start to migrate recent changes
This commit is contained in:
parent
6837a27025
commit
f503f30436
24
ChangeLog
24
ChangeLog
|
@ -2,10 +2,34 @@ Changes in version 0.2.4.18-rc - 2013-10-??
|
||||||
Tor 0.2.4.18-rc is the fourth release candidate for the Tor 0.2.4.x
|
Tor 0.2.4.18-rc is the fourth release candidate for the Tor 0.2.4.x
|
||||||
series. [...]
|
series. [...]
|
||||||
|
|
||||||
|
o Major enhancements:
|
||||||
|
- Re-enable TLS 1.1 and 1.2 when built with OpenSSL 1.0.1e or later.
|
||||||
|
(OpenSSL before 1.0.1 didn't have TLS 1.1 or 1.2. OpenSSL from 1.0.1
|
||||||
|
through 1.0.1d had bugs that prevented renegotiation from working
|
||||||
|
with TLS 1.1 or 1.2, so we disabled them to solve bug 6033.) Fix for
|
||||||
|
issue #6055.
|
||||||
|
|
||||||
o Major bugfixes:
|
o Major bugfixes:
|
||||||
- Stop trying to bootstrap all our directory information from
|
- Stop trying to bootstrap all our directory information from
|
||||||
only our first guard. Discovered while fixing bug 9946; bugfix
|
only our first guard. Discovered while fixing bug 9946; bugfix
|
||||||
on 0.2.4.8-alpha.
|
on 0.2.4.8-alpha.
|
||||||
|
- No longer stop reading or writing on cpuworker connections when
|
||||||
|
our rate limiting buckets go empty. Now we should handle circuit
|
||||||
|
handshake requests more promptly. Resolves bug 9731.
|
||||||
|
|
||||||
|
o Minor bugfixes:
|
||||||
|
- If we are unable to save a microdescriptor to the journal, do not
|
||||||
|
drop it from memory and then reattempt downloading it. Fixes bug
|
||||||
|
9645; bugfix on 0.2.2.6-alpha.
|
||||||
|
|
||||||
|
o Minor bugfixes (performance, fingerprinting):
|
||||||
|
- Our default TLS ecdhe groups were backwards: we meant to be using
|
||||||
|
P224 for relays (for performance win) and P256 for bridges (since
|
||||||
|
it is more common in the wild). Instead we had it backwards. After
|
||||||
|
reconsideration, we decided that the default should be P256 on all
|
||||||
|
hosts, since its security is probably better, and since P224 is
|
||||||
|
reportedly used quite little in the wild. Found by "skruffy" on
|
||||||
|
IRC. Fix for bug 9780; bugfix on 0.2.4.8-alpha.
|
||||||
|
|
||||||
o Minor bugfixes (on 0.2.4.x):
|
o Minor bugfixes (on 0.2.4.x):
|
||||||
- Correctly log long IPv6 exit policies, instead of truncating them
|
- Correctly log long IPv6 exit policies, instead of truncating them
|
||||||
|
|
|
@ -1,6 +0,0 @@
|
||||||
o Major enhancements:
|
|
||||||
- Re-enable TLS 1.1 and 1.2 when built with OpenSSL 1.0.1e or later.
|
|
||||||
(OpenSSL before 1.0.1 didn't have TLS 1.1 or 1.2. OpenSSL from 1.0.1
|
|
||||||
through 1.0.1d had bugs that prevented renegotiation from working
|
|
||||||
with TLS 1.1 or 1.2, so we disabled them to solve bug 6033.) Fix for
|
|
||||||
issue #6055.
|
|
|
@ -1,5 +0,0 @@
|
||||||
o Minor bugfixes:
|
|
||||||
- If we are unable to save a microdescriptor to the journal, do not
|
|
||||||
drop it from memory and then reattempt downloading it. Fixes bug
|
|
||||||
9645; bugfix on 0.2.2.6-alpha.
|
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
o Major bugfixes:
|
|
||||||
- Do not apply connection_consider_empty_read/write_buckets to
|
|
||||||
cpuworker connections.
|
|
|
@ -1,8 +0,0 @@
|
||||||
o Minor bugfixes (performance, fingerprinting):
|
|
||||||
- Our default TLS ecdhe groups were backwards: we meant to be using
|
|
||||||
P224 for relays (for performance win) and P256 for bridges (since
|
|
||||||
it is more common in the wild). Instead we had it backwards. After
|
|
||||||
reconsideration, we decided that the default should be P256 on all
|
|
||||||
hosts, since its security is probably better, and since P224 is
|
|
||||||
reportedly used quite little in the wild. Found by "skruffy" on
|
|
||||||
IRC. Fix for bug 9780; bugfix on 0.2.4.8-alpha.
|
|
Loading…
Reference in New Issue