commit 0da8bdba428e315c6f4c7be81b5b35570fc291e4 Author: Nick Mathewson nickm@torproject.org Date: Mon Jun 15 17:10:34 2020 -0400
Editing on 0.4.4.1-alpha changelog --- ChangeLog | 135 ++++++++++++++++++++++++++++++-------------------------------- 1 file changed, 65 insertions(+), 70 deletions(-)
diff --git a/ChangeLog b/ChangeLog index f840de5f8..dc938cec8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,25 +1,27 @@ Changes in version 0.4.4.1-alpha - 2020-06-1? This is the first alpha release in the 0.4.4.x series.
+ Here are the changes since 0.4.3.5. + o Major features (Proposal 310, performance + security): - - Implements Proposal 310 - Bandaid on guard selection. Proposal 310 - solves a load-balancing issue within Prop271 which strongly impact - experimental research with Shadow. Security improvement: Proposal - 310 prevents any newly Guard relay to have a chance to get into - the primary list of older Tor clients, except if the N first - sampled guards of these clients are unreachable. Implements - recommendation from 32088. Proposal 310 is linked to the CLAPS + - Implements Proposal 310, "Bandaid on guard selection". Proposal + 310 solves load-balancing issues with older versions of the guard + selection algorithm, and improves its security. Under this new + algorithm, a newly selected guard never becomes Primary unless all + previously sampled guards are unreachable. Implements + recommendation from 32088. (Proposal 310 is linked to the CLAPS project researching optimal client location-aware path selections. This project is a collaboration between the UCLouvain Crypto Group, - the U.S. Naval Research Laboratory and Princeton University. + the U.S. Naval Research Laboratory, and Princeton University.)
o Major features (IPv6, relay): - Consider IPv6-only EXTEND2 cells valid on relays. Log a protocol warning if the IPv4 or IPv6 address is an internal address, and internal addresses are not allowed. But continue to use the other address, if it is valid. Closes ticket 33817. - - If a relay can extend over IPv4 and IPv6, it chooses between them - uniformly at random. Closes ticket 33817. + - If a relay can extend over IPv4 and IPv6, and both addresses are + provided, it chooses between them uniformly at random. Closes + ticket 33817. - Re-use existing IPv6 connections for circuit extends. Closes ticket 33817. - Relays may extend circuits over IPv6, if the relay has an IPv6 @@ -28,23 +30,25 @@ Changes in version 0.4.4.1-alpha - 2020-06-1? ORPort self-tests in 33222. Closes ticket 33817.
o Major features (v3 onion services): - - Allow v3 onion services to act as OnionBalance backend instances - using the HiddenServiceOnionBalanceInstance torrc option. Closes - ticket 32709. + - Allow v3 onion services to act as OnionBalance backend instances, + by using the HiddenServiceOnionBalanceInstance torrc option. + Closes ticket 32709.
o Minor feature (developer tools): - Add a script to help check the alphabetical ordering of option - names in a manpage. Closes ticket 33339. + names in the manual page. Closes ticket 33339.
o Minor feature (onion service client, SOCKS5): - Add 3 new SocksPort ExtendedErrors (F2, F3, F7) that reports back - new type of onion service connection failures. Closes ticket 32542. + new type of onion service connection failures. The semantics of + these error codes are documented in proposal 309. Closes + ticket 32542.
o Minor feature (onion service v3): - - Log at INFO level why the service can not upload its descriptor(s). - Closes ticket 33400; bugfix on 0.3.2.1-alpha. + - If a service cannot upload its descriptor(s), log why at INFO + level. Closes ticket 33400; bugfix on 0.3.2.1-alpha.
- o Minor feature (python): + o Minor feature (python scripts): - Stop assuming that /usr/bin/python exists. Instead of using a hardcoded path in scripts that still use Python 2, use /usr/bin/env, similarly to the scripts that use Python 3. Fixes @@ -58,12 +62,12 @@ Changes in version 0.4.4.1-alpha - 2020-06-1?
o Minor features (code safety): - Check for failures of tor_inet_ntop() and tor_inet_ntoa() - functions in DNS and IP address processing code and adjust + functions in DNS and IP address processing code, and adjust codepaths to make them less likely to crash entire Tor instance. Resolves issue 33788.
o Minor features (compilation size): - - Most Server-side DNS code is now disabled when building without + - Most server-side DNS code is now disabled when building without support for relay mode. Closes ticket 33366.
o Minor features (continuous integration): @@ -78,11 +82,9 @@ Changes in version 0.4.4.1-alpha - 2020-06-1? 32873. Patch by Neel Chauhan.
o Minor features (developer tooling): - - Refrain from listing all .a files that are generated by Tor build - in .gitignore. Add a single wildcard *.a entry that covers all of - them for present and future. Closes ticket 33642. - - o Minor features (developer tools): + - Refrain from listing all .a files that are generated by the Tor + build in .gitignore. Add a single wildcard *.a entry that covers + all of them for present and future. Closes ticket 33642. - Add a script ("git-install-tools.sh") to install git hooks and helper scripts. Closes ticket 33451.
@@ -97,12 +99,10 @@ Changes in version 0.4.4.1-alpha - 2020-06-1? this information as part of the heartbeat message. Closes ticket 32720.
- o Minor features (IPv6 Support, address.c): + o Minor features (IPv6 support): - Adds IPv6 support to tor_addr_is_valid(). Adds tests for the above changes and tor_addr_is_null(). Closes ticket 33679. Patch by MrSquanchee. - - o Minor features (IPv6, relay): - Allow clients and relays to send dual-stack and IPv6-only EXTEND2 cells. Parse dual-stack and IPv6-only EXTEND2 cells on relays. Closes ticket 33901. @@ -111,12 +111,10 @@ Changes in version 0.4.4.1-alpha - 2020-06-1? - When trying to find our own address, add debug-level logging to report the sources of candidate addresses. Closes ticket 32888.
- o Minor features (testing, architeture): + o Minor features (testing, architecture): - Our test scripts now double-check that subsystem initialization order is consistent with the inter-module dependencies established by our .may_include files. Implements ticket 31634. - - o Minor features (tests): - Initialize all subsystems at the beginning of our unit test harness, to avoid crashes due to uninitialized subsystems. Follow- up from ticket 33316. @@ -127,28 +125,28 @@ Changes in version 0.4.4.1-alpha - 2020-06-1? services. Closes ticket 24844. Patch by Neel Chauhan.
o Minor features (windows): - - Add support for console control signals like Ctrl+C in Windows + - Add support for console control signals like Ctrl+C in Windows. Closes ticket 34211. Patch from Damon Harris (TheDcoder).
o Minor bugfix (onion service v3): - - When cleaning the client descriptor cache, an attempt at closing - circuits for a non decrypted descriptor (lacking client - authorization) lead to an assert(). Fixes bug 33458; bugfix - on 0.4.2.1-alpha. + - Prevent an assert() that would occur when cleaning the client + descriptor cache, and attempting to close circuits for a non- + decrypted descriptor (lacking client authorization). Fixes bug + 33458; bugfix on 0.4.2.1-alpha.
o Minor bugfix (refactoring): - - Lift circuit_build_times_disabled out of circuit_expire_building - loop to save CPU time with many circuits open. Fixes bug 33977; - bugfix on 0.3.5.9. + - Lift circuit_build_times_disabled() out of the + circuit_expire_building() loop, to save CPU time when there are + many circuits open. Fixes bug 33977; bugfix on 0.3.5.9.
o Minor bugfixes (client performance): - - Resume being willing to use preemptively-built circuits when - UseEntryGuards is set to 0. We accidentally disabled this feature - with that config setting, leading to slower load times. Fixes bug - 34303; bugfix on 0.3.3.2-alpha. + - Resume use preemptively-built circuits when UseEntryGuards is set + to 0. We accidentally disabled this feature with that config + setting, leading to slower load times. Fixes bug 34303; bugfix + on 0.3.3.2-alpha.
o Minor bugfixes (directory authorities): - - Directory authorities reject votes that arrive too late. In + - Directory authorities now reject votes that arrive too late. In particular, once an authority has started fetching missing votes, it no longer accepts new votes posted by other authorities. This change helps prevent a consensus split, where only some authorities @@ -156,8 +154,8 @@ Changes in version 0.4.4.1-alpha - 2020-06-1?
o Minor bugfixes (git scripts): - Stop executing the checked-out pre-commit hook from the pre-push - hook. Instead, execute the copy in the user's git dir. Fixes bug - 33284; bugfix on 0.4.1.1-alpha. + hook. Instead, execute the copy in the user's git directory. Fixes + bug 33284; bugfix on 0.4.1.1-alpha.
o Minor bugfixes (initialization): - Initialize the subsystems in our code in an order more closely @@ -166,7 +164,7 @@ Changes in version 0.4.4.1-alpha - 2020-06-1? Fixes bug 33316; bugfix on 0.4.0.1-alpha.
o Minor bugfixes (IPv4, relay): - - Check for invalid zero IPv4 addresses and ports, when sending and + - Check for invalid zero IPv4 addresses and ports when sending and receiving extend cells. Fixes bug 33900; bugfix on 0.2.4.8-alpha.
o Minor bugfixes (IPv6, relay): @@ -181,37 +179,36 @@ Changes in version 0.4.4.1-alpha - 2020-06-1? 33899; bugfix on 0.3.1.1-alpha.
o Minor bugfixes (linux seccomp sandbox nss): - - Fix startup crash when tor is compiled with --enable-nss and + - Fix a startup crash when tor is compiled with --enable-nss and sandbox support is enabled. Fixes bug 34130; bugfix on 0.3.5.1-alpha. Patch by Daniel Pinto.
o Minor bugfixes (logging, testing): - Make all of tor's assertion macros support the ALL_BUGS_ARE_FATAL - and DISABLE_ASSERTS_IN_UNIT_TESTS debugging modes. Implements - these modes for IF_BUG_ONCE(). (It used to log a non-fatal - warning, regardless of the debugging mode.) Fixes bug 33917; - bugfix on 0.2.9.1-alpha. + and DISABLE_ASSERTS_IN_UNIT_TESTS debugging modes. (IF_BUG_ONCE() + used to log a non-fatal warning, regardless of the debugging + mode.) Fixes bug 33917; bugfix on 0.2.9.1-alpha.
o Minor bugfixes (logs): - - Remove surprising empty line in info-level log about circuit build - timeout. Fixes bug 33531; bugfix on 0.3.3.1-alpha. + - Remove surprising empty line in the INFO-level log about circuit + build timeout. Fixes bug 33531; bugfix on 0.3.3.1-alpha.
o Minor bugfixes (mainloop): - Better guard against growing a buffer past its maximum 2GB in size. Fixes bug 33131; bugfix on 0.3.0.4-rc.
- o Minor bugfixes (man page): + o Minor bugfixes (manual page): - Update the man page to reflect that MinUptimeHidServDirectoryV2 defaults to 96 hours. Fixes bug 34299; bugfix on 0.2.6.3-alpha.
o Minor bugfixes (onion service v3, client): - - Remove a BUG() that is causing a stacktrace for a situation that - very rarely happens but still can. Fixes bug 28992; bugfix + - Remove a BUG() that was causing a stacktrace when a descriptor + changed at an unexpected time. Fixes bug 28992; bugfix on 0.3.2.1-alpha.
o Minor bugfixes (onion service, logging): - - Typo in a log info level when PublishHidServDescriptors is set to - 0. Fixes bug 33779; bugfix on 0.3.2.1-alpha. + - Fix a typo in a log message PublishHidServDescriptors is set to 0. + Fixes bug 33779; bugfix on 0.3.2.1-alpha.
o Minor bugfixes (portability): - Fix a portability error in the configure script, where we were @@ -225,7 +222,7 @@ Changes in version 0.4.4.1-alpha - 2020-06-1? o Minor bugfixes (relays): - Stop advertising incorrect IPv6 ORPorts in relay and bridge descriptors, when the IPv6 port was configured as "auto". Fixes - bug 32588; bugfix on 0.2.3.9-alpha + bug 32588; bugfix on 0.2.3.9-alpha.
o Code simplification and refactoring: - Define and use a new constant TOR_ADDRPORT_BUF_LEN which is like @@ -235,7 +232,7 @@ Changes in version 0.4.4.1-alpha - 2020-06-1? - Merge the orconn and ocirc events into the "core" subsystem, which manages or connections and origin circuits. Previously they were isolated in subsystems of their own. - - Move LOG_PROTOCOL_WARN to app/config.c. Resolves a dependency + - Move LOG_PROTOCOL_WARN to app/config. Resolves a dependency inversion. Closes ticket 33633. - Move the circuit extend code to the relay module. Split the circuit extend function into smaller functions. Closes @@ -247,10 +244,8 @@ Changes in version 0.4.4.1-alpha - 2020-06-1? ticket 33349.
o Documentation: - - Correctly document that we search for a system torrc file before - Document the limitations of using %include on config files with - seccomp sandbox enabled. No new files can be added to the - %included directories. Fixes documentation bug 34133; bugfix on + - Document the limitations of using %include on config files with + seccomp sandbox enabled. Fixes documentation bug 34133; bugfix on 0.3.1.1-alpha. Patch by Daniel Pinto. - Fix several doxygen warnings related to imbalanced groups. Closes ticket 34255. @@ -258,7 +253,7 @@ Changes in version 0.4.4.1-alpha - 2020-06-1? o Removed features: - Remove the ClientAutoIPv6ORPort option. This option attempted to randomly choose between IPv4 and IPv6 for client connections, and - isn't a true implementation of Happy Eyeballs. Often, this option + wasn't a true implementation of Happy Eyeballs. Often, this option failed on IPv4-only or IPv6-only connections. Closes ticket 32905. Patch by Neel Chauhan. - Stop shipping contrib/dist/rc.subr file, as it is not being used @@ -298,17 +293,17 @@ Changes in version 0.4.4.1-alpha - 2020-06-1? - Move a series of functions related to address resolving into their own files. Closes ticket 33789.
- o Documentation (manpage): + o Documentation (manual page): - Add cross reference links and a table of contents to the HTML tor - manpage. Closes ticket 33369. Work by Swati Thacker as part of + manual page. Closes ticket 33369. Work by Swati Thacker as part of Google Season of Docs. - Alphabetize the Denial of Service Mitigation Options, Directory Authority Server Options, Hidden Service Options, and Testing - Network Options sections of the tor(1) manpage. Closes ticket + Network Options sections of the tor(1) manual page. Closes ticket 33275. Work by Swati Thacker as part of Google Season of Docs. - Refrain from mentioning nicknames in manpage section for MyFamily torrc option. Resolves issue 33417. - - Updated the options set by TestingTorNetwork in the man page. + - Updated the options set by TestingTorNetwork in the manual page. Closes ticket 33778.
tor-commits@lists.torproject.org