bug1090-general 3.3 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273
  1. o Major features and bugfixes (node selection)
  2. - Revise and unify the meaning of the ExitNodes, EntryNodes,
  3. ExcludeEntryNodes, ExcludeExitNodes, ExcludeNodes, and
  4. StrictNodes options. Previously, we had been ambiguous in
  5. describing what counted as an "exit" node, and what operations
  6. exactly "StrictNodes 0" would permit. This created confusion
  7. when people saw nodes built through unexpected circuits, and
  8. made it hard to tell real bugs from surprises. We now stipulate
  9. that the intended behavior is:
  10. . "Exit", in the context of ExitNodes and ExcludeExitNodes,
  11. means a node that delivers user traffic outside the Tor
  12. network.
  13. . "Entry", in the context of EntryNodes and ExcludeEntryNodes,
  14. means a node used as the first hop of a multihop circuit:
  15. it doesn't include direct connections to directory servers.
  16. . "ExcludeNodes" applies to all nodes.
  17. . "StrictNodes" changes the behavior of ExcludeNodes only.
  18. When StrictNodes is set, Tor should avoid all nodes listed
  19. in ExcludeNodes, even when it will make user requests
  20. fail. When StrictNodes is *not* set, then Tor should
  21. follow ExcludeNodes whenever it can, except when it must
  22. use an excluded node to perform self-tests, connect to a
  23. hidden service, provide a hidden service, fulfill a .exit
  24. request, upload directory information, or fetch directory
  25. information.
  26. Collectively, the changes to implement the behavior are a fix for
  27. bug 1090.
  28. - ExcludeNodes now takes precedence over EntryNodes and ExitNodes:
  29. if a node is listed in both, it's treated as excluded.
  30. - ExcludeNodes now applies to directory nodes: as a preference if
  31. StrictNodes is 0, or an absolute requirement if StrictNodes is 1.
  32. (Don't exclude all the directory authorities and set StrictNodes
  33. to 1 unless you really want your Tor to break.)
  34. - ExcludeNodes and ExcludeExitNodes now override exit enclaving.
  35. - ExcludeExitNodes now overrides .exit requests.
  36. - We don't use bridges from ExcludeNodes.
  37. - When StrictNodes is 1:
  38. . We now apply ExcludeNodes to hidden service introduction points
  39. and to rendezvous points selected by hidden service users.
  40. This can make your hidden service less reliable: use it with
  41. caution!
  42. . If we have used ExcludeNodes on ourself, do not try self-tests.
  43. . If we have excluded all the directory authorities, we will
  44. not even try to upload our descriptor if we're a server.
  45. . Do not honor .exit requests to an excluded node.
  46. - Remove a misfeature that caused us to ignore the Fast/Stable flags
  47. if ExitNodes was set. Bugfix on 0.2.2.7-alpha.
  48. - When the set of permitted nodes changes, we now remove any
  49. mappings introduced via TrackExitHosts to now-excluded nodes.
  50. Bugfix on 0.1.0.1-rc.
  51. - We never cannibalize a circuit that had excluded nodes on it,
  52. even if StrictNodes is 0. Bugfix on 0.1.0.1-rc.
  53. - Improve log messages related to excluded nodes.
  54. - Revert a change where we would be laxer about attaching streams to
  55. circuits than when building the circuits. This was meant to
  56. prevent a set of bugs where streams were never attachable, but our
  57. improved code here should make this unnecessary. Bugfix on
  58. 0.2.2.7-alpha.