summaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
authorRoger Dingledine <arma@torproject.org>2013-02-04 17:06:01 -0500
committerRoger Dingledine <arma@torproject.org>2013-02-04 17:06:01 -0500
commit03bdb4d5cef676a4332e7982d004afe4ff9110c1 (patch)
treef063f700aa01d495c5d196d226c785fd1f0f3def /ChangeLog
parent12f2d986f327de281cb70377a7cf926b0f40f4e4 (diff)
downloadtor-03bdb4d5cef676a4332e7982d004afe4ff9110c1.tar.gz
tor-03bdb4d5cef676a4332e7982d004afe4ff9110c1.zip
fold in changes for 0.2.4.10-alpha
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog138
1 files changed, 137 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index 7c5a490c42..0ed7f56c7c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,140 @@
-Changes in version 0.2.4.10-alpha - 2013-0?-??
+Changes in version 0.2.4.10-alpha - 2013-02-04
+ Tor 0.2.4.10-alpha adds defenses at the directory authority level from
+ certain attacks that flood the network with relays; changes the queue
+ for circuit create requests from a sized-based limit to a time-based
+ limit; resumes building with MSVC on Windows; and fixes a wide variety
+ of other issues.
+
+ o Major bugfixes (directory authority):
+ - When computing directory thresholds, ignore any rejected-as-sybil
+ nodes during the computation so that they can't influence Fast,
+ Guard, etc. (We shoud have done this for proposal 109.) Fixes
+ bug 8146.
+ - When marking a node as a likely sybil, reset its uptime metrics
+ to zero, so that it cannot time towards getting marked as Guard,
+ Stable, or HSDir. (We shoud have done this for proposal 109.) Fixes
+ bug 8147.
+
+ o Major bugfixes:
+ - When a TLS write is partially successful but incomplete, remember
+ that the flushed part has been flushed, and notice that bytes were
+ actually written. Reported and fixed pseudonymously. Fixes bug
+ 7708; bugfix on Tor 0.1.0.5-rc.
+ - Reject bogus create and relay cells with 0 circuit ID or 0 stream
+ ID: these could be used to create unexpected streams and circuits
+ which would count as "present" to some parts of Tor but "absent"
+ to others, leading to zombie circuits and streams or to a bandwidth
+ denial-of-service. Fixes bug 7889; bugfix on every released version
+ of Tor. Reported by "oftc_must_be_destroyed".
+ - Rename all macros in our local copy of queue.h to begin with "TOR_".
+ This change seems the only good way to permanently prevent conflicts
+ with queue.h on various operating systems. Fixes bug 8107; bugfix
+ on 0.2.4.6-alpha.
+
+ o Major features (relay):
+ - Instead of limiting the number of queued onionskins (aka circuit
+ create requests) to a fixed, hard-to-configure number, we limit
+ the size of the queue based on how many we expect to be able to
+ process in a given amount of time. We estimate the time it will
+ take to process an onionskin based on average processing time
+ of previous onionskins. Closes ticket 7291. You'll never have to
+ configure MaxOnionsPending again.
+
+ o Major features (portability):
+ - Resume building correctly with MSVC and Makefile.nmake. This patch
+ resolves numerous bugs and fixes reported by ultramage, including
+ 7305, 7308, 7309, 7310, 7312, 7313, 7315, 7316, and 7669.
+ - Make the ntor and curve25519 code build correctly with MSVC.
+ Fix on 0.2.4.8-alpha.
+
+ o Minor features:
+ - When directory authorities are computing thresholds for flags,
+ never let the threshold for the Fast flag fall below 4096
+ bytes. Also, do not consider nodes with extremely low bandwidths
+ when deciding thresholds for various directory flags. This change
+ should raise our threshold for Fast relays, possibly in turn
+ improving overall network performance; see ticket 1854. Resolves
+ ticket 8145.
+ - The Tor client now ignores sub-domain components of a .onion
+ address. This change makes HTTP "virtual" hosting
+ possible: http://foo.aaaaaaaaaaaaaaaa.onion/ and
+ http://bar.aaaaaaaaaaaaaaaa.onion/ can be two different websites
+ hosted on the same hidden service. Implements proposal 204.
+ - We compute the overhead from passing onionskins back and forth to
+ cpuworkers, and report it when dumping statistics in response to
+ SIGUSR1. Supports ticket 7291.
+
+ o Minor features (path selection):
+ - When deciding whether we have enough descriptors to build circuits,
+ instead of looking at raw relay counts, look at which fraction
+ of (bandwidth-weighted) paths we're able to build. This approach
+ keeps clients from building circuits if their paths are likely to
+ stand out statistically. The default fraction of paths needed is
+ taken from the consensus directory; you can override it with the
+ new PathsNeededToBuildCircuits option. Fixes ticket 5956.
+ - When any country code is listed in ExcludeNodes or ExcludeExitNodes,
+ and we have GeoIP information, also exclude all nodes with unknown
+ countries "??" and "A1". This behavior is controlled by the
+ new GeoIPExcludeUnknown option: you can make such nodes always
+ excluded with "GeoIPExcludeUnknown 1", and disable the feature
+ with "GeoIPExcludeUnknown 0". Setting "GeoIPExcludeUnknown auto"
+ gets you the default behavior. Implements feature 7706.
+ - Path Use Bias: Perform separate accounting for successful circuit
+ use. Keep separate statistics on stream attempt rates versus stream
+ success rates for each guard. Provide configurable thresholds to
+ determine when to emit log messages or disable use of guards that
+ fail too many stream attempts. Resolves ticket 7802.
+
+ o Minor features (log messages):
+ - When learning a fingerprint for a bridge, log its corresponding
+ transport type. Implements ticket 7896.
+ - Improve the log message when "Bug/attack: unexpected sendme cell
+ from client" occurs, to help us track bug 8093.
+
+ o Minor bugfixes:
+ - Remove a couple of extraneous semicolons that were upsetting the
+ cparser library. Patch by Christian Grothoff. Fixes bug 7115;
+ bugfix on 0.2.2.1-alpha.
+ - Remove a source of rounding error during path bias count scaling;
+ don't count cannibalized circuits as used for path bias until we
+ actually try to use them; and fix a circuit_package_relay_cell()
+ warning message about n_chan==NULL. Fixes bug 7802.
+ - Detect nacl when its headers are in a nacl/ subdirectory. Also,
+ actually link against nacl when we're configured to use it. Fixes
+ bug 7972; bugfix on 0.2.4.8-alpha.
+ - Compile correctly with the --disable-curve25519 option. Fixes
+ bug 8153; bugfix on 0.2.4.8-alpha.
+
+ o Build improvements:
+ - Do not report status verbosely from autogen.sh unless the -v flag
+ is specified. Fixes issue 4664. Patch from Onizuka.
+ - Replace all calls to snprintf() outside of src/ext with
+ tor_snprintf(). Also remove the #define to replace snprintf with
+ _snprintf on Windows; they have different semantics, and all of
+ our callers should be using tor_snprintf() anyway. Fixes bug 7304.
+ - Try to detect if we are ever building on a platform where
+ memset(...,0,...) does not set the value of a double to 0.0. Such
+ platforms are permitted by the C standard, though in practice
+ they're pretty rare (since IEEE 754 is nigh-ubiquitous). We don't
+ currently support them, but it's better to detect them and fail
+ than to perform erroneously.
+
+ o Removed features:
+ - Stop exporting estimates of v2 and v3 directory traffic shares
+ in extrainfo documents. They were unneeded and sometimes inaccurate.
+ Also stop exporting any v2 directory request statistics. Resolves
+ ticket 5823.
+ - Drop support for detecting and warning about versions of Libevent
+ before 1.3e. Nothing reasonable ships with them any longer;
+ warning the user about them shouldn't be needed. Resolves ticket
+ 6826.
+
+ o Code simplifications and refactoring:
+ - Rename "isin" functions to "contains", for grammar. Resolves
+ ticket 5285.
+ - Rename Tor's logging function log() to tor_log(), to avoid conflicts
+ with the natural logarithm function from the system libm. Resolves
+ ticket 7599.
Changes in version 0.2.4.9-alpha - 2013-01-15