From 4ade55ecb9e6c3144dc6ed192fae0f613acfb467 Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Wed, 14 Mar 2012 23:54:26 -0400 Subject: [PATCH] merge in the changes files so far --- ChangeLog | 76 +++++++++++++++++++++++++++++++++++++++++++++---- changes/bug4296 | 3 -- changes/bug4361 | 4 --- changes/bug4725 | 4 --- changes/bug4760 | 4 --- changes/bug4838 | 5 ---- changes/bug4955 | 5 ---- changes/bug5090 | 7 ----- changes/bug5105 | 11 ------- changes/bug5231 | 5 ---- changes/bug5340 | 3 -- changes/bug5342 | 3 -- changes/bug5343 | 7 ----- changes/bug5373 | 5 ---- changes/extra-tests | 2 -- changes/geoip-march2012 | 3 -- changes/maatuska-ip | 3 -- changes/tinytest_update | 5 ---- 18 files changed, 71 insertions(+), 84 deletions(-) delete mode 100644 changes/bug4296 delete mode 100644 changes/bug4361 delete mode 100644 changes/bug4725 delete mode 100644 changes/bug4760 delete mode 100644 changes/bug4838 delete mode 100644 changes/bug4955 delete mode 100644 changes/bug5090 delete mode 100644 changes/bug5105 delete mode 100644 changes/bug5231 delete mode 100644 changes/bug5340 delete mode 100644 changes/bug5342 delete mode 100644 changes/bug5343 delete mode 100644 changes/bug5373 delete mode 100644 changes/extra-tests delete mode 100644 changes/geoip-march2012 delete mode 100644 changes/maatuska-ip delete mode 100644 changes/tinytest_update diff --git a/ChangeLog b/ChangeLog index 821370f4f3..5de4d6323b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,74 @@ +Changes in version 0.2.3.13-alpha - 2012-03-1? + o Directory authority changes: + - Change IP address for maatuska (v3 directory authority). + + o Security fixes: + - Never use a bridge as an exit, even if it claims to be one. Found by + wanoskarnet. Fixes bug 5342. Bugfix on ????. + - Only build circuits if we have a sufficient threshold of the total + descriptors marked in the consensus with the "Exit" flag. This + mitigates an attack proposed by wanoskarnet, in which all of + a client's bridges collude to restrict the exit nodes that the + client knows about. Fixes bug 5343. + + o Major bugfixes: + - Fix a relay-side pluggable transports bug where managed proxies were + unreachable from the Internet, because Tor asked them to bind on + localhost. Fixes bug 4725; bugfix on 0.2.3.9-alpha. + - Resume building with nat-pmp support. Fixes bug 4955; bugfix on + 0.2.3.11-alpha. Reported by Anthony G. Basile. + - Avoid an assert when managed proxies like obfsproxy are configured, + and we receive HUP signals or setconf attempts too rapidly. This + situation happens most commonly when Vidalia tries to attach to + Tor or tries to configure the Tor it's attached to. Fixes bug 5084; + bugfix on 0.2.3.6-alpha. + - Stop discarding command-line arguments when TestingTorNetwork + is set. Discovered by Kevin Bauer. Fixes bug 5373; bugfix on + 0.2.3.9-alpha, where task 4552 added support for two layers of + torrc files. + + o Minor bugfixes: + - On a failed pipe() call, don't leak file descriptors. Fixes bug + 4296; bugfix on 0.2.3.1-alpha. + - Spec conformance: on a v3 handshake, do not send a NETINFO cell + until after we have received a CERTS cell. Fixes bug 4361; bugfix + on 0.2.3.6-alpha. Patch by "frosty". + - When binding to an IPv6 address, set the IPV6_V6ONLY socket + option, so that the IP stack doesn't decide to use it for IPv4 + too. Fixes bug 4760; bugfix on 0.2.3.9-alpha. + - Directory caches no longer refuse to clean out descriptors when + because of missing v2 networkstatus documents, unless they're + actually trying to retrieve v2 networkstatus documents. Fixes bug + 4838; bugfix on 0.2.2.26-beta. Patch by Daniel Bryg. + - Detect and reject certain misformed escape sequences in + configuration values. Previously, these values would cause us + to crash if received in a torrc file or over an (authenticated) + control port. Bug found by Esteban Manchado Velázquez. Patch by + "flupzor". Fixes bug 5090; bugfix on 0.2.0.16-alpha. + - Ensure that variables set in Tor's environment cannot override + environment variables which Tor tries to pass to a managed + pluggable-transport proxy. Previously, Tor would pass every + variable in its environment to managed proxies along with the + new ones, in such a way that on many operating systems, the + inherited environment variables would override those which Tor + tried to explicitly set. Bugfix on 0.2.3.12-alpha for most + Unixoid systems; bugfix on 0.2.3.9-alpha for Windows. + - Ensure we don't cannibalize circuits that are longer than three hops + already, so we don't end up making circuits with 5 or more + hops. Patch contributed by wanoskarnet. Fixes bug 5231; bugfix on + 0.1.0.1-rc which introduced cannibalization. + - Fix a compile warning when using the --enable-openbsd-malloc + configure option. Fixes bug 5340; bugfix on 0.2.0.20-rc. + - Update to the latest version of the tinytest unit testing framework. + This includes a couple of bugfixes that can be relevant for + running forked unit tests on Windows, and a removal of all reserved + identifiers. + + o Minor features: + - A wide variety of new unit tests by Esteban Manchado Velázquez. + - Update to the March 6 2012 Maxmind GeoLite Country database. + + Changes in version 0.2.3.12-alpha - 2012-02-13 Tor 0.2.3.12-alpha lets fast exit relays scale better, allows clients to use bridges that run Tor 0.2.2.x, and resolves several big bugs @@ -15,11 +86,6 @@ Changes in version 0.2.3.12-alpha - 2012-02-13 would ask the bridge for microdescriptors, which are only supported in 0.2.3.x, and then fail to bootstrap when it didn't get the answers it wanted. Fixes bug 4013; bugfix on 0.2.3.2-alpha. - - Avoid an assert when managed proxies like obfsproxy are configured, - and we receive HUP signals or configuration values too rapidly. This - situation happens most commonly when Vidalia tries to attach to - Tor or tries to configure the Tor it's attached to. Fixes bug 5084; - bugfix on 0.2.3.6-alpha. - Properly set up obfsproxy's environment when in managed mode. The Tor Browser Bundle needs LD_LIBRARY_PATH to be passed to obfsproxy, and when you run your Tor as a daemon, there's no HOME. Fixes bugs diff --git a/changes/bug4296 b/changes/bug4296 deleted file mode 100644 index c265094ecb..0000000000 --- a/changes/bug4296 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes: - - On a failed pipe() call, don't leak fds. Fix for bug 4296; bugfix - on 0.2.3.1-alpha. diff --git a/changes/bug4361 b/changes/bug4361 deleted file mode 100644 index 887eb9f3f0..0000000000 --- a/changes/bug4361 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Spec conformance: on a v3 handshake, do not send a NETINFO cell until - after we have received a CERTS cell. Bugfix on 0.2.3.6-alpha; - fixes bug 4361; patch by "frosty". diff --git a/changes/bug4725 b/changes/bug4725 deleted file mode 100644 index 1c8abb5d27..0000000000 --- a/changes/bug4725 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes: - - Fix a bug where server managed proxies were unreachable from the - Internet, because tor asked them to bind on localhost. Fixes bug - 4725; bugfix on 0.2.3.9-alpha. diff --git a/changes/bug4760 b/changes/bug4760 deleted file mode 100644 index ea8d16edb7..0000000000 --- a/changes/bug4760 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - When binding to an IPv6 address, set the IPV6_V6ONLY socket - option, so that the IP stack doesn't decide to use it for IPv4 - too. Fixes bug 4760; bugfix on 0.2.3.9-alpha. diff --git a/changes/bug4838 b/changes/bug4838 deleted file mode 100644 index 8c92bdb33d..0000000000 --- a/changes/bug4838 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bufixes: - - Directory caches no longer refuse to clean out descriptors when - because of missing v2 networkstatus documents, unless they're - actually trying to retrieve v2 networkstatus documents. Bugfix - on 0.2.2.26-beta; fixes bug 4838. Patch by Daniel Bryg. diff --git a/changes/bug4955 b/changes/bug4955 deleted file mode 100644 index 60896ae11a..0000000000 --- a/changes/bug4955 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Fix the build when built with nat-pmp support. Fixes bug 4955; - bugfix on 0.2.3.11-alpha. Reported by Anthony G. Basile - , thanks! - diff --git a/changes/bug5090 b/changes/bug5090 deleted file mode 100644 index 5e323def44..0000000000 --- a/changes/bug5090 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes: - - Detect and reject certain misformed escape sequences in configuration - values. Previously, these values would cause us to crash if received - in a torrc file or over an (authenticated) control port. Bug found by - Esteban Manchado Velázquez. Patch by "flupzor." Fix for bug 5090; - bugfix on 0.2.0.16-alpha. - diff --git a/changes/bug5105 b/changes/bug5105 deleted file mode 100644 index 6a923d9fdd..0000000000 --- a/changes/bug5105 +++ /dev/null @@ -1,11 +0,0 @@ - o Minor bugfixes: - - - Ensure that variables set in Tor's environment cannot override - environment variables which Tor tries to pass to a managed - pluggable-transport proxy. Previously, Tor would pass every - variable in its environment to managed proxies along with the - new ones, in such a way that on many operating systems, the - inherited environment variables would override those which Tor - tried to explicitly set. Bugfix on 0.2.3.12-alpha for most - Unixoid systems; bugfix on 0.2.3.9-alpha for Windows. - diff --git a/changes/bug5231 b/changes/bug5231 deleted file mode 100644 index f64f7b6413..0000000000 --- a/changes/bug5231 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Ensure we don't cannibalize circuits that are longer than three hops - already, so we don't end up making circuits with 5 or more hops. Patch - contributed by wanoskarnet. Fixes bug 5231; bugfix on 0.1.0.1-rc which - introduced cannibalization. diff --git a/changes/bug5340 b/changes/bug5340 deleted file mode 100644 index 708988af08..0000000000 --- a/changes/bug5340 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes: - - Fix a compile warning when using the --enable-openbsd-malloc configure - option. Fixes bug 5340; bugfix on 0.2.0.20-rc. diff --git a/changes/bug5342 b/changes/bug5342 deleted file mode 100644 index b2ae4515a9..0000000000 --- a/changes/bug5342 +++ /dev/null @@ -1,3 +0,0 @@ - o Security fixes: - - Never use a bridge as an exit, even if it claims to be one. Found by - wanoskarnet. Fixes bug 5342. Bugfix on ????. diff --git a/changes/bug5343 b/changes/bug5343 deleted file mode 100644 index e4e14897f6..0000000000 --- a/changes/bug5343 +++ /dev/null @@ -1,7 +0,0 @@ - o Security fixes: - - Only build circuits if we have a sufficient threshold of the total - descriptors marked in the consensus with the "Exit" flag. This - mitigates an attack proposed by wanoskarnet, in which all of a - client's bridges collude to restrict the exit nodes that the - client knows about. Fixes bug 5343. - diff --git a/changes/bug5373 b/changes/bug5373 deleted file mode 100644 index 0e1ebe8511..0000000000 --- a/changes/bug5373 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Stop discarding command-line arguments when TestingTorNetwork - is set. Discovered by Kevin Bauer. Fixes bug 5373; bugfix on - 0.2.3.9-alpha, where task 4552 added support for two layers of - torrc files. diff --git a/changes/extra-tests b/changes/extra-tests deleted file mode 100644 index d5d36d851b..0000000000 --- a/changes/extra-tests +++ /dev/null @@ -1,2 +0,0 @@ - o Testing - - A wide variety of new unit tests by Esteban Manchado Velázquez. diff --git a/changes/geoip-march2012 b/changes/geoip-march2012 deleted file mode 100644 index 0f66d8fae2..0000000000 --- a/changes/geoip-march2012 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the March 6 2012 Maxmind GeoLite Country database. - diff --git a/changes/maatuska-ip b/changes/maatuska-ip deleted file mode 100644 index a00b43f866..0000000000 --- a/changes/maatuska-ip +++ /dev/null @@ -1,3 +0,0 @@ - o Directory authority changes: - - Change IP address for maatuska (v3 directory authority). - diff --git a/changes/tinytest_update b/changes/tinytest_update deleted file mode 100644 index 7f76796a7f..0000000000 --- a/changes/tinytest_update +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Update to the latest version of the tinytest unit testing framework. - This includes a couple of bugfixes that can be relevant for running - forked unit tests on Windows, and a removal of all reserved - identifiers. -- 2.11.4.GIT