Mixminion

BUGFIXES:
- Memory leaks:
- Made server code release memory more aggressively.
- Fixed a race condition where messages could be queued on a server
connection that was already shutting down.
- Fixed memory leaks on certificate checking.
- Server bugs:
- Fixed a server crash on key-rotation that would occur when to trying
to open the same hash log db file twice.
- Fixed bug that would crash server if PublicKeyLifetime changed.
- Made server differentiate between ENOENT and EACCES when starting.
- Fixed a bug that would cause key generation to happen at the wrong
times.
- Other bugs:
- Fixed a bug related to using client keyrings without passwords.
- Made ASCII armor more reliable in the face of extraneous space,
headerless armor, and so on.
- Excluded superseded servers from directories more thoroughly.

OTHER CHANGES:
- Cosmetic:
- Commented most uncommented code.
- Refactored path selection again.
- Refactored code to use more reliable file accessing functions.
- Added more unit tests
- Performance enhancements:
- Changed recommended OpenSSL version to 0.9.7b.
- Implementation quality
- Improved a few log messages.
- Made included etc/mixminiond.conf more reasonable by using a less
aggressive retry schedule, commenting out unused Allow lines, and
decreasing PublicKeyLifetime.
- Made os.expanduser work on more configuration values.
- Enabled threading on more C functions.

BUGFIXES:
- The server shouldn't crash so much when it gets bad TLS errors or
timed-out connections. Sometimes, it will give better errors when it
does.

First steps toward directory automation:
- Servers generate new keys and server descriptors when the old ones
are close to expiring. (~2 weeks)
- Servers also regenerate server descriptors when their configuration
changes.
- When a set of keys expires, a server rotates to the next set
automatically (with some overlap).
- Servers can upload their descriptors to a directory server
automatically.
- There's a trivial directory backend that accepts signed updates
automatically, and queues new servers.
- Directories now include a list of which servers are believed to be
working correctly. Right now, this list is still manually
configured.
- There's a cron job that regenerates the directory every so often.

Packet format overhaul:
- Server RSA keys are now 2048 bits long.
- The header representation is more compact now, so we don't pay in
space for the increased key length.

MMTP improvements:
- The certificate regime has changed so that key rotation is now
possible: instead of authenticating servers based on their TLS
keys, we authenticate based on their identity keys, which never
change.
- Packets sent from a server to itself no longer hit the network.
- When relaying messages, a server never opens more than 1 connection
at a time to the same server.
- MMTP clients now recognize a 'REJECTED' reply that a server can use
to refuse messages when under high load.

Other server improvements:
- Servers can (optionally) track the number of packets received,
relayed successfully, dropped, and so on.
- Servers can recognize and advertise whether they are configured
'securely.'
- The deliver/retry logic has been largely rewritten. It should
freak out and die less frequently now. In any case, it also prints
better debugging messages, and thrashes the disk less.

Minor changes:
- We now use real OpenPGP-style ASCII-armor. Accept no substitutes!

Numerous UI Improvements:
- There are saner error messages for many common cases.
- Support for multiple SURB keys to prevent identity-blending attack.
- There's a new (temporary) 'mixminion ping' command that you can use
to tell whether a server is accepting connections. It's potentially
dangerous (if you go pinging all the servers in your path), and has
a banner saying so.
- The path selection syntax has changed to be more flexible. (You can
now specify a single random hop, or N random hops.)

Better build support:
- Fail more gracefully with missing 'which'.
- Fail more gracefully with missing python-dev.
- Portability fixes for Python 2.0.
Client tweaks:
- Default connection timeout to 1 minute.
- Rename stop-server to server-stop.
- Rename reload-server to server-reload.

Numerous bugfixes, including:
- More verbose client locking
- More reasonable log messages
- Better messages on missing openssl
- Improved documentation
- Better support for confused permissions on build
- Better errors on failing directory retrieval
- Less verbose description of reply blocks skipped.
- Base64 encoding should no longer get corrupted by outlook
- Fix nasty race on queue cleaning.
- The code compiles (but doesn't run) under cygwin.
New features:
- mixminion stop-server and mixminion reload-server commands.

CLIENT:
- Single-use reply blocks (SURBs) are fully supported and available.
- You can use client-side pooling: it holds messages until you're
ready to send them. Pooling also prevents you from losing
messages when the first hop in your path is temporarily down.
- You can now decode binary messages or reply messages from the command
line.
- We now time out faster when servers are down.
- Many error messages are far friendlier.
- It's now safe to run multiple instances of the client at once.
- Numerous UI improvements and typo fixes; error reporting is better in
many ways.
BUILD:
- It's easier to build with different OpenSSL installations.
SERVERS:
- Servers now have a lightly multithreaded design to prevent extreme
stalling under heavy loads. Now the network should remain fairly
responsive under far more traffic than before.
- When a message delivery fails, the retry schedule is more reasonable.
By default, a server will retry an undeliverable message every
30 minutes for a day, then every 7 hours for 5 days.
- All modules that use SMTP now set a "X-Anonymous: yes" header.
CONFORMANCE:
- We now implement MMTP correctly; before, we didn't accept junk
packets; handle protocol negotiation right; or do support key
renegotiation.
- DROP packets have random payloads.
- A nasty bug in our implementation of counter mode is fixed. On
the bright side, big-endian and little-endian hosts should now,
finally, be compatible. On the minus side, we lose backward
compatibility.
- Server descriptors and directories now follow a more forward-
compatible format: we can add sections and entries in the future
with less risk of breaking existing clients.