[tor-commits] [tor/master] Rewrap the changelog for 0281alpha
nickm at torproject.org
nickm at torproject.org
Tue Feb 2 04:29:11 UTC 2016
commit d3e5cd3096ca43f8997e7e1984ad7802f375dea2
Author: Nick Mathewson <nickm at torproject.org>
Date: Mon Feb 1 23:29:06 2016 -0500
Rewrap the changelog for 0281alpha
---
ChangeLog | 435 ++++++++++++++++++++++++++++++--------------------------------
1 file changed, 211 insertions(+), 224 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 4003872..12012aa 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,31 +5,58 @@ Changes in version 0.2.8.1-alpha - 2016-02-0?
- Schedule multiple in-progress consensus downloads during client
bootstrap. Use the first one that starts downloading, close the
rest. This reduces failures when authorities are slow or down.
- Together with the code for feature 15775, it reduces failures due to fallback churn.
- Implements ticket 4483 (reduce failures when authorities are down).
- Patch by "teor".
- Implements IPv4 portions of proposal 210 by "mikeperry" and
- "teor".
+ Together with the code for feature 15775, it reduces failures due
+ to fallback churn. Implements ticket 4483 (reduce failures when
+ authorities are down). Patch by "teor". Implements IPv4 portions
+ of proposal 210 by "mikeperry" and "teor".
o Major features (controller):
- - New "GETINFO hs/service/desc/id/" command to retrieve a hidden service
- descriptor from a service's local hidden service descriptor cache.
- Closes ticket 14846.
+ - New "GETINFO hs/service/desc/id/" command to retrieve a hidden
+ service descriptor from a service's local hidden service
+ descriptor cache. Closes ticket 14846.
o Major features (directory mirrors):
- Include an opt-in trial list of Default Fallback Directories in
- add_default_fallback_dir_servers(). Doing this should improve
+ add_default_fallback_dir_servers(). Doing this should improve
client reliability and initial bootstrap performance, and reduce
- load on the directory authorities.
- Closes ticket 15775. Patch by "teor".
- OnionOO script by "weasel", "teor", "gsathya", and "karsten".
+ load on the directory authorities. Closes ticket 15775. Patch by
+ "teor". OnionOO script by "weasel", "teor", "gsathya",
+ and "karsten".
o Major features (relay):
- - When Tor is started as root on Linux and told to switch user ID, it
- can now retain the capabilitity to bind to low ports. By default,
- Tor will do this only when it's switching user ID and some low
- ports have been configured. You can change this behavior with
- the new option KeepBindCapabilities. Closes ticket 8195.
+ - When Tor is started as root on Linux and told to switch user ID,
+ it can now retain the capabilitity to bind to low ports. By
+ default, Tor will do this only when it's switching user ID and
+ some low ports have been configured. You can change this behavior
+ with the new option KeepBindCapabilities. Closes ticket 8195.
+
+ o Minor features (security):
+ - Adjust Tor's use of OpenSSL's RNG APIs so that they absolutely,
+ positively are not allowed to fail. Previously we depended on
+ internals about OpenSSL behavior. Closes ticket 17686.
+ - Never use the system entropy output directly for anything besides
+ seeding the PRNG. When we want to generate important keys, instead
+ of using system entropy directly, hash it with the PRNG stream.
+ This may help resist certain attacks based on broken OS entropy
+ implementations. Closes part of ticket 17694.
+ - Set unused entires in a smartlist to NULL. This helped catch
+ a (harmless) bug, and shouldn't affect performance too much.
+ Implements ticket 17026.
+ - Use SecureMemoryWipe() function to securely clean memory on
+ Windows. Implements feature 17986.
+ - Use explicit_bzero or memset_s when present. Previously, we'd use
+ OpenSSL's OPENSSL_cleanse() function. Closes ticket 7419; patches
+ from <logan at hackers.mu> and <selven at hackers.mu>.
+
+ o Minor features (security, clock):
+ - Warn when the system clock is set back in time (when the state
+ file was last written in the future). Tor doesn't know that
+ consensuses have expired if the clock is in the past. Patch by
+ "teor". Implements ticket 17188.
+
+ o Minor features (security, cryptography):
+ - Use modern system calls to generate strong entropy on platforms
+ that provide them. Closes ticket 13696.
o Minor feature (crypto):
- Add SHA512 support to crypto.c. Closes ticket 17663; patch from
@@ -38,8 +65,8 @@ Changes in version 0.2.8.1-alpha - 2016-02-0?
o Minor feature (directory downloads):
- Wait for busy authorities and fallbacks to become non-busy when
bootstrapping. (A similar change was made in 6c443e987d for
- directory servers chosen from the consensus.)
- Closes ticket 17864; patch by "teor".
+ directory servers chosen from the consensus.) Closes ticket 17864;
+ patch by "teor".
o Minor feature (fallback directories):
- Add UseDefaultFallbackDirs, which enables any hard-coded fallback
@@ -47,75 +74,71 @@ Changes in version 0.2.8.1-alpha - 2016-02-0?
Implements ticket 17576. Patch by "teor".
o Minor feature (IPv6):
- - Add a flag ipv6=address:orport to the DirAuthority and FallbackDir torrc
- options. Add hard-coded ipv6 addresses for directory authorities with
- ipv6 lines in their descriptors.
- Closes ticket 17327; patch from Nick Mathewson / "teor".
+ - Add a flag ipv6=address:orport to the DirAuthority and FallbackDir
+ torrc options. Add hard-coded ipv6 addresses for directory
+ authorities with ipv6 lines in their descriptors. Closes ticket
+ 17327; patch from Nick Mathewson / "teor".
- Add address policy assume_action support for IPv6 addresses.
- Limit IPv6 mask bits to 128.
- - Warn when comparing against an AF_UNSPEC address in a policy,
- it's almost always a bug.
- Closes ticket 17863; patch by "teor".
+ - Warn when comparing against an AF_UNSPEC address in a policy, it's
+ almost always a bug. Closes ticket 17863; patch by "teor".
o Minor feature (logging):
- When logging to syslog, allow a tag to be added to the syslog
identity ("Tor"), i.e. the string prepended to every log message.
- The tag can be configured by setting SyslogIdentityTag and defaults
- to none. Setting it to "foo" will cause logs to be tagged as
- "Tor-foo". Closes ticket 17194.
+ The tag can be configured by setting SyslogIdentityTag and
+ defaults to none. Setting it to "foo" will cause logs to be tagged
+ as "Tor-foo". Closes ticket 17194.
o Minor feature (refactoring):
- Move logging of redundant policy entries in
- policies_parse_exit_policy_internal into its own function.
- Closes ticket 17608; patch from "juce".
+ policies_parse_exit_policy_internal into its own function. Closes
+ ticket 17608; patch from "juce".
o Minor features (accounting):
- - Added two modes to AccountingRule in torrc for
- limiting just input or just output.
- Closes ticket 15989; patch from "unixninja92".
+ - Added two modes to AccountingRule in torrc for limiting just input
+ or just output. Closes ticket 15989; patch from "unixninja92".
o Minor features (authorities):
- - Update the V3 identity key for dannenberg: it was changed on
- 18 November 2015.
- Closes task 17906. Patch by "teor".
+ - Update the V3 identity key for dannenberg: it was changed on 18
+ November 2015. Closes task 17906. Patch by "teor".
o Minor features (build):
- - Since our build process now uses 'make distcheck', we no longer force
- "make dist" to depend on "make check". Closes ticket 17893;
+ - Since our build process now uses 'make distcheck', we no longer
+ force "make dist" to depend on "make check". Closes ticket 17893;
patch from "cypherpunks."
o Minor features (compilation):
- - Repair some compilation issues with some recent (unreleased, alpha)
- vesions of OpenSSL 1.1. Closes ticket 17549.
+ - Repair some compilation issues with some recent (unreleased,
+ alpha) vesions of OpenSSL 1.1. Closes ticket 17549.
o Minor features (controller):
- - Adds FallbackDir entries to 'GETINFO config/defaults'. Closes tickets
- 16774 and 17817. Patch by George Tankersley.
+ - Adds FallbackDir entries to 'GETINFO config/defaults'. Closes
+ tickets 16774 and 17817. Patch by George Tankersley.
o Minor features (crypto):
- - When allocating a digest state object, allocate no more space than we
- actually need. Previously, we were allocating as much space as the
- state for the largest algorithm would need. This change saves up to
- 672 bytes per circuit. Closes ticket 17796.
+ - When allocating a digest state object, allocate no more space than
+ we actually need. Previously, we were allocating as much space as
+ the state for the largest algorithm would need. This change saves
+ up to 672 bytes per circuit. Closes ticket 17796.
o Minor features (directory system):
- - Previously only relays who explicitly opened a directory port (DirPort)
- accepted directory requests from clients. Now all relays, with and without
- a DirPort, who do not disable the DirCache option accept and serve
- directory requests sent (tunnelled) through their ORPort.
- Closes ticket 12538.
+ - Previously only relays who explicitly opened a directory port
+ (DirPort) accepted directory requests from clients. Now all
+ relays, with and without a DirPort, who do not disable the
+ DirCache option accept and serve directory requests sent
+ (tunnelled) through their ORPort. Closes ticket 12538.
o Minor features (exit policies, controllers):
- Add controller getinfo exit-policy/reject-private/[default,relay]
for the reject rules added by ExitPolicyRejectPrivate. This makes
it easier for stem to display exit policies.
- - Add unit tests for getinfo exit-policy/*.
- Finishes implementation for ticket 17183. Patch by "teor".
+ - Add unit tests for getinfo exit-policy/*. Finishes implementation
+ for ticket 17183. Patch by "teor".
o Minor features (fallback directories):
- - Add a set of default fallback directories for the 0.2.8 alpha releases.
- Closes ticket 17158.
- Patch by "teor".
+ - Add a set of default fallback directories for the 0.2.8 alpha
+ releases. Closes ticket 17158. Patch by "teor".
o Minor features (geoip):
- Update geoip and geoip6 to the January 5 2016 Maxmind GeoLite2
@@ -123,7 +146,7 @@ Changes in version 0.2.8.1-alpha - 2016-02-0?
o Minor features (IPv6 support):
- Allow users to configure directory authorities and fallback
- directory servers with IPv6 addresses and ORPorts. Resolves
+ directory servers with IPv6 addresses and ORPorts. Resolves
ticket 6027.
o Minor features (portability):
@@ -134,93 +157,73 @@ Changes in version 0.2.8.1-alpha - 2016-02-0?
- Add a family argument to get_interface_addresses_raw() and
subfunctions to make network interface address interogation more
efficient. Now Tor can specifically ask for IPv4, IPv6 or both
- types of interfaces from the operating system. Resolves ticket 17950.
- - When get_interface_address6_list(.,AF_UNSPEC,.) is called and fails
- to enumerate interface addresses using the platform-specific API,
- have it rely on the UDP socket fallback technique to try and find
- out what IP addresses (both IPv4 and IPv6) our machine has. Resolves
- ticket 17951.
+ types of interfaces from the operating system. Resolves
+ ticket 17950.
+ - When get_interface_address6_list(.,AF_UNSPEC,.) is called and
+ fails to enumerate interface addresses using the platform-specific
+ API, have it rely on the UDP socket fallback technique to try and
+ find out what IP addresses (both IPv4 and IPv6) our machine has.
+ Resolves ticket 17951.
o Minor features (replaycache):
- - The replay cache now uses SHA256 instead of SHA1.
- Implements feature 8961.
- Patch by "teor", issue reported by "rransom".
-
- o Minor features (security):
- - Adjust Tor's use of OpenSSL's RNG APIs so that they absolutely,
- positively are not allowed to fail. Previously we depended on
- internals about OpenSSL behavior. Closes ticket 17686.
- - Never use the system entropy output directly for anything besides
- seeding the PRNG. When we want to generate important keys, instead
- of using system entropy directly, hash it with the PRNG stream.
- This may help resist certain attacks based on broken OS entropy
- implementations. Closes part of ticket 17694.
- - Set unused entires in a smartlist to NULL. This helped catch a
- (harmless) bug, and shouldn't affect performance too much.
- Implements ticket 17026.
- - Use SecureMemoryWipe() function to securely clean memory on
- Windows. Implements feature 17986.
- - Use explicit_bzero or memset_s when present. Previously, we'd use
- OpenSSL's OPENSSL_cleanse() function.
- Closes ticket 7419; patches from <logan at hackers.mu> and <selven at hackers.mu>.
-
- o Minor features (security, clock):
- - Warn when the system clock is set back in time (when the
- state file was last written in the future). Tor doesn't know
- that consensuses have expired if the clock is in the past.
- Patch by "teor". Implements ticket 17188.
-
- o Minor features (security, cryptography):
- - Use modern system calls to generate strong entropy on platforms that
- provide them. Closes ticket 13696.
+ - The replay cache now uses SHA256 instead of SHA1. Implements
+ feature 8961. Patch by "teor", issue reported by "rransom".
o Minor features (testing):
- - Log more information when the backtrace tests fail.
- Closes ticket 17892. Patch from "cypherpunks."
+ - Log more information when the backtrace tests fail. Closes ticket
+ 17892. Patch from "cypherpunks."
o Minor features (unit tests, random number generation):
- Add unit tests that check for common RNG failure modes, such as
returning all zeroes, identical values, or incrementing values
- (OpenSSL's rand_predictable feature).
- Patch by "teor".
+ (OpenSSL's rand_predictable feature). Patch by "teor".
o Minor features (unix permissions):
- - Defer creation of Unix sockets until after setuid. This avoids needing
- CAP_CHOWN and CAP_FOWNER when using systemd's CapabilityBoundingSet, or
- chown and fowner when using SELinux.
+ - Defer creation of Unix sockets until after setuid. This avoids
+ needing CAP_CHOWN and CAP_FOWNER when using systemd's
+ CapabilityBoundingSet, or chown and fowner when using SELinux.
Implements part of ticket 17562. Patch from Jamie Nguyen.
- If any directory created by Tor is marked as group readable, the
- filesystem group is allowed to be either the default GID or the root
- user. Allowing root to read the DataDirectory prevents the need for
- CAP_READ_SEARCH when using systemd's CapabilityBoundingSet, or
- dac_read_search when using SELinux.
+ filesystem group is allowed to be either the default GID or the
+ root user. Allowing root to read the DataDirectory prevents the
+ need for CAP_READ_SEARCH when using systemd's
+ CapabilityBoundingSet, or dac_read_search when using SELinux.
Implements part of ticket 17562. Patch from Jamie Nguyen.
- Introduce DataDirectoryGroupReadable boolean. If set to 1, the
- DataDirectory will be made readable by the default GID.
- Implements part of ticket 17562. Patch from Jamie Nguyen.
+ DataDirectory will be made readable by the default GID. Implements
+ part of ticket 17562. Patch from Jamie Nguyen.
- o Minor bugfix (crypto):
- - Check the return value of HMAC and assert on failure.
- Fixes bug 17658; bugfix on 0.2.3.6-alpha.
+ o Minor bugfixes (security):
+ - Make memwipe() do nothing when passed a NULL pointer or zero size.
+ Check size argument to memwipe() for underflow. Fixes bug 18089;
+ bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", patch
+ by "teor".
+
+ o Minor bugfixes (security, exit policies):
+ - ExitPolicyRejectPrivate rejects more private addresses by default.
+ Specifically, it rejects the relay's outbound bind addresses (if
+ configured), and the relay's configured port addresses (such as
+ ORPort and DirPort). Fixes bug 17027; bugfix on 0.2.0.11-alpha.
Patch by "teor".
+ o Minor bugfix (crypto):
+ - Check the return value of HMAC and assert on failure. Fixes bug
+ 17658; bugfix on 0.2.3.6-alpha. Patch by "teor".
+
o Minor bugfix (fallback directories):
- Mark fallbacks as "too busy" when they return a 503 response,
- rather than just marking authorities.
- Fixes bug 17572; bugfix on 5c51b3f1f0d4 released in 0.2.4.7-alpha.
- Patch by "teor".
+ rather than just marking authorities. Fixes bug 17572; bugfix on
+ 5c51b3f1f0d4 released in 0.2.4.7-alpha. Patch by "teor".
o Minor bugfix (IPv6 compatibility, unit tests):
- - Make tor_ersatz_socketpair work on IPv6-only systems.
- Fixes bug 17638; bugfix on 0.0.2pre8.
- Patch by "teor".
+ - Make tor_ersatz_socketpair work on IPv6-only systems. Fixes bug
+ 17638; bugfix on 0.0.2pre8. Patch by "teor".
o Minor bugfix (relays, hidden services):
- Refuse connection requests to private OR addresses unless
- ExtendAllowPrivateAddresses is set. Previously, tor would
- connect, then refuse to send any cells to a private address.
- Fixes bugs 17674 and 8976; bugfix on 0.2.3.21-rc.
- Patch by "teor".
+ ExtendAllowPrivateAddresses is set. Previously, tor would connect,
+ then refuse to send any cells to a private address. Fixes bugs
+ 17674 and 8976; bugfix on 0.2.3.21-rc. Patch by "teor".
o Minor bugfix (SipHash-2-4 performance):
- Improve performance when hashing non-multiple of 8 sized buffers,
@@ -229,187 +232,171 @@ Changes in version 0.2.8.1-alpha - 2016-02-0?
o Minor bugfix (testing):
- The test for log_heartbeat was incorrectly failing in timezones
- with non-integer offsets. Instead of comparing the end of the
- time string against a constant, compare it to the output of
- format_local_iso_time when given the correct input.
- Fixes bug 18039; bugfix on 0.2.5.4-alpha.
+ with non-integer offsets. Instead of comparing the end of the time
+ string against a constant, compare it to the output of
+ format_local_iso_time when given the correct input. Fixes bug
+ 18039; bugfix on 0.2.5.4-alpha.
o Minor bugfix (unit tests):
- Make unit tests pass on IPv6-only systems, and systems without
- localhost addresses (like some FreeBSD jails).
- Fixes bug 17632; bugfix on 0.2.7.3-rc.
- Patch by "teor".
+ localhost addresses (like some FreeBSD jails). Fixes bug 17632;
+ bugfix on 0.2.7.3-rc. Patch by "teor".
o Minor bugfixes (accounting):
- - The max bandwidth when using AccountRule sum
- is now correctly logged. Fixes bug 18024; bugfix on 0.2.6.1-alpha.
- Patch from "unixninja92".
+ - The max bandwidth when using AccountRule sum is now correctly
+ logged. Fixes bug 18024; bugfix on 0.2.6.1-alpha. Patch
+ from "unixninja92".
o Minor bugfixes (build):
- - Mark all object files that include micro-revision.i as depending on
- it, so as to make our build more reliable with parallel builds.
+ - Mark all object files that include micro-revision.i as depending
+ on it, so as to make our build more reliable with parallel builds.
Fixes bug 17826; bugfix on 0.2.5.1-alpha.
o Minor bugfixes (client, correctness):
- When closing an entry connection, generate a warning if we should
- have sent an end cell for it but we haven't. Fixes bug 17876;
+ have sent an end cell for it but we haven't. Fixes bug 17876;
bugfix on 0.2.3.2-alpha.
o Minor bugfixes (code correctness):
- Assert that allocated memory held by the reputation code is freed
- according to its internal counters. Fixes bug 17753; bugfix on
- tor-0.1.1.1-alpha.
+ according to its internal counters. Fixes bug 17753; bugfix
+ on tor-0.1.1.1-alpha.
o Minor bugfixes (compilation):
- - Don't try to use the pthrad_condattr_setclock() function unless
- it actually exists. Fixes compilation on NetBSD-6.x. Fixes bug
- 17819; bugfix on 0.2.6.3-alpha.
- - Fix backtrace compilation on FreeBSD. Fixes bug 17827; bugfix on
- tor-0.2.5.2-alpha.
- - Fix compilation of sandbox.c with musl-libc.
- Fixes bug 17347; bugfix on 0.2.5.1-alpha.
- Patch from 'jamestk'.
+ - Don't try to use the pthrad_condattr_setclock() function unless it
+ actually exists. Fixes compilation on NetBSD-6.x. Fixes bug 17819;
+ bugfix on 0.2.6.3-alpha.
+ - Fix backtrace compilation on FreeBSD. Fixes bug 17827; bugfix
+ on tor-0.2.5.2-alpha.
+ - Fix compilation of sandbox.c with musl-libc. Fixes bug 17347;
+ bugfix on 0.2.5.1-alpha. Patch from 'jamestk'.
- Fix search for libevent libraries on OpenBSD (and similar systems
which install libevent 1 and libevent 2 in parallel). Fixes bug
- 16651; bugfix on 0.1.0.7-rc.
- Patch from "rubiate".
+ 16651; bugfix on 0.1.0.7-rc. Patch from "rubiate".
- Isolate environment variables meant for tests from the rest of the
build system. Fixes bug 17818; bugfix on tor-0.2.7.3-rc.
- Replace usage of 'INLINE' with 'inline'. Fixes bug 17804; bugfix
on tor-0.0.2pre8.
o Minor bugfixes (IPv6):
- - Update the limits in max_dl_per_request for IPv6 address
- length. Fixes bug 17573; bugfix on 0.2.1.5-alpha.
+ - Update the limits in max_dl_per_request for IPv6 address length.
+ Fixes bug 17573; bugfix on 0.2.1.5-alpha.
o Minor bugfixes (linux seccomp2 sandbox):
- - Fix a crash when using offline master ed25519 keys with the
- Linux seccomp2 sandbox enabled. Fixes bug 17675; bugfix on
- 0.2.7.3-alpha.
+ - Fix a crash when using offline master ed25519 keys with the Linux
+ seccomp2 sandbox enabled. Fixes bug 17675; bugfix on 0.2.7.3-alpha.
o Minor bugfixes (logging):
- - In log messages that include a function name, use __FUNCTION__ instead
- of __PRETTY_FUNCTION__. In GCC, these are synonymous, but with clang
- __PRETTY_FUNCTION__ has extra information we don't need.
- Fixes bug 16563; bugfix on 0.0.2pre8. Fix by Tom van der Woerdt.
- - Remove needless quotes from a log message about unparseable addresses.
- Fixes bug 17843; bugfix on 0.2.3.3-alpha.
+ - In log messages that include a function name, use __FUNCTION__
+ instead of __PRETTY_FUNCTION__. In GCC, these are synonymous, but
+ with clang __PRETTY_FUNCTION__ has extra information we don't
+ need. Fixes bug 16563; bugfix on 0.0.2pre8. Fix by Tom van
+ der Woerdt.
+ - Remove needless quotes from a log message about unparseable
+ addresses. Fixes bug 17843; bugfix on 0.2.3.3-alpha.
o Minor bugfixes (makefile):
- - Remove config.log only from make distclean, not from
- make clean. Fixes bug 17924; bugfix on 0.2.4.1-alpha.
+ - Remove config.log only from make distclean, not from make clean.
+ Fixes bug 17924; bugfix on 0.2.4.1-alpha.
o Minor bugfixes (portability):
- - Remove an #endif from configure.ac so that we correctly detect
- the presence of in6_addr.s6_addr32. Fixes bug 17923; bugfix on
- 0.2.0.13-alpha.
+ - Remove an #endif from configure.ac so that we correctly detect the
+ presence of in6_addr.s6_addr32. Fixes bug 17923; bugfix
+ on 0.2.0.13-alpha.
o Minor bugfixes (relays):
- Check that both the ORPort and DirPort (if present) are reachable
before publishing a relay descriptor. Otherwise, relays publish a
descriptor with DirPort 0 when the DirPort reachability test takes
- longer than the ORPort reachability test.
- Fixes bug 18050; bugfix on 0.1.0.1-rc.
- Reported by "starlight", patch by "teor".
+ longer than the ORPort reachability test. Fixes bug 18050; bugfix
+ on 0.1.0.1-rc. Reported by "starlight", patch by "teor".
o Minor bugfixes (routersets, IPv6):
- - routerset_parse now accepts IPv6 literal addresses.
- Fixes bug 17060; bugfix on 0.2.1.3-alpha. Patch by "teor".
+ - routerset_parse now accepts IPv6 literal addresses. Fixes bug
+ 17060; bugfix on 0.2.1.3-alpha. Patch by "teor".
o Minor bugfixes (safe logging):
- - When logging a malformed hostname received through socks4, scrub it
- if SafeLogging says we should. Fixes bug 17419; bugfix on 0.1.1.16-rc.
-
- o Minor bugfixes (security):
- - Make memwipe() do nothing when passed a NULL pointer
- or zero size. Check size argument to memwipe() for underflow.
- Fixes bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha.
- Reported by "gk", patch by "teor".
-
- o Minor bugfixes (security, exit policies):
- - ExitPolicyRejectPrivate rejects more private addresses by default.
- Specifically, it rejects
- the relay's outbound bind addresses (if configured), and
- the relay's configured port addresses (such as ORPort and DirPort).
- Fixes bug 17027; bugfix on 0.2.0.11-alpha. Patch by "teor".
+ - When logging a malformed hostname received through socks4, scrub
+ it if SafeLogging says we should. Fixes bug 17419; bugfix
+ on 0.1.1.16-rc.
o Minor bugfixes (statistics code):
- Consistently check for overflow in round_*_to_next_multiple_of
functions, and add unit tests with additional and maximal values.
Fixes part of bug 13192; bugfix on 0.2.2.1-alpha.
- - Handle edge cases in the laplace functions: avoid division by zero,
- avoid taking the log of zero, and silence clang type conversion
- warnings using round and trunc. Add unit tests for edge cases with
- maximal values. Fixes part of bug 13192; bugfix on 0.2.6.2-alpha.
+ - Handle edge cases in the laplace functions: avoid division by
+ zero, avoid taking the log of zero, and silence clang type
+ conversion warnings using round and trunc. Add unit tests for edge
+ cases with maximal values. Fixes part of bug 13192; bugfix
+ on 0.2.6.2-alpha.
o Minor bugfixes (tests):
- - Fix a memory leak in the ntor test. Fixes bug 17778; bugfix on
- 0.2.4.8-alpha.
+ - Fix a memory leak in the ntor test. Fixes bug 17778; bugfix
+ on 0.2.4.8-alpha.
o Minor bugfixes (TLS context):
- Assert when the TLS contexts fail to initialize. Fixes bug 17683;
bugfix on 0.0.6.
o Minor bugfixes (unit tests):
- - Check the full results of SHA256 and SHA512 digests in the
- unit tests. Bugfix on 0.2.2.4-alpha. Patch by "teor".
+ - Check the full results of SHA256 and SHA512 digests in the unit
+ tests. Bugfix on 0.2.2.4-alpha. Patch by "teor".
o Code simplification and refactoring:
- Extract the more complicated parts of circuit_mark_for_close into
- a new function run periodically before connections are freed.
- This change removes more than half of the functions currently
- in the "blob".
- Closes ticket 17218.
- - Clean up a little duplicated code in crypto_expand_key_material_TAP.
- Closes ticket 17587; patch from "pfrankw".
+ a new function run periodically before connections are freed. This
+ change removes more than half of the functions currently in the
+ "blob". Closes ticket 17218.
+ - Clean up a little duplicated code in
+ crypto_expand_key_material_TAP. Closes ticket 17587; patch
+ from "pfrankw".
- Decouple the list of streams needing to be attached to circuits
from the overall connection list. This change makes it possible to
attach streams quickly while both simplifying Tor's callgraph and
- avoiding O(N) scans of the entire connection list. Closes ticket
- 17590.
+ avoiding O(N) scans of the entire connection list. Closes
+ ticket 17590.
- When a direct directory request fails immediately on launch,
instead of relaunching that request from inside the code that
- launches it, instead mark the connection for teardown. This
- change simplifies Tor's callback and prevents the directory-
- request launching code from invoking itself recursively.
- Closes ticket 17589.
+ launches it, instead mark the connection for teardown. This change
+ simplifies Tor's callback and prevents the directory- request
+ launching code from invoking itself recursively. Closes
+ ticket 17589.
o Documentation:
- - Add a description of the correct use of the '--keygen' command-line
- option. Closes ticket 17583; based on text by 's7r'.
+ - Add a description of the correct use of the '--keygen' command-
+ line option. Closes ticket 17583; based on text by 's7r'.
- Document the minimum HeartbeatPeriod value. Closes ticket 15638.
- Explain actual minima for BandwidthRate. Closes ticket 16382.
- - Fix a minor formatting typo in the manpage. Closes ticket
- 17791.
+ - Fix a minor formatting typo in the manpage. Closes ticket 17791.
- Mention torspec URL in the manpage and point the reader to it
- whenever we mention a document that belongs in torspce.
- Fixes issue 17392.
+ whenever we mention a document that belongs in torspce. Fixes
+ issue 17392.
o Removed features:
- Remove client-side support for connecting to Tor servers running
- versions of Tor before 0.2.3.6-alpha. These servers didn't
- support the v3 TLS handshake protocol, and are no longer allowed
- on the Tor network. Implements the client side of ticket
- 11150. Based on patches by Tom van der Woerdt.
+ versions of Tor before 0.2.3.6-alpha. These servers didn't support
+ the v3 TLS handshake protocol, and are no longer allowed on the
+ Tor network. Implements the client side of ticket 11150. Based on
+ patches by Tom van der Woerdt.
- Remove code for OpenSSL dynamic locks; OpenSSL doesn't use them.
Closes ticket 17926.
o Testing:
- - Always test both ed25519 backends, so that we can be sure that
- our batch-open replacement code works. Part of ticket 16794.
+ - Always test both ed25519 backends, so that we can be sure that our
+ batch-open replacement code works. Part of ticket 16794.
- Cover dns_resolve_impl() in dns.c with unit tests. Implements a
portion of ticket 16831.
- - More unit tests for compat_libevent.c. Closes ticket 17075.
- Patch from Ola Bini.
- - More unit tests for procmon.c. Closes ticket 17078.
- Patch from Ola Bini.
- - More unit tests for tortls.c. Closes ticket 17082.
- Patch from Ola Bini.
- - More unit tests for util_format.c. Closes ticket 17084.
- Patch from Ola Bini.
- - New tests for directory.c functions. Closes ticket 17003. Patch
+ - More unit tests for compat_libevent.c. Closes ticket 17075. Patch
+ from Ola Bini.
+ - More unit tests for procmon.c. Closes ticket 17078. Patch from
+ Ola Bini.
+ - More unit tests for tortls.c. Closes ticket 17082. Patch from
+ Ola Bini.
+ - More unit tests for util_format.c. Closes ticket 17084. Patch from
+ Ola Bini.
+ - New tests for directory.c functions. Closes ticket 17003. Patch
from Ola Bini.
- - New tests for options_validate. Closes ticket 17076. Patch from
+ - New tests for options_validate. Closes ticket 17076. Patch from
Ola Bini.
- Unit tests for directory_handle_command_get. Closes ticket 17004.
Patch from Reinaldo de Souza Jr.
More information about the tor-commits
mailing list