diff options
author | Roger Dingledine <arma@torproject.org> | 2011-05-14 20:42:22 -0400 |
---|---|---|
committer | Roger Dingledine <arma@torproject.org> | 2011-05-14 20:42:22 -0400 |
commit | da805cea47ee518ab1481e1547c7f8704dbf19f4 (patch) | |
tree | 4577b177fb5f3c5d8725ee1962332fee0ba65132 | |
parent | 2db88eae33f818dc33a85132b5b7512980b33571 (diff) | |
download | tor-da805cea47ee518ab1481e1547c7f8704dbf19f4.tar.gz tor-da805cea47ee518ab1481e1547c7f8704dbf19f4.zip |
start folding in changes entries for 0.2.2.26-alpha
-rw-r--r-- | ChangeLog | 75 | ||||
-rw-r--r-- | changes/bug1352 | 4 | ||||
-rw-r--r-- | changes/bug2230_clean_1 | 4 | ||||
-rw-r--r-- | changes/bug2230_part1 | 7 | ||||
-rw-r--r-- | changes/bug2230_part2 | 5 | ||||
-rw-r--r-- | changes/bug2230_part4 | 6 | ||||
-rw-r--r-- | changes/bug2379 | 5 | ||||
-rw-r--r-- | changes/bug2503 | 4 | ||||
-rw-r--r-- | changes/bug3022 | 6 | ||||
-rw-r--r-- | changes/bug3122_memcmp | 7 | ||||
-rw-r--r-- | changes/bug3135 | 6 | ||||
-rw-r--r-- | changes/dirvote_null_deref | 4 | ||||
-rw-r--r-- | changes/feature3076 | 14 | ||||
-rw-r--r-- | changes/geoip-may2011 | 3 | ||||
-rw-r--r-- | changes/md_cache_replace | 6 | ||||
-rw-r--r-- | changes/mdesc_null_deref | 5 | ||||
-rw-r--r-- | changes/warn-if-get_digest-fails | 6 |
17 files changed, 75 insertions, 92 deletions
@@ -1,3 +1,78 @@ +Changes in version 0.2.2.26-alpha - 2011-05-?? + o Security fixes: + - Replace all potentially sensitive memory comparison operations + with versions whose runtime does not depend on the data being + compared. This will help resist a class of attacks where an + adversary can use variations in timing information to learn + sensitive data. Fix for one case of bug 3122. (Safe memcmp + implementation by Robert Ransom based partially on code by DJB.) + + o Major features: + - The options SocksPort, ControlPort, and so on now all accept a + value "auto" that opens a socket on an OS-selected port. A + new ControlPortWriteToFile option tells Tor to write its + actual control port or ports to a chosen file. If the option + ControlPortFileGroupReadable is set, the file is created as + group-readable. Now users can run two Tor clients on the same + system without needing to manually mess with parameters. Resolves + part of ticket 3076. + + o Minor features: + - New "GETINFO net/listeners/(type)" controller command to return + a list of addresses and ports that are bound for listeners for a + given connection type. This is useful when the user has configured + "SocksPort auto" and the controller needs to know which port got + chosen. Resolves another part of ticket 3076. + - Rate-limit a warning about failures to download v2 networkstatus + documents. Resolves part of bug 1352. + - Backport code from 0.2.3.x to allow directory authorities to clean + their microdescriptor caches. Needed to resolve bug 2230. + - When an HTTPS proxy reports "403 Forbidden", we now explain + what it means rather than calling it an unexpected status code. + Closes bug 2503. Patch from "mikey". + - Update to the May 1 2011 Maxmind GeoLite Country database. + + o Minor bugfixes: + - When loading the microdesc journal, remember its current size. + In 0.2.2, this helps prevent the microdesc journal from growing + without limit on authorities (who are the only ones to use it in + 0.2.2). Fixes a part of bug 2230; bugfix on 0.2.2.6-alpha. + Fix posted by "cypherpunks." + - The microdesc journal is supposed to get rebuilt only if it is + at least _half_ the length of the store, not _twice_ the length + of the store. Bugfix on 0.2.2.6-alpha; fixes part of bug 2230. + - Authorities now clean their microdesc cache periodically and when + reading from disk initially, not only when adding new descriptors. + This prevents a bug where we could lose microdescriptors. Bugfix + on 0.2.2.6-alpha. 2230 + - Fix a potential null-pointer dereference while computing a + consensus. Bugfix on tor-0.2.0.3-alpha, found with the help of + clang's analyzer. + - Do not crash when our configuration file becomes unreadable, for + example due to a permissions change, between when we start up + and when a controller calls SAVECONF. Fixes bug 3135; bugfix + on 0.0.9pre6. + - Avoid a bug that would keep us from replacing a microdescriptor + cache on Windows. (We would try to replace the file while still + holding it open. That's fine on Unix, but Windows doesn't let us + do that.) Bugfix on 0.2.2.6-alpha; bug found by wanoskarnet. + - Avoid a possible null-pointer dereference when rebuilding the mdesc + cache without actually having any descriptors to cache. Bugfix on + 0.2.2.6-alpha. Issue discovered using clang's static analyzer. + - If we fail to compute the identity digest of a v3 legacy keypair, + warn, and don't use a buffer-full of junk instead. Bugfix on + 0.2.1.1-alpha; fixes bug 3106. + - Add missing explanations for the authority-related torrc options + RephistTrackTime, BridgePassword, and V3AuthUseLegacyKey in the + man page. Resolves issue 2379. + + o Removed features: + - Caches no longer download and serve v2 networkstatus documents + unless FetchV2Networkstatus flag is set: these documents haven't + haven't been used by clients or relays since 0.2.0.x. Resolves + bug 3022. + + Changes in version 0.2.2.25-alpha - 2011-04-29 Tor 0.2.2.25-alpha fixes many bugs: hidden service clients are more robust, routers no longer overreport their bandwidth, Win7 should crash diff --git a/changes/bug1352 b/changes/bug1352 deleted file mode 100644 index bde0192401..0000000000 --- a/changes/bug1352 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features - - Rate-limit a warning about failures to download v2 networkstatus - documents. Resolves part of bug 1352. - diff --git a/changes/bug2230_clean_1 b/changes/bug2230_clean_1 deleted file mode 100644 index a4edf9439e..0000000000 --- a/changes/bug2230_clean_1 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features - - Backport code from 0.2.3.x to allow directory authorities to clean - their microdescriptor caches. - diff --git a/changes/bug2230_part1 b/changes/bug2230_part1 deleted file mode 100644 index 79f725410d..0000000000 --- a/changes/bug2230_part1 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes - - When loading the microdesc journal, remember its current size. - In 0.2.2, this helps prevent the microdesc journal from growing - without limit on authorities (who are the only ones to use it in - 0.2.2). Fixes a part of bug 2230; bugfix on 0.2.2.6-alpha. - Fix posted by "cypherpunks." - diff --git a/changes/bug2230_part2 b/changes/bug2230_part2 deleted file mode 100644 index 2664ecc1a0..0000000000 --- a/changes/bug2230_part2 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes - - The microdesc journal is supposed to get rebuilt only if it is - at least _half_ the length of the store, not _twice_ the length - of the store. Bugfix on 0.2.2.6-alpha; fixes part of bug 2230. - diff --git a/changes/bug2230_part4 b/changes/bug2230_part4 deleted file mode 100644 index f7721fad34..0000000000 --- a/changes/bug2230_part4 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - Authorities now clean their microdesc cache periodically and when - reading from disk initially, not only when adding new descriptors. - This prevents a bug where we could lose microdescriptors. Bugfix - on 0.2.2.6-alpha. - diff --git a/changes/bug2379 b/changes/bug2379 deleted file mode 100644 index 0d378b7c12..0000000000 --- a/changes/bug2379 +++ /dev/null @@ -1,5 +0,0 @@ - o Documentation: - - Add missing documentation for the authority-related torrc options - RephistTrackTime, BridgePassword, and V3AuthUseLegacyKey. Resolves - issue 2379. - diff --git a/changes/bug2503 b/changes/bug2503 deleted file mode 100644 index 50b8bf50c2..0000000000 --- a/changes/bug2503 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - When an HTTPS proxy reports "403 Forbidden", we now explain - what it means rather than calling it an unexpected status code. - Closes bug 2503. Patch from "mikey". diff --git a/changes/bug3022 b/changes/bug3022 deleted file mode 100644 index 9472e6d196..0000000000 --- a/changes/bug3022 +++ /dev/null @@ -1,6 +0,0 @@ - o Removed features - - Caches no longer download and serve v2 networkstatus documents - unless FetchV2Networkstatus flag is set: these documents haven't - haven't been used by clients or relays since 0.2.0.x. Resolves - bug 3022. - diff --git a/changes/bug3122_memcmp b/changes/bug3122_memcmp deleted file mode 100644 index a049476743..0000000000 --- a/changes/bug3122_memcmp +++ /dev/null @@ -1,7 +0,0 @@ - o Security fixes - - Replace all potentially sensitive memory comparison operations - with versions whose runtime does not depend on the data being - compared. This will help resist a class of attacks where an - adversary can use variations in timing information to learn - sensitive data. Fix for one case of bug 3122. (Safe memcmp - implementation by Robert Ransom based partially on code by DJB.) diff --git a/changes/bug3135 b/changes/bug3135 deleted file mode 100644 index d761123480..0000000000 --- a/changes/bug3135 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Do not crash when our configuration file becomes unreadable - (usually due to a permissions change) between when we start - up and when a controller calls SAVECONF. Fixes bug 3135; - bugfix on 0.0.9pre6. - diff --git a/changes/dirvote_null_deref b/changes/dirvote_null_deref deleted file mode 100644 index 65dc519f52..0000000000 --- a/changes/dirvote_null_deref +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Fix a potential null-pointer dereference while computing a consensus. - Bugfix on tor-0.2.0.3-alpha, found with the help of clang's analyzer. - diff --git a/changes/feature3076 b/changes/feature3076 deleted file mode 100644 index a3dcec8741..0000000000 --- a/changes/feature3076 +++ /dev/null @@ -1,14 +0,0 @@ - o Minor features - - The options SocksPort, ControlPort, and so on now all accept an - optional value "auto" that opens a socket on an OS-selected port. - o Minor features (controller) - - GETINFO net/listeners/(type) now returns a list of the addresses - and ports that are bound for listeners for a given connection - type. This is useful for if the user has selected SocksPort - "auto", and you need to know which port got chosen. - - There is a ControlPortWriteToFile option that tells Tor to write - its actual control port or ports to a chosen file. If the option - ControlPortFileGroupReadable is set, the file is created as - group-readable. - - diff --git a/changes/geoip-may2011 b/changes/geoip-may2011 deleted file mode 100644 index c908f24b45..0000000000 --- a/changes/geoip-may2011 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the May 1 2011 Maxmind GeoLite Country database. - diff --git a/changes/md_cache_replace b/changes/md_cache_replace deleted file mode 100644 index 88e029c00a..0000000000 --- a/changes/md_cache_replace +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Avoid a bug that would keep us from replacing a microdescriptor - cache on Windows. (We would try to replace the file while still - holding it open. That's fine on Unix, but Windows doesn't let us - do that.) Bugfix on 0.2.2.6-alpha; bug found by wanoskarnet. - diff --git a/changes/mdesc_null_deref b/changes/mdesc_null_deref deleted file mode 100644 index 30f0280536..0000000000 --- a/changes/mdesc_null_deref +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Avoid a possible null-pointer dereference when rebuilding the mdesc - cache without actually having any descriptors to cache. Bugfix on - 0.2.2.6-alpha. Issue discovered using clang's static analyzer. - diff --git a/changes/warn-if-get_digest-fails b/changes/warn-if-get_digest-fails deleted file mode 100644 index 6cfc1082a7..0000000000 --- a/changes/warn-if-get_digest-fails +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - If we fail to compute the identity digest of a v3 legacy - keypair, warn, and don't use a buffer-full of junk instead. - Bugfix on 0.2.1.1-alpha; fixes bug 3106. - - |