start to migrate recent changes

2013-11-15 17:08:45 -05:00 · 2013-11-15 17:08:45 -05:00 · f503f30436
parent 6837a27025
commit f503f30436
5 changed files with 24 additions and 22 deletions
--- a/24
+++ b/24
@ -2,10 +2,34 @@ Changes in version 0.2.4.18-rc - 2013-10-??
  Tor 0.2.4.18-rc is the fourth release candidate for the Tor 0.2.4.x
  series. [...]

+  o Major enhancements:
+    - Re-enable TLS 1.1 and 1.2 when built with OpenSSL 1.0.1e or later.
+      (OpenSSL before 1.0.1 didn't have TLS 1.1 or 1.2. OpenSSL from 1.0.1
+      through 1.0.1d had bugs that prevented renegotiation from working
+      with TLS 1.1 or 1.2, so we disabled them to solve bug 6033.) Fix for
+      issue #6055.
+
  o Major bugfixes:
    - Stop trying to bootstrap all our directory information from
      only our first guard. Discovered while fixing bug 9946; bugfix
      on 0.2.4.8-alpha.
+    - No longer stop reading or writing on cpuworker connections when
+      our rate limiting buckets go empty. Now we should handle circuit
+      handshake requests more promptly. Resolves bug 9731.
+
+  o Minor bugfixes:
+    - If we are unable to save a microdescriptor to the journal, do not
+      drop it from memory and then reattempt downloading it. Fixes bug
+      9645; bugfix on 0.2.2.6-alpha.
+
+  o Minor bugfixes (performance, fingerprinting):
+    - Our default TLS ecdhe groups were backwards: we meant to be using
+      P224 for relays (for performance win) and P256 for bridges (since
+      it is more common in the wild). Instead we had it backwards. After
+      reconsideration, we decided that the default should be P256 on all
+      hosts, since its security is probably better, and since P224 is
+      reportedly used quite little in the wild.  Found by "skruffy" on
+      IRC. Fix for bug 9780; bugfix on 0.2.4.8-alpha.

  o Minor bugfixes (on 0.2.4.x):
    - Correctly log long IPv6 exit policies, instead of truncating them
--- a/changes/bug6055
+++ b/changes/bug6055
@ -1,6 +0,0 @@
-  o Major enhancements:
-    - Re-enable TLS 1.1 and 1.2 when built with OpenSSL 1.0.1e or later.
-      (OpenSSL before 1.0.1 didn't have TLS 1.1 or 1.2. OpenSSL from 1.0.1
-      through 1.0.1d had bugs that prevented renegotiation from working
-      with TLS 1.1 or 1.2, so we disabled them to solve bug 6033.) Fix for
-      issue #6055.
--- a/changes/bug9645a
+++ b/changes/bug9645a
@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - If we are unable to save a microdescriptor to the journal, do not
-      drop it from memory and then reattempt downloading it. Fixes bug
-      9645; bugfix on 0.2.2.6-alpha.
-
--- a/changes/bug9731
+++ b/changes/bug9731
@ -1,3 +0,0 @@
-  o Major bugfixes:
-    - Do not apply connection_consider_empty_read/write_buckets to
-      cpuworker connections.
--- a/changes/bug9780
+++ b/changes/bug9780
@ -1,8 +0,0 @@
-  o Minor bugfixes (performance, fingerprinting):
-    - Our default TLS ecdhe groups were backwards: we meant to be using
-      P224 for relays (for performance win) and P256 for bridges (since
-      it is more common in the wild). Instead we had it backwards. After
-      reconsideration, we decided that the default should be P256 on all
-      hosts, since its security is probably better, and since P224 is
-      reportedly used quite little in the wild.  Found by "skruffy" on
-      IRC. Fix for bug 9780; bugfix on 0.2.4.8-alpha.