Roger Dingledine
parent
8c11212317
commit
64b5fd3194
79
ChangeLog
79
ChangeLog
|
|
@ -9,80 +9,77 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
|
|||
lookups; see doc/socks-extensions.txt for full information.
|
||||
- Add a BEGIN_DIR relay cell type for an easier in-protocol way to
|
||||
connect to directory servers through Tor. Previously, clients
|
||||
could only connect to directory servers over Tor from exit nodes,
|
||||
but couldn't get directory information anonymously from a non-exit
|
||||
cache without getting a separate exit node involved.
|
||||
could only connect to directory servers over Tor from exit nodes.
|
||||
|
||||
o Minor features:
|
||||
- Check for name servers (like Earthlink's) that hijack failing DNS
|
||||
requests and replace the no-such-server answer with a "helpful"
|
||||
redirect to an advertising-driven search portal. We're a little
|
||||
redirect to an advertising-driven search portal. We're a little
|
||||
clever about this, in order to work around DNS hijackers who
|
||||
"helpfully" decline to hijack known-invalid RFC2606 addresses.
|
||||
Config option "ServerDNSDetectHijacking 0" lets you turn it off.
|
||||
- When asked to resolve a hostname, don't use non-exit servers unless
|
||||
requested to do so. This allows servers with broken DNS to
|
||||
be useful to the network.
|
||||
requested to do so. This allows servers with broken DNS to be
|
||||
useful to the network.
|
||||
- Add an "EnforceDistinctSubnets" option to control our "exclude
|
||||
servers on the same /16" behavior. It's still on by default; this
|
||||
is mostly for people who want to operate private test networks with
|
||||
all the machines on the same subnet.
|
||||
- If one of our entry guards is on the ExcludeNodes list, or the
|
||||
directory authorities don't think it's a good guard, treat it as if it
|
||||
were unlisted: stop using it as a guard, and throw it off the guards
|
||||
list if it stays that way for a long time.
|
||||
- Allow directory authorities to be marked separately as authorities for
|
||||
the v1 directory protocol, the v2 directory protocol, and as hidden
|
||||
service directories, to make it easier to retire old authorities.
|
||||
V1 authorities should set "HSAuthoritativeDir 1" to continue being
|
||||
hidden service authorities too.
|
||||
- Reserve the nickname "Unnamed" for routers that can't pick a hostname;
|
||||
any router can call itself Unnamed; directory servers will never
|
||||
allocate Unnamed to any particular router; clients won't believe that
|
||||
any router is the canonical Unnamed.
|
||||
- New controller event to alert the controller when our server descriptor
|
||||
has changed.
|
||||
directory authorities don't think it's a good guard, treat it as
|
||||
if it were unlisted: stop using it as a guard, and throw it off
|
||||
the guards list if it stays that way for a long time.
|
||||
- Allow directory authorities to be marked separately as authorities
|
||||
for the v1 directory protocol, the v2 directory protocol, and
|
||||
as hidden service directories, to make it easier to retire old
|
||||
authorities. V1 authorities should set "HSAuthoritativeDir 1"
|
||||
to continue being hidden service authorities too.
|
||||
- Reserve the nickname "Unnamed" for routers that can't pick
|
||||
a hostname; any router can call itself Unnamed; directory
|
||||
authorities will never allocate Unnamed to any particular router;
|
||||
clients won't believe that any router is the canonical Unnamed.
|
||||
- New controller event to alert the controller when our server
|
||||
descriptor has changed.
|
||||
- Only include function names in log messages for debugging messages;
|
||||
in other cases, the content of the message should be clear on its own,
|
||||
and including the function name only seems to confuse users.
|
||||
- Fix CIRC controller events so that controllers can learn the identity
|
||||
digests of non-Named servers used in circuit paths. (Fixes bug 336.)
|
||||
- Avoid choosing Exit nodes for entry or middle hops when the bandwidth
|
||||
available in non-Exit nodes is much higher then the bandwidth available
|
||||
in Exit nodes. (Fixes bug 200.)
|
||||
in other cases, the content of the message should be clear on its
|
||||
own, and including the function name only seems to confuse users.
|
||||
- Fix CIRC controller events so that controllers can learn the
|
||||
identity digests of non-Named servers used in circuit paths.
|
||||
- Avoid choosing Exit nodes for entry or middle hops when the
|
||||
bandwidth available in non-Exit nodes is much higher than the
|
||||
bandwidth available in Exit nodes.
|
||||
- Give more meaningful errors on control authentication failure.
|
||||
- Avoid possibility of controller-triggered crash when misusing certain
|
||||
commands from a v0 controller on platforms that do not handle
|
||||
printf("%s",NULL) gracefully.
|
||||
- When deciding whether an IP is "local", check for IPs on the same /24
|
||||
as us. This prevents some false positives during reachability
|
||||
detection.
|
||||
- Avoid possibility of controller-triggered crash when misusing certain
|
||||
commands from a v0 controller on platforms that do not handle
|
||||
- Avoid some false positives during reachability testing: don't try
|
||||
to test via a server that's on the same /24 as us.
|
||||
- Avoid controller-triggered crash when misusing certain commands
|
||||
from a v0 controller on platforms that do not handle
|
||||
printf("%s",NULL) gracefully.
|
||||
- Add an (off by default) feature so that controllers can get more useful
|
||||
identifiers for servers. Instead of learning identity digests for
|
||||
identifiers for servers. Instead of learning identity digests for
|
||||
un-Named servers and nicknames for Named servers, the new identifiers
|
||||
include digest, nickname, and indication of Named status. See
|
||||
include digest, nickname, and indication of Named status. See
|
||||
control-spec.txt for more information.
|
||||
|
||||
o Security Fixes, minor:
|
||||
- If a client asked for a server by name, and we didn't have a
|
||||
descriptor for a named server with that name, we might return an
|
||||
old one.
|
||||
- If a client asked for a server by name, and there's a named server
|
||||
in our network-status but we don't have its descriptor yet, we
|
||||
would return an unnamed one instead.
|
||||
- Fix NetBSD bug that could allow someone to force uninitialized RAM
|
||||
to be sent to a server's DNS resolver. This only affects NetBSD
|
||||
and other platforms that do not bounds-check tolower().
|
||||
- Reject (most) attempts to use Tor as a one-hop proxy; if many people
|
||||
start using Tor as a one-hop proxy, exit nodes become a more attractive
|
||||
target for compromise. (Fixes bug 303.)
|
||||
- Reject (most) attempts to use Tor circuits with length one. (If
|
||||
many people start using Tor as a one-hop proxy, exit nodes become
|
||||
a more attractive target for compromise.)
|
||||
- Just because your DirPort is open doesn't mean people should be
|
||||
able to remotely teach you about hidden service descriptors. Now
|
||||
only accept rendezvous posts if you've got HSAuthoritativeDir set.
|
||||
|
||||
o Major bugfixes:
|
||||
- Avoiding crashing on race condition in dns.c:
|
||||
tor_assert(! resolve->expire)
|
||||
tor_assert(!resolve->expire)
|
||||
- When a client asks the server to resolve (not connect to)
|
||||
an address, and it has a cached answer, give them the cached answer.
|
||||
Previously, the server would give them no answer at all.
|
||||
|
|
|
|||
|
|
@ -1885,7 +1885,7 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
|
|||
* and users who'd be better off with, well, single-hop proxies.
|
||||
*/
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
|
||||
"Attempt to open a stream on first hop of circuit. Rejecting.");
|
||||
"Attempt to open a stream on first hop of circuit. Dropping.");
|
||||
tor_free(address);
|
||||
return 0;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1711,7 +1711,7 @@ launch_wildcard_check(int min_len, int max_len, const char *suffix)
|
|||
|
||||
addr = tor_strdup(name);
|
||||
r = evdns_resolve_ipv4(name, DNS_QUERY_NO_SEARCH,
|
||||
evdns_wildcard_check_callback, addr);
|
||||
evdns_wildcard_check_callback, addr);
|
||||
if (r)
|
||||
tor_free(addr);
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue