summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog429
-rw-r--r--changes/111506
-rw-r--r--changes/170043
-rw-r--r--changes/170753
-rw-r--r--changes/170783
-rw-r--r--changes/170823
-rw-r--r--changes/170843
-rw-r--r--changes/175734
-rw-r--r--changes/178265
-rw-r--r--changes/179263
-rw-r--r--changes/179443
-rw-r--r--changes/74196
-rw-r--r--changes/bug156382
-rw-r--r--changes/bug163823
-rw-r--r--changes/bug165636
-rw-r--r--changes/bug166516
-rw-r--r--changes/bug16794_ed3
-rw-r--r--changes/bug170033
-rw-r--r--changes/bug170265
-rw-r--r--changes/bug17027-reject-private-bind-port6
-rw-r--r--changes/bug171947
-rw-r--r--changes/bug173474
-rw-r--r--changes/bug174193
-rw-r--r--changes/bug175444
-rw-r--r--changes/bug175493
-rw-r--r--changes/bug17562-DataDirectoryGroupReadable5
-rw-r--r--changes/bug17562-allow-root-group-read7
-rw-r--r--changes/bug17562-defer-unix-socket-creation5
-rw-r--r--changes/bug17572-fallback-by-digest5
-rw-r--r--changes/bug175834
-rw-r--r--changes/bug175897
-rw-r--r--changes/bug17632-no-ipv4-no-localhost5
-rw-r--r--changes/bug17638-ipv6-ersatz-socketpair5
-rw-r--r--changes/bug176754
-rw-r--r--changes/bug176833
-rw-r--r--changes/bug176864
-rw-r--r--changes/bug17694_strongest6
-rw-r--r--changes/bug177534
-rw-r--r--changes/bug177783
-rw-r--r--changes/bug177914
-rw-r--r--changes/bug178043
-rw-r--r--changes/bug178183
-rw-r--r--changes/bug178194
-rw-r--r--changes/bug178273
-rw-r--r--changes/bug178433
-rw-r--r--changes/bug178765
-rw-r--r--changes/bug178924
-rw-r--r--changes/bug178934
-rw-r--r--changes/bug179064
-rw-r--r--changes/bug179234
-rw-r--r--changes/bug179244
-rw-r--r--changes/bug180507
-rw-r--r--changes/bug180895
-rw-r--r--changes/bug4483-multiple-consensus-downloads9
-rw-r--r--changes/bug60274
-rw-r--r--changes/check-crypto-errors4
-rw-r--r--changes/cleanup_175873
-rw-r--r--changes/decouple_circuit_mark6
-rw-r--r--changes/decouple_conn_attach6
-rw-r--r--changes/doc173924
-rw-r--r--changes/feature125386
-rw-r--r--changes/feature136963
-rw-r--r--changes/feature148464
-rw-r--r--changes/feature15775-fallback19
-rw-r--r--changes/feature167743
-rw-r--r--changes/feature170763
-rw-r--r--changes/feature173275
-rw-r--r--changes/feature17576-UseDefaultFallbackDirs4
-rw-r--r--changes/feature176084
-rw-r--r--changes/feature176633
-rw-r--r--changes/feature177966
-rw-r--r--changes/feature178636
-rw-r--r--changes/feature178645
-rw-r--r--changes/feature179505
-rw-r--r--changes/feature179516
-rw-r--r--changes/feature179863
-rw-r--r--changes/feature81956
-rw-r--r--changes/feature8961-replaycache-sha2564
-rw-r--r--changes/first-hop-no-private6
-rw-r--r--changes/geoip-january20164
-rw-r--r--changes/getinfo-private-exitpolicy6
-rw-r--r--changes/laplace-edge-cases9
-rw-r--r--changes/log_heartbeat_test6
-rw-r--r--changes/rand-failure-modes5
-rw-r--r--changes/routerset-parse-IPv6-literals3
-rw-r--r--changes/sha-unit-tests3
-rw-r--r--changes/test168313
-rw-r--r--changes/ticket159899
-rw-r--r--changes/ticket171584
-rw-r--r--changes/warn-when-time-goes-backwards5
-rwxr-xr-xscripts/maint/sortChanges.py28
91 files changed, 456 insertions, 416 deletions
diff --git a/ChangeLog b/ChangeLog
index b59ec43467..d76d13496d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,432 @@
+Changes in version 0.2.8.1-alpha - 2016-02-0?
+ XXXX Blurb goes here XXXX
+
+ o Major features (consensus downloads):
+ - Schedule multiple in-progress consensus downloads during client
+ bootstrap. Use the first one that starts downloading, close the
+ rest. This reduces failures when authorities are slow or down.
+ Together with the code for feature 15775, it reduces failures due to fallback churn.
+ Implements ticket 4483 (reduce failures when authorities are down).
+ Patch by "teor".
+ Implements IPv4 portions of proposal 210 by "mikeperry" and
+ "teor".
+
+ o Major features (controller):
+ - New "GETINFO hs/service/desc/id/" command to retrieve a hidden service
+ descriptor from a service's local hidden service descriptor cache.
+ Closes ticket 14846.
+
+ o Major features (directory mirrors):
+ - Include an opt-in trial list of Default Fallback Directories in
+ add_default_fallback_dir_servers().
+ "Tor has included a feature to fetch the initial consensus from nodes
+ other than the authorities for a while now. We just haven't shipped a
+ list of alternate locations for clients to go to yet.
+ Reasons why we might want to ship tor with a list of additional places
+ where clients can find the consensus is that it makes authority
+ reachability and BW less important.
+ We want them to have been around and using their current key, address,
+ and port for a while now (120 days), and have been running, a guard,
+ and a v2 directory mirror for most of that time."
+ We exclude BadExits and tor versions that aren't recommended.
+ We include an IPv6 address for each FallbackDir (see ticket 8374).
+ (Tor might not use IPv6 fallbacks until ticket the code for ticket6027 is merged.)
+ The unit test ensures that we successfully load all included
+ default fallback directories.
+ Closes ticket 15775. Patch by "teor".
+ OnionOO script by "weasel", "teor", "gsathya", and "karsten".
+
+ o Major features (relay):
+ - When Tor is started as root on Linux and told to switch user ID, it
+ can now retain the capabilitity to bind to low ports. By default,
+ Tor will do this only when it's switching user ID and some low
+ ports have been configured. You can change this behavior with
+ the new option KeepBindCapabilities. Closes ticket 8195.
+
+ o Minor feature (crypto):
+ - Add SHA512 support to crypto.c. Closes ticket 17663; patch from
+ George Tankersley.
+
+ o Minor feature (directory downloads):
+ - Wait for busy authorities and fallbacks to become non-busy when
+ bootstrapping. (A similar change was made in 6c443e987d for
+ directory servers chosen from the consensus.)
+ Closes ticket 17864; patch by "teor".
+
+ o Minor feature (fallback directories):
+ - Add UseDefaultFallbackDirs, which enables any hard-coded fallback
+ directory mirrors. Default is 1, set it to 0 to disable fallbacks.
+ Implements ticket 17576. Patch by "teor".
+
+ o Minor feature (IPv6):
+ - Add a flag ipv6=address:orport to the DirAuthority and FallbackDir torrc
+ options. Add hard-coded ipv6 addresses for directory authorities with
+ ipv6 lines in their descriptors.
+ Closes ticket 17327; patch from Nick Mathewson / "teor".
+ - Add address policy assume_action support for IPv6 addresses.
+ - Limit IPv6 mask bits to 128.
+ - Warn when comparing against an AF_UNSPEC address in a policy,
+ it's almost always a bug.
+ Closes ticket 17863; patch by "teor".
+
+ o Minor feature (logging):
+ - When logging to syslog, allow a tag to be added to the syslog
+ identity ("Tor"), i.e. the string prepended to every log message.
+ The tag can be configured by setting SyslogIdentityTag and defaults
+ to none. Setting it to "foo" will cause logs to be tagged as
+ "Tor-foo". Closes ticket 17194.
+
+ o Minor feature (refactoring):
+ - Move logging of redundant policy entries in
+ policies_parse_exit_policy_internal into its own function.
+ Closes ticket 17608; patch from "juce".
+
+ o Minor features (accounting):
+ - Added two modes to AccountingRule in torrc for
+ limiting just input or just output.
+ Closes ticket 15989; patch from "unixninja92".
+
+ o Minor features (authorities):
+ - Update the V3 identity key for dannenberg: it was changed on
+ 18 November 2015.
+ Closes task 17906. Patch by "teor".
+
+ o Minor features (build):
+ - Since our build process now uses 'make distcheck', we no longer force
+ "make dist" to depend on "make check". Closes ticket 17893;
+ patch from "cypherpunks."
+
+ o Minor features (compilation):
+ - Repair some compilation issues with some recent (unreleased, alpha)
+ vesions of OpenSSL 1.1. Closes ticket 17549.
+
+ o Minor features (controller):
+ - Adds FallbackDir entries to 'GETINFO config/defaults'. Closes tickets
+ 16774 and 17817. Patch by George Tankersley.
+
+ o Minor features (crypto):
+ - When allocating a digest state object, allocate no more space than we
+ actually need. Previously, we were allocating as much space as the
+ state for the largest algorithm would need. This change saves up to
+ 672 bytes per circuit. Closes ticket 17796.
+
+ o Minor features (directory system):
+ Previously only relays who explicitly opened a directory port (DirPort)
+ accepted directory requests from clients. Now all relays, with and without
+ a DirPort, who do not disable the DirCache option accept and serve
+ directory requests sent (tunnelled) through their ORPort.
+ Closes ticket 12538.
+
+ o Minor features (exit policies, controllers):
+ - Add controller getinfo exit-policy/reject-private/[default,relay]
+ for the reject rules added by ExitPolicyRejectPrivate. This makes
+ it easier for stem to display exit policies.
+ - Add unit tests for getinfo exit-policy/*.
+ Finishes implementation for ticket 17183. Patch by "teor".
+
+ o Minor features (fallback directories):
+ - Add a set of default fallback directories for the 0.2.8 alpha releases.
+ Closes ticket 17158.
+ Patch by "teor".
+
+ o Minor features (geoip):
+ - Update geoip and geoip6 to the January 5 2016 Maxmind GeoLite2
+ Country database.
+
+ o Minor features (IPv6 support):
+ - Allow users to configure directory authorities and fallback
+ directory servers with IPv6 addresses and ORPorts. Resolves
+ ticket 6027.
+
+ o Minor features (portability):
+ - Use timingsafe_memcmp() where available. Closes ticket 17944;
+ patch from <logan@hackers.mu>.
+
+ o Minor features (relay, address discovery):
+ - Add a family argument to get_interface_addresses_raw() and
+ subfunctions to make network interface address interogation more
+ efficient. Now Tor can specifically ask for IPv4, IPv6 or both
+ types of interfaces from the operating system. Resolves ticket 17950.
+ - When get_interface_address6_list(.,AF_UNSPEC,.) is called and fails
+ to enumerate interface addresses using the platform-specific API,
+ have it rely on the UDP socket fallback technique to try and find
+ out what IP addresses (both IPv4 and IPv6) our machine has. Resolves
+ ticket 17951.
+
+ o Minor features (replaycache):
+ - The replay cache now uses SHA256 instead of SHA1.
+ Implements feature 8961.
+ Patch by "teor", issue reported by "rransom".
+
+ o Minor features (security):
+ - Adjust Tor's use of OpenSSL's RNG APIs so that they absolutely,
+ positively are not allowed to fail. Previously we depended on
+ internals about OpenSSL behavior. Closes ticket 17686.
+ - Never use the system entropy output directly for anything besides
+ seeding the PRNG. When we want to generate important keys, instead
+ of using system entropy directly, hash it with the PRNG stream.
+ This may help resist certain attacks based on broken OS entropy
+ implementations. Closes part of ticket 17694.
+ - Set unused entires in a smartlist to NULL. This helped catch a
+ (harmless) bug, and shouldn't affect performance too much.
+ Implements ticket 17026.
+ - Use SecureMemoryWipe() function to securely clean memory on
+ Windows. Implements feature 17986.
+ - Use explicit_bzero or memset_s when present. Previously, we'd use
+ OpenSSL's OPENSSL_cleanse() function.
+ Closes ticket 7419; patches from <logan@hackers.mu> and <selven@hackers.mu>.
+
+ o Minor features (security, clock):
+ - Warn when the system clock is set back in time (when the
+ state file was last written in the future). Tor doesn't know
+ that consensuses have expired if the clock is in the past.
+ Patch by "teor". Implements ticket 17188.
+
+ o Minor features (security, cryptography):
+ - Use modern system calls to generate strong entropy on platforms that
+ provide them. Closes ticket 13696.
+
+ o Minor features (testing):
+ - Log more information when the backtrace tests fail.
+ Closes ticket 17892. Patch from "cypherpunks."
+
+ o Minor features (unit tests, random number generation):
+ - Add unit tests that check for common RNG failure modes, such as
+ returning all zeroes, identical values, or incrementing values
+ (OpenSSL's rand_predictable feature).
+ Patch by "teor".
+
+ o Minor features (unix permissions):
+ - Defer creation of Unix sockets until after setuid. This avoids needing
+ CAP_CHOWN and CAP_FOWNER when using systemd's CapabilityBoundingSet, or
+ chown and fowner when using SELinux.
+ Implements part of ticket 17562. Patch from Jamie Nguyen.
+ - If any directory created by Tor is marked as group readable, the
+ filesystem group is allowed to be either the default GID or the root
+ user. Allowing root to read the DataDirectory prevents the need for
+ CAP_READ_SEARCH when using systemd's CapabilityBoundingSet, or
+ dac_read_search when using SELinux.
+ Implements part of ticket 17562. Patch from Jamie Nguyen.
+ - Introduce DataDirectoryGroupReadable boolean. If set to 1, the
+ DataDirectory will be made readable by the default GID.
+ Implements part of ticket 17562. Patch from Jamie Nguyen.
+
+ o Minor bugfix (crypto):
+ - Check the return value of HMAC and assert on failure.
+ Fixes bug 17658; bugfix on 0.2.3.6-alpha.
+ Patch by "teor".
+
+ o Minor bugfix (fallback directories):
+ - Mark fallbacks as "too busy" when they return a 503 response,
+ rather than just marking authorities.
+ Fixes bug 17572; bugfix on 5c51b3f1f0d4 released in 0.2.4.7-alpha.
+ Patch by "teor".
+
+ o Minor bugfix (IPv6 compatibility, unit tests):
+ - Make tor_ersatz_socketpair work on IPv6-only systems.
+ Fixes bug 17638; bugfix on 0.0.2pre8.
+ Patch by "teor".
+
+ o Minor bugfix (relays, hidden services):
+ - Refuse connection requests to private OR addresses unless
+ ExtendAllowPrivateAddresses is set. Previously, tor would
+ connect, then refuse to send any cells to a private address.
+ Fixes bugs 17674 and 8976; bugfix on 0.2.3.21-rc.
+ Patch by "teor".
+
+ o Minor bugfix (SipHash-2-4 performance):
+ - Improve performance when hashing non-multiple of 8 sized buffers,
+ based on Andrew Moon's Public Domain SipHash-2-4 implementation.
+ Fixes bug 17544; bugfix on 0.2.5.3-alpha.
+
+ o Minor bugfix (testing):
+ - The test for log_heartbeat was incorrectly failing in timezones
+ with non-integer offsets. Instead of comparing the end of the
+ time string against a constant, compare it to the output of
+ format_local_iso_time when given the correct input.
+ Fixes bug 18039; bugfix on 0.2.5.4-alpha.
+
+ o Minor bugfix (unit tests):
+ - Make unit tests pass on IPv6-only systems, and systems without
+ localhost addresses (like some FreeBSD jails).
+ Fixes bug 17632; bugfix on 0.2.7.3-rc.
+ Patch by "teor".
+
+ o Minor bugfixes (accounting):
+ - The max bandwidth when using AccountRule sum
+ is now correctly logged. Fixes bug 18024; bugfix on 0.2.6.1-alpha.
+ Patch from "unixninja92".
+
+ o Minor bugfixes (build):
+ - Mark all object files that include micro-revision.i as depending on
+ it, so as to make our build more reliable with parallel builds.
+ Fixes bug 17826; bugfix on 0.2.5.1-alpha.
+
+ o Minor bugfixes (client, correctness):
+ - When closing an entry connection, generate a warning if we should
+ have sent an end cell for it but we haven't. Fixes bug 17876;
+ bugfix on 0.2.3.2-alpha.
+
+ o Minor bugfixes (code correctness):
+ - Assert that allocated memory held by the reputation code is freed
+ according to its internal counters. Fixes bug 17753; bugfix on
+ tor-0.1.1.1-alpha.
+
+ o Minor bugfixes (compilation):
+ - Don't try to use the pthrad_condattr_setclock() function unless
+ it actually exists. Fixes compilation on NetBSD-6.x. Fixes bug
+ 17819; bugfix on 0.2.6.3-alpha.
+ - Fix backtrace compilation on FreeBSD. Fixes bug 17827; bugfix on
+ tor-0.2.5.2-alpha.
+ - Fix compilation of sandbox.c with musl-libc.
+ Fixes bug 17347; bugfix on 0.2.5.1-alpha.
+ Patch from 'jamestk'.
+ - Fix search for libevent libraries on OpenBSD (and similar systems
+ which install libevent 1 and libevent 2 in parallel). Fixes bug
+ 16651; bugfix on 0.1.0.7-rc.
+ Patch from "rubiate".
+ - Isolate environment variables meant for tests from the rest of the
+ build system. Fixes bug 17818; bugfix on tor-0.2.7.3-rc.
+ - Replace usage of 'INLINE' with 'inline'. Fixes bug 17804; bugfix
+ on tor-0.0.2pre8.
+
+ o Minor bugfixes (IPv6):
+ - Update the limits in max_dl_per_request for IPv6 address
+ length. Fixes bug 17573; bugfix on 0.2.1.5-alpha.
+
+ o Minor bugfixes (linux seccomp2 sandbox):
+ - Fix a crash when using offline master ed25519 keys with the
+ Linux seccomp2 sandbox enabled. Fixes bug 17675; bugfix on
+ 0.2.7.3-alpha.
+
+ o Minor bugfixes (logging):
+ - In log messages that include a function name, use __FUNCTION__ instead
+ of __PRETTY_FUNCTION__. In GCC, these are synonymous, but with clang
+ __PRETTY_FUNCTION__ has extra information we don't need.
+ Fixes bug 16563; bugfix on 0.0.2pre8. Fix by Tom van der Woerdt.
+ - Remove needless quotes from a log message about unparseable addresses.
+ Fixes bug 17843; bugfix on 0.2.3.3-alpha.
+
+ o Minor bugfixes (makefile):
+ - Remove config.log only from make distclean, not from
+ make clean. Fixes bug 17924; bugfix on 0.2.4.1-alpha.
+
+ o Minor bugfixes (portability):
+ - Remove an #endif from configure.ac so that we correctly detect
+ the presence of in6_addr.s6_addr32. Fixes bug 17923; bugfix on
+ 0.2.0.13-alpha.
+
+ o Minor bugfixes (relays):
+ - Check that both the ORPort and DirPort (if present) are reachable
+ before publishing a relay descriptor. Otherwise, relays publish a
+ descriptor with DirPort 0 when the DirPort reachability test takes
+ longer than the ORPort reachability test.
+ Fixes bug 18050; bugfix on 0.1.0.1-rc.
+ Reported by "starlight", patch by "teor".
+
+ o Minor bugfixes (routersets, IPv6):
+ - routerset_parse now accepts IPv6 literal addresses.
+ Fixes bug 17060; bugfix on 0.2.1.3-alpha. Patch by "teor".
+
+ o Minor bugfixes (safe logging):
+ - When logging a malformed hostname received through socks4, scrub it
+ if SafeLogging says we should. Fixes bug 17419; bugfix on 0.1.1.16-rc.
+
+ o Minor bugfixes (security):
+ - Make memwipe() do nothing when passed a NULL pointer
+ or zero size. Check size argument to memwipe() for underflow.
+ Fixes bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha.
+ Reported by "gk", patch by "teor".
+
+ o Minor bugfixes (security, exit policies):
+ - ExitPolicyRejectPrivate rejects more private addresses by default.
+ Specifically, it rejects
+ the relay's outbound bind addresses (if configured), and
+ the relay's configured port addresses (such as ORPort and DirPort).
+ Fixes bug 17027; bugfix on 0.2.0.11-alpha. Patch by "teor".
+
+ o Minor bugfixes (statistics code):
+ - Consistently check for overflow in round_*_to_next_multiple_of
+ functions, and add unit tests with additional and maximal values.
+ Fixes part of bug 13192; bugfix on 0.2.2.1-alpha.
+ - Handle edge cases in the laplace functions: avoid division by zero,
+ avoid taking the log of zero, and silence clang type conversion
+ warnings using round and trunc. Add unit tests for edge cases with
+ maximal values. Fixes part of bug 13192; bugfix on 0.2.6.2-alpha.
+
+ o Minor bugfixes (tests):
+ - Fix a memory leak in the ntor test. Fixes bug 17778; bugfix on
+ 0.2.4.8-alpha.
+
+ o Minor bugfixes (TLS context):
+ - Assert when the TLS contexts fail to initialize. Fixes bug 17683;
+ bugfix on 0.0.6.
+
+ o Minor bugfixes (unit tests):
+ - Check the full results of SHA256 and SHA512 digests in the
+ unit tests. Bugfix on 0.2.2.4-alpha. Patch by "teor".
+
+ o Code simplification and refactoring:
+ - Extract the more complicated parts of circuit_mark_for_close into
+ a new function run periodically before connections are freed.
+ This change removes more than half of the functions currently
+ in the "blob".
+ Closes ticket 17218.
+ - Clean up a little duplicated code in crypto_expand_key_material_TAP.
+ Closes ticket 17587; patch from "pfrankw".
+ - Decouple the list of streams needing to be attached to circuits
+ from the overall connection list. This change makes it possible to
+ attach streams quickly while both simplifying Tor's callgraph and
+ avoiding O(N) scans of the entire connection list. Closes ticket
+ 17590.
+ - When a direct directory request fails immediately on launch,
+ instead of relaunching that request from inside the code that
+ launches it, instead mark the connection for teardown. This
+ change simplifies Tor's callback and prevents the directory-
+ request launching code from invoking itself recursively.
+ Closes ticket 17589.
+
+ o Documentation:
+ - Add a description of the correct use of the '--keygen' command-line
+ option. Closes ticket 17583; based on text by 's7r'.
+ - Document the minimum HeartbeatPeriod value. Closes ticket 15638.
+ - Explain actual minima for BandwidthRate. Closes ticket 16382.
+ - Fix a minor formatting typo in the manpage. Closes ticket
+ 17791.
+ - Mention torspec URL in the manpage and point the reader to it
+ whenever we mention a document that belongs in torspce.
+ Fixes issue 17392.
+
+ o Removed features:
+ - Remove client-side support for connecting to Tor servers running
+ versions of Tor before 0.2.3.6-alpha. These servers didn't
+ support the v3 TLS handshake protocol, and are no longer allowed
+ on the Tor network. Implements the client side of ticket
+ 11150. Based on patches by Tom van der Woerdt.
+ - Remove code for OpenSSL dynamic locks; OpenSSL doesn't use them.
+ Closes ticket 17926.
+
+ o Testing:
+ - Always test both ed25519 backends, so that we can be sure that
+ our batch-open replacement code works. Part of ticket 16794.
+ - Cover dns_resolve_impl() in dns.c with unit tests. Implements a
+ portion of ticket 16831.
+ - More unit tests for compat_libevent.c. Closes ticket 17075.
+ Patch from Ola Bini.
+ - More unit tests for procmon.c. Closes ticket 17078.
+ Patch from Ola Bini.
+ - More unit tests for tortls.c. Closes ticket 17082.
+ Patch from Ola Bini.
+ - More unit tests for util_format.c. Closes ticket 17084.
+ Patch from Ola Bini.
+ - New tests for directory.c functions. Closes ticket 17003. Patch
+ from Ola Bini.
+ - New tests for options_validate. Closes ticket 17076. Patch from
+ Ola Bini.
+ - Unit tests for directory_handle_command_get. Closes ticket 17004.
+ Patch from Reinaldo de Souza Jr.
+
+
Changes in version 0.2.7.6 - 2015-12-10
Tor version 0.2.7.6 fixes a major bug in entry guard selection, as
well as a minor bug in hidden service reliability.
diff --git a/changes/11150 b/changes/11150
deleted file mode 100644
index b4d40ed07c..0000000000
--- a/changes/11150
+++ /dev/null
@@ -1,6 +0,0 @@
- o Removed features:
- - Remove client-side support for connecting to Tor servers running
- versions of Tor before 0.2.3.6-alpha. These servers didn't
- support the v3 TLS handshake protocol, and are no longer allowed
- on the Tor network. Implements the client side of ticket
- 11150. Based on patches by Tom van der Woerdt.
diff --git a/changes/17004 b/changes/17004
deleted file mode 100644
index 1dc9a237d4..0000000000
--- a/changes/17004
+++ /dev/null
@@ -1,3 +0,0 @@
- o Testing:
- - Unit tests for directory_handle_command_get. Closes ticket 17004.
- Patch from Reinaldo de Souza Jr.
diff --git a/changes/17075 b/changes/17075
deleted file mode 100644
index a91ac673e6..0000000000
--- a/changes/17075
+++ /dev/null
@@ -1,3 +0,0 @@
- o Testing:
- - More unit tests for compat_libevent.c. Closes ticket 17075.
- Patch from Ola Bini.
diff --git a/changes/17078 b/changes/17078
deleted file mode 100644
index af02877898..0000000000
--- a/changes/17078
+++ /dev/null
@@ -1,3 +0,0 @@
- o Testing:
- - More unit tests for procmon.c. Closes ticket 17078.
- Patch from Ola Bini.
diff --git a/changes/17082 b/changes/17082
deleted file mode 100644
index 30ed01473e..0000000000
--- a/changes/17082
+++ /dev/null
@@ -1,3 +0,0 @@
- o Testing:
- - More unit tests for tortls.c. Closes ticket 17082.
- Patch from Ola Bini.
diff --git a/changes/17084 b/changes/17084
deleted file mode 100644
index 361e26f264..0000000000
--- a/changes/17084
+++ /dev/null
@@ -1,3 +0,0 @@
- o Testing:
- - More unit tests for util_format.c. Closes ticket 17084.
- Patch from Ola Bini.
diff --git a/changes/17573 b/changes/17573
deleted file mode 100644
index 95ef15a1cc..0000000000
--- a/changes/17573
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (IPv6):
- - Update the limits in max_dl_per_request for IPv6 address
- length. Fixes bug 17573; bugfix on 0.2.1.5-alpha.
-
diff --git a/changes/17826 b/changes/17826
deleted file mode 100644
index 7d0a17afee..0000000000
--- a/changes/17826
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (build):
- - Mark all object files that include micro-revision.i as depending on
- it, so as to make our build more reliable with parallel builds.
- Fixes bug 17826; bugfix on 0.2.5.1-alpha.
-
diff --git a/changes/17926 b/changes/17926
deleted file mode 100644
index ee47db6101..0000000000
--- a/changes/17926
+++ /dev/null
@@ -1,3 +0,0 @@
- o Removed features:
- - Remove code for OpenSSL dynamic locks; OpenSSL doesn't use them.
- Closes ticket 17926.
diff --git a/changes/17944 b/changes/17944
deleted file mode 100644
index 0d8ed0a362..0000000000
--- a/changes/17944
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features (portability):
- - Use timingsafe_memcmp() where available. Closes ticket 17944;
- patch from <logan@hackers.mu>.
diff --git a/changes/7419 b/changes/7419
deleted file mode 100644
index 1073d9585e..0000000000
--- a/changes/7419
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor features (security):
- - Use explicit_bzero or memset_s when present. Previously, we'd use
- OpenSSL's OPENSSL_cleanse() function.
- Closes ticket 7419; patches from <logan@hackers.mu> and <selven@hackers.mu>.
-
-
diff --git a/changes/bug15638 b/changes/bug15638
deleted file mode 100644
index cf5d46983f..0000000000
--- a/changes/bug15638
+++ /dev/null
@@ -1,2 +0,0 @@
- o Documentation:
- - Document the minimum HeartbeatPeriod value. Closes ticket 15638.
diff --git a/changes/bug16382 b/changes/bug16382
deleted file mode 100644
index 8faee98ad8..0000000000
--- a/changes/bug16382
+++ /dev/null
@@ -1,3 +0,0 @@
- o Documentation:
- - Explain actual minima for BandwidthRate. Closes ticket 16382.
-
diff --git a/changes/bug16563 b/changes/bug16563
deleted file mode 100644
index 19e59b3821..0000000000
--- a/changes/bug16563
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes (logging):
- - In log messages that include a function name, use __FUNCTION__ instead
- of __PRETTY_FUNCTION__. In GCC, these are synonymous, but with clang
- __PRETTY_FUNCTION__ has extra information we don't need.
- Fixes bug 16563; bugfix on 0.0.2pre8. Fix by Tom van der Woerdt.
- \ No newline at end of file
diff --git a/changes/bug16651 b/changes/bug16651
deleted file mode 100644
index 1b8bd033fa..0000000000
--- a/changes/bug16651
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes (compilation):
-
- - Fix search for libevent libraries on OpenBSD (and similar systems
- which install libevent 1 and libevent 2 in parallel). Fixes bug
- 16651; bugfix on 0.1.0.7-rc.
- Patch from "rubiate".
diff --git a/changes/bug16794_ed b/changes/bug16794_ed
deleted file mode 100644
index a43c401ed4..0000000000
--- a/changes/bug16794_ed
+++ /dev/null
@@ -1,3 +0,0 @@
- o Testing:
- - Always test both ed25519 backends, so that we can be sure that
- our batch-open replacement code works. Part of ticket 16794.
diff --git a/changes/bug17003 b/changes/bug17003
deleted file mode 100644
index 8125f0e402..0000000000
--- a/changes/bug17003
+++ /dev/null
@@ -1,3 +0,0 @@
- o Testing:
- - New tests for directory.c functions. Closes ticket 17003. Patch
- from Ola Bini.
diff --git a/changes/bug17026 b/changes/bug17026
deleted file mode 100644
index 30e75c22a2..0000000000
--- a/changes/bug17026
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (security):
- - Set unused entires in a smartlist to NULL. This helped catch a
- (harmless) bug, and shouldn't affect performance too much.
- Implements ticket 17026.
-
diff --git a/changes/bug17027-reject-private-bind-port b/changes/bug17027-reject-private-bind-port
deleted file mode 100644
index e0c222a1cf..0000000000
--- a/changes/bug17027-reject-private-bind-port
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes (security, exit policies):
- - ExitPolicyRejectPrivate rejects more private addresses by default.
- Specifically, it rejects
- the relay's outbound bind addresses (if configured), and
- the relay's configured port addresses (such as ORPort and DirPort).
- Fixes bug 17027; bugfix on 0.2.0.11-alpha. Patch by "teor".
diff --git a/changes/bug17194 b/changes/bug17194
deleted file mode 100644
index d717489e0e..0000000000
--- a/changes/bug17194
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor feature (logging):
- - When logging to syslog, allow a tag to be added to the syslog
- identity ("Tor"), i.e. the string prepended to every log message.
- The tag can be configured by setting SyslogIdentityTag and defaults
- to none. Setting it to "foo" will cause logs to be tagged as
- "Tor-foo". Closes ticket 17194.
-
diff --git a/changes/bug17347 b/changes/bug17347
deleted file mode 100644
index 487b1320e2..0000000000
--- a/changes/bug17347
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (compilation):
- - Fix compilation of sandbox.c with musl-libc.
- Fixes bug 17347; bugfix on 0.2.5.1-alpha.
- Patch from 'jamestk'.
diff --git a/changes/bug17419 b/changes/bug17419
deleted file mode 100644
index 00fde906bb..0000000000
--- a/changes/bug17419
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (safe logging):
- - When logging a malformed hostname received through socks4, scrub it
- if SafeLogging says we should. Fixes bug 17419; bugfix on 0.1.1.16-rc.
diff --git a/changes/bug17544 b/changes/bug17544
deleted file mode 100644
index 4316d0709c..0000000000
--- a/changes/bug17544
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfix (SipHash-2-4 performance):
- - Improve performance when hashing non-multiple of 8 sized buffers,
- based on Andrew Moon's Public Domain SipHash-2-4 implementation.
- Fixes bug 17544; bugfix on 0.2.5.3-alpha.
diff --git a/changes/bug17549 b/changes/bug17549
deleted file mode 100644
index f0bb6903e7..0000000000
--- a/changes/bug17549
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features (compilation):
- - Repair some compilation issues with some recent (unreleased, alpha)
- vesions of OpenSSL 1.1. Closes ticket 17549.
diff --git a/changes/bug17562-DataDirectoryGroupReadable b/changes/bug17562-DataDirectoryGroupReadable
deleted file mode 100644
index 2299148d38..0000000000
--- a/changes/bug17562-DataDirectoryGroupReadable
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (unix permissions):
- - Introduce DataDirectoryGroupReadable boolean. If set to 1, the
- DataDirectory will be made readable by the default GID.
- Implements part of ticket 17562. Patch from Jamie Nguyen.
-
diff --git a/changes/bug17562-allow-root-group-read b/changes/bug17562-allow-root-group-read
deleted file mode 100644
index 29978fa07d..0000000000
--- a/changes/bug17562-allow-root-group-read
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor features (unix permissions):
- - If any directory created by Tor is marked as group readable, the
- filesystem group is allowed to be either the default GID or the root
- user. Allowing root to read the DataDirectory prevents the need for
- CAP_READ_SEARCH when using systemd's CapabilityBoundingSet, or
- dac_read_search when using SELinux.
- Implements part of ticket 17562. Patch from Jamie Nguyen.
diff --git a/changes/bug17562-defer-unix-socket-creation b/changes/bug17562-defer-unix-socket-creation
deleted file mode 100644
index 3e21d358d5..0000000000
--- a/changes/bug17562-defer-unix-socket-creation
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (unix permissions):
- - Defer creation of Unix sockets until after setuid. This avoids needing
- CAP_CHOWN and CAP_FOWNER when using systemd's CapabilityBoundingSet, or
- chown and fowner when using SELinux.
- Implements part of ticket 17562. Patch from Jamie Nguyen.
diff --git a/changes/bug17572-fallback-by-digest b/changes/bug17572-fallback-by-digest
deleted file mode 100644
index 3fba123360..0000000000
--- a/changes/bug17572-fallback-by-digest
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfix (fallback directories):
- - Mark fallbacks as "too busy" when they return a 503 response,
- rather than just marking authorities.
- Fixes bug 17572; bugfix on 5c51b3f1f0d4 released in 0.2.4.7-alpha.
- Patch by "teor".
diff --git a/changes/bug17583 b/changes/bug17583
deleted file mode 100644
index d77d46759a..0000000000
--- a/changes/bug17583
+++ /dev/null
@@ -1,4 +0,0 @@
- o Documentation:
- - Add a description of the correct use of the '--keygen' command-line
- option. Closes ticket 17583; based on text by 's7r'.
-
diff --git a/changes/bug17589 b/changes/bug17589
deleted file mode 100644
index 4144af7c11..0000000000
--- a/changes/bug17589
+++ /dev/null
@@ -1,7 +0,0 @@
- o Code simplification and refactoring:
- - When a direct directory request fails immediately on launch,
- instead of relaunching that request from inside the code that
- launches it, instead mark the connection for teardown. This
- change simplifies Tor's callback and prevents the directory-
- request launching code from invoking itself recursively.
- Closes ticket 17589. \ No newline at end of file
diff --git a/changes/bug17632-no-ipv4-no-localhost b/changes/bug17632-no-ipv4-no-localhost
deleted file mode 100644
index 99a2e2c325..0000000000
--- a/changes/bug17632-no-ipv4-no-localhost
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfix (unit tests):
- - Make unit tests pass on IPv6-only systems, and systems without
- localhost addresses (like some FreeBSD jails).
- Fixes bug 17632; bugfix on 0.2.7.3-rc.
- Patch by "teor".
diff --git a/changes/bug17638-ipv6-ersatz-socketpair b/changes/bug17638-ipv6-ersatz-socketpair
deleted file mode 100644
index 90a74f419f..0000000000
--- a/changes/bug17638-ipv6-ersatz-socketpair
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfix (IPv6 compatibility, unit tests):
- - Make tor_ersatz_socketpair work on IPv6-only systems.
- Fixes bug 17638; bugfix on 0.0.2pre8.
- Patch by "teor".
-
diff --git a/changes/bug17675 b/changes/bug17675
deleted file mode 100644
index 8326a0b9e8..0000000000
--- a/changes/bug17675
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (linux seccomp2 sandbox):
- - Fix a crash when using offline master ed25519 keys with the
- Linux seccomp2 sandbox enabled. Fixes bug 17675; bugfix on
- 0.2.7.3-alpha.
diff --git a/changes/bug17683 b/changes/bug17683
deleted file mode 100644
index e9d47513ab..0000000000
--- a/changes/bug17683
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (TLS context):
- - Assert when the TLS contexts fail to initialize. Fixes bug 17683;
- bugfix on 0.0.6.
diff --git a/changes/bug17686 b/changes/bug17686
deleted file mode 100644
index 78e6c8f92b..0000000000
--- a/changes/bug17686
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (security):
- - Adjust Tor's use of OpenSSL's RNG APIs so that they absolutely,
- positively are not allowed to fail. Previously we depended on
- internals about OpenSSL behavior. Closes ticket 17686.
diff --git a/changes/bug17694_strongest b/changes/bug17694_strongest
deleted file mode 100644
index 0a8954a25e..0000000000
--- a/changes/bug17694_strongest
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor features (security):
- - Never use the system entropy output directly for anything besides
- seeding the PRNG. When we want to generate important keys, instead
- of using system entropy directly, hash it with the PRNG stream.
- This may help resist certain attacks based on broken OS entropy
- implementations. Closes part of ticket 17694. \ No newline at end of file
diff --git a/changes/bug17753 b/changes/bug17753
deleted file mode 100644
index 918712f5c3..0000000000
--- a/changes/bug17753
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (code correctness):
- - Assert that allocated memory held by the reputation code is freed
- according to its internal counters. Fixes bug 17753; bugfix on
- tor-0.1.1.1-alpha.
diff --git a/changes/bug17778 b/changes/bug17778
deleted file mode 100644
index 9844969a3b..0000000000
--- a/changes/bug17778
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (tests):
- - Fix a memory leak in the ntor test. Fixes bug 17778; bugfix on
- 0.2.4.8-alpha.
diff --git a/changes/bug17791 b/changes/bug17791
deleted file mode 100644
index f191012cd4..0000000000
--- a/changes/bug17791
+++ /dev/null
@@ -1,4 +0,0 @@
- o Documentation:
- - Fix a minor formatting typo in the manpage. Closes ticket
- 17791.
-
diff --git a/changes/bug17804 b/changes/bug17804
deleted file mode 100644
index bd2a3cbdff..0000000000
--- a/changes/bug17804
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (compilation):
- - Replace usage of 'INLINE' with 'inline'. Fixes bug 17804; bugfix
- on tor-0.0.2pre8.
diff --git a/changes/bug17818 b/changes/bug17818
deleted file mode 100644
index 3d9afe329e..0000000000
--- a/changes/bug17818
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (compilation):
- - Isolate environment variables meant for tests from the rest of the
- build system. Fixes bug 17818; bugfix on tor-0.2.7.3-rc.
diff --git a/changes/bug17819 b/changes/bug17819
deleted file mode 100644
index 45c55f74b6..0000000000
--- a/changes/bug17819
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (compilation):
- - Don't try to use the pthrad_condattr_setclock() function unless
- it actually exists. Fixes compilation on NetBSD-6.x. Fixes bug
- 17819; bugfix on 0.2.6.3-alpha.
diff --git a/changes/bug17827 b/changes/bug17827
deleted file mode 100644
index 04cd3b5977..0000000000
--- a/changes/bug17827
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (compilation):
- - Fix backtrace compilation on FreeBSD. Fixes bug 17827; bugfix on
- tor-0.2.5.2-alpha.
diff --git a/changes/bug17843 b/changes/bug17843
deleted file mode 100644
index 6cb16a0b6a..0000000000
--- a/changes/bug17843
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (logging):
- - Remove needless quotes from a log message about unparseable addresses.
- Fixes bug 17843; bugfix on 0.2.3.3-alpha.
diff --git a/changes/bug17876 b/changes/bug17876
deleted file mode 100644
index 7446336c24..0000000000
--- a/changes/bug17876
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (client, correctness):
- - When closing an entry connection, generate a warning if we should
- have sent an end cell for it but we haven't. Fixes bug 17876;
- bugfix on 0.2.3.2-alpha.
-
diff --git a/changes/bug17892 b/changes/bug17892
deleted file mode 100644
index 73c26e9c94..0000000000
--- a/changes/bug17892
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (testing):
- - Log more information when the backtrace tests fail.
- Closes ticket 17892. Patch from "cypherpunks."
-
diff --git a/changes/bug17893 b/changes/bug17893
deleted file mode 100644
index 06808c0017..0000000000
--- a/changes/bug17893
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (build):
- - Since our build process now uses 'make distcheck', we no longer force
- "make dist" to depend on "make check". Closes ticket 17893;
- patch from "cypherpunks."
diff --git a/changes/bug17906 b/changes/bug17906
deleted file mode 100644
index b9174c3d0a..0000000000
--- a/changes/bug17906
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (authorities):
- - Update the V3 identity key for dannenberg: it was changed on
- 18 November 2015.
- Closes task 17906. Patch by "teor".
diff --git a/changes/bug17923 b/changes/bug17923
deleted file mode 100644
index d828520201..0000000000
--- a/changes/bug17923
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (portability):
- - Remove an #endif from configure.ac so that we correctly detect
- the presence of in6_addr.s6_addr32. Fixes bug 17923; bugfix on
- 0.2.0.13-alpha.
diff --git a/changes/bug17924 b/changes/bug17924
deleted file mode 100644
index aa5cf58730..0000000000
--- a/changes/bug17924
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (makefile):
- - Remove config.log only from make distclean, not from
- make clean. Fixes bug 17924; bugfix on 0.2.4.1-alpha.
-
diff --git a/changes/bug18050 b/changes/bug18050
deleted file mode 100644
index 4457ed262e..0000000000
--- a/changes/bug18050
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes (relays):
- - Check that both the ORPort and DirPort (if present) are reachable
- before publishing a relay descriptor. Otherwise, relays publish a
- descriptor with DirPort 0 when the DirPort reachability test takes
- longer than the ORPort reachability test.
- Fixes bug 18050; bugfix on 0.1.0.1-rc.
- Reported by "starlight", patch by "teor".
diff --git a/changes/bug18089 b/changes/bug18089
deleted file mode 100644
index b1ebd45545..0000000000
--- a/changes/bug18089
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (security):
- - Make memwipe() do nothing when passed a NULL pointer
- or zero size. Check size argument to memwipe() for underflow.
- Fixes bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha.
- Reported by "gk", patch by "teor".
diff --git a/changes/bug4483-multiple-consensus-downloads b/changes/bug4483-multiple-consensus-downloads
deleted file mode 100644
index 7e8bcc24cc..0000000000
--- a/changes/bug4483-multiple-consensus-downloads
+++ /dev/null
@@ -1,9 +0,0 @@
- o Major features (consensus downloads):
- - Schedule multiple in-progress consensus downloads during client
- bootstrap. Use the first one that starts downloading, close the
- rest. This reduces failures when authorities are slow or down.
- Together with the code for feature 15775, it reduces failures due to fallback churn.
- Implements ticket 4483 (reduce failures when authorities are down).
- Patch by "teor".
- Implements IPv4 portions of proposal 210 by "mikeperry" and
- "teor".
diff --git a/changes/bug6027 b/changes/bug6027
deleted file mode 100644
index 65be5443e8..0000000000
--- a/changes/bug6027
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (IPv6 support):
- - Allow users to configure directory authorities and fallback
- directory servers with IPv6 addresses and ORPorts. Resolves
- ticket 6027.
diff --git a/changes/check-crypto-errors b/changes/check-crypto-errors
deleted file mode 100644
index b3da7a1984..0000000000
--- a/changes/check-crypto-errors
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfix (crypto):
- - Check the return value of HMAC and assert on failure.
- Fixes bug 17658; bugfix on 0.2.3.6-alpha.
- Patch by "teor".
diff --git a/changes/cleanup_17587 b/changes/cleanup_17587
deleted file mode 100644
index a2cecdd7b4..0000000000
--- a/changes/cleanup_17587
+++ /dev/null
@@ -1,3 +0,0 @@
- o Code simplification and refactoring:
- - Clean up a little duplicated code in crypto_expand_key_material_TAP.
- Closes ticket 17587; patch from "pfrankw".
diff --git a/changes/decouple_circuit_mark b/changes/decouple_circuit_mark
deleted file mode 100644
index a852f48133..0000000000
--- a/changes/decouple_circuit_mark
+++ /dev/null
@@ -1,6 +0,0 @@
- o Code simplification and refactoring:
- - Extract the more complicated parts of circuit_mark_for_close into
- a new function run periodically before connections are freed.
- This change removes more than half of the functions currently
- in the "blob".
- Closes ticket 17218.
diff --git a/changes/decouple_conn_attach b/changes/decouple_conn_attach
deleted file mode 100644
index 8619c4d325..0000000000
--- a/changes/decouple_conn_attach
+++ /dev/null
@@ -1,6 +0,0 @@
- o Code simplification and refactoring:
- - Decouple the list of streams needing to be attached to circuits
- from the overall connection list. This change makes it possible to
- attach streams quickly while both simplifying Tor's callgraph and
- avoiding O(N) scans of the entire connection list. Closes ticket
- 17590.
diff --git a/changes/doc17392 b/changes/doc17392
deleted file mode 100644
index 3c93497b00..0000000000
--- a/changes/doc17392
+++ /dev/null
@@ -1,4 +0,0 @@
- o Documentation:
- - Mention torspec URL in the manpage and point the reader to it
- whenever we mention a document that belongs in torspce.
- Fixes issue 17392.
diff --git a/changes/feature12538 b/changes/feature12538
deleted file mode 100644
index 4e7ea9f41d..0000000000
--- a/changes/feature12538
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor features (directory system):
- Previously only relays who explicitly opened a directory port (DirPort)
- accepted directory requests from clients. Now all relays, with and without
- a DirPort, who do not disable the DirCache option accept and serve
- directory requests sent (tunnelled) through their ORPort.
- Closes ticket 12538.
diff --git a/changes/feature13696 b/changes/feature13696
deleted file mode 100644
index 21c2188d12..0000000000
--- a/changes/feature13696
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features (security, cryptography):
- - Use modern system calls to generate strong entropy on platforms that
- provide them. Closes ticket 13696.
diff --git a/changes/feature14846 b/changes/feature14846
deleted file mode 100644
index 4668761f22..0000000000
--- a/changes/feature14846
+++ /dev/null
@@ -1,4 +0,0 @@
- o Major features (controller):
- - New "GETINFO hs/service/desc/id/" command to retrieve a hidden service
- descriptor from a service's local hidden service descriptor cache.
- Closes ticket 14846.
diff --git a/changes/feature15775-fallback b/changes/feature15775-fallback
deleted file mode 100644
index 3a0ff231a2..0000000000
--- a/changes/feature15775-fallback
+++ /dev/null
@@ -1,19 +0,0 @@
- o Major features (directory mirrors):
- - Include an opt-in trial list of Default Fallback Directories in
- add_default_fallback_dir_servers().
- "Tor has included a feature to fetch the initial consensus from nodes
- other than the authorities for a while now. We just haven't shipped a
- list of alternate locations for clients to go to yet.
- Reasons why we might want to ship tor with a list of additional places
- where clients can find the consensus is that it makes authority
- reachability and BW less important.
- We want them to have been around and using their current key, address,
- and port for a while now (120 days), and have been running, a guard,
- and a v2 directory mirror for most of that time."
- We exclude BadExits and tor versions that aren't recommended.
- We include an IPv6 address for each FallbackDir (see ticket 8374).
- (Tor might not use IPv6 fallbacks until ticket the code for ticket6027 is merged.)
- The unit test ensures that we successfully load all included
- default fallback directories.
- Closes ticket 15775. Patch by "teor".
- OnionOO script by "weasel", "teor", "gsathya", and "karsten".
diff --git a/changes/feature16774 b/changes/feature16774
deleted file mode 100644
index dc9c329346..0000000000
--- a/changes/feature16774
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features (controller):
- - Adds FallbackDir entries to 'GETINFO config/defaults'. Closes tickets
- 16774 and 17817. Patch by George Tankersley.
diff --git a/changes/feature17076 b/changes/feature17076
deleted file mode 100644
index 50ebc96327..0000000000
--- a/changes/feature17076
+++ /dev/null
@@ -1,3 +0,0 @@
- o Testing:
- - New tests for options_validate. Closes ticket 17076. Patch from
- Ola Bini.
diff --git a/changes/feature17327 b/changes/feature17327
deleted file mode 100644
index 2fab09990b..0000000000
--- a/changes/feature17327
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor feature (IPv6):
- - Add a flag ipv6=address:orport to the DirAuthority and FallbackDir torrc
- options. Add hard-coded ipv6 addresses for directory authorities with
- ipv6 lines in their descriptors.
- Closes ticket 17327; patch from Nick Mathewson / "teor".
diff --git a/changes/feature17576-UseDefaultFallbackDirs b/changes/feature17576-UseDefaultFallbackDirs
deleted file mode 100644
index 68843c4769..0000000000
--- a/changes/feature17576-UseDefaultFallbackDirs
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor feature (fallback directories):
- - Add UseDefaultFallbackDirs, which enables any hard-coded fallback
- directory mirrors. Default is 1, set it to 0 to disable fallbacks.
- Implements ticket 17576. Patch by "teor".
diff --git a/changes/feature17608 b/changes/feature17608
deleted file mode 100644
index d56bb7d4a7..0000000000
--- a/changes/feature17608
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor feature (refactoring):
- - Move logging of redundant policy entries in
- policies_parse_exit_policy_internal into its own function.
- Closes ticket 17608; patch from "juce".
diff --git a/changes/feature17663 b/changes/feature17663
deleted file mode 100644
index baad9436fc..0000000000
--- a/changes/feature17663
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor feature (crypto):
- - Add SHA512 support to crypto.c. Closes ticket 17663; patch from
- George Tankersley.
diff --git a/changes/feature17796 b/changes/feature17796
deleted file mode 100644
index d96daed262..0000000000
--- a/changes/feature17796
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor features (crypto):
- - When allocating a digest state object, allocate no more space than we
- actually need. Previously, we were allocating as much space as the
- state for the largest algorithm would need. This change saves up to
- 672 bytes per circuit. Closes ticket 17796.
-
diff --git a/changes/feature17863 b/changes/feature17863
deleted file mode 100644
index 86c4e2ce0c..0000000000
--- a/changes/feature17863
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor feature (IPv6):
- - Add address policy assume_action support for IPv6 addresses.
- - Limit IPv6 mask bits to 128.
- - Warn when comparing against an AF_UNSPEC address in a policy,
- it's almost always a bug.
- Closes ticket 17863; patch by "teor".
diff --git a/changes/feature17864 b/changes/feature17864
deleted file mode 100644
index 1cf156206b..0000000000
--- a/changes/feature17864
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor feature (directory downloads):
- - Wait for busy authorities and fallbacks to become non-busy when
- bootstrapping. (A similar change was made in 6c443e987d for
- directory servers chosen from the consensus.)
- Closes ticket 17864; patch by "teor".
diff --git a/changes/feature17950 b/changes/feature17950
deleted file mode 100644
index bc255a791e..0000000000
--- a/changes/feature17950
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (relay, address discovery):
- - Add a family argument to get_interface_addresses_raw() and
- subfunctions to make network interface address interogation more
- efficient. Now Tor can specifically ask for IPv4, IPv6 or both
- types of interfaces from the operating system. Resolves ticket 17950.
diff --git a/changes/feature17951 b/changes/feature17951
deleted file mode 100644
index 67a6a8fd66..0000000000
--- a/changes/feature17951
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor features (relay, address discovery):
- - When get_interface_address6_list(.,AF_UNSPEC,.) is called and fails
- to enumerate interface addresses using the platform-specific API,
- have it rely on the UDP socket fallback technique to try and find
- out what IP addresses (both IPv4 and IPv6) our machine has. Resolves
- ticket 17951.
diff --git a/changes/feature17986 b/changes/feature17986
deleted file mode 100644
index 8039701a3a..0000000000
--- a/changes/feature17986
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features (security):
- - Use SecureMemoryWipe() function to securely clean memory on
- Windows. Implements feature 17986.
diff --git a/changes/feature8195 b/changes/feature8195
deleted file mode 100644
index 5c9a36791c..0000000000
--- a/changes/feature8195
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major features (relay):
- - When Tor is started as root on Linux and told to switch user ID, it
- can now retain the capabilitity to bind to low ports. By default,
- Tor will do this only when it's switching user ID and some low
- ports have been configured. You can change this behavior with
- the new option KeepBindCapabilities. Closes ticket 8195.
diff --git a/changes/feature8961-replaycache-sha256 b/changes/feature8961-replaycache-sha256
deleted file mode 100644
index c761aa8dd2..0000000000
--- a/changes/feature8961-replaycache-sha256
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (replaycache):
- - The replay cache now uses SHA256 instead of SHA1.
- Implements feature 8961.
- Patch by "teor", issue reported by "rransom".
diff --git a/changes/first-hop-no-private b/changes/first-hop-no-private
deleted file mode 100644
index 4cef638f8f..0000000000
--- a/changes/first-hop-no-private
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfix (relays, hidden services):
- - Refuse connection requests to private OR addresses unless
- ExtendAllowPrivateAddresses is set. Previously, tor would
- connect, then refuse to send any cells to a private address.
- Fixes bugs 17674 and 8976; bugfix on 0.2.3.21-rc.
- Patch by "teor".
diff --git a/changes/geoip-january2016 b/changes/geoip-january2016
deleted file mode 100644
index 0d9466539a..0000000000
--- a/changes/geoip-january2016
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (geoip):
- - Update geoip and geoip6 to the January 5 2016 Maxmind GeoLite2
- Country database.
-
diff --git a/changes/getinfo-private-exitpolicy b/changes/getinfo-private-exitpolicy
deleted file mode 100644
index 29b3d76b67..0000000000
--- a/changes/getinfo-private-exitpolicy
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor features (exit policies, controllers):
- - Add controller getinfo exit-policy/reject-private/[default,relay]
- for the reject rules added by ExitPolicyRejectPrivate. This makes
- it easier for stem to display exit policies.
- - Add unit tests for getinfo exit-policy/*.
- Finishes implementation for ticket 17183. Patch by "teor".
diff --git a/changes/laplace-edge-cases b/changes/laplace-edge-cases
deleted file mode 100644
index b83346e7a0..0000000000
--- a/changes/laplace-edge-cases
+++ /dev/null
@@ -1,9 +0,0 @@
- o Minor bugfixes (statistics code):
- - Handle edge cases in the laplace functions: avoid division by zero,
- avoid taking the log of zero, and silence clang type conversion
- warnings using round and trunc. Add unit tests for edge cases with
- maximal values. Fixes part of bug 13192; bugfix on 0.2.6.2-alpha.
- - Consistently check for overflow in round_*_to_next_multiple_of
- functions, and add unit tests with additional and maximal values.
- Fixes part of bug 13192; bugfix on 0.2.2.1-alpha.
-
diff --git a/changes/log_heartbeat_test b/changes/log_heartbeat_test
deleted file mode 100644
index 7bcc53f9cc..0000000000
--- a/changes/log_heartbeat_test
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfix (testing):
- - The test for log_heartbeat was incorrectly failing in timezones
- with non-integer offsets. Instead of comparing the end of the
- time string against a constant, compare it to the output of
- format_local_iso_time when given the correct input.
- Fixes bug 18039; bugfix on 0.2.5.4-alpha.
diff --git a/changes/rand-failure-modes b/changes/rand-failure-modes
deleted file mode 100644
index cc6ef4744e..0000000000
--- a/changes/rand-failure-modes
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (unit tests, random number generation):
- - Add unit tests that check for common RNG failure modes, such as
- returning all zeroes, identical values, or incrementing values
- (OpenSSL's rand_predictable feature).
- Patch by "teor".
diff --git a/changes/routerset-parse-IPv6-literals b/changes/routerset-parse-IPv6-literals
deleted file mode 100644
index 52026f3ed4..0000000000
--- a/changes/routerset-parse-IPv6-literals
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (routersets, IPv6):
- - routerset_parse now accepts IPv6 literal addresses.
- Fixes bug 17060; bugfix on 0.2.1.3-alpha. Patch by "teor".
diff --git a/changes/sha-unit-tests b/changes/sha-unit-tests
deleted file mode 100644
index 437bff3e0a..0000000000
--- a/changes/sha-unit-tests
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (unit tests):
- - Check the full results of SHA256 and SHA512 digests in the
- unit tests. Bugfix on 0.2.2.4-alpha. Patch by "teor".
diff --git a/changes/test16831 b/changes/test16831
deleted file mode 100644
index 7db2d14df5..0000000000
--- a/changes/test16831
+++ /dev/null
@@ -1,3 +0,0 @@
- o Testing:
- - Cover dns_resolve_impl() in dns.c with unit tests. Implements a
- portion of ticket 16831.
diff --git a/changes/ticket15989 b/changes/ticket15989
deleted file mode 100644
index a0a904b63c..0000000000
--- a/changes/ticket15989
+++ /dev/null
@@ -1,9 +0,0 @@
- o Minor features (accounting):
- - Added two modes to AccountingRule in torrc for
- limiting just input or just output.
- Closes ticket 15989; patch from "unixninja92".
-
- o Minor bugfixes (accounting):
- - The max bandwidth when using AccountRule sum
- is now correctly logged. Fixes bug 18024; bugfix on 0.2.6.1-alpha.
- Patch from "unixninja92".
diff --git a/changes/ticket17158 b/changes/ticket17158
deleted file mode 100644
index 6332248345..0000000000
--- a/changes/ticket17158
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (fallback directories):
- - Add a set of default fallback directories for the 0.2.8 alpha releases.
- Closes ticket 17158.
- Patch by "teor".
diff --git a/changes/warn-when-time-goes-backwards b/changes/warn-when-time-goes-backwards
deleted file mode 100644
index 8a9485b0c0..0000000000
--- a/changes/warn-when-time-goes-backwards
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (security, clock):
- - Warn when the system clock is set back in time (when the
- state file was last written in the future). Tor doesn't know
- that consensuses have expired if the clock is in the past.
- Patch by "teor". Implements ticket 17188.
diff --git a/scripts/maint/sortChanges.py b/scripts/maint/sortChanges.py
index 7e25cefd53..d6ec0e269d 100755
--- a/scripts/maint/sortChanges.py
+++ b/scripts/maint/sortChanges.py
@@ -16,10 +16,36 @@ def fetch(fn):
s = "%s\n" % s.rstrip()
return s
+CSR='Code simplification and refactoring'
+
+REPLACEMENTS = {
+ # plurals
+ 'Minor bugfix' : 'Minor bugfixes',
+ 'Major bugfix' : 'Major bugfixes',
+ 'Minor feature' : 'Minor features',
+ 'Major feature' : 'Major features',
+ 'Removed feature' : 'Removed features',
+ 'Code simplification and refactorings' : CSR,
+ 'Code simplifications and refactoring' : CSR,
+ 'Code simplifications and refactorings' : CSR,
+
+ # wrong words
+ 'Minor fix' : 'Minor bugfixes',
+ 'Major fix' : 'Major bugfixes',
+ 'Minor fixes' : 'Minor bugfixes',
+ 'Major fixes' : 'Major bugfixes',
+ 'Minor enhancement' : 'Minor features',
+ 'Minor enhancements' : 'Minor features',
+ 'Major enhancement' : 'Major features',
+ 'Major enhancements' : 'Major features',
+}
+
def score(s,fname=None):
m = re.match(r'^ +o ([^\n]*)\n(.*)', s, re.M|re.S)
if not m:
print >>sys.stderr, "Can't score %r from %s"%(s,fname)
+ heading = m.group(1)
+ heading = REPLACEMENTS.get(heading, heading)
lw = m.group(1).lower()
if lw.startswith("major feature"):
score = 0
@@ -36,7 +62,7 @@ def score(s,fname=None):
else:
score = 100
- return (score, lw, m.group(1), m.group(2))
+ return (score, lw, heading, m.group(2))
def splitChanges(s):
this_entry = []