[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[minion-cvs] Increment CVS version to 0.0.5alpha1
Update of /home/minion/cvsroot/src/minion
In directory moria.mit.edu:/tmp/cvs-serv32165
Modified Files:
HISTORY README TODO setup.py
Log Message:
Increment CVS version to 0.0.5alpha1
Index: HISTORY
===================================================================
RCS file: /home/minion/cvsroot/src/minion/HISTORY,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- HISTORY 9 Jun 2003 21:24:54 -0000 1.1
+++ HISTORY 12 Jun 2003 06:30:40 -0000 1.2
@@ -3,6 +3,116 @@
This file lists changes for earlier versions of Mixminion. For changes
in the latest version, see the README file.
----------------------------------------------------------------------
+NEW IN FINAL 0.0.4 RELEASE:
+ BUGFIXES:
+ - Fixed a bug that would sometimes give a useless error message when
+ trying to build a message with a too-long path.
+
+NEW IN VERSION 0.0.4rc4:
+ BUGFIXES:
+ - Improved error message on nonexistent directory.
+ - Fixed a bug (found by Mike Gurski) that could kill a server if a message
+ was received for an old key in between deleting the old key's replay cache,
+ and deleting the old key itself.
+ - Fixed a bug in setting up server directories.
+
+NEW IN VERSION 0.0.4rc3:
+ BUGFIXES:
+ - Memory leaks:
+ - Made server code release memory more aggressively.
+ - Fixed a race condition where messages could be queued on a server
+ connection that was already shutting down.
+ - Fixed memory leaks on certificate checking.
+ - Server bugs:
+ - Fixed a server crash on key-rotation that would occur when to trying
+ to open the same hash log db file twice.
+ - Fixed bug that would crash server if PublicKeyLifetime changed.
+ - Made server differentiate between ENOENT and EACCES when starting.
+ - Fixed a bug that would cause key generation to happen at the wrong
+ times.
+ - Other bugs:
+ - Fixed a bug related to using client keyrings without passwords.
+ - Made ASCII armor more reliable in the face of extraneous space,
+ headerless armor, and so on.
+ - Excluded superceeded servers from directories more thoroughly.
+
+ OTHER CHANGES:
+ - Cosmetic:
+ - Commented most uncommented code.
+ - Refactored path selection again.
+ - Refactored code to use more reliable file accessing functions.
+ - Added more unit tests
+ - Performance enhancements:
+ - Changed recommended OpenSSL version to 0.9.7b.
+ - Implementation quality
+ - Improved a few log messages.
+ - Made included etc/mixminiond.conf more reasonable by using a less
+ aggressive retry schedule, commenting out unused Allow lines, and
+ decreasing PublicKeyLifetime.
+ - Made os.expanduser work on more configuration values.
+ - Enabled threading on more C functions.
+
+NEW IN VERSION 0.0.4rc2:
+ BUGFIXES:
+ - The server shouldn't crash so much when it gets bad TLS errors or
+ timed-out connections. Sometimes, it will give better errors when it
+ does.
+
+NEW IN VERSION 0.0.4rc1:
+ First steps toward directory automation:
+ - Servers generate new keys and server descriptors when the old ones
+ are close to expiring. (~2 weeks)
+ - Servers also regenerate server descriptors when their configuration
+ changes.
+ - When a set of keys expires, a server rotates to the next set
+ automatically (with some overlap).
+ - Servers can upload their descriptors to a directory server
+ automatically.
+ - There's a trivial directory backend that accepts signed updates
+ automatically, and queues new servers.
+ - Directories now include a list of which servers are believed to be
+ working correctly. Right now, this list is still manually
+ configured.
+ - There's a cron job that regenerates the directory every so often.
+
+ Packet format overhaul:
+ - Server RSA keys are now 2048 bits long.
+ - The header representation is more compact now, so we don't pay in
+ space for the increased key length.
+
+ MMTP improvements:
+ - The certificate regime has changed so that key rotation is now
+ possible: instead of authenticating servers based on their TLS
+ keys, we authenticate based on their identity keys, which never
+ change.
+ - Packets sent from a server to itself no longer hit the network.
+ - When relaying messages, a server never opens more than 1 connection
+ at a time to the same server.
+ - MMTP clients now recognize a 'REJECTED' reply that a server can use
+ to refuse messages when under high load.
+
+ Other server improvements:
+ - Servers can (optionally) track the number of packets received,
+ relayed successfully, dropped, and so on.
+ - Servers can recognize and advertise whether they are configured
+ 'securely.'
+ - The deliver/retry logic has been largely rewritten. It should
+ freak out and die less frequently now. In any case, it also prints
+ better debugging messages, and thrashes the disk less.
+
+ Minor changes:
+ - We now use real OpenPGP-style ASCII-armor. Accept no substitutes!
+
+ Numerous UI Improvements:
+ - There are saner error messages for many common cases.
+ - Support for multiple SURB keys to prevent identity-blending attack.
+ - There's a new (temporary) 'mixminion ping' command that you can use
+ to tell whether a server is accepting connections. It's potentially
+ dangerous (if you go pinging all the servers in your path), and has
+ a banner saying so.
+ - The path selection syntax has changed to be more flexible. (You can
+ now specify a single random hop, or N random hops.)
+
NEW IN VERSION 0.0.3:
Better build support:
- Fail more gracefully with missing 'which'.
Index: README
===================================================================
RCS file: /home/minion/cvsroot/src/minion/README,v
retrieving revision 1.50
retrieving revision 1.51
diff -u -d -r1.50 -r1.51
--- README 12 Jun 2003 04:08:09 -0000 1.50
+++ README 12 Jun 2003 06:30:40 -0000 1.51
@@ -1,9 +1,6 @@
$Id$
======================================================================
-This is Mixminion version 0.0.4.
-
- WARNING! Mixminion 0.0.4 breaks backward compatibility with version 0.0.3.
- Versions older than 0.0.3 are no longer supported; you should upgrade now.
+This is Mixminion version 0.0.5, from the Mixminion CVS repository.
CONTENTS:
I. Overview
@@ -40,116 +37,6 @@
II. WHAT'S NEW IN THIS VERSION?
===============================
-
-NEW IN FINAL 0.0.4 release:
- BUGFIXES:
- - Fixed a bug that would sometimes give a useless error message when
- trying to build a message with a too-long path.
-
-NEW IN VERSION 0.0.4rc4:
- BUGFIXES:
- - Improved error message on nonexistent directory.
- - Fixed a bug (found by Mike Gurski) that could kill a server if a message
- was received for an old key in between deleting the old key's replay cache,
- and deleting the old key itself.
- - Fixed a bug in setting up server directories.
-
-NEW IN VERSION 0.0.4rc3:
- BUGFIXES:
- - Memory leaks:
- - Made server code release memory more aggressively.
- - Fixed a race condition where messages could be queued on a server
- connection that was already shutting down.
- - Fixed memory leaks on certificate checking.
- - Server bugs:
- - Fixed a server crash on key-rotation that would occur when to trying
- to open the same hash log db file twice.
- - Fixed bug that would crash server if PublicKeyLifetime changed.
- - Made server differentiate between ENOENT and EACCES when starting.
- - Fixed a bug that would cause key generation to happen at the wrong
- times.
- - Other bugs:
- - Fixed a bug related to using client keyrings without passwords.
- - Made ASCII armor more reliable in the face of extraneous space,
- headerless armor, and so on.
- - Excluded superceeded servers from directories more thoroughly.
-
- OTHER CHANGES:
- - Cosmetic:
- - Commented most uncommented code.
- - Refactored path selection again.
- - Refactored code to use more reliable file accessing functions.
- - Added more unit tests
- - Performance enhancements:
- - Changed recommended OpenSSL version to 0.9.7b.
- - Implementation quality
- - Improved a few log messages.
- - Made included etc/mixminiond.conf more reasonable by using a less
- aggressive retry schedule, commenting out unused Allow lines, and
- decreasing PublicKeyLifetime.
- - Made os.expanduser work on more configuration values.
- - Enabled threading on more C functions.
-
-NEW IN VERSION 0.0.4rc2:
- BUGFIXES:
- - The server shouldn't crash so much when it gets bad TLS errors or
- timed-out connections. Sometimes, it will give better errors when it
- does.
-
-NEW IN VERSION 0.0.4rc1:
- First steps toward directory automation:
- - Servers generate new keys and server descriptors when the old ones
- are close to expiring. (~2 weeks)
- - Servers also regenerate server descriptors when their configuration
- changes.
- - When a set of keys expires, a server rotates to the next set
- automatically (with some overlap).
- - Servers can upload their descriptors to a directory server
- automatically.
- - There's a trivial directory backend that accepts signed updates
- automatically, and queues new servers.
- - Directories now include a list of which servers are believed to be
- working correctly. Right now, this list is still manually
- configured.
- - There's a cron job that regenerates the directory every so often.
-
- Packet format overhaul:
- - Server RSA keys are now 2048 bits long.
- - The header representation is more compact now, so we don't pay in
- space for the increased key length.
-
- MMTP improvements:
- - The certificate regime has changed so that key rotation is now
- possible: instead of authenticating servers based on their TLS
- keys, we authenticate based on their identity keys, which never
- change.
- - Packets sent from a server to itself no longer hit the network.
- - When relaying messages, a server never opens more than 1 connection
- at a time to the same server.
- - MMTP clients now recognize a 'REJECTED' reply that a server can use
- to refuse messages when under high load.
-
- Other server improvements:
- - Servers can (optionally) track the number of packets received,
- relayed successfully, dropped, and so on.
- - Servers can recognize and advertise whether they are configured
- 'securely.'
- - The deliver/retry logic has been largely rewritten. It should
- freak out and die less frequently now. In any case, it also prints
- better debugging messages, and thrashes the disk less.
-
- Minor changes:
- - We now use real OpenPGP-style ASCII-armor. Accept no substitutes!
-
- Numerous UI Improvements:
- - There are saner error messages for many common cases.
- - Support for multiple SURB keys to prevent identity-blending attack.
- - There's a new (temporary) 'mixminion ping' command that you can use
- to tell whether a server is accepting connections. It's potentially
- dangerous (if you go pinging all the servers in your path), and has
- a banner saying so.
- - The path selection syntax has changed to be more flexible. (You can
- now specify a single random hop, or N random hops.)
<See HISTORY file for changes in earlier versions.>
Index: TODO
===================================================================
RCS file: /home/minion/cvsroot/src/minion/TODO,v
retrieving revision 1.121
retrieving revision 1.122
diff -u -d -r1.121 -r1.122
--- TODO 6 Jun 2003 07:17:35 -0000 1.121
+++ TODO 12 Jun 2003 06:30:40 -0000 1.122
@@ -13,174 +13,12 @@
NEEDS TO BE WRITTEN:
-For 0.0.4:
- o UI
- o The error on '-P foo' should be 'path too short',
- and not mention legs. (neruaL)
- o Better concept of too-short paths.
- o Beautify list-servers output
- o Rename 'server' to server-start; keep 'server', but
- deprecated.
- o Better error message when path+routinginfo won't fit
- into header.
- o Ctrl-C should just print "interrupted."
- o Change behavior on binary messages; don't dump 'em
- to terminals.
- o Client queues should have max-packets-to-send option.
- o DELKEYS should work. (neruaL)
- o Test
- o Internal statistics
- o Event log module
- o Create and use event log
- o Event log configurability
- o server-stats command
- o Test event log
- o Document log and events
- o Test use of event log
- o Security:
- o Support multiple SURB keys
- o Better keyrings: implement
- o Better keyrings: test
- o Backend support: implement
- o Backend support: test
- o CLI support for identities
- o Test CLI support
- o Specify behavior
- o Document in --help and README
- o Increase key length to 2048 bits
- o Specify
- o Come up with an upgrade path?
- (Result: drop backward compatibility.)
- o Bump up logs
- o Implement: Packet
- o Implement: BuildMessage
- o Implement: PacketHandler
- o Test
- o Make old tests work
- o Tests for BuildMessage with overflow.
- o Tests for parsing underflow on subheads
- o Make ServerInfo more forward-compatible.
- o Skip sections completely if the version number isn't
- recognized.
- o Implement
- o Test
- o Refactor configuration code.
- o Add new fields to ServerInfo:
- o Stub Secure-Configuration support
- o Stub Contact-Fingerprint support
- o MMTP
- o "IP" belongs in the MMTP part of the server descriptor.
- o self->self packets shouldn't hit the network.
- o Implement
- o Test
- o Don't have multiple connections to same server.
- o KEYID should be hash of signing key==hash of
- identity key. (Spec may be incorrect.)
- o Implement
- o Check expiration date on certificates
- o Use PeerCertificateCache properly
- o Test peercertificatecache.
- o Add support for "REJECTED" reply (receive only, with
- rudimentary send.)
- o Implement
- o Test
- o "mixminion ping" command
- o Implement backend
- o Implement frontend
- X Test backend
- o Test frontend
- o Bugfixes
- o "Unexpectedly closed connection" sometimes means
- "server not there." Log accordingly.
- o The retry scheduling logic is bogus.
- o Attach debugging log calls to DeliveryQueue.
- o "Iffy mode" is iffy message
- o Add more logging code to track fds with MMTPServer.
- o Make sure that deliveryFailed/deliverySucceeded
- with a nonexistent handle give a warning, and don't
- simply die.
- o Analyze logic: how can a timeout cause deliveryFailed
- on a nonexistent handle?
- o Improved path selection
- o Better syntax
- o Improved implementation
- o Tests
- o Key management:
- o Refactor the scheduler code in ServerMain. We know
- too many events now.
- o Implement
- o Document
- o Tests
- o Ability to generate new serverdesc with old keys.
- o Implement
- o Test backend
- o Automate
- o Test
- o Ability to notice discrepancies between SD and
- server configuration.
- o Implement
- o Integrate with frontend
- o Test in the field
- o Online key rotation
- o Function to determine time for next rotation event.
- o Ability to add PK to packethandler
- o Ability to remove PK from packethandler.
- o Ability to change TLS context for new connections.
- o Ability to delete PK.
- o Trigger all of the above as timed events occur.
- o Generate new SD's as needed
- o Publish as needed
- o Rudimentary directory automation (with trivial pinging)
- o CGI to receive server descriptors:
- o replace old ones if superceded,
- reject them if invalid,
- and queue them if unrecognized.
- o The actual CGI
- o Ability to move servers from queue to good-list.
- o Tests
- o Code to remember whether descriptors are published,
- and republish as needed
- o Implement
- o Add 'publish' option
- o Add explicit 'republish' command.
- o Design directory liveness format. Maybe include
- all servers in "live" list for now?
- o Add code to make directory list some servers
- as 'ungood'
- o Code to automatically regenerate directories as
- needed.
- o Make "=== BEGIN" stuff comply with openpgp rfc: why rock
- the boat?
- o Add an 'upgrade to new server format' command.
- o Try out all functionality by hand
- o Start a server
- o Get stats
- o generate directory w/ blacklisted server
- o Rotate stats
- o Failed delivery w/ retry
- o (need delkeys command!)
- o Make sure rotation gets recalculated after keygen.
- o Let users see and specifically request unrecommended servers
- o Does rotation happen?
- o Make sure that stats log isn't truncated, and that it is closed
- and reopened on sighup.
- o Add note to README about decreasing key lifetime.
- o Partially superceded descriptors should get replaced in dir,
- right?
- o Resolve all the memory leaks.
- o resolve all XXXX004s
- o Finish all documentation
- o Add a warning banner.
- o Remaining unit tests
- o Tests for remembering whether keys are published
- o Tests for ServerKeyset.regenerate
-
For 0.0.5:
- Background projects:
- Work on porting clients to cygwin, win32.
- Twisted port decision
- Website, FAQ
- - Support for email headers
+ - Initial support for email headers
- Subject
- From (limited)
- In-Reply-To
@@ -200,6 +38,9 @@
- Tests for ServerInbox and Directory.py
- Tests for checkConsistency
- Make 'SIGHUP' reload, (and 'SIGUSR' dump).
+ - Performance
+ - Lazy-load deliverable messages.
+ - Don't block while shredding messages at startup.
For 0.0.6:
Index: setup.py
===================================================================
RCS file: /home/minion/cvsroot/src/minion/setup.py,v
retrieving revision 1.62
retrieving revision 1.63
diff -u -d -r1.62 -r1.63
--- setup.py 12 Jun 2003 04:08:13 -0000 1.62
+++ setup.py 12 Jun 2003 06:30:40 -0000 1.63
@@ -6,9 +6,9 @@
#
# Current Mixminion version
#
-VERSION = '0.0.4'
-# System: 0==alpha, 50==beta, 99==release candidate, 100==release
-VERSION_INFO = (0,0,4,100,-1)
+VERSION = '0.0.5alpha1'
+# System: 0==alpha, 50==beta, 98=pre, 99==release candidate, 100==release
+VERSION_INFO = (0,0,5,0,1)
# Check the version. We need to make sure version_info exists before we
# compare to it: it was only added as of Python version 1.6.