[tor-commits] [tor/master] fold in further changes files
arma at torproject.org
arma at torproject.org
Thu Jun 14 09:48:08 UTC 2012
commit 8c044af30090e3e7dea3d765ccd60aec59290cdd
Author: Roger Dingledine <arma at torproject.org>
Date: Thu Jun 14 05:47:55 2012 -0400
fold in further changes files
---
ChangeLog | 37 ++++++++++++++++++++++++++++++++++++-
changes/bug3940_redux | 5 -----
changes/bug4663 | 5 -----
changes/bug4744 | 4 ----
changes/bug5049 | 4 ----
changes/bug5210 | 2 --
changes/bug5263 | 5 -----
changes/bug5849 | 3 ---
changes/bug6141 | 4 ----
changes/geoip-june2012 | 3 ---
changes/prop198 | 12 ------------
11 files changed, 36 insertions(+), 48 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index cc7663c..bfcb459 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,24 @@
-Changes in version 0.2.3.17-alpha - 2012-06-??
+Changes in version 0.2.3.17-beta - 2012-06-1?
+ o Major features:
+ - Enable gcc and ld hardening by default. Resolves ticket 5210.
+ - Update TLS cipher list to match Firefox 8 and later. Resolves
+ ticket 4744.
+ - Implement the client side of proposal 198: remove support for
+ clients falsely claiming to support standard ciphersuites that
+ they can actually provide. As of modern OpenSSL versions, it's not
+ necessary to fake any standard ciphersuite, and doing so prevents
+ us from using better ciphersuites in the future, since servers
+ can't know whether an advertised ciphersuite is really supported or
+ not. Some hosts -- notably, ones with very old versions of OpenSSL
+ or where OpenSSL has been built with ECC disabled -- will stand
+ out because of this change; TBB users should not be affected.
o Major bugfixes:
+ - Change the AllowDotExit rules so they should actually work.
+ We now enforce AllowDotExit only immediately after receiving an
+ address via SOCKS or DNSPort: other sources are free to provide
+ .exit addresses after the resolution occurs. Fixes bug 3940;
+ bugfix on 0.2.2.1-alpha.
- When building Tor on Windows with -DUNICODE (not default), ensure
that error messages, filenames, and DNS server names are always
NUL-terminated when we convert them to a single-byte encoding.
@@ -15,8 +33,18 @@ Changes in version 0.2.3.17-alpha - 2012-06-??
bug 6094; bugfix on 0.2.3.16-alpha.
o Minor bugfixes:
+ - Disable writing on marked-for-close connections when they are
+ blocked on bandwidth, to prevent busy-looping in Libevent. Fixes
+ bug 5263; bugfix on 0.0.2pre13, where we first added a special
+ case for flushing marked connections.
- Detect SSL handshake even when the initial attempt to write the
server hello fails. Fixes bug 4592; bugfix on 0.2.0.13-alpha.
+ - Fix a (harmless) integer overflow in cell statistics reported by
+ some fast relays. Fixes bug 5849; bugfix on 0.2.2.1-alpha.
+ - Make sure circuitbuild.c checks LearnCircuitBuildTimeout in all the
+ right places and never depends on the consensus parameters or
+ computes adaptive timeouts when it is disabled. Fixes bug 5049;
+ bugfix on 0.2.2.14-alpha.
- Make Tor build correctly again with -DUNICODE -D_UNICODE defined.
Fixes bug 6097; bugfix on 0.2.2.16-alpha.
- Fix an edge case where TestingTorNetwork is set but the authorities
@@ -26,6 +54,8 @@ Changes in version 0.2.3.17-alpha - 2012-06-??
- Correct the manpage's descriptions for the default values of
DirReqStatistics and ExtraInfoStatistics. Fixes bug 2865; bugfix
on 0.2.3.1-alpha.
+ - Fix compilation warning with clang 3.1. Fixes bug 6141; bugfix on
+ 0.2.3.11-alpha.
o Minor features:
- Rate-limit the "Weighted bandwidth is 0.000000" message, and add
@@ -34,6 +64,11 @@ Changes in version 0.2.3.17-alpha - 2012-06-??
- Check CircuitBuildTimeout and LearnCircuitBuildTimeout in
options_validate(); warn if LearnCircuitBuildTimeout is disabled and
CircuitBuildTimeout is set unreasonably low. Resolves ticket 5452.
+ - Warn the user when HTTPProxy, but no other proxy type, is
+ configured. This can cause surprising behavior: it doesn't send
+ all of Tor's traffic over the HTTPProxy -- it sends unencrypted
+ directory traffic only. Resolves ticket 4663.
+ - Update to the June 6 2012 Maxmind GeoLite Country database.
Changes in version 0.2.2.37 - 2012-06-06
diff --git a/changes/bug3940_redux b/changes/bug3940_redux
deleted file mode 100644
index 7733740..0000000
--- a/changes/bug3940_redux
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major bugfixes:
- - Change the AllowDotExit rules so they should actually work.
- We now enforce AllowDotExit only immediately after receiving
- an address via SOCKS or DNSPort: other sources are free to provide
- .exit addresses after the resolution occurs.
diff --git a/changes/bug4663 b/changes/bug4663
deleted file mode 100644
index f720ff5..0000000
--- a/changes/bug4663
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features:
- - Warn the user when HTTPProxy, but no other proxy type, is
- configured. This can cause surprising behavior: it doesn't send
- all of Tor's traffic over the HTTPProxy--it sends unencrypted
- directory traffic only. Resolves ticket 4663.
diff --git a/changes/bug4744 b/changes/bug4744
deleted file mode 100644
index 1563cd1..0000000
--- a/changes/bug4744
+++ /dev/null
@@ -1,4 +0,0 @@
- o Major features:
- - Update cipher cipher list to match Firefox 8 and later. Fix for
- issue 4744.
-
diff --git a/changes/bug5049 b/changes/bug5049
deleted file mode 100644
index 677fd42..0000000
--- a/changes/bug5049
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Make sure circuitbuild.c checks LearnCircuitBuildTimeout in all the
- right places and never depends on the consensus parameters or computes
- adaptive timeouts when it is disabled.
diff --git a/changes/bug5210 b/changes/bug5210
deleted file mode 100644
index b07e7f1..0000000
--- a/changes/bug5210
+++ /dev/null
@@ -1,2 +0,0 @@
- o Security fixes:
- - Enable gcc and ld hardening by default. Fixes bug 5210.
diff --git a/changes/bug5263 b/changes/bug5263
deleted file mode 100644
index 25793f1..0000000
--- a/changes/bug5263
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - Disable writing on marked-for-close connections when they are
- blocked on bandwidth, to prevent busy-looping in Libevent. Fixes
- bug 5263; bugfix on 0.0.2pre13, where we first added a special
- case for flushing marked connections.
diff --git a/changes/bug5849 b/changes/bug5849
deleted file mode 100644
index b6738a6..0000000
--- a/changes/bug5849
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes:
- - Fix a (harmless) integer overflow in cell statistics reported by
- some fast relays. Fixes bug 5849; bugfix on 0.2.2.1-alpha.
diff --git a/changes/bug6141 b/changes/bug6141
deleted file mode 100644
index b95475c..0000000
--- a/changes/bug6141
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Fix compilation warning with clang 3.1. Fixes bug 6141; bugfix on
- 0.2.3.11-alpha.
-
diff --git a/changes/geoip-june2012 b/changes/geoip-june2012
deleted file mode 100644
index f73bf35..0000000
--- a/changes/geoip-june2012
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features:
- - Update to the June 6 2012 Maxmind GeoLite Country database.
-
diff --git a/changes/prop198 b/changes/prop198
deleted file mode 100644
index fd66686..0000000
--- a/changes/prop198
+++ /dev/null
@@ -1,12 +0,0 @@
- o Removed features:
-
- - Remove support for clients claiming to support any standard
- ciphersuites that we can actually provide. (As of modern
- OpenSSL versions, it's not necessary to fake any standard
- ciphersuite, and doing so prevents us from using better
- ciphersuites in the future, since servers can't know whether an
- advertised ciphersuite is really supported or not.) Some
- hosts--notably, ones with very old versions of OpenSSL or where
- OpenSSL has been built with ECC disabled-- will stand out
- because of this change; TBB users should not be affected.
- This implements the client side of proposal 198.
More information about the tor-commits
mailing list