[tor-commits] [tor/master] Reflow the changelog
nickm at torproject.org
nickm at torproject.org
Thu Sep 22 22:22:55 UTC 2016
commit 7f074c3fa7a095805fb683808ddb3b246e4803b4
Author: Nick Mathewson <nickm at torproject.org>
Date: Thu Sep 22 18:22:47 2016 -0400
Reflow the changelog
---
ChangeLog | 263 ++++++++++++++++++++++++++++++--------------------------------
1 file changed, 129 insertions(+), 134 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index b5d5985..f422fd8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,9 +1,9 @@
Changes in version 0.2.9.3-alpha - 2016-09-2?
- Tor 0.2.9.3-alpha adds improved support for entities that
- want to make high-performance services available through the Tor .onion
- mechanism without themselves receiving anonymity as they host those
- services. It also tries harder to ensure that all steps on a circuit are
- using the strongest crypto possible, strengthens some TLS properties, and
+ Tor 0.2.9.3-alpha adds improved support for entities that want to make
+ high-performance services available through the Tor .onion mechanism
+ without themselves receiving anonymity as they host those services. It
+ also tries harder to ensure that all steps on a circuit are using the
+ strongest crypto possible, strengthens some TLS properties, and
resolves several bugs -- including a pair of crash bugs from the 0.2.8
series. Anybody running an earlier version of 0.2.9.x should upgrade.
@@ -12,40 +12,39 @@ Changes in version 0.2.9.3-alpha - 2016-09-2?
o Major features (circuit building, security):
- Authorities, relays and clients specifically check that each
descriptor has an ntor key.
- - Circuit-building code assumes that all hops can use ntor,
- except for rare hidden service protocol cases.
+ - Circuit-building code assumes that all hops can use ntor, except
+ for rare hidden service protocol cases.
- Client code never chooses nodes without ntor keys: they will not
be selected during circuit-building, or as guards, or as directory
mirrors, or as introduction or rendezvous points.
- - Clients avoid downloading a descriptor if the relay version is
- too old to support ntor.
+ - Clients avoid downloading a descriptor if the relay version is too
+ old to support ntor.
- Tor authorities, relays, and clients only use ntor, except for
rare cases in the hidden service protocol.
o Major features (onion services):
- Add experimental HiddenServiceSingleHopMode and
- HiddenServiceNonAnonymousMode options. When both are set to 1, every
- hidden service on a tor instance becomes a non-anonymous Single Onion
- Service. Single Onions make one-hop (direct) connections to their
- introduction and renzedvous points. One-hop circuits make Single Onion
- servers easily locatable, but clients remain location-anonymous.
- This is compatible with the existing hidden service implementation, and
- works on the current tor network without any changes to older relays or
- clients.
- Implements proposal 260, completes ticket 17178. Patch by teor and asn.
+ HiddenServiceNonAnonymousMode options. When both are set to 1,
+ every hidden service on a tor instance becomes a non-anonymous
+ Single Onion Service. Single Onions make one-hop (direct)
+ connections to their introduction and renzedvous points. One-hop
+ circuits make Single Onion servers easily locatable, but clients
+ remain location-anonymous. This is compatible with the existing
+ hidden service implementation, and works on the current tor
+ network without any changes to older relays or clients. Implements
+ proposal 260, completes ticket 17178. Patch by teor and asn.
o Major features (resource management):
- - Tor now includes support for noticing when we are about to run out of
- sockets, and preemptively closing connections of lower priority.
- (This feature is off by default for now, since the current prioritizing
- method is not mature enough yet. You can enable it by setting
- "DisableOOSCheck 0".) Closes ticket 18640.
+ - Tor now includes support for noticing when we are about to run out
+ of sockets, and preemptively closing connections of lower
+ priority. (This feature is off by default for now, since the
+ current prioritizing method is not mature enough yet. You can
+ enable it by setting "DisableOOSCheck 0".) Closes ticket 18640.
o Major bugfixes (circuit building):
- - Hidden service client-to-intro-point and service-to-rendezvous-point
- cicruitss use the TAP key supplied by the protocol, to avoid
- epistemic attacks.
- Fixes bug 19163; bugfix on 0.2.4.18-rc.
+ - Hidden service client-to-intro-point and service-to-rendezvous-
+ point cicruitss use the TAP key supplied by the protocol, to avoid
+ epistemic attacks. Fixes bug 19163; bugfix on 0.2.4.18-rc.
o Major bugfixes (compilation, OpenBSD):
- Fix a Libevent-detection bug in our autoconf script that would
@@ -53,105 +52,88 @@ Changes in version 0.2.9.3-alpha - 2016-09-2?
rubiate. Fixes bug 19902; bugfix on 0.2.9.1-alpha.
o Major bugfixes (hidden services):
- - Clients require hidden services to include the TAP keys
- for their intro points in the hidden service descriptor.
- This prevents an inadvertent upgrade to ntor, which a
- malicious hidden service could use to discover which
- consensus a client has.
- Fixes bug 20012; bugfix on 0.2.4.8-alpha. Patch by teor.
+ - Clients require hidden services to include the TAP keys for their
+ intro points in the hidden service descriptor. This prevents an
+ inadvertent upgrade to ntor, which a malicious hidden service
+ could use to discover which consensus a client has. Fixes bug
+ 20012; bugfix on 0.2.4.8-alpha. Patch by teor.
- o Minor feature (port flags):
- - Add *Port flags NoDNSRequest and NoOnionTraffic, and
- the synthetic flag OnionTrafficOnly, which is equivalent to
- NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic.
- Closes enhancement 18693; patch by "teor".
+ o Minor features (security, TLS):
+ - Servers no longer support clients that do not provide AES
+ ciphersuites. (3DES is no longer considered an acceptable cipher.)
+ We believe that no such clients currently exist, since we have
+ required OpenSSL 0.9.7 or later since 2009. Closes ticket 19998.
- o Minor features (testing, ipv6):
- - Add the single-onion and single-onion-ipv6 chutney targets to
- make test-network-all. This requires a recent chutney version
- with the single onion network flavours (git c72a652 or later).
- Closes ticket 20072; patch by teor.
- - Add the hs-ipv6 chutney target to make test-network-all's IPv6
- tests. Remove bridges+hs, as it's somewhat redundant.
- This requires a recent chutney version that supports IPv6 clients,
- relays, and authorities.
- Closes ticket 20069; patch by teor.
+ o Minor feature (port flags):
+ - Add *Port flags NoDNSRequest and NoOnionTraffic, and the synthetic
+ flag OnionTrafficOnly, which is equivalent to NoDNSRequest,
+ NoIPv4Traffic, and NoIPv6Traffic. Closes enhancement 18693; patch
+ by "teor".
o Minor features (directory authority):
- - After voting, if the authorities decide that a relay is not "Valid",
- they no longer include it in the consensus at all. Closes ticket
- 20002; implements part of proposal 272.
-
- o Minor features (security, TLS):
- - Servers no longer support clients that do not provide AES
- ciphersuites. (3DES is no longer considered an acceptable
- cipher.) We believe that no such clients currently exist,
- since we have required OpenSSL 0.9.7 or later since 2009.
- Closes ticket 19998.
+ - After voting, if the authorities decide that a relay is not
+ "Valid", they no longer include it in the consensus at all. Closes
+ ticket 20002; implements part of proposal 272.
o Minor features (testing):
- - Disable memory protections on OpenBSD when testing memwipe().
- The test deliberately invokes undefined behaviour which the
- protections interfere with. Patch from "rubiate". Closes ticket
- 20066.
+ - Disable memory protections on OpenBSD when testing memwipe(). The
+ test deliberately invokes undefined behaviour which the protections
+ interfere with. Patch from "rubiate". Closes ticket 20066.
+
+ o Minor features (testing, ipv6):
+ - Add the single-onion and single-onion-ipv6 chutney targets to make
+ test-network-all. This requires a recent chutney version with the
+ single onion network flavours (git c72a652 or later). Closes
+ ticket 20072; patch by teor.
+ - Add the hs-ipv6 chutney target to make test-network-all's IPv6
+ tests. Remove bridges+hs, as it's somewhat redundant. This
+ requires a recent chutney version that supports IPv6 clients,
+ relays, and authorities. Closes ticket 20069; patch by teor.
o Minor features (Tor2web):
- - Make Tor2web clients respect ReachableAddresses.
- This feature was inadvertently enabled in 0.2.8.6, then removed
- by bugfix 19973 on 0.2.8.7.
- Implements feature 20034. Patch by teor.
+ - Make Tor2web clients respect ReachableAddresses. This feature was
+ inadvertently enabled in 0.2.8.6, then removed by bugfix 19973 on
+ 0.2.8.7. Implements feature 20034. Patch by teor.
o Minor features (unit tests):
- Our link-handshake unit tests now check, that when invalid
- handshakes fail, they fail with the error messages we
- expected.
- - Our unit testing code that captures log messages no longer prevents
- them from being written out if the user asked for them (by passing
- --debug or --info or or --notice --warn to the "test" binary). This
- change will prevent us from missing unexpected log messages simply
- because we were looking for others. Related to ticket 19999.
+ handshakes fail, they fail with the error messages we expected.
+ - Our unit testing code that captures log messages no longer
+ prevents them from being written out if the user asked for them
+ (by passing --debug or --info or or --notice --warn to the "test"
+ binary). This change will prevent us from missing unexpected log
+ messages simply because we were looking for others. Related to
+ ticket 19999.
- The unit tests now log all warning messages with the "BUG" flag.
Previously, they only logged errors by default. This change will
- help us make our testing code more correct, and make sure that
- we only hit this code when we mean to. This is preparatory work
- for ticket 19999.
+ help us make our testing code more correct, and make sure that we
+ only hit this code when we mean to. This is preparatory work for
+ ticket 19999.
- The unit tests now treat any failure of a "tor_assert_nonfatal()"
assertion as a test failure.
- We've done significant work to make the unit tests run faster.
o Minor bug fixes (circuits):
- - Use CircuitBuildTimeout whenever LearnCircuitBuildTimeout is disabled.
- Fixes bug 19678; bugfix on commit 5b0b51ca3 in 0.2.4.12-alpha. Patch by teor.
-
- o Minor bugfixes (options):
- - Check the consistency of UseEntryGuards and EntryNodes more reliably.
- Fixes bug 20074; bugfix on commit 686aaa5c in tor-0.2.4.12-alpha. Patch by teor.
- - Stop changing the configured value of UseEntryGuards on authorities
- and Tor2web clients.
- Fixes bug 20074; bugfix on commits 51fc6799 in tor-0.1.1.16-rc and
- acda1735 in tor-0.2.4.3-alpha. Patch by teor.
-
- o Minor bugfixes (Tor2web):
- - Prevent Tor2web clients running hidden services, these services are
- not anonymous due to the one-hop client paths.
- Fixes bug 19678. Patch by teor.
+ - Use CircuitBuildTimeout whenever LearnCircuitBuildTimeout is
+ disabled. Fixes bug 19678; bugfix on commit 5b0b51ca3 in
+ 0.2.4.12-alpha. Patch by teor.
o Minor bugfixes (allocation):
- - Change how we allocate memory for large chunks on buffers, to avoid
- a (currently impossible) integer overflow, and to waste less space
- when allocating unusually large chunks. Fixes bug 20081; bugfix on
- 0.2.0.16-alpha. Issue identified by Guido Vranken.
+ - Change how we allocate memory for large chunks on buffers, to
+ avoid a (currently impossible) integer overflow, and to waste less
+ space when allocating unusually large chunks. Fixes bug 20081;
+ bugfix on 0.2.0.16-alpha. Issue identified by Guido Vranken.
- Always include orconfig.h before including any other C headers.
Sometimes, it includes macros that affect the behavior of the
- standard headers. Fixes bug 19767; bugfix on 0.2.9.1-alpha (the first
- version to use AC_USE_SYSTEM_EXTENSIONS).
- - Fix a syntax error in the IF_BUG_ONCE__() macro in non-
- GCC-compatible compilers. Fixes bug 20141; bugfix on
- 0.2.9.1-alpha. Patch from Gisle Vanem.
- - Stop trying to build with Clang 4.0's -Wthread-safety
- warnings. They apparently require a set of annotations that we
- aren't currently using, and they create false positives in our
- pthreads wrappers. Fixes bug 20110; bugfix on 0.2.9.1-alpha.
+ standard headers. Fixes bug 19767; bugfix on 0.2.9.1-alpha (the
+ first version to use AC_USE_SYSTEM_EXTENSIONS).
+ - Fix a syntax error in the IF_BUG_ONCE__() macro in non- GCC-
+ compatible compilers. Fixes bug 20141; bugfix on 0.2.9.1-alpha.
+ Patch from Gisle Vanem.
+ - Stop trying to build with Clang 4.0's -Wthread-safety warnings.
+ They apparently require a set of annotations that we aren't
+ currently using, and they create false positives in our pthreads
+ wrappers. Fixes bug 20110; bugfix on 0.2.9.1-alpha.
o Minor bugfixes (directory authority):
- Die with a useful error when the operator forgets to place the
@@ -159,24 +141,22 @@ Changes in version 0.2.9.3-alpha - 2016-09-2?
uninformative assert & traceback about having an invalid key.
Fixes bug 20065; bugfix on 0.2.0.1-alpha.
- When allowing private addresses, mark Exits that only exit to
- private locations as such. Fixes bug 20064; bugfix on
- 0.2.2.9-alpha.
+ private locations as such. Fixes bug 20064; bugfix
+ on 0.2.2.9-alpha.
o Minor bugfixes (documentation):
- - Document the default PathsNeededToBuildCircuits value that's
- used by clients when the directory authorities don't set
- min_paths_for_circs_pct.
- Fixes bug 20117; bugfix on 02c320916e02 in tor-0.2.4.10-alpha.
- Patch by teor, reported by Jesse V.
+ - Document the default PathsNeededToBuildCircuits value that's used
+ by clients when the directory authorities don't set
+ min_paths_for_circs_pct. Fixes bug 20117; bugfix on 02c320916e02
+ in tor-0.2.4.10-alpha. Patch by teor, reported by Jesse V.
- Fix manual for the User option: it takes a username, not a UID.
Fixes bug 19122; bugfix on 0.0.2pre16 (the first version to have
a manpage!).
o Minor bugfixes (hidden services):
- - Stop logging intro point details to the client log on
- certain error conditions.
- Fixed as part of bug 20012; bugfix on 0.2.4.8-alpha.
- Patch by teor.
+ - Stop logging intro point details to the client log on certain
+ error conditions. Fixed as part of bug 20012; bugfix on
+ 0.2.4.8-alpha. Patch by teor.
o Minor bugfixes (IPv6, testing):
- Check for IPv6 correctly on Linux when running test networks.
@@ -184,36 +164,51 @@ Changes in version 0.2.9.3-alpha - 2016-09-2?
o Minor bugfixes (Linux seccomp2 sandbox):
- Add permission to run the sched_yield() and sigaltstack() system
- calls, in order to support versions of Tor compiled with
- asan or ubsan code that use these calls. Now "sandbox 1" and
- "--enable-expensive-hardening" should be compatible.
- Fixes bug 20063; bugfix on 0.2.5.1-alpha.
+ calls, in order to support versions of Tor compiled with asan or
+ ubsan code that use these calls. Now "sandbox 1" and
+ "--enable-expensive-hardening" should be compatible. Fixes bug
+ 20063; bugfix on 0.2.5.1-alpha.
o Minor bugfixes (logging):
- - When logging a message from the BUG() macro, be explicit about what
- we were asserting. Previously we were confusing what we were asserting
- with what the bug was. Fixes bug 20093; bugfix on 0.2.9.1-alpha.
+ - When logging a message from the BUG() macro, be explicit about
+ what we were asserting. Previously we were confusing what we were
+ asserting with what the bug was. Fixes bug 20093; bugfix
+ on 0.2.9.1-alpha.
- When we are unable to remove the bw_accounting file, do not warn
if the reason we couldn't remove it was that it didn't exist.
- Fixes bug 19964; bugfix on 0.2.5.4-alpha. Patch
- from 'pastly'.
+ Fixes bug 19964; bugfix on 0.2.5.4-alpha. Patch from 'pastly'.
o Minor bugfixes (option parsing):
- Count unix sockets when counting client listeners (SOCKS, Trans,
NATD, and DNS). This has no user-visible behaviour changes: these
- options are set once, and never read.
- Required for correct behaviour in ticket 17178.
- Fixes bug 19677; bugfix on 0.2.6.3-alpha. Patch by teor.
+ options are set once, and never read. Required for correct
+ behaviour in ticket 17178. Fixes bug 19677; bugfix on
+ 0.2.6.3-alpha. Patch by teor.
+
+ o Minor bugfixes (options):
+ - Check the consistency of UseEntryGuards and EntryNodes more
+ reliably. Fixes bug 20074; bugfix on commit 686aaa5c in tor-
+ 0.2.4.12-alpha. Patch by teor.
+ - Stop changing the configured value of UseEntryGuards on
+ authorities and Tor2web clients. Fixes bug 20074; bugfix on
+ commits 51fc6799 in tor-0.1.1.16-rc and acda1735 in tor-0.2.4.3-
+ alpha. Patch by teor.
+
+ o Minor bugfixes (Tor2web):
+ - Prevent Tor2web clients running hidden services, these services
+ are not anonymous due to the one-hop client paths. Fixes bug
+ 19678. Patch by teor.
o Minor bugfixes (unit tests):
- - Fix shared random unit test that was failing on big endian architecture
- due to internal representation of a integer copied to a buffer. The test
- is changed to take a full 32 bytes of data and use the output of a
- python script that make the COMMIT and REVEAL calculation according to
- the spec. Fixes bug 19977; bugfix on tor-0.2.9.1-alpha.
+ - Fix shared random unit test that was failing on big endian
+ architecture due to internal representation of a integer copied to
+ a buffer. The test is changed to take a full 32 bytes of data and
+ use the output of a python script that make the COMMIT and REVEAL
+ calculation according to the spec. Fixes bug 19977; bugfix
+ on tor-0.2.9.1-alpha.
- The tor_tls_server_info_callback unit test no longer crashes when
- debug-level logging is turned on. Fixes bug 20041; bugfix on
- 0.2.8.1-alpha.
+ debug-level logging is turned on. Fixes bug 20041; bugfix
+ on 0.2.8.1-alpha.
Changes in version 0.2.9.2-alpha - 2016-08-24
More information about the tor-commits
mailing list