[or-cvs] r9408: and break out the 0.0.8 changelog too (tor/trunk)

arma at seul.org arma at seul.org
Thu Jan 25 22:19:14 UTC 2007


Author: arma
Date: 2007-01-25 17:19:13 -0500 (Thu, 25 Jan 2007)
New Revision: 9408

Modified:
   tor/trunk/ChangeLog
Log:
and break out the 0.0.8 changelog too


Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog	2007-01-25 21:39:18 UTC (rev 9407)
+++ tor/trunk/ChangeLog	2007-01-25 22:19:13 UTC (rev 9408)
@@ -2333,30 +2333,138 @@
 
 
 Changes in version 0.0.8 - 2004-08-25
+  o Port it to SunOS 5.9 / Athena
+
+
+Changes in version 0.0.8rc2 - 2004-08-20
+  o Make it compile on cygwin again.
+  o When picking unverified routers, skip those with low uptime and/or
+    low bandwidth, depending on what properties you care about.
+
+
+Changes in version 0.0.8rc1 - 2004-08-18
+  o Changes from 0.0.7.3:
+    - Bugfixes:
+      - Fix assert triggers: if the other side returns an address 0.0.0.0,
+        don't put it into the client dns cache.
+      - If a begin failed due to exit policy, but we believe the IP address
+        should have been allowed, switch that router to exitpolicy reject *:*
+        until we get our next directory.
+    - Features:
+      - Clients choose nodes proportional to advertised bandwidth.
+      - Avoid using nodes with low uptime as introduction points.
+      - Handle servers with dynamic IP addresses: don't replace
+        options->Address with the resolved one at startup, and
+        detect our address right before we make a routerinfo each time.
+      - 'FascistFirewall' option to pick dirservers and ORs on specific
+        ports; plus 'FirewallPorts' config option to tell FascistFirewall
+        which ports are open. (Defaults to 80,443)
+      - Be more aggressive about trying to make circuits when the network
+        has changed (e.g. when you unsuspend your laptop).
+      - Check for time skew on http headers; report date in response to
+        "GET /".
+      - If the entrynode config line has only one node, don't pick it as
+        an exitnode.
+      - Add strict{entry|exit}nodes config options. If set to 1, then
+        we refuse to build circuits that don't include the specified entry
+        or exit nodes.
+      - OutboundBindAddress config option, to bind to a specific
+        IP address for outgoing connect()s.
+      - End truncated log entries (e.g. directories) with "[truncated]".
+
+  o Patches to 0.0.8preX:
+    - Bugfixes:
+      - Patches to compile and run on win32 again (maybe)?
+      - Fix crash when looking for ~/.torrc with no $HOME set.
+      - Fix a race bug in the unit tests.
+      - Handle verified/unverified name collisions better when new
+        routerinfo's arrive in a directory.
+      - Sometimes routers were getting entered into the stats before
+        we'd assigned their identity_digest. Oops.
+      - Only pick and establish intro points after we've gotten a
+        directory.
+    - Features:
+      - AllowUnverifiedNodes config option to let circuits choose no-name
+        routers in entry,middle,exit,introduction,rendezvous positions.
+        Allow middle and rendezvous positions by default.
+      - Add a man page for tor-resolve.
+
+
+Changes in version 0.0.7.3 - 2004-08-12
+  o Stop dnsworkers from triggering an assert failure when you
+    ask them to resolve the host "".
+
+
+Changes in version 0.0.8pre3 - 2004-08-09
+  o Changes from 0.0.7.2:
+    - Allow multiple ORs with same nickname in routerlist -- now when
+      people give us one identity key for a nickname, then later
+      another, we don't constantly complain until the first expires.
+    - Remember used bandwidth (both in and out), and publish 15-minute
+      snapshots for the past day into our descriptor.
+    - You can now fetch $DIRURL/running-routers to get just the
+      running-routers line, not the whole descriptor list. (But
+      clients don't use this yet.)
+    - When people mistakenly use Tor as an http proxy, point them
+      at the tor-doc.html rather than the INSTALL.
+    - Remove our mostly unused -- and broken -- hex_encode()
+      function. Use base16_encode() instead. (Thanks to Timo Lindfors
+      for pointing out this bug.)
+    - Rotate onion keys every 12 hours, not every 2 hours, so we have
+      fewer problems with people using the wrong key.
+    - Change the default exit policy to reject the default edonkey,
+      kazaa, gnutella ports.
+    - Add replace_file() to util.[ch] to handle win32's rename().
+
+  o Changes from 0.0.8preX:
+    - Fix two bugs in saving onion keys to disk when rotating, so
+      hopefully we'll get fewer people using old onion keys.
+    - Fix an assert error that was making SocksPolicy not work.
+    - Be willing to expire routers that have an open dirport -- it's
+      just the authoritative dirservers we want to not forget.
+    - Reject tor-resolve requests for .onion addresses early, so we
+      don't build a whole rendezvous circuit and then fail.
+    - When you're warning a server that he's unverified, don't cry
+      wolf unpredictably.
+    - Fix a race condition: don't try to extend onto a connection
+      that's still handshaking.
+    - For servers in clique mode, require the conn to be open before
+      you'll choose it for your path.
+    - Fix some cosmetic bugs about duplicate mark-for-close, lack of
+      end relay cell, etc.
+    - Measure bandwidth capacity over the last 24 hours, not just 12
+    - Bugfix: authoritative dirservers were making and signing a new
+      directory for each client, rather than reusing the cached one.
+
+
+Changes in version 0.0.8pre2 - 2004-08-04
+  o Changes from 0.0.7.2:
+    - Security fixes:
+      - Check directory signature _before_ you decide whether you're
+        you're running an obsolete version and should exit.
+      - Check directory signature _before_ you parse the running-routers
+        list to decide who's running or verified.
+    - Bugfixes and features:
+      - Check return value of fclose while writing to disk, so we don't
+        end up with broken files when servers run out of disk space.
+      - Log a warning if the user uses an unsafe socks variant, so people
+        are more likely to learn about privoxy or socat.
+      - Dirservers now include RFC1123-style dates in the HTTP headers,
+        which one day we will use to better detect clock skew.
+
+  o Changes from 0.0.8pre1:
+    - Make it compile without warnings again on win32.
+    - Log a warning if you're running an unverified server, to let you
+      know you might want to get it verified.
+    - Only pick a default nickname if you plan to be a server.
+
+
+Changes in version 0.0.8pre1 - 2004-07-23
   o Bugfixes:
     - Made our unit tests compile again on OpenBSD 3.5, and tor
       itself compile again on OpenBSD on a sparc64.
     - We were neglecting milliseconds when logging on win32, so
       everything appeared to happen at the beginning of each second.
-    - Check directory signature _before_ you decide whether you're
-      you're running an obsolete version and should exit.
-    - Check directory signature _before_ you parse the running-routers
-      list to decide who's running.
-    - Check return value of fclose while writing to disk, so we don't
-      end up with broken files when servers run out of disk space.
-    - Port it to SunOS 5.9 / Athena
-    - Fix two bugs in saving onion keys to disk when rotating, so
-      hopefully we'll get fewer people using old onion keys.
-    - Remove our mostly unused -- and broken -- hex_encode()
-      function. Use base16_encode() instead. (Thanks to Timo Lindfors
-      for pointing out this bug.)
-    - Only pick and establish intro points after we've gotten a
-      directory.
-    - Fix assert triggers: if the other side returns an address 0.0.0.0,
-      don't put it into the client dns cache.
-    - If a begin failed due to exit policy, but we believe the IP
-      address should have been allowed, switch that router to exitpolicy
-      reject *:* until we get our next directory.
 
   o Protocol changes:
     - 'Extend' relay cell payloads now include the digest of the
@@ -2373,11 +2481,9 @@
         list; unverified routers are listed as "$<fingerprint>".
       - We now use hash-of-identity-key in most places rather than
         nickname or addr:port, for improved security/flexibility.
-      - AllowUnverifiedNodes config option to let circuits choose no-name
-        routers in entry,middle,exit,introduction,rendezvous positions.
-        Allow middle and rendezvous positions by default.
-      - When picking unverified routers, skip those with low uptime and/or
-        low bandwidth, depending on what properties you care about.
+      - To avoid Sybil attacks, paths still use only verified servers.
+        But now we have a chance to play around with hybrid approaches.
+      - Nodes track bandwidth usage to estimate capacity (not used yet).
       - ClientOnly option for nodes that never want to become servers.
     - Directory caching.
       - "AuthoritativeDir 1" option for the official dirservers.
@@ -2393,19 +2499,6 @@
         by hash-of-key).
       - Allow dirservers to serve running-router list separately.
         This isn't used yet.
-      - You can now fetch $DIRURL/running-routers to get just the
-        running-routers line, not the whole descriptor list. (But
-        clients don't use this yet.)
-    - Clients choose nodes proportional to advertised bandwidth.
-    - Clients avoid using nodes with low uptime as introduction points.
-    - Handle servers with dynamic IP addresses: don't just replace
-      options->Address with the resolved one at startup, and
-      detect our address right before we make a routerinfo each time.
-    - 'FascistFirewall' option to pick dirservers and ORs on specific
-      ports; plus 'FirewallPorts' config option to tell FascistFirewall
-      which ports are open. (Defaults to 80,443)
-    - Try other dirservers immediately if the one you try is down. This
-      should tolerate down dirservers better now.
     - ORs connect-on-demand to other ORs
       - If you get an extend cell to an OR you're not connected to,
         connect, handshake, and forward the create cell.
@@ -2426,6 +2519,8 @@
     - Refuse to build a circuit before the directory has arrived --
       it won't work anyway, since you won't know the right onion keys
       to use.
+    - Try other dirservers immediately if the one you try is down. This
+      should tolerate down dirservers better now.
     - Parse tor version numbers so we can do an is-newer-than check
       rather than an is-in-the-list check.
     - New socks command 'resolve', to let us shim gethostbyname()
@@ -2434,39 +2529,13 @@
       - A new socks-extensions.txt doc file to describe our
         interpretation and extensions to the socks protocols.
     - Add a ContactInfo option, which gets published in descriptor.
+    - Publish OR uptime in descriptor (and thus in directory) too.
     - Write tor version at the top of each log file
     - New docs in the tarball:
       - tor-doc.html.
       - Document that you should proxy your SSL traffic too.
-    - Log a warning if the user uses an unsafe socks variant, so people
-      are more likely to learn about privoxy or socat.
-    - Log a warning if you're running an unverified server, to let you
-      know you might want to get it verified.
-    - Change the default exit policy to reject the default edonkey,
-      kazaa, gnutella ports.
-    - Add replace_file() to util.[ch] to handle win32's rename().
-    - Publish OR uptime in descriptor (and thus in directory) too.
-    - Remember used bandwidth (both in and out), and publish 15-minute
-      snapshots for the past day into our descriptor.
-    - Be more aggressive about trying to make circuits when the network
-      has changed (e.g. when you unsuspend your laptop).
-    - Check for time skew on http headers; report date in response to
-      "GET /".
-    - If the entrynode config line has only one node, don't pick it as
-      an exitnode.
-    - Add strict{entry|exit}nodes config options. If set to 1, then
-      we refuse to build circuits that don't include the specified entry
-      or exit nodes.
-    - OutboundBindAddress config option, to bind to a specific
-      IP address for outgoing connect()s.
-    - End truncated log entries (e.g. directories) with "[truncated]".
 
 
-Changes in version 0.0.7.3 - 2004-08-12
-  o Stop dnsworkers from triggering an assert failure when you
-    ask them to resolve the host "".
-
-
 Changes in version 0.0.7.2 - 2004-07-07
   o A better fix for the 0.0.0.0 problem, that will hopefully
     eliminate the remaining related assertion failures.



More information about the tor-commits mailing list