aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog126
-rw-r--r--changes/bug715726
-rw-r--r--changes/bug73417
-rw-r--r--changes/bug7799.ratelim6
-rw-r--r--changes/bug78144
-rw-r--r--changes/bug78365
-rw-r--r--changes/bug79354
-rw-r--r--changes/clang_enum_warnings3
-rw-r--r--changes/dh_benchmarks3
-rw-r--r--changes/dirguards8
-rw-r--r--changes/ntor40
-rw-r--r--changes/tls_ecdhe26
-rw-r--r--src/or/connection.c3
-rw-r--r--src/or/relay.c8
14 files changed, 136 insertions, 133 deletions
diff --git a/ChangeLog b/ChangeLog
index 499873052..03ed90752 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,129 @@
+Changes in version 0.2.4.8-alpha - 2013-01-14
+
+ o Major features:
+ - Preliminary support for directory guards (proposal 207): when
+ possible, clients now use their entry guards for non-anonymous
+ directory requests. This can help prevent client enumeration. Note
+ that this behavior only works when we have a usable consensus
+ directory: and when options about what to download are more or
+ less standard. Resolves ticket 6526.
+ - Tor servers and clients now support a better CREATE/EXTEND cell
+ format, allowing the sender to specify multiple address, identity,
+ and handshake types. Implements Robert Ransom's proposal 200;
+ closes ticket 7199.
+
+ o Major features (new circuit handshake):
+ - Tor now supports a new circuit extension handshake designed by Ian
+ Goldberg, Douglas Stebila, and Berkant Ustaoglu. Our original
+ circuit extension handshake, later called "TAP", was a bit slow
+ (especially on the server side), had a fragile security proof, and
+ used weaker keys than we'd now prefer. The new circuit handshake
+ uses Dan Bernstein's "curve25519" elliptic-curve Diffie-Hellman
+ function, making it significantly more secure than the older
+ handshake, and significantly faster. Tor can use one of two built-in
+ pure-C curve25519-donna implementations by Adam Langley, or it
+ can link against the "nacl" library for a tuned version if present.
+
+ The built-in version is very fast for 64-bit systems when building
+ with GCC. The built-in 32-bit version is still faster than the
+ old TAP protocol, but using libnacl is better on most such hosts.
+
+ Clients don't currently use this protocol by default, since
+ comparatively few clients support it so far. To try it, set
+ UseNTorHandshake to 1.
+
+ Implements proposal 216; closes ticket 7202.
+
+ o Major features (better link encryption):
+ - Servers can now enable the ECDHE TLS ciphersuites when available
+ and appropriate. These ciphersuites let us negotiate forward-
+ secure TLS secret keys more safely and more efficiently than with
+ our previous use of Diffie-Hellman modulo a 1024-bit prime.
+ By default, public servers prefer the (faster) P224 group, and
+ bridges prefer the (more common) P256 group; you can override this
+ with the TLSECGroup option.
+
+ Enabling these ciphers was a little tricky, since for a long time,
+ clients had been claiming to support them without actually doing
+ so, in order to foil fingerprinting. But with the client-side
+ implementation of proposal 198 in 0.2.3.17-beta, clients can now
+ match the ciphers from recent Firefox versions *and* list the
+ ciphers they actually mean, so servers can believe such clients
+ when they advertise ECDHE support in their TLS ClientHello messages.
+
+ This feature requires clients running 0.2.3.17-beta or later,
+ and requires both sides to be running OpenSSL 1.0.0 or later
+ with ECC support. OpenSSL 1.0.1, with the compile-time option
+ "enable-ec_nistp_64_gcc_128", is highly recommended. Implements
+ the server side of proposal 198; closes ticket 7200.
+
+ o Major bugfixes:
+ - Avoid crashing when, as a node without IPv6-exit support, a
+ client insists on getting an IPv6 address or nothing. Fixes bug
+ 7814; bugfix on 0.2.4.7-alpha.
+
+ o Minor features:
+ - Improve circuit build timeout handling for hidden services.
+ In particular: adjust build timeouts more accurately depending
+ upon the number of hop-RTTs that a particular circuit type
+ undergoes. Additionally, launch intro circuits in parallel
+ if they timeout, and take the first one to reply as valid.
+ - Work correctly on unix systems where EAGAIN and EWOULDBLOCK are
+ separate error codes--or at least, don't break for that reason.
+ Fixes bug 7935. Reported by "oftc_must_be_destroyed".
+
+ o Minor features (testing):
+ - Add benchmarks for DH (1024-bit multiplicative group) and ECDH
+ (P-256) diffie-hellman handshakes to src/or/bench.
+ - Add benchmark functions to test onion handshake performance.
+
+ o Minor features (path bias detection):
+ - Alter the Path Bias log messages to be more descriptive in terms
+ of reporting timeouts and other statistics.
+ - Create three levels of Path Bias log messages, as opposed to just
+ two. These are configurable via consensus as well as via the torrc
+ options PathBiasNoticeRate, PathBiasWarnRate, PathBiasExtremeRate.
+ The default values are 0.70, 0.50, and 0.30 respectively.
+ - Separate the log message levels from the decision to drop guards,
+ which also is available via torrc option PathBiasDropGuards.
+ PathBiasDropGuards still defaults to 0 (off).
+ - Deprecate PathBiasDisableRate in favor of PathBiasDropGuards
+ in combination with PathBiasExtremeRate.
+ - Increase the default values for PathBiasScaleThreshold and
+ PathBiasCircThreshold from (200, 20) to (300, 150).
+ - Add in circuit usage accounting to path bias. If we try to use a
+ built circuit but fail for any reason, it counts as path bias.
+ Certain classes of circuits where the adversary gets to pick your
+ destination node are exempt from this accounting. Usage accounting
+ can be specifically disabled via consensus parameter or torrc.
+ - Convert all internal path bias state to double-precision floating
+ point, to avoid roundoff error and other issues.
+ - Only record path bias information for circuits that have completed
+ *two* hops. Assuming end-to-end tagging is the attack vector, this
+ makes us more resilient to ambient circuit failure without any
+ detection capability loss.
+
+ o Minor bugfixes:
+ - Rate-limit the "No circuits are opened. Relaxed timeout for a
+ circuit with channel state open..." message to once per hour to
+ keep it from filling the notice logs. Mitigates bug 7799 but does
+ not fix the underlying cause. Bugfix on 0.2.4.7-alpha.
+ - Avoid spurious warnings when configuring multiple client ports of
+ which only some are nonlocal. Previously, we had claimed that some
+ were nonlocal when in fact they weren't. Fixes bug 7836; bugfix on
+ 0.2.3.3-alpha.
+
+ o Code simplifications and refactoring:
+ - Get rid of a couple of harmless clang warnings, where we compared
+ enums to ints. These warnings are newly introduced in clang 3.2.
+ - Split the onion.c file into separate modules for the onion queue
+ and the different handshakes it supports.
+ - Remove the marshalling/unmarshalling code for sending requests to
+ cpuworkers over a socket, and instead just send structs. The
+ recipient will always be the same Tor binary as the sender, so
+ any encoding is overkill.
+
+
Changes in version 0.2.4.7-alpha - 2012-12-24
Tor 0.2.4.7-alpha introduces a new approach to providing fallback
directory mirrors for more robust bootstrapping; fixes more issues where
diff --git a/changes/bug7157 b/changes/bug7157
deleted file mode 100644
index 4f0e3b3fc..000000000
--- a/changes/bug7157
+++ /dev/null
@@ -1,26 +0,0 @@
-
- o Minor features:
- - Alter the Path Bias log messages to be more descriptive in terms
- of reporting timeouts and other statistics.
- - Create three levels of Path Bias log messages, as opposed to just
- two. These are configurable via consensus as well as via torrc
- options PathBiasNoticeRate, PathBiasWarnRate, PathBiasExtremeRate.
- The default values are 0.70, 0.50, and 0.30 respectively.
- - Separate the log message levels from the decision to drop guards,
- which also is available via torrc option PathBiasDropGuards.
- PathBiasDropGuards defaults to 0 (off).
- - Deprecate PathBiasDisableRate in favor of PathBiasDropGuards
- in combination with PathBiasExtremeRate.
- - Increase the default values for PathBiasScaleThreshold and
- PathBiasCircThreshold from 200 and 20 to 300 and 150, respectively.
- - Add in circuit usage accounting to path bias. If we try to use a
- built circuit but fail for any reason, it counts as path bias.
- Certain classes of circuits where the adversary gets to pick your
- destination node are exempt from this accounting. Usage accounting
- can be specifically disabled via consensus parameter or torrc.
- - Convert all internal path bias state to double-precision floating
- point, to avoid roundoff error and other issues.
- - Only record path bias information for circuits that have completed
- *two* hops. Assuming end-to-end tagging is the attack vector, this
- makes us more resilient to ambient circuit failure without any
- detection capability loss.
diff --git a/changes/bug7341 b/changes/bug7341
deleted file mode 100644
index 7f046d2a4..000000000
--- a/changes/bug7341
+++ /dev/null
@@ -1,7 +0,0 @@
-
- o Minor features:
- - Improve circuit build timeout handling for hidden services.
- In particular: adjust build timeouts more accurately depending
- upon the number of hop-RTTs that a particular circuit type
- undergoes. Additionally, launch intro circuits in parallel
- if they timeout, and take the first one to reply as valid.
diff --git a/changes/bug7799.ratelim b/changes/bug7799.ratelim
deleted file mode 100644
index cb7742c5d..000000000
--- a/changes/bug7799.ratelim
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - Rate-limit the "No circuits are opened. Relaxed timeout for a
- circuit with channel state open..." message to once per hour to
- keep it from filling the notice logs. Mitigates bug 7799 but does
- not fix the underlying cause. Bugfix on 0.2.4.7-alpha.
-
diff --git a/changes/bug7814 b/changes/bug7814
deleted file mode 100644
index 7ecc2427a..000000000
--- a/changes/bug7814
+++ /dev/null
@@ -1,4 +0,0 @@
- o Major bugfixes:
- - Avoid crashing when, as a node without IPv6-exit support, a
- client insists on getting an IPv6 address or nothing. Fixes bug
- #7814; bugfix on 0.2.4.7-alpha.
diff --git a/changes/bug7836 b/changes/bug7836
deleted file mode 100644
index 730d80745..000000000
--- a/changes/bug7836
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - Avoid spurious warnings when configuring multiple client ports of
- which only some are nonlocal. Previously, we had claimed that some
- were nonlocal when in fact they weren't. Fixes bug 7836; bugfix on
- 0.2.3.3-alpha.
diff --git a/changes/bug7935 b/changes/bug7935
deleted file mode 100644
index ef910012c..000000000
--- a/changes/bug7935
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (portability):
- - Work correctly on unix systems where EAGAIN and EWOULDBLOCK are
- separate error codes--or at least, don't break for that reason.
- Fixes bug 7935. Reported by "oftc_must_be_destroyed".
diff --git a/changes/clang_enum_warnings b/changes/clang_enum_warnings
deleted file mode 100644
index 50de605fc..000000000
--- a/changes/clang_enum_warnings
+++ /dev/null
@@ -1,3 +0,0 @@
- o Code simplifications and refactoring:
- - Get rid of a couple of harmless clang warnings, where we compared
- enums to ints. These warnings are newly introduced in clang 3.2.
diff --git a/changes/dh_benchmarks b/changes/dh_benchmarks
deleted file mode 100644
index 2301995a7..000000000
--- a/changes/dh_benchmarks
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features (testing):
- - Add benchmarks for DH (1024-bit multiplicative group) and ECDH
- (P-256) diffie-hellman handshakes to src/or/bench.
diff --git a/changes/dirguards b/changes/dirguards
deleted file mode 100644
index 942ae6c24..000000000
--- a/changes/dirguards
+++ /dev/null
@@ -1,8 +0,0 @@
- o Major features:
- - Preliminary support for directory guards: when possible,
- clients now use guards for non-anonymous directory requests.
- This can help prevent client enumeration. Note that this
- behavior only works when we have a usable consensus directory:
- and when options about what to download are more or less
- standard. Implements proposal 207; closes ticket 6526.
-
diff --git a/changes/ntor b/changes/ntor
deleted file mode 100644
index 3aca82075..000000000
--- a/changes/ntor
+++ /dev/null
@@ -1,40 +0,0 @@
- o Major features:
-
- - Tor now supports a new circuit extension handshake designed by Ian
- Goldberg, Douglas Stebila, and Berkant Ustaoglu. Our original
- circuit extension handshake, later called "TAP", was a bit slow
- (especially on the server side), had a fragile security proof, and
- used weaker keys than we'd now prefer. The new circuit handshake
- uses Dan Bernstein's "curve25519" elliptic-curve Diffie-Hellman
- function, making it significantly more secure than the older
- handshake, and significantly faster. Tor can either use one of two
- built-in pure-C curve25519-donna implementations by Adam Langley,
- or link against the "nacl" library for a tuned version if present.
-
- The built-in version is very fast for 64-bit systems building with
- GCC. (About 10-14x faster on the server side, and about 7x faster
- on the client side.) The built-in 32-bit version is still faster
- than the old TAP protocol (about 3x), but using libnacl would be
- better on most 32-bit x86 hosts.
-
- Clients don't currently use this protocol by default, since
- comparatively few clients support it so far. To try it, set
- UseNTorHandshake to 1.
-
- Implements proposal 216; closes ticket #7202.
-
- - Tor servers and clients now support a better CREATE/EXTEND cell
- format, allowing the sender to specify multiple address, identity,
- and handshake types. Implements Robert Ransom's proposal 200;
- closes ticket #7199.
-
- o Code simplification and refactoring:
- - Split the onion.c file into separate modules for the onion queue
- and the different handshakes it supports.
- - Remove the marshalling/unmarshalling code for sending requests to
- cpuworkers over a socket, and instead just send structs. The
- recipient will always be the same Tor binary as the sender, so
- any encoding is overkill.
-
- o Testing:
- - Add benchmark functions to test onion handshake performance.
diff --git a/changes/tls_ecdhe b/changes/tls_ecdhe
deleted file mode 100644
index 48c6384da..000000000
--- a/changes/tls_ecdhe
+++ /dev/null
@@ -1,26 +0,0 @@
- o Major features:
-
- - Servers can now enable the ECDHE TLS ciphersuites when available
- and appropriate. These ciphersuites let us negotiate forward-
- secure TLS secret keys more safely and more efficiently than with
- our previous use of Diffie Hellman modulo a 1024-bit prime.
- By default, public servers prefer the (faster) P224 group, and
- bridges prefer the (more common) P256 group; you can override this
- with the TLSECGroup option.
-
- Enabling these ciphers was a little tricky, since for a long
- time, clients had been claiming to support them without
- actually doing so, in order to foil fingerprinting. But with
- the client-side implementation of proposal 198 in
- 0.2.3.17-beta, clients can now match the ciphers from recent
- firefox versions *and* list the ciphers they actually mean, so
- servers can believe such clients when they advertise ECDHE
- support in their TLS ClientHello messages.
-
- This feature requires clients running 0.2.3.17-beta or later,
- and requires both sides to be running OpenSSL 1.0.0 or later
- with ECC support. OpenSSL 1.0.1, with the compile-time option
- "enable-ec_nistp_64_gcc_128", is highly recommended.
- Implements the server side of proposal 198; closes ticket
- 7200.
-
diff --git a/src/or/connection.c b/src/or/connection.c
index 740462e7c..42ff7e1a0 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -1245,6 +1245,7 @@ connection_handle_listener_read(connection_t *conn, int new_type)
if (!SOCKET_OK(news)) { /* accept() error */
int e = tor_socket_errno(conn->s);
if (ERRNO_IS_ACCEPT_EAGAIN(e)) {
+ log_notice(LD_APP, "he hung up before we could accept(). that's fine.");
return 0; /* he hung up before we could accept(). that's fine. */
} else if (ERRNO_IS_ACCEPT_RESOURCE_LIMIT(e)) {
warn_too_many_conns();
@@ -1256,7 +1257,7 @@ connection_handle_listener_read(connection_t *conn, int new_type)
connection_mark_for_close(conn);
return -1;
}
- log_debug(LD_NET,
+ log_notice(LD_NET,
"Connection accepted on socket %d (child of fd %d).",
(int)news,(int)conn->s);
diff --git a/src/or/relay.c b/src/or/relay.c
index a942e4465..874aade21 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -1619,6 +1619,14 @@ connection_edge_package_raw_inbuf(edge_connection_t *conn, int package_partial,
conn->base_.s,
(int)length, (int)connection_get_inbuf_len(TO_CONN(conn)));
+ if (conn->base_.type == CONN_TYPE_AP) {
+ char *text = tor_memdup(payload, length+1);
+ text[length] = 0;
+ log_notice(LD_APP, "Incoming socks text (%d):===\n%s\n===",
+ conn->base_.s, text);
+ tor_free(text);
+ }
+
if (sending_optimistically && !sending_from_optimistic) {
/* This is new optimistic data; remember it in case we need to detach and
retry */