[tor-commits] [tor/master] Changes file for deprecation features from #19820

nickm at torproject.org nickm at torproject.org
Sat Aug 20 00:09:56 UTC 2016 

commit 675119d79a2e1cb8b47639d1383d2e631f9412e5
Author: Nick Mathewson <nickm at torproject.org>
Date:   Fri Aug 19 20:08:07 2016 -0400

    Changes file for deprecation features from #19820
---
 changes/deprecation | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/changes/deprecation b/changes/deprecation
new file mode 100644
index 0000000..03a537a
--- /dev/null
+++ b/changes/deprecation
@@ -0,0 +1,31 @@
+  o Major features (user interface):
+    - Tor now supports the ability to declare options deprecated, so that
+      we can recommend that people stop using them. Previously, this was
+      done in an ad-hoc way.
+      Closes ticket 19820.
+
+  o Minor features (user interface):
+    - There is a new --list-deprecated-options command-line option to list
+      all of the deprecated options. Implemented as part of ticket 19820.
+
+  o Deprecated features:
+    - A number of options are deprecated for security reasons, and may be
+      removed in a future version of Tor. The options are: AllowDotExit,
+      AllowInvalidNodes, AllowSingleHopCircuits, AllowSingleHopExits,
+      ClientDNSRejectInternalAddresses,
+      CloseHSClientCircuitsImmediatelyOnTimeout,
+      CloseHSServiceRendCircuitsImmediatelyOnTimeout, ExcludeSingleHopRelays,
+      FastFirstHopPK, TLSECGroup, UseNTorHandshake, and WarnUnsafeSocks.
+
+    - A number of DNS-cache-related sub-options for client ports are now
+      deprecated for security reasons, and may be removed in a future version
+      of Tor. (We believe that client-side DNS cacheing is a bad idea for
+      anonymity, and you should not turn it on.) The options are: CacheDNS,
+      CacheIPv4DNS, CacheIPv6DNS, UseDNSCache, UseIPv4Cache, and
+      UseIPv6Cache.
+
+    - The *ListenAddress options are now deprecated as unnecessary: the
+      corresponding *Port options should be used instead. These options may
+      someday be removed.  The affected options are: ControlListenAddress,
+      DNSListenAddress, DirListenAddress, NATDListenAddress, ORListenAddress,
+      SocksListenAddress, and TransListenAddress.

More information about the tor-commits mailing list