prepare changelog for new release

14 files changed, 129 insertions, 62 deletions

diff --git a/ChangeLog b/ChangeLog
index b87449ab69..0098e8f9dc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,132 @@
+Changes in version 0.2.2.20-alpha - 2010-12-17
+  Tor 0.2.2.20-alpha does some code cleanup to reduce the risk of remotely
+  exploitable bugs. We also fix a variety of other significant bugs,
+  change the IP address for one of our directory authorities, and update
+  the minimum version that Tor relays must run to join the network.
+
+  o Major bugfixes:
+    - Fix a remotely exploitable bug that could be used to crash instances
+      of Tor remotely by overflowing on the heap. Remote-code execution
+      hasn't been confirmed, but can't be ruled out. Everyone should
+      upgrade. Bugfix on the 0.1.1 series and later.
+    - Fix a bug that could break accounting on 64-bit systems with large
+      time_t values, making them hibernate for impossibly long intervals.
+      Fixes bug 2146. Bugfix on 0.0.9pre6; fix by boboper.
+    - Fix a logic error in directory_fetches_from_authorities() that
+      would cause all _non_-exits refusing single-hop-like circuits
+      to fetch from authorities, when we wanted to have _exits_ fetch
+      from authorities. Fixes more of 2097. Bugfix on 0.2.2.16-alpha;
+      fix by boboper.
+    - Fix a stream fairness bug that would cause newer streams on a given
+      circuit to get preference when reading bytes from the origin or
+      destination. Fixes bug 2210. Fix by Mashael AlSabah. This bug was
+      introduced before the first Tor release, in svn revision r152.
+
+  o Directory authority changes:
+    - Change IP address and ports for gabelmoo (v3 directory authority).
+
+  o Minor bugfixes:
+    - Avoid crashes when AccountingMax is set on clients. Fixes bug 2235.
+      Bugfix on 0.2.2.18-alpha. Diagnosed by boboper.
+    - Fix an off-by-one error in calculating some controller command
+      argument lengths. Fortunately, this mistake is harmless since
+      the controller code does redundant NUL termination too. Found by
+      boboper. Bugfix on 0.1.1.1-alpha.
+    - Do not dereference NULL if a bridge fails to build its
+      extra-info descriptor. Found by an anonymous commenter on
+      Trac. Bugfix on 0.2.2.19-alpha.
+
+  o Minor features:
+    - Update to the December 1 2010 Maxmind GeoLite Country database.
+    - Directory authorities now reject relays running any versions of
+      Tor between 0.2.1.3-alpha and 0.2.1.18 inclusive; they have
+      known bugs that keep RELAY_EARLY cells from working on rendezvous
+      circuits. Followup to fix for bug 2081.
+    - Directory authorities now reject relays running any version of Tor
+      older than 0.2.0.26-rc. That version is the earliest that fetches
+      current directory information correctly. Fixes bug 2156.
+    - Report only the top 10 ports in exit-port stats in order not to
+      exceed the maximum extra-info descriptor length of 50 KB. Implements
+      task 2196.
+    - Build correctly on mingw with more recent version of OpenSSL 0.9.8.
+      Patch from mingw-san.
+
+
+Changes in version 0.2.1.27 - 2010-11-23
+  Yet another OpenSSL security patch broke its compatibility with Tor:
+  Tor 0.2.1.27 makes relays work with openssl 0.9.8p and 1.0.0.b. We
+  also took this opportunity to fix several crash bugs, integrate a new
+  directory authority, and update the bundled GeoIP database.
+
+  o Major bugfixes:
+    - Resolve an incompatibility with OpenSSL 0.9.8p and OpenSSL 1.0.0b:
+      No longer set the tlsext_host_name extension on server SSL objects;
+      but continue to set it on client SSL objects. Our goal in setting
+      it was to imitate a browser, not a vhosting server. Fixes bug 2204;
+      bugfix on 0.2.1.1-alpha.
+    - Do not log messages to the controller while shrinking buffer
+      freelists. Doing so would sometimes make the controller connection
+      try to allocate a buffer chunk, which would mess up the internals
+      of the freelist and cause an assertion failure. Fixes bug 1125;
+      fixed by Robert Ransom. Bugfix on 0.2.0.16-alpha.
+    - Learn our external IP address when we're a relay or bridge, even if
+      we set PublishServerDescriptor to 0. Bugfix on 0.2.0.3-alpha,
+      where we introduced bridge relays that don't need to publish to
+      be useful. Fixes bug 2050.
+    - Do even more to reject (and not just ignore) annotations on
+      router descriptors received anywhere but from the cache. Previously
+      we would ignore such annotations at first, but cache them to disk
+      anyway. Bugfix on 0.2.0.8-alpha. Found by piebeer.
+    - When you're using bridges and your network goes away and your
+      bridges get marked as down, recover when you attempt a new socks
+      connection (if the network is back), rather than waiting up to an
+      hour to try fetching new descriptors for your bridges. Bugfix on
+      0.2.0.3-alpha; fixes bug 1981.
+
+  o Major features:
+    - Move to the November 2010 Maxmind GeoLite country db (rather
+      than the June 2009 ip-to-country GeoIP db) for our statistics that
+      count how many users relays are seeing from each country. Now we'll
+      have more accurate data, especially for many African countries.
+
+  o New directory authorities:
+    - Set up maatuska (run by Linus Nordberg) as the eighth v3 directory
+      authority.
+
+  o Minor bugfixes:
+    - Fix an assertion failure that could occur in directory caches or
+      bridge users when using a very short voting interval on a testing
+      network. Diagnosed by Robert Hogan. Fixes bug 1141; bugfix on
+      0.2.0.8-alpha.
+    - Enforce multiplicity rules when parsing annotations. Bugfix on
+      0.2.0.8-alpha. Found by piebeer.
+    - Allow handshaking OR connections to take a full KeepalivePeriod
+      seconds to handshake. Previously, we would close them after
+      IDLE_OR_CONN_TIMEOUT (180) seconds, the same timeout as if they
+      were open. Bugfix on 0.2.1.26; fixes bug 1840. Thanks to mingw-san
+      for analysis help.
+    - When building with --enable-gcc-warnings on OpenBSD, disable
+      warnings in system headers. This makes --enable-gcc-warnings
+      pass on OpenBSD 4.8.
+
+  o Minor features:
+    - Exit nodes didn't recognize EHOSTUNREACH as a plausible error code,
+      and so sent back END_STREAM_REASON_MISC. Clients now recognize a new
+      stream ending reason for this case: END_STREAM_REASON_NOROUTE.
+      Servers can start sending this code when enough clients recognize
+      it. Bugfix on 0.1.0.1-rc; fixes part of bug 1793.
+    - Build correctly on mingw with more recent versions of OpenSSL 0.9.8.
+      Patch from mingw-san.
+
+  o Removed files:
+    - Remove the old debian/ directory from the main Tor distribution.
+      The official Tor-for-debian git repository lives at the URL
+      https://git.torproject.org/debian/tor.git
+    - Stop shipping the old doc/website/ directory in the tarball. We
+      changed the website format in late 2010, and what we shipped in
+      0.2.1.26 really wasn't that useful anyway.
+
+
 Changes in version 0.2.2.19-alpha - 2010-11-22
   Yet another OpenSSL security patch broke its compatibility with Tor:
   Tor 0.2.2.19-alpha makes relays work with OpenSSL 0.9.8p and 1.0.0.b.
diff --git a/changes/bug2081_followup b/changes/bug2081_followup
deleted file mode 100644
index a53227c38e..0000000000
--- a/changes/bug2081_followup
+++ /dev/null
@@ -1,9 +0,0 @@
-  o Minor features (authorities)
-    - Directory authorities now reject relays running any versions of
-      Tor between 0.2.1.3-alpha and 0.2.1.18 inclusive; they have
-      known bugs that keep RELAY_EARLY cells from working on rendezvous
-      circuits.  Followup to fix for bug 2081.
-    - Directory authorities now reject relays running any version of Tor
-      older than 0.2.0.26-rc.  That is the earliest version that fetches
-      current directory information correctly.  Fix for bug 2156.
-
diff --git a/changes/bug2097-more b/changes/bug2097-more
deleted file mode 100644
index 52351cc019..0000000000
--- a/changes/bug2097-more
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - Fix a logic error in directory_fetches_from_authorities that
-      would cause all _non_-exits refusing single-hop-like circuits to
-      fetch from authorities, when we wanted to have _exits_ fetch
-      from authorities.  Fix by boboper; fixes more of 2097; bugfix on
-      0.2.2.16-alpha.
diff --git a/changes/bug2146.1 b/changes/bug2146.1
deleted file mode 100644
index 5b91c59a68..0000000000
--- a/changes/bug2146.1
+++ /dev/null
@@ -1,4 +0,0 @@
-  - Major bugfixes:
-    o Fix a bug that could break accounting on 64-bit systems with large
-      time_t values, making them hibernate for impossibly long intervals.
-      Bugfix on 0.0.9pre6; fix for bug 2146; fix by boboper.
diff --git a/changes/bug2210 b/changes/bug2210
deleted file mode 100644
index fe1c049fcd..0000000000
--- a/changes/bug2210
+++ /dev/null
@@ -1,5 +0,0 @@
-  o ?? bugfixes:
-    - Fix a bug that would cause newer streams on a given circuit to
-      get preference when reading bytes from the network.  Fixes bug
-      2210.  Fix by Mashael AlSabah.  This bug was introduced before
-      the first Tor release, in svn revision r152.
diff --git a/changes/bug2235 b/changes/bug2235
deleted file mode 100644
index 0c3bafa44f..0000000000
--- a/changes/bug2235
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes
-    - Avoid crashes when AccountingMax is set on clients.  Fixes bug 2235;
-      Bugfix on 0.2.2.18-alpha.  Diagnosed by boboper.
diff --git a/changes/bytecount b/changes/bytecount
deleted file mode 100644
index 50c4d6b35e..0000000000
--- a/changes/bytecount
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes
-    - Fix a off-by-one error in calculating some controller command argument
-      lengths.  Fortunately, this is harmless, the controller code does
-      redundant NUL termination too.  Found by boboper.  Bugfix on
-      0.1.1.1-alpha.
diff --git a/changes/fix2195-fix b/changes/fix2195-fix
deleted file mode 100644
index 9f03c2465e..0000000000
--- a/changes/fix2195-fix
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - Do not dereference NULL if a bridge fails to build its
-      extra-info descriptor. Previously, we would have dereferenced
-      NULL. Found by an anonymous commenter on Trac. Bugfix on
-      0.2.2.19-alpha.
-
diff --git a/changes/gabelmoo-newip b/changes/gabelmoo-newip
deleted file mode 100644
index 8e9a19c657..0000000000
--- a/changes/gabelmoo-newip
+++ /dev/null
@@ -1,3 +0,0 @@
- o Directory authority changes:
-    - Change IP address and ports for gabelmoo (v3 directory authority).
-
diff --git a/changes/geoip-dec2010 b/changes/geoip-dec2010
deleted file mode 100644
index d6247cee6b..0000000000
--- a/changes/geoip-dec2010
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the December 1 2010 Maxmind GeoLite Country database.
-
diff --git a/changes/mingw-openssl098m b/changes/mingw-openssl098m
deleted file mode 100644
index b4199760b7..0000000000
--- a/changes/mingw-openssl098m
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features
-   - Build correctly on mingw with more recent version of OpenSSL 0.9.8.
-     Patch from mingw-san.
diff --git a/changes/remove-website b/changes/remove-website
deleted file mode 100644
index ecbfbf9bc2..0000000000
--- a/changes/remove-website
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Removed files:
-    - Stop shipping the old doc/website/ directory in the tarball. We
-      changed the website format in late 2010, and what we shipped in
-      0.2.1.26 really wasn't that useful anyway.
-
diff --git a/changes/security_bug b/changes/security_bug
deleted file mode 100644
index 990beee506..0000000000
--- a/changes/security_bug
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Major bugfixes:
-    - Fix a remotely exploitable bug that could be used to crash instances
-      of Tor remotely by overflowing on the heap.  Remove-code execution
-      hasn't been confirmed, but can't be ruled out.  Obviously, everyone
-      should upgrade.  Bugfix on the 0.1.1 series and later.
diff --git a/changes/task2196 b/changes/task2196
deleted file mode 100644
index e629fccac2..0000000000
--- a/changes/task2196
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor features:
-    - Report only the top 10 ports in exit-port stats in order not to
-      exceed the maximum extra-info descriptor length of 50 KB. Implements
-      task 2196.
-