summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2020-11-09 17:04:08 -0500
committerNick Mathewson <nickm@torproject.org>2020-11-09 17:04:08 -0500
commit412da7c85cd3ef8682f8b569bce2f640f8761b7a (patch)
tree9dd3b8a5cd7c46a668b5d4406c3a97138332ecff
parentec9d646923bb32eb9dedd71a854031bf1fca87e3 (diff)
downloadtor-412da7c85cd3ef8682f8b569bce2f640f8761b7a.tar.gz
tor-412da7c85cd3ef8682f8b569bce2f640f8761b7a.zip
Changelog for 0.3.5.12
-rw-r--r--ChangeLog107
-rw-r--r--changes/bug310363
-rw-r--r--changes/bug325884
-rw-r--r--changes/bug400765
-rw-r--r--changes/bug400806
-rw-r--r--changes/bug400994
-rw-r--r--changes/log_328684
-rw-r--r--changes/parallel_unit_test4
-rw-r--r--changes/ticket337477
-rw-r--r--changes/ticket338806
-rw-r--r--changes/ticket400033
-rw-r--r--changes/ticket400355
-rw-r--r--changes/ticket400615
-rw-r--r--changes/ticket400733
-rw-r--r--changes/ticket400816
-rw-r--r--changes/ticket401254
-rw-r--r--changes/ticket401264
-rw-r--r--changes/ticket401335
-rw-r--r--changes/ticket401353
19 files changed, 107 insertions, 81 deletions
diff --git a/ChangeLog b/ChangeLog
index 8ebda3622f..f513777bee 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,110 @@
+Changes in version 0.3.5.12 - 2020-11-12
+ Tor 0.4.3.7 backports several bugfixes from later releases. It
+ includes a fix for TROVE-2020-005, a security issue that could be
+ used, under certain cases, by an adversary to observe traffic patterns
+ on a limited number of circuits intended for a different relay.
+
+ o Major features (fallback directory list, backport form 0.4.4.3-alpha):
+ - Replace the 148 fallback directories originally included in Tor
+ 0.4.1.4-rc (of which around 105 are still functional) with a list
+ of 144 fallbacks generated in July 2020. Closes ticket 40061.
+
+ o Major bugfixes (security, backport from 0.4.5.1-alpha):
+ - When completing a channel, relays now check more thoroughly to
+ make sure that it matches any pending circuits before attaching
+ those circuits. Previously, address correctness and Ed25519
+ identities were not checked in this case, but only when extending
+ circuits on an existing channel. Fixes bug 40080; bugfix on
+ 0.2.7.2-alpha. Resolves TROVE-2020-005.
+
+ o Major bugfixes (NSS, backport from 0.4.4.3-alpha):
+ - When running with NSS enabled, make sure that NSS knows to expect
+ nonblocking sockets. Previously, we set our TCP sockets as
+ nonblocking, but did not tell NSS, which in turn could lead to
+ unexpected blocking behavior. Fixes bug 40035; bugfix
+ on 0.3.5.1-alpha.
+
+ o Minor features (security, backport from 0.4.4.4-rc):
+ - Channels using obsolete versions of the Tor link protocol are no
+ longer allowed to circumvent address-canonicity checks. (This is
+ only a minor issue, since such channels have no way to set ed25519
+ keys, and therefore should always be rejected for circuits that
+ specify ed25519 identities.) Closes ticket 40081.
+
+ o Minor features (debugging, directory system):
+ - Don't crash when we find a non-guard with a guard-fraction value
+ set. Instead, log a bug warning, in an attempt to figure out how
+ this happened. Diagnostic for ticket 32868.
+
+ o Minor features (subprotocol versions, backport from 0.4.5.1-alpha):
+ - Tor no longer allows subprotocol versions larger than 63.
+ Previously version numbers up to UINT32_MAX were allowed, which
+ significantly complicated our code. Implements proposal 318;
+ closes ticket 40133.
+
+ o Minor features (tests, backport from 0.4.4.5):
+ - Our "make check" target now runs the unit tests in 8 parallel
+ chunks. Doing this speeds up hardened CI builds by more than a
+ factor of two. Closes ticket 40098.
+
+ o Minor features (tests, v2 onion services, backport from 0.4.5.1-alpha):
+ - Fix a rendezvous cache unit test that was triggering an underflow
+ on the global rend cache allocation. Fixes bug 40125; bugfix
+ on 0.2.8.1-alpha.
+ - Fix another rendezvous cache unit test that was triggering an
+ underflow on the global rend cache allocation. Fixes bug 40126;
+ bugfix on 0.2.8.1-alpha.
+
+ o Minor bugfixes (correctness, buffers, backport from 0.4.4.4-rc):
+ - Fix a correctness bug that could cause an assertion failure if we
+ ever tried using the buf_move_all() function with an empty input
+ buffer. As far as we know, no released versions of Tor do this.
+ Fixes bug 40076; bugfix on 0.3.3.1-alpha.
+
+ o Minor bugfixes (logging, backport from 0.4.5.1-alpha):
+ - Remove a debug logging statement that uselessly spammed the logs.
+ Fixes bug 40135; bugfix on 0.3.5.0-alpha.
+
+ o Minor bugfixes (rate limiting, bridges, pluggable transports, backport from 0.4.4.4-rc):
+ - On a bridge, treat all connections from an ExtORPort as remote by
+ default for the purposes of rate-limiting. Previously, bridges
+ would treat the connection as local unless they explicitly
+ received a "USERADDR" command. ExtORPort connections still count
+ as local if there is a USERADDR command with an explicit local
+ address. Fixes bug 33747; bugfix on 0.2.5.1-alpha.
+
+ o Minor bugfixes (relay configuration, crash, backport from 0.4.5.1-alpha):
+ - Avoid a fatal assert() when failing to create a listener
+ connection for an address that was in use. Fixes bug 40073; bugfix
+ on 0.3.5.1-alpha.
+
+ o Minor bugfixes (relay, usability, backport from 0.4.4.3-alpha):
+ - Adjust the rules for when to warn about having too many
+ connections to other relays. Previously we'd tolerate up to 1.5
+ connections per relay on average. Now we tolerate more connections
+ for directory authorities, and raise the number of total
+ connections we need to see before we warn. Fixes bug 33880; bugfix
+ on 0.3.1.1-alpha.
+
+ o Minor bugfixes (relays, backport from 0.4.4.1-alpha):
+ - Stop advertising incorrect IPv6 ORPorts in relay and bridge
+ descriptors, when the IPv6 port was configured as "auto". Fixes
+ bug 32588; bugfix on 0.2.3.9-alpha.
+
+ o Minor bugfixes (tests, 0.4.4.5):
+ - Fix the behavior of the rend_cache/clean_v2_descs_as_dir when run
+ on its own. Previously, it would exit with an error. Fixes bug
+ 40099; bugfix on 0.2.8.1-alpha.
+
+ o Minor bugfixes (windows, backport from 0.4.4.4-rc):
+ - Fix a bug that prevented Tor from starting if its log file grew
+ above 2GB. Fixes bug 31036; bugfix on 0.2.1.8-alpha.
+
+ o Deprecated features (onion service v2, backport form 0.4.4.2-alpha):
+ - Add a deprecation warning for version 2 onion services. Closes
+ ticket 40003.
+
+
Changes in version 0.3.5.11 - 2020-07-09
Tor 0.3.5.11 backports fixes from later tor releases, including several
usability, portability, and reliability fixes.
diff --git a/changes/bug31036 b/changes/bug31036
deleted file mode 100644
index d9921dba43..0000000000
--- a/changes/bug31036
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (windows):
- - Fix a bug that prevented Tor from starting if its log file
- grew above 2GB. Fixes bug 31036; bugfix on 0.2.1.8-alpha.
diff --git a/changes/bug32588 b/changes/bug32588
deleted file mode 100644
index f31f2ce1ad..0000000000
--- a/changes/bug32588
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (relays):
- - Stop advertising incorrect IPv6 ORPorts in relay and bridge descriptors,
- when the IPv6 port was configured as "auto".
- Fixes bug 32588; bugfix on 0.2.3.9-alpha
diff --git a/changes/bug40076 b/changes/bug40076
deleted file mode 100644
index 9ef5969ae8..0000000000
--- a/changes/bug40076
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (correctness, buffers):
- - Fix a correctness bug that could cause an assertion failure if we ever
- tried using the buf_move_all() function with an empty input.
- As far as we know, no released versions of Tor do this.
- Fixes bug 40076; bugfix on 0.3.3.1-alpha.
diff --git a/changes/bug40080 b/changes/bug40080
deleted file mode 100644
index 8162466354..0000000000
--- a/changes/bug40080
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes (security):
- - When completing a channel, relays now check more thoroughly to make
- sure that it matches any pending circuits before attaching those
- circuits. Previously, address correctness and Ed25519 identities were not
- checked in this case, but only when extending circuits on an existing
- channel. Fixes bug 40080; bugfix on 0.2.7.2-alpha.
diff --git a/changes/bug40099 b/changes/bug40099
deleted file mode 100644
index 278ede2023..0000000000
--- a/changes/bug40099
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (tests):
- - Fix the behavior of the rend_cache/clean_v2_descs_as_dir when run on
- its own. Previously, it would exit with an error.
- Fixes bug 40099; bugfix on 0.2.8.1-alpha.
diff --git a/changes/log_32868 b/changes/log_32868
deleted file mode 100644
index 34476078b2..0000000000
--- a/changes/log_32868
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (debugging, directory system):
- - Don't crash when we find a non-guard with a guard-fraction value set.
- Instead, log a bug warning, in an attempt to figure out how this
- happened. Diagnostic for ticket 32868.
diff --git a/changes/parallel_unit_test b/changes/parallel_unit_test
deleted file mode 100644
index 79de28636d..0000000000
--- a/changes/parallel_unit_test
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (tests):
- - Our "make check" target now runs the unit tests in 8 parallel chunks.
- Doing this speeds up hardened CI builds by more than a factor of two.
- Closes ticket 40098.
diff --git a/changes/ticket33747 b/changes/ticket33747
deleted file mode 100644
index 57c72e9d0a..0000000000
--- a/changes/ticket33747
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes (rate limiting, bridges, pluggable transports):
- - On a bridge, treat all connections from an ExtORPort as remote
- by default for the purposes of rate-limiting. Previously,
- bridges would treat the connection as local unless they explicitly
- received a "USERADDR" command. ExtORPort connections still
- count as local if there is a USERADDR command with an explicit local
- address. Fixes bug 33747; bugfix on 0.2.5.1-alpha.
diff --git a/changes/ticket33880 b/changes/ticket33880
deleted file mode 100644
index c1889bb134..0000000000
--- a/changes/ticket33880
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes (relay, usability):
- - Adjust the rules for when to warn about having too many connections
- to other relays. Previously we'd tolerate up to 1.5 connections
- per relay on average. Now we tolerate more connections for directory
- authorities, and raise the number of total connections we need
- to see before we warn. Fixes bug 33880; bugfix on 0.3.1.1-alpha.
diff --git a/changes/ticket40003 b/changes/ticket40003
deleted file mode 100644
index 240f464353..0000000000
--- a/changes/ticket40003
+++ /dev/null
@@ -1,3 +0,0 @@
- o Deprecated features (onion service v2):
- - Add deprecation warning for onion service version 2. Tor now logs a
- warning once if a version 2 service is configured. Closes ticket 40003.
diff --git a/changes/ticket40035 b/changes/ticket40035
deleted file mode 100644
index 8cdd447199..0000000000
--- a/changes/ticket40035
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major bugfixes (NSS):
- - When running with NSS enabled, make sure that NSS knows to expect
- nonblocking sockets. Previously, we set our TCP sockets as blocking,
- but did not tell NSS about the fact, which in turn could lead to
- unexpected blocking behavior. Fixes bug 40035; bugfix on 0.3.5.1-alpha.
diff --git a/changes/ticket40061 b/changes/ticket40061
deleted file mode 100644
index 227664d010..0000000000
--- a/changes/ticket40061
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major feature (fallback directory list):
- - Replace the 148 fallback directories originally included in
- Tor 0.4.1.4-rc (of which around 105 are still functional) with
- a list of 144 fallbacks generated in July 2020.
- Closes ticket 40061.
diff --git a/changes/ticket40073 b/changes/ticket40073
deleted file mode 100644
index 30b028c042..0000000000
--- a/changes/ticket40073
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (relay configuration, crash):
- - Avoid a fatal assert() when failing to create a listener connection for an
- address that was in use. Fixes bug 40073; bugfix on 0.3.5.1-alpha.
diff --git a/changes/ticket40081 b/changes/ticket40081
deleted file mode 100644
index 683ae33518..0000000000
--- a/changes/ticket40081
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor features (security):
- - Channels using obsolete versions of the Tor link protocol are no
- longer allowed to circumvent address-canonicity checks.
- (This is only a minor issue, since such channels have no way to
- set ed25519 keys, and therefore should always be rejected.)
- Closes ticket 40081.
diff --git a/changes/ticket40125 b/changes/ticket40125
deleted file mode 100644
index c68e3ce7b3..0000000000
--- a/changes/ticket40125
+++ /dev/null
@@ -1,4 +0,0 @@
- o Testing (onion service v2):
- - Fix a rendezvous cache unit test that was triggering an underflow on the
- global rend cache allocation. Fixes bug 40125; bugfix on
- 0.2.8.1-alpha.
diff --git a/changes/ticket40126 b/changes/ticket40126
deleted file mode 100644
index 1f5806e6cb..0000000000
--- a/changes/ticket40126
+++ /dev/null
@@ -1,4 +0,0 @@
- o Testing (onion service v2):
- - Fix another rendezvous cache unit test that was triggering an underflow on the
- global rend cache allocation. Fixes bug 40126; bugfix on
- 0.2.8.1-alpha.
diff --git a/changes/ticket40133 b/changes/ticket40133
deleted file mode 100644
index 8bbe00b6b2..0000000000
--- a/changes/ticket40133
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (protocol simplification):
- - Tor no longer allows subprotocol versions larger than 63. Previously
- versions up to UINT32_MAX were allowed, which significantly complicated
- our code.
- Implements proposal 318; closes ticket 40133.
diff --git a/changes/ticket40135 b/changes/ticket40135
deleted file mode 100644
index 9b60b4f655..0000000000
--- a/changes/ticket40135
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfix (logging):
- - Remove a debug logging statement that uselessly spam the logs. Fixes bug
- 40135; bugfix on 0.3.5.0-alpha.