start to fold in changelog entries

25 files changed, 95 insertions, 110 deletions

diff --git a/ChangeLog b/ChangeLog
index 52c73451ef..43db8aa48c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,98 @@
+Changes in version 0.2.3.14-alpha - 2012-04-??
+
+  o Directory authority changes:
+    - Change IP address for ides (v3 directory authority), and rename
+      it to turtles.
+
+  o Security fixes:
+    - When using the debuging BridgePassword field, a bridge authority
+      now compares alleged passwords by hashing them, then comparing
+      the result to a digest of the expected authenticator. This avoids
+      a potential side-channel attack in the previous code, which
+      had foolishly used strcmp().  Fortunately, the BridgePassword field
+      *is not in use*, but if it had been, the timing
+      behavior of strcmp() might have allowed an adversary to guess the
+      BridgePassword value, and enumerate the bridges. Bugfix on
+      0.2.0.14-alpha. Fixes bug 5543.
+
+  o Major bugfixes:
+    - Do not allow the presence of one consensus flavor to keep us from
+      downloading another. Previously, we had one "time to download a
+      consensus" timer, which didn't understand the idea of having one
+      consensus but wanting to download another. Fixes bug 4011; fix on
+      0.2.3.1-alpha.
+    - If authorities are unable to get a set of v2 consensus documents
+      from other directory authorities, they no longer fail-back and
+      try to fetch them from regular directory caches. Fixes bug 5635;
+      bugfix on 0.2.2.26-beta, where routers stopped downloading v2
+      consensus documents entirely.
+    - Prevent a client-side assertion failure when receiving an INTRODUCE2
+      cell on a general purpose circuit. Fixes bug 5644; bugfix on
+      0.2.1.6-alpha.
+    - Avoid logging uninitialized data when unable to decode a hidden
+      service descriptor cookie.  Fixes bug 5647; bugfix on 0.2.1.5-alpha.
+
+  o Major features (performance):
+    - When built to use the newly OpenSSL 1.0.1, and built for an x86 or
+      x86_64 instruction set, take advantage of OpenSSL's AESNI,
+      bitsliced, or vectorized AES implementations as appropriate. These
+      can be much, much faster than other AES implementations.
+
+  o Minor bugfixes:
+    - Don't log that we have "decided to publish new relay descriptor"
+      unless we are actually publishing a descriptor. Fixes bug 3942;
+      bugfix on 0.2.3.2-alpha.
+    - Fix bug stomping on ORPort option NoListen and ignoring option
+      NoAdvertise. Fixes bug 5151; bugfix on 0.2.3.9-alpha.
+    - In the testsuite, provide a large enough buffer in the tor_sscanf
+      unit test. We'd otherwise overrun that buffer and crash during the
+      unit tests. Fixes bug 5449; bugfix on 0.2.3.12-alpha. Thanks weasel
+      for spotting the bug.
+    - Fix a bug where a bridge authority crashes (on a failed assert)
+      if it has seen no directory requests when it's time to write
+      statistics to disk. Fixes bug 5508. Bugfix on 0.2.3.6-alpha.
+    - Enforce correct return behavior of tor_vsscanf(), when the '%%'
+      pattern is used. Fixes bug 5558. Bugfix on 0.2.1.13.
+    - Make sure we create the keys directory if it doesn't exist and we're
+      about to store the dynamic diffie hellman parameters. Fixes bug 5572;
+      bugfix on 0.2.3.13-alpha.
+    - When sending an HTTP/1.1 proxy request, include a Host header.
+      Fixes bug 5593; bugfix on 0.2.2.1-alpha.
+    - Fix a small memory leak when trying to decode incorrect base16
+      authenticator during SAFECOOKIE authentication. Found by
+      Coverity Scan. Fixes CID 507. Bugfix on 0.2.3.13-alpha.
+
+  o Minor features:
+    - Add more information to a log statement that might help track down
+      bug 4091. If you're seeing "Bug: tor_addr_is_internal() called with a
+      non-IP address" messages (or any Bug messages, for that matter!),
+      please let us know about it.
+    - Relays now understand an IPv6 address when they get one from a
+      directory server. Resolves ticket 4875.
+    - Resolve IPv6 addresses in bridge and entry statistics to country
+      code "??" which means we at least count them. Resolves ticket 5053;
+      improves on 0.2.3.9-alpha.
+    - Update to the April 3 2012 Maxmind GeoLite Country database.
+
+  o Documentation:
+    - Begin a state-contents.txt file in doc to explain the contents
+      of the Tor state file. Fixes bug 2987.
+    - Document unit of bandwidth related options in sample torrc.
+      Fixes bug 5621.
+
+  o Removed features:
+    - The "torify" script no longer supports the "tsocks" sockifier
+      tool, since it doesn't support DNS and UDP right for Tor.
+      Everyone should be using torsocks instead. Fixes bugs 3530 and
+      5180. Based on a patch by "ugh".
+
+  o Code refactoring:
+    - Change the symmetric cipher interface so that creating and
+      initializing a stream cipher are no longer separate functions.
+    - Remove all internal support for unpadded RSA. We never used it, and
+      it would be a bad idea to start.
+
+
 Changes in version 0.2.3.13-alpha - 2012-03-26
   Tor 0.2.3.13-alpha fixes a variety of stability and correctness bugs
   in managed pluggable transports, as well as providing other cleanups
diff --git a/changes/bridgepassword b/changes/bridgepassword
deleted file mode 100644
index 5f0e250ff6..0000000000
--- a/changes/bridgepassword
+++ /dev/null
@@ -1,11 +0,0 @@
-  o Security fixes:
-    - When using the debuging BridgePassword field, a bridge authority
-      now compares alleged passwords by hashing them, then comparing
-      the result to a digest of the expected authenticator. This avoids
-      a potential side-channel attack in the previous code, which
-      had foolishly used strcmp().  Fortunately, the BridgePassword field
-      *is not in use*, but if it had been, the timing
-      behavior of strcmp() might have allowed an adversary to guess the
-      BridgePassword value, and enumerate the bridges. Bugfix on
-      0.2.0.14-alpha. Fixes bug 5543.
-
diff --git a/changes/bug2987 b/changes/bug2987
deleted file mode 100644
index 727f3761a0..0000000000
--- a/changes/bug2987
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Documentation
-    - Begin a state-contents.txt file in doc to explain the contents of the
-      Tor state file. Fixes bug 2987.
diff --git a/changes/bug3942 b/changes/bug3942
deleted file mode 100644
index 5731aad5b5..0000000000
--- a/changes/bug3942
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Don't log that we have "decided to publish new relay descriptor" unless
-      we are actually publishing a descriptor. Fixes bug 3942; bugfix on
-      0.2.3.2-alpha.
diff --git a/changes/bug4011 b/changes/bug4011
deleted file mode 100644
index fb82d6e3f0..0000000000
--- a/changes/bug4011
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Major bugfixes:
-    - Do not allow the presence of one consensus flavor to keep us from
-      downloading another. Previously, we had one "time to download a
-      consensus" timer, which didn't understand the idea of having one
-      consensus but wanting to download another. Fixes bug 4011; fix on
-      0.2.3.1-alpha.
-
diff --git a/changes/bug4091_debugging b/changes/bug4091_debugging
deleted file mode 100644
index f785380318..0000000000
--- a/changes/bug4091_debugging
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor features:
-    - Add more information to a log statement that might help track down
-      bug 4091. If you're seeing "Bug: tor_addr_is_internal() called with a
-      non-IP address" messages (or any Bug messages, for that matter!),
-      please let us know about it.
diff --git a/changes/bug4875 b/changes/bug4875
deleted file mode 100644
index c8c9ba529d..0000000000
--- a/changes/bug4875
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Relays now understand an IPv6 address when they get one from a
-      directory server. Resolves ticket 4875.
diff --git a/changes/bug5053 b/changes/bug5053
deleted file mode 100644
index fe43f54724..0000000000
--- a/changes/bug5053
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor features:
-    - Resolve IPv6 addresses in bridge and entry statistics to country
-      code "??" which means we at least count them. Resolves ticket 5053;
-      improves on 0.2.3.9-alpha.
-
diff --git a/changes/bug5151 b/changes/bug5151
deleted file mode 100644
index 1a56cf62f9..0000000000
--- a/changes/bug5151
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix bug stomping on ORPort option NoListen and ignoring option
-      NoAdvertise. Fixes bug 5151; bugfix on 0.2.3.9-alpha.
-
diff --git a/changes/bug5180 b/changes/bug5180
deleted file mode 100644
index 2cb545e0b5..0000000000
--- a/changes/bug5180
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Removed features:
-    - The "torify" script no longer supports the "tsocks" sockifier
-      tool, since it doesn't support DNS and UDP right for Tor.
-      Everyone should be using torsocks instead. Fixes bugs 3530 and
-      5180. Based on a patch by "ugh".
-
diff --git a/changes/bug5449 b/changes/bug5449
deleted file mode 100644
index 48babb34f8..0000000000
--- a/changes/bug5449
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - In the testsuite, provide a large enough buffer in the tor_sscanf
-      unit test. We'd otherwise overrun that buffer and crash during the
-      unit tests. Fixes bug 5449; bugfix on 0.2.3.12-alpha. Thanks weasel
-      for spotting the bug.
-
diff --git a/changes/bug5508 b/changes/bug5508
deleted file mode 100644
index cebc31d255..0000000000
--- a/changes/bug5508
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix a bug where a bridge authority crashes (on a failed assert)
-      if it has seen no directory requests when it's time to write
-      statistics to disk. Fixes bug 5508. Bugfix on 0.2.3.6-alpha.
diff --git a/changes/bug5558 b/changes/bug5558
deleted file mode 100644
index 43b832c500..0000000000
--- a/changes/bug5558
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Enforce correct return behavior of tor_vsscanf(), when the '%%'
-      pattern is used. Fixes bug 5558. Bugfix on 0.2.1.13.
diff --git a/changes/bug5572 b/changes/bug5572
deleted file mode 100644
index e26308837f..0000000000
--- a/changes/bug5572
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Major bugfixes:
-    - Make sure we create the keys directory if it doesn't exist and we're
-      about to store the dynamic diffie hellman parameters. Fixes bug 5572;
-      bugfix on 0.2.3.13-alpha.
-
diff --git a/changes/bug5593 b/changes/bug5593
deleted file mode 100644
index 358e8de60d..0000000000
--- a/changes/bug5593
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - When sending an HTTP/1.1 proxy request, include a Host header.
-      Fixes bug 5593; bugfix on 0.2.2.1-alpha.
diff --git a/changes/bug5621 b/changes/bug5621
deleted file mode 100644
index 1ffc6042c5..0000000000
--- a/changes/bug5621
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor enhancement:
-    - Document unit of bandwidth related options in sample torrc.
-      Fixes bug 5621.
diff --git a/changes/bug5635 b/changes/bug5635
deleted file mode 100644
index 9c2e729672..0000000000
--- a/changes/bug5635
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Major bugfixes (directory authorities):
-    - If authorities are unable to get a set of v2 consensus documents
-      from other directory authorities, they no longer fail-back and try
-      to fetch them from regular directory caches. This is a bugfix on
-      0.2.2.26-beta, where routers stopped downloading v2 consensus
-      documents entirely. Fix for bug #5635.
diff --git a/changes/bug5644 b/changes/bug5644
deleted file mode 100644
index 4eb2d016d6..0000000000
--- a/changes/bug5644
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Major bugfixes:
-    - Prevent a client-side assertion failure when receiving an
-      INTRODUCE2 cell by an exit relay, in a general purpose
-      circuit. Fixes bug 5644; bugfix on tor-0.2.1.6-alpha
-
diff --git a/changes/bug5647 b/changes/bug5647
deleted file mode 100644
index 92f41c8559..0000000000
--- a/changes/bug5647
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Major bugfixes:
-    - Avoid logging uninitialized data when unable to decode a hidden
-      service descriptor cookie.  Fixes bug 5647; bugfix on 0.2.1.5-alpha.
-
diff --git a/changes/crypto_api b/changes/crypto_api
deleted file mode 100644
index 608999f47d..0000000000
--- a/changes/crypto_api
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Code refactoring:
-    - Change the symmetric cipher interface so that creating and
-      initializing a stream cipher are no longer separate functions.
diff --git a/changes/geoip-april2012 b/changes/geoip-april2012
deleted file mode 100644
index 66720c6d69..0000000000
--- a/changes/geoip-april2012
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the April 3 2012 Maxmind GeoLite Country database.
-
diff --git a/changes/ides-becomes-turtles b/changes/ides-becomes-turtles
deleted file mode 100644
index 645122184c..0000000000
--- a/changes/ides-becomes-turtles
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Directory authority changes:
-    - Change IP address for ides (v3 directory authority), and rename
-      it to turtles.
-
diff --git a/changes/memleak_safecookie b/changes/memleak_safecookie
deleted file mode 100644
index 9773af5574..0000000000
--- a/changes/memleak_safecookie
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix a small memory leak when trying to decode incorrect base16
-      authenticator during SAFECOOKIE authentication. Found by
-      Coverity Scan. Fixes CID 507. Bugfix on 0.2.3.13-alpha.
diff --git a/changes/openssl101_aes b/changes/openssl101_aes
deleted file mode 100644
index 565a48d415..0000000000
--- a/changes/openssl101_aes
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Major features (performance):
-    - When built to use the newly OpenSSL 1.0.1, and built for an x86 or
-      x86_64 instruction set, take advantage of OpenSSL's AESNI, bitsliced,
-      or vectorized AES implementations as appropriate.  These can be 
-      much, much faster than other AES implementations.
-
diff --git a/changes/pad_rsa_always b/changes/pad_rsa_always
deleted file mode 100644
index a049d61c4f..0000000000
--- a/changes/pad_rsa_always
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Code removal:
-    - Remove all internal support for unpadded RSA. We never used it, and
-      it would be a bad idea to start.