diff options
author | David Goulet <dgoulet@torproject.org> | 2024-12-03 20:47:57 +0000 |
---|---|---|
committer | David Goulet <dgoulet@torproject.org> | 2024-12-03 20:47:57 +0000 |
commit | a789ab32f2191f191370f614cccd4f80bfc7e59b (patch) | |
tree | 6540e845d0f9f2d60803c04dfa5859fd1db6a0a4 /ChangeLog | |
parent | ff34bbf4940f375ad290a42a534f0083abdc2af7 (diff) | |
parent | 997b151b8daaa095ea8933298c5def383608e94f (diff) | |
download | tor-main.tar.gz tor-main.zip |
clean up the 0.4.9.1-alpha changelog/releasenotes
See merge request tpo/core/tor!849
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 185 |
1 files changed, 41 insertions, 144 deletions
@@ -1,45 +1,7 @@ Changes in version 0.4.9.1-alpha - 2024-12-03 This is the first alpha of the 0.4.9.x series. This release mostly consists of bugfixes including some major ones. There are several minor features in - this release but no large new subsystem. Most of the fixes in this release - are already in 0.4.8.x stable series. - - o Major bugfixes (circuit building): - - Conflux circuit building was ignoring the "predicted ports" - feature, which aims to make Tor stop building circuits if there - have been no user requests lately. This bug led to every idle Tor - on the network building and discarding circuits every 30 seconds, - which added overall load to the network, used bandwidth and - battery from clients that weren't actively using their Tor, and - kept sockets open on guards which added connection padding - essentially forever. Fixes bug 40981; bugfix on 0.4.8.1-alpha; - - o Major bugfixes (conflux): - - Fix an issue that prevented us from pre-building more conflux sets - after existing sets had been used. Fixes bug 40862; bugfix - on 0.4.8.1-alpha. - - o Major bugfixes (guard usage): - - When Tor excluded a guard due to temporary circuit restrictions, - it considered *additional* primary guards for potential usage by - that circuit. This could result in more than the specified number - of guards (currently 2) being used, long-term, by the tor client. - This could happen when a Guard was also selected as an Exit node, - but it was exacerbated by the Conflux guard restrictions. Both - instances have been fixed. Fixes bug 40876; bugfix - on 0.3.0.1-alpha. - - o Major bugfixes (onion service): - - Fix a reliability issue where services were expiring their - introduction points every consensus update. This caused - connectivity issues for clients caching the old descriptor and - intro points. Bug reported and fixed by gitlab user - @hyunsoo.kim676. Fixes bug 40858; bugfix on 0.4.7.5-alpha. - - o Major bugfixes (onion service, TROVE-2023-006): - - Fix a possible hard assert on a NULL pointer when recording a - failed rendezvous circuit on the service side for the MetricsPort. - Fixes bug 40883; bugfix on 0.4.8.1-alpha + this release but no large new subsystem. o Major bugfixes (sandbox): - Fix sandbox to work on architectures that use Linux's generic @@ -49,42 +11,11 @@ Changes in version 0.4.9.1-alpha - 2024-12-03 with fragile hardening enabled. Fixes bugs 40465 and 40599; bugfix on 0.2.5.1-alpha. - o Major bugfixes (TROVE-2023-004, relay): - - Mitigate an issue when Tor compiled with OpenSSL can crash during - handshake with a remote relay. Fixes bug 40874; bugfix - on 0.2.7.2-alpha. - - o Major bugfixes (TROVE-2023-007, exit): - - Improper error propagation from a safety check in conflux leg - linking lead to a desynchronization of which legs were part of a - conflux set, ultimately causing a UAF and NULL pointer dereference - crash on Exit relays. Fixes bug 40897; bugfix on 0.4.8.1-alpha. - - o Minor feature (authority): - - Reject 0.4.7.x series at the authority level. Closes ticket 40896. - - o Minor feature (bridges, pluggable transport): - - Add STATUS TYPE=version handler for Pluggable Transport. This - allows us to gather version statistics on Pluggable Transport - usage from bridge servers on our metrics portal. Closes - ticket 11101. - o Minor feature (defense in depth): - Verify needle is smaller than haystack before calling memmem. Closes ticket 40854. - o Minor feature (dirauth): - - Add back faravahar with a new address and new keys. Closes 40689. - - o Minor feature (dirauth, tor26): - - New IP address and keys. - o Minor feature (directory authority): - - Allow BandwidthFiles "node_id" KeyValue without the dollar sign at - the start of the hexdigit, in order to easier database queries - combining Tor documents in which the relays fingerprint does not - include it. Fixes bug 40891; bugfix on 0.4.7 (all supported - versions of Tor). - Introduce MinimalAcceptedServerVersion to allow modification of minimal accepted version for relays without requiring a new tor release. Closes ticket 40817. @@ -116,10 +47,6 @@ Changes in version 0.4.9.1-alpha - 2024-12-03 - Use a fixed version of chutney (be881a1e) instead of its current HEAD. This version should also be preferred when testing locally. - o Minor features (debugging, compression): - - Log the input and output buffer sizes when we detect a potential - compression bomb. Diagnostic for ticket 40739. - o Minor features (forward-compatibility): - We now correctly parse microdescriptors and router descriptors that do not include TAP onion keys. (For backward compatibility, @@ -138,31 +65,11 @@ Changes in version 0.4.9.1-alpha - 2024-12-03 additional parameters with other Tor implementations.) Implements proposal 351. - o Minor bugfix (circuit): - - Remove a log_warn being triggered by a protocol violation that - already emits a protocol warning log. Fixes bug 40932; bugfix - on 0.4.8.1-alpha. - - o Minor bugfix (defensive programming): - - Disable multiple BUG warnings of a missing relay identity key when - starting an instance of Tor compiled without relay support. Fixes - bug 40848; bugfix on 0.4.3.1-alpha. - o Minor bugfix (MetricsPort, relay): - Handle rephist tracking of ntor and ntor_v3 handshakes individually such that MetricsPort exposes the correct values. Fixes bug 40638; bugfix on 0.4.7.11. - o Minor bugfix (NetBSD, compilation): - - Fix compilation issue on NetBSD by avoiding an unnecessary - dependency on "huge" page mappings in Equi-X. Fixes bug 40843; - bugfix on 0.4.8.1-alpha. - - o Minor bugfix (NetBSD, testing): - - Fix test failures in "crypto/hashx" and "slow/crypto/equix" on - x86_64 and aarch64 NetBSD hosts, by adding support for - PROT_MPROTECT() flags. Fixes bug 40844; bugfix on 0.4.8.1-alpha. - o Minor bugfix (process): - Avoid closing all possible FDs when spawning a process (PT). On some systems, this could lead to 3+ minutes hang. Fixes bug 40990; @@ -172,69 +79,24 @@ Changes in version 0.4.9.1-alpha - 2024-12-03 - Disable a sandbox unit test that is failing on Debian Sid breaking our nightly packages. Fixes bug 40918; bugfix on 0.3.5.1-alpha. - o Minor bugfixes (bridge authority): - - When reporting a pseudo-networkstatus as a bridge authority, or - answering "ns/purpose/*" controller requests, include accurate - published-on dates from our list of router descriptors. Fixes bug - 40855; bugfix on 0.4.8.1-alpha. - o Minor bugfixes (bridge): - Don't warn when BridgeRelay is 1 and ExitRelay is explicitly set to 0. Fixes bug 40884; bugfix on 0.4.8.3-rc. - o Minor bugfixes (bridges, statistics): - - Correctly report statistics for client count over Pluggable - transport. Fixes bug 40871; bugfix on 0.4.8.4 - o Minor bugfixes (compiler warnings): - Make sure the two bitfields in the half-closed edge struct are unsigned, as we're using them for boolean values and assign 1 to them. Fixes bug 40911; bugfix on 0.4.7.2-alpha. - o Minor bugfixes (compression, zstd): - - Use less frightening language and lower the log-level of our run- - time ABI compatibility check message in our Zstd compression - subsystem. Fixes bug 40815; bugfix on 0.4.3.1-alpha. - - o Minor bugfixes (conflux): - - Avoid a potential hard assert (crash) when sending a cell on a - Conflux set. Fixes bug 40921; bugfix on 0.4.8.1-alpha. - - Demote a relay-side warn about too many legs to ProtocolWarn, as - there are conditions that it can briefly happen during set - construction. Also add additional set logging details for all - error cases. Fixes bug 40841; bugfix on 0.4.8.1-alpha. - - Make sure we don't process a closed circuit when packaging data. - This lead to a non fatal BUG() spamming logs. Fixes bug 40908; - bugfix on 0.4.8.1-alpha. - - Prevent non-fatal assert stacktrace caused by using conflux sets - during their teardown process. Fixes bug 40842; bugfix - on 0.4.8.1-alpha. - o Minor bugfixes (conflux, client): - Avoid a non fatal assert caused by data coming in on a conflux set that is being freed during shutdown. Fixes bug 40870; bugfix on 0.4.8.1-alpha. - o Minor bugfixes (directory authorities): - - Add a warning when publishing a vote or signatures to another - directory authority fails. Fixes bug 40910; bugfix - on 0.2.0.3-alpha. - - o Minor bugfixes (directory authority): - - Look at the network parameter "maxunmeasuredbw" with the correct - spelling. Fixes bug 40869; bugfix on 0.4.6.1-alpha. - - o Minor bugfixes (memleak, authority): - - Fix a small memleak when computing a new consensus. This only - affects directory authorities. Fixes bug 40966; bugfix - on 0.3.5.1-alpha. - o Minor bugfixes (memory): - Fix a pointer free that wasn't set to NULL afterwards which could be reused by calling back in the free all function. Fixes bug 40989; bugfix on 0.4.8.13. - - Fix memory leaks of the CPU worker code during shutdown. Fixes bug - 833; bugfix on 0.3.5.1-alpha. o Minor bugfixes (sandbox, bwauth): - Fix sandbox to work for bandwidth authority. Fixes bug 40933; @@ -250,11 +112,6 @@ Changes in version 0.4.9.1-alpha - 2024-12-03 - Create socket with correct family as given by sockshost, fixes IPv6. Fixes bug 40982; bugfix on 0.4.9.0-alpha. - o Minor bugfixes (vanguards addon support): - - Count the conflux linked cell as valid when it is successfully - processed. This will quiet a spurious warn in the vanguards addon. - Fixes bug 40878; bugfix on 0.4.8.1-alpha. - o Removed features: - Directory authorities no longer support consensus methods before method 32. Closes ticket 40835. @@ -274,6 +131,46 @@ Changes in version 0.4.9.1-alpha - 2024-12-03 extension protocol. +Changes in version 0.4.8.13 - 2024-10-24 + This is minor release fixing an important client circuit building (Conflux + related) bug which lead to performance degradation and extra load on the + network. Some minor memory leaks fixes as well as an important minor feature + for pluggable transports. We strongly recommend to update as soon as possible + for clients in order to neutralize this conflux bug. + + o Major bugfixes (circuit building): + - Conflux circuit building was ignoring the "predicted ports" + feature, which aims to make Tor stop building circuits if there + have been no user requests lately. This bug led to every idle Tor + on the network building and discarding circuits every 30 seconds, + which added overall load to the network, used bandwidth and + battery from clients that weren't actively using their Tor, and + kept sockets open on guards which added connection padding + essentially forever. Fixes bug 40981; bugfix on 0.4.8.1-alpha; + + o Minor feature (bridges, pluggable transport): + - Add STATUS TYPE=version handler for Pluggable Transport. This + allows us to gather version statistics on Pluggable Transport + usage from bridge servers on our metrics portal. Closes + ticket 11101. + + o Minor features (fallbackdir): + - Regenerate fallback directories generated on October 24, 2024. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2024/10/24. + + o Minor bugfixes (memleak, authority): + - Fix a small memleak when computing a new consensus. This only + affects directory authorities. Fixes bug 40966; bugfix + on 0.3.5.1-alpha. + + o Minor bugfixes (memory): + - Fix memory leaks of the CPU worker code during shutdown. Fixes bug + 833; bugfix on 0.3.5.1-alpha. + + Changes in version 0.4.8.12 - 2024-06-06 This is a minor release with couple bugfixes affecting conflux and logging. We also have the return of faravahar directory authority with new keys and |