[tor-commits] [tor/master] Changelog edits. Most of them.
nickm at torproject.org
nickm at torproject.org
Wed Feb 18 22:20:04 UTC 2015
commit c0ff7c2768d59c86e09023461c458721b2a5f72e
Author: Nick Mathewson <nickm at torproject.org>
Date: Wed Feb 18 17:09:35 2015 -0500
Changelog edits. Most of them.
---
ChangeLog | 100 ++++++++++++++++++++++++++-----------------------------------
1 file changed, 43 insertions(+), 57 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 92af23c..a4ce10a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -13,7 +13,7 @@ Changes in version 0.2.6.3-alpha - 2015-02-2?
- Tor relays older than 0.2.4.18-rc are no longer allowed to
advertise themselves on the network. Closes ticket 13555.
- o Major features (security):
+ o Major features (security, unix domain sockets):
- Tor can now expose a SOCKS proxy over an AF_UNIX Unix Domain Socket.
This allows client
applications to Tor without having creating
@@ -25,6 +25,9 @@ Changes in version 0.2.6.3-alpha - 2015-02-2?
To create a
socket of this type, use "SocksPort unix:/path/to/socket". Closes
ticket 12585.
+ - Support mapping hidden service virtual ports to AF_UNIX sockets on
+ suitable platforms. The syntax is "HiddenServicePort 80
+ socket:/path/to/socket". Resolves ticket #11485.
o Major features (changed defaults):
- Prevent relay operators from unintentionally running exits: When a
@@ -34,20 +37,15 @@ Changes in version 0.2.6.3-alpha - 2015-02-2?
can indicate accidental misconfiguration. Setting 'ExitRelay 0'
stops Tor from running as an exit relay. Closes ticket 10067.
- o Major features (hidden services):
- - Support mapping hidden service virtual ports to AF_UNIX sockets on
- suitable platforms. The syntax is "HiddenServicePort 80
- socket:/path/to/socket". Resolves ticket #11485.
-
o Major features (performance):
- - Refactor the CPU worker implementation for better performance by
+ - Make the the CPU worker implementation more efficient by
avoiding the kernel and lengthening pipelines. The original
implementation used sockets to transfer data from the main thread
- to the worker threads, and didn't allow any thread to be assigned
+ to the workers, and didn't allow any thread to be assigned
more than a single piece of work at once. The new implementation
avoids communications overhead by making requests in shared
memory, avoiding kernel IO where possible, and keeping more
- request in flight at once. Resolves issue #9682.
+ requests in flight at once. Resolves issue #9682.
o Major bugfixes (client):
- Allow MapAddress and AutomapHostsOnResolve to work together when
@@ -61,57 +59,43 @@ Changes in version 0.2.6.3-alpha - 2015-02-2?
diagnosed and fixed by "cypherpunks".
o Major bugfixes (mixed relay-client operation):
- - When running as a relay and a client at the same time (not
+ - When running as a relay and client at the same time (not
recommended), if we decide not to use a new guard because we want
to retry older guards, only close the locally-originating circuits
passing through that guard. Previously we would close all the
- circuits. Fixes bug 9819; bugfix on 0.2.1.1-alpha. Reported
+ circuits through that guard. Fixes bug 9819; bugfix on 0.2.1.1-alpha. Reported
by "skruffy".
- o Minor features (authorities, testing):
- - Create TestingDirAuthVoteHSDir like TestingDirAuthVoteExit/Guard.
- Ensures that authorities vote the HSDir flag for the listed relays
- regardless of uptime or ORPort connectivity. Respects the value of
- VoteOnHidServDirectoriesV2. Partial implementation for ticket
- 14067. Patch by "teor".
-
o Minor features (build):
- New --disable-system-torrc compile-time option to prevent Tor from
- looking for a system-wide torrc or torrc-defaults tile. Resolves
+ looking for a system-wide torrc or torrc-defaults file. Resolves
ticket 13037.
o Minor features (controller):
- Include SOCKS_USERNAME and SOCKS_PASSWORD values in controller
- events to let controllers observe circuit isolation inputs. Closes
+ events so controllers can observe circuit isolation inputs. Closes
ticket 8405.
- ControlPort now supports the unix:/path/to/dir syntax as an
alternative to the ControlSocket option, for consistency with
- SocksPort and hidden services. Closes ticket 14451.
+ SocksPort and HiddenServicePort. Closes ticket 14451.
- New "GETINFO bw-event-cache" to get information about recent
bandwidth events. Closes ticket 14128. Useful for controllers to
get recent bandwidth history after the fix for 13988.
- o Minor features (directory client):
+ o Minor features (directory system):
- When downloading server- or microdescriptors from a directory
server, we no longer launch multiple simultaneous requests to the
same server. This reduces load on the directory servers,
especially when directory guards are in use. Closes ticket 9969.
- When downloading server- or microdescriptors over a tunneled
- connection, do not limit the length of our request to what the
+ connection, do not limit the length of our requests to what the
Squid proxy is willing to handle. Part of ticket 9969.
-
- o Minor features (directory system):
- Authorities can now vote on the correct digests and latest
versions for different software packages. This allows packages
that include Tor to use the Tor authority system as a way to get
notified of updates and their correct digests. Implements proposal
227. Closes ticket 10395.
- o Minor features (directory, memory usage):
- - When we have recently been under memory pressure (over 3/4 of
- MaxMemInQueues is allocated), then allocate smaller zlib objects
- for small requests. Closes ticket 11791.
-
o Minor features (DOS resistance):
- Count the total number of bytes used storing hidden service
descriptors against the value of MaxMemInQueues. If we're low on
@@ -119,6 +103,12 @@ Changes in version 0.2.6.3-alpha - 2015-02-2?
service descriptors, free them until no more than 10% of our
memory holds hidden service descriptors. Free the least recently
fetched descriptors first. Resolves ticket 13806.
+ - When we have recently been under memory pressure (over 3/4 of
+ MaxMemInQueues is allocated), then allocate smaller zlib objects
+ for small requests. Closes ticket 11791.
+ - When we have recently been under memory pressure (over 3/4 of
+ MaxMemInQueues is allocated), then allocate smaller zlib objects
+ for small requests. Closes ticket 11791.
o Minor features (geoip):
- Update geoip to the January 7 2015 Maxmind GeoLite2
@@ -126,13 +116,13 @@ Changes in version 0.2.6.3-alpha - 2015-02-2?
- Update geoip6 to the January 7 2015 Maxmind GeoLite2
Country database.
- o Minor features (Guard nodes):
+ o Minor features (guard nodes):
- Reduce the time delay before saving guard status to disk from 10
minute to 30 seconds (or from one hour to 10 minutes if
AvoidDiskWrites is set). Closes ticket 12485.
o Minor features (hidden service):
- - Make hidden service Sybil attacks harder by changing the minimum
+ - Make Sybil attacks against hidden services harder by changing the minimum
time required to become an HSDir from 25 hours up to 96 hours.
Addresses ticket #14149.
- New option "HiddenServiceAllowUnknownPorts" to allow hidden
@@ -142,7 +132,7 @@ Changes in version 0.2.6.3-alpha - 2015-02-2?
RELAY_DONE cell is sent. Closes ticket #14084.
o Minor features (interface):
- - Implement '-f -' CLI suboption to allow torrc to be read from
+ - Implement '-f -' CLI suboption to read torrc configuration from
standard input, thus not requiring to store torrc in file system.
Implements feature 13865.
@@ -153,11 +143,11 @@ Changes in version 0.2.6.3-alpha - 2015-02-2?
reading extrainfo documents from cache. (This message got loud
around when we closed bug 9812 in 0.2.6.2-alpha.) Closes
ticket 13762.
- - Elevate authorized-client message from DEBUG to INFO. Closes
+ - Elevate hidden service authorized-client message from DEBUG to INFO. Closes
ticket 14015.
o Minor features (relay):
- - Use separate minimum bandwidth values for the configurations of
+ - Use separate minimum bandwidth values for
relays and bridges. Raise the minimum configured bandwidth for
bridges to 50 KiB/sec and for relays to 75 KiB/sec. (The old
values were 20 KiB/sec.) Closes ticket 13822.
@@ -173,12 +163,16 @@ Changes in version 0.2.6.3-alpha - 2015-02-2?
o Minor features (testing networks):
- Drop the minimum RendPostPeriod on a testing network to 5 seconds,
- and the default to 2 minutes. Closes ticket 13401. Patch
- by "nickm".
+ and the default to 2 minutes. Closes ticket 13401.
- Drop the MIN_REND_INITIAL_POST_DELAY on a testing network to 5
seconds, but keep the default at 30 seconds. This reduces HS
bootstrap time to around 25 seconds. Also, change the default time
in test-network.sh to match. Closes ticket 13401. Patch by "teor".
+ - Create TestingDirAuthVoteHSDir to correspond to TestingDirAuthVoteExit/Guard.
+ Ensures that authorities vote the HSDir flag for the listed relays
+ regardless of uptime or ORPort connectivity. Respects the value of
+ VoteOnHidServDirectoriesV2. Partial implementation for ticket
+ 14067. Patch by "teor".
o Minor features (tor2web mode):
- Introduce the config option Tor2webRendezvousPoints, which allows
@@ -186,11 +180,6 @@ Changes in version 0.2.6.3-alpha - 2015-02-2?
used in HS circuits. This might allow better performance for
Tor2Web nodes. Implements ticket #12844.
- o Minor bugfix (oom resistance):
- - Make an educated guess about how much memory the system has when
- our detection functionality fails on some operating system. Fixes
- bug 14802; bugfix on 0.2.5.4-alpha.
-
o Minor bugfixes (automapping):
- Prevent changes to other options from removing the wildcard value
"." from "AutomapHostsSuffixes". Fixes bug 12509; bugfix
@@ -206,9 +195,7 @@ Changes in version 0.2.6.3-alpha - 2015-02-2?
bug 14259; bugfix on 0.2.0.1-alpha.
o Minor bugfixes (client, automapping):
- - Check for a missing option value in parse_virtual_addr_network
- before asserting on the NULL in tor_addr_parse_mask_ports. This
- avoids crashing on torrc lines like Vi[rtualAddrNetworkIPv[4|6]]
+ - Avoid crashing on torrc lines for VirtualAddrNetworkIPv[4|6]
when no value follows the option. Fixes bug 14142; bugfix on
0.2.4.7-alpha. Patch by "teor".
- Fix a memory leak when using AutomapHostsOnResolve. Fixes bug
@@ -247,10 +234,9 @@ Changes in version 0.2.6.3-alpha - 2015-02-2?
reason. Fixes bug 14207; bugfix on 0.2.6.2-alpha.
- Avoid crashing on a malformed EXTENDCIRCUIT command. Fixes bug
14116; bugfix on 0.2.2.9-alpha.
- - On the control port, the "entry-guards" command was reporting an
- "up" status for a relay that was actually down. This fixes the
- check if "unreachable_since" is set and if so reports the "down"
- status. Fixes bug 14184; bugfix on 0.1.2.2-alpha.
+ - Report "down" in response to the "GETINFO entry-guards" command when
+ relays are down with an unreachable_since value. Previously, we
+ would report "up". Fixes bug 14184; bugfix on 0.1.2.2-alpha.
o Minor bugfixes (directory authority):
- Allow directory authorities to fetch more data from one another if
@@ -265,7 +251,7 @@ Changes in version 0.2.6.3-alpha - 2015-02-2?
- Stop failing when key files are zero-length. Instead, generate new
keys, and overwrite the empty key files. Fixes bug 13111; bugfix
on all versions of Tor. Patch by "teor".
- - Stop generating a fresh .old RSA key file when the .old file is
+ - Stop generating a fresh .old RSA onion key file when the .old file is
missing. Fixes part of 13111; bugfix on 0.0.6rc1.
- Avoid overwriting .old key files with empty key files.
- Skip loading zero-length extra info store, router store, stats,
@@ -275,8 +261,8 @@ Changes in version 0.2.6.3-alpha - 2015-02-2?
on 0.2.3.11-alpha.
o Minor bugfixes (hidden services):
- - Close the intro circuit once we don't have any more usable intro
- points instead of making it timeout at some point. This also make
+ - Close the introduction circuit when we have no, more usable intro
+ points, instead of waiting for it to time out. This also make
sure no extra HS descriptor fetch is triggered. Fixes bug 14224;
bugfix on 0.0.6.
- When fetching a hidden service descriptor for a down service that
@@ -308,8 +294,8 @@ Changes in version 0.2.6.3-alpha - 2015-02-2?
- Do not warn that we are missing directory information if we have
decided not to fetch directory information due to a long period of
idleness. Fixes part of bug 14918; bugfix on 0.2.6.2-alpha.
- - When deciding whether we have any exit nodes, only do processing
- for ExitNodes when the ExitNodes option is actually set. Fixes
+ - When deciding whether we have any exit nodes, only process
+ ExitNodes when the ExitNodes option is actually set. Fixes
part of bug 14918; bugfix on 0.2.6.2-alpha.
o Minor bugfixes (portability):
@@ -365,10 +351,10 @@ Changes in version 0.2.6.3-alpha - 2015-02-2?
- Move fields related to isolating and configuring client ports into
a shared structure. Previously, they were duplicated across
port_cfg_t, listener_connection_t, and edge_connection_t. Failure
- to copy one of them correctly had been the cause of at least one
+ to copy them correctly had been the cause of at least one
bug in the past. Closes ticket 8546.
- - Refactor the get_interface_addresses_raw() Doom-function into
- multiple smaller and easier to understand subfunctions. Cover the
+ - Refactor the get_interface_addresses_raw() doom-function into
+ multiple smaller and simpler subfunctions. Cover the
resulting subfunctions with unit-tests. Fixes a significant
portion of issue 12376.
- Remove workaround in dirserv_thinks_router_is_hs_dir() that was
More information about the tor-commits
mailing list