commit 420840434c322223ca93a29596477eeda101f091 Author: Nick Mathewson nickm@torproject.org Date: Sun Apr 15 13:54:21 2018 -0400
Edit changelog for 0.3.3.5-rc --- ChangeLog | 101 +++++++++++++++++++++++++++++--------------------------------- 1 file changed, 47 insertions(+), 54 deletions(-)
diff --git a/ChangeLog b/ChangeLog index ed8f6ed8c..9a1b3610b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,29 +1,25 @@ -o Major bugfixes (performance, load balancing): - -Changes in version 0.3.3.5-rc - 2018-04-14 - BLURB +Changes in version 0.3.3.5-rc - 2018-04-15 + Tor 0.3.3.5-rc fixes various bugs in earlier versions of Tor, + including some that could affect reliability or correctness.
- - Directory authorities no longer vote in favor of the Guard flag for - relays that don't advertise directory support. Starting in Tor - 0.3.0.1-alpha, Tor clients have been avoiding using such relays in the - Guard position, leading to increasingly broken load balancing for the - 5%-or-so of Guards that don't advertise directory support. Fixes bug - 22310; bugfix on 0.3.0.6. + This is the first release candidate in the 0.3.3 series. If we find no + new bugs or regression here, then the first stable 0.3.3 release will + be nearly identical to this one.
- o Major bugfixes (protover, voting): + o Major bugfixes (security, protover, voting): - Revise Rust implementation of protover to use a more memory- efficient voting algorithm and corresponding data structures, thus - avoiding a potential (but small impact) DoS attack where specially - crafted protocol strings would expand to several potential - megabytes in memory. In the process, several portions of code were - revised to be methods on new, custom types, rather than functions - taking interchangeable types, thus increasing type safety of the - module. Custom error types and handling were added as well, in - order to facilitate better error dismissal/handling in outside - crates and avoid mistakenly passing an internal error string to C - over the FFI boundary. Many tests were added, and some previous - differences between the C and Rust implementations have been - remedied. Fixes bug 24031; bugfix on 0.3.3.1-alpha. + avoiding a potential memory-based DoS attack where specially + crafted protocol strings would expand to fill available memory. + Fixes bug 24031; bugfix on 0.3.3.1-alpha. + + o Major bugfixes (performance, load balancing): + - Directory authorities no longer vote in favor of the Guard flag + for relays without directory support. Starting in Tor + 0.3.0.1-alpha, Tor clients have been avoiding using such relays in + the Guard position, leading to increasingly broken load balancing + for the 5%-or-so of Guards that don't advertise directory support. + Fixes bug 22310; bugfix on 0.3.0.6.
o Minor feature (continuous integration): - Update the Travis CI configuration to use the stable Rust channel, @@ -31,43 +27,30 @@ Changes in version 0.3.3.5-rc - 2018-04-14
o Minor features (config options): - Change the way the default value for MaxMemInQueues is calculated. - We now use 0.4 * RAM if the system have 8 GB RAM or more, otherwise - we use the former value of 0.75 * RAM. Closes ticket 24782. + We now use 40% of the hardware RAM if the system has 8 GB RAM or + more. Otherwise we use the former value of 75%. Closes + ticket 24782.
o Minor features (geoip): - Update geoip and geoip6 to the April 3 2018 Maxmind GeoLite2 Country database. Closes ticket 25718.
- o Minor bugfix (Exit node DNS retries): - - Re-attempt timed-out DNS queries 3 times before failure, since our - timeout is 5 seconds for them, but clients wait 10-15. Also allow - slightly more timeouts per resolver before giving up on it in the - case where an exit has multiple resolvers configured. Fixes bug - 21394; bugfix on 0.3.1.9. - o Minor bugfixes (client): - When using a listed relay as a bridge, and also using microdescriptors, and considering that relay as a non-bridge in a - circuit, consider its microdescriptor as a valid source of - information about that relay. Fixes bug 25691; bugfix - on 0.3.3.4-alpha. - - o Minor bugfixes (compilation, rust): - - Build correctly when the rust dependencies submodule is loaded, - but the TOR_RUST_DEPENDENCIES environment variable is not set. - Fixes bug 25679; bugfix on 0.3.3.1-alpha. - - o Minor bugfixes (configuration): - - Remove undescores from the _HSLayer{2,3}Nodes options. This - expert-user configuration can now be enabled as HSLayer{2,3}Nodes. - Fixes bug 25581; bugfix on 0.3.3.1-alpha + circuit, treat its microdescriptor as a valid source of + information about that relay. This change should prevent a non- + fatal assertion error. Fixes bug 25691; bugfix on 0.3.3.4-alpha.
o Minor bugfixes (controller): - Restore the correct operation of the RESOLVE command, which had been broken since we added the ability to enable/disable DNS on specific listener ports. Fixes bug 25617; bugfix on 0.2.9.3-alpha.
- o Minor bugfixes (distribution, compilation): + o Minor bugfixes (distribution, compilation, rust): + - Build correctly when the rust dependencies submodule is loaded, + but the TOR_RUST_DEPENDENCIES environment variable is not set. + Fixes bug 25679; bugfix on 0.3.3.1-alpha. - Actually include all of our Rust source in our source distributions. (Previously, a few of the files were accidentally omitted.) Fixes bug 25732; bugfix on 0.3.3.2-alpha. @@ -80,19 +63,29 @@ Changes in version 0.3.3.5-rc - 2018-04-14 - Revert a misformatting issue in the ExitPolicy documentation. Fixes bug 25582; bugfix on 0.3.3.1-alpha.
- o Minor bugfixes (hidden services): - - Re-instate counting pending client HSDir fetch circuits against - the MaxClientCircuitsPending rate limit. Fixes bug 24989; bugfix - on 0.3.3.0-alpha-dev. + o Minor bugfixes (Exit node DNS retries): + - Re-attempt timed-out DNS queries 3 times before failure, since our + timeout is 5 seconds for them, but clients wait 10-15. Also allow + slightly more timeouts per resolver before giving up on it in the + case where an exit has multiple resolvers configured. Fixes bug + 21394; bugfix on 0.3.1.9. + + o Minor bugfixes (onion services): + - Re-instate counting the client HSDir fetch circuits against the + MaxClientCircuitsPending rate limit. Fixes bug 24989; bugfix + on 0.3.3.1-alpha. + - Remove underscores from the _HSLayer{2,3}Nodes options. This + expert-user configuration can now be enabled as HSLayer{2,3}Nodes. + Fixes bug 25581; bugfix on 0.3.3.1-alpha
o Code simplification and refactoring: - - Move the list of default directory authorities to their own file - for inclusion using the C preprocessor. Closes ticket 24854. Patch - by "beastr0". + - Move the list of default directory authorities to its own file. + Closes ticket 24854. Patch by "beastr0".
o Documentation (manpage, denial of service): - - Better detail the denial of service options by listing the - different mitigation in place. Closes ticket 25248. + - Provide more detail about the denial-of-service options, by + listing each mitigation and explaining how they relate. Closes + ticket 25248.
Changes in version 0.3.3.4-alpha - 2018-03-29