diff options
| -rw-r--r-- | ChangeLog | 61 | ||||
| -rw-r--r-- | changes/5053 | 4 | ||||
| -rw-r--r-- | changes/5055 | 9 | ||||
| -rw-r--r-- | changes/bsd_queue | 7 | ||||
| -rw-r--r-- | changes/bug7195 | 4 | ||||
| -rw-r--r-- | changes/bug7212 | 6 | ||||
| -rw-r--r-- | changes/bug7235 | 3 | ||||
| -rw-r--r-- | changes/bug7285 | 4 | ||||
| -rw-r--r-- | changes/bug7350 | 5 | ||||
| -rw-r--r-- | changes/bug7352 | 12 | ||||
| -rw-r--r-- | changes/bug7422 | 3 | ||||
| -rw-r--r-- | changes/bug7464 | 4 | ||||
| -rw-r--r-- | changes/check_for_orconn_on_close | 4 | ||||
| -rw-r--r-- | changes/ewma_policy_c99 | 3 |
14 files changed, 61 insertions, 68 deletions
@@ -1,3 +1,64 @@ +Changes in version 0.2.4.6-alpha - 2012-11-13 + Tor 0.2.4.6-alpha fixes an assert bug that has been plaguing relays, + makes our defense-in-depth memory wiping more reliable, and begins to + count IPv6 addresses in bridge statistics, + + o Major bugfixes: + - Fix an assertion failure that could occur when closing a connection + with a spliced rendezvous circuit. Fix for bug 7212; bugfix on + Tor 0.2.4.4-alpha. + - Tor tries to wipe potentially sensitive data after using it, so + that if some subsequent security failure exposes Tor's memory, + the damage will be limited. But we had a bug where the compiler + was eliminating these wipe operations when it decided that the + memory was no longer visible to a (correctly running) program, + hence defeating our attempt at defense in depth. We fix that + by using OpenSSL's OPENSSL_cleanse() operation, which a compiler + is unlikely to optimize away. Future versions of Tor may use + a less ridiculously heavy approach for this. Fixes bug 7352. + Reported in an article by Andrey Karpov. + + o Minor features: + - Add GeoIP database for IPv6 addresses. The new config option + is GeoIPv6File. + - Bridge statistics now count bridge clients connecting over IPv6: + bridge statistics files now list "bridge-ip-versions" and + extra-info documents list "geoip6-db-digest". The control protocol + "CLIENTS_SEEN" and "ip-to-country" queries now support IPv6. Initial + implementation by "shkoo", addressing ticket 5055. + + o Minor bugfixes: + - Warn when we are binding low ports when hibernation is enabled; + previously we had warned when we were _advertising_ low ports with + hibernation enabled. Fixes bug 7285; bugfix on 0.2.3.9-alpha. + - Fix a harmless bug when opting against publishing a relay descriptor + because DisableNetwork is set. Fixes bug 7464; bugfix on + 0.2.3.9-alpha. + - Add warning message when a managed proxy dies during configuration. + Fixes bug 7195; bugfix on 0.2.4.2-alpha. + - Fix a linking error when building tor-fw-helper without miniupnp. + Fixes bug 7235; bugfix on 0.2.4.2-alpha. Fix by Anthony G. Basile. + - Check for closing an or_connection_t without going through correct + channel functions; emit a warning and then call + connection_or_close_for_error() so we don't assert as in bugs 7212 + and 7267. + - Compile correctly on compilers without C99 designated initializer + support. Fixes bug 7286; bugfix on 0.2.4.4-alpha. + - Avoid a possible assert that can occur when channel_send_destroy() is + called on a channel in CHANNEL_STATE_CLOSING, CHANNEL_STATE_CLOSED, + or CHANNEL_STATE_ERROR when the Tor process is resumed after being + blocked for a long interval. Fixes bug 7350; bugfix on 0.2.4.4-alpha. + - Fix a memory leak on failing cases of channel_tls_process_certs_cell. + Fixes bug 7422; bugfix on 0.2.4.4-alpha. + + o Code simplification and refactoring: + - Start using OpenBSD's implementation of queue.h, so that we don't + need to hand-roll our own pointer and list structures whenever we + need them. (We can't rely on a sys/queue.h, since some operating + systems don't have them, and the ones that do have them don't all + present the same extensions.) + + Changes in version 0.2.4.5-alpha - 2012-10-25 Tor 0.2.4.5-alpha comes hard at the heels of 0.2.4.4-alpha, to fix two important security vulnerabilities that could lead to remotely diff --git a/changes/5053 b/changes/5053 deleted file mode 100644 index c695f3ca9f..0000000000 --- a/changes/5053 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (IPv6): - - Bridge clients connecting over IPv6 are now counted in bridge - statistics. Implementation by shkoo, addressing ticket 5053. - Included in 0.2.3.14-alpha. diff --git a/changes/5055 b/changes/5055 deleted file mode 100644 index d51fef4cf8..0000000000 --- a/changes/5055 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (IPv6): - - Add GeoIP database for IPv6 addresses and use it. The new config - option is GeoIPv6File. - Bridge clients connecting over IPv6 are now counted in bridge - statistics. Bridge statistics files now list "bridge-ip-versions" - and extra-info documents list "geoip6-db-digest". - The control protocol has been extended to support more IPv6 - ("CLIENTS_SEEN" and "ip-to-country"). - Initial implementation by shkoo, addressing ticket 5055. diff --git a/changes/bsd_queue b/changes/bsd_queue deleted file mode 100644 index 024ca6fa5f..0000000000 --- a/changes/bsd_queue +++ /dev/null @@ -1,7 +0,0 @@ - o Code simplification and refactoring: - - Start using OpenBSD's implementation of queue.h, so that we don't - need to hand-roll our own pointer and list structures whenever we - need them. (We can't rely on a sys/queue.h, since some operating - systems don't have them, and the ones that do have them don't all - present the same extensions.) - diff --git a/changes/bug7195 b/changes/bug7195 deleted file mode 100644 index 86ddeca396..0000000000 --- a/changes/bug7195 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Add warning message when a managed proxy dies during - configuration. Fixes bug 7195; bugfix on 0.2.4.2-alpha. - diff --git a/changes/bug7212 b/changes/bug7212 deleted file mode 100644 index be68f50ff7..0000000000 --- a/changes/bug7212 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (relay): - - Fix an assertion failure that could occur when closing a connection - with a spliced rendezvous circuit. Fix for bug 7212; bugfix on - Tor 0.2.4.4-alpha. - - diff --git a/changes/bug7235 b/changes/bug7235 deleted file mode 100644 index 15d610090b..0000000000 --- a/changes/bug7235 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (build): - - Fix a linking error when building tor-fw-helper without miniupnp. - Fixes bug 7235; bugfix on 0.2.4.2-alpha. Fix by Anthony G. Basile. diff --git a/changes/bug7285 b/changes/bug7285 deleted file mode 100644 index 3c00205a4c..0000000000 --- a/changes/bug7285 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Warn when we are binding low ports when hibernation is enabled; - previously we had warned when we were _advertising_ low ports with - hibernation enabled. Fixes bug 7285; bugfix on 0.2.3.9-alpha. diff --git a/changes/bug7350 b/changes/bug7350 deleted file mode 100644 index 9c2f20dab6..0000000000 --- a/changes/bug7350 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Avoid a possible assert that can occur when channel_send_destroy() is - called on a channel in CHANNEL_STATE_CLOSING, CHANNEL_STATE_CLOSED - or CHANNEL_STATE_ERROR when the Tor process is resumed after being - blocked for a long interval. Fixes bug 7350. diff --git a/changes/bug7352 b/changes/bug7352 deleted file mode 100644 index 74a878dbe0..0000000000 --- a/changes/bug7352 +++ /dev/null @@ -1,12 +0,0 @@ - o Major bugfixes: - - Tor tries to wipe potentially sensitive data after using it, so - that if some subsequent security failure exposes Tor's memory, - the damage will be limited. But we had a bug where the compiler - was eliminating these wipe operations when it decided that the - memory was no longer visible to a (correctly running) program, - hence defeating our attempt at defense in depth. We fix that - by using OpenSSL's OPENSSL_cleanse() operation, which a compiler - is unlikely to optimize away. Future versions of Tor may use - a less ridiculously heavy approach for this. Fixes bug 7352. - Reported in an article by Andrey Karpov. - diff --git a/changes/bug7422 b/changes/bug7422 deleted file mode 100644 index 652f1a2231..0000000000 --- a/changes/bug7422 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes: - - Fix a memory leak on failing cases of channel_tls_process_certs_cell. - Fixes bug 7422; bugfix on 0.2.4.4-alpha. diff --git a/changes/bug7464 b/changes/bug7464 deleted file mode 100644 index 9259cc74a3..0000000000 --- a/changes/bug7464 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Fix a harmless bug when opting against publishing a relay descriptor - because DisableNetwork is set. Fixes bug 7464; bugfix on - 0.2.3.9-alpha. diff --git a/changes/check_for_orconn_on_close b/changes/check_for_orconn_on_close deleted file mode 100644 index 4d76d5eb5c..0000000000 --- a/changes/check_for_orconn_on_close +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Check for closing an or_connection_t without going through correct - channel functions; emit a warning and then call - connection_or_close_for_error() so we don't assert as in 7212 and 7267. diff --git a/changes/ewma_policy_c99 b/changes/ewma_policy_c99 deleted file mode 100644 index 49177b388b..0000000000 --- a/changes/ewma_policy_c99 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes: - - Compile correctly on compilers without C99 designated initializer - support. Fixes bug 7286; bugfix on 0.2.4.4-alpha. |