diff options
-rw-r--r-- | ChangeLog | 169 |
1 files changed, 165 insertions, 4 deletions
@@ -1,4 +1,165 @@ -hey, emacs, got something for you: -*- fundamental -*- - -ChangeLog ----------
\ No newline at end of file +Changes in version 0.0.2pre20 - 2004-01-30 + o New features: + - We now have a deb package, and it's in debian unstable. Go to + it, apt-getters. :) + - I've split the TotalBandwidth option into BandwidthRate (how many + bytes per second you want to allow, long-term) and + BandwidthBurst (how many bytes you will allow at once before the cap + kicks in). This better token bucket approach lets you, say, set + BandwidthRate to 10KB/s and BandwidthBurst to 10MB, allowing good + performance while not exceeding your monthly bandwidth quota. + - Push out a tls record's worth of data once you've got it, rather + than waiting until you've read everything waiting to be read. This + may improve performance by pipelining better. We'll see. + - Add an AP_CONN_STATE_CONNECTING state, to allow streams to detach + from failed circuits (if they haven't been connected yet) and attach + to new ones. + - Expire old streams that haven't managed to connect. Some day we'll + have them reattach to new circuits instead. + + o Bugfixes: + - Fix several memory leaks that were causing servers to become bloated + after a while. + - Fix a few very rare assert triggers. A few more remain. + - Setuid to User _before_ complaining about running as root. + + +Changes in version 0.0.2pre19 - 2004-01-07 + o Bugfixes: + - Fix deadlock condition in dns farm. We were telling a child to die by + closing the parent's file descriptor to him. But newer children were + inheriting the open file descriptor from the parent, and since they + weren't closing it, the socket never closed, so the child never read + eof, so he never knew to exit. Similarly, dns workers were holding + open other sockets, leading to all sorts of chaos. + - New cleaner daemon() code for forking and backgrounding. + - If you log to a file, it now prints an entry at the top of the + logfile so you know it's working. + - The onionskin challenge length was 30 bytes longer than necessary. + - Started to patch up the spec so it's not quite so out of date. + + +Changes in version 0.0.2pre18 - 2004-01-02 + o Bugfixes: + - Fix endian issues with the 'integrity' field in the relay header. + - Fix a potential bug where connections in state + AP_CONN_STATE_CIRCUIT_WAIT might unexpectedly ask to write. + + +Changes in version 0.0.2pre17 - 2003-12-30 + o Bugfixes: + - Made --debuglogfile (or any second log file, actually) work. + - Resolved an edge case in get_unique_circ_id_by_conn where a smart + adversary could force us into an infinite loop. + + o Features: + - Each onionskin handshake now includes a hash of the computed key, + to prove the server's identity and help perfect forward secrecy. + - Changed cell size from 256 to 512 bytes (working toward compatibility + with MorphMix). + - Changed cell length to 2 bytes, and moved it to the relay header. + - Implemented end-to-end integrity checking for the payloads of + relay cells. + - Separated streamid from 'recognized' (otherwise circuits will get + messed up when we try to have streams exit from the middle). We + use the integrity-checking to confirm that a cell is addressed to + this hop. + - Randomize the initial circid and streamid values, so an adversary who + breaks into a node can't learn how many circuits or streams have + been made so far. + + +Changes in version 0.0.2pre16 - 2003-12-14 + o Bugfixes: + - Fixed a bug that made HUP trigger an assert + - Fixed a bug where a circuit that immediately failed wasn't being + counted as a failed circuit in counting retries. + + o Features: + - Now we close the circuit when we get a truncated cell: otherwise we're + open to an anonymity attack where a bad node in the path truncates + the circuit and then we open streams at him. + - Add port ranges to exit policies + - Add a conservative default exit policy + - Warn if you're running tor as root + - on HUP, retry OR connections and close/rebind listeners + - options.EntryNodes: try these nodes first when picking the first node + - options.ExitNodes: if your best choices happen to include any of + your preferred exit nodes, you choose among just those preferred + exit nodes. + - options.ExcludedNodes: nodes that are never picked in path building + + +Changes in version 0.0.2pre15 - 2003-12-03 + o Robustness and bugfixes: + - Sometimes clients would cache incorrect DNS resolves, which would + really screw things up. + - An OP that goes offline would slowly leak all its sockets and stop + working. + - A wide variety of bugfixes in exit node selection, exit policy + handling, and processing pending streams when a new circuit is + established. + - Pick nodes for a path only from those the directory says are up + - Choose randomly from all running dirservers, not always the first one + - Increase allowed http header size for directory fetch. + - Stop writing to stderr (if we're daemonized it will be closed). + - Enable -g always, so cores will be more useful to me. + - Switch "-lcrypto -lssl" to "-lssl -lcrypto" for broken distributions. + + o Documentation: + - Wrote a man page. It lists commonly used options. + + o Configuration: + - Change default loglevel to warn. + - Make PidFile default to null rather than littering in your CWD. + - OnionRouter config option is now obsolete. Instead it just checks + ORPort>0. + - Moved to a single unified torrc file for both clients and servers. + + +Changes in version 0.0.2pre14 - 2003-11-29 + o Robustness and bugfixes: + - Force the admin to make the DataDirectory himself + - to get ownership/permissions right + - so clients no longer make a DataDirectory and then never use it + - fix bug where a client who was offline for 45 minutes would never + pull down a directory again + - fix (or at least hide really well) the dns assert bug that was + causing server crashes + - warnings and improved robustness wrt clockskew for certs + - use the native daemon(3) to daemonize, when available + - exit if bind() fails + - exit if neither socksport nor orport is defined + - include our own tor_timegm (Win32 doesn't have its own) + - bugfix for win32 with lots of connections + - fix minor bias in PRNG + - make dirserver more robust to corrupt cached directory + + o Documentation: + - Wrote the design document (woo) + + o Circuit building and exit policies: + - Circuits no longer try to use nodes that the directory has told them + are down. + - Exit policies now support bitmasks (18.0.0.0/255.0.0.0) and + bitcounts (18.0.0.0/8). + - Make AP connections standby for a circuit if no suitable circuit + exists, rather than failing + - Circuits choose exit node based on addr/port, exit policies, and + which AP connections are standing by + - Bump min pathlen from 2 to 3 + - Relay end cells have a payload to describe why the stream ended. + - If the stream failed because of exit policy, try again with a new + circuit. + - Clients have a dns cache to remember resolved addresses. + - Notice more quickly when we have no working circuits + + o Configuration: + - APPort is now called SocksPort + - SocksBindAddress, ORBindAddress, DirBindAddress let you configure + where to bind + - RecommendedVersions is now a config variable rather than + hardcoded (for dirservers) + - Reloads config on HUP + - Usage info on -h or --help + - If you set User and Group config vars, it'll setu/gid to them. |