[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/master] fold in changes files so far



commit 58d1aa44023e8b458450c4c00d5828f768c0adb5
Author: Roger Dingledine <arma@xxxxxxxxxxxxxx>
Date:   Fri Nov 25 19:24:42 2011 -0500

    fold in changes files so far
---
 ChangeLog                           |   77 +++++++++++++++++++++++++++++++++++
 changes/UserspaceIOCPBuffers        |    7 ---
 changes/aes_hackery                 |   10 -----
 changes/bug2474                     |    5 --
 changes/bug3472                     |    7 ---
 changes/bug3953                     |    6 ---
 changes/bug4230                     |    5 --
 changes/bug4312                     |   11 -----
 changes/bug4554                     |    4 --
 changes/bug4574                     |    4 --
 changes/checkSpaces                 |    5 --
 changes/disable_debugger_attachment |   16 -------
 changes/make_version                |    4 --
 changes/pure_removal                |    7 ---
 14 files changed, 77 insertions(+), 91 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 4b9d9f0..9a7d50a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,80 @@
+Changes in version 0.2.3.9-alpha - 2011-1?-??
+  o Major features:
+    - When using OpenSSL 1.0.0 or later, use OpenSSL's counter mode
+      implementation. It makes AES_CTR about 7% faster than our old one
+      (which was about 10% faster than the one OpenSSL used to provide).
+      Resolves ticket 4526.
+    - Tor clients and bridges can now be easily configured to use a
+      separate 'transport' proxy. This approach helps to resist
+      censorship by allowing bridges to use protocol obfuscation
+      plugins. It implements the 'managed proxy' part of proposal
+      180. Implements ticket 3472.
+    - Block excess renegotiations even if they are RFC5746 compliant.
+      This security fix mitigates potential SSL Denial of Service attacks
+      that use SSL renegotiation as a way of forcing the server to perform
+      unneeded computationally expensive SSL handshakes. Implements
+      ticket 4312.
+
+  o Major bugfixes:
+    - Teach Tor how to notice excess renegotiation attempts before it
+      receives the first data SSL record. Fixes part of ticket 4312.
+    - Only use the EVP interface when AES acceleration is enabled,
+      to avoid a 5-7% performance regression. Resolves issue 4525;
+      bugfix on 0.2.3.8-alpha.
+
+  o Minor features:
+    - Experimental support for running on Windows with IOCP and no
+      kernel-space socket buffers. This feature is controlled by a new
+      UserspaceIOCPBuffers feature (off by default), which has no
+      effect unless Tor has been built with support for bufferevents,
+      is running on Windows, and has enabled IOCP. This may, in the
+      long run, help solve or mitigate bug 98.
+    - Try to make the introductory warning message that Tor prints on
+      startup more useful for actually finding help and information.
+      Resolves ticket 2474.
+    - Running "make version" now displays the version of Tor that
+      we're about to build. Idea from katmagic; resolves issue 4400.
+    - If set to 1, Tor will attempt to prevent basic debugging
+      attachment attempts by other processes. It has no impact for
+      users who wish to attach if they have CAP_SYS_PTRACE or if they
+      are root.  We believe that this feature works on modern
+      Gnu/Linux distributions, and that it may also work on OSX and
+      some *BSD systems (untested).  Some modern Gnu/Linux systems
+      such as Ubuntu have the kernel.yama.ptrace_scope sysctl and by
+      default enable it as an attempt to limit the PTRACE scope for
+      all user processes by default. This feature will attempt to
+      limit the PTRACE scope for Tor specifically - it will not
+      attempt to alter the system wide ptrace scope as it may not even
+      exist. If you wish to attach to Tor with a debugger such as gdb
+      or strace you will want to set this to 0 for the duration of
+      your debugging. Normal users should leave it on. (Default: 1)
+
+  o Minor bugfixes:
+    - Resolve an integer overflow bug in smartlist_ensure_capacity().
+      Fixes bug 4230; bugfix on Tor 0.1.0.1-rc. Based on a patch by
+      Mansour Moufid.
+    - Fix a compile warning in tor_inet_pton(). Bugfix on 0.2.3.8-alpha;
+      fixes bug 4554.
+    - Fix a minor formatting issue in one of tor-gencert's error messages.
+      Fixes bug 4574.
+    - Prevent a false positive from the check-spaces script, by disabling
+      the "whitespace between function name and (" check for functions
+      named 'op()'.
+
+  o Build fixes:
+    - Properly handle the case where the build-tree is not the same
+      as the source tree when generating src/common/common_sha1.i,
+      src/or/micro-revision.i, and src/or/or_sha1.i. Fixes bug 3953;
+      bugfix on 0.2.0.1-alpha.
+
+  o Code simplifications and refactorings:
+    - Remove the pure attribute from all functions that used it
+      previously. In many cases we assigned it incorrectly, because the
+      functions might assert or call impure functions, and we don't have
+      evidence that keeping the pure attribute is worthwhile. Implements
+      changes suggested in ticket 4421.
+
+
 Changes in version 0.2.3.8-alpha - 2011-11-22
   Tor 0.2.3.8-alpha fixes some crash and assert bugs, including a
   socketpair-related bug that has been bothering Windows users. It adds
diff --git a/changes/UserspaceIOCPBuffers b/changes/UserspaceIOCPBuffers
deleted file mode 100644
index 7115b5f..0000000
--- a/changes/UserspaceIOCPBuffers
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Minor features:
-    - Experimental support for running on Windows with IOCP and no
-      kernel-space socket buffers. This feature is controlled by a new
-      UserspaceIOCPBuffers feature (off by default), which has no
-      effect unless Tor has been built with support for bufferevents,
-      is running on Windows, and has enabled IOCP.  This may, in the
-      long run, help solve or mitigate bug 98.
diff --git a/changes/aes_hackery b/changes/aes_hackery
deleted file mode 100644
index 8b2ef1a..0000000
--- a/changes/aes_hackery
+++ /dev/null
@@ -1,10 +0,0 @@
-  o Major features (AES performance):
-    - When using OpenSSL 1.0.0 or later, use OpenSSL's counter mode
-      implementation; it makes AES_CTR about 7% faster than our old one
-      (which was about 10% faster than the one OpenSSL used to provide).
-      Resolves issue #4526.
-
-  o Major bugfixes (AES performance):
-    - Only use the EVP interface when AES acceleration is enabled,
-      to avoid a 5-7% performance regression.  Resolves issue #4525,
-      bugfix on 0.2.3.8-alpha.
diff --git a/changes/bug2474 b/changes/bug2474
deleted file mode 100644
index 02d3eb7..0000000
--- a/changes/bug2474
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor features
-    - Try to make the introductory warning message that Tor prints on
-      startup more useful for actually finding help and information.
-      Resolves bug2474.
-
diff --git a/changes/bug3472 b/changes/bug3472
deleted file mode 100644
index d99d840..0000000
--- a/changes/bug3472
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Major features:
-
-    - Tor clients and bridges can now be easily configured to use a
-      separate 'transport' proxy. This approach helps to resist
-      censorship by allowing bridges to use protocol obfuscation
-      plugins. It implements the 'managed proxy' part of proposal
-      180. Implements ticket #3472.
diff --git a/changes/bug3953 b/changes/bug3953
deleted file mode 100644
index 5b3919f..0000000
--- a/changes/bug3953
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Build fixes:
-    - Properly handle the case where the build-tree is not the same
-      as the source tree when generating src/common/common_sha1.i,
-      src/or/micro-revision.i and src/or/or_sha1.i. Fixes bug 3953;
-      bugfix on 0.2.0.1-alpha.
-
diff --git a/changes/bug4230 b/changes/bug4230
deleted file mode 100644
index c1ba584..0000000
--- a/changes/bug4230
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Resolve an integer overflow bug in smartlist_ensure_capacity.
-      Fixes bug 4230; bugfix on Tor 0.1.0.1-rc. Based on a patch by 
-      Mansour Moufid.
-
diff --git a/changes/bug4312 b/changes/bug4312
deleted file mode 100644
index f8647d3..0000000
--- a/changes/bug4312
+++ /dev/null
@@ -1,11 +0,0 @@
-  o Security fixes:
-
-    - Block excess renegotiations even if they are RFC5746 compliant.
-      This mitigates potential SSL Denial of Service attacks that use
-      SSL renegotiation as a way of forcing the server to perform
-      unneeded computationally expensive SSL handshakes. Implements
-      #4312.
-
-    - Fix a bug where tor would not notice excess renegotiation
-      attempts before it received the first data SSL record. Fixes
-      part of #4312.
diff --git a/changes/bug4554 b/changes/bug4554
deleted file mode 100644
index e4754c2..0000000
--- a/changes/bug4554
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix a compile warning in tor_inet_pton(). Bugfix on 0.2.3.8-alpha;
-      fixes bug 4554.
-
diff --git a/changes/bug4574 b/changes/bug4574
deleted file mode 100644
index 0a57957..0000000
--- a/changes/bug4574
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix a minor formatting issue in one of tor-gencert's error messages.
-      Fixes bug 4574.
-
diff --git a/changes/checkSpaces b/changes/checkSpaces
deleted file mode 100644
index 91f79ed..0000000
--- a/changes/checkSpaces
+++ /dev/null
@@ -1,5 +0,0 @@
-   o Minor bugfixes:
-     - Prevent a false positive from the check-spaces script by disabling
-       the "whitespace between function name and (" check for functions
-       named 'op()'.
-
diff --git a/changes/disable_debugger_attachment b/changes/disable_debugger_attachment
deleted file mode 100644
index b413788..0000000
--- a/changes/disable_debugger_attachment
+++ /dev/null
@@ -1,16 +0,0 @@
-  o Minor features:
-    - If set to 1, Tor will attempt to prevent basic debugging
-      attachment attempts by other processes. It has no impact for
-      users who wish to attach if they have CAP_SYS_PTRACE or if they
-      are root.  We believe that this feature works on modern
-      Gnu/Linux distributions, and that it may also work on OSX and
-      some *BSD systems (untested).  Some modern Gnu/Linux systems
-      such as Ubuntu have the kernel.yama.ptrace_scope sysctl and by
-      default enable it as an attempt to limit the PTRACE scope for
-      all user processes by default. This feature will attempt to
-      limit the PTRACE scope for Tor specifically - it will not
-      attempt to alter the system wide ptrace scope as it may not even
-      exist. If you wish to attach to Tor with a debugger such as gdb
-      or strace you will want to set this to 0 for the duration of
-      your debugging. Normal users should leave it on. (Default: 1)
-
diff --git a/changes/make_version b/changes/make_version
deleted file mode 100644
index b736a87..0000000
--- a/changes/make_version
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features (build):
-    - Running "make version" now displays the version of Tor that
-      we're about to build. Idea from katmagic; resolves issue 4400.
-
diff --git a/changes/pure_removal b/changes/pure_removal
deleted file mode 100644
index 4a3343c..0000000
--- a/changes/pure_removal
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Code simplifications and refactorings:
-    - Remove the pure attribute from all functions that used it previously.
-      In many cases this we assigned it incorrectly, because the functions
-      might assert or call impure functions, and we don't have evidence
-      that keeping the pure attribute is worthwhile. Implements changes
-      suggested in ticket 4421.
-

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits