '11

commit 66de6f7eb8e2948f6c3849dbca20c7b31969b5b7 Author: Roger Dingledine <arma(a)torproject.org> Date: Thu Apr 28 21:06:25 2011 -0400 relays checkpoint their state file twice a day --- changes/bug3012 | 5 +++++ src/or/config.c | 11 ++++++++++- 2 files changed, 15 insertions(+), 1 deletions(-) diff --git a/changes/bug3012 b/changes/bug3012 new file mode 100644 index 0000000..dfde5fa --- /dev/null +++ b/changes/bug3012 @@ -0,0 +1,5 @@ + o Minor features: + - Relays can go for weeks without writing out their state file. A + relay that crashes would lose its bandwidth history (including + capacity estimate), client country statistics, and so on. Now relays + checkpoint the file at least every 12 hours. Addresses bug 3012. diff --git a/src/or/config.c b/src/or/config.c index 9384b3a..dc24140 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -5122,6 +5122,11 @@ or_state_load(void) /** If writing the state to disk fails, try again after this many seconds. */ #define STATE_WRITE_RETRY_INTERVAL 3600 +/** If we're a relay, how often should we checkpoint our state file even + * if nothing else dirties it? This will checkpoint ongoing stats like + * bandwidth used, per-country user stats, etc. */ +#define STATE_RELAY_CHECKPOINT_INTERVAL (12*60*60) + /** Write the persistent state to disk. Return 0 for success, <0 on failure. */ int or_state_save(time_t now) @@ -5172,7 +5177,11 @@ or_state_save(time_t now) tor_free(fname); tor_free(contents); - global_state->next_write = TIME_MAX; + if (server_mode(get_options())) + global_state->next_write = now + STATE_RELAY_CHECKPOINT_INTERVAL; + else + global_state->next_write = TIME_MAX; + return 0; }

1 0

[tor/master] Merge remote-tracking branch 'arma/bug3012' into maint-0.2.2
by nickm＠torproject.org 28 Apr '11

28 Apr '11

commit f0d9e2d6507adcc069b38cd9e0aaf6702f576314 Merge: 4010427 66de6f7 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Apr 28 21:15:14 2011 -0400 Merge remote-tracking branch 'arma/bug3012' into maint-0.2.2 changes/bug3012 | 5 +++++ src/or/config.c | 11 ++++++++++- 2 files changed, 15 insertions(+), 1 deletions(-)

1 0

[tor/master] Add 0.2.2.25-alpha changelog on master
by nickm＠torproject.org 28 Apr '11

28 Apr '11

commit daede6f97bc892f7838c819f81f54654e10aebf8 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Apr 28 23:31:42 2011 -0400 Add 0.2.2.25-alpha changelog on master --- ChangeLog | 186 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 files changed, 186 insertions(+), 0 deletions(-) diff --git a/ChangeLog b/ChangeLog index 70afe71..7e95671 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,189 @@ +Changes in version 0.2.2.25-alpha - 2011-04-29 + Tor 0.2.2.25-alpha fixes many bugs: hidden service clients are more + robust, routers no longer overreport their bandwidth, Win7 should crash + a little less, and NEWNYM (as used by Vidalia's "new identity" button) + now prevents hidden service-related activity from being linkable. It + provides more information to Vidalia so you can see if your bridge is + working. Also, 0.2.2.25-alpha revamps the Entry/Exit/ExcludeNodes and + StrictNodes configuration options to make them more reliable, more + understandable, and more regularly applied. If you use those options, + please see the revised documentation for them in the manual page. + + o Major bugfixes: + - Relays were publishing grossly inflated bandwidth values because + they were writing their state files wrong--now they write the + correct value. Also, resume reading bandwidth history from the + state file correctly. Fixes bug 2704; bugfix on 0.2.2.23-alpha. + - Improve hidden service robustness: When we find that we have + extended a hidden service's introduction circuit to a relay not + listed as an introduction point in the HS descriptor we currently + have, retry with an introduction point from the current + descriptor. Previously we would just give up. Fixes bugs 1024 and + 1930; bugfix on 0.2.0.10-alpha. + - Clients now stop trying to use an exit node associated with a given + destination by TrackHostExits if they fail to reach that exit node. + Fixes bug 2999. Bugfix on 0.2.0.20-rc. + - Fix crash bug on platforms where gmtime and localtime can return + NULL. Windows 7 users were running into this one. Fixes part of bug + 2077. Bugfix on all versions of Tor. Found by boboper. + + o Security and stability fixes: + - Don't double-free a parsable, but invalid, microdescriptor, even if + it is followed in the blob we're parsing by an unparsable + microdescriptor. Fixes an issue reported in a comment on bug 2954. + Bugfix on 0.2.2.6-alpha; fix by "cypherpunks". + - If the Nickname configuration option isn't given, Tor would pick a + nickname based on the local hostname as the nickname for a relay. + Because nicknames are not very important in today's Tor and the + "Unnamed" nickname has been implemented, this is now problematic + behavior: It leaks information about the hostname without being + useful at all. Fixes bug 2979; bugfix on 0.1.2.2-alpha, which + introduced the Unnamed nickname. Reported by tagnaq. + - Fix an uncommon assertion failure when running with DNSPort under + heavy load. Fixes bug 2933; bugfix on 0.2.0.1-alpha. + - Avoid linkability based on cached hidden service descriptors: forget + all hidden service descriptors cached as a client when processing a + SIGNAL NEWNYM command. Fixes bug 3000; bugfix on 0.0.6. + + o Major features: + - Export GeoIP information on bridge usage to controllers even if we + have not yet been running for 24 hours. Now Vidalia bridge operators + can get more accurate and immediate feedback about their + contributions to the network. + + o Major features and bugfixes (node selection): + - Revise and reconcile the meaning of the ExitNodes, EntryNodes, + ExcludeEntryNodes, ExcludeExitNodes, ExcludeNodes, and StrictNodes + options. Previously, we had been ambiguous in describing what + counted as an "exit" node, and what operations exactly "StrictNodes + 0" would permit. This created confusion when people saw nodes built + through unexpected circuits, and made it hard to tell real bugs from + surprises. Now the intended behavior is: + . "Exit", in the context of ExitNodes and ExcludeExitNodes, means + a node that delivers user traffic outside the Tor network. + . "Entry", in the context of EntryNodes, means a node used as the + first hop of a multihop circuit. It doesn't include direct + connections to directory servers. + . "ExcludeNodes" applies to all nodes. + . "StrictNodes" changes the behavior of ExcludeNodes only. When + StrictNodes is set, Tor should avoid all nodes listed in + ExcludeNodes, even when it will make user requests fail. When + StrictNodes is *not* set, then Tor should follow ExcludeNodes + whenever it can, except when it must use an excluded node to + perform self-tests, connect to a hidden service, provide a + hidden service, fulfill a .exit request, upload directory + information, or fetch directory information. + Collectively, the changes to implement the behavior fix bug 1090. + - ExcludeNodes now takes precedence over EntryNodes and ExitNodes: if + a node is listed in both, it's treated as excluded. + - ExcludeNodes now applies to directory nodes -- as a preference if + StrictNodes is 0, or an absolute requirement if StrictNodes is 1. + Don't exclude all the directory authorities and set StrictNodes to 1 + unless you really want your Tor to break. + - ExcludeNodes and ExcludeExitNodes now override exit enclaving. + - ExcludeExitNodes now overrides .exit requests. + - We don't use bridges listed in ExcludeNodes. + - When StrictNodes is 1: + . We now apply ExcludeNodes to hidden service introduction points + and to rendezvous points selected by hidden service users. This + can make your hidden service less reliable: use it with caution! + . If we have used ExcludeNodes on ourself, do not try relay + reachability self-tests. + . If we have excluded all the directory authorities, we will not + even try to upload our descriptor if we're a relay. + . Do not honor .exit requests to an excluded node. + - Remove a misfeature that caused us to ignore the Fast/Stable flags + when ExitNodes is set. Bugfix on 0.2.2.7-alpha. + - When the set of permitted nodes changes, we now remove any mappings + introduced via TrackExitHosts to now-excluded nodes. Bugfix on + 0.1.0.1-rc. + - We never cannibalize a circuit that had excluded nodes on it, even + if StrictNodes is 0. Bugfix on 0.1.0.1-rc. + - Revert a change where we would be laxer about attaching streams to + circuits than when building the circuits. This was meant to prevent + a set of bugs where streams were never attachable, but our improved + code here should make this unnecessary. Bugfix on 0.2.2.7-alpha. + - Keep track of how many times we launch a new circuit to handle a + given stream. Too many launches could indicate an inconsistency + between our "launch a circuit to handle this stream" logic and our + "attach this stream to one of the available circuits" logic. + - Improve log messages related to excluded nodes. + + o Minor bugfixes: + - Fix a spurious warning when moving from a short month to a long + month on relays with month-based BandwidthAccounting. Bugfix on + 0.2.2.17-alpha; fixes bug 3020. + - When a client finds that an origin circuit has run out of 16-bit + stream IDs, we now mark it as unusable for new streams. Previously, + we would try to close the entire circuit. Bugfix on 0.0.6. + - Add a forgotten cast that caused a compile warning on OS X 10.6. + Bugfix on 0.2.2.24-alpha. + - Be more careful about reporting the correct error from a failed + connect() system call. Under some circumstances, it was possible to + look at an incorrect value for errno when sending the end reason. + Bugfix on 0.1.0.1-rc. + - Correctly handle an "impossible" overflow cases in connection byte + counting, where we write or read more than 4GB on an edge connection + in a single second. Bugfix on 0.1.2.8-beta. + - Correct the warning displayed when a rendezvous descriptor exceeds + the maximum size. Fixes bug 2750; bugfix on 0.2.1.5-alpha. Found by + John Brooks. + - Clients and hidden services now use HSDir-flagged relays for hidden + service descriptor downloads and uploads even if the relays have no + DirPort set and the client has disabled TunnelDirConns. This will + eventually allow us to give the HSDir flag to relays with no + DirPort. Fixes bug 2722; bugfix on 0.2.1.6-alpha. + - Downgrade "no current certificates known for authority" message from + Notice to Info. Fixes bug 2899; bugfix on 0.2.0.10-alpha. + - Make the SIGNAL DUMP control-port command work on FreeBSD. Fixes bug + 2917. Bugfix on 0.1.1.1-alpha. + - Only limit the lengths of single HS descriptors, even when multiple + HS descriptors are published to an HSDir relay in a single POST + operation. Fixes bug 2948; bugfix on 0.2.1.5-alpha. Found by hsdir. + - Write the current time into the LastWritten line in our state file, + rather than the time from the previous write attempt. Also, stop + trying to use a time of -1 in our log statements. Fixes bug 3039; + bugfix on 0.2.2.14-alpha. + - Be more consistent in our treatment of file system paths. "~" should + get expanded to the user's home directory in the Log config option. + Fixes bug 2971; bugfix on 0.2.0.1-alpha, which introduced the + feature for the -f and --DataDirectory options. + + o Minor features: + - Make sure every relay writes a state file at least every 12 hours. + Previously, a relay could go for weeks without writing its state + file, and on a crash could lose its bandwidth history, capacity + estimates, client country statistics, and so on. Addresses bug 3012. + - Send END_STREAM_REASON_NOROUTE in response to EHOSTUNREACH errors. + Clients before 0.2.1.27 didn't handle NOROUTE correctly, but such + clients are already deprecated because of security bugs. + - Don't allow v0 hidden service authorities to act as clients. + Required by fix for bug 3000. + - Ignore SIGNAL NEWNYM commands on relay-only Tor instances. Required + by fix for bug 3000. + - Ensure that no empty [dirreq-](read|write)-history lines are added + to an extrainfo document. Implements ticket 2497. + + o Code simplification and refactoring: + - Remove workaround code to handle directory responses from servers + that had bug 539 (they would send HTTP status 503 responses _and_ + send a body too). Since only server versions before + 0.2.0.16-alpha/0.1.2.19 were affected, there is no longer reason to + keep the workaround in place. + - Remove the old 'fuzzy time' logic. It was supposed to be used for + handling calculations where we have a known amount of clock skew and + an allowed amount of unknown skew. But we only used it in three + places, and we never adjusted the known/unknown skew values. This is + still something we might want to do someday, but if we do, we'll + want to do it differently. + - Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned. + None of the cases where we did this before were wrong, but by making + this change we avoid warnings. Fixes bug 2475; bugfix on 0.2.1.28. + - Use GetTempDir to find the proper temporary directory location on + Windows when generating temporary files for the unit tests. Patch by + Gisle Vanem. + + Changes in version 0.2.2.24-alpha - 2011-04-08 Tor 0.2.2.24-alpha fixes a variety of bugs, including a big bug that prevented Tor clients from effectively using "multihomed" bridges,

1 0

[tor/master] Merge remote-tracking branch 'origin/maint-0.2.2'
by nickm＠torproject.org 28 Apr '11

28 Apr '11

commit 20d6ac3530553bfc139a33d80248b2ffc9c3d7eb Merge: b0a7e0d f0d9e2d Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Apr 28 21:17:51 2011 -0400 Merge remote-tracking branch 'origin/maint-0.2.2' changes/bug3012 | 5 +++++ src/or/config.c | 11 ++++++++++- 2 files changed, 15 insertions(+), 1 deletions(-)

1 0

[tor/release-0.2.2] Add a blurb; fix some double-spaces in the changelog
by nickm＠torproject.org 28 Apr '11

28 Apr '11

commit c2ce18fae1f5472d70697504e4ff9219cb123ed9 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Apr 28 23:30:34 2011 -0400 Add a blurb; fix some double-spaces in the changelog --- ChangeLog | 26 ++++++++++++++++++-------- 1 files changed, 18 insertions(+), 8 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8258735..83f95cb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,9 +1,19 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 + Tor 0.2.2.25-alpha fixes many bugs: hidden service clients are more + robust, routers no longer overreport their bandwidth, Win7 should crash + a little less, and NEWNYM (as used by Vidalia's "new identity" button) + now prevents hidden service-related activity from being linkable. It + provides more information to Vidalia so you can see if your bridge is + working. Also, 0.2.2.25-alpha revamps the Entry/Exit/ExcludeNodes and + StrictNodes configuration options to make them more reliable, more + understandable, and more regularly applied. If you use those options, + please see the revised documentation for them in the manual page. + o Major bugfixes: - Relays were publishing grossly inflated bandwidth values because they were writing their state files wrong--now they write the - correct value. Also, resume reading bandwidth history from the - state file correctly. Fixes bug 2704; bugfix on 0.2.2.23-alpha. + correct value. Also, resume reading bandwidth history from the + state file correctly. Fixes bug 2704; bugfix on 0.2.2.23-alpha. - Improve hidden service robustness: When we find that we have extended a hidden service's introduction circuit to a relay not listed as an introduction point in the HS descriptor we currently @@ -14,8 +24,8 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 destination by TrackHostExits if they fail to reach that exit node. Fixes bug 2999. Bugfix on 0.2.0.20-rc. - Fix crash bug on platforms where gmtime and localtime can return - NULL. Fixes part of bug 2077. Bugfix on all versions of Tor. Found - by boboper. + NULL. Windows 7 users were running into this one. Fixes part of bug + 2077. Bugfix on all versions of Tor. Found by boboper. o Security and stability fixes: - Don't double-free a parsable, but invalid, microdescriptor, even if @@ -75,7 +85,7 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 - We don't use bridges listed in ExcludeNodes. - When StrictNodes is 1: . We now apply ExcludeNodes to hidden service introduction points - and to rendezvous points selected by hidden service users. This + and to rendezvous points selected by hidden service users. This can make your hidden service less reliable: use it with caution! . If we have used ExcludeNodes on ourself, do not try relay reachability self-tests. @@ -85,7 +95,7 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 - Remove a misfeature that caused us to ignore the Fast/Stable flags when ExitNodes is set. Bugfix on 0.2.2.7-alpha. - When the set of permitted nodes changes, we now remove any mappings - introduced via TrackExitHosts to now-excluded nodes. Bugfix on + introduced via TrackExitHosts to now-excluded nodes. Bugfix on 0.1.0.1-rc. - We never cannibalize a circuit that had excluded nodes on it, even if StrictNodes is 0. Bugfix on 0.1.0.1-rc. @@ -129,7 +139,7 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 2917. Bugfix on 0.1.1.1-alpha. - Only limit the lengths of single HS descriptors, even when multiple HS descriptors are published to an HSDir relay in a single POST - operation. Fixes bug 2948; bugfix on 0.2.1.5-alpha. Found by hsdir. + operation. Fixes bug 2948; bugfix on 0.2.1.5-alpha. Found by hsdir. - Write the current time into the LastWritten line in our state file, rather than the time from the previous write attempt. Also, stop trying to use a time of -1 in our log statements. Fixes bug 3039; @@ -149,7 +159,7 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 clients are already deprecated because of security bugs. - Don't allow v0 hidden service authorities to act as clients. Required by fix for bug 3000. - - Ignore SIGNAL NEWNYM commands on relay-only Tor instances. Required + - Ignore SIGNAL NEWNYM commands on relay-only Tor instances. Required by fix for bug 3000. - Ensure that no empty [dirreq-](read|write)-history lines are added to an extrainfo document. Implements ticket 2497.

1 0

[tor/release-0.2.2] Edit the changelog a little more, based on notes from arma
by nickm＠torproject.org 28 Apr '11

28 Apr '11

commit 7afa8a30da206b04c63174735227606336f9671c Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Apr 28 23:12:48 2011 -0400 Edit the changelog a little more, based on notes from arma --- ChangeLog | 30 +++++++++++++++--------------- 1 files changed, 15 insertions(+), 15 deletions(-) diff --git a/ChangeLog b/ChangeLog index fe2c7e3..cba40eb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,14 +1,14 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 o Major bugfixes: - - When writing our maximum bw for the current interval to the state - file, don't wrongly inflate that value by a factor of 10 anymore. + - Relays were publishing grossly inflated bandwidth values because they + were writing their state files wrong--now they write the correct value. Also, resume reading bandwidth history from the state file correctly. - Fixes bug 2704; bugfix on tor-0.2.2.23-alpha. - - When we find that we have extended a hidden service's introduction - circuit to a relay not listed as an introduction point in the HS - descriptor we currently have, retry an introduction point from the - current descriptor. Previously we would just give up. Fixes bugs - 1024 and 1930; bugfix on 0.2.0.10-alpha. + Fixes bug 2704; bugfix on 0.2.2.23-alpha. + - Improve hidden service robustness: When we find that we have extended + a hidden service's introduction circuit to a relay not listed as an + introduction point in the HS descriptor we currently have, retry an + introduction point from the current descriptor. Previously we would + just give up. Fixes bugs 1024 and 1930; bugfix on 0.2.0.10-alpha. - Clients now stop trying to use an exit node associated with a given destination by TrackHostExits if they fail to reach that exit node. Fixes bug 2999. Bugfix on 0.2.0.20-rc. @@ -19,7 +19,7 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 o Security and stability fixes: - Don't double-free a parsable, but invalid, microdescriptor, even if it is followed in the blob we're parsing by an unparsable - microdescriptor. Fixes an issue reported in a comment on bug 2954. + microdescriptor. Fixes an issue reported in a comment on bug 2954. Bugfix on 0.2.2.6-alpha; fix by "cypherpunks". - If the Nickname configuration option isn't given, Tor would pick a nickname based on the local hostname as the nickname for a relay. @@ -35,7 +35,7 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 SIGNAL NEWNYM command. Fixes bug 3000; bugfix on 0.0.6. o Major features: - - Export GeoIP information on bridge usage to controller even if + - Export GeoIP information on bridge usage to controllers even if we have not yet been running for 24 hours. Now Vidalia bridge operators can get more accurate and immediate feedback about their contributions to the network. @@ -102,12 +102,12 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 o Minor bugfixes: - Fix a spurious warning when moving from a short month to a long month - on relays with month-based BandwidthAccounting. Bugfix on + on relays with month-based BandwidthAccounting. Bugfix on 0.2.2.17-alpha; fixes bug 3020. - When a client finds that an origin circuit has run out of 16-bit stream IDs, we now mark it as unusable for new streams. Previously, we would try to close the entire circuit. Bugfix on 0.0.6. - - Added a forgotten cast that caused a compile warning on OS X 10.6. + - Add a forgotten cast that caused a compile warning on OS X 10.6. Bugfix on 0.2.2.24-alpha. - Be more careful about reporting the correct error from a failed connect() system call. Under some circumstances, it was possible to @@ -157,7 +157,7 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 to an extrainfo document. Implements ticket 2497. o Code simplification and refactoring: - - Removed workaround code to handle directory responses from + - Remove workaround code to handle directory responses from servers that had bug 539 (they would send HTTP status 503 responses _and_ send a body too). Since only server versions before 0.2.0.16-alpha/0.1.2.19 were affected, there is no longer reason @@ -169,8 +169,8 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 values. This is still something we might want to do someday, but if we do, we'll want to do it differently. - Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned. - (None of the cases where we did this before were wrong, but by making - this change we avoid warnings.) Fixes bug 2475; bugfix on + None of the cases where we did this before were wrong, but by making + this change we avoid warnings. Fixes bug 2475; bugfix on 0.2.1.28. - Use GetTempDir to find the proper temporary directory location on Windows when generating temporary files for the unit tests. Patch

1 0

[tor/release-0.2.2] Re-wrap changelog section for 0.2.2.25-alpha
by nickm＠torproject.org 28 Apr '11

28 Apr '11

commit 95dceffe1bdbf0c249a2ab079ef31a114b152d49 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Apr 28 23:17:43 2011 -0400 Re-wrap changelog section for 0.2.2.25-alpha --- ChangeLog | 151 ++++++++++++++++++++++++++++++------------------------------- 1 files changed, 74 insertions(+), 77 deletions(-) diff --git a/ChangeLog b/ChangeLog index cba40eb..8258735 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,14 +1,15 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 o Major bugfixes: - - Relays were publishing grossly inflated bandwidth values because they - were writing their state files wrong--now they write the correct value. - Also, resume reading bandwidth history from the state file correctly. - Fixes bug 2704; bugfix on 0.2.2.23-alpha. - - Improve hidden service robustness: When we find that we have extended - a hidden service's introduction circuit to a relay not listed as an - introduction point in the HS descriptor we currently have, retry an - introduction point from the current descriptor. Previously we would - just give up. Fixes bugs 1024 and 1930; bugfix on 0.2.0.10-alpha. + - Relays were publishing grossly inflated bandwidth values because + they were writing their state files wrong--now they write the + correct value. Also, resume reading bandwidth history from the + state file correctly. Fixes bug 2704; bugfix on 0.2.2.23-alpha. + - Improve hidden service robustness: When we find that we have + extended a hidden service's introduction circuit to a relay not + listed as an introduction point in the HS descriptor we currently + have, retry with an introduction point from the current + descriptor. Previously we would just give up. Fixes bugs 1024 and + 1930; bugfix on 0.2.0.10-alpha. - Clients now stop trying to use an exit node associated with a given destination by TrackHostExits if they fail to reach that exit node. Fixes bug 2999. Bugfix on 0.2.0.20-rc. @@ -17,17 +18,17 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 by boboper. o Security and stability fixes: - - Don't double-free a parsable, but invalid, microdescriptor, even - if it is followed in the blob we're parsing by an unparsable + - Don't double-free a parsable, but invalid, microdescriptor, even if + it is followed in the blob we're parsing by an unparsable microdescriptor. Fixes an issue reported in a comment on bug 2954. Bugfix on 0.2.2.6-alpha; fix by "cypherpunks". - If the Nickname configuration option isn't given, Tor would pick a nickname based on the local hostname as the nickname for a relay. Because nicknames are not very important in today's Tor and the "Unnamed" nickname has been implemented, this is now problematic - behavior: It leaks information about the hostname without being useful - at all. Fixes bug 2979; bugfix on 0.1.2.2-alpha, which introduced the - Unnamed nickname. Reported by tagnaq. + behavior: It leaks information about the hostname without being + useful at all. Fixes bug 2979; bugfix on 0.1.2.2-alpha, which + introduced the Unnamed nickname. Reported by tagnaq. - Fix an uncommon assertion failure when running with DNSPort under heavy load. Fixes bug 2933; bugfix on 0.2.0.1-alpha. - Avoid linkability based on cached hidden service descriptors: forget @@ -35,9 +36,9 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 SIGNAL NEWNYM command. Fixes bug 3000; bugfix on 0.0.6. o Major features: - - Export GeoIP information on bridge usage to controllers even if - we have not yet been running for 24 hours. Now Vidalia bridge - operators can get more accurate and immediate feedback about their + - Export GeoIP information on bridge usage to controllers even if we + have not yet been running for 24 hours. Now Vidalia bridge operators + can get more accurate and immediate feedback about their contributions to the network. o Major features and bugfixes (node selection): @@ -45,64 +46,62 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 ExcludeEntryNodes, ExcludeExitNodes, ExcludeNodes, and StrictNodes options. Previously, we had been ambiguous in describing what counted as an "exit" node, and what operations exactly "StrictNodes - 0" would permit. This created confusion when people saw nodes - built through unexpected circuits, and made it hard to tell real - bugs from surprises. Now the intended behavior is: - . "Exit", in the context of ExitNodes and ExcludeExitNodes, - means a node that delivers user traffic outside the Tor network. - . "Entry", in the context of EntryNodes, means a node used as - the first hop of a multihop circuit. It doesn't include direct + 0" would permit. This created confusion when people saw nodes built + through unexpected circuits, and made it hard to tell real bugs from + surprises. Now the intended behavior is: + . "Exit", in the context of ExitNodes and ExcludeExitNodes, means + a node that delivers user traffic outside the Tor network. + . "Entry", in the context of EntryNodes, means a node used as the + first hop of a multihop circuit. It doesn't include direct connections to directory servers. . "ExcludeNodes" applies to all nodes. . "StrictNodes" changes the behavior of ExcludeNodes only. When StrictNodes is set, Tor should avoid all nodes listed in ExcludeNodes, even when it will make user requests fail. When StrictNodes is *not* set, then Tor should follow ExcludeNodes - whenever it can, except when it must use an excluded node - to perform self-tests, connect to a hidden service, provide - a hidden service, fulfill a .exit request, upload directory + whenever it can, except when it must use an excluded node to + perform self-tests, connect to a hidden service, provide a + hidden service, fulfill a .exit request, upload directory information, or fetch directory information. Collectively, the changes to implement the behavior fix bug 1090. - - ExcludeNodes now takes precedence over EntryNodes and ExitNodes: - if a node is listed in both, it's treated as excluded. + - ExcludeNodes now takes precedence over EntryNodes and ExitNodes: if + a node is listed in both, it's treated as excluded. - ExcludeNodes now applies to directory nodes -- as a preference if StrictNodes is 0, or an absolute requirement if StrictNodes is 1. - Don't exclude all the directory authorities and set StrictNodes - to 1 unless you really want your Tor to break. + Don't exclude all the directory authorities and set StrictNodes to 1 + unless you really want your Tor to break. - ExcludeNodes and ExcludeExitNodes now override exit enclaving. - ExcludeExitNodes now overrides .exit requests. - We don't use bridges listed in ExcludeNodes. - When StrictNodes is 1: . We now apply ExcludeNodes to hidden service introduction points - and to rendezvous points selected by hidden service users. - This can make your hidden service less reliable: use it with - caution! + and to rendezvous points selected by hidden service users. This + can make your hidden service less reliable: use it with caution! . If we have used ExcludeNodes on ourself, do not try relay reachability self-tests. - . If we have excluded all the directory authorities, we will - not even try to upload our descriptor if we're a relay. + . If we have excluded all the directory authorities, we will not + even try to upload our descriptor if we're a relay. . Do not honor .exit requests to an excluded node. - Remove a misfeature that caused us to ignore the Fast/Stable flags when ExitNodes is set. Bugfix on 0.2.2.7-alpha. - - When the set of permitted nodes changes, we now remove any - mappings introduced via TrackExitHosts to now-excluded nodes. - Bugfix on 0.1.0.1-rc. - - We never cannibalize a circuit that had excluded nodes on it, - even if StrictNodes is 0. Bugfix on 0.1.0.1-rc. + - When the set of permitted nodes changes, we now remove any mappings + introduced via TrackExitHosts to now-excluded nodes. Bugfix on + 0.1.0.1-rc. + - We never cannibalize a circuit that had excluded nodes on it, even + if StrictNodes is 0. Bugfix on 0.1.0.1-rc. - Revert a change where we would be laxer about attaching streams to - circuits than when building the circuits. This was meant to - prevent a set of bugs where streams were never attachable, but our - improved code here should make this unnecessary. Bugfix on - 0.2.2.7-alpha. - - Keep track of how many times we launch a new circuit to handle - a given stream. Too many launches could indicate an inconsistency + circuits than when building the circuits. This was meant to prevent + a set of bugs where streams were never attachable, but our improved + code here should make this unnecessary. Bugfix on 0.2.2.7-alpha. + - Keep track of how many times we launch a new circuit to handle a + given stream. Too many launches could indicate an inconsistency between our "launch a circuit to handle this stream" logic and our "attach this stream to one of the available circuits" logic. - Improve log messages related to excluded nodes. o Minor bugfixes: - - Fix a spurious warning when moving from a short month to a long month - on relays with month-based BandwidthAccounting. Bugfix on + - Fix a spurious warning when moving from a short month to a long + month on relays with month-based BandwidthAccounting. Bugfix on 0.2.2.17-alpha; fixes bug 3020. - When a client finds that an origin circuit has run out of 16-bit stream IDs, we now mark it as unusable for new streams. Previously, @@ -113,12 +112,12 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 connect() system call. Under some circumstances, it was possible to look at an incorrect value for errno when sending the end reason. Bugfix on 0.1.0.1-rc. - - Correctly handle an "impossible" overflow cases in connection - byte counting, where we write or read more than 4GB on an edge - connection in a single second. Bugfix on 0.1.2.8-beta. + - Correctly handle an "impossible" overflow cases in connection byte + counting, where we write or read more than 4GB on an edge connection + in a single second. Bugfix on 0.1.2.8-beta. - Correct the warning displayed when a rendezvous descriptor exceeds - the maximum size. Fixes bug 2750; bugfix on 0.2.1.5-alpha. Found - by John Brooks. + the maximum size. Fixes bug 2750; bugfix on 0.2.1.5-alpha. Found by + John Brooks. - Clients and hidden services now use HSDir-flagged relays for hidden service descriptor downloads and uploads even if the relays have no DirPort set and the client has disabled TunnelDirConns. This will @@ -126,12 +125,11 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 DirPort. Fixes bug 2722; bugfix on 0.2.1.6-alpha. - Downgrade "no current certificates known for authority" message from Notice to Info. Fixes bug 2899; bugfix on 0.2.0.10-alpha. - - Make the SIGNAL DUMP control-port command work on FreeBSD. Fixes - bug 2917. Bugfix on 0.1.1.1-alpha. - - Only limit the lengths of single HS descriptors, even when - multiple HS descriptors are published to an HSDir relay in a - single POST operation. Fixes bug 2948; bugfix on 0.2.1.5-alpha. - Found by hsdir. + - Make the SIGNAL DUMP control-port command work on FreeBSD. Fixes bug + 2917. Bugfix on 0.1.1.1-alpha. + - Only limit the lengths of single HS descriptors, even when multiple + HS descriptors are published to an HSDir relay in a single POST + operation. Fixes bug 2948; bugfix on 0.2.1.5-alpha. Found by hsdir. - Write the current time into the LastWritten line in our state file, rather than the time from the previous write attempt. Also, stop trying to use a time of -1 in our log statements. Fixes bug 3039; @@ -151,30 +149,29 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 clients are already deprecated because of security bugs. - Don't allow v0 hidden service authorities to act as clients. Required by fix for bug 3000. - - Ignore SIGNAL NEWNYM commands on relay-only Tor instances. - Required by fix for bug 3000. + - Ignore SIGNAL NEWNYM commands on relay-only Tor instances. Required + by fix for bug 3000. - Ensure that no empty [dirreq-](read|write)-history lines are added to an extrainfo document. Implements ticket 2497. o Code simplification and refactoring: - - Remove workaround code to handle directory responses from - servers that had bug 539 (they would send HTTP status 503 - responses _and_ send a body too). Since only server versions before - 0.2.0.16-alpha/0.1.2.19 were affected, there is no longer reason - to keep the workaround in place. - - Remove the old 'fuzzy time' logic. It was supposed to be used - for handling calculations where we have a known amount of clock - skew and an allowed amount of unknown skew. But we only used it - in three places, and we never adjusted the known/unknown skew - values. This is still something we might want to do someday, - but if we do, we'll want to do it differently. + - Remove workaround code to handle directory responses from servers + that had bug 539 (they would send HTTP status 503 responses _and_ + send a body too). Since only server versions before + 0.2.0.16-alpha/0.1.2.19 were affected, there is no longer reason to + keep the workaround in place. + - Remove the old 'fuzzy time' logic. It was supposed to be used for + handling calculations where we have a known amount of clock skew and + an allowed amount of unknown skew. But we only used it in three + places, and we never adjusted the known/unknown skew values. This is + still something we might want to do someday, but if we do, we'll + want to do it differently. - Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned. None of the cases where we did this before were wrong, but by making - this change we avoid warnings. Fixes bug 2475; bugfix on - 0.2.1.28. + this change we avoid warnings. Fixes bug 2475; bugfix on 0.2.1.28. - Use GetTempDir to find the proper temporary directory location on - Windows when generating temporary files for the unit tests. Patch - by Gisle Vanem. + Windows when generating temporary files for the unit tests. Patch by + Gisle Vanem. Changes in version 0.2.2.24-alpha - 2011-04-08

1 0