Commit d1b9de22 authored by Roger Dingledine's avatar Roger Dingledine
Browse files

cleanups, closer to a changelog


svn:r8606
parent b6e590a1
Changes in version 0.1.2.2-alpha - 2006-10-?? Changes in version 0.1.2.2-alpha - 2006-10-??
o Major features: o Major features:
- Make our async eventdns library on-by-default for Tor servers,
and plan to deprecate using separate dnsworker threads. Let us
know if you encounter bugs.
- Add server-side support for "reverse" DNS lookups (using PTR - Add server-side support for "reverse" DNS lookups (using PTR
records so clients can determine the canonical hostname for a given records so clients can determine the canonical hostname for a given
IPv4 address). Only supported by servers using our eventdns async IPv4 address). Only supported by servers using eventdns; servers
library; servers now announce in their descriptors whether they now announce in their descriptors whether they support eventdns.
support eventdns.
- Specify and implement client-side SOCKS5 interface for reverse DNS - Specify and implement client-side SOCKS5 interface for reverse DNS
lookups; see doc/socks-extensions.txt for full information. lookups; see doc/socks-extensions.txt for full information.
- Add a BEGIN_DIR relay cell type for an easier in-protocol way to - Add a BEGIN_DIR relay cell type for an easier in-protocol way to
connect to directory servers through Tor. Previously, clients connect to directory servers through Tor. Previously, clients needed
could only connect to directory servers over Tor from exit nodes. to find Tor exits to make private connections to directory servers.
- Avoid choosing Exit nodes for entry or middle hops when the
o Minor features: total bandwidth available from non-Exit nodes is much higher than
- Check for name servers (like Earthlink's) that hijack failing DNS the total bandwidth available from Exit nodes.
requests and replace the no-such-server answer with a "helpful" - Workaround for name servers (like Earthlink's) that hijack failing
DNS requests and replace the no-such-server answer with a "helpful"
redirect to an advertising-driven search portal. We're a little redirect to an advertising-driven search portal. We're a little
clever about this, in order to work around DNS hijackers who clever about this, in order to work around DNS hijackers who
"helpfully" decline to hijack known-invalid RFC2606 addresses. "helpfully" decline to hijack known-invalid RFC2606 addresses.
Config option "ServerDNSDetectHijacking 0" lets you turn it off. Config option "ServerDNSDetectHijacking 0" lets you turn it off.
- When asked to resolve a hostname, don't use non-exit servers unless - Send out a burst of long-range padding cells once we've established
requested to do so. This allows servers with broken DNS to be that we're reachable. Spread them over 4 circuits, so hopefully
useful to the network. a few will be fast. This exercises our bandwidth and bootstraps
us into the directory quicker.
o New/improved config options:
- Add new config option "ResolvConf" to let the server operator
choose an alternate resolve.conf file.
- Add an "EnforceDistinctSubnets" option to control our "exclude - Add an "EnforceDistinctSubnets" option to control our "exclude
servers on the same /16" behavior. It's still on by default; this servers on the same /16" behavior. It's still on by default; this
is mostly for people who want to operate private test networks with is mostly for people who want to operate private test networks with
...@@ -34,39 +42,43 @@ Changes in version 0.1.2.2-alpha - 2006-10-?? ...@@ -34,39 +42,43 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
as hidden service directories, to make it easier to retire old as hidden service directories, to make it easier to retire old
authorities. V1 authorities should set "HSAuthoritativeDir 1" authorities. V1 authorities should set "HSAuthoritativeDir 1"
to continue being hidden service authorities too. to continue being hidden service authorities too.
- Remove 8888 as a LongLivedPort, and add 6697 (IRCS).
o Minor features, controller:
- Fix CIRC controller events so that controllers can learn the
identity digests of non-Named servers used in circuit paths.
- Give more meaningful errors on control authentication failure.
- Add an (off by default) feature so that controllers can get
more useful identifiers for servers. Instead of learning identity
digests for un-Named servers and nicknames for Named servers,
the new identifiers include digest, nickname, and indication of
Named status. See control-spec.txt for more information.
- Add a "getinfo address" controller command so it can display Tor's
best guess to the user.
o Minor features, other:
- When asked to resolve a hostname, don't use non-exit servers unless
requested to do so. This allows servers with broken DNS to be
useful to the network.
- Divide eventdns log messages into warn and info messages.
- Reserve the nickname "Unnamed" for routers that can't pick - Reserve the nickname "Unnamed" for routers that can't pick
a hostname; any router can call itself Unnamed; directory a hostname; any router can call itself Unnamed; directory
authorities will never allocate Unnamed to any particular router; authorities will never allocate Unnamed to any particular router;
clients won't believe that any router is the canonical Unnamed. clients won't believe that any router is the canonical Unnamed.
- New controller event to alert the controller when our server
descriptor has changed.
- Only include function names in log messages for debugging messages; - Only include function names in log messages for debugging messages;
in other cases, the content of the message should be clear on its in other cases, the content of the message should be clear on its
own, and including the function name only seems to confuse users. own, and including the function name only seems to confuse users.
- Fix CIRC controller events so that controllers can learn the
identity digests of non-Named servers used in circuit paths.
- Avoid choosing Exit nodes for entry or middle hops when the
bandwidth available in non-Exit nodes is much higher than the
bandwidth available in Exit nodes.
- Give more meaningful errors on control authentication failure.
- Avoid possibility of controller-triggered crash when misusing certain
commands from a v0 controller on platforms that do not handle
printf("%s",NULL) gracefully.
- Avoid some false positives during reachability testing: don't try - Avoid some false positives during reachability testing: don't try
to test via a server that's on the same /24 as us. to test via a server that's on the same /24 as us.
- Avoid controller-triggered crash when misusing certain commands - New controller event to alert the controller when our server
from a v0 controller on platforms that do not handle descriptor has changed.
printf("%s",NULL) gracefully. - If we fail to build a circuit to an intended enclave, and it's
- Add an (off by default) feature so that controllers can get more useful not mandatory that we use that enclave, stop wanting it.
identifiers for servers. Instead of learning identity digests for
un-Named servers and nicknames for Named servers, the new identifiers
include digest, nickname, and indication of Named status. See
control-spec.txt for more information.
o Security Fixes, minor: o Major bugfixes, anonymity/security:
- If a client asked for a server by name, and there's a named server - If a client asked for a server by name, and there's a named server
in our network-status but we don't have its descriptor yet, we in our network-status but we don't have its descriptor yet, we
would return an unnamed one instead. could return an unnamed one instead.
- Fix NetBSD bug that could allow someone to force uninitialized RAM - Fix NetBSD bug that could allow someone to force uninitialized RAM
to be sent to a server's DNS resolver. This only affects NetBSD to be sent to a server's DNS resolver. This only affects NetBSD
and other platforms that do not bounds-check tolower(). and other platforms that do not bounds-check tolower().
...@@ -77,94 +89,93 @@ Changes in version 0.1.2.2-alpha - 2006-10-?? ...@@ -77,94 +89,93 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
able to remotely teach you about hidden service descriptors. Now able to remotely teach you about hidden service descriptors. Now
only accept rendezvous posts if you've got HSAuthoritativeDir set. only accept rendezvous posts if you've got HSAuthoritativeDir set.
o Major bugfixes: o Major bugfixes, other:
- Avoiding crashing on race condition in dns.c: - Avoiding crashing on race condition in dns.c:
tor_assert(!resolve->expire) tor_assert(!resolve->expire)
- When a client asks the server to resolve (not connect to) - When a client asks the server to resolve (not connect to)
an address, and it has a cached answer, give them the cached answer. an address, and it has a cached answer, give them the cached answer.
Previously, the server would give them no answer at all. Previously, the server would give them no answer at all.
- Allow really slow clients to not hang up five minutes into their
o Minor Bugfixes: directory downloads (suggested by Adam J. Richter).
- When testing reachability of our dirport, don't launch a new
test if there's already one in progress.
- Two small performance improvements on parsing descriptors.
- We were building exactly the wrong circuits when we anticipated - We were building exactly the wrong circuits when we anticipated
hidden service requirements, meaning Tor would have to build all hidden service requirements, meaning Tor would have to build all
its circuits on demand. its circuits on demand.
- Major performance improvement on inserting descriptors: change - Avoid crashing when we mmap a router cache file of size 0.
algorithm from O(n^2) to O(n). - When testing reachability of our DirPort, don't launch new
- Make the common memory allocation path faster on machines where tests when there's already one in progress -- unreachable
malloc(0) returns a pointer. servers were stacking up dozens of testing streams.
o Minor bugfixes, correctness:
- If we're a directory mirror and we ask for "all" network status
documents, we would discard status documents from authorities
we don't recognize.
- Avoid a memory corruption bug when creating a hash table for
the first time.
- Avoid controller-triggered crash when misusing certain commands
from a v0 controller on platforms that do not handle
printf("%s",NULL) gracefully.
- Don't crash when the controller receives a third argument to an
"extendcircuit" request.
- Controller protocol fixes: fix encoding in "getinfo addr-mappings"
response; fix error code when "getinfo dir/status/" fails.
- Avoid crash when telling controller stream-status and a stream
is detached.
- Apply patch from Adam Langley: fix assert() in eventdns.c.
- Fix a debug log message in eventdns to say "X resolved to Y" - Fix a debug log message in eventdns to say "X resolved to Y"
instead of "X resolved to X". instead of "X resolved to X".
- Make eventdns give strings for DNS errors, not just error numbers.
- Track unreachable entry guards correctly: don't conflate
'unreachable by us right now' with 'listed as down by the directory
authorities'. With the old code, if a guard was unreachable by
us but listed as running, it would clog our guard list forever.
- Behave correctly in case we ever have a network with more than
2GB per second total advertised capacity.
- Make TrackExitHosts case-insensitive, and fix the behavior of
".suffix" TrackExitHosts items to avoid matching in the middle of
an address.
- Finally fix the openssl warnings from newer gccs that believe that
ignoring a return value is okay, but casting a return value and
then ignoring it is a sign of madness.
- Prevent the contrib/exitlist script from printing the same - Prevent the contrib/exitlist script from printing the same
result more than once. result more than once.
- Patch from Steve Hildrey: Generate network status correctly on
non-versioning dirservers.
o Minor bugfixes, performance:
- Two small performance improvements on parsing descriptors.
- Major performance improvement on inserting descriptors: change
algorithm from O(n^2) to O(n).
- Make the common memory allocation path faster on machines where
malloc(0) returns a pointer.
- Start remembering X-Your-Address-Is directory hints even if you're
a client, so you can become a server more smoothly.
- Avoid duplicate entries on MyFamily line in server descriptor.
o Packaging, features:
- Remove architecture from OS X builds. The official builds are
now universal binaries.
- The Debian package now uses --verify-config when (re)starting,
to distinguish configuration errors from other errors.
- Update RPMs to require libevent 1.1b.
o Packaging, bugfixes:
- Patches so Tor builds with MinGW on Windows.
- Patches so Tor might build and run on Cygwin again.
- Resume building on non-gcc compilers and ancient gcc. Resume - Resume building on non-gcc compilers and ancient gcc. Resume
building with the -O0 compile flag. Resume building cleanly on building with the -O0 compile flag. Resume building cleanly on
Debian woody. Debian woody.
- Correct includes for net/if.h and net/pfvar.h on OpenBSD (from Tup). - Correct includes for net/if.h and net/pfvar.h on OpenBSD (from Tup).
- Improve Tor's chances of building and running on Cygwin again.
- If we're a directory mirror and we ask for "all" network status
documents, we would discard status documents from authorities
we don't recognize.
- Avoid a memory corruption bug when creating a hash table for the first
time.
- Track unreachable entry guards correctly: don't conflate 'unreachable
by us right now' with 'listed as down by the directory authorities'.
With the old code, if a guard was unreachable by us but listed as
running, it would clog our guard list forever.
- Make eventdns give strings for DNS errors, not just error numbers.
- Be prepared in case we ever have a network with more than 2GB per
second total advertised capacity.
- Make TrackExitHosts case-insensitive, and fix the behavior of .suffix
TrackExitHosts items to avoid matching in the middle of an address.
- Add autoconf checks so Tor can build on Solaris x86 again. - Add autoconf checks so Tor can build on Solaris x86 again.
o Documentation o Documentation
- Documented (and renamed) ServerDNSSearchDomains and - Documented (and renamed) ServerDNSSearchDomains and
ServerDNSResolvConfFile options. ServerDNSResolvConfFile options.
- Be clearer that the *ListenAddress directives can be repeated
multiple times.
o Packaging: (stopped at r8519)
- Patches so Tor builds with MinGW on Windows. - Build correctly for use on OS X platforms with case-sensitive
- The Debian package now uses --verify-config when (re)starting, filesystems.
to distinguish configuration errors from other errors.
- Update rpms to require libevent 1.1b.
- Remove architecture from OS X builds. The official builds are
now universal binaries.
- Make eventdns on-by-default.
- Divide eventdns log messages into warn and info messages.
- Add new config option "ResolvConf" to let the server operator
choose an alternate resolve.conf file.
- Allow really slow clients to not hang up five minutes into their
directory downloads (suggested by Adam J. Richter).
- Apply patch from Adam Langley: fix assert() in eventdns.c.
- Finally fix the openssl warnings with newer gccs that believe that
ignoring a return value is okay, but casting a return value and
then ignoring it is a sign of madness.
- Don't crash when the controller receives a third argument to an
"extendcircuit" request.
- Add a "getinfo address" controller command.
- Controller protocol fixes: fix encoding in "getinfo addr-mappings"
response; fix error code when "getinfo dir/status/" fails.
- Start remembering X-Your-Address-Is directory hints even if you're
a client, so you can become a server more smoothly.
- Avoid crash when telling controller stream-status and a stream
is detached.
- Avoid crashing when we mmap a router cache file of size 0.
- Avoid duplicate entries on MyFamily line in server descriptor.
- Patch from Steve Hildrey: Generate network status correctly on
non-versioning dirservers.
- Send out a burst of long-range drop cells after we've established
that we're reachable. Spread them over 4 circuits, so hopefully
a few will be fast. This exercises our bandwidth and bootstraps
us quicker.
- Remove 8888 as a long lived port, and add 6697 (ircs).
- If we fail to build a circuit to an intended enclave, and it's
not mandatory that we use that enclave, stop wanting it.
(stopped at r8478)
Changes in version 0.1.2.1-alpha - 2006-08-27 Changes in version 0.1.2.1-alpha - 2006-08-27
......
...@@ -322,6 +322,9 @@ Deferred from 0.1.2.x: ...@@ -322,6 +322,9 @@ Deferred from 0.1.2.x:
- Implement - Implement
Minor items for 0.1.2.x as time permits: Minor items for 0.1.2.x as time permits:
- The Debian package now uses --verify-config when (re)starting,
to distinguish configuration errors from other errors. Perhaps
the RPM and other startup scripts should too?
- add a "default.action" file to the tor/vidalia bundle so we can fix the - add a "default.action" file to the tor/vidalia bundle so we can fix the
https thing in the default configuration: https thing in the default configuration:
http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#PrivoxyWeirdSSLPort http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#PrivoxyWeirdSSLPort
......
...@@ -1041,8 +1041,8 @@ connection_dir_client_reached_eof(dir_connection_t *conn) ...@@ -1041,8 +1041,8 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
} else { } else {
/* Can we even end up here? -- weasel*/ /* Can we even end up here? -- weasel*/
source = NS_FROM_DIR_BY_FP; source = NS_FROM_DIR_BY_FP;
log_warn(LD_BUG, "we received a networkstatus but we didn't ask " log_warn(LD_BUG, "We received a networkstatus but we didn't ask "
"for it by fp/ nor did we ask for all."); "for it by fp, nor did we ask for all.");
} }
cp = body; cp = body;
while (*cp) { while (*cp) {
......
...@@ -385,12 +385,13 @@ purge_expired_resolves(time_t now) ...@@ -385,12 +385,13 @@ purge_expired_resolves(time_t now)
assert_cache_ok(); assert_cache_ok();
} }
/** Send a response to the RESOLVE request of a connection. answer_type must /** Send a response to the RESOLVE request of a connection.
* be one of RESOLVED_TYPE_(IPV4|ERROR|ERROR_TRANSIENT) * <b>answer_type</b> must be one of
* RESOLVED_TYPE_(IPV4|ERROR|ERROR_TRANSIENT).
* *
* If <b>circ</b> is provided, and we have a cached answer, send the * If <b>circ</b> is provided, and we have a cached answer, send the
* answer back along circ; otherwise, send the answer back along * * answer back along circ; otherwise, send the answer back along
* <b>exitconn</b>'s attached circuit. * <b>conn</b>'s attached circuit.
*/ */
static void static void
send_resolved_cell(edge_connection_t *conn, or_circuit_t *circ, send_resolved_cell(edge_connection_t *conn, or_circuit_t *circ,
...@@ -446,7 +447,7 @@ send_resolved_cell(edge_connection_t *conn, or_circuit_t *circ, ...@@ -446,7 +447,7 @@ send_resolved_cell(edge_connection_t *conn, or_circuit_t *circ,
* *
* If <b>circ</b> is provided, and we have a cached answer, send the * If <b>circ</b> is provided, and we have a cached answer, send the
* answer back along circ; otherwise, send the answer back along * answer back along circ; otherwise, send the answer back along
* <b>exitconn</b>'s attached circuit. * <b>conn</b>'s attached circuit.
*/ */
static void static void
send_resolved_hostname_cell(edge_connection_t *conn, or_circuit_t *circ, send_resolved_hostname_cell(edge_connection_t *conn, or_circuit_t *circ,
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment