[tor-commits] [tor/release-0.2.4] fold in changes entries so far
arma at torproject.org
arma at torproject.org
Mon Mar 11 08:38:53 UTC 2013
commit 53e11977e46080db7d07f9f95568efe089504ff4
Author: Roger Dingledine <arma at torproject.org>
Date: Mon Mar 11 04:38:32 2013 -0400
fold in changes entries so far
---
ChangeLog | 145 +++++++++++++++++++++++++++++++++++++++++++++
changes/6783_big_hammer | 6 --
changes/bug1992 | 11 ----
changes/bug2286 | 5 --
changes/bug7054 | 4 -
changes/bug7801 | 13 ----
changes/bug7816.024 | 8 ---
changes/bug7816_023 | 7 --
changes/bug7816_023_small | 3 -
changes/bug7902 | 7 --
changes/bug8065 | 6 --
changes/bug8121 | 7 --
changes/bug8151 | 5 --
changes/bug8158 | 3 -
changes/bug8161 | 6 --
changes/bug8200 | 5 --
changes/bug8207 | 7 --
changes/bug8208 | 4 -
changes/bug8209 | 6 --
changes/bug8210 | 6 --
changes/bug8218 | 6 --
changes/cov980650 | 4 -
changes/easy.ratelim | 3 -
changes/feature4994 | 7 --
changes/geoip-feb2013 | 3 -
changes/integers_donna | 3 -
changes/signof_enum | 7 --
changes/ticket2267 | 8 ---
changes/ticket8443 | 4 -
29 files changed, 145 insertions(+), 164 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index cd7f691..74ac362 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,148 @@
+Changes in version 0.2.4.11-alpha - 2013-03-11
+ Tor 0.2.4.11-alpha makes relay measurement by directory authorities
+ more robust, makes hidden service authentication work again, and
+ resolves a DPI fingerprint for Tor's SSL transport.
+
+ o Major features (directory authorities):
+ - Directory authorities now support a new consensus method (17)
+ where they cap the published bandwidth of servers for which
+ insufficient bandwidth measurements exist. Fixes part of bug 2286.
+ - Directory authorities that set "DisableV2DirectoryInfo_ 1" no longer
+ serve any v2 directory information. Now we can test disabling the
+ old deprecated v2 directory format, and see whether doing so has
+ any effect on network load. Begins to fix bug 6783.
+ - Directory authorities now include inside each vote a statement of
+ the performance thresholds they used when assigning flags.
+ Implements ticket 8151.
+
+ o Major bugfixes (directory authorities):
+ - Stop marking every relay as having been down for one hour every
+ time we restart a directory authority. These artificial downtimes
+ were messing with our Stable and Guard flag calculations. Fixes
+ bug 8218 (introduced by the fix for 1035). Bugfix on 0.2.2.23-alpha.
+
+ o Major bugfixes (hidden services):
+ - Allow hidden service authentication to succeed again. When we
+ refactored the hidden service introduction code back
+ in 0.2.4.1-alpha, we didn't update the code that checks
+ whether authentication information is present, causing all
+ authentication checks to return "false". Fix for bug 8207; bugfix
+ on 0.2.4.1-alpha. Found by Coverity; this is CID 718615.
+
+ o Minor features (relays, bridges):
+ - Make bridge relays check once a minute for whether their IP
+ address has changed, rather than only every 15 minutes. Resolves
+ bugs 1913 and 1992.
+ - Refactor resolve_my_address() so it returns the method by which we
+ decided our public IP address (explicitly configured, resolved from
+ explicit hostname, guessed from interfaces, learned by gethostname).
+ Now we can provide more helpful log messages when a relay guesses
+ its IP address incorrectly (e.g. due to unexpected lines in
+ /etc/hosts). Resolves ticket 2267.
+ - Teach bridge-using clients to avoid 0.2.2 bridges when making
+ microdescriptor-related dir requests, and only fall back to normal
+ descriptors if none of their bridges can handle microdescriptors
+ (as opposed to the fix in ticket 4013, which caused them to fall
+ back to normal descriptors if *any* of their bridges preferred
+ them). Resolves ticket 4994.
+ - Randomize the lifetime of our SSL link certificate, so censors can't
+ use the static value for filtering Tor flows. Resolves ticket 8443;
+ related to ticket 4014 which was included in 0.2.2.33.
+
+ o Minor features (portability):
+ - Tweak the curve25519-donna*.c implementations to tolerate systems
+ that lack stdint.h. Fixes bug 3894; bugfix on 0.2.4.8-alpha.
+ - Use Ville Laurikari's implementation of AX_CHECK_SIGN() to determine
+ the signs of types during autoconf. This is better than our old
+ approach, which didn't work when cross-compiling.
+ - Detect the sign of enum values, rather than assuming that MSC is the
+ only compiler where enum types are all signed. Fixes bug 7727;
+ bugfix on 0.2.4.10-alpha.
+
+ o Minor features (other):
+ - Say "KBytes" rather than "KB" in the man page (for various values
+ of K), to further reduce confusion about whether Tor counts in
+ units of memory or fractions of units of memory. Resolves ticket 7054.
+ - Clear the high bit on curve25519 public keys before passing them to
+ our backend, in case we ever wind up using a backend that doesn't do
+ so itself. If we used such a backend, and *didn't* clear the high bit,
+ we could wind up in a situation where users with such backends would
+ be distinguishable from users without. Fixes bug 8121; bugfix on
+ 0.2.4.8-alpha.
+ - Update to the February 6 2013 Maxmind GeoLite Country database.
+
+ o Minor bugfixes (clients):
+ - When we receive a RELAY_END cell with the reason DONE, or with no
+ reason, before receiving a RELAY_CONNECTED cell, report the SOCKS
+ status as "connection refused". Previously we reported these cases
+ as success but then immediately closed the connection. Fixes bug
+ 7902; bugfix on 0.1.0.1-rc. Reported by "oftc_must_be_destroyed".
+ - Downgrade an assertion in connection_ap_expire_beginning to an
+ LD_BUG message. The fix for bug 8024 should prevent this message
+ from displaying, but just in case, a warn that we can diagnose
+ is better than more assert crashes. Fixes bug 8065; bugfix on
+ 0.2.4.8-alpha.
+ - Lower path use bias thresholds to .80 for notice and .60 for warn.
+ Also make the rate limiting flags for the path use bias log messages
+ independent from the original path bias flags. Fixes bug 8161;
+ bugfix on 0.2.4.10-alpha.
+
+ o Minor bugfixes (relays):
+ - Stop trying to resolve our hostname so often (e.g. every time we
+ think about doing a directory fetch). Now we reuse the cached
+ answer in some cases. Fixes bugs 1992 (bugfix on 0.2.0.20-rc)
+ and 2410 (bugfix on 0.1.2.2-alpha).
+ - Stop sending a stray "(null)" in some cases for the server status
+ "EXTERNAL_ADDRESS" controller event. Resolves bug 8200; bugfix
+ on 0.1.2.6-alpha.
+ - When choosing which stream on a formerly stalled circuit to wake
+ first, make better use of the platform's weak RNG. Previously,
+ we had been using the % ("modulo") operator to try to generate a
+ 1/N chance of picking each stream, but this behaves badly with
+ many platforms' choice of weak RNG. Fixes bug 7801; bugfix on
+ 0.2.2.20-alpha.
+ - Use our own weak RNG when we need a weak RNG. Windows's rand() and
+ Irix's random() only return 15 bits; Solaris's random() returns more
+ bits but its RAND_MAX says it only returns 15, and so on. Motivated
+ by the fix for bug 7801; bugfix on 0.2.2.20-alpha.
+
+ o Minor bugfixes (directory authorities):
+ - Directory authorities now use less space when formatting identical
+ microdescriptor lines in directory votes. Fixes bug 8158; bugfix
+ on 0.2.4.1-alpha.
+
+ o Minor bugfixes (memory leaks spotted by Coverity -- bug 7816):
+ - Avoid leaking memory if we fail to compute a consensus signature
+ or we generate a consensus we can't parse. Bugfix on 0.2.0.5-alpha.
+ - Fix a memory leak when receiving headers from an HTTPS proxy. Bugfix
+ on 0.2.1.1-alpha.
+ - Fix a memory leak during safe-cookie controller authentication.
+ Bugfix on 0.2.3.13-alpha.
+ - Avoid memory leak of IPv6 policy content if we fail to format it into
+ a router descriptor. Bugfix on 0.2.4.7-alpha.
+
+ o Minor bugfixes (other code correctness issues):
+ - Avoid a crash if we fail to generate an extrainfo descriptor.
+ Fixes bug 8208; bugfix on 0.2.3.16-alpha. Found by Coverity;
+ this is CID 718634.
+ - When detecting the largest possible file descriptor (in order to
+ close all file descriptors when launching a new program), actually
+ use _SC_OPEN_MAX. The old code for doing this was very, very broken.
+ Fixes bug 8209; bugfix on 0.2.3.1-alpha. Found by Coverity; this
+ is CID 743383.
+ - Fix a copy-and-paste error when adding a missing A1 to a routerset
+ because of GeoIPExcludeUnknown. Fix for Coverity CID 980650.
+ Bugfix on 0.2.4.10-alpha.
+ - Fix an impossible-to-trigger integer overflow when estimating how
+ long our onionskin queue would take. (This overflow would require us
+ to accept 4 million onionskins before processing 100 of them.) Fixes
+ bug 8210; bugfix on 0.2.4.10-alpha.
+
+ o Code simplification and refactoring:
+ - Add a wrapper function for the common "log a message with a
+ rate-limit" case.
+
+
Changes in version 0.2.4.10-alpha - 2013-02-04
Tor 0.2.4.10-alpha adds defenses at the directory authority level from
certain attacks that flood the network with relays; changes the queue
diff --git a/changes/6783_big_hammer b/changes/6783_big_hammer
deleted file mode 100644
index 2ff3249..0000000
--- a/changes/6783_big_hammer
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major features (deprecation):
- - There's now a "DisableV2DirectoryInfo_" option that prevents us
- from serving any directory requests for v2 directory information.
- This is for us to test disabling the old deprecated V2 directory
- format, so that we can see whether doing so has any effect on
- network load. Part of a fix for bug 6783.
diff --git a/changes/bug1992 b/changes/bug1992
deleted file mode 100644
index 6a751dc..0000000
--- a/changes/bug1992
+++ /dev/null
@@ -1,11 +0,0 @@
- o Minor bugfixes:
- - Stop trying to resolve our hostname so often (e.g. every time we
- think about doing a directory fetch). Now we reuse the cached
- answer in some cases. Fixes bugs 1992 (bugfix on 0.2.0.20-rc)
- and 2410 (bugfix on 0.1.2.2-alpha).
-
- o Minor features:
- - Make bridge relays check once a minute for whether their IP
- address has changed, rather than only every 15 minutes. Resolves
- bugs 1913 and 1992.
-
diff --git a/changes/bug2286 b/changes/bug2286
deleted file mode 100644
index 4f8dfbb..0000000
--- a/changes/bug2286
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major features (directory authority):
- - Directory authorities now support a new consensus method (17)
- where they cap the published bandwidth of servers for which
- insufficient bandwidth measurements exist. Fixes part of bug
- 2286.
diff --git a/changes/bug7054 b/changes/bug7054
deleted file mode 100644
index 15680d7..0000000
--- a/changes/bug7054
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (man page):
- - Say "KBytes" rather than "KB" in the man page (for various values
- of K), to further reduce confusion about whether Tor counts in
- units of memory or fractions of units of memory. Fixes bug 7054.
diff --git a/changes/bug7801 b/changes/bug7801
deleted file mode 100644
index 1d6d021..0000000
--- a/changes/bug7801
+++ /dev/null
@@ -1,13 +0,0 @@
- o Minor bugfixes:
- - When choosing which stream on a formerly stalled circuit to wake
- first, make better use of the platform's weak RNG. Previously, we
- had been using the % ("modulo") operator to try to generate a 1/N
- chance of picking each stream, but this behaves badly with many
- platforms' choice of weak RNG. Fix for bug 7801; bugfix on
- 0.2.2.20-alpha.
- - Use our own weak RNG when we need a weak RNG. Windows's rand()
- and Irix's random() only return 15 bits; Solaris's random()
- returns more bits but its RAND_MAX says it only returns 15, and
- so on. Fixes another aspect of bug 7801; bugfix on
- 0.2.2.20-alpha.
-
diff --git a/changes/bug7816.024 b/changes/bug7816.024
deleted file mode 100644
index b5d55f5..0000000
--- a/changes/bug7816.024
+++ /dev/null
@@ -1,8 +0,0 @@
- o Minor bugfixes:
- - Avoid leaking IPv6 policy content if we fail to format it into
- a router descriptor. Spotted by Coverity. Fixes part of 7816;
- bugfix on 0.2.4.7-alpha.
-
- - Avoid leaking memory if we fail to compute a consensus signature
- or we generated a consensus we couldn't parse. Spotted by Coverity.
- Fixes part of 7816; bugfix on 0.2.0.5-alpha.
diff --git a/changes/bug7816_023 b/changes/bug7816_023
deleted file mode 100644
index a453029..0000000
--- a/changes/bug7816_023
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes (memory leak, controller):
- - Fix a memory leak during safe-cookie controller authentication.
- Spotted by Coverity. Fixes part of bug 7816; bugfix on 0.2.3.13-alpha.
-
- o Minor bugfixes (memory leak, HTTPS proxy support):
- - Fix a memory leak when receiving headers from an HTTPS proxy.
- Spotted by Coverity. Fixes part of bug 7816; bugfix on 0.2.1.1-alpha.
diff --git a/changes/bug7816_023_small b/changes/bug7816_023_small
deleted file mode 100644
index cd90f03..0000000
--- a/changes/bug7816_023_small
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes:
- - Fix various places where we leak file descriptors or memory on
- error cases. Spotted by coverity. Fixes parts of bug 7816.
diff --git a/changes/bug7902 b/changes/bug7902
deleted file mode 100644
index 051759d..0000000
--- a/changes/bug7902
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes:
- - When we receive a RELAY_END cell with the reason DONE, or with no
- reason, before receiving a RELAY_CONNECTED cell, report the SOCKS
- status as "connection refused." Previously we reporting these
- cases as success but then immediately closing the connection.
- Fixes bug 7902; bugfix on 0.1.0.1-rc. Reported by "oftc_must_
- be_destroyed."
diff --git a/changes/bug8065 b/changes/bug8065
deleted file mode 100644
index 06dbae8..0000000
--- a/changes/bug8065
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - Downgrade an assertion in connection_ap_expire_beginning to
- an LD_BUG message. The fix for bug 8024 should prevent this
- message from displaying, but just in case a warn that we can
- diagnose is better than more assert crashes. Fix for bug 8065;
- bugfix on 0.2.4.8-alpha.
diff --git a/changes/bug8121 b/changes/bug8121
deleted file mode 100644
index 60cba72..0000000
--- a/changes/bug8121
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor features:
- - Clear the high bit on curve25519 public keys before passing them to
- our backend, in case we ever wind up using a backend that doesn't do
- so itself. If we used such a backend, and *didn't* clear the high bit,
- we could wind up in a situation where users with such backends would
- be distinguishable from users without. Fix for bug 8121; bugfix on
- 0.2.4.8-alpha.
diff --git a/changes/bug8151 b/changes/bug8151
deleted file mode 100644
index e20fa3c..0000000
--- a/changes/bug8151
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (directory authority):
- - Include inside each vote a statement of the performance
- thresholds that made the authority vote for its flags. Implements
- ticket 8151.
-
\ No newline at end of file
diff --git a/changes/bug8158 b/changes/bug8158
deleted file mode 100644
index 65b21c2..0000000
--- a/changes/bug8158
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes:
- - Use less space when formatting identical microdescriptor lines in
- directory votes. Fixes bug 8158; bugfix on 0.2.4.1-alpha.
diff --git a/changes/bug8161 b/changes/bug8161
deleted file mode 100644
index ab7b9c0..0000000
--- a/changes/bug8161
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor changes:
- - Lower path use bias thresholds to .80 for notice and .60 for warn.
- Fixes bug #8161; bugfix on 0.2.4.10-alpa.
- - Make the rate limiting flags for the path use bias log messages
- independent from the original path bias flags. Fixes bug #8161;
- bugfix on 0.2.4.10-alpha.
diff --git a/changes/bug8200 b/changes/bug8200
deleted file mode 100644
index 65fc9dd..0000000
--- a/changes/bug8200
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfix:
- - Stop sending a stray "(null)" in some cases for the server status
- "EXTERNAL_ADDRESS" controller event. Resolves bug 8200; bugfix
- on 0.1.2.6-alpha.
-
diff --git a/changes/bug8207 b/changes/bug8207
deleted file mode 100644
index 0028d33..0000000
--- a/changes/bug8207
+++ /dev/null
@@ -1,7 +0,0 @@
- o Major bugfixes (hidden services):
- - Allow hidden service authentication to succeed again. When we
- refactored the hidden service introduction code back in 0.2.4.1-alpha,
- we didn't update the code that checks whether authentication
- information is present, causing all authentication checks to
- return "false". Fix for bug 8207; bugfix on 0.2.4.1-alpha. Found by
- Coverity; this is CID 718615.
diff --git a/changes/bug8208 b/changes/bug8208
deleted file mode 100644
index c85db90..0000000
--- a/changes/bug8208
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Avoid a crash if we fail to generate an extrinfo descriptor.
- Fixes bug 8208; bugfix on 0.2.3.16-alpha. Found by Coverity;
- this is CID 718634.
diff --git a/changes/bug8209 b/changes/bug8209
deleted file mode 100644
index c589235..0000000
--- a/changes/bug8209
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - When detecting the largest possible file descriptor (in order to close
- all file descriptors when launching a new program), actually use
- _SC_OPEN_MAX. The old code for doing this was very, very broken.
- Fix for bug 8209; bugfix on 0.2.3.1-alpha. Found by Coverity; this
- is CID 743383.
diff --git a/changes/bug8210 b/changes/bug8210
deleted file mode 100644
index 85d41b8..0000000
--- a/changes/bug8210
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - Fix an impossible-to-trigger integer overflow when
- estimating how long out onionskin queue would take. (This overflow
- would require us to accept 4 million onionskins before processing
- 100 of them.) Fixes bug 8210; bugfix on 0.2.4.10-alpha.
-
diff --git a/changes/bug8218 b/changes/bug8218
deleted file mode 100644
index ce8d53b..0000000
--- a/changes/bug8218
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major bugfixes:
- - Stop marking every relay as having been down for one hour every
- time we restart a directory authority. These artificial downtimes
- were messing with our Stable and Guard flag calculations. Fixes
- bug 8218 (introduced by the fix for 1035). Bugfix on 0.2.2.23-alpha.
-
diff --git a/changes/cov980650 b/changes/cov980650
deleted file mode 100644
index cbbada2..0000000
--- a/changes/cov980650
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Fix a copy-and-paste error when adding a missing A1 to a routerset
- because of GeoIPExcludeUnknown. Fix for coverity CID 980650.
- Bugfix on 0.2.4.10-alpha.
diff --git a/changes/easy.ratelim b/changes/easy.ratelim
deleted file mode 100644
index cadd1e4..0000000
--- a/changes/easy.ratelim
+++ /dev/null
@@ -1,3 +0,0 @@
- o Code simplification and refactoring:
- - Add a wrapper function for the common "log a message with a rate-limit"
- case.
diff --git a/changes/feature4994 b/changes/feature4994
deleted file mode 100644
index 4fa0e03..0000000
--- a/changes/feature4994
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor features:
- - Teach bridge-using clients to avoid 0.2.2 bridges when making
- microdescriptor-related dir requests, and only fall back to normal
- descriptors if none of their bridges can handle microdescriptors
- (as opposed to the fix in ticket 4013, which caused them to fall
- back to normal descriptors if *any* of their bridges preferred
- them). Resolves ticket 4994.
diff --git a/changes/geoip-feb2013 b/changes/geoip-feb2013
deleted file mode 100644
index b5d7942..0000000
--- a/changes/geoip-feb2013
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features:
- - Update to the February 6 2013 Maxmind GeoLite Country database.
-
diff --git a/changes/integers_donna b/changes/integers_donna
deleted file mode 100644
index e9c69e8..0000000
--- a/changes/integers_donna
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (portability)
- - Tweak the curve25519-donna*.c implementations to tolerate systems
- that lack stdint.h. Fixes bug 3894; bugfix on 0.2.4.8-alpha.
diff --git a/changes/signof_enum b/changes/signof_enum
deleted file mode 100644
index ba4fb59..0000000
--- a/changes/signof_enum
+++ /dev/null
@@ -1,7 +0,0 @@
- o Code simplifications and refactoring:
- - Use Ville Laurikari's implementation of AX_CHECK_SIGN() to determine
- the signs of types during autoconf. This is better than our old
- approach, which didn't work when cross-compiling.
- - Detect the sign of enum values, rather than assuming that MSC is the
- only compiler where enum types are all signed. Fix for bug 7727;
- bugfix on 0.2.4.10-alpha.
diff --git a/changes/ticket2267 b/changes/ticket2267
deleted file mode 100644
index b589b57..0000000
--- a/changes/ticket2267
+++ /dev/null
@@ -1,8 +0,0 @@
- o Minor features:
- - Refactor resolve_my_address() so it returns the method by which we
- decided our public IP address (explicitly configured, resolved from
- explicit hostname, guessed from interfaces, learned by gethostname).
- Now we can provide more helpful log messages when a relay guesses
- its IP address incorrectly (e.g. due to unexpected lines in
- /etc/hosts). Resolves ticket 2267.
-
diff --git a/changes/ticket8443 b/changes/ticket8443
deleted file mode 100644
index ca6fb2f..0000000
--- a/changes/ticket8443
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features:
- - Randomize the lifetime of our SSL link certificate, so censors can't
- use the static value for filtering Tor flows. Resolves ticket 8443;
- related to ticket 4014 which was included in 0.2.2.33.
More information about the tor-commits
mailing list