diff options
91 files changed, 456 insertions, 416 deletions
@@ -1,3 +1,432 @@ +Changes in version 0.2.8.1-alpha - 2016-02-0? + XXXX Blurb goes here XXXX + + o Major features (consensus downloads): + - Schedule multiple in-progress consensus downloads during client + bootstrap. Use the first one that starts downloading, close the + rest. This reduces failures when authorities are slow or down. + Together with the code for feature 15775, it reduces failures due to fallback churn. + Implements ticket 4483 (reduce failures when authorities are down). + Patch by "teor". + Implements IPv4 portions of proposal 210 by "mikeperry" and + "teor". + + o Major features (controller): + - New "GETINFO hs/service/desc/id/" command to retrieve a hidden service + descriptor from a service's local hidden service descriptor cache. + Closes ticket 14846. + + o Major features (directory mirrors): + - Include an opt-in trial list of Default Fallback Directories in + add_default_fallback_dir_servers(). + "Tor has included a feature to fetch the initial consensus from nodes + other than the authorities for a while now. We just haven't shipped a + list of alternate locations for clients to go to yet. + Reasons why we might want to ship tor with a list of additional places + where clients can find the consensus is that it makes authority + reachability and BW less important. + We want them to have been around and using their current key, address, + and port for a while now (120 days), and have been running, a guard, + and a v2 directory mirror for most of that time." + We exclude BadExits and tor versions that aren't recommended. + We include an IPv6 address for each FallbackDir (see ticket 8374). + (Tor might not use IPv6 fallbacks until ticket the code for ticket6027 is merged.) + The unit test ensures that we successfully load all included + default fallback directories. + Closes ticket 15775. Patch by "teor". + OnionOO script by "weasel", "teor", "gsathya", and "karsten". + + o Major features (relay): + - When Tor is started as root on Linux and told to switch user ID, it + can now retain the capabilitity to bind to low ports. By default, + Tor will do this only when it's switching user ID and some low + ports have been configured. You can change this behavior with + the new option KeepBindCapabilities. Closes ticket 8195. + + o Minor feature (crypto): + - Add SHA512 support to crypto.c. Closes ticket 17663; patch from + George Tankersley. + + o Minor feature (directory downloads): + - Wait for busy authorities and fallbacks to become non-busy when + bootstrapping. (A similar change was made in 6c443e987d for + directory servers chosen from the consensus.) + Closes ticket 17864; patch by "teor". + + o Minor feature (fallback directories): + - Add UseDefaultFallbackDirs, which enables any hard-coded fallback + directory mirrors. Default is 1, set it to 0 to disable fallbacks. + Implements ticket 17576. Patch by "teor". + + o Minor feature (IPv6): + - Add a flag ipv6=address:orport to the DirAuthority and FallbackDir torrc + options. Add hard-coded ipv6 addresses for directory authorities with + ipv6 lines in their descriptors. + Closes ticket 17327; patch from Nick Mathewson / "teor". + - Add address policy assume_action support for IPv6 addresses. + - Limit IPv6 mask bits to 128. + - Warn when comparing against an AF_UNSPEC address in a policy, + it's almost always a bug. + Closes ticket 17863; patch by "teor". + + o Minor feature (logging): + - When logging to syslog, allow a tag to be added to the syslog + identity ("Tor"), i.e. the string prepended to every log message. + The tag can be configured by setting SyslogIdentityTag and defaults + to none. Setting it to "foo" will cause logs to be tagged as + "Tor-foo". Closes ticket 17194. + + o Minor feature (refactoring): + - Move logging of redundant policy entries in + policies_parse_exit_policy_internal into its own function. + Closes ticket 17608; patch from "juce". + + o Minor features (accounting): + - Added two modes to AccountingRule in torrc for + limiting just input or just output. + Closes ticket 15989; patch from "unixninja92". + + o Minor features (authorities): + - Update the V3 identity key for dannenberg: it was changed on + 18 November 2015. + Closes task 17906. Patch by "teor". + + o Minor features (build): + - Since our build process now uses 'make distcheck', we no longer force + "make dist" to depend on "make check". Closes ticket 17893; + patch from "cypherpunks." + + o Minor features (compilation): + - Repair some compilation issues with some recent (unreleased, alpha) + vesions of OpenSSL 1.1. Closes ticket 17549. + + o Minor features (controller): + - Adds FallbackDir entries to 'GETINFO config/defaults'. Closes tickets + 16774 and 17817. Patch by George Tankersley. + + o Minor features (crypto): + - When allocating a digest state object, allocate no more space than we + actually need. Previously, we were allocating as much space as the + state for the largest algorithm would need. This change saves up to + 672 bytes per circuit. Closes ticket 17796. + + o Minor features (directory system): + Previously only relays who explicitly opened a directory port (DirPort) + accepted directory requests from clients. Now all relays, with and without + a DirPort, who do not disable the DirCache option accept and serve + directory requests sent (tunnelled) through their ORPort. + Closes ticket 12538. + + o Minor features (exit policies, controllers): + - Add controller getinfo exit-policy/reject-private/[default,relay] + for the reject rules added by ExitPolicyRejectPrivate. This makes + it easier for stem to display exit policies. + - Add unit tests for getinfo exit-policy/*. + Finishes implementation for ticket 17183. Patch by "teor". + + o Minor features (fallback directories): + - Add a set of default fallback directories for the 0.2.8 alpha releases. + Closes ticket 17158. + Patch by "teor". + + o Minor features (geoip): + - Update geoip and geoip6 to the January 5 2016 Maxmind GeoLite2 + Country database. + + o Minor features (IPv6 support): + - Allow users to configure directory authorities and fallback + directory servers with IPv6 addresses and ORPorts. Resolves + ticket 6027. + + o Minor features (portability): + - Use timingsafe_memcmp() where available. Closes ticket 17944; + patch from <logan@hackers.mu>. + + o Minor features (relay, address discovery): + - Add a family argument to get_interface_addresses_raw() and + subfunctions to make network interface address interogation more + efficient. Now Tor can specifically ask for IPv4, IPv6 or both + types of interfaces from the operating system. Resolves ticket 17950. + - When get_interface_address6_list(.,AF_UNSPEC,.) is called and fails + to enumerate interface addresses using the platform-specific API, + have it rely on the UDP socket fallback technique to try and find + out what IP addresses (both IPv4 and IPv6) our machine has. Resolves + ticket 17951. + + o Minor features (replaycache): + - The replay cache now uses SHA256 instead of SHA1. + Implements feature 8961. + Patch by "teor", issue reported by "rransom". + + o Minor features (security): + - Adjust Tor's use of OpenSSL's RNG APIs so that they absolutely, + positively are not allowed to fail. Previously we depended on + internals about OpenSSL behavior. Closes ticket 17686. + - Never use the system entropy output directly for anything besides + seeding the PRNG. When we want to generate important keys, instead + of using system entropy directly, hash it with the PRNG stream. + This may help resist certain attacks based on broken OS entropy + implementations. Closes part of ticket 17694. + - Set unused entires in a smartlist to NULL. This helped catch a + (harmless) bug, and shouldn't affect performance too much. + Implements ticket 17026. + - Use SecureMemoryWipe() function to securely clean memory on + Windows. Implements feature 17986. + - Use explicit_bzero or memset_s when present. Previously, we'd use + OpenSSL's OPENSSL_cleanse() function. + Closes ticket 7419; patches from <logan@hackers.mu> and <selven@hackers.mu>. + + o Minor features (security, clock): + - Warn when the system clock is set back in time (when the + state file was last written in the future). Tor doesn't know + that consensuses have expired if the clock is in the past. + Patch by "teor". Implements ticket 17188. + + o Minor features (security, cryptography): + - Use modern system calls to generate strong entropy on platforms that + provide them. Closes ticket 13696. + + o Minor features (testing): + - Log more information when the backtrace tests fail. + Closes ticket 17892. Patch from "cypherpunks." + + o Minor features (unit tests, random number generation): + - Add unit tests that check for common RNG failure modes, such as + returning all zeroes, identical values, or incrementing values + (OpenSSL's rand_predictable feature). + Patch by "teor". + + o Minor features (unix permissions): + - Defer creation of Unix sockets until after setuid. This avoids needing + CAP_CHOWN and CAP_FOWNER when using systemd's CapabilityBoundingSet, or + chown and fowner when using SELinux. + Implements part of ticket 17562. Patch from Jamie Nguyen. + - If any directory created by Tor is marked as group readable, the + filesystem group is allowed to be either the default GID or the root + user. Allowing root to read the DataDirectory prevents the need for + CAP_READ_SEARCH when using systemd's CapabilityBoundingSet, or + dac_read_search when using SELinux. + Implements part of ticket 17562. Patch from Jamie Nguyen. + - Introduce DataDirectoryGroupReadable boolean. If set to 1, the + DataDirectory will be made readable by the default GID. + Implements part of ticket 17562. Patch from Jamie Nguyen. + + o Minor bugfix (crypto): + - Check the return value of HMAC and assert on failure. + Fixes bug 17658; bugfix on 0.2.3.6-alpha. + Patch by "teor". + + o Minor bugfix (fallback directories): + - Mark fallbacks as "too busy" when they return a 503 response, + rather than just marking authorities. + Fixes bug 17572; bugfix on 5c51b3f1f0d4 released in 0.2.4.7-alpha. + Patch by "teor". + + o Minor bugfix (IPv6 compatibility, unit tests): + - Make tor_ersatz_socketpair work on IPv6-only systems. + Fixes bug 17638; bugfix on 0.0.2pre8. + Patch by "teor". + + o Minor bugfix (relays, hidden services): + - Refuse connection requests to private OR addresses unless + ExtendAllowPrivateAddresses is set. Previously, tor would + connect, then refuse to send any cells to a private address. + Fixes bugs 17674 and 8976; bugfix on 0.2.3.21-rc. + Patch by "teor". + + o Minor bugfix (SipHash-2-4 performance): + - Improve performance when hashing non-multiple of 8 sized buffers, + based on Andrew Moon's Public Domain SipHash-2-4 implementation. + Fixes bug 17544; bugfix on 0.2.5.3-alpha. + + o Minor bugfix (testing): + - The test for log_heartbeat was incorrectly failing in timezones + with non-integer offsets. Instead of comparing the end of the + time string against a constant, compare it to the output of + format_local_iso_time when given the correct input. + Fixes bug 18039; bugfix on 0.2.5.4-alpha. + + o Minor bugfix (unit tests): + - Make unit tests pass on IPv6-only systems, and systems without + localhost addresses (like some FreeBSD jails). + Fixes bug 17632; bugfix on 0.2.7.3-rc. + Patch by "teor". + + o Minor bugfixes (accounting): + - The max bandwidth when using AccountRule sum + is now correctly logged. Fixes bug 18024; bugfix on 0.2.6.1-alpha. + Patch from "unixninja92". + + o Minor bugfixes (build): + - Mark all object files that include micro-revision.i as depending on + it, so as to make our build more reliable with parallel builds. + Fixes bug 17826; bugfix on 0.2.5.1-alpha. + + o Minor bugfixes (client, correctness): + - When closing an entry connection, generate a warning if we should + have sent an end cell for it but we haven't. Fixes bug 17876; + bugfix on 0.2.3.2-alpha. + + o Minor bugfixes (code correctness): + - Assert that allocated memory held by the reputation code is freed + according to its internal counters. Fixes bug 17753; bugfix on + tor-0.1.1.1-alpha. + + o Minor bugfixes (compilation): + - Don't try to use the pthrad_condattr_setclock() function unless + it actually exists. Fixes compilation on NetBSD-6.x. Fixes bug + 17819; bugfix on 0.2.6.3-alpha. + - Fix backtrace compilation on FreeBSD. Fixes bug 17827; bugfix on + tor-0.2.5.2-alpha. + - Fix compilation of sandbox.c with musl-libc. + Fixes bug 17347; bugfix on 0.2.5.1-alpha. + Patch from 'jamestk'. + - Fix search for libevent libraries on OpenBSD (and similar systems + which install libevent 1 and libevent 2 in parallel). Fixes bug + 16651; bugfix on 0.1.0.7-rc. + Patch from "rubiate". + - Isolate environment variables meant for tests from the rest of the + build system. Fixes bug 17818; bugfix on tor-0.2.7.3-rc. + - Replace usage of 'INLINE' with 'inline'. Fixes bug 17804; bugfix + on tor-0.0.2pre8. + + o Minor bugfixes (IPv6): + - Update the limits in max_dl_per_request for IPv6 address + length. Fixes bug 17573; bugfix on 0.2.1.5-alpha. + + o Minor bugfixes (linux seccomp2 sandbox): + - Fix a crash when using offline master ed25519 keys with the + Linux seccomp2 sandbox enabled. Fixes bug 17675; bugfix on + 0.2.7.3-alpha. + + o Minor bugfixes (logging): + - In log messages that include a function name, use __FUNCTION__ instead + of __PRETTY_FUNCTION__. In GCC, these are synonymous, but with clang + __PRETTY_FUNCTION__ has extra information we don't need. + Fixes bug 16563; bugfix on 0.0.2pre8. Fix by Tom van der Woerdt. + - Remove needless quotes from a log message about unparseable addresses. + Fixes bug 17843; bugfix on 0.2.3.3-alpha. + + o Minor bugfixes (makefile): + - Remove config.log only from make distclean, not from + make clean. Fixes bug 17924; bugfix on 0.2.4.1-alpha. + + o Minor bugfixes (portability): + - Remove an #endif from configure.ac so that we correctly detect + the presence of in6_addr.s6_addr32. Fixes bug 17923; bugfix on + 0.2.0.13-alpha. + + o Minor bugfixes (relays): + - Check that both the ORPort and DirPort (if present) are reachable + before publishing a relay descriptor. Otherwise, relays publish a + descriptor with DirPort 0 when the DirPort reachability test takes + longer than the ORPort reachability test. + Fixes bug 18050; bugfix on 0.1.0.1-rc. + Reported by "starlight", patch by "teor". + + o Minor bugfixes (routersets, IPv6): + - routerset_parse now accepts IPv6 literal addresses. + Fixes bug 17060; bugfix on 0.2.1.3-alpha. Patch by "teor". + + o Minor bugfixes (safe logging): + - When logging a malformed hostname received through socks4, scrub it + if SafeLogging says we should. Fixes bug 17419; bugfix on 0.1.1.16-rc. + + o Minor bugfixes (security): + - Make memwipe() do nothing when passed a NULL pointer + or zero size. Check size argument to memwipe() for underflow. + Fixes bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. + Reported by "gk", patch by "teor". + + o Minor bugfixes (security, exit policies): + - ExitPolicyRejectPrivate rejects more private addresses by default. + Specifically, it rejects + the relay's outbound bind addresses (if configured), and + the relay's configured port addresses (such as ORPort and DirPort). + Fixes bug 17027; bugfix on 0.2.0.11-alpha. Patch by "teor". + + o Minor bugfixes (statistics code): + - Consistently check for overflow in round_*_to_next_multiple_of + functions, and add unit tests with additional and maximal values. + Fixes part of bug 13192; bugfix on 0.2.2.1-alpha. + - Handle edge cases in the laplace functions: avoid division by zero, + avoid taking the log of zero, and silence clang type conversion + warnings using round and trunc. Add unit tests for edge cases with + maximal values. Fixes part of bug 13192; bugfix on 0.2.6.2-alpha. + + o Minor bugfixes (tests): + - Fix a memory leak in the ntor test. Fixes bug 17778; bugfix on + 0.2.4.8-alpha. + + o Minor bugfixes (TLS context): + - Assert when the TLS contexts fail to initialize. Fixes bug 17683; + bugfix on 0.0.6. + + o Minor bugfixes (unit tests): + - Check the full results of SHA256 and SHA512 digests in the + unit tests. Bugfix on 0.2.2.4-alpha. Patch by "teor". + + o Code simplification and refactoring: + - Extract the more complicated parts of circuit_mark_for_close into + a new function run periodically before connections are freed. + This change removes more than half of the functions currently + in the "blob". + Closes ticket 17218. + - Clean up a little duplicated code in crypto_expand_key_material_TAP. + Closes ticket 17587; patch from "pfrankw". + - Decouple the list of streams needing to be attached to circuits + from the overall connection list. This change makes it possible to + attach streams quickly while both simplifying Tor's callgraph and + avoiding O(N) scans of the entire connection list. Closes ticket + 17590. + - When a direct directory request fails immediately on launch, + instead of relaunching that request from inside the code that + launches it, instead mark the connection for teardown. This + change simplifies Tor's callback and prevents the directory- + request launching code from invoking itself recursively. + Closes ticket 17589. + + o Documentation: + - Add a description of the correct use of the '--keygen' command-line + option. Closes ticket 17583; based on text by 's7r'. + - Document the minimum HeartbeatPeriod value. Closes ticket 15638. + - Explain actual minima for BandwidthRate. Closes ticket 16382. + - Fix a minor formatting typo in the manpage. Closes ticket + 17791. + - Mention torspec URL in the manpage and point the reader to it + whenever we mention a document that belongs in torspce. + Fixes issue 17392. + + o Removed features: + - Remove client-side support for connecting to Tor servers running + versions of Tor before 0.2.3.6-alpha. These servers didn't + support the v3 TLS handshake protocol, and are no longer allowed + on the Tor network. Implements the client side of ticket + 11150. Based on patches by Tom van der Woerdt. + - Remove code for OpenSSL dynamic locks; OpenSSL doesn't use them. + Closes ticket 17926. + + o Testing: + - Always test both ed25519 backends, so that we can be sure that + our batch-open replacement code works. Part of ticket 16794. + - Cover dns_resolve_impl() in dns.c with unit tests. Implements a + portion of ticket 16831. + - More unit tests for compat_libevent.c. Closes ticket 17075. + Patch from Ola Bini. + - More unit tests for procmon.c. Closes ticket 17078. + Patch from Ola Bini. + - More unit tests for tortls.c. Closes ticket 17082. + Patch from Ola Bini. + - More unit tests for util_format.c. Closes ticket 17084. + Patch from Ola Bini. + - New tests for directory.c functions. Closes ticket 17003. Patch + from Ola Bini. + - New tests for options_validate. Closes ticket 17076. Patch from + Ola Bini. + - Unit tests for directory_handle_command_get. Closes ticket 17004. + Patch from Reinaldo de Souza Jr. + + Changes in version 0.2.7.6 - 2015-12-10 Tor version 0.2.7.6 fixes a major bug in entry guard selection, as well as a minor bug in hidden service reliability. diff --git a/changes/11150 b/changes/11150 deleted file mode 100644 index b4d40ed07c..0000000000 --- a/changes/11150 +++ /dev/null @@ -1,6 +0,0 @@ - o Removed features: - - Remove client-side support for connecting to Tor servers running - versions of Tor before 0.2.3.6-alpha. These servers didn't - support the v3 TLS handshake protocol, and are no longer allowed - on the Tor network. Implements the client side of ticket - 11150. Based on patches by Tom van der Woerdt. diff --git a/changes/17004 b/changes/17004 deleted file mode 100644 index 1dc9a237d4..0000000000 --- a/changes/17004 +++ /dev/null @@ -1,3 +0,0 @@ - o Testing: - - Unit tests for directory_handle_command_get. Closes ticket 17004. - Patch from Reinaldo de Souza Jr. diff --git a/changes/17075 b/changes/17075 deleted file mode 100644 index a91ac673e6..0000000000 --- a/changes/17075 +++ /dev/null @@ -1,3 +0,0 @@ - o Testing: - - More unit tests for compat_libevent.c. Closes ticket 17075. - Patch from Ola Bini. diff --git a/changes/17078 b/changes/17078 deleted file mode 100644 index af02877898..0000000000 --- a/changes/17078 +++ /dev/null @@ -1,3 +0,0 @@ - o Testing: - - More unit tests for procmon.c. Closes ticket 17078. - Patch from Ola Bini. diff --git a/changes/17082 b/changes/17082 deleted file mode 100644 index 30ed01473e..0000000000 --- a/changes/17082 +++ /dev/null @@ -1,3 +0,0 @@ - o Testing: - - More unit tests for tortls.c. Closes ticket 17082. - Patch from Ola Bini. diff --git a/changes/17084 b/changes/17084 deleted file mode 100644 index 361e26f264..0000000000 --- a/changes/17084 +++ /dev/null @@ -1,3 +0,0 @@ - o Testing: - - More unit tests for util_format.c. Closes ticket 17084. - Patch from Ola Bini. diff --git a/changes/17573 b/changes/17573 deleted file mode 100644 index 95ef15a1cc..0000000000 --- a/changes/17573 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (IPv6): - - Update the limits in max_dl_per_request for IPv6 address - length. Fixes bug 17573; bugfix on 0.2.1.5-alpha. - diff --git a/changes/17826 b/changes/17826 deleted file mode 100644 index 7d0a17afee..0000000000 --- a/changes/17826 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (build): - - Mark all object files that include micro-revision.i as depending on - it, so as to make our build more reliable with parallel builds. - Fixes bug 17826; bugfix on 0.2.5.1-alpha. - diff --git a/changes/17926 b/changes/17926 deleted file mode 100644 index ee47db6101..0000000000 --- a/changes/17926 +++ /dev/null @@ -1,3 +0,0 @@ - o Removed features: - - Remove code for OpenSSL dynamic locks; OpenSSL doesn't use them. - Closes ticket 17926. diff --git a/changes/17944 b/changes/17944 deleted file mode 100644 index 0d8ed0a362..0000000000 --- a/changes/17944 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (portability): - - Use timingsafe_memcmp() where available. Closes ticket 17944; - patch from <logan@hackers.mu>. diff --git a/changes/7419 b/changes/7419 deleted file mode 100644 index 1073d9585e..0000000000 --- a/changes/7419 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (security): - - Use explicit_bzero or memset_s when present. Previously, we'd use - OpenSSL's OPENSSL_cleanse() function. - Closes ticket 7419; patches from <logan@hackers.mu> and <selven@hackers.mu>. - - diff --git a/changes/bug15638 b/changes/bug15638 deleted file mode 100644 index cf5d46983f..0000000000 --- a/changes/bug15638 +++ /dev/null @@ -1,2 +0,0 @@ - o Documentation: - - Document the minimum HeartbeatPeriod value. Closes ticket 15638. diff --git a/changes/bug16382 b/changes/bug16382 deleted file mode 100644 index 8faee98ad8..0000000000 --- a/changes/bug16382 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation: - - Explain actual minima for BandwidthRate. Closes ticket 16382. - diff --git a/changes/bug16563 b/changes/bug16563 deleted file mode 100644 index 19e59b3821..0000000000 --- a/changes/bug16563 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (logging): - - In log messages that include a function name, use __FUNCTION__ instead - of __PRETTY_FUNCTION__. In GCC, these are synonymous, but with clang - __PRETTY_FUNCTION__ has extra information we don't need. - Fixes bug 16563; bugfix on 0.0.2pre8. Fix by Tom van der Woerdt. -
\ No newline at end of file diff --git a/changes/bug16651 b/changes/bug16651 deleted file mode 100644 index 1b8bd033fa..0000000000 --- a/changes/bug16651 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (compilation): - - - Fix search for libevent libraries on OpenBSD (and similar systems - which install libevent 1 and libevent 2 in parallel). Fixes bug - 16651; bugfix on 0.1.0.7-rc. - Patch from "rubiate". diff --git a/changes/bug16794_ed b/changes/bug16794_ed deleted file mode 100644 index a43c401ed4..0000000000 --- a/changes/bug16794_ed +++ /dev/null @@ -1,3 +0,0 @@ - o Testing: - - Always test both ed25519 backends, so that we can be sure that - our batch-open replacement code works. Part of ticket 16794. diff --git a/changes/bug17003 b/changes/bug17003 deleted file mode 100644 index 8125f0e402..0000000000 --- a/changes/bug17003 +++ /dev/null @@ -1,3 +0,0 @@ - o Testing: - - New tests for directory.c functions. Closes ticket 17003. Patch - from Ola Bini. diff --git a/changes/bug17026 b/changes/bug17026 deleted file mode 100644 index 30e75c22a2..0000000000 --- a/changes/bug17026 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (security): - - Set unused entires in a smartlist to NULL. This helped catch a - (harmless) bug, and shouldn't affect performance too much. - Implements ticket 17026. - diff --git a/changes/bug17027-reject-private-bind-port b/changes/bug17027-reject-private-bind-port deleted file mode 100644 index e0c222a1cf..0000000000 --- a/changes/bug17027-reject-private-bind-port +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (security, exit policies): - - ExitPolicyRejectPrivate rejects more private addresses by default. - Specifically, it rejects - the relay's outbound bind addresses (if configured), and - the relay's configured port addresses (such as ORPort and DirPort). - Fixes bug 17027; bugfix on 0.2.0.11-alpha. Patch by "teor". diff --git a/changes/bug17194 b/changes/bug17194 deleted file mode 100644 index d717489e0e..0000000000 --- a/changes/bug17194 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor feature (logging): - - When logging to syslog, allow a tag to be added to the syslog - identity ("Tor"), i.e. the string prepended to every log message. - The tag can be configured by setting SyslogIdentityTag and defaults - to none. Setting it to "foo" will cause logs to be tagged as - "Tor-foo". Closes ticket 17194. - diff --git a/changes/bug17347 b/changes/bug17347 deleted file mode 100644 index 487b1320e2..0000000000 --- a/changes/bug17347 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Fix compilation of sandbox.c with musl-libc. - Fixes bug 17347; bugfix on 0.2.5.1-alpha. - Patch from 'jamestk'. diff --git a/changes/bug17419 b/changes/bug17419 deleted file mode 100644 index 00fde906bb..0000000000 --- a/changes/bug17419 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (safe logging): - - When logging a malformed hostname received through socks4, scrub it - if SafeLogging says we should. Fixes bug 17419; bugfix on 0.1.1.16-rc. diff --git a/changes/bug17544 b/changes/bug17544 deleted file mode 100644 index 4316d0709c..0000000000 --- a/changes/bug17544 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfix (SipHash-2-4 performance): - - Improve performance when hashing non-multiple of 8 sized buffers, - based on Andrew Moon's Public Domain SipHash-2-4 implementation. - Fixes bug 17544; bugfix on 0.2.5.3-alpha. diff --git a/changes/bug17549 b/changes/bug17549 deleted file mode 100644 index f0bb6903e7..0000000000 --- a/changes/bug17549 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (compilation): - - Repair some compilation issues with some recent (unreleased, alpha) - vesions of OpenSSL 1.1. Closes ticket 17549. diff --git a/changes/bug17562-DataDirectoryGroupReadable b/changes/bug17562-DataDirectoryGroupReadable deleted file mode 100644 index 2299148d38..0000000000 --- a/changes/bug17562-DataDirectoryGroupReadable +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (unix permissions): - - Introduce DataDirectoryGroupReadable boolean. If set to 1, the - DataDirectory will be made readable by the default GID. - Implements part of ticket 17562. Patch from Jamie Nguyen. - diff --git a/changes/bug17562-allow-root-group-read b/changes/bug17562-allow-root-group-read deleted file mode 100644 index 29978fa07d..0000000000 --- a/changes/bug17562-allow-root-group-read +++ /dev/null @@ -1,7 +0,0 @@ - o Minor features (unix permissions): - - If any directory created by Tor is marked as group readable, the - filesystem group is allowed to be either the default GID or the root - user. Allowing root to read the DataDirectory prevents the need for - CAP_READ_SEARCH when using systemd's CapabilityBoundingSet, or - dac_read_search when using SELinux. - Implements part of ticket 17562. Patch from Jamie Nguyen. diff --git a/changes/bug17562-defer-unix-socket-creation b/changes/bug17562-defer-unix-socket-creation deleted file mode 100644 index 3e21d358d5..0000000000 --- a/changes/bug17562-defer-unix-socket-creation +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (unix permissions): - - Defer creation of Unix sockets until after setuid. This avoids needing - CAP_CHOWN and CAP_FOWNER when using systemd's CapabilityBoundingSet, or - chown and fowner when using SELinux. - Implements part of ticket 17562. Patch from Jamie Nguyen. diff --git a/changes/bug17572-fallback-by-digest b/changes/bug17572-fallback-by-digest deleted file mode 100644 index 3fba123360..0000000000 --- a/changes/bug17572-fallback-by-digest +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfix (fallback directories): - - Mark fallbacks as "too busy" when they return a 503 response, - rather than just marking authorities. - Fixes bug 17572; bugfix on 5c51b3f1f0d4 released in 0.2.4.7-alpha. - Patch by "teor". diff --git a/changes/bug17583 b/changes/bug17583 deleted file mode 100644 index d77d46759a..0000000000 --- a/changes/bug17583 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Add a description of the correct use of the '--keygen' command-line - option. Closes ticket 17583; based on text by 's7r'. - diff --git a/changes/bug17589 b/changes/bug17589 deleted file mode 100644 index 4144af7c11..0000000000 --- a/changes/bug17589 +++ /dev/null @@ -1,7 +0,0 @@ - o Code simplification and refactoring: - - When a direct directory request fails immediately on launch, - instead of relaunching that request from inside the code that - launches it, instead mark the connection for teardown. This - change simplifies Tor's callback and prevents the directory- - request launching code from invoking itself recursively. - Closes ticket 17589.
\ No newline at end of file diff --git a/changes/bug17632-no-ipv4-no-localhost b/changes/bug17632-no-ipv4-no-localhost deleted file mode 100644 index 99a2e2c325..0000000000 --- a/changes/bug17632-no-ipv4-no-localhost +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfix (unit tests): - - Make unit tests pass on IPv6-only systems, and systems without - localhost addresses (like some FreeBSD jails). - Fixes bug 17632; bugfix on 0.2.7.3-rc. - Patch by "teor". diff --git a/changes/bug17638-ipv6-ersatz-socketpair b/changes/bug17638-ipv6-ersatz-socketpair deleted file mode 100644 index 90a74f419f..0000000000 --- a/changes/bug17638-ipv6-ersatz-socketpair +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfix (IPv6 compatibility, unit tests): - - Make tor_ersatz_socketpair work on IPv6-only systems. - Fixes bug 17638; bugfix on 0.0.2pre8. - Patch by "teor". - diff --git a/changes/bug17675 b/changes/bug17675 deleted file mode 100644 index 8326a0b9e8..0000000000 --- a/changes/bug17675 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (linux seccomp2 sandbox): - - Fix a crash when using offline master ed25519 keys with the - Linux seccomp2 sandbox enabled. Fixes bug 17675; bugfix on - 0.2.7.3-alpha. diff --git a/changes/bug17683 b/changes/bug17683 deleted file mode 100644 index e9d47513ab..0000000000 --- a/changes/bug17683 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (TLS context): - - Assert when the TLS contexts fail to initialize. Fixes bug 17683; - bugfix on 0.0.6. diff --git a/changes/bug17686 b/changes/bug17686 deleted file mode 100644 index 78e6c8f92b..0000000000 --- a/changes/bug17686 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (security): - - Adjust Tor's use of OpenSSL's RNG APIs so that they absolutely, - positively are not allowed to fail. Previously we depended on - internals about OpenSSL behavior. Closes ticket 17686. diff --git a/changes/bug17694_strongest b/changes/bug17694_strongest deleted file mode 100644 index 0a8954a25e..0000000000 --- a/changes/bug17694_strongest +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (security): - - Never use the system entropy output directly for anything besides - seeding the PRNG. When we want to generate important keys, instead - of using system entropy directly, hash it with the PRNG stream. - This may help resist certain attacks based on broken OS entropy - implementations. Closes part of ticket 17694.
\ No newline at end of file diff --git a/changes/bug17753 b/changes/bug17753 deleted file mode 100644 index 918712f5c3..0000000000 --- a/changes/bug17753 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (code correctness): - - Assert that allocated memory held by the reputation code is freed - according to its internal counters. Fixes bug 17753; bugfix on - tor-0.1.1.1-alpha. diff --git a/changes/bug17778 b/changes/bug17778 deleted file mode 100644 index 9844969a3b..0000000000 --- a/changes/bug17778 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (tests): - - Fix a memory leak in the ntor test. Fixes bug 17778; bugfix on - 0.2.4.8-alpha. diff --git a/changes/bug17791 b/changes/bug17791 deleted file mode 100644 index f191012cd4..0000000000 --- a/changes/bug17791 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Fix a minor formatting typo in the manpage. Closes ticket - 17791. - diff --git a/changes/bug17804 b/changes/bug17804 deleted file mode 100644 index bd2a3cbdff..0000000000 --- a/changes/bug17804 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Replace usage of 'INLINE' with 'inline'. Fixes bug 17804; bugfix - on tor-0.0.2pre8. diff --git a/changes/bug17818 b/changes/bug17818 deleted file mode 100644 index 3d9afe329e..0000000000 --- a/changes/bug17818 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Isolate environment variables meant for tests from the rest of the - build system. Fixes bug 17818; bugfix on tor-0.2.7.3-rc. diff --git a/changes/bug17819 b/changes/bug17819 deleted file mode 100644 index 45c55f74b6..0000000000 --- a/changes/bug17819 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Don't try to use the pthrad_condattr_setclock() function unless - it actually exists. Fixes compilation on NetBSD-6.x. Fixes bug - 17819; bugfix on 0.2.6.3-alpha. diff --git a/changes/bug17827 b/changes/bug17827 deleted file mode 100644 index 04cd3b5977..0000000000 --- a/changes/bug17827 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix backtrace compilation on FreeBSD. Fixes bug 17827; bugfix on - tor-0.2.5.2-alpha. diff --git a/changes/bug17843 b/changes/bug17843 deleted file mode 100644 index 6cb16a0b6a..0000000000 --- a/changes/bug17843 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (logging): - - Remove needless quotes from a log message about unparseable addresses. - Fixes bug 17843; bugfix on 0.2.3.3-alpha. diff --git a/changes/bug17876 b/changes/bug17876 deleted file mode 100644 index 7446336c24..0000000000 --- a/changes/bug17876 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (client, correctness): - - When closing an entry connection, generate a warning if we should - have sent an end cell for it but we haven't. Fixes bug 17876; - bugfix on 0.2.3.2-alpha. - diff --git a/changes/bug17892 b/changes/bug17892 deleted file mode 100644 index 73c26e9c94..0000000000 --- a/changes/bug17892 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (testing): - - Log more information when the backtrace tests fail. - Closes ticket 17892. Patch from "cypherpunks." - diff --git a/changes/bug17893 b/changes/bug17893 deleted file mode 100644 index 06808c0017..0000000000 --- a/changes/bug17893 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (build): - - Since our build process now uses 'make distcheck', we no longer force - "make dist" to depend on "make check". Closes ticket 17893; - patch from "cypherpunks." diff --git a/changes/bug17906 b/changes/bug17906 deleted file mode 100644 index b9174c3d0a..0000000000 --- a/changes/bug17906 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (authorities): - - Update the V3 identity key for dannenberg: it was changed on - 18 November 2015. - Closes task 17906. Patch by "teor". diff --git a/changes/bug17923 b/changes/bug17923 deleted file mode 100644 index d828520201..0000000000 --- a/changes/bug17923 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (portability): - - Remove an #endif from configure.ac so that we correctly detect - the presence of in6_addr.s6_addr32. Fixes bug 17923; bugfix on - 0.2.0.13-alpha. diff --git a/changes/bug17924 b/changes/bug17924 deleted file mode 100644 index aa5cf58730..0000000000 --- a/changes/bug17924 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (makefile): - - Remove config.log only from make distclean, not from - make clean. Fixes bug 17924; bugfix on 0.2.4.1-alpha. - diff --git a/changes/bug18050 b/changes/bug18050 deleted file mode 100644 index 4457ed262e..0000000000 --- a/changes/bug18050 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (relays): - - Check that both the ORPort and DirPort (if present) are reachable - before publishing a relay descriptor. Otherwise, relays publish a - descriptor with DirPort 0 when the DirPort reachability test takes - longer than the ORPort reachability test. - Fixes bug 18050; bugfix on 0.1.0.1-rc. - Reported by "starlight", patch by "teor". diff --git a/changes/bug18089 b/changes/bug18089 deleted file mode 100644 index b1ebd45545..0000000000 --- a/changes/bug18089 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (security): - - Make memwipe() do nothing when passed a NULL pointer - or zero size. Check size argument to memwipe() for underflow. - Fixes bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. - Reported by "gk", patch by "teor". diff --git a/changes/bug4483-multiple-consensus-downloads b/changes/bug4483-multiple-consensus-downloads deleted file mode 100644 index 7e8bcc24cc..0000000000 --- a/changes/bug4483-multiple-consensus-downloads +++ /dev/null @@ -1,9 +0,0 @@ - o Major features (consensus downloads): - - Schedule multiple in-progress consensus downloads during client - bootstrap. Use the first one that starts downloading, close the - rest. This reduces failures when authorities are slow or down. - Together with the code for feature 15775, it reduces failures due to fallback churn. - Implements ticket 4483 (reduce failures when authorities are down). - Patch by "teor". - Implements IPv4 portions of proposal 210 by "mikeperry" and - "teor". diff --git a/changes/bug6027 b/changes/bug6027 deleted file mode 100644 index 65be5443e8..0000000000 --- a/changes/bug6027 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (IPv6 support): - - Allow users to configure directory authorities and fallback - directory servers with IPv6 addresses and ORPorts. Resolves - ticket 6027. diff --git a/changes/check-crypto-errors b/changes/check-crypto-errors deleted file mode 100644 index b3da7a1984..0000000000 --- a/changes/check-crypto-errors +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfix (crypto): - - Check the return value of HMAC and assert on failure. - Fixes bug 17658; bugfix on 0.2.3.6-alpha. - Patch by "teor". diff --git a/changes/cleanup_17587 b/changes/cleanup_17587 deleted file mode 100644 index a2cecdd7b4..0000000000 --- a/changes/cleanup_17587 +++ /dev/null @@ -1,3 +0,0 @@ - o Code simplification and refactoring: - - Clean up a little duplicated code in crypto_expand_key_material_TAP. - Closes ticket 17587; patch from "pfrankw". diff --git a/changes/decouple_circuit_mark b/changes/decouple_circuit_mark deleted file mode 100644 index a852f48133..0000000000 --- a/changes/decouple_circuit_mark +++ /dev/null @@ -1,6 +0,0 @@ - o Code simplification and refactoring: - - Extract the more complicated parts of circuit_mark_for_close into - a new function run periodically before connections are freed. - This change removes more than half of the functions currently - in the "blob". - Closes ticket 17218. diff --git a/changes/decouple_conn_attach b/changes/decouple_conn_attach deleted file mode 100644 index 8619c4d325..0000000000 --- a/changes/decouple_conn_attach +++ /dev/null @@ -1,6 +0,0 @@ - o Code simplification and refactoring: - - Decouple the list of streams needing to be attached to circuits - from the overall connection list. This change makes it possible to - attach streams quickly while both simplifying Tor's callgraph and - avoiding O(N) scans of the entire connection list. Closes ticket - 17590. diff --git a/changes/doc17392 b/changes/doc17392 deleted file mode 100644 index 3c93497b00..0000000000 --- a/changes/doc17392 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Mention torspec URL in the manpage and point the reader to it - whenever we mention a document that belongs in torspce. - Fixes issue 17392. diff --git a/changes/feature12538 b/changes/feature12538 deleted file mode 100644 index 4e7ea9f41d..0000000000 --- a/changes/feature12538 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (directory system): - Previously only relays who explicitly opened a directory port (DirPort) - accepted directory requests from clients. Now all relays, with and without - a DirPort, who do not disable the DirCache option accept and serve - directory requests sent (tunnelled) through their ORPort. - Closes ticket 12538. diff --git a/changes/feature13696 b/changes/feature13696 deleted file mode 100644 index 21c2188d12..0000000000 --- a/changes/feature13696 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (security, cryptography): - - Use modern system calls to generate strong entropy on platforms that - provide them. Closes ticket 13696. diff --git a/changes/feature14846 b/changes/feature14846 deleted file mode 100644 index 4668761f22..0000000000 --- a/changes/feature14846 +++ /dev/null @@ -1,4 +0,0 @@ - o Major features (controller): - - New "GETINFO hs/service/desc/id/" command to retrieve a hidden service - descriptor from a service's local hidden service descriptor cache. - Closes ticket 14846. diff --git a/changes/feature15775-fallback b/changes/feature15775-fallback deleted file mode 100644 index 3a0ff231a2..0000000000 --- a/changes/feature15775-fallback +++ /dev/null @@ -1,19 +0,0 @@ - o Major features (directory mirrors): - - Include an opt-in trial list of Default Fallback Directories in - add_default_fallback_dir_servers(). - "Tor has included a feature to fetch the initial consensus from nodes - other than the authorities for a while now. We just haven't shipped a - list of alternate locations for clients to go to yet. - Reasons why we might want to ship tor with a list of additional places - where clients can find the consensus is that it makes authority - reachability and BW less important. - We want them to have been around and using their current key, address, - and port for a while now (120 days), and have been running, a guard, - and a v2 directory mirror for most of that time." - We exclude BadExits and tor versions that aren't recommended. - We include an IPv6 address for each FallbackDir (see ticket 8374). - (Tor might not use IPv6 fallbacks until ticket the code for ticket6027 is merged.) - The unit test ensures that we successfully load all included - default fallback directories. - Closes ticket 15775. Patch by "teor". - OnionOO script by "weasel", "teor", "gsathya", and "karsten". diff --git a/changes/feature16774 b/changes/feature16774 deleted file mode 100644 index dc9c329346..0000000000 --- a/changes/feature16774 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (controller): - - Adds FallbackDir entries to 'GETINFO config/defaults'. Closes tickets - 16774 and 17817. Patch by George Tankersley. diff --git a/changes/feature17076 b/changes/feature17076 deleted file mode 100644 index 50ebc96327..0000000000 --- a/changes/feature17076 +++ /dev/null @@ -1,3 +0,0 @@ - o Testing: - - New tests for options_validate. Closes ticket 17076. Patch from - Ola Bini. diff --git a/changes/feature17327 b/changes/feature17327 deleted file mode 100644 index 2fab09990b..0000000000 --- a/changes/feature17327 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor feature (IPv6): - - Add a flag ipv6=address:orport to the DirAuthority and FallbackDir torrc - options. Add hard-coded ipv6 addresses for directory authorities with - ipv6 lines in their descriptors. - Closes ticket 17327; patch from Nick Mathewson / "teor". diff --git a/changes/feature17576-UseDefaultFallbackDirs b/changes/feature17576-UseDefaultFallbackDirs deleted file mode 100644 index 68843c4769..0000000000 --- a/changes/feature17576-UseDefaultFallbackDirs +++ /dev/null @@ -1,4 +0,0 @@ - o Minor feature (fallback directories): - - Add UseDefaultFallbackDirs, which enables any hard-coded fallback - directory mirrors. Default is 1, set it to 0 to disable fallbacks. - Implements ticket 17576. Patch by "teor". diff --git a/changes/feature17608 b/changes/feature17608 deleted file mode 100644 index d56bb7d4a7..0000000000 --- a/changes/feature17608 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor feature (refactoring): - - Move logging of redundant policy entries in - policies_parse_exit_policy_internal into its own function. - Closes ticket 17608; patch from "juce". diff --git a/changes/feature17663 b/changes/feature17663 deleted file mode 100644 index baad9436fc..0000000000 --- a/changes/feature17663 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor feature (crypto): - - Add SHA512 support to crypto.c. Closes ticket 17663; patch from - George Tankersley. diff --git a/changes/feature17796 b/changes/feature17796 deleted file mode 100644 index d96daed262..0000000000 --- a/changes/feature17796 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (crypto): - - When allocating a digest state object, allocate no more space than we - actually need. Previously, we were allocating as much space as the - state for the largest algorithm would need. This change saves up to - 672 bytes per circuit. Closes ticket 17796. - diff --git a/changes/feature17863 b/changes/feature17863 deleted file mode 100644 index 86c4e2ce0c..0000000000 --- a/changes/feature17863 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor feature (IPv6): - - Add address policy assume_action support for IPv6 addresses. - - Limit IPv6 mask bits to 128. - - Warn when comparing against an AF_UNSPEC address in a policy, - it's almost always a bug. - Closes ticket 17863; patch by "teor". diff --git a/changes/feature17864 b/changes/feature17864 deleted file mode 100644 index 1cf156206b..0000000000 --- a/changes/feature17864 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor feature (directory downloads): - - Wait for busy authorities and fallbacks to become non-busy when - bootstrapping. (A similar change was made in 6c443e987d for - directory servers chosen from the consensus.) - Closes ticket 17864; patch by "teor". diff --git a/changes/feature17950 b/changes/feature17950 deleted file mode 100644 index bc255a791e..0000000000 --- a/changes/feature17950 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (relay, address discovery): - - Add a family argument to get_interface_addresses_raw() and - subfunctions to make network interface address interogation more - efficient. Now Tor can specifically ask for IPv4, IPv6 or both - types of interfaces from the operating system. Resolves ticket 17950. diff --git a/changes/feature17951 b/changes/feature17951 deleted file mode 100644 index 67a6a8fd66..0000000000 --- a/changes/feature17951 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (relay, address discovery): - - When get_interface_address6_list(.,AF_UNSPEC,.) is called and fails - to enumerate interface addresses using the platform-specific API, - have it rely on the UDP socket fallback technique to try and find - out what IP addresses (both IPv4 and IPv6) our machine has. Resolves - ticket 17951. diff --git a/changes/feature17986 b/changes/feature17986 deleted file mode 100644 index 8039701a3a..0000000000 --- a/changes/feature17986 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (security): - - Use SecureMemoryWipe() function to securely clean memory on - Windows. Implements feature 17986. diff --git a/changes/feature8195 b/changes/feature8195 deleted file mode 100644 index 5c9a36791c..0000000000 --- a/changes/feature8195 +++ /dev/null @@ -1,6 +0,0 @@ - o Major features (relay): - - When Tor is started as root on Linux and told to switch user ID, it - can now retain the capabilitity to bind to low ports. By default, - Tor will do this only when it's switching user ID and some low - ports have been configured. You can change this behavior with - the new option KeepBindCapabilities. Closes ticket 8195. diff --git a/changes/feature8961-replaycache-sha256 b/changes/feature8961-replaycache-sha256 deleted file mode 100644 index c761aa8dd2..0000000000 --- a/changes/feature8961-replaycache-sha256 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (replaycache): - - The replay cache now uses SHA256 instead of SHA1. - Implements feature 8961. - Patch by "teor", issue reported by "rransom". diff --git a/changes/first-hop-no-private b/changes/first-hop-no-private deleted file mode 100644 index 4cef638f8f..0000000000 --- a/changes/first-hop-no-private +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfix (relays, hidden services): - - Refuse connection requests to private OR addresses unless - ExtendAllowPrivateAddresses is set. Previously, tor would - connect, then refuse to send any cells to a private address. - Fixes bugs 17674 and 8976; bugfix on 0.2.3.21-rc. - Patch by "teor". diff --git a/changes/geoip-january2016 b/changes/geoip-january2016 deleted file mode 100644 index 0d9466539a..0000000000 --- a/changes/geoip-january2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the January 5 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/getinfo-private-exitpolicy b/changes/getinfo-private-exitpolicy deleted file mode 100644 index 29b3d76b67..0000000000 --- a/changes/getinfo-private-exitpolicy +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (exit policies, controllers): - - Add controller getinfo exit-policy/reject-private/[default,relay] - for the reject rules added by ExitPolicyRejectPrivate. This makes - it easier for stem to display exit policies. - - Add unit tests for getinfo exit-policy/*. - Finishes implementation for ticket 17183. Patch by "teor". diff --git a/changes/laplace-edge-cases b/changes/laplace-edge-cases deleted file mode 100644 index b83346e7a0..0000000000 --- a/changes/laplace-edge-cases +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes (statistics code): - - Handle edge cases in the laplace functions: avoid division by zero, - avoid taking the log of zero, and silence clang type conversion - warnings using round and trunc. Add unit tests for edge cases with - maximal values. Fixes part of bug 13192; bugfix on 0.2.6.2-alpha. - - Consistently check for overflow in round_*_to_next_multiple_of - functions, and add unit tests with additional and maximal values. - Fixes part of bug 13192; bugfix on 0.2.2.1-alpha. - diff --git a/changes/log_heartbeat_test b/changes/log_heartbeat_test deleted file mode 100644 index 7bcc53f9cc..0000000000 --- a/changes/log_heartbeat_test +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfix (testing): - - The test for log_heartbeat was incorrectly failing in timezones - with non-integer offsets. Instead of comparing the end of the - time string against a constant, compare it to the output of - format_local_iso_time when given the correct input. - Fixes bug 18039; bugfix on 0.2.5.4-alpha. diff --git a/changes/rand-failure-modes b/changes/rand-failure-modes deleted file mode 100644 index cc6ef4744e..0000000000 --- a/changes/rand-failure-modes +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (unit tests, random number generation): - - Add unit tests that check for common RNG failure modes, such as - returning all zeroes, identical values, or incrementing values - (OpenSSL's rand_predictable feature). - Patch by "teor". diff --git a/changes/routerset-parse-IPv6-literals b/changes/routerset-parse-IPv6-literals deleted file mode 100644 index 52026f3ed4..0000000000 --- a/changes/routerset-parse-IPv6-literals +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (routersets, IPv6): - - routerset_parse now accepts IPv6 literal addresses. - Fixes bug 17060; bugfix on 0.2.1.3-alpha. Patch by "teor". diff --git a/changes/sha-unit-tests b/changes/sha-unit-tests deleted file mode 100644 index 437bff3e0a..0000000000 --- a/changes/sha-unit-tests +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (unit tests): - - Check the full results of SHA256 and SHA512 digests in the - unit tests. Bugfix on 0.2.2.4-alpha. Patch by "teor". diff --git a/changes/test16831 b/changes/test16831 deleted file mode 100644 index 7db2d14df5..0000000000 --- a/changes/test16831 +++ /dev/null @@ -1,3 +0,0 @@ - o Testing: - - Cover dns_resolve_impl() in dns.c with unit tests. Implements a - portion of ticket 16831. diff --git a/changes/ticket15989 b/changes/ticket15989 deleted file mode 100644 index a0a904b63c..0000000000 --- a/changes/ticket15989 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (accounting): - - Added two modes to AccountingRule in torrc for - limiting just input or just output. - Closes ticket 15989; patch from "unixninja92". - - o Minor bugfixes (accounting): - - The max bandwidth when using AccountRule sum - is now correctly logged. Fixes bug 18024; bugfix on 0.2.6.1-alpha. - Patch from "unixninja92". diff --git a/changes/ticket17158 b/changes/ticket17158 deleted file mode 100644 index 6332248345..0000000000 --- a/changes/ticket17158 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (fallback directories): - - Add a set of default fallback directories for the 0.2.8 alpha releases. - Closes ticket 17158. - Patch by "teor". diff --git a/changes/warn-when-time-goes-backwards b/changes/warn-when-time-goes-backwards deleted file mode 100644 index 8a9485b0c0..0000000000 --- a/changes/warn-when-time-goes-backwards +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (security, clock): - - Warn when the system clock is set back in time (when the - state file was last written in the future). Tor doesn't know - that consensuses have expired if the clock is in the past. - Patch by "teor". Implements ticket 17188. diff --git a/scripts/maint/sortChanges.py b/scripts/maint/sortChanges.py index 7e25cefd53..d6ec0e269d 100755 --- a/scripts/maint/sortChanges.py +++ b/scripts/maint/sortChanges.py @@ -16,10 +16,36 @@ def fetch(fn): s = "%s\n" % s.rstrip() return s +CSR='Code simplification and refactoring' + +REPLACEMENTS = { + # plurals + 'Minor bugfix' : 'Minor bugfixes', + 'Major bugfix' : 'Major bugfixes', + 'Minor feature' : 'Minor features', + 'Major feature' : 'Major features', + 'Removed feature' : 'Removed features', + 'Code simplification and refactorings' : CSR, + 'Code simplifications and refactoring' : CSR, + 'Code simplifications and refactorings' : CSR, + + # wrong words + 'Minor fix' : 'Minor bugfixes', + 'Major fix' : 'Major bugfixes', + 'Minor fixes' : 'Minor bugfixes', + 'Major fixes' : 'Major bugfixes', + 'Minor enhancement' : 'Minor features', + 'Minor enhancements' : 'Minor features', + 'Major enhancement' : 'Major features', + 'Major enhancements' : 'Major features', +} + def score(s,fname=None): m = re.match(r'^ +o ([^\n]*)\n(.*)', s, re.M|re.S) if not m: print >>sys.stderr, "Can't score %r from %s"%(s,fname) + heading = m.group(1) + heading = REPLACEMENTS.get(heading, heading) lw = m.group(1).lower() if lw.startswith("major feature"): score = 0 @@ -36,7 +62,7 @@ def score(s,fname=None): else: score = 100 - return (score, lw, m.group(1), m.group(2)) + return (score, lw, heading, m.group(2)) def splitChanges(s): this_entry = [] |