commit 473716d098cf3117f9e121f204ea5fd3c465cc31 Author: Nick Mathewson nickm@torproject.org Date: Fri May 19 10:10:26 2017 -0400
0.3.1.1-alpha changelog: combine some sections. --- ChangeLog | 141 ++++++++++++++++++++++++-------------------------------------- 1 file changed, 54 insertions(+), 87 deletions(-)
diff --git a/ChangeLog b/ChangeLog index b1c4f3a..3b643b6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,16 +1,6 @@ Changes in version 0.3.1.1-alpha - 2017-05-?? blurb goes here
- o Major features (security, stability, experimental): - - Tor now has the optional ability to include modules written in - Rust. To turn this on, pass the "--enable-rust" flag to the - configure script. It's not time to get excited yet: currently, - there is no actual Rust functionality beyond some simple glue - code, and a notice at startup to tell you that Rust is running. - Still, we hope that programmers and packagers will try building - with rust support, so that we can find issues with the build - system, and solve portability issues. Closes ticket 22106. - o Major features (directory protocol): - Tor relays and authorities are now able to serve clients an abbreviated version of the networkstatus consensus document, @@ -20,21 +10,27 @@ Changes in version 0.3.1.1-alpha - 2017-05-?? server, they will use far less bandwidth (up to 94% less) to keep an up-to-date consensus. Implements proposal 140; closes ticket 13339. Based on work by by Daniel Martí. - - o Major features (directory system): - Tor's compression module now includes support for the zstd and lzma2 compression algorithms, if the libzstd and liblzma libraries are available when Tor is compiled. Once these features are exposed in the directory module, they will enable Tor to provide better compression ratios on directory documents. Part of an implementation for proposal 278; closes ticket 21662. - - o Major features (internals): - Add an ed diff/patch backend, optimized for consensus documents. This backend will be the basis of our consensus diff implementation. Most of the work here was done by Daniel Martí. Closes ticket 21643.
+ o Major features (experimental): + - Tor now has the optional ability to include modules written in + Rust. To turn this on, pass the "--enable-rust" flag to the + configure script. It's not time to get excited yet: currently, + there is no actual Rust functionality beyond some simple glue + code, and a notice at startup to tell you that Rust is running. + Still, we hope that programmers and packagers will try building + with rust support, so that we can find issues with the build + system, and solve portability issues. Closes ticket 22106. + o Major features (traffic analysis resistance): - Relays and clients will now send a padding cell on idle OR connections every 1.5 to 9.5 seconds (tunable via consensus @@ -52,24 +48,11 @@ Changes in version 0.3.1.1-alpha - 2017-05-?? is set in torrc. These 24 hour totals are also rounded to multiples of 10000.
- o Major bugfixes (hidden service directory, security): - - Fix an assertion failure in the hidden service directory code, - which could be used by an attacker to remotely cause a Tor relay - process to exit. Relays running earlier versions of Tor 0.3.0.x - should upgrade. This security issue is tracked as tracked as - TROVE-2017-002. Fixes bug 22246; bugfix on 0.3.0.1-alpha. - o Major bugfixes (linux TPROXY support): - Fix a typo that had prevented TPROXY-based transparent proxying from working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha. Patch from "d4fq0fQAgoJ".
- o Minor features (defaults, security): - - The default value for UseCreateFast is now 0: clients which - haven't yet received a consensus document will nonetheless use a - proper handshake to talk to their directory servers (when they - can). Closes ticket 21407. - o Minor features (security, windows): - Enable a couple of pieces of Windows hardening: one (HeapEnableTerminationOnCorruption) that has been on-by-default @@ -77,13 +60,29 @@ Changes in version 0.3.1.1-alpha - 2017-05-?? (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't affect us, but shouldn't do any harm. Closes ticket 21953.
- o Minor feature (defaults, directory): + o Minor features (controller): + - Warn the first time that a controller requests data in the long- + deprecated 'GETINFO network-status' format. Closes ticket 21703. + + o Minor features (defaults): + - The default value for UseCreateFast is now 0: clients which + haven't yet received a consensus document will nonetheless use a + proper handshake to talk to their directory servers (when they + can). Closes ticket 21407. - Onion key rotation and expiry intervals are now defined as a network consensus parameter as per proposal 274. The default lifetime of an onion key is bumped from 7 to 28 days. Old onion keys will expire after 7 days by default. Closes ticket 21641.
- o Minor feature (hidden services): + o Minor features (fallback directory list): + - Update the fallback directory mirror whitelist and blacklist based + on operator emails. Closes task 21121. + - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in + December 2016 (of which ~126 were still functional), with a list + of 151 fallbacks (32 new, 119 existing, 58 removed) generated in + May 2017. Resolves ticket 21564. + + o Minor features (hidden services): - Add more information to the message logged when a hidden service descriptor has fewer introduction points than specified in HiddenServiceNumIntroductionPoints. Follow up to tickets 21598 and @@ -94,37 +93,21 @@ Changes in version 0.3.1.1-alpha - 2017-05-?? - Log a message when a hidden service reaches its introduction point circuit limit, and when that limit is reset. Follow up to ticket 21594, closes ticket 21622. + - Warn user if multiple entries in EntryNodes and at least one + HiddenService are used together. Pinning EntryNodes along with an + hidden service can be possibly harmful for instance see ticket + 14917 or 21155. Closes ticket 21155.
- o Minor feature (include on config files): - - Adds config-can-saveconf to GETINFO command to tell if SAVECONF - will work without the FORCE option, closes ticket 1922. + o Minor features (include in torrc config files): - Allow the use of %include on configuration files to include settings from other files or directories. Using %include with a directory will include all (non-dot) files in that directory in lexically sorted order (non-recursive), closes ticket 1922. - - Makes SAVECONF command return error when overwriting a torrc that + - Make SAVECONF command return error when overwriting a torrc that has includes. Using SAVECONF with the FORCE option will allow it to overwrite torrc even if includes are used, closes ticket 1922. - - o Minor features (controller): - - Warn the first time that a controller requests data in the long- - deprecated 'GETINFO network-status' format. Closes ticket 21703. - - o Minor features (fallback directories): - - Update the fallback directory mirror whitelist and blacklist based - on operator emails. Closes task 21121. - - o Minor features (fallback directory list): - - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in - December 2016 (of which ~126 were still functional), with a list - of 151 fallbacks (32 new, 119 existing, 58 removed) generated in - May 2017. Resolves ticket 21564. - - o Minor features (hidden service, logging): - - Warn user if multiple entries in EntryNodes and at least one - HiddenService are used together. Pinning EntryNodes along with an - hidden service can be possibly harmful for instance see ticket - 14917 or 21155. Closes ticket 21155. + - Adds config-can-saveconf to GETINFO command to tell if SAVECONF + will work without the FORCE option, closes ticket 1922.
o Minor features (infrastructure, seccomp2 sandbox): - We now have a document storage backend compatible with the Linux @@ -150,8 +133,6 @@ Changes in version 0.3.1.1-alpha - 2017-05-?? - The minimal keccak implementation we include now accesses memory more efficiently, especially on little-endian systems. Closes ticket 21737. - - o Minor features (performance, controller): - Add an O(1) implementation of channel_find_by_global_id().
o Minor features (relay, configuration): @@ -178,29 +159,16 @@ Changes in version 0.3.1.1-alpha - 2017-05-?? examining Tor network performance issues. There are no trace events yet, and event-tracing is off by default unless enabled at compile time. Implements ticket 13802. - - o Minor features (unit tests): - Improve version parsing tests: add tests for typical version components, add tests for invalid versions, including numeric range and non-numeric prefixes. Unit tests 21278, 21450, and 21507. Partially implements 21470.
- o Minor bugfix (directory authority): - - Prevent the shared randomness subsystem from asserting when - initialized by a bridge authority with an incomplete configuration - file. Fixes bug 21586; bugfix on 0.2.9.8. - o Minor bugfixes (bandwidth accounting): - Roll over monthly accounting at the configured hour and minute, rather than always at 00:00. Fixes bug 22245; bugfix on 0.0.9rc1. Found by Andrey Karpov with PVS-Studio.
- o Minor bugfixes (cell, logging): - - Downgrade a log statement from bug to protocol warning because - there is at least one use case where it can be triggered by a - buggy tor implementation on the Internet for instance. Fixes bug - 21293; bugfix on 0.1.1.14-alpha. - o Minor bugfixes (code correctness): - Accurately identify client connections using their lack of peer authentication. This means that we bail out earlier if asked to @@ -241,28 +209,23 @@ Changes in version 0.3.1.1-alpha - 2017-05-?? connections that are kept open between relays. Fixes bug 17604; bugfix on 0.2.5.5-alpha.
- o Minor bugfixes (control, hidden service client): + o Minor bugfixes (controller): + - GETINFO onions/current and onions/detached no longer 551 on empty + lists Fixes bug 21329; bugfix on 0.2.7.1-alpha. - Trigger HS descriptor events on the control port when the client is unable to pick a suitable hidden service directory. This can happen if they are all in the ExcludeNodes list or they all have been queried inside the allowed 15 minutes. Fixes bug 22042; bugfix on 0.2.5.2-alpha.
- o Minor bugfixes (controller): - - GETINFO onions/current and onions/detached no longer 551 on empty - lists Fixes bug 21329; bugfix on 0.2.7.1-alpha. - o Minor bugfixes (directory authority): - When rejecting a router descriptor because the relay is running an obsolete version of Tor without ntor support, warn about the obsolete tor version, not the missing ntor key. Fixes bug 20270; bugfix on 0.2.9.3-alpha. - - o Minor bugfixes (documentation): - - Default of NumEntryGuards is 1 if the consensus parameter guard-n- - primary-guards-to-use isn't set. Default of NumDirectoryGuards is - 3 if the consensus parameter guard-n-primary-dir-guards-to-use - isn't set. Fixes bug 21715; bugfix on 0.3.0.1-alpha. + - Prevent the shared randomness subsystem from asserting when + initialized by a bridge authority with an incomplete configuration + file. Fixes bug 21586; bugfix on 0.2.9.8.
o Minor bugfixes (exit-side DNS): - Fix an untriggerable assertion that checked the output of a @@ -270,12 +233,10 @@ Changes in version 0.3.1.1-alpha - 2017-05-?? expected. Fixes bug 22244; bugfix on 0.2.0.20-rc. Found by Andrey Karpov using PVS-Studio.
- o Minor bugfixes (fallback directory mirrors): + o Minor bugfixes (fallback directories): - Make the usage example in updateFallbackDirs.py actually work. (And explain what it does.) Fixes bug 22270; bugfix on 0.3.0.3-alpha. - - o Minor bugfixes (fallbacks): - Decrease the guard flag average required to be a fallback. This allows us to keep relays that have their guard flag removed when they restart. Fixes bug 20913; bugfix on 0.2.8.1-alpha. @@ -285,12 +246,10 @@ Changes in version 0.3.1.1-alpha - 2017-05-?? and relay identity key for at least 30 days before they are selected. Fixes bug 20913; bugfix on 0.2.8.1-alpha.
- o Minor bugfixes (hidden service): + o Minor bugfixes (hidden services): - Stop printing cryptic warning when a client tries to connect on an invalid port of the service. Fixes bug 16706; bugfix on 0.2.6.3-alpha. - - o Minor bugfixes (hidden services): - Simplify hidden service descriptor creation by using an existing flag to check if an introduction point is established. Fixes bug 21599; bugfix on 0.2.7.2-alpha. @@ -299,6 +258,12 @@ Changes in version 0.3.1.1-alpha - 2017-05-?? - Fix a small memory leak at exit from the backtrace handler code. Fixes bug 21788; bugfix on 0.2.5.2-alpha. Patch from Daniel Pinto.
+ o Minor bugfixes (protocol, logging): + - Downgrade a log statement from bug to protocol warning because + there is at least one use case where it can be triggered by a + buggy tor implementation on the Internet for instance. Fixes bug + 21293; bugfix on 0.1.1.14-alpha. + o Minor bugfixes (testing): - Make test-network.sh always call chutney's test-network.sh. Previously, this only worked on systems which had bash installed, @@ -307,8 +272,6 @@ Changes in version 0.3.1.1-alpha - 2017-05-?? - Use unbuffered I/O for utility functions around the process_handle_t type. This fixes unit test failures reported on OpenBSD and FreeBSD. Fixes bug 21654; bugfix on 0.2.3.1-alpha. - - o Minor bugfixes (unit tests): - Make display of captured unit test log messages consistent. Fixes bug 21510; bugfix on 0.2.9.3-alpha.
@@ -352,6 +315,10 @@ Changes in version 0.3.1.1-alpha - 2017-05-?? Closes ticket 21873. - Correct the documentation about the default DataDirectory value. Closes ticket 21151. + - Default of NumEntryGuards is 1 if the consensus parameter guard-n- + primary-guards-to-use isn't set. Default of NumDirectoryGuards is + 3 if the consensus parameter guard-n-primary-dir-guards-to-use + isn't set. Fixes bug 21715; bugfix on 0.3.0.1-alpha. - Document key=value pluggable transport arguments for Bridge lines in torrc. Fixes bug 20341; bugfix on 0.2.5.1-alpha. - Note that bandwidth-limiting options don't affect TCP headers or