[tor-commits] [tor/master] Reformat the changelog
nickm at torproject.org
nickm at torproject.org
Thu Sep 24 14:57:49 UTC 2015
commit 4ee4fe56ee4860b6762f41efd01065d0358a0665
Author: Nick Mathewson <nickm at torproject.org>
Date: Thu Sep 24 10:57:22 2015 -0400
Reformat the changelog
---
ChangeLog | 194 ++++++++++++++++++++++++++++++-------------------------------
1 file changed, 96 insertions(+), 98 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 03cfa1f..4f817e4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,58 +1,58 @@
Changes in version 0.2.7.3-rc - 2015-09-2?
-
- Tor 0.2.7.3-rc is the first release candidate in the 0.2.7 series. It
+ Tor 0.2.7.3-rc is the first release candidate in the 0.2.7 series. It
contains numerous usability fixes for Ed25519 keys, safeguards against
- several misconfiguration problems, significant simplifications to Tor's
- callgraph, and numerous bugfixes and small
- features.
+ several misconfiguration problems, significant simplifications to
+ Tor's callgraph, and numerous bugfixes and small features.
This is the most tested release of Tor to date. The unit tests cover
39.40% of the code, and the integration tests (accessible with "make
- test-full-online", requiring stem and chutney and a network connection)
- raise the coverage to XXX.
+ test-full-online", requiring stem and chutney and a network
+ connection) raise the coverage to XXX.
If this is your first time upgrading a relay to Tor 0.2.7, your Tor
- relay will, by default, generate a new Ed25519 identity key. If you
+ relay will, by default, generate a new Ed25519 identity key. If you
would prefer to keep your Ed25519 identity key offline or encrypted
- for improved security, you can do so by following the instructions at
- XXX.
+ for improved security, you can do so by following the instructions
+ at XXX.
o Major features (security, hidden services):
- - Hidden services are required to use more than one EntryNode,
- to avoid a guard discovery attack. See ticket for more
- information. Fixes ticket 14917.
-
- o Major features (relay, Ed25519):
- - Significant usability improvements for Ed25519
- key management. Log messages are better, and the code can recover
- from far more failure conditions. Thanks to "s7r" for reporting
- and diagnosing so many of these!
- - On receiving a HUP signal, check to see whether the Ed25519
- signing key has changed, and reload it if so. Closes ticket 16790.
+ - Hidden services are required to use more than one EntryNode, to
+ avoid a guard discovery attack. See ticket for more information.
+ Fixes ticket 14917.
o Major features (ed25519 performance):
- - Improve the speed of Ed25519 operations and Curve25519
- keypair generation when built targeting 32 bit x86 platforms with
- SSE2 available. Implements ticket 16535.
+ - Improve the speed of Ed25519 operations and Curve25519 keypair
+ generation when built targeting 32 bit x86 platforms with SSE2
+ available. Implements ticket 16535.
- Improve the runtime speed of Ed25519 signature verification by
- using Ed25519-donna's batch verification support. Implements ticket 16533.
+ using Ed25519-donna's batch verification support. Implements
+ ticket 16533.
o Major features (performance testing):
- The test-network.sh script now supports performance testing.
- Requires corresponding chutney performance testing changes.
- Patch by "teor". Closes ticket 14175.
+ Requires corresponding chutney performance testing changes. Patch
+ by "teor". Closes ticket 14175.
+
+ o Major features (relay, Ed25519):
+ - Significant usability improvements for Ed25519 key management. Log
+ messages are better, and the code can recover from far more
+ failure conditions. Thanks to "s7r" for reporting and diagnosing
+ so many of these!
+ - On receiving a HUP signal, check to see whether the Ed25519
+ signing key has changed, and reload it if so. Closes ticket 16790.
o Major bugfixes (relay, Ed25519):
- Avoid crashing on 'tor --keygen'. Fixes bug 16679; bugfix on
0.2.7.2-alpha. Reported by "s7r".
- - Improve handling of expired signing keys with offline master
- keys. Fixes bug 16685; bugfix on 0.2.7.2-alpha. Reported by "s7r".
+ - Improve handling of expired signing keys with offline master keys.
+ Fixes bug 16685; bugfix on 0.2.7.2-alpha. Reported by "s7r".
o Minor features (client-side privacy):
- - New KeyAliveSOCKSAuth option to indefinitely extend circuit lifespan
- when IsolateSOCKSAuth and streams with SOCKS authentication are attached
- to the circuit. This allows applications like TorBrowser to
- manage circuit lifetime on their own. Implements feature 15482.
+ - New KeyAliveSOCKSAuth option to indefinitely extend circuit
+ lifespan when IsolateSOCKSAuth and streams with SOCKS
+ authentication are attached to the circuit. This allows
+ applications like TorBrowser to manage circuit lifetime on their
+ own. Implements feature 15482.
- When logging malformed hostnames from SOCKS5 requests, respect
SafeLogging configuration. Fixes bug 16891; bugfix on 0.1.1.16-rc.
@@ -73,79 +73,39 @@ Changes in version 0.2.7.3-rc - 2015-09-2?
option HiddenServiceStatistics to "1" by default. Closes
ticket 15254.
- Client now uses an introduction point failure cache to know when
- to fetch or keep a descriptor in their cache. Previously,
- failures were recorded implicitly, but not explicitly remembered.
- Closes ticket 16389.
+ to fetch or keep a descriptor in their cache. Previously, failures
+ were recorded implicitly, but not explicitly remembered. Closes
+ ticket 16389.
o Minor features (testing, authorities, documentation):
- New TestingDirAuthVote{Exit,Guard,HSDir}IsStrict flags to
- explicitly manage consensus flags in t3esting networks.
- Patch by "robgjansen", modified by "teor". Implements part of
- ticket 14882.
+ explicitly manage consensus flags in t3esting networks. Patch by
+ "robgjansen", modified by "teor". Implements part of ticket 14882.
o Minor bugfixes (security, exit policies):
- - ExitPolicyRejectPrivate now also rejects
- the relay's published IPv6 address (if any), and any publicly
- routable IPv4 or IPv6 addresses on any local interfacesn.
- ticket 17027. Patch by "teor". Fixes bug 17027; bugfix on 0.2.0.11-alpha.
-
- o Minor bugfixes (portability):
- - Try harder to normalize the exit status of the Tor process to the
- standard-provided range. Fixes bug 16975; bugfix on every version
- of Tor ever.
- - Check correctly for windows socket errors in the workqueue
- backend. Fixes bug 16741; bugfix on 0.2.6.3-alpha.
- - Fix the behavior of crypto_rand_time_range() when told to consider times
- before 1970. (These times were possible when running in a
- simulated network environment where time()'s output starts at
- zero.) Fixes bug 16980; bugfix on 0.2.7.1-alpha.
-
- o Minor bugfixes (documentation):
- - Fix the usage message of tor-resolve(1) so that it no longer lists
- the removed -F option. Fixes bug 16913; bugfix on
- 0.2.2.28-beta.
- - Fix an error in the manual page and comments for
- TestingDirAuthVoteHSDir[IsStrict], which suggested that a HSDir
- required "ORPort connectivity". While this is true, it is in no
- way unique to the HSDir flag. Of all the flags, only HSDirs need a
- DirPort configured in order for the authorities to assign that
- particular flag. Patch by "teor". Fixed as part of 14882; bugfix on 0.2.6.3-alpha.
-
- o Minor bugfixes (relay):
- - Ensure that worker threads actually exit when a fatal error or
- shutdown is indicated. This fix doesn't currently affect the behaviour
- of Tor, because Tor workers never indicates fatal error or shutdown except
- in the unit tests. Fixes bug 16868; bugfix on 0.2.6.3-alpha.
-
- o Minor bugfixes (correctness):
- - When calling channel_free_list(), avoid calling smartlist_remove()
- while inside a FOREACH loop. This partially reverts commit
- 17356fe7fd96af where the correct SMARTLIST_DEL_CURRENT was
- incorrectly removed. Fixes bug 16924; bugfix on 0.2.4.4-alpha.
+ - ExitPolicyRejectPrivate now also rejects the relay's published
+ IPv6 address (if any), and any publicly routable IPv4 or IPv6
+ addresses on any local interfacesn. ticket 17027. Patch by "teor".
+ Fixes bug 17027; bugfix on 0.2.0.11-alpha.
o Minor bug fixes (torrc exit policies):
- - In torrc, "accept6 *" and "reject6 *" ExitPolicy lines now
- only produce IPv6 wildcard addresses.
- Previously they would produce both IPv4 and IPv6
- wildcard addresses. Patch by "teor". Fixes part of bug 16069; bugfix on 0.2.4.7-alpha.
- - When parsing torrc ExitPolicies, we now warn for a number of
- cases where the user's intent is likely to differ from Tor's
- actual behavior. These include: using an IPv4 address
- with an accept6 or reject6 line; using "private" on an accept6
- or reject6 line; and including any ExitPolicy lines after
- accept *:* or reject *:*. Related to ticket 16069.
+ - In torrc, "accept6 *" and "reject6 *" ExitPolicy lines now only
+ produce IPv6 wildcard addresses. Previously they would produce
+ both IPv4 and IPv6 wildcard addresses. Patch by "teor". Fixes part
+ of bug 16069; bugfix on 0.2.4.7-alpha.
+ - When parsing torrc ExitPolicies, we now warn for a number of cases
+ where the user's intent is likely to differ from Tor's actual
+ behavior. These include: using an IPv4 address with an accept6 or
+ reject6 line; using "private" on an accept6 or reject6 line; and
+ including any ExitPolicy lines after accept *:* or reject *:*.
+ Related to ticket 16069.
- When parsing torrc ExitPolicies, we now issue an info-level
message: when expanding an "accept/reject *" line to include both
IPv4 and IPv6 wildcard addresses. Related to ticket 16069.
- - In each instance above, usage advice is provided to avoid the message.
- Resolves ticket 16069. Patch by "teor". Fixes part of bug
+ - In each instance above, usage advice is provided to avoid the
+ message. Resolves ticket 16069. Patch by "teor". Fixes part of bug
16069; bugfix on 0.2.4.7-alpha.
- o Minor bugfixes (open file limit):
- - Fix set_max_file_descriptors() to set by default the max open file
- limit to the current limit when setrlimit() fails. Fixes bug 16274; bugfix on tor-
- 0.2.0.10-alpha. Patch by dgoulet.
-
o Minor bugfixes (authority):
- Don't assign "HSDir" to a router if it isn't Valid and Running.
Fixes bug 16524; bugfix on 0.2.7.2-alpha.
@@ -157,8 +117,26 @@ Changes in version 0.2.7.3-rc - 2015-09-2?
bug 16286; bugfix on 0.2.7.2-alpha.
o Minor bugfixes (control port):
- - Repair a warning and a spurious result when getting the maximum number of file descriptors
- from the controller. Fixes bug 16697; bugfix on 0.2.7.2-alpha.
+ - Repair a warning and a spurious result when getting the maximum
+ number of file descriptors from the controller. Fixes bug 16697;
+ bugfix on 0.2.7.2-alpha.
+
+ o Minor bugfixes (correctness):
+ - When calling channel_free_list(), avoid calling smartlist_remove()
+ while inside a FOREACH loop. This partially reverts commit
+ 17356fe7fd96af where the correct SMARTLIST_DEL_CURRENT was
+ incorrectly removed. Fixes bug 16924; bugfix on 0.2.4.4-alpha.
+
+ o Minor bugfixes (documentation):
+ - Fix the usage message of tor-resolve(1) so that it no longer lists
+ the removed -F option. Fixes bug 16913; bugfix on 0.2.2.28-beta.
+ - Fix an error in the manual page and comments for
+ TestingDirAuthVoteHSDir[IsStrict], which suggested that a HSDir
+ required "ORPort connectivity". While this is true, it is in no
+ way unique to the HSDir flag. Of all the flags, only HSDirs need a
+ DirPort configured in order for the authorities to assign that
+ particular flag. Patch by "teor". Fixed as part of 14882; bugfix
+ on 0.2.6.3-alpha.
o Minor bugfixes (Ed25519):
- Fix a memory leak when reading router descriptors with expired
@@ -170,13 +148,33 @@ Changes in version 0.2.7.3-rc - 2015-09-2?
- Allow routers with ed25519 keys to run correctly under the
seccomp2 sandbox. Fixes bug 16965; bugfix on 0.2.7.2-alpha.
+ o Minor bugfixes (open file limit):
+ - Fix set_max_file_descriptors() to set by default the max open file
+ limit to the current limit when setrlimit() fails. Fixes bug
+ 16274; bugfix on tor- 0.2.0.10-alpha. Patch by dgoulet.
+
o Minor bugfixes (portability):
+ - Try harder to normalize the exit status of the Tor process to the
+ standard-provided range. Fixes bug 16975; bugfix on every version
+ of Tor ever.
+ - Check correctly for windows socket errors in the workqueue
+ backend. Fixes bug 16741; bugfix on 0.2.6.3-alpha.
+ - Fix the behavior of crypto_rand_time_range() when told to consider
+ times before 1970. (These times were possible when running in a
+ simulated network environment where time()'s output starts at
+ zero.) Fixes bug 16980; bugfix on 0.2.7.1-alpha.
- Restore correct operation of TLS client-cipher detection on
OpenSSL 1.1. Fixes bug 14047; bugfix on 0.2.7.2-alpha.
o Minor bugfixes (relay):
- - Unblock threads before releasing the work queue mutex to ensure predictable
- scheduling behavior. Fixes bug 16644; bugfix on 0.2.6.3-alpha.
+ - Ensure that worker threads actually exit when a fatal error or
+ shutdown is indicated. This fix doesn't currently affect the
+ behaviour of Tor, because Tor workers never indicates fatal error
+ or shutdown except in the unit tests. Fixes bug 16868; bugfix
+ on 0.2.6.3-alpha.
+ - Unblock threads before releasing the work queue mutex to ensure
+ predictable scheduling behavior. Fixes bug 16644; bugfix
+ on 0.2.6.3-alpha.
o Code simplification and refactoring:
- Change the function that's called when we need to retry all
More information about the tor-commits
mailing list