aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRoger Dingledine <arma@torproject.org>2005-12-06 23:11:39 +0000
committerRoger Dingledine <arma@torproject.org>2005-12-06 23:11:39 +0000
commit871d4c997129008ccc95c040789cc54f1b1916aa (patch)
tree4114de736ea9445bc8fcbf27c82f41607a11c957
parent485b2cb4dcea11b4672c2f60fd630de68c45aca5 (diff)
downloadtor-871d4c997129008ccc95c040789cc54f1b1916aa.tar
tor-871d4c997129008ccc95c040789cc54f1b1916aa.tar.gz
first cut at a 0.1.1.10-alpha changelog
svn:r5519
-rw-r--r--ChangeLog92
1 files changed, 92 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index b87f0a86c..46c82b871 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,95 @@
+Changes in version 0.1.1.10-alpha - 2005-12-xx
+ o Correctness bugfixes on 0.1.0.x:
+ - Stop doing the complex voodoo overkill checking for insecure
+ Diffie-Hellman keys. Just check if it's in [2,p-2] and be happy.
+ - When we were closing connections, there was a rare case that
+ stomped on memory, triggering seg faults and asserts.
+ - We were neglecting to unlink marked circuits from soon-to-close OR
+ connections, which caused some rare scribbling on freed memory.
+ - When we're deciding whether a stream has enough circuits around
+ that can handle it, count the freshly dirty ones and not the ones
+ that are so dirty they won't be able to handle it.
+ - Recover better from TCP connections to Tor servers that are
+ broken but don't tell you (it happens!); and rotate TLS
+ connections once a week.
+ - When we're expiring old circuits, we had a logic error that caused
+ us to close new rendezvous circuits rather than old ones.
+ - Fix a scary-looking but apparently harmless bug where circuits
+ would sometimes start out in state CIRCUIT_STATE_OR_WAIT at
+ servers, and never switch to state CIRCUIT_STATE_OPEN.
+ - When building with -static or on Solaris, we sometimes needed to
+ build with -ldl.
+ - Give a useful message when people run Tor as the wrong user,
+ rather than telling them to start chowning random directories.
+
+ o Security bugfixes on 0.1.0.x:
+ - Refuse server descriptors if the fingerprint line doesn't match
+ the included identity key. Tor doesn't care, but other apps (and
+ humans) might actually be trusting the fingerprint line.
+ - We used to kill the circuit when we receive a relay command we
+ don't recognize. Now we just drop it.
+ - Start obeying our firewall options more rigorously:
+ . If we can't get to a dirserver directly, try going via Tor.
+ . Don't ever try to connect (as a client) to a place our
+ firewall options forbid.
+ . If we specify a proxy and also firewall options, obey the
+ firewall options even when we're using the proxy: some proxies
+ can only proxy to certain destinations.
+ - Fix a bug found by Lasse Overlier: when we were making internal
+ circuits (intended to be cannibalized later for rendezvous and
+ introduction circuits), we were picking them so that they had
+ useful exit nodes. There was no need for this, and it actually
+ aids some statistical attacks.
+ - Start treating internal circuits and exit circuits separately.
+ It's important to keep them separate because internal circuits
+ have their last hops picked like middle hops, rather than like
+ exit hops. So exiting on them will break the user's expectations.
+
+ o Bugfixes on 0.1.1.x:
+ - Take out the mis-feature where we tried to detect IP address
+ flapping for people with DynDNS, and chose not to upload a new
+ server descriptor sometimes.
+ - Try to be compatible with OpenSSL 0.9.6 again.
+ - Log fix: when the controller is logging about .onion addresses,
+ sometimes it didn't include the ".onion" part of the address.
+ - Don't try to modify options->DirServers internally -- if the
+ user didn't specify any, just add the default ones directly to
+ the trusted dirserver list. This fixes a bug where people running
+ controllers would use SETCONF on some totally unrelated config
+ option, and Tor would start yelling at them about changing their
+ DirServer lines.
+ - Let the controller's redirectstream command specify a port, in
+ case the controller wants to change that too.
+ - When we requested a pile of server descriptors, we sometimes
+ accidentally launched a duplicate request for the first one.
+ - Bugfix for trackhostexits: write down the fingerprint of the
+ chosen exit, not its nickname, because the chosen exit might not
+ be verified.
+ - When parsing foo.exit, if foo is unknown, and we are leaving
+ circuits unattached, set the chosen_exit field and leave the
+ address empty. This matters because controllers got confused
+ otherwise.
+ - Directory authorities no longer try to download server
+ descriptors that they know they will reject.
+
+ o Features and updates:
+ - Replace balanced trees with hash tables: this should make stuff
+ significantly faster.
+ - Resume using the AES counter-mode implementation that we ship,
+ rather than OpenSSL's. Ours is significantly faster.
+ - Many other CPU and memory improvements.
+ - Add a new config option TestSocks so people can see if their
+ applications are using socks4, socks4a, socks5-with-ip, or
+ socks5-with-hostname. This way they don't have to keep mucking
+ with tcpdump and wondering if something got cached somewhere.
+ - Add a new controller event type that allows controllers to get
+ all server descriptors that were uploaded to a router in its role
+ as authoritative dirserver.
+ - Start shipping socks-extensions.txt, tor-doc-unix.html,
+ tor-doc-server.html, and stylesheet.css in the tarball.
+ - Stop shipping tor-doc.html in the tarball.
+
+
Changes in version 0.1.1.9-alpha - 2005-11-15
o Usability improvements:
- Start calling it FooListenAddress rather than FooBindAddress,