commit a1e2232ed10d52062e0c0fe34c45cf7f441b4e78
Author: Roger Dingledine <arma(a)torproject.org>
Date: Mon Dec 24 04:01:44 2012 -0500
fold in changes files so far
---
ChangeLog | 123 ++++++++++++++++++++++++++++++++++++++++++++
changes/addrmap_error | 5 --
changes/bug3443 | 11 ----
changes/bug6113 | 3 -
changes/bug6887 | 3 -
changes/bug7013 | 4 --
changes/bug7059a | 5 --
changes/bug7260 | 3 -
changes/bug7267 | 4 --
changes/bug7306 | 5 --
changes/dist-geoip6 | 3 -
changes/fallback_dirsource | 14 -----
changes/geoip-dec2012 | 3 -
changes/geoip-nov2012 | 3 -
changes/hb-fullness | 3 -
changes/ipv6_automap | 19 -------
changes/ipv6_exits | 18 ------
changes/prop205-simplified | 25 ---------
changes/rename_dirserver | 3 -
changes/split_addressmap | 3 -
changes/task-6266 | 7 ---
21 files changed, 123 insertions(+), 144 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 027edcc..a41af9f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,126 @@
+Changes in version 0.2.4.7-alpha - 2012-12-24
+ o Major features (client resilience):
+ - Add a new "FallbackDir" torrc option to use when we can't use
+ a directory mirror from the consensus (either because we lack a
+ consensus, or because they're all down). Currently, all authorities
+ are fallbacks by default, and there are no other default fallbacks,
+ but that will change. This option will allow us to give clients a
+ longer list of servers to try to get a consensus from when first
+ connecting to the Tor network, and thereby reduce load on the
+ directory authorities. Implements proposal 206, "Preconfigured
+ directory sources for bootstrapping". We also removed the old
+ "FallbackNetworkstatus" option, since we never got it working well
+ enough to use it. Closes bug 572.
+ - If we have no circuits open, use a relaxed timeout (the
+ 95-percentile cutoff) until a circuit succeeds. This heuristic
+ should allow Tor to succeed at building circuits even when the
+ network connection drastically changes. Should help with bug 3443.
+
+ o Major features (IPv6):
+ - Tor now has (alpha) support for exiting to IPv6 addresses. To
+ enable it as an exit node, make sure that you have IPv6
+ connectivity, then set the IPv6Exit flag to 1. Also make sure your
+ exit policy reads as you would like: the address * applies to all
+ address families, whereas *4 is IPv4 address only, and *6 is IPv6
+ addresses only. On the client side, you'll need to wait until the
+ authorities have upgraded, wait for enough exits to support IPv6,
+ apply the "IPv6Traffic" flag to a SocksPort, and use Socks5. Closes
+ ticket 5547, implements proposal 117 as revised in proposal 208.
+
+ We DO NOT recommend that clients with actual anonymity needs start
+ using IPv6 over Tor yet, since not enough exits support it yet.
+
+ o Major features (geoip database):
+ - Maxmind began labelling Tor relays as being in country "A1",
+ which breaks by-country node selection inside Tor. Now we use a
+ script to replace "A1" ("Anonymous Proxy") entries in our geoip
+ file with real country codes. This script fixes about 90% of "A1"
+ entries automatically and uses manual country code assignments to
+ fix the remaining 10%. See src/config/README.geoip for details.
+ Fixes bug 6266. Also update to the December 5 2012 Maxmind GeoLite
+ Country database, as modified above.
+
+ o Major bugfixes (client-side DNS):
+ - Turn off the client-side DNS cache by default. Updating and using
+ the DNS cache is now configurable on a per-client-port
+ level. SOCKSPort, DNSPort, etc lines may now contain
+ {No,}Cache{IPv4,IPv6,}DNS lines to indicate that we shouldn't
+ cache these types of DNS answers when we receive them from an
+ exit node in response to an application request on this port, and
+ {No,}UseCached{IPv4,IPv6,DNS} lines to indicate that if we have
+ cached DNS answers of these types, we shouldn't use them. It's
+ potentially risky to use cached DNS answers at the client, since
+ doing so can indicate to one exit what answers we've gotten
+ for DNS lookups in the past. With IPv6, this becomes especially
+ problematic. Using cached DNS answers for requests on the same
+ circuit would present less linkability risk, since all traffic
+ on a circuit is already linkable, but it would also provide
+ little performance benefit: the exit node caches DNS replies
+ too. Implements a simplified version of Proposal 205. Implements
+ ticket 7570.
+
+ o Major bugfixes (other):
+ - Alter circuit build timeout measurement to start at the point
+ where we begin the CREATE/CREATE_FAST step (as opposed to circuit
+ initialization). This should make our timeout measurements more
+ uniform. Previously, we were sometimes including ORconn setup time
+ in our circuit build time measurements. Should resolve bug 3443.
+ - Fix an assertion that could trigger in hibernate_go_dormant() when
+ closing an or_connection_t: call channel_mark_for_close() rather
+ than connection_mark_for_close(). Fixes bug 7267. Bugfix on
+ 0.2.4.4-alpha.
+ - Distribute and install the geoip6 IPv6 GeoIP database. Fixes bug
+ 7655; bugfix on 0.2.4.6-alpha.
+
+ o Minor features:
+ - Add a new torrc option "ServerTransportListenAddr" to let users
+ select the address where their pluggable transports will listen
+ for connections. Resolves ticket 7013.
+ - Allow an optional $ before the node identity digest in the
+ controller command GETINFO ns/id/<identity>, for consistency with
+ md/id/<identity> and desc/id/<identity>. Resolves ticket 7059.
+ - Log packaged cell fullness as part of the heartbeat message.
+ Diagnosis to try to determine the extent of bug 7743.
+
+ o Minor features (IPv6):
+ - AutomapHostsOnResolve now supports IPv6 addresses. By default, we
+ prefer to hand out virtual IPv6 addresses, since there are more of
+ them and we can't run out. To override this behavior and make IPv4
+ addresses preferred, set NoPreferIPv6Automap on whatever SOCKSPort
+ or DNSPort you're using for resolving. Implements ticket 7571.
+ - AutomapHostsOnResolve responses are now randomized, to avoid
+ annoying situations where Tor is restarted and applications
+ connect to the wrong addresses.
+ - We never try more than 1000 times to pick a new virtual address
+ when AutomapHostsOnResolve is set. That's good enough so long as
+ we aren't close to handing out our entire virtual address space;
+ if you're getting there, it's best to switch to IPv6 virtual
+ addresses anyway.
+
+ o Minor bugfixes:
+ - The ADDRMAP command can no longer generate an ill-formed error
+ code on a failed MAPADDRESS. It now says "internal" rather than
+ an English sentence fragment with spaces in the middle. Bugfix on
+ Tor 0.2.0.19-alpha.
+ - Fix log messages and comments to avoid saying "GMT" when we mean
+ "UTC". Fixes bug 6113.
+ - Compile on win64 using mingw64. Fixes bug 7260; patches from
+ "yayooo".
+ - Fix a crash when debugging unit tests on Windows: deallocate a
+ shared library with FreeLibrary, not CloseHandle. Fixes bug 7306;
+ bugfix on 0.2.2.17-alpha. Reported by "ultramage".
+
+ o Renamed options:
+ - The DirServer option is now DirAuthority, for consistency with
+ current naming patterns. You can still use the old DirServer form.
+
+ o Code simplification and refactoring:
+ - Move the client-side address-map/virtual-address/DNS-cache code
+ out of connection_edge.c into a new addressmap.c module.
+ - Remove unused code for parsing v1 directories and "running routers"
+ documents. Fixes bug 6887.
+
+
Changes in version 0.2.3.25 - 2012-11-19
The Tor 0.2.3 release series is dedicated to the memory of Len "rabbi"
Sassaman (1980-2011), a long-time cypherpunk, anonymity researcher,
diff --git a/changes/addrmap_error b/changes/addrmap_error
deleted file mode 100644
index 17d9b54..0000000
--- a/changes/addrmap_error
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (controller):
- - The ADDRMAP command can no longer generate an ill-formed error
- code on a failed MAPADDRESS. It now says "internal" rather than
- an English sentence fragment with spaces in the middle. Bugfix on
- Tor 0.2.0.19-alpha.
diff --git a/changes/bug3443 b/changes/bug3443
deleted file mode 100644
index 01896ff..0000000
--- a/changes/bug3443
+++ /dev/null
@@ -1,11 +0,0 @@
- o Minor bugfixes
- - Alter circuit build timeout measurement to start at the point
- where we begin the CREATE/CREATE_FAST step (as opposed to circuit
- initialization). This should make our timeout measurements more
- uniform. Previously, we were sometimes including ORconn setup time
- in our circuit build time measurements. Fixes bug #3443.
-
- o Minor features
- - If we have no circuits open, use a relaxed timeout (the 95-percentile
- cutoff) until a circuit succeeds. This should allow Tor to succeed
- building circuits if the network connection drastically changes.
diff --git a/changes/bug6113 b/changes/bug6113
deleted file mode 100644
index 436243d..0000000
--- a/changes/bug6113
+++ /dev/null
@@ -1,3 +0,0 @@
- o Trivial bugfixes:
- - Fix log messages and comments to avoid saying "GMT" when we mean
- "UTC". Fixes bug 6113.
diff --git a/changes/bug6887 b/changes/bug6887
deleted file mode 100644
index df226d4..0000000
--- a/changes/bug6887
+++ /dev/null
@@ -1,3 +0,0 @@
- o Removed code:
- - Removed unused code to parse v1 directories and "running routers"
- documents. Fixes bug 6887.
diff --git a/changes/bug7013 b/changes/bug7013
deleted file mode 100644
index ba78520..0000000
--- a/changes/bug7013
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features:
- - Add a new torrc option 'ServerTransportListenAddr' which allows
- users to select the address where their pluggable transports
- will listen for connections.
diff --git a/changes/bug7059a b/changes/bug7059a
deleted file mode 100644
index b0c0611..0000000
--- a/changes/bug7059a
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (controller):
- - Allow an optional $ before the node identity digest in the
- controller command GETINFO ns/id/<identity>, for consistency with
- md/id/<identity> and desc/id/<identity>.
-
diff --git a/changes/bug7260 b/changes/bug7260
deleted file mode 100644
index 8eb54c3..0000000
--- a/changes/bug7260
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes:
- - Compile on win64 using mingw64. Fixes bug 7260; patches from "yayooo".
-
diff --git a/changes/bug7267 b/changes/bug7267
deleted file mode 100644
index 7089329..0000000
--- a/changes/bug7267
+++ /dev/null
@@ -1,4 +0,0 @@
- - Major bugfixes
- o Call channel_mark_for_close() rather than connection_mark_for_close()
- in hibernate_go_dormant() when closing an or_connection_t. Fixes bug
- 7267.
diff --git a/changes/bug7306 b/changes/bug7306
deleted file mode 100644
index 949cc60..0000000
--- a/changes/bug7306
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - Fix a crash when debugging unit tests on windows: deallocate a
- shared library with FreeLibrary, not CloseHandle. Fixes bug #7306;
- bugfix on 0.2.2.17-alpha. Reported by "ultramage".
-
diff --git a/changes/dist-geoip6 b/changes/dist-geoip6
deleted file mode 100644
index 09cdc42..0000000
--- a/changes/dist-geoip6
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes:
- - Distribute and install the geoip6 IPv6 GeoIP database. Fixes bug
- 7655; bugfix on 0.2.4.6-alpha.
diff --git a/changes/fallback_dirsource b/changes/fallback_dirsource
deleted file mode 100644
index 6b79d1a..0000000
--- a/changes/fallback_dirsource
+++ /dev/null
@@ -1,14 +0,0 @@
- o Major features:
- - Add a new FallbackDir option to use when we can't use a directory
- from the consensus (either because we lack a consensus, or because
- they're all down). Currently, all authorities are fallbacks by
- default, and there are no other default fallbacks, but that will
- change. This option will allow us to give clients a longer list
- of servers to try to get a consensus from when first connecting to
- the Tor network, and thereby reduce load on the directory
- authorities. Implements proposal 206, "Preconfigured directory
- sources for bootstrapping". Closes bug 572.
-
- o Removed features:
- - Drop the old FallbackNetworkstatus option: we never got it working
- well enough to use it. Closes bug 572.
diff --git a/changes/geoip-dec2012 b/changes/geoip-dec2012
deleted file mode 100644
index 26431c2..0000000
--- a/changes/geoip-dec2012
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features:
- - Update to the December 5 2012 Maxmind GeoLite Country database.
-
diff --git a/changes/geoip-nov2012 b/changes/geoip-nov2012
deleted file mode 100644
index 22e7bac..0000000
--- a/changes/geoip-nov2012
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features:
- - Update to the November 7 2012 Maxmind GeoLite Country database.
-
diff --git a/changes/hb-fullness b/changes/hb-fullness
deleted file mode 100644
index 5a8beb8..0000000
--- a/changes/hb-fullness
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features:
- - Log packaged cell fullness as part of the heartbeat message.
- Diagnosis to try to determine the extent of bug 7743.
diff --git a/changes/ipv6_automap b/changes/ipv6_automap
deleted file mode 100644
index 1b44585..0000000
--- a/changes/ipv6_automap
+++ /dev/null
@@ -1,19 +0,0 @@
- o Minor features:
-
- - AutomapHostsOnResolve now support IPv6 addresses. By default, we
- prefer to hand out virtual IPv6 addresses, since there are more of
- them and we can't run out. To override this behavior and make
- IPv4 addresses preferred, set NoPreferIPv6Automap on whatever
- SOCKSPort or DNSPort you're using for resolving. Implements
- ticket #7571.
-
- - AutomapHostsOnResolve responses are now randomized, to avoid
- annoying situations where Tor is restarted and applications
- connect to the wrong addresses.
-
- - We never try more than 1000 times to pick a virtual address
- when AutomapHostsOnResolve is set. That's good enough so long
- as we aren't close to handing out our entire virtual address
- space; if you're getting there, it's best to switch to IPv6
- virtual addresses anyway.
-
diff --git a/changes/ipv6_exits b/changes/ipv6_exits
deleted file mode 100644
index 97af751..0000000
--- a/changes/ipv6_exits
+++ /dev/null
@@ -1,18 +0,0 @@
- o Major features:
-
- - Tor now has (alpha) support for exiting to IPv6 addresses. To
- enable it as an exit node, make sure that you have IPv6
- connectivity, set the IPv6Exit flag to 1. Also make sure your
- exit policy reads as you would like: the address * applies to
- all address families, whereas *4 is IPv4 address only, and *6
- is IPv6 addresses only. On the client side, you'll need to
- wait till the authorities have upgraded, wait for enough exits
- to support IPv6, apply the "IPv6Traffic" flag to a SocksPort,
- and use Socks5. Closes ticket 5547, implements proposal 117 as
- revised in proposal 208.
-
- We DO NOT recommend that clients with actual anonymity needs
- start using IPv6 over Tor yet: not enough exits support it
- yet, and there are some DNS-caching related issues that need
- to be solved first.
-
diff --git a/changes/prop205-simplified b/changes/prop205-simplified
deleted file mode 100644
index 25d204d..0000000
--- a/changes/prop205-simplified
+++ /dev/null
@@ -1,25 +0,0 @@
- o Major features (client-side DNS):
-
- - The updating and usage of DNS cache is now configurable on a
- per- client-port level. SOCKSPort, DNSPort, etc lines may now
- contain {No,}Cache{IPv4,IPv6,}DNS lines to indicate that we
- shouldn't cache these types of DNS answers when we receive them
- from an exit node in response to a request from this port, and
- {No,}UseCached{IPv4,IPv6,DNS} lines to indicate that if we have
- cached DNS answers of these types, we shouldn't use them. It's
- potentially risky to use cached DNS answers at the client,
- since doing so can indicate to one exit
- what answers we've gotten for DNS lookups in the past. With
- IPv6, this becomes especially problematic. Using cached DNS
- answers for requests on the same circuit would present less
- linkability risk, since all traffic on a circuits is already
- linkable, but it would also provide little performance benefit:
- the exit node caches DNS replies too. Implements a simplified
- version of Proposal 205. Implements ticket #7570.
-
- o Disabled features:
-
- - Client-side use of the DNS cache is now off by default. See "Major
- features (client-side DNS)" for more information. Implements a
- simplified version of Proposal 205. Implements ticket #7570.
-
diff --git a/changes/rename_dirserver b/changes/rename_dirserver
deleted file mode 100644
index 122a2df..0000000
--- a/changes/rename_dirserver
+++ /dev/null
@@ -1,3 +0,0 @@
- o Renamed options:
- - The DirServer option is now DirAuthority, for consistency with current
- naming patterns. You can still use the old DirServer form.
diff --git a/changes/split_addressmap b/changes/split_addressmap
deleted file mode 100644
index 9f377c5..0000000
--- a/changes/split_addressmap
+++ /dev/null
@@ -1,3 +0,0 @@
- o Code simplification and refactoring:
- - Move the client-side address-map/virtual-address/DNS-cache code
- out of connection_edge.c into a new addressmap.c module.
diff --git a/changes/task-6266 b/changes/task-6266
deleted file mode 100644
index e7f0509..0000000
--- a/changes/task-6266
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor features:
- - Use a script to replace "A1" ("Anonymous Proxy") entries in our
- geoip file with real country codes. This script fixes about 90% of
- "A1" entries automatically and uses manual country code assignments
- to fix the remaining 10%. See src/config/README.geoip for details.
- Fixes #6266.
-
