diff options
| author | Nick Mathewson <nickm@torproject.org> | 2016-03-21 11:18:15 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2016-03-21 11:18:15 -0400 |
| commit | 4bb432f633f728e54cd5c6bef7299019578f2ea9 (patch) | |
| tree | b3d6c1b452fc681c98e3ba100f5488df751f356e /ChangeLog | |
| parent | 52bc92140287852f8f7fbb3ca4ba233ab229ff4f (diff) | |
| download | tor-4bb432f633f728e54cd5c6bef7299019578f2ea9.tar.gz tor-4bb432f633f728e54cd5c6bef7299019578f2ea9.zip | |
Sort changes files into changelog.
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 256 |
1 files changed, 256 insertions, 0 deletions
@@ -1,3 +1,259 @@ +Changes in version 0.2.8.2-rc - 2016-03-?? + Tor 0.2.8.1-alpha is the first release candidate in its series. + XXXX write more here XXXX + + o New system requirements: + - Tor no longer supports versions of OpenSSL with a broken + implementation of counter mode. (This bug was present in OpenSSL + 1.0.0, and was fixed in OpenSSL 1.0.0a.) Tor still detects, but + no longer runs with, these versions. + - Tor no longer attempts to support platforms where the "time_t" type + is unsigned. (To the best of our knowledge, only OpenVMS does this, + and Tor has never actually built on OpenVMS.) Closes ticket 18184. + + o Removed features: + - Streamline relay-side hsdir handling: when relays consider whether + to accept an uploaded hidden service descriptor, they no longer + check whether they are one of the relays in the network that is + "supposed" to handle that descriptor. Implements ticket 18332. + - We no longer maintain an internal freelist in memarea.c. Allocators + should be good enough to make this code unnecessary, and it's doubtful + that it ever had any performance benefit. + + o Major bugfixes (dns proxy mode, crash): + - Avoid crashing when running as a DNS proxy. Fixes bug 16248; bugfix on + 0.2.0.1-alpha. Patch from 'cypherpunks'. + + o Major bugfixes (security, pointers): + - Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug 18162; + bugfix on Tor 0.1.1.11-alpha, which fixed a related bug + incompletely. Reported by Guido Vranken. + + o Major bugfixes (compilation): + - Repair hardened builds under the clang compiler. Previously, + our use of _FORTIFY_SOURCE would conflict with clang's address + sanitizer. Fixes bug 14821; bugfix on 0.2.5.4-alpha. + + o Major bugfixes (crash on shutdown): + - Correctly handle detaching circuits from cmuxes when doing + circuit_free_all() on shutdown. Fixes bug 18116; bugfix on + 0.2.8.1-alpha. + + o Major bugfixes (relays, bridge clients): + - Ensure relays always allow IPv4 OR and Dir connections. + Ensure bridge clients use the address configured in the bridge line. + Fixes bug 18348; bugfix on 0.2.8.1-alpha. + Reported by sysrqb, patch by teor. + + o Minor feature (IPv6): + - Add ClientPreferIPv6DirPort, which is set to 0 by default. If set + to 1, tor prefers IPv6 directory addresses. + - Add ClientUseIPv4, which is set to 1 by default. If set to 0, tor + avoids using IPv4 for client OR and directory connections. + - Try harder to fulfil IP version restrictions ClientUseIPv4 0 and + ClientUseIPv6 0; and the preferences ClientPreferIPv6ORPort and + ClientPreferIPv6DirPort. + Closes ticket 17840; patch by "teor". + + o Minor features (bug-resistance): + - Make Tor survive errors involving connections without a corresponding + event object. Previously we'd fail with an assertion; now we produce a + log message. Related to bug 16248. + + o Minor features (build): + - Detect systems with FreeBSD-derived kernels (such as GNU/kFreeBSD) as + having possible IPfW support. Closes ticket 18448. Patch from + Steven Chamberlain. + + o Minor features (code hardening): + - Use tor_snprintf() and tor_vsnprintf() even in external and + low-level code, to harden against accidental failures to NUL- + terminate. Part of ticket 17852. Patch from 'jsturgix'. Found + with Flawfinder. + + o Minor features (compilation): + - Note our minimum required autoconf/automake versions in the + appropriate locations. Closes ticket 17732. + + o Minor features (crypto): + - Fix a segfault during startup: If unix socket was configured as + listener (such as a ControlSocket or a SocksPort unix socket), and + tor was started as root but not configured to switch to another + user, tor would segfault while trying to string compare a NULL + value. Fixes bug 18261; bugfix on 0.2.8.1-alpha. Patch by weasel. + - Validate the Diffie-Hellman hard coded parameters and ensure that + p is a safe prime, and g is suitable. Closes ticket 18221. + + o Minor features (geoip): + - Update geoip and geoip6 to the March 3 2016 Maxmind GeoLite2 + Country database. + + o Minor features (robustness): + - Exit immediately with an error message if the code attempts to + use libevent without having initialized it. This should resolve + some frequently-made mistakes in our unit tests. Closes ticket + 18241. + + o Minor features (unix domain sockets): + - Since some operating systems do not consider the actual modes on a + UNIX domain socket itself, tor does not allow creating such a + socket in a directory that is group or world accessible if it is + supposed to be private. Likewise, it will not allow only group + accessible sockets in a world accessible directory. + However, on some operating systems this is unnecessary, so + add a per-socket option called RelaxDirModeCheck. + Closes ticket 18458. Patch by weasel. + + o Minor features: + - Update geoip and geoip6 to the February 2 2016 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (build): + - Do not link the unit tests against both the testing and non-testing + versions of the static libraries. Fixes bug 18490; bugfix on + 0.2.7.1-alpha. + + o Minor bugfixes (client): + - Count receipt of new microdescriptors as progress towards + bootstrapping. Now, when a user who has set EntryNodes finishes + bootstrapping, Tor automatically repopulates the guard set based + on this new directory information. Fixes bug 16825; bugfix on + 0.2.3.1-alpha. + + o Minor bugfixes (code correctness): + - Update to the latest version of Trunnel, which tries harder + to avoid generating code that can invoke memcpy(p,NULL,0). + Bug found by clang address sanitizer. Fixes bug 18373; bugfix + on 0.2.7.2-alpha. + + o Minor bugfixes (configuration): + - Fix a tiny memory leak when parsing a port configuration ending in + ":auto". Fixes bug 18374; bugfix on 0.2.3.3-alpha. + + o Minor bugfixes (containers): + - If we somehow attempt to construct a heap with more than + 1073741822 elements, avoid an integer overflow when maintaining + the heap property. Fixes bug 18296; bugfix on 0.1.2.1-alpha. + + o Minor bugfixes (correctness): + - Fix a bad memory handling bug that would occur if we had queued + a cell on a channel's incoming queue. Fortunately, we can't actually + queue a cell like that as our code is constructed today, but it's best + to avoid this kind of error, even if there isn't any code that triggers + it today. Fixes bug 18570; bugfix on 0.2.4.4-alpha. + + o Minor bugfixes (crypto, static analysis): + - Silence spurious clang-scan warnings in the ed25519_donna code + by explicitly initialising some objects. + Fixes bug 18384; bugfix on 0f3eeca9 in 0.2.7.2-alpha. + Patch by "teor". + + o Minor bugfixes (directory): + - When generating a URL for a directory server on an IPv6 address, + wrap the IPv6 address in square brackets. Fixes bug 18051; + bugfix on 0.2.3.9-alpha. Patch from Malek. + + o Minor bugfixes (exit policies, security): + - Refresh an exit relay's exit policy when interface addresses change. + Previously, tor only refreshed the exit policy when the configured + external address changed. + Fixes bug 18208; bugfix on tor 0.2.7.3. Patch by "teor". + + o Minor bugfixes (hidden service client): + - Seven very fast consecutive requests to the same .onion address + triggers 7 descriptor fetches. The first six each pick a directory + (there are 6 overall) and the seventh one wasn't able to pick one + which was triggering a close on all current directory connections. It + has been fixed by not closing them if we have pending directory fetch. + Fixes bug 15937; bugfix on tor-0.2.7.1-alpha. + + o Minor bugfixes (hidden service, control port): + - Add the onion address to the HS_DESC event for the UPLOADED action + both on success or failure. It was previously hardcoded with UNKNOWN. + Fixes bug 16023; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (logging): + - Scrub service in from "unrecognized service ID" log messages. + Fixes bug 18600; bugfix on 0.2.4.11-alpha. + + o Minor bugfixes (memory safety): + - Avoid freeing an uninitialised pointer when opening a socket fails + in get_interface_addresses_ioctl. + Fixes bug 18454; bugfix on 9f06ec0c in tor-0.2.3.11-alpha. + Reported by "toralf" and "cypherpunks", patch by "teor". + - Correctly duplicate addresses in get_interface_address6_list. + Fixes bug 18454; bugfix on 110765f5 in tor-0.2.8.1-alpha. + Reported by "toralf", patch by "cypherpunks". + + o Minor bugfixes (private directory): + - Prevent a race condition when creating private directories. + Fixes part of bug 17852; bugfix on 0.2pre13. Part of ticket + 17852. Patch from 'jsturgix'. Found with Flawfinder. + + o Minor bugfixes (sandbox): + - Allow the setrlimit syscall, and the prlimit and prlimit64 syscalls, + which some libc implementations + use under the hood. Fixes bug 15221; bugfix on 0.2.5.1-alpha. + + o Minor bugfixes (security, hidden services): + - Prevent hidden services connecting to client-supplied rendezvous + addresses that are reserved as internal or multicast. + Fixes bug 8976; bugfix on b7c172c9e in tor-0.2.3.21. + Patch by "dgoulet" and "teor". + + o Minor bugfixes (security, win32): + - Set SO_EXCLUSIVEADDRUSE on Win32 to avoid a local port-stealing + attack. + Fixes bug 18123; bugfix on all tor versions. Patch by "teor". + + o Minor bugfixes (test networks, IPv6): + - Allow internal IPv6 addresses in descriptors in test networks. + Fixes bug 17153; bugfix on 6b4af1071 in 0.2.3.16-alpha. + Patch by "teor", reported by "karsten". + + o Minor bugfixes (testing): + - We no longer disable assertions in the unit tests when coverage + is enabled. Instead, we require you to say --disable-asserts-in-tests + to the configure script if you need assertions disabled in the + unit tests (for example, if you want to perform branch coverage). + Fixes bug 18242; bugfix on 0.2.7.1-alpha. + + o Minor bugfixes: + - Bridges now refuse "rendezvous2" (hidden service descriptor) + publish attempts. Suggested by ticket 18332. + + o Code simplification and refactoring: + - Quote all the string interpolations in configure.ac -- even + those which we are pretty sure can't contain spaces. Closes + ticket 17744. Patch from "zerosion". + - Remove specialized code for non-inplace AES_CTR. 99% of our AES + is inplace, so there's no need to have a separate implementation + for the non-inplace code. Closes ticket 18258. Patch from + Malek. + - Simplify return types for some crypto functions that can't + actually fail. Patch from Hassan Alsibyani. Closes ticket + 18259. + + o Dependency updates: + - Tor now uses Autoconf version 2.63 or later, and Automake 1.11 or later + (released in 2008 and 2009 respectively). If you are building Tor from + the git repository instead of from the source distribution, and your + tools are older than this, you will need to upgrade. + Closes ticket 17732. + + o Documentation: + - Change build messages to refer to "Fedora" instead of "Fedora Core", + and "dnf" instead of "yum". Closes tickets 18459 and 18426. + Patches from "icanhasaccount" and "cypherpunks". + + o Testing: + - Fix several warnings from clang's address sanitizer produced in the + unit tests. + - Treat backtrace test failures as expected on FreeBSD until we + solve bug 17808. Closes ticket 18204. + + Changes in version 0.2.8.1-alpha - 2016-02-04 Tor 0.2.8.1-alpha is the first alpha release in its series. It includes numerous small features and bugfixes against previous Tor |