Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
T
Tor
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Benjamin J. Thompson
Tor
Commits
54d0cdeb
Commit
54d0cdeb
authored
12 years ago
by
Roger Dingledine
Browse files
Options
Downloads
Patches
Plain Diff
further changelog cleanups
parent
627c37ad
No related branches found
Branches containing commit
No related tags found
Tags containing commit
No related merge requests found
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
ChangeLog
+41
-47
41 additions, 47 deletions
ChangeLog
with
41 additions
and
47 deletions
ChangeLog
+
41
−
47
View file @
54d0cdeb
Changes in version 0.2.3.14-alpha - 2012-04-
?
?
Changes in version 0.2.3.14-alpha - 2012-04-
2
?
o Directory authority changes:
- Change IP address for ides (v3 directory authority), and rename
it to turtles.
o Security fixes:
- When using the debuging BridgePassword field, a bridge authority
now compares alleged passwords by hashing them, then comparing
the result to a digest of the expected authenticator. This avoids
a potential side-channel attack in the previous code, which
had foolishly used strcmp(). Fortunately, the BridgePassword field
*is not in use*, but if it had been, the timing
behavior of strcmp() might have allowed an adversary to guess the
BridgePassword value, and enumerate the bridges. Bugfix on
0.2.0.14-alpha. Fixes bug 5543.
o Major bugfixes:
- Do not allow the presence of one consensus flavor to keep us from
downloading another. Previously, we had one "time to download a
consensus" timer, which didn't understand the idea of having one
consensus but wanting to download another. Fixes bug 4011; fix on
0.2.3.1-alpha.
- If authorities are unable to get a set of v2 consensus documents
from other directory authorities, they no longer fail-back and
try to fetch them from regular directory caches. Fixes bug 5635;
bugfix on 0.2.2.26-beta, where routers stopped downloading v2
consensus documents entirely.
- Prevent a client-side assertion failure when receiving an INTRODUCE2
- When we start a Tor client with a normal consensus already cached,
be willing to download a microdescriptor consensus. Fixes bug 4011;
fix on 0.2.3.1-alpha.
- If authorities are unable to get a v2 consensus document from other
directory authorities, they no longer fall back to fetching
them from regular directory caches. Fixes bug 5635; bugfix on
0.2.2.26-beta, where routers stopped downloading v2 consensus
documents entirely.
- Avoid a client-side assertion failure when receiving an INTRODUCE2
cell on a general purpose circuit. Fixes bug 5644; bugfix on
0.2.1.6-alpha.
- Avoid logging uninitialized data when unable to decode a hidden
service descriptor cookie.
Fixes bug 5647; bugfix on 0.2.1.5-alpha.
service descriptor cookie. Fixes bug 5647; bugfix on 0.2.1.5-alpha.
o Major features (performance):
- When built to use the newly OpenSSL 1.0.1, and built for an x86 or
x86_64 instruction set, take advantage of OpenSSL's AESNI,
bitsliced, or vectorized AES implementations as appropriate. These
can be much, much faster than other AES implementations.
o Minor bugfixes:
- When built to use OpenSSL 1.0.1, and built for an x86 or x86_64
instruction set, take advantage of OpenSSL's AESNI, bitsliced, or
vectorized AES implementations as appropriate. These can be much,
much faster than other AES implementations.
o Minor bugfixes (0.2.2.x and earlier):
- Change the BridgePassword feature (part of the "bridge community"
design, which is not yet implemented) to use a time-independent
comparison. The old behavior might have allowed an adversary
to use timing to guess the BridgePassword value. Fixes bug 5543;
bugfix on 0.2.0.14-alpha.
- Enforce correct return behavior of tor_vsscanf() when the '%%'
pattern is used. Fixes bug 5558. Bugfix on 0.2.1.13.
- When sending an HTTP/1.1 proxy request, include a Host header.
Fixes bug 5593; bugfix on 0.2.2.1-alpha.
- Don't log that we have "decided to publish new relay descriptor"
unless we are actually publishing a descriptor. Fixes bug 3942;
bugfix on 0.2.3.2-alpha.
- Fix bug stomping on ORPort option NoListen and ignoring option
NoAdvertise. Fixes bug 5151; bugfix on 0.2.3.9-alpha.
- In the testsuite, provide a large enough buffer in the tor_sscanf
unit test. We'd otherwise overrun that buffer and crash during the
unit tests. Fixes bug 5449; bugfix on 0.2.3.12-alpha. Thanks weasel
for spotting the bug.
bugfix on 0.2.2.28-beta.
o Minor bugfixes (0.2.3.x):
- Fix a bug where a bridge authority crashes (on a failed assert)
if it has seen no directory requests when it's time to write
statistics to disk. Fixes bug 5508. Bugfix on 0.2.3.6-alpha.
- Enforce correct return behavior of tor_vsscanf(), when the '%%'
pattern is used. Fixes bug 5558. Bugfix on 0.2.1.13.
- Fix bug stomping on ORPort option NoListen and ignoring option
NoAdvertise. Fixes bug 5151; bugfix on 0.2.3.9-alpha.
- In the testsuite, provide a large enough buffer in the tor_sscanf
unit test. Otherwise we'd overrun that buffer and crash during
the unit tests. Found by weasel. Fixes bug 5449; bugfix on
0.2.3.12-alpha.
- Make sure we create the keys directory if it doesn't exist and we're
about to store the dynamic diffie hellman parameters. Fixes bug 5572;
bugfix on 0.2.3.13-alpha.
- When sending an HTTP/1.1 proxy request, include a Host header.
Fixes bug 5593; bugfix on 0.2.2.1-alpha.
about to store the dynamic Diffie-Hellman parameters. Fixes bug
5572; bugfix on 0.2.3.13-alpha.
- Fix a small memory leak when trying to decode incorrect base16
authenticator during SAFECOOKIE authentication. Found by
Coverity Scan. Fixes CID 507. Bugfix on 0.2.3.13-alpha.
...
...
@@ -75,14 +69,14 @@ Changes in version 0.2.3.14-alpha - 2012-04-??
- Update to the April 3 2012 Maxmind GeoLite Country database.
o Documentation:
- Begin a state-contents.txt file
in doc
to explain the contents
of
the Tor state file. Fixes bug 2987.
- Begin a
doc/
state-contents.txt file to explain the contents
of
the Tor state file. Fixes bug 2987.
- Document unit of bandwidth related options in sample torrc.
Fixes bug 5621.
o Removed features:
- The "torify" script no longer supports the "tsocks" sockifier
tool, since
i
t doesn't support DNS and UDP right for Tor.
- The "torify" script no longer supports the "tsocks" sock
s
ifier
tool, since t
socks
doesn't support DNS and UDP right for Tor.
Everyone should be using torsocks instead. Fixes bugs 3530 and
5180. Based on a patch by "ugh".
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
