Re-wrap changelog section for 0.2.2.25-alpha
This commit is contained in:
parent
7afa8a30da
commit
95dceffe1b
151
ChangeLog
151
ChangeLog
|
@ -1,14 +1,15 @@
|
|||
Changes in version 0.2.2.25-alpha - 2011-04-28
|
||||
o Major bugfixes:
|
||||
- Relays were publishing grossly inflated bandwidth values because they
|
||||
were writing their state files wrong--now they write the correct value.
|
||||
Also, resume reading bandwidth history from the state file correctly.
|
||||
Fixes bug 2704; bugfix on 0.2.2.23-alpha.
|
||||
- Improve hidden service robustness: When we find that we have extended
|
||||
a hidden service's introduction circuit to a relay not listed as an
|
||||
introduction point in the HS descriptor we currently have, retry an
|
||||
introduction point from the current descriptor. Previously we would
|
||||
just give up. Fixes bugs 1024 and 1930; bugfix on 0.2.0.10-alpha.
|
||||
- Relays were publishing grossly inflated bandwidth values because
|
||||
they were writing their state files wrong--now they write the
|
||||
correct value. Also, resume reading bandwidth history from the
|
||||
state file correctly. Fixes bug 2704; bugfix on 0.2.2.23-alpha.
|
||||
- Improve hidden service robustness: When we find that we have
|
||||
extended a hidden service's introduction circuit to a relay not
|
||||
listed as an introduction point in the HS descriptor we currently
|
||||
have, retry with an introduction point from the current
|
||||
descriptor. Previously we would just give up. Fixes bugs 1024 and
|
||||
1930; bugfix on 0.2.0.10-alpha.
|
||||
- Clients now stop trying to use an exit node associated with a given
|
||||
destination by TrackHostExits if they fail to reach that exit node.
|
||||
Fixes bug 2999. Bugfix on 0.2.0.20-rc.
|
||||
|
@ -17,17 +18,17 @@ Changes in version 0.2.2.25-alpha - 2011-04-28
|
|||
by boboper.
|
||||
|
||||
o Security and stability fixes:
|
||||
- Don't double-free a parsable, but invalid, microdescriptor, even
|
||||
if it is followed in the blob we're parsing by an unparsable
|
||||
- Don't double-free a parsable, but invalid, microdescriptor, even if
|
||||
it is followed in the blob we're parsing by an unparsable
|
||||
microdescriptor. Fixes an issue reported in a comment on bug 2954.
|
||||
Bugfix on 0.2.2.6-alpha; fix by "cypherpunks".
|
||||
- If the Nickname configuration option isn't given, Tor would pick a
|
||||
nickname based on the local hostname as the nickname for a relay.
|
||||
Because nicknames are not very important in today's Tor and the
|
||||
"Unnamed" nickname has been implemented, this is now problematic
|
||||
behavior: It leaks information about the hostname without being useful
|
||||
at all. Fixes bug 2979; bugfix on 0.1.2.2-alpha, which introduced the
|
||||
Unnamed nickname. Reported by tagnaq.
|
||||
behavior: It leaks information about the hostname without being
|
||||
useful at all. Fixes bug 2979; bugfix on 0.1.2.2-alpha, which
|
||||
introduced the Unnamed nickname. Reported by tagnaq.
|
||||
- Fix an uncommon assertion failure when running with DNSPort under
|
||||
heavy load. Fixes bug 2933; bugfix on 0.2.0.1-alpha.
|
||||
- Avoid linkability based on cached hidden service descriptors: forget
|
||||
|
@ -35,9 +36,9 @@ Changes in version 0.2.2.25-alpha - 2011-04-28
|
|||
SIGNAL NEWNYM command. Fixes bug 3000; bugfix on 0.0.6.
|
||||
|
||||
o Major features:
|
||||
- Export GeoIP information on bridge usage to controllers even if
|
||||
we have not yet been running for 24 hours. Now Vidalia bridge
|
||||
operators can get more accurate and immediate feedback about their
|
||||
- Export GeoIP information on bridge usage to controllers even if we
|
||||
have not yet been running for 24 hours. Now Vidalia bridge operators
|
||||
can get more accurate and immediate feedback about their
|
||||
contributions to the network.
|
||||
|
||||
o Major features and bugfixes (node selection):
|
||||
|
@ -45,64 +46,62 @@ Changes in version 0.2.2.25-alpha - 2011-04-28
|
|||
ExcludeEntryNodes, ExcludeExitNodes, ExcludeNodes, and StrictNodes
|
||||
options. Previously, we had been ambiguous in describing what
|
||||
counted as an "exit" node, and what operations exactly "StrictNodes
|
||||
0" would permit. This created confusion when people saw nodes
|
||||
built through unexpected circuits, and made it hard to tell real
|
||||
bugs from surprises. Now the intended behavior is:
|
||||
. "Exit", in the context of ExitNodes and ExcludeExitNodes,
|
||||
means a node that delivers user traffic outside the Tor network.
|
||||
. "Entry", in the context of EntryNodes, means a node used as
|
||||
the first hop of a multihop circuit. It doesn't include direct
|
||||
0" would permit. This created confusion when people saw nodes built
|
||||
through unexpected circuits, and made it hard to tell real bugs from
|
||||
surprises. Now the intended behavior is:
|
||||
. "Exit", in the context of ExitNodes and ExcludeExitNodes, means
|
||||
a node that delivers user traffic outside the Tor network.
|
||||
. "Entry", in the context of EntryNodes, means a node used as the
|
||||
first hop of a multihop circuit. It doesn't include direct
|
||||
connections to directory servers.
|
||||
. "ExcludeNodes" applies to all nodes.
|
||||
. "StrictNodes" changes the behavior of ExcludeNodes only. When
|
||||
StrictNodes is set, Tor should avoid all nodes listed in
|
||||
ExcludeNodes, even when it will make user requests fail. When
|
||||
StrictNodes is *not* set, then Tor should follow ExcludeNodes
|
||||
whenever it can, except when it must use an excluded node
|
||||
to perform self-tests, connect to a hidden service, provide
|
||||
a hidden service, fulfill a .exit request, upload directory
|
||||
whenever it can, except when it must use an excluded node to
|
||||
perform self-tests, connect to a hidden service, provide a
|
||||
hidden service, fulfill a .exit request, upload directory
|
||||
information, or fetch directory information.
|
||||
Collectively, the changes to implement the behavior fix bug 1090.
|
||||
- ExcludeNodes now takes precedence over EntryNodes and ExitNodes:
|
||||
if a node is listed in both, it's treated as excluded.
|
||||
- ExcludeNodes now takes precedence over EntryNodes and ExitNodes: if
|
||||
a node is listed in both, it's treated as excluded.
|
||||
- ExcludeNodes now applies to directory nodes -- as a preference if
|
||||
StrictNodes is 0, or an absolute requirement if StrictNodes is 1.
|
||||
Don't exclude all the directory authorities and set StrictNodes
|
||||
to 1 unless you really want your Tor to break.
|
||||
Don't exclude all the directory authorities and set StrictNodes to 1
|
||||
unless you really want your Tor to break.
|
||||
- ExcludeNodes and ExcludeExitNodes now override exit enclaving.
|
||||
- ExcludeExitNodes now overrides .exit requests.
|
||||
- We don't use bridges listed in ExcludeNodes.
|
||||
- When StrictNodes is 1:
|
||||
. We now apply ExcludeNodes to hidden service introduction points
|
||||
and to rendezvous points selected by hidden service users.
|
||||
This can make your hidden service less reliable: use it with
|
||||
caution!
|
||||
and to rendezvous points selected by hidden service users. This
|
||||
can make your hidden service less reliable: use it with caution!
|
||||
. If we have used ExcludeNodes on ourself, do not try relay
|
||||
reachability self-tests.
|
||||
. If we have excluded all the directory authorities, we will
|
||||
not even try to upload our descriptor if we're a relay.
|
||||
. If we have excluded all the directory authorities, we will not
|
||||
even try to upload our descriptor if we're a relay.
|
||||
. Do not honor .exit requests to an excluded node.
|
||||
- Remove a misfeature that caused us to ignore the Fast/Stable flags
|
||||
when ExitNodes is set. Bugfix on 0.2.2.7-alpha.
|
||||
- When the set of permitted nodes changes, we now remove any
|
||||
mappings introduced via TrackExitHosts to now-excluded nodes.
|
||||
Bugfix on 0.1.0.1-rc.
|
||||
- We never cannibalize a circuit that had excluded nodes on it,
|
||||
even if StrictNodes is 0. Bugfix on 0.1.0.1-rc.
|
||||
- When the set of permitted nodes changes, we now remove any mappings
|
||||
introduced via TrackExitHosts to now-excluded nodes. Bugfix on
|
||||
0.1.0.1-rc.
|
||||
- We never cannibalize a circuit that had excluded nodes on it, even
|
||||
if StrictNodes is 0. Bugfix on 0.1.0.1-rc.
|
||||
- Revert a change where we would be laxer about attaching streams to
|
||||
circuits than when building the circuits. This was meant to
|
||||
prevent a set of bugs where streams were never attachable, but our
|
||||
improved code here should make this unnecessary. Bugfix on
|
||||
0.2.2.7-alpha.
|
||||
- Keep track of how many times we launch a new circuit to handle
|
||||
a given stream. Too many launches could indicate an inconsistency
|
||||
circuits than when building the circuits. This was meant to prevent
|
||||
a set of bugs where streams were never attachable, but our improved
|
||||
code here should make this unnecessary. Bugfix on 0.2.2.7-alpha.
|
||||
- Keep track of how many times we launch a new circuit to handle a
|
||||
given stream. Too many launches could indicate an inconsistency
|
||||
between our "launch a circuit to handle this stream" logic and our
|
||||
"attach this stream to one of the available circuits" logic.
|
||||
- Improve log messages related to excluded nodes.
|
||||
|
||||
o Minor bugfixes:
|
||||
- Fix a spurious warning when moving from a short month to a long month
|
||||
on relays with month-based BandwidthAccounting. Bugfix on
|
||||
- Fix a spurious warning when moving from a short month to a long
|
||||
month on relays with month-based BandwidthAccounting. Bugfix on
|
||||
0.2.2.17-alpha; fixes bug 3020.
|
||||
- When a client finds that an origin circuit has run out of 16-bit
|
||||
stream IDs, we now mark it as unusable for new streams. Previously,
|
||||
|
@ -113,12 +112,12 @@ Changes in version 0.2.2.25-alpha - 2011-04-28
|
|||
connect() system call. Under some circumstances, it was possible to
|
||||
look at an incorrect value for errno when sending the end reason.
|
||||
Bugfix on 0.1.0.1-rc.
|
||||
- Correctly handle an "impossible" overflow cases in connection
|
||||
byte counting, where we write or read more than 4GB on an edge
|
||||
connection in a single second. Bugfix on 0.1.2.8-beta.
|
||||
- Correctly handle an "impossible" overflow cases in connection byte
|
||||
counting, where we write or read more than 4GB on an edge connection
|
||||
in a single second. Bugfix on 0.1.2.8-beta.
|
||||
- Correct the warning displayed when a rendezvous descriptor exceeds
|
||||
the maximum size. Fixes bug 2750; bugfix on 0.2.1.5-alpha. Found
|
||||
by John Brooks.
|
||||
the maximum size. Fixes bug 2750; bugfix on 0.2.1.5-alpha. Found by
|
||||
John Brooks.
|
||||
- Clients and hidden services now use HSDir-flagged relays for hidden
|
||||
service descriptor downloads and uploads even if the relays have no
|
||||
DirPort set and the client has disabled TunnelDirConns. This will
|
||||
|
@ -126,12 +125,11 @@ Changes in version 0.2.2.25-alpha - 2011-04-28
|
|||
DirPort. Fixes bug 2722; bugfix on 0.2.1.6-alpha.
|
||||
- Downgrade "no current certificates known for authority" message from
|
||||
Notice to Info. Fixes bug 2899; bugfix on 0.2.0.10-alpha.
|
||||
- Make the SIGNAL DUMP control-port command work on FreeBSD. Fixes
|
||||
bug 2917. Bugfix on 0.1.1.1-alpha.
|
||||
- Only limit the lengths of single HS descriptors, even when
|
||||
multiple HS descriptors are published to an HSDir relay in a
|
||||
single POST operation. Fixes bug 2948; bugfix on 0.2.1.5-alpha.
|
||||
Found by hsdir.
|
||||
- Make the SIGNAL DUMP control-port command work on FreeBSD. Fixes bug
|
||||
2917. Bugfix on 0.1.1.1-alpha.
|
||||
- Only limit the lengths of single HS descriptors, even when multiple
|
||||
HS descriptors are published to an HSDir relay in a single POST
|
||||
operation. Fixes bug 2948; bugfix on 0.2.1.5-alpha. Found by hsdir.
|
||||
- Write the current time into the LastWritten line in our state file,
|
||||
rather than the time from the previous write attempt. Also, stop
|
||||
trying to use a time of -1 in our log statements. Fixes bug 3039;
|
||||
|
@ -151,30 +149,29 @@ Changes in version 0.2.2.25-alpha - 2011-04-28
|
|||
clients are already deprecated because of security bugs.
|
||||
- Don't allow v0 hidden service authorities to act as clients.
|
||||
Required by fix for bug 3000.
|
||||
- Ignore SIGNAL NEWNYM commands on relay-only Tor instances.
|
||||
Required by fix for bug 3000.
|
||||
- Ignore SIGNAL NEWNYM commands on relay-only Tor instances. Required
|
||||
by fix for bug 3000.
|
||||
- Ensure that no empty [dirreq-](read|write)-history lines are added
|
||||
to an extrainfo document. Implements ticket 2497.
|
||||
|
||||
o Code simplification and refactoring:
|
||||
- Remove workaround code to handle directory responses from
|
||||
servers that had bug 539 (they would send HTTP status 503
|
||||
responses _and_ send a body too). Since only server versions before
|
||||
0.2.0.16-alpha/0.1.2.19 were affected, there is no longer reason
|
||||
to keep the workaround in place.
|
||||
- Remove the old 'fuzzy time' logic. It was supposed to be used
|
||||
for handling calculations where we have a known amount of clock
|
||||
skew and an allowed amount of unknown skew. But we only used it
|
||||
in three places, and we never adjusted the known/unknown skew
|
||||
values. This is still something we might want to do someday,
|
||||
but if we do, we'll want to do it differently.
|
||||
- Remove workaround code to handle directory responses from servers
|
||||
that had bug 539 (they would send HTTP status 503 responses _and_
|
||||
send a body too). Since only server versions before
|
||||
0.2.0.16-alpha/0.1.2.19 were affected, there is no longer reason to
|
||||
keep the workaround in place.
|
||||
- Remove the old 'fuzzy time' logic. It was supposed to be used for
|
||||
handling calculations where we have a known amount of clock skew and
|
||||
an allowed amount of unknown skew. But we only used it in three
|
||||
places, and we never adjusted the known/unknown skew values. This is
|
||||
still something we might want to do someday, but if we do, we'll
|
||||
want to do it differently.
|
||||
- Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned.
|
||||
None of the cases where we did this before were wrong, but by making
|
||||
this change we avoid warnings. Fixes bug 2475; bugfix on
|
||||
0.2.1.28.
|
||||
this change we avoid warnings. Fixes bug 2475; bugfix on 0.2.1.28.
|
||||
- Use GetTempDir to find the proper temporary directory location on
|
||||
Windows when generating temporary files for the unit tests. Patch
|
||||
by Gisle Vanem.
|
||||
Windows when generating temporary files for the unit tests. Patch by
|
||||
Gisle Vanem.
|
||||
|
||||
|
||||
Changes in version 0.2.2.24-alpha - 2011-04-08
|
||||
|
|
Loading…
Reference in New Issue