Roger Dingledine
parent
31b81650b7
commit
0987cf4bec
182
ChangeLog
182
ChangeLog
|
|
@ -1,124 +1,28 @@
|
|||
Release notes in progress for 0.0.8:
|
||||
rc2:
|
||||
o Make it compile on cygwin again.
|
||||
o When picking unverified routers, skip those with low uptime and/or
|
||||
low bandwidth, depending on what properties you care about.
|
||||
|
||||
rc1:
|
||||
o Changes from 0.0.7.3:
|
||||
- Bugfixes:
|
||||
- Fix assert triggers: if the other side returns an address 0.0.0.0,
|
||||
don't put it into the client dns cache.
|
||||
- If a begin failed due to exit policy, but we believe the IP
|
||||
address should have been allowed, switch that router to exitpolicy
|
||||
reject *:* until we get our next directory.
|
||||
- Features:
|
||||
- Clients choose nodes proportional to advertised bandwidth.
|
||||
- Avoid using nodes with low uptime as introduction points.
|
||||
- Handle servers with dynamic IP addresses: don't replace
|
||||
options->Address with the resolved one at startup, and
|
||||
detect our address right before we make a routerinfo each time.
|
||||
- 'FascistFirewall' option to pick dirservers and ORs on specific
|
||||
ports; plus 'FirewallPorts' config option to tell FascistFirewall
|
||||
which ports are open. (Defaults to 80,443)
|
||||
- Be more aggressive about trying to make circuits when the network
|
||||
has changed (e.g. when you unsuspend your laptop).
|
||||
- Check for time skew on http headers; report date in response to
|
||||
"GET /".
|
||||
- If the entrynode config line has only one node, don't pick it as
|
||||
an exitnode.
|
||||
- Add strict{entry|exit}nodes config options. If set to 1, then
|
||||
we refuse to build circuits that don't include the specified entry
|
||||
or exit nodes.
|
||||
- OutboundBindAddress config option, to bind to a specific
|
||||
IP address for outgoing connect()s.
|
||||
- End truncated log entries (e.g. directories) with "[truncated]".
|
||||
|
||||
o Patches to 0.0.8preX:
|
||||
- Bugfixes:
|
||||
- Patches to compile and run on win32 again (maybe)?
|
||||
- Fix crash when looking for ~/.torrc with no $HOME set.
|
||||
- Fix a race bug in the unit tests.
|
||||
- Handle verified/unverified name collisions better when new
|
||||
routerinfo's arrive in a directory.
|
||||
- Sometimes routers were getting entered into the stats before
|
||||
we'd assigned their identity_digest. Oops.
|
||||
- Only pick and establish intro points after we've gotten a
|
||||
directory.
|
||||
- Features:
|
||||
- AllowUnverifiedNodes config option to let circuits choose no-name
|
||||
routers in entry,middle,exit,introduction,rendezvous positions.
|
||||
Allow middle and rendezvous positions by default.
|
||||
- Add a man page for tor-resolve.
|
||||
|
||||
pre3:
|
||||
o Changes from 0.0.7.2:
|
||||
- Allow multiple ORs with same nickname in routerlist -- now when
|
||||
people give us one identity key for a nickname, then later
|
||||
another, we don't constantly complain until the first expires.
|
||||
- Remember used bandwidth (both in and out), and publish 15-minute
|
||||
snapshots for the past day into our descriptor.
|
||||
- You can now fetch $DIRURL/running-routers to get just the
|
||||
running-routers line, not the whole descriptor list. (But
|
||||
clients don't use this yet.)
|
||||
- When people mistakenly use Tor as an http proxy, point them
|
||||
at the tor-doc.html rather than the INSTALL.
|
||||
- Remove our mostly unused -- and broken -- hex_encode()
|
||||
function. Use base16_encode() instead. (Thanks to Timo Lindfors
|
||||
for pointing out this bug.)
|
||||
- Rotate onion keys every 12 hours, not every 2 hours, so we have
|
||||
fewer problems with people using the wrong key.
|
||||
- Change the default exit policy to reject the default edonkey,
|
||||
kazaa, gnutella ports.
|
||||
- Add replace_file() to util.[ch] to handle win32's rename().
|
||||
|
||||
o Changes from 0.0.8preX:
|
||||
- Fix two bugs in saving onion keys to disk when rotating, so
|
||||
hopefully we'll get fewer people using old onion keys.
|
||||
- Fix an assert error that was making SocksPolicy not work.
|
||||
- Be willing to expire routers that have an open dirport -- it's
|
||||
just the authoritative dirservers we want to not forget.
|
||||
- Reject tor-resolve requests for .onion addresses early, so we
|
||||
don't build a whole rendezvous circuit and then fail.
|
||||
- When you're warning a server that he's unverified, don't cry
|
||||
wolf unpredictably.
|
||||
- Fix a race condition: don't try to extend onto a connection
|
||||
that's still handshaking.
|
||||
- For servers in clique mode, require the conn to be open before
|
||||
you'll choose it for your path.
|
||||
- Fix some cosmetic bugs about duplicate mark-for-close, lack of
|
||||
end relay cell, etc.
|
||||
- Measure bandwidth capacity over the last 24 hours, not just 12
|
||||
- Bugfix: authoritative dirservers were making and signing a new
|
||||
directory for each client, rather than reusing the cached one.
|
||||
|
||||
pre2:
|
||||
o Changes from 0.0.7.2:
|
||||
- Security fixes:
|
||||
- Check directory signature _before_ you decide whether you're
|
||||
you're running an obsolete version and should exit.
|
||||
- Check directory signature _before_ you parse the running-routers
|
||||
list to decide who's running or verified.
|
||||
- Bugfixes and features:
|
||||
- Check return value of fclose while writing to disk, so we don't
|
||||
end up with broken files when servers run out of disk space.
|
||||
- Log a warning if the user uses an unsafe socks variant, so people
|
||||
are more likely to learn about privoxy or socat.
|
||||
- Dirservers now include RFC1123-style dates in the HTTP headers,
|
||||
which one day we will use to better detect clock skew.
|
||||
|
||||
o Changes from 0.0.8pre1:
|
||||
- Make it compile without warnings again on win32.
|
||||
- Log a warning if you're running an unverified server, to let you
|
||||
know you might want to get it verified.
|
||||
- Only pick a default nickname if you plan to be a server.
|
||||
|
||||
pre1:
|
||||
Changes in version 0.0.8 - 2004-08-25
|
||||
o Bugfixes:
|
||||
- Made our unit tests compile again on OpenBSD 3.5, and tor
|
||||
itself compile again on OpenBSD on a sparc64.
|
||||
- We were neglecting milliseconds when logging on win32, so
|
||||
everything appeared to happen at the beginning of each second.
|
||||
- Check directory signature _before_ you decide whether you're
|
||||
you're running an obsolete version and should exit.
|
||||
- Check directory signature _before_ you parse the running-routers
|
||||
list to decide who's running.
|
||||
- Check return value of fclose while writing to disk, so we don't
|
||||
end up with broken files when servers run out of disk space.
|
||||
- Port it to SunOS 5.9 / Athena
|
||||
- Fix two bugs in saving onion keys to disk when rotating, so
|
||||
hopefully we'll get fewer people using old onion keys.
|
||||
- Remove our mostly unused -- and broken -- hex_encode()
|
||||
function. Use base16_encode() instead. (Thanks to Timo Lindfors
|
||||
for pointing out this bug.)
|
||||
- Only pick and establish intro points after we've gotten a
|
||||
directory.
|
||||
- Fix assert triggers: if the other side returns an address 0.0.0.0,
|
||||
don't put it into the client dns cache.
|
||||
- If a begin failed due to exit policy, but we believe the IP
|
||||
address should have been allowed, switch that router to exitpolicy
|
||||
reject *:* until we get our next directory.
|
||||
|
||||
o Protocol changes:
|
||||
- 'Extend' relay cell payloads now include the digest of the
|
||||
|
|
@ -135,9 +39,11 @@ pre1:
|
|||
list; unverified routers are listed as "$<fingerprint>".
|
||||
- We now use hash-of-identity-key in most places rather than
|
||||
nickname or addr:port, for improved security/flexibility.
|
||||
- To avoid Sybil attacks, paths still use only verified servers.
|
||||
But now we have a chance to play around with hybrid approaches.
|
||||
- Nodes track bandwidth usage to estimate capacity (not used yet).
|
||||
- AllowUnverifiedNodes config option to let circuits choose no-name
|
||||
routers in entry,middle,exit,introduction,rendezvous positions.
|
||||
Allow middle and rendezvous positions by default.
|
||||
- When picking unverified routers, skip those with low uptime and/or
|
||||
low bandwidth, depending on what properties you care about.
|
||||
- ClientOnly option for nodes that never want to become servers.
|
||||
- Directory caching.
|
||||
- "AuthoritativeDir 1" option for the official dirservers.
|
||||
|
|
@ -153,6 +59,19 @@ pre1:
|
|||
by hash-of-key).
|
||||
- Allow dirservers to serve running-router list separately.
|
||||
This isn't used yet.
|
||||
- You can now fetch $DIRURL/running-routers to get just the
|
||||
running-routers line, not the whole descriptor list. (But
|
||||
clients don't use this yet.)
|
||||
- Clients choose nodes proportional to advertised bandwidth.
|
||||
- Clients avoid using nodes with low uptime as introduction points.
|
||||
- Handle servers with dynamic IP addresses: don't just replace
|
||||
options->Address with the resolved one at startup, and
|
||||
detect our address right before we make a routerinfo each time.
|
||||
- 'FascistFirewall' option to pick dirservers and ORs on specific
|
||||
ports; plus 'FirewallPorts' config option to tell FascistFirewall
|
||||
which ports are open. (Defaults to 80,443)
|
||||
- Try other dirservers immediately if the one you try is down. This
|
||||
should tolerate down dirservers better now.
|
||||
- ORs connect-on-demand to other ORs
|
||||
- If you get an extend cell to an OR you're not connected to,
|
||||
connect, handshake, and forward the create cell.
|
||||
|
|
@ -173,8 +92,6 @@ pre1:
|
|||
- Refuse to build a circuit before the directory has arrived --
|
||||
it won't work anyway, since you won't know the right onion keys
|
||||
to use.
|
||||
- Try other dirservers immediately if the one you try is down. This
|
||||
should tolerate down dirservers better now.
|
||||
- Parse tor version numbers so we can do an is-newer-than check
|
||||
rather than an is-in-the-list check.
|
||||
- New socks command 'resolve', to let us shim gethostbyname()
|
||||
|
|
@ -183,11 +100,32 @@ pre1:
|
|||
- A new socks-extensions.txt doc file to describe our
|
||||
interpretation and extensions to the socks protocols.
|
||||
- Add a ContactInfo option, which gets published in descriptor.
|
||||
- Publish OR uptime in descriptor (and thus in directory) too.
|
||||
- Write tor version at the top of each log file
|
||||
- New docs in the tarball:
|
||||
- tor-doc.html.
|
||||
- Document that you should proxy your SSL traffic too.
|
||||
- Log a warning if the user uses an unsafe socks variant, so people
|
||||
are more likely to learn about privoxy or socat.
|
||||
- Log a warning if you're running an unverified server, to let you
|
||||
know you might want to get it verified.
|
||||
- Change the default exit policy to reject the default edonkey,
|
||||
kazaa, gnutella ports.
|
||||
- Add replace_file() to util.[ch] to handle win32's rename().
|
||||
- Publish OR uptime in descriptor (and thus in directory) too.
|
||||
- Remember used bandwidth (both in and out), and publish 15-minute
|
||||
snapshots for the past day into our descriptor.
|
||||
- Be more aggressive about trying to make circuits when the network
|
||||
has changed (e.g. when you unsuspend your laptop).
|
||||
- Check for time skew on http headers; report date in response to
|
||||
"GET /".
|
||||
- If the entrynode config line has only one node, don't pick it as
|
||||
an exitnode.
|
||||
- Add strict{entry|exit}nodes config options. If set to 1, then
|
||||
we refuse to build circuits that don't include the specified entry
|
||||
or exit nodes.
|
||||
- OutboundBindAddress config option, to bind to a specific
|
||||
IP address for outgoing connect()s.
|
||||
- End truncated log entries (e.g. directories) with "[truncated]".
|
||||
|
||||
|
||||
Changes in version 0.0.7.3 - 2004-08-12
|
||||
|
|
|
|||
Loading…
Reference in New Issue