commit 38ee959ea9f7b9a213487e37433a000b7e0df54d
Author: Nick Mathewson <nickm(a)torproject.org>
Date: Wed Aug 31 01:02:38 2011 -0400
First draft of an 0.2.3.3-alpha changelog
---
ChangeLog | 135 +++++++++++++++++++++++++++++++++++++++++++++
changes/bug1692 | 5 --
changes/bug2930 | 5 --
changes/bug3550 | 5 --
changes/bug3607 | 15 -----
changes/bug3615 | 3 -
changes/bug3643 | 4 -
changes/bug3700 | 6 --
changes/bug3732 | 7 --
changes/bug3747 | 6 --
changes/bug3752 | 5 --
changes/bug3803 | 4 -
changes/bug3804 | 9 ---
changes/bug3805 | 5 --
changes/bug3814 | 4 -
changes/fmt_addr | 4 -
changes/geoip-august2011 | 3 -
changes/le-win-threads | 3 -
changes/microdescs_on | 5 --
changes/msvc_lround | 4 -
changes/nmake | 3 -
changes/optimistic-client | 9 ---
changes/prop171 | 22 -------
changes/require-le-2.0.13 | 12 ----
24 files changed, 135 insertions(+), 148 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 848f963..bbefe24 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,138 @@
+Changes in version 0.2.3.3-alpha - 2011-0?-??
+ Tor 0.2.3.3-alpha adds a new major "stream isolation" feature to
+ improve Tor's security, and provides client-side support for several
+ the microdescriptor and optimistic data features introduced earlier in
+ the 0.2.3.x series. Also, it has numerous critical bugfixes in the
+ (optional) bufferevent-based networking backend.
+
+ o Major features:
+ - You can now configure Tor so that streams from different
+ applications are isolated on different circuits, to prevent an
+ attacker who sees your streams leaving an exit node from linking
+ your sessions to one another. To do this, choose some way to
+ distinguish the applications: have them connect to different
+ SocksPorts, or have one of them use SOCKS4 while the other uses
+ SOCKS5, or have them pass different authentication strings to the
+ SOCKS proxy. Then, use the new SocksPort syntax to configure the
+ degree of isolation you need. This implements Proposal 171.
+ - The microdescriptor system is now on by default for clients. This
+ allows clients to download a much smaller amount of directory
+ information. To disable it, set "UseMicrodescriptors 0" in your
+ torrc file.
+ - Tor's firewall-helper feature, introduced in 0.2.3.1-alpha, now
+ supports Windows.
+ - When using an exit nodes running 0.2.3.x, clients can now
+ "optimistically" send data before the exit node reports that the
+ stream has opened. This saves a round trip when starting
+ connections where the client speaks first. This behavior is
+ controlled by a (currently disabled) consensus parameter. To turn
+ it on or off manually, use the "OptimisticData" torrc
+ option. Implements proposal 181; code by Ian Goldberg.
+
+ o Major bugfixes (bufferevents):
+ - When using IOCP on windows, we need to enable Libevent windows
+ threading support. Bugfix on 0.2.3.1-alpha.
+ - The IOCP backend now works even when the user has not specified
+ the (internal, debbuging-only) _UseFilteringSSLBufferevents option.
+ Fixes part of bug 3752; bugfix on 0.2.3.1-alpha.
+ - Correctly record the bytes we've read and written when using
+ bufferevents, so that we can include them in our bandwidth history
+ and advertised bandwidth. Fixes bug 3803; bugfix on 0.2.3.1-alpha.
+ - Apply rate-limiting only at the bottom of a chain of filtering
+ bufferevents. This prevents us from filling up internal read
+ buffers and violating rate-limits when filtering bufferevents
+ are enabled. Bugfix on 0.2.3.1-alpha; fixes part of bug 3804.
+ - Add high-watermarks to the output buffers for filtered
+ bufferevents. This prevents us from filling up internal write
+ buffers and wasting CPU cycles when filtering bufferevents are
+ enabled. Bugfix on 0.2.3.1-alpha; fixes part of bug 3804.
+ - Correctly notice when data has been written from a bufferevent
+ without flushing it completely. Bugfix on 0.2.3.1-alpha; fixes
+ bug 3805.
+ - Fix a bug where server-side tunneled bufferevent-based directory
+ streams would get closed prematurely. Fixes 3814, bugfix on
+ 0.2.3.1-alpha.
+
+ o Major bugfixes (on 0.2.2.x and earlier): [stet]
+ - If we're configured to write our ControlPorts to disk, only write
+ them after switching UID and creating the data directory. This way,
+ we don't fail when starting up with a nonexistent DataDirectory
+ and a ControlPortWriteToFile setting based on that directory. Fixes
+ bug 3747; bugfix on Tor 0.2.2.26-beta.
+
+ o Minor features:
+ - There's a new syntax for specifying multiple client ports (such as
+ SOCKSPort, TransPort, DNSPort, NATDPort): you can now just declare
+ multiple *Port entries with full addr:port syntax on each.
+ The old *ListenAddress format is still supported, but you can't
+ mix it with the new *Port syntax.
+ - Added a new CONF_CHANGED event so that controllers can be notified
+ of any configuration changes made by other controllers, or by the
+ user. Implements #1692.
+ - Use evbuffer_copyout() in inspect_evbuffer(). This fixes a memory
+ leak when using bufferevents, and lets Libevent worry about how to
+ best copy data out of a buffer.
+ - Replace files in stats/ rather than appending to them. Now that we
+ include statistics in extra-info descriptors, it makes no sense to
+ keep old statistics forever. Implements #2930.
+
+ o Minor features (build compatibility):
+ - Limited, experimental support for building with nmake and MSVC.
+ - Provide a substitute implementation of lround() for MSVC, which
+ apparently lacks it. Patch from Gisle Vanem.
+
+ o Minor features: [stet]
+ - Update to the August 2 2011 Maxmind GeoLite Country database.
+
+ o Minor bugfixes (on 0.2.3.x-alpha):
+ - Fix a spurious warning when parsing SOCKS requests with
+ bufferevents enabled. Fixes bug 3615; bugfix on 0.2.3.2-alpha.
+ - Get rid of a harmless warning that could happen on relays running
+ with bufferevents. The warning was caused by someone doing an http
+ request to a relay's orport. Also don't warn for a few related
+ non-errors. Fixes bug 3700; bugfix on 0.2.3.1-alpha.
+
+ o Minor bugfixes (on 2.2.x and earlier):
+ - The "--quiet" and "--hush" options now apply not only to Tor's
+ behavior before logs are configured, but also to Tor's behavior in
+ the absense of configured logs. Fixes bug 3550; bugfix on
+ 0.2.0.10-alpha.
+
+ o Minor bugfixes (on 2.2.x and earlier): [stet]
+ - Write several files in text mode, on OSes that distinguish text
+ mode from binary mode (namely, Windows). These files are:
+ 'buffer-stats', 'dirreq-stats', and 'entry-stats' on relays
+ that collect those statistics; 'client_keys' and 'hostname' for
+ hidden services that use authentication; and (in the tor-gencert
+ utility) newly generated identity and signing keys. Previously,
+ we wouldn't specify text mode or binary mode, leading to an
+ assertion failure. Fixes bug 3607. Bugfix on 0.2.1.1-alpha (when
+ the DirRecordUsageByCountry option which would have triggered
+ the assertion failure was added), although this assertion failure
+ would have occurred in tor-gencert on Windows in 0.2.0.1-alpha.
+ - Selectively disable deprecation warnings on OS X because Lion
+ started deprecating the shipped copy of openssl. Fixes bug 3643.
+ - Remove an extra pair of quotation marks around the error
+ message in control-port STATUS_GENERAL BUG events. Bugfix on
+ 0.1.2.6-alpha; fixes bug 3732.
+ - When unable to format an address as a string, report its value
+ as "???" rather than reusing the last formatted address. Bugfix
+ on 0.2.1.5-alpha.
+
+ o Code simplifications and refactoring:
+ - Rewrote the listener-selection logic so that parsing which ports
+ we want to listen on is now separate form binding to the ports
+ we want.
+
+ o Build changes:
+ - Building Tor with bufferevent support now requires Libevent
+ 2.0.13-stable or later. Previous versions of Libevent had bugs in
+ SSL-related bufferevents and related issues that would make Tor
+ work badly with bufferevents. Requiring 2.0.13-stable also allows
+ Tor with bufferevents to take advantage of Libevent APIs
+ introduced after 2.0.8-rc.
+
+
Changes in version 0.2.2.32 - 2011-08-27
The Tor 0.2.2 release series is dedicated to the memory of Andreas
Pfitzmann (1958-2010), a pioneer in anonymity and privacy research,
diff --git a/changes/bug1692 b/changes/bug1692
deleted file mode 100644
index c2a71cc..0000000
--- a/changes/bug1692
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features:
- - CONF_CHANGED event is provided so that controllers can be notified
- of any configuration changes made by other controllers/SETCONF/HUP.
- Implements #1692.
-
diff --git a/changes/bug2930 b/changes/bug2930
deleted file mode 100644
index 8d28664..0000000
--- a/changes/bug2930
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features:
- - Replace files in stats/ rather than appending to them. Now that we
- include statistics in extra-info descriptors, it makes no sense to
- keep old statistics forever. Implements #2930.
-
diff --git a/changes/bug3550 b/changes/bug3550
deleted file mode 100644
index 658179f..0000000
--- a/changes/bug3550
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - The "--quiet" and "--hush" options now apply not only to Tor's
- behavior before user-configured logs are added, but also to
- Tor's behavior in the absense of configured logs. Fixes bug
- 3550; bugfix on 0.2.0.10-alpha.
diff --git a/changes/bug3607 b/changes/bug3607
deleted file mode 100644
index 5ece219..0000000
--- a/changes/bug3607
+++ /dev/null
@@ -1,15 +0,0 @@
- o Minor bugfixes:
-
- - Write several files in text mode, on OSes that distinguish text
- mode from binary mode (namely, Windows). These files are:
- buffer-stats, dirreq-stats, and entry-stats on relays that collect
- those statistics; client_keys and hostname files for hidden
- services that use authentication; and (in the tor-gencert utility)
- newly generated identity and signing keys. Previously, we
- wouldn't specify text mode or binary mode, leading to an assertion
- failure. Fixes bug 3607. Bugfix on 0.2.1.1-alpha (when the
- DirRecordUsageByCountry option which would have triggered the
- assertion failure was added), although this assertion failure
- would have occurred in tor-gencert on Windows in 0.2.0.1-alpha.
-
-
diff --git a/changes/bug3615 b/changes/bug3615
deleted file mode 100644
index 704b3fa..0000000
--- a/changes/bug3615
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes:
- - Fix a spurious warning when parsing SOCKS requests with
- bufferevents enabled. Fixes bug 3615; bugfix on 0.2.3.2-alpha.
diff --git a/changes/bug3643 b/changes/bug3643
deleted file mode 100644
index 86bd920..0000000
--- a/changes/bug3643
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Selectively disable deprecation warnings on OS X because Lion started
- deprecating the shipped copy of openssl. Fixes bug 3643.
-
diff --git a/changes/bug3700 b/changes/bug3700
deleted file mode 100644
index cef7296..0000000
--- a/changes/bug3700
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - Get rid of a harmless warning that could happen on relays running
- with bufferevents. The warning was caused by someone doing an http
- request to a relay's orport. Also don't warn for a few related
- non-errors. Fixes bug 3700; bugfix on 0.2.3.1-alpha.
-
diff --git a/changes/bug3732 b/changes/bug3732
deleted file mode 100644
index 7a71d1a..0000000
--- a/changes/bug3732
+++ /dev/null
@@ -1,7 +0,0 @@
- o Major bugfixes:
-
- - Remove an extra pair of quotation marks around the error
- message in control-port STATUS_GENERAL BUG events. Bugfix on
- 0.1.2.6-alpha; fixes bug 3732.
-
-
diff --git a/changes/bug3747 b/changes/bug3747
deleted file mode 100644
index 052dab1..0000000
--- a/changes/bug3747
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major bugfixes:
- - Write control ports to disk only after switching UID and
- creating the data directory. This way, we don't fail when
- starting up with a nonexistant DataDirectory and a
- ControlPortWriteToFile setting based on that directory. Fixes
- bug 3747; bugfix on Tor 0.2.2.26-beta.
\ No newline at end of file
diff --git a/changes/bug3752 b/changes/bug3752
deleted file mode 100644
index 270f155..0000000
--- a/changes/bug3752
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major bugfixes:
- - The IOCP backend now works even when the user has not specified
- the (internal, debbuging-only) _UseFilteringSSLBufferevents option.
- Fixes part of bug 3752; bugfix on 0.2.3.1-alpha.
-
diff --git a/changes/bug3803 b/changes/bug3803
deleted file mode 100644
index 2d50f0c..0000000
--- a/changes/bug3803
+++ /dev/null
@@ -1,4 +0,0 @@
- o Major bugfixes (bufferevents):
- - Correctly record the bytes we've read and written when using
- bufferevents, so that we can include them in our bandwidth history
- and advertised bandwidth. Fixes bug 3803; bugfix on 0.2.3.1-alpha.
diff --git a/changes/bug3804 b/changes/bug3804
deleted file mode 100644
index 7ad091c..0000000
--- a/changes/bug3804
+++ /dev/null
@@ -1,9 +0,0 @@
- o Major bugfixes (bufferevents):
- - Apply rate-limiting only at the bottom of a chain of filtering
- bufferevents. This prevents us from filling up internal read
- buffers and violating rate-limits when filtering bufferevents
- are enabled. Bugfix on 0.2.3.1-alpha; fixes part of bug 3804.
- - Add high-watermarks to the output buffers for filtered
- bufferevents. This prevents us from filling up internal write
- buffers and wasting CPU cycles when filtering bufferevents are
- enabled. Bugfix on 0.2.3.1-alpha; fixes part of bug 3804.
diff --git a/changes/bug3805 b/changes/bug3805
deleted file mode 100644
index 9d12b81..0000000
--- a/changes/bug3805
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major bugfixes (bufferevents):
- - Correctly notice when data has been written from a bufferevent
- without flushing it completely. Bugfix on 0.2.3.1-alpha; fixes
- bug 3805.
-
diff --git a/changes/bug3814 b/changes/bug3814
deleted file mode 100644
index 3db0e3e..0000000
--- a/changes/bug3814
+++ /dev/null
@@ -1,4 +0,0 @@
- o Major bugfixes (bufferevents):
- - Fix a bug where server-side tunneled bufferevent-based directory
- streams would get closed prematurely. Fixes 3814, bugfix on
- 0.2.3.1-alpha.
diff --git a/changes/fmt_addr b/changes/fmt_addr
deleted file mode 100644
index b88c9e1..0000000
--- a/changes/fmt_addr
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - When unable to format an address as a string, report its value
- as "???" rather than reusing the last formatted address. Bugfix
- on 0.2.1.5-alpha.
diff --git a/changes/geoip-august2011 b/changes/geoip-august2011
deleted file mode 100644
index 6de8b0f..0000000
--- a/changes/geoip-august2011
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features:
- - Update to the August 2 2011 Maxmind GeoLite Country database.
-
diff --git a/changes/le-win-threads b/changes/le-win-threads
deleted file mode 100644
index 5be44a2..0000000
--- a/changes/le-win-threads
+++ /dev/null
@@ -1,3 +0,0 @@
- o Major bugfixes (IOCP):
- - When using IOCP on windows, we need to enable Libevent windows threading
- support. Bugfix on 0.2.3.1-alpha.
diff --git a/changes/microdescs_on b/changes/microdescs_on
deleted file mode 100644
index 8299c1d..0000000
--- a/changes/microdescs_on
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major features:
- - The microdescriptor system is now on by default for clients. This
- allows clients to use Tor while downloading a much smaller amount
- of directory information. To disable it, set "UseMicrodescriptors 0"
- in your torrc file.
diff --git a/changes/msvc_lround b/changes/msvc_lround
deleted file mode 100644
index e4aea95..0000000
--- a/changes/msvc_lround
+++ /dev/null
@@ -1,4 +0,0 @@
- o Build fixes:
- - Provide a substitute implementation of lround() for MSVC, which
- apparently lacks it. Patch from Gisle Vanem.
-
diff --git a/changes/nmake b/changes/nmake
deleted file mode 100644
index 47f4f8f..0000000
--- a/changes/nmake
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features (build compatibility):
- - Limited, experimental support for building with nmake and MSVC.
-
diff --git a/changes/optimistic-client b/changes/optimistic-client
deleted file mode 100644
index 9a21a41..0000000
--- a/changes/optimistic-client
+++ /dev/null
@@ -1,9 +0,0 @@
- o Major features:
- - When using an exit nodes running 0.2.3.1-alpha and later,
- clients can now "optimistically" send data on a stream before
- the exit node reports that the stream has opened. This can save
- a round trip when starting connections with protocols where the
- client speaks first. This behavior is controlled by a (currently
- disabled) networkstatus consensus parameter. To turn it on or
- off manually, use the "OptimisticData" torrc option. Implements
- proposal 181; code by Ian Goldberg.
diff --git a/changes/prop171 b/changes/prop171
deleted file mode 100644
index 91c463f..0000000
--- a/changes/prop171
+++ /dev/null
@@ -1,22 +0,0 @@
- o Major features:
- - You can now configure Tor so that streams from different
- applications are isolated on different circuits, to prevent an
- attacker who sees your streams leaving an exit node from linking
- your sessions to one another. To do this, choose some way to
- distinguish the applications -- have them connect to different
- SocksPorts, or have one of them use SOCKS4 while the other uses
- SOCKS5, or have them pass different authentication strings to
- the SOCKS proxy. Then use the new SocksPort syntax to configure
- the degree of isolation you need. This implements Proposal 171.
-
- o Minor features:
- - There's a new syntax for specifying multiple client ports (such as
- SOCKSPort, TransPort, DNSPort, NATDPort): you can now just declare
- multiple ...Port entries with full addr:port syntax on each.
- The old ...ListenAddress format is still supported, but you can't
- mix it with the new SOCKSPort syntax.
-
- o Code simplifications and refactoring:
- - Rewrote the listener-selection logic so that parsing which ports
- we want to listen on is now separate form binding to the ports
- we want.
diff --git a/changes/require-le-2.0.13 b/changes/require-le-2.0.13
deleted file mode 100644
index 56e7b31..0000000
--- a/changes/require-le-2.0.13
+++ /dev/null
@@ -1,12 +0,0 @@
- o Build changes:
- - Building Tor with bufferevent support now requires Libevent
- 2.0.13-stable or later. Previous versions of Libevent had bugs
- in SSL-related bufferevents and related issues that would make
- Tor work badly with bufferevents. Requiring 2.0.13-stable also
- means that Tor with bufferevents can take advantage of Libevent
- APIs introduced after 2.0.8-rc.
-
- o Minor bugfixes:
- - Use evbuffer_copyout() in inspect_evbuffer(). This fixes a memory
- leak, and lets Libevent worry about how to best copy data out
- of a buffer.