summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog86
-rw-r--r--changes/bug104055
-rw-r--r--changes/bug106164
-rw-r--r--changes/bug119707
-rw-r--r--changes/bug12169_simple5
-rw-r--r--changes/bug1217011
-rw-r--r--changes/bug12184_diagnostic4
-rw-r--r--changes/bug121917
-rw-r--r--changes/bug121957
-rw-r--r--changes/bug122275
-rw-r--r--changes/bug679920
-rw-r--r--changes/bug87464
-rw-r--r--changes/geoip6-june20142
-rw-r--r--changes/more_8387_diagnosis4
-rw-r--r--changes/move-authdir-options4
-rw-r--r--changes/not_bug_80934
-rwxr-xr-xscripts/maint/format_changelog.py18
-rwxr-xr-xscripts/maint/sortChanges.py9
18 files changed, 107 insertions, 99 deletions
diff --git a/ChangeLog b/ChangeLog
index 3dfb40aa4e..cddd5adbf4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,24 @@
-Changes in version 0.2.5.5-alpha - 2014-06-??
+Changes in version 0.2.5.5-alpha - 2014-06-1?
Write a blurb here.
+ o Major features (security, traffic analysis resistance):
+ - Increase the base amount of time that a canonical connection (one
+ that we have made to a known OR) is allowed to stay idle from 3
+ minutes to 15 minutes. This leaks less information about when
+ circuits have closed, and avoids unnecessary overhead from
+ renegotiating connections. Part of a fix for ticket 6799.
+ - Instead of closing connections after they have been idle for a
+ fixed interval, randomly add up to 50% to each connection's
+ maximum timeout. This makes it harder to tell when the last
+ circuit closed by looking at when a connection closes. Part of a
+ fix for ticket 6799.
+ - Base connection idleness tests on the actual time elapsed since
+ the connection last had circuits, not on the time when we last
+ added non-padding. This change also makes it harder for an
+ observer to tell when the last circuit closed by looking at when a
+ connection closes. Part of a fix for ticket 6799. Incidentally
+ fixes bug 12023; bugfix on 0.2.5.1-alpha.
+
o Major bugfixes (security, OOM, new since 0.2.5.4-alpha, also in 0.2.4.22):
- Fix a memory leak that could occur if a microdescriptor parse
fails during the tokenizing step. This bug could enable a memory
@@ -13,6 +31,11 @@ Changes in version 0.2.5.5-alpha - 2014-06-??
directory object. Previously, relays would used tunnel connections
under a fairly wide variety of circumstances. Fixes bug 11469;
bugfix on 0.2.4.3-alpha.
+ - When a circuit accidentally has the same circuit ID for its
+ forward and reverse direction, correctly detect the direction of
+ cells using that circuit. Previously, this would have made roughly
+ one circuit in a million non-functional. Fixes bug 12195; this is
+ a bugfix on every version of Tor.
o Major bugfixes (security, directory authorities):
- Directory authorities now include a digest of each relay's
@@ -30,6 +53,12 @@ Changes in version 0.2.5.5-alpha - 2014-06-??
attacker from causing a microdescriptor collision, because the
router's identity is not forgeable.
+ o Major bugfixes (client, pluggable transports):
+ - When managing pluggable transports, use OS notification facilities
+ to learn if they have crashed, and do not attempt to kill any
+ process that has already exited. Fix for bug 8746; bugfix
+ on 0.2.3.6-alpha.
+
o Minor features (diagnostic):
- When logging a warning because of bug #7164, additionally check
the hash table for consistency (as proposed on ticket #11737).
@@ -42,8 +71,13 @@ Changes in version 0.2.5.5-alpha - 2014-06-??
diagnosing bug 11233.
- Give more specific warnings when we notice at the client side that
an onion handshake has failed. Fixes ticket 9635.
+ - Add significant new logging code to attempt to diagnose bug 12184,
+ where relays seem to run out of available circuit IDs.
+ - Improve the diagnostic log message for bug #8387 even further to
+ try to improve our odds of figuring out why one-hop directory
+ circuits sometimes do not get closed.
- o Minor features (security, memory management)):
+ o Minor features (security, memory management):
- Add configure options controlling allocator tricks like mempools
and freelists, and turn them off by default; on most platforms
malloc is reasonable enough for this not to be necessary, and a
@@ -61,12 +95,29 @@ Changes in version 0.2.5.5-alpha - 2014-06-??
support for libseccomp on systems that have it, in case it (or
Tor's use of it) is broken. Resolves ticket 11628.
+ o Minor features (other):
+ - Update geoip and geoip6 to the June 4 2014 Maxmind GeoLite2
+ Country database.
+
o Minor bugfixes (configuration, security, new since 0.2.5.4-alpha, also in 0.2.4.22):
- When running a hidden service, do not allow TunneledDirConns 0;
this will keep the hidden service from running, and also
make it publish its descriptors directly over HTTP. Fixes bug 10849;
bugfix on 0.2.1.1-alpha.
+ o Minor bugfixes (performance):
+ - Do not recompute whether we have sufficient information to build
+ circuits every time we make a successful connection. Previously,
+ we would forget our cached value for this flag every time we
+ successfully opened a channel (or marked a router as running or
+ not running for any other reason), regardless of whether we had
+ previously believed the router to be running. This forced us to
+ run a fairly expensive update operation with relatively high
+ frequency. Fixes bug 12170; bugfix on 0.1.2.1-alpha.
+ - Avoid using tor_memeq() for checking relay cell integrity. This
+ removes a possible performance bottleneck. Fixes part of bug
+ 12169; bugfix on 0.2.1.31.
+
o Minor bugfixes (compilation):
- Fix compilation of test_status.c when building with MVSC. Bugfix
on 0.2.5.4-alpha. Patch from Gisle Vanem.
@@ -140,6 +191,12 @@ Changes in version 0.2.5.5-alpha - 2014-06-??
- Handle failures in getpwnam()/getpwuid() when running with the
User option set and the Linux syscall sandbox enabled. Fixes bug
11946; bugfix on 0.2.5.1-alpha.
+ - Refactor the getaddrinfo workaround that the seccomp sandbox uses
+ to avoid calling getaddrinfo() after installing the sandbox
+ filters. Previously, it preloaded a cache with the IPv4 address
+ for our hostname, and nothing else. Now, it loads the cache with
+ every address that it used to initialize the Tor process. Fixes
+ bug 11970; bugfix on 0.2.5.1-alpha.
o Minor bugfixes (pluggable transports):
- Enable the ExtORPortCookieAuthFile option, to allow changing the
@@ -152,6 +209,12 @@ Changes in version 0.2.5.5-alpha - 2014-06-??
descriptors for our bridges. Fixes bug 11965; bugfix
on 0.2.3.6-alpha.
+ o Minor bugfixes (client):
+ - Avoid "Tried to open a socket with DisableNetwork set" warnings
+ when starting a client with bridges configured and DisableNetwork
+ set. (Tor launcher starts Tor with DisableNetwork set the first
+ time.) Fixes bug 10405; bugfix on 0.2.3.9-alpha.
+
o Minor bugfixes (testing):
- The Python parts of the test scripts now work on Python 3 as well
as Python 2, so systems where '/usr/bin/python' is Python 3 will
@@ -188,9 +251,25 @@ Changes in version 0.2.5.5-alpha - 2014-06-??
error value, even on success. Fixes bug 11805; bugfix
on 0.2.5.4-alpha.
+ o Minor bugfixes (relay, other):
+ - We now drop CREATE cells for already-existent circuit IDs and for
+ zero-valued circuit IDs, regardless of other factors that might
+ otherwise have called for DESTROY cells. Fixes bug 12191; bugfix
+ on 0.0.8pre1.
+ - Avoid an illegal read from stack when initializing the TLS module
+ using a version of OpenSSL without all of the ciphers used by the
+ v2 link handshake. Fixes bug 12227; bugfix on 0.2.4.8-alpha. Found
+ by "starlight".
+ - When rejecting DATA cells for stream_id zero, still count them
+ against the circuit's deliver window so that we don't get fail to
+ send a SENDME. Fix for bug 11246; bugfix on 0.2.4.10-alpha.
+
o Minor bugfixes (logging):
- Fix a misformatted log message about delayed directory fetches.
Fixes bug 11654; bugfix on 0.2.5.3-alpha.
+ - Squelch a spurious LD_BUG message "No origin circuit for
+ successful SOCKS stream" in certain hidden service failure cases;
+ fixes bug #10616.
o Distribution:
- Include a tor.service file in contrib/dist for use with systemd.
@@ -204,6 +283,9 @@ Changes in version 0.2.5.5-alpha - 2014-06-??
directory authority options, remove the documentation for a
V2-directory fetching option that no longer exists. Resolves
ticket 11634.
+ - In the manpage, move more authority-only options into the
+ directory authority section so that operators of regular directory
+ caches don't get confused.
o Package cleanup:
- The contrib directory has been sorted and tidy. Before, it was an
diff --git a/changes/bug10405 b/changes/bug10405
deleted file mode 100644
index d1110e44eb..0000000000
--- a/changes/bug10405
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - Avoid "Tried to open a socket with DisableNetwork set" warnings
- when starting a client with bridges configured and DisableNetwork
- set. (Tor launcher starts Tor with DisableNetwork set the first
- time.) Fixes bug 10405; bugfix on 0.2.3.9-alpha.
diff --git a/changes/bug10616 b/changes/bug10616
deleted file mode 100644
index 26f0bda85e..0000000000
--- a/changes/bug10616
+++ /dev/null
@@ -1,4 +0,0 @@
- o Bugfixes:
- - Squelch a spurious LD_BUG message "No origin circuit for successful
- SOCKS stream" in certain hidden service failure cases; fixes bug
- #10616.
diff --git a/changes/bug11970 b/changes/bug11970
deleted file mode 100644
index 896f0cfaf3..0000000000
--- a/changes/bug11970
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes (linux seccomp sandbox):
- - Refactor the getaddrinfo workaround that the seccomp sandbox
- uses to avoid calling getaddrinfo() after installing the sandbox
- filters. Previously, it preloaded a cache with the IPv4 address
- for our hostname, and nothing else. Now, it loads the cache with
- every address that it used to initialize the Tor process. Fixes
- bug 11970; bugfix on 0.2.5.1-alpha.
diff --git a/changes/bug12169_simple b/changes/bug12169_simple
deleted file mode 100644
index f9a3007755..0000000000
--- a/changes/bug12169_simple
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (performance):
- - Avoid using tor_memeq() for checking relay cell integrity.
- This removes a possible performance bottleneck. Fixes part of bug
- 12169; bugfix on 0.2.1.31.
-
diff --git a/changes/bug12170 b/changes/bug12170
deleted file mode 100644
index e462e4fa7a..0000000000
--- a/changes/bug12170
+++ /dev/null
@@ -1,11 +0,0 @@
- o Major bugfixes (performance):
- - Do not recompute whether we have sufficient information to build
- circuits every time we make a successful connection. Previously,
- we would forget our cached value for this flag every time we
- successfully opened a channel (or marked a router as running or not
- running for any
- other reason), regardless of whether we had
- previously believed the router to be running. This forced us to
- run a fairly expensive update operation with relatively
- high frequency.
- Fixes bug 12170; bugfix on 0.1.2.1-alpha.
diff --git a/changes/bug12184_diagnostic b/changes/bug12184_diagnostic
deleted file mode 100644
index 3c783b17d9..0000000000
--- a/changes/bug12184_diagnostic
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (diagnostic):
- - Add significant new logging code to attempt to diagnose bug 12184,
- where relays seem to run out of available circuit IDs.
-
diff --git a/changes/bug12191 b/changes/bug12191
deleted file mode 100644
index 77589ab311..0000000000
--- a/changes/bug12191
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes:
-
- - We now drop CREATE cells for already-existent circuit IDs and
- for zero-valued circuit IDs, regardless of other factors that
- might otherwise have called for DESTROY cells. Fixes bug 12191;
- bugfix on 0.0.8pre1.
-
diff --git a/changes/bug12195 b/changes/bug12195
deleted file mode 100644
index f798129e64..0000000000
--- a/changes/bug12195
+++ /dev/null
@@ -1,7 +0,0 @@
- o Major bugfixes:
- - When a circuit accidentally has the same circuit ID for its
- forward and reverse direction, correctly detect the direction of
- cells using that circuit. Previously, this would have made
- roughly one circuit in a million non-functional. Fixes bug
- 12195; this is a bugfix on every version of Tor.
-
diff --git a/changes/bug12227 b/changes/bug12227
deleted file mode 100644
index d8b5d08a55..0000000000
--- a/changes/bug12227
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - Avoid an illegal read from stack when initializing the TLS
- module using a version of OpenSSL without all of the ciphers
- used by the v2 link handshake. Fixes bug 12227; bugfix on
- 0.2.4.8-alpha. Found by "starlight".
diff --git a/changes/bug6799 b/changes/bug6799
deleted file mode 100644
index 72b6519a2a..0000000000
--- a/changes/bug6799
+++ /dev/null
@@ -1,20 +0,0 @@
- o Major features:
-
- - Increase the base amount of time that a canonical connection
- (one that we have made to a known OR) is allowed to stay idle
- from 3 minutes to 15 minutes. This leaks less information
- about when circuits have closed, and avoids unnecessary overhead
- from renegotiating connections. Part of a fix for ticket 6799.
-
- - Instead of closing connections after they have been idle for a
- fixed interval, randomly add up to 50% to each connection's
- maximum timeout. This makes it harder to tell when the last
- circuit closed by looking at when a connection closes. Part of a
- fix for ticket 6799.
-
- - Base connection idleness tests on the actual time elapsed since
- the connection last had circuits, not on the time when we last
- added non-padding. This change also makes it harder for an
- observer to tell when the last circuit closed by looking at when
- a connection closes. Part of a fix for ticket 6799.
- Incidentally fixes bug 12023; bugfix on 0.2.5.1-alpha.
diff --git a/changes/bug8746 b/changes/bug8746
deleted file mode 100644
index b6e52ca43b..0000000000
--- a/changes/bug8746
+++ /dev/null
@@ -1,4 +0,0 @@
- o Major bugfixes:
- - When managing pluggable transports, use OS notification facilities to
- learn if they have crashed, and do not attempt to kill any process
- that has already exited. Fix for bug 8746; bugfix on 0.2.3.6-alpha.
diff --git a/changes/geoip6-june2014 b/changes/geoip6-june2014
deleted file mode 100644
index 1a33e6fb45..0000000000
--- a/changes/geoip6-june2014
+++ /dev/null
@@ -1,2 +0,0 @@
- o Minor features:
- - Update geoip and geoip6 to the June 4 2014 Maxmind GeoLite2 Country database.
diff --git a/changes/more_8387_diagnosis b/changes/more_8387_diagnosis
deleted file mode 100644
index 68a36a113a..0000000000
--- a/changes/more_8387_diagnosis
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (diagnostic):
- - Improve the diagnostic log message for bug #8387 even further to
- try to improve our odds of figuring out why one-hop directory
- circuits sometimes do not get closed.
diff --git a/changes/move-authdir-options b/changes/move-authdir-options
deleted file mode 100644
index 05669b8259..0000000000
--- a/changes/move-authdir-options
+++ /dev/null
@@ -1,4 +0,0 @@
- o Documentation:
- - In the manpage, move more authority-only options into the
- directory authority section so that operators of regular
- directory caches don't get confused.
diff --git a/changes/not_bug_8093 b/changes/not_bug_8093
deleted file mode 100644
index 98b4219268..0000000000
--- a/changes/not_bug_8093
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - When rejecting DATA cells for stream_id zero, still count them against
- the circuit's deliver window so that we don't get fail to send a
- SENDME. Fix for bug 11246; bugfix on 0.2.4.10-alpha.
diff --git a/scripts/maint/format_changelog.py b/scripts/maint/format_changelog.py
index 86f5c50398..f67e89b602 100755
--- a/scripts/maint/format_changelog.py
+++ b/scripts/maint/format_changelog.py
@@ -270,7 +270,16 @@ class ChangeLog(object):
CL = ChangeLog()
parser = head_parser
-sys.stdin = open('ChangeLog', 'r')
+if len(sys.argv) == 1:
+ fname = 'ChangeLog'
+else:
+ fname = sys.argv[1]
+
+fname_new = fname+".new"
+
+sys.stdin = open(fname, 'r')
+
+nextline = None
for line in sys.stdin:
line = line.rstrip()
@@ -286,13 +295,14 @@ for line in sys.stdin:
CL.lint()
-sys.stdout = open('ChangeLog.new', 'w')
+sys.stdout = open(fname_new, 'w')
CL.dump()
-print nextline
+if nextline is not None:
+ print nextline
for line in sys.stdin:
sys.stdout.write(line)
-os.rename('ChangeLog.new', 'ChangeLog')
+os.rename(fname_new, fname)
diff --git a/scripts/maint/sortChanges.py b/scripts/maint/sortChanges.py
index f70490bad7..726a723f93 100755
--- a/scripts/maint/sortChanges.py
+++ b/scripts/maint/sortChanges.py
@@ -1,4 +1,13 @@
#!/usr/bin/python
+# Copyright (c) 2014, The Tor Project, Inc.
+# See LICENSE for licensing information
+
+"""This script sorts a bunch of changes files listed on its command
+ line into roughly the order in which they should appear in the
+ changelog.
+
+ TODO: collation support.
+"""
import re
import sys