Move around some entries in the ReleaseNotes between sections
This commit is contained in:
parent
6880aaf0a9
commit
e6c16e6267
72
ReleaseNotes
72
ReleaseNotes
|
@ -29,13 +29,25 @@ Changes in version 0.2.5.9 - 2014-10-2x
|
||||||
table positions are derived from a randomized cryptographic key,
|
table positions are derived from a randomized cryptographic key,
|
||||||
and an attacker cannot predict which entries will collide. Closes
|
and an attacker cannot predict which entries will collide. Closes
|
||||||
ticket 4900.
|
ticket 4900.
|
||||||
|
|
||||||
o Major features (security):
|
|
||||||
- If you don't specify MaxMemInQueues yourself, Tor now tries to
|
- If you don't specify MaxMemInQueues yourself, Tor now tries to
|
||||||
pick a good value based on your total system memory. Previously,
|
pick a good value based on your total system memory. Previously,
|
||||||
the default was always 8 GB. You can still override the default by
|
the default was always 8 GB. You can still override the default by
|
||||||
setting MaxMemInQueues yourself. Resolves ticket 11396.
|
setting MaxMemInQueues yourself. Resolves ticket 11396.
|
||||||
|
|
||||||
|
o Major features (client security):
|
||||||
|
- The ntor handshake is now on-by-default, no matter what the
|
||||||
|
directory authorities recommend. Implements ticket 8561.
|
||||||
|
|
||||||
|
o Major features (other security):
|
||||||
|
- Disable support for SSLv3. All versions of OpenSSL in use with Tor
|
||||||
|
today support TLS 1.0 or later, so we can safely turn off support
|
||||||
|
for this old (and insecure) protocol. Fixes bug 13426.
|
||||||
|
- Warn about attempts to run hidden services and relays in the same
|
||||||
|
process: that's probably not a good idea. Closes ticket 12908.
|
||||||
|
- Make the "tor-gencert" tool used by directory authority operators
|
||||||
|
create 2048-bit signing keys by default (rather than 1024-bit, since
|
||||||
|
1024-bit is uncomfortably small these days). Addresses ticket 10324.
|
||||||
|
|
||||||
o Major features (bridges):
|
o Major features (bridges):
|
||||||
- Don't launch pluggable transport proxies if we don't have any
|
- Don't launch pluggable transport proxies if we don't have any
|
||||||
bridges configured that would use them. Now we can list many
|
bridges configured that would use them. Now we can list many
|
||||||
|
@ -70,32 +82,36 @@ Changes in version 0.2.5.9 - 2014-10-2x
|
||||||
platforms. This work has been done by Cristian-Matei Toader for
|
platforms. This work has been done by Cristian-Matei Toader for
|
||||||
Google Summer of Code. Resolves tickets 11351 and 11465.
|
Google Summer of Code. Resolves tickets 11351 and 11465.
|
||||||
|
|
||||||
o Major features (other):
|
o Major features (controller):
|
||||||
- Extend ORCONN controller event to include an "ID" parameter,
|
- Extend ORCONN controller event to include an "ID" parameter,
|
||||||
and add four new controller event types CONN_BW, CIRC_BW,
|
and add four new controller event types CONN_BW, CIRC_BW,
|
||||||
CELL_STATS, and TB_EMPTY that show connection and circuit usage.
|
CELL_STATS, and TB_EMPTY that show connection and circuit usage.
|
||||||
The new events are emitted in private Tor networks only, with the
|
The new events are emitted in private Tor networks only, with the
|
||||||
goal of being able to better track performance and load during
|
goal of being able to better track performance and load during
|
||||||
full-network simulations. Implements proposal 218 and ticket 7359.
|
full-network simulations. Implements proposal 218 and ticket 7359.
|
||||||
|
|
||||||
|
o Major features (other):
|
||||||
- On some platforms (currently: recent OSX versions, glibc-based
|
- On some platforms (currently: recent OSX versions, glibc-based
|
||||||
platforms that support the ELF format, and a few other
|
platforms that support the ELF format, and a few other
|
||||||
Unix-like operating systems), Tor can now dump stack traces
|
Unix-like operating systems), Tor can now dump stack traces
|
||||||
when a crash occurs or an assertion fails. By default, traces
|
when a crash occurs or an assertion fails. By default, traces
|
||||||
are dumped to stderr (if possible) and to any logs that are
|
are dumped to stderr (if possible) and to any logs that are
|
||||||
reporting errors. Implements ticket 9299.
|
reporting errors. Implements ticket 9299.
|
||||||
|
|
||||||
|
o Major features (bridges and pluggable transports):
|
||||||
- Add support for passing arguments to managed pluggable transport
|
- Add support for passing arguments to managed pluggable transport
|
||||||
proxies. Implements ticket 3594.
|
proxies. Implements ticket 3594.
|
||||||
- Bridges now track GeoIP information and the number of their users
|
- Bridges now track GeoIP information and the number of their users
|
||||||
even when pluggable transports are in use, and report usage
|
even when pluggable transports are in use, and report usage
|
||||||
statistics in their extra-info descriptors. Resolves tickets 4773
|
statistics in their extra-info descriptors. Resolves tickets 4773
|
||||||
and 5040.
|
and 5040.
|
||||||
|
|
||||||
|
o Major features (testing networks):
|
||||||
- Make testing Tor networks bootstrap better: lower directory fetch
|
- Make testing Tor networks bootstrap better: lower directory fetch
|
||||||
retry schedules and maximum interval without directory requests,
|
retry schedules and maximum interval without directory requests,
|
||||||
and raise maximum download tries. Implements ticket 6752.
|
and raise maximum download tries. Implements ticket 6752.
|
||||||
- Add make target 'test-network' to run tests on a Chutney network.
|
- Add make target 'test-network' to run tests on a Chutney network.
|
||||||
Implements ticket 8530.
|
Implements ticket 8530.
|
||||||
- The ntor handshake is now on-by-default, no matter what the
|
|
||||||
directory authorities recommend. Implements ticket 8561.
|
|
||||||
|
|
||||||
o Major bugfixes (security, directory authorities):
|
o Major bugfixes (security, directory authorities):
|
||||||
- Directory authorities now include a digest of each relay's
|
- Directory authorities now include a digest of each relay's
|
||||||
|
@ -135,10 +151,6 @@ Changes in version 0.2.5.9 - 2014-10-2x
|
||||||
process that has already exited. Fixes bug 8746; bugfix
|
process that has already exited. Fixes bug 8746; bugfix
|
||||||
on 0.2.3.6-alpha.
|
on 0.2.3.6-alpha.
|
||||||
|
|
||||||
o Major bugfixes (client, startup):
|
|
||||||
- Warn about attempts to run hidden services and relays in the same
|
|
||||||
process: that's probably not a good idea. Closes ticket 12908.
|
|
||||||
|
|
||||||
o Major bugfixes (relay):
|
o Major bugfixes (relay):
|
||||||
- Avoid queuing or sending destroy cells for circuit ID zero when we
|
- Avoid queuing or sending destroy cells for circuit ID zero when we
|
||||||
fail to send a CREATE cell. Fixes bug 12848; bugfix on 0.0.8pre1.
|
fail to send a CREATE cell. Fixes bug 12848; bugfix on 0.0.8pre1.
|
||||||
|
@ -157,11 +169,6 @@ Changes in version 0.2.5.9 - 2014-10-2x
|
||||||
circuit in a million non-functional. Fixes bug 12195; this is a
|
circuit in a million non-functional. Fixes bug 12195; this is a
|
||||||
bugfix on every version of Tor.
|
bugfix on every version of Tor.
|
||||||
|
|
||||||
o Major security fixes:
|
|
||||||
- Disable support for SSLv3. All versions of OpenSSL in use with Tor
|
|
||||||
today support TLS 1.0 or later, so we can safely turn off support
|
|
||||||
for this old (and insecure) protocol. Fixes bug 13426.
|
|
||||||
|
|
||||||
o Minor features (security):
|
o Minor features (security):
|
||||||
- New --enable-expensive-hardening option to enable security
|
- New --enable-expensive-hardening option to enable security
|
||||||
hardening options that consume nontrivial amounts of CPU and
|
hardening options that consume nontrivial amounts of CPU and
|
||||||
|
@ -685,7 +692,7 @@ Changes in version 0.2.5.9 - 2014-10-2x
|
||||||
own keys when generating a v3 networkstatus vote. These leaks
|
own keys when generating a v3 networkstatus vote. These leaks
|
||||||
should never have affected anyone in practice.
|
should never have affected anyone in practice.
|
||||||
|
|
||||||
o Minor fixes (build, auxiliary programs):
|
o Minor bugfixes (build, auxiliary programs):
|
||||||
- Stop preprocessing the "torify" script with autoconf, since
|
- Stop preprocessing the "torify" script with autoconf, since
|
||||||
it no longer refers to LOCALSTATEDIR. Fixes bug 5505; patch
|
it no longer refers to LOCALSTATEDIR. Fixes bug 5505; patch
|
||||||
from Guilhem.
|
from Guilhem.
|
||||||
|
@ -735,23 +742,19 @@ Changes in version 0.2.5.9 - 2014-10-2x
|
||||||
- Get rid of router->address, since in all cases it was just the
|
- Get rid of router->address, since in all cases it was just the
|
||||||
string representation of router->addr. Resolves ticket 5528.
|
string representation of router->addr. Resolves ticket 5528.
|
||||||
|
|
||||||
o Compilation fixes:
|
o Minor bugfixes (compilation):
|
||||||
- Build and run correctly on systems like OpenBSD-current that have
|
- Build and run correctly on systems like OpenBSD-current that have
|
||||||
patched OpenSSL to remove get_cipher_by_char and/or its
|
patched OpenSSL to remove get_cipher_by_char and/or its
|
||||||
implementations. Fixes issue 13325.
|
implementations. Fixes issue 13325.
|
||||||
|
|
||||||
o Distribution:
|
|
||||||
- Include a tor.service file in contrib/dist for use with systemd.
|
|
||||||
Some distributions will be able to use this file unmodified;
|
|
||||||
others will need to tweak it, or write their own. Patch from Jamie
|
|
||||||
Nguyen; resolves ticket 8368.
|
|
||||||
|
|
||||||
o Documentation:
|
o Documentation:
|
||||||
- Adjust the URLs in the README to refer to the new locations of
|
- Adjust the URLs in the README to refer to the new locations of
|
||||||
several documents on the website. Fixes bug 12830. Patch from
|
several documents on the website. Fixes bug 12830. Patch from
|
||||||
Matt Pagan.
|
Matt Pagan.
|
||||||
- Document 'reject6' and 'accept6' ExitPolicy entries. Resolves
|
- Document 'reject6' and 'accept6' ExitPolicy entries. Resolves
|
||||||
ticket 12878.
|
ticket 12878.
|
||||||
|
- Update manpage to describe some of the files you can expect to
|
||||||
|
find in Tor's DataDirectory. Addresses ticket 9839.
|
||||||
- Clean up several option names in the manpage to match their real
|
- Clean up several option names in the manpage to match their real
|
||||||
names, add the missing documentation for a couple of testing and
|
names, add the missing documentation for a couple of testing and
|
||||||
directory authority options, remove the documentation for a
|
directory authority options, remove the documentation for a
|
||||||
|
@ -807,8 +810,6 @@ Changes in version 0.2.5.9 - 2014-10-2x
|
||||||
authorities since 0.2.2.1-alpha, when we stopped uploading or
|
authorities since 0.2.2.1-alpha, when we stopped uploading or
|
||||||
downloading v0 hidden service descriptors. Fixes bug 10881; also
|
downloading v0 hidden service descriptors. Fixes bug 10881; also
|
||||||
part of a fix for bug 10841.
|
part of a fix for bug 10841.
|
||||||
|
|
||||||
o Removed code:
|
|
||||||
- Remove /tor/dbg-stability.txt URL that was meant to help debug WFU
|
- Remove /tor/dbg-stability.txt URL that was meant to help debug WFU
|
||||||
and MTBF calculations, but that nobody was using. Fixes bug 11742.
|
and MTBF calculations, but that nobody was using. Fixes bug 11742.
|
||||||
- The TunnelDirConns and PreferTunnelledDirConns options no longer
|
- The TunnelDirConns and PreferTunnelledDirConns options no longer
|
||||||
|
@ -821,8 +822,6 @@ Changes in version 0.2.5.9 - 2014-10-2x
|
||||||
- Remove all remaining code related to version-0 hidden service
|
- Remove all remaining code related to version-0 hidden service
|
||||||
descriptors: they have not been in use since 0.2.2.1-alpha. Fixes
|
descriptors: they have not been in use since 0.2.2.1-alpha. Fixes
|
||||||
the rest of bug 10841.
|
the rest of bug 10841.
|
||||||
|
|
||||||
o Removed features:
|
|
||||||
- Remove migration code from when we renamed the "cached-routers"
|
- Remove migration code from when we renamed the "cached-routers"
|
||||||
file to "cached-descriptors" back in 0.2.0.8-alpha. This
|
file to "cached-descriptors" back in 0.2.0.8-alpha. This
|
||||||
incidentally resolves ticket 6502 by cleaning up the related code
|
incidentally resolves ticket 6502 by cleaning up the related code
|
||||||
|
@ -844,28 +843,27 @@ Changes in version 0.2.5.9 - 2014-10-2x
|
||||||
- Improve the tinytest implementation of string operation tests so
|
- Improve the tinytest implementation of string operation tests so
|
||||||
that comparisons with NULL strings no longer crash the tests; they
|
that comparisons with NULL strings no longer crash the tests; they
|
||||||
now just fail, normally. Fixes bug 9004; bugfix on 0.2.2.4-alpha.
|
now just fail, normally. Fixes bug 9004; bugfix on 0.2.2.4-alpha.
|
||||||
|
|
||||||
o Testing:
|
|
||||||
- New macros in test.h to simplify writing mock-functions for unit
|
- New macros in test.h to simplify writing mock-functions for unit
|
||||||
tests. Part of ticket 11507. Patch from Dana Koch.
|
tests. Part of ticket 11507. Patch from Dana Koch.
|
||||||
- Complete tests for the status.c module. Resolves ticket 11507.
|
|
||||||
Patch from Dana Koch.
|
|
||||||
- We now have rudimentary function mocking support that our unit
|
- We now have rudimentary function mocking support that our unit
|
||||||
tests can use to test functions in isolation. Function mocking
|
tests can use to test functions in isolation. Function mocking
|
||||||
lets the tests temporarily replace a function's dependencies with
|
lets the tests temporarily replace a function's dependencies with
|
||||||
stub functions, so that the tests can check the function without
|
stub functions, so that the tests can check the function without
|
||||||
invoking the other functions it calls.
|
invoking the other functions it calls.
|
||||||
|
|
||||||
|
o Testing:
|
||||||
|
- Complete tests for the status.c module. Resolves ticket 11507.
|
||||||
|
Patch from Dana Koch.
|
||||||
- Add more unit tests for the <circid,channel>->circuit map, and
|
- Add more unit tests for the <circid,channel>->circuit map, and
|
||||||
the destroy-cell-tracking code to fix bug 7912.
|
the destroy-cell-tracking code to fix bug 7912.
|
||||||
- Unit tests for failing cases of the TAP onion handshake.
|
- Unit tests for failing cases of the TAP onion handshake.
|
||||||
- More unit tests for address-manipulation functions.
|
- More unit tests for address-manipulation functions.
|
||||||
|
|
||||||
o Tool changes:
|
|
||||||
- Make the "tor-gencert" tool used by directory authority operators
|
|
||||||
create 2048-bit signing keys by default (rather than 1024-bit, since
|
|
||||||
1024-bit is uncomfortably small these days). Addresses ticket 10324.
|
|
||||||
|
|
||||||
o Distribution (systemd):
|
o Distribution (systemd):
|
||||||
|
- Include a tor.service file in contrib/dist for use with systemd.
|
||||||
|
Some distributions will be able to use this file unmodified;
|
||||||
|
others will need to tweak it, or write their own. Patch from Jamie
|
||||||
|
Nguyen; resolves ticket 8368.
|
||||||
- Verify configuration file via ExecStartPre in the systemd unit
|
- Verify configuration file via ExecStartPre in the systemd unit
|
||||||
file. Patch from intrigeri; resolves ticket 12730.
|
file. Patch from intrigeri; resolves ticket 12730.
|
||||||
- Explicitly disable RunAsDaemon in the systemd unit file. Our
|
- Explicitly disable RunAsDaemon in the systemd unit file. Our
|
||||||
|
@ -877,10 +875,6 @@ Changes in version 0.2.5.9 - 2014-10-2x
|
||||||
"RunAsDaemon 1") by default. Patch by intrigeri; resolves
|
"RunAsDaemon 1") by default. Patch by intrigeri; resolves
|
||||||
ticket 12731.
|
ticket 12731.
|
||||||
|
|
||||||
o Documentation (man page) fixes:
|
|
||||||
- Update manpage to describe some of the files you can expect to
|
|
||||||
find in Tor's DataDirectory. Addresses ticket 9839.
|
|
||||||
|
|
||||||
|
|
||||||
Changes in version 0.2.4.24 - 2014-09-22
|
Changes in version 0.2.4.24 - 2014-09-22
|
||||||
Tor 0.2.4.24 fixes a bug that affects consistency and speed when
|
Tor 0.2.4.24 fixes a bug that affects consistency and speed when
|
||||||
|
|
Loading…
Reference in New Issue