diff options
| -rw-r--r-- | ChangeLog | 95 | ||||
| -rw-r--r-- | changes/bridgepassword | 11 | ||||
| -rw-r--r-- | changes/bug2987 | 3 | ||||
| -rw-r--r-- | changes/bug3942 | 4 | ||||
| -rw-r--r-- | changes/bug4011 | 7 | ||||
| -rw-r--r-- | changes/bug4091_debugging | 5 | ||||
| -rw-r--r-- | changes/bug4875 | 3 | ||||
| -rw-r--r-- | changes/bug5053 | 5 | ||||
| -rw-r--r-- | changes/bug5151 | 4 | ||||
| -rw-r--r-- | changes/bug5180 | 6 | ||||
| -rw-r--r-- | changes/bug5449 | 6 | ||||
| -rw-r--r-- | changes/bug5508 | 4 | ||||
| -rw-r--r-- | changes/bug5558 | 3 | ||||
| -rw-r--r-- | changes/bug5572 | 5 | ||||
| -rw-r--r-- | changes/bug5593 | 3 | ||||
| -rw-r--r-- | changes/bug5621 | 3 | ||||
| -rw-r--r-- | changes/bug5635 | 6 | ||||
| -rw-r--r-- | changes/bug5644 | 5 | ||||
| -rw-r--r-- | changes/bug5647 | 4 | ||||
| -rw-r--r-- | changes/crypto_api | 3 | ||||
| -rw-r--r-- | changes/geoip-april2012 | 3 | ||||
| -rw-r--r-- | changes/ides-becomes-turtles | 4 | ||||
| -rw-r--r-- | changes/memleak_safecookie | 4 | ||||
| -rw-r--r-- | changes/openssl101_aes | 6 | ||||
| -rw-r--r-- | changes/pad_rsa_always | 3 | ||||
| -rw-r--r-- | src/or/circuitbuild.c | 36 |
26 files changed, 113 insertions, 128 deletions
@@ -1,3 +1,98 @@ +Changes in version 0.2.3.14-alpha - 2012-04-?? + + o Directory authority changes: + - Change IP address for ides (v3 directory authority), and rename + it to turtles. + + o Security fixes: + - When using the debuging BridgePassword field, a bridge authority + now compares alleged passwords by hashing them, then comparing + the result to a digest of the expected authenticator. This avoids + a potential side-channel attack in the previous code, which + had foolishly used strcmp(). Fortunately, the BridgePassword field + *is not in use*, but if it had been, the timing + behavior of strcmp() might have allowed an adversary to guess the + BridgePassword value, and enumerate the bridges. Bugfix on + 0.2.0.14-alpha. Fixes bug 5543. + + o Major bugfixes: + - Do not allow the presence of one consensus flavor to keep us from + downloading another. Previously, we had one "time to download a + consensus" timer, which didn't understand the idea of having one + consensus but wanting to download another. Fixes bug 4011; fix on + 0.2.3.1-alpha. + - If authorities are unable to get a set of v2 consensus documents + from other directory authorities, they no longer fail-back and + try to fetch them from regular directory caches. Fixes bug 5635; + bugfix on 0.2.2.26-beta, where routers stopped downloading v2 + consensus documents entirely. + - Prevent a client-side assertion failure when receiving an INTRODUCE2 + cell on a general purpose circuit. Fixes bug 5644; bugfix on + 0.2.1.6-alpha. + - Avoid logging uninitialized data when unable to decode a hidden + service descriptor cookie. Fixes bug 5647; bugfix on 0.2.1.5-alpha. + + o Major features (performance): + - When built to use the newly OpenSSL 1.0.1, and built for an x86 or + x86_64 instruction set, take advantage of OpenSSL's AESNI, + bitsliced, or vectorized AES implementations as appropriate. These + can be much, much faster than other AES implementations. + + o Minor bugfixes: + - Don't log that we have "decided to publish new relay descriptor" + unless we are actually publishing a descriptor. Fixes bug 3942; + bugfix on 0.2.3.2-alpha. + - Fix bug stomping on ORPort option NoListen and ignoring option + NoAdvertise. Fixes bug 5151; bugfix on 0.2.3.9-alpha. + - In the testsuite, provide a large enough buffer in the tor_sscanf + unit test. We'd otherwise overrun that buffer and crash during the + unit tests. Fixes bug 5449; bugfix on 0.2.3.12-alpha. Thanks weasel + for spotting the bug. + - Fix a bug where a bridge authority crashes (on a failed assert) + if it has seen no directory requests when it's time to write + statistics to disk. Fixes bug 5508. Bugfix on 0.2.3.6-alpha. + - Enforce correct return behavior of tor_vsscanf(), when the '%%' + pattern is used. Fixes bug 5558. Bugfix on 0.2.1.13. + - Make sure we create the keys directory if it doesn't exist and we're + about to store the dynamic diffie hellman parameters. Fixes bug 5572; + bugfix on 0.2.3.13-alpha. + - When sending an HTTP/1.1 proxy request, include a Host header. + Fixes bug 5593; bugfix on 0.2.2.1-alpha. + - Fix a small memory leak when trying to decode incorrect base16 + authenticator during SAFECOOKIE authentication. Found by + Coverity Scan. Fixes CID 507. Bugfix on 0.2.3.13-alpha. + + o Minor features: + - Add more information to a log statement that might help track down + bug 4091. If you're seeing "Bug: tor_addr_is_internal() called with a + non-IP address" messages (or any Bug messages, for that matter!), + please let us know about it. + - Relays now understand an IPv6 address when they get one from a + directory server. Resolves ticket 4875. + - Resolve IPv6 addresses in bridge and entry statistics to country + code "??" which means we at least count them. Resolves ticket 5053; + improves on 0.2.3.9-alpha. + - Update to the April 3 2012 Maxmind GeoLite Country database. + + o Documentation: + - Begin a state-contents.txt file in doc to explain the contents + of the Tor state file. Fixes bug 2987. + - Document unit of bandwidth related options in sample torrc. + Fixes bug 5621. + + o Removed features: + - The "torify" script no longer supports the "tsocks" sockifier + tool, since it doesn't support DNS and UDP right for Tor. + Everyone should be using torsocks instead. Fixes bugs 3530 and + 5180. Based on a patch by "ugh". + + o Code refactoring: + - Change the symmetric cipher interface so that creating and + initializing a stream cipher are no longer separate functions. + - Remove all internal support for unpadded RSA. We never used it, and + it would be a bad idea to start. + + Changes in version 0.2.3.13-alpha - 2012-03-26 Tor 0.2.3.13-alpha fixes a variety of stability and correctness bugs in managed pluggable transports, as well as providing other cleanups diff --git a/changes/bridgepassword b/changes/bridgepassword deleted file mode 100644 index 5f0e250ff..000000000 --- a/changes/bridgepassword +++ /dev/null @@ -1,11 +0,0 @@ - o Security fixes: - - When using the debuging BridgePassword field, a bridge authority - now compares alleged passwords by hashing them, then comparing - the result to a digest of the expected authenticator. This avoids - a potential side-channel attack in the previous code, which - had foolishly used strcmp(). Fortunately, the BridgePassword field - *is not in use*, but if it had been, the timing - behavior of strcmp() might have allowed an adversary to guess the - BridgePassword value, and enumerate the bridges. Bugfix on - 0.2.0.14-alpha. Fixes bug 5543. - diff --git a/changes/bug2987 b/changes/bug2987 deleted file mode 100644 index 727f3761a..000000000 --- a/changes/bug2987 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation - - Begin a state-contents.txt file in doc to explain the contents of the - Tor state file. Fixes bug 2987. diff --git a/changes/bug3942 b/changes/bug3942 deleted file mode 100644 index 5731aad5b..000000000 --- a/changes/bug3942 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Don't log that we have "decided to publish new relay descriptor" unless - we are actually publishing a descriptor. Fixes bug 3942; bugfix on - 0.2.3.2-alpha. diff --git a/changes/bug4011 b/changes/bug4011 deleted file mode 100644 index fb82d6e3f..000000000 --- a/changes/bug4011 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes: - - Do not allow the presence of one consensus flavor to keep us from - downloading another. Previously, we had one "time to download a - consensus" timer, which didn't understand the idea of having one - consensus but wanting to download another. Fixes bug 4011; fix on - 0.2.3.1-alpha. - diff --git a/changes/bug4091_debugging b/changes/bug4091_debugging deleted file mode 100644 index f78538031..000000000 --- a/changes/bug4091_debugging +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - Add more information to a log statement that might help track down - bug 4091. If you're seeing "Bug: tor_addr_is_internal() called with a - non-IP address" messages (or any Bug messages, for that matter!), - please let us know about it. diff --git a/changes/bug4875 b/changes/bug4875 deleted file mode 100644 index c8c9ba529..000000000 --- a/changes/bug4875 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Relays now understand an IPv6 address when they get one from a - directory server. Resolves ticket 4875. diff --git a/changes/bug5053 b/changes/bug5053 deleted file mode 100644 index fe43f5472..000000000 --- a/changes/bug5053 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - Resolve IPv6 addresses in bridge and entry statistics to country - code "??" which means we at least count them. Resolves ticket 5053; - improves on 0.2.3.9-alpha. - diff --git a/changes/bug5151 b/changes/bug5151 deleted file mode 100644 index 1a56cf62f..000000000 --- a/changes/bug5151 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Fix bug stomping on ORPort option NoListen and ignoring option - NoAdvertise. Fixes bug 5151; bugfix on 0.2.3.9-alpha. - diff --git a/changes/bug5180 b/changes/bug5180 deleted file mode 100644 index 2cb545e0b..000000000 --- a/changes/bug5180 +++ /dev/null @@ -1,6 +0,0 @@ - o Removed features: - - The "torify" script no longer supports the "tsocks" sockifier - tool, since it doesn't support DNS and UDP right for Tor. - Everyone should be using torsocks instead. Fixes bugs 3530 and - 5180. Based on a patch by "ugh". - diff --git a/changes/bug5449 b/changes/bug5449 deleted file mode 100644 index 48babb34f..000000000 --- a/changes/bug5449 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - In the testsuite, provide a large enough buffer in the tor_sscanf - unit test. We'd otherwise overrun that buffer and crash during the - unit tests. Fixes bug 5449; bugfix on 0.2.3.12-alpha. Thanks weasel - for spotting the bug. - diff --git a/changes/bug5508 b/changes/bug5508 deleted file mode 100644 index cebc31d25..000000000 --- a/changes/bug5508 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Fix a bug where a bridge authority crashes (on a failed assert) - if it has seen no directory requests when it's time to write - statistics to disk. Fixes bug 5508. Bugfix on 0.2.3.6-alpha. diff --git a/changes/bug5558 b/changes/bug5558 deleted file mode 100644 index 43b832c50..000000000 --- a/changes/bug5558 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes: - - Enforce correct return behavior of tor_vsscanf(), when the '%%' - pattern is used. Fixes bug 5558. Bugfix on 0.2.1.13. diff --git a/changes/bug5572 b/changes/bug5572 deleted file mode 100644 index e26308837..000000000 --- a/changes/bug5572 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Make sure we create the keys directory if it doesn't exist and we're - about to store the dynamic diffie hellman parameters. Fixes bug 5572; - bugfix on 0.2.3.13-alpha. - diff --git a/changes/bug5593 b/changes/bug5593 deleted file mode 100644 index 358e8de60..000000000 --- a/changes/bug5593 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes: - - When sending an HTTP/1.1 proxy request, include a Host header. - Fixes bug 5593; bugfix on 0.2.2.1-alpha. diff --git a/changes/bug5621 b/changes/bug5621 deleted file mode 100644 index 1ffc6042c..000000000 --- a/changes/bug5621 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor enhancement: - - Document unit of bandwidth related options in sample torrc. - Fixes bug 5621. diff --git a/changes/bug5635 b/changes/bug5635 deleted file mode 100644 index 9c2e72967..000000000 --- a/changes/bug5635 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (directory authorities): - - If authorities are unable to get a set of v2 consensus documents - from other directory authorities, they no longer fail-back and try - to fetch them from regular directory caches. This is a bugfix on - 0.2.2.26-beta, where routers stopped downloading v2 consensus - documents entirely. Fix for bug #5635. diff --git a/changes/bug5644 b/changes/bug5644 deleted file mode 100644 index 4eb2d016d..000000000 --- a/changes/bug5644 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Prevent a client-side assertion failure when receiving an - INTRODUCE2 cell by an exit relay, in a general purpose - circuit. Fixes bug 5644; bugfix on tor-0.2.1.6-alpha - diff --git a/changes/bug5647 b/changes/bug5647 deleted file mode 100644 index 92f41c855..000000000 --- a/changes/bug5647 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes: - - Avoid logging uninitialized data when unable to decode a hidden - service descriptor cookie. Fixes bug 5647; bugfix on 0.2.1.5-alpha. - diff --git a/changes/crypto_api b/changes/crypto_api deleted file mode 100644 index 608999f47..000000000 --- a/changes/crypto_api +++ /dev/null @@ -1,3 +0,0 @@ - o Code refactoring: - - Change the symmetric cipher interface so that creating and - initializing a stream cipher are no longer separate functions. diff --git a/changes/geoip-april2012 b/changes/geoip-april2012 deleted file mode 100644 index 66720c6d6..000000000 --- a/changes/geoip-april2012 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the April 3 2012 Maxmind GeoLite Country database. - diff --git a/changes/ides-becomes-turtles b/changes/ides-becomes-turtles deleted file mode 100644 index 645122184..000000000 --- a/changes/ides-becomes-turtles +++ /dev/null @@ -1,4 +0,0 @@ - o Directory authority changes: - - Change IP address for ides (v3 directory authority), and rename - it to turtles. - diff --git a/changes/memleak_safecookie b/changes/memleak_safecookie deleted file mode 100644 index 9773af557..000000000 --- a/changes/memleak_safecookie +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Fix a small memory leak when trying to decode incorrect base16 - authenticator during SAFECOOKIE authentication. Found by - Coverity Scan. Fixes CID 507. Bugfix on 0.2.3.13-alpha. diff --git a/changes/openssl101_aes b/changes/openssl101_aes deleted file mode 100644 index 565a48d41..000000000 --- a/changes/openssl101_aes +++ /dev/null @@ -1,6 +0,0 @@ - o Major features (performance): - - When built to use the newly OpenSSL 1.0.1, and built for an x86 or - x86_64 instruction set, take advantage of OpenSSL's AESNI, bitsliced, - or vectorized AES implementations as appropriate. These can be - much, much faster than other AES implementations. - diff --git a/changes/pad_rsa_always b/changes/pad_rsa_always deleted file mode 100644 index a049d61c4..000000000 --- a/changes/pad_rsa_always +++ /dev/null @@ -1,3 +0,0 @@ - o Code removal: - - Remove all internal support for unpadded RSA. We never used it, and - it would be a bad idea to start. diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index 1c7367a3f..5481838cc 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -4793,25 +4793,25 @@ int validate_pluggable_transports_config(void) { /* Don't validate if managed proxies are not yet fully configured. */ - if (bridge_list && !pt_proxies_configuration_pending()) { - SMARTLIST_FOREACH_BEGIN(bridge_list, bridge_info_t *, b) { - /* Skip bridges without transports. */ - if (!b->transport_name) - continue; - /* See if the user has Bridges that specify nonexistent - pluggable transports. We should warn the user in such case, - since it's probably misconfiguration. */ - if (!transport_get_by_name(b->transport_name)) - log_warn(LD_CONFIG, "You have a Bridge line using the %s " - "pluggable transport, but there doesn't seem to be a " - "corresponding ClientTransportPlugin line.", - b->transport_name); - } SMARTLIST_FOREACH_END(b); - - return 0; - } else { + if (!bridge_list || pt_proxies_configuration_pending()) return -1; - } + + SMARTLIST_FOREACH_BEGIN(bridge_list, const bridge_info_t *, b) { + /* Skip bridges without transports. */ + if (!b->transport_name) + continue; + /* See if the user has Bridges that specify nonexistent + pluggable transports. We should warn the user in such case, + since it's probably misconfiguration. */ + if (!transport_get_by_name(b->transport_name)) + log_warn(LD_CONFIG, "We can't find a pluggable transport proxy " + "that supports '%s' for bridge '%s:%u'. This can happen " + "if you haven't provided a ClientTransportPlugin line, or " + "if your pluggable transport proxy stopped working.", + b->transport_name, fmt_addr(&b->addr), b->port); + } SMARTLIST_FOREACH_END(b); + + return 0; } /** Return a bridge pointer if <b>ri</b> is one of our known bridges |