versions. (`#1713`_, `#1457`_, `#1735`_)
- A new, more extensible Introducer protocol has been added, to act as the
basis for future improvements such as accounting. Compatibility with older
- nodes is not affected. (`#466`_)
+ nodes is not affected. When server, introducer, and client are all
+ upgraded, the welcome page will show node IDs that start with "v0-" instead
+ of the old tubid. (`#466`_)
- The web-API has a new move operation that supports directly moving files
between directories. (`#1579`_)
+Security Improvements
+'''''''''''''''''''''
+
+- Newly generated introducer FURLs are unguessable. This helps to control
+ membership of private grids (although it does not stop someone who knows
+ the introducer FURL from providing any number of servers). The FURL is
+ stored in ``BASEDIR/private/introducer.furl`` rather than
+ ``BASEDIR/introducer.furl`` as before. To force an introducer to generate
+ a new FURL, delete the existing ``introducer.furl`` file and restart it.
+ After doing this, the ``[client]introducer.furl`` setting of every client
+ and server that should connect to that introducer must be updated. (`#1802`_)
+- The Welcome page no longer reveals the secret part (swissnum) of the
+ introducer and helper FURLs. For existing guessable introducer FURLs,
+ the ``introducer`` swissnum is still displayed to show that a guessable
+ FURL is in use. (`#860`_)
+
Notable Bugfixes
''''''''''''''''
+- The ``introducer.furl`` for new Introducers is now unguessable. In previous
+ releases, this FURL used a predictable swissnum, allowing a network
+ eavesdropper (who observes any node connecting to the Introducer) to access
+ the Introducer themselves, and thus use servers or offer storage service to
+ clients (i.e. "join the grid"). In the new code, the only way to join a
+ grid is to be told the introducer.furl by someone who already knew it. Note
+ that pre-existing introducers are not changed: to take advantage of this
+ fix for an existing grid, you must create a new introducer and distribute
+ the new ``introducer.furl`` to all of your users. (`#1802`_)
+- Both ``introducer.furl`` and ``helper.furl`` are now censored from the
+ Welcome page, to prevent users of your gateway from learning enough to
+ create gateway nodes of their own. (`#860`_)
- If an immutable file failed to download, e.g. due to a connection problem,
subsequent attempts to download the same file could also fail. (`#1679`_)
-- The SFTP frontend works with recent versions of Twisted, rather than
+- The SFTP frontend now works with recent versions of Twisted, rather than
giving errors or warnings about use of ``IFinishableConsumer``. (`#1926`_,
`#1564`_, `#1525`_)
- Failure handling in the SFTP frontend has been improved. (`#1525`_)
(`#1805`_, `#1783`_)
- Exceptions no longer trigger an unhelpful crash reporter on Ubuntu 12.04
("Precise") or later. (`#1746`_)
+- Improve error message when CLI tools cannot connect to a gateway. (`#974`_)
+- Other minor changes: `#1781`_, `#1812`_
Performance Improvements
''''''''''''''''''''''''
- The flogtool utility, used to read logs, can now be accessed as
``tahoe debug flogtool`` even when foolscap is not installed system-wide.
(`#1693`_)
+- The provisioning/reliability pages were removed from the main client's web
+ interface, and moved into a standalone web-based tool in
+ misc/operations_helpers/provisioning. Use the ``run.py`` script to access
+ them.
Compatibility and Dependencies
''''''''''''''''''''''''''''''
- Python >= 2.6, except Python 3 (`#1658`_)
- Twisted >= 11.0.0 (`#1771`_)
- mock >= 0.8
+- pycryptopp >= 0.6.0 (for ed25519)
+
+Precautions when Upgrading
+''''''''''''''''''''''''''
+
+- When upgrading a grid from a recent version of trunk, follow the
+ precautions from this `message to the tahoe-dev mailing list`_, to ensure
+ that announcements to the Introducer are recognized after the upgrade.
+ This is not necessary when upgrading from a previous release.
.. _`#443`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/443
.. _`#466`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/466
+.. _`#860`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/860
+.. _`#974`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/974
.. _`#1143`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1143
.. _`#1298`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1298
.. _`#1457`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1457
.. _`#1758`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1758
.. _`#1761`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1761
.. _`#1771`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1771
+.. _`#1781`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1781
.. _`#1783`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1783
+.. _`#1802`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1802
.. _`#1805`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1805
+.. _`#1812`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1812
.. _`#1915`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1915
.. _`#1926`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1926
-
+.. _`message to the tahoe-dev mailing list`:
+ https://tahoe-lafs.org/pipermail/tahoe-dev/2013-March/008096.html
Release 1.9.2 (2012-07-03)
--------------------------