parent
bbfb6508e7
commit
4ba57f68e4
46
ChangeLog
46
ChangeLog
|
@ -1,8 +1,10 @@
|
|||
Changes in version 0.1.2.7-alpha - 2007-??-??
|
||||
Changes in version 0.1.2.7-alpha - 2007-02-06
|
||||
o Major bugfixes (rate limiting):
|
||||
- Servers decline directory requests much more aggressively when
|
||||
they're low on bandwidth. Otherwise they end up queueing more and
|
||||
more directory responses, which can't be good for latency.
|
||||
- Fix a memory leak when sending a 503 response for a networkstatus
|
||||
request.
|
||||
- But never refuse directory requests from local addresses.
|
||||
- Be willing to read or write on local connections (e.g. controller
|
||||
connections) even when the global rate limiting buckets are empty.
|
||||
|
@ -20,15 +22,13 @@ Changes in version 0.1.2.7-alpha - 2007-??-??
|
|||
existing installed services.
|
||||
|
||||
o Major bugfixes (other):
|
||||
- Fix a crash bug in the presence of DNS hijacking (reported by Andrew
|
||||
Del Vecchio).
|
||||
- Previously, we would cache up to 16 old networkstatus documents
|
||||
indefinitely, if they came from nontrusted authorities. Now we
|
||||
discard them if they are more than 10 days old.
|
||||
- Fix a crash bug in the presence of DNS hijacking (reported by Andrew
|
||||
Del Vecchio).
|
||||
- Detect and reject malformed DNS responses containing circular
|
||||
pointer loops.
|
||||
- Fix a memory leak when sending a 503 response for a networkstatus
|
||||
request.
|
||||
- If exits are rare enough that we're not marking exits as guards,
|
||||
ignore exit bandwidth when we're deciding the required bandwidth
|
||||
to become a guard.
|
||||
|
@ -39,19 +39,9 @@ Changes in version 0.1.2.7-alpha - 2007-??-??
|
|||
slowdowns in tunneled dir connections; a better solution will have
|
||||
to wait for 0.2.0.)
|
||||
|
||||
o Minor bugfixes:
|
||||
- When computing clock skew from directory HTTP headers, consider what
|
||||
time it was when we finished asking for the directory, not what
|
||||
time it is now.
|
||||
o Minor bugfixes (dns):
|
||||
- Add some defensive programming to eventdns.c in an attempt to catch
|
||||
possible memory-stomping bugs.
|
||||
- Fix crash with "tor --list-fingerprint" (reported by seeess).
|
||||
- Expire socks connections if they spend too long waiting for the
|
||||
handshake to finish. Previously we would let them sit around for
|
||||
days, if the connecting application didn't close them either.
|
||||
- And if the socks handshake hasn't started, don't send a
|
||||
"DNS resolve socks failed" handshake reply; just close it.
|
||||
- Stop using C functions that OpenBSD's linker doesn't like.
|
||||
- Detect and reject DNS replies containing IPv4 or IPv6 records with
|
||||
an incorrect number of bytes. (Previously, we would ignore the
|
||||
extra bytes.)
|
||||
|
@ -59,18 +49,30 @@ Changes in version 0.1.2.7-alpha - 2007-??-??
|
|||
in the correct order, and doesn't crash.
|
||||
- Free memory held in recently-completed DNS lookup attempts on exit.
|
||||
This was not a memory leak, but may have been hiding memory leaks.
|
||||
- Handle TTL values correctly on reverse DNS lookups.
|
||||
- Treat failure to parse resolv.conf as an error.
|
||||
|
||||
o Minor bugfixes (other):
|
||||
- Fix crash with "tor --list-fingerprint" (reported by seeess).
|
||||
- When computing clock skew from directory HTTP headers, consider what
|
||||
time it was when we finished asking for the directory, not what
|
||||
time it is now.
|
||||
- Expire socks connections if they spend too long waiting for the
|
||||
handshake to finish. Previously we would let them sit around for
|
||||
days, if the connecting application didn't close them either.
|
||||
- And if the socks handshake hasn't started, don't send a
|
||||
"DNS resolve socks failed" handshake reply; just close it.
|
||||
- Stop using C functions that OpenBSD's linker doesn't like.
|
||||
- Don't launch requests for descriptors unless we have networkstatuses
|
||||
from at least half of the authorities. This delays the first
|
||||
download slightly under pathological circumstances, but can prevent
|
||||
us from downloading a bunch of descriptors we don't need.
|
||||
- Do not log IPs with TLS failures for incoming TLS
|
||||
connections. (Fixes bug 382.)
|
||||
- If the user asks to use invalid exit nodes, be willing to use the
|
||||
- If the user asks to use invalid exit nodes, be willing to use
|
||||
unstable ones.
|
||||
- Handle TTL values correctly on reverse DNS lookups.
|
||||
- Stop using the reserved ac_cv namespace in our configure script.
|
||||
- Call stat() slightly less often; use fstat() when possible.
|
||||
- Treat failure to parse resolv.conf as an error.
|
||||
- Refactor the way we handle pending circuits when an OR connection
|
||||
completes or fails, in an attempt to fix a rare crash bug.
|
||||
|
||||
|
@ -105,8 +107,10 @@ Changes in version 0.1.2.7-alpha - 2007-??-??
|
|||
- Add a SOCKS_BAD_HOSTNAME client status event so controllers
|
||||
can learn when clients are sending malformed hostnames to Tor.
|
||||
- Clean up documentation for controller status events.
|
||||
- Add a REMAP status to stream events to note that a stream's address has
|
||||
changed because of a cached address or a MapAddress directive.
|
||||
- Add a REMAP status to stream events to note that a stream's
|
||||
address has changed because of a cached address or a MapAddress
|
||||
directive.
|
||||
|
||||
|
||||
Changes in version 0.1.2.6-alpha - 2007-01-09
|
||||
o Major bugfixes:
|
||||
|
|
|
@ -550,7 +550,7 @@ crypto_pk_read_public_key_from_string(crypto_pk_env_t *env, const char *src,
|
|||
return 0;
|
||||
}
|
||||
|
||||
/** Write the private key from 'env' into the file named by 'fname',
|
||||
/** Write the private key from <b>env</b> into the file named by <b>fname</b>,
|
||||
* PEM-encoded. Return 0 on success, -1 on failure.
|
||||
*/
|
||||
int
|
||||
|
|
|
@ -218,7 +218,7 @@ circuit_get_all_pending_on_or_conn(smartlist_t *out, or_connection_t *or_conn)
|
|||
}
|
||||
|
||||
/** Return the number of circuits in state OR_WAIT, waiting for the given
|
||||
* connection. */
|
||||
* connection. */
|
||||
int
|
||||
circuit_count_pending_on_or_conn(or_connection_t *or_conn)
|
||||
{
|
||||
|
@ -676,7 +676,7 @@ circuit_get_by_rend_query_and_purpose(const char *rend_query, uint8_t purpose)
|
|||
}
|
||||
|
||||
/** Return the first circuit originating here in global_circuitlist after
|
||||
* <b>start</b> whose purpose is <b>purpose</b> is purpose, and where
|
||||
* <b>start</b> whose purpose is <b>purpose</b>, and where
|
||||
* <b>digest</b> (if set) matches the rend_pk_digest field. Return NULL if no
|
||||
* circuit is found. If <b>start</b> is NULL, begin at the start of the list.
|
||||
*/
|
||||
|
@ -707,7 +707,7 @@ circuit_get_next_by_pk_and_purpose(origin_circuit_t *start,
|
|||
|
||||
/** Return the first OR circuit in the global list whose purpose is
|
||||
* <b>purpose</b>, and whose rend_token is the <b>len</b>-byte
|
||||
* <b>token</b>. */
|
||||
* <b>token</b>. */
|
||||
static or_circuit_t *
|
||||
circuit_get_by_rend_token_and_purpose(uint8_t purpose, const char *token,
|
||||
size_t len)
|
||||
|
|
|
@ -712,8 +712,8 @@ addressmap_rewrite(char *address, size_t maxlen)
|
|||
}
|
||||
|
||||
/** If we have a cached reverse DNS entry for the address stored in the
|
||||
* <b>maxlen</b>-byte buffer <b>address</b> (typically, a dotted quad) with
|
||||
* the cached value and return 1. Otherwise return 0. */
|
||||
* <b>maxlen</b>-byte buffer <b>address</b> (typically, a dotted quad) then
|
||||
* rewrite to the cached value and return 1. Otherwise return 0. */
|
||||
static int
|
||||
addressmap_rewrite_reverse(char *address, size_t maxlen)
|
||||
{
|
||||
|
@ -2021,8 +2021,8 @@ connection_ap_handshake_socks_resolved(edge_connection_t *conn,
|
|||
*
|
||||
* If <b>reply</b> is defined, then write <b>replylen</b> bytes of it to conn
|
||||
* and return, else reply based on <b>endreason</b> (one of
|
||||
* END_STREAM_REASON_*). If <b>reply</b> is undefined, <b>endreason</b> can't 0
|
||||
* or REASON_DONE. Send endreason to the controller, if appropriate.
|
||||
* END_STREAM_REASON_*). If <b>reply</b> is undefined, <b>endreason</b> can't
|
||||
* be 0 or REASON_DONE. Send endreason to the controller, if appropriate.
|
||||
*/
|
||||
void
|
||||
connection_ap_handshake_socks_reply(edge_connection_t *conn, char *reply,
|
||||
|
|
|
@ -635,10 +635,10 @@ send_control0_event(uint16_t event, uint32_t len, const char *body)
|
|||
*
|
||||
* If <b>which</b> & SHORT_NAMES, the event contains short-format names: send
|
||||
* it to controllers that haven't enabled the VERBOSE_NAMES feature. If
|
||||
* <b>which</b> & LONG_NAMES, the event contains long-format names: sent it
|
||||
* <b>which</b> & LONG_NAMES, the event contains long-format names: send it
|
||||
* to contollers that <em>have</em> enabled VERBOSE_NAMES.
|
||||
*
|
||||
* The EXTENDED_FORMAT and NONEXTENDED_FORMAT flags behaves similarly with
|
||||
* The EXTENDED_FORMAT and NONEXTENDED_FORMAT flags behave similarly with
|
||||
* respect to the EXTENDED_EVENTS feature. */
|
||||
static void
|
||||
send_control1_event_string(uint16_t event, event_format_t which,
|
||||
|
@ -3136,7 +3136,7 @@ write_stream_target_to_buf(edge_connection_t *conn, char *buf, size_t len)
|
|||
}
|
||||
|
||||
/** Convert the reason for ending a stream <b>reason</b> into the format used
|
||||
* in STREAM events. Return NULL if the reason is unrecognized.*/
|
||||
* in STREAM events. Return NULL if the reason is unrecognized. */
|
||||
static const char *
|
||||
stream_end_reason_to_string(int reason)
|
||||
{
|
||||
|
@ -3663,9 +3663,9 @@ control_event_my_descriptor_changed(void)
|
|||
return 0;
|
||||
}
|
||||
|
||||
/** Helper: sents a status event where <b>type</b> is one of
|
||||
/** Helper: sends a status event where <b>type</b> is one of
|
||||
* EVENT_STATUS_{GENERAL,CLIENT,SERVER}, where <b>severity</b> is one of
|
||||
* LOG_{NOTICE,WARN,ERR}, and where <b>format</b> is a print-style format
|
||||
* LOG_{NOTICE,WARN,ERR}, and where <b>format</b> is a printf-style format
|
||||
* string corresponding to <b>args</b>. */
|
||||
static int
|
||||
control_event_status(int type, int severity, const char *format, va_list args)
|
||||
|
@ -3712,7 +3712,7 @@ control_event_status(int type, int severity, const char *format, va_list args)
|
|||
}
|
||||
|
||||
/** Format and send an EVENT_STATUS_GENERAL event whose main text is obtained
|
||||
* by formatting the arguments using the printf-style <b>format</b> */
|
||||
* by formatting the arguments using the printf-style <b>format</b>. */
|
||||
int
|
||||
control_event_general_status(int severity, const char *format, ...)
|
||||
{
|
||||
|
@ -3728,7 +3728,7 @@ control_event_general_status(int severity, const char *format, ...)
|
|||
}
|
||||
|
||||
/** Format and send an EVENT_STATUS_CLIENT event whose main text is obtained
|
||||
* by formatting the arguments using the printf-style <b>format</b> */
|
||||
* by formatting the arguments using the printf-style <b>format</b>. */
|
||||
int
|
||||
control_event_client_status(int severity, const char *format, ...)
|
||||
{
|
||||
|
@ -3744,7 +3744,7 @@ control_event_client_status(int severity, const char *format, ...)
|
|||
}
|
||||
|
||||
/** Format and send an EVENT_STATUS_SERVER event whose main text is obtained
|
||||
* by formatting the arguments using the printf-style <b>format</b> */
|
||||
* by formatting the arguments using the printf-style <b>format</b>. */
|
||||
int
|
||||
control_event_server_status(int severity, const char *format, ...)
|
||||
{
|
||||
|
@ -3761,7 +3761,7 @@ control_event_server_status(int severity, const char *format, ...)
|
|||
|
||||
/** Called when the status of an entry guard with the given <b>nickname</b>
|
||||
* and identity <b>digest</b> has changed to <b>status</b>: tells any
|
||||
* controllers that care. */
|
||||
* controllers that care. */
|
||||
int
|
||||
control_event_guard(const char *nickname, const char *digest,
|
||||
const char *status)
|
||||
|
|
|
@ -606,11 +606,11 @@ typedef enum {
|
|||
/** How long to test reachability before complaining to the user. */
|
||||
#define TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT (20*60)
|
||||
|
||||
/** legal characters in a nickname */
|
||||
/** Legal characters in a nickname. */
|
||||
#define LEGAL_NICKNAME_CHARACTERS \
|
||||
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
|
||||
|
||||
/** Name to use in client TLS certificates if no nickname is given.*/
|
||||
/** Name to use in client TLS certificates if no nickname is given. */
|
||||
#define DEFAULT_CLIENT_NICKNAME "client"
|
||||
|
||||
/** DOCDOC */
|
||||
|
|
|
@ -981,7 +981,10 @@ smartlist_choose_by_bandwidth(smartlist_t *sl, int for_exit, int statuses)
|
|||
this_bw = (uint32_t)(partial/i);
|
||||
/*XXXX012 The above calculation is an awful hack, and makes our
|
||||
* algorithm hard to describe sanely. Could we do better with a second
|
||||
* pass through the list? -NM */
|
||||
* pass through the list? -NM
|
||||
* Sure, fine by me. I fear this thing becoming too intensive,
|
||||
* but nobody has mentioned it in profiling yet. -RD
|
||||
*/
|
||||
}
|
||||
} else {
|
||||
router = smartlist_get(sl, i);
|
||||
|
|
Loading…
Reference in New Issue