cleanups, closer to a changelog

svn:r8606

ChangeLog

 Changes in version 0.1.2.2-alpha - 2006-10-??
   o Major features:
+    - Make our async eventdns library on-by-default for Tor servers,
+      and plan to deprecate using separate dnsworker threads. Let us
+      know if you encounter bugs.
     - Add server-side support for "reverse" DNS lookups (using PTR
       records so clients can determine the canonical hostname for a given
-      IPv4 address). Only supported by servers using our eventdns async
-      library; servers now announce in their descriptors whether they
-      support eventdns.
+      IPv4 address). Only supported by servers using eventdns; servers
+      now announce in their descriptors whether they support eventdns.
     - Specify and implement client-side SOCKS5 interface for reverse DNS
       lookups; see doc/socks-extensions.txt for full information.
     - Add a BEGIN_DIR relay cell type for an easier in-protocol way to
-      connect to directory servers through Tor. Previously, clients
-      could only connect to directory servers over Tor from exit nodes.
-
-  o Minor features:
-    - Check for name servers (like Earthlink's) that hijack failing DNS
-      requests and replace the no-such-server answer with a "helpful"
+      connect to directory servers through Tor. Previously, clients needed
+      to find Tor exits to make private connections to directory servers.
+    - Avoid choosing Exit nodes for entry or middle hops when the
+      total bandwidth available from non-Exit nodes is much higher than
+      the total bandwidth available from Exit nodes.
+    - Workaround for name servers (like Earthlink's) that hijack failing
+      DNS requests and replace the no-such-server answer with a "helpful"
       redirect to an advertising-driven search portal. We're a little
       clever about this, in order to work around DNS hijackers who
       "helpfully" decline to hijack known-invalid RFC2606 addresses.
       Config option "ServerDNSDetectHijacking 0" lets you turn it off.
-    - When asked to resolve a hostname, don't use non-exit servers unless
-      requested to do so. This allows servers with broken DNS to be
-      useful to the network.
+    - Send out a burst of long-range padding cells once we've established
+      that we're reachable. Spread them over 4 circuits, so hopefully
+      a few will be fast. This exercises our bandwidth and bootstraps
+      us into the directory quicker.
+
+  o New/improved config options:
+    - Add new config option "ResolvConf" to let the server operator
+      choose an alternate resolve.conf file.
     - Add an "EnforceDistinctSubnets" option to control our "exclude
       servers on the same /16" behavior.  It's still on by default; this
       is mostly for people who want to operate private test networks with
@@ -34,39 +42,43 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
       as hidden service directories, to make it easier to retire old
       authorities.  V1 authorities should set "HSAuthoritativeDir 1"
       to continue being hidden service authorities too.
+    - Remove 8888 as a LongLivedPort, and add 6697 (IRCS).
+
+  o Minor features, controller:
+    - Fix CIRC controller events so that controllers can learn the
+      identity digests of non-Named servers used in circuit paths.
+    - Give more meaningful errors on control authentication failure.
+    - Add an (off by default) feature so that controllers can get
+      more useful identifiers for servers. Instead of learning identity
+      digests for un-Named servers and nicknames for Named servers,
+      the new identifiers include digest, nickname, and indication of
+      Named status. See control-spec.txt for more information.
+    - Add a "getinfo address" controller command so it can display Tor's
+      best guess to the user.
+
+  o Minor features, other:
+    - When asked to resolve a hostname, don't use non-exit servers unless
+      requested to do so. This allows servers with broken DNS to be
+      useful to the network.
+    - Divide eventdns log messages into warn and info messages.
     - Reserve the nickname "Unnamed" for routers that can't pick
       a hostname; any router can call itself Unnamed; directory
       authorities will never allocate Unnamed to any particular router;
       clients won't believe that any router is the canonical Unnamed.
-    - New controller event to alert the controller when our server
-      descriptor has changed.
     - Only include function names in log messages for debugging messages;
       in other cases, the content of the message should be clear on its
       own, and including the function name only seems to confuse users.
-    - Fix CIRC controller events so that controllers can learn the
-      identity digests of non-Named servers used in circuit paths.
-    - Avoid choosing Exit nodes for entry or middle hops when the
-      bandwidth available in non-Exit nodes is much higher than the
-      bandwidth available in Exit nodes.
-    - Give more meaningful errors on control authentication failure.
-    - Avoid possibility of controller-triggered crash when misusing certain
-      commands from a v0 controller on platforms that do not handle
-      printf("%s",NULL) gracefully.
     - Avoid some false positives during reachability testing: don't try
       to test via a server that's on the same /24 as us.
-    - Avoid controller-triggered crash when misusing certain commands
-      from a v0 controller on platforms that do not handle
-      printf("%s",NULL) gracefully.
-    - Add an (off by default) feature so that controllers can get more useful
-      identifiers for servers. Instead of learning identity digests for
-      un-Named servers and nicknames for Named servers, the new identifiers
-      include digest, nickname, and indication of Named status. See
-      control-spec.txt for more information.
+    - New controller event to alert the controller when our server
+      descriptor has changed.
+    - If we fail to build a circuit to an intended enclave, and it's
+      not mandatory that we use that enclave, stop wanting it.
 
-  o Security Fixes, minor:
+  o Major bugfixes, anonymity/security:
     - If a client asked for a server by name, and there's a named server
       in our network-status but we don't have its descriptor yet, we
-      would return an unnamed one instead.
+      could return an unnamed one instead.
     - Fix NetBSD bug that could allow someone to force uninitialized RAM
       to be sent to a server's DNS resolver. This only affects NetBSD
       and other platforms that do not bounds-check tolower().
@@ -77,94 +89,93 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
       able to remotely teach you about hidden service descriptors. Now
       only accept rendezvous posts if you've got HSAuthoritativeDir set.
 
-  o Major bugfixes:
+  o Major bugfixes, other:
     - Avoiding crashing on race condition in dns.c:
       tor_assert(!resolve->expire)
     - When a client asks the server to resolve (not connect to)
       an address, and it has a cached answer, give them the cached answer.
       Previously, the server would give them no answer at all.
-
-  o Minor Bugfixes:
-    - When testing reachability of our dirport, don't launch a new
-      test if there's already one in progress.
-    - Two small performance improvements on parsing descriptors.
+    - Allow really slow clients to not hang up five minutes into their
+      directory downloads (suggested by Adam J. Richter).
     - We were building exactly the wrong circuits when we anticipated
       hidden service requirements, meaning Tor would have to build all
       its circuits on demand.
-    - Major performance improvement on inserting descriptors: change
-      algorithm from O(n^2) to O(n).
-    - Make the common memory allocation path faster on machines where
-      malloc(0) returns a pointer.
+    - Avoid crashing when we mmap a router cache file of size 0.
+    - When testing reachability of our DirPort, don't launch new
+      tests when there's already one in progress -- unreachable
+      servers were stacking up dozens of testing streams.
+
+  o Minor bugfixes, correctness:
+    - If we're a directory mirror and we ask for "all" network status
+      documents, we would discard status documents from authorities
+      we don't recognize.
+    - Avoid a memory corruption bug when creating a hash table for
+      the first time.
+    - Avoid controller-triggered crash when misusing certain commands
+      from a v0 controller on platforms that do not handle
+      printf("%s",NULL) gracefully.
+    - Don't crash when the controller receives a third argument to an
+      "extendcircuit" request.
+    - Controller protocol fixes: fix encoding in "getinfo addr-mappings"
+      response; fix error code when "getinfo dir/status/" fails.
+    - Avoid crash when telling controller stream-status and a stream
+      is detached.
+    - Apply patch from Adam Langley: fix assert() in eventdns.c.
     - Fix a debug log message in eventdns to say "X resolved to Y"
       instead of "X resolved to X".
+    - Make eventdns give strings for DNS errors, not just error numbers.
+    - Track unreachable entry guards correctly: don't conflate
+      'unreachable by us right now' with 'listed as down by the directory
+      authorities'. With the old code, if a guard was unreachable by
+      us but listed as running, it would clog our guard list forever.
+    - Behave correctly in case we ever have a network with more than
+      2GB per second total advertised capacity.
+    - Make TrackExitHosts case-insensitive, and fix the behavior of
+      ".suffix" TrackExitHosts items to avoid matching in the middle of
+      an address.
+    - Finally fix the openssl warnings from newer gccs that believe that
+      ignoring a return value is okay, but casting a return value and
+      then ignoring it is a sign of madness.
     - Prevent the contrib/exitlist script from printing the same
       result more than once.
+    - Patch from Steve Hildrey: Generate network status correctly on
+      non-versioning dirservers.
+
+  o Minor bugfixes, performance:
+    - Two small performance improvements on parsing descriptors.
+    - Major performance improvement on inserting descriptors: change
+      algorithm from O(n^2) to O(n).
+    - Make the common memory allocation path faster on machines where
+      malloc(0) returns a pointer.
+    - Start remembering X-Your-Address-Is directory hints even if you're
+      a client, so you can become a server more smoothly.
+    - Avoid duplicate entries on MyFamily line in server descriptor.
+
+  o Packaging, features:
+    - Remove architecture from OS X builds. The official builds are
+      now universal binaries.
+    - The Debian package now uses --verify-config when (re)starting,
+      to distinguish configuration errors from other errors.
+    - Update RPMs to require libevent 1.1b.
+
+  o Packaging, bugfixes:
+    - Patches so Tor builds with MinGW on Windows.
+    - Patches so Tor might build and run on Cygwin again.
     - Resume building on non-gcc compilers and ancient gcc. Resume
       building with the -O0 compile flag. Resume building cleanly on
       Debian woody.
     - Correct includes for net/if.h and net/pfvar.h on OpenBSD (from Tup).
-    - Improve Tor's chances of building and running on Cygwin again.
-    - If we're a directory mirror and we ask for "all" network status
-      documents, we would discard status documents from authorities
-      we don't recognize.
-    - Avoid a memory corruption bug when creating a hash table for the first
-      time.
-    - Track unreachable entry guards correctly: don't conflate 'unreachable
-      by us right now' with 'listed as down by the directory authorities'.
-      With the old code, if a guard was unreachable by us but listed as
-      running, it would clog our guard list forever.
-    - Make eventdns give strings for DNS errors, not just error numbers.
-    - Be prepared in case we ever have a network with more than 2GB per
-      second total advertised capacity.
-    - Make TrackExitHosts case-insensitive, and fix the behavior of .suffix
-      TrackExitHosts items to avoid matching in the middle of an address.
     - Add autoconf checks so Tor can build on Solaris x86 again.
 
   o Documentation
     - Documented (and renamed) ServerDNSSearchDomains and
       ServerDNSResolvConfFile options.
+    - Be clearer that the *ListenAddress directives can be repeated
+      multiple times.
 
-  o Packaging:
-    - Patches so Tor builds with MinGW on Windows.
-    - The Debian package now uses --verify-config when (re)starting,
-      to distinguish configuration errors from other errors.
-    - Update rpms to require libevent 1.1b.
-    - Remove architecture from OS X builds. The official builds are
-      now universal binaries.
-
-    - Make eventdns on-by-default.
-    - Divide eventdns log messages into warn and info messages.
-    - Add new config option "ResolvConf" to let the server operator
-      choose an alternate resolve.conf file.
-
-    - Allow really slow clients to not hang up five minutes into their
-      directory downloads (suggested by Adam J. Richter).
-    - Apply patch from Adam Langley: fix assert() in eventdns.c.
-    - Finally fix the openssl warnings with newer gccs that believe that
-      ignoring a return value is okay, but casting a return value and
-      then ignoring it is a sign of madness.
-    - Don't crash when the controller receives a third argument to an
-      "extendcircuit" request.
-    - Add a "getinfo address" controller command.
-    - Controller protocol fixes: fix encoding in "getinfo addr-mappings"
-      response; fix error code when "getinfo dir/status/" fails.
-    - Start remembering X-Your-Address-Is directory hints even if you're
-      a client, so you can become a server more smoothly.
-    - Avoid crash when telling controller stream-status and a stream
-      is detached.
-    - Avoid crashing when we mmap a router cache file of size 0.
-    - Avoid duplicate entries on MyFamily line in server descriptor.
-    - Patch from Steve Hildrey: Generate network status correctly on
-      non-versioning dirservers.
-    - Send out a burst of long-range drop cells after we've established
-      that we're reachable. Spread them over 4 circuits, so hopefully
-      a few will be fast. This exercises our bandwidth and bootstraps
-      us quicker.
-    - Remove 8888 as a long lived port, and add 6697 (ircs).
-    - If we fail to build a circuit to an intended enclave, and it's
-      not mandatory that we use that enclave, stop wanting it.
-
-    (stopped at r8478)
+    (stopped at r8519)
+    - Build correctly for use on OS X platforms with case-sensitive
+      filesystems.
 
 
 Changes in version 0.1.2.1-alpha - 2006-08-27

doc/TODO

@@ -322,6 +322,9 @@ Deferred from 0.1.2.x:
       - Implement
 
 Minor items for 0.1.2.x as time permits:
+  - The Debian package now uses --verify-config when (re)starting,
+    to distinguish configuration errors from other errors. Perhaps
+    the RPM and other startup scripts should too?
   - add a "default.action" file to the tor/vidalia bundle so we can fix the
     https thing in the default configuration:
     http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#PrivoxyWeirdSSLPort

src/or/directory.c

@@ -1041,8 +1041,8 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
     } else {
       /* Can we even end up here? -- weasel*/
       source = NS_FROM_DIR_BY_FP;
-      log_warn(LD_BUG, "we received a networkstatus but we didn't ask "
-                       "for it by fp/ nor did we ask for all.");
+      log_warn(LD_BUG, "We received a networkstatus but we didn't ask "
+                       "for it by fp, nor did we ask for all.");
     }
     cp = body;
     while (*cp) {

src/or/dns.c

@@ -385,12 +385,13 @@ purge_expired_resolves(time_t now)
   assert_cache_ok();
 }
 
-/** Send a response to the RESOLVE request of a connection. answer_type must
- * be one of RESOLVED_TYPE_(IPV4|ERROR|ERROR_TRANSIENT)
+/** Send a response to the RESOLVE request of a connection.
+ * <b>answer_type</b> must be one of
+ * RESOLVED_TYPE_(IPV4|ERROR|ERROR_TRANSIENT).
  *
  * If <b>circ</b> is provided, and we have a cached answer, send the
- * answer back along circ; otherwise, send the answer back along *
- * <b>exitconn</b>'s attached circuit.
+ * answer back along circ; otherwise, send the answer back along
+ * <b>conn</b>'s attached circuit.
  */
 static void
 send_resolved_cell(edge_connection_t *conn, or_circuit_t *circ,
@@ -446,7 +447,7 @@ send_resolved_cell(edge_connection_t *conn, or_circuit_t *circ,
  *
  * If <b>circ</b> is provided, and we have a cached answer, send the
  * answer back along circ; otherwise, send the answer back along
- * <b>exitconn</b>'s attached circuit.
+ * <b>conn</b>'s attached circuit.
  */
 static void
 send_resolved_hostname_cell(edge_connection_t *conn, or_circuit_t *circ,