fold in further changes files
This commit is contained in:
parent
4ef52cc167
commit
dab4656c85
28
ChangeLog
28
ChangeLog
|
@ -1,14 +1,40 @@
|
||||||
Changes in version 0.2.4.21 - 2014-02-1?
|
Changes in version 0.2.4.21 - 2014-02-2?
|
||||||
|
o Major features (client security):
|
||||||
|
- When we choose a path for a 3-hop circuit, make sure it contains
|
||||||
|
at least one relay that supports the NTor circuit extension
|
||||||
|
handshake. Otherwise, there is a chance that we're building
|
||||||
|
a circuit that's worth attacking by an adversary who finds
|
||||||
|
breaking 1024-bit crypto doable, and that chance changes the game
|
||||||
|
theory. Implements ticket 9777.
|
||||||
|
|
||||||
|
o Major bugfixes:
|
||||||
|
- Do not treat streams that fail with reason
|
||||||
|
END_STREAM_REASON_INTERNAL as indicating a definite circuit failure,
|
||||||
|
since it could also indicate an ENETUNREACH connection error. Fixes
|
||||||
|
part of bug 10777; bugfix on 0.2.4.8-alpha.
|
||||||
|
|
||||||
o Minor features:
|
o Minor features:
|
||||||
- Always clear OpenSSL bignums before freeing them -- even bignums
|
- Always clear OpenSSL bignums before freeing them -- even bignums
|
||||||
that don't contain secrets. Resolves ticket 10793. Patch by
|
that don't contain secrets. Resolves ticket 10793. Patch by
|
||||||
Florent Daigniere.
|
Florent Daigniere.
|
||||||
|
- Build without warnings under clang 3.4. (We have some macros that
|
||||||
|
define static functions only some of which will get used later in
|
||||||
|
the module. Starting with clang 3.4, these give a warning unless the
|
||||||
|
unused attribute is set on them.) Resolves ticket 10904.
|
||||||
|
- Update geoip and geoip6 files to the February 7 2014 Maxmind
|
||||||
|
GeoLite2 Country database.
|
||||||
|
|
||||||
o Minor bugfixes:
|
o Minor bugfixes:
|
||||||
- Set the listen() backlog limit to the largest actually supported
|
- Set the listen() backlog limit to the largest actually supported
|
||||||
on the system, not to the value in a header file. Fixes bug 9716;
|
on the system, not to the value in a header file. Fixes bug 9716;
|
||||||
bugfix on every released Tor.
|
bugfix on every released Tor.
|
||||||
|
- Treat ENETUNREACH, EACCES, and EPERM connection failures at an
|
||||||
|
exit node as a NOROUTE error, not an INTERNAL error, since they
|
||||||
|
can apparently happen when trying to connect to the wrong sort
|
||||||
|
of netblocks. Fixes part of bug 10777; bugfix on 0.1.0.1-rc.
|
||||||
|
- Fix build warnings about missing "a2x" comment when building the
|
||||||
|
manpages from scratch on OpenBSD; OpenBSD calls it "a2x.py".
|
||||||
|
Fixes bug 10929; bugfix on 0.2.2.9-alpha. Patch from Dana Koch.
|
||||||
- Avoid a segfault on SIGUSR1, where we had freed a connection but did
|
- Avoid a segfault on SIGUSR1, where we had freed a connection but did
|
||||||
not entirely remove it from the connection lists. Fixes bug 9602;
|
not entirely remove it from the connection lists. Fixes bug 9602;
|
||||||
bugfix on 0.2.4.4-alpha.
|
bugfix on 0.2.4.4-alpha.
|
||||||
|
|
|
@ -1,7 +0,0 @@
|
||||||
- Minor bugfixes:
|
|
||||||
|
|
||||||
- Treat ENETUNREACH, EACCES, and EPERM at an exit node as a
|
|
||||||
NOROUTE error, not an INTERNAL error, since they can apparently
|
|
||||||
happen when trying to connect to the wrong sort of
|
|
||||||
netblocks. Fixes a part of bug 10777; bugfix on 0.1.0.1-rc.
|
|
||||||
|
|
|
@ -1,4 +0,0 @@
|
||||||
o Major bugfixes:
|
|
||||||
- Do not treat END_STREAM_REASON_INTERNAL as indicating a definite
|
|
||||||
circuit failure, since it could also indicate an ENETUNREACH
|
|
||||||
error. Fixes part of bug 10777; bugfix on 0.2.4.8-alpha.
|
|
|
@ -1,5 +0,0 @@
|
||||||
o Minor bugfixes (compilation):
|
|
||||||
- Build without warnings under clang 3.4. (We have some macros that
|
|
||||||
define static functions only some of which will get used later in
|
|
||||||
the module. Starting with clang 3.4, these give a warning unless the
|
|
||||||
unused attribute is set on them.)
|
|
|
@ -1,6 +0,0 @@
|
||||||
- Minor bugfixes:
|
|
||||||
- Fix build warnings about missing "a2x" comment when building the
|
|
||||||
manpages from scratch on OpenBSD; OpenBSD calls it "a2x.py".
|
|
||||||
Fixes bug 10929; bugfix on tor-0.2.2.9-alpha. Patch from
|
|
||||||
Dana Koch.
|
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
o Minor features:
|
|
||||||
- Avoid using circuit paths if no node in the path supports the ntor
|
|
||||||
circuit extension handshake. Implements ticket 9777.
|
|
|
@ -1,3 +0,0 @@
|
||||||
o Minor features:
|
|
||||||
- Update to the February 7 2014 Maxmind GeoLite2 Country database.
|
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
o Minor features:
|
|
||||||
- Fix our version of the February 7 2014 Maxmind GeoLite2 Country database.
|
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
o Minor features:
|
|
||||||
- Update geoip6 to the February 7 2014 Maxmind GeoLite2 Country
|
|
||||||
database.
|
|
Loading…
Reference in New Issue