aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2018-05-15 12:31:16 -0400
committerNick Mathewson <nickm@torproject.org>2018-05-15 12:31:16 -0400
commite811bac8377445dff00972599178608410cbb6e2 (patch)
tree6bc76d8bcd89828e3577ed80059054a172ea63b5
parent98aff146d367d08fd8f2d21131541bda951083ea (diff)
downloadtor-e811bac8377445dff00972599178608410cbb6e2.tar.gz
tor-e811bac8377445dff00972599178608410cbb6e2.zip
use sortChanges to begin an 0.3.4.1-alpha changelog
-rw-r--r--ChangeLog498
-rw-r--r--changes/181054
-rw-r--r--changes/243788
-rw-r--r--changes/258573
-rw-r--r--changes/bug189186
-rw-r--r--changes/bug208874
-rw-r--r--changes/bug230944
-rw-r--r--changes/bug231076
-rw-r--r--changes/bug23693.14
-rw-r--r--changes/bug239094
-rw-r--r--changes/bug2403113
-rw-r--r--changes/bug244844
-rw-r--r--changes/bug246883
-rw-r--r--changes/bug249107
-rw-r--r--changes/bug249143
-rw-r--r--changes/bug249693
-rw-r--r--changes/bug252264
-rw-r--r--changes/bug253737
-rw-r--r--changes/bug253985
-rw-r--r--changes/bug253995
-rw-r--r--changes/bug254005
-rw-r--r--changes/bug2540912
-rw-r--r--changes/bug254154
-rw-r--r--changes/bug254254
-rw-r--r--changes/bug255125
-rw-r--r--changes/bug256754
-rw-r--r--changes/bug25691_again6
-rw-r--r--changes/bug257055
-rw-r--r--changes/bug257334
-rw-r--r--changes/bug257567
-rw-r--r--changes/bug257613
-rw-r--r--changes/bug258287
-rw-r--r--changes/bug258433
-rw-r--r--changes/bug258525
-rw-r--r--changes/bug258706
-rw-r--r--changes/bug259013
-rw-r--r--changes/bug259437
-rw-r--r--changes/bug260075
-rw-r--r--changes/bug260526
-rw-r--r--changes/bug260695
-rw-r--r--changes/coveralls3
-rw-r--r--changes/feature194295
-rw-r--r--changes/feature251504
-rw-r--r--changes/geoip-2018-05-014
-rw-r--r--changes/isolate_libevent5
-rw-r--r--changes/ticket205226
-rw-r--r--changes/ticket233546
-rw-r--r--changes/ticket238736
-rw-r--r--changes/ticket247146
-rw-r--r--changes/ticket247346
-rw-r--r--changes/ticket247405
-rw-r--r--changes/ticket250244
-rw-r--r--changes/ticket250815
-rw-r--r--changes/ticket251626
-rw-r--r--changes/ticket252613
-rw-r--r--changes/ticket252687
-rw-r--r--changes/ticket252905
-rw-r--r--changes/ticket253746
-rw-r--r--changes/ticket25376_2576210
-rw-r--r--changes/ticket254096
-rw-r--r--changes/ticket254326
-rw-r--r--changes/ticket255115
-rw-r--r--changes/ticket256105
-rw-r--r--changes/ticket256454
-rw-r--r--changes/ticket257605
-rw-r--r--changes/ticket257663
-rw-r--r--changes/ticket259036
-rw-r--r--changes/ticket25927.16
-rw-r--r--changes/ticket25927.25
-rw-r--r--changes/ticket259319
-rw-r--r--changes/ticket259329
-rw-r--r--changes/ticket259379
-rw-r--r--changes/ticket259489
-rw-r--r--changes/ticket259499
-rw-r--r--changes/ticket259519
-rw-r--r--changes/ticket259529
-rw-r--r--changes/ticket259934
-rw-r--r--changes/ticket259945
-rw-r--r--changes/ticket259955
-rw-r--r--changes/ticket259965
-rw-r--r--changes/ticket259975
-rw-r--r--changes/ticket260045
-rw-r--r--changes/ticket260064
-rw-r--r--changes/ticket260087
-rw-r--r--changes/ticket260099
-rw-r--r--changes/ticket260144
-rw-r--r--changes/ticket260164
-rw-r--r--changes/ticket260624
-rw-r--r--changes/ticket260635
-rw-r--r--changes/ticket260645
-rw-r--r--changes/ticket41873
-rw-r--r--changes/ticket62364
-rw-r--r--changes/travis_distcheck4
93 files changed, 498 insertions, 501 deletions
diff --git a/ChangeLog b/ChangeLog
index 8789b215d2..91efcea986 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,501 @@
+Changes in version 0.3.4.1-alpha - 2018-05-1?
+ XXX BLURB
+
+
+ o Major feature (directory authority, modularization):
+ - The directory authority subsystem has been modularized. The code is now
+ located in src/or/dirauth/ which is compiled in by default. To disable the
+ module, the configure option --disable-module-dirauth has been added.
+ Closes ticket 25610;
+
+ o Major feature (main loop, CPU usage):
+ - Previously, tor would enable at startup all possible main loop event
+ regardless if it needed them. For instance, directory authorities
+ callbacks were fired up even for client only. We have now refactored this
+ whole interface to only enable the appropriate callbacks depending on what
+ are tor roles (client only, relay, hidden service, etc.). Furthermore,
+ these events now depend on DisableNetwork or the hibernation state in
+ order to enable them. This is a big step towards reducing client CPU usage
+ by reducing the amount of wake ups the daemon does. Closes ticket 25376
+ and 25762.
+
+ o Major features (CPU usage, mobile):
+ - When Tor is disabled (via DisableNetwork or via hibernation), it
+ no longer needs to run any per-second events. This change should
+ make it easier for mobile applications to disable Tor while the
+ device is sleeping, or Tor is not running. Closes ticket 26063.
+
+ o Major features (main loop, CPU wakeup):
+ - The bandwidth-limitation logic has been refactored so that
+ bandwidth calculations are performed on-demand, rather than
+ every TokenBucketRefillInterval milliseconds.
+ This change should improve the granularity of our bandwidth
+ calculations, and limit the number of times that the Tor process needs
+ to wake up when it is idle. Closes ticket 25373.
+
+ o Major bugfixes (directory authorities, security):
+ - When directory authorities read a zero-byte bandwidth file, they log
+ a warning with the contents of an uninitialised buffer. Log a warning
+ about the empty file instead.
+ Fixes bug 26007; bugfix on 0.2.2.1-alpha.
+
+ o Major bugfixes (directory authority):
+ - Avoid a crash when testing router reachability on a router that could
+ have an ed25519 ID, but which does not. Fixes bug 25415; bugfix on
+ 0.3.3.2-alpha.
+
+ o Major bugfixes (onion service):
+ - Correctly detect when onion services get disabled after HUP.
+ Fixes bug 25761; bugfix on 0.3.2.1.
+
+ o Major bugfixes (protover, voting):
+ - Revise Rust implementation of protover to use a more memory-efficient
+ voting algorithm and corresponding data structures, thus avoiding a
+ potential (but small impact) DoS attack where specially crafted protocol
+ strings would expand to several potential megabytes in memory. In the
+ process, several portions of code were revised to be methods on new,
+ custom types, rather than functions taking interchangeable types, thus
+ increasing type safety of the module. Custom error types and handling
+ were added as well, in order to facilitate better error dismissal/handling
+ in outside crates and avoid mistakenly passing an internal error string to
+ C over the FFI boundary. Many tests were added, and some previous
+ differences between the C and Rust implementations have been
+ remedied. Fixes bug 24031; bugfix on 0.3.3.1-alpha.
+
+ o Major bugfixes (relay, denial of service):
+ - Impose a limit on circuit cell queue size. The limit can be controlled by
+ a consensus parameter. Fixes bug 25226; bugfix on 0.2.4.14-alpha.
+
+ o Minor feature (entry guards):
+ - Introduce torrc option NumPrimaryGuards for controlling the number of
+ primary guards. Closes ticket 25843.
+
+ o Minor features (accounting):
+ - When we become dormant, use a scheduled event to wake up at the right
+ time. Previously, we would use the per-second timer to check whether
+ to wake up, but we no longer have any per-second timers enabled when
+ the network is disabled. Closes ticket 26064.
+
+ o Minor features (code quality):
+ - Add optional spell-checking for the Tor codebase, using the "misspell"
+ program. To use this feature, run "make check-typos".
+ Closes ticket 25024.
+
+ o Minor features (compatibility):
+ - Tor now detects versions of OpenSSL 1.1.0 and later compiled with the
+ no-deprecated option, and builds correctly with them. Closes
+ tickets 19429, 19981, and 25353.
+
+ o Minor features (compilation, portability):
+ - Avoid some compilation warnings with recent versions
+ of LibreSSL. Closes ticket 26006.
+
+ o Minor features (compression, zstd):
+ - When running with zstd, Tor now considers using advanced functions that
+ the zstd maintainers have labeled as potentially unstable. To
+ prevent breakage, Tor will only use this functionality when
+ the runtime version of the zstd library matches the version
+ with which it were compiled. Closes ticket 25162.
+
+ o Minor features (configuration):
+ - The "DownloadSchedule" options have been renamed to end with
+ "DownloadInitialDelay". The old names are still allowed, but will
+ produce a warning. Comma-separated lists are still permitted for
+ these options, but all values after the first are ignored (as they have
+ been since 0.2.9). Closes ticket 23354.
+
+ o Minor features (continuous integration):
+ - Our .travis.yml configuration now includes support for testing
+ the results of "make distcheck". (It's not uncommon for "make check" to
+ pass but "make distcheck" to fail.) Closes ticket 25814.
+ - Our Travis CI configuration now integrates with the Coveralls coverage
+ analysis tool. Closes ticket 25818.
+
+ o Minor features (control port):
+ - Introduce GETINFO "current-time/{local,utc}" to return the local
+ and UTC times respectively in ISO format. This helps a controller
+ like Tor Browser detect a time-related error. Closes ticket 25511.
+ Patch by Neel Chauhan.
+ - Introduce new fields to the CIRC_BW event. There are two new fields in
+ each of the read and written directions. The DELIVERED fields report the
+ total valid data on the circuit, as measured by the payload sizes of
+ verified and error-checked relay command cells. The OVERHEAD fields
+ report the total unused bytes in each of these cells. Closes ticket 25903.
+
+ o Minor features (directory authority):
+ - Directory authorities now open their key-pinning files as O_SYNC,
+ to prevent themselves from accidentally writing partial lines.
+ Closes ticket 23909.
+
+ o Minor features (directory authority, forward compatibility):
+ - Make the lines of the measured bandwidth file able to contain their
+ entries in any order. Previously, the node_id entry needed to come
+ first. Closes ticket 26004.
+
+ o Minor features (geoip):
+ - Update geoip and geoip6 to the May 1 2018 Maxmind GeoLite2
+ Country database. Closes ticket 26104.
+
+ o Minor features (mainloop):
+ - Move responsibility for
+ closing connections, circuits, and channels
+ from a once-per-second callback to a callback that is only scheduled as
+ needed. Once enough items are removed from our once-per-second
+ callback, we can eliminate it entirely to conserve CPU when idle.
+ Closes ticket
+ 25932.
+ - Move responsibility for
+ consensus voting
+ from a once-per-second callback to a callback that is only scheduled as
+ needed. Once enough items are removed from our once-per-second
+ callback, we can eliminate it entirely to conserve CPU when idle.
+ Closes ticket
+ 25937.
+ - Move responsibility for
+ flushing log callbacks
+ from a once-per-second callback to a callback that is only scheduled as
+ needed. Once enough items are removed from our once-per-second
+ callback, we can eliminate it entirely to conserve CPU when idle.
+ Closes ticket
+ 25951.
+ - Move responsibility for
+ honoring delayed SIGNEWNYM requests
+ from a once-per-second callback to a callback that is only scheduled as
+ needed. Once enough items are removed from our once-per-second
+ callback, we can eliminate it entirely to conserve CPU when idle.
+ Closes ticket
+ 25949.
+ - Move responsibility for
+ rescanning the consensus cache
+ from a once-per-second callback to a callback that is only scheduled as
+ needed. Once enough items are removed from our once-per-second
+ callback, we can eliminate it entirely to conserve CPU when idle.
+ Closes ticket:
+ 25931.
+ - Move responsibility for
+ saving the state file to disk
+ from a once-per-second callback to a callback that is only scheduled as
+ needed. Once enough items are removed from our once-per-second
+ callback, we can eliminate it entirely to conserve CPU when idle.
+ Closes ticket
+ 25948.
+ - Move responsibility for
+ warning relay operators about unreachable ports
+ from a once-per-second callback to a callback that is only scheduled as
+ needed. Once enough items are removed from our once-per-second
+ callback, we can eliminate it entirely to conserve CPU when idle.
+ Closes ticket
+ 25952.
+ - Move responsibility for
+ keeping track of Tor's uptime
+ from a nce-per-second callback to a callback that is only scheduled as
+ needed. Once enough items are removed from our once-per-second
+ callback, we can eliminate it entirely to conserve CPU when idle.
+ Closes ticket
+ 26009.
+
+ o Minor features (performance):
+ - Avoid a needless call to malloc() when processing an incoming
+ relay cell. Closes ticket 24914.
+
+ o Minor features (performance, 32-bit):
+ - Make our timing-wheel code run a tiny bit faster on 32-bit platforms,
+ by preferring 32-bit math to 64-bit. Closes ticket 24688.
+
+ o Minor features (performance, allocation):
+ - Avoid a needless malloc()/free() pair every time we handle an ntor
+ handshake. Closes ticket 25150.
+
+ o Minor features (Testing):
+ - Add a unit test for voting_schedule_get_start_of_next_interval().
+ Closes ticket 26014, and helps make unit test coverage more
+ deterministic.
+ - A new unittests module specifically for testing the functions in the
+ (new-ish) bridges.c module has been created with new unittests, raising
+ the code coverage percentages. Closes 25425.
+ - We now have improved testing for addressmap_get_virtual_address()
+ function. This should improve our test coverage, and make our test
+ coverage more deterministic. Closes ticket 25993.
+
+ o Minor features (timekeeping, circuit scheduling):
+ - When keeping track of how busy each circuit have been recently on
+ a given connection, use coarse-grained monotonic timers rather than
+ gettimeofday(). This change should marginally increase accuracy
+ and performance. Implements part of ticket 25927.
+
+ o Minor bugfix (controler):
+ - Make CIRC_BW event reflect the total of all data sent on a circuit,
+ including padding and dropped cells. Also fix a mis-counting bug
+ when STREAM_BW events were enabled. Fixes bug 25400; bugfix on
+ 0.2.5.2-alpha.
+
+ o Minor bugfix (Multiple includes):
+ - Fixed multiple includes of trasports.h in src/or/connection.c
+ Fixes bug 25261; bugfix on 0.2.5.1-alpha.
+
+ o Minor bugfixes (Assert crash):
+ - Avoid an assert in the circuit build timeout code if we fail to
+ allow any circuits to actually complete. Fixes bug 25733;
+ bugfix on 0.2.2.2-alpha.
+
+ o Minor bugfixes (bandwidth management):
+ - Consider ourselves "low on write bandwidth" if we have exhausted our
+ write bandwidth some time in the last second. This was the
+ documented behavior before, but the actual behavior was to change
+ this value every TokenBucketRefillInterval. Fixes bug 25828; bugfix on
+ 0.2.3.5-alpha.
+
+ o Minor bugfixes (C correctness):
+ - Add a missing lock acquisition in the shutdown code of the
+ control subsystem. Fixes bug 25675; bugfix on 0.2.7.3-rc. Found
+ by Coverity; this is CID 1433643.
+
+ o Minor bugfixes (channel_get_for_extend()):
+ - Remove the unused variable n_possible from the function
+ Fixes bug 25645; bugfix on 0.2.4.4-alpha
+
+ o Minor bugfixes (circuit path selection):
+ - Don't count path selection failures as circuit build failures. This
+ should eliminate cases where Tor blames its guard or the network
+ for situations like insufficient microdescriptors and/or overly
+ restrictive torrc settings. Fixes bug 25705; bugfix on 0.3.3.1-alpha.
+
+ o Minor bugfixes (client):
+ - Don't consider Tor running as a client if the ControlPort is open. Fixes
+ bug 26062; bugfix on 0.2.9.4-alpha.
+
+ o Minor bugfixes (control interface):
+ - Respond with more human readable error messages to GETINFO
+ exit-policy/* requests. Also, let controller know if error
+ is transient (response code 551) or not (response code 552).
+ Fixes bug 25852; bugfix on 0.2.8.1-alpha.
+
+ o Minor bugfixes (directory client):
+ - When unverified-consensus is verified, rename it to cached-consenus.
+ Fixes bug 4187; bugfix on 0.2.0.3-alpha.
+
+ o Minor bugfixes (directory server cert fetch):
+ - Fixed launching a certificate fetch always during the scheduled
+ periodic consensus fetch by fetching only in those cases when
+ consensus are waiting for certs.
+ Fixes bug 24740; bugfix on 0.2.9.1-alpha.
+
+ o Minor bugfixes (documentation):
+ - Stop saying in the manual that clients cache ipv4 dns answers
+ from exit relays. We haven't used them since 0.2.6.3-alpha, and
+ in ticket 24050 we stopped even caching them as of 0.3.2.6-alpha,
+ but we forgot to say so in the man page. Fixes bug 26052; bugfix
+ on 0.3.2.6-alpha.
+
+ o Minor bugfixes (Duplicate code):
+ - Remove duplicate code in parse_{c,s}method_line and bootstrap
+ their functionalities into a single function. Fixes
+ bug 6236; bugfix on 0.2.3.6-alpha.
+
+ o Minor bugfixes (error reporting):
+ - Improve tolerance for directory authorities with skewed clocks.
+ Previously, an authority with a clock more than 60 seconds ahead
+ could cause a client with a correct clock to warn that the
+ client's clock was behind. Now the clocks of a majority of
+ directory authorities have to be ahead of the client before this
+ warning will occur. Fixes bug 25756; bugfix on 0.2.2.25-alpha.
+
+ o Minor bugfixes (freebsd):
+ - In have_enough_mem_for_dircache(), the variable DIRCACHE_MIN_MEM_MB
+ does not stringify on FreeBSD, so we switch to tor_asprintf(). Fixes
+ bug 20887; bugfix on 0.2.8.1-alpha. Patch by Neel Chauhan.
+
+ o Minor bugfixes (hidden service v3):
+ - Fix a memory leak when an hidden service v3 is configured and gets a
+ SIGHUP signal. Fixes bug 25901; bugfix on 0.3.2.1-alpha.
+ - When parsing the descriptor signature, look for the token plus an extra
+ white-space at the end. This is more correct but also will allow us to
+ support new fields that might start with "signature". Fixes bug 26069;
+ bugfix on 0.3.0.1-alpha.
+
+ o Minor bugfixes (Linux seccomp2 sandbox):
+ - Allow the nanosleep() system call, which glibc uses to implement
+ sleep() and usleep(). Fixes bug 24969; bugfix on 0.2.5.1-alpha.
+
+ o Minor bugfixes (path selection):
+ - Only select relays when they have the descriptors we prefer to
+ use for them. This change fixes a bug where we could select
+ a relay because it had _some_ descriptor, but reject it later with
+ a nonfatal assertion error because it didn't have the exact one we
+ wanted. Fixes bugs 25691 and 25692; bugfix on 0.3.3.4-alpha.
+
+ o Minor bugfixes (portability):
+ - Do not align mmap length, as it is not required by POSIX, and the
+ getpagesize function is deprecated. Fixes bug 25399; bugfix on
+ 0.1.1.23.
+
+ o Minor bugfixes (relay statistics):
+ - When a relay is collecting internal statistics about how many
+ create cell requests it has seen of each type, accurately count the
+ requests from relays that temporarily fall out of the consensus. (To
+ be extra conservative, we were already ignoring requests from
+ clients in our counts, and we continue ignoring them here.) Fixes
+ bug 24910; bugfix on 0.2.4.17-rc.
+
+ o Minor bugfixes (relay, crash):
+ - Avoid a crash when running with DirPort set but ORPort tuned off.
+ Fixes a case of bug 23693; bugfix on 0.3.1.1-alpha.
+
+ o Minor bugfixes (restart-in-process):
+ - When shutting down, Tor now clears all the flags in the control.c
+ module. This should prevent a bug where authentication cookies
+ are not generated on restart. Fixes bug 25512; bugfix on 0.3.3.1-alpha.
+
+ o Minor bugfixes (test):
+ - When testing workqueue event-cancellation, make sure that we actually
+ cancel an event, and that cancel each event with equal probability.
+ (It was previously possible, though extremely unlikely, for our
+ event-canceling test not to cancel any events.) Fixes bug 26008;
+ bugfix on 0.2.6.3-alpha.
+
+ o Minor bugfixes (testing):
+ - Repeat part of the test in test_client_pick_intro() a number of times,
+ to give it consistent coverage. Fixes bug 25996; bugfix on
+ 0.3.2.1-alpha.
+
+ o Minor bugfixes (testing, coverage):
+ - Remove randomness from the hs_common/responsible_hsdirs test,
+ so that it always takes the same path through the function it tests.
+ Fixes bug 25997; bugfix on 0.3.2.1-alpha.
+
+ o Minor bugfixes (tests):
+ - Change the behavior of the "channel/outbound" test so that it never
+ causes a 10-second rollover for the EWMA circuitmux code. Previously,
+ this behavior would happen randomly, and result in fluctuating test
+ coverage. Fixes bug 25994; bugfix on 0.3.3.1-alpha.
+ - Use X509_new() to allocate certificates that will be freed later
+ with X509_free(). Previously, some parts of the unit tests had
+ used tor_malloc_zero(), which is incorrect, and which caused
+ test failures on Windows when they were built with extra hardening.
+ Fixes bugs 25943 and 25944; bugfix on 0.2.8.1-alpha.
+ Patch by Marcin Cieślak.
+ - While running the circuit_timeout test, fix the PRNG to a deterministic
+ AES stream, so that the test coverage from this test will itself be
+ deterministic. Fixes bug 25995; bugfix on 0.2.2.2-alpha.
+
+ o Minor bugfixes (vanguards):
+ - Allow the last hop in a vanguard circuit to be the same as our first,
+ to prevent the adversary from influencing guard node choice by choice
+ of last hop. Also prevent the creation of A - B - A paths, or A - A
+ paths, which are forbidden by relays. Fixes bug 25870; bugfix on
+ 0.3.3.1-alpha.
+
+ o Code simplification and refactoring:
+ We remove the PortForwsrding and PortForwardingHelper options, related
+ functions, and the port_forwarding tests. These options were used by
+ the now-deprecated Vidalia to help ordinary users become Tor relays or
+ bridges. Closes ticket 25409. Patch by Neel Chauhan.
+ - In order to make the OR and dir checking function in router.c less
+ confusing we renamed some functions and consider_testing_reachability()
+ has been splitted into router_should_check_reachability() and
+ router_do_reachability_checks(). Also we improved the documentation in
+ some functions. Closes ticket 18918.
+ - Initial work to isolate Libevent usage to a handful of modules in our
+ codebase, to simplify our call structure, and so that we can more
+ easily change event loops in the future if needed. Closes ticket
+ 23750.
+ - Introduce a function to call getsockname() and return
+ tor_addr_t, to save a little complexity throughout the codebase.
+ Closes ticket 18105.
+ - Make hsdir_index in node_t a hsdir_index_t rather than a pointer
+ as hsdir_index is always present. Also, we move hsdir_index_t into
+ or.h. Closes ticket 23094. Patch by Neel Chauhan.
+ - Merge functions used for describing nodes and suppress the functions
+ that do not allocate memory for the output buffer string.
+ NODE_DESC_BUF_LEN constant and format_node_description() function
+ cannot be used externally from router.c module anymore.
+ Closes ticket 25432. Patch by valentecaio.
+ - Our main loop has been simplified so that all important operations
+ happen inside events. Previously, some operations had to happen
+ outside the event loop, to prevent infinite sequences of event
+ activations. Closes ticket 25374.
+ - Put a SHA1 public key digest in hs_service_intro_point_t, and use it in
+ register_intro_circ() and service_intro_point_new(). This prevents the
+ digest from being re-calculated each time. Closes ticket 23107. Patch by
+ Neel Chauhan.
+ - Refactor token-bucket implementations to use a common backend.
+ Closes ticket 25766.
+ - Remove extern declaration of stats_n_seconds_working variable from main,
+ protecting its accesses with get_uptime() and reset_uptime() functions.
+ Closes ticket 25081, patch by “valentecaio”.
+ - Remove our previous logic for "cached gettimeofday()" -- our coarse
+ monotonic timers are fast enough for this purpose, and far less
+ error-prone. Implements part of ticket 25927.
+ - Remove the return value for fascist_firewall_choose_address_base(),
+ and sister functions such as fascist_firewall_choose_address_node()
+ and fascist_firewall_choose_address_rs(). Also, while we're here,
+ initialize the ap argument as leaving it uninitialized can pose a
+ security hazard. Closes ticket 24734. Patch by Neel Chauhan.
+ - Rename two fields of connection_t struct.
+ timestamp_lastwritten is renamed to timestamp_last_write_allowed and
+ timestamp_lastread is renamed to timestamp_last_read_allowed.
+ Closes ticket 24714, patch by "valentecaio".
+ - Since Tor requires C99, remove our old workaround code for libc
+ implementations where free(NULL) doesn't work. Closes ticket 24484.
+ - Use our standard rate-limiting code to deal with excessive libevent
+ failures, rather than the hand-rolled logic we had before.
+ Closes ticket 26016.
+ - We remove the return value of node_get_prim_orport() and
+ node_get_prim_dirport(), and introduce node_get_prim_orport()
+ in node_ipv6_or_preferred() and node_ipv6_dir_preferred() in
+ order to check for a null address. Closes ticket 23873. Patch
+ by Neel Chauhan.
+ - We switch to should_record_bridge_info() in geoip_note_client_seen() and
+ options_need_geoip_info() instead of accessing the configuration values
+ directly. Fixes bug 25290; bugfix on 0.2.1.6-alpha. Patch by Neel
+ Chauhan.
+
+ o Deprecated features:
+ - As we are not recommending 0.2.5 anymore we require relays that once had
+ an ed25519 key associated with their RSA key to always have that key
+ instead of allowing them to drop back to a version that didn't support
+ ed25519. This means they need to use a new RSA key if the want to
+ downgrade to an older version of tor without ed25519. Closes ticket 20522.
+
+ o Documentation:
+ - Correct an IPv6 error in the documentation for ExitPolicy.
+ Closes ticket 25857. Patch from "CTassisF".
+
+ o New system requirements:
+ - Tor no longer tries to support systems without mmap() or some local
+ equivalent. Apparently, compilation on such systems has been broken for
+ some time, without anybody noticing or complaining. Closes ticket
+ 25398.
+
+ o Removed features:
+ - Directory authorities will no longer support voting according to any
+ consensus method before consensus method 25. This keeps authorities
+ compatible with all authorities running 0.2.9.8 and later, and does
+ not break any clients or relays. Implements ticket 24378 and
+ proposal 290.
+ - The PortForwarding and PortForwardingHelper features have been
+ removed. The reasoning is, given that implementations of NAT traversal
+ protocols within common consumer grade routers are frequently buggy, and
+ that the target audience for a NAT punching feature is a perhaps
+ less-technically-inclined relay operator, when the helper fails to setup
+ traversal the problems are usually deep, ugly, and very router specific,
+ making them horrendously impossible for technical support to reliable
+ assist with, and thus resulting in frustration all around. Unfortunately,
+ relay operators who would like to run relays behind NATs will need to
+ become more familiar with the port forwarding configurations on their
+ local router. Closes 25409.
+ - The TestingEnableTbEmptyEvent option has been removed. It was used
+ in testing simulations to measure how often connection buckets were
+ emptied, in order to improve our scheduling, but it has not
+ been actively used in years. Closes ticket 25760.
+ - The old "round-robin" circuit multiplexer (circuitmux)
+ implementation has been removed, along with a fairly large set of
+ code that existed to support it. It has not been the default
+ circuitmux since we introduced the "EWMA" circuitmux in 0.2.4.x,
+ but it still required an unreasonable amount of memory and CPU.
+ Closes ticket 25268.
+
+
Changes in version 0.3.3.5-rc - 2018-04-15
Tor 0.3.3.5-rc fixes various bugs in earlier versions of Tor,
including some that could affect reliability or correctness.
diff --git a/changes/18105 b/changes/18105
deleted file mode 100644
index 87e6e61d2f..0000000000
--- a/changes/18105
+++ /dev/null
@@ -1,4 +0,0 @@
- o Code simplification and refactoring:
- - Introduce a function to call getsockname() and return
- tor_addr_t, to save a little complexity throughout the codebase.
- Closes ticket 18105.
diff --git a/changes/24378 b/changes/24378
deleted file mode 100644
index 663d27e969..0000000000
--- a/changes/24378
+++ /dev/null
@@ -1,8 +0,0 @@
- o Removed features:
-
- - Directory authorities will no longer support voting according to any
- consensus method before consensus method 25. This keeps authorities
- compatible with all authorities running 0.2.9.8 and later, and does
- not break any clients or relays. Implements ticket 24378 and
- proposal 290.
-
diff --git a/changes/25857 b/changes/25857
deleted file mode 100644
index e457af2f82..0000000000
--- a/changes/25857
+++ /dev/null
@@ -1,3 +0,0 @@
- o Documentation:
- - Correct an IPv6 error in the documentation for ExitPolicy.
- Closes ticket 25857. Patch from "CTassisF".
diff --git a/changes/bug18918 b/changes/bug18918
deleted file mode 100644
index c939168f49..0000000000
--- a/changes/bug18918
+++ /dev/null
@@ -1,6 +0,0 @@
- o Code simplification and refactoring:
- - In order to make the OR and dir checking function in router.c less
- confusing we renamed some functions and consider_testing_reachability()
- has been splitted into router_should_check_reachability() and
- router_do_reachability_checks(). Also we improved the documentation in
- some functions. Closes ticket 18918.
diff --git a/changes/bug20887 b/changes/bug20887
deleted file mode 100644
index 5d4e4ed233..0000000000
--- a/changes/bug20887
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (freebsd):
- - In have_enough_mem_for_dircache(), the variable DIRCACHE_MIN_MEM_MB
- does not stringify on FreeBSD, so we switch to tor_asprintf(). Fixes
- bug 20887; bugfix on 0.2.8.1-alpha. Patch by Neel Chauhan.
diff --git a/changes/bug23094 b/changes/bug23094
deleted file mode 100644
index 5040ab4e71..0000000000
--- a/changes/bug23094
+++ /dev/null
@@ -1,4 +0,0 @@
- o Code simplification and refactoring:
- - Make hsdir_index in node_t a hsdir_index_t rather than a pointer
- as hsdir_index is always present. Also, we move hsdir_index_t into
- or.h. Closes ticket 23094. Patch by Neel Chauhan.
diff --git a/changes/bug23107 b/changes/bug23107
deleted file mode 100644
index 55885e10fd..0000000000
--- a/changes/bug23107
+++ /dev/null
@@ -1,6 +0,0 @@
- o Code simplification and refactoring:
- - Put a SHA1 public key digest in hs_service_intro_point_t, and use it in
- register_intro_circ() and service_intro_point_new(). This prevents the
- digest from being re-calculated each time. Closes ticket 23107. Patch by
- Neel Chauhan.
-
diff --git a/changes/bug23693.1 b/changes/bug23693.1
deleted file mode 100644
index 4b16788814..0000000000
--- a/changes/bug23693.1
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (relay, crash):
- - Avoid a crash when running with DirPort set but ORPort tuned off.
- Fixes a case of bug 23693; bugfix on 0.3.1.1-alpha.
-
diff --git a/changes/bug23909 b/changes/bug23909
deleted file mode 100644
index 6b84e711e7..0000000000
--- a/changes/bug23909
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (directory authority):
- - Directory authorities now open their key-pinning files as O_SYNC,
- to prevent themselves from accidentally writing partial lines.
- Closes ticket 23909.
diff --git a/changes/bug24031 b/changes/bug24031
deleted file mode 100644
index 2bb0e83091..0000000000
--- a/changes/bug24031
+++ /dev/null
@@ -1,13 +0,0 @@
- o Major bugfixes (protover, voting):
- - Revise Rust implementation of protover to use a more memory-efficient
- voting algorithm and corresponding data structures, thus avoiding a
- potential (but small impact) DoS attack where specially crafted protocol
- strings would expand to several potential megabytes in memory. In the
- process, several portions of code were revised to be methods on new,
- custom types, rather than functions taking interchangeable types, thus
- increasing type safety of the module. Custom error types and handling
- were added as well, in order to facilitate better error dismissal/handling
- in outside crates and avoid mistakenly passing an internal error string to
- C over the FFI boundary. Many tests were added, and some previous
- differences between the C and Rust implementations have been
- remedied. Fixes bug 24031; bugfix on 0.3.3.1-alpha.
diff --git a/changes/bug24484 b/changes/bug24484
deleted file mode 100644
index 35a2044923..0000000000
--- a/changes/bug24484
+++ /dev/null
@@ -1,4 +0,0 @@
- o Code simplification and refactoring:
- - Since Tor requires C99, remove our old workaround code for libc
- implementations where free(NULL) doesn't work. Closes ticket 24484.
-
diff --git a/changes/bug24688 b/changes/bug24688
deleted file mode 100644
index c376fe6a03..0000000000
--- a/changes/bug24688
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features (performance, 32-bit):
- - Make our timing-wheel code run a tiny bit faster on 32-bit platforms,
- by preferring 32-bit math to 64-bit. Closes ticket 24688.
diff --git a/changes/bug24910 b/changes/bug24910
deleted file mode 100644
index 58574c0069..0000000000
--- a/changes/bug24910
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes (relay statistics):
- - When a relay is collecting internal statistics about how many
- create cell requests it has seen of each type, accurately count the
- requests from relays that temporarily fall out of the consensus. (To
- be extra conservative, we were already ignoring requests from
- clients in our counts, and we continue ignoring them here.) Fixes
- bug 24910; bugfix on 0.2.4.17-rc.
diff --git a/changes/bug24914 b/changes/bug24914
deleted file mode 100644
index ea441fd38c..0000000000
--- a/changes/bug24914
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features (performance):
- - Avoid a needless call to malloc() when processing an incoming
- relay cell. Closes ticket 24914.
diff --git a/changes/bug24969 b/changes/bug24969
deleted file mode 100644
index 46b2bae6f4..0000000000
--- a/changes/bug24969
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (Linux seccomp2 sandbox):
- - Allow the nanosleep() system call, which glibc uses to implement
- sleep() and usleep(). Fixes bug 24969; bugfix on 0.2.5.1-alpha.
diff --git a/changes/bug25226 b/changes/bug25226
deleted file mode 100644
index b594a7a424..0000000000
--- a/changes/bug25226
+++ /dev/null
@@ -1,4 +0,0 @@
- o Major bugfixes (relay, denial of service):
- - Impose a limit on circuit cell queue size. The limit can be controlled by
- a consensus parameter. Fixes bug 25226; bugfix on 0.2.4.14-alpha.
-
diff --git a/changes/bug25373 b/changes/bug25373
deleted file mode 100644
index 03e870e692..0000000000
--- a/changes/bug25373
+++ /dev/null
@@ -1,7 +0,0 @@
- o Major features (main loop, CPU wakeup):
- - The bandwidth-limitation logic has been refactored so that
- bandwidth calculations are performed on-demand, rather than
- every TokenBucketRefillInterval milliseconds.
- This change should improve the granularity of our bandwidth
- calculations, and limit the number of times that the Tor process needs
- to wake up when it is idle. Closes ticket 25373.
diff --git a/changes/bug25398 b/changes/bug25398
deleted file mode 100644
index 227a95d21a..0000000000
--- a/changes/bug25398
+++ /dev/null
@@ -1,5 +0,0 @@
- o New system requirements:
- - Tor no longer tries to support systems without mmap() or some local
- equivalent. Apparently, compilation on such systems has been broken for
- some time, without anybody noticing or complaining. Closes ticket
- 25398.
diff --git a/changes/bug25399 b/changes/bug25399
deleted file mode 100644
index 4554574939..0000000000
--- a/changes/bug25399
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (portability):
- - Do not align mmap length, as it is not required by POSIX, and the
- getpagesize function is deprecated. Fixes bug 25399; bugfix on
- 0.1.1.23.
-
diff --git a/changes/bug25400 b/changes/bug25400
deleted file mode 100644
index cee7ea83b0..0000000000
--- a/changes/bug25400
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfix (controler):
- - Make CIRC_BW event reflect the total of all data sent on a circuit,
- including padding and dropped cells. Also fix a mis-counting bug
- when STREAM_BW events were enabled. Fixes bug 25400; bugfix on
- 0.2.5.2-alpha.
diff --git a/changes/bug25409 b/changes/bug25409
deleted file mode 100644
index 093d8f58bd..0000000000
--- a/changes/bug25409
+++ /dev/null
@@ -1,12 +0,0 @@
- o Removed features:
- - The PortForwarding and PortForwardingHelper features have been
- removed. The reasoning is, given that implementations of NAT traversal
- protocols within common consumer grade routers are frequently buggy, and
- that the target audience for a NAT punching feature is a perhaps
- less-technically-inclined relay operator, when the helper fails to setup
- traversal the problems are usually deep, ugly, and very router specific,
- making them horrendously impossible for technical support to reliable
- assist with, and thus resulting in frustration all around. Unfortunately,
- relay operators who would like to run relays behind NATs will need to
- become more familiar with the port forwarding configurations on their
- local router. Closes 25409.
diff --git a/changes/bug25415 b/changes/bug25415
deleted file mode 100644
index ec851aee8d..0000000000
--- a/changes/bug25415
+++ /dev/null
@@ -1,4 +0,0 @@
- o Major bugfixes (directory authority):
- - Avoid a crash when testing router reachability on a router that could
- have an ed25519 ID, but which does not. Fixes bug 25415; bugfix on
- 0.3.3.2-alpha.
diff --git a/changes/bug25425 b/changes/bug25425
deleted file mode 100644
index 41f1a47b15..0000000000
--- a/changes/bug25425
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (testing):
- - A new unittests module specifically for testing the functions in the
- (new-ish) bridges.c module has been created with new unittests, raising
- the code coverage percentages. Closes 25425.
diff --git a/changes/bug25512 b/changes/bug25512
deleted file mode 100644
index 4b6491867e..0000000000
--- a/changes/bug25512
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (restart-in-process):
- - When shutting down, Tor now clears all the flags in the control.c
- module. This should prevent a bug where authentication cookies
- are not generated on restart. Fixes bug 25512; bugfix on 0.3.3.1-alpha.
-
diff --git a/changes/bug25675 b/changes/bug25675
deleted file mode 100644
index d0f0287b59..0000000000
--- a/changes/bug25675
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (C correctness):
- - Add a missing lock acquisition in the shutdown code of the
- control subsystem. Fixes bug 25675; bugfix on 0.2.7.3-rc. Found
- by Coverity; this is CID 1433643.
diff --git a/changes/bug25691_again b/changes/bug25691_again
deleted file mode 100644
index 3d0d91bfd3..0000000000
--- a/changes/bug25691_again
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes (path selection):
- - Only select relays when they have the descriptors we prefer to
- use for them. This change fixes a bug where we could select
- a relay because it had _some_ descriptor, but reject it later with
- a nonfatal assertion error because it didn't have the exact one we
- wanted. Fixes bugs 25691 and 25692; bugfix on 0.3.3.4-alpha.
diff --git a/changes/bug25705 b/changes/bug25705
deleted file mode 100644
index 360d96d4c6..0000000000
--- a/changes/bug25705
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (circuit path selection):
- - Don't count path selection failures as circuit build failures. This
- should eliminate cases where Tor blames its guard or the network
- for situations like insufficient microdescriptors and/or overly
- restrictive torrc settings. Fixes bug 25705; bugfix on 0.3.3.1-alpha.
diff --git a/changes/bug25733 b/changes/bug25733
deleted file mode 100644
index 775c1ae00e..0000000000
--- a/changes/bug25733
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (Assert crash):
- - Avoid an assert in the circuit build timeout code if we fail to
- allow any circuits to actually complete. Fixes bug 25733;
- bugfix on 0.2.2.2-alpha.
diff --git a/changes/bug25756 b/changes/bug25756
deleted file mode 100644
index ff5ac0391d..0000000000
--- a/changes/bug25756
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes (error reporting):
- - Improve tolerance for directory authorities with skewed clocks.
- Previously, an authority with a clock more than 60 seconds ahead
- could cause a client with a correct clock to warn that the
- client's clock was behind. Now the clocks of a majority of
- directory authorities have to be ahead of the client before this
- warning will occur. Fixes bug 25756; bugfix on 0.2.2.25-alpha.
diff --git a/changes/bug25761 b/changes/bug25761
deleted file mode 100644
index 096fadcf09..0000000000
--- a/changes/bug25761
+++ /dev/null
@@ -1,3 +0,0 @@
- o Major bugfixes (onion service):
- - Correctly detect when onion services get disabled after HUP.
- Fixes bug 25761; bugfix on 0.3.2.1.
diff --git a/changes/bug25828 b/changes/bug25828
deleted file mode 100644
index 45cd1f4ae8..0000000000
--- a/changes/bug25828
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes (bandwidth management):
- - Consider ourselves "low on write bandwidth" if we have exhausted our
- write bandwidth some time in the last second. This was the
- documented behavior before, but the actual behavior was to change
- this value every TokenBucketRefillInterval. Fixes bug 25828; bugfix on
- 0.2.3.5-alpha.
-
diff --git a/changes/bug25843 b/changes/bug25843
deleted file mode 100644
index ddbbbef787..0000000000
--- a/changes/bug25843
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor feature (entry guards):
- - Introduce torrc option NumPrimaryGuards for controlling the number of
- primary guards. Closes ticket 25843. \ No newline at end of file
diff --git a/changes/bug25852 b/changes/bug25852
deleted file mode 100644
index 8b15638410..0000000000
--- a/changes/bug25852
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (control interface):
- - Respond with more human readable error messages to GETINFO
- exit-policy/* requests. Also, let controller know if error
- is transient (response code 551) or not (response code 552).
- Fixes bug 25852; bugfix on 0.2.8.1-alpha.
diff --git a/changes/bug25870 b/changes/bug25870
deleted file mode 100644
index aea5a1e303..0000000000
--- a/changes/bug25870
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes (vanguards):
- - Allow the last hop in a vanguard circuit to be the same as our first,
- to prevent the adversary from influencing guard node choice by choice
- of last hop. Also prevent the creation of A - B - A paths, or A - A
- paths, which are forbidden by relays. Fixes bug 25870; bugfix on
- 0.3.3.1-alpha.
diff --git a/changes/bug25901 b/changes/bug25901
deleted file mode 100644
index 3ad30c7676..0000000000
--- a/changes/bug25901
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (hidden service v3):
- - Fix a memory leak when an hidden service v3 is configured and gets a
- SIGHUP signal. Fixes bug 25901; bugfix on 0.3.2.1-alpha.
diff --git a/changes/bug25943 b/changes/bug25943
deleted file mode 100644
index 187f9a287a..0000000000
--- a/changes/bug25943
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes (tests):
- - Use X509_new() to allocate certificates that will be freed later
- with X509_free(). Previously, some parts of the unit tests had
- used tor_malloc_zero(), which is incorrect, and which caused
- test failures on Windows when they were built with extra hardening.
- Fixes bugs 25943 and 25944; bugfix on 0.2.8.1-alpha.
- Patch by Marcin Cieślak.
diff --git a/changes/bug26007 b/changes/bug26007
deleted file mode 100644
index efcd15084d..0000000000
--- a/changes/bug26007
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major bugfixes (directory authorities, security):
- - When directory authorities read a zero-byte bandwidth file, they log
- a warning with the contents of an uninitialised buffer. Log a warning
- about the empty file instead.
- Fixes bug 26007; bugfix on 0.2.2.1-alpha.
diff --git a/changes/bug26052 b/changes/bug26052
deleted file mode 100644
index 4721933fa5..0000000000
--- a/changes/bug26052
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes (documentation):
- - Stop saying in the manual that clients cache ipv4 dns answers
- from exit relays. We haven't used them since 0.2.6.3-alpha, and
- in ticket 24050 we stopped even caching them as of 0.3.2.6-alpha,
- but we forgot to say so in the man page. Fixes bug 26052; bugfix
- on 0.3.2.6-alpha.
diff --git a/changes/bug26069 b/changes/bug26069
deleted file mode 100644
index 192e97d782..0000000000
--- a/changes/bug26069
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (hidden service v3):
- - When parsing the descriptor signature, look for the token plus an extra
- white-space at the end. This is more correct but also will allow us to
- support new fields that might start with "signature". Fixes bug 26069;
- bugfix on 0.3.0.1-alpha.
diff --git a/changes/coveralls b/changes/coveralls
deleted file mode 100644
index 7fa69bb2b4..0000000000
--- a/changes/coveralls
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features (continuous integration):
- - Our Travis CI configuration now integrates with the Coveralls coverage
- analysis tool. Closes ticket 25818.
diff --git a/changes/feature19429 b/changes/feature19429
deleted file mode 100644
index 0faa6e84e1..0000000000
--- a/changes/feature19429
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (compatibility):
- - Tor now detects versions of OpenSSL 1.1.0 and later compiled with the
- no-deprecated option, and builds correctly with them. Closes
- tickets 19429, 19981, and 25353.
-
diff --git a/changes/feature25150 b/changes/feature25150
deleted file mode 100644
index eb65327a8d..0000000000
--- a/changes/feature25150
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (performance, allocation):
- - Avoid a needless malloc()/free() pair every time we handle an ntor
- handshake. Closes ticket 25150.
-
diff --git a/changes/geoip-2018-05-01 b/changes/geoip-2018-05-01
deleted file mode 100644
index 1528bb0c31..0000000000
--- a/changes/geoip-2018-05-01
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (geoip):
- - Update geoip and geoip6 to the May 1 2018 Maxmind GeoLite2
- Country database. Closes ticket 26104.
-
diff --git a/changes/isolate_libevent b/changes/isolate_libevent
deleted file mode 100644
index 852e533fd3..0000000000
--- a/changes/isolate_libevent
+++ /dev/null
@@ -1,5 +0,0 @@
- o Code simplification and refactoring:
- - Initial work to isolate Libevent usage to a handful of modules in our
- codebase, to simplify our call structure, and so that we can more
- easily change event loops in the future if needed. Closes ticket
- 23750.
diff --git a/changes/ticket20522 b/changes/ticket20522
deleted file mode 100644
index a5e6718e1e..0000000000
--- a/changes/ticket20522
+++ /dev/null
@@ -1,6 +0,0 @@
- o Deprecated features:
- - As we are not recommending 0.2.5 anymore we require relays that once had
- an ed25519 key associated with their RSA key to always have that key
- instead of allowing them to drop back to a version that didn't support
- ed25519. This means they need to use a new RSA key if the want to
- downgrade to an older version of tor without ed25519. Closes ticket 20522.
diff --git a/changes/ticket23354 b/changes/ticket23354
deleted file mode 100644
index f79dfd96ae..0000000000
--- a/changes/ticket23354
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor features (configuration):
- - The "DownloadSchedule" options have been renamed to end with
- "DownloadInitialDelay". The old names are still allowed, but will
- produce a warning. Comma-separated lists are still permitted for
- these options, but all values after the first are ignored (as they have
- been since 0.2.9). Closes ticket 23354.
diff --git a/changes/ticket23873 b/changes/ticket23873
deleted file mode 100644
index ffe65e5ed4..0000000000
--- a/changes/ticket23873
+++ /dev/null
@@ -1,6 +0,0 @@
- o Code simplification and refactoring:
- - We remove the return value of node_get_prim_orport() and
- node_get_prim_dirport(), and introduce node_get_prim_orport()
- in node_ipv6_or_preferred() and node_ipv6_dir_preferred() in
- order to check for a null address. Closes ticket 23873. Patch
- by Neel Chauhan.
diff --git a/changes/ticket24714 b/changes/ticket24714
deleted file mode 100644
index 60353abec9..0000000000
--- a/changes/ticket24714
+++ /dev/null
@@ -1,6 +0,0 @@
- o Code simplification and refactoring:
- - Rename two fields of connection_t struct.
- timestamp_lastwritten is renamed to timestamp_last_write_allowed and
- timestamp_lastread is renamed to timestamp_last_read_allowed.
- Closes ticket 24714, patch by "valentecaio".
-
diff --git a/changes/ticket24734 b/changes/ticket24734
deleted file mode 100644
index 00029ce578..0000000000
--- a/changes/ticket24734
+++ /dev/null
@@ -1,6 +0,0 @@
- o Code simplification and refactoring:
- - Remove the return value for fascist_firewall_choose_address_base(),
- and sister functions such as fascist_firewall_choose_address_node()
- and fascist_firewall_choose_address_rs(). Also, while we're here,
- initialize the ap argument as leaving it uninitialized can pose a
- security hazard. Closes ticket 24734. Patch by Neel Chauhan.
diff --git a/changes/ticket24740 b/changes/ticket24740
deleted file mode 100644
index 253cdb65e2..0000000000
--- a/changes/ticket24740
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (directory server cert fetch):
- - Fixed launching a certificate fetch always during the scheduled
- periodic consensus fetch by fetching only in those cases when
- consensus are waiting for certs.
- Fixes bug 24740; bugfix on 0.2.9.1-alpha.
diff --git a/changes/ticket25024 b/changes/ticket25024
deleted file mode 100644
index 0e5069cf81..0000000000
--- a/changes/ticket25024
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (code quality):
- - Add optional spell-checking for the Tor codebase, using the "misspell"
- program. To use this feature, run "make check-typos".
- Closes ticket 25024.
diff --git a/changes/ticket25081 b/changes/ticket25081
deleted file mode 100644
index b6e6c2a5a6..0000000000
--- a/changes/ticket25081
+++ /dev/null
@@ -1,5 +0,0 @@
- o Code simplification and refactoring:
- - Remove extern declaration of stats_n_seconds_working variable from main,
- protecting its accesses with get_uptime() and reset_uptime() functions.
- Closes ticket 25081, patch by “valentecaio”.
-
diff --git a/changes/ticket25162 b/changes/ticket25162
deleted file mode 100644
index 37019a7f8f..0000000000
--- a/changes/ticket25162
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor features (compression, zstd):
- - When running with zstd, Tor now considers using advanced functions that
- the zstd maintainers have labeled as potentially unstable. To
- prevent breakage, Tor will only use this functionality when
- the runtime version of the zstd library matches the version
- with which it were compiled. Closes ticket 25162.
diff --git a/changes/ticket25261 b/changes/ticket25261
deleted file mode 100644
index 604a09d975..0000000000
--- a/changes/ticket25261
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfix (Multiple includes):
- - Fixed multiple includes of trasports.h in src/or/connection.c
- Fixes bug 25261; bugfix on 0.2.5.1-alpha.
diff --git a/changes/ticket25268 b/changes/ticket25268
deleted file mode 100644
index e444984dc4..0000000000
--- a/changes/ticket25268
+++ /dev/null
@@ -1,7 +0,0 @@
- o Removed features:
- - The old "round-robin" circuit multiplexer (circuitmux)
- implementation has been removed, along with a fairly large set of
- code that existed to support it. It has not been the default
- circuitmux since we introduced the "EWMA" circuitmux in 0.2.4.x,
- but it still required an unreasonable amount of memory and CPU.
- Closes ticket 25268.
diff --git a/changes/ticket25290 b/changes/ticket25290
deleted file mode 100644
index 5e44f5e05c..0000000000
--- a/changes/ticket25290
+++ /dev/null
@@ -1,5 +0,0 @@
- o Code simplification and refactoring:
- - We switch to should_record_bridge_info() in geoip_note_client_seen() and
- options_need_geoip_info() instead of accessing the configuration values
- directly. Fixes bug 25290; bugfix on 0.2.1.6-alpha. Patch by Neel
- Chauhan.
diff --git a/changes/ticket25374 b/changes/ticket25374
deleted file mode 100644
index 5fc59d1589..0000000000
--- a/changes/ticket25374
+++ /dev/null
@@ -1,6 +0,0 @@
- o Code simplification and refactoring:
- - Our main loop has been simplified so that all important operations
- happen inside events. Previously, some operations had to happen
- outside the event loop, to prevent infinite sequences of event
- activations. Closes ticket 25374.
-
diff --git a/changes/ticket25376_25762 b/changes/ticket25376_25762
deleted file mode 100644
index b3ebf56d3b..0000000000
--- a/changes/ticket25376_25762
+++ /dev/null
@@ -1,10 +0,0 @@
- o Major feature (main loop, CPU usage):
- - Previously, tor would enable at startup all possible main loop event
- regardless if it needed them. For instance, directory authorities
- callbacks were fired up even for client only. We have now refactored this
- whole interface to only enable the appropriate callbacks depending on what
- are tor roles (client only, relay, hidden service, etc.). Furthermore,
- these events now depend on DisableNetwork or the hibernation state in
- order to enable them. This is a big step towards reducing client CPU usage
- by reducing the amount of wake ups the daemon does. Closes ticket 25376
- and 25762.
diff --git a/changes/ticket25409 b/changes/ticket25409
deleted file mode 100644
index f0006fbc5d..0000000000
--- a/changes/ticket25409
+++ /dev/null
@@ -1,6 +0,0 @@
- o Code simplification and refactoring:
- We remove the PortForwsrding and PortForwardingHelper options, related
- functions, and the port_forwarding tests. These options were used by
- the now-deprecated Vidalia to help ordinary users become Tor relays or
- bridges. Closes ticket 25409. Patch by Neel Chauhan.
-
diff --git a/changes/ticket25432 b/changes/ticket25432
deleted file mode 100644
index 21ca201343..0000000000
--- a/changes/ticket25432
+++ /dev/null
@@ -1,6 +0,0 @@
- o Code simplification and refactoring:
- - Merge functions used for describing nodes and suppress the functions
- that do not allocate memory for the output buffer string.
- NODE_DESC_BUF_LEN constant and format_node_description() function
- cannot be used externally from router.c module anymore.
- Closes ticket 25432. Patch by valentecaio.
diff --git a/changes/ticket25511 b/changes/ticket25511
deleted file mode 100644
index 0a24e265ca..0000000000
--- a/changes/ticket25511
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (control port):
- - Introduce GETINFO "current-time/{local,utc}" to return the local
- and UTC times respectively in ISO format. This helps a controller
- like Tor Browser detect a time-related error. Closes ticket 25511.
- Patch by Neel Chauhan.
diff --git a/changes/ticket25610 b/changes/ticket25610
deleted file mode 100644
index 887770e6ac..0000000000
--- a/changes/ticket25610
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major feature (directory authority, modularization):
- - The directory authority subsystem has been modularized. The code is now
- located in src/or/dirauth/ which is compiled in by default. To disable the
- module, the configure option --disable-module-dirauth has been added.
- Closes ticket 25610;
diff --git a/changes/ticket25645 b/changes/ticket25645
deleted file mode 100644
index ab20a5ca4c..0000000000
--- a/changes/ticket25645
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (channel_get_for_extend()):
- - Remove the unused variable n_possible from the function
- Fixes bug 25645; bugfix on 0.2.4.4-alpha
-
diff --git a/changes/ticket25760 b/changes/ticket25760
deleted file mode 100644
index 504fd60de6..0000000000
--- a/changes/ticket25760
+++ /dev/null
@@ -1,5 +0,0 @@
- o Removed features:
- - The TestingEnableTbEmptyEvent option has been removed. It was used
- in testing simulations to measure how often connection buckets were
- emptied, in order to improve our scheduling, but it has not
- been actively used in years. Closes ticket 25760.
diff --git a/changes/ticket25766 b/changes/ticket25766
deleted file mode 100644
index 6382b6215e..0000000000
--- a/changes/ticket25766
+++ /dev/null
@@ -1,3 +0,0 @@
- o Code simplification and refactoring:
- - Refactor token-bucket implementations to use a common backend.
- Closes ticket 25766.
diff --git a/changes/ticket25903 b/changes/ticket25903
deleted file mode 100644
index 8d358c8a83..0000000000
--- a/changes/ticket25903
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor features (control port):
- - Introduce new fields to the CIRC_BW event. There are two new fields in
- each of the read and written directions. The DELIVERED fields report the
- total valid data on the circuit, as measured by the payload sizes of
- verified and error-checked relay command cells. The OVERHEAD fields
- report the total unused bytes in each of these cells. Closes ticket 25903.
diff --git a/changes/ticket25927.1 b/changes/ticket25927.1
deleted file mode 100644
index 84ac86e187..0000000000
--- a/changes/ticket25927.1
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor features (timekeeping, circuit scheduling):
- - When keeping track of how busy each circuit have been recently on
- a given connection, use coarse-grained monotonic timers rather than
- gettimeofday(). This change should marginally increase accuracy
- and performance. Implements part of ticket 25927.
-
diff --git a/changes/ticket25927.2 b/changes/ticket25927.2
deleted file mode 100644
index 9acb4aaf6f..0000000000
--- a/changes/ticket25927.2
+++ /dev/null
@@ -1,5 +0,0 @@
- o Code simplification and refactoring:
- - Remove our previous logic for "cached gettimeofday()" -- our coarse
- monotonic timers are fast enough for this purpose, and far less
- error-prone. Implements part of ticket 25927.
-
diff --git a/changes/ticket25931 b/changes/ticket25931
deleted file mode 100644
index 20ce761883..0000000000
--- a/changes/ticket25931
+++ /dev/null
@@ -1,9 +0,0 @@
- o Minor features (mainloop):
- - Move responsibility for
- rescanning the consensus cache
- from a once-per-second callback to a callback that is only scheduled as
- needed. Once enough items are removed from our once-per-second
- callback, we can eliminate it entirely to conserve CPU when idle.
- Closes ticket:
- 25931.
-
diff --git a/changes/ticket25932 b/changes/ticket25932
deleted file mode 100644
index 67f56f7cc0..0000000000
--- a/changes/ticket25932
+++ /dev/null
@@ -1,9 +0,0 @@
- o Minor features (mainloop):
- - Move responsibility for
- closing connections, circuits, and channels
- from a once-per-second callback to a callback that is only scheduled as
- needed. Once enough items are removed from our once-per-second
- callback, we can eliminate it entirely to conserve CPU when idle.
- Closes ticket
- 25932.
-
diff --git a/changes/ticket25937 b/changes/ticket25937
deleted file mode 100644
index 7c49fac708..0000000000
--- a/changes/ticket25937
+++ /dev/null
@@ -1,9 +0,0 @@
- o Minor features (mainloop):
- - Move responsibility for
- consensus voting
- from a once-per-second callback to a callback that is only scheduled as
- needed. Once enough items are removed from our once-per-second
- callback, we can eliminate it entirely to conserve CPU when idle.
- Closes ticket
- 25937.
-
diff --git a/changes/ticket25948 b/changes/ticket25948
deleted file mode 100644
index 7851d0b65b..0000000000
--- a/changes/ticket25948
+++ /dev/null
@@ -1,9 +0,0 @@
- o Minor features (mainloop):
- - Move responsibility for
- saving the state file to disk
- from a once-per-second callback to a callback that is only scheduled as
- needed. Once enough items are removed from our once-per-second
- callback, we can eliminate it entirely to conserve CPU when idle.
- Closes ticket
- 25948.
-
diff --git a/changes/ticket25949 b/changes/ticket25949
deleted file mode 100644
index fd87373418..0000000000
--- a/changes/ticket25949
+++ /dev/null
@@ -1,9 +0,0 @@
- o Minor features (mainloop):
- - Move responsibility for
- honoring delayed SIGNEWNYM requests
- from a once-per-second callback to a callback that is only scheduled as
- needed. Once enough items are removed from our once-per-second
- callback, we can eliminate it entirely to conserve CPU when idle.
- Closes ticket
- 25949.
-
diff --git a/changes/ticket25951 b/changes/ticket25951
deleted file mode 100644
index b6cfc2091c..0000000000
--- a/changes/ticket25951
+++ /dev/null
@@ -1,9 +0,0 @@
- o Minor features (mainloop):
- - Move responsibility for
- flushing log callbacks
- from a once-per-second callback to a callback that is only scheduled as
- needed. Once enough items are removed from our once-per-second
- callback, we can eliminate it entirely to conserve CPU when idle.
- Closes ticket
- 25951.
-
diff --git a/changes/ticket25952 b/changes/ticket25952
deleted file mode 100644
index e4dd56df06..0000000000
--- a/changes/ticket25952
+++ /dev/null
@@ -1,9 +0,0 @@
- o Minor features (mainloop):
- - Move responsibility for
- warning relay operators about unreachable ports
- from a once-per-second callback to a callback that is only scheduled as
- needed. Once enough items are removed from our once-per-second
- callback, we can eliminate it entirely to conserve CPU when idle.
- Closes ticket
- 25952.
-
diff --git a/changes/ticket25993 b/changes/ticket25993
deleted file mode 100644
index 8eafcd1812..0000000000
--- a/changes/ticket25993
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (testing):
- - We now have improved testing for addressmap_get_virtual_address()
- function. This should improve our test coverage, and make our test
- coverage more deterministic. Closes ticket 25993.
diff --git a/changes/ticket25994 b/changes/ticket25994
deleted file mode 100644
index 135417401f..0000000000
--- a/changes/ticket25994
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (tests):
- - Change the behavior of the "channel/outbound" test so that it never
- causes a 10-second rollover for the EWMA circuitmux code. Previously,
- this behavior would happen randomly, and result in fluctuating test
- coverage. Fixes bug 25994; bugfix on 0.3.3.1-alpha.
diff --git a/changes/ticket25995 b/changes/ticket25995
deleted file mode 100644
index 855020bd39..0000000000
--- a/changes/ticket25995
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (tests):
- - While running the circuit_timeout test, fix the PRNG to a deterministic
- AES stream, so that the test coverage from this test will itself be
- deterministic. Fixes bug 25995; bugfix on 0.2.2.2-alpha.
-
diff --git a/changes/ticket25996 b/changes/ticket25996
deleted file mode 100644
index f523bc6304..0000000000
--- a/changes/ticket25996
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (testing):
- - Repeat part of the test in test_client_pick_intro() a number of times,
- to give it consistent coverage. Fixes bug 25996; bugfix on
- 0.3.2.1-alpha.
-
diff --git a/changes/ticket25997 b/changes/ticket25997
deleted file mode 100644
index 2c802c856b..0000000000
--- a/changes/ticket25997
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (testing, coverage):
- - Remove randomness from the hs_common/responsible_hsdirs test,
- so that it always takes the same path through the function it tests.
- Fixes bug 25997; bugfix on 0.3.2.1-alpha.
-
diff --git a/changes/ticket26004 b/changes/ticket26004
deleted file mode 100644
index 6b082f1453..0000000000
--- a/changes/ticket26004
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (directory authority, forward compatibility):
- - Make the lines of the measured bandwidth file able to contain their
- entries in any order. Previously, the node_id entry needed to come
- first. Closes ticket 26004.
-
diff --git a/changes/ticket26006 b/changes/ticket26006
deleted file mode 100644
index e33e3f1cd2..0000000000
--- a/changes/ticket26006
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (compilation, portability):
- - Avoid some compilation warnings with recent versions
- of LibreSSL. Closes ticket 26006.
-
diff --git a/changes/ticket26008 b/changes/ticket26008
deleted file mode 100644
index 7550c959e2..0000000000
--- a/changes/ticket26008
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes (test):
- - When testing workqueue event-cancellation, make sure that we actually
- cancel an event, and that cancel each event with equal probability.
- (It was previously possible, though extremely unlikely, for our
- event-canceling test not to cancel any events.) Fixes bug 26008;
- bugfix on 0.2.6.3-alpha.
-
diff --git a/changes/ticket26009 b/changes/ticket26009
deleted file mode 100644
index 51ada15726..0000000000
--- a/changes/ticket26009
+++ /dev/null
@@ -1,9 +0,0 @@
- o Minor features (mainloop):
- - Move responsibility for
- keeping track of Tor's uptime
- from a nce-per-second callback to a callback that is only scheduled as
- needed. Once enough items are removed from our once-per-second
- callback, we can eliminate it entirely to conserve CPU when idle.
- Closes ticket
- 26009.
-
diff --git a/changes/ticket26014 b/changes/ticket26014
deleted file mode 100644
index 9d62ddbba9..0000000000
--- a/changes/ticket26014
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (Testing):
- - Add a unit test for voting_schedule_get_start_of_next_interval().
- Closes ticket 26014, and helps make unit test coverage more
- deterministic.
diff --git a/changes/ticket26016 b/changes/ticket26016
deleted file mode 100644
index f0eb56d32b..0000000000
--- a/changes/ticket26016
+++ /dev/null
@@ -1,4 +0,0 @@
- o Code simplification and refactoring:
- - Use our standard rate-limiting code to deal with excessive libevent
- failures, rather than the hand-rolled logic we had before.
- Closes ticket 26016.
diff --git a/changes/ticket26062 b/changes/ticket26062
deleted file mode 100644
index cd1fe3df47..0000000000
--- a/changes/ticket26062
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (client):
- - Don't consider Tor running as a client if the ControlPort is open. Fixes
- bug 26062; bugfix on 0.2.9.4-alpha.
-
diff --git a/changes/ticket26063 b/changes/ticket26063
deleted file mode 100644
index c11eb2d15c..0000000000
--- a/changes/ticket26063
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major features (CPU usage, mobile):
- - When Tor is disabled (via DisableNetwork or via hibernation), it
- no longer needs to run any per-second events. This change should
- make it easier for mobile applications to disable Tor while the
- device is sleeping, or Tor is not running. Closes ticket 26063.
diff --git a/changes/ticket26064 b/changes/ticket26064
deleted file mode 100644
index 6efb8a483c..0000000000
--- a/changes/ticket26064
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (accounting):
- - When we become dormant, use a scheduled event to wake up at the right
- time. Previously, we would use the per-second timer to check whether
- to wake up, but we no longer have any per-second timers enabled when
- the network is disabled. Closes ticket 26064.
diff --git a/changes/ticket4187 b/changes/ticket4187
deleted file mode 100644
index c5f795b1a6..0000000000
--- a/changes/ticket4187
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (directory client):
- - When unverified-consensus is verified, rename it to cached-consenus.
- Fixes bug 4187; bugfix on 0.2.0.3-alpha.
diff --git a/changes/ticket6236 b/changes/ticket6236
deleted file mode 100644
index 9dea07e696..0000000000
--- a/changes/ticket6236
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (Duplicate code):
- - Remove duplicate code in parse_{c,s}method_line and bootstrap
- their functionalities into a single function. Fixes
- bug 6236; bugfix on 0.2.3.6-alpha.
diff --git a/changes/travis_distcheck b/changes/travis_distcheck
deleted file mode 100644
index 0f278fe7ee..0000000000
--- a/changes/travis_distcheck
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (continuous integration):
- - Our .travis.yml configuration now includes support for testing
- the results of "make distcheck". (It's not uncommon for "make check" to
- pass but "make distcheck" to fail.) Closes ticket 25814.