summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2020-01-21 12:32:33 -0500
committerNick Mathewson <nickm@torproject.org>2020-01-21 12:32:33 -0500
commit87f129977c7201ff15a567e297a82403dabfb723 (patch)
tree3ff3dbb8ed272bcc1755acbb22f6e3a409507a91
parent2d8090fc665d4fdbc156c55f02c7531f061b4c94 (diff)
downloadtor-87f129977c7201ff15a567e297a82403dabfb723.tar.gz
tor-87f129977c7201ff15a567e297a82403dabfb723.zip
changelog: small edits
-rw-r--r--ChangeLog295
1 files changed, 141 insertions, 154 deletions
diff --git a/ChangeLog b/ChangeLog
index 81f32646f6..3dfe250618 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,47 +6,50 @@ Changes in version 0.4.3.1-alpha - 2020-01-2?
the integration tests. (Python 2 is officially unsupported
upstream, as of 1 Jan 2020.) Closes ticket 32608.
- o Major feature (onion service, SOCKS5):
- - Introduce a new SocksPort flag named: ExtendedErrors. Detailed in
- proposal 304, a number of onion service error codes are now sent
- back, if this flag is set, with the SOCKS5 protocol using new
- custom error values. Closes ticket 30382;
-
o Major features (build system):
- - Create an optional relay module, which can be disabled using the
- --disable-module-relay configure option. When it is set, also
- disable the dirauth module. Add a minimal implemention, which
- disables the relay and dircache modes in tor. Closes ticket 32123.
-
- o Major features (controller):
- - New ONION_CLIENT_AUTH_ADD control port command to add client-side
- onion service client authorization credentials. Closes part of
- ticket 30381.
- - New ONION_CLIENT_AUTH_REMOVE control port command to remove
- client-side onion service client authorization credentials. Closes
- part of ticket 30381.
- - New ONION_CLIENT_AUTH_VIEW control port command to view stored
- client-side onion service client authorization credentials. Closes
- part of ticket 30381.
+ - The relay code can now be disabled using the --disable-module-relay
+ configure option. When this option is set, we also disable the
+ dirauth module. Closes ticket 32123.
+ - When Tor is compiled --disable-module-relay, we also omit the code
+ used to act as a directory cache. Closes ticket 32487.
o Major features (directory authority, ed25519):
- Add support for banning a relay's ed25519 keys in the approved-
- routers file. This will allow us to migrate away from RSA keys in
- the future. Previously, only RSA keys could be banned in approved-
+ routers file. This will help us migrate away from RSA keys in the
+ future. Previously, only RSA keys could be banned in approved-
routers. Resolves ticket 22029. Patch by Neel Chauhan.
- o Major features (documentation):
- - Provide a Circuit Padding Framework quickstart guide and developer
- documentation for researchers to implement and study Circuit
- Padding machines. Closes ticket 28804.
+ o Major features (onion service, controller):
+ - New control port commands to manage client-side onion service
+ authorization credentials. The ONION_CLIENT_AUTH_ADD command adds
+ a credential, ONION_CLIENT_AUTH_REMOVE deletes a credential, and
+ ONION_CLIENT_AUTH_VIEW lists the credentials. Closes ticket 30381.
+
+ o Major features (onion service, SOCKS5):
+ - Introduce a new SocksPort flag, ExtendedErrors, to support more
+ detailed error codes in information for applications that support
+ them. Closes ticket 30382; implements proposal 304.
o Major features (proxy):
- - In addition to HTTP CONNECT, SOCKS4, and SOCKS5, Tor can make all
- OR connections through the HAProxy server. A new torrc option was
- added to specify the address/port of the server: TCPProxy
- <protocol> <host>:<port>. Currently the only supported protocol in
- the option is haproxy. Close ticket 31518. Patch done by Suphanat
- Chunhapanya (haxxpop).
+ - In addition to its current supported proxy types (HTTP CONNECT,
+ SOCKS4, and SOCKS5), Tor can now make its OR connections through a
+ HAProxy server. A new torrc option was added to specify the
+ address/port of the server: TCPProxy <protocol> <host>:<port>.
+ Currently the only supported protocol for the option is haproxy.
+ Close ticket 31518. Patch done by Suphanat Chunhapanya (haxxpop).
+
+ o Major bugfixes (linux seccomp sandbox):
+ - Correct how we use libseccomp. Particularly, stop assuming that
+ rules are applied in a particular order or that more rules are
+ processed after the first match. Neither is the case! In
+ libseccomp <2.4.0 this lead to some rules having no effect.
+ Libseccomp 2.4.0 changed how rules are generated leading to a
+ different ordering which in turn lead to a fatal crash during
+ startup. Fixes bug 29819; bugfix on 0.2.5.1-alpha. Patch by
+ Peter Gerber.
+ - Fix crash when reloading logging configuration while the
+ experimental sandbox is enabled. Fixes bug 32841; bugfix on
+ 0.4.1.7. Patch by Peter Gerber.
o Major bugfixes (networking):
- Correctly handle IPv6 addresses in SOCKS5 RESOLVE_PTR requests,
@@ -58,11 +61,11 @@ Changes in version 0.4.3.1-alpha - 2020-01-2?
take appropriate action with regards to the client introduction
point failure cache. This improves reachability of onion services,
since now clients notice failing introduction circuits properly.
- Fixes bug 32020; bugfix on 0.3.2.1-alpha;
+ Fixes bug 32020; bugfix on 0.3.2.1-alpha.
o Minor feature (configure, build system):
- - Output enabled/disabled features at the end of the configure
- process in a pleasing way. Closes ticket 31373.
+ - Output a list of enabled/disabled features at the end of the
+ configure process in a pleasing way. Closes ticket 31373.
o Minor feature (heartbeat, onion service):
- Add the DoS INTRODUCE2 defenses counter to the heartbeat DoS
@@ -75,18 +78,14 @@ Changes in version 0.4.3.1-alpha - 2020-01-2?
Closes ticket 31241.
o Minor features (configuration):
- - If the configured hardware crypto accelerator in AccelName is
+ - If a configured hardware crypto accelerator in AccelName is
prefixed with "!", Tor now exits when it cannot be found. Closes
ticket 32406.
- - We use a flag-driven logic to warn about obsolete configuration
+ - We now use flag-driven logic to warn about obsolete configuration
fields, so that we can include their names. In 0.4.2, we used a
special type, which prevented us from generating good warnings.
Implements ticket 32404.
- o Minor features (continuous integration):
- - Call the check_cocci_parse.sh script from Travis CI. Closes
- ticket 31919.
-
o Minor features (controller):
- Add stream isolation data to STREAM event. Closes ticket 19859.
- Implement a new GETINFO command to fetch microdescriptor
@@ -98,19 +97,21 @@ Changes in version 0.4.3.1-alpha - 2020-01-2?
this happened. Diagnostic for ticket 32868.
o Minor features (defense in depth):
- - Add additional sanity checks around tor_vasprintf() usage in case
- the function returns an error. Patch by Tobias Stoeckmann. Fixes
+ - Add additional checks around tor_vasprintf() usage, in case the
+ function returns an error. Patch by Tobias Stoeckmann. Fixes
ticket 31147.
o Minor features (developer tooling):
- - Remove 0.2.9 series branches from git scripts (git-merge-
+ - Remove the 0.2.9.x series branches from git scripts (git-merge-
forward.sh, git-pull-all.sh, git-push-all.sh, git-setup-dirs.sh).
Closes ticket 32772.
o Minor features (developer tools):
- Add a check_cocci_parse.sh script that checks that new code is
parseable by Coccinelle. Add an exceptions file for unparseable
- files. Closes ticket 31919.
+ files, and run the script from travis CI. Closes ticket 31919.
+ - Call the check_cocci_parse.sh script from a 'check-cocci' Makefile
+ target. Closes ticket 31919.
- Add a rename_c_identifiers.py tool to rename a bunch of C
identifiers at once, and generate a well-formed commit message
describing the change. This should help with refactoring. Closes
@@ -119,23 +120,15 @@ Changes in version 0.4.3.1-alpha - 2020-01-2?
semantic patching tool with the correct flags. These flags are
fairly easy to forget, and these scripts should help us use
Coccinelle more effectively in the future. Closes ticket 31705.
- - Call the check_cocci_parse.sh script from a 'check-cocci' Makefile
- target. Closes ticket 31919.
-
- o Minor features (disabling relay support):
- - When Tor is compiled --disable-module-relay, we also omit the code
- used to act as a directory cache. Closes ticket 32487.
-
- o Minor features (documentation):
- - Make sure that doxygen outputs documentation for all of our C
- files. Previously, some were missing @file declarations, causing
- them to be ignored. Closes ticket 32307.
o Minor features (Doxygen):
- Update Doxygen configuration file to a more recent template (from
1.8.15). Closes ticket 32110.
- "make doxygen" now works with out-of-tree builds. Closes
ticket 32113.
+ - Make sure that doxygen outputs documentation for all of our C
+ files. Previously, some were missing @file declarations, causing
+ them to be ignored. Closes ticket 32307.
- Our "make doxygen" target now respects --enable-fatal-warnings by
default, and does not warn about items that are missing
documentation. To warn about missing documentation, run configure
@@ -171,61 +164,58 @@ Changes in version 0.4.3.1-alpha - 2020-01-2?
and/or pwdb, which Android doesn't have. Closes ticket 32825.
Patch from Hans-Christoph Steiner.
- o Minor features (relay module):
+ o Minor features (relay modularity):
- Split the relay and server pluggable transport config code into
separate files in the relay module. Disable this code when the
- relay module is disabled. Closes ticket 32213.
+ relay module is disabled. Closes part of ticket 32213.
- When the relay module is disabled, reject attempts to set the
ORPort, DirPort, DirCache, BridgeRelay, ExtORPort, or
ServerTransport* options, rather than ignoring the values of these
- options. Closes ticket 32213.
+ options. Closes part of ticket 32213.
o Minor features (relay):
- When the relay module is disabled, change the default config so
that DirCache is 0, and ClientOnly is 1. Closes ticket 32410.
o Minor features (release tools):
- - Port our changelog formatting and sorting tools to Python 3.
+ - Port our ChangeLog formatting and sorting tools to Python 3.
Closes ticket 32704.
o Minor features (testing):
- - Add common failure cases for test_parseconf.sh in
+ - Detect some common failure cases for test_parseconf.sh in
src/test/conf_failures. Closes ticket 32451.
- Allow test_parseconf.sh to test expected log outputs for successful
configs, as well as failed configs. Closes ticket 32451.
- - test_parseconf.sh now supports result variants for any combination
- of the optional libraries lzma, nss, and zstd. Closes ticket 32397.
+ - The test_parseconf.sh script now supports result variants for any
+ combination of the optional libraries lzma, nss, and zstd. Closes
+ ticket 32397.
o Minor features (tests, Android):
- When running the unit tests on Android, create temporary files in
a subdirectory of /data/local/tmp. Closes ticket 32172. Based on a
patch from Hans-Christoph Steiner.
- o Minor bugfix (configuration):
- - Check for multiplication overflow when parsing memory units inside
- configuration. Fixes bug 30920; bugfix on 0.0.9rc1~46.
-
o Minor bugfixes (bridges):
- - Lowercase the value of BridgeDistribution from torrc before adding
+ - Lowercase the configured value of BridgeDistribution before adding
it to the descriptor. Fixes bug 32753; bugfix on 0.3.2.3-alpha.
- o Minor bugfixes (build):
+ o Minor bugfixes (build system):
- Fix "make autostyle" for out-of-tree builds. Fixes bug 32370;
bugfix on 0.4.1.2-alpha.
- o Minor bugfixes (config):
- - When dumping the config, stop adding a trailing space after the
- option name, when there is no option value. This issue only
- affects options that accept an empty value or list. (Most options
- reject empty values, or delete the entire line from the dumped
- options.) Fixes bug 32352; bugfix on 0.0.9pre6.
-
o Minor bugfixes (configuration handling):
- Make control_event_conf_changed() take in a config_line_t instead
- of a smartlist(k, v, k, v, ...) where keys are followed by values.
- Fixes bug 31531; bugfix on 0.2.3.3-alpha. Patch by Neel Chauhan.
+ of a smartlist of alternating key/value entries. Fixes bug 31531;
+ bugfix on 0.2.3.3-alpha. Patch by Neel Chauhan.
o Minor bugfixes (configuration):
+ - Check for multiplication overflow when parsing memory units inside
+ configuration. Fixes bug 30920; bugfix on 0.0.9rc1.
+ - When dumping the configuration, stop adding a trailing space after
+ the option name when there is no option value. This issue only
+ affects options that accept an empty value or list. (Most options
+ reject empty values, or delete the entire line from the dumped
+ options.) Fixes bug 32352; bugfix on 0.0.9pre6.
- Avoid changing the user's value of HardwareAccel as stored by
SAVECONF, when AccelName is set but HardwareAccel is not. Fixes
bug 32382; bugfix on 0.2.2.1-alpha.
@@ -275,19 +265,6 @@ Changes in version 0.4.3.1-alpha - 2020-01-2?
issue with that flag and the map. Fixes bug 32094; bugfix
on 0.3.2.1-alpha.
- o Minor bugfixes (linux seccomp sandbox):
- - Correct how we use libseccomp. Particularly, stop assuming that
- rules are applied in a particular order or that more rules are
- processed after the first match. Neither is the case! In
- libseccomp <2.4.0 this lead to some rules having no effect.
- Libseccomp 2.4.0 changed how rules are generated leading to a
- different ordering which in turn lead to a fatal crash during
- startup. Fixes bug 29819; bugfix on 0.2.5.1-alpha. Patch by
- Peter Gerber.
- - Fix crash when reloading logging configuration while the
- experimental sandbox is enabled. Fixes bug 32841; bugfix on
- 0.4.1.7. Patch by Peter Gerber.
-
o Minor bugfixes (logging, crash):
- Avoid a possible crash when trying to log a (fatal) assertion
failure about mismatched magic numbers in configuration objects.
@@ -301,12 +278,11 @@ Changes in version 0.4.3.1-alpha - 2020-01-2?
Neel Chauhan.
o Minor bugfixes (onion services v3, client):
- - Properly handle the client rendezvous circuit timeout. This
- results in better reachability because tor doesn't timeout a
- rendezvous circuit awaiting the introduction ACK and thus
- preventing tor to re-establish all circuits because the rendezvous
- circuit timed out too early. Fixes bug 32021; bugfix
- on 0.3.2.1-alpha.
+ - Properly handle the client rendezvous circuit timeout. Previously
+ Tor would sometimes timeout a rendezvous circuit awaiting the
+ introduction ACK, and find itself unable to re-establish all
+ circuits because the rendezvous circuit timed out too early. Fixes
+ bug 32021; bugfix on 0.3.2.1-alpha.
o Minor bugfixes (onion services):
- In cancel_descriptor_fetches(), use
@@ -321,7 +297,7 @@ Changes in version 0.4.3.1-alpha - 2020-01-2?
o Minor bugfixes (test):
- Use the same code to find the tor binary in all of our test
scripts. This change makes sure we are always using the coverage
- binary, when coverage is enabled. Fixes bug 32368; bugfix
+ binary when coverage is enabled. Fixes bug 32368; bugfix
on 0.2.7.3-rc.
o Minor bugfixes (testing):
@@ -342,69 +318,18 @@ Changes in version 0.4.3.1-alpha - 2020-01-2?
verbosity. Fixes bug 32175; bugfix on 0.2.8.1-alpha.
o Minor bugfixes (windows service):
- - Initialize publish/subscribe system when running as a windows
+ - Initialize the publish/subscribe system when running as a windows
service. Fixes bug 32778; bugfix on 0.4.1.1-alpha.
- o Code simplification and refactoring:
- - Add numerous missing dependencies to our include files, so that
- they can be included in different reasonable orders and still
- compile. Addresses part of ticket 32764.
- - Create a new abstraction for formatting control protocol reply
- lines based on key-value pairs. Refactor some existing control
- protocol code to take advantage of this. Closes ticket 30984.
- - Disable relay_periodic when the relay module is disabled. Closes
- ticket 32244.
- - Disable relay_sys when the relay module is disabled. Closes
- ticket 32245.
- - Fix some parts of our code that were difficult for Coccinelle to
- parse. Related to ticket 31705.
- - Fix some small issues in our code that prevented automatic
- formatting tools from working. Addresses part of ticket 32764.
- - Immutability is now implemented as a flag on individual
- configuration options rather than as part of the option-transition
- checking code. Closes ticket 32344.
- - Instead of keeping a list of configuration options to check for
- relative paths, check all the options whose type is "FILENAME".
- Solves part of ticket 32339.
- - Make all the structs we declare follow the same naming convention
- of ending with "_t". Closes ticket 32415.
- - Move and rename some configuration-related code for clarity.
- Closes ticket 32304.
- - Our default log (which ordinarily sends NOTICE-level message to
- standard output) is now handled in a more logical manner.
- Previously, we replaced the configured log options if they were
- empty. Now, we interpret an empty set of log options as meaning
- "use the default log". Closes ticket 31999.
- - Our include.am files are now broken up by subdirectory.
- Previously, src/core/include.am covered all of the subdirectories
- in "core", "feature", and "app". Closes ticket 32137.
- - Remove some unused arguments from the options_validate() function,
- to simplify our code and tests. Closes ticket 32187.
- - Remove the last remaining HAVE_MODULE_DIRAUTH inside a function.
- Closes ticket 32163.
- - Remove underused NS*() macros from test code: they make our tests
- more confusing, especially for code-formatting tools. Closes
- ticket 32887.
- - Replace some confusing identifiers in process_descs.c. Closes
- ticket 29826.
- - Simplify some relay and dirauth config code. Closes ticket 32213.
- - Simplify the options_validate() code so that it looks at the
- default options directly, rather than taking default options as an
- argument. This change lets us simplify its interface. Closes
- ticket 32185.
- - Use our new configuration architecture to move most authority-
- related options to the directory authority module. Closes
- ticket 32806.
- - When parsing the command line, handle options that determine our
- "quiet level" and our mode of operation (e.g., --dump-config and
- so on) all in one table. Closes ticket 32003.
-
o Deprecated features:
- Deprecate the ClientAutoIPv6ORPort option. This option was not
true Happy Eyeballs, and often failed on connections that weren't
reliably dual-stack. Closes ticket 32942. Patch by Neel Chauhan.
o Documentation:
+ - Provide a quickstart guide for our a Circuit Padding Framework,
+ and documentation for researchers to implement and study circuit
+ padding machines. Closes ticket 28804.
- Add documentation in 'HelpfulTools.md' to describe how to build a
tag file. Closes ticket 32779.
- Create a high-level description of the long-term software
@@ -449,10 +374,72 @@ Changes in version 0.4.3.1-alpha - 2020-01-2?
- Channel layer had a variable length cell handler that was not used
and thus removed. Closes ticket 32892.
+ o Code simplification and refactoring (configuration):
+ - Immutability is now implemented as a flag on individual
+ configuration options rather than as part of the option-transition
+ checking code. Closes ticket 32344.
+ - Instead of keeping a list of configuration options to check for
+ relative paths, check all the options whose type is "FILENAME".
+ Solves part of ticket 32339.
+ - Our default log (which ordinarily sends NOTICE-level message to
+ standard output) is now handled in a more logical manner.
+ Previously, we replaced the configured log options if they were
+ empty. Now, we interpret an empty set of log options as meaning
+ "use the default log". Closes ticket 31999.
+ - Remove some unused arguments from the options_validate() function,
+ to simplify our code and tests. Closes ticket 32187.
+ - Simplify the options_validate() code so that it looks at the
+ default options directly, rather than taking default options as an
+ argument. This change lets us simplify its interface. Closes
+ ticket 32185.
+ - Use our new configuration architecture to move most authority-
+ related options to the directory authority module. Closes
+ ticket 32806.
+ - When parsing the command line, handle options that determine our
+ "quiet level" and our mode of operation (e.g., --dump-config and
+ so on) all in one table. Closes ticket 32003.
+
o Code simplification and refactoring (controller):
+ - Create a new abstraction for formatting control protocol reply
+ lines based on key-value pairs. Refactor some existing control
+ protocol code to take advantage of this. Closes ticket 30984.
- Create a helper function that can fetch network status or
microdesc consensuses. Closes ticket 31684.
+ o Code simplification and refactoring (dirauth modularization):
+ - Remove the last remaining HAVE_MODULE_DIRAUTH inside a function.
+ Closes ticket 32163.
+ - Replace some confusing identifiers in process_descs.c. Closes
+ ticket 29826.
+ - Simplify some relay and dirauth config code. Closes ticket 32213.
+
+ o Code simplification and refactoring (misc):
+ - Make all the structs we declare follow the same naming convention
+ of ending with "_t". Closes ticket 32415.
+ - Move and rename some configuration-related code for clarity.
+ Closes ticket 32304.
+ - Our include.am files are now broken up by subdirectory.
+ Previously, src/core/include.am covered all of the subdirectories
+ in "core", "feature", and "app". Closes ticket 32137.
+ - Remove underused NS*() macros from test code: they make our tests
+ more confusing, especially for code-formatting tools. Closes
+ ticket 32887.
+
+ o Code simplification and refactoring (relay modularization):
+ - Disable relay_periodic when the relay module is disabled. Closes
+ ticket 32244.
+ - Disable relay_sys when the relay module is disabled. Closes
+ ticket 32245.
+
+ o Code simplification and refactoring (tool support):
+ - Add numerous missing dependencies to our include files, so that
+ they can be included in different reasonable orders and still
+ compile. Addresses part of ticket 32764.
+ - Fix some parts of our code that were difficult for Coccinelle to
+ parse. Related to ticket 31705.
+ - Fix some small issues in our code that prevented automatic
+ formatting tools from working. Addresses part of ticket 32764.
+
o Documentation (manpage):
- Alphabetize the Client Options section of the tor manpage. Closes
ticket 32846.