|
@@ -55,18 +55,6 @@ Changes in version 0.2.5.4-alpha - 2014-04-25
|
|
|
advertising the ECDH (not to be confused with ECDHE) ciphersuites.
|
|
|
Resolves ticket 11438.
|
|
|
|
|
|
- o Major bugfixes (undefined behavior):
|
|
|
- - Fix various instances of undefined behavior in channeltls.c,
|
|
|
- tor_memmem(), and eventdns.c, that would cause us to construct
|
|
|
- pointers to memory outside an allocated object. (These invalid
|
|
|
- pointers were not accessed, but C does not even allow them to
|
|
|
- exist.) Fixes bug #10363; bugfixes on 0.2.0.10-alpha,
|
|
|
- 0.2.3.6-alpha, 0.1.1.1-alpha, and 0.1.2.1-alpha. Reported by
|
|
|
- "bobnomnom".
|
|
|
- - Use the AddressSanitizer and Ubsan sanitizers (in clang-3.4) to
|
|
|
- fix some miscellaneous errors in our tests and codebase. Fix for
|
|
|
- bug 11232. Bugfixes on versions back as far as 0.2.1.11-alpha.
|
|
|
-
|
|
|
o Minor features (Transparent proxy, *BSD):
|
|
|
- Support FreeBSD's ipfw firewall interface for TransPort ports. on
|
|
|
FreeBSD. To enable it, set "TransProxyType ipfw". Resolves ticket
|
|
@@ -84,10 +72,6 @@ Changes in version 0.2.5.4-alpha - 2014-04-25
|
|
|
memory. Right now, this includes AddressSanitizer and UbSan, which
|
|
|
are supported in newer versions of GCC and Clang. Closes ticket
|
|
|
11477.
|
|
|
- - If you don't specify MaxMemInQueues yourself, Tor now tries to
|
|
|
- pick a good value based on your total system memory. Previously,
|
|
|
- the default was always 8 GB. You can still override the default by
|
|
|
- setting MaxMemInQueues yourself. Resolves ticket 11396.
|
|
|
|
|
|
o Minor features (log verbosity):
|
|
|
- Demote the message that we give when a flushing connection times
|
|
@@ -99,6 +83,10 @@ Changes in version 0.2.5.4-alpha - 2014-04-25
|
|
|
at every 5% of progress. Fixes bug 9963.
|
|
|
|
|
|
o Minor features (relay):
|
|
|
+ - If you don't specify MaxMemInQueues yourself, Tor now tries to
|
|
|
+ pick a good value based on your total system memory. Previously,
|
|
|
+ the default was always 8 GB. You can still override the default by
|
|
|
+ setting MaxMemInQueues yourself. Resolves ticket 11396.
|
|
|
- If a circuit timed out for at least 3 minutes, check if we have a
|
|
|
new external IP address, and publish a new descriptor with the new
|
|
|
IP address if it changed. Resolves ticket 2454.
|
|
@@ -116,20 +104,6 @@ Changes in version 0.2.5.4-alpha - 2014-04-25
|
|
|
usage may no longer match the configured MaxMemInQueues value. The
|
|
|
real limit is now exposed via GETINFO limits/max-mem-in-queues.
|
|
|
|
|
|
- o Minor features (misc):
|
|
|
- - Always check return values for unlink, munmap, UnmapViewOfFile;
|
|
|
- check strftime return values more often. In some cases all we can
|
|
|
- do is report a warning, but this may help prevent deeper bugs from
|
|
|
- going unnoticed. Closes ticket 8787.
|
|
|
- - Fix numerous warnings from the clang "scan-build" static analyzer.
|
|
|
- Some of these are programming style issues; some of them are false
|
|
|
- positives that indicated awkward code; some are undefined behavior
|
|
|
- cases related to constructing (but not using) invalid pointers;
|
|
|
- some are assumptions about API behavior; some are using
|
|
|
- sizeof(ptr) when sizeof(*ptr) would be correct; and one or two are
|
|
|
- genuine bugs that weren't reachable from the rest of the program.
|
|
|
- Fixes bug 8793; bugfixes on many, many tor versions.
|
|
|
-
|
|
|
o Minor features (bridge client):
|
|
|
- Report a more useful failure message when we can't connect to a
|
|
|
bridge because we don't have the right pluggable transport
|
|
@@ -142,13 +116,36 @@ Changes in version 0.2.5.4-alpha - 2014-04-25
|
|
|
might be cleaning a microdescriptor for being too old if it's
|
|
|
still referenced by a live node_t object.
|
|
|
|
|
|
- o Minor bugfixes (logging):
|
|
|
+ o Minor bugfixes (client, DNSPort):
|
|
|
+ - When using DNSPort, try to respond to AAAA requests with AAAA
|
|
|
+ answers. Previously, we hadn't looked at the request type when
|
|
|
+ deciding which answer type to prefer. Fixes bug 10468; bugfix on
|
|
|
+ 0.2.4.7-alpha.
|
|
|
+ - When receiving a DNS query for an unsupported record type, reply
|
|
|
+ with no answer rather than with a NOTIMPL error. This behavior
|
|
|
+ isn't correct either, but it will break fewer client programs, we
|
|
|
+ hope. Fixes bug 10268; bugfix on 0.2.0.1-alpha. Original patch
|
|
|
+ from "epoch".
|
|
|
+
|
|
|
+ o Minor bugfixes (exit):
|
|
|
+ - Stop leaking memory when we successfully resolve a PTR record.
|
|
|
+ Fixes bug 11437; bugfix on 0.2.4.7-alpha.
|
|
|
+
|
|
|
+ o Minor bugfixes (bridge client):
|
|
|
+ - Stop accepting bridge lines containing hostnames. Doing so would
|
|
|
+ cause clients to perform DNS requests on the hostnames, which was
|
|
|
+ not sensible behavior. Fixes bug 10801; bugfix on 0.2.0.1-alpha.
|
|
|
+ - Avoid a 60-second delay in the bootstrapping process when a Tor
|
|
|
+ client with pluggable transports re-reads its configuration at
|
|
|
+ just the wrong time. Re-fixes bug 11156; bugfix on 0.2.5.3-alpha.
|
|
|
+ - Avoid 60-second delays in the bootstrapping process when Tor is
|
|
|
+ launching for a second time while using bridges. Fixes bug 9229;
|
|
|
+ bugfix on 0.2.0.3-alpha.
|
|
|
+
|
|
|
+ o Minor bugfixes (client, logging during bootstrap):
|
|
|
- Warn only once we start logging in an unsafe way. Previously, we
|
|
|
complain as many times we had problems. Fix for #9870; bugfix on
|
|
|
0.2.5.1-alpha.
|
|
|
- - Using the Linux seccomp2 sandbox no longer prevents stack-trace
|
|
|
- logging on crashes or errors. Fixes part 11465; bugfix on
|
|
|
- 0.2.5.1-alpha.
|
|
|
- Only report the first fatal bootstrap error on a given OR
|
|
|
connection. This stops us from telling the controller bogus error
|
|
|
messages like "DONE". Fixes bug 10431; bugfix on 0.2.1.1-alpha.
|
|
@@ -184,12 +181,6 @@ Changes in version 0.2.5.4-alpha - 2014-04-25
|
|
|
side managed proxy with ORPort or ExtORPort temporarily disabled.
|
|
|
Fixes bug 9650; bugfix on 0.2.3.16-alpha.
|
|
|
|
|
|
- o Minor bugfixes (misc):
|
|
|
- - Don't re-initialize a second set of OpenSSL mutexes when starting
|
|
|
- up. Previously, we'd make one set of mutexes, and then immediately
|
|
|
- replace them with another. Fixes bug 11726; bugfix on
|
|
|
- 0.2.5.3-alpha.
|
|
|
-
|
|
|
o Minor bugfixes (platform-specific):
|
|
|
- Fix compilation on Solaris, which does not have <endian.h>. Fixes
|
|
|
bug 11426; bugfix on 0.2.5.3-alpha.
|
|
@@ -205,6 +196,10 @@ Changes in version 0.2.5.4-alpha - 2014-04-25
|
|
|
11275; bugfix on 0.2.4.13-alpha.
|
|
|
- Free placeholder entries in our circuit table at exit; fixes a
|
|
|
harmless memory leak. Fixes bug 11278; bugfix on 0.2.5.1-alpha.
|
|
|
+ - Don't re-initialize a second set of OpenSSL mutexes when starting
|
|
|
+ up. Previously, we'd make one set of mutexes, and then immediately
|
|
|
+ replace them with another. Fixes bug 11726; bugfix on
|
|
|
+ 0.2.5.3-alpha.
|
|
|
- Resolve some memory leaks found by coverity in the unit tests, on
|
|
|
exit in tor-gencert, and on a failure to compute digests for our
|
|
|
own keys when generating a v3 networkstatus vote. These leaks
|
|
@@ -214,33 +209,30 @@ Changes in version 0.2.5.4-alpha - 2014-04-25
|
|
|
- Only retry attempts to connect to a chosen rendezvous point 8
|
|
|
times, not 30. Fixes bug #4241; bugfix on 0.1.0.1-rc.
|
|
|
|
|
|
- o Minor bugfixes (bridge client):
|
|
|
- - Stop accepting bridge lines containing hostnames. Doing so would
|
|
|
- cause clients to perform DNS requests on the hostnames, which was
|
|
|
- not sensible behavior. Fixes bug 10801; bugfix on 0.2.0.1-alpha.
|
|
|
- - Avoid a 60-second delay in the bootstrapping process when a Tor
|
|
|
- client with pluggable transports re-reads its configuration at
|
|
|
- just the wrong time. Re-fixes bug 11156; bugfix on 0.2.5.3-alpha.
|
|
|
- - Avoid 60-second delays in the bootstrapping process when Tor is
|
|
|
- launching for a second time while using bridges. Fixes bug 9229;
|
|
|
- bugfix on 0.2.0.3-alpha.
|
|
|
-
|
|
|
- o Minor bugfixes (DNS):
|
|
|
- - When receiving a DNS query for an unsupported record type, reply
|
|
|
- with no answer rather than with a NOTIMPL error. This behavior
|
|
|
- isn't correct either, but it will break fewer client programs, we
|
|
|
- hope. Fixes bug 10268; bugfix on 0.2.0.1-alpha. Original patch
|
|
|
- from "epoch".
|
|
|
-
|
|
|
- o Minor bugfixes (exit):
|
|
|
- - Stop leaking memory when we successfully resolve a PTR record.
|
|
|
- Fixes bug 11437; bugfix on 0.2.4.7-alpha.
|
|
|
-
|
|
|
- o Minor bugfixes (IPv6):
|
|
|
- - When using DNSPort, try to respond to AAAA requests with AAAA
|
|
|
- answers. Previously, we hadn't looked at the request type when
|
|
|
- deciding which answer type to prefer. Fixes bug 10468; bugfix on
|
|
|
- 0.2.4.7-alpha.
|
|
|
+ o Minor bugfixes (misc correctness):
|
|
|
+ - Fix various instances of undefined behavior in channeltls.c,
|
|
|
+ tor_memmem(), and eventdns.c, that would cause us to construct
|
|
|
+ pointers to memory outside an allocated object. (These invalid
|
|
|
+ pointers were not accessed, but C does not even allow them to
|
|
|
+ exist.) Fixes bug #10363; bugfixes on 0.2.0.10-alpha,
|
|
|
+ 0.2.3.6-alpha, 0.1.1.1-alpha, and 0.1.2.1-alpha. Reported by
|
|
|
+ "bobnomnom".
|
|
|
+ - Use the AddressSanitizer and Ubsan sanitizers (in clang-3.4) to
|
|
|
+ fix some miscellaneous errors in our tests and codebase. Fix for
|
|
|
+ bug 11232. Bugfixes on versions back as far as 0.2.1.11-alpha.
|
|
|
+ - Always check return values for unlink, munmap, UnmapViewOfFile;
|
|
|
+ check strftime return values more often. In some cases all we can
|
|
|
+ do is report a warning, but this may help prevent deeper bugs from
|
|
|
+ going unnoticed. Closes ticket 8787; bugfixes on many, many tor
|
|
|
+ versions.
|
|
|
+ - Fix numerous warnings from the clang "scan-build" static analyzer.
|
|
|
+ Some of these are programming style issues; some of them are false
|
|
|
+ positives that indicated awkward code; some are undefined behavior
|
|
|
+ cases related to constructing (but not using) invalid pointers;
|
|
|
+ some are assumptions about API behavior; some are using
|
|
|
+ sizeof(ptr) when sizeof(*ptr) would be correct; and one or two are
|
|
|
+ genuine bugs that weren't reachable from the rest of the program.
|
|
|
+ Fixes bug 8793; bugfixes on many, many tor versions.
|
|
|
|
|
|
o Documentation:
|
|
|
- Build the torify.1 manpage again. Previously, we were only trying
|