From 205084631257751b655c5bf33a1f290e2741bf27 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Mon, 16 Jun 2014 15:00:10 -0400 Subject: Bring remaining 0.2.5.5-alpha entries into changelog --- ChangeLog | 86 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 84 insertions(+), 2 deletions(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 3dfb40aa4..cddd5adbf 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,24 @@ -Changes in version 0.2.5.5-alpha - 2014-06-?? +Changes in version 0.2.5.5-alpha - 2014-06-1? Write a blurb here. + o Major features (security, traffic analysis resistance): + - Increase the base amount of time that a canonical connection (one + that we have made to a known OR) is allowed to stay idle from 3 + minutes to 15 minutes. This leaks less information about when + circuits have closed, and avoids unnecessary overhead from + renegotiating connections. Part of a fix for ticket 6799. + - Instead of closing connections after they have been idle for a + fixed interval, randomly add up to 50% to each connection's + maximum timeout. This makes it harder to tell when the last + circuit closed by looking at when a connection closes. Part of a + fix for ticket 6799. + - Base connection idleness tests on the actual time elapsed since + the connection last had circuits, not on the time when we last + added non-padding. This change also makes it harder for an + observer to tell when the last circuit closed by looking at when a + connection closes. Part of a fix for ticket 6799. Incidentally + fixes bug 12023; bugfix on 0.2.5.1-alpha. + o Major bugfixes (security, OOM, new since 0.2.5.4-alpha, also in 0.2.4.22): - Fix a memory leak that could occur if a microdescriptor parse fails during the tokenizing step. This bug could enable a memory @@ -13,6 +31,11 @@ Changes in version 0.2.5.5-alpha - 2014-06-?? directory object. Previously, relays would used tunnel connections under a fairly wide variety of circumstances. Fixes bug 11469; bugfix on 0.2.4.3-alpha. + - When a circuit accidentally has the same circuit ID for its + forward and reverse direction, correctly detect the direction of + cells using that circuit. Previously, this would have made roughly + one circuit in a million non-functional. Fixes bug 12195; this is + a bugfix on every version of Tor. o Major bugfixes (security, directory authorities): - Directory authorities now include a digest of each relay's @@ -30,6 +53,12 @@ Changes in version 0.2.5.5-alpha - 2014-06-?? attacker from causing a microdescriptor collision, because the router's identity is not forgeable. + o Major bugfixes (client, pluggable transports): + - When managing pluggable transports, use OS notification facilities + to learn if they have crashed, and do not attempt to kill any + process that has already exited. Fix for bug 8746; bugfix + on 0.2.3.6-alpha. + o Minor features (diagnostic): - When logging a warning because of bug #7164, additionally check the hash table for consistency (as proposed on ticket #11737). @@ -42,8 +71,13 @@ Changes in version 0.2.5.5-alpha - 2014-06-?? diagnosing bug 11233. - Give more specific warnings when we notice at the client side that an onion handshake has failed. Fixes ticket 9635. + - Add significant new logging code to attempt to diagnose bug 12184, + where relays seem to run out of available circuit IDs. + - Improve the diagnostic log message for bug #8387 even further to + try to improve our odds of figuring out why one-hop directory + circuits sometimes do not get closed. - o Minor features (security, memory management)): + o Minor features (security, memory management): - Add configure options controlling allocator tricks like mempools and freelists, and turn them off by default; on most platforms malloc is reasonable enough for this not to be necessary, and a @@ -61,12 +95,29 @@ Changes in version 0.2.5.5-alpha - 2014-06-?? support for libseccomp on systems that have it, in case it (or Tor's use of it) is broken. Resolves ticket 11628. + o Minor features (other): + - Update geoip and geoip6 to the June 4 2014 Maxmind GeoLite2 + Country database. + o Minor bugfixes (configuration, security, new since 0.2.5.4-alpha, also in 0.2.4.22): - When running a hidden service, do not allow TunneledDirConns 0; this will keep the hidden service from running, and also make it publish its descriptors directly over HTTP. Fixes bug 10849; bugfix on 0.2.1.1-alpha. + o Minor bugfixes (performance): + - Do not recompute whether we have sufficient information to build + circuits every time we make a successful connection. Previously, + we would forget our cached value for this flag every time we + successfully opened a channel (or marked a router as running or + not running for any other reason), regardless of whether we had + previously believed the router to be running. This forced us to + run a fairly expensive update operation with relatively high + frequency. Fixes bug 12170; bugfix on 0.1.2.1-alpha. + - Avoid using tor_memeq() for checking relay cell integrity. This + removes a possible performance bottleneck. Fixes part of bug + 12169; bugfix on 0.2.1.31. + o Minor bugfixes (compilation): - Fix compilation of test_status.c when building with MVSC. Bugfix on 0.2.5.4-alpha. Patch from Gisle Vanem. @@ -140,6 +191,12 @@ Changes in version 0.2.5.5-alpha - 2014-06-?? - Handle failures in getpwnam()/getpwuid() when running with the User option set and the Linux syscall sandbox enabled. Fixes bug 11946; bugfix on 0.2.5.1-alpha. + - Refactor the getaddrinfo workaround that the seccomp sandbox uses + to avoid calling getaddrinfo() after installing the sandbox + filters. Previously, it preloaded a cache with the IPv4 address + for our hostname, and nothing else. Now, it loads the cache with + every address that it used to initialize the Tor process. Fixes + bug 11970; bugfix on 0.2.5.1-alpha. o Minor bugfixes (pluggable transports): - Enable the ExtORPortCookieAuthFile option, to allow changing the @@ -152,6 +209,12 @@ Changes in version 0.2.5.5-alpha - 2014-06-?? descriptors for our bridges. Fixes bug 11965; bugfix on 0.2.3.6-alpha. + o Minor bugfixes (client): + - Avoid "Tried to open a socket with DisableNetwork set" warnings + when starting a client with bridges configured and DisableNetwork + set. (Tor launcher starts Tor with DisableNetwork set the first + time.) Fixes bug 10405; bugfix on 0.2.3.9-alpha. + o Minor bugfixes (testing): - The Python parts of the test scripts now work on Python 3 as well as Python 2, so systems where '/usr/bin/python' is Python 3 will @@ -188,9 +251,25 @@ Changes in version 0.2.5.5-alpha - 2014-06-?? error value, even on success. Fixes bug 11805; bugfix on 0.2.5.4-alpha. + o Minor bugfixes (relay, other): + - We now drop CREATE cells for already-existent circuit IDs and for + zero-valued circuit IDs, regardless of other factors that might + otherwise have called for DESTROY cells. Fixes bug 12191; bugfix + on 0.0.8pre1. + - Avoid an illegal read from stack when initializing the TLS module + using a version of OpenSSL without all of the ciphers used by the + v2 link handshake. Fixes bug 12227; bugfix on 0.2.4.8-alpha. Found + by "starlight". + - When rejecting DATA cells for stream_id zero, still count them + against the circuit's deliver window so that we don't get fail to + send a SENDME. Fix for bug 11246; bugfix on 0.2.4.10-alpha. + o Minor bugfixes (logging): - Fix a misformatted log message about delayed directory fetches. Fixes bug 11654; bugfix on 0.2.5.3-alpha. + - Squelch a spurious LD_BUG message "No origin circuit for + successful SOCKS stream" in certain hidden service failure cases; + fixes bug #10616. o Distribution: - Include a tor.service file in contrib/dist for use with systemd. @@ -204,6 +283,9 @@ Changes in version 0.2.5.5-alpha - 2014-06-?? directory authority options, remove the documentation for a V2-directory fetching option that no longer exists. Resolves ticket 11634. + - In the manpage, move more authority-only options into the + directory authority section so that operators of regular directory + caches don't get confused. o Package cleanup: - The contrib directory has been sorted and tidy. Before, it was an -- cgit v1.2.3