diff options
| author | Roger Dingledine <arma@torproject.org> | 2011-09-09 13:43:40 -0400 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2011-09-09 13:43:40 -0400 |
| commit | d063a809a0996ad3e9b53674fa66c6701177fbcf (patch) | |
| tree | c8a4a28b23845fecb7f4e0cbcbb7dd3797f421f7 | |
| parent | 920d475179d9ebceee884b51c7874b23047bcd5e (diff) | |
| download | tor-d063a809a0996ad3e9b53674fa66c6701177fbcf.tar.gz tor-d063a809a0996ad3e9b53674fa66c6701177fbcf.zip | |
fold in latest changes files
| -rw-r--r-- | ChangeLog | 24 | ||||
| -rw-r--r-- | changes/bug2649a | 5 | ||||
| -rw-r--r-- | changes/bug2649b | 5 | ||||
| -rw-r--r-- | changes/bug3894 | 4 | ||||
| -rw-r--r-- | changes/bug3909 | 3 | ||||
| -rw-r--r-- | changes/replay-firstpart | 13 |
6 files changed, 24 insertions, 30 deletions
@@ -4,16 +4,40 @@ Changes in version 0.2.2.33 - 2011-09-?? TrackExitHosts changes. Found and fixed by 'laruldan'. Fixes bug 3923; bugfix on 0.2.2.25-alpha. + o Minor features (security): + - Check for replays of the public-key encrypted portion of an + INTRODUCE1 cell, in addition to the current check for replays of + the g^x value. This prevents a possible class of active attacks + by an attacker who controls both an introduction point and a + rendezvous point, and who uses the malleability of AES-CTR to + alter the encrypted g^x portion of the INTRODUCE1 cell. We think + that these attacks is infeasible (requiring the attacker to send + on the order of zettabytes of altered cells in a short interval), + but we'd rather block them off in case there are any classes of + this attack that we missed. Reported by Willem Pinckaers. + + o Minor features: + - Add a VoteOnHidServDirectoriesV2 configuration option to allow + directory authorities to abstain from voting on assignment of + the HSDir consensus flag. Related to bug 2649. + o Minor bugfixes: - Correct the man page to explain that HashedControlPassword and CookieAuthentication can both be set, in which case either method is sufficient to authenticate to Tor. Bugfix on 0.2.0.7-alpha, when we decided to allow these config options to both be set. Issue raised by bug 3898. + - Change the default required uptime for a relay to be accepted as + a HSDir from 24 hours to 25 hours. Bugfix on 0.2.0.10-alpha; + fixes bug 2649. o Build fixes: - Provide a substitute implementation of lround() for MSVC, which apparently lacks it. Patch from Gisle Vanem. + - Clean up some code issues that prevented Tor from building on older + BSDs. Fixes bug 3894; reported by "grarpamp". + - Search for a platform-specific version of "ar" when cross-compiling. + Should fix builds on iOS. Found by Marco Bonetti. Changes in version 0.2.2.32 - 2011-08-27 diff --git a/changes/bug2649a b/changes/bug2649a deleted file mode 100644 index 4ee31ebdb6..0000000000 --- a/changes/bug2649a +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - Add a VoteOnHidServDirectoriesV2 configuration option to allow - directory authorities to abstain from voting on assignment of - the HSDir consensus flag. Related to bug 2649. - diff --git a/changes/bug2649b b/changes/bug2649b deleted file mode 100644 index 1ff14e5569..0000000000 --- a/changes/bug2649b +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Change the default required uptime for a relay to be accepted as - a HSDir from 24 hours to 25 hours. Bugfix on 0.2.0.10-alpha; - fixes bug 2649. - diff --git a/changes/bug3894 b/changes/bug3894 deleted file mode 100644 index 4c2220aba8..0000000000 --- a/changes/bug3894 +++ /dev/null @@ -1,4 +0,0 @@ - o Build fixes: - - Clean up some code issues that prevented Tor from building on older - BSDs. Fixes bug 3894; reported by grarpamp. - diff --git a/changes/bug3909 b/changes/bug3909 deleted file mode 100644 index 0b4b292030..0000000000 --- a/changes/bug3909 +++ /dev/null @@ -1,3 +0,0 @@ - o Build fixes: - - Search for a platform-specific version of "ar" when cross-compiling. - Should fix builds on iOS. Found by Marco Bonetti. diff --git a/changes/replay-firstpart b/changes/replay-firstpart deleted file mode 100644 index f4a7767fb1..0000000000 --- a/changes/replay-firstpart +++ /dev/null @@ -1,13 +0,0 @@ - o Minor features (security): - - - Check for replays of the public-key encrypted portion of an - INTRODUCE1 cell, in addition to the current check for replays of - the g^x value. This prevents a possible class of active attacks - by an attacker who controls both an introduction point and a - rendezvous point, and who uses the malleability of AES-CTR to - alter the encrypted g^x portion of the INTRODUCE1 cell. We - think that these attacks is infeasible (requiring the attacker - to send on the order of zettabytes of altered cells in a short - interval), but we'd rather block them off in case there are any - classes of this attack that we missed. Reported by dvorak. - |