Commit a522e949 authored by Nick Mathewson's avatar Nick Mathewson 🥔
Browse files

Sort the 0.2.5.3-alpha changelog a little

parent 6b5ef388
Loading
Loading
Loading
Loading
+57 −112
Original line number Diff line number Diff line
@@ -5,32 +5,38 @@ Changes in version 0.2.5.3-alpha - 2014-03-??
      conditions. Rename MaxMemInCellQueues to MaxMemInQueues. Fixes
      bug 10169.
  o Minor bugfixes:
    - Exit immediately when exiting because of dropped connection from
      a process-owning controller. Previously, if we were running in
      server mode, we would wait for a little while as in the when we
      got an INT signal--but this was problematic, since there was no
      feedback for the user. Controllers that want to do a clean
      shutdown should send an INT signal, and let the user know what's
      going on. Fix for bug 10449; bugfix on 0.2.2.28-beta.
  o Minor bugfixes:
    - Log an improved message when excluding hidden service directory
      nodes prevents a hidden service from working.
      Improves on our fix for bug #10722, which was a bugfix on
      0.2.0.10-alpha.
  o Removed code
    - Remove all code for hidden service authorities to accept and serve
      version 0 descriptors and left-over code for hidden services and
      hidden service clients to upload and fetch version 0 descriptors.
      Version 0 descriptors are not in use anymore since 0.2.2.1-alpha.
      Fixes the rest of bug 10841.
  o Minor features:
    - Bridges write the SHA1 digest of their identity key fingerprint to
      notice-level logs and to hashed-fingerprint, so that bridge
      operators can look up their bridge in Globe and similar tools.
    - Improve the message that gets displayed when Tor as a bridge is
      using pluggable transports but doesn't have an Extended ORPort
      listener. Furthermore, we now log the message in the log file
      too. Resolves ticket 11043.
    - Warn the user if they put any ports in the SocksPolicy,
      DirPolicy, AuthDirReject, AuthDirInvalid, AuthDirBadDir, or
      AuthDirBadExit options. Fixes ticket #11108.
    - Don't log at warning severity when we refuse to launch a
      pluggable transport proxy that we don't need. Resolves ticket
      5018; bugfix on 0.2.5.2-alpha.
    - Update geoip and geoip6 to the February 7 2014 Maxmind GeoLite2 Country
      database.
    - Decrease the lower limit of MaxMemInQueues to 256 MBytes, to
      appease raspberry pi users. Fixes bug 9686.
    - Avoid hash-flooding denial-of-service attacks by using the secure
      SipHash-2-4 hash function for our hashtables.  Without this
      feature, an attacker could degrade performance of a targeted
      client or server by flooding their data structures with a large
      number of data entries all calculated to be stored at the same
      hash table position, thereby degrading hash table
      performance. With this feature, hash table positions are derived
      from a randomized cryptographic key using SipHash-2-4, and an
      attacker cannot predict which entries will collide.
      Closes ticket 4900.
    - Made PREDICTED_CIRCS_RELEVANCE_TIME configurable from config
      file with a new option, PredictedPortsRelevanceTime. Implements
      ticket #9176. Patch by unixninja92.
    - Update to the latest version of tinytest.
  o Minor bugfixes (new since 0.2.5.2-alpha, also in 0.2.4.21):
    - Build without warnings under clang 3.4. (We have some macros that
@@ -41,25 +47,26 @@ Changes in version 0.2.5.3-alpha - 2014-03-??
      manpages from scratch on OpenBSD; OpenBSD calls it "a2x.py".
      Fixes bug 10929; bugfix on 0.2.2.9-alpha. Patch from Dana Koch.
  o Minor bugfixes (unit tests);
  o Minor bugfixes:
    - Exit immediately when exiting because of dropped connection from
      a process-owning controller. Previously, if we were running in
      server mode, we would wait for a little while as in the when we
      got an INT signal--but this was problematic, since there was no
      feedback for the user. Controllers that want to do a clean
      shutdown should send an INT signal, and let the user know what's
      going on. Fix for bug 10449; bugfix on 0.2.2.28-beta.
    - Log an improved message when excluding hidden service directory
      nodes prevents a hidden service from working.
      Improves on our fix for bug #10722, which was a bugfix on
      0.2.0.10-alpha.
    - Fix a small bug in the unit tests that might have made the tests
      call 'chmod' with an uninitialized bitmask.
      Fixes bug 10928; bugfix on 0.2.5.1-alpha. Patch from Dana Koch.
  o Minor bugfixes
    - Fix IPv6 support when using the SocksPort with SOCKS5. Using IPv6
      through a SOCKS5 using the SocksPort option will now work with
      this fix. This part of the code has never been updated to support
      IPv6 thus this does not fix a previously introduced regression.
      Fixes bug 10987; bugfix on 0.2.4.7-alpha.
  o Minor features (log messages):
    - Improve the message that gets displayed when Tor as a bridge is
      using pluggable transports but doesn't have an Extended ORPort
      listener. Furthermore, we now log the message in the log file
      too. Resolves ticket 11043.
  o Minor bugfixes:
    - Build using the -fasynchronous-unwind-tables option so that more
      platforms (in particular, ones like 32-bit Intel where the
      -fomit-frame-pointer option is on by default and table
@@ -67,126 +74,64 @@ Changes in version 0.2.5.3-alpha - 2014-03-??
      doesn't yet add Windows support yet; only Linux, OSX, and some BSD
      are affected. Reported by 'cypherpunks'; fixes bug 11047; bugfix
      on 0.2.5.2-alpha.
  o Minor bugfixes:
    - Avoid strange behavior if two threads hit failed asswertions
      at the same time and both try to log backtraces at
      once. (Previously, if this had happened, both threads would
      have stored their intermediate results in the same buffer, and
      generated junk outputs.) Reported by "cypherpunks". Fixes bug
      11048; bugfix on 0.2.5.2-alpha.
  o Minor bugfixes (clients):
    - Fix tor so that it raises a control port warning when we fail to
      connect to all of our bridges. Fixes bug 11069; bugfix on
      tor-0.2.1.2-alpha.
  o Minor features:
    - Warn the user if they put any ports in the SocksPolicy,
      DirPolicy, AuthDirReject, AuthDirInvalid, AuthDirBadDir, or
      AuthDirBadExit options. Fixes ticket #11108.
  o Documentation:
    - Explain that SocksPolicy, DirPolicy, and their allies don't take
      port arguments. Fixes ticket #11108.
  o Documentation:
    - Fix the max client name length in the manpage's description of
      HiddenServiceAuthorizeClient description: it should have been
      16, not 19. Fixes bug 11118; bugfix on 0.2.1.6-alpha.
  o Minor bugfixes (clients):
    - Fix a bug where we would attempt to connect to bridges before
      our pluggable transports were configured, which resulted in some
      erroneous log messages. Fixes bug 11156; bugfix on
      0.2.3.2-alpha.
  o Minor features:
    - Don't log at warning severity when we refuse to launch a
      pluggable transport proxy that we don't need. Resolves ticket
      5018; bugfix on 0.2.5.2-alpha.
  o Minor bugfixes:
    - Bridges now never collect statistics that were designed for relays.
      Fix for bug 5824; bugfix on 0.2.3.8-alpha.
  o Minor bugfixes:
    - Bridges now report complete directory request statistics. Related to
      bug 5824; bugfix on 0.2.2.1-alpha.
  o Minor bugfixes:
    - Avoid crashing on a malformed resolv.conf file when running a
      server using Libevent 1. Fixes bug 8788; bugfix on 0.1.1.23.
  o Minor bugfixes (testing):
    - Improve the tinytest implementation of string operation tests
      so that comparisons NULL strings no longer crash the tests;
      they now just fail, normally. Fixes bug 9004; bugfix on
      0.2.2.4-alpha.
  o Minor bugfixes:
    - Fix a comment about the rend_server_descriptor_t.protocols field
      to more accurately describe its range. Also, make that
      field unsigned, to more accurately reflect its usage.
      Fixes bug 9099; bugfix on 0.2.1.5-alpha.
  o Documentation:
    - Document in the manpage that "KBytes" may also be written as
      "kilobytes" or "KB", that "Kbits" may also be written as
      "kilobits", and so forth. Closes ticket #9222.
  o Minor bugfixes:
    - Give the correct URL in the warning message that we present
      when the user is trying to run a Tor relay on an ancient version
      of Windows. Fixes bug 9393.
  o Minor bugfixes:
    - Non-exit servers no longer launch mock DNS requests to check for
      DNS hijacking.  This has been unnecessary since 0.2.1.7-alpha,
      when non-exit servers stopped servicing DNS requests. Fixes bug
      965; bugfix on 0.2.1.7-alpha. Patch from Matt Pagan.
  o Minor changes:
    - Decrease the lower limit of MaxMemInQueues to 256 MBytes, to
      appease raspberry pi users. Fixes bug 9686.
  o Minor features:
    - Avoid hash-flooding denial-of-service attacks by using the secure
      SipHash-2-4 hash function for our hashtables.  Without this
      feature, an attacker could degrade performance of a targeted
      client or server by flooding their data structures with a large
      number of data entries all calculated to be stored at the same
      hash table position, thereby degrading hash table
      performance. With this feature, hash table positions are derived
      from a randomized cryptographic key using SipHash-2-4, and an
      attacker cannot predict which entries will collide.
      Closes ticket 4900.
  o Minor features:
    - Update geoip6 to the February 7 2014 Maxmind GeoLite2 Country
      database.
  o Minor features:
    - Update to the February 7 2014 Maxmind GeoLite2 Country database.
  o Minor features:
    - Fix our version of the February 7 2014 Maxmind GeoLite2 Country database.
  o Minor bugfixes (compilation):
    - Fix a 64-to-32-conversion warning in format_number_sigsafe().
      Bugfix on 0.2.5.2-alpha; patch from Nick Hopper.
  o Removed code
    - Remove all code for hidden service authorities to accept and serve
      version 0 descriptors and left-over code for hidden services and
      hidden service clients to upload and fetch version 0 descriptors.
      Version 0 descriptors are not in use anymore since 0.2.2.1-alpha.
      Fixes the rest of bug 10841.
  o Documentation:
    - Explain that SocksPolicy, DirPolicy, and their allies don't take
      port arguments. Fixes ticket #11108.
    - Fix the max client name length in the manpage's description of
      HiddenServiceAuthorizeClient description: it should have been
      16, not 19. Fixes bug 11118; bugfix on 0.2.1.6-alpha.
    - Document in the manpage that "KBytes" may also be written as
      "kilobytes" or "KB", that "Kbits" may also be written as
      "kilobits", and so forth. Closes ticket #9222.
  o Code simplifications and refactoring:
    - Get rid of router->address, since in all cases it was just the
      string representation of router->addr. Resolves ticket 5528.
  o Minor features:
    - Made PREDICTED_CIRCS_RELEVANCE_TIME configurable from config
      file with a new option, PredictedPortsRelevanceTime. Implements
      ticket #9176. Patch by unixninja92.
  o Testing:
    - Update to the latest version of tinytest.
Changes in version 0.2.4.21 - 2014-02-28