commit 05564a852110c0c908b03acba57d3b7b8dc222b4 Author: Nick Mathewson nickm@torproject.org Date: Tue Mar 9 11:58:46 2021 -0500

Start a changelog for 0.4.6.1-alpha --- ChangeLog | 158 ++++++++++++++++++++++++++++++++++++++++++++++ changes/argument_parse | 5 -- changes/bug19011 | 7 -- changes/bug23126 | 4 -- changes/bug33607 | 5 -- changes/bug34088 | 4 -- changes/bug40168 | 16 ----- changes/bug40189 | 4 -- changes/bug40207 | 4 -- changes/bug40235 | 5 -- changes/bug40236 | 4 -- changes/changes40308 | 5 -- changes/hs_build_addr | 3 - changes/ticket17927 | 4 -- changes/ticket30477 | 4 -- changes/ticket32102 | 3 - changes/ticket33383 | 4 -- changes/ticket33632 | 5 -- changes/ticket40017_redux | 3 - changes/ticket40084 | 4 -- changes/ticket40227 | 4 -- changes/ticket40232 | 4 -- changes/ticket40249 | 3 - changes/ticket40253 | 3 - changes/ticket40255 | 5 -- changes/ticket40261 | 4 -- changes/ticket40274 | 4 -- changes/ticket40282 | 6 -- changes/ticket40301 | 4 -- 29 files changed, 158 insertions(+), 130 deletions(-)

diff --git a/ChangeLog b/ChangeLog index ca10337e11..965f2001d8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,161 @@ +Changes in version 0.4.6.1-alpha - 2021-03-?? + Tor 0.4.6.1-alpha is the first alpha release in the 0.4.6.x series. It + improves client circuit performance, adds missing features, and + improves some of our DoS handling and statistics reporting. It also + includes numerous smaller bugfixes. + + o Major features (control port, onion services): + - Add controller support for creating version 3 onion services with + client authorization. Previously, only v2 onion services could be + created with client authorization. Closes ticket 40084. Patch by + Neel Chauhan. + + o Major features (directory authorityl): + - When voting for a relay with a Sybil-like appearance, add the + Sybil flag when clearing out the other flags. This lets a relay + operator know why their relay hasn't been voted on. Closes ticket + 40255. Patch by Neel Chauhan. + + o Major features (relay, denial of service): + - Add a new DoS subsystem feature to control the rate of client + connections for relays. Closes ticket 40253. + + o Major features (statistics): + - Relays now also publish statistics about the number of v3 onion + services and volume of v3 onion service traffic, in the same + manner they already do for v2 onions. Closes ticket 23126. + + o Major bugfixes (circuit build timeout): + - Improve the accuracy of our circuit build timeout calculation for + 60%, 70%, and 80% build rates for various guard choices. We now + use a maximum likelihood estimator for Pareto parameters of the + circuit build time distribution, instead of a "right-censored + estimator". This causes clients to ignore circuits that never + finish building in their timeout calculations. Previously, clients + were counting such unfinished circuits as having the highest + possible build time value, when in reality these circuits most + likely just contain relays that are offline. We also now wait a + bit longer to let circuits complete for measurement purposes, + lower the minimum possible effective timeout from 1.5 seconds to + 10ms, and increase the resolution of the circuit build time + histogram from 50ms bin widths to 10ms bin widths. Additionally, + we alter our estimate Xm by taking the maximum of the top 10 most + common build time values of the 10ms histogram, and compute Xm as + the average of these. Fixes bug 40168; bugfix on 0.2.2.14-alpha. + - Remove max_time calculation and associated warn from circuit build + timeout 'alpha' parameter estimation, as this is no longer needed + by our new estimator from 40168. Fixes bug 34088; bugfix + on 0.2.2.9-alpha. + + o Major bugfixes (signing key): + - In the tor-gencert utility, give an informative error message if + the passphrase given in `--create-identity-key` is too short. + Fixes bug 40189; bugfix on 0.2.0.1-alpha. Patch by Neel Chauhan. + + o Minor features (bridge): + - We now announce the URL to Tor's new bridge status at + https://bridges.torproject.org/ when Tor is configured to run as a + bridge relay. Closes ticket 30477. + + o Minor features (build system): + - New "make lsp" command to auto generate the compile_commands.json + file used by the ccls server. The "bear" program is needed for + this. Closes ticket 40227. + + o Minor features (command-line interface): + - Add build informations to `tor --version` in order to ease + reproducible builds. Closes ticket 32102. + - When parsing command-line flags that take an optional argument, + treat the argument as absent if it would start with a '-' + character. Arguments in that form are not intelligible for any of + our optional-argument flags. Closes ticket 40223. + - Allow a relay operator to list the ed25519 keys on the command + line by adding the `rsa` and `ed25519` arguments to the + --list-fingerprint flag to show the respective RSA and ed25519 + relay fingerprint. Closes ticket 33632. Patch by Neel Chauhan. + + o Minor features (control port, stream handling): + - Add the stream ID argument to the event line in the ADDRMAP + control event. Closes ticket 40249. Patch by Neel Chauhan. + + o Minor features (logging): + - Change the DoS subsystem heartbeat line format so be more clear on + what has been detected/rejected and which option is disabled if + any. Closes ticket 40308. + - In src/core/mainloop/mainloop.c and src/core/mainloop/connection.c, + put brackets around IPv6 addresses in log messages. Closes ticket + 40232. Patch by Neel Chauhan. + + o Minor features (performance, windows): + - Use SRWLocks to implement locking on Windows. Replaces the + critical section locking implementation with the faster SRWLocks + available since Windows Vista. Closes ticket 17927. Patch by + Daniel Pinto. + + o Minor features (protocol, proxy support, defense in depth): + - Close HAProxy connections if they somehow manage to send us data + before we start reading. Closes another case of ticket 40017. + + o Minor features (tests, portability): + - Port the hs_build_address.py test script to work with recent + versions of python. Closes ticket 40213. Patch from + Samanta Navarro. + + o Minor bugfixes (build): + - Mini-report in the configure script now shows whether or not lzma + and zstd have been used, not just if enable flag passed in. Fixes + bug 40236; bugfix on 0.4.3.1-alpha. + + o Minor bugfixes (compatibility): + - Fix a failure in the test cases when running on the hppa + architecture, along with a related test that might fail on other + architectures in the future. Fixes bug 40274; bugfix + on 0.2.5.1-alpha. + + o Minor bugfixes (directory authorities, voting): + - Add a new consensus method (31) to support any future changes that + authorities decide to make to the value of bwweightscale or + maxunmeasuredbw. Previously, there was a bug that prevented the + authorities from parsing these consensus parameters correctly under + most circumstances. Fixes bug 19011; bugfix on 0.2.2.10-alpha. + + o Minor bugfixes (ipv6): + - Allow non-SOCKSPorts to disable IPv4, IPv6, and Prefer IPv4. Some + rare configs might break, but in this case you can disable + NoIPv4Traffic and NoIPv6Traffic as needed. Fixes bug 33607; bugfix + on 0.4.1.1-alpha. Patch by Neel Chauhan. + + o Minor bugfixes (key generation): + - Do not require a valid torrc when using the `--keygen` argument to + generate a signing key. This allows us to generate keys on systems + or users which may not run Tor. Fixes bug 40235; bugfix on + 0.2.7.2-alpha. Patch by Neel Chauhan. + + o Minor bugfixes (onion services, logging): + - Downgrade the severity of a few rendezvous circuit-related + warnings from warning to info. Fixes bug 40207; bugfix on + 0.3.2.1-alpha. Patch by Neel Chauhan. + + o Minor bugfixes (relay): + - Reduce the compression level for data streaming from HIGH to LOW. + Fixes bug 40301; bugfix on 0.3.5.1-alpha. + + o Code simplification and refactoring: + - Remove the orconn_ext_or_id_map structure and related functions. + Nothing outside of unit tests looks up anything in this structure. + Closes ticket 33383. Patch by Neel Chauhan. + + o Code simplification and refactoring (metrics, DoS): + - Move the DoS subsystem into the subsys manager including its + configuration options. Closes ticket 40261. + + o Removed features (relay): + - Because DirPorts are only used on authorities, relays no longer + advertise them. Similarly, self-testing for DirPorts has been + disabled, since an unreachable DirPort is no reason for a relay + not to advertise itself. (Configuring a DirPort will still work, + for now.) Closes ticket 40282. +

Changes in version 0.4.5.6 - 2021-02-15 The Tor 0.4.5.x release series is dedicated to the memory of Karsten diff --git a/changes/argument_parse b/changes/argument_parse deleted file mode 100644 index ed8e66bba3..0000000000 --- a/changes/argument_parse +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (command-line interface): - - When parsing command-line flags that take an optional argument, - treat the argument as absent if it would start with a '-' character. - Arguments in that form are not intelligible for any of our - optional-argument flags. Closes ticket 40223. diff --git a/changes/bug19011 b/changes/bug19011 deleted file mode 100644 index de178fd438..0000000000 --- a/changes/bug19011 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (directory authorities, voting): - - Add a new consensus method (31) to support any future changes that - authorities decide to make to the value of bwweightscale or - maxunmeasuredbw. Previously, there was a bug that prevented the - authorities from parsing these consensus parameters correctly under - most circumstances. - Fixes bug 19011; bugfix on 0.2.2.10-alpha. diff --git a/changes/bug23126 b/changes/bug23126 deleted file mode 100644 index 76ba393205..0000000000 --- a/changes/bug23126 +++ /dev/null @@ -1,4 +0,0 @@ - o Major features (statistics): - - Relays will now also publish statistics about the number of v3 onion - services and volume of v3 onion service traffic, in the same manner they - already do for v2 onions. Closes ticket 23126. \ No newline at end of file diff --git a/changes/bug33607 b/changes/bug33607 deleted file mode 100644 index c18d37b0d3..0000000000 --- a/changes/bug33607 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (ipv6): - - Allow non-SOCKSPorts to disable IPv4, IPv6, and Prefer IPv4. Some rare - configs might break, but in this case you can disable NoIPv4Traffic and - NoIPv6Traffic as needed. Fixes bug 33607; bugfix on 0.4.1.1-alpha. Patch - by Neel Chauhan. diff --git a/changes/bug34088 b/changes/bug34088 deleted file mode 100644 index 172d890898..0000000000 --- a/changes/bug34088 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (circuit build timeout): - - Remove max_time calculation and associated warn from circuit build - timeout 'alpha' parameter estimation, as this is no longer needed - by our new estimator from 40168. Fixes bug 34088; bugfix on 0.2.2.9-alpha. diff --git a/changes/bug40168 b/changes/bug40168 deleted file mode 100644 index c52a0352c2..0000000000 --- a/changes/bug40168 +++ /dev/null @@ -1,16 +0,0 @@ - o Minor bugfixes (circuit build timeout): - - Improve the accuracy of our circuit build timeout calculation for 60%, - 70%, and 80% build rates for various guard choices. We now use a maximum - likelihood estimator for Pareto parameters of the circuit build time - distribution, instead of a "right-censored estimator". This causes - clients to ignore circuits that never finish building in their timeout - calculations. Previously, clients were counting such unfinished circuits - as having the highest possible build time value, when in reality these - circuits most likely just contain relays that are offline. We also now - wait a bit longer to let circuits complete for measurement purposes, - lower the minimum possible effective timeout from 1.5 seconds to 10ms, - and increase the resolution of the circuit build time histogram from - 50ms bin widths to 10ms bin widths. Additionally, we alter our estimate - Xm by taking the maximum of the top 10 most common build time values - of the 10ms histogram, and compute Xm as the average of these. - Fixes bug 40168; bugfix on 0.2.2.14-alpha. diff --git a/changes/bug40189 b/changes/bug40189 deleted file mode 100644 index 0c3c8ae2f3..0000000000 --- a/changes/bug40189 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (signing key): - - In the tor-gencert utility, give an informative error message if the - passphrase given in `--create-identity-key` is too short. Fixes bug - 40189; bugfix on 0.2.0.1-alpha. Patch by Neel Chauhan. diff --git a/changes/bug40207 b/changes/bug40207 deleted file mode 100644 index ca633f88db..0000000000 --- a/changes/bug40207 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (onion services, logging): - - Downgrade the severity of a few rendezvous circuit-related - warnings from warning to info. Fixes bug 40207; bugfix on - 0.3.2.1-alpha. Patch by Neel Chauhan. diff --git a/changes/bug40235 b/changes/bug40235 deleted file mode 100644 index baf72c3da7..0000000000 --- a/changes/bug40235 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (key generation): - - Do not require a valid torrc when using the `--keygen` argument - to generate a signing key. This allows us to generate keys on - systems or users which may not run Tor. Fixes bug 40235; bugfix - on 0.2.7.2-alpha. Patch by Neel Chauhan. diff --git a/changes/bug40236 b/changes/bug40236 deleted file mode 100644 index 0dceeda7a2..0000000000 --- a/changes/bug40236 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (build): - - Mini-report in the configure script now shows whether or not lzma and zstd - have been used, not just if enable flag passed in. Fixes bug 40236; bugfix - on 0.4.3.1-alpha. diff --git a/changes/changes40308 b/changes/changes40308 deleted file mode 100644 index d2b91f9299..0000000000 --- a/changes/changes40308 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor feature (DoS log heartbeat): - - Change the DoS subsystem heartbeat line format so be more clear on what - has been detected/rejected and which option is disabled if any. Closes - ticket 40308. - diff --git a/changes/hs_build_addr b/changes/hs_build_addr deleted file mode 100644 index 29aa268d73..0000000000 --- a/changes/hs_build_addr +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (tests, portability): - - Port the hs_build_address.py test script to work with recent versions - of python. Closes ticket 40213. Patch from Samanta Navarro. diff --git a/changes/ticket17927 b/changes/ticket17927 deleted file mode 100644 index 532416dac4..0000000000 --- a/changes/ticket17927 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (performance, windows): - - Use SRWLocks to implement locking on Windows. Replaces the critical - section locking implementation with the faster SRWLocks available - since Windows Vista. Closes ticket 17927. Patch by Daniel Pinto. diff --git a/changes/ticket30477 b/changes/ticket30477 deleted file mode 100644 index 379fc4e7eb..0000000000 --- a/changes/ticket30477 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (bridge): - - We now announce the URL to Tor's new bridge status at - https://bridges.torproject.org/ when Tor is configured to run as a bridge - relay. Closes ticket 30477. diff --git a/changes/ticket32102 b/changes/ticket32102 deleted file mode 100644 index 5aa2ed24fb..0000000000 --- a/changes/ticket32102 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (build information): - - Add build informations to `tor --version` in order to ease reproducible - builds. Closes ticket 32102. diff --git a/changes/ticket33383 b/changes/ticket33383 deleted file mode 100644 index 8a1b83cdab..0000000000 --- a/changes/ticket33383 +++ /dev/null @@ -1,4 +0,0 @@ - o Code simplification and refactoring: - - Remove the orconn_ext_or_id_map structure and related functions. Nothing - outside of unit tests looks up anything in this structure. Closes ticket - 33383. Patch by Neel Chauhan. diff --git a/changes/ticket33632 b/changes/ticket33632 deleted file mode 100644 index 9d813feaf2..0000000000 --- a/changes/ticket33632 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (relay fingerprint, command line): - - Allow a relay operator to list the ed25519 keys on the command line - by adding the `rsa` and `ed25519` arguments to the --list-fingerprint - flag to show the respective RSA and ed25519 relay fingerprint. Closes - ticket 33632. Patch by Neel Chauhan. diff --git a/changes/ticket40017_redux b/changes/ticket40017_redux deleted file mode 100644 index b190e7080e..0000000000 --- a/changes/ticket40017_redux +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (protocol, proxy support, defense in depth): - - Close HAProxy connections if they somehow manage to send us data before - we start reading. Closes another case of ticket 40017. \ No newline at end of file diff --git a/changes/ticket40084 b/changes/ticket40084 deleted file mode 100644 index 072af813f1..0000000000 --- a/changes/ticket40084 +++ /dev/null @@ -1,4 +0,0 @@ - o Major features (control port, onion services): - - Add support for creating version 3 onion services with authorization - from the control port. Previously, we could only create version 2 - services here. Closes ticket 40084. Patch by Neel Chauhan. diff --git a/changes/ticket40227 b/changes/ticket40227 deleted file mode 100644 index e5efad0f95..0000000000 --- a/changes/ticket40227 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor feature (build system): - - New "make lsp" command to auto generate the compile_commands.json file - used by the ccls server. The "bear" program is needed for this. Closes - ticket 40227. diff --git a/changes/ticket40232 b/changes/ticket40232 deleted file mode 100644 index ecd25fb3e9..0000000000 --- a/changes/ticket40232 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (logging, IPv6): - - In src/core/mainloop/mainloop.c and src/core/mainloop/connection.c, - put brackets around IPv6 addresses in log messages. Closes ticket - 40232. Patch by Neel Chauhan. diff --git a/changes/ticket40249 b/changes/ticket40249 deleted file mode 100644 index f9a1528a26..0000000000 --- a/changes/ticket40249 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (control port, stream handling): - - Add the stream ID argument to the event line in the ADDRMAP control - event. Closes ticket 40249. Patch by Neel Chauhan. diff --git a/changes/ticket40253 b/changes/ticket40253 deleted file mode 100644 index ca7c207bb3..0000000000 --- a/changes/ticket40253 +++ /dev/null @@ -1,3 +0,0 @@ - o Major feature (relay, denial of service): - - Add a new DoS subsystem feature to control the rate of client connections - for relays. Closes ticket 40253. diff --git a/changes/ticket40255 b/changes/ticket40255 deleted file mode 100644 index 026c64f697..0000000000 --- a/changes/ticket40255 +++ /dev/null @@ -1,5 +0,0 @@ - o Major features (directory authority, sybil): - - When voting for a relay with a Sybil-like appearance, add the Sybil - flag when clearing out the other flags. This lets a relay operator - know why their relay hasn't been voted on. Closes ticket 40255. - Patch by Neel Chauhan. diff --git a/changes/ticket40261 b/changes/ticket40261 deleted file mode 100644 index f8d05a25be..0000000000 --- a/changes/ticket40261 +++ /dev/null @@ -1,4 +0,0 @@ - o Code simplification and refactoring (metrics, DoS): - - Move the DoS subsystem into the subsys manager including its configuration - options. Closes ticket 40261. - diff --git a/changes/ticket40274 b/changes/ticket40274 deleted file mode 100644 index 6bcc89e19c..0000000000 --- a/changes/ticket40274 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compatibility): - - Fix a failure in the test cases when running on the hppa architecture, - along with a related test that might fail on other architectures in the - future. Fixes bug 40274; bugfix on 0.2.5.1-alpha. diff --git a/changes/ticket40282 b/changes/ticket40282 deleted file mode 100644 index 2c69a77163..0000000000 --- a/changes/ticket40282 +++ /dev/null @@ -1,6 +0,0 @@ - o Removed features (relay): - - Because DirPorts are only used on authorities, relays no longer - advertise them. Similarly, self-testing for DirPorts has been disabled, - since an unreachable DirPort is no reason for a relay not to advertise - itself. (Configuring a DirPort will still work, for now.) Closes - ticket 40282. diff --git a/changes/ticket40301 b/changes/ticket40301 deleted file mode 100644 index c1fd821e3f..0000000000 --- a/changes/ticket40301 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (relay): - - Reduce the compression level for data streaming from HIGH to LOW. Fixes - bug 40301; bugfix on 0.3.5.1-alpha. -