[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [bridgedb/master] Add CHANGELOG entries for 0.6.1.
commit b828d5777f02dc6f544a0ea821952dc1f06e2d7d
Author: Isis Lovecruft <isis@xxxxxxxxxxxxxx>
Date: Wed Dec 13 18:55:50 2017 +0000
Add CHANGELOG entries for 0.6.1.
---
CHANGELOG | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 53 insertions(+)
diff --git a/CHANGELOG b/CHANGELOG
index 7dbe222..effc405 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,56 @@
+Changes in version 0.6.1 - 2017-12-13
+
+ * ADDS a shell script, scripts/test-moat, for testing either a
+ locally-running moat server, or a remote one through a meek
+ tunnel.
+ Thanks to David Fifield for his work on meek, assistance setting
+ it up, and providing the first version of this script.
+
+ * FIXES #24433 https://bugs.torproject.org/24433
+ The test-moat script wasn't sending an X-Forwarded-For header,
+ which triggered a bug in the moat server, since the CAPTCHA
+ solution includes an HMAC based on the client's IP (forwarded
+ through all the several layers of tunnels/proxies).
+
+ * FIXES #24443 https://bugs.torproject.org/24443
+ Due to a difference between how booleans are parsed by Python's
+ json library and normal Python booleans, the moat server was
+ generating and returning QRCodesâ?¦ regardless of whether the remote
+ client application asked for one. This is now fixed.
+
+ * FIXES #24460 https://bugs.torproject.org/24460
+ There was an unhandled error when sending certain (what appears to
+ be possibly malicious? but in a very strange way) requests to
+ BridgeDB's HTTPS distributor. The robots making the requests were
+ attempting to request bridges, but were presenting a CAPTCHA
+ solution without the correct HTML form field parameters present,
+ which isn't possible through normal usage of the web interface.
+ Whoever or whatever is doing this is now going to be endlessly
+ redirected so that they may forever spiral in their own private
+ internet hell. I reserve the right come up with a worse fate for
+ them later, should I get bored.
+
+ * FIXES #3015 https://bugs.torproject.org/3015
+ BridgeDB has had a partially-implemented concept of "buckets"
+ since the age of the dinosaurs: write some of the unallocated
+ bridges to a file which should (somehow) be manually distributed.
+ In addition to be unused and untested, there were several issues
+ with the buckets, the most significant of which were the inability
+ to request pluggable transports in a bucket and the fact that
+ buckets were not persistent in any way (e.g. if i request a bucket
+ of 50 bridges for Gomez and another with 50 for Morticia, they
+ might end up with some of the same bridges, further, tomorrow
+ they'll end up with 50 possibly different bridges than those they
+ received today). All of this code is now removed.
+
+And includes the following general changes:
+
+ * FIXES issues with JSON quote syntax and a mistaken JSON API
+ "type" parameter in the specification of the moat server (in the
+ README).
+ Thanks to Mark Smith and Kathy Brade for pointing out the issues.
+
+
Changes in version 0.6.0 - 2017-11-15
* ADDS a new JSON API distributor called "moat", which is intended
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits