read through and tidy up the upcoming releasenotes
This commit is contained in:
parent
a708518ecb
commit
a8b6998958
114
ChangeLog
114
ChangeLog
|
@ -7,7 +7,7 @@ Changes in version 0.2.9.7-rc - 2016-12-12
|
||||||
- Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2
|
- Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2
|
||||||
Country database.
|
Country database.
|
||||||
|
|
||||||
o Minor bugfix (build):
|
o Minor bugfixes (build):
|
||||||
- The current Git revision when building from a local repository is
|
- The current Git revision when building from a local repository is
|
||||||
now detected correctly when using git worktrees. Fixes bug 20492;
|
now detected correctly when using git worktrees. Fixes bug 20492;
|
||||||
bugfix on 0.2.3.9-alpha.
|
bugfix on 0.2.3.9-alpha.
|
||||||
|
@ -31,7 +31,7 @@ Changes in version 0.2.9.7-rc - 2016-12-12
|
||||||
SocksPort. Fixes bug 20716; bugfix on 0.2.6.3-alpha.
|
SocksPort. Fixes bug 20716; bugfix on 0.2.6.3-alpha.
|
||||||
- When moving a signed descriptor object from a source to an
|
- When moving a signed descriptor object from a source to an
|
||||||
existing destination, free the allocated memory inside that
|
existing destination, free the allocated memory inside that
|
||||||
destination object. Fixes bug 20715; bugfix on tor-0.2.8.3-alpha.
|
destination object. Fixes bug 20715; bugfix on 0.2.8.3-alpha.
|
||||||
|
|
||||||
o Minor bugfixes (memory leak, use-after-free, linux seccomp2 sandbox):
|
o Minor bugfixes (memory leak, use-after-free, linux seccomp2 sandbox):
|
||||||
- Fix a memory leak and use-after-free error when removing entries
|
- Fix a memory leak and use-after-free error when removing entries
|
||||||
|
@ -144,7 +144,7 @@ Changes in version 0.2.9.6-rc - 2016-12-02
|
||||||
created by single onion services and Tor2web. These log messages
|
created by single onion services and Tor2web. These log messages
|
||||||
are intended to diagnose issue 8387, which relates to circuits
|
are intended to diagnose issue 8387, which relates to circuits
|
||||||
hanging around forever for no reason. Fixes bug 20613; bugfix on
|
hanging around forever for no reason. Fixes bug 20613; bugfix on
|
||||||
0.2.9.1-alpha. Reported by "pastly".
|
0.2.9.1-alpha. Reported by pastly.
|
||||||
|
|
||||||
o Minor bugfixes (unit tests):
|
o Minor bugfixes (unit tests):
|
||||||
- Stop spurious failures in the local interface address discovery
|
- Stop spurious failures in the local interface address discovery
|
||||||
|
@ -218,8 +218,7 @@ Changes in version 0.2.9.5-alpha - 2016-11-08
|
||||||
o Minor bugfixes (hidden services):
|
o Minor bugfixes (hidden services):
|
||||||
- When configuring hidden services, check every hidden service
|
- When configuring hidden services, check every hidden service
|
||||||
directory's permissions. Previously, we only checked the last
|
directory's permissions. Previously, we only checked the last
|
||||||
hidden service. Fixes bug 20529; bugfix the work to fix 13942
|
hidden service. Fixes bug 20529; bugfix on 0.2.6.2-alpha.
|
||||||
in 0.2.6.2-alpha.
|
|
||||||
|
|
||||||
o Minor bugfixes (portability):
|
o Minor bugfixes (portability):
|
||||||
- Fix compilation with OpenSSL 1.1 and less commonly-used CPU
|
- Fix compilation with OpenSSL 1.1 and less commonly-used CPU
|
||||||
|
@ -308,19 +307,13 @@ Changes in version 0.2.9.4-alpha - 2016-10-17
|
||||||
|
|
||||||
o Major features (subprotocol versions):
|
o Major features (subprotocol versions):
|
||||||
- Tor directory authorities now vote on a set of recommended
|
- Tor directory authorities now vote on a set of recommended
|
||||||
subprotocol versions, and on a set of required subprotocol
|
"subprotocol versions", and on a set of required subprotocol
|
||||||
versions. Clients and relays that lack support for a _required_
|
versions. Clients and relays that lack support for a _required_
|
||||||
subprotocol version will not start; those that lack support for a
|
subprotocol version will not start; those that lack support for a
|
||||||
_recommended_ subprotocol version will warn the user to upgrade.
|
_recommended_ subprotocol version will warn the user to upgrade.
|
||||||
Closes ticket 19958; implements part of proposal 264.
|
This change allows compatible implementations of the Tor protocol(s)
|
||||||
- Tor now uses "subprotocol versions" to indicate compatibility.
|
to exist without pretending to be 100% bug-compatible with
|
||||||
Previously, versions of Tor looked at the declared Tor version of
|
particular releases of Tor itself. Closes ticket 19958; implements part of proposal 264.
|
||||||
a relay to tell whether they could use a given feature. Now, they
|
|
||||||
should be able to rely on its declared subprotocol versions. This
|
|
||||||
change allows compatible implementations of the Tor protocol(s) to
|
|
||||||
exist without pretending to be 100% bug-compatible with particular
|
|
||||||
releases of Tor itself. Closes ticket 19958; implements part of
|
|
||||||
proposal 264.
|
|
||||||
|
|
||||||
o Minor feature (fallback directories):
|
o Minor feature (fallback directories):
|
||||||
- Remove broken fallbacks from the hard-coded fallback directory
|
- Remove broken fallbacks from the hard-coded fallback directory
|
||||||
|
@ -349,7 +342,7 @@ Changes in version 0.2.9.4-alpha - 2016-10-17
|
||||||
- When configuring a unix domain socket for a SocksPort,
|
- When configuring a unix domain socket for a SocksPort,
|
||||||
ControlPort, or Hidden service, you can now wrap the address in
|
ControlPort, or Hidden service, you can now wrap the address in
|
||||||
quotes, using C-style escapes inside the quotes. This allows unix
|
quotes, using C-style escapes inside the quotes. This allows unix
|
||||||
domain socket paths to contain spaces.
|
domain socket paths to contain spaces. Resolves ticket 18753.
|
||||||
|
|
||||||
o Minor features (virtual addresses):
|
o Minor features (virtual addresses):
|
||||||
- Increase the maximum number of bits for the IPv6 virtual network
|
- Increase the maximum number of bits for the IPv6 virtual network
|
||||||
|
@ -357,7 +350,7 @@ Changes in version 0.2.9.4-alpha - 2016-10-17
|
||||||
allocation is less restrictive. Closes ticket 20151; feature
|
allocation is less restrictive. Closes ticket 20151; feature
|
||||||
on 0.2.4.7-alpha.
|
on 0.2.4.7-alpha.
|
||||||
|
|
||||||
o Minor bugfixes (address discovery):
|
o Minor bugfixes (relay address discovery):
|
||||||
- Stop reordering IP addresses returned by the OS. This makes it
|
- Stop reordering IP addresses returned by the OS. This makes it
|
||||||
more likely that Tor will guess the same relay IP address every
|
more likely that Tor will guess the same relay IP address every
|
||||||
time. Fixes issue 20163; bugfix on 0.2.7.1-alpha, ticket 17027.
|
time. Fixes issue 20163; bugfix on 0.2.7.1-alpha, ticket 17027.
|
||||||
|
@ -375,13 +368,13 @@ Changes in version 0.2.9.4-alpha - 2016-10-17
|
||||||
|
|
||||||
o Minor bugfixes (configuration):
|
o Minor bugfixes (configuration):
|
||||||
- When parsing quoted configuration values from the torrc file,
|
- When parsing quoted configuration values from the torrc file,
|
||||||
handle windows line endings correctly. Fixes bug 19167; bugfix on
|
handle Windows line endings correctly. Fixes bug 19167; bugfix on
|
||||||
0.2.0.16-alpha. Patch from "Pingl".
|
0.2.0.16-alpha. Patch from "Pingl".
|
||||||
|
|
||||||
o Minor bugfixes (getpass):
|
o Minor bugfixes (getpass):
|
||||||
- Defensively fix a non-triggerable heap corruption at do_getpass()
|
- Defensively fix a non-triggerable heap corruption at do_getpass()
|
||||||
to protect ourselves from mistakes in the future. Fixes bug
|
to protect ourselves from mistakes in the future. Fixes bug
|
||||||
#19223; bugfix on 0.2.7.3-rc. Bug found by Guido Vranken, patch
|
19223; bugfix on 0.2.7.3-rc. Bug found by Guido Vranken, patch
|
||||||
by nherring.
|
by nherring.
|
||||||
|
|
||||||
o Minor bugfixes (hidden service):
|
o Minor bugfixes (hidden service):
|
||||||
|
@ -391,7 +384,7 @@ Changes in version 0.2.9.4-alpha - 2016-10-17
|
||||||
|
|
||||||
o Documentation:
|
o Documentation:
|
||||||
- Add module-level internal documentation for 36 C files that
|
- Add module-level internal documentation for 36 C files that
|
||||||
previously didn't have a high-level overview. Closes ticket #20385.
|
previously didn't have a high-level overview. Closes ticket 20385.
|
||||||
|
|
||||||
o Required libraries:
|
o Required libraries:
|
||||||
- When building with OpenSSL, Tor now requires version 1.0.1 or
|
- When building with OpenSSL, Tor now requires version 1.0.1 or
|
||||||
|
@ -423,22 +416,22 @@ Changes in version 0.2.9.3-alpha - 2016-09-23
|
||||||
this one.
|
this one.
|
||||||
|
|
||||||
o Major features (circuit building, security):
|
o Major features (circuit building, security):
|
||||||
- Authorities, relays and clients now require ntor keys in all
|
- Authorities, relays, and clients now require ntor keys in all
|
||||||
descriptors, for all hops (except for rare hidden service protocol
|
descriptors, for all hops (except for rare hidden service protocol
|
||||||
cases), for all circuits, and for all other roles. Part of
|
cases), for all circuits, and for all other roles. Part of
|
||||||
ticket 19163.
|
ticket 19163.
|
||||||
- Tor authorities, relays, and clients only use ntor, except for
|
- Authorities, relays, and clients only use ntor, except for
|
||||||
rare cases in the hidden service protocol. Part of ticket 19163.
|
rare cases in the hidden service protocol. Part of ticket 19163.
|
||||||
|
|
||||||
o Major features (single-hop "hidden" services):
|
o Major features (single-hop "hidden" services):
|
||||||
- Add experimental HiddenServiceSingleHopMode and
|
- Add experimental HiddenServiceSingleHopMode and
|
||||||
HiddenServiceNonAnonymousMode options. When both are set to 1,
|
HiddenServiceNonAnonymousMode options. When both are set to 1,
|
||||||
every hidden service on a Tor instance becomes a non-anonymous
|
every hidden service on that Tor instance becomes a non-anonymous
|
||||||
Single Onion Service. Single Onions make one-hop (direct)
|
Single Onion Service. Single Onions make one-hop (direct)
|
||||||
connections to their introduction and renzedvous points. One-hop
|
connections to their introduction and rendezvous points. One-hop
|
||||||
circuits make Single Onion servers easily locatable, but clients
|
circuits make Single Onion servers easily locatable, but clients
|
||||||
remain location-anonymous. This is compatible with the existing
|
remain location-anonymous. This is compatible with the existing
|
||||||
hidden service implementation, and works on the current tor
|
hidden service implementation, and works on the current Tor
|
||||||
network without any changes to older relays or clients. Implements
|
network without any changes to older relays or clients. Implements
|
||||||
proposal 260, completes ticket 17178. Patch by teor and asn.
|
proposal 260, completes ticket 17178. Patch by teor and asn.
|
||||||
|
|
||||||
|
@ -452,7 +445,7 @@ Changes in version 0.2.9.3-alpha - 2016-09-23
|
||||||
|
|
||||||
o Major bugfixes (circuit building):
|
o Major bugfixes (circuit building):
|
||||||
- Hidden service client-to-intro-point and service-to-rendezvous-
|
- Hidden service client-to-intro-point and service-to-rendezvous-
|
||||||
point cicruits use the TAP key supplied by the protocol, to avoid
|
point circuits use the TAP key supplied by the protocol, to avoid
|
||||||
epistemic attacks. Fixes bug 19163; bugfix on 0.2.4.18-rc.
|
epistemic attacks. Fixes bug 19163; bugfix on 0.2.4.18-rc.
|
||||||
|
|
||||||
o Major bugfixes (compilation, OpenBSD):
|
o Major bugfixes (compilation, OpenBSD):
|
||||||
|
@ -468,12 +461,12 @@ Changes in version 0.2.9.3-alpha - 2016-09-23
|
||||||
20012; bugfix on 0.2.4.8-alpha. Patch by teor.
|
20012; bugfix on 0.2.4.8-alpha. Patch by teor.
|
||||||
|
|
||||||
o Minor features (security, TLS):
|
o Minor features (security, TLS):
|
||||||
- Servers no longer support clients that without AES ciphersuites.
|
- Servers no longer support clients that lack AES ciphersuites.
|
||||||
(3DES is no longer considered an acceptable cipher.) We believe
|
(3DES is no longer considered an acceptable cipher.) We believe
|
||||||
that no such Tor clients currently exist, since Tor has required
|
that no such Tor clients currently exist, since Tor has required
|
||||||
OpenSSL 0.9.7 or later since 2009. Closes ticket 19998.
|
OpenSSL 0.9.7 or later since 2009. Closes ticket 19998.
|
||||||
|
|
||||||
o Minor feature (fallback directories):
|
o Minor features (fallback directories):
|
||||||
- Remove broken entries from the hard-coded fallback directory list.
|
- Remove broken entries from the hard-coded fallback directory list.
|
||||||
Closes ticket 20190; patch by teor.
|
Closes ticket 20190; patch by teor.
|
||||||
|
|
||||||
|
@ -481,8 +474,8 @@ Changes in version 0.2.9.3-alpha - 2016-09-23
|
||||||
- Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2
|
- Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2
|
||||||
Country database.
|
Country database.
|
||||||
|
|
||||||
o Minor feature (port flags):
|
o Minor features (port flags):
|
||||||
- Add new flags to the *Port options to finer control over which
|
- Add new flags to the *Port options to give finer control over which
|
||||||
requests are allowed. The flags are NoDNSRequest, NoOnionTraffic,
|
requests are allowed. The flags are NoDNSRequest, NoOnionTraffic,
|
||||||
and the synthetic flag OnionTrafficOnly, which is equivalent to
|
and the synthetic flag OnionTrafficOnly, which is equivalent to
|
||||||
NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. Closes enhancement
|
NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. Closes enhancement
|
||||||
|
@ -502,7 +495,7 @@ Changes in version 0.2.9.3-alpha - 2016-09-23
|
||||||
o Minor features (testing, ipv6):
|
o Minor features (testing, ipv6):
|
||||||
- Add the single-onion and single-onion-ipv6 chutney targets to
|
- Add the single-onion and single-onion-ipv6 chutney targets to
|
||||||
"make test-network-all". This requires a recent chutney version
|
"make test-network-all". This requires a recent chutney version
|
||||||
with the single onion network flavours (git c72a652 or later).
|
with the single onion network flavors (git c72a652 or later).
|
||||||
Closes ticket 20072; patch by teor.
|
Closes ticket 20072; patch by teor.
|
||||||
- Add the hs-ipv6 chutney target to make test-network-all's IPv6
|
- Add the hs-ipv6 chutney target to make test-network-all's IPv6
|
||||||
tests. Remove bridges+hs, as it's somewhat redundant. This
|
tests. Remove bridges+hs, as it's somewhat redundant. This
|
||||||
|
@ -520,7 +513,7 @@ Changes in version 0.2.9.3-alpha - 2016-09-23
|
||||||
handshakes fail, they fail with the error messages we expected.
|
handshakes fail, they fail with the error messages we expected.
|
||||||
- Our unit testing code that captures log messages no longer
|
- Our unit testing code that captures log messages no longer
|
||||||
prevents them from being written out if the user asked for them
|
prevents them from being written out if the user asked for them
|
||||||
(by passing --debug or --info or or --notice --warn to the "test"
|
(by passing --debug or --info or --notice or --warn to the "test"
|
||||||
binary). This change prevents us from missing unexpected log
|
binary). This change prevents us from missing unexpected log
|
||||||
messages simply because we were looking for others. Related to
|
messages simply because we were looking for others. Related to
|
||||||
ticket 19999.
|
ticket 19999.
|
||||||
|
@ -569,8 +562,8 @@ Changes in version 0.2.9.3-alpha - 2016-09-23
|
||||||
o Minor bugfixes (documentation):
|
o Minor bugfixes (documentation):
|
||||||
- Document the default PathsNeededToBuildCircuits value that's used
|
- Document the default PathsNeededToBuildCircuits value that's used
|
||||||
by clients when the directory authorities don't set
|
by clients when the directory authorities don't set
|
||||||
min_paths_for_circs_pct. Fixes bug 20117; bugfix on 02c320916e02
|
min_paths_for_circs_pct. Fixes bug 20117; bugfix on 0.2.4.10-alpha.
|
||||||
in tor-0.2.4.10-alpha. Patch by teor, reported by Jesse V.
|
Patch by teor, reported by Jesse V.
|
||||||
- Fix manual for the User option: it takes a username, not a UID.
|
- Fix manual for the User option: it takes a username, not a UID.
|
||||||
Fixes bug 19122; bugfix on 0.0.2pre16 (the first version to have
|
Fixes bug 19122; bugfix on 0.0.2pre16 (the first version to have
|
||||||
a manpage!).
|
a manpage!).
|
||||||
|
@ -598,26 +591,26 @@ Changes in version 0.2.9.3-alpha - 2016-09-23
|
||||||
on 0.2.9.1-alpha.
|
on 0.2.9.1-alpha.
|
||||||
- When we are unable to remove the bw_accounting file, do not warn
|
- When we are unable to remove the bw_accounting file, do not warn
|
||||||
if the reason we couldn't remove it was that it didn't exist.
|
if the reason we couldn't remove it was that it didn't exist.
|
||||||
Fixes bug 19964; bugfix on 0.2.5.4-alpha. Patch from 'pastly'.
|
Fixes bug 19964; bugfix on 0.2.5.4-alpha. Patch from pastly.
|
||||||
|
|
||||||
o Minor bugfixes (option parsing):
|
o Minor bugfixes (option parsing):
|
||||||
- Count unix sockets when counting client listeners (SOCKS, Trans,
|
- Count unix sockets when counting client listeners (SOCKS, Trans,
|
||||||
NATD, and DNS). This has no user-visible behaviour changes: these
|
NATD, and DNS). This has no user-visible behavior changes: these
|
||||||
options are set once, and never read. Required for correct
|
options are set once, and never read. Required for correct
|
||||||
behaviour in ticket 17178. Fixes bug 19677; bugfix on
|
behavior in ticket 17178. Fixes bug 19677; bugfix on
|
||||||
0.2.6.3-alpha. Patch by teor.
|
0.2.6.3-alpha. Patch by teor.
|
||||||
|
|
||||||
o Minor bugfixes (options):
|
o Minor bugfixes (options):
|
||||||
- Check the consistency of UseEntryGuards and EntryNodes more
|
- Check the consistency of UseEntryGuards and EntryNodes more
|
||||||
reliably. Fixes bug 20074; bugfix on tor- 0.2.4.12-alpha. Patch
|
reliably. Fixes bug 20074; bugfix on 0.2.4.12-alpha. Patch
|
||||||
by teor.
|
by teor.
|
||||||
- Stop changing the configured value of UseEntryGuards on
|
- Stop changing the configured value of UseEntryGuards on
|
||||||
authorities and Tor2web clients. Fixes bug 20074; bugfix on
|
authorities and Tor2web clients. Fixes bug 20074; bugfix on
|
||||||
commits 51fc6799 in tor-0.1.1.16-rc and acda1735 in tor-0.2.4.3-
|
commits 51fc6799 in 0.1.1.16-rc and acda1735 in 0.2.4.3-alpha.
|
||||||
alpha. Patch by teor.
|
Patch by teor.
|
||||||
|
|
||||||
o Minor bugfixes (Tor2web):
|
o Minor bugfixes (Tor2web):
|
||||||
- Prevent Tor2web clients running hidden services, these services
|
- Prevent Tor2web clients from running hidden services: these services
|
||||||
are not anonymous due to the one-hop client paths. Fixes bug
|
are not anonymous due to the one-hop client paths. Fixes bug
|
||||||
19678. Patch by teor.
|
19678. Patch by teor.
|
||||||
|
|
||||||
|
@ -681,8 +674,9 @@ Changes in version 0.2.9.2-alpha - 2016-08-24
|
||||||
|
|
||||||
o Major features (user interface):
|
o Major features (user interface):
|
||||||
- Tor now supports the ability to declare options deprecated, so
|
- Tor now supports the ability to declare options deprecated, so
|
||||||
that we can recommend that people stop using them. Previously,
|
that we can recommend that people stop using them. Previously, this
|
||||||
this was done in an ad-hoc way. Closes ticket 19820.
|
was done in an ad-hoc way. There is a new --list-deprecated-options command-line option to list all of the deprecated options. Closes
|
||||||
|
ticket 19820.
|
||||||
|
|
||||||
o Major bugfixes (directory downloads):
|
o Major bugfixes (directory downloads):
|
||||||
- Avoid resetting download status for consensuses hourly, since we
|
- Avoid resetting download status for consensuses hourly, since we
|
||||||
|
@ -697,11 +691,6 @@ Changes in version 0.2.9.2-alpha - 2016-08-24
|
||||||
- Update geoip and geoip6 to the August 2 2016 Maxmind GeoLite2
|
- Update geoip and geoip6 to the August 2 2016 Maxmind GeoLite2
|
||||||
Country database.
|
Country database.
|
||||||
|
|
||||||
o Minor features (user interface):
|
|
||||||
- There is a new --list-deprecated-options command-line option to
|
|
||||||
list all of the deprecated options. Implemented as part of
|
|
||||||
ticket 19820.
|
|
||||||
|
|
||||||
o Minor bugfixes (code style):
|
o Minor bugfixes (code style):
|
||||||
- Fix an integer signedness conversion issue in the case conversion
|
- Fix an integer signedness conversion issue in the case conversion
|
||||||
tables. Fixes bug 19168; bugfix on 0.2.1.11-alpha.
|
tables. Fixes bug 19168; bugfix on 0.2.1.11-alpha.
|
||||||
|
@ -736,7 +725,7 @@ Changes in version 0.2.9.2-alpha - 2016-08-24
|
||||||
o Deprecated features:
|
o Deprecated features:
|
||||||
- A number of DNS-cache-related sub-options for client ports are now
|
- A number of DNS-cache-related sub-options for client ports are now
|
||||||
deprecated for security reasons, and may be removed in a future
|
deprecated for security reasons, and may be removed in a future
|
||||||
version of Tor. (We believe that client-side DNS cacheing is a bad
|
version of Tor. (We believe that client-side DNS caching is a bad
|
||||||
idea for anonymity, and you should not turn it on.) The options
|
idea for anonymity, and you should not turn it on.) The options
|
||||||
are: CacheDNS, CacheIPv4DNS, CacheIPv6DNS, UseDNSCache,
|
are: CacheDNS, CacheIPv4DNS, CacheIPv6DNS, UseDNSCache,
|
||||||
UseIPv4Cache, and UseIPv6Cache.
|
UseIPv4Cache, and UseIPv6Cache.
|
||||||
|
@ -761,7 +750,7 @@ Changes in version 0.2.9.2-alpha - 2016-08-24
|
||||||
|
|
||||||
o Removed code:
|
o Removed code:
|
||||||
- We no longer include the (dead, deprecated) bufferevent code in
|
- We no longer include the (dead, deprecated) bufferevent code in
|
||||||
Tor. Closes ticket 19450. Based on a patch from U+039b.
|
Tor. Closes ticket 19450. Based on a patch from "U+039b".
|
||||||
|
|
||||||
|
|
||||||
Changes in version 0.2.8.7 - 2016-08-24
|
Changes in version 0.2.8.7 - 2016-08-24
|
||||||
|
@ -880,16 +869,16 @@ Changes in version 0.2.9.1-alpha - 2016-08-08
|
||||||
Closes ticket 18895.
|
Closes ticket 18895.
|
||||||
|
|
||||||
o Minor features (code safety):
|
o Minor features (code safety):
|
||||||
- In our integer-parsing functions, ensure that maxiumum value we
|
- In our integer-parsing functions, ensure that the maximum value we
|
||||||
give is no smaller than the minimum value. Closes ticket 19063;
|
allow is no smaller than the minimum value. Closes ticket 19063;
|
||||||
patch from U+039b.
|
patch from "U+039b".
|
||||||
|
|
||||||
o Minor features (controller):
|
o Minor features (controller):
|
||||||
- Implement new GETINFO queries for all downloads that use
|
- Implement new GETINFO queries for all downloads that use
|
||||||
download_status_t to schedule retries. This allows controllers to
|
download_status_t to schedule retries. This allows controllers to
|
||||||
examine the schedule for pending downloads. Closes ticket 19323.
|
examine the schedule for pending downloads. Closes ticket 19323.
|
||||||
- Allow controllers to configure basic client authorization on
|
- Allow controllers to configure basic client authorization on
|
||||||
hidden services when they create them with the ADD_ONION control
|
hidden services when they create them with the ADD_ONION controller
|
||||||
command. Implements ticket 15588. Patch by "special".
|
command. Implements ticket 15588. Patch by "special".
|
||||||
- Fire a STATUS_SERVER controller event whenever the hibernation
|
- Fire a STATUS_SERVER controller event whenever the hibernation
|
||||||
status changes between "awake"/"soft"/"hard". Closes ticket 18685.
|
status changes between "awake"/"soft"/"hard". Closes ticket 18685.
|
||||||
|
@ -936,13 +925,11 @@ Changes in version 0.2.9.1-alpha - 2016-08-08
|
||||||
needless crash bugs. Closes ticket 18613.
|
needless crash bugs. Closes ticket 18613.
|
||||||
|
|
||||||
o Minor features (performance):
|
o Minor features (performance):
|
||||||
- Changer the "optimistic data" extension from "off by default" to
|
- Change the "optimistic data" extension from "off by default" to
|
||||||
"on by default". The default was ordinarily overridden by a
|
"on by default". The default was ordinarily overridden by a
|
||||||
consensus option, but when clients were bootstrapping for the
|
consensus option, but when clients were bootstrapping for the
|
||||||
first time, they would not have a consensus to get the option
|
first time, they would not have a consensus to get the option
|
||||||
from. Changing this default When fetching a consensus for the
|
from. Changing this default saves a round-trip during startup. Closes ticket 18815.
|
||||||
first time, use optimistic data. This saves a round-trip during
|
|
||||||
startup. Closes ticket 18815.
|
|
||||||
|
|
||||||
o Minor features (relay, usability):
|
o Minor features (relay, usability):
|
||||||
- When the directory authorities refuse a bad relay's descriptor,
|
- When the directory authorities refuse a bad relay's descriptor,
|
||||||
|
@ -952,8 +939,6 @@ Changes in version 0.2.9.1-alpha - 2016-08-08
|
||||||
ticket 18760.
|
ticket 18760.
|
||||||
|
|
||||||
o Minor features (testing):
|
o Minor features (testing):
|
||||||
- Let backtrace tests work correctly under AddressSanitizer. Fixes
|
|
||||||
part of bug 18934; bugfix on 0.2.5.2-alpha.
|
|
||||||
- Move the test-network.sh script to chutney, and modify tor's test-
|
- Move the test-network.sh script to chutney, and modify tor's test-
|
||||||
network.sh to call the (newer) chutney version when available.
|
network.sh to call the (newer) chutney version when available.
|
||||||
Resolves ticket 19116. Patch by teor.
|
Resolves ticket 19116. Patch by teor.
|
||||||
|
@ -963,7 +948,7 @@ Changes in version 0.2.9.1-alpha - 2016-08-08
|
||||||
ticket 16792.
|
ticket 16792.
|
||||||
|
|
||||||
o Minor bugfixes (bootstrap):
|
o Minor bugfixes (bootstrap):
|
||||||
- Remember the directory we fetched the consensus or previous
|
- Remember the directory server we fetched the consensus or previous
|
||||||
certificates from, and use it to fetch future authority
|
certificates from, and use it to fetch future authority
|
||||||
certificates. This change improves bootstrapping performance.
|
certificates. This change improves bootstrapping performance.
|
||||||
Fixes bug 18963; bugfix on 0.2.8.1-alpha.
|
Fixes bug 18963; bugfix on 0.2.8.1-alpha.
|
||||||
|
@ -988,7 +973,7 @@ Changes in version 0.2.9.1-alpha - 2016-08-08
|
||||||
of debugging. (They are already sorted in consensus documents.)
|
of debugging. (They are already sorted in consensus documents.)
|
||||||
Fixes bug 18840; bugfix on 0.2.6.3-alpha.
|
Fixes bug 18840; bugfix on 0.2.6.3-alpha.
|
||||||
- When parsing a detached signature, make sure we use the length of
|
- When parsing a detached signature, make sure we use the length of
|
||||||
the digest algorithm instead of an hardcoded DIGEST256_LEN in
|
the digest algorithm instead of a hardcoded DIGEST256_LEN in
|
||||||
order to avoid comparing bytes out-of-bounds with a smaller digest
|
order to avoid comparing bytes out-of-bounds with a smaller digest
|
||||||
length such as SHA1. Fixes bug 19066; bugfix on 0.2.2.6-alpha.
|
length such as SHA1. Fixes bug 19066; bugfix on 0.2.2.6-alpha.
|
||||||
|
|
||||||
|
@ -1032,9 +1017,10 @@ Changes in version 0.2.9.1-alpha - 2016-08-08
|
||||||
o Minor bugfixes (testing):
|
o Minor bugfixes (testing):
|
||||||
- Allow clients to retry HSDirs much faster in test networks. Fixes
|
- Allow clients to retry HSDirs much faster in test networks. Fixes
|
||||||
bug 19702; bugfix on 0.2.7.1-alpha. Patch by teor.
|
bug 19702; bugfix on 0.2.7.1-alpha. Patch by teor.
|
||||||
- Disable ASAN's detection of segmentation faults while running
|
- Let backtrace tests work correctly under AddressSanitizer:
|
||||||
|
disable ASAN's detection of segmentation faults while running
|
||||||
test_bt.sh, so that we can make sure that our own backtrace
|
test_bt.sh, so that we can make sure that our own backtrace
|
||||||
generation code works. Fixes another aspect of bug 18934; bugfix
|
generation code works. Fixes bug 18934; bugfix
|
||||||
on 0.2.5.2-alpha. Patch from "cypherpunks".
|
on 0.2.5.2-alpha. Patch from "cypherpunks".
|
||||||
- Fix the test-network-all target on out-of-tree builds by using the
|
- Fix the test-network-all target on out-of-tree builds by using the
|
||||||
correct path to the test driver script. Fixes bug 19421; bugfix
|
correct path to the test driver script. Fixes bug 19421; bugfix
|
||||||
|
|
116
ReleaseNotes.029
116
ReleaseNotes.029
|
@ -34,7 +34,7 @@ into the ReleaseNotes file before stable.]
|
||||||
o Deprecated features:
|
o Deprecated features:
|
||||||
- A number of DNS-cache-related sub-options for client ports are now
|
- A number of DNS-cache-related sub-options for client ports are now
|
||||||
deprecated for security reasons, and may be removed in a future
|
deprecated for security reasons, and may be removed in a future
|
||||||
version of Tor. (We believe that client-side DNS cacheing is a bad
|
version of Tor. (We believe that client-side DNS caching is a bad
|
||||||
idea for anonymity, and you should not turn it on.) The options
|
idea for anonymity, and you should not turn it on.) The options
|
||||||
are: CacheDNS, CacheIPv4DNS, CacheIPv6DNS, UseDNSCache,
|
are: CacheDNS, CacheIPv4DNS, CacheIPv6DNS, UseDNSCache,
|
||||||
UseIPv4Cache, and UseIPv6Cache.
|
UseIPv4Cache, and UseIPv6Cache.
|
||||||
|
@ -65,11 +65,11 @@ into the ReleaseNotes file before stable.]
|
||||||
able to prove that there are none. Related to ticket 17983.
|
able to prove that there are none. Related to ticket 17983.
|
||||||
|
|
||||||
o Major features (circuit building, security):
|
o Major features (circuit building, security):
|
||||||
- Authorities, relays and clients now require ntor keys in all
|
- Authorities, relays, and clients now require ntor keys in all
|
||||||
descriptors, for all hops (except for rare hidden service protocol
|
descriptors, for all hops (except for rare hidden service protocol
|
||||||
cases), for all circuits, and for all other roles. Part of
|
cases), for all circuits, and for all other roles. Part of
|
||||||
ticket 19163.
|
ticket 19163.
|
||||||
- Tor authorities, relays, and clients only use ntor, except for
|
- Authorities, relays, and clients only use ntor, except for
|
||||||
rare cases in the hidden service protocol. Part of ticket 19163.
|
rare cases in the hidden service protocol. Part of ticket 19163.
|
||||||
|
|
||||||
o Major features (compilation):
|
o Major features (compilation):
|
||||||
|
@ -110,34 +110,29 @@ into the ReleaseNotes file before stable.]
|
||||||
o Major features (single-hop "hidden" services):
|
o Major features (single-hop "hidden" services):
|
||||||
- Add experimental HiddenServiceSingleHopMode and
|
- Add experimental HiddenServiceSingleHopMode and
|
||||||
HiddenServiceNonAnonymousMode options. When both are set to 1,
|
HiddenServiceNonAnonymousMode options. When both are set to 1,
|
||||||
every hidden service on a Tor instance becomes a non-anonymous
|
every hidden service on that Tor instance becomes a non-anonymous
|
||||||
Single Onion Service. Single Onions make one-hop (direct)
|
Single Onion Service. Single Onions make one-hop (direct)
|
||||||
connections to their introduction and renzedvous points. One-hop
|
connections to their introduction and rendezvous points. One-hop
|
||||||
circuits make Single Onion servers easily locatable, but clients
|
circuits make Single Onion servers easily locatable, but clients
|
||||||
remain location-anonymous. This is compatible with the existing
|
remain location-anonymous. This is compatible with the existing
|
||||||
hidden service implementation, and works on the current tor
|
hidden service implementation, and works on the current Tor
|
||||||
network without any changes to older relays or clients. Implements
|
network without any changes to older relays or clients. Implements
|
||||||
proposal 260, completes ticket 17178. Patch by teor and asn.
|
proposal 260, completes ticket 17178. Patch by teor and asn.
|
||||||
|
|
||||||
o Major features (subprotocol versions):
|
o Major features (subprotocol versions):
|
||||||
- Tor directory authorities now vote on a set of recommended
|
- Tor directory authorities now vote on a set of recommended
|
||||||
subprotocol versions, and on a set of required subprotocol
|
"subprotocol versions", and on a set of required subprotocol
|
||||||
versions. Clients and relays that lack support for a _required_
|
versions. Clients and relays that lack support for a _required_
|
||||||
subprotocol version will not start; those that lack support for a
|
subprotocol version will not start; those that lack support for a
|
||||||
_recommended_ subprotocol version will warn the user to upgrade.
|
_recommended_ subprotocol version will warn the user to upgrade.
|
||||||
Closes ticket 19958; implements part of proposal 264.
|
This change allows compatible implementations of the Tor protocol(s)
|
||||||
- Tor now uses "subprotocol versions" to indicate compatibility.
|
to exist without pretending to be 100% bug-compatible with
|
||||||
Previously, versions of Tor looked at the declared Tor version of
|
particular releases of Tor itself. Closes ticket 19958; implements
|
||||||
a relay to tell whether they could use a given feature. Now, they
|
part of proposal 264.
|
||||||
should be able to rely on its declared subprotocol versions. This
|
|
||||||
change allows compatible implementations of the Tor protocol(s) to
|
|
||||||
exist without pretending to be 100% bug-compatible with particular
|
|
||||||
releases of Tor itself. Closes ticket 19958; implements part of
|
|
||||||
proposal 264.
|
|
||||||
|
|
||||||
o Major bugfixes (circuit building):
|
o Major bugfixes (circuit building):
|
||||||
- Hidden service client-to-intro-point and service-to-rendezvous-
|
- Hidden service client-to-intro-point and service-to-rendezvous-
|
||||||
point cicruits use the TAP key supplied by the protocol, to avoid
|
point circuits use the TAP key supplied by the protocol, to avoid
|
||||||
epistemic attacks. Fixes bug 19163; bugfix on 0.2.4.18-rc.
|
epistemic attacks. Fixes bug 19163; bugfix on 0.2.4.18-rc.
|
||||||
|
|
||||||
o Major bugfixes (download scheduling):
|
o Major bugfixes (download scheduling):
|
||||||
|
@ -180,8 +175,8 @@ into the ReleaseNotes file before stable.]
|
||||||
log lines, and also avoid confusing clock jumps if the resolver
|
log lines, and also avoid confusing clock jumps if the resolver
|
||||||
is slow. Fixes bugs 20423 and 20610; bugfix on 0.2.8.1-alpha.
|
is slow. Fixes bugs 20423 and 20610; bugfix on 0.2.8.1-alpha.
|
||||||
|
|
||||||
o Minor feature (port flags):
|
o Minor features (port flags):
|
||||||
- Add new flags to the *Port options to finer control over which
|
- Add new flags to the *Port options to give finer control over which
|
||||||
requests are allowed. The flags are NoDNSRequest, NoOnionTraffic,
|
requests are allowed. The flags are NoDNSRequest, NoOnionTraffic,
|
||||||
and the synthetic flag OnionTrafficOnly, which is equivalent to
|
and the synthetic flag OnionTrafficOnly, which is equivalent to
|
||||||
NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. Closes enhancement
|
NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. Closes enhancement
|
||||||
|
@ -204,9 +199,9 @@ into the ReleaseNotes file before stable.]
|
||||||
proposal 272.
|
proposal 272.
|
||||||
|
|
||||||
o Minor features (code safety):
|
o Minor features (code safety):
|
||||||
- In our integer-parsing functions, ensure that maxiumum value we
|
- In our integer-parsing functions, ensure that the maximum value we
|
||||||
give is no smaller than the minimum value. Closes ticket 19063;
|
allow is no smaller than the minimum value. Closes ticket 19063;
|
||||||
patch from U+039b.
|
patch from "U+039b".
|
||||||
|
|
||||||
o Minor features (compilation, portability):
|
o Minor features (compilation, portability):
|
||||||
- Compile correctly on MacOS 10.12 (aka "Sierra"). Closes
|
- Compile correctly on MacOS 10.12 (aka "Sierra"). Closes
|
||||||
|
@ -218,7 +213,7 @@ into the ReleaseNotes file before stable.]
|
||||||
|
|
||||||
o Minor features (controller):
|
o Minor features (controller):
|
||||||
- Allow controllers to configure basic client authorization on
|
- Allow controllers to configure basic client authorization on
|
||||||
hidden services when they create them with the ADD_ONION control
|
hidden services when they create them with the ADD_ONION controller
|
||||||
command. Implements ticket 15588. Patch by "special".
|
command. Implements ticket 15588. Patch by "special".
|
||||||
- Fire a STATUS_SERVER controller event whenever the hibernation
|
- Fire a STATUS_SERVER controller event whenever the hibernation
|
||||||
status changes between "awake"/"soft"/"hard". Closes ticket 18685.
|
status changes between "awake"/"soft"/"hard". Closes ticket 18685.
|
||||||
|
@ -276,13 +271,12 @@ into the ReleaseNotes file before stable.]
|
||||||
setting that option to 0. Closes ticket 18322.
|
setting that option to 0. Closes ticket 18322.
|
||||||
|
|
||||||
o Minor features (performance):
|
o Minor features (performance):
|
||||||
- Changer the "optimistic data" extension from "off by default" to
|
- Change the "optimistic data" extension from "off by default" to
|
||||||
"on by default". The default was ordinarily overridden by a
|
"on by default". The default was ordinarily overridden by a
|
||||||
consensus option, but when clients were bootstrapping for the
|
consensus option, but when clients were bootstrapping for the
|
||||||
first time, they would not have a consensus to get the option
|
first time, they would not have a consensus to get the option
|
||||||
from. Changing this default When fetching a consensus for the
|
from. Changing this default saves a round-trip during startup.
|
||||||
first time, use optimistic data. This saves a round-trip during
|
Closes ticket 18815.
|
||||||
startup. Closes ticket 18815.
|
|
||||||
|
|
||||||
o Minor features (relay, usability):
|
o Minor features (relay, usability):
|
||||||
- When the directory authorities refuse a bad relay's descriptor,
|
- When the directory authorities refuse a bad relay's descriptor,
|
||||||
|
@ -292,7 +286,7 @@ into the ReleaseNotes file before stable.]
|
||||||
ticket 18760.
|
ticket 18760.
|
||||||
|
|
||||||
o Minor features (security, TLS):
|
o Minor features (security, TLS):
|
||||||
- Servers no longer support clients that without AES ciphersuites.
|
- Servers no longer support clients that lack AES ciphersuites.
|
||||||
(3DES is no longer considered an acceptable cipher.) We believe
|
(3DES is no longer considered an acceptable cipher.) We believe
|
||||||
that no such Tor clients currently exist, since Tor has required
|
that no such Tor clients currently exist, since Tor has required
|
||||||
OpenSSL 0.9.7 or later since 2009. Closes ticket 19998.
|
OpenSSL 0.9.7 or later since 2009. Closes ticket 19998.
|
||||||
|
@ -302,8 +296,6 @@ into the ReleaseNotes file before stable.]
|
||||||
tests for memwipe(). The test deliberately invokes undefined
|
tests for memwipe(). The test deliberately invokes undefined
|
||||||
behavior, and the OpenBSD protections interfere with this. Patch
|
behavior, and the OpenBSD protections interfere with this. Patch
|
||||||
from "rubiate". Closes ticket 20066.
|
from "rubiate". Closes ticket 20066.
|
||||||
- Let backtrace tests work correctly under AddressSanitizer. Fixes
|
|
||||||
part of bug 18934; bugfix on 0.2.5.2-alpha.
|
|
||||||
- Move the test-network.sh script to chutney, and modify tor's test-
|
- Move the test-network.sh script to chutney, and modify tor's test-
|
||||||
network.sh to call the (newer) chutney version when available.
|
network.sh to call the (newer) chutney version when available.
|
||||||
Resolves ticket 19116. Patch by teor.
|
Resolves ticket 19116. Patch by teor.
|
||||||
|
@ -315,7 +307,7 @@ into the ReleaseNotes file before stable.]
|
||||||
handshakes fail, they fail with the error messages we expected.
|
handshakes fail, they fail with the error messages we expected.
|
||||||
- Our unit testing code that captures log messages no longer
|
- Our unit testing code that captures log messages no longer
|
||||||
prevents them from being written out if the user asked for them
|
prevents them from being written out if the user asked for them
|
||||||
(by passing --debug or --info or or --notice --warn to the "test"
|
(by passing --debug or --info or --notice or --warn to the "test"
|
||||||
binary). This change prevents us from missing unexpected log
|
binary). This change prevents us from missing unexpected log
|
||||||
messages simply because we were looking for others. Related to
|
messages simply because we were looking for others. Related to
|
||||||
ticket 19999.
|
ticket 19999.
|
||||||
|
@ -336,7 +328,7 @@ into the ReleaseNotes file before stable.]
|
||||||
relays, and authorities. Closes ticket 20069; patch by teor.
|
relays, and authorities. Closes ticket 20069; patch by teor.
|
||||||
- Add the single-onion and single-onion-ipv6 chutney targets to
|
- Add the single-onion and single-onion-ipv6 chutney targets to
|
||||||
"make test-network-all". This requires a recent chutney version
|
"make test-network-all". This requires a recent chutney version
|
||||||
with the single onion network flavours (git c72a652 or later).
|
with the single onion network flavors (git c72a652 or later).
|
||||||
Closes ticket 20072; patch by teor.
|
Closes ticket 20072; patch by teor.
|
||||||
|
|
||||||
o Minor features (Tor2web):
|
o Minor features (Tor2web):
|
||||||
|
@ -348,14 +340,13 @@ into the ReleaseNotes file before stable.]
|
||||||
- When configuring a unix domain socket for a SocksPort,
|
- When configuring a unix domain socket for a SocksPort,
|
||||||
ControlPort, or Hidden service, you can now wrap the address in
|
ControlPort, or Hidden service, you can now wrap the address in
|
||||||
quotes, using C-style escapes inside the quotes. This allows unix
|
quotes, using C-style escapes inside the quotes. This allows unix
|
||||||
domain socket paths to contain spaces.
|
domain socket paths to contain spaces. Resolves ticket 18753.
|
||||||
|
|
||||||
o Minor features (user interface):
|
o Minor features (user interface):
|
||||||
- Tor now supports the ability to declare options deprecated, so
|
- Tor now supports the ability to declare options deprecated, so
|
||||||
that we can recommend that people stop using them. Previously,
|
that we can recommend that people stop using them. Previously, this
|
||||||
this was done in an ad-hoc way. Closes ticket 19820.
|
was done in an ad-hoc way. There is a new --list-deprecated-options
|
||||||
- There is a new --list-deprecated-options command-line option to
|
command-line option to list all of the deprecated options. Closes
|
||||||
list all of the deprecated options. Implemented as part of
|
|
||||||
ticket 19820.
|
ticket 19820.
|
||||||
|
|
||||||
o Minor features (virtual addresses):
|
o Minor features (virtual addresses):
|
||||||
|
@ -371,25 +362,25 @@ into the ReleaseNotes file before stable.]
|
||||||
because some other option was set. Fixes bug 20073; bugfix on
|
because some other option was set. Fixes bug 20073; bugfix on
|
||||||
0.2.4.12-alpha. Patch by teor.
|
0.2.4.12-alpha. Patch by teor.
|
||||||
|
|
||||||
o Minor bugfix (build):
|
o Minor bugfixes (build):
|
||||||
- The current Git revision when building from a local repository is
|
- The current Git revision when building from a local repository is
|
||||||
now detected correctly when using git worktrees. Fixes bug 20492;
|
now detected correctly when using git worktrees. Fixes bug 20492;
|
||||||
bugfix on 0.2.3.9-alpha.
|
bugfix on 0.2.3.9-alpha.
|
||||||
|
|
||||||
o Minor bugfixes (address discovery):
|
o Minor bugfixes (relay address discovery):
|
||||||
- Stop reordering IP addresses returned by the OS. This makes it
|
- Stop reordering IP addresses returned by the OS. This makes it
|
||||||
more likely that Tor will guess the same relay IP address every
|
more likely that Tor will guess the same relay IP address every
|
||||||
time. Fixes issue 20163; bugfix on 0.2.7.1-alpha, ticket 17027.
|
time. Fixes issue 20163; bugfix on 0.2.7.1-alpha, ticket 17027.
|
||||||
Reported by René Mayrhofer, patch by "cypherpunks".
|
Reported by René Mayrhofer, patch by "cypherpunks".
|
||||||
|
|
||||||
o Minor bugfixes (allocation):
|
o Minor bugfixes (memory allocation):
|
||||||
- Change how we allocate memory for large chunks on buffers, to
|
- Change how we allocate memory for large chunks on buffers, to
|
||||||
avoid a (currently impossible) integer overflow, and to waste less
|
avoid a (currently impossible) integer overflow, and to waste less
|
||||||
space when allocating unusually large chunks. Fixes bug 20081;
|
space when allocating unusually large chunks. Fixes bug 20081;
|
||||||
bugfix on 0.2.0.16-alpha. Issue identified by Guido Vranken.
|
bugfix on 0.2.0.16-alpha. Issue identified by Guido Vranken.
|
||||||
|
|
||||||
o Minor bugfixes (bootstrap):
|
o Minor bugfixes (bootstrap):
|
||||||
- Remember the directory we fetched the consensus or previous
|
- Remember the directory server we fetched the consensus or previous
|
||||||
certificates from, and use it to fetch future authority
|
certificates from, and use it to fetch future authority
|
||||||
certificates. This change improves bootstrapping performance.
|
certificates. This change improves bootstrapping performance.
|
||||||
Fixes bug 18963; bugfix on 0.2.8.1-alpha.
|
Fixes bug 18963; bugfix on 0.2.8.1-alpha.
|
||||||
|
@ -426,7 +417,7 @@ into the ReleaseNotes file before stable.]
|
||||||
|
|
||||||
o Minor bugfixes (configuration):
|
o Minor bugfixes (configuration):
|
||||||
- When parsing quoted configuration values from the torrc file,
|
- When parsing quoted configuration values from the torrc file,
|
||||||
handle windows line endings correctly. Fixes bug 19167; bugfix on
|
handle Windows line endings correctly. Fixes bug 19167; bugfix on
|
||||||
0.2.0.16-alpha. Patch from "Pingl".
|
0.2.0.16-alpha. Patch from "Pingl".
|
||||||
|
|
||||||
o Minor bugfixes (directory authority):
|
o Minor bugfixes (directory authority):
|
||||||
|
@ -441,14 +432,14 @@ into the ReleaseNotes file before stable.]
|
||||||
private locations as such. Fixes bug 20064; bugfix
|
private locations as such. Fixes bug 20064; bugfix
|
||||||
on 0.2.2.9-alpha.
|
on 0.2.2.9-alpha.
|
||||||
- When parsing a detached signature, make sure we use the length of
|
- When parsing a detached signature, make sure we use the length of
|
||||||
the digest algorithm instead of an hardcoded DIGEST256_LEN in
|
the digest algorithm instead of a hardcoded DIGEST256_LEN in
|
||||||
order to avoid comparing bytes out-of-bounds with a smaller digest
|
order to avoid comparing bytes out-of-bounds with a smaller digest
|
||||||
length such as SHA1. Fixes bug 19066; bugfix on 0.2.2.6-alpha.
|
length such as SHA1. Fixes bug 19066; bugfix on 0.2.2.6-alpha.
|
||||||
|
|
||||||
o Minor bugfixes (getpass):
|
o Minor bugfixes (getpass):
|
||||||
- Defensively fix a non-triggerable heap corruption at do_getpass()
|
- Defensively fix a non-triggerable heap corruption at do_getpass()
|
||||||
to protect ourselves from mistakes in the future. Fixes bug
|
to protect ourselves from mistakes in the future. Fixes bug
|
||||||
#19223; bugfix on 0.2.7.3-rc. Bug found by Guido Vranken, patch
|
19223; bugfix on 0.2.7.3-rc. Bug found by Guido Vranken, patch
|
||||||
by nherring.
|
by nherring.
|
||||||
|
|
||||||
o Minor bugfixes (guard selection):
|
o Minor bugfixes (guard selection):
|
||||||
|
@ -476,8 +467,7 @@ into the ReleaseNotes file before stable.]
|
||||||
on 0.2.7.1-alpha.
|
on 0.2.7.1-alpha.
|
||||||
- When configuring hidden services, check every hidden service
|
- When configuring hidden services, check every hidden service
|
||||||
directory's permissions. Previously, we only checked the last
|
directory's permissions. Previously, we only checked the last
|
||||||
hidden service. Fixes bug 20529; bugfix the work to fix 13942
|
hidden service. Fixes bug 20529; bugfix on 0.2.6.2-alpha.
|
||||||
in 0.2.6.2-alpha.
|
|
||||||
|
|
||||||
o Minor bugfixes (IPv6, testing):
|
o Minor bugfixes (IPv6, testing):
|
||||||
- Check for IPv6 correctly on Linux when running test networks.
|
- Check for IPv6 correctly on Linux when running test networks.
|
||||||
|
@ -500,16 +490,18 @@ into the ReleaseNotes file before stable.]
|
||||||
username correctly. Fixes bug 19578; bugfix on 0.2.2.29-beta.
|
username correctly. Fixes bug 19578; bugfix on 0.2.2.29-beta.
|
||||||
- When we are unable to remove the bw_accounting file, do not warn
|
- When we are unable to remove the bw_accounting file, do not warn
|
||||||
if the reason we couldn't remove it was that it didn't exist.
|
if the reason we couldn't remove it was that it didn't exist.
|
||||||
Fixes bug 19964; bugfix on 0.2.5.4-alpha. Patch from 'pastly'.
|
Fixes bug 19964; bugfix on 0.2.5.4-alpha. Patch from pastly.
|
||||||
|
|
||||||
o Minor bugfixes (memory leak):
|
o Minor bugfixes (memory leak):
|
||||||
- Fix a series of slow memory leaks related to parsing torrc files
|
- Fix a series of slow memory leaks related to parsing torrc files
|
||||||
and options. Fixes bug 19466; bugfix on 0.2.1.6-alpha.
|
and options. Fixes bug 19466; bugfix on 0.2.1.6-alpha.
|
||||||
|
- Avoid a small memory leak when informing worker threads about
|
||||||
|
rotated onion keys. Fixes bug 20401; bugfix on 0.2.6.3-alpha.
|
||||||
- Fix a small memory leak when receiving AF_UNIX connections on a
|
- Fix a small memory leak when receiving AF_UNIX connections on a
|
||||||
SocksPort. Fixes bug 20716; bugfix on 0.2.6.3-alpha.
|
SocksPort. Fixes bug 20716; bugfix on 0.2.6.3-alpha.
|
||||||
- When moving a signed descriptor object from a source to an
|
- When moving a signed descriptor object from a source to an
|
||||||
existing destination, free the allocated memory inside that
|
existing destination, free the allocated memory inside that
|
||||||
destination object. Fixes bug 20715; bugfix on tor-0.2.8.3-alpha.
|
destination object. Fixes bug 20715; bugfix on 0.2.8.3-alpha.
|
||||||
- Fix a memory leak and use-after-free error when removing entries
|
- Fix a memory leak and use-after-free error when removing entries
|
||||||
from the sandbox's getaddrinfo() cache. Fixes bug 20710; bugfix on
|
from the sandbox's getaddrinfo() cache. Fixes bug 20710; bugfix on
|
||||||
0.2.5.5-alpha. Patch from "cypherpunks".
|
0.2.5.5-alpha. Patch from "cypherpunks".
|
||||||
|
@ -519,25 +511,23 @@ into the ReleaseNotes file before stable.]
|
||||||
|
|
||||||
o Minor bugfixes (option parsing):
|
o Minor bugfixes (option parsing):
|
||||||
- Count unix sockets when counting client listeners (SOCKS, Trans,
|
- Count unix sockets when counting client listeners (SOCKS, Trans,
|
||||||
NATD, and DNS). This has no user-visible behaviour changes: these
|
NATD, and DNS). This has no user-visible behavior changes: these
|
||||||
options are set once, and never read. Required for correct
|
options are set once, and never read. Required for correct
|
||||||
behaviour in ticket 17178. Fixes bug 19677; bugfix on
|
behavior in ticket 17178. Fixes bug 19677; bugfix on
|
||||||
0.2.6.3-alpha. Patch by teor.
|
0.2.6.3-alpha. Patch by teor.
|
||||||
|
|
||||||
o Minor bugfixes (options):
|
o Minor bugfixes (options):
|
||||||
- Check the consistency of UseEntryGuards and EntryNodes more
|
- Check the consistency of UseEntryGuards and EntryNodes more
|
||||||
reliably. Fixes bug 20074; bugfix on tor- 0.2.4.12-alpha. Patch
|
reliably. Fixes bug 20074; bugfix on 0.2.4.12-alpha. Patch
|
||||||
by teor.
|
by teor.
|
||||||
- Stop changing the configured value of UseEntryGuards on
|
- Stop changing the configured value of UseEntryGuards on
|
||||||
authorities and Tor2web clients. Fixes bug 20074; bugfix on
|
authorities and Tor2web clients. Fixes bug 20074; bugfix on
|
||||||
commits 51fc6799 in tor-0.1.1.16-rc and acda1735 in tor-0.2.4.3-
|
commits 51fc6799 in 0.1.1.16-rc and acda1735 in 0.2.4.3-alpha.
|
||||||
alpha. Patch by teor.
|
Patch by teor.
|
||||||
|
|
||||||
o Minor bugfixes (relay):
|
o Minor bugfixes (relay):
|
||||||
- Ensure relays don't make multiple connections during bootstrap.
|
- Ensure relays don't make multiple connections during bootstrap.
|
||||||
Fixes bug 20591; bugfix on 0.2.8.1-alpha.
|
Fixes bug 20591; bugfix on 0.2.8.1-alpha.
|
||||||
- Avoid a small memory leak when informing worker threads about
|
|
||||||
rotated onion keys. Fixes bug 20401; bugfix on 0.2.6.3-alpha.
|
|
||||||
- Do not try to parallelize workers more than 16x without the user
|
- Do not try to parallelize workers more than 16x without the user
|
||||||
explicitly configuring us to do so, even if we do detect more than
|
explicitly configuring us to do so, even if we do detect more than
|
||||||
16 CPU cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha.
|
16 CPU cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha.
|
||||||
|
@ -551,9 +541,10 @@ into the ReleaseNotes file before stable.]
|
||||||
bug 19702; bugfix on 0.2.7.1-alpha. Patch by teor.
|
bug 19702; bugfix on 0.2.7.1-alpha. Patch by teor.
|
||||||
- Avoid a unit test failure on systems with over 16 detectable CPU
|
- Avoid a unit test failure on systems with over 16 detectable CPU
|
||||||
cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha.
|
cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha.
|
||||||
- Disable ASAN's detection of segmentation faults while running
|
- Let backtrace tests work correctly under AddressSanitizer:
|
||||||
|
disable ASAN's detection of segmentation faults while running
|
||||||
test_bt.sh, so that we can make sure that our own backtrace
|
test_bt.sh, so that we can make sure that our own backtrace
|
||||||
generation code works. Fixes another aspect of bug 18934; bugfix
|
generation code works. Fixes bug 18934; bugfix
|
||||||
on 0.2.5.2-alpha. Patch from "cypherpunks".
|
on 0.2.5.2-alpha. Patch from "cypherpunks".
|
||||||
- Fix the test-network-all target on out-of-tree builds by using the
|
- Fix the test-network-all target on out-of-tree builds by using the
|
||||||
correct path to the test driver script. Fixes bug 19421; bugfix
|
correct path to the test driver script. Fixes bug 19421; bugfix
|
||||||
|
@ -577,7 +568,7 @@ into the ReleaseNotes file before stable.]
|
||||||
bugfix on 0.2.2.2-alpha.
|
bugfix on 0.2.2.2-alpha.
|
||||||
|
|
||||||
o Minor bugfixes (Tor2web):
|
o Minor bugfixes (Tor2web):
|
||||||
- Prevent Tor2web clients running hidden services, these services
|
- Prevent Tor2web clients from running hidden services: these services
|
||||||
are not anonymous due to the one-hop client paths. Fixes bug
|
are not anonymous due to the one-hop client paths. Fixes bug
|
||||||
19678. Patch by teor.
|
19678. Patch by teor.
|
||||||
|
|
||||||
|
@ -600,7 +591,7 @@ into the ReleaseNotes file before stable.]
|
||||||
|
|
||||||
o Documentation:
|
o Documentation:
|
||||||
- Add module-level internal documentation for 36 C files that
|
- Add module-level internal documentation for 36 C files that
|
||||||
previously didn't have a high-level overview. Closes ticket #20385.
|
previously didn't have a high-level overview. Closes ticket 20385.
|
||||||
- Correct the IPv6 syntax in our documentation for the
|
- Correct the IPv6 syntax in our documentation for the
|
||||||
VirtualAddrNetworkIPv6 torrc option. Closes ticket 19743.
|
VirtualAddrNetworkIPv6 torrc option. Closes ticket 19743.
|
||||||
- Correct the minimum bandwidth value in torrc.sample, and queue a
|
- Correct the minimum bandwidth value in torrc.sample, and queue a
|
||||||
|
@ -613,8 +604,8 @@ into the ReleaseNotes file before stable.]
|
||||||
19504; bugfix on 0.2.7.3-rc.
|
19504; bugfix on 0.2.7.3-rc.
|
||||||
- Document the default PathsNeededToBuildCircuits value that's used
|
- Document the default PathsNeededToBuildCircuits value that's used
|
||||||
by clients when the directory authorities don't set
|
by clients when the directory authorities don't set
|
||||||
min_paths_for_circs_pct. Fixes bug 20117; bugfix on 02c320916e02
|
min_paths_for_circs_pct. Fixes bug 20117; bugfix on 0.2.4.10-alpha.
|
||||||
in tor-0.2.4.10-alpha. Patch by teor, reported by Jesse V.
|
Patch by teor, reported by Jesse V.
|
||||||
- Fix manual for the User option: it takes a username, not a UID.
|
- Fix manual for the User option: it takes a username, not a UID.
|
||||||
Fixes bug 19122; bugfix on 0.0.2pre16 (the first version to have
|
Fixes bug 19122; bugfix on 0.0.2pre16 (the first version to have
|
||||||
a manpage!).
|
a manpage!).
|
||||||
|
@ -625,7 +616,7 @@ into the ReleaseNotes file before stable.]
|
||||||
|
|
||||||
o Removed code:
|
o Removed code:
|
||||||
- We no longer include the (dead, deprecated) bufferevent code in
|
- We no longer include the (dead, deprecated) bufferevent code in
|
||||||
Tor. Closes ticket 19450. Based on a patch from U+039b.
|
Tor. Closes ticket 19450. Based on a patch from "U+039b".
|
||||||
|
|
||||||
o Removed features:
|
o Removed features:
|
||||||
- Remove support for "GET /tor/bytes.txt" DirPort request, and
|
- Remove support for "GET /tor/bytes.txt" DirPort request, and
|
||||||
|
@ -642,3 +633,4 @@ into the ReleaseNotes file before stable.]
|
||||||
command-line options to enable them.
|
command-line options to enable them.
|
||||||
- We now have unit tests for our code to reject zlib "compression
|
- We now have unit tests for our code to reject zlib "compression
|
||||||
bombs". (Fortunately, the code works fine.)
|
bombs". (Fortunately, the code works fine.)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue