[tor-commits] [tor/master] fold in changes files for upcoming 0.2.4.4-alpha
arma at torproject.org
arma at torproject.org
Sat Oct 20 20:07:49 UTC 2012
commit 93044642842208e188a80bd086460e2cc60fbed7
Author: Roger Dingledine <arma at torproject.org>
Date: Sat Oct 20 15:37:57 2012 -0400
fold in changes files for upcoming 0.2.4.4-alpha
---
ChangeLog | 101 ++++++++++++++++++++++++++++++++
changes/6757 | 5 --
changes/6982 | 3 -
changes/addr_is_internal_debug | 4 -
changes/bug1031 | 5 --
changes/bug6465 | 12 ----
changes/bug6816 | 6 --
changes/bug7011 | 6 --
changes/bug7014 | 5 --
changes/bug7022 | 3 -
changes/bug7029 | 3 -
changes/bug7037 | 6 --
changes/bug7038 | 5 --
changes/bug7039 | 7 --
changes/bug7139 | 9 ---
changes/cve-2012-2249 | 5 --
changes/dirserv-BUGGY-a | 7 --
changes/dropped_openssl_vers | 3 -
changes/src_ext | 3 -
changes/ticket5749 | 3 -
changes/ticket6997 | 2 -
changes/warn-about-hses-without-guards | 8 ---
22 files changed, 101 insertions(+), 110 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 98f0507..d234807 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,104 @@
+Changes in version 0.2.4.4-alpha - 2012-10-20
+ Tor 0.2.4.4-alpha adds a new v3 directory authority, fixes a privacy
+ vulnerability introduced by a change in OpenSSL, fixes a remotely
+ triggerable assert, and adds new channel_t and circuitmux_t abstractions
+ that will make it easier to test new connection transport and cell
+ scheduling algorithms.
+
+ o New directory authorities (also in 0.2.3.23-rc):
+ - Add Faravahar (run by Sina Rabbani) as the ninth v3 directory
+ authority. Closes ticket 5749.
+
+ o Major bugfixes (security/privacy, also in 0.2.3.23-rc):
+ - Disable TLS session tickets. OpenSSL's implementation was giving
+ our TLS session keys the lifetime of our TLS context objects, when
+ perfect forward secrecy would want us to discard anything that
+ could decrypt a link connection as soon as the link connection
+ was closed. Fixes bug 7139; bugfix on all versions of Tor linked
+ against OpenSSL 1.0.0 or later. Found by Florent Daignière.
+ - Discard extraneous renegotiation attempts once the V3 link
+ protocol has been initiated. Failure to do so left us open to
+ a remotely triggerable assertion failure. Fixes CVE-2012-2249;
+ bugfix on 0.2.3.6-alpha. Reported by "some guy from France".
+
+ o Internal abstraction features:
+ - Introduce new channel_t abstraction between circuits and
+ or_connection_t to allow for implementing alternate OR-to-OR
+ transports. A channel_t is an abstract object which can either be a
+ cell-bearing channel, which is responsible for authenticating and
+ handshaking with the remote OR and transmitting cells to and from
+ it, or a listening channel, which spawns new cell-bearing channels
+ at the request of remote ORs. Implements part of ticket 6465.
+ - Also new is the channel_tls_t subclass of channel_t, adapting it
+ to the existing or_connection_t code. The V2/V3 protocol handshaking
+ code which formerly resided in command.c has been moved below the
+ channel_t abstraction layer and may be found in channeltls.c now.
+ Implements the rest of ticket 6465.
+ - Introduce new circuitmux_t storing the queue of circuits for
+ a channel; this encapsulates and abstracts the queue logic and
+ circuit selection policy, and allows the latter to be overridden
+ easily by switching out a policy object. The existing EWMA behavior
+ is now implemented as a circuitmux_policy_t. Resolves ticket 6816.
+
+ o Required libraries:
+ - Tor now requires OpenSSL 0.9.8 or later. OpenSSL 1.0.0 or later is
+ strongly recommended.
+
+ o Minor features:
+ - Warn users who run hidden services on a Tor client with
+ UseEntryGuards disabled that their hidden services will be
+ vulnerable to http://freehaven.net/anonbib/#hs-attack06 (the
+ attack which motivated Tor to support entry guards in the first
+ place). Resolves ticket 6889.
+ - Tor now builds correctly on Bitrig, an OpenBSD fork. Patch from
+ dhill. Resolves ticket 6982.
+
+ o Minor bugfixes (also in 0.2.3.23-rc):
+ - Don't serve or accept v2 hidden service descriptors over a
+ relay's DirPort. It's never correct to do so, and disabling it
+ might make it more annoying to exploit any bugs that turn up in the
+ descriptor-parsing code. Fixes bug 7149.
+ - Fix two cases in src/or/transports.c where we were calling
+ fmt_addr() twice in a parameter list. Bug found by David
+ Fifield. Fixes bug 7014; bugfix on 0.2.3.9-alpha.
+ - Fix memory leaks whenever we logged any message about the "path
+ bias" detection. Fixes bug 7022; bugfix on 0.2.3.21-rc.
+ - When relays refuse a "create" cell because their queue of pending
+ create cells is too big (typically because their cpu can't keep up
+ with the arrival rate), send back reason "resource limit" rather
+ than reason "internal", so network measurement scripts can get a
+ more accurate picture. Fixes bug 7037; bugfix on 0.1.1.11-alpha.
+
+ o Minor bugfixes:
+ - Command-line option "--version" implies "--quiet". Fixes bug 6997.
+ - Free some more still-in-use memory at exit, to make hunting for
+ memory leaks easier. Resolves bug 7029.
+ - When a Tor client gets a "truncated" relay cell, the first byte of
+ its payload specifies why the circuit was truncated. We were
+ ignoring this 'reason' byte when tearing down the circuit, resulting
+ in the controller not being told why the circuit closed. Now we
+ pass the reason from the truncated cell to the controller. Bugfix
+ on 0.1.2.3-alpha; fixes bug 7039.
+ - Downgrade "Failed to hand off onionskin" messages to "debug"
+ severity, since they're typically redundant with the "Your computer
+ is too slow" messages. Fixes bug 7038; bugfix on 0.2.2.16-alpha.
+ - Make clients running with IPv6 bridges connect over IPv6 again,
+ even without setting new config options ClientUseIPv6 and
+ ClientPreferIPv6ORPort. Fixes bug 6757; bugfix on 0.2.4.1-alpha.
+ - Use square brackets around IPv6 addresses in numerous places
+ that needed them, including log messages, HTTPS CONNECT proxy
+ requests, TransportProxy statefile entries, and pluggable transport
+ extra-info lines. Fixes bug 7011; patch by David Fifield.
+
+ o Code refactoring and cleanup:
+ - Source files taken from other packages now reside in src/ext;
+ previously they were scattered around the rest of Tor.
+ - Avoid use of reserved identifiers in our C code. The C standard
+ doesn't like us declaring anything that starts with an
+ underscore, so let's knock it off before we get in trouble. Fix
+ for bug 1031; bugfix on the first Tor commit.
+
+
Changes in version 0.2.3.23-rc - 2012-10-20
Tor 0.2.3.23-rc adds a new v3 directory authority, fixes a privacy
vulnerability introduced by a change in OpenSSL, and fixes a variety
diff --git a/changes/6757 b/changes/6757
deleted file mode 100644
index 6b17f95..0000000
--- a/changes/6757
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (client):
- - Make clients running with IPv6 bridges connect over IPv6 again,
- even without setting new config options ClientUseIPv6 and
- ClientPreferIPv6ORPort.
- Fixes bug 6757; bugfix on 0.2.4.1-alpha.
diff --git a/changes/6982 b/changes/6982
deleted file mode 100644
index edfa066..0000000
--- a/changes/6982
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features (portability):
- - Tor now builds correctly on Bitrig, an OpenBSD fork. Patch from dhill.
- Ticket 6982.
diff --git a/changes/addr_is_internal_debug b/changes/addr_is_internal_debug
deleted file mode 100644
index 6de221b..0000000
--- a/changes/addr_is_internal_debug
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features:
- - Log the call-site of a failed tor_addr_is_internal(), so that we
- can learn who is calling it with AF_UNSPECIFIED and fix the
- second (unrelated) part of bug 7086.
diff --git a/changes/bug1031 b/changes/bug1031
deleted file mode 100644
index e3ab49b..0000000
--- a/changes/bug1031
+++ /dev/null
@@ -1,5 +0,0 @@
- o Code cleanup:
- - Avoid use of reserved identifiers in our C code. The C standard
- doesn't like us declaring anything that starts with an
- underscore, so let's knock it off before we get in trouble. Fix
- for bug 1031; bugfix on the first Tor commit.
diff --git a/changes/bug6465 b/changes/bug6465
deleted file mode 100644
index a5ea9e2..0000000
--- a/changes/bug6465
+++ /dev/null
@@ -1,12 +0,0 @@
- o Infrastructure features:
- - Introduce new channel_t abstraction between circuits and or_connection_t
- to allow for implementing alternate OR-to-OR transports. A channel_t is
- an abstract object which can either be a cell-bearing channel, which is
- responsible for authenticating and handshaking with the remote OR and
- transmitting cells to and from it, or a listening channel, which spawns
- new cell-bearing channels at the request of remote ORs.
-
- - Also new is the channel_tls_t subclass of channel_t, adapting it to the
- existing or_connection_t code. The V2/V3 protocol handshaking code
- which formerly resided in command.c has been moved below the channel_t
- abstraction layer and may be found in channeltls.c now.
diff --git a/changes/bug6816 b/changes/bug6816
deleted file mode 100644
index e9e6877..0000000
--- a/changes/bug6816
+++ /dev/null
@@ -1,6 +0,0 @@
- o Infrastructure features:
- - Introduce new circuitmux_t storing the queue of circuits for a channel;
- this encapsulates and abstracts the queue logic and circuit selection
- policy, and allows the latter to be overridden easily by switching out
- a policy object. The existing EWMA behavior is now implemented as a
- circuitmux_policy_t. This fixes bug 6816.
diff --git a/changes/bug7011 b/changes/bug7011
deleted file mode 100644
index f3d0aa2..0000000
--- a/changes/bug7011
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - Use square brackets around IPv6 addresses in numerous places that needed
- them, including log messages, HTTPS CONNECT proxy requests,
- TransportProxy statefile entries, and pluggable transport extra-info
- lines. Fix for bug 7011; patch by David Fifield.
-
diff --git a/changes/bug7014 b/changes/bug7014
deleted file mode 100644
index 1d39103..0000000
--- a/changes/bug7014
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - Fix two cases in src/or/transports.c where we were calling
- fmt_addr() twice in a parameter list. Bug found by David
- Fifield. Fixes bug 7014; bugfix on 0.2.3.9-alpha.
-
diff --git a/changes/bug7022 b/changes/bug7022
deleted file mode 100644
index 10ac354..0000000
--- a/changes/bug7022
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes:
- - Fix memory leaks whenever we logged any message about the "path
- bias" detection. Fixes bug 7022; bugfix on 0.2.3.21-rc.
diff --git a/changes/bug7029 b/changes/bug7029
deleted file mode 100644
index a115b42..0000000
--- a/changes/bug7029
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (code cleanliness):
- - Free some more still-in-use memory at exit, to make hunting for
- memory leaks easier. Resolves bug 7029.
diff --git a/changes/bug7037 b/changes/bug7037
deleted file mode 100644
index fc3a1ad..0000000
--- a/changes/bug7037
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - When relays refuse a "create" cell because their queue of pending
- create cells is too big (typically because their cpu can't keep up
- with the arrival rate), send back reason "resource limit" rather
- than reason "internal", so network measurement scripts can get a
- more accurate picture. Bugfix on 0.1.1.11-alpha; fixes bug 7037.
diff --git a/changes/bug7038 b/changes/bug7038
deleted file mode 100644
index 3805d86..0000000
--- a/changes/bug7038
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (log messages):
- - Downgrade "Failed to hand off onionskin" messages to "debug"
- severity, since they're typically redundant with the "Your computer
- is too slow" messages. Fixes bug 7038; bugfix on 0.2.2.16-alpha.
-
diff --git a/changes/bug7039 b/changes/bug7039
deleted file mode 100644
index dc5111a..0000000
--- a/changes/bug7039
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes:
- - When a Tor client gets a "truncated" relay cell, the first byte of
- its payload specifies why the circuit was truncated. We were
- ignoring this 'reason' byte when tearing down the circuit, resulting
- in the controller not being told why the circuit closed. Now we
- pass the reason from the truncated cell to the controller. Bugfix
- on 0.1.2.3-alpha; fixes bug 7039.
diff --git a/changes/bug7139 b/changes/bug7139
deleted file mode 100644
index dfb7d32..0000000
--- a/changes/bug7139
+++ /dev/null
@@ -1,9 +0,0 @@
- o Major bugfixes (security):
-
- - Disable TLS session tickets. OpenSSL's implementation were giving
- our TLS session keys the lifetime of our TLS context objects, when
- perfect forward secrecy would want us to discard anything that
- could decrypt a link connection as soon as the link connection was
- closed. Fixes bug 7139; bugfix on all versions of Tor linked
- against OpenSSL 1.0.0 or later. Found by "nextgens".
-
diff --git a/changes/cve-2012-2249 b/changes/cve-2012-2249
deleted file mode 100644
index 625bfa2..0000000
--- a/changes/cve-2012-2249
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major bugfixes (security):
- - Discard extraneous renegotiation attempts once the V3 link
- protocol has been initiated. Failure to do so left us open to
- a remotely triggerable assertion failure. Fixes CVE-2012-2249;
- bugfix on 0.2.3.6-alpha. Reported by "some guy from France".
diff --git a/changes/dirserv-BUGGY-a b/changes/dirserv-BUGGY-a
deleted file mode 100644
index 35b492a..0000000
--- a/changes/dirserv-BUGGY-a
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes:
-
- - Don't serve or accept v2 hidden service descriptors over a
- relay's DirPort. It's never correct to do so, and disabling it
- might make it more annoying to exploit any bugs that turn up in the
- descriptor-parsing code. Fixes bug 7149.
-
diff --git a/changes/dropped_openssl_vers b/changes/dropped_openssl_vers
deleted file mode 100644
index dc79d5e..0000000
--- a/changes/dropped_openssl_vers
+++ /dev/null
@@ -1,3 +0,0 @@
- o Required libraries:
- - Tor now requires OpenSSL 0.9.8 or later; OpenSSL 1.0.0 or later is
- strongly recommended.
diff --git a/changes/src_ext b/changes/src_ext
deleted file mode 100644
index a1b2a21..0000000
--- a/changes/src_ext
+++ /dev/null
@@ -1,3 +0,0 @@
- o Code refactoring:
- - Source files taken from other packages now reside in src/ext;
- previously they were scattered around the rest of Tor.
diff --git a/changes/ticket5749 b/changes/ticket5749
deleted file mode 100644
index 0237241..0000000
--- a/changes/ticket5749
+++ /dev/null
@@ -1,3 +0,0 @@
- o New directory authorities:
- - Add Faravahar (run by Sina Rabbani) as the ninth v3 directory
- authority. Closes ticket 5749.
diff --git a/changes/ticket6997 b/changes/ticket6997
deleted file mode 100644
index 0a33b37..0000000
--- a/changes/ticket6997
+++ /dev/null
@@ -1,2 +0,0 @@
- o Minor bugfixes:
- - Command-line option "--version" implies "--quiet". Closes ticket #6997.
diff --git a/changes/warn-about-hses-without-guards b/changes/warn-about-hses-without-guards
deleted file mode 100644
index 57b8b4d..0000000
--- a/changes/warn-about-hses-without-guards
+++ /dev/null
@@ -1,8 +0,0 @@
- o Minor features:
-
- - Warn users who run hidden services on a Tor client with
- UseEntryGuards disabled that their hidden services will be
- vulnerable to http://freehaven.net/anonbib/#hs-attack06 (the
- attack which motivated Tor to support entry guards in the first
- place). Fixes bug 6889.
-
More information about the tor-commits
mailing list