Commit d1b9de22 authored by Roger Dingledine's avatar Roger Dingledine
Browse files

cleanups, closer to a changelog


svn:r8606
parent b6e590a1
Changes in version 0.1.2.2-alpha - 2006-10-??
o Major features:
- Make our async eventdns library on-by-default for Tor servers,
and plan to deprecate using separate dnsworker threads. Let us
know if you encounter bugs.
- Add server-side support for "reverse" DNS lookups (using PTR
records so clients can determine the canonical hostname for a given
IPv4 address). Only supported by servers using our eventdns async
library; servers now announce in their descriptors whether they
support eventdns.
IPv4 address). Only supported by servers using eventdns; servers
now announce in their descriptors whether they support eventdns.
- Specify and implement client-side SOCKS5 interface for reverse DNS
lookups; see doc/socks-extensions.txt for full information.
- Add a BEGIN_DIR relay cell type for an easier in-protocol way to
connect to directory servers through Tor. Previously, clients
could only connect to directory servers over Tor from exit nodes.
o Minor features:
- Check for name servers (like Earthlink's) that hijack failing DNS
requests and replace the no-such-server answer with a "helpful"
connect to directory servers through Tor. Previously, clients needed
to find Tor exits to make private connections to directory servers.
- Avoid choosing Exit nodes for entry or middle hops when the
total bandwidth available from non-Exit nodes is much higher than
the total bandwidth available from Exit nodes.
- Workaround for name servers (like Earthlink's) that hijack failing
DNS requests and replace the no-such-server answer with a "helpful"
redirect to an advertising-driven search portal. We're a little
clever about this, in order to work around DNS hijackers who
"helpfully" decline to hijack known-invalid RFC2606 addresses.
Config option "ServerDNSDetectHijacking 0" lets you turn it off.
- When asked to resolve a hostname, don't use non-exit servers unless
requested to do so. This allows servers with broken DNS to be
useful to the network.
- Send out a burst of long-range padding cells once we've established
that we're reachable. Spread them over 4 circuits, so hopefully
a few will be fast. This exercises our bandwidth and bootstraps
us into the directory quicker.
o New/improved config options:
- Add new config option "ResolvConf" to let the server operator
choose an alternate resolve.conf file.
- Add an "EnforceDistinctSubnets" option to control our "exclude
servers on the same /16" behavior. It's still on by default; this
is mostly for people who want to operate private test networks with
......@@ -34,39 +42,43 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
as hidden service directories, to make it easier to retire old
authorities. V1 authorities should set "HSAuthoritativeDir 1"
to continue being hidden service authorities too.
- Remove 8888 as a LongLivedPort, and add 6697 (IRCS).
o Minor features, controller:
- Fix CIRC controller events so that controllers can learn the
identity digests of non-Named servers used in circuit paths.
- Give more meaningful errors on control authentication failure.
- Add an (off by default) feature so that controllers can get
more useful identifiers for servers. Instead of learning identity
digests for un-Named servers and nicknames for Named servers,
the new identifiers include digest, nickname, and indication of
Named status. See control-spec.txt for more information.
- Add a "getinfo address" controller command so it can display Tor's
best guess to the user.
o Minor features, other:
- When asked to resolve a hostname, don't use non-exit servers unless
requested to do so. This allows servers with broken DNS to be
useful to the network.
- Divide eventdns log messages into warn and info messages.
- Reserve the nickname "Unnamed" for routers that can't pick
a hostname; any router can call itself Unnamed; directory
authorities will never allocate Unnamed to any particular router;
clients won't believe that any router is the canonical Unnamed.
- New controller event to alert the controller when our server
descriptor has changed.
- Only include function names in log messages for debugging messages;
in other cases, the content of the message should be clear on its
own, and including the function name only seems to confuse users.
- Fix CIRC controller events so that controllers can learn the
identity digests of non-Named servers used in circuit paths.
- Avoid choosing Exit nodes for entry or middle hops when the
bandwidth available in non-Exit nodes is much higher than the
bandwidth available in Exit nodes.
- Give more meaningful errors on control authentication failure.
- Avoid possibility of controller-triggered crash when misusing certain
commands from a v0 controller on platforms that do not handle
printf("%s",NULL) gracefully.
- Avoid some false positives during reachability testing: don't try
to test via a server that's on the same /24 as us.
- Avoid controller-triggered crash when misusing certain commands
from a v0 controller on platforms that do not handle
printf("%s",NULL) gracefully.
- Add an (off by default) feature so that controllers can get more useful
identifiers for servers. Instead of learning identity digests for
un-Named servers and nicknames for Named servers, the new identifiers
include digest, nickname, and indication of Named status. See
control-spec.txt for more information.
- New controller event to alert the controller when our server
descriptor has changed.
- If we fail to build a circuit to an intended enclave, and it's
not mandatory that we use that enclave, stop wanting it.
o Security Fixes, minor:
o Major bugfixes, anonymity/security:
- If a client asked for a server by name, and there's a named server
in our network-status but we don't have its descriptor yet, we
would return an unnamed one instead.
could return an unnamed one instead.
- Fix NetBSD bug that could allow someone to force uninitialized RAM
to be sent to a server's DNS resolver. This only affects NetBSD
and other platforms that do not bounds-check tolower().
......@@ -77,94 +89,93 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
able to remotely teach you about hidden service descriptors. Now
only accept rendezvous posts if you've got HSAuthoritativeDir set.
o Major bugfixes:
o Major bugfixes, other:
- Avoiding crashing on race condition in dns.c:
tor_assert(!resolve->expire)
- When a client asks the server to resolve (not connect to)
an address, and it has a cached answer, give them the cached answer.
Previously, the server would give them no answer at all.
o Minor Bugfixes:
- When testing reachability of our dirport, don't launch a new
test if there's already one in progress.
- Two small performance improvements on parsing descriptors.
- Allow really slow clients to not hang up five minutes into their
directory downloads (suggested by Adam J. Richter).
- We were building exactly the wrong circuits when we anticipated
hidden service requirements, meaning Tor would have to build all
its circuits on demand.
- Major performance improvement on inserting descriptors: change
algorithm from O(n^2) to O(n).
- Make the common memory allocation path faster on machines where
malloc(0) returns a pointer.
- Avoid crashing when we mmap a router cache file of size 0.
- When testing reachability of our DirPort, don't launch new
tests when there's already one in progress -- unreachable
servers were stacking up dozens of testing streams.
o Minor bugfixes, correctness:
- If we're a directory mirror and we ask for "all" network status
documents, we would discard status documents from authorities
we don't recognize.
- Avoid a memory corruption bug when creating a hash table for
the first time.
- Avoid controller-triggered crash when misusing certain commands
from a v0 controller on platforms that do not handle
printf("%s",NULL) gracefully.
- Don't crash when the controller receives a third argument to an
"extendcircuit" request.
- Controller protocol fixes: fix encoding in "getinfo addr-mappings"
response; fix error code when "getinfo dir/status/" fails.
- Avoid crash when telling controller stream-status and a stream
is detached.
- Apply patch from Adam Langley: fix assert() in eventdns.c.
- Fix a debug log message in eventdns to say "X resolved to Y"
instead of "X resolved to X".
- Make eventdns give strings for DNS errors, not just error numbers.
- Track unreachable entry guards correctly: don't conflate
'unreachable by us right now' with 'listed as down by the directory
authorities'. With the old code, if a guard was unreachable by
us but listed as running, it would clog our guard list forever.
- Behave correctly in case we ever have a network with more than
2GB per second total advertised capacity.
- Make TrackExitHosts case-insensitive, and fix the behavior of
".suffix" TrackExitHosts items to avoid matching in the middle of
an address.
- Finally fix the openssl warnings from newer gccs that believe that
ignoring a return value is okay, but casting a return value and
then ignoring it is a sign of madness.
- Prevent the contrib/exitlist script from printing the same
result more than once.
- Patch from Steve Hildrey: Generate network status correctly on
non-versioning dirservers.
o Minor bugfixes, performance:
- Two small performance improvements on parsing descriptors.
- Major performance improvement on inserting descriptors: change
algorithm from O(n^2) to O(n).
- Make the common memory allocation path faster on machines where
malloc(0) returns a pointer.
- Start remembering X-Your-Address-Is directory hints even if you're
a client, so you can become a server more smoothly.
- Avoid duplicate entries on MyFamily line in server descriptor.
o Packaging, features:
- Remove architecture from OS X builds. The official builds are
now universal binaries.
- The Debian package now uses --verify-config when (re)starting,
to distinguish configuration errors from other errors.
- Update RPMs to require libevent 1.1b.
o Packaging, bugfixes:
- Patches so Tor builds with MinGW on Windows.
- Patches so Tor might build and run on Cygwin again.
- Resume building on non-gcc compilers and ancient gcc. Resume
building with the -O0 compile flag. Resume building cleanly on
Debian woody.
- Correct includes for net/if.h and net/pfvar.h on OpenBSD (from Tup).
- Improve Tor's chances of building and running on Cygwin again.
- If we're a directory mirror and we ask for "all" network status
documents, we would discard status documents from authorities
we don't recognize.
- Avoid a memory corruption bug when creating a hash table for the first
time.
- Track unreachable entry guards correctly: don't conflate 'unreachable
by us right now' with 'listed as down by the directory authorities'.
With the old code, if a guard was unreachable by us but listed as
running, it would clog our guard list forever.
- Make eventdns give strings for DNS errors, not just error numbers.
- Be prepared in case we ever have a network with more than 2GB per
second total advertised capacity.
- Make TrackExitHosts case-insensitive, and fix the behavior of .suffix
TrackExitHosts items to avoid matching in the middle of an address.
- Add autoconf checks so Tor can build on Solaris x86 again.
o Documentation
- Documented (and renamed) ServerDNSSearchDomains and
ServerDNSResolvConfFile options.
- Be clearer that the *ListenAddress directives can be repeated
multiple times.
o Packaging:
- Patches so Tor builds with MinGW on Windows.
- The Debian package now uses --verify-config when (re)starting,
to distinguish configuration errors from other errors.
- Update rpms to require libevent 1.1b.
- Remove architecture from OS X builds. The official builds are
now universal binaries.
- Make eventdns on-by-default.
- Divide eventdns log messages into warn and info messages.
- Add new config option "ResolvConf" to let the server operator
choose an alternate resolve.conf file.
- Allow really slow clients to not hang up five minutes into their
directory downloads (suggested by Adam J. Richter).
- Apply patch from Adam Langley: fix assert() in eventdns.c.
- Finally fix the openssl warnings with newer gccs that believe that
ignoring a return value is okay, but casting a return value and
then ignoring it is a sign of madness.
- Don't crash when the controller receives a third argument to an
"extendcircuit" request.
- Add a "getinfo address" controller command.
- Controller protocol fixes: fix encoding in "getinfo addr-mappings"
response; fix error code when "getinfo dir/status/" fails.
- Start remembering X-Your-Address-Is directory hints even if you're
a client, so you can become a server more smoothly.
- Avoid crash when telling controller stream-status and a stream
is detached.
- Avoid crashing when we mmap a router cache file of size 0.
- Avoid duplicate entries on MyFamily line in server descriptor.
- Patch from Steve Hildrey: Generate network status correctly on
non-versioning dirservers.
- Send out a burst of long-range drop cells after we've established
that we're reachable. Spread them over 4 circuits, so hopefully
a few will be fast. This exercises our bandwidth and bootstraps
us quicker.
- Remove 8888 as a long lived port, and add 6697 (ircs).
- If we fail to build a circuit to an intended enclave, and it's
not mandatory that we use that enclave, stop wanting it.
(stopped at r8478)
(stopped at r8519)
- Build correctly for use on OS X platforms with case-sensitive
filesystems.
Changes in version 0.1.2.1-alpha - 2006-08-27
......
......@@ -322,6 +322,9 @@ Deferred from 0.1.2.x:
- Implement
Minor items for 0.1.2.x as time permits:
- The Debian package now uses --verify-config when (re)starting,
to distinguish configuration errors from other errors. Perhaps
the RPM and other startup scripts should too?
- add a "default.action" file to the tor/vidalia bundle so we can fix the
https thing in the default configuration:
http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#PrivoxyWeirdSSLPort
......
......@@ -1041,8 +1041,8 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
} else {
/* Can we even end up here? -- weasel*/
source = NS_FROM_DIR_BY_FP;
log_warn(LD_BUG, "we received a networkstatus but we didn't ask "
"for it by fp/ nor did we ask for all.");
log_warn(LD_BUG, "We received a networkstatus but we didn't ask "
"for it by fp, nor did we ask for all.");
}
cp = body;
while (*cp) {
......
......@@ -385,12 +385,13 @@ purge_expired_resolves(time_t now)
assert_cache_ok();
}
/** Send a response to the RESOLVE request of a connection. answer_type must
* be one of RESOLVED_TYPE_(IPV4|ERROR|ERROR_TRANSIENT)
/** Send a response to the RESOLVE request of a connection.
* <b>answer_type</b> must be one of
* RESOLVED_TYPE_(IPV4|ERROR|ERROR_TRANSIENT).
*
* If <b>circ</b> is provided, and we have a cached answer, send the
* answer back along circ; otherwise, send the answer back along *
* <b>exitconn</b>'s attached circuit.
* answer back along circ; otherwise, send the answer back along
* <b>conn</b>'s attached circuit.
*/
static void
send_resolved_cell(edge_connection_t *conn, or_circuit_t *circ,
......@@ -446,7 +447,7 @@ send_resolved_cell(edge_connection_t *conn, or_circuit_t *circ,
*
* If <b>circ</b> is provided, and we have a cached answer, send the
* answer back along circ; otherwise, send the answer back along
* <b>exitconn</b>'s attached circuit.
* <b>conn</b>'s attached circuit.
*/
static void
send_resolved_hostname_cell(edge_connection_t *conn, or_circuit_t *circ,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment