From 87f129977c7201ff15a567e297a82403dabfb723 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 21 Jan 2020 12:32:33 -0500 Subject: changelog: small edits --- ChangeLog | 295 ++++++++++++++++++++++++++++++-------------------------------- 1 file changed, 141 insertions(+), 154 deletions(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 81f32646f6..3dfe250618 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,47 +6,50 @@ Changes in version 0.4.3.1-alpha - 2020-01-2? the integration tests. (Python 2 is officially unsupported upstream, as of 1 Jan 2020.) Closes ticket 32608. - o Major feature (onion service, SOCKS5): - - Introduce a new SocksPort flag named: ExtendedErrors. Detailed in - proposal 304, a number of onion service error codes are now sent - back, if this flag is set, with the SOCKS5 protocol using new - custom error values. Closes ticket 30382; - o Major features (build system): - - Create an optional relay module, which can be disabled using the - --disable-module-relay configure option. When it is set, also - disable the dirauth module. Add a minimal implemention, which - disables the relay and dircache modes in tor. Closes ticket 32123. - - o Major features (controller): - - New ONION_CLIENT_AUTH_ADD control port command to add client-side - onion service client authorization credentials. Closes part of - ticket 30381. - - New ONION_CLIENT_AUTH_REMOVE control port command to remove - client-side onion service client authorization credentials. Closes - part of ticket 30381. - - New ONION_CLIENT_AUTH_VIEW control port command to view stored - client-side onion service client authorization credentials. Closes - part of ticket 30381. + - The relay code can now be disabled using the --disable-module-relay + configure option. When this option is set, we also disable the + dirauth module. Closes ticket 32123. + - When Tor is compiled --disable-module-relay, we also omit the code + used to act as a directory cache. Closes ticket 32487. o Major features (directory authority, ed25519): - Add support for banning a relay's ed25519 keys in the approved- - routers file. This will allow us to migrate away from RSA keys in - the future. Previously, only RSA keys could be banned in approved- + routers file. This will help us migrate away from RSA keys in the + future. Previously, only RSA keys could be banned in approved- routers. Resolves ticket 22029. Patch by Neel Chauhan. - o Major features (documentation): - - Provide a Circuit Padding Framework quickstart guide and developer - documentation for researchers to implement and study Circuit - Padding machines. Closes ticket 28804. + o Major features (onion service, controller): + - New control port commands to manage client-side onion service + authorization credentials. The ONION_CLIENT_AUTH_ADD command adds + a credential, ONION_CLIENT_AUTH_REMOVE deletes a credential, and + ONION_CLIENT_AUTH_VIEW lists the credentials. Closes ticket 30381. + + o Major features (onion service, SOCKS5): + - Introduce a new SocksPort flag, ExtendedErrors, to support more + detailed error codes in information for applications that support + them. Closes ticket 30382; implements proposal 304. o Major features (proxy): - - In addition to HTTP CONNECT, SOCKS4, and SOCKS5, Tor can make all - OR connections through the HAProxy server. A new torrc option was - added to specify the address/port of the server: TCPProxy - :. Currently the only supported protocol in - the option is haproxy. Close ticket 31518. Patch done by Suphanat - Chunhapanya (haxxpop). + - In addition to its current supported proxy types (HTTP CONNECT, + SOCKS4, and SOCKS5), Tor can now make its OR connections through a + HAProxy server. A new torrc option was added to specify the + address/port of the server: TCPProxy :. + Currently the only supported protocol for the option is haproxy. + Close ticket 31518. Patch done by Suphanat Chunhapanya (haxxpop). + + o Major bugfixes (linux seccomp sandbox): + - Correct how we use libseccomp. Particularly, stop assuming that + rules are applied in a particular order or that more rules are + processed after the first match. Neither is the case! In + libseccomp <2.4.0 this lead to some rules having no effect. + Libseccomp 2.4.0 changed how rules are generated leading to a + different ordering which in turn lead to a fatal crash during + startup. Fixes bug 29819; bugfix on 0.2.5.1-alpha. Patch by + Peter Gerber. + - Fix crash when reloading logging configuration while the + experimental sandbox is enabled. Fixes bug 32841; bugfix on + 0.4.1.7. Patch by Peter Gerber. o Major bugfixes (networking): - Correctly handle IPv6 addresses in SOCKS5 RESOLVE_PTR requests, @@ -58,11 +61,11 @@ Changes in version 0.4.3.1-alpha - 2020-01-2? take appropriate action with regards to the client introduction point failure cache. This improves reachability of onion services, since now clients notice failing introduction circuits properly. - Fixes bug 32020; bugfix on 0.3.2.1-alpha; + Fixes bug 32020; bugfix on 0.3.2.1-alpha. o Minor feature (configure, build system): - - Output enabled/disabled features at the end of the configure - process in a pleasing way. Closes ticket 31373. + - Output a list of enabled/disabled features at the end of the + configure process in a pleasing way. Closes ticket 31373. o Minor feature (heartbeat, onion service): - Add the DoS INTRODUCE2 defenses counter to the heartbeat DoS @@ -75,18 +78,14 @@ Changes in version 0.4.3.1-alpha - 2020-01-2? Closes ticket 31241. o Minor features (configuration): - - If the configured hardware crypto accelerator in AccelName is + - If a configured hardware crypto accelerator in AccelName is prefixed with "!", Tor now exits when it cannot be found. Closes ticket 32406. - - We use a flag-driven logic to warn about obsolete configuration + - We now use flag-driven logic to warn about obsolete configuration fields, so that we can include their names. In 0.4.2, we used a special type, which prevented us from generating good warnings. Implements ticket 32404. - o Minor features (continuous integration): - - Call the check_cocci_parse.sh script from Travis CI. Closes - ticket 31919. - o Minor features (controller): - Add stream isolation data to STREAM event. Closes ticket 19859. - Implement a new GETINFO command to fetch microdescriptor @@ -98,19 +97,21 @@ Changes in version 0.4.3.1-alpha - 2020-01-2? this happened. Diagnostic for ticket 32868. o Minor features (defense in depth): - - Add additional sanity checks around tor_vasprintf() usage in case - the function returns an error. Patch by Tobias Stoeckmann. Fixes + - Add additional checks around tor_vasprintf() usage, in case the + function returns an error. Patch by Tobias Stoeckmann. Fixes ticket 31147. o Minor features (developer tooling): - - Remove 0.2.9 series branches from git scripts (git-merge- + - Remove the 0.2.9.x series branches from git scripts (git-merge- forward.sh, git-pull-all.sh, git-push-all.sh, git-setup-dirs.sh). Closes ticket 32772. o Minor features (developer tools): - Add a check_cocci_parse.sh script that checks that new code is parseable by Coccinelle. Add an exceptions file for unparseable - files. Closes ticket 31919. + files, and run the script from travis CI. Closes ticket 31919. + - Call the check_cocci_parse.sh script from a 'check-cocci' Makefile + target. Closes ticket 31919. - Add a rename_c_identifiers.py tool to rename a bunch of C identifiers at once, and generate a well-formed commit message describing the change. This should help with refactoring. Closes @@ -119,23 +120,15 @@ Changes in version 0.4.3.1-alpha - 2020-01-2? semantic patching tool with the correct flags. These flags are fairly easy to forget, and these scripts should help us use Coccinelle more effectively in the future. Closes ticket 31705. - - Call the check_cocci_parse.sh script from a 'check-cocci' Makefile - target. Closes ticket 31919. - - o Minor features (disabling relay support): - - When Tor is compiled --disable-module-relay, we also omit the code - used to act as a directory cache. Closes ticket 32487. - - o Minor features (documentation): - - Make sure that doxygen outputs documentation for all of our C - files. Previously, some were missing @file declarations, causing - them to be ignored. Closes ticket 32307. o Minor features (Doxygen): - Update Doxygen configuration file to a more recent template (from 1.8.15). Closes ticket 32110. - "make doxygen" now works with out-of-tree builds. Closes ticket 32113. + - Make sure that doxygen outputs documentation for all of our C + files. Previously, some were missing @file declarations, causing + them to be ignored. Closes ticket 32307. - Our "make doxygen" target now respects --enable-fatal-warnings by default, and does not warn about items that are missing documentation. To warn about missing documentation, run configure @@ -171,61 +164,58 @@ Changes in version 0.4.3.1-alpha - 2020-01-2? and/or pwdb, which Android doesn't have. Closes ticket 32825. Patch from Hans-Christoph Steiner. - o Minor features (relay module): + o Minor features (relay modularity): - Split the relay and server pluggable transport config code into separate files in the relay module. Disable this code when the - relay module is disabled. Closes ticket 32213. + relay module is disabled. Closes part of ticket 32213. - When the relay module is disabled, reject attempts to set the ORPort, DirPort, DirCache, BridgeRelay, ExtORPort, or ServerTransport* options, rather than ignoring the values of these - options. Closes ticket 32213. + options. Closes part of ticket 32213. o Minor features (relay): - When the relay module is disabled, change the default config so that DirCache is 0, and ClientOnly is 1. Closes ticket 32410. o Minor features (release tools): - - Port our changelog formatting and sorting tools to Python 3. + - Port our ChangeLog formatting and sorting tools to Python 3. Closes ticket 32704. o Minor features (testing): - - Add common failure cases for test_parseconf.sh in + - Detect some common failure cases for test_parseconf.sh in src/test/conf_failures. Closes ticket 32451. - Allow test_parseconf.sh to test expected log outputs for successful configs, as well as failed configs. Closes ticket 32451. - - test_parseconf.sh now supports result variants for any combination - of the optional libraries lzma, nss, and zstd. Closes ticket 32397. + - The test_parseconf.sh script now supports result variants for any + combination of the optional libraries lzma, nss, and zstd. Closes + ticket 32397. o Minor features (tests, Android): - When running the unit tests on Android, create temporary files in a subdirectory of /data/local/tmp. Closes ticket 32172. Based on a patch from Hans-Christoph Steiner. - o Minor bugfix (configuration): - - Check for multiplication overflow when parsing memory units inside - configuration. Fixes bug 30920; bugfix on 0.0.9rc1~46. - o Minor bugfixes (bridges): - - Lowercase the value of BridgeDistribution from torrc before adding + - Lowercase the configured value of BridgeDistribution before adding it to the descriptor. Fixes bug 32753; bugfix on 0.3.2.3-alpha. - o Minor bugfixes (build): + o Minor bugfixes (build system): - Fix "make autostyle" for out-of-tree builds. Fixes bug 32370; bugfix on 0.4.1.2-alpha. - o Minor bugfixes (config): - - When dumping the config, stop adding a trailing space after the - option name, when there is no option value. This issue only - affects options that accept an empty value or list. (Most options - reject empty values, or delete the entire line from the dumped - options.) Fixes bug 32352; bugfix on 0.0.9pre6. - o Minor bugfixes (configuration handling): - Make control_event_conf_changed() take in a config_line_t instead - of a smartlist(k, v, k, v, ...) where keys are followed by values. - Fixes bug 31531; bugfix on 0.2.3.3-alpha. Patch by Neel Chauhan. + of a smartlist of alternating key/value entries. Fixes bug 31531; + bugfix on 0.2.3.3-alpha. Patch by Neel Chauhan. o Minor bugfixes (configuration): + - Check for multiplication overflow when parsing memory units inside + configuration. Fixes bug 30920; bugfix on 0.0.9rc1. + - When dumping the configuration, stop adding a trailing space after + the option name when there is no option value. This issue only + affects options that accept an empty value or list. (Most options + reject empty values, or delete the entire line from the dumped + options.) Fixes bug 32352; bugfix on 0.0.9pre6. - Avoid changing the user's value of HardwareAccel as stored by SAVECONF, when AccelName is set but HardwareAccel is not. Fixes bug 32382; bugfix on 0.2.2.1-alpha. @@ -275,19 +265,6 @@ Changes in version 0.4.3.1-alpha - 2020-01-2? issue with that flag and the map. Fixes bug 32094; bugfix on 0.3.2.1-alpha. - o Minor bugfixes (linux seccomp sandbox): - - Correct how we use libseccomp. Particularly, stop assuming that - rules are applied in a particular order or that more rules are - processed after the first match. Neither is the case! In - libseccomp <2.4.0 this lead to some rules having no effect. - Libseccomp 2.4.0 changed how rules are generated leading to a - different ordering which in turn lead to a fatal crash during - startup. Fixes bug 29819; bugfix on 0.2.5.1-alpha. Patch by - Peter Gerber. - - Fix crash when reloading logging configuration while the - experimental sandbox is enabled. Fixes bug 32841; bugfix on - 0.4.1.7. Patch by Peter Gerber. - o Minor bugfixes (logging, crash): - Avoid a possible crash when trying to log a (fatal) assertion failure about mismatched magic numbers in configuration objects. @@ -301,12 +278,11 @@ Changes in version 0.4.3.1-alpha - 2020-01-2? Neel Chauhan. o Minor bugfixes (onion services v3, client): - - Properly handle the client rendezvous circuit timeout. This - results in better reachability because tor doesn't timeout a - rendezvous circuit awaiting the introduction ACK and thus - preventing tor to re-establish all circuits because the rendezvous - circuit timed out too early. Fixes bug 32021; bugfix - on 0.3.2.1-alpha. + - Properly handle the client rendezvous circuit timeout. Previously + Tor would sometimes timeout a rendezvous circuit awaiting the + introduction ACK, and find itself unable to re-establish all + circuits because the rendezvous circuit timed out too early. Fixes + bug 32021; bugfix on 0.3.2.1-alpha. o Minor bugfixes (onion services): - In cancel_descriptor_fetches(), use @@ -321,7 +297,7 @@ Changes in version 0.4.3.1-alpha - 2020-01-2? o Minor bugfixes (test): - Use the same code to find the tor binary in all of our test scripts. This change makes sure we are always using the coverage - binary, when coverage is enabled. Fixes bug 32368; bugfix + binary when coverage is enabled. Fixes bug 32368; bugfix on 0.2.7.3-rc. o Minor bugfixes (testing): @@ -342,69 +318,18 @@ Changes in version 0.4.3.1-alpha - 2020-01-2? verbosity. Fixes bug 32175; bugfix on 0.2.8.1-alpha. o Minor bugfixes (windows service): - - Initialize publish/subscribe system when running as a windows + - Initialize the publish/subscribe system when running as a windows service. Fixes bug 32778; bugfix on 0.4.1.1-alpha. - o Code simplification and refactoring: - - Add numerous missing dependencies to our include files, so that - they can be included in different reasonable orders and still - compile. Addresses part of ticket 32764. - - Create a new abstraction for formatting control protocol reply - lines based on key-value pairs. Refactor some existing control - protocol code to take advantage of this. Closes ticket 30984. - - Disable relay_periodic when the relay module is disabled. Closes - ticket 32244. - - Disable relay_sys when the relay module is disabled. Closes - ticket 32245. - - Fix some parts of our code that were difficult for Coccinelle to - parse. Related to ticket 31705. - - Fix some small issues in our code that prevented automatic - formatting tools from working. Addresses part of ticket 32764. - - Immutability is now implemented as a flag on individual - configuration options rather than as part of the option-transition - checking code. Closes ticket 32344. - - Instead of keeping a list of configuration options to check for - relative paths, check all the options whose type is "FILENAME". - Solves part of ticket 32339. - - Make all the structs we declare follow the same naming convention - of ending with "_t". Closes ticket 32415. - - Move and rename some configuration-related code for clarity. - Closes ticket 32304. - - Our default log (which ordinarily sends NOTICE-level message to - standard output) is now handled in a more logical manner. - Previously, we replaced the configured log options if they were - empty. Now, we interpret an empty set of log options as meaning - "use the default log". Closes ticket 31999. - - Our include.am files are now broken up by subdirectory. - Previously, src/core/include.am covered all of the subdirectories - in "core", "feature", and "app". Closes ticket 32137. - - Remove some unused arguments from the options_validate() function, - to simplify our code and tests. Closes ticket 32187. - - Remove the last remaining HAVE_MODULE_DIRAUTH inside a function. - Closes ticket 32163. - - Remove underused NS*() macros from test code: they make our tests - more confusing, especially for code-formatting tools. Closes - ticket 32887. - - Replace some confusing identifiers in process_descs.c. Closes - ticket 29826. - - Simplify some relay and dirauth config code. Closes ticket 32213. - - Simplify the options_validate() code so that it looks at the - default options directly, rather than taking default options as an - argument. This change lets us simplify its interface. Closes - ticket 32185. - - Use our new configuration architecture to move most authority- - related options to the directory authority module. Closes - ticket 32806. - - When parsing the command line, handle options that determine our - "quiet level" and our mode of operation (e.g., --dump-config and - so on) all in one table. Closes ticket 32003. - o Deprecated features: - Deprecate the ClientAutoIPv6ORPort option. This option was not true Happy Eyeballs, and often failed on connections that weren't reliably dual-stack. Closes ticket 32942. Patch by Neel Chauhan. o Documentation: + - Provide a quickstart guide for our a Circuit Padding Framework, + and documentation for researchers to implement and study circuit + padding machines. Closes ticket 28804. - Add documentation in 'HelpfulTools.md' to describe how to build a tag file. Closes ticket 32779. - Create a high-level description of the long-term software @@ -449,10 +374,72 @@ Changes in version 0.4.3.1-alpha - 2020-01-2? - Channel layer had a variable length cell handler that was not used and thus removed. Closes ticket 32892. + o Code simplification and refactoring (configuration): + - Immutability is now implemented as a flag on individual + configuration options rather than as part of the option-transition + checking code. Closes ticket 32344. + - Instead of keeping a list of configuration options to check for + relative paths, check all the options whose type is "FILENAME". + Solves part of ticket 32339. + - Our default log (which ordinarily sends NOTICE-level message to + standard output) is now handled in a more logical manner. + Previously, we replaced the configured log options if they were + empty. Now, we interpret an empty set of log options as meaning + "use the default log". Closes ticket 31999. + - Remove some unused arguments from the options_validate() function, + to simplify our code and tests. Closes ticket 32187. + - Simplify the options_validate() code so that it looks at the + default options directly, rather than taking default options as an + argument. This change lets us simplify its interface. Closes + ticket 32185. + - Use our new configuration architecture to move most authority- + related options to the directory authority module. Closes + ticket 32806. + - When parsing the command line, handle options that determine our + "quiet level" and our mode of operation (e.g., --dump-config and + so on) all in one table. Closes ticket 32003. + o Code simplification and refactoring (controller): + - Create a new abstraction for formatting control protocol reply + lines based on key-value pairs. Refactor some existing control + protocol code to take advantage of this. Closes ticket 30984. - Create a helper function that can fetch network status or microdesc consensuses. Closes ticket 31684. + o Code simplification and refactoring (dirauth modularization): + - Remove the last remaining HAVE_MODULE_DIRAUTH inside a function. + Closes ticket 32163. + - Replace some confusing identifiers in process_descs.c. Closes + ticket 29826. + - Simplify some relay and dirauth config code. Closes ticket 32213. + + o Code simplification and refactoring (misc): + - Make all the structs we declare follow the same naming convention + of ending with "_t". Closes ticket 32415. + - Move and rename some configuration-related code for clarity. + Closes ticket 32304. + - Our include.am files are now broken up by subdirectory. + Previously, src/core/include.am covered all of the subdirectories + in "core", "feature", and "app". Closes ticket 32137. + - Remove underused NS*() macros from test code: they make our tests + more confusing, especially for code-formatting tools. Closes + ticket 32887. + + o Code simplification and refactoring (relay modularization): + - Disable relay_periodic when the relay module is disabled. Closes + ticket 32244. + - Disable relay_sys when the relay module is disabled. Closes + ticket 32245. + + o Code simplification and refactoring (tool support): + - Add numerous missing dependencies to our include files, so that + they can be included in different reasonable orders and still + compile. Addresses part of ticket 32764. + - Fix some parts of our code that were difficult for Coccinelle to + parse. Related to ticket 31705. + - Fix some small issues in our code that prevented automatic + formatting tools from working. Addresses part of ticket 32764. + o Documentation (manpage): - Alphabetize the Client Options section of the tor manpage. Closes ticket 32846. -- cgit v1.2.3-54-g00ecf