Loading ChangeLog +46 −47 Original line number Diff line number Diff line Loading @@ -42,12 +42,12 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 proposal 260, completes ticket 17178. Patch by teor and asn. o Major features (resource management): - Tor can now notice it is about to run out of sockets, and preemptively close connections of lower priority. (This feature is off by default for now, since the current prioritizing method is yet not mature enough. You can enable it by setting "DisableOOSCheck 0", but watch out: it might close some sockets you would rather have it keep.) Closes ticket 18640. - Tor can now notice it is about to run out of sockets, and preemptively close connections of lower priority. (This feature is off by default for now, since the current prioritizing method is yet not mature enough. You can enable it by setting "DisableOOSCheck 0", but watch out: it might close some sockets you would rather have it keep.) Closes ticket 18640. o Major bugfixes (circuit building): - Hidden service client-to-intro-point and service-to-rendezvous- Loading @@ -60,21 +60,21 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 rubiate. Fixes bug 19902; bugfix on 0.2.9.1-alpha. o Major bugfixes (hidden services): - Clients now require hidden services to include the TAP keys for their intro points in the hidden service descriptor. This prevents an inadvertent upgrade to ntor, which a malicious hidden service - Clients now require hidden services to include the TAP keys for their intro points in the hidden service descriptor. This prevents an inadvertent upgrade to ntor, which a malicious hidden service could use to distinguish clients by consensus version. Fixes bug 20012; bugfix on 0.2.4.8-alpha. Patch by teor. o Minor features (security, TLS): - Servers no longer support clients that without AES ciphersuites. (3DES is no longer considered an acceptable cipher.) We believe that no such Tor clients currently exist, since Tor has required OpenSSL 0.9.7 or later since 2009. Closes ticket 19998. - Servers no longer support clients that without AES ciphersuites. (3DES is no longer considered an acceptable cipher.) We believe that no such Tor clients currently exist, since Tor has required OpenSSL 0.9.7 or later since 2009. Closes ticket 19998. o Minor feature (fallback directories): - Remove broken entries from the hard-coded fallback directory list. Closes ticket 20190; patch by teor. - Remove broken entries from the hard-coded fallback directory list. Closes ticket 20190; patch by teor. o Minor features (geoip, also in 0.2.8.8): - Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2 Loading @@ -82,11 +82,10 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 o Minor feature (port flags): - Add new flags to the *Port options to finer control over which requests are allowed. The flags are NoDNSRequest, NoOnionTraffic, and the synthetic flag OnionTrafficOnly, which is equivalent to NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. Closes enhancement 18693; patch by "teor". requests are allowed. The flags are NoDNSRequest, NoOnionTraffic, and the synthetic flag OnionTrafficOnly, which is equivalent to NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. Closes enhancement 18693; patch by "teor". o Minor features (directory authority): - After voting, if the authorities decide that a relay is not Loading @@ -94,17 +93,16 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 ticket 20002; implements part of proposal 272. o Minor features (testing): - Disable memory protections on OpenBSD when performing our unit tests for memwipe(). The test deliberately invokes undefined behavior, and the OpenBSD protections interfere with this. Patch from "rubiate". Closes ticket 20066. - Disable memory protections on OpenBSD when performing our unit tests for memwipe(). The test deliberately invokes undefined behavior, and the OpenBSD protections interfere with this. Patch from "rubiate". Closes ticket 20066. o Minor features (testing, ipv6): - Add the single-onion and single-onion-ipv6 chutney targets to "make test-network-all". This requires a recent chutney version with the single onion network flavours (git c72a652 or later). Closes ticket 20072; patch by teor. - Add the single-onion and single-onion-ipv6 chutney targets to "make test-network-all". This requires a recent chutney version with the single onion network flavours (git c72a652 or later). Closes ticket 20072; patch by teor. - Add the hs-ipv6 chutney target to make test-network-all's IPv6 tests. Remove bridges+hs, as it's somewhat redundant. This requires a recent chutney version that supports IPv6 clients, Loading @@ -128,16 +126,17 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 - The unit tests now log all warning messages with the "BUG" flag. Previously, they only logged errors by default. This change will help us make our testing code more correct, and make sure that we only hit this code when we mean to. In the meantime, however, there will be more warnings in the unit test logs than before. This is preparatory work for ticket 19999. only hit this code when we mean to. In the meantime, however, there will be more warnings in the unit test logs than before. This is preparatory work for ticket 19999. - The unit tests now treat any failure of a "tor_assert_nonfatal()" assertion as a test failure. o Minor bug fixes (circuits): - Use the CircuitBuildTimeout option whenever LearnCircuitBuildTimeout is disabled. Previously, we would respect the option when a user disabled it, but not when it was disabled because some other option was set. Fixes bug 20073; bugfix on - Use the CircuitBuildTimeout option whenever LearnCircuitBuildTimeout is disabled. Previously, we would respect the option when a user disabled it, but not when it was disabled because some other option was set. Fixes bug 20073; bugfix on 0.2.4.12-alpha. Patch by teor. o Minor bugfixes (allocation): Loading @@ -158,10 +157,10 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 wrappers. Fixes bug 20110; bugfix on 0.2.9.1-alpha. o Minor bugfixes (directory authority): - Die with a more useful error when the operator forgets to place the authority_signing_key file into the keys directory. This avoids an uninformative assert & traceback about having an invalid key. Fixes bug 20065; bugfix on 0.2.0.1-alpha. - Die with a more useful error when the operator forgets to place the authority_signing_key file into the keys directory. This avoids an uninformative assert & traceback about having an invalid key. Fixes bug 20065; bugfix on 0.2.0.1-alpha. - When allowing private addresses, mark Exits that only exit to private locations as such. Fixes bug 20064; bugfix on 0.2.2.9-alpha. Loading @@ -188,8 +187,8 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 - Add permission to run the sched_yield() and sigaltstack() system calls, in order to support versions of Tor compiled with asan or ubsan code that use these calls. Now "sandbox 1" and "--enable-expensive-hardening" should be compatible on more systems. Fixes bug 20063; bugfix on 0.2.5.1-alpha. "--enable-expensive-hardening" should be compatible on more systems. Fixes bug 20063; bugfix on 0.2.5.1-alpha. o Minor bugfixes (logging): - When logging a message from the BUG() macro, be explicit about Loading @@ -209,8 +208,8 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 o Minor bugfixes (options): - Check the consistency of UseEntryGuards and EntryNodes more reliably. Fixes bug 20074; bugfix on tor- 0.2.4.12-alpha. Patch by teor. reliably. Fixes bug 20074; bugfix on tor- 0.2.4.12-alpha. Patch by teor. - Stop changing the configured value of UseEntryGuards on authorities and Tor2web clients. Fixes bug 20074; bugfix on commits 51fc6799 in tor-0.1.1.16-rc and acda1735 in tor-0.2.4.3- Loading @@ -223,10 +222,10 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 o Minor bugfixes (unit tests): - Fix a shared-random unit test that was failing on big endian architectures due to internal representation of a integer copied to a buffer. The test is changed to take a full 32 bytes of data and use the output of a python script that make the COMMIT and REVEAL calculation according to the spec. Fixes bug 19977; bugfix architectures due to internal representation of a integer copied to a buffer. The test is changed to take a full 32 bytes of data and use the output of a python script that make the COMMIT and REVEAL calculation according to the spec. Fixes bug 19977; bugfix on 0.2.9.1-alpha. - The tor_tls_server_info_callback unit test no longer crashes when debug-level logging is turned on. Fixes bug 20041; bugfix Loading
ChangeLog +46 −47 Original line number Diff line number Diff line Loading @@ -42,12 +42,12 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 proposal 260, completes ticket 17178. Patch by teor and asn. o Major features (resource management): - Tor can now notice it is about to run out of sockets, and preemptively close connections of lower priority. (This feature is off by default for now, since the current prioritizing method is yet not mature enough. You can enable it by setting "DisableOOSCheck 0", but watch out: it might close some sockets you would rather have it keep.) Closes ticket 18640. - Tor can now notice it is about to run out of sockets, and preemptively close connections of lower priority. (This feature is off by default for now, since the current prioritizing method is yet not mature enough. You can enable it by setting "DisableOOSCheck 0", but watch out: it might close some sockets you would rather have it keep.) Closes ticket 18640. o Major bugfixes (circuit building): - Hidden service client-to-intro-point and service-to-rendezvous- Loading @@ -60,21 +60,21 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 rubiate. Fixes bug 19902; bugfix on 0.2.9.1-alpha. o Major bugfixes (hidden services): - Clients now require hidden services to include the TAP keys for their intro points in the hidden service descriptor. This prevents an inadvertent upgrade to ntor, which a malicious hidden service - Clients now require hidden services to include the TAP keys for their intro points in the hidden service descriptor. This prevents an inadvertent upgrade to ntor, which a malicious hidden service could use to distinguish clients by consensus version. Fixes bug 20012; bugfix on 0.2.4.8-alpha. Patch by teor. o Minor features (security, TLS): - Servers no longer support clients that without AES ciphersuites. (3DES is no longer considered an acceptable cipher.) We believe that no such Tor clients currently exist, since Tor has required OpenSSL 0.9.7 or later since 2009. Closes ticket 19998. - Servers no longer support clients that without AES ciphersuites. (3DES is no longer considered an acceptable cipher.) We believe that no such Tor clients currently exist, since Tor has required OpenSSL 0.9.7 or later since 2009. Closes ticket 19998. o Minor feature (fallback directories): - Remove broken entries from the hard-coded fallback directory list. Closes ticket 20190; patch by teor. - Remove broken entries from the hard-coded fallback directory list. Closes ticket 20190; patch by teor. o Minor features (geoip, also in 0.2.8.8): - Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2 Loading @@ -82,11 +82,10 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 o Minor feature (port flags): - Add new flags to the *Port options to finer control over which requests are allowed. The flags are NoDNSRequest, NoOnionTraffic, and the synthetic flag OnionTrafficOnly, which is equivalent to NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. Closes enhancement 18693; patch by "teor". requests are allowed. The flags are NoDNSRequest, NoOnionTraffic, and the synthetic flag OnionTrafficOnly, which is equivalent to NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. Closes enhancement 18693; patch by "teor". o Minor features (directory authority): - After voting, if the authorities decide that a relay is not Loading @@ -94,17 +93,16 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 ticket 20002; implements part of proposal 272. o Minor features (testing): - Disable memory protections on OpenBSD when performing our unit tests for memwipe(). The test deliberately invokes undefined behavior, and the OpenBSD protections interfere with this. Patch from "rubiate". Closes ticket 20066. - Disable memory protections on OpenBSD when performing our unit tests for memwipe(). The test deliberately invokes undefined behavior, and the OpenBSD protections interfere with this. Patch from "rubiate". Closes ticket 20066. o Minor features (testing, ipv6): - Add the single-onion and single-onion-ipv6 chutney targets to "make test-network-all". This requires a recent chutney version with the single onion network flavours (git c72a652 or later). Closes ticket 20072; patch by teor. - Add the single-onion and single-onion-ipv6 chutney targets to "make test-network-all". This requires a recent chutney version with the single onion network flavours (git c72a652 or later). Closes ticket 20072; patch by teor. - Add the hs-ipv6 chutney target to make test-network-all's IPv6 tests. Remove bridges+hs, as it's somewhat redundant. This requires a recent chutney version that supports IPv6 clients, Loading @@ -128,16 +126,17 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 - The unit tests now log all warning messages with the "BUG" flag. Previously, they only logged errors by default. This change will help us make our testing code more correct, and make sure that we only hit this code when we mean to. In the meantime, however, there will be more warnings in the unit test logs than before. This is preparatory work for ticket 19999. only hit this code when we mean to. In the meantime, however, there will be more warnings in the unit test logs than before. This is preparatory work for ticket 19999. - The unit tests now treat any failure of a "tor_assert_nonfatal()" assertion as a test failure. o Minor bug fixes (circuits): - Use the CircuitBuildTimeout option whenever LearnCircuitBuildTimeout is disabled. Previously, we would respect the option when a user disabled it, but not when it was disabled because some other option was set. Fixes bug 20073; bugfix on - Use the CircuitBuildTimeout option whenever LearnCircuitBuildTimeout is disabled. Previously, we would respect the option when a user disabled it, but not when it was disabled because some other option was set. Fixes bug 20073; bugfix on 0.2.4.12-alpha. Patch by teor. o Minor bugfixes (allocation): Loading @@ -158,10 +157,10 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 wrappers. Fixes bug 20110; bugfix on 0.2.9.1-alpha. o Minor bugfixes (directory authority): - Die with a more useful error when the operator forgets to place the authority_signing_key file into the keys directory. This avoids an uninformative assert & traceback about having an invalid key. Fixes bug 20065; bugfix on 0.2.0.1-alpha. - Die with a more useful error when the operator forgets to place the authority_signing_key file into the keys directory. This avoids an uninformative assert & traceback about having an invalid key. Fixes bug 20065; bugfix on 0.2.0.1-alpha. - When allowing private addresses, mark Exits that only exit to private locations as such. Fixes bug 20064; bugfix on 0.2.2.9-alpha. Loading @@ -188,8 +187,8 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 - Add permission to run the sched_yield() and sigaltstack() system calls, in order to support versions of Tor compiled with asan or ubsan code that use these calls. Now "sandbox 1" and "--enable-expensive-hardening" should be compatible on more systems. Fixes bug 20063; bugfix on 0.2.5.1-alpha. "--enable-expensive-hardening" should be compatible on more systems. Fixes bug 20063; bugfix on 0.2.5.1-alpha. o Minor bugfixes (logging): - When logging a message from the BUG() macro, be explicit about Loading @@ -209,8 +208,8 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 o Minor bugfixes (options): - Check the consistency of UseEntryGuards and EntryNodes more reliably. Fixes bug 20074; bugfix on tor- 0.2.4.12-alpha. Patch by teor. reliably. Fixes bug 20074; bugfix on tor- 0.2.4.12-alpha. Patch by teor. - Stop changing the configured value of UseEntryGuards on authorities and Tor2web clients. Fixes bug 20074; bugfix on commits 51fc6799 in tor-0.1.1.16-rc and acda1735 in tor-0.2.4.3- Loading @@ -223,10 +222,10 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 o Minor bugfixes (unit tests): - Fix a shared-random unit test that was failing on big endian architectures due to internal representation of a integer copied to a buffer. The test is changed to take a full 32 bytes of data and use the output of a python script that make the COMMIT and REVEAL calculation according to the spec. Fixes bug 19977; bugfix architectures due to internal representation of a integer copied to a buffer. The test is changed to take a full 32 bytes of data and use the output of a python script that make the COMMIT and REVEAL calculation according to the spec. Fixes bug 19977; bugfix on 0.2.9.1-alpha. - The tor_tls_server_info_callback unit test no longer crashes when debug-level logging is turned on. Fixes bug 20041; bugfix
