summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog77
-rw-r--r--changes/UserspaceIOCPBuffers7
-rw-r--r--changes/aes_hackery10
-rw-r--r--changes/bug24745
-rw-r--r--changes/bug34727
-rw-r--r--changes/bug39536
-rw-r--r--changes/bug42305
-rw-r--r--changes/bug431211
-rw-r--r--changes/bug45544
-rw-r--r--changes/bug45744
-rw-r--r--changes/checkSpaces5
-rw-r--r--changes/disable_debugger_attachment16
-rw-r--r--changes/make_version4
-rw-r--r--changes/pure_removal7
14 files changed, 77 insertions, 91 deletions
diff --git a/ChangeLog b/ChangeLog
index 4b9d9f05de..9a7d50af8d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,80 @@
+Changes in version 0.2.3.9-alpha - 2011-1?-??
+ o Major features:
+ - When using OpenSSL 1.0.0 or later, use OpenSSL's counter mode
+ implementation. It makes AES_CTR about 7% faster than our old one
+ (which was about 10% faster than the one OpenSSL used to provide).
+ Resolves ticket 4526.
+ - Tor clients and bridges can now be easily configured to use a
+ separate 'transport' proxy. This approach helps to resist
+ censorship by allowing bridges to use protocol obfuscation
+ plugins. It implements the 'managed proxy' part of proposal
+ 180. Implements ticket 3472.
+ - Block excess renegotiations even if they are RFC5746 compliant.
+ This security fix mitigates potential SSL Denial of Service attacks
+ that use SSL renegotiation as a way of forcing the server to perform
+ unneeded computationally expensive SSL handshakes. Implements
+ ticket 4312.
+
+ o Major bugfixes:
+ - Teach Tor how to notice excess renegotiation attempts before it
+ receives the first data SSL record. Fixes part of ticket 4312.
+ - Only use the EVP interface when AES acceleration is enabled,
+ to avoid a 5-7% performance regression. Resolves issue 4525;
+ bugfix on 0.2.3.8-alpha.
+
+ o Minor features:
+ - Experimental support for running on Windows with IOCP and no
+ kernel-space socket buffers. This feature is controlled by a new
+ UserspaceIOCPBuffers feature (off by default), which has no
+ effect unless Tor has been built with support for bufferevents,
+ is running on Windows, and has enabled IOCP. This may, in the
+ long run, help solve or mitigate bug 98.
+ - Try to make the introductory warning message that Tor prints on
+ startup more useful for actually finding help and information.
+ Resolves ticket 2474.
+ - Running "make version" now displays the version of Tor that
+ we're about to build. Idea from katmagic; resolves issue 4400.
+ - If set to 1, Tor will attempt to prevent basic debugging
+ attachment attempts by other processes. It has no impact for
+ users who wish to attach if they have CAP_SYS_PTRACE or if they
+ are root. We believe that this feature works on modern
+ Gnu/Linux distributions, and that it may also work on OSX and
+ some *BSD systems (untested). Some modern Gnu/Linux systems
+ such as Ubuntu have the kernel.yama.ptrace_scope sysctl and by
+ default enable it as an attempt to limit the PTRACE scope for
+ all user processes by default. This feature will attempt to
+ limit the PTRACE scope for Tor specifically - it will not
+ attempt to alter the system wide ptrace scope as it may not even
+ exist. If you wish to attach to Tor with a debugger such as gdb
+ or strace you will want to set this to 0 for the duration of
+ your debugging. Normal users should leave it on. (Default: 1)
+
+ o Minor bugfixes:
+ - Resolve an integer overflow bug in smartlist_ensure_capacity().
+ Fixes bug 4230; bugfix on Tor 0.1.0.1-rc. Based on a patch by
+ Mansour Moufid.
+ - Fix a compile warning in tor_inet_pton(). Bugfix on 0.2.3.8-alpha;
+ fixes bug 4554.
+ - Fix a minor formatting issue in one of tor-gencert's error messages.
+ Fixes bug 4574.
+ - Prevent a false positive from the check-spaces script, by disabling
+ the "whitespace between function name and (" check for functions
+ named 'op()'.
+
+ o Build fixes:
+ - Properly handle the case where the build-tree is not the same
+ as the source tree when generating src/common/common_sha1.i,
+ src/or/micro-revision.i, and src/or/or_sha1.i. Fixes bug 3953;
+ bugfix on 0.2.0.1-alpha.
+
+ o Code simplifications and refactorings:
+ - Remove the pure attribute from all functions that used it
+ previously. In many cases we assigned it incorrectly, because the
+ functions might assert or call impure functions, and we don't have
+ evidence that keeping the pure attribute is worthwhile. Implements
+ changes suggested in ticket 4421.
+
+
Changes in version 0.2.3.8-alpha - 2011-11-22
Tor 0.2.3.8-alpha fixes some crash and assert bugs, including a
socketpair-related bug that has been bothering Windows users. It adds
diff --git a/changes/UserspaceIOCPBuffers b/changes/UserspaceIOCPBuffers
deleted file mode 100644
index 7115b5fe55..0000000000
--- a/changes/UserspaceIOCPBuffers
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor features:
- - Experimental support for running on Windows with IOCP and no
- kernel-space socket buffers. This feature is controlled by a new
- UserspaceIOCPBuffers feature (off by default), which has no
- effect unless Tor has been built with support for bufferevents,
- is running on Windows, and has enabled IOCP. This may, in the
- long run, help solve or mitigate bug 98.
diff --git a/changes/aes_hackery b/changes/aes_hackery
deleted file mode 100644
index 8b2ef1a2e3..0000000000
--- a/changes/aes_hackery
+++ /dev/null
@@ -1,10 +0,0 @@
- o Major features (AES performance):
- - When using OpenSSL 1.0.0 or later, use OpenSSL's counter mode
- implementation; it makes AES_CTR about 7% faster than our old one
- (which was about 10% faster than the one OpenSSL used to provide).
- Resolves issue #4526.
-
- o Major bugfixes (AES performance):
- - Only use the EVP interface when AES acceleration is enabled,
- to avoid a 5-7% performance regression. Resolves issue #4525,
- bugfix on 0.2.3.8-alpha.
diff --git a/changes/bug2474 b/changes/bug2474
deleted file mode 100644
index 02d3eb7ba9..0000000000
--- a/changes/bug2474
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features
- - Try to make the introductory warning message that Tor prints on
- startup more useful for actually finding help and information.
- Resolves bug2474.
-
diff --git a/changes/bug3472 b/changes/bug3472
deleted file mode 100644
index d99d8400e6..0000000000
--- a/changes/bug3472
+++ /dev/null
@@ -1,7 +0,0 @@
- o Major features:
-
- - Tor clients and bridges can now be easily configured to use a
- separate 'transport' proxy. This approach helps to resist
- censorship by allowing bridges to use protocol obfuscation
- plugins. It implements the 'managed proxy' part of proposal
- 180. Implements ticket #3472.
diff --git a/changes/bug3953 b/changes/bug3953
deleted file mode 100644
index 5b3919f107..0000000000
--- a/changes/bug3953
+++ /dev/null
@@ -1,6 +0,0 @@
- o Build fixes:
- - Properly handle the case where the build-tree is not the same
- as the source tree when generating src/common/common_sha1.i,
- src/or/micro-revision.i and src/or/or_sha1.i. Fixes bug 3953;
- bugfix on 0.2.0.1-alpha.
-
diff --git a/changes/bug4230 b/changes/bug4230
deleted file mode 100644
index c1ba5847fc..0000000000
--- a/changes/bug4230
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - Resolve an integer overflow bug in smartlist_ensure_capacity.
- Fixes bug 4230; bugfix on Tor 0.1.0.1-rc. Based on a patch by
- Mansour Moufid.
-
diff --git a/changes/bug4312 b/changes/bug4312
deleted file mode 100644
index f8647d3c76..0000000000
--- a/changes/bug4312
+++ /dev/null
@@ -1,11 +0,0 @@
- o Security fixes:
-
- - Block excess renegotiations even if they are RFC5746 compliant.
- This mitigates potential SSL Denial of Service attacks that use
- SSL renegotiation as a way of forcing the server to perform
- unneeded computationally expensive SSL handshakes. Implements
- #4312.
-
- - Fix a bug where tor would not notice excess renegotiation
- attempts before it received the first data SSL record. Fixes
- part of #4312.
diff --git a/changes/bug4554 b/changes/bug4554
deleted file mode 100644
index e4754c29e9..0000000000
--- a/changes/bug4554
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Fix a compile warning in tor_inet_pton(). Bugfix on 0.2.3.8-alpha;
- fixes bug 4554.
-
diff --git a/changes/bug4574 b/changes/bug4574
deleted file mode 100644
index 0a57957c46..0000000000
--- a/changes/bug4574
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Fix a minor formatting issue in one of tor-gencert's error messages.
- Fixes bug 4574.
-
diff --git a/changes/checkSpaces b/changes/checkSpaces
deleted file mode 100644
index 91f79ed0fa..0000000000
--- a/changes/checkSpaces
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - Prevent a false positive from the check-spaces script by disabling
- the "whitespace between function name and (" check for functions
- named 'op()'.
-
diff --git a/changes/disable_debugger_attachment b/changes/disable_debugger_attachment
deleted file mode 100644
index b413788e3b..0000000000
--- a/changes/disable_debugger_attachment
+++ /dev/null
@@ -1,16 +0,0 @@
- o Minor features:
- - If set to 1, Tor will attempt to prevent basic debugging
- attachment attempts by other processes. It has no impact for
- users who wish to attach if they have CAP_SYS_PTRACE or if they
- are root. We believe that this feature works on modern
- Gnu/Linux distributions, and that it may also work on OSX and
- some *BSD systems (untested). Some modern Gnu/Linux systems
- such as Ubuntu have the kernel.yama.ptrace_scope sysctl and by
- default enable it as an attempt to limit the PTRACE scope for
- all user processes by default. This feature will attempt to
- limit the PTRACE scope for Tor specifically - it will not
- attempt to alter the system wide ptrace scope as it may not even
- exist. If you wish to attach to Tor with a debugger such as gdb
- or strace you will want to set this to 0 for the duration of
- your debugging. Normal users should leave it on. (Default: 1)
-
diff --git a/changes/make_version b/changes/make_version
deleted file mode 100644
index b736a875ef..0000000000
--- a/changes/make_version
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (build):
- - Running "make version" now displays the version of Tor that
- we're about to build. Idea from katmagic; resolves issue 4400.
-
diff --git a/changes/pure_removal b/changes/pure_removal
deleted file mode 100644
index 4a3343ccfd..0000000000
--- a/changes/pure_removal
+++ /dev/null
@@ -1,7 +0,0 @@
- o Code simplifications and refactorings:
- - Remove the pure attribute from all functions that used it previously.
- In many cases this we assigned it incorrectly, because the functions
- might assert or call impure functions, and we don't have evidence
- that keeping the pure attribute is worthwhile. Implements changes
- suggested in ticket 4421.
-