Sort the 0.4.5.6 release notes.

1 files changed, 127 insertions, 137 deletions

diff --git a/ReleaseNotes b/ReleaseNotes
index da49672b2f..9accb4b658 100644
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -5,151 +5,15 @@ changes in each development snapshot, see the ChangeLog file.
 Changes in version 0.4.5.6 - 2021-02-15
   BLURB
 
-  Below are the changes since 0.4.4.XX. For a list only of the changes
+  Below are the changes since 0.4.4.5. For a list only of the changes
   since 0.4.5.5-rc, see the ChangeLog file.
 
-  o Minor bugfixes (logging):
-    - Avoid a spurious log message about missing subprotocol versions,
-      when the consensus that we're reading from is older than the
-      current release. Previously we had made this message nonfatal, but
-      in practice, it is never relevant when the consensus is older than
-      the current release. Fixes bug 40281; bugfix on 0.4.0.1-alpha.
-
   o Major feature (exit):
     - Re-entry into the network is now denied at the Exit level to all
       relays' ORPorts and authorities' ORPorts and DirPorts. This change
       should help mitgate a set of denial-of-service attacks. Closes
       ticket 2667.
 
-  o Major bugfixes (directory cache, performance, windows):
-    - Limit the number of items in the consensus diff cache to 64 on
-      Windows. We hope this will mitigate an issue where Windows relay
-      operators reported Tor using 100% CPU, while we investigate better
-      solutions. Fixes bug 24857; bugfix on 0.3.1.1-alpha.
-
-  o Minor feature (build system):
-    - New "make lsp" command to generate the compile_commands.json file
-      used by the ccls language server. The "bear" program is needed for
-      this. Closes ticket 40227.
-
-  o Minor features (authority, logging):
-    - Log more information for directory authority operators during the
-      consensus voting process, and while processing relay descriptors.
-      Closes ticket 40245.
-
-  o Minor bugfixes (compilation):
-    - Change the linker flag ordering in our library search code so that
-      it works for compilers that need the libraries to be listed in the
-      right order. Fixes bug 33624; bugfix on 0.1.1.0-alpha.
-
-  o Minor bugfixes (onion services):
-    - Avoid a non-fatal assertion in certain edge-cases when
-      establishing a circuit to an onion service. Fixes bug 32666;
-      bugfix on 0.3.0.3-alpha.
-
-
-  o Major bugfixes (onion service v3):
-    - Stop requiring a live consensus for v3 clients and services, and
-      allow a "reasonably live" consensus instead. This allows v3 onion
-      services to work even if the authorities fail to generate a
-      consensus for more than 2 hours in a row. Fixes bug 40237; bugfix
-      on 0.3.5.1-alpha.
-
-  o Minor features (crypto):
-    - Fix undefined behavior on our Keccak library. The bug only
-      appeared on platforms with 32-byte CPU cache lines (e.g. armv5tel)
-      and would result in wrong digests. Fixes bug 40210; bugfix on
-      0.2.8.1-alpha. Thanks to Bernhard Übelacker, Arnd Bergmann and
-      weasel for diagnosing this.
-
-  o Minor features (documentation):
-    - Mention the "!badexit" directive that can appear in an authority's
-      approved-routers file, and update the description of the
-      "!invalid" directive. Closes ticket 40188.
-
-  o Minor bugfixes (compilation):
-    - Fix a compilation warning about unreachable fallthrough
-      annotations when building with "--enable-all-bugs-are-fatal" on
-      some compilers. Fixes bug 40241; bugfix on 0.3.5.4-alpha.
-    - Fix the "--enable-static-tor" switch to properly set the "-static"
-      compile option onto the tor binary only. Fixes bug 40111; bugfix
-      on 0.2.3.1-alpha.
-
-  o Minor bugfixes (SOCKS5):
-    - Handle partial SOCKS5 messages correctly. Previously, our code
-      would send an incorrect error message if it got a SOCKS5 request
-      that wasn't complete. Fixes bug 40190; bugfix on 0.3.5.1-alpha.
-
-
-
-  o Major bugfixes (relay, windows):
-    - Fix a bug in our implementation of condition variables on Windows.
-      Previously, a relay on Windows would use 100% CPU after running
-      for some time. Because of this change, Tor now require Windows
-      Vista or later to build and run. Fixes bug 30187; bugfix on
-      0.2.6.3-alpha. (This bug became more serious in 0.3.1.1-alpha with
-      the introduction of consensus diffs.) Patch by Daniel Pinto.
-
-  o Minor features (compilation):
-    - Disable deprecation warnings when building with OpenSSL 3.0.0 or
-      later. There are a number of APIs newly deprecated in OpenSSL
-      3.0.0 that Tor still requires. (A later version of Tor will try to
-      stop depending on these APIs.) Closes ticket 40165.
-
-  o Minor features (protocol, proxy support, defense in depth):
-    - Respond more deliberately to misbehaving proxies that leave
-      leftover data on their connections, so as to make Tor even less
-      likely to allow the proxies to pass their data off as having come
-      from a relay. Closes ticket 40017.
-
-  o Minor features (safety):
-    - Log a warning at startup if Tor is built with compile-time options
-      that are likely to make it less stable or reliable. Closes
-      ticket 18888.
-
-  o Minor bugfixes (circuit, handshake):
-    - In the v3 handshaking code, use connection_or_change_state() to
-      change the state. Previously, we changed the state directly, but
-      this did not pass the state change to the pubsub or channel
-      objects, potentially leading to bugs. Fixes bug 32880; bugfix on
-      0.2.3.6-alpha. Patch by Neel Chauhan.
-
-  o Minor bugfixes (configuration):
-    - Exit Tor on a misconfiguration when the Bridge line is configured
-      to use a transport but no corresponding ClientTransportPlugin can
-      be found. Prior to this fix, Tor would attempt to connect to the
-      bridge directly without using the transport, making it easier for
-      adversaries to notice the bridge. Fixes bug 25528; bugfix
-      on 0.2.6.1-alpha.
-
-  o Minor bugfixes (crash, relay, signing key):
-    - Avoid assertion failures when we run Tor from the command line
-      with `--key-expiration sign`, but an ORPort is not set. Fixes bug
-      40015; bugfix on 0.3.2.1-alpha. Patch by Neel Chauhan.
-
-  o Minor bugfixes (logging):
-    - Remove trailing whitespace from control event log messages. Fixes
-      bug 32178; bugfix on 0.1.1.1-alpha. Based on a patch by
-      Amadeusz Pawlik.
-    - Turn warning-level log message about SENDME failure into a debug-
-      level message. (This event can happen naturally, and is no reason
-      for concern). Fixes bug 40142; bugfix on 0.4.1.1-alpha.
-
-  o Minor bugfixes (testing):
-    - Fix the `config/parse_tcp_proxy_line` test so that it works
-      correctly on systems where the DNS provider hijacks invalid
-      queries. Fixes part of bug 40179; bugfix on 0.4.3.1-alpha.
-    - Fix our Python reference-implementation for the v3 onion service
-      handshake so that it works correctly with the version of hashlib
-      provided by Python 3.9. Fixes part of bug 40179; bugfix
-      on 0.3.1.6-rc.
-    - Fix the `tortls/openssl/log_one_error` test to work with OpenSSL
-      3.0.0. Fixes bug 40170; bugfix on 0.2.8.1-alpha.
-
-  o Removed features (controller):
-    - Remove the "GETINFO network-status" controller command. It has
-      been deprecated since 0.3.1.1-alpha. Closes ticket 22473.
-
   o Major features (build):
     - When building Tor, first link all object files into a single
       static library. This may help with embedding Tor in other
@@ -163,6 +27,7 @@ Changes in version 0.4.5.6 - 2021-02-15
       the moment, the only supported output format is Prometheus data
       model. Closes ticket 40063. See the manual page for more
       information and security considerations.
+
   o Major features (relay, IPv6):
     - The torrc option Address now supports IPv6. This unifies our
       address discovery interface to support IPv4, IPv6, and hostnames.
@@ -195,6 +60,27 @@ Changes in version 0.4.5.6 - 2021-02-15
       circuits on an existing channel. Fixes bug 40080; bugfix on
       0.2.7.2-alpha. Resolves TROVE-2020-005.
 
+  o Major bugfixes (directory cache, performance, windows):
+    - Limit the number of items in the consensus diff cache to 64 on
+      Windows. We hope this will mitigate an issue where Windows relay
+      operators reported Tor using 100% CPU, while we investigate better
+      solutions. Fixes bug 24857; bugfix on 0.3.1.1-alpha.
+
+  o Major bugfixes (onion service v3):
+    - Stop requiring a live consensus for v3 clients and services, and
+      allow a "reasonably live" consensus instead. This allows v3 onion
+      services to work even if the authorities fail to generate a
+      consensus for more than 2 hours in a row. Fixes bug 40237; bugfix
+      on 0.3.5.1-alpha.
+
+  o Major bugfixes (relay, windows):
+    - Fix a bug in our implementation of condition variables on Windows.
+      Previously, a relay on Windows would use 100% CPU after running
+      for some time. Because of this change, Tor now require Windows
+      Vista or later to build and run. Fixes bug 30187; bugfix on
+      0.2.6.3-alpha. (This bug became more serious in 0.3.1.1-alpha with
+      the introduction of consensus diffs.) Patch by Daniel Pinto.
+
   o Major bugfixes (TLS, buffer):
     - When attempting to read N bytes on a TLS connection, really try to
       read all N bytes. Previously, Tor would stop reading after the
@@ -202,6 +88,11 @@ Changes in version 0.4.5.6 - 2021-02-15
       and not check for more data until the next mainloop event. Fixes
       bug 40006; bugfix on 0.1.0.5-rc.
 
+  o Minor feature (build system):
+    - New "make lsp" command to generate the compile_commands.json file
+      used by the ccls language server. The "bear" program is needed for
+      this. Closes ticket 40227.
+
   o Minor features (address discovery):
     - If no Address statements are found, relays now prioritize guessing
       their address by looking at the local interface instead of the
@@ -214,6 +105,11 @@ Changes in version 0.4.5.6 - 2021-02-15
       timestamp format support. Patch by Daniel Pinto. Closes
       ticket 30045.
 
+  o Minor features (authority, logging):
+    - Log more information for directory authority operators during the
+      consensus voting process, and while processing relay descriptors.
+      Closes ticket 40245.
+
   o Minor features (bootstrap reporting):
     - When reporting bootstrapping status on a relay, do not consider
       connections that have never been the target of an origin circuit.
@@ -228,6 +124,12 @@ Changes in version 0.4.5.6 - 2021-02-15
     - If the configure script has given any warnings, remind the user
       about them at the end of the script. Related to 40138.
 
+  o Minor features (compilation):
+    - Disable deprecation warnings when building with OpenSSL 3.0.0 or
+      later. There are a number of APIs newly deprecated in OpenSSL
+      3.0.0 that Tor still requires. (A later version of Tor will try to
+      stop depending on these APIs.) Closes ticket 40165.
+
   o Minor features (configuration):
     - Allow using wildcards (* and ?) with the %include option on
       configuration files. Closes ticket 25140. Patch by Daniel Pinto.
@@ -255,6 +157,13 @@ Changes in version 0.4.5.6 - 2021-02-15
       address. We keep "GETINFO address" for backwards-compatibility.
       Closes ticket 40039. Patch by Neel Chauhan.
 
+  o Minor features (crypto):
+    - Fix undefined behavior on our Keccak library. The bug only
+      appeared on platforms with 32-byte CPU cache lines (e.g. armv5tel)
+      and would result in wrong digests. Fixes bug 40210; bugfix on
+      0.2.8.1-alpha. Thanks to Bernhard Übelacker, Arnd Bergmann and
+      weasel for diagnosing this.
+
   o Minor features (directory authorities):
     - Authorities now list a different set of protocols as required and
       recommended. These lists have been chosen so that only truly
@@ -286,6 +195,11 @@ Changes in version 0.4.5.6 - 2021-02-15
       servers list. Authorities previously added only their IPv4
       addresses. Closes ticket 32822.
 
+  o Minor features (documentation):
+    - Mention the "!badexit" directive that can appear in an authority's
+      approved-routers file, and update the description of the
+      "!invalid" directive. Closes ticket 40188.
+
   o Minor features (ed25519, relay):
     - Save a relay's base64-encoded ed25519 identity key to the data
       directory in a file named fingerprint-ed25519. Closes ticket
@@ -324,6 +238,12 @@ Changes in version 0.4.5.6 - 2021-02-15
       pluggable transport honors this option, so each pluggable transport
       needs to implement support on its own. Closes ticket 5304.
 
+  o Minor features (protocol, proxy support, defense in depth):
+    - Respond more deliberately to misbehaving proxies that leave
+      leftover data on their connections, so as to make Tor even less
+      likely to allow the proxies to pass their data off as having come
+      from a relay. Closes ticket 40017.
+
   o Minor features (relay address tracking):
     - We now store relay addresses for OR connections in a more logical
       way. Previously we would sometimes overwrite the actual address of
@@ -358,6 +278,11 @@ Changes in version 0.4.5.6 - 2021-02-15
     - When launching IPv6 ORPort self-test circuits, make sure that the
       second-last hop can initiate an IPv6 extend. Closes ticket 33222.
 
+  o Minor features (safety):
+    - Log a warning at startup if Tor is built with compile-time options
+      that are likely to make it less stable or reliable. Closes
+      ticket 18888.
+
   o Minor features (specification update):
     - Several fields in microdescriptors, router descriptors, and
       consensus documents that were formerly optional are now required.
@@ -417,6 +342,13 @@ Changes in version 0.4.5.6 - 2021-02-15
       circuit padding again after the machines have already completed.
       Fixes bug 32040; bugfix on 0.4.1.1-alpha.
 
+  o Minor bugfixes (circuit, handshake):
+    - In the v3 handshaking code, use connection_or_change_state() to
+      change the state. Previously, we changed the state directly, but
+      this did not pass the state change to the pubsub or channel
+      objects, potentially leading to bugs. Fixes bug 32880; bugfix on
+      0.2.3.6-alpha. Patch by Neel Chauhan.
+
   o Minor bugfixes (compatibility):
     - Strip '\r' characters when reading text files on Unix platforms.
       This should resolve an issue where a relay operator migrates a
@@ -426,19 +358,52 @@ Changes in version 0.4.5.6 - 2021-02-15
       extra-info document. Fixes bug 33781; bugfix on 0.0.9pre5.
 
   o Minor bugfixes (compilation):
+    - Change the linker flag ordering in our library search code so that
+      it works for compilers that need the libraries to be listed in the
+      right order. Fixes bug 33624; bugfix on 0.1.1.0-alpha.
+    - Fix a compilation warning about unreachable fallthrough
+      annotations when building with "--enable-all-bugs-are-fatal" on
+      some compilers. Fixes bug 40241; bugfix on 0.3.5.4-alpha.
+    - Fix the "--enable-static-tor" switch to properly set the "-static"
+      compile option onto the tor binary only. Fixes bug 40111; bugfix
+      on 0.2.3.1-alpha.
     - Fix compiler warnings that would occur when building with
       "--enable-all-bugs-are-fatal" and "--disable-module-relay" at the
       same time. Fixes bug 40129; bugfix on 0.4.4.1-alpha.
     - Resolve a compilation warning that could occur in
       test_connection.c. Fixes bug 40113; bugfix on 0.2.9.3-alpha.
 
+  o Minor bugfixes (configuration):
+    - Exit Tor on a misconfiguration when the Bridge line is configured
+      to use a transport but no corresponding ClientTransportPlugin can
+      be found. Prior to this fix, Tor would attempt to connect to the
+      bridge directly without using the transport, making it easier for
+      adversaries to notice the bridge. Fixes bug 25528; bugfix
+      on 0.2.6.1-alpha.
+
   o Minor bugfixes (control port):
     - Make sure we send the SOCKS request address in relay begin cells
       when a stream is attached with the purpose
       CIRCUIT_PURPOSE_CONTROLLER. Fixes bug 33124; bugfix on 0.0.5.
       Patch by Neel Chauhan.
 
+  o Minor bugfixes (crash, relay, signing key):
+    - Avoid assertion failures when we run Tor from the command line
+      with `--key-expiration sign`, but an ORPort is not set. Fixes bug
+      40015; bugfix on 0.3.2.1-alpha. Patch by Neel Chauhan.
+
   o Minor bugfixes (logging):
+    - Avoid a spurious log message about missing subprotocol versions,
+      when the consensus that we're reading from is older than the
+      current release. Previously we had made this message nonfatal, but
+      in practice, it is never relevant when the consensus is older than
+      the current release. Fixes bug 40281; bugfix on 0.4.0.1-alpha.
+    - Remove trailing whitespace from control event log messages. Fixes
+      bug 32178; bugfix on 0.1.1.1-alpha. Based on a patch by
+      Amadeusz Pawlik.
+    - Turn warning-level log message about SENDME failure into a debug-
+      level message. (This event can happen naturally, and is no reason
+      for concern). Fixes bug 40142; bugfix on 0.4.1.1-alpha.
     - Remove a debug logging statement that uselessly spammed the logs.
       Fixes bug 40135; bugfix on 0.3.5.0-alpha.
     - When logging a rate-limited message about how many messages have
@@ -448,6 +413,11 @@ Changes in version 0.4.5.6 - 2021-02-15
       messages started to occur. Fixes bug 19431; bugfix
       on 0.2.2.16-alpha.
 
+  o Minor bugfixes (onion services):
+    - Avoid a non-fatal assertion in certain edge-cases when
+      establishing a circuit to an onion service. Fixes bug 32666;
+      bugfix on 0.3.0.3-alpha.
+
   o Minor bugfixes (relay configuration, crash):
     - Avoid a fatal assert() when failing to create a listener
       connection for an address that was in use. Fixes bug 40073; bugfix
@@ -468,6 +438,11 @@ Changes in version 0.4.5.6 - 2021-02-15
       evidence that we're reachable on some other address. Fixes bug
       20165; bugfix on 0.1.0.1-rc.
 
+  o Minor bugfixes (SOCKS5):
+    - Handle partial SOCKS5 messages correctly. Previously, our code
+      would send an incorrect error message if it got a SOCKS5 request
+      that wasn't complete. Fixes bug 40190; bugfix on 0.3.5.1-alpha.
+
   o Minor bugfixes (spec conformance):
     - Use the correct key type when generating signing->link
       certificates. Fixes bug 40124; bugfix on 0.2.7.2-alpha.
@@ -481,6 +456,17 @@ Changes in version 0.4.5.6 - 2021-02-15
       protocols_known being set. Fixes bug 34232; bugfix on
       0.3.3.2-alpha. Patch by Neel Chauhan.
 
+  o Minor bugfixes (testing):
+    - Fix the `config/parse_tcp_proxy_line` test so that it works
+      correctly on systems where the DNS provider hijacks invalid
+      queries. Fixes part of bug 40179; bugfix on 0.4.3.1-alpha.
+    - Fix our Python reference-implementation for the v3 onion service
+      handshake so that it works correctly with the version of hashlib
+      provided by Python 3.9. Fixes part of bug 40179; bugfix
+      on 0.3.1.6-rc.
+    - Fix the `tortls/openssl/log_one_error` test to work with OpenSSL
+      3.0.0. Fixes bug 40170; bugfix on 0.2.8.1-alpha.
+
   o Minor bugfixes (v2 onion services):
     - For HSFETCH commands on v2 onion services addresses, check the
       length of bytes decoded, not the base32 length. Fixes bug 34400;
@@ -566,6 +552,10 @@ Changes in version 0.4.5.6 - 2021-02-15
     - Document in depth the circuit subsystem trace events in the new
       doc/tracing/EventsCircuit.md. Closes ticket 40036.
 
+  o Removed features (controller):
+    - Remove the "GETINFO network-status" controller command. It has
+      been deprecated since 0.3.1.1-alpha. Closes ticket 22473.
+
 
 Changes in version 0.4.4.6 - 2020-11-12
   Tor 0.4.4.6 is the second stable release in the 0.4.4.x series. It