Fold in and clean up remaining changes files
This commit is contained in:
parent
aa68c39a12
commit
9525de51a6
60
ChangeLog
60
ChangeLog
|
@ -1,4 +1,4 @@
|
|||
Changes in version 0.2.2.26-alpha - 2011-05-??
|
||||
Changes in version 0.2.2.26-beta - 2011-05-1?
|
||||
o Security fixes:
|
||||
- Replace all potentially sensitive memory comparison operations
|
||||
with versions whose runtime does not depend on the data being
|
||||
|
@ -6,6 +6,12 @@ Changes in version 0.2.2.26-alpha - 2011-05-??
|
|||
adversary can use variations in timing information to learn
|
||||
sensitive data. Fix for one case of bug 3122. (Safe memcmp
|
||||
implementation by Robert Ransom based partially on code by DJB.)
|
||||
- When receiving a hidden service descriptor, check that it is for
|
||||
the hidden service we wanted. Previously, Tor would store any
|
||||
hidden service descriptors that a directory gave it, whether it
|
||||
wanted them or not. This wouldn't have let an attacker impersonate
|
||||
a hidden service, but it did let directories pre-seed a client
|
||||
with a descriptors that it didn't want. Bugfix on 0.0.6.
|
||||
|
||||
o Major features:
|
||||
- The options SocksPort, ControlPort, and so on now all accept a
|
||||
|
@ -23,6 +29,15 @@ Changes in version 0.2.2.26-alpha - 2011-05-??
|
|||
given connection type. This is useful when the user has configured
|
||||
"SocksPort auto" and the controller needs to know which port got
|
||||
chosen. Resolves another part of ticket 3076.
|
||||
- Add a new ControlSocketsGroupWritable configuration option: when
|
||||
it is turned on, ControlSockets are group-writeable by the default
|
||||
group of the current user. Patch by Jérémy Bobbio; implements
|
||||
ticket 2972.
|
||||
- Tor now refuses to create a ControlSocket in a directory that is
|
||||
world-readable (or group-readable if ControlSocketsGroupWritable
|
||||
is 0). This is necessary because some operating systems do not
|
||||
enforce permissions on an AF_UNIX sockets. Permissions on the
|
||||
directory holding the socket, however, seems to work everywhere.
|
||||
- Rate-limit a warning about failures to download v2 networkstatus
|
||||
documents. Resolves part of bug 1352.
|
||||
- Backport code from 0.2.3.x to allow directory authorities to clean
|
||||
|
@ -31,6 +46,10 @@ Changes in version 0.2.2.26-alpha - 2011-05-??
|
|||
what it means rather than calling it an unexpected status code.
|
||||
Closes bug 2503. Patch from Michael Yakubovich.
|
||||
- Update to the May 1 2011 Maxmind GeoLite Country database.
|
||||
- Set SO_REUSEADDR on all sockets, not just listeners. This should
|
||||
help busy exit nodes avoid running out of useable ports just
|
||||
because all the ports have been used in the near past. Resolves
|
||||
issue 2850.
|
||||
|
||||
o Minor bugfixes:
|
||||
- When loading the microdesc journal, remember its current size.
|
||||
|
@ -65,6 +84,45 @@ Changes in version 0.2.2.26-alpha - 2011-05-??
|
|||
- Add missing explanations for the authority-related torrc options
|
||||
RephistTrackTime, BridgePassword, and V3AuthUseLegacyKey in the
|
||||
man page. Resolves issue 2379.
|
||||
- On SIGHUP, do not clear out all TrackHostExits mappings, client
|
||||
DNS cache entries, and virtual address mappings: that's what
|
||||
NEWNYM is for. Fixes bug 1345; bugfix on 0.1.0.1-rc.
|
||||
- When a controller changes TrackHostExits, remove mappings for
|
||||
hosts that should no longer have their exits tracked. Bugfix on
|
||||
0.1.0.1-rc.
|
||||
- When a controller changes VirtualAddrNetwork, remove any mappings
|
||||
for hosts that were automapped to the old network. Bugfix on
|
||||
0.1.1.19-rc.
|
||||
- When a controller changes one of the AutomapHosts* options, remove
|
||||
any mappings for hosts that should no longer be automapped. Bugfix
|
||||
on 0.2.0.1-alpha.
|
||||
- Accept hidden service descriptors if we think we are a hidden
|
||||
service directory, regardless of what our consensus says. This
|
||||
helps robustness, since clients and hidden services can sometimes
|
||||
have a more up-to-date view of the network consensus than we do,
|
||||
and if they think that the directory authorities list us a HSDir,
|
||||
we might actually be one. Related to bug 2732; bugfix on
|
||||
0.2.0.10-alpha.
|
||||
- Do not reset the bridge descriptor download status every time we
|
||||
re-parse our configuration or get a configuration change. Fixes
|
||||
bug 3019; bugfix on 0.2.0.3-alpha.
|
||||
- Resolve an untriggerable issue in smartlist_string_num_isin(),
|
||||
where if the function had ever in the future been used to check
|
||||
for the presence of a too-large number, it would have given an
|
||||
incorrect result. (Fortunately, we only used it for 16-bit
|
||||
values.) Fixes bug 3175; bugfix on 0.1.0.1-rc.
|
||||
- Require that introduction point keys and onion keys have public
|
||||
exponent 65537. Bugfix on 0.2.0.10-alpha.
|
||||
- As an authority, do not upload our own vote or signature set to
|
||||
ourself. It would tell us nothing new, and as of 0.2.2.24-alpha,
|
||||
it would get flagged as a duplicate. Resolves bug 3026.
|
||||
- Accept hidden service descriptors if we think we are a hidden
|
||||
service directory, regardless of what our consensus says. This
|
||||
helps robustness, since clients and hidden services can sometimes
|
||||
have a more up-to-date view of the network consensus than we do,
|
||||
and if they think that the directory authorities list us a HSDir,
|
||||
we might actually be one. Related to bug 2732; bugfix on
|
||||
0.2.0.10-alpha.
|
||||
|
||||
o Removed features:
|
||||
- Caches no longer download and serve v2 networkstatus documents
|
||||
|
|
|
@ -1,13 +0,0 @@
|
|||
o Minor bugfixes:
|
||||
- On SIGHUP, do not clear out all TrackHostExits mappings, client DNS
|
||||
cache entries, and virtual address mappings: that's what NEWNYM is
|
||||
for. Bugfix on Tor 0.1.0.1-rc; fixes bug 1345.
|
||||
- When TrackHostExits is changed from a controller, remove any
|
||||
mappings for hosts that should no longer have their exits tracked.
|
||||
Bugfix on Tor 0.1.0.1-rc.
|
||||
- When VirtualAddrNetwork option is changed from a controller,
|
||||
remove any mappings for hosts that were automapped to
|
||||
that network. Bugfix on 0.1.1.19-rc.
|
||||
- When one of the AutomapHosts* options is changed from a
|
||||
controller, remove any mappings for hosts that should no longer be
|
||||
automapped. Bugfix on 0.2.0.1-alpha.
|
|
@ -1,7 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Do not reject hidden service descriptors simply because we don't
|
||||
think we have not been assigned the HSDir flag. Clients and
|
||||
hidden services can have a more up-to-date view of the network
|
||||
consensus, and if they think that the directory authorities
|
||||
list us a HSDir, we might actually be one. Related to bug 2732;
|
||||
bugfix on 0.2.0.10-alpha.
|
|
@ -1,8 +0,0 @@
|
|||
o Minor features:
|
||||
- Tor now refuses to create a ControlSocket in a directory that is
|
||||
world-readable (or group-readable if ControlSocketsGroupWritable
|
||||
is 0). This is necessary because some operating systems do not
|
||||
check the permissions on an AF_UNIX socket when programs try to
|
||||
connect to it. Checking permissions on the directory holding
|
||||
the socket, however, seems to work everywhere.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
- Minor features
|
||||
o Set SO_REUSEADDR on all sockets, not just listeners. This should
|
||||
help busy exit nodes avoid running out of useable ports just because
|
||||
all the ports have been used in the near past. Resolves issue 2850.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
o Minor features:
|
||||
- Allow ControlSockets to be group-writable when the
|
||||
ControlSocksGroupWritable configuration option is turned on. Patch
|
||||
by Jérémy Bobbio; implements ticket 2972.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes:
|
||||
- Do not reset the bridge descriptor download status every time we
|
||||
re-parse our configuration or get a configuration change. Fixes
|
||||
bug 3019; bugfix on Tor 0.2.0.3-alpha.
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes (directory authority)
|
||||
- Do not upload our own vote or signature set to ourself. It would
|
||||
tell us nothing new. Also, as of Tor 0.2.2.24-alpha, we started
|
||||
to warn about receiving duplicate votes. Resolves bug 3026.
|
|
@ -1,7 +0,0 @@
|
|||
o Minor bugfixes:
|
||||
- Resolve an untriggerable issue in smartlist_string_num_isin(),
|
||||
where if the function had ever in the future been used to check
|
||||
for the presence of a too-large number, it would have given an
|
||||
incorrect result. (Fortunately, we only used it for 16-bit
|
||||
values.) Fixes bug 3175; bugfix on Tor 0.1.0.1-rc.
|
||||
|
|
@ -1,7 +0,0 @@
|
|||
o Security fixes:
|
||||
- When fetching a hidden service descriptor, check that it is for
|
||||
the hidden service we were trying to connect to, in order to
|
||||
stop a directory from pre-seeding a client with a descriptor for
|
||||
a hidden service that they didn't want. Bugfix on 0.0.6.
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
o Minor bugfixes:
|
||||
- Require that introduction point keys and onion keys have public
|
||||
exponent 65537. Bugfix on 0.2.0.10-alpha.
|
||||
|
||||
|
Loading…
Reference in New Issue