|
@@ -1,31 +1,30 @@
|
|
Changes in version 0.2.6.3-alpha - 2015-02-??
|
|
Changes in version 0.2.6.3-alpha - 2015-02-??
|
|
-
|
|
|
|
blah blah blah
|
|
blah blah blah
|
|
|
|
|
|
|
|
+ o Major features (security):
|
|
|
|
+ - Implementation of an AF_UNIX socket option to implement a SOCKS
|
|
|
|
+ proxy reachable by Unix Domain Socket. This allows client
|
|
|
|
+ applications to communicate with Tor without having the ability to
|
|
|
|
+ create AF_INET or AF_INET6 family sockets. If an application has
|
|
|
|
+ permission to create a socket with AF_UNIX, it may directly
|
|
|
|
+ communicate with Tor as if it were an other SOCKS proxy. This
|
|
|
|
+ should allow high risk applications to be entirely prevented from
|
|
|
|
+ connecting directly with TCP/IP, they will be able to only connect
|
|
|
|
+ to the internet through AF_UNIX and only through Tor. To create a
|
|
|
|
+ socket of this type, use the syntax "unix:/path/to/socket". Closes
|
|
|
|
+ ticket 12585.
|
|
|
|
+
|
|
o Major features (changed defaults):
|
|
o Major features (changed defaults):
|
|
- - Prevent relay operators from unintentionally running exits: When
|
|
|
|
- a relay is configured as an exit node, we now warn the user
|
|
|
|
- unless the 'ExitRelay' option is set to 1. We warn even more
|
|
|
|
- loudly if the relay is configured with the default exit policy,
|
|
|
|
- since this tends to indicate accidental misconfiguration.
|
|
|
|
- Setting 'ExitRelay' to 0 stops Tor from running as an exit relay.
|
|
|
|
- Closes ticket 10067.
|
|
|
|
-
|
|
|
|
- o Major features (security)
|
|
|
|
- - Implementation of an AF_UNIX socket option to implement a SOCKS
|
|
|
|
- proxy reachable by Unix Domain Socket. This allows client applications to
|
|
|
|
- communicate with Tor without having the ability to create AF_INET or
|
|
|
|
- AF_INET6 family sockets. If an application has permission to create a socket
|
|
|
|
- with AF_UNIX, it may directly communicate with Tor as if it were an other
|
|
|
|
- SOCKS proxy. This should allow high risk applications to be entirely prevented
|
|
|
|
- from connecting directly with TCP/IP, they will be able to only connect to the
|
|
|
|
- internet through AF_UNIX and only through Tor.
|
|
|
|
- To create a socket of this type, use the syntax "unix:/path/to/socket".
|
|
|
|
- Closes ticket 12585.
|
|
|
|
|
|
+ - Prevent relay operators from unintentionally running exits: When a
|
|
|
|
+ relay is configured as an exit node, we now warn the user unless
|
|
|
|
+ the 'ExitRelay' option is set to 1. We warn even more loudly if
|
|
|
|
+ the relay is configured with the default exit policy, since this
|
|
|
|
+ tends to indicate accidental misconfiguration. Setting 'ExitRelay'
|
|
|
|
+ to 0 stops Tor from running as an exit relay. Closes ticket 10067.
|
|
|
|
|
|
o Major features (hidden services):
|
|
o Major features (hidden services):
|
|
- Support mapping hidden service virtual ports to AF_UNIX sockets on
|
|
- Support mapping hidden service virtual ports to AF_UNIX sockets on
|
|
- suitable platforms. Resolves ticket #11485.
|
|
|
|
|
|
+ suitable platforms. Resolves ticket #11485.
|
|
|
|
|
|
o Major features (performance):
|
|
o Major features (performance):
|
|
- Refactor the CPU worker implementation for better performance by
|
|
- Refactor the CPU worker implementation for better performance by
|
|
@@ -37,35 +36,31 @@ Changes in version 0.2.6.3-alpha - 2015-02-??
|
|
memory, avoiding kernel IO where possible, and keeping more
|
|
memory, avoiding kernel IO where possible, and keeping more
|
|
request in flight at once. Resolves issue #9682.
|
|
request in flight at once. Resolves issue #9682.
|
|
|
|
|
|
- o Removed features:
|
|
|
|
- - To avoid confusion with the 'ExitRelay' option, 'ExitNode' is no
|
|
|
|
- longer silently accepted as an alias for 'ExitNodes'.
|
|
|
|
-
|
|
|
|
o Major bugfixes (client):
|
|
o Major bugfixes (client):
|
|
- - Allow MapAddress and AutomapHostsOnResolve to work together when an
|
|
|
|
- address is mapped into another address type that must be
|
|
|
|
- automapped at resolve time. Fixes bug 7555; bugfix on
|
|
|
|
- 0.2.0.1-alpha.
|
|
|
|
|
|
+ - Allow MapAddress and AutomapHostsOnResolve to work together when
|
|
|
|
+ an address is mapped into another address type that must be
|
|
|
|
+ automapped at resolve time. Fixes bug 7555; bugfix
|
|
|
|
+ on 0.2.0.1-alpha.
|
|
|
|
|
|
o Major bugfixes (exit node stability):
|
|
o Major bugfixes (exit node stability):
|
|
- - Fix an assertion failure that could occur under high DNS load. Fixes
|
|
|
|
- bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr"; diagnosed and fixed
|
|
|
|
- by "cypherpunks".
|
|
|
|
|
|
+ - Fix an assertion failure that could occur under high DNS load.
|
|
|
|
+ Fixes bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr";
|
|
|
|
+ diagnosed and fixed by "cypherpunks".
|
|
|
|
|
|
o Major bugfixes (mixed relay-client operation):
|
|
o Major bugfixes (mixed relay-client operation):
|
|
- When running as a relay and a client at the same time (not
|
|
- When running as a relay and a client at the same time (not
|
|
- recommended), if we decide not to use a new guard because we
|
|
|
|
- want to retry older guards, only close the locally-originating
|
|
|
|
- circuits passing through that guard. Previously we would close
|
|
|
|
- all the circuits. Fixes bug 9819; bugfix on
|
|
|
|
- 0.2.1.1-alpha. Reported by "skruffy".
|
|
|
|
|
|
+ recommended), if we decide not to use a new guard because we want
|
|
|
|
+ to retry older guards, only close the locally-originating circuits
|
|
|
|
+ passing through that guard. Previously we would close all the
|
|
|
|
+ circuits. Fixes bug 9819; bugfix on 0.2.1.1-alpha. Reported
|
|
|
|
+ by "skruffy".
|
|
|
|
|
|
o Minor features (authorities, testing):
|
|
o Minor features (authorities, testing):
|
|
- Create TestingDirAuthVoteHSDir like TestingDirAuthVoteExit/Guard.
|
|
- Create TestingDirAuthVoteHSDir like TestingDirAuthVoteExit/Guard.
|
|
- Ensures that authorities vote the HSDir flag for the listed
|
|
|
|
- relays regardless of uptime or ORPort connectivity.
|
|
|
|
- Respects the value of VoteOnHidServDirectoriesV2.
|
|
|
|
- Partial implementation for ticket 14067. Patch by "teor".
|
|
|
|
|
|
+ Ensures that authorities vote the HSDir flag for the listed relays
|
|
|
|
+ regardless of uptime or ORPort connectivity. Respects the value of
|
|
|
|
+ VoteOnHidServDirectoriesV2. Partial implementation for ticket
|
|
|
|
+ 14067. Patch by "teor".
|
|
|
|
|
|
o Minor features (build):
|
|
o Minor features (build):
|
|
- New --disable-system-torrc compile-time option to prevent Tor from
|
|
- New --disable-system-torrc compile-time option to prevent Tor from
|
|
@@ -74,51 +69,54 @@ Changes in version 0.2.6.3-alpha - 2015-02-??
|
|
|
|
|
|
o Minor features (controller):
|
|
o Minor features (controller):
|
|
- Include SOCKS_USERNAME and SOCKS_PASSWORD values in controller
|
|
- Include SOCKS_USERNAME and SOCKS_PASSWORD values in controller
|
|
- events to let controllers observe circuit isolation inputs.
|
|
|
|
- Closes ticket 8405.
|
|
|
|
- - ControlPort now supports the unix:/path/to/dir syntax as an alternative
|
|
|
|
- to the ControlSocket option, for consistency with SocksPort and
|
|
|
|
- hidden services. Closes ticket 14451.
|
|
|
|
- - New "GETINFO bw-event-cache" to get information about recent bandwidth
|
|
|
|
- events. Closes ticket 14128. Useful for controllers to get recent
|
|
|
|
- bandwidth history after the fix for 13988.
|
|
|
|
|
|
+ events to let controllers observe circuit isolation inputs. Closes
|
|
|
|
+ ticket 8405.
|
|
|
|
+ - ControlPort now supports the unix:/path/to/dir syntax as an
|
|
|
|
+ alternative to the ControlSocket option, for consistency with
|
|
|
|
+ SocksPort and hidden services. Closes ticket 14451.
|
|
|
|
+ - New "GETINFO bw-event-cache" to get information about recent
|
|
|
|
+ bandwidth events. Closes ticket 14128. Useful for controllers to
|
|
|
|
+ get recent bandwidth history after the fix for 13988.
|
|
|
|
|
|
o Minor features (directory client):
|
|
o Minor features (directory client):
|
|
- - When downloading server- or microdescriptors from a directory server,
|
|
|
|
- we no longer launch multiple simultaneous requests to the same server.
|
|
|
|
- This reduces load on the directory servers, especially when directory
|
|
|
|
- guards are in use. Closes ticket 9969.
|
|
|
|
|
|
+ - When downloading server- or microdescriptors from a directory
|
|
|
|
+ server, we no longer launch multiple simultaneous requests to the
|
|
|
|
+ same server. This reduces load on the directory servers,
|
|
|
|
+ especially when directory guards are in use. Closes ticket 9969.
|
|
- When downloading server- or microdescriptors over a tunneled
|
|
- When downloading server- or microdescriptors over a tunneled
|
|
- connection, do not limit the length of our request to what the Squid
|
|
|
|
- proxy is willing to handle. Part of ticket 9969.
|
|
|
|
|
|
+ connection, do not limit the length of our request to what the
|
|
|
|
+ Squid proxy is willing to handle. Part of ticket 9969.
|
|
|
|
|
|
o Minor features (directory system):
|
|
o Minor features (directory system):
|
|
- - Authorities can now vote on the correct digests and latest versions for
|
|
|
|
- different software packages. This allows packages that include Tor to use
|
|
|
|
- the Tor authority system as a way to get notified of updates and their
|
|
|
|
- correct digests. Implements proposal 227. Closes ticket 10395.
|
|
|
|
|
|
+ - Authorities can now vote on the correct digests and latest
|
|
|
|
+ versions for different software packages. This allows packages
|
|
|
|
+ that include Tor to use the Tor authority system as a way to get
|
|
|
|
+ notified of updates and their correct digests. Implements proposal
|
|
|
|
+ 227. Closes ticket 10395.
|
|
|
|
|
|
o Minor features (directory, memory usage):
|
|
o Minor features (directory, memory usage):
|
|
- When we have recently been under memory pressure (over 3/4 of
|
|
- When we have recently been under memory pressure (over 3/4 of
|
|
- MaxMemInQueues is allocated), then allocate smaller zlib objects for
|
|
|
|
- small requests. Closes ticket 11791.
|
|
|
|
|
|
+ MaxMemInQueues is allocated), then allocate smaller zlib objects
|
|
|
|
+ for small requests. Closes ticket 11791.
|
|
|
|
|
|
o Minor features (DOS resistance):
|
|
o Minor features (DOS resistance):
|
|
- - Count the total number of bytes used storing hidden service descriptors
|
|
|
|
- against the value of MaxMemInQueues. If we're low on memory, and more
|
|
|
|
- than 20% of our memory is used holding hidden service descriptors, free
|
|
|
|
- them until no more than 10% of our memory holds hidden service
|
|
|
|
- descriptors. Free the least recently fetched descriptors first.
|
|
|
|
- Resolves ticket 13806.
|
|
|
|
|
|
+ - Count the total number of bytes used storing hidden service
|
|
|
|
+ descriptors against the value of MaxMemInQueues. If we're low on
|
|
|
|
+ memory, and more than 20% of our memory is used holding hidden
|
|
|
|
+ service descriptors, free them until no more than 10% of our
|
|
|
|
+ memory holds hidden service descriptors. Free the least recently
|
|
|
|
+ fetched descriptors first. Resolves ticket 13806.
|
|
|
|
|
|
o Minor features (geoip):
|
|
o Minor features (geoip):
|
|
- - Update geoip to the January 7 2015 Maxmind GeoLite2 Country database.
|
|
|
|
- - Update geoip6 to the January 7 2015 Maxmind GeoLite2 Country database.
|
|
|
|
|
|
+ - Update geoip to the January 7 2015 Maxmind GeoLite2
|
|
|
|
+ Country database.
|
|
|
|
+ - Update geoip6 to the January 7 2015 Maxmind GeoLite2
|
|
|
|
+ Country database.
|
|
|
|
|
|
o Minor features (Guard nodes):
|
|
o Minor features (Guard nodes):
|
|
- Reduce the time delay before saving guard status to disk from 10
|
|
- Reduce the time delay before saving guard status to disk from 10
|
|
minute to 30 seconds (or from one hour to 10 minutes if
|
|
minute to 30 seconds (or from one hour to 10 minutes if
|
|
- AvoidDiskWrites is set). Closes ticket 12485.
|
|
|
|
|
|
+ AvoidDiskWrites is set). Closes ticket 12485.
|
|
|
|
|
|
o Minor features (hidden service):
|
|
o Minor features (hidden service):
|
|
- Make hidden service Sybil attacks harder by changing the minimum
|
|
- Make hidden service Sybil attacks harder by changing the minimum
|
|
@@ -127,201 +125,201 @@ Changes in version 0.2.6.3-alpha - 2015-02-??
|
|
- New option "HiddenServiceAllowUnknownPorts" to allow hidden
|
|
- New option "HiddenServiceAllowUnknownPorts" to allow hidden
|
|
services to disable the anti-scanning feature introduced in
|
|
services to disable the anti-scanning feature introduced in
|
|
0.2.6.2-alpha. With this option not set, a connection to an
|
|
0.2.6.2-alpha. With this option not set, a connection to an
|
|
- unlisted port closes the circuit. With this option set, only a
|
|
|
|
- RELAY_DONE cell is sent. Closes ticket #14084.
|
|
|
|
|
|
+ unlisted port closes the circuit. With this option set, only a
|
|
|
|
+ RELAY_DONE cell is sent. Closes ticket #14084.
|
|
|
|
|
|
o Minor features (interface):
|
|
o Minor features (interface):
|
|
- - Implement '-f -' CLI suboption to allow torrc to be read
|
|
|
|
- from standard input, thus not requiring to store torrc in file
|
|
|
|
- system. Implements feature 13865.
|
|
|
|
|
|
+ - Implement '-f -' CLI suboption to allow torrc to be read from
|
|
|
|
+ standard input, thus not requiring to store torrc in file system.
|
|
|
|
+ Implements feature 13865.
|
|
|
|
|
|
o Minor features (logging):
|
|
o Minor features (logging):
|
|
- - Add a count of unique clients to the bridge heartbeat message. Resolves
|
|
|
|
- ticket 6852.
|
|
|
|
|
|
+ - Add a count of unique clients to the bridge heartbeat message.
|
|
|
|
+ Resolves ticket 6852.
|
|
- Suppress "router info incompatible with extra info" message when
|
|
- Suppress "router info incompatible with extra info" message when
|
|
reading extrainfo documents from cache. (This message got loud
|
|
reading extrainfo documents from cache. (This message got loud
|
|
- around when we closed bug 9812 in 0.2.6.2-alpha.) Closes ticket
|
|
|
|
- 13762.
|
|
|
|
|
|
+ around when we closed bug 9812 in 0.2.6.2-alpha.) Closes
|
|
|
|
+ ticket 13762.
|
|
- Elevate authorized-client message from DEBUG to INFO. Closes
|
|
- Elevate authorized-client message from DEBUG to INFO. Closes
|
|
ticket 14015.
|
|
ticket 14015.
|
|
|
|
|
|
- o Minor features (systemd):
|
|
|
|
- - Various improvements and modernizations in systemd hardening support.
|
|
|
|
- Closes ticket 13805. Patch from Craig Andrews.
|
|
|
|
-
|
|
|
|
o Minor features (stability):
|
|
o Minor features (stability):
|
|
- Prevent bugs from causing infinite loops in our hash-table
|
|
- Prevent bugs from causing infinite loops in our hash-table
|
|
iteration code by adding assertions that cached hash values have
|
|
iteration code by adding assertions that cached hash values have
|
|
not been corrupted. Closes ticket 11737.
|
|
not been corrupted. Closes ticket 11737.
|
|
|
|
|
|
|
|
+ o Minor features (systemd):
|
|
|
|
+ - Various improvements and modernizations in systemd hardening
|
|
|
|
+ support. Closes ticket 13805. Patch from Craig Andrews.
|
|
|
|
+
|
|
o Minor features (testing networks):
|
|
o Minor features (testing networks):
|
|
- Drop the minimum RendPostPeriod on a testing network to 5 seconds,
|
|
- Drop the minimum RendPostPeriod on a testing network to 5 seconds,
|
|
- and the default to 2 minutes. Closes ticket 13401. Patch by "nickm".
|
|
|
|
- - Drop the MIN_REND_INITIAL_POST_DELAY on a testing network to 5 seconds,
|
|
|
|
- but keep the default at 30 seconds. This reduces HS bootstrap time to
|
|
|
|
- around 25 seconds. Change src/test/test-network.sh default time to match.
|
|
|
|
- Closes ticket 13401. Patch by "teor".
|
|
|
|
|
|
+ and the default to 2 minutes. Closes ticket 13401. Patch
|
|
|
|
+ by "nickm".
|
|
|
|
+ - Drop the MIN_REND_INITIAL_POST_DELAY on a testing network to 5
|
|
|
|
+ seconds, but keep the default at 30 seconds. This reduces HS
|
|
|
|
+ bootstrap time to around 25 seconds. Change src/test/test-
|
|
|
|
+ network.sh default time to match. Closes ticket 13401. Patch
|
|
|
|
+ by "teor".
|
|
|
|
|
|
o Minor bugfixes (automapping):
|
|
o Minor bugfixes (automapping):
|
|
- - Prevent changes to other options from removing the wildcard value "."
|
|
|
|
- from "AutomapHostsSuffixes".
|
|
|
|
- Fixes bug 12509; bugfix on 0.2.0.1-alpha.
|
|
|
|
|
|
+ - Prevent changes to other options from removing the wildcard value
|
|
|
|
+ "." from "AutomapHostsSuffixes". Fixes bug 12509; bugfix
|
|
|
|
+ on 0.2.0.1-alpha.
|
|
|
|
|
|
o Minor bugfixes (build):
|
|
o Minor bugfixes (build):
|
|
- - Avoid warnings when building with systemd 209 or later.
|
|
|
|
- Fixes bug 14072; bugfix on 0.2.6.2-alpha. Patch from "h.venev".
|
|
|
|
|
|
+ - Avoid warnings when building with systemd 209 or later. Fixes bug
|
|
|
|
+ 14072; bugfix on 0.2.6.2-alpha. Patch from "h.venev".
|
|
|
|
|
|
o Minor bugfixes (client DNS):
|
|
o Minor bugfixes (client DNS):
|
|
- Report the correct cached DNS expiration times. Previously, we
|
|
- Report the correct cached DNS expiration times. Previously, we
|
|
- would report everything as "never expires." Fixes bug 14193;
|
|
|
|
|
|
+ would report everything as "never expires." Fixes bug 14193;
|
|
bugfix on 0.2.3.17-beta.
|
|
bugfix on 0.2.3.17-beta.
|
|
- - Avoid a small memory leak when we find a cached answer for a reverse
|
|
|
|
- DNS lookup in a client-side DNS cache. (Remember, client-side DNS
|
|
|
|
- caching is off by default, and is not recommended.) Fixes bug 14259;
|
|
|
|
- bugfix on 0.2.0.1-alpha.
|
|
|
|
|
|
+ - Avoid a small memory leak when we find a cached answer for a
|
|
|
|
+ reverse DNS lookup in a client-side DNS cache. (Remember, client-
|
|
|
|
+ side DNS caching is off by default, and is not recommended.) Fixes
|
|
|
|
+ bug 14259; bugfix on 0.2.0.1-alpha.
|
|
|
|
|
|
o Minor bugfixes (client, automapping):
|
|
o Minor bugfixes (client, automapping):
|
|
- Check for a missing option value in parse_virtual_addr_network
|
|
- Check for a missing option value in parse_virtual_addr_network
|
|
- before asserting on the NULL in tor_addr_parse_mask_ports.
|
|
|
|
- This avoids crashing on torrc lines like
|
|
|
|
- Vi[rtualAddrNetworkIPv[4|6]] when no value follows the option.
|
|
|
|
- Fixes bug 14142; bugfix on 0.2.4.7-alpha.
|
|
|
|
- Patch by "teor".
|
|
|
|
- - Fix a memory leak when using AutomapHostsOnResolve.
|
|
|
|
- Fixes bug 14195; bugfix on 0.1.0.1-rc.
|
|
|
|
|
|
+ before asserting on the NULL in tor_addr_parse_mask_ports. This
|
|
|
|
+ avoids crashing on torrc lines like Vi[rtualAddrNetworkIPv[4|6]]
|
|
|
|
+ when no value follows the option. Fixes bug 14142; bugfix on
|
|
|
|
+ 0.2.4.7-alpha. Patch by "teor".
|
|
|
|
+ - Fix a memory leak when using AutomapHostsOnResolve. Fixes bug
|
|
|
|
+ 14195; bugfix on 0.1.0.1-rc.
|
|
|
|
+
|
|
|
|
+ o Minor bugfixes (client, bridges):
|
|
|
|
+ - When we are using bridges and we had a network connectivity
|
|
|
|
+ problem, only retry connecting to our currently configured
|
|
|
|
+ bridges, not all bridges we know about and remember using. Fixes
|
|
|
|
+ bug 14216; bugfix on tor-0.2.2.17-alpha. Patch from arma.
|
|
|
|
|
|
o Minor bugfixes (client, IPV6):
|
|
o Minor bugfixes (client, IPV6):
|
|
- Reject socks requests to literal IPv6 addresses when IPv6Traffic
|
|
- Reject socks requests to literal IPv6 addresses when IPv6Traffic
|
|
flag is not set; and not because the NoIPv4Traffic flag was set.
|
|
flag is not set; and not because the NoIPv4Traffic flag was set.
|
|
- Previously we'd looked at the NoIPv4Traffic flag for both types
|
|
|
|
- of literal addresses. Fixes bug 14280; bugfix on 0.2.4.7-alpha.
|
|
|
|
-
|
|
|
|
- o Minor bugfixes (client, bridges):
|
|
|
|
- - When we are using bridges and we had a network connectivity problem, only
|
|
|
|
- retry connecting to our currently configured bridges, not all bridges we
|
|
|
|
- know about and remember using.
|
|
|
|
- Fixes bug 14216; bugfix on tor-0.2.2.17-alpha. Patch from arma.
|
|
|
|
|
|
+ Previously we'd looked at the NoIPv4Traffic flag for both types of
|
|
|
|
+ literal addresses. Fixes bug 14280; bugfix on 0.2.4.7-alpha.
|
|
|
|
|
|
o Minor bugfixes (compilation):
|
|
o Minor bugfixes (compilation):
|
|
- - Build without warnings with the stock OpenSSL srtp.h header,
|
|
|
|
- which has a duplicate declaration of SSL_get_selected_srtp_profile().
|
|
|
|
|
|
+ - Build without warnings with the stock OpenSSL srtp.h header, which
|
|
|
|
+ has a duplicate declaration of SSL_get_selected_srtp_profile().
|
|
Fixes bug 14220; this is OpenSSL's bug, not ours.
|
|
Fixes bug 14220; this is OpenSSL's bug, not ours.
|
|
- - The address of an array in the middle of a structure will
|
|
|
|
- always be non-NULL. clang recognises this and complains.
|
|
|
|
- Disable the tautologous and redundant check to silence
|
|
|
|
- this warning.
|
|
|
|
- Fixes bug 14001; bugfix on 0.2.1.2-alpha.
|
|
|
|
|
|
+ - The address of an array in the middle of a structure will always
|
|
|
|
+ be non-NULL. clang recognises this and complains. Disable the
|
|
|
|
+ tautologous and redundant check to silence this warning. Fixes bug
|
|
|
|
+ 14001; bugfix on 0.2.1.2-alpha.
|
|
- Compile correctly with (unreleased) OpenSSL 1.1.0 headers.
|
|
- Compile correctly with (unreleased) OpenSSL 1.1.0 headers.
|
|
Addresses ticket 14188.
|
|
Addresses ticket 14188.
|
|
|
|
|
|
o Minor bugfixes (controller):
|
|
o Minor bugfixes (controller):
|
|
- Add a code for the END_CIRC_REASON_IP_NOW_REDUNDANT circuit close
|
|
- Add a code for the END_CIRC_REASON_IP_NOW_REDUNDANT circuit close
|
|
- reason. Fixes bug 14207; bugfix on 0.2.6.2-alpha.
|
|
|
|
- - Avoid crashing on a malformed EXTENDCIRCUIT command. Fixes bug 14116;
|
|
|
|
- bugfix on 0.2.2.9-alpha.
|
|
|
|
|
|
+ reason. Fixes bug 14207; bugfix on 0.2.6.2-alpha.
|
|
|
|
+ - Avoid crashing on a malformed EXTENDCIRCUIT command. Fixes bug
|
|
|
|
+ 14116; bugfix on 0.2.2.9-alpha.
|
|
|
|
|
|
o Minor bugfixes (directory authority):
|
|
o Minor bugfixes (directory authority):
|
|
- - Allow directory authorities to fetch more data from one
|
|
|
|
- another if they find themselves missing lots of votes.
|
|
|
|
- Previously, they had been bumping against the 10 MB queued
|
|
|
|
- data limit. Fixes bug 14261; bugfix on 0.1.2.5-alpha.
|
|
|
|
|
|
+ - Allow directory authorities to fetch more data from one another if
|
|
|
|
+ they find themselves missing lots of votes. Previously, they had
|
|
|
|
+ been bumping against the 10 MB queued data limit. Fixes bug 14261;
|
|
|
|
+ bugfix on 0.1.2.5-alpha.
|
|
- Enlarge the buffer to read bw-auth generated files to avoid an
|
|
- Enlarge the buffer to read bw-auth generated files to avoid an
|
|
issue when parsing the file in dirserv_read_measured_bandwidths().
|
|
issue when parsing the file in dirserv_read_measured_bandwidths().
|
|
Fixes bug 14125; bugfix on 0.2.2.1-alpha.
|
|
Fixes bug 14125; bugfix on 0.2.2.1-alpha.
|
|
|
|
|
|
o Minor bugfixes (file handling):
|
|
o Minor bugfixes (file handling):
|
|
- Stop failing when key files are zero-length. Instead, generate new
|
|
- Stop failing when key files are zero-length. Instead, generate new
|
|
- keys, and overwrite the empty key files.
|
|
|
|
- Fixes bug 13111; bugfix on all versions of Tor. Patch by "teor".
|
|
|
|
|
|
+ keys, and overwrite the empty key files. Fixes bug 13111; bugfix
|
|
|
|
+ on all versions of Tor. Patch by "teor".
|
|
- Stop generating a fresh .old RSA key file when the .old file is
|
|
- Stop generating a fresh .old RSA key file when the .old file is
|
|
missing. Fixes part of 13111; bugfix on 0.0.6rc1.
|
|
missing. Fixes part of 13111; bugfix on 0.0.6rc1.
|
|
- Avoid overwriting .old key files with empty key files.
|
|
- Avoid overwriting .old key files with empty key files.
|
|
- - Skip loading zero-length extra info store, router store, stats, state,
|
|
|
|
- and key files.
|
|
|
|
- - Avoid crashing when trying to reload a torrc specified as a relative
|
|
|
|
- path with RunAsDaemon turned on. Fixes bug 13397; bugfix on
|
|
|
|
- 0.2.3.11-alpha.
|
|
|
|
|
|
+ - Skip loading zero-length extra info store, router store, stats,
|
|
|
|
+ state, and key files.
|
|
|
|
+ - Avoid crashing when trying to reload a torrc specified as a
|
|
|
|
+ relative path with RunAsDaemon turned on. Fixes bug 13397; bugfix
|
|
|
|
+ on 0.2.3.11-alpha.
|
|
|
|
|
|
o Minor bugfixes (hidden services):
|
|
o Minor bugfixes (hidden services):
|
|
- Close the intro circuit once we don't have any more usable intro
|
|
- Close the intro circuit once we don't have any more usable intro
|
|
- points instead of making it timeout at some point. This also make sure
|
|
|
|
- no extra HS descriptor fetch is triggered.
|
|
|
|
- Fixes bug 14224; bugfix on 0.0.6.
|
|
|
|
- - When fetching a hidden service descriptor for a down service that we
|
|
|
|
- recently up, do not keep refetching until we try the same replica twice
|
|
|
|
- in a row. Fixes bug 14219; bugfix on 0.2.0.10-alpha.
|
|
|
|
- - Successfully launch Tor with a nonexistent hidden service directory.
|
|
|
|
- Our fix for bug 13942 didn't catch this case. Fixes bug 14106;
|
|
|
|
- bugfix on 0.2.6.2-alpha.
|
|
|
|
|
|
+ points instead of making it timeout at some point. This also make
|
|
|
|
+ sure no extra HS descriptor fetch is triggered. Fixes bug 14224;
|
|
|
|
+ bugfix on 0.0.6.
|
|
|
|
+ - When fetching a hidden service descriptor for a down service that
|
|
|
|
+ we recently up, do not keep refetching until we try the same
|
|
|
|
+ replica twice in a row. Fixes bug 14219; bugfix on 0.2.0.10-alpha.
|
|
|
|
+ - Successfully launch Tor with a nonexistent hidden service
|
|
|
|
+ directory. Our fix for bug 13942 didn't catch this case. Fixes bug
|
|
|
|
+ 14106; bugfix on 0.2.6.2-alpha.
|
|
|
|
|
|
o Minor bugfixes (logging):
|
|
o Minor bugfixes (logging):
|
|
- Avoid crashing when there are more log domains than entries in
|
|
- Avoid crashing when there are more log domains than entries in
|
|
- domain_list. Bugfix on 0.2.3.1-alpha.
|
|
|
|
- - Add a string representation for LD_SCHED. Fixes bug 14740;
|
|
|
|
- bugfix on 0.2.6.1-alpha.
|
|
|
|
|
|
+ domain_list. Bugfix on 0.2.3.1-alpha.
|
|
|
|
+ - Add a string representation for LD_SCHED. Fixes bug 14740; bugfix
|
|
|
|
+ on 0.2.6.1-alpha.
|
|
|
|
|
|
o Minor bugfixes (parsing):
|
|
o Minor bugfixes (parsing):
|
|
- Stop accepting milliseconds (or other junk) at the end of
|
|
- Stop accepting milliseconds (or other junk) at the end of
|
|
- descriptor publication times. Fixes bug 9286; bugfix on
|
|
|
|
- 0.0.2pre25.
|
|
|
|
|
|
+ descriptor publication times. Fixes bug 9286; bugfix on 0.0.2pre25.
|
|
- Support two-number and three-number version numbers correctly, in
|
|
- Support two-number and three-number version numbers correctly, in
|
|
- case we change the Tor versioning system in the future. Fixes bug
|
|
|
|
|
|
+ case we change the Tor versioning system in the future. Fixes bug
|
|
13661; bugfix on 0.0.8pre1.
|
|
13661; bugfix on 0.0.8pre1.
|
|
|
|
|
|
o Minor bugfixes (portability):
|
|
o Minor bugfixes (portability):
|
|
- - Fix the ioctl()-based network interface lookup code so that it will
|
|
|
|
- work on systems that have variable-length struct ifreq, for example
|
|
|
|
- Mac OS X.
|
|
|
|
|
|
+ - Fix the ioctl()-based network interface lookup code so that it
|
|
|
|
+ will work on systems that have variable-length struct ifreq, for
|
|
|
|
+ example Mac OS X.
|
|
|
|
|
|
o Minor bugfixes (shutdown):
|
|
o Minor bugfixes (shutdown):
|
|
- When shutting down, always call event_del() on lingering read or
|
|
- When shutting down, always call event_del() on lingering read or
|
|
write events before freeing them. Otherwise, we risk double-frees
|
|
write events before freeing them. Otherwise, we risk double-frees
|
|
- or read-after-frees in event_base_free(). Fixes bug 12985; bugfix on
|
|
|
|
- 0.1.0.2-rc.
|
|
|
|
|
|
+ or read-after-frees in event_base_free(). Fixes bug 12985; bugfix
|
|
|
|
+ on 0.1.0.2-rc.
|
|
|
|
|
|
o Minor bugfixes (small memory leaks):
|
|
o Minor bugfixes (small memory leaks):
|
|
- Avoid leaking memory when using IPv6 virtual address mappings.
|
|
- Avoid leaking memory when using IPv6 virtual address mappings.
|
|
- Fixes bug 14123; bugfix on 0.2.4.7-alpha. Patch by Tom van der
|
|
|
|
- Woerdt.
|
|
|
|
|
|
+ Fixes bug 14123; bugfix on 0.2.4.7-alpha. Patch by Tom van
|
|
|
|
+ der Woerdt.
|
|
|
|
|
|
o Minor bugfixes (statistics):
|
|
o Minor bugfixes (statistics):
|
|
- Increase period over which bandwidth observations are aggregated
|
|
- Increase period over which bandwidth observations are aggregated
|
|
from 15 minutes to 4 hours. Fixes bug 13988; bugfix on 0.0.8pre1.
|
|
from 15 minutes to 4 hours. Fixes bug 13988; bugfix on 0.0.8pre1.
|
|
|
|
|
|
o Minor bugfixes (systemd support):
|
|
o Minor bugfixes (systemd support):
|
|
- - Fix detection and operation of systemd watchdog. Fixes part of
|
|
|
|
- bug 14141; bugfix on 0.2.6.2-alpha. Patch from Tomasz Torcz.
|
|
|
|
- - Run correctly under systemd with the RunAsDaemon option set.
|
|
|
|
- Fixes part of bug 14141; bugfix on 0.2.5.7-rc. Patch from Tomasz
|
|
|
|
- Torcz.
|
|
|
|
- - Inform the systemd supervisor about more changes in the Tor process
|
|
|
|
- status. Implements part of ticket 14141. Patch from Tomasz Torcz.
|
|
|
|
|
|
+ - Fix detection and operation of systemd watchdog. Fixes part of bug
|
|
|
|
+ 14141; bugfix on 0.2.6.2-alpha. Patch from Tomasz Torcz.
|
|
|
|
+ - Run correctly under systemd with the RunAsDaemon option set. Fixes
|
|
|
|
+ part of bug 14141; bugfix on 0.2.5.7-rc. Patch from Tomasz Torcz.
|
|
|
|
+ - Inform the systemd supervisor about more changes in the Tor
|
|
|
|
+ process status. Implements part of ticket 14141. Patch from
|
|
|
|
+ Tomasz Torcz.
|
|
- Cause the "--disable-systemd" option to actually disable systemd
|
|
- Cause the "--disable-systemd" option to actually disable systemd
|
|
- support. Fixes bug 14350; bugfix on 0.2.6.2-alpha. Patch from
|
|
|
|
- "blueness".
|
|
|
|
|
|
+ support. Fixes bug 14350; bugfix on 0.2.6.2-alpha. Patch
|
|
|
|
+ from "blueness".
|
|
|
|
|
|
o Minor bugfixes (TLS):
|
|
o Minor bugfixes (TLS):
|
|
- - Check more thoroughly throughout the TLS code for possible unlogged
|
|
|
|
- TLS errors. Possible diagnostic or fix for bug 13319.
|
|
|
|
|
|
+ - Check more thoroughly throughout the TLS code for possible
|
|
|
|
+ unlogged TLS errors. Possible diagnostic or fix for bug 13319.
|
|
|
|
|
|
o Code simplification and refactoring:
|
|
o Code simplification and refactoring:
|
|
- - Move fields related to isolating and configuring client ports
|
|
|
|
- into a shared structure. Previously, they were duplicated across
|
|
|
|
- port_cfg_t, listener_connection_t, and edge_connection_t.
|
|
|
|
- Failure to copy one of them correctly had been the cause of at
|
|
|
|
- least one bug in the past. Closes ticket 8546.
|
|
|
|
|
|
+ - Move fields related to isolating and configuring client ports into
|
|
|
|
+ a shared structure. Previously, they were duplicated across
|
|
|
|
+ port_cfg_t, listener_connection_t, and edge_connection_t. Failure
|
|
|
|
+ to copy one of them correctly had been the cause of at least one
|
|
|
|
+ bug in the past. Closes ticket 8546.
|
|
- Refactor the get_interface_addresses_raw() Doom-function into
|
|
- Refactor the get_interface_addresses_raw() Doom-function into
|
|
multiple smaller and easier to understand subfunctions. Cover the
|
|
multiple smaller and easier to understand subfunctions. Cover the
|
|
- resulting subfunctions with unit-tests. Fixes a significant portion
|
|
|
|
- of issue 12376.
|
|
|
|
- - Remove workaround in dirserv_thinks_router_is_hs_dir() that was only
|
|
|
|
- for version <= 0.2.2.24 which is now deprecated. Closes ticket 14202.
|
|
|
|
- - Remove a test for a long-defunct broken version-one directory server.
|
|
|
|
|
|
+ resulting subfunctions with unit-tests. Fixes a significant
|
|
|
|
+ portion of issue 12376.
|
|
|
|
+ - Remove workaround in dirserv_thinks_router_is_hs_dir() that was
|
|
|
|
+ only for version <= 0.2.2.24 which is now deprecated. Closes
|
|
|
|
+ ticket 14202.
|
|
|
|
+ - Remove a test for a long-defunct broken version-one
|
|
|
|
+ directory server.
|
|
|
|
|
|
o Documentation:
|
|
o Documentation:
|
|
- - Adding section on OpenBSD to our TUNING document. Thanks to
|
|
|
|
- mmcc for writing the OpenBSD-specific tips. Resolves ticket
|
|
|
|
- 13702.
|
|
|
|
|
|
+ - Adding section on OpenBSD to our TUNING document. Thanks to mmcc
|
|
|
|
+ for writing the OpenBSD-specific tips. Resolves ticket 13702.
|
|
- Make the tor-resolve documentation match its help string and its
|
|
- Make the tor-resolve documentation match its help string and its
|
|
options. Resolves part of ticket 14325.
|
|
options. Resolves part of ticket 14325.
|
|
- Log a more useful error message from tor-resolve when failing to
|
|
- Log a more useful error message from tor-resolve when failing to
|
|
@@ -331,29 +329,32 @@ Changes in version 0.2.6.3-alpha - 2015-02-??
|
|
- Don't warn when we've attempted to contact a relay using the wrong
|
|
- Don't warn when we've attempted to contact a relay using the wrong
|
|
ntor onion key. Closes ticket 9635.
|
|
ntor onion key. Closes ticket 9635.
|
|
|
|
|
|
|
|
+ o Removed features:
|
|
|
|
+ - To avoid confusion with the 'ExitRelay' option, 'ExitNode' is no
|
|
|
|
+ longer silently accepted as an alias for 'ExitNodes'.
|
|
|
|
+
|
|
o Testing:
|
|
o Testing:
|
|
- Make the checkdir/perms test complete successfully even if the
|
|
- Make the checkdir/perms test complete successfully even if the
|
|
global umask is not 022. Fixes bug 14215; bugfix on 0.2.6.2-alpha.
|
|
global umask is not 022. Fixes bug 14215; bugfix on 0.2.6.2-alpha.
|
|
- - Test that tor does not fail when key files are zero-length.
|
|
|
|
- Check that tor generates new keys, and overwrites the empty key files.
|
|
|
|
- - Test that tor generates new keys when keys are missing (existing
|
|
|
|
- behaviour).
|
|
|
|
- - Test that tor does not overwrite key files that already contain data
|
|
|
|
|
|
+ - Test that tor does not fail when key files are zero-length. Check
|
|
|
|
+ that tor generates new keys, and overwrites the empty key files.
|
|
|
|
+ - Test that tor generates new keys when keys are missing
|
|
(existing behaviour).
|
|
(existing behaviour).
|
|
- Tests bug 13111. Patch by "teor".
|
|
|
|
|
|
+ - Test that tor does not overwrite key files that already contain
|
|
|
|
+ data (existing behaviour). Tests bug 13111. Patch by "teor".
|
|
- New "make test-stem" target to run stem integration tests.
|
|
- New "make test-stem" target to run stem integration tests.
|
|
Requires that the "STEM_SOURCE_DIR" environment variable be set.
|
|
Requires that the "STEM_SOURCE_DIR" environment variable be set.
|
|
Closes ticket 14107.
|
|
Closes ticket 14107.
|
|
- Make the test_cmdline_args.py script work correctly on Windows.
|
|
- Make the test_cmdline_args.py script work correctly on Windows.
|
|
Patch from Gisle Vanem.
|
|
Patch from Gisle Vanem.
|
|
- - Move the slower unit tests into a new "./src/test/test-slow" binary
|
|
|
|
- that can be run independently of the other tests. Closes ticket 13243.
|
|
|
|
|
|
+ - Move the slower unit tests into a new "./src/test/test-slow"
|
|
|
|
+ binary that can be run independently of the other tests. Closes
|
|
|
|
+ ticket 13243.
|
|
- Avoid undefined behavior when sampling huge values from the
|
|
- Avoid undefined behavior when sampling huge values from the
|
|
Laplace distribution. This made unittests fail on Raspberry Pi.
|
|
Laplace distribution. This made unittests fail on Raspberry Pi.
|
|
Bug found by Device. Fixes bug 14090; bugfix on 0.2.6.2-alpha.
|
|
Bug found by Device. Fixes bug 14090; bugfix on 0.2.6.2-alpha.
|
|
|
|
|
|
|
|
|
|
-
|
|
|
|
Changes in version 0.2.6.2-alpha - 2014-12-31
|
|
Changes in version 0.2.6.2-alpha - 2014-12-31
|
|
Tor 0.2.6.2-alpha is the second alpha release in the 0.2.6.x series.
|
|
Tor 0.2.6.2-alpha is the second alpha release in the 0.2.6.x series.
|
|
It introduces a major new backend for deciding when to send cells on
|
|
It introduces a major new backend for deciding when to send cells on
|