[tor-commits] [tor/release-0.2.3] fold in recent 0.2.3 changes files
arma at torproject.org
arma at torproject.org
Tue Sep 4 23:55:25 UTC 2012
commit 2946a8087bc1d6c3370d19908a5121fcf38aa81d
Author: Roger Dingledine <arma at torproject.org>
Date: Tue Sep 4 19:54:01 2012 -0400
fold in recent 0.2.3 changes files
---
ChangeLog | 86 +++++++++++++++++++++++++++++++++++++
changes/bug6244_part_c | 6 ---
changes/bug6251 | 6 ---
changes/bug6252_again | 11 -----
changes/bug6379 | 6 ---
changes/bug6404 | 16 -------
changes/bug6423 | 3 -
changes/bug6472 | 4 --
changes/bug6475 | 6 ---
changes/bug6507 | 15 ------
changes/bug6514 | 5 --
changes/bug6690 | 7 ---
changes/bug6710 | 6 ---
changes/bug6732 | 3 -
changes/disable_pathbias_messages | 3 -
15 files changed, 86 insertions(+), 97 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index bdce206..59d9a3c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,89 @@
+Changes in version 0.2.3.21-rc - 2012-09-05
+ Tor 0.2.3.21-rc is the fourth release candidate for the Tor 0.2.3.x
+ series. It fixes a trio of potential security bugs, fixes a bug where
+ we were leaving some of the fast relays out of the microdescriptor
+ consensus, resumes interpreting "ORPort 0" and "DirPort 0" correctly,
+ and cleans up other smaller issues.
+
+ o Major bugfixes (security):
+ - Tear down the circuit if we get an unexpected SENDME cell. Clients
+ could use this trick to make their circuits receive cells faster
+ than our flow control would have allowed, or to gum up the network,
+ or possibly to do targeted memory denial-of-service attacks on
+ entry nodes. Fixes bug 6252. Bugfix on the 54th commit on Tor --
+ from July 2002, before the release of Tor 0.0.0. We had committed
+ this patch previously, but we had to revert it because of bug 6271.
+ Now that 6271 is fixed, this patch appears to work.
+ - Reject any attempt to extend to an internal address. Without
+ this fix, a router could be used to probe addresses on an internal
+ network to see whether they were accepting connections. Fixes bug
+ 6710; bugfix on 0.0.8pre1.
+ - Do not crash when comparing an address with port value 0 to an
+ address policy. This bug could have been used to cause a remote
+ assertion failure by or against directory authorities, or to
+ allow some applications to crash clients. Fixes bug 6690; bugfix
+ on 0.2.1.10-alpha.
+
+ o Major bugfixes:
+ - Remove the upper bound on microdescriptor length. We were hitting
+ the limit for routers with complex exit policies or family
+ declarations, causing clients to not use them. Fixes the first
+ piece of bug 6404; fix on 0.2.2.6-alpha.
+ - Detect "ORPort 0" as meaning, uniformly, that we're not running
+ as a relay. Previously, some of our code would treat the presence
+ of any ORPort line as meaning that we should act like a relay,
+ even though our new listener code would correctly not open any
+ ORPorts for ORPort 0. Similar bugs in other Port options are also
+ fixed. Fixes the first half of bug 6507; bugfix on 0.2.3.3-alpha.
+
+ o Minor bugfixes:
+ - Avoid a pair of double-free and use-after-mark bugs that can
+ occur with certain timings in canceled and re-received DNS
+ requests. Fixes bug 6472; bugfix on 0.0.7rc1.
+ - Fix build and 64-bit compile warnings from --enable-openbsd-malloc.
+ Fixes bug 6379. Bugfix on 0.2.0.20-rc.
+ - Authorities no longer include any router in their microdescriptor
+ consensuses for which they couldn't generate or agree on a
+ microdescriptor. Fixes the second piece of bug 6404; fix on
+ 0.2.2.6-alpha.
+ - Detect and reject attempts to specify both "FooPort" and
+ "FooPort 0" in the same configuration domain. (It's still okay
+ to have a FooPort in your configuration file, and use "FooPort 0"
+ on the command line to disable it.) Fixes the second half of bug
+ 6507; bugfix on 0.2.3.3-alpha.
+ - Make wildcarded addresses (that is, ones beginning with "*.") work
+ when provided via the controller's MapAddress command. Previously,
+ they were accepted, but we never actually noticed that they were
+ wildcards. Fixes bug 6244; bugfix on 0.2.3.9-alpha.
+ - Add a (probably redundant) memory clear between iterations of
+ the router status voting loop, to prevent future coding errors
+ where data might leak between iterations of the loop. Resolves
+ ticket 6514.
+
+ o Minor bugfixes (log messages):
+ - Downgrade "set buildtimeout to low value" messages to "info"
+ severity; they were never an actual problem, there was never
+ anything reasonable to do about them, and they tended to spam logs
+ from time to time. Fixes bug 6251; bugfix on 0.2.2.2-alpha.
+ - Downgrade path-bias warning messages to "info". We'll try to get
+ them working better in 0.2.4. Add internal circuit construction
+ state to protect against the noisy warn message "Unexpectedly high
+ circuit_successes". Also add some additional rate-limited notice
+ messages to help determine the root cause of the warn. Fixes bug
+ 6475. Bugfix against 0.2.3.17-beta.
+ - Move log message when unable to find a microdesc in a routerstatus
+ entry to parse time. Previously we'd spam this warning every time
+ we tried to figure out which microdescriptors to download. Fixes
+ the third piece of bug 6404; fix on 0.2.3.18-rc.
+
+ o Minor features:
+ - Consider new, removed or changed IPv6 OR ports a non-cosmetic
+ change when the authority is deciding whether to accept a newly
+ uploaded descriptor. Implements ticket 6423.
+ - Add missing documentation for consensus and microdesc files.
+ Resolves ticket 6732.
+
+
Changes in version 0.2.2.38 - 2012-08-12
Tor 0.2.2.38 fixes a remotely triggerable crash bug, and fixes a timing
attack that could in theory leak path information.
diff --git a/changes/bug6244_part_c b/changes/bug6244_part_c
deleted file mode 100644
index dea6e7b..0000000
--- a/changes/bug6244_part_c
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major bugfixes (controller):
- - Make wildcarded addresses (that is, ones beginning with *.) work when
- provided via the controller's MapAddress command. Previously, they
- were accepted, but we never actually noticed that they were wildcards.
- Fix for bug 6244; bugfix on 0.2.3.9-alpha.
-
diff --git a/changes/bug6251 b/changes/bug6251
deleted file mode 100644
index c782a93..0000000
--- a/changes/bug6251
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - Downgrade "set buildtimeout to low value" messages to INFO
- severity; they were never an actual problem, there was never
- anything reasonable to do about them, and they tended to spam
- logs from time to time. Fix for bug 6251; bugfix on
- 0.2.2.2-alpha.
\ No newline at end of file
diff --git a/changes/bug6252_again b/changes/bug6252_again
deleted file mode 100644
index f7fd00c..0000000
--- a/changes/bug6252_again
+++ /dev/null
@@ -1,11 +0,0 @@
- o Security fixes:
- - Tear down the circuit if we get an unexpected SENDME cell. Clients
- could use this trick to make their circuits receive cells faster
- than our flow control would have allowed, or to gum up the network,
- or possibly to do targeted memory denial-of-service attacks on
- entry nodes. Fixes bug 6252. Bugfix on the 54th commit on Tor --
- from July 2002, before the release of Tor 0.0.0. We had committed
- this patch previously, but we had to revert it because of bug 6271.
- Now that 6271 is fixed, this appears to work.
-
-
diff --git a/changes/bug6379 b/changes/bug6379
deleted file mode 100644
index 1f2b694..0000000
--- a/changes/bug6379
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - Fix build warnings from --enable-openbsd-malloc with gcc warnings
- enabled. Fixes bug 6379.
- - Fix 64-bit warnings from --enable-openbsd-malloc. Fixes bug 6379.
- Bugfix on 0.2.0.20-rc.
-
diff --git a/changes/bug6404 b/changes/bug6404
deleted file mode 100644
index 948f00b..0000000
--- a/changes/bug6404
+++ /dev/null
@@ -1,16 +0,0 @@
- o Minor bugfixes:
-
- - Remove the maximum length of microdescriptor we are willing to
- generate. Occasionally this is needed for routers
- with complex policies or family declarations. Partial fix for
- bug 6404; fix on 0.2.2.6-alpha.
-
- - Authorities no longer include any router in their
- microdescriptor consensuses for which they couldn't generate or
- agree on a microdescriptor. Partial fix for bug 6404; fix on
- 0.2.2.6-alpha.
-
- - Move log message when unable to find a microdesc in a
- routerstatus entry to parse time. Previously we'd spam this
- warning every time we tried to figure out which microdescriptors
- to download. Partial fix for bug 6404; fix on 0.2.3.18-rc.
diff --git a/changes/bug6423 b/changes/bug6423
deleted file mode 100644
index 2ea4f14..0000000
--- a/changes/bug6423
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features:
- - Consider new, removed or changed IPv6 OR ports a non cosmetic
- change.
diff --git a/changes/bug6472 b/changes/bug6472
deleted file mode 100644
index dcd42eb..0000000
--- a/changes/bug6472
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Avoid a pair of double-free and use-after-mark bugs that can
- occur with certain timings in canceled and re-received DNS
- requests. Fix for bug 6472; bugfix on 0.0.7rc1.
diff --git a/changes/bug6475 b/changes/bug6475
deleted file mode 100644
index 67bab99..0000000
--- a/changes/bug6475
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - Add internal circuit construction state to protect against
- the noisy warn message "Unexpectedly high circuit_successes".
- Also add some additional rate-limited notice messages to help
- determine the root cause of the warn. Fixes bug 6475.
- Bugfix against 0.2.3.17-beta.
diff --git a/changes/bug6507 b/changes/bug6507
deleted file mode 100644
index 89940cb..0000000
--- a/changes/bug6507
+++ /dev/null
@@ -1,15 +0,0 @@
- o Major bugfixes:
- - Detect 'ORPort 0' as meaning, uniformly, that we're not running
- as a server. Previously, some of our code would treat the
- presence of any ORPort line as meaning that we should act like a
- server, even though our new listener code would correctly not
- open any ORPorts for ORPort 0. Similar bugs in other Port
- options are also fixed. Fixes bug 6507; bugfix on 0.2.3.3-alpha.
-
- o Minor features:
-
- - Detect and reject attempts to specify both 'FooPort' and
- 'FooPort 0' in the same configuration domain. (It's still okay
- to have a FooPort in your configuration file,and use 'FooPort 0'
- on the command line to disable it.) Fixes another case of
- bug6507; bugfix on 0.2.3.3-alpha.
diff --git a/changes/bug6514 b/changes/bug6514
deleted file mode 100644
index 84633bd..0000000
--- a/changes/bug6514
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - Add a (probably redundant) memory clear between iterations of
- the router status voting loop, to prevent future coding errors
- where data might leak between iterations of the loop. Resolves
- ticket 6514.
diff --git a/changes/bug6690 b/changes/bug6690
deleted file mode 100644
index 99d4297..0000000
--- a/changes/bug6690
+++ /dev/null
@@ -1,7 +0,0 @@
- o Major bugfixes (security):
- - Do not crash when comparing an address with port value 0 to an
- address policy. This bug could have been used to cause a remote
- assertion failure by or against directory authorities, or to
- allow some applications to crash clients. Fixes bug 6690; bugfix
- on 0.2.1.10-alpha.
-
diff --git a/changes/bug6710 b/changes/bug6710
deleted file mode 100644
index 2c89346..0000000
--- a/changes/bug6710
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major bugfixes (security):
- - Reject any attempt to extend to an internal address. Without
- this fix, a router could be used to probe addresses on an
- internal network to see whether they were accepting
- connections. Fix for bug 6710; bugfix on 0.0.8pre1.
-
diff --git a/changes/bug6732 b/changes/bug6732
deleted file mode 100644
index 7a744e0..0000000
--- a/changes/bug6732
+++ /dev/null
@@ -1,3 +0,0 @@
- o Documentation:
- - Add missing documentation for consensus and microdesc files. Fix for
- bug 6732.
diff --git a/changes/disable_pathbias_messages b/changes/disable_pathbias_messages
deleted file mode 100644
index 3bc9963..0000000
--- a/changes/disable_pathbias_messages
+++ /dev/null
@@ -1,3 +0,0 @@
- o Disabeled features
- - Downgrade path-bias warning messages to INFO. We'll try to get them
- working better in 0.2.4. Fixes bug 6475; bugfix on 0.2.3.17-beta.
More information about the tor-commits
mailing list