start folding in changes entries for 0.2.2.26-alpha

17 files changed, 75 insertions, 92 deletions

diff --git a/ChangeLog b/ChangeLog
index 7e95671c1f..e2c2d29d08 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,78 @@
+Changes in version 0.2.2.26-alpha - 2011-05-??
+  o Security fixes:
+    - Replace all potentially sensitive memory comparison operations
+      with versions whose runtime does not depend on the data being
+      compared. This will help resist a class of attacks where an
+      adversary can use variations in timing information to learn
+      sensitive data. Fix for one case of bug 3122. (Safe memcmp
+      implementation by Robert Ransom based partially on code by DJB.)
+
+  o Major features:
+    - The options SocksPort, ControlPort, and so on now all accept a
+      value "auto" that opens a socket on an OS-selected port. A
+      new ControlPortWriteToFile option tells Tor to write its
+      actual control port or ports to a chosen file. If the option
+      ControlPortFileGroupReadable is set, the file is created as
+      group-readable. Now users can run two Tor clients on the same
+      system without needing to manually mess with parameters. Resolves
+      part of ticket 3076.
+
+  o Minor features:
+    - New "GETINFO net/listeners/(type)" controller command to return
+      a list of addresses and ports that are bound for listeners for a
+      given connection type. This is useful when the user has configured
+      "SocksPort auto" and the controller needs to know which port got
+      chosen. Resolves another part of ticket 3076.
+    - Rate-limit a warning about failures to download v2 networkstatus
+      documents.  Resolves part of bug 1352.
+    - Backport code from 0.2.3.x to allow directory authorities to clean
+      their microdescriptor caches. Needed to resolve bug 2230.
+    - When an HTTPS proxy reports "403 Forbidden", we now explain
+      what it means rather than calling it an unexpected status code.
+      Closes bug 2503. Patch from "mikey". 
+    - Update to the May 1 2011 Maxmind GeoLite Country database.
+
+  o Minor bugfixes:
+    - When loading the microdesc journal, remember its current size.
+      In 0.2.2, this helps prevent the microdesc journal from growing
+      without limit on authorities (who are the only ones to use it in
+      0.2.2). Fixes a part of bug 2230; bugfix on 0.2.2.6-alpha.
+      Fix posted by "cypherpunks."
+    - The microdesc journal is supposed to get rebuilt only if it is
+      at least _half_ the length of the store, not _twice_ the length
+      of the store.  Bugfix on 0.2.2.6-alpha; fixes part of bug 2230.
+    - Authorities now clean their microdesc cache periodically and when
+      reading from disk initially, not only when adding new descriptors.
+      This prevents a bug where we could lose microdescriptors. Bugfix
+      on 0.2.2.6-alpha. 2230
+    - Fix a potential null-pointer dereference while computing a
+      consensus. Bugfix on tor-0.2.0.3-alpha, found with the help of
+      clang's analyzer.
+    - Do not crash when our configuration file becomes unreadable, for
+      example due to a permissions change, between when we start up
+      and when a controller calls SAVECONF. Fixes bug 3135; bugfix
+      on 0.0.9pre6.
+    - Avoid a bug that would keep us from replacing a microdescriptor
+      cache on Windows. (We would try to replace the file while still
+      holding it open. That's fine on Unix, but Windows doesn't let us
+      do that.) Bugfix on 0.2.2.6-alpha; bug found by wanoskarnet.
+    - Avoid a possible null-pointer dereference when rebuilding the mdesc
+      cache without actually having any descriptors to cache. Bugfix on
+      0.2.2.6-alpha. Issue discovered using clang's static analyzer.
+    - If we fail to compute the identity digest of a v3 legacy keypair,
+      warn, and don't use a buffer-full of junk instead. Bugfix on
+      0.2.1.1-alpha; fixes bug 3106.
+    - Add missing explanations for the authority-related torrc options
+      RephistTrackTime, BridgePassword, and V3AuthUseLegacyKey in the
+      man page. Resolves issue 2379.
+
+  o Removed features:
+    - Caches no longer download and serve v2 networkstatus documents
+      unless FetchV2Networkstatus flag is set: these documents haven't
+      haven't been used by clients or relays since 0.2.0.x. Resolves
+      bug 3022.
+
+
 Changes in version 0.2.2.25-alpha - 2011-04-29
   Tor 0.2.2.25-alpha fixes many bugs: hidden service clients are more
   robust, routers no longer overreport their bandwidth, Win7 should crash
diff --git a/changes/bug1352 b/changes/bug1352
deleted file mode 100644
index bde0192401..0000000000
--- a/changes/bug1352
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features
-    - Rate-limit a warning about failures to download v2 networkstatus
-      documents.  Resolves part of bug 1352.
-
diff --git a/changes/bug2230_clean_1 b/changes/bug2230_clean_1
deleted file mode 100644
index a4edf9439e..0000000000
--- a/changes/bug2230_clean_1
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features
-    - Backport code from 0.2.3.x to allow directory authorities to clean
-      their microdescriptor caches.
-
diff --git a/changes/bug2230_part1 b/changes/bug2230_part1
deleted file mode 100644
index 79f725410d..0000000000
--- a/changes/bug2230_part1
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Minor bugfixes
-    - When loading the microdesc journal, remember its current size.
-      In 0.2.2, this helps prevent the microdesc journal from growing
-      without limit on authorities (who are the only ones to use it in
-      0.2.2).  Fixes a part of bug 2230; bugfix on 0.2.2.6-alpha.
-      Fix posted by "cypherpunks."
-      
diff --git a/changes/bug2230_part2 b/changes/bug2230_part2
deleted file mode 100644
index 2664ecc1a0..0000000000
--- a/changes/bug2230_part2
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes
-    - The microdesc journal is supposed to get rebuilt only if it is
-      at least _half_ the length of the store, not _twice_ the length
-      of the store.   Bugfix on 0.2.2.6-alpha; fixes part of bug 2230.
-
diff --git a/changes/bug2230_part4 b/changes/bug2230_part4
deleted file mode 100644
index f7721fad34..0000000000
--- a/changes/bug2230_part4
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - Authorities now clean their microdesc cache periodically and when
-      reading from disk initially, not only when adding new descriptors.
-      This prevents a bug where we could lose microdescriptors.  Bugfix
-      on 0.2.2.6-alpha.
-
diff --git a/changes/bug2379 b/changes/bug2379
deleted file mode 100644
index 0d378b7c12..0000000000
--- a/changes/bug2379
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Documentation:
-    - Add missing documentation for the authority-related torrc options
-      RephistTrackTime, BridgePassword, and V3AuthUseLegacyKey.  Resolves
-      issue 2379.
-      
diff --git a/changes/bug2503 b/changes/bug2503
deleted file mode 100644
index 50b8bf50c2..0000000000
--- a/changes/bug2503
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features:
-    - When an HTTPS proxy reports "403 Forbidden", we now explain
-      what it means rather than calling it an unexpected status code.
-      Closes bug 2503.  Patch from "mikey". 
diff --git a/changes/bug3022 b/changes/bug3022
deleted file mode 100644
index 9472e6d196..0000000000
--- a/changes/bug3022
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Removed features
-    - Caches no longer download and serve v2 networkstatus documents
-      unless FetchV2Networkstatus flag is set: these documents haven't
-      haven't been used by clients or relays since 0.2.0.x.  Resolves
-      bug 3022.
-
diff --git a/changes/bug3122_memcmp b/changes/bug3122_memcmp
deleted file mode 100644
index a049476743..0000000000
--- a/changes/bug3122_memcmp
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Security fixes
-    - Replace all potentially sensitive memory comparison operations
-      with versions whose runtime does not depend on the data being
-      compared. This will help resist a class of attacks where an
-      adversary can use variations in timing information to learn
-      sensitive data.  Fix for one case of bug 3122.  (Safe memcmp
-      implementation by Robert Ransom based partially on code by DJB.)
diff --git a/changes/bug3135 b/changes/bug3135
deleted file mode 100644
index d761123480..0000000000
--- a/changes/bug3135
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes
-    - Do not crash when our configuration file becomes unreadable
-      (usually due to a permissions change) between when we start
-      up and when a controller calls SAVECONF.  Fixes bug 3135;
-      bugfix on 0.0.9pre6.
-
diff --git a/changes/dirvote_null_deref b/changes/dirvote_null_deref
deleted file mode 100644
index 65dc519f52..0000000000
--- a/changes/dirvote_null_deref
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix a potential null-pointer dereference while computing a consensus.
-      Bugfix on tor-0.2.0.3-alpha, found with the help of clang's analyzer.
-
diff --git a/changes/feature3076 b/changes/feature3076
deleted file mode 100644
index a3dcec8741..0000000000
--- a/changes/feature3076
+++ /dev/null
@@ -1,14 +0,0 @@
-  o Minor features
-    - The options SocksPort, ControlPort, and so on now all accept an
-      optional value "auto" that opens a socket on an OS-selected port.
-  o Minor features (controller)
-    - GETINFO net/listeners/(type) now returns a list of the addresses
-      and ports that are bound for listeners for a given connection
-      type.  This is useful for if the user has selected SocksPort
-      "auto", and you need to know which port got chosen.
-    - There is a ControlPortWriteToFile option that tells Tor to write
-      its actual control port or ports to a chosen file.  If the option
-      ControlPortFileGroupReadable is set, the file is created as
-      group-readable.
-
-
diff --git a/changes/geoip-may2011 b/changes/geoip-may2011
deleted file mode 100644
index c908f24b45..0000000000
--- a/changes/geoip-may2011
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the May 1 2011 Maxmind GeoLite Country database.
-
diff --git a/changes/md_cache_replace b/changes/md_cache_replace
deleted file mode 100644
index 88e029c00a..0000000000
--- a/changes/md_cache_replace
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes
-    - Avoid a bug that would keep us from replacing a microdescriptor
-      cache on Windows.  (We would try to replace the file while still
-      holding it open.  That's fine on Unix, but Windows doesn't let us
-      do that.)  Bugfix on 0.2.2.6-alpha; bug found by wanoskarnet.
-
diff --git a/changes/mdesc_null_deref b/changes/mdesc_null_deref
deleted file mode 100644
index 30f0280536..0000000000
--- a/changes/mdesc_null_deref
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Avoid a possible null-pointer dereference when rebuilding the mdesc
-      cache without actually having any descriptors to cache. Bugfix on
-      0.2.2.6-alpha. Issue discovered using clang's static analyzer.
-
diff --git a/changes/warn-if-get_digest-fails b/changes/warn-if-get_digest-fails
deleted file mode 100644
index 6cfc1082a7..0000000000
--- a/changes/warn-if-get_digest-fails
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - If we fail to compute the identity digest of a v3 legacy
-      keypair, warn, and don't use a buffer-full of junk instead.
-      Bugfix on 0.2.1.1-alpha; fixes bug 3106.
-
-