diff options
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 5559 |
1 files changed, 5517 insertions, 42 deletions
@@ -1,4 +1,5472 @@ -Changes in version 0.2.9.5-rc - 2016-1?-?? +Changes in version 0.3.3.2-alpha - 2018-02-10 + Tor 0.3.3.2-alpha is the second alpha in the 0.3.3.x series. It + introduces a mechanism to handle the high loads that many relay + operators have been reporting recently. It also fixes several bugs in + older releases. If this new code proves reliable, we plan to backport + it to older supported release series. + + o Major features (denial-of-service mitigation): + - Give relays some defenses against the recent network overload. We + start with three defenses (default parameters in parentheses). + First: if a single client address makes too many concurrent + connections (>100), hang up on further connections. Second: if a + single client address makes circuits too quickly (more than 3 per + second, with an allowed burst of 90) while also having too many + connections open (3), refuse new create cells for the next while + (1-2 hours). Third: if a client asks to establish a rendezvous + point to you directly, ignore the request. These defenses can be + manually controlled by new torrc options, but relays will also + take guidance from consensus parameters, so there's no need to + configure anything manually. Implements ticket 24902. + + o Major bugfixes (netflow padding): + - Stop adding unneeded channel padding right after we finish + flushing to a connection that has been trying to flush for many + seconds. Instead, treat all partial or complete flushes as + activity on the channel, which will defer the time until we need + to add padding. This fix should resolve confusing and scary log + messages like "Channel padding timeout scheduled 221453ms in the + past." Fixes bug 22212; bugfix on 0.3.1.1-alpha. + + o Major bugfixes (protocol versions): + - Add Link protocol version 5 to the supported protocols list. Fixes + bug 25070; bugfix on 0.3.1.1-alpha. + + o Major bugfixes (scheduler, consensus): + - The scheduler subsystem was failing to promptly notice changes in + consensus parameters, making it harder to switch schedulers + network-wide. Fixes bug 24975; bugfix on 0.3.2.1-alpha. + + o Minor features (denial-of-service avoidance): + - Make our OOM handler aware of the geoip client history cache so it + doesn't fill up the memory. This check is important for IPv6 and + our DoS mitigation subsystem. Closes ticket 25122. + + o Minor features (directory authority): + - When directory authorities are unable to add signatures to a + pending consensus, log the reason why. Closes ticket 24849. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 7 2018 Maxmind GeoLite2 + Country database. + + o Minor features (logging, diagnostic): + - When logging a failure to create an onion service's descriptor, + also log what the problem with the descriptor was. Diagnostic for + ticket 24972. + + o Minor bugfix (channel connection): + - Use the actual observed address of an incoming relay connection, + not the canonical address of the relay from its descriptor, when + making decisions about how to handle the incoming connection. + Fixes bug 24952; bugfix on 0.2.4.11-alpha. Patch by "ffmancera". + + o Minor bugfix (directory authority): + - Directory authorities, when refusing a descriptor from a rejected + relay, now explicitly tell the relay (in its logs) to set a valid + ContactInfo address and contact the bad-relays@ mailing list. + Fixes bug 25170; bugfix on 0.2.9.1. + + o Minor bugfixes (all versions of Tor): + - Use the "misspell" tool to detect and fix typos throughout the + source code. Fixes bug 23650; bugfix on various versions of Tor. + Patch from Deepesh Pathak. + + o Minor bugfixes (circuit, cannibalization): + - Don't cannibalize preemptively-built circuits if we no longer + recognize their first hop. This situation can happen if our Guard + relay went off the consensus after the circuit was created. Fixes + bug 24469; bugfix on 0.0.6. + + o Minor bugfixes (correctness): + - Remove a nonworking, unnecessary check to see whether a circuit + hop's identity digest was set when the circuit failed. Fixes bug + 24927; bugfix on 0.2.4.4-alpha. + + o Minor bugfixes (logging): + - Don't treat inability to store a cached consensus object as a bug: + it can happen normally when we are out of disk space. Fixes bug + 24859; bugfix on 0.3.1.1-alpha. + - Fix a (mostly harmless) race condition when invoking + LOG_PROTOCOL_WARN message from a subthread while the torrc options + are changing. Fixes bug 23954; bugfix on 0.1.1.9-alpha. + + o Minor bugfixes (onion services): + - Remove a BUG() statement when a client fetches an onion descriptor + that has a lower revision counter than the one in its cache. This + can happen in normal circumstances due to HSDir desync. Fixes bug + 24976; bugfix on 0.3.2.1-alpha. + - If we are configured to offer a single onion service, don't log + long-term established one hop rendezvous points in the heartbeat. + Fixes bug 25116; bugfix on 0.2.9.6-rc. + + o Minor bugfixes (performance): + - Avoid calling protocol_list_supports_protocol() from inside tight + loops when running with cached routerinfo_t objects. Instead, + summarize the relevant protocols as flags in the routerinfo_t, as + we do for routerstatus_t objects. This change simplifies our code + a little, and saves a large amount of short-term memory allocation + operations. Fixes bug 25008; bugfix on 0.2.9.4-alpha. + + o Minor bugfixes (Rust FFI): + - Fix a minor memory leak which would happen whenever the C code + would call the Rust implementation of + protover_get_supported_protocols(). This was due to the C version + returning a static string, whereas the Rust version newly allocated + a CString to pass accross the FFI boundary. Consequently, the C + code was not expecting to need to free() what it was given. Fixes + bug 25127; bugfix on 0.3.2.1-alpha. + + o Minor bugfixes (scheduler, KIST): + - Avoid adding the same channel twice in the KIST scheduler pending + list, which would waste CPU cycles. Fixes bug 24700; bugfix + on 0.3.2.1-alpha. + + o Minor bugfixes (unit test, monotonic time): + - Increase a constant (1msec to 10msec) in the monotonic time test + that makes sure the nsec/usec/msec times read are synchronized. + This change was needed to accommodate slow systems like armel or + when the clock_gettime() is not a VDSO on the running kernel. + Fixes bug 25113; bugfix on 0.2.9.1. + + o Minor bugfixes (v3 onion services): + - Look at the "HSRend" protocol version, not the "HSDir" protocol + version, when deciding whether a consensus entry can support the + v3 onion service protocol as a rendezvous point. Fixes bug 25105; + bugfix on 0.3.2.1-alpha. + + o Code simplification and refactoring: + - Remove the unused nodelist_recompute_all_hsdir_indices(). Closes + ticket 25108. + - Remove a series of counters used to track circuit extend attempts + and connection status but that in reality we aren't using for + anything other than stats logged by a SIGUSR1 signal. Closes + ticket 25163. + + o Documentation (man page): + - The HiddenServiceVersion torrc option accepts only one number: + either version 2 or 3. Closes ticket 25026; bugfix + on 0.3.2.2-alpha. + + +Changes in version 0.3.3.1-alpha - 2018-01-25 + Tor 0.3.3.1-alpha is the first release in the 0.3.3.x series. It adds + several new features to Tor, including several improvements to + bootstrapping, and support for an experimental "vanguards" feature to + resist guard discovery attacks. This series also includes better + support for applications that need to embed Tor or manage v3 + onion services. + + o Major features (embedding): + - There is now a documented stable API for programs that need to + embed Tor. See tor_api.h for full documentation and known bugs. + Closes ticket 23684. + - Tor now has support for restarting in the same process. + Controllers that run Tor using the "tor_api.h" interface can now + restart Tor after Tor has exited. This support is incomplete, + however: we fixed crash bugs that prevented it from working at + all, but many bugs probably remain, including a possibility of + security issues. Implements ticket 24581. + + o Major features (IPv6, directory documents): + - Add consensus method 27, which adds IPv6 ORPorts to the microdesc + consensus. This information makes it easier for IPv6 clients to + bootstrap and choose reachable entry guards. Implements 23826. + - Add consensus method 28, which removes IPv6 ORPorts from + microdescriptors. Now that the consensus contains IPv6 ORPorts, + they are redundant in microdescs. This change will be used by Tor + clients on 0.2.8.x and later. (That is to say, with all Tor + clients having IPv6 bootstrap and guard support.) Implements 23828. + - Expand the documentation for AuthDirHasIPv6Connectivity when it is + set by different numbers of authorities. Fixes 23870 + on 0.2.4.1-alpha. + + o Major features (onion service v3, control port): + - The control port now supports commands and events for v3 onion + services. It is now possible to create ephemeral v3 services using + ADD_ONION. Additionally, several events (HS_DESC, HS_DESC_CONTENT, + CIRC and CIRC_MINOR) and commands (GETINFO, HSPOST, ADD_ONION and + DEL_ONION) have been extended to support v3 onion services. Closes + ticket 20699; implements proposal 284. + + o Major features (onion services): + - Provide torrc options to pin the second and third hops of onion + service circuits to a list of nodes. The option HSLayer2Guards + pins the second hop, and the option HSLayer3Guards pins the third + hop. These options are for use in conjunction with experiments + with "vanguards" for preventing guard enumeration attacks. Closes + ticket 13837. + + o Major features (rust, portability, experimental): + - Tor now ships with an optional implementation of one of its + smaller modules (protover.c) in the Rust programming language. To + try it out, install a Rust build environment, and configure Tor + with "--enable-rust --enable-cargo-online-mode". This should not + cause any user-visible changes, but should help us gain more + experience with Rust, and plan future Rust integration work. + Implementation by Chelsea Komlo. Closes ticket 22840. + + o Major features (storage, configuration): + - Users can store cached directory documents somewhere other than + the DataDirectory by using the CacheDirectory option. Similarly, + the storage location for relay's keys can be overridden with the + KeyDirectory option. Closes ticket 22703. + + o Major features (v3 onion services, ipv6): + - When v3 onion service clients send introduce cells, they now + include the IPv6 address of the rendezvous point, if it has one. + Current v3 onion services running 0.3.2 ignore IPv6 addresses, but + in future Tor versions, IPv6-only v3 single onion services will be + able to use IPv6 addresses to connect directly to the rendezvous + point. Closes ticket 23577. Patch by Neel Chauhan. + + o Major bugfixes (onion services, retry behavior): + - Fix an "off by 2" error in counting rendezvous failures on the + onion service side. While we thought we would stop the rendezvous + attempt after one failed circuit, we were actually making three + circuit attempts before giving up. Now switch to a default of 2, + and allow the consensus parameter "hs_service_max_rdv_failures" to + override. Fixes bug 24895; bugfix on 0.0.6. + - New-style (v3) onion services now obey the "max rendezvous circuit + attempts" logic. Previously they would make as many rendezvous + circuit attempts as they could fit in the MAX_REND_TIMEOUT second + window before giving up. Fixes bug 24894; bugfix on 0.3.2.1-alpha. + + o Major bugfixes (relays): + - Fix a set of false positives where relays would consider + connections to other relays as being client-only connections (and + thus e.g. deserving different link padding schemes) if those + relays fell out of the consensus briefly. Now we look only at the + initial handshake and whether the connection authenticated as a + relay. Fixes bug 24898; bugfix on 0.3.1.1-alpha. + + o Minor feature (IPv6): + - Make IPv6-only clients wait for microdescs for relays, even if we + were previously using descriptors (or were using them as a bridge) + and have a cached descriptor for them. Implements 23827. + - When a consensus has IPv6 ORPorts, make IPv6-only clients use + them, rather than waiting to download microdescriptors. + Implements 23827. + + o Minor features (cleanup): + - Tor now deletes the CookieAuthFile and ExtORPortCookieAuthFile + when it stops. Closes ticket 23271. + + o Minor features (defensive programming): + - Most of the functions in Tor that free objects have been replaced + with macros that free the objects and set the corresponding + pointers to NULL. This change should help prevent a large class of + dangling pointer bugs. Closes ticket 24337. + - Where possible, the tor_free() macro now only evaluates its input + once. Part of ticket 24337. + - Check that microdesc ed25519 ids are non-zero in + node_get_ed25519_id() before returning them. Implements 24001, + patch by "aruna1234". + + o Minor features (directory authority): + - Make the "Exit" flag assignment only depend on whether the exit + policy allows connections to ports 80 and 443. Previously relays + would get the Exit flag if they allowed connections to one of + these ports and also port 6667. Resolves ticket 23637. + + o Minor features (embedding): + - Tor can now start with a preauthenticated control connection + created by the process that launched it. This feature is meant for + use by programs that want to launch and manage a Tor process + without allowing other programs to manage it as well. For more + information, see the __OwningControllerFD option documented in + control-spec.txt. Closes ticket 23900. + - On most errors that would cause Tor to exit, it now tries to + return from the tor_main() function, rather than calling the + system exit() function. Most users won't notice a difference here, + but it should make a significant for programs that run Tor inside + a separate thread: they should now be able to survive Tor's exit + conditions rather than having Tor shut down the entire process. + Closes ticket 23848. + - Applications that want to embed Tor can now tell Tor not to + register any of its own POSIX signal handlers, using the + __DisableSignalHandlers option. Closes ticket 24588. + + o Minor features (fallback directory list): + - Avoid selecting fallbacks that change their IP addresses too + often. Select more fallbacks by ignoring the Guard flag, and + allowing lower cutoffs for the Running and V2Dir flags. Also allow + a lower bandwidth, and a higher number of fallbacks per operator + (5% of the list). Implements ticket 24785. + - Update the fallback whitelist and blacklist based on opt-ins and + relay changes. Closes tickets 22321, 24678, 22527, 24135, + and 24695. + + o Minor features (fallback directory mirror configuration): + - Add a nickname to each fallback in a C comment. This makes it + easier for operators to find their relays, and allows stem to use + nicknames to identify fallbacks. Implements ticket 24600. + - Add a type and version header to the fallback directory mirror + file. Also add a delimiter to the end of each fallback entry. This + helps external parsers like stem and Relay Search. Implements + ticket 24725. + - Add an extrainfo cache flag for each fallback in a C comment. This + allows stem to use fallbacks to fetch extra-info documents, rather + than using authorities. Implements ticket 22759. + - Add the generateFallbackDirLine.py script for automatically + generating fallback directory mirror lines from relay fingerprints. + No more typos! Add the lookupFallbackDirContact.py script for + automatically looking up operator contact info from relay + fingerprints. Implements ticket 24706, patch by teor and atagar. + - Reject any fallback directory mirror that serves an expired + consensus. Implements ticket 20942, patch by "minik". + - Remove commas and equals signs from external string inputs to the + fallback list. This avoids format confusion attacks. Implements + ticket 24726. + - Remove the "weight=10" line from fallback directory mirror + entries. Ticket 24681 will maintain the current fallback weights + by changing Tor's default fallback weight to 10. Implements + ticket 24679. + - Stop logging excessive information about fallback netblocks. + Implements ticket 24791. + + o Minor features (forward-compatibility): + - If a relay supports some link authentication protocol that we do + not recognize, then include that relay's ed25519 key when telling + other relays to extend to it. Previously, we treated future + versions as if they were too old to support ed25519 link + authentication. Closes ticket 20895. + + o Minor features (heartbeat): + - Add onion service information to our heartbeat logs, displaying + stats about the activity of configured onion services. Closes + ticket 24896. + + o Minor features (instrumentation, development): + - Add the MainloopStats option to allow developers to get + instrumentation information from the main event loop via the + heartbeat messages. We hope to use this to improve Tor's behavior + when it's trying to sleep. Closes ticket 24605. + + o Minor features (log messages): + - Improve a warning message that happens when we fail to re-parse an + old router because of an expired certificate. Closes ticket 20020. + - Make the log more quantitative when we hit MaxMemInQueues + threshold exposing some values. Closes ticket 24501. + + o Minor features (logging, android): + - Added support for the Android logging subsystem. Closes + ticket 24362. + + o Minor features (performance): + - Support predictive circuit building for onion service circuits + with multiple layers of guards. Closes ticket 23101. + - Use stdatomic.h where available, rather than mutexes, to implement + atomic_counter_t. Closes ticket 23953. + + o Minor features (performance, 32-bit): + - Improve performance on 32-bit systems by avoiding 64-bit division + when calculating the timestamp in milliseconds for channel padding + computations. Implements ticket 24613. + - Improve performance on 32-bit systems by avoiding 64-bit division + when timestamping cells and buffer chunks for OOM calculations. + Implements ticket 24374. + + o Minor features (performance, OSX, iOS): + - Use the mach_approximate_time() function (when available) to + implement coarse monotonic time. Having a coarse time function + should avoid a large number of system calls, and improve + performance slightly, especially under load. Closes ticket 24427. + + o Minor features (performance, windows): + - Improve performance on Windows Vista and Windows 7 by adjusting + TCP send window size according to the recommendation from + SIO_IDEAL_SEND_BACKLOG_QUERY. Closes ticket 22798. Patch + from Vort. + + o Minor features (relay): + - Implement an option, ReducedExitPolicy, to allow an Tor exit relay + operator to use a more reasonable ("reduced") exit policy, rather + than the default one. If you want to run an exit node without + thinking too hard about which ports to allow, this one is for you. + Closes ticket 13605. Patch from Neel Chauhan. + + o Minor features (testing, debugging, embedding): + - For development purposes, Tor now has a mode in which it runs for + a few seconds, then stops, and starts again without exiting the + process. This mode is meant to help us debug various issues with + ticket 23847. To use this feature, compile with + --enable-restart-debugging, and set the TOR_DEBUG_RESTART + environment variable. This is expected to crash a lot, and is + really meant for developers only. It will likely be removed in a + future release. Implements ticket 24583. + + o Minor bugfix (network IPv6 test): + - Tor's test scripts now check if "ping -6 ::1" works when the user + runs "make test-network-all". Fixes bug 24677; bugfix on + 0.2.9.3-alpha. Patch by "ffmancera". + + o Minor bugfixes (build, rust): + - Fix output of autoconf checks to display success messages for Rust + dependencies and a suitable rustc compiler version. Fixes bug + 24612; bugfix on 0.3.1.3-alpha. + - When building with Rust on OSX, link against libresolv, to work + around the issue at https://github.com/rust-lang/rust/issues/46797. + Fixes bug 24652; bugfix on 0.3.1.1-alpha. + - Don't pass the --quiet option to cargo: it seems to suppress some + errors, which is not what we want to do when building. Fixes bug + 24518; bugfix on 0.3.1.7. + - Build correctly when building from outside Tor's source tree with + the TOR_RUST_DEPENDENCIES option set. Fixes bug 22768; bugfix + on 0.3.1.7. + + o Minor bugfixes (directory authorities, IPv6): + - When creating a routerstatus (vote) from a routerinfo (descriptor), + set the IPv6 address to the unspecified IPv6 address, and + explicitly initialize the port to zero. Fixes bug 24488; bugfix + on 0.2.4.1-alpha. + + o Minor bugfixes (fallback directory mirrors): + - Make updateFallbackDirs.py search harder for python. (Some OSs + don't put it in /usr/bin.) Fixes bug 24708; bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (hibernation, bandwidth accounting, shutdown): + - When hibernating, close connections normally and allow them to + flush. Fixes bug 23571; bugfix on 0.2.4.7-alpha. Also fixes + bug 7267. + - Do not attempt to launch self-reachability tests when entering + hibernation. Fixes a case of bug 12062; bugfix on 0.0.9pre5. + - Resolve several bugs related to descriptor fetching on bridge + clients with bandwidth accounting enabled. (This combination is + not recommended!) Fixes a case of bug 12062; bugfix + on 0.2.0.3-alpha. + - When hibernating, do not attempt to launch DNS checks. Fixes a + case of bug 12062; bugfix on 0.1.2.2-alpha. + - When hibernating, do not try to upload or download descriptors. + Fixes a case of bug 12062; bugfix on 0.0.9pre5. + + o Minor bugfixes (IPv6, bridges): + - Tor now always sets IPv6 preferences for bridges. Fixes bug 24573; + bugfix on 0.2.8.2-alpha. + - Tor now sets IPv6 address in the routerstatus as well as in the + router descriptors when updating addresses for a bridge. Closes + ticket 24572; bugfix on 0.2.4.5-alpha. Patch by "ffmancera". + + o Minor bugfixes (linux seccomp2 sandbox): + - When running with the sandbox enabled, reload configuration files + correctly even when %include was used. Previously we would crash. + Fixes bug 22605; bugfix on 0.3.1. Patch from Daniel Pinto. + + o Minor bugfixes (memory leaks): + - Avoid possible at-exit memory leaks related to use of Libevent's + event_base_once() function. (This function tends to leak memory if + the event_base is closed before the event fires.) Fixes bug 24584; + bugfix on 0.2.8.1-alpha. + - Fix a harmless memory leak in tor-resolve. Fixes bug 24582; bugfix + on 0.2.1.1-alpha. + + o Minor bugfixes (OSX): + - Don't exit the Tor process if setrlimit() fails to change the file + limit (which can happen sometimes on some versions of OSX). Fixes + bug 21074; bugfix on 0.0.9pre5. + + o Minor bugfixes (performance, fragile-hardening): + - Improve the performance of our consensus-diff application code + when Tor is built with the --enable-fragile-hardening option set. + Fixes bug 24826; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (performance, timeouts): + - Consider circuits for timeout as soon as they complete a hop. This + is more accurate than applying the timeout in + circuit_expire_building() because that function is only called + once per second, which is now too slow for typical timeouts on the + current network. Fixes bug 23114; bugfix on 0.2.2.2-alpha. + - Use onion service circuits (and other circuits longer than 3 hops) + to calculate a circuit build timeout. Previously, Tor only + calculated its build timeout based on circuits that planned to be + exactly 3 hops long. With this change, we include measurements + from all circuits at the point where they complete their third + hop. Fixes bug 23100; bugfix on 0.2.2.2-alpha. + + o Minor bugfixes (testing): + - Give out Exit flags in bootstrapping networks. Fixes bug 24137; + bugfix on 0.2.3.1-alpha. + - Fix a memory leak in the scheduler/loop_kist unit test. Fixes bug + 25005; bugfix on 0.3.2.7-rc. + + o Code simplification and refactoring: + - Remove /usr/athena from search path in configure.ac. Closes + ticket 24363. + - Remove duplicate code in node_has_curve25519_onion_key() and + node_get_curve25519_onion_key(), and add a check for a zero + microdesc curve25519 onion key. Closes ticket 23966, patch by + "aruna1234" and teor. + - Rewrite channel_rsa_id_group_set_badness to reduce temporary + memory allocations with large numbers of OR connections (e.g. + relays). Closes ticket 24119. + - Separate the function that deletes ephemeral files when Tor + stops gracefully. + - Small changes to Tor's buf_t API to make it suitable for use as a + general-purpose safe string constructor. Closes ticket 22342. + - Switch -Wnormalized=id to -Wnormalized=nfkc in configure.ac to + avoid source code identifier confusion. Closes ticket 24467. + - The tor_git_revision[] constant no longer needs to be redeclared + by everything that links against the rest of Tor. Done as part of + ticket 23845, to simplify our external API. + - We make extend_info_from_node() use node_get_curve25519_onion_key() + introduced in ticket 23577 to access the curve25519 public keys + rather than accessing it directly. Closes ticket 23760. Patch by + Neel Chauhan. + - Add a function to log channels' scheduler state changes to aid + debugging efforts. Closes ticket 24531. + + o Documentation: + - Add documentation on how to build tor with Rust dependencies + without having to be online. Closes ticket 22907; bugfix + on 0.3.0.3-alpha. + - Clarify the behavior of RelayBandwidth{Rate,Burst} with client + traffic. Closes ticket 24318. + - Document that OutboundBindAddress doesn't apply to DNS requests. + Closes ticket 22145. Patch from Aruna Maurya. + - Document that operators who run more than one relay or bridge are + expected to set MyFamily and ContactInfo correctly. Closes + ticket 24526. + + o Code simplification and refactoring (channels): + - Remove the incoming and outgoing channel queues. These were never + used, but still took up a step in our fast path. + - The majority of the channel unit tests have been rewritten and the + code coverage has now been raised to 83.6% for channel.c. Closes + ticket 23709. + - Remove other dead code from the channel subsystem: All together, + this cleanup has removed more than 1500 lines of code overall and + adding very little except for unit test. + + o Code simplification and refactoring (circuit rendezvous): + - Split the client-size rendezvous circuit lookup into two + functions: one that returns only established circuits and another + that returns all kinds of circuits. Closes ticket 23459. + + o Code simplification and refactoring (controller): + - Make most of the variables in networkstatus_getinfo_by_purpose() + const. Implements ticket 24489. + + +Changes in version 0.3.2.9 - 2018-01-09 + Tor 0.3.2.9 is the first stable release in the 0.3.2 series. + + The 0.3.2 series includes our long-anticipated new onion service + design, with numerous security features. (For more information, see + our blog post at https://blog.torproject.org/fall-harvest.) We also + have a new circuit scheduler algorithm for improved performance on + relays everywhere (see https://blog.torproject.org/kist-and-tell), + along with many smaller features and bugfixes. + + Per our stable release policy, we plan to support each stable release + series for at least the next nine months, or for three months after + the first stable release of the next series: whichever is longer. If + you need a release with long-term support, we recommend that you stay + with the 0.2.9 series. + + Below is a list of the changes since 0.3.2.8-rc. For a list of all + changes since 0.3.1, see the ReleaseNotes file. + + o Minor features (fallback directory mirrors): + - The fallback directory list has been re-generated based on the + current status of the network. Tor uses fallback directories to + bootstrap when it doesn't yet have up-to-date directory + information. Closes ticket 24801. + - Make the default DirAuthorityFallbackRate 0.1, so that clients + prefer to bootstrap from fallback directory mirrors. This is a + follow-up to 24679, which removed weights from the default + fallbacks. Implements ticket 24681. + + o Minor features (geoip): + - Update geoip and geoip6 to the January 5 2018 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (address selection): + - When the fascist_firewall_choose_address_ functions don't find a + reachable address, set the returned address to the null address + and port. This is a precautionary measure, because some callers do + not check the return value. Fixes bug 24736; bugfix + on 0.2.8.2-alpha. + + o Minor bugfixes (compilation): + - Resolve a few shadowed-variable warnings in the onion service + code. Fixes bug 24634; bugfix on 0.3.2.1-alpha. + + o Minor bugfixes (portability, msvc): + - Fix a bug in the bit-counting parts of our timing-wheel code on + MSVC. (Note that MSVC is still not a supported build platform, due + to cryptographic timing channel risks.) Fixes bug 24633; bugfix + on 0.2.9.1-alpha. + + +Changes in version 0.3.2.8-rc - 2017-12-21 + Tor 0.3.2.8-rc fixes a pair of bugs in the KIST and KISTLite + schedulers that had led servers under heavy load to overload their + outgoing connections. All relay operators running earlier 0.3.2.x + versions should upgrade. This version also includes a mitigation for + over-full DESTROY queues leading to out-of-memory conditions: if it + works, we will soon backport it to earlier release series. + + This is the second release candidate in the 0.3.2 series. If we find + no new bugs or regression here, then the first stable 0.3.2 release + will be nearly identical to this. + + o Major bugfixes (KIST, scheduler): + - The KIST scheduler did not correctly account for data already + enqueued in each connection's send socket buffer, particularly in + cases when the TCP/IP congestion window was reduced between + scheduler calls. This situation lead to excessive per-connection + buffering in the kernel, and a potential memory DoS. Fixes bug + 24665; bugfix on 0.3.2.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the December 6 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (hidden service v3): + - Bump hsdir_spread_store parameter from 3 to 4 in order to increase + the probability of reaching a service for a client missing + microdescriptors. Fixes bug 24425; bugfix on 0.3.2.1-alpha. + + o Minor bugfixes (memory usage): + - When queuing DESTROY cells on a channel, only queue the circuit-id + and reason fields: not the entire 514-byte cell. This fix should + help mitigate any bugs or attacks that fill up these queues, and + free more RAM for other uses. Fixes bug 24666; bugfix + on 0.2.5.1-alpha. + + o Minor bugfixes (scheduler, KIST): + - Use a sane write limit for KISTLite when writing onto a connection + buffer instead of using INT_MAX and shoving as much as it can. + Because the OOM handler cleans up circuit queues, we are better + off at keeping them in that queue instead of the connection's + buffer. Fixes bug 24671; bugfix on 0.3.2.1-alpha. + + +Changes in version 0.3.2.7-rc - 2017-12-14 + Tor 0.3.2.7-rc fixes various bugs in earlier versions of Tor, + including some that could affect reliability or correctness. + + This is the first release candidate in the 0.3.2 series. If we find no + new bugs or regression here, then the first stable 0.3.2. release will + be nearly identical to this. + + o Major bugfixes (circuit prediction): + - Fix circuit prediction logic so that a client doesn't treat a port + as being "handled" by a circuit if that circuit already has + isolation settings on it. This change should make Tor clients more + responsive by improving their chances of having a pre-created + circuit ready for use when a request arrives. Fixes bug 18859; + bugfix on 0.2.3.3-alpha. + + o Minor features (logging): + - Provide better warnings when the getrandom() syscall fails. Closes + ticket 24500. + + o Minor features (portability): + - Tor now compiles correctly on arm64 with libseccomp-dev installed. + (It doesn't yet work with the sandbox enabled.) Closes + ticket 24424. + + o Minor bugfixes (bridge clients, bootstrap): + - Retry directory downloads when we get our first bridge descriptor + during bootstrap or while reconnecting to the network. Keep + retrying every time we get a bridge descriptor, until we have a + reachable bridge. Fixes part of bug 24367; bugfix on 0.2.0.3-alpha. + - Stop delaying bridge descriptor fetches when we have cached bridge + descriptors. Instead, only delay bridge descriptor fetches when we + have at least one reachable bridge. Fixes part of bug 24367; + bugfix on 0.2.0.3-alpha. + - Stop delaying directory fetches when we have cached bridge + descriptors. Instead, only delay bridge descriptor fetches when + all our bridges are definitely unreachable. Fixes part of bug + 24367; bugfix on 0.2.0.3-alpha. + + o Minor bugfixes (compilation): + - Fix a signed/unsigned comparison warning introduced by our fix to + TROVE-2017-009. Fixes bug 24480; bugfix on 0.2.5.16. + + o Minor bugfixes (correctness): + - Fix several places in our codebase where a C compiler would be + likely to eliminate a check, based on assuming that undefined + behavior had not happened elsewhere in the code. These cases are + usually a sign of redundant checking or dubious arithmetic. Found + by Georg Koppen using the "STACK" tool from Wang, Zeldovich, + Kaashoek, and Solar-Lezama. Fixes bug 24423; bugfix on various + Tor versions. + + o Minor bugfixes (onion service v3): + - Fix a race where an onion service would launch a new intro circuit + after closing an old one, but fail to register it before freeing + the previously closed circuit. This bug was making the service + unable to find the established intro circuit and thus not upload + its descriptor, thus making a service unavailable for up to 24 + hours. Fixes bug 23603; bugfix on 0.3.2.1-alpha. + + o Minor bugfixes (scheduler, KIST): + - Properly set the scheduler state of an unopened channel in the + KIST scheduler main loop. This prevents a harmless but annoying + log warning. Fixes bug 24502; bugfix on 0.3.2.4-alpha. + - Avoid a possible integer overflow when computing the available + space on the TCP buffer of a channel. This had no security + implications; but could make KIST allow too many cells on a + saturated connection. Fixes bug 24590; bugfix on 0.3.2.1-alpha. + - Downgrade to "info" a harmless warning about the monotonic time + moving backwards: This can happen on platform not supporting + monotonic time. Fixes bug 23696; bugfix on 0.3.2.1-alpha. + + +Changes in version 0.3.2.6-alpha - 2017-12-01 + This version of Tor is the latest in the 0.3.2 alpha series. It + includes fixes for several important security issues. All Tor users + should upgrade to this release, or to one of the other releases coming + out today. + + o Major bugfixes (security): + - Fix a denial of service bug where an attacker could use a + malformed directory object to cause a Tor instance to pause while + OpenSSL would try to read a passphrase from the terminal. (Tor + instances run without a terminal, which is the case for most Tor + packages, are not impacted.) Fixes bug 24246; bugfix on every + version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821. + Found by OSS-Fuzz as testcase 6360145429790720. + - Fix a denial of service issue where an attacker could crash a + directory authority using a malformed router descriptor. Fixes bug + 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010 + and CVE-2017-8820. + - When checking for replays in the INTRODUCE1 cell data for a + (legacy) onion service, correctly detect replays in the RSA- + encrypted part of the cell. We were previously checking for + replays on the entire cell, but those can be circumvented due to + the malleability of Tor's legacy hybrid encryption. This fix helps + prevent a traffic confirmation attack. Fixes bug 24244; bugfix on + 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009 + and CVE-2017-8819. + + o Major bugfixes (security, onion service v2): + - Fix a use-after-free error that could crash v2 Tor onion services + when they failed to open circuits while expiring introduction + points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is + also tracked as TROVE-2017-013 and CVE-2017-8823. + + o Major bugfixes (security, relay): + - When running as a relay, make sure that we never build a path + through ourselves, even in the case where we have somehow lost the + version of our descriptor appearing in the consensus. Fixes part + of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked + as TROVE-2017-012 and CVE-2017-8822. + - When running as a relay, make sure that we never choose ourselves + as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This + issue is also tracked as TROVE-2017-012 and CVE-2017-8822. + + o Minor feature (relay statistics): + - Change relay bandwidth reporting stats interval from 4 hours to 24 + hours in order to reduce the efficiency of guard discovery + attacks. Fixes ticket 23856. + + o Minor features (directory authority): + - Add an IPv6 address for the "bastet" directory authority. Closes + ticket 24394. + + o Minor bugfixes (client): + - By default, do not enable storage of client-side DNS values. These + values were unused by default previously, but they should not have + been cached at all. Fixes bug 24050; bugfix on 0.2.6.3-alpha. + + +Changes in version 0.3.1.9 - 2017-12-01: + Tor 0.3.1.9 backports important security and stability fixes from the + 0.3.2 development series. All Tor users should upgrade to this + release, or to another of the releases coming out today. + + o Major bugfixes (security, backport from 0.3.2.6-alpha): + - Fix a denial of service bug where an attacker could use a + malformed directory object to cause a Tor instance to pause while + OpenSSL would try to read a passphrase from the terminal. (Tor + instances run without a terminal, which is the case for most Tor + packages, are not impacted.) Fixes bug 24246; bugfix on every + version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821. + Found by OSS-Fuzz as testcase 6360145429790720. + - Fix a denial of service issue where an attacker could crash a + directory authority using a malformed router descriptor. Fixes bug + 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010 + and CVE-2017-8820. + - When checking for replays in the INTRODUCE1 cell data for a + (legacy) onion service, correctly detect replays in the RSA- + encrypted part of the cell. We were previously checking for + replays on the entire cell, but those can be circumvented due to + the malleability of Tor's legacy hybrid encryption. This fix helps + prevent a traffic confirmation attack. Fixes bug 24244; bugfix on + 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009 + and CVE-2017-8819. + + o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha): + - Fix a use-after-free error that could crash v2 Tor onion services + when they failed to open circuits while expiring introduction + points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is + also tracked as TROVE-2017-013 and CVE-2017-8823. + + o Major bugfixes (security, relay, backport from 0.3.2.6-alpha): + - When running as a relay, make sure that we never build a path + through ourselves, even in the case where we have somehow lost the + version of our descriptor appearing in the consensus. Fixes part + of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked + as TROVE-2017-012 and CVE-2017-8822. + - When running as a relay, make sure that we never choose ourselves + as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This + issue is also tracked as TROVE-2017-012 and CVE-2017-8822. + + o Major bugfixes (exit relays, DNS, backport from 0.3.2.4-alpha): + - Fix an issue causing DNS to fail on high-bandwidth exit nodes, + making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on + 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for + identifying and finding a workaround to this bug and to Moritz, + Arthur Edelstein, and Roger for helping to track it down and + analyze it. + + o Minor features (bridge): + - Bridges now include notice in their descriptors that they are + bridges, and notice of their distribution status, based on their + publication settings. Implements ticket 18329. For more fine- + grained control of how a bridge is distributed, upgrade to 0.3.2.x + or later. + + o Minor features (directory authority, backport from 0.3.2.6-alpha): + - Add an IPv6 address for the "bastet" directory authority. Closes + ticket 24394. + + o Minor features (geoip): + - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfix (relay address resolution, backport from 0.3.2.1-alpha): + - Avoid unnecessary calls to directory_fetches_from_authorities() on + relays, to prevent spurious address resolutions and descriptor + rebuilds. This is a mitigation for bug 21789. Fixes bug 23470; + bugfix on in 0.2.8.1-alpha. + + o Minor bugfixes (compilation, backport from 0.3.2.1-alpha): + - Fix unused variable warnings in donna's Curve25519 SSE2 code. + Fixes bug 22895; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (logging, relay shutdown, annoyance, backport from 0.3.2.2-alpha): + - When a circuit is marked for close, do not attempt to package any + cells for channels on that circuit. Previously, we would detect + this condition lower in the call stack, when we noticed that the + circuit had no attached channel, and log an annoying message. + Fixes bug 8185; bugfix on 0.2.5.4-alpha. + + o Minor bugfixes (onion service, backport from 0.3.2.5-alpha): + - Rename the consensus parameter "hsdir-interval" to "hsdir_interval" + so it matches dir-spec.txt. Fixes bug 24262; bugfix + on 0.3.1.1-alpha. + + o Minor bugfixes (relay, crash, backport from 0.3.2.4-alpha): + - Avoid a crash when transitioning from client mode to bridge mode. + Previously, we would launch the worker threads whenever our + "public server" mode changed, but not when our "server" mode + changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha. + + +Changes in version 0.3.0.13 - 2017-12-01 + Tor 0.3.0.13 backports important security and stability bugfixes from + later Tor releases. All Tor users should upgrade to this release, or + to another of the releases coming out today. + + Note: the Tor 0.3.0 series will no longer be supported after 26 Jan + 2018. If you need a release with long-term support, please stick with + the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later. + + o Major bugfixes (security, backport from 0.3.2.6-alpha): + - Fix a denial of service bug where an attacker could use a + malformed directory object to cause a Tor instance to pause while + OpenSSL would try to read a passphrase from the terminal. (Tor + instances run without a terminal, which is the case for most Tor + packages, are not impacted.) Fixes bug 24246; bugfix on every + version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821. + Found by OSS-Fuzz as testcase 6360145429790720. + - Fix a denial of service issue where an attacker could crash a + directory authority using a malformed router descriptor. Fixes bug + 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010 + and CVE-2017-8820. + - When checking for replays in the INTRODUCE1 cell data for a + (legacy) onion service, correctly detect replays in the RSA- + encrypted part of the cell. We were previously checking for + replays on the entire cell, but those can be circumvented due to + the malleability of Tor's legacy hybrid encryption. This fix helps + prevent a traffic confirmation attack. Fixes bug 24244; bugfix on + 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009 + and CVE-2017-8819. + + o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha): + - Fix a use-after-free error that could crash v2 Tor onion services + when they failed to open circuits while expiring introduction + points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is + also tracked as TROVE-2017-013 and CVE-2017-8823. + + o Major bugfixes (security, relay, backport from 0.3.2.6-alpha): + - When running as a relay, make sure that we never build a path + through ourselves, even in the case where we have somehow lost the + version of our descriptor appearing in the consensus. Fixes part + of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked + as TROVE-2017-012 and CVE-2017-8822. + - When running as a relay, make sure that we never choose ourselves + as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This + issue is also tracked as TROVE-2017-012 and CVE-2017-8822. + + o Major bugfixes (exit relays, DNS, backport from 0.3.2.4-alpha): + - Fix an issue causing DNS to fail on high-bandwidth exit nodes, + making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on + 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for + identifying and finding a workaround to this bug and to Moritz, + Arthur Edelstein, and Roger for helping to track it down and + analyze it. + + o Minor features (security, windows, backport from 0.3.1.1-alpha): + - Enable a couple of pieces of Windows hardening: one + (HeapEnableTerminationOnCorruption) that has been on-by-default + since Windows 8, and unavailable before Windows 7; and one + (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't + affect us, but shouldn't do any harm. Closes ticket 21953. + + o Minor features (bridge, backport from 0.3.1.9): + - Bridges now include notice in their descriptors that they are + bridges, and notice of their distribution status, based on their + publication settings. Implements ticket 18329. For more fine- + grained control of how a bridge is distributed, upgrade to 0.3.2.x + or later. + + o Minor features (directory authority, backport from 0.3.2.6-alpha): + - Add an IPv6 address for the "bastet" directory authority. Closes + ticket 24394. + + o Minor features (geoip): + - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfix (relay address resolution, backport from 0.3.2.1-alpha): + - Avoid unnecessary calls to directory_fetches_from_authorities() on + relays, to prevent spurious address resolutions and descriptor + rebuilds. This is a mitigation for bug 21789. Fixes bug 23470; + bugfix on in 0.2.8.1-alpha. + + o Minor bugfixes (compilation, backport from 0.3.2.1-alpha): + - Fix unused variable warnings in donna's Curve25519 SSE2 code. + Fixes bug 22895; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (logging, relay shutdown, annoyance, backport from 0.3.2.2-alpha): + - When a circuit is marked for close, do not attempt to package any + cells for channels on that circuit. Previously, we would detect + this condition lower in the call stack, when we noticed that the + circuit had no attached channel, and log an annoying message. + Fixes bug 8185; bugfix on 0.2.5.4-alpha. + + o Minor bugfixes (relay, crash, backport from 0.3.2.4-alpha): + - Avoid a crash when transitioning from client mode to bridge mode. + Previously, we would launch the worker threads whenever our + "public server" mode changed, but not when our "server" mode + changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha. + + o Minor bugfixes (testing, backport from 0.3.1.6-rc): + - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; + bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij. + + +Changes in version 0.2.9.14 - 2017-12-01 + Tor 0.3.0.13 backports important security and stability bugfixes from + later Tor releases. All Tor users should upgrade to this release, or + to another of the releases coming out today. + + o Major bugfixes (exit relays, DNS, backport from 0.3.2.4-alpha): + - Fix an issue causing DNS to fail on high-bandwidth exit nodes, + making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on + 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for + identifying and finding a workaround to this bug and to Moritz, + Arthur Edelstein, and Roger for helping to track it down and + analyze it. + + o Major bugfixes (security, backport from 0.3.2.6-alpha): + - Fix a denial of service bug where an attacker could use a + malformed directory object to cause a Tor instance to pause while + OpenSSL would try to read a passphrase from the terminal. (Tor + instances run without a terminal, which is the case for most Tor + packages, are not impacted.) Fixes bug 24246; bugfix on every + version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821. + Found by OSS-Fuzz as testcase 6360145429790720. + - Fix a denial of service issue where an attacker could crash a + directory authority using a malformed router descriptor. Fixes bug + 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010 + and CVE-2017-8820. + - When checking for replays in the INTRODUCE1 cell data for a + (legacy) onion service, correctly detect replays in the RSA- + encrypted part of the cell. We were previously checking for + replays on the entire cell, but those can be circumvented due to + the malleability of Tor's legacy hybrid encryption. This fix helps + prevent a traffic confirmation attack. Fixes bug 24244; bugfix on + 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009 + and CVE-2017-8819. + + o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha): + - Fix a use-after-free error that could crash v2 Tor onion services + when they failed to open circuits while expiring introduction + points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is + also tracked as TROVE-2017-013 and CVE-2017-8823. + + o Major bugfixes (security, relay, backport from 0.3.2.6-alpha): + - When running as a relay, make sure that we never build a path + through ourselves, even in the case where we have somehow lost the + version of our descriptor appearing in the consensus. Fixes part + of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked + as TROVE-2017-012 and CVE-2017-8822. + + o Minor features (bridge, backport from 0.3.1.9): + - Bridges now include notice in their descriptors that they are + bridges, and notice of their distribution status, based on their + publication settings. Implements ticket 18329. For more fine- + grained control of how a bridge is distributed, upgrade to 0.3.2.x + or later. + + o Minor features (directory authority, backport from 0.3.2.6-alpha): + - Add an IPv6 address for the "bastet" directory authority. Closes + ticket 24394. + + o Minor features (geoip): + - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2 + Country database. + + o Minor features (security, windows, backport from 0.3.1.1-alpha): + - Enable a couple of pieces of Windows hardening: one + (HeapEnableTerminationOnCorruption) that has been on-by-default + since Windows 8, and unavailable before Windows 7; and one + (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't + affect us, but shouldn't do any harm. Closes ticket 21953. + + o Minor bugfix (relay address resolution, backport from 0.3.2.1-alpha): + - Avoid unnecessary calls to directory_fetches_from_authorities() on + relays, to prevent spurious address resolutions and descriptor + rebuilds. This is a mitigation for bug 21789. Fixes bug 23470; + bugfix on in 0.2.8.1-alpha. + + o Minor bugfixes (compilation, backport from 0.3.2.1-alpha): + - Fix unused variable warnings in donna's Curve25519 SSE2 code. + Fixes bug 22895; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (logging, relay shutdown, annoyance, backport from 0.3.2.2-alpha): + - When a circuit is marked for close, do not attempt to package any + cells for channels on that circuit. Previously, we would detect + this condition lower in the call stack, when we noticed that the + circuit had no attached channel, and log an annoying message. + Fixes bug 8185; bugfix on 0.2.5.4-alpha. + + o Minor bugfixes (relay, crash, backport from 0.3.2.4-alpha): + - Avoid a crash when transitioning from client mode to bridge mode. + Previously, we would launch the worker threads whenever our + "public server" mode changed, but not when our "server" mode + changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha. + + o Minor bugfixes (testing, backport from 0.3.1.6-rc): + - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; + bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij. + + +Changes in version 0.2.8.17 - 2017-12-01 + Tor 0.2.8.17 backports important security and stability bugfixes from + later Tor releases. All Tor users should upgrade to this release, or + to another of the releases coming out today. + + Note: the Tor 0.2.8 series will no longer be supported after 1 Jan + 2018. If you need a release with long-term support, please upgrade with + the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later. + + o Major bugfixes (security, backport from 0.3.2.6-alpha): + - Fix a denial of service bug where an attacker could use a + malformed directory object to cause a Tor instance to pause while + OpenSSL would try to read a passphrase from the terminal. (Tor + instances run without a terminal, which is the case for most Tor + packages, are not impacted.) Fixes bug 24246; bugfix on every + version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821. + Found by OSS-Fuzz as testcase 6360145429790720. + - When checking for replays in the INTRODUCE1 cell data for a + (legacy) onion service, correctly detect replays in the RSA- + encrypted part of the cell. We were previously checking for + replays on the entire cell, but those can be circumvented due to + the malleability of Tor's legacy hybrid encryption. This fix helps + prevent a traffic confirmation attack. Fixes bug 24244; bugfix on + 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009 + and CVE-2017-8819. + + o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha): + - Fix a use-after-free error that could crash v2 Tor onion services + when they failed to open circuits while expiring introduction + points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is + also tracked as TROVE-2017-013 and CVE-2017-8823. + + o Major bugfixes (security, relay, backport from 0.3.2.6-alpha): + - When running as a relay, make sure that we never build a path through + ourselves, even in the case where we have somehow lost the version of + our descriptor appearing in the consensus. Fixes part of bug 21534; + bugfix on 0.2.0.1-alpha. This issue is also tracked as TROVE-2017-012 + and CVE-2017-8822. + + o Minor features (bridge, backport from 0.3.1.9): + - Bridges now include notice in their descriptors that they are + bridges, and notice of their distribution status, based on their + publication settings. Implements ticket 18329. For more fine- + grained control of how a bridge is distributed, upgrade to 0.3.2.x + or later. + + o Minor features (directory authority, backport from 0.3.2.6-alpha): + - Add an IPv6 address for the "bastet" directory authority. Closes + ticket 24394. + + o Minor features (geoip): + - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (testing, backport from 0.3.1.6-rc): + - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; + bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij. + + +Changes in version 0.2.5.16 - 2017-12-01 + Tor 0.2.5.13 backports important security and stability bugfixes from + later Tor releases. All Tor users should upgrade to this release, or + to another of the releases coming out today. + + Note: the Tor 0.2.5 series will no longer be supported after 1 May + 2018. If you need a release with long-term support, please upgrade to + the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later. + + o Major bugfixes (security, backport from 0.3.2.6-alpha): + - Fix a denial of service bug where an attacker could use a + malformed directory object to cause a Tor instance to pause while + OpenSSL would try to read a passphrase from the terminal. (Tor + instances run without a terminal, which is the case for most Tor + packages, are not impacted.) Fixes bug 24246; bugfix on every + version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821. + Found by OSS-Fuzz as testcase 6360145429790720. + - When checking for replays in the INTRODUCE1 cell data for a + (legacy) onion service, correctly detect replays in the RSA- + encrypted part of the cell. We were previously checking for + replays on the entire cell, but those can be circumvented due to + the malleability of Tor's legacy hybrid encryption. This fix helps + prevent a traffic confirmation attack. Fixes bug 24244; bugfix on + 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009 + and CVE-2017-8819. + + o Major bugfixes (security, relay, backport from 0.3.2.6-alpha): + - When running as a relay, make sure that we never build a path + through ourselves, even in the case where we have somehow lost the + version of our descriptor appearing in the consensus. Fixes part + of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked + as TROVE-2017-012 and CVE-2017-8822. + + o Minor features (bridge, backport from 0.3.1.9): + - Bridges now include notice in their descriptors that they are + bridges, and notice of their distribution status, based on their + publication settings. Implements ticket 18329. For more fine- + grained control of how a bridge is distributed, upgrade to 0.3.2.x + or later. + + o Minor features (geoip): + - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2 + Country database. + + +Changes in version 0.3.2.5-alpha - 2017-11-22 + Tor 0.3.2.5-alpha is the fifth alpha release in the 0.3.2.x series. It + fixes several stability and reliability bugs, including a fix for + intermittent bootstrapping failures that some people have been seeing + since the 0.3.0.x series. + + Please test this alpha out -- many of these fixes will soon be + backported to stable Tor versions if no additional bugs are found + in them. + + o Major bugfixes (bootstrapping): + - Fetch descriptors aggressively whenever we lack enough to build + circuits, regardless of how many descriptors we are missing. + Previously, we would delay launching the fetch when we had fewer + than 15 missing descriptors, even if some of those descriptors + were blocking circuits from building. Fixes bug 23985; bugfix on + 0.1.1.11-alpha. The effects of this bug became worse in + 0.3.0.3-alpha, when we began treating missing descriptors from our + primary guards as a reason to delay circuits. + - Don't try fetching microdescriptors from relays that have failed + to deliver them in the past. Fixes bug 23817; bugfix + on 0.3.0.1-alpha. + + o Minor features (directory authority): + - Make the "Exit" flag assignment only depend on whether the exit + policy allows connections to ports 80 and 443. Previously relays + would get the Exit flag if they allowed connections to one of + these ports and also port 6667. Resolves ticket 23637. + + o Minor features (geoip): + - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2 + Country database. + + o Minor features (linux seccomp2 sandbox): + - Update the sandbox rules so that they should now work correctly + with Glibc 2.26. Closes ticket 24315. + + o Minor features (logging): + - Downgrade a pair of log messages that could occur when an exit's + resolver gave us an unusual (but not forbidden) response. Closes + ticket 24097. + - Improve the message we log when re-enabling circuit build timeouts + after having received a consensus. Closes ticket 20963. + + o Minor bugfixes (compilation): + - Fix a memory leak warning in one of the libevent-related + configuration tests that could occur when manually specifying + -fsanitize=address. Fixes bug 24279; bugfix on 0.3.0.2-alpha. + Found and patched by Alex Xu. + - When detecting OpenSSL on Windows from our configure script, make + sure to try linking with the ws2_32 library. Fixes bug 23783; + bugfix on 0.3.2.2-alpha. + + o Minor bugfixes (control port, linux seccomp2 sandbox): + - Avoid a crash when attempting to use the seccomp2 sandbox together + with the OwningControllerProcess feature. Fixes bug 24198; bugfix + on 0.2.5.1-alpha. + + o Minor bugfixes (control port, onion services): + - Report "FAILED" instead of "UPLOAD_FAILED" "FAILED" for the + HS_DESC event when a service is not able to upload a descriptor. + Fixes bug 24230; bugfix on 0.2.7.1-alpha. + + o Minor bugfixes (directory cache): + - Recover better from empty or corrupt files in the consensus cache + directory. Fixes bug 24099; bugfix on 0.3.1.1-alpha. + - When a consensus diff calculation is only partially successful, + only record the successful parts as having succeeded. Partial + success can happen if (for example) one compression method fails + but the others succeed. Previously we misrecorded all the + calculations as having succeeded, which would later cause a + nonfatal assertion failure. Fixes bug 24086; bugfix + on 0.3.1.1-alpha. + + o Minor bugfixes (logging): + - Only log once if we notice that KIST support is gone. Fixes bug + 24158; bugfix on 0.3.2.1-alpha. + - Suppress a log notice when relay descriptors arrive. We already + have a bootstrap progress for this so no need to log notice + everytime tor receives relay descriptors. Microdescriptors behave + the same. Fixes bug 23861; bugfix on 0.2.8.2-alpha. + + o Minor bugfixes (network layer): + - When closing a connection via close_connection_immediately(), we + mark it as "not blocked on bandwidth", to prevent later calls from + trying to unblock it, and give it permission to read. This fixes a + backtrace warning that can happen on relays under various + circumstances. Fixes bug 24167; bugfix on 0.1.0.1-rc. + + o Minor bugfixes (onion services): + - The introduction circuit was being timed out too quickly while + waiting for the rendezvous circuit to complete. Keep the intro + circuit around longer instead of timing out and reopening new ones + constantly. Fixes bug 23681; bugfix on 0.2.4.8-alpha. + - Rename the consensus parameter "hsdir-interval" to "hsdir_interval" + so it matches dir-spec.txt. Fixes bug 24262; bugfix + on 0.3.1.1-alpha. + - Silence a warning about failed v3 onion descriptor uploads that + can happen naturally under certain edge cases. Fixes part of bug + 23662; bugfix on 0.3.2.1-alpha. + + o Minor bugfixes (tests): + - Fix a memory leak in one of the bridge-distribution test cases. + Fixes bug 24345; bugfix on 0.3.2.3-alpha. + - Fix a bug in our fuzzing mock replacement for crypto_pk_checksig(), + to correctly handle cases where a caller gives it an RSA key of + under 160 bits. (This is not actually a bug in Tor itself, but + rather in our fuzzing code.) Fixes bug 24247; bugfix on + 0.3.0.3-alpha. Found by OSS-Fuzz as issue 4177. + + o Documentation: + - Add notes in man page regarding OS support for the various + scheduler types. Attempt to use less jargon in the scheduler + section. Closes ticket 24254. + + +Changes in version 0.3.2.4-alpha - 2017-11-08 + Tor 0.3.2.4-alpha is the fourth alpha release in the 0.3.2.x series. + It fixes several stability and reliability bugs, especially including + a major reliability issue that has been plaguing fast exit relays in + recent months. + + o Major bugfixes (exit relays, DNS): + - Fix an issue causing DNS to fail on high-bandwidth exit nodes, + making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on + 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for + identifying and finding a workaround to this bug and to Moritz, + Arthur Edelstein, and Roger for helping to track it down and + analyze it. + + o Major bugfixes (scheduler, channel): + - Stop processing scheduled channels if they closed while flushing + cells. This can happen if the write on the connection fails + leading to the channel being closed while in the scheduler loop. + Fixes bug 23751; bugfix on 0.3.2.1-alpha. + + o Minor features (logging, scheduler): + - Introduce a SCHED_BUG() function to log extra information about + the scheduler state if we ever catch a bug in the scheduler. + Closes ticket 23753. + + o Minor features (removed deprecations): + - The ClientDNSRejectInternalAddresses flag can once again be set in + non-testing Tor networks, so long as they do not use the default + directory authorities. This change also removes the deprecation of + this flag from 0.2.9.2-alpha. Closes ticket 21031. + + o Minor features (testing): + - Our fuzzing tests now test the encrypted portions of v3 onion + service descriptors. Implements more of 21509. + + o Minor bugfixes (directory client): + - On failure to download directory information, delay retry attempts + by a random amount based on the "decorrelated jitter" algorithm. + Our previous delay algorithm tended to produce extra-long delays + too easily. Fixes bug 23816; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (IPv6, v3 single onion services): + - Remove buggy code for IPv6-only v3 single onion services, and + reject attempts to configure them. This release supports IPv4, + dual-stack, and IPv6-only v3 onion services; and IPv4 and dual- + stack v3 single onion services. Fixes bug 23820; bugfix + on 0.3.2.1-alpha. + + o Minor bugfixes (logging, relay): + - Give only a protocol warning when the ed25519 key is not + consistent between the descriptor and microdescriptor of a relay. + This can happen, for instance, if the relay has been flagged + NoEdConsensus. Fixes bug 24025; bugfix on 0.3.2.1-alpha. + + o Minor bugfixes (manpage, onion service): + - Document that the HiddenServiceNumIntroductionPoints option is + 0-10 for v2 services and 0-20 for v3 services. Fixes bug 24115; + bugfix on 0.3.2.1-alpha. + + o Minor bugfixes (memory leaks): + - Fix a minor memory leak at exit in the KIST scheduler. This bug + should have no user-visible impact. Fixes bug 23774; bugfix + on 0.3.2.1-alpha. + - Fix a memory leak when decrypting a badly formatted v3 onion + service descriptor. Fixes bug 24150; bugfix on 0.3.2.1-alpha. + Found by OSS-Fuzz; this is OSS-Fuzz issue 3994. + + o Minor bugfixes (onion services): + - Cache some needed onion service client information instead of + constantly computing it over and over again. Fixes bug 23623; + bugfix on 0.3.2.1-alpha. + - Properly retry HSv3 descriptor fetches when missing required + directory information. Fixes bug 23762; bugfix on 0.3.2.1-alpha. + + o Minor bugfixes (path selection): + - When selecting relays by bandwidth, avoid a rounding error that + could sometimes cause load to be imbalanced incorrectly. + Previously, we would always round upwards; now, we round towards + the nearest integer. This had the biggest effect when a relay's + weight adjustments should have given it weight 0, but it got + weight 1 instead. Fixes bug 23318; bugfix on 0.2.4.3-alpha. + - When calculating the fraction of nodes that have descriptors, and + all nodes in the network have zero bandwidths, count the number of + nodes instead. Fixes bug 23318; bugfix on 0.2.4.10-alpha. + - Actually log the total bandwidth in compute_weighted_bandwidths(). + Fixes bug 24170; bugfix on 0.2.4.3-alpha. + + o Minor bugfixes (relay, crash): + - Avoid a crash when transitioning from client mode to bridge mode. + Previously, we would launch the worker threads whenever our + "public server" mode changed, but not when our "server" mode + changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha. + + o Minor bugfixes (testing): + - Fix a spurious fuzzing-only use of an uninitialized value. Found + by Brian Carpenter. Fixes bug 24082; bugfix on 0.3.0.3-alpha. + - Test that IPv6-only clients can use microdescriptors when running + "make test-network-all". Requires chutney master 61c28b9 or later. + Closes ticket 24109. + + +Changes in version 0.3.2.3-alpha - 2017-10-27 + Tor 0.3.2.3-alpha is the third release in the 0.3.2 series. It fixes + numerous small bugs in earlier versions of 0.3.2.x, and adds a new + directory authority, Bastet. + + o Directory authority changes: + - Add "Bastet" as a ninth directory authority to the default list. + Closes ticket 23910. + - The directory authority "Longclaw" has changed its IP address. + Closes ticket 23592. + + o Minor features (bridge): + - Bridge relays can now set the BridgeDistribution config option to + add a "bridge-distribution-request" line to their bridge + descriptor, which tells BridgeDB how they'd like their bridge + address to be given out. (Note that as of Oct 2017, BridgeDB does + not yet implement this feature.) As a side benefit, this feature + provides a way to distinguish bridge descriptors from non-bridge + descriptors. Implements tickets 18329. + + o Minor features (client, entry guards): + - Improve log messages when missing descriptors for primary guards. + Resolves ticket 23670. + + o Minor features (geoip): + - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (bridge): + - Overwrite the bridge address earlier in the process of retrieving + its descriptor, to make sure we reach it on the configured + address. Fixes bug 20532; bugfix on 0.2.0.10-alpha. + + o Minor bugfixes (documentation): + - Document better how to read gcov, and what our gcov postprocessing + scripts do. Fixes bug 23739; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (entry guards): + - Tor now updates its guard state when it reads a consensus + regardless of whether it's missing descriptors. That makes tor use + its primary guards to fetch descriptors in some edge cases where + it would previously have used fallback directories. Fixes bug + 23862; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (hidden service client): + - When handling multiple SOCKS request for the same .onion address, + only fetch the service descriptor once. + - When a descriptor fetch fails with a non-recoverable error, close + all pending SOCKS requests for that .onion. Fixes bug 23653; + bugfix on 0.3.2.1-alpha. + + o Minor bugfixes (hidden service): + - Always regenerate missing hidden service public key files. Prior + to this, if the public key was deleted from disk, it wouldn't get + recreated. Fixes bug 23748; bugfix on 0.3.2.2-alpha. Patch + from "cathugger". + - Make sure that we have a usable ed25519 key when the intro point + relay supports ed25519 link authentication. Fixes bug 24002; + bugfix on 0.3.2.1-alpha. + + o Minor bugfixes (hidden service, v2): + - When reloading configured hidden services, copy all information + from the old service object. Previously, some data was omitted, + causing delays in descriptor upload, and other bugs. Fixes bug + 23790; bugfix on 0.2.1.9-alpha. + + o Minor bugfixes (memory safety, defensive programming): + - Clear the target address when node_get_prim_orport() returns + early. Fixes bug 23874; bugfix on 0.2.8.2-alpha. + + o Minor bugfixes (relay): + - Avoid a BUG warning when receiving a dubious CREATE cell while an + option transition is in progress. Fixes bug 23952; bugfix + on 0.3.2.1-alpha. + + o Minor bugfixes (testing): + - Adjust the GitLab CI configuration to more closely match that of + Travis CI. Fixes bug 23757; bugfix on 0.3.2.2-alpha. + - Prevent scripts/test/coverage from attempting to move gcov output + to the root directory. Fixes bug 23741; bugfix on 0.2.5.1-alpha. + - When running unit tests as root, skip a test that would fail + because it expects a permissions error. This affects some + continuous integration setups. Fixes bug 23758; bugfix + on 0.3.2.2-alpha. + - Stop unconditionally mirroring the tor repository in GitLab CI. + This prevented developers from enabling GitLab CI on master. Fixes + bug 23755; bugfix on 0.3.2.2-alpha. + - Fix the hidden service v3 descriptor decoding fuzzing to use the + latest decoding API correctly. Fixes bug 21509; bugfix + on 0.3.2.1-alpha. + + o Minor bugfixes (warnings): + - When we get an HTTP request on a SOCKS port, tell the user about + the new HTTPTunnelPort option. Previously, we would give a "Tor is + not an HTTP Proxy" message, which stopped being true when + HTTPTunnelPort was introduced. Fixes bug 23678; bugfix + on 0.3.2.1-alpha. + + +Changes in version 0.2.5.15 - 2017-10-25 + Tor 0.2.5.15 backports a collection of bugfixes from later Tor release + series. It also adds a new directory authority, Bastet. + + Note: the Tor 0.2.5 series will no longer be supported after 1 May + 2018. If you need a release with long-term support, please upgrade to + the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later. + + o Directory authority changes: + - Add "Bastet" as a ninth directory authority to the default list. + Closes ticket 23910. + - The directory authority "Longclaw" has changed its IP address. + Closes ticket 23592. + + o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha): + - Avoid an assertion failure bug affecting our implementation of + inet_pton(AF_INET6) on certain OpenBSD systems whose strtol() + handling of "0xx" differs from what we had expected. Fixes bug + 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007. + + o Minor features (geoip): + - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (defensive programming, undefined behavior, backport from 0.3.1.4-alpha): + - Fix a memset() off the end of an array when packing cells. This + bug should be harmless in practice, since the corrupted bytes are + still in the same structure, and are always padding bytes, + ignored, or immediately overwritten, depending on compiler + behavior. Nevertheless, because the memset()'s purpose is to make + sure that any other cell-handling bugs can't expose bytes to the + network, we need to fix it. Fixes bug 22737; bugfix on + 0.2.4.11-alpha. Fixes CID 1401591. + + o Build features (backport from 0.3.1.5-alpha): + - Tor's repository now includes a Travis Continuous Integration (CI) + configuration file (.travis.yml). This is meant to help new + developers and contributors who fork Tor to a Github repository be + better able to test their changes, and understand what we expect + to pass. To use this new build feature, you must fork Tor to your + Github account, then go into the "Integrations" menu in the + repository settings for your fork and enable Travis, then push + your changes. Closes ticket 22636. + + +Changes in version 0.2.8.16 - 2017-10-25 + Tor 0.2.8.16 backports a collection of bugfixes from later Tor release + series, including a bugfix for a crash issue that had affected relays + under memory pressure. It also adds a new directory authority, Bastet. + + Note: the Tor 0.2.8 series will no longer be supported after 1 Jan + 2018. If you need a release with long-term support, please stick with + the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later. + + o Directory authority changes: + - Add "Bastet" as a ninth directory authority to the default list. + Closes ticket 23910. + - The directory authority "Longclaw" has changed its IP address. + Closes ticket 23592. + + o Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha): + - Fix a timing-based assertion failure that could occur when the + circuit out-of-memory handler freed a connection's output buffer. + Fixes bug 23690; bugfix on 0.2.6.1-alpha. + + o Minor features (directory authorities, backport from 0.3.2.2-alpha): + - Remove longclaw's IPv6 address, as it will soon change. Authority + IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves + 3/8 directory authorities with IPv6 addresses, but there are also + 52 fallback directory mirrors with IPv6 addresses. Resolves 19760. + + o Minor features (geoip): + - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2 + Country database. + + +Changes in version 0.2.9.13 - 2017-10-25 + Tor 0.2.9.13 backports a collection of bugfixes from later Tor release + series, including a bugfix for a crash issue that had affected relays + under memory pressure. It also adds a new directory authority, Bastet. + + o Directory authority changes: + - Add "Bastet" as a ninth directory authority to the default list. + Closes ticket 23910. + - The directory authority "Longclaw" has changed its IP address. + Closes ticket 23592. + + o Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha): + - Fix a timing-based assertion failure that could occur when the + circuit out-of-memory handler freed a connection's output buffer. + Fixes bug 23690; bugfix on 0.2.6.1-alpha. + + o Minor features (directory authorities, backport from 0.3.2.2-alpha): + - Remove longclaw's IPv6 address, as it will soon change. Authority + IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves + 3/8 directory authorities with IPv6 addresses, but there are also + 52 fallback directory mirrors with IPv6 addresses. Resolves 19760. + + o Minor features (geoip): + - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (directory authority, backport from 0.3.1.5-alpha): + - When a directory authority rejects a descriptor or extrainfo with + a given digest, mark that digest as undownloadable, so that we do + not attempt to download it again over and over. We previously + tried to avoid downloading such descriptors by other means, but we + didn't notice if we accidentally downloaded one anyway. This + behavior became problematic in 0.2.7.2-alpha, when authorities + began pinning Ed25519 keys. Fixes bug 22349; bugfix + on 0.2.1.19-alpha. + + o Minor bugfixes (memory safety, backport from 0.3.2.3-alpha): + - Clear the address when node_get_prim_orport() returns early. + Fixes bug 23874; bugfix on 0.2.8.2-alpha. + + o Minor bugfixes (Windows service, backport from 0.3.1.6-rc): + - When running as a Windows service, set the ID of the main thread + correctly. Failure to do so made us fail to send log messages to + the controller in 0.2.1.16-rc, slowed down controller event + delivery in 0.2.7.3-rc and later, and crash with an assertion + failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha. + Patch and diagnosis from "Vort". + + +Changes in version 0.3.0.12 - 2017-10-25 + Tor 0.3.0.12 backports a collection of bugfixes from later Tor release + series, including a bugfix for a crash issue that had affected relays + under memory pressure. It also adds a new directory authority, Bastet. + + Note: the Tor 0.3.0 series will no longer be supported after 26 Jan + 2018. If you need a release with long-term support, please stick with + the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later. + + o Directory authority changes: + - Add "Bastet" as a ninth directory authority to the default list. + Closes ticket 23910. + - The directory authority "Longclaw" has changed its IP address. + Closes ticket 23592. + + o Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha): + - Fix a timing-based assertion failure that could occur when the + circuit out-of-memory handler freed a connection's output buffer. + Fixes bug 23690; bugfix on 0.2.6.1-alpha. + + o Minor features (directory authorities, backport from 0.3.2.2-alpha): + - Remove longclaw's IPv6 address, as it will soon change. Authority + IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves + 3/8 directory authorities with IPv6 addresses, but there are also + 52 fallback directory mirrors with IPv6 addresses. Resolves 19760. + + o Minor features (geoip): + - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (directory authority, backport from 0.3.1.5-alpha): + - When a directory authority rejects a descriptor or extrainfo with + a given digest, mark that digest as undownloadable, so that we do + not attempt to download it again over and over. We previously + tried to avoid downloading such descriptors by other means, but we + didn't notice if we accidentally downloaded one anyway. This + behavior became problematic in 0.2.7.2-alpha, when authorities + began pinning Ed25519 keys. Fixes bug 22349; bugfix + on 0.2.1.19-alpha. + + o Minor bugfixes (hidden service, relay, backport from 0.3.2.2-alpha): + - Avoid a possible double close of a circuit by the intro point on + error of sending the INTRO_ESTABLISHED cell. Fixes bug 23610; + bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (memory safety, backport from 0.3.2.3-alpha): + - Clear the address when node_get_prim_orport() returns early. + Fixes bug 23874; bugfix on 0.2.8.2-alpha. + + o Minor bugfixes (Windows service, backport from 0.3.1.6-rc): + - When running as a Windows service, set the ID of the main thread + correctly. Failure to do so made us fail to send log messages to + the controller in 0.2.1.16-rc, slowed down controller event + delivery in 0.2.7.3-rc and later, and crash with an assertion + failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha. + Patch and diagnosis from "Vort". + + +Changes in version 0.3.1.8 - 2017-10-25 + Tor 0.3.1.8 is the second stable release in the 0.3.1 series. + It includes several bugfixes, including a bugfix for a crash issue + that had affected relays under memory pressure. It also adds + a new directory authority, Bastet. + + o Directory authority changes: + - Add "Bastet" as a ninth directory authority to the default list. + Closes ticket 23910. + - The directory authority "Longclaw" has changed its IP address. + Closes ticket 23592. + + o Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha): + - Fix a timing-based assertion failure that could occur when the + circuit out-of-memory handler freed a connection's output buffer. + Fixes bug 23690; bugfix on 0.2.6.1-alpha. + + o Minor features (directory authorities, backport from 0.3.2.2-alpha): + - Remove longclaw's IPv6 address, as it will soon change. Authority + IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves + 3/8 directory authorities with IPv6 addresses, but there are also + 52 fallback directory mirrors with IPv6 addresses. Resolves 19760. + + o Minor features (geoip): + - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation, backport from 0.3.2.2-alpha): + - Fix a compilation warning when building with zstd support on + 32-bit platforms. Fixes bug 23568; bugfix on 0.3.1.1-alpha. Found + and fixed by Andreas Stieger. + + o Minor bugfixes (compression, backport from 0.3.2.2-alpha): + - Handle a pathological case when decompressing Zstandard data when + the output buffer size is zero. Fixes bug 23551; bugfix + on 0.3.1.1-alpha. + + o Minor bugfixes (directory authority, backport from 0.3.2.1-alpha): + - Remove the length limit on HTTP status lines that authorities can + send in their replies. Fixes bug 23499; bugfix on 0.3.1.6-rc. + + o Minor bugfixes (hidden service, relay, backport from 0.3.2.2-alpha): + - Avoid a possible double close of a circuit by the intro point on + error of sending the INTRO_ESTABLISHED cell. Fixes bug 23610; + bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (memory safety, backport from 0.3.2.3-alpha): + - Clear the address when node_get_prim_orport() returns early. + Fixes bug 23874; bugfix on 0.2.8.2-alpha. + + o Minor bugfixes (unit tests, backport from 0.3.2.2-alpha): + - Fix additional channelpadding unit test failures by using mocked + time instead of actual time for all tests. Fixes bug 23608; bugfix + on 0.3.1.1-alpha. + + +Changes in version 0.3.2.2-alpha - 2017-09-29 + Tor 0.3.2.2-alpha is the second release in the 0.3.2 series. This + release fixes several minor bugs in the new scheduler and next- + generation onion services; both features were newly added in the 0.3.2 + series. Other fixes in this alpha include several fixes for non-fatal + tracebacks which would appear in logs. + + With the aim to stabilise the 0.3.2 series by 15 December 2017, this + alpha does not contain any substantial new features. Minor features + include better testing and logging. + + The following comprises the complete list of changes included + in tor-0.3.2.2-alpha: + + o Major bugfixes (relay, crash, assertion failure): + - Fix a timing-based assertion failure that could occur when the + circuit out-of-memory handler freed a connection's output buffer. + Fixes bug 23690; bugfix on 0.2.6.1-alpha. + + o Major bugfixes (scheduler): + - If a channel is put into the scheduler's pending list, then it + starts closing, and then if the scheduler runs before it finishes + closing, the scheduler will get stuck trying to flush its cells + while the lower layers refuse to cooperate. Fix that race + condition by giving the scheduler an escape method. Fixes bug + 23676; bugfix on 0.3.2.1-alpha. + + o Minor features (build, compilation): + - The "check-changes" feature is now part of the "make check" tests; + we'll use it to try to prevent misformed changes files from + accumulating. Closes ticket 23564. + - Tor builds should now fail if there are any mismatches between the + C type representing a configuration variable and the C type the + data-driven parser uses to store a value there. Previously, we + needed to check these by hand, which sometimes led to mistakes. + Closes ticket 23643. + + o Minor features (directory authorities): + - Remove longclaw's IPv6 address, as it will soon change. Authority + IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves + 3/8 directory authorities with IPv6 addresses, but there are also + 52 fallback directory mirrors with IPv6 addresses. Resolves 19760. + + o Minor features (hidden service, circuit, logging): + - Improve logging of many callsite in the circuit subsystem to print + the circuit identifier(s). + - Log when we cleanup an intro point from a service so we know when + and for what reason it happened. Closes ticket 23604. + + o Minor features (logging): + - Log more circuit information whenever we are about to try to + package a relay cell on a circuit with a nonexistent n_chan. + Attempt to diagnose ticket 8185. + - Improve info-level log identification of particular circuits, to + help with debugging. Closes ticket 23645. + + o Minor features (relay): + - When choosing which circuits can be expired as unused, consider + circuits from clients even if those clients used regular CREATE + cells to make them; and do not consider circuits from relays even + if they were made with CREATE_FAST. Part of ticket 22805. + + o Minor features (robustness): + - Change several fatal assertions when flushing buffers into non- + fatal assertions, to prevent any recurrence of 23690. + + o Minor features (spec conformance, bridge, diagnostic): + - When handling the USERADDR command on an ExtOrPort, warn when the + transports provides a USERADDR with no port. In a future version, + USERADDR commands of this format may be rejected. Detects problems + related to ticket 23080. + + o Minor features (testing): + - Add a unit test to make sure that our own generated platform + string will be accepted by directory authorities. Closes + ticket 22109. + + o Minor bugfixes (bootstrapping): + - When warning about state file clock skew, report the correct + direction for the detected skew. Fixes bug 23606; bugfix + on 0.2.8.1-alpha. + - Avoid an assertion failure when logging a state file clock skew + very early in bootstrapping. Fixes bug 23607; bugfix + on 0.3.2.1-alpha. + + o Minor bugfixes (build, compilation): + - Fix a compilation warning when building with zstd support on + 32-bit platforms. Fixes bug 23568; bugfix on 0.3.1.1-alpha. Found + and fixed by Andreas Stieger. + - When searching for OpenSSL, don't accept any OpenSSL library that + lacks TLSv1_1_method(): Tor doesn't build with those versions. + Additionally, look in /usr/local/opt/openssl, if it's present. + These changes together repair the default build on OSX systems + with Homebrew installed. Fixes bug 23602; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (compression): + - Handle a pathological case when decompressing Zstandard data when + the output buffer size is zero. Fixes bug 23551; bugfix + on 0.3.1.1-alpha. + + o Minor bugfixes (documentation): + - Fix manpage to not refer to the obsolete (and misspelled) + UseEntryGuardsAsDirectoryGuards parameter in the description of + NumDirectoryGuards. Fixes bug 23611; bugfix on 0.2.4.8-alpha. + + o Minor bugfixes (hidden service v3): + - Don't log an assertion failure when we can't find the right + information to extend to an introduction point. In rare cases, + this could happen, causing a warning, even though tor would + recover gracefully. Fixes bug 23159; bugfix on 0.3.2.1-alpha. + - Pad RENDEZVOUS cell up to the size of the legacy cell which is + much bigger so the rendezvous point can't distinguish which hidden + service protocol is being used. Fixes bug 23420; bugfix + on 0.3.2.1-alpha. + + o Minor bugfixes (hidden service, relay): + - Avoid a possible double close of a circuit by the intro point on + error of sending the INTRO_ESTABLISHED cell. Fixes bug 23610; + bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (logging, relay shutdown, annoyance): + - When a circuit is marked for close, do not attempt to package any + cells for channels on that circuit. Previously, we would detect + this condition lower in the call stack, when we noticed that the + circuit had no attached channel, and log an annoying message. + Fixes bug 8185; bugfix on 0.2.5.4-alpha. + + o Minor bugfixes (scheduler): + - When switching schedulers due to a consensus change, we didn't + give the new scheduler a chance to react to the consensus. Fix + that. Fixes bug 23537; bugfix on 0.3.2.1-alpha. + - Make the KISTSchedRunInterval option a non negative value. With + this, the way to disable KIST through the consensus is to set it + to 0. Fixes bug 23539; bugfix on 0.3.2.1-alpha. + - Only notice log the selected scheduler when we switch scheduler + types. Fixes bug 23552; bugfix on 0.3.2.1-alpha. + - Avoid a compilation warning on macOS in scheduler_ev_add() caused + by a different tv_usec data type. Fixes bug 23575; bugfix + on 0.3.2.1-alpha. + - Make a hard exit if tor is unable to pick a scheduler which can + happen if the user specifies a scheduler type that is not + supported and not other types in Schedulers. Fixes bug 23581; + bugfix on 0.3.2.1-alpha. + - Properly initialize the scheduler last run time counter so it is + not 0 at the first tick. Fixes bug 23696; bugfix on 0.3.2.1-alpha. + + o Minor bugfixes (testing): + - Capture and detect several "Result does not fit" warnings in unit + tests on platforms with 32-bit time_t. Fixes bug 21800; bugfix + on 0.2.9.3-alpha. + - Fix additional channelpadding unit test failures by using mocked + time instead of actual time for all tests. Fixes bug 23608; bugfix + on 0.3.1.1-alpha. + - The removal of some old scheduler options caused some tests to + fail on BSD systems. Assume current behavior is correct and make + the tests pass again. Fixes bug 23566; bugfix on 0.3.2.1-alpha. + + o Code simplification and refactoring: + - Remove various ways of testing circuits and connections for + "clientness"; instead, favor channel_is_client(). Part of + ticket 22805. + + o Deprecated features: + - The ReachableDirAddresses and ClientPreferIPv6DirPort options are + now deprecated; they do not apply to relays, and they have had no + effect on clients since 0.2.8.x. Closes ticket 19704. + + o Documentation: + - HiddenServiceVersion man page entry wasn't mentioning the now + supported version 3. Fixes ticket 23580; bugfix on 0.3.2.1-alpha. + - Clarify that the Address option is entirely about setting an + advertised IPv4 address. Closes ticket 18891. + - Clarify the manpage's use of the term "address" to clarify what + kind of address is intended. Closes ticket 21405. + - Document that onion service subdomains are allowed, and ignored. + Closes ticket 18736. + + +Changes in version 0.3.2.1-alpha - 2017-09-18 + Tor 0.3.2.1-alpha is the first release in the 0.3.2.x series. It + includes support for our next-generation ("v3") onion service + protocol, and adds a new circuit scheduler for more responsive + forwarding decisions from relays. There are also numerous other small + features and bugfixes here. + + Below are the changes since Tor 0.3.1.7. + + o Major feature (scheduler, channel): + - Tor now uses new schedulers to decide which circuits should + deliver cells first, in order to improve congestion at relays. The + first type is called "KIST" ("Kernel Informed Socket Transport"), + and is only available on Linux-like systems: it uses feedback from + the kernel to prevent the kernel's TCP buffers from growing too + full. The second new scheduler type is called "KISTLite": it + behaves the same as KIST, but runs on systems without kernel + support for inspecting TCP implementation details. The old + scheduler is still available, under the name "Vanilla". To change + the default scheduler preference order, use the new "Schedulers" + option. (The default preference order is "KIST,KISTLite,Vanilla".) + + Matt Traudt implemented KIST, based on research by Rob Jansen, + John Geddes, Christ Wacek, Micah Sherr, and Paul Syverson. For + more information, see the design paper at + http://www.robgjansen.com/publications/kist-sec2014.pdf and the + followup implementation paper at https://arxiv.org/abs/1709.01044. + Closes ticket 12541. + + o Major features (next-generation onion services): + - Tor now supports the next-generation onion services protocol for + clients and services! As part of this release, the core of + proposal 224 has been implemented and is available for + experimentation and testing by our users. This newer version of + onion services ("v3") features many improvements over the legacy + system, including: + + a) Better crypto (replaced SHA1/DH/RSA1024 + with SHA3/ed25519/curve25519) + + b) Improved directory protocol, leaking much less information to + directory servers. + + c) Improved directory protocol, with smaller surface for + targeted attacks. + + d) Better onion address security against impersonation. + + e) More extensible introduction/rendezvous protocol. + + f) A cleaner and more modular codebase. + + You can identify a next-generation onion address by its length: + they are 56 characters long, as in + "4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad.onion". + + In the future, we will release more options and features for v3 + onion services, but we first need a testing period, so that the + current codebase matures and becomes more robust. Planned features + include: offline keys, advanced client authorization, improved + guard algorithms, and statistics. For full details, see + proposal 224. + + Legacy ("v2") onion services will still work for the foreseeable + future, and will remain the default until this new codebase gets + tested and hardened. Service operators who want to experiment with + the new system can use the 'HiddenServiceVersion 3' torrc + directive along with the regular onion service configuration + options. We will publish a blog post about this new feature + soon! Enjoy! + + o Major bugfixes (usability, control port): + - Report trusted clock skew indications as bootstrap errors, so + controllers can more easily alert users when their clocks are + wrong. Fixes bug 23506; bugfix on 0.1.2.6-alpha. + + o Minor features (bug detection): + - Log a warning message with a stack trace for any attempt to call + get_options() during option validation. This pattern has caused + subtle bugs in the past. Closes ticket 22281. + + o Minor features (client): + - You can now use Tor as a tunneled HTTP proxy: use the new + HTTPTunnelPort option to open a port that accepts HTTP CONNECT + requests. Closes ticket 22407. + - Add an extra check to make sure that we always use the newer guard + selection code for picking our guards. Closes ticket 22779. + - When downloading (micro)descriptors, don't split the list into + multiple requests unless we want at least 32 descriptors. + Previously, we split at 4, not 32, which led to significant + overhead in HTTP request size and degradation in compression + performance. Closes ticket 23220. + + o Minor features (command line): + - Add a new commandline option, --key-expiration, which prints when + the current signing key is going to expire. Implements ticket + 17639; patch by Isis Lovecruft. + + o Minor features (control port): + - If an application tries to use the control port as an HTTP proxy, + respond with a meaningful "This is the Tor control port" message, + and log the event. Closes ticket 1667. Patch from Ravi + Chandra Padmala. + - Provide better error message for GETINFO desc/(id|name) when not + fetching router descriptors. Closes ticket 5847. Patch by + Kevin Butler. + - Add GETINFO "{desc,md}/download-enabled", to inform the controller + whether Tor will try to download router descriptors and + microdescriptors respectively. Closes ticket 22684. + - Added new GETINFO targets "ip-to-country/{ipv4,ipv6}-available", + so controllers can tell whether the geoip databases are loaded. + Closes ticket 23237. + - Adds a timestamp field to the CIRC_BW and STREAM_BW bandwidth + events. Closes ticket 19254. Patch by "DonnchaC". + + o Minor features (development support): + - Developers can now generate a call-graph for Tor using the + "calltool" python program, which post-processes object dumps. It + should work okay on many Linux and OSX platforms, and might work + elsewhere too. To run it, install calltool from + https://gitweb.torproject.org/user/nickm/calltool.git and run + "make callgraph". Closes ticket 19307. + + o Minor features (ed25519): + - Add validation function to checks for torsion components in + ed25519 public keys, used by prop224 client-side code. Closes + ticket 22006. Math help by Ian Goldberg. + + o Minor features (exit relay, DNS): + - Improve the clarity and safety of the log message from evdns when + receiving an apparently spoofed DNS reply. Closes ticket 3056. + + o Minor features (integration, hardening): + - Add a new NoExec option to prevent Tor from running other + programs. When this option is set to 1, Tor will never try to run + another program, regardless of the settings of + PortForwardingHelper, ClientTransportPlugin, or + ServerTransportPlugin. Once NoExec is set, it cannot be disabled + without restarting Tor. Closes ticket 22976. + + o Minor features (logging): + - Improve the warning message for specifying a relay by nickname. + The previous message implied that nickname registration was still + part of the Tor network design, which it isn't. Closes + ticket 20488. + - If the sandbox filter fails to load, suggest to the user that + their kernel might not support seccomp2. Closes ticket 23090. + + o Minor features (portability): + - Check at configure time whether uint8_t is the same type as + unsigned char. Lots of existing code already makes this + assumption, and there could be strict aliasing issues if the + assumption is violated. Closes ticket 22410. + + o Minor features (relay, configuration): + - Reject attempts to use relative file paths when RunAsDaemon is + set. Previously, Tor would accept these, but the directory- + changing step of RunAsDaemon would give strange and/or confusing + results. Closes ticket 22731. + + o Minor features (startup, safety): + - When configured to write a PID file, Tor now exits if it is unable + to do so. Previously, it would warn and continue. Closes + ticket 20119. + + o Minor features (static analysis): + - The BUG() macro has been changed slightly so that Coverity no + longer complains about dead code if the bug is impossible. Closes + ticket 23054. + + o Minor features (testing): + - The default chutney network tests now include tests for the v3 + hidden service design. Make sure you have the latest version of + chutney if you want to run these. Closes ticket 22437. + - Add a unit test to verify that we can parse a hardcoded v2 hidden + service descriptor. Closes ticket 15554. + + o Minor bugfixes (certificate handling): + - Fix a time handling bug in Tor certificates set to expire after + the year 2106. Fixes bug 23055; bugfix on 0.3.0.1-alpha. Found by + Coverity as CID 1415728. + + o Minor bugfixes (client, usability): + - Refrain from needlessly rejecting SOCKS5-with-hostnames and + SOCKS4a requests that contain IP address strings, even when + SafeSocks in enabled, as this prevents user from connecting to + known IP addresses without relying on DNS for resolving. SafeSocks + still rejects SOCKS connections that connect to IP addresses when + those addresses are _not_ encoded as hostnames. Fixes bug 22461; + bugfix on Tor 0.2.6.2-alpha. + + o Minor bugfixes (code correctness): + - Call htons() in extend_cell_format() for encoding a 16-bit value. + Previously we used ntohs(), which happens to behave the same on + all the platforms we support, but which isn't really correct. + Fixes bug 23106; bugfix on 0.2.4.8-alpha. + - For defense-in-depth, make the controller's write_escaped_data() + function robust to extremely long inputs. Fixes bug 19281; bugfix + on 0.1.1.1-alpha. Reported by Guido Vranken. + + o Minor bugfixes (compilation): + - Fix unused-variable warnings in donna's Curve25519 SSE2 code. + Fixes bug 22895; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (consensus expiry): + - Check for adequate directory information correctly. Previously, Tor + would reconsider whether it had sufficient directory information + every 2 minutes. Fixes bug 23091; bugfix on 0.2.0.19-alpha. + + o Minor bugfixes (directory protocol): + - Directory servers now include a "Date:" http header for response + codes other than 200. Clients starting with a skewed clock and a + recent consensus were getting "304 Not modified" responses from + directory authorities, so without the Date header, the client + would never hear about a wrong clock. Fixes bug 23499; bugfix + on 0.0.8rc1. + - Make clients wait for 6 seconds before trying to download a + consensus from an authority. Fixes bug 17750; bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (DoS-resistance): + - If future code asks if there are any running bridges, without + checking if bridges are enabled, log a BUG warning rather than + crashing. Fixes bug 23524; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (format strictness): + - Restrict several data formats to decimal. Previously, the + BuildTimeHistogram entries in the state file, the "bw=" entries in + the bandwidth authority file, and the process IDs passed to the + __OwningControllerProcess option could all be specified in hex or + octal as well as in decimal. This was not an intentional feature. + Fixes bug 22802; bugfixes on 0.2.2.1-alpha, 0.2.2.2-alpha, + and 0.2.2.28-beta. + + o Minor bugfixes (heartbeat): + - If we fail to write a heartbeat message, schedule a retry for the + minimum heartbeat interval number of seconds in the future. Fixes + bug 19476; bugfix on 0.2.3.1-alpha. + + o Minor bugfixes (linux seccomp2 sandbox, logging): + - Fix some messages on unexpected errors from the seccomp2 library. + Fixes bug 22750; bugfix on 0.2.5.1-alpha. Patch from "cypherpunks". + + o Minor bugfixes (logging): + - Remove duplicate log messages regarding opening non-local + SocksPorts upon parsing config and opening listeners at startup. + Fixes bug 4019; bugfix on 0.2.3.3-alpha. + - Use a more comprehensible log message when telling the user + they've excluded every running exit node. Fixes bug 7890; bugfix + on 0.2.2.25-alpha. + - When logging the number of descriptors we intend to download per + directory request, do not log a number higher than then the number + of descriptors we're fetching in total. Fixes bug 19648; bugfix + on 0.1.1.8-alpha. + - When warning about a directory owned by the wrong user, log the + actual name of the user owning the directory. Previously, we'd log + the name of the process owner twice. Fixes bug 23487; bugfix + on 0.2.9.1-alpha. + - The tor specification says hop counts are 1-based, so fix two log + messages that mistakenly logged 0-based hop counts. Fixes bug + 18982; bugfix on 0.2.6.2-alpha and 0.2.4.5-alpha. Patch by teor. + Credit to Xiaofan Li for reporting this issue. + + o Minor bugfixes (portability): + - Stop using the PATH_MAX variable, which is not defined on GNU + Hurd. Fixes bug 23098; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (relay): + - When uploading our descriptor for the first time after startup, + report the reason for uploading as "Tor just started" rather than + leaving it blank. Fixes bug 22885; bugfix on 0.2.3.4-alpha. + - Avoid unnecessary calls to directory_fetches_from_authorities() on + relays, to prevent spurious address resolutions and descriptor + rebuilds. This is a mitigation for bug 21789. Fixes bug 23470; + bugfix on in 0.2.8.1-alpha. + + o Minor bugfixes (tests): + - Fix a broken unit test for the OutboundAddress option: the parsing + function was never returning an error on failure. Fixes bug 23366; + bugfix on 0.3.0.3-alpha. + - Fix a signed-integer overflow in the unit tests for + dir/download_status_random_backoff, which was untriggered until we + fixed bug 17750. Fixes bug 22924; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (usability, control port): + - Stop making an unnecessary routerlist check in NETINFO clock skew + detection; this was preventing clients from reporting NETINFO clock + skew to controllers. Fixes bug 23532; bugfix on 0.2.4.4-alpha. + + o Code simplification and refactoring: + - Extract the code for handling newly-open channels into a separate + function from the general code to handle channel state + transitions. This change simplifies our callgraph, reducing the + size of the largest strongly connected component by roughly a + factor of two. Closes ticket 22608. + - Remove dead code for largely unused statistics on the number of + times we've attempted various public key operations. Fixes bug + 19871; bugfix on 0.1.2.4-alpha. Fix by Isis Lovecruft. + - Remove several now-obsolete functions for asking about old + variants directory authority status. Closes ticket 22311; patch + from "huyvq". + - Remove some of the code that once supported "Named" and "Unnamed" + routers. Authorities no longer vote for these flags. Closes + ticket 22215. + - Rename the obsolete malleable hybrid_encrypt functions used in TAP + and old hidden services, to indicate that they aren't suitable for + new protocols or formats. Closes ticket 23026. + - Replace our STRUCT_OFFSET() macro with offsetof(). Closes ticket + 22521. Patch from Neel Chauhan. + - Split the enormous circuit_send_next_onion_skin() function into + multiple subfunctions. Closes ticket 22804. + - Split the portions of the buffer.c module that handle particular + protocols into separate modules. Part of ticket 23149. + - Use our test macros more consistently, to produce more useful + error messages when our unit tests fail. Add coccinelle patches to + allow us to re-check for test macro uses. Closes ticket 22497. + + o Deprecated features: + - Deprecate HTTPProxy/HTTPProxyAuthenticator config options. They + only applies to direct unencrypted HTTP connections to your + directory server, which your Tor probably isn't using. Closes + ticket 20575. + + o Documentation: + - Clarify in the manual that "Sandbox 1" is only supported on Linux + kernels. Closes ticket 22677. + - Document all values of PublishServerDescriptor in the manpage. + Closes ticket 15645. + - Improve the documentation for the directory port part of the + DirAuthority line. Closes ticket 20152. + - Restore documentation for the authorities' "approved-routers" + file. Closes ticket 21148. + + o Removed features: + - The AllowDotExit option has been removed as unsafe. It has been + deprecated since 0.2.9.2-alpha. Closes ticket 23426. + - The ClientDNSRejectInternalAddresses flag can no longer be set on + non-testing networks. It has been deprecated since 0.2.9.2-alpha. + Closes ticket 21031. + - The controller API no longer includes an AUTHDIR_NEWDESCS event: + nobody was using it any longer. Closes ticket 22377. + + +Changes in version 0.2.8.15 - 2017-09-18 + Tor 0.2.8.15 backports a collection of bugfixes from later + Tor series. + + Most significantly, it includes a fix for TROVE-2017-008, a + security bug that affects hidden services running with the + SafeLogging option disabled. For more information, see + https://trac.torproject.org/projects/tor/ticket/23490 + + Note that Tor 0.2.8.x will no longer be supported after 1 Jan + 2018. We suggest that you upgrade to the latest stable release if + possible. If you can't, we recommend that you upgrade at least to + 0.2.9, which will be supported until 2020. + + o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha): + - Avoid an assertion failure bug affecting our implementation of + inet_pton(AF_INET6) on certain OpenBSD systems whose strtol() + handling of "0xx" differs from what we had expected. Fixes bug + 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007. + + o Minor features: + - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha): + - Backport a fix for an "unused variable" warning that appeared + in some versions of mingw. Fixes bug 22838; bugfix on + 0.2.8.1-alpha. + + o Minor bugfixes (defensive programming, undefined behavior, backport from 0.3.1.4-alpha): + - Fix a memset() off the end of an array when packing cells. This + bug should be harmless in practice, since the corrupted bytes are + still in the same structure, and are always padding bytes, + ignored, or immediately overwritten, depending on compiler + behavior. Nevertheless, because the memset()'s purpose is to make + sure that any other cell-handling bugs can't expose bytes to the + network, we need to fix it. Fixes bug 22737; bugfix on + 0.2.4.11-alpha. Fixes CID 1401591. + + o Build features (backport from 0.3.1.5-alpha): + - Tor's repository now includes a Travis Continuous Integration (CI) + configuration file (.travis.yml). This is meant to help new + developers and contributors who fork Tor to a Github repository be + better able to test their changes, and understand what we expect + to pass. To use this new build feature, you must fork Tor to your + Github account, then go into the "Integrations" menu in the + repository settings for your fork and enable Travis, then push + your changes. Closes ticket 22636. + + +Changes in version 0.2.9.12 - 2017-09-18 + Tor 0.2.9.12 backports a collection of bugfixes from later + Tor series. + + Most significantly, it includes a fix for TROVE-2017-008, a + security bug that affects hidden services running with the + SafeLogging option disabled. For more information, see + https://trac.torproject.org/projects/tor/ticket/23490 + + o Major features (security, backport from 0.3.0.2-alpha): + - Change the algorithm used to decide DNS TTLs on client and server + side, to better resist DNS-based correlation attacks like the + DefecTor attack of Greschbach, Pulls, Roberts, Winter, and + Feamster. Now relays only return one of two possible DNS TTL + values, and clients are willing to believe DNS TTL values up to 3 + hours long. Closes ticket 19769. + + o Major bugfixes (crash, directory connections, backport from 0.3.0.5-rc): + - Fix a rare crash when sending a begin cell on a circuit whose + linked directory connection had already been closed. Fixes bug + 21576; bugfix on 0.2.9.3-alpha. Reported by Alec Muffett. + + o Major bugfixes (DNS, backport from 0.3.0.2-alpha): + - Fix a bug that prevented exit nodes from caching DNS records for + more than 60 seconds. Fixes bug 19025; bugfix on 0.2.4.7-alpha. + + o Major bugfixes (linux TPROXY support, backport from 0.3.1.1-alpha): + - Fix a typo that had prevented TPROXY-based transparent proxying + from working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha. + Patch from "d4fq0fQAgoJ". + + o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha): + - Avoid an assertion failure bug affecting our implementation of + inet_pton(AF_INET6) on certain OpenBSD systems whose strtol() + handling of "0xx" differs from what we had expected. Fixes bug + 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007. + + o Minor features (code style, backport from 0.3.1.3-alpha): + - Add "Falls through" comments to our codebase, in order to silence + GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas + Stieger. Closes ticket 22446. + + o Minor features (geoip): + - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (bandwidth accounting, backport from 0.3.1.1-alpha): + - Roll over monthly accounting at the configured hour and minute, + rather than always at 00:00. Fixes bug 22245; bugfix on 0.0.9rc1. + Found by Andrey Karpov with PVS-Studio. + + o Minor bugfixes (compilation, backport from 0.3.1.5-alpha): + - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915; + bugfix on 0.2.8.1-alpha. + - Fix warnings when building with libscrypt and openssl scrypt support + on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha. + - When building with certain versions the mingw C header files, avoid + float-conversion warnings when calling the C functions isfinite(), + isnan(), and signbit(). Fixes bug 22801; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (compilation, backport from 0.3.1.7): + - Avoid compiler warnings in the unit tests for running tor_sscanf() + with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha. + + o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha): + - Backport a fix for an "unused variable" warning that appeared + in some versions of mingw. Fixes bug 22838; bugfix on + 0.2.8.1-alpha. + + o Minor bugfixes (controller, backport from 0.3.1.7): + - Do not crash when receiving a HSPOST command with an empty body. + Fixes part of bug 22644; bugfix on 0.2.7.1-alpha. + - Do not crash when receiving a POSTDESCRIPTOR command with an + empty body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha. + + o Minor bugfixes (coverity build support, backport from 0.3.1.5-alpha): + - Avoid Coverity build warnings related to our BUG() macro. By + default, Coverity treats BUG() as the Linux kernel does: an + instant abort(). We need to override that so our BUG() macro + doesn't prevent Coverity from analyzing functions that use it. + Fixes bug 23030; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (defensive programming, undefined behavior, backport from 0.3.1.4-alpha): + - Fix a memset() off the end of an array when packing cells. This + bug should be harmless in practice, since the corrupted bytes are + still in the same structure, and are always padding bytes, + ignored, or immediately overwritten, depending on compiler + behavior. Nevertheless, because the memset()'s purpose is to make + sure that any other cell-handling bugs can't expose bytes to the + network, we need to fix it. Fixes bug 22737; bugfix on + 0.2.4.11-alpha. Fixes CID 1401591. + + o Minor bugfixes (file limits, osx, backport from 0.3.1.5-alpha): + - When setting the maximum number of connections allowed by the OS, + always allow some extra file descriptors for other files. Fixes + bug 22797; bugfix on 0.2.0.10-alpha. + + o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.5-alpha): + - Avoid a sandbox failure when trying to re-bind to a socket and + mark it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha. + + o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.4-alpha): + - Permit the fchmod system call, to avoid crashing on startup when + starting with the seccomp2 sandbox and an unexpected set of + permissions on the data directory or its contents. Fixes bug + 22516; bugfix on 0.2.5.4-alpha. + + o Minor bugfixes (relay, backport from 0.3.0.5-rc): + - Avoid a double-marked-circuit warning that could happen when we + receive DESTROY cells under heavy load. Fixes bug 20059; bugfix + on 0.1.0.1-rc. + + o Minor bugfixes (voting consistency, backport from 0.3.1.1-alpha): + - Reject version numbers with non-numeric prefixes (such as +, -, or + whitespace). Disallowing whitespace prevents differential version + parsing between POSIX-based and Windows platforms. Fixes bug 21507 + and part of 21508; bugfix on 0.0.8pre1. + + o Build features (backport from 0.3.1.5-alpha): + - Tor's repository now includes a Travis Continuous Integration (CI) + configuration file (.travis.yml). This is meant to help new + developers and contributors who fork Tor to a Github repository be + better able to test their changes, and understand what we expect + to pass. To use this new build feature, you must fork Tor to your + Github account, then go into the "Integrations" menu in the + repository settings for your fork and enable Travis, then push + your changes. Closes ticket 22636. + + +Changes in version 0.3.0.11 - 2017-09-18 + Tor 0.3.0.11 backports a collection of bugfixes from Tor the 0.3.1 + series. + + Most significantly, it includes a fix for TROVE-2017-008, a + security bug that affects hidden services running with the + SafeLogging option disabled. For more information, see + https://trac.torproject.org/projects/tor/ticket/23490 + + o Minor features (code style, backport from 0.3.1.7): + - Add "Falls through" comments to our codebase, in order to silence + GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas + Stieger. Closes ticket 22446. + + o Minor features: + - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation, backport from 0.3.1.7): + - Avoid compiler warnings in the unit tests for calling tor_sscanf() + with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha. + + o Minor bugfixes (controller, backport from 0.3.1.7): + - Do not crash when receiving a HSPOST command with an empty body. + Fixes part of bug 22644; bugfix on 0.2.7.1-alpha. + - Do not crash when receiving a POSTDESCRIPTOR command with an empty + body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha. + + o Minor bugfixes (file limits, osx, backport from 0.3.1.5-alpha): + - When setting the maximum number of connections allowed by the OS, + always allow some extra file descriptors for other files. Fixes + bug 22797; bugfix on 0.2.0.10-alpha. + + o Minor bugfixes (logging, relay, backport from 0.3.1.6-rc): + - Remove a forgotten debugging message when an introduction point + successfully establishes a hidden service prop224 circuit with + a client. + - Change three other log_warn() for an introduction point to + protocol warnings, because they can be failure from the network + and are not relevant to the operator. Fixes bug 23078; bugfix on + 0.3.0.1-alpha and 0.3.0.2-alpha. + + +Changes in version 0.3.1.7 - 2017-09-18 + Tor 0.3.1.7 is the first stable release in the 0.3.1 series. + + With the 0.3.1 series, Tor now serves and downloads directory + information in more compact formats, to save on bandwidth overhead. It + also contains a new padding system to resist netflow-based traffic + analysis, and experimental support for building parts of Tor in Rust + (though no parts of Tor are in Rust yet). There are also numerous + small features, bugfixes on earlier release series, and groundwork for + the hidden services revamp of 0.3.2. + + This release also includes a fix for TROVE-2017-008, a security bug + that affects hidden services running with the SafeLogging option + disabled. For more information, see + https://trac.torproject.org/projects/tor/ticket/23490 + + Per our stable release policy, we plan to support each stable release + series for at least the next nine months, or for three months after + the first stable release of the next series: whichever is longer. If + you need a release with long-term support, we recommend that you stay + with the 0.2.9 series. + + Below is a list of the changes since 0.3.1.6-rc. For a list of all + changes since 0.3.0, see the ReleaseNotes file. + + o Major bugfixes (security, hidden services, loggging): + - Fix a bug where we could log uninitialized stack when a certain + hidden service error occurred while SafeLogging was disabled. + Fixes bug #23490; bugfix on 0.2.7.2-alpha. This is also tracked as + TROVE-2017-008 and CVE-2017-0380. + + o Minor features (defensive programming): + - Create a pair of consensus parameters, nf_pad_tor2web and + nf_pad_single_onion, to disable netflow padding in the consensus + for non-anonymous connections in case the overhead is high. Closes + ticket 17857. + + o Minor features (diagnostic): + - Add a stack trace to the bug warnings that can be logged when + trying to send an outgoing relay cell with n_chan == 0. Diagnostic + attempt for bug 23105. + + o Minor features (geoip): + - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation): + - Avoid compiler warnings in the unit tests for calling tor_sscanf() + with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha. + + o Minor bugfixes (controller): + - Do not crash when receiving a HSPOST command with an empty body. + Fixes part of bug 22644; bugfix on 0.2.7.1-alpha. + - Do not crash when receiving a POSTDESCRIPTOR command with an empty + body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha. + + o Minor bugfixes (relay): + - Inform the geoip and rephist modules about all requests, even on + relays that are only fetching microdescriptors. Fixes a bug + related to 21585; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (unit tests): + - Fix a channelpadding unit test failure on slow systems by using + mocked time instead of actual time. Fixes bug 23077; bugfix + on 0.3.1.1-alpha. + + +Changes in version 0.3.1.6-rc - 2017-09-05 + Tor 0.3.1.6-rc fixes a few small bugs and annoyances in the 0.3.1 + release series, including a bug that produced weird behavior on + Windows directory caches. + + This is the first release candidate in the Tor 0.3.1 series. If we + find no new bugs or regressions here, the first stable 0.3.1 release + will be nearly identical to it. + + o Major bugfixes (windows, directory cache): + - On Windows, do not try to delete cached consensus documents and + diffs before they are unmapped from memory--Windows won't allow + that. Instead, allow the consensus cache directory to grow larger, + to hold files that might need to stay around longer. Fixes bug + 22752; bugfix on 0.3.1.1-alpha. + + o Minor features (directory authority): + - Improve the message that authorities report to relays that present + RSA/Ed25519 keypairs that conflict with previously pinned keys. + Closes ticket 22348. + + o Minor features (geoip): + - Update geoip and geoip6 to the August 3 2017 Maxmind GeoLite2 + Country database. + + o Minor features (testing): + - Add more tests for compression backend initialization. Closes + ticket 22286. + + o Minor bugfixes (directory cache): + - Fix a memory leak when recovering space in the consensus cache. + Fixes bug 23139; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (hidden service): + - Increase the number of circuits that a service is allowed to + open over a specific period of time. The value was lower than it + should be (8 vs 12) in the normal case of 3 introduction points. + Fixes bug 22159; bugfix on 0.3.0.5-rc. + - Fix a BUG warning during HSv3 descriptor decoding that could be + cause by a specially crafted descriptor. Fixes bug 23233; bugfix + on 0.3.0.1-alpha. Bug found by "haxxpop". + - Rate-limit the log messages if we exceed the maximum number of + allowed intro circuits. Fixes bug 22159; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (logging, relay): + - Remove a forgotten debugging message when an introduction point + successfully establishes a hidden service prop224 circuit with + a client. + - Change three other log_warn() for an introduction point to + protocol warnings, because they can be failure from the network + and are not relevant to the operator. Fixes bug 23078; bugfix on + 0.3.0.1-alpha and 0.3.0.2-alpha. + + o Minor bugfixes (relay): + - When a relay is not running as a directory cache, it will no + longer generate compressed consensuses and consensus diff + information. Previously, this was a waste of disk and CPU. Fixes + bug 23275; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (robustness, error handling): + - Improve our handling of the cases where OpenSSL encounters a + memory error while encoding keys and certificates. We haven't + observed these errors in the wild, but if they do happen, we now + detect and respond better. Fixes bug 19418; bugfix on all versions + of Tor. Reported by Guido Vranken. + + o Minor bugfixes (stability): + - Avoid crashing on a double-free when unable to load or process an + included file. Fixes bug 23155; bugfix on 0.3.1.1-alpha. Found + with the clang static analyzer. + + o Minor bugfixes (testing): + - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; + bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij. + - Port the hs_ntor handshake test to work correctly with recent + versions of the pysha3 module. Fixes bug 23071; bugfix + on 0.3.1.1-alpha. + + o Minor bugfixes (Windows service): + - When running as a Windows service, set the ID of the main thread + correctly. Failure to do so made us fail to send log messages to + the controller in 0.2.1.16-rc, slowed down controller event + delivery in 0.2.7.3-rc and later, and crash with an assertion + failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha. + Patch and diagnosis from "Vort". + + +Changes in version 0.3.0.10 - 2017-08-02 + Tor 0.3.0.10 backports a collection of small-to-medium bugfixes + from the current Tor alpha series. OpenBSD users and TPROXY users + should upgrade; others are probably okay sticking with 0.3.0.9. + + o Major features (build system, continuous integration, backport from 0.3.1.5-alpha): + - Tor's repository now includes a Travis Continuous Integration (CI) + configuration file (.travis.yml). This is meant to help new + developers and contributors who fork Tor to a Github repository be + better able to test their changes, and understand what we expect + to pass. To use this new build feature, you must fork Tor to your + Github account, then go into the "Integrations" menu in the + repository settings for your fork and enable Travis, then push + your changes. Closes ticket 22636. + + o Major bugfixes (linux TPROXY support, backport from 0.3.1.1-alpha): + - Fix a typo that had prevented TPROXY-based transparent proxying + from working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha. + Patch from "d4fq0fQAgoJ". + + o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha): + - Avoid an assertion failure bug affecting our implementation of + inet_pton(AF_INET6) on certain OpenBSD systems whose strtol() + handling of "0xbar" differs from what we had expected. Fixes bug + 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007. + + o Minor features (backport from 0.3.1.5-alpha): + - Update geoip and geoip6 to the July 4 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (bandwidth accounting, backport from 0.3.1.2-alpha): + - Roll over monthly accounting at the configured hour and minute, + rather than always at 00:00. Fixes bug 22245; bugfix on 0.0.9rc1. + Found by Andrey Karpov with PVS-Studio. + + o Minor bugfixes (compilation warnings, backport from 0.3.1.5-alpha): + - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915; + bugfix on 0.2.8.1-alpha. + - Fix warnings when building with libscrypt and openssl scrypt + support on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha. + - When building with certain versions of the mingw C header files, + avoid float-conversion warnings when calling the C functions + isfinite(), isnan(), and signbit(). Fixes bug 22801; bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha): + - Backport a fix for an "unused variable" warning that appeared + in some versions of mingw. Fixes bug 22838; bugfix on + 0.2.8.1-alpha. + + o Minor bugfixes (coverity build support, backport from 0.3.1.5-alpha): + - Avoid Coverity build warnings related to our BUG() macro. By + default, Coverity treats BUG() as the Linux kernel does: an + instant abort(). We need to override that so our BUG() macro + doesn't prevent Coverity from analyzing functions that use it. + Fixes bug 23030; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (directory authority, backport from 0.3.1.1-alpha): + - When rejecting a router descriptor for running an obsolete version + of Tor without ntor support, warn about the obsolete tor version, + not the missing ntor key. Fixes bug 20270; bugfix on 0.2.9.3-alpha. + + o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.5-alpha): + - Avoid a sandbox failure when trying to re-bind to a socket and + mark it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha. + + o Minor bugfixes (unit tests, backport from 0.3.1.5-alpha) + - Fix a memory leak in the link-handshake/certs_ok_ed25519 test. + Fixes bug 22803; bugfix on 0.3.0.1-alpha. + + +Changes in version 0.3.1.5-alpha - 2017-08-01 + Tor 0.3.1.5-alpha improves the performance of consensus diff + calculation, fixes a crash bug on older versions of OpenBSD, and fixes + several other bugs. If no serious bugs are found in this version, the + next version will be a release candidate. + + This release also marks the end of support for the Tor 0.2.4.x, + 0.2.6.x, and 0.2.7.x release series. Those releases will receive no + further bug or security fixes. Anyone still running or distributing + one of those versions should upgrade. + + o Major features (build system, continuous integration): + - Tor's repository now includes a Travis Continuous Integration (CI) + configuration file (.travis.yml). This is meant to help new + developers and contributors who fork Tor to a Github repository be + better able to test their changes, and understand what we expect + to pass. To use this new build feature, you must fork Tor to your + Github account, then go into the "Integrations" menu in the + repository settings for your fork and enable Travis, then push + your changes. Closes ticket 22636. + + o Major bugfixes (openbsd, denial-of-service): + - Avoid an assertion failure bug affecting our implementation of + inet_pton(AF_INET6) on certain OpenBSD systems whose strtol() + handling of "0xbar" differs from what we had expected. Fixes bug + 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007. + + o Major bugfixes (relay, performance): + - Perform circuit handshake operations at a higher priority than we + use for consensus diff creation and compression. This should + prevent circuits from starving when a relay or bridge receives a + new consensus, especially on lower-powered machines. Fixes bug + 22883; bugfix on 0.3.1.1-alpha. + + o Minor features (bridge authority): + - Add "fingerprint" lines to the networkstatus-bridges file produced + by bridge authorities. Closes ticket 22207. + + o Minor features (directory cache, consensus diff): + - Add a new MaxConsensusAgeForDiffs option to allow directory cache + operators with low-resource environments to adjust the number of + consensuses they'll store and generate diffs from. Most cache + operators should leave it unchanged. Helps to work around + bug 22883. + + o Minor features (geoip): + - Update geoip and geoip6 to the July 4 2017 Maxmind GeoLite2 + Country database. + + o Minor features (relay, performance): + - Always start relays with at least two worker threads, to prevent + priority inversion on slow tasks. Part of the fix for bug 22883. + - Allow background work to be queued with different priorities, so + that a big pile of slow low-priority jobs will not starve out + higher priority jobs. This lays the groundwork for a fix for + bug 22883. + + o Minor bugfixes (build system, rust): + - Fix a problem where Rust toolchains were not being found when + building without --enable-cargo-online-mode, due to setting the + $HOME environment variable instead of $CARGO_HOME. Fixes bug + 22830; bugfix on 0.3.1.1-alpha. Fix by Chelsea Komlo. + + o Minor bugfixes (compatibility, zstd): + - Write zstd epilogues correctly when the epilogue requires + reallocation of the output buffer, even with zstd 1.3.0. + (Previously, we worked on 1.2.0 and failed with 1.3.0). Fixes bug + 22927; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (compilation warnings): + - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug + 22915; bugfix on 0.2.8.1-alpha. + - Fix warnings when building with libscrypt and openssl scrypt + support on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha. + - Compile correctly when both openssl 1.1.0 and libscrypt are + detected. Previously this would cause an error. Fixes bug 22892; + bugfix on 0.3.1.1-alpha. + - When building with certain versions of the mingw C header files, + avoid float-conversion warnings when calling the C functions + isfinite(), isnan(), and signbit(). Fixes bug 22801; bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (coverity build support): + - Avoid Coverity build warnings related to our BUG() macro. By + default, Coverity treats BUG() as the Linux kernel does: an + instant abort(). We need to override that so our BUG() macro + doesn't prevent Coverity from analyzing functions that use it. + Fixes bug 23030; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (directory authority): + - When a directory authority rejects a descriptor or extrainfo with + a given digest, mark that digest as undownloadable, so that we do + not attempt to download it again over and over. We previously + tried to avoid downloading such descriptors by other means, but we + didn't notice if we accidentally downloaded one anyway. This + behavior became problematic in 0.2.7.2-alpha, when authorities + began pinning Ed25519 keys. Fixes bug 22349; bugfix + on 0.2.1.19-alpha. + + o Minor bugfixes (error reporting, windows): + - When formatting Windows error messages, use the English format to + avoid codepage issues. Fixes bug 22520; bugfix on 0.1.2.8-alpha. + Patch from "Vort". + + o Minor bugfixes (file limits, osx): + - When setting the maximum number of connections allowed by the OS, + always allow some extra file descriptors for other files. Fixes + bug 22797; bugfix on 0.2.0.10-alpha. + + o Minor bugfixes (linux seccomp2 sandbox): + - Avoid a sandbox failure when trying to re-bind to a socket and + mark it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha. + + o Minor bugfixes (memory leaks): + - Fix a small memory leak when validating a configuration that uses + two or more AF_UNIX sockets for the same port type. Fixes bug + 23053; bugfix on 0.2.6.3-alpha. This is CID 1415725. + + o Minor bugfixes (unit tests): + - test_consdiff_base64cmp would fail on OS X because while OS X + follows the standard of (less than zero/zero/greater than zero), + it doesn't follow the convention of (-1/0/+1). Make the test + comply with the standard. Fixes bug 22870; bugfix on 0.3.1.1-alpha. + - Fix a memory leak in the link-handshake/certs_ok_ed25519 test. + Fixes bug 22803; bugfix on 0.3.0.1-alpha. + + +Changes in version 0.3.1.4-alpha - 2017-06-29 + Tor 0.3.1.4-alpha fixes a path selection bug that would allow a client + to use a guard that was in the same network family as a chosen exit + relay. This is a security regression; all clients running earlier + versions of 0.3.0.x or 0.3.1.x should upgrade to 0.3.0.9 + or 0.3.1.4-alpha. + + This release also fixes several other bugs introduced in 0.3.0.x + and 0.3.1.x, including others that can affect bandwidth usage + and correctness. + + o New dependencies: + - To build with zstd and lzma support, Tor now requires the + pkg-config tool at build time. (This requirement was new in + 0.3.1.1-alpha, but was not noted at the time. Noting it here to + close ticket 22623.) + + o Major bugfixes (path selection, security): + - When choosing which guard to use for a circuit, avoid the exit's + family along with the exit itself. Previously, the new guard + selection logic avoided the exit, but did not consider its family. + Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked as TROVE-2017- + 006 and CVE-2017-0377. + + o Major bugfixes (compression, zstd): + - Correctly detect a full buffer when decompressing a large zstd- + compressed input. Previously, we would sometimes treat a full + buffer as an error. Fixes bug 22628; bugfix on 0.3.1.1-alpha. + + o Major bugfixes (directory protocol): + - Ensure that we send "304 Not modified" as HTTP status code when a + client is attempting to fetch a consensus or consensus diff, and + the best one we can send them is one they already have. Fixes bug + 22702; bugfix on 0.3.1.1-alpha. + + o Major bugfixes (entry guards): + - When starting with an old consensus, do not add new entry guards + unless the consensus is "reasonably live" (under 1 day old). Fixes + one root cause of bug 22400; bugfix on 0.3.0.1-alpha. + + o Minor features (bug mitigation, diagnostics, logging): + - Avoid an assertion failure, and log a better error message, when + unable to remove a file from the consensus cache on Windows. + Attempts to mitigate and diagnose bug 22752. + + o Minor features (geoip): + - Update geoip and geoip6 to the June 8 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compression): + - When compressing or decompressing a buffer, check for a failure to + create a compression object. Fixes bug 22626; bugfix + on 0.3.1.1-alpha. + - When decompressing a buffer, check for extra data after the end of + the compressed data. Fixes bug 22629; bugfix on 0.3.1.1-alpha. + - When decompressing an object received over an anonymous directory + connection, if we have already decompressed it using an acceptable + compression method, do not reject it for looking like an + unacceptable compression method. Fixes part of bug 22670; bugfix + on 0.3.1.1-alpha. + - When serving directory votes compressed with zlib, do not claim to + have compressed them with zstd. Fixes bug 22669; bugfix + on 0.3.1.1-alpha. + - When spooling compressed data to an output buffer, don't try to + spool more data when there is no more data to spool and we are not + trying to flush the input. Previously, we would sometimes launch + compression requests with nothing to do, which interferes with our + 22672 checks. Fixes bug 22719; bugfix on 0.2.0.16-alpha. + + o Minor bugfixes (defensive programming): + - Detect and break out of infinite loops in our compression code. We + don't think that any such loops exist now, but it's best to be + safe. Closes ticket 22672. + - Fix a memset() off the end of an array when packing cells. This + bug should be harmless in practice, since the corrupted bytes are + still in the same structure, and are always padding bytes, + ignored, or immediately overwritten, depending on compiler + behavior. Nevertheless, because the memset()'s purpose is to make + sure that any other cell-handling bugs can't expose bytes to the + network, we need to fix it. Fixes bug 22737; bugfix on + 0.2.4.11-alpha. Fixes CID 1401591. + + o Minor bugfixes (linux seccomp2 sandbox): + - Permit the fchmod system call, to avoid crashing on startup when + starting with the seccomp2 sandbox and an unexpected set of + permissions on the data directory or its contents. Fixes bug + 22516; bugfix on 0.2.5.4-alpha. + - Fix a crash in the LZMA module, when the sandbox was enabled, and + liblzma would allocate more than 16 MB of memory. We solve this by + bumping the mprotect() limit in the sandbox module from 16 MB to + 20 MB. Fixes bug 22751; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (logging): + - When decompressing, do not warn if we fail to decompress using a + compression method that we merely guessed. Fixes part of bug + 22670; bugfix on 0.1.1.14-alpha. + - When decompressing, treat mismatch between content-encoding and + actual compression type as a protocol warning. Fixes part of bug + 22670; bugfix on 0.1.1.9-alpha. + - Downgrade "assigned_to_cpuworker failed" message to info-level + severity. In every case that can reach it, either a better warning + has already been logged, or no warning is warranted. Fixes bug + 22356; bugfix on 0.2.6.3-alpha. + - Demote a warn that was caused by libevent delays to info if + netflow padding is less than 4.5 seconds late, or to notice + if it is more (4.5 seconds is the amount of time that a netflow + record might be emitted after, if we chose the maximum timeout). + Fixes bug 22212; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (process behavior): + - When exiting because of an error, always exit with a nonzero exit + status. Previously, we would fail to report an error in our exit + status in cases related to __OwningControllerProcess failure, + lockfile contention, and Ed25519 key initialization. Fixes bug + 22720; bugfix on versions 0.2.1.6-alpha, 0.2.2.28-beta, and + 0.2.7.2-alpha respectively. Reported by "f55jwk4f"; patch + from "huyvq". + + o Documentation: + - Add a manpage description for the key-pinning-journal file. Closes + ticket 22347. + - Correctly note that bandwidth accounting values are stored in the + state file, and the bw_accounting file is now obsolete. Closes + ticket 16082. + - Document more of the files in the Tor data directory, including + cached-extrainfo, secret_onion_key{,_ntor}.old, hidserv-stats, + approved-routers, sr-random, and diff-cache. Found while fixing + ticket 22347. + + +Changes in version 0.3.0.9 - 2017-06-29 + Tor 0.3.0.9 fixes a path selection bug that would allow a client + to use a guard that was in the same network family as a chosen exit + relay. This is a security regression; all clients running earlier + versions of 0.3.0.x or 0.3.1.x should upgrade to 0.3.0.9 or + 0.3.1.4-alpha. + + This release also backports several other bugfixes from the 0.3.1.x + series. + + o Major bugfixes (path selection, security, backport from 0.3.1.4-alpha): + - When choosing which guard to use for a circuit, avoid the exit's + family along with the exit itself. Previously, the new guard + selection logic avoided the exit, but did not consider its family. + Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked as TROVE-2017- + 006 and CVE-2017-0377. + + o Major bugfixes (entry guards, backport from 0.3.1.1-alpha): + - Don't block bootstrapping when a primary bridge is offline and we + can't get its descriptor. Fixes bug 22325; fixes one case of bug + 21969; bugfix on 0.3.0.3-alpha. + + o Major bugfixes (entry guards, backport from 0.3.1.4-alpha): + - When starting with an old consensus, do not add new entry guards + unless the consensus is "reasonably live" (under 1 day old). Fixes + one root cause of bug 22400; bugfix on 0.3.0.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the June 8 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (voting consistency, backport from 0.3.1.1-alpha): + - Reject version numbers with non-numeric prefixes (such as +, -, or + whitespace). Disallowing whitespace prevents differential version + parsing between POSIX-based and Windows platforms. Fixes bug 21507 + and part of 21508; bugfix on 0.0.8pre1. + + o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.4-alpha): + - Permit the fchmod system call, to avoid crashing on startup when + starting with the seccomp2 sandbox and an unexpected set of + permissions on the data directory or its contents. Fixes bug + 22516; bugfix on 0.2.5.4-alpha. + + o Minor bugfixes (defensive programming, backport from 0.3.1.4-alpha): + - Fix a memset() off the end of an array when packing cells. This + bug should be harmless in practice, since the corrupted bytes are + still in the same structure, and are always padding bytes, + ignored, or immediately overwritten, depending on compiler + behavior. Nevertheless, because the memset()'s purpose is to make + sure that any other cell-handling bugs can't expose bytes to the + network, we need to fix it. Fixes bug 22737; bugfix on + 0.2.4.11-alpha. Fixes CID 1401591. + + +Changes in version 0.3.1.3-alpha - 2017-06-08 + Tor 0.3.1.3-alpha fixes a pair of bugs that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-004 and TROVE-2017-005. + + Tor 0.3.1.3-alpha also includes fixes for several key management bugs + that sometimes made relays unreliable, as well as several other + bugfixes described below. + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure when a hidden service + handles a malformed BEGIN cell. Fixes bug 22493, tracked as + TROVE-2017-004 and as CVE-2017-0375; bugfix on 0.3.0.1-alpha. + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Major bugfixes (relay, link handshake): + - When performing the v3 link handshake on a TLS connection, report + that we have the x509 certificate that we actually used on that + connection, even if we have changed certificates since that + connection was first opened. Previously, we would claim to have + used our most recent x509 link certificate, which would sometimes + make the link handshake fail. Fixes one case of bug 22460; bugfix + on 0.2.3.6-alpha. + + o Major bugfixes (relays, key management): + - Regenerate link and authentication certificates whenever the key + that signs them changes; also, regenerate link certificates + whenever the signed key changes. Previously, these processes were + only weakly coupled, and we relays could (for minutes to hours) + wind up with an inconsistent set of keys and certificates, which + other relays would not accept. Fixes two cases of bug 22460; + bugfix on 0.3.0.1-alpha. + - When sending an Ed25519 signing->link certificate in a CERTS cell, + send the certificate that matches the x509 certificate that we + used on the TLS connection. Previously, there was a race condition + if the TLS context rotated after we began the TLS handshake but + before we sent the CERTS cell. Fixes a case of bug 22460; bugfix + on 0.3.0.1-alpha. + + o Major bugfixes (torrc, crash): + - Fix a crash bug when using %include in torrc. Fixes bug 22417; + bugfix on 0.3.1.1-alpha. Patch by Daniel Pinto. + + o Minor features (code style): + - Add "Falls through" comments to our codebase, in order to silence + GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas + Stieger. Closes ticket 22446. + + o Minor features (diagnostic): + - Add logging messages to try to diagnose a rare bug that seems to + generate RSA->Ed25519 cross-certificates dated in the 1970s. We + think this is happening because of incorrect system clocks, but + we'd like to know for certain. Diagnostic for bug 22466. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + + o Minor bugfixes (directory protocol): + - Check for libzstd >= 1.1, because older versions lack the + necessary streaming API. Fixes bug 22413; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (link handshake): + - Lower the lifetime of the RSA->Ed25519 cross-certificate to six + months, and regenerate it when it is within one month of expiring. + Previously, we had generated this certificate at startup with a + ten-year lifetime, but that could lead to weird behavior when Tor + was started with a grossly inaccurate clock. Mitigates bug 22466; + mitigation on 0.3.0.1-alpha. + + o Minor bugfixes (storage directories): + - Always check for underflows in the cached storage directory usage. + If the usage does underflow, re-calculate it. Also, avoid a + separate underflow when the usage is not known. Fixes bug 22424; + bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (unit tests): + - The unit tests now pass on systems where localhost is misconfigured + to some IPv4 address other than 127.0.0.1. Fixes bug 6298; bugfix + on 0.0.9pre2. + + o Documentation: + - Clarify the manpage for the (deprecated) torify script. Closes + ticket 6892. + +Changes in version 0.3.0.8 - 2017-06-08 + Tor 0.3.0.8 fixes a pair of bugs that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-004 and TROVE-2017-005. + + Tor 0.3.0.8 also includes fixes for several key management bugs + that sometimes made relays unreliable, as well as several other + bugfixes described below. + + o Major bugfixes (hidden service, relay, security, backport + from 0.3.1.3-alpha): + - Fix a remotely triggerable assertion failure when a hidden service + handles a malformed BEGIN cell. Fixes bug 22493, tracked as + TROVE-2017-004 and as CVE-2017-0375; bugfix on 0.3.0.1-alpha. + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Major bugfixes (relay, link handshake, backport from 0.3.1.3-alpha): + - When performing the v3 link handshake on a TLS connection, report + that we have the x509 certificate that we actually used on that + connection, even if we have changed certificates since that + connection was first opened. Previously, we would claim to have + used our most recent x509 link certificate, which would sometimes + make the link handshake fail. Fixes one case of bug 22460; bugfix + on 0.2.3.6-alpha. + + o Major bugfixes (relays, key management, backport from 0.3.1.3-alpha): + - Regenerate link and authentication certificates whenever the key + that signs them changes; also, regenerate link certificates + whenever the signed key changes. Previously, these processes were + only weakly coupled, and we relays could (for minutes to hours) + wind up with an inconsistent set of keys and certificates, which + other relays would not accept. Fixes two cases of bug 22460; + bugfix on 0.3.0.1-alpha. + - When sending an Ed25519 signing->link certificate in a CERTS cell, + send the certificate that matches the x509 certificate that we + used on the TLS connection. Previously, there was a race condition + if the TLS context rotated after we began the TLS handshake but + before we sent the CERTS cell. Fixes a case of bug 22460; bugfix + on 0.3.0.1-alpha. + + o Major bugfixes (hidden service v3, backport from 0.3.1.1-alpha): + - Stop rejecting v3 hidden service descriptors because their size + did not match an old padding rule. Fixes bug 22447; bugfix on + tor-0.3.0.1-alpha. + + o Minor features (fallback directory list, backport from 0.3.1.3-alpha): + - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in + December 2016 (of which ~126 were still functional) with a list of + 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May + 2017. Resolves ticket 21564. + + o Minor bugfixes (configuration, backport from 0.3.1.1-alpha): + - Do not crash when starting with LearnCircuitBuildTimeout 0. Fixes + bug 22252; bugfix on 0.2.9.3-alpha. + + o Minor bugfixes (correctness, backport from 0.3.1.3-alpha): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + + o Minor bugfixes (link handshake, backport from 0.3.1.3-alpha): + - Lower the lifetime of the RSA->Ed25519 cross-certificate to six + months, and regenerate it when it is within one month of expiring. + Previously, we had generated this certificate at startup with a + ten-year lifetime, but that could lead to weird behavior when Tor + was started with a grossly inaccurate clock. Mitigates bug 22466; + mitigation on 0.3.0.1-alpha. + + o Minor bugfixes (memory leak, directory authority, backport from + 0.3.1.2-alpha): + - When directory authorities reject a router descriptor due to + keypinning, free the router descriptor rather than leaking the + memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha. + + +Changes in version 0.2.9.11 - 2017-06-08 + Tor 0.2.9.11 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + Tor 0.2.9.11 also backports fixes for several key management bugs + that sometimes made relays unreliable, as well as several other + bugfixes described below. + + o Major bugfixes (hidden service, relay, security, backport + from 0.3.1.3-alpha): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Major bugfixes (relay, link handshake, backport from 0.3.1.3-alpha): + - When performing the v3 link handshake on a TLS connection, report + that we have the x509 certificate that we actually used on that + connection, even if we have changed certificates since that + connection was first opened. Previously, we would claim to have + used our most recent x509 link certificate, which would sometimes + make the link handshake fail. Fixes one case of bug 22460; bugfix + on 0.2.3.6-alpha. + + o Minor features (fallback directory list, backport from 0.3.1.3-alpha): + - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in + December 2016 (of which ~126 were still functional) with a list of + 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May + 2017. Resolves ticket 21564. + + o Minor features (future-proofing, backport from 0.3.0.7): + - Tor no longer refuses to download microdescriptors or descriptors if + they are listed as "published in the future". This change will + eventually allow us to stop listing meaningful "published" dates + in microdescriptor consensuses, and thereby allow us to reduce the + resources required to download consensus diffs by over 50%. + Implements part of ticket 21642; implements part of proposal 275. + + o Minor features (directory authorities, backport from 0.3.0.4-rc) + - Directory authorities now reject relays running versions + 0.2.9.1-alpha through 0.2.9.4-alpha, because those relays + suffer from bug 20499 and don't keep their consensus cache + up-to-date. Resolves ticket 20509. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (control port, backport from 0.3.0.6): + - The GETINFO extra-info/digest/<digest> command was broken because + of a wrong base16 decode return value check, introduced when + refactoring that API. Fixes bug 22034; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (correctness, backport from 0.3.1.3-alpha): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + + o Minor bugfixes (Linux seccomp2 sandbox, backport from 0.3.0.7): + - The getpid() system call is now permitted under the Linux seccomp2 + sandbox, to avoid crashing with versions of OpenSSL (and other + libraries) that attempt to learn the process's PID by using the + syscall rather than the VDSO code. Fixes bug 21943; bugfix + on 0.2.5.1-alpha. + + o Minor bugfixes (memory leak, directory authority, backport + from 0.3.1.2-alpha): + - When directory authorities reject a router descriptor due to + keypinning, free the router descriptor rather than leaking the + memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha. + +Changes in version 0.2.8.14 - 2017-06-08 + Tor 0.2.7.8 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor features (fallback directory list, backport from 0.3.1.3-alpha): + - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in + December 2016 (of which ~126 were still functional) with a list of + 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May + 2017. Resolves ticket 21564. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + +Changes in version 0.2.7.8 - 2017-06-08 + Tor 0.2.7.8 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + + +Changes in version 0.2.6.12 - 2017-06-08 + Tor 0.2.6.12 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + +Changes in version 0.2.5.14 - 2017-06-08 + Tor 0.2.5.14 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + +Changes in version 0.2.4.29 - 2017-06-08 + Tor 0.2.4.29 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + + +Changes in version 0.3.1.2-alpha - 2017-05-26 + Tor 0.3.1.2-alpha is the second release in the 0.3.1.x series. It + fixes a few bugs found while testing 0.3.1.1-alpha, including a + memory corruption bug that affected relay stability. + + o Major bugfixes (crash, relay): + - Fix a memory-corruption bug in relays that set MyFamily. + Previously, they would double-free MyFamily elements when making + the next descriptor or when changing their configuration. Fixes + bug 22368; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (logging): + - Log a better message when a directory authority replies to an + upload with an unexpected status code. Fixes bug 11121; bugfix + on 0.1.0.1-rc. + + o Minor bugfixes (memory leak, directory authority): + - When directory authorities reject a router descriptor due to + keypinning, free the router descriptor rather than leaking the + memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha. + + +Changes in version 0.3.1.1-alpha - 2017-05-22 + Tor 0.3.1.1-alpha is the first release in the 0.3.1.x series. It + reduces the bandwidth usage for Tor's directory protocol, adds some + basic padding to resist netflow-based traffic analysis and to serve as + the basis of other padding in the future, and adds rust support to the + build system. + + It also contains numerous other small features and improvements to + security, correctness, and performance. + + Below are the changes since 0.3.0.7. + + o Major features (directory protocol): + - Tor relays and authorities can now serve clients an abbreviated + version of the consensus document, containing only the changes + since an older consensus document that the client holds. Clients + now request these documents when available. When both client and + server use this new protocol, they will use far less bandwidth (up + to 94% less) to keep the client's consensus up-to-date. Implements + proposal 140; closes ticket 13339. Based on work by Daniel MartÃ. + - Tor can now compress directory traffic with lzma or with zstd + compression algorithms, which can deliver better bandwidth + performance. Because lzma is computationally expensive, it's only + used for documents that can be compressed once and served many + times. Support for these algorithms requires that tor is built + with the libzstd and/or liblzma libraries available. Implements + proposal 278; closes ticket 21662. + - Relays now perform the more expensive compression operations, and + consensus diff generation, in worker threads. This separation + avoids delaying the main thread when a new consensus arrives. + + o Major features (experimental): + - Tor can now build modules written in Rust. To turn this on, pass + the "--enable-rust" flag to the configure script. It's not time to + get excited yet: currently, there is no actual Rust functionality + beyond some simple glue code, and a notice at startup to tell you + that Rust is running. Still, we hope that programmers and + packagers will try building Tor with Rust support, so that we can + find issues and solve portability problems. Closes ticket 22106. + + o Major features (traffic analysis resistance): + - Connections between clients and relays now send a padding cell in + each direction every 1.5 to 9.5 seconds (tunable via consensus + parameters). This padding will not resist specialized + eavesdroppers, but it should be enough to make many ISPs' routine + network flow logging less useful in traffic analysis against + Tor users. + + Padding is negotiated using Tor's link protocol, so both relays + and clients must upgrade for this to take effect. Clients may + still send padding despite the relay's version by setting + ConnectionPadding 1 in torrc, and may disable padding by setting + ConnectionPadding 0 in torrc. Padding may be minimized for mobile + users with the torrc option ReducedConnectionPadding. Implements + Proposal 251 and Section 2 of Proposal 254; closes ticket 16861. + - Relays will publish 24 hour totals of padding and non-padding cell + counts to their extra-info descriptors, unless PaddingStatistics 0 + is set in torrc. These 24 hour totals are also rounded to + multiples of 10000. + + o Major bugfixes (connection usage): + - We use NETINFO cells to try to determine if both relays involved + in a connection will agree on the canonical status of that + connection. We prefer the connections where this is the case for + extend cells, and try to close connections where relays disagree + on their canonical status early. Also, we now prefer the oldest + valid connection for extend cells. These two changes should reduce + the number of long-term connections that are kept open between + relays. Fixes bug 17604; bugfix on 0.2.5.5-alpha. + - Relays now log hourly statistics (look for + "channel_check_for_duplicates" lines) on the total number of + connections to other relays. If the number of connections per + relay is unexpectedly large, this log message is at notice level. + Otherwise it is at info. + + o Major bugfixes (entry guards): + - Don't block bootstrapping when a primary bridge is offline and we + can't get its descriptor. Fixes bug 22325; fixes one case of bug + 21969; bugfix on 0.3.0.3-alpha. + + o Major bugfixes (linux TPROXY support): + - Fix a typo that had prevented TPROXY-based transparent proxying + from working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha. + Patch from "d4fq0fQAgoJ". + + o Minor features (security, windows): + - Enable a couple of pieces of Windows hardening: one + (HeapEnableTerminationOnCorruption) that has been on-by-default + since Windows 8, and unavailable before Windows 7; and one + (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't + affect us, but shouldn't do any harm. Closes ticket 21953. + + o Minor features (config options): + - Allow "%include" directives in torrc configuration files. These + directives import the settings from other files, or from all the + files in a directory. Closes ticket 1922. Code by Daniel Pinto. + - Make SAVECONF return an error when overwriting a torrc that has + includes. Using SAVECONF with the FORCE option will allow it to + overwrite torrc even if includes are used. Related to ticket 1922. + - Add "GETINFO config-can-saveconf" to tell controllers if SAVECONF + will work without the FORCE option. Related to ticket 1922. + + o Minor features (controller): + - Warn the first time that a controller requests data in the long- + deprecated 'GETINFO network-status' format. Closes ticket 21703. + + o Minor features (defaults): + - The default value for UseCreateFast is now 0: clients which + haven't yet received a consensus document will now use a proper + ntor handshake to talk to their directory servers whenever they + can. Closes ticket 21407. + - Onion key rotation and expiry intervals are now defined as a + network consensus parameter, per proposal 274. The default + lifetime of an onion key is increased from 7 to 28 days. Old onion + keys will expire after 7 days by default. This change will make + consensus diffs much smaller, and save significant bandwidth. + Closes ticket 21641. + + o Minor features (fallback directory list): + - Update the fallback directory mirror whitelist and blacklist based + on operator emails. Closes task 21121. + - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in + December 2016 (of which ~126 were still functional) with a list of + 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May + 2017. Resolves ticket 21564. + + o Minor features (hidden services, logging): + - Log a message when a hidden service descriptor has fewer + introduction points than specified in + HiddenServiceNumIntroductionPoints. Closes tickets 21598. + - Log a message when a hidden service reaches its introduction point + circuit limit, and when that limit is reset. Follow up to ticket + 21594; closes ticket 21622. + - Warn user if multiple entries in EntryNodes and at least one + HiddenService are used together. Pinning EntryNodes along with a + hidden service can be possibly harmful; for instance see ticket + 14917 or 21155. Closes ticket 21155. + + o Minor features (linux seccomp2 sandbox): + - We now have a document storage backend compatible with the Linux + seccomp2 sandbox. This backend is used for consensus documents and + diffs between them; in the long term, we'd like to use it for + unparseable directory material too. Closes ticket 21645 + - Increase the maximum allowed size passed to mprotect(PROT_WRITE) + from 1MB to 16MB. This was necessary with the glibc allocator in + order to allow worker threads to allocate more memory -- which in + turn is necessary because of our new use of worker threads for + compression. Closes ticket 22096. + + o Minor features (logging): + - Log files are no longer created world-readable by default. + (Previously, most distributors would store the logs in a non- + world-readable location to prevent inappropriate access. This + change is an extra precaution.) Closes ticket 21729; patch + from toralf. + + o Minor features (performance): + - Our Keccak (SHA-3) implementation now accesses memory more + efficiently, especially on little-endian systems. Closes + ticket 21737. + - Add an O(1) implementation of channel_find_by_global_id(), to + speed some controller functions. + + o Minor features (relay, configuration): + - The MyFamily option may now be repeated as many times as desired, + for relays that want to configure large families. Closes ticket + 4998; patch by Daniel Pinto. + + o Minor features (safety): + - Add an explicit check to extrainfo_parse_entry_from_string() for + NULL inputs. We don't believe this can actually happen, but it may + help silence a warning from the Clang analyzer. Closes + ticket 21496. + + o Minor features (testing): + - Add a "--disable-memory-sentinels" feature to help with fuzzing. + When Tor is compiled with this option, we disable a number of + redundant memory-safety failsafes that are intended to stop bugs + from becoming security issues. This makes it easier to hunt for + bugs that would be security issues without the failsafes turned + on. Closes ticket 21439. + - Add a general event-tracing instrumentation support to Tor. This + subsystem will enable developers and researchers to add fine- + grained instrumentation to their Tor instances, for use when + examining Tor network performance issues. There are no trace + events yet, and event-tracing is off by default unless enabled at + compile time. Implements ticket 13802. + - Improve our version parsing tests: add tests for typical version + components, add tests for invalid versions, including numeric + range and non-numeric prefixes. Unit tests 21278, 21450, and + 21507. Partially implements 21470. + + o Minor bugfixes (bandwidth accounting): + - Roll over monthly accounting at the configured hour and minute, + rather than always at 00:00. Fixes bug 22245; bugfix on 0.0.9rc1. + Found by Andrey Karpov with PVS-Studio. + + o Minor bugfixes (code correctness): + - Accurately identify client connections by their lack of peer + authentication. This means that we bail out earlier if asked to + extend to a client. Follow-up to 21407. Fixes bug 21406; bugfix + on 0.2.4.23. + + o Minor bugfixes (configuration): + - Do not crash when starting with LearnCircuitBuildTimeout 0. Fixes + bug 22252; bugfix on 0.2.9.3-alpha. + + o Minor bugfixes (connection lifespan): + - Allow more control over how long TLS connections are kept open: + unify CircuitIdleTimeout and PredictedPortsRelevanceTime into a + single option called CircuitsAvailableTimeout. Also, allow the + consensus to control the default values for both this preference + and the lifespan of relay-to-relay connections. Fixes bug 17592; + bugfix on 0.2.5.5-alpha. + - Increase the initial circuit build timeout testing frequency, to + help ensure that ReducedConnectionPadding clients finish learning + a timeout before their orconn would expire. The initial testing + rate was set back in the days of TAP and before the Tor Browser + updater, when we had to be much more careful about new clients + making lots of circuits. With this change, a circuit build timeout + is learned in about 15-20 minutes, instead of 100-120 minutes. + + o Minor bugfixes (controller): + - GETINFO onions/current and onions/detached no longer respond with + 551 on empty lists. Fixes bug 21329; bugfix on 0.2.7.1-alpha. + - Trigger HS descriptor events on the control port when the client + fails to pick a hidden service directory for a hidden service. + This can happen if all the hidden service directories are in + ExcludeNodes, or they have all been queried within the last 15 + minutes. Fixes bug 22042; bugfix on 0.2.5.2-alpha. + + o Minor bugfixes (directory authority): + - When rejecting a router descriptor for running an obsolete version + of Tor without ntor support, warn about the obsolete tor version, + not the missing ntor key. Fixes bug 20270; bugfix on 0.2.9.3-alpha. + - Prevent the shared randomness subsystem from asserting when + initialized by a bridge authority with an incomplete configuration + file. Fixes bug 21586; bugfix on 0.2.9.8. + + o Minor bugfixes (exit-side DNS): + - Fix an untriggerable assertion that checked the output of a + libevent DNS error, so that the assertion actually behaves as + expected. Fixes bug 22244; bugfix on 0.2.0.20-rc. Found by Andrey + Karpov using PVS-Studio. + + o Minor bugfixes (fallback directories): + - Make the usage example in updateFallbackDirs.py actually work, and + explain what it does. Fixes bug 22270; bugfix on 0.3.0.3-alpha. + - Decrease the guard flag average required to be a fallback. This + allows us to keep relays that have their guard flag removed when + they restart. Fixes bug 20913; bugfix on 0.2.8.1-alpha. + - Decrease the minimum number of fallbacks to 100. Fixes bug 20913; + bugfix on 0.2.8.1-alpha. + - Make sure fallback directory mirrors have the same address, port, + and relay identity key for at least 30 days before they are + selected. Fixes bug 20913; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (hidden services): + - Stop printing a cryptic warning when a hidden service gets a + request to connect to a virtual port that it hasn't configured. + Fixes bug 16706; bugfix on 0.2.6.3-alpha. + - Simplify hidden service descriptor creation by using an existing + flag to check if an introduction point is established. Fixes bug + 21599; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (memory leak): + - Fix a small memory leak at exit from the backtrace handler code. + Fixes bug 21788; bugfix on 0.2.5.2-alpha. Patch from Daniel Pinto. + + o Minor bugfixes (protocol, logging): + - Downgrade a log statement about unexpected relay cells from "bug" + to "protocol warning", because there is at least one use case + where it can be triggered by a buggy tor implementation. Fixes bug + 21293; bugfix on 0.1.1.14-alpha. + + o Minor bugfixes (testing): + - Use unbuffered I/O for utility functions around the + process_handle_t type. This fixes unit test failures reported on + OpenBSD and FreeBSD. Fixes bug 21654; bugfix on 0.2.3.1-alpha. + - Make display of captured unit test log messages consistent. Fixes + bug 21510; bugfix on 0.2.9.3-alpha. + - Make test-network.sh always call chutney's test-network.sh. + Previously, this only worked on systems which had bash installed, + due to some bash-specific code in the script. Fixes bug 19699; + bugfix on 0.3.0.4-rc. Follow-up to ticket 21581. + + o Minor bugfixes (voting consistency): + - Reject version numbers with non-numeric prefixes (such as +, -, or + whitespace). Disallowing whitespace prevents differential version + parsing between POSIX-based and Windows platforms. Fixes bug 21507 + and part of 21508; bugfix on 0.0.8pre1. + + o Minor bugfixes (windows, relay): + - Resolve "Failure from drain_fd: No error" warnings on Windows + relays. Fixes bug 21540; bugfix on 0.2.6.3-alpha. + + o Code simplification and refactoring: + - Break up the 630-line function connection_dir_client_reached_eof() + into a dozen smaller functions. This change should help + maintainability and readability of the client directory code. + - Isolate our use of the openssl headers so that they are only + included from our crypto wrapper modules, and from tests that + examine those modules' internals. Closes ticket 21841. + - Simplify our API to launch directory requests, making it more + extensible and less error-prone. Now it's easier to add extra + headers to directory requests. Closes ticket 21646. + - Our base64 decoding functions no longer overestimate the output + space that they need when parsing unpadded inputs. Closes + ticket 17868. + - Remove unused "ROUTER_ADDED_NOTIFY_GENERATOR" internal value. + Resolves ticket 22213. + - The logic that directory caches use to spool request to clients, + serving them one part at a time so as not to allocate too much + memory, has been refactored for consistency. Previously there was + a separate spooling implementation per type of spoolable data. Now + there is one common spooling implementation, with extensible data + types. Closes ticket 21651. + - Tor's compression module now supports multiple backends. Part of + the implementation for proposal 278; closes ticket 21663. + + o Documentation: + - Clarify the behavior of the KeepAliveIsolateSOCKSAuth sub-option. + Closes ticket 21873. + - Correct documentation about the default DataDirectory value. + Closes ticket 21151. + - Document the default behavior of NumEntryGuards and + NumDirectoryGuards correctly. Fixes bug 21715; bugfix + on 0.3.0.1-alpha. + - Document key=value pluggable transport arguments for Bridge lines + in torrc. Fixes bug 20341; bugfix on 0.2.5.1-alpha. + - Note that bandwidth-limiting options don't affect TCP headers or + DNS. Closes ticket 17170. + + o Removed features (configuration options, all in ticket 22060): + - These configuration options are now marked Obsolete, and no longer + have any effect: AllowInvalidNodes, AllowSingleHopCircuits, + AllowSingleHopExits, ExcludeSingleHopRelays, FastFirstHopPK, + TLSECGroup, WarnUnsafeSocks. They were first marked as deprecated + in 0.2.9.2-alpha and have now been removed. The previous default + behavior is now always chosen; the previous (less secure) non- + default behavior is now unavailable. + - CloseHSClientCircuitsImmediatelyOnTimeout and + CloseHSServiceRendCircuitsImmediatelyOnTimeout were deprecated in + 0.2.9.2-alpha and now have been removed. HS circuits never close + on circuit build timeout; they have a longer timeout period. + - {Control,DNS,Dir,Socks,Trans,NATD,OR}ListenAddress were deprecated + in 0.2.9.2-alpha and now have been removed. Use the ORPort option + (and others) to configure listen-only and advertise-only addresses. + + o Removed features (tools): + - We've removed the tor-checkkey tool from src/tools. Long ago, we + used it to help people detect RSA keys that were generated by + versions of Debian affected by CVE-2008-0166. But those keys have + been out of circulation for ages, and this tool is no longer + required. Closes ticket 21842. + + +Changes in version 0.3.0.7 - 2017-05-15 + Tor 0.3.0.7 fixes a medium-severity security bug in earlier versions + of Tor 0.3.0.x, where an attacker could cause a Tor relay process + to exit. Relays running earlier versions of Tor 0.3.0.x should upgrade; + clients are not affected. + + o Major bugfixes (hidden service directory, security): + - Fix an assertion failure in the hidden service directory code, which + could be used by an attacker to remotely cause a Tor relay process to + exit. Relays running earlier versions of Tor 0.3.0.x should upgrade. + should upgrade. This security issue is tracked as TROVE-2017-002. + Fixes bug 22246; bugfix on 0.3.0.1-alpha. + + o Minor features: + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor features (future-proofing): + - Tor no longer refuses to download microdescriptors or descriptors + if they are listed as "published in the future". This change will + eventually allow us to stop listing meaningful "published" dates + in microdescriptor consensuses, and thereby allow us to reduce the + resources required to download consensus diffs by over 50%. + Implements part of ticket 21642; implements part of proposal 275. + + o Minor bugfixes (Linux seccomp2 sandbox): + - The getpid() system call is now permitted under the Linux seccomp2 + sandbox, to avoid crashing with versions of OpenSSL (and other + libraries) that attempt to learn the process's PID by using the + syscall rather than the VDSO code. Fixes bug 21943; bugfix + on 0.2.5.1-alpha. + + +Changes in version 0.3.0.6 - 2017-04-26 + Tor 0.3.0.6 is the first stable release of the Tor 0.3.0 series. + + With the 0.3.0 series, clients and relays now use Ed25519 keys to + authenticate their link connections to relays, rather than the old + RSA1024 keys that they used before. (Circuit crypto has been + Curve25519-authenticated since 0.2.4.8-alpha.) We have also replaced + the guard selection and replacement algorithm to behave more robustly + in the presence of unreliable networks, and to resist guard- + capture attacks. + + This series also includes numerous other small features and bugfixes, + along with more groundwork for the upcoming hidden-services revamp. + + Per our stable release policy, we plan to support the Tor 0.3.0 + release series for at least the next nine months, or for three months + after the first stable release of the 0.3.1 series: whichever is + longer. If you need a release with long-term support, we recommend + that you stay with the 0.2.9 series. + + Below are the changes since 0.3.0.5-rc. For a list of all changes + since 0.2.9, see the ReleaseNotes file. + + o Minor features (geoip): + - Update geoip and geoip6 to the April 4 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (control port): + - The GETINFO extra-info/digest/<digest> command was broken because + of a wrong base16 decode return value check, introduced when + refactoring that API. Fixes bug 22034; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (crash prevention): + - Fix a (currently untriggerable, but potentially dangerous) crash + bug when base32-encoding inputs whose sizes are not a multiple of + 5. Fixes bug 21894; bugfix on 0.2.9.1-alpha. + + +Changes in version 0.3.0.5-rc - 2017-04-05 + Tor 0.3.0.5-rc fixes a few remaining bugs, large and small, in the + 0.3.0 release series. + + This is the second release candidate in the Tor 0.3.0 series, and has + much fewer changes than the first. If we find no new bugs or + regressions here, the first stable 0.3.0 release will be nearly + identical to it. + + o Major bugfixes (crash, directory connections): + - Fix a rare crash when sending a begin cell on a circuit whose + linked directory connection had already been closed. Fixes bug + 21576; bugfix on 0.2.9.3-alpha. Reported by Alec Muffett. + + o Major bugfixes (guard selection): + - Fix a guard selection bug where Tor would refuse to bootstrap in + some cases if the user swapped a bridge for another bridge in + their configuration file. Fixes bug 21771; bugfix on 0.3.0.1-alpha. + Reported by "torvlnt33r". + + o Minor features (geoip): + - Update geoip and geoip6 to the March 7 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfix (compilation): + - Fix a warning when compiling hs_service.c. Previously, it had no + exported symbols when compiled for libor.a, resulting in a + compilation warning from clang. Fixes bug 21825; bugfix + on 0.3.0.1-alpha. + + o Minor bugfixes (hidden services): + - Make hidden services check for failed intro point connections, + even when they have exceeded their intro point creation limit. + Fixes bug 21596; bugfix on 0.2.7.2-alpha. Reported by Alec Muffett. + - Make hidden services with 8 to 10 introduction points check for + failed circuits immediately after startup. Previously, they would + wait for 5 minutes before performing their first checks. Fixes bug + 21594; bugfix on 0.2.3.9-alpha. Reported by Alec Muffett. + + o Minor bugfixes (memory leaks): + - Fix a memory leak when using GETCONF on a port option. Fixes bug + 21682; bugfix on 0.3.0.3-alpha. + + o Minor bugfixes (relay): + - Avoid a double-marked-circuit warning that could happen when we + receive DESTROY cells under heavy load. Fixes bug 20059; bugfix + on 0.1.0.1-rc. + + o Minor bugfixes (tests): + - Run the entry_guard_parse_from_state_full() test with the time set + to a specific date. (The guard state that this test was parsing + contained guards that had expired since the test was first + written.) Fixes bug 21799; bugfix on 0.3.0.1-alpha. + + o Documentation: + - Update the description of the directory server options in the + manual page, to clarify that a relay no longer needs to set + DirPort in order to be a directory cache. Closes ticket 21720. + + + +Changes in version 0.2.8.13 - 2017-03-03 + Tor 0.2.8.13 backports a security fix from later Tor + releases. Anybody running Tor 0.2.8.12 or earlier should upgrade to this + this release, if for some reason they cannot upgrade to a later + release series, and if they build Tor with the --enable-expensive-hardening + option. + + Note that support for Tor 0.2.8.x is ending next year: we will not issue + any fixes for the Tor 0.2.8.x series after 1 Jan 2018. If you need + a Tor release series with longer-term support, we recommend Tor 0.2.9.x. + + o Major bugfixes (parsing, backported from 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + +Changes in version 0.2.7.7 - 2017-03-03 + Tor 0.2.7.7 backports a number of security fixes from later Tor + releases. Anybody running Tor 0.2.7.6 or earlier should upgrade to + this release, if for some reason they cannot upgrade to a later + release series. + + Note that support for Tor 0.2.7.x is ending this year: we will not issue + any fixes for the Tor 0.2.7.x series after 1 August 2017. If you need + a Tor release series with longer-term support, we recommend Tor 0.2.9.x. + + o Directory authority changes (backport from 0.2.8.5-rc): + - Urras is no longer a directory authority. Closes ticket 19271. + + o Directory authority changes (backport from 0.2.9.2-alpha): + - The "Tonga" bridge authority has been retired; the new bridge + authority is "Bifroest". Closes tickets 19728 and 19690. + + o Directory authority key updates (backport from 0.2.8.1-alpha): + - Update the V3 identity key for the dannenberg directory authority: + it was changed on 18 November 2015. Closes task 17906. Patch + by "teor". + + o Major bugfixes (parsing, security, backport from 0.2.9.8): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha): + - Stop a crash that could occur when a client running with DNSPort + received a query with multiple address types, and the first + address type was not supported. Found and fixed by Scott Dial. + Fixes bug 18710; bugfix on 0.2.5.4-alpha. + - Prevent a class of security bugs caused by treating the contents + of a buffer chunk as if they were a NUL-terminated string. At + least one such bug seems to be present in all currently used + versions of Tor, and would allow an attacker to remotely crash + most Tor instances, especially those compiled with extra compiler + hardening. With this defense in place, such bugs can't crash Tor, + though we should still fix them as they occur. Closes ticket + 20384 (TROVE-2016-10-001). + + o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha): + - Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug 18162; + bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely. + Reported by Guido Vranken. + + o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha): + - Avoid crashing when running as a DNS proxy. Fixes bug 16248; + bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". + + o Major bugfixes (key management, backport from 0.2.8.3-alpha): + - If OpenSSL fails to generate an RSA key, do not retain a dangling + pointer to the previous (uninitialized) key value. The impact here + should be limited to a difficult-to-trigger crash, if OpenSSL is + running an engine that makes key generation failures possible, or + if OpenSSL runs out of memory. Fixes bug 19152; bugfix on + 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and + Baishakhi Ray. + + o Major bugfixes (parsing, backported from 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (security, memory erasure, backport from 0.2.8.1-alpha): + - Make memwipe() do nothing when passed a NULL pointer or buffer of + zero size. Check size argument to memwipe() for underflow. Fixes + bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", + patch by "teor". + + o Minor features (bug-resistance, backport from 0.2.8.2-alpha): + - Make Tor survive errors involving connections without a + corresponding event object. Previously we'd fail with an + assertion; now we produce a log message. Related to bug 16248. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + +Changes in version 0.2.6.11 - 2017-03-03 + Tor 0.2.6.11 backports a number of security fixes from later Tor + releases. Anybody running Tor 0.2.6.10 or earlier should upgrade to + this release, if for some reason they cannot upgrade to a later + release series. + + Note that support for Tor 0.2.6.x is ending this year: we will not issue + any fixes for the Tor 0.2.6.x series after 1 August 2017. If you need + a Tor release series with longer-term support, we recommend Tor 0.2.9.x. + + o Directory authority changes (backport from 0.2.8.5-rc): + - Urras is no longer a directory authority. Closes ticket 19271. + + o Directory authority changes (backport from 0.2.9.2-alpha): + - The "Tonga" bridge authority has been retired; the new bridge + authority is "Bifroest". Closes tickets 19728 and 19690. + + o Directory authority key updates (backport from 0.2.8.1-alpha): + - Update the V3 identity key for the dannenberg directory authority: + it was changed on 18 November 2015. Closes task 17906. Patch + by "teor". + + o Major features (security fixes, backport from 0.2.9.4-alpha): + - Prevent a class of security bugs caused by treating the contents + of a buffer chunk as if they were a NUL-terminated string. At + least one such bug seems to be present in all currently used + versions of Tor, and would allow an attacker to remotely crash + most Tor instances, especially those compiled with extra compiler + hardening. With this defense in place, such bugs can't crash Tor, + though we should still fix them as they occur. Closes ticket + 20384 (TROVE-2016-10-001). + + o Major bugfixes (parsing, security, backport from 0.2.9.8): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha): + - Stop a crash that could occur when a client running with DNSPort + received a query with multiple address types, and the first + address type was not supported. Found and fixed by Scott Dial. + Fixes bug 18710; bugfix on 0.2.5.4-alpha. + + o Major bugfixes (security, correctness, backport from 0.2.7.4-rc): + - Fix an error that could cause us to read 4 bytes before the + beginning of an openssl string. This bug could be used to cause + Tor to crash on systems with unusual malloc implementations, or + systems with unusual hardening installed. Fixes bug 17404; bugfix + on 0.2.3.6-alpha. + + o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha): + - Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug 18162; + bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely. + Reported by Guido Vranken. + + o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha): + - Avoid crashing when running as a DNS proxy. Fixes bug 16248; + bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". + + o Major bugfixes (guard selection, backport from 0.2.7.6): + - Actually look at the Guard flag when selecting a new directory + guard. When we implemented the directory guard design, we + accidentally started treating all relays as if they have the Guard + flag during guard selection, leading to weaker anonymity and worse + performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered + by Mohsen Imani. + + o Major bugfixes (key management, backport from 0.2.8.3-alpha): + - If OpenSSL fails to generate an RSA key, do not retain a dangling + pointer to the previous (uninitialized) key value. The impact here + should be limited to a difficult-to-trigger crash, if OpenSSL is + running an engine that makes key generation failures possible, or + if OpenSSL runs out of memory. Fixes bug 19152; bugfix on + 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and + Baishakhi Ray. + + o Major bugfixes (parsing, backported from 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (security, memory erasure, backport from 0.2.8.1-alpha): + - Make memwipe() do nothing when passed a NULL pointer or buffer of + zero size. Check size argument to memwipe() for underflow. Fixes + bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", + patch by "teor". + + o Minor features (bug-resistance, backport from 0.2.8.2-alpha): + - Make Tor survive errors involving connections without a + corresponding event object. Previously we'd fail with an + assertion; now we produce a log message. Related to bug 16248. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation, backport from 0.2.7.6): + - Fix a compilation warning with Clang 3.6: Do not check the + presence of an address which can never be NULL. Fixes bug 17781. + + +Changes in version 0.2.5.13 - 2017-03-03 + Tor 0.2.5.13 backports a number of security fixes from later Tor + releases. Anybody running Tor 0.2.5.13 or earlier should upgrade to + this release, if for some reason they cannot upgrade to a later + release series. + + Note that support for Tor 0.2.5.x is ending next year: we will not issue + any fixes for the Tor 0.2.5.x series after 1 May 2018. If you need + a Tor release series with longer-term support, we recommend Tor 0.2.9.x. + + o Directory authority changes (backport from 0.2.8.5-rc): + - Urras is no longer a directory authority. Closes ticket 19271. + + o Directory authority changes (backport from 0.2.9.2-alpha): + - The "Tonga" bridge authority has been retired; the new bridge + authority is "Bifroest". Closes tickets 19728 and 19690. + + o Directory authority key updates (backport from 0.2.8.1-alpha): + - Update the V3 identity key for the dannenberg directory authority: + it was changed on 18 November 2015. Closes task 17906. Patch + by "teor". + + o Major features (security fixes, backport from 0.2.9.4-alpha): + - Prevent a class of security bugs caused by treating the contents + of a buffer chunk as if they were a NUL-terminated string. At + least one such bug seems to be present in all currently used + versions of Tor, and would allow an attacker to remotely crash + most Tor instances, especially those compiled with extra compiler + hardening. With this defense in place, such bugs can't crash Tor, + though we should still fix them as they occur. Closes ticket + 20384 (TROVE-2016-10-001). + + o Major bugfixes (parsing, security, backport from 0.2.9.8): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha): + - Stop a crash that could occur when a client running with DNSPort + received a query with multiple address types, and the first + address type was not supported. Found and fixed by Scott Dial. + Fixes bug 18710; bugfix on 0.2.5.4-alpha. + + o Major bugfixes (security, correctness, backport from 0.2.7.4-rc): + - Fix an error that could cause us to read 4 bytes before the + beginning of an openssl string. This bug could be used to cause + Tor to crash on systems with unusual malloc implementations, or + systems with unusual hardening installed. Fixes bug 17404; bugfix + on 0.2.3.6-alpha. + + o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha): + - Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug 18162; + bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely. + Reported by Guido Vranken. + + o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha): + - Avoid crashing when running as a DNS proxy. Fixes bug 16248; + bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". + + o Major bugfixes (guard selection, backport from 0.2.7.6): + - Actually look at the Guard flag when selecting a new directory + guard. When we implemented the directory guard design, we + accidentally started treating all relays as if they have the Guard + flag during guard selection, leading to weaker anonymity and worse + performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered + by Mohsen Imani. + + o Major bugfixes (key management, backport from 0.2.8.3-alpha): + - If OpenSSL fails to generate an RSA key, do not retain a dangling + pointer to the previous (uninitialized) key value. The impact here + should be limited to a difficult-to-trigger crash, if OpenSSL is + running an engine that makes key generation failures possible, or + if OpenSSL runs out of memory. Fixes bug 19152; bugfix on + 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and + Baishakhi Ray. + + o Major bugfixes (parsing, backported from 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (security, memory erasure, backport from 0.2.8.1-alpha): + - Make memwipe() do nothing when passed a NULL pointer or buffer of + zero size. Check size argument to memwipe() for underflow. Fixes + bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", + patch by "teor". + + o Minor features (bug-resistance, backport from 0.2.8.2-alpha): + - Make Tor survive errors involving connections without a + corresponding event object. Previously we'd fail with an + assertion; now we produce a log message. Related to bug 16248. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation, backport from 0.2.7.6): + - Fix a compilation warning with Clang 3.6: Do not check the + presence of an address which can never be NULL. Fixes bug 17781. + + o Minor bugfixes (crypto error-handling, backport from 0.2.7.2-alpha): + - Check for failures from crypto_early_init, and refuse to continue. + A previous typo meant that we could keep going with an + uninitialized crypto library, and would have OpenSSL initialize + its own PRNG. Fixes bug 16360; bugfix on 0.2.5.2-alpha, introduced + when implementing ticket 4900. Patch by "teor". + + o Minor bugfixes (hidden service, backport from 0.2.7.1-alpha): + - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on + a client authorized hidden service. Fixes bug 15823; bugfix + on 0.2.1.6-alpha. + + +Changes in version 0.2.4.28 - 2017-03-03 + Tor 0.2.4.28 backports a number of security fixes from later Tor + releases. Anybody running Tor 0.2.4.27 or earlier should upgrade to + this release, if for some reason they cannot upgrade to a later + release series. + + Note that support for Tor 0.2.4.x is ending soon: we will not issue + any fixes for the Tor 0.2.4.x series after 1 August 2017. If you need + a Tor release series with long-term support, we recommend Tor 0.2.9.x. + + o Directory authority changes (backport from 0.2.8.5-rc): + - Urras is no longer a directory authority. Closes ticket 19271. + + o Directory authority changes (backport from 0.2.9.2-alpha): + - The "Tonga" bridge authority has been retired; the new bridge + authority is "Bifroest". Closes tickets 19728 and 19690. + + o Directory authority key updates (backport from 0.2.8.1-alpha): + - Update the V3 identity key for the dannenberg directory authority: + it was changed on 18 November 2015. Closes task 17906. Patch + by "teor". + + o Major features (security fixes, backport from 0.2.9.4-alpha): + - Prevent a class of security bugs caused by treating the contents + of a buffer chunk as if they were a NUL-terminated string. At + least one such bug seems to be present in all currently used + versions of Tor, and would allow an attacker to remotely crash + most Tor instances, especially those compiled with extra compiler + hardening. With this defense in place, such bugs can't crash Tor, + though we should still fix them as they occur. Closes ticket + 20384 (TROVE-2016-10-001). + + o Major bugfixes (parsing, security, backport from 0.2.9.8): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Major bugfixes (security, correctness, backport from 0.2.7.4-rc): + - Fix an error that could cause us to read 4 bytes before the + beginning of an openssl string. This bug could be used to cause + Tor to crash on systems with unusual malloc implementations, or + systems with unusual hardening installed. Fixes bug 17404; bugfix + on 0.2.3.6-alpha. + + o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha): + - Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug 18162; + bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely. + Reported by Guido Vranken. + + o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha): + - Avoid crashing when running as a DNS proxy. Fixes bug 16248; + bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". + + o Major bugfixes (guard selection, backport from 0.2.7.6): + - Actually look at the Guard flag when selecting a new directory + guard. When we implemented the directory guard design, we + accidentally started treating all relays as if they have the Guard + flag during guard selection, leading to weaker anonymity and worse + performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered + by Mohsen Imani. + + o Major bugfixes (key management, backport from 0.2.8.3-alpha): + - If OpenSSL fails to generate an RSA key, do not retain a dangling + pointer to the previous (uninitialized) key value. The impact here + should be limited to a difficult-to-trigger crash, if OpenSSL is + running an engine that makes key generation failures possible, or + if OpenSSL runs out of memory. Fixes bug 19152; bugfix on + 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and + Baishakhi Ray. + + o Major bugfixes (parsing, backported from 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (security, memory erasure, backport from 0.2.8.1-alpha): + - Make memwipe() do nothing when passed a NULL pointer or buffer of + zero size. Check size argument to memwipe() for underflow. Fixes + bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", + patch by "teor". + + o Minor features (bug-resistance, backport from 0.2.8.2-alpha): + - Make Tor survive errors involving connections without a + corresponding event object. Previously we'd fail with an + assertion; now we produce a log message. Related to bug 16248. + + o Minor features (DoS-resistance, backport from 0.2.7.1-alpha): + - Make it harder for attackers to overload hidden services with + introductions, by blocking multiple introduction requests on the + same circuit. Resolves ticket 15515. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation, backport from 0.2.7.6): + - Fix a compilation warning with Clang 3.6: Do not check the + presence of an address which can never be NULL. Fixes bug 17781. + + o Minor bugfixes (hidden service, backport from 0.2.7.1-alpha): + - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on + a client authorized hidden service. Fixes bug 15823; bugfix + on 0.2.1.6-alpha. + + +Changes in version 0.3.0.4-rc - 2017-03-01 + Tor 0.3.0.4-rc fixes some remaining bugs, large and small, in the + 0.3.0 release series, and introduces a few reliability features to + keep them from coming back. + + This is the first release candidate in the Tor 0.3.0 series. If we + find no new bugs or regressions here, the first stable 0.3.0 release + will be nearly identical to it. + + o Major bugfixes (bridges): + - When the same bridge is configured multiple times with the same + identity, but at different address:port combinations, treat those + bridge instances as separate guards. This fix restores the ability + of clients to configure the same bridge with multiple pluggable + transports. Fixes bug 21027; bugfix on 0.3.0.1-alpha. + + o Major bugfixes (hidden service directory v3): + - Stop crashing on a failed v3 hidden service descriptor lookup + failure. Fixes bug 21471; bugfixes on tor-0.3.0.1-alpha. + + o Major bugfixes (parsing): + - When parsing a malformed content-length field from an HTTP + message, do not read off the end of the buffer. This bug was a + potential remote denial-of-service attack against Tor clients and + relays. A workaround was released in October 2016, to prevent this + bug from crashing Tor. This is a fix for the underlying issue, + which should no longer matter (if you applied the earlier patch). + Fixes bug 20894; bugfix on 0.2.0.16-alpha. Bug found by fuzzing + using AFL (http://lcamtuf.coredump.cx/afl/). + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor feature (protocol versioning): + - Add new protocol version for proposal 224. HSIntro now advertises + version "3-4" and HSDir version "1-2". Fixes ticket 20656. + + o Minor features (directory authorities): + - Directory authorities now reject descriptors that claim to be + malformed versions of Tor. Helps prevent exploitation of + bug 21278. + - Reject version numbers with components that exceed INT32_MAX. + Otherwise 32-bit and 64-bit platforms would behave inconsistently. + Fixes bug 21450; bugfix on 0.0.8pre1. + - Directory authorities now reject relays running versions + 0.2.9.1-alpha through 0.2.9.4-alpha, because those relays + suffer from bug 20499 and don't keep their consensus cache + up-to-date. Resolves ticket 20509. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + o Minor features (reliability, crash): + - Try better to detect problems in buffers where they might grow (or + think they have grown) over 2 GB in size. Diagnostic for + bug 21369. + + o Minor features (testing): + - During 'make test-network-all', if tor logs any warnings, ask + chutney to output them. Requires a recent version of chutney with + the 21572 patch. Implements 21570. + + o Minor bugfixes (certificate expiration time): + - Avoid using link certificates that don't become valid till some + time in the future. Fixes bug 21420; bugfix on 0.2.4.11-alpha + + o Minor bugfixes (code correctness): + - Repair a couple of (unreachable or harmless) cases of the risky + comparison-by-subtraction pattern that caused bug 21278. + - Remove a redundant check for the UseEntryGuards option from the + options_transition_affects_guards() function. Fixes bug 21492; + bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (directory mirrors): + - Allow relays to use directory mirrors without a DirPort: these + relays need to be contacted over their ORPorts using a begindir + connection. Fixes one case of bug 20711; bugfix on 0.2.8.2-alpha. + - Clarify the message logged when a remote relay is unexpectedly + missing an ORPort or DirPort: users were confusing this with a + local port. Fixes another case of bug 20711; bugfix + on 0.2.8.2-alpha. + + o Minor bugfixes (guards): + - Don't warn about a missing guard state on timeout-measurement + circuits: they aren't supposed to be using guards. Fixes an + instance of bug 21007; bugfix on 0.3.0.1-alpha. + - Silence a BUG() warning when attempting to use a guard whose + descriptor we don't know, and make this scenario less likely to + happen. Fixes bug 21415; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (hidden service): + - Pass correct buffer length when encoding legacy ESTABLISH_INTRO + cells. Previously, we were using sizeof() on a pointer, instead of + the real destination buffer. Fortunately, that value was only used + to double-check that there was enough room--which was already + enforced elsewhere. Fixes bug 21553; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (testing): + - Fix Raspbian build issues related to missing socket errno in + test_util.c. Fixes bug 21116; bugfix on tor-0.2.8.2. Patch + by "hein". + - Rename "make fuzz" to "make test-fuzz-corpora", since it doesn't + actually fuzz anything. Fixes bug 21447; bugfix on 0.3.0.3-alpha. + - Use bash in src/test/test-network.sh. This ensures we reliably + call chutney's newer tools/test-network.sh when available. Fixes + bug 21562; bugfix on 0.2.9.1-alpha. + + o Documentation: + - Small fixes to the fuzzing documentation. Closes ticket 21472. + + +Changes in version 0.2.9.10 - 2017-03-01 + Tor 0.2.9.10 backports a security fix from later Tor release. It also + includes fixes for some major issues affecting directory authorities, + LibreSSL compatibility, and IPv6 correctness. + + The Tor 0.2.9.x release series is now marked as a long-term-support + series. We intend to backport security fixes to 0.2.9.x until at + least January of 2020. + + o Major bugfixes (directory authority, 0.3.0.3-alpha): + - During voting, when marking a relay as a probable sybil, do not + clear its BadExit flag: sybils can still be bad in other ways + too. (We still clear the other flags.) Fixes bug 21108; bugfix + on 0.2.0.13-alpha. + + o Major bugfixes (IPv6 Exits, backport from 0.3.0.3-alpha): + - Stop rejecting all IPv6 traffic on Exits whose exit policy rejects + any IPv6 addresses. Instead, only reject a port over IPv6 if the + exit policy rejects that port on more than an IPv6 /16 of + addresses. This bug was made worse by 17027 in 0.2.8.1-alpha, + which rejected a relay's own IPv6 address by default. Fixes bug + 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha. + + o Major bugfixes (parsing, also in 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (directory authorities, also in 0.3.0.4-rc): + - Directory authorities now reject descriptors that claim to be + malformed versions of Tor. Helps prevent exploitation of + bug 21278. + - Reject version numbers with components that exceed INT32_MAX. + Otherwise 32-bit and 64-bit platforms would behave inconsistently. + Fixes bug 21450; bugfix on 0.0.8pre1. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + o Minor features (portability, compilation, backport from 0.3.0.3-alpha): + - Autoconf now checks to determine if OpenSSL structures are opaque, + instead of explicitly checking for OpenSSL version numbers. Part + of ticket 21359. + - Support building with recent LibreSSL code that uses opaque + structures. Closes ticket 21359. + + o Minor bugfixes (code correctness, also in 0.3.0.4-rc): + - Repair a couple of (unreachable or harmless) cases of the risky + comparison-by-subtraction pattern that caused bug 21278. + + o Minor bugfixes (tor-resolve, backport from 0.3.0.3-alpha): + - The tor-resolve command line tool now rejects hostnames over 255 + characters in length. Previously, it would silently truncate them, + which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5. + Patch by "junglefowl". + + +Changes in version 0.3.0.3-alpha - 2017-02-03 + Tor 0.3.0.3-alpha fixes a few significant bugs introduced over the + 0.3.0.x development series, including some that could cause + authorities to behave badly. There is also a fix for a longstanding + bug that could prevent IPv6 exits from working. Tor 0.3.0.3-alpha also + includes some smaller features and bugfixes. + + The Tor 0.3.0.x release series is now in patch-freeze: no additional + features will be considered for inclusion in 0.3.0.x. We suspect that + some bugs will probably remain, however, and we encourage people to + test this release. + + o Major bugfixes (directory authority): + - During voting, when marking a relay as a probable sybil, do not + clear its BadExit flag: sybils can still be bad in other ways + too. (We still clear the other flags.) Fixes bug 21108; bugfix + on 0.2.0.13-alpha. + - When deciding whether we have just found a router to be reachable, + do not penalize it for not having performed an Ed25519 link + handshake if it does not claim to support an Ed25519 handshake. + Previously, we would treat such relays as non-running. Fixes bug + 21107; bugfix on 0.3.0.1-alpha. + + o Major bugfixes (entry guards): + - Stop trying to build circuits through entry guards for which we + have no descriptor. Also, stop crashing in the case that we *do* + accidentally try to build a circuit in such a state. Fixes bug + 21242; bugfix on 0.3.0.1-alpha. + + o Major bugfixes (IPv6 Exits): + - Stop rejecting all IPv6 traffic on Exits whose exit policy rejects + any IPv6 addresses. Instead, only reject a port over IPv6 if the + exit policy rejects that port on more than an IPv6 /16 of + addresses. This bug was made worse by 17027 in 0.2.8.1-alpha, + which rejected a relay's own IPv6 address by default. Fixes bug + 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha. + + o Minor feature (client): + - Enable IPv6 traffic on the SocksPort by default. To disable this, + a user will have to specify "NoIPv6Traffic". Closes ticket 21269. + + o Minor feature (fallback scripts): + - Add a check_existing mode to updateFallbackDirs.py, which checks + if fallbacks in the hard-coded list are working. Closes ticket + 20174. Patch by haxxpop. + + o Minor features (ciphersuite selection): + - Clients now advertise a list of ciphersuites closer to the ones + preferred by Firefox. Closes part of ticket 15426. + - Allow relays to accept a wider range of ciphersuites, including + chacha20-poly1305 and AES-CCM. Closes the other part of 15426. + + o Minor features (controller, configuration): + - Each of the *Port options, such as SocksPort, ORPort, ControlPort, + and so on, now comes with a __*Port variant that will not be saved + to the torrc file by the controller's SAVECONF command. This + change allows TorBrowser to set up a single-use domain socket for + each time it launches Tor. Closes ticket 20956. + - The GETCONF command can now query options that may only be + meaningful in context-sensitive lists. This allows the controller + to query the mixed SocksPort/__SocksPort style options introduced + in feature 20956. Implements ticket 21300. + + o Minor features (portability, compilation): + - Autoconf now checks to determine if OpenSSL structures are opaque, + instead of explicitly checking for OpenSSL version numbers. Part + of ticket 21359. + - Support building with recent LibreSSL code that uses opaque + structures. Closes ticket 21359. + + o Minor features (relay): + - We now allow separation of exit and relay traffic to different + source IP addresses, using the OutboundBindAddressExit and + OutboundBindAddressOR options respectively. Closes ticket 17975. + Written by Michael Sonntag. + + o Minor bugfix (logging): + - Don't recommend the use of Tor2web in non-anonymous mode. + Recommending Tor2web is a bad idea because the client loses all + anonymity. Tor2web should only be used in specific cases by users + who *know* and understand the issues. Fixes bug 21294; bugfix + on 0.2.9.3-alpha. + + o Minor bugfixes (client): + - Always recover from failures in extend_info_from_node(), in an + attempt to prevent any recurrence of bug 21242. Fixes bug 21372; + bugfix on 0.2.3.1-alpha. + + o Minor bugfixes (client, entry guards): + - Fix a bug warning (with backtrace) when we fail a channel that + circuits to fallback directories on it. Fixes bug 21128; bugfix + on 0.3.0.1-alpha. + - Fix a spurious bug warning (with backtrace) when removing an + expired entry guard. Fixes bug 21129; bugfix on 0.3.0.1-alpha. + - Fix a bug of the new guard algorithm where tor could stall for up + to 10 minutes before retrying a guard after a long period of no + network. Fixes bug 21052; bugfix on 0.3.0.1-alpha. + - Do not try to build circuits until we have descriptors for our + primary entry guards. Related to fix for bug 21242. + + o Minor bugfixes (configure, autoconf): + - Rename the configure option --enable-expensive-hardening to + --enable-fragile-hardening. Expensive hardening makes the tor + daemon abort when some kinds of issues are detected. Thus, it + makes tor more at risk of remote crashes but safer against RCE or + heartbleed bug category. We now try to explain this issue in a + message from the configure script. Fixes bug 21290; bugfix + on 0.2.5.4-alpha. + + o Minor bugfixes (controller): + - Restore the (deprecated) DROPGUARDS controller command. Fixes bug + 20824; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (hidden service): + - Clean up the code for expiring intro points with no associated + circuits. It was causing, rarely, a service with some expiring + introduction points to not open enough additional introduction + points. Fixes part of bug 21302; bugfix on 0.2.7.2-alpha. + - Stop setting the torrc option HiddenServiceStatistics to "0" just + because we're not a bridge or relay. Instead, we preserve whatever + value the user set (or didn't set). Fixes bug 21150; bugfix + on 0.2.6.2-alpha. + - Resolve two possible underflows which could lead to creating and + closing a lot of introduction point circuits in a non-stop loop. + Fixes bug 21302; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (portability): + - Use "OpenBSD" compiler macro instead of "OPENBSD" or "__OpenBSD__". + It is supported by OpenBSD itself, and also by most OpenBSD + variants (such as Bitrig). Fixes bug 20980; bugfix + on 0.1.2.1-alpha. + - When mapping a file of length greater than SIZE_MAX, do not + silently truncate its contents. This issue could occur on 32 bit + systems with large file support and files which are larger than 4 + GB. Fixes bug 21134; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (tor-resolve): + - The tor-resolve command line tool now rejects hostnames over 255 + characters in length. Previously, it would silently truncate them, + which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5. + Patch by "junglefowl". + + o Minor bugfixes (Windows services): + - Be sure to initialize the monotonic time subsystem before using + it, even when running as an NT service. Fixes bug 21356; bugfix + on 0.2.9.1-alpha. + + +Changes in version 0.3.0.2-alpha - 2017-01-23 + Tor 0.3.0.2-alpha fixes a denial-of-service bug where an attacker could + cause relays and clients to crash, even if they were not built with + the --enable-expensive-hardening option. This bug affects all 0.2.9.x + versions, and also affects 0.3.0.1-alpha: all relays running an affected + version should upgrade. + + Tor 0.3.0.2-alpha also improves how exit relays and clients handle DNS + time-to-live values, makes directory authorities enforce the 1-to-1 + mapping of relay RSA identity keys to ED25519 identity keys, fixes a + client-side onion service reachability bug, does better at selecting + the set of fallback directories, and more. + + o Major bugfixes (security, also in 0.2.9.9): + - Downgrade the "-ftrapv" option from "always on" to "only on when + --enable-expensive-hardening is provided." This hardening option, like + others, can turn survivable bugs into crashes--and having it on by + default made a (relatively harmless) integer overflow bug into a + denial-of-service bug. Fixes bug 21278 (TROVE-2017-001); bugfix on + 0.2.9.1-alpha. + + o Major features (security): + - Change the algorithm used to decide DNS TTLs on client and server + side, to better resist DNS-based correlation attacks like the + DefecTor attack of Greschbach, Pulls, Roberts, Winter, and + Feamster. Now relays only return one of two possible DNS TTL + values, and clients are willing to believe DNS TTL values up to 3 + hours long. Closes ticket 19769. + + o Major features (directory authority, security): + - The default for AuthDirPinKeys is now 1: directory authorities + will reject relays where the RSA identity key matches a previously + seen value, but the Ed25519 key has changed. Closes ticket 18319. + + o Major bugfixes (client, guard, crash): + - In circuit_get_global_origin_list(), return the actual list of + origin circuits. The previous version of this code returned the + list of all the circuits, and could have caused strange bugs, + including possible crashes. Fixes bug 21118; bugfix + on 0.3.0.1-alpha. + + o Major bugfixes (client, onion service, also in 0.2.9.9): + - Fix a client-side onion service reachability bug, where multiple + socks requests to an onion service (or a single slow request) + could cause us to mistakenly mark some of the service's + introduction points as failed, and we cache that failure so + eventually we run out and can't reach the service. Also resolves a + mysterious "Remote server sent bogus reason code 65021" log + warning. The bug was introduced in ticket 17218, where we tried to + remember the circuit end reason as a uint16_t, which mangled + negative values. Partially fixes bug 21056 and fixes bug 20307; + bugfix on 0.2.8.1-alpha. + + o Major bugfixes (DNS): + - Fix a bug that prevented exit nodes from caching DNS records for + more than 60 seconds. Fixes bug 19025; bugfix on 0.2.4.7-alpha. + + o Minor features (controller): + - Add "GETINFO sr/current" and "GETINFO sr/previous" keys, to expose + shared-random values to the controller. Closes ticket 19925. + + o Minor features (entry guards): + - Add UseEntryGuards to TEST_OPTIONS_DEFAULT_VALUES in order to not + break regression tests. + - Require UseEntryGuards when UseBridges is set, in order to make + sure bridges aren't bypassed. Resolves ticket 20502. + + o Minor features (fallback directories): + - Select 200 fallback directories for each release. Closes + ticket 20881. + - Allow 3 fallback relays per operator, which is safe now that we + are choosing 200 fallback relays. Closes ticket 20912. + - Exclude relays affected by bug 20499 from the fallback list. + Exclude relays from the fallback list if they are running versions + known to be affected by bug 20499, or if in our tests they deliver + a stale consensus (i.e. one that expired more than 24 hours ago). + Closes ticket 20539. + - Reduce the minimum fallback bandwidth to 1 MByte/s. Part of + ticket 18828. + - Require fallback directories to have the same address and port for + 7 days (now that we have enough relays with this stability). + Relays whose OnionOO stability timer is reset on restart by bug + 18050 should upgrade to Tor 0.2.8.7 or later, which has a fix for + this issue. Closes ticket 20880; maintains short-term fix + in 0.2.8.2-alpha. + - Require fallbacks to have flags for 90% of the time (weighted + decaying average), rather than 95%. This allows at least 73% of + clients to bootstrap in the first 5 seconds without contacting an + authority. Part of ticket 18828. + - Annotate updateFallbackDirs.py with the bandwidth and consensus + weight for each candidate fallback. Closes ticket 20878. + - Make it easier to change the output sort order of fallbacks. + Closes ticket 20822. + - Display the relay fingerprint when downloading consensuses from + fallbacks. Closes ticket 20908. + + o Minor features (geoip, also in 0.2.9.9): + - Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2 + Country database. + + o Minor features (next-gen onion service directories): + - Remove the "EnableOnionServicesV3" consensus parameter that we + introduced in 0.3.0.1-alpha: relays are now always willing to act + as v3 onion service directories. Resolves ticket 19899. + + o Minor features (linting): + - Enhance the changes file linter to warn on Tor versions that are + prefixed with "tor-". Closes ticket 21096. + + o Minor features (logging): + - In several places, describe unset ed25519 keys as "<unset>", + rather than the scary "AAAAAAAA...AAA". Closes ticket 21037. + + o Minor bugfix (control protocol): + - The reply to a "GETINFO config/names" request via the control + protocol now spells the type "Dependent" correctly. This is a + breaking change in the control protocol. (The field seems to be + ignored by the most common known controllers.) Fixes bug 18146; + bugfix on 0.1.1.4-alpha. + + o Minor bugfixes (bug resilience): + - Fix an unreachable size_t overflow in base64_decode(). Fixes bug + 19222; bugfix on 0.2.0.9-alpha. Found by Guido Vranken; fixed by + Hans Jerry Illikainen. + + o Minor bugfixes (build): + - Replace obsolete Autoconf macros with their modern equivalent and + prevent similar issues in the future. Fixes bug 20990; bugfix + on 0.1.0.1-rc. + + o Minor bugfixes (client, guards): + - Fix bug where Tor would think that there are circuits waiting for + better guards even though those circuits have been freed. Fixes + bug 21142; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (config): + - Don't assert on startup when trying to get the options list and + LearnCircuitBuildTimeout is set to 0: we are currently parsing the + options so of course they aren't ready yet. Fixes bug 21062; + bugfix on 0.2.9.3-alpha. + + o Minor bugfixes (controller): + - Make the GETINFO interface for inquiring about entry guards + support the new guards backend. Fixes bug 20823; bugfix + on 0.3.0.1-alpha. + + o Minor bugfixes (dead code): + - Remove a redundant check for PidFile changes at runtime in + options_transition_allowed(): this check is already performed + regardless of whether the sandbox is active. Fixes bug 21123; + bugfix on 0.2.5.4-alpha. + + o Minor bugfixes (documentation): + - Update the tor manual page to document every option that can not + be changed while tor is running. Fixes bug 21122. + + o Minor bugfixes (fallback directories): + - Stop failing when a relay has no uptime data in + updateFallbackDirs.py. Fixes bug 20945; bugfix on 0.2.8.1-alpha. + - Avoid checking fallback candidates' DirPorts if they are down in + OnionOO. When a relay operator has multiple relays, this + prioritizes relays that are up over relays that are down. Fixes + bug 20926; bugfix on 0.2.8.3-alpha. + - Stop failing when OUTPUT_COMMENTS is True in updateFallbackDirs.py. + Fixes bug 20877; bugfix on 0.2.8.3-alpha. + + o Minor bugfixes (guards, bootstrapping): + - When connecting to a directory guard during bootstrap, do not mark + the guard as successful until we receive a good-looking directory + response from it. Fixes bug 20974; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (onion services): + - Fix the config reload pruning of old vs new services so it + actually works when both ephemeral and non-ephemeral services are + configured. Fixes bug 21054; bugfix on 0.3.0.1-alpha. + - Allow the number of introduction points to be as low as 0, rather + than as low as 3. Fixes bug 21033; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (IPv6): + - Make IPv6-using clients try harder to find an IPv6 directory + server. Fixes bug 20999; bugfix on 0.2.8.2-alpha. + - When IPv6 addresses have not been downloaded yet (microdesc + consensus documents don't list relay IPv6 addresses), use hard- + coded addresses for authorities, fallbacks, and configured + bridges. Now IPv6-only clients can use microdescriptors. Fixes bug + 20996; bugfix on b167e82 from 19608 in 0.2.8.5-alpha. + + o Minor bugfixes (memory leaks): + - Fix a memory leak when configuring hidden services. Fixes bug + 20987; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (portability, also in 0.2.9.9): + - Avoid crashing when Tor is built using headers that contain + CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel + without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix + on 0.2.9.1-alpha. + - Fix Libevent detection on platforms without Libevent 1 headers + installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (relay): + - Honor DataDirectoryGroupReadable when tor is a relay. Previously, + initializing the keys would reset the DataDirectory to 0700 + instead of 0750 even if DataDirectoryGroupReadable was set to 1. + Fixes bug 19953; bugfix on 0.0.2pre16. Patch by "redfish". + + o Minor bugfixes (testing): + - Remove undefined behavior from the backtrace generator by removing + its signal handler. Fixes bug 21026; bugfix on 0.2.5.2-alpha. + + o Minor bugfixes (unit tests): + - Allow the unit tests to pass even when DNS lookups of bogus + addresses do not fail as expected. Fixes bug 20862 and 20863; + bugfix on unit tests introduced in 0.2.8.1-alpha + through 0.2.9.4-alpha. + + o Code simplification and refactoring: + - Refactor code to manipulate global_origin_circuit_list into + separate functions. Closes ticket 20921. + + o Documentation (formatting): + - Clean up formatting of tor.1 man page and HTML doc, where <pre> + blocks were incorrectly appearing. Closes ticket 20885. + + o Documentation (man page): + - Clarify many options in tor.1 and add some min/max values for + HiddenService options. Closes ticket 21058. + + +Changes in version 0.2.9.9 - 2017-01-23 + Tor 0.2.9.9 fixes a denial-of-service bug where an attacker could + cause relays and clients to crash, even if they were not built with + the --enable-expensive-hardening option. This bug affects all 0.2.9.x + versions, and also affects 0.3.0.1-alpha: all relays running an affected + version should upgrade. + + This release also resolves a client-side onion service reachability + bug, and resolves a pair of small portability issues. + + o Major bugfixes (security): + - Downgrade the "-ftrapv" option from "always on" to "only on when + --enable-expensive-hardening is provided." This hardening option, + like others, can turn survivable bugs into crashes -- and having + it on by default made a (relatively harmless) integer overflow bug + into a denial-of-service bug. Fixes bug 21278 (TROVE-2017-001); + bugfix on 0.2.9.1-alpha. + + o Major bugfixes (client, onion service): + - Fix a client-side onion service reachability bug, where multiple + socks requests to an onion service (or a single slow request) + could cause us to mistakenly mark some of the service's + introduction points as failed, and we cache that failure so + eventually we run out and can't reach the service. Also resolves a + mysterious "Remote server sent bogus reason code 65021" log + warning. The bug was introduced in ticket 17218, where we tried to + remember the circuit end reason as a uint16_t, which mangled + negative values. Partially fixes bug 21056 and fixes bug 20307; + bugfix on 0.2.8.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (portability): + - Avoid crashing when Tor is built using headers that contain + CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel + without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix + on 0.2.9.1-alpha. + - Fix Libevent detection on platforms without Libevent 1 headers + installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha. + + +Changes in version 0.3.0.1-alpha - 2016-12-19 + Tor 0.3.0.1-alpha is the first alpha release in the 0.3.0 development + series. It strengthens Tor's link and circuit handshakes by + identifying relays by their Ed25519 keys, improves the algorithm that + clients use to choose and maintain their list of guards, and includes + additional backend support for the next-generation hidden service + design. It also contains numerous other small features and + improvements to security, correctness, and performance. + + Below are the changes since 0.2.9.8. + + o Major features (guard selection algorithm): + - Tor's guard selection algorithm has been redesigned from the + ground up, to better support unreliable networks and restrictive + sets of entry nodes, and to better resist guard-capture attacks by + hostile local networks. Implements proposal 271; closes + ticket 19877. + + o Major features (next-generation hidden services): + - Relays can now handle v3 ESTABLISH_INTRO cells as specified by + prop224 aka "Next Generation Hidden Services". Service and clients + don't use this functionality yet. Closes ticket 19043. Based on + initial code by Alec Heifetz. + - Relays now support the HSDir version 3 protocol, so that they can + can store and serve v3 descriptors. This is part of the next- + generation onion service work detailed in proposal 224. Closes + ticket 17238. + + o Major features (protocol, ed25519 identity keys): + - Relays now use Ed25519 to prove their Ed25519 identities and to + one another, and to clients. This algorithm is faster and more + secure than the RSA-based handshake we've been doing until now. + Implements the second big part of proposal 220; Closes + ticket 15055. + - Clients now support including Ed25519 identity keys in the EXTEND2 + cells they generate. By default, this is controlled by a consensus + parameter, currently disabled. You can turn this feature on for + testing by setting ExtendByEd25519ID in your configuration. This + might make your traffic appear different than the traffic + generated by other users, however. Implements part of ticket + 15056; part of proposal 220. + - Relays now understand requests to extend to other relays by their + Ed25519 identity keys. When an Ed25519 identity key is included in + an EXTEND2 cell, the relay will only extend the circuit if the + other relay can prove ownership of that identity. Implements part + of ticket 15056; part of proposal 220. + + o Major bugfixes (scheduler): + - Actually compare circuit policies in ewma_cmp_cmux(). This bug + caused the channel scheduler to behave more or less randomly, + rather than preferring channels with higher-priority circuits. + Fixes bug 20459; bugfix on 0.2.6.2-alpha. + + o Minor features (controller): + - When HSFETCH arguments cannot be parsed, say "Invalid argument" + rather than "unrecognized." Closes ticket 20389; patch from + Ivan Markin. + + o Minor features (diagnostic, directory client): + - Warn when we find an unexpected inconsistency in directory + download status objects. Prevents some negative consequences of + bug 20593. + + o Minor features (directory authority): + - Add a new authority-only AuthDirTestEd25519LinkKeys option (on by + default) to control whether authorities should try to probe relays + by their Ed25519 link keys. This option will go away in a few + releases--unless we encounter major trouble in our ed25519 link + protocol rollout, in which case it will serve as a safety option. + + o Minor features (directory cache): + - Relays and bridges will now refuse to serve the consensus they + have if they know it is too old for a client to use. Closes + ticket 20511. + + o Minor features (ed25519 link handshake): + - Advertise support for the ed25519 link handshake using the + subprotocol-versions mechanism, so that clients can tell which + relays can identity themselves by Ed25519 ID. Closes ticket 20552. + + o Minor features (fingerprinting resistance, authentication): + - Extend the length of RSA keys used for TLS link authentication to + 2048 bits. (These weren't used for forward secrecy; for forward + secrecy, we used P256.) Closes ticket 13752. + + o Minor features (infrastructure): + - Implement smartlist_add_strdup() function. Replaces the use of + smartlist_add(sl, tor_strdup(str)). Closes ticket 20048. + + o Minor bugfixes (client): + - When clients that use bridges start up with a cached consensus on + disk, they were ignoring it and downloading a new one. Now they + use the cached one. Fixes bug 20269; bugfix on 0.2.3.12-alpha. + + o Minor bugfixes (configuration): + - Accept non-space whitespace characters after the severity level in + the `Log` option. Fixes bug 19965; bugfix on 0.2.1.1-alpha. + - Support "TByte" and "TBytes" units in options given in bytes. + "TB", "terabyte(s)", "TBit(s)" and "terabit(s)" were already + supported. Fixes bug 20622; bugfix on 0.2.0.14-alpha. + + o Minor bugfixes (consensus weight): + - Add new consensus method that initializes bw weights to 1 instead + of 0. This prevents a zero weight from making it all the way to + the end (happens in small testing networks) and causing an error. + Fixes bug 14881; bugfix on 0.2.2.17-alpha. + + o Minor bugfixes (descriptors): + - Correctly recognise downloaded full descriptors as valid, even + when using microdescriptors as circuits. This affects clients with + FetchUselessDescriptors set, and may affect directory authorities. + Fixes bug 20839; bugfix on 0.2.3.2-alpha. + + o Minor bugfixes (directory system): + - Download all consensus flavors, descriptors, and authority + certificates when FetchUselessDescriptors is set, regardless of + whether tor is a directory cache or not. Fixes bug 20667; bugfix + on all recent tor versions. + - Bridges and relays now use microdescriptors (like clients do) + rather than old-style router descriptors. Now bridges will blend + in with clients in terms of the circuits they build. Fixes bug + 6769; bugfix on 0.2.3.2-alpha. + + o Minor bugfixes (ed25519 certificates): + - Correctly interpret ed25519 certificates that would expire some + time after 19 Jan 2038. Fixes bug 20027; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (hidden services): + - Stop ignoring misconfigured hidden services. Instead, refuse to + start tor until the misconfigurations have been corrected. Fixes + bug 20559; bugfix on multiple commits in 0.2.7.1-alpha + and earlier. + + o Minor bugfixes (memory leak at exit): + - Fix a small harmless memory leak at exit of the previously unused + RSA->Ed identity cross-certificate. Fixes bug 17779; bugfix + on 0.2.7.2-alpha. + + o Minor bugfixes (util): + - When finishing writing a file to disk, if we were about to replace + the file with the temporary file created before and we fail to + replace it, remove the temporary file so it doesn't stay on disk. + Fixes bug 20646; bugfix on tor-0.2.0.7-alpha. Patch by fk. + + o Minor bugfixes (Windows): + - Check for getpagesize before using it to mmap files. This fixes + compilation in some MinGW environments. Fixes bug 20530; bugfix on + 0.1.2.1-alpha. Reported by "ice". + + o Code simplification and refactoring: + - Abolish all global guard context in entrynodes.c; replace with new + guard_selection_t structure as preparation for proposal 271. + Closes ticket 19858. + - Introduce rend_service_is_ephemeral() that tells if given onion + service is ephemeral. Replace unclear NULL-checkings for service + directory with this function. Closes ticket 20526. + - Extract magic numbers in circuituse.c into defined variables. + - Refactor circuit_is_available_for_use to remove unnecessary check. + - Refactor circuit_predict_and_launch_new for readability and + testability. Closes ticket 18873. + - Refactor large if statement in purpose_needs_anonymity to use + switch statement instead. Closes part of ticket 20077. + - Refactor the hashing API to return negative values for errors, as + is done as throughout the codebase. Closes ticket 20717. + - Remove data structures that were used to index or_connection + objects by their RSA identity digests. These structures are fully + redundant with the similar structures used in the + channel abstraction. + - Remove duplicate code in the channel_write_*cell() functions. + Closes ticket 13827; patch from Pingl. + - Remove redundant behavior of is_sensitive_dir_purpose, refactor to + use only purpose_needs_anonymity. Closes part of ticket 20077. + - The code to generate and parse EXTEND and EXTEND2 cells has been + replaced with code automatically generated by the + "trunnel" utility. + + o Documentation: + - Include the "TBits" unit in Tor's man page. Fixes part of bug + 20622; bugfix on tor-0.2.5.1-alpha. + - Change '1' to 'weight_scale' in consensus bw weights calculation + comments, as that is reality. Closes ticket 20273. Patch + from pastly. + - Correct the value for AuthDirGuardBWGuarantee in the manpage, from + 250 KBytes to 2 MBytes. Fixes bug 20435; bugfix + on tor-0.2.5.6-alpha. + - Stop the man page from incorrectly stating that HiddenServiceDir + must already exist. Fixes 20486. + - Clarify that when ClientRejectInternalAddresses is enabled (which + is the default), multicast DNS hostnames for machines on the local + network (of the form *.local) are also rejected. Closes + ticket 17070. + + o Removed features: + - The AuthDirMaxServersPerAuthAddr option no longer exists: The same + limit for relays running on a single IP applies to authority IP + addresses as well as to non-authority IP addresses. Closes + ticket 20960. + - The UseDirectoryGuards torrc option no longer exists: all users + that use entry guards will also use directory guards. Related to + proposal 271; implements part of ticket 20831. + + o Testing: + - New unit tests for tor_htonll(). Closes ticket 19563. Patch + from "overcaffeinated". + - Perform the coding style checks when running the tests and fail + when coding style violations are found. Closes ticket 5500. + - Add tests for networkstatus_compute_bw_weights_v10. + - Add unit tests circuit_predict_and_launch_new. + - Extract dummy_origin_circuit_new so it can be used by other + test functions. + + +Changes in version 0.2.8.12 - 2016-12-19 + Tor 0.2.8.12 backports a fix for a medium-severity issue (bug 21018 + below) where Tor clients could crash when attempting to visit a + hostile hidden service. Clients are recommended to upgrade as packages + become available for their systems. + + It also includes an updated list of fallback directories, backported + from 0.2.9. + + Now that the Tor 0.2.9 series is stable, only major bugfixes will be + backported to 0.2.8 in the future. + + o Major bugfixes (parsing, security, backported from 0.2.9.8): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Minor features (fallback directory list, backported from 0.2.9.8): + - Replace the 81 remaining fallbacks of the 100 originally + introduced in Tor 0.2.8.3-alpha in March 2016, with a list of 177 + fallbacks (123 new, 54 existing, 27 removed) generated in December + 2016. Resolves ticket 20170. + + o Minor features (geoip, backported from 0.2.9.7-rc): + - Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2 + Country database. + + +Changes in version 0.2.9.8 - 2016-12-19 + Tor 0.2.9.8 is the first stable release of the Tor 0.2.9 series. + + The Tor 0.2.9 series makes mandatory a number of security features + that were formerly optional. It includes support for a new shared- + randomness protocol that will form the basis for next generation + hidden services, includes a single-hop hidden service mode for + optimizing .onion services that don't actually want to be hidden, + tries harder not to overload the directory authorities with excessive + downloads, and supports a better protocol versioning scheme for + improved compatibility with other implementations of the Tor protocol. + + And of course, there are numerous other bugfixes and improvements. + + This release also includes a fix for a medium-severity issue (bug + 21018 below) where Tor clients could crash when attempting to visit a + hostile hidden service. Clients are recommended to upgrade as packages + become available for their systems. + + Below are the changes since 0.2.9.7-rc. For a list of all changes + since 0.2.8, see the ReleaseNotes file. + + o Major bugfixes (parsing, security): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Minor features (fallback directory list): + - Replace the 81 remaining fallbacks of the 100 originally + introduced in Tor 0.2.8.3-alpha in March 2016, with a list of 177 + fallbacks (123 new, 54 existing, 27 removed) generated in December + 2016. Resolves ticket 20170. + + +Changes in version 0.2.9.7-rc - 2016-12-12 + Tor 0.2.9.7-rc fixes a few small bugs remaining in Tor 0.2.9.6-rc, + including a few that had prevented tests from passing on + some platforms. + + o Minor features (geoip): + - Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2 + Country database. + + o Minor bugfix (build): + - The current Git revision when building from a local repository is + now detected correctly when using git worktrees. Fixes bug 20492; + bugfix on 0.2.3.9-alpha. + + o Minor bugfixes (directory authority): + - When computing old Tor protocol line version in protover, we were + looking at 0.2.7.5 twice instead of a specific case for + 0.2.9.1-alpha. Fixes bug 20810; bugfix on 0.2.9.4-alpha. + + o Minor bugfixes (download scheduling): + - Resolve a "bug" warning when considering a download schedule whose + delay had approached INT_MAX. Fixes 20875; bugfix on 0.2.9.5-alpha. + + o Minor bugfixes (logging): + - Downgrade a harmless log message about the + pending_entry_connections list from "warn" to "info". Mitigates + bug 19926. + + o Minor bugfixes (memory leak): + - Fix a small memory leak when receiving AF_UNIX connections on a + SocksPort. Fixes bug 20716; bugfix on 0.2.6.3-alpha. + - When moving a signed descriptor object from a source to an + existing destination, free the allocated memory inside that + destination object. Fixes bug 20715; bugfix on 0.2.8.3-alpha. + + o Minor bugfixes (memory leak, use-after-free, linux seccomp2 sandbox): + - Fix a memory leak and use-after-free error when removing entries + from the sandbox's getaddrinfo() cache. Fixes bug 20710; bugfix on + 0.2.5.5-alpha. Patch from "cypherpunks". + + o Minor bugfixes (portability): + - Use the correct spelling of MAC_OS_X_VERSION_10_12 on configure.ac + Fixes bug 20935; bugfix on 0.2.9.6-rc. + + o Minor bugfixes (unit tests): + - Stop expecting NetBSD unit tests to report success for ipfw. Part + of a fix for bug 19960; bugfix on 0.2.9.5-alpha. + - Fix tolerances in unit tests for monotonic time comparisons + between nanoseconds and microseconds. Previously, we accepted a 10 + us difference only, which is not realistic on every platform's + clock_gettime(). Fixes bug 19974; bugfix on 0.2.9.1-alpha. + - Remove a double-free in the single onion service unit test. Stop + ignoring a return value. Make future changes less error-prone. + Fixes bug 20864; bugfix on 0.2.9.6-rc. + + +Changes in version 0.2.8.11 - 2016-12-08 + Tor 0.2.8.11 backports fixes for additional portability issues that + could prevent Tor from building correctly on OSX Sierra, or with + OpenSSL 1.1. Affected users should upgrade; others can safely stay + with 0.2.8.10. + + o Minor bugfixes (portability): + - Avoid compilation errors when building on OSX Sierra. Sierra began + to support the getentropy() and clock_gettime() APIs, but created + a few problems in doing so. Tor 0.2.9 has a more thorough set of + workarounds; in 0.2.8, we are just using the /dev/urandom and mach + monotonic time interfaces. Fixes bug 20865. Bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (portability, backport from 0.2.9.5-alpha): + - Fix compilation with OpenSSL 1.1 and less commonly-used CPU + architectures. Closes ticket 20588. + + +Changes in version 0.2.8.10 - 2016-12-02 + Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients + unusable after they left standby mode. It also backports fixes for + a few portability issues and a small but problematic memory leak. + + o Major bugfixes (client reliability, backport from 0.2.9.5-alpha): + - When Tor leaves standby because of a new application request, open + circuits as needed to serve that request. Previously, we would + potentially wait a very long time. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. + + o Major bugfixes (client performance, backport from 0.2.9.5-alpha): + - Clients now respond to new application stream requests immediately + when they arrive, rather than waiting up to one second before + starting to handle them. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (portability, backport from 0.2.9.6-rc): + - Work around a bug in the OSX 10.12 SDK that would prevent us from + successfully targeting earlier versions of OSX. Resolves + ticket 20235. + + o Minor bugfixes (portability, backport from 0.2.9.5-alpha): + - Fix implicit conversion warnings under OpenSSL 1.1. Fixes bug + 20551; bugfix on 0.2.1.1-alpha. + + o Minor bugfixes (relay, backport from 0.2.9.5-alpha): + - Work around a memory leak in OpenSSL 1.1 when encoding public + keys. Fixes bug 20553; bugfix on 0.0.2pre8. + + o Minor features (geoip): + - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2 + Country database. + +Changes in version 0.2.9.6-rc - 2016-12-02 + Tor 0.2.9.6-rc fixes a few remaining bugs found in the previous alpha + version. We hope that it will be ready to become stable soon, and we + encourage everyone to test this release. If no showstopper bugs are + found here, the next 0.2.9 release will be stable. + + o Major bugfixes (relay, resolver, logging): + - For relays that don't know their own address, avoid attempting a + local hostname resolve for each descriptor we download. This + will cut down on the number of "Success: chose address 'x.x.x.x'" + log lines, and also avoid confusing clock jumps if the resolver + is slow. Fixes bugs 20423 and 20610; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (client, fascistfirewall): + - Avoid spurious warnings when ReachableAddresses or FascistFirewall + is set. Fixes bug 20306; bugfix on 0.2.8.2-alpha. + + o Minor bugfixes (hidden services): + - Stop ignoring the anonymity status of saved keys for hidden + services and single onion services when first starting tor. + Instead, refuse to start tor if any hidden service key has been + used in a different hidden service anonymity mode. Fixes bug + 20638; bugfix on 17178 in 0.2.9.3-alpha; reported by ahf. + + o Minor bugfixes (portability): + - Work around a bug in the OSX 10.12 SDK that would prevent us from + successfully targeting earlier versions of OSX. Resolves + ticket 20235. + - Run correctly when built on Windows build environments that + require _vcsprintf(). Fixes bug 20560; bugfix on 0.2.2.11-alpha. + + o Minor bugfixes (single onion services, Tor2web): + - Stop complaining about long-term one-hop circuits deliberately + created by single onion services and Tor2web. These log messages + are intended to diagnose issue 8387, which relates to circuits + hanging around forever for no reason. Fixes bug 20613; bugfix on + 0.2.9.1-alpha. Reported by "pastly". + + o Minor bugfixes (unit tests): + - Stop spurious failures in the local interface address discovery + unit tests. Fixes bug 20634; bugfix on 0.2.8.1-alpha; patch by + Neel Chauhan. + + o Documentation: + - Correct the minimum bandwidth value in torrc.sample, and queue a + corresponding change for torrc.minimal. Closes ticket 20085. + + +Changes in version 0.2.9.5-alpha - 2016-11-08 + Tor 0.2.9.5-alpha fixes numerous bugs discovered in the previous alpha + version. We believe one or two probably remain, and we encourage + everyone to test this release. + + o Major bugfixes (client performance): + - Clients now respond to new application stream requests immediately + when they arrive, rather than waiting up to one second before + starting to handle them. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. + + o Major bugfixes (client reliability): + - When Tor leaves standby because of a new application request, open + circuits as needed to serve that request. Previously, we would + potentially wait a very long time. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. + + o Major bugfixes (download scheduling): + - When using an exponential backoff schedule, do not give up on + downloading just because we have failed a bunch of times. Since + each delay is longer than the last, retrying indefinitely won't + hurt. Fixes bug 20536; bugfix on 0.2.9.1-alpha. + - If a consensus expires while we are waiting for certificates to + download, stop waiting for certificates. + - If we stop waiting for certificates less than a minute after we + started downloading them, do not consider the certificate download + failure a separate failure. Fixes bug 20533; bugfix + on 0.2.0.9-alpha. + - Remove the maximum delay on exponential-backoff scheduling. Since + we now allow an infinite number of failures (see ticket 20536), we + must now allow the time to grow longer on each failure. Fixes part + of bug 20534; bugfix on 0.2.9.1-alpha. + - Make our initial download delays closer to those from 0.2.8. Fixes + another part of bug 20534; bugfix on 0.2.9.1-alpha. + - When determining when to download a directory object, handle times + after 2038 if the operating system supports them. (Someday this + will be important!) Fixes bug 20587; bugfix on 0.2.8.1-alpha. + - When using exponential backoff in test networks, use a lower + exponent, so the delays do not vary as much. This helps test + networks bootstrap consistently. Fixes bug 20597; bugfix on 20499. + + o Minor features (geoip): + - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (client directory scheduling): + - Treat "relay too busy to answer request" as a failed request and a + reason to back off on our retry frequency. This is safe now that + exponential backoffs retry indefinitely, and avoids a bug where we + would reset our download schedule erroneously. Fixes bug 20593; + bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (client, logging): + - Remove a BUG warning in circuit_pick_extend_handshake(). Instead, + assume all nodes support EXTEND2. Use ntor whenever a key is + available. Fixes bug 20472; bugfix on 0.2.9.3-alpha. + - On DNSPort, stop logging a BUG warning on a failed hostname + lookup. Fixes bug 19869; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (hidden services): + - When configuring hidden services, check every hidden service + directory's permissions. Previously, we only checked the last + hidden service. Fixes bug 20529; bugfix the work to fix 13942 + in 0.2.6.2-alpha. + + o Minor bugfixes (portability): + - Fix compilation with OpenSSL 1.1 and less commonly-used CPU + architectures. Closes ticket 20588. + - Use ECDHE ciphers instead of ECDH in tortls tests. LibreSSL has + removed the ECDH ciphers which caused the tests to fail on + platforms which use it. Fixes bug 20460; bugfix on 0.2.8.1-alpha. + - Fix implicit conversion warnings under OpenSSL 1.1. Fixes bug + 20551; bugfix on 0.2.1.1-alpha. + + o Minor bugfixes (relay bootstrap): + - Ensure relays don't make multiple connections during bootstrap. + Fixes bug 20591; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (relay): + - Work around a memory leak in OpenSSL 1.1 when encoding public + keys. Fixes bug 20553; bugfix on 0.0.2pre8. + - Avoid a small memory leak when informing worker threads about + rotated onion keys. Fixes bug 20401; bugfix on 0.2.6.3-alpha. + - Do not try to parallelize workers more than 16x without the user + explicitly configuring us to do so, even if we do detect more than + 16 CPU cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha. + + o Minor bugfixes (single onion services): + - Start correctly when creating a single onion service in a + directory that did not previously exist. Fixes bug 20484; bugfix + on 0.2.9.3-alpha. + + o Minor bugfixes (testing): + - Avoid a unit test failure on systems with over 16 detectable CPU + cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha. + + o Documentation: + - Clarify that setting HiddenServiceNonAnonymousMode requires you to + also set "SOCKSPort 0". Fixes bug 20487; bugfix on 0.2.9.3-alpha. + - Module-level documentation for several more modules. Closes + tickets 19287 and 19290. Changes in version 0.2.8.9 - 2016-10-17 @@ -123,7 +5591,7 @@ Changes in version 0.2.9.4-alpha - 2016-10-17 o Minor bugfixes (getpass): - Defensively fix a non-triggerable heap corruption at do_getpass() to protect ourselves from mistakes in the future. Fixes bug - #19223; bugfix on 0.2.7.3-rc. Bug found by Guido Vranken, patch + 19223; bugfix on 0.2.7.3-rc. Bug found by Guido Vranken, patch by nherring. o Minor bugfixes (hidden service): @@ -194,7 +5662,7 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 o Major bugfixes (circuit building): - Hidden service client-to-intro-point and service-to-rendezvous- - point cicruits use the TAP key supplied by the protocol, to avoid + point circuits use the TAP key supplied by the protocol, to avoid epistemic attacks. Fixes bug 19163; bugfix on 0.2.4.18-rc. o Major bugfixes (compilation, OpenBSD): @@ -216,8 +5684,9 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 OpenSSL 0.9.7 or later since 2009. Closes ticket 19998. o Minor feature (fallback directories): - - Remove broken entries from the hard-coded fallback directory list. - Closes ticket 20190; patch by teor. + - Remove 8 fallbacks that are no longer suitable, leaving 81 of the + 100 fallbacks originally introduced in Tor 0.2.8.2-alpha in March + 2016. Closes ticket 20190; patch by teor. o Minor features (geoip, also in 0.2.8.8): - Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2 @@ -312,7 +5781,7 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 - Document the default PathsNeededToBuildCircuits value that's used by clients when the directory authorities don't set min_paths_for_circs_pct. Fixes bug 20117; bugfix on 02c320916e02 - in tor-0.2.4.10-alpha. Patch by teor, reported by Jesse V. + in 0.2.4.10-alpha. Patch by teor, reported by Jesse V. - Fix manual for the User option: it takes a username, not a UID. Fixes bug 19122; bugfix on 0.0.2pre16 (the first version to have a manpage!). @@ -351,12 +5820,12 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 o Minor bugfixes (options): - Check the consistency of UseEntryGuards and EntryNodes more - reliably. Fixes bug 20074; bugfix on tor- 0.2.4.12-alpha. Patch + reliably. Fixes bug 20074; bugfix on 0.2.4.12-alpha. Patch by teor. - Stop changing the configured value of UseEntryGuards on authorities and Tor2web clients. Fixes bug 20074; bugfix on - commits 51fc6799 in tor-0.1.1.16-rc and acda1735 in tor-0.2.4.3- - alpha. Patch by teor. + commits 51fc6799 in 0.1.1.16-rc and acda1735 in 0.2.4.3-alpha. + Patch by teor. o Minor bugfixes (Tor2web): - Prevent Tor2web clients running hidden services, these services @@ -395,8 +5864,9 @@ Changes in version 0.2.8.8 - 2016-09-23 this one. o Minor feature (fallback directories): - - Remove broken fallbacks from the hard-coded fallback directory - list. Closes ticket 20190; patch by teor. + - Remove 8 fallbacks that are no longer suitable, leaving 81 of the + 100 fallbacks originally introduced in Tor 0.2.8.2-alpha in March + 2016. Closes ticket 20190; patch by teor. o Minor features (geoip): - Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2 @@ -478,7 +5948,7 @@ Changes in version 0.2.9.2-alpha - 2016-08-24 o Deprecated features: - A number of DNS-cache-related sub-options for client ports are now deprecated for security reasons, and may be removed in a future - version of Tor. (We believe that client-side DNS cacheing is a bad + version of Tor. (We believe that client-side DNS caching is a bad idea for anonymity, and you should not turn it on.) The options are: CacheDNS, CacheIPv4DNS, CacheIPv6DNS, UseDNSCache, UseIPv4Cache, and UseIPv6Cache. @@ -850,8 +6320,9 @@ Changes in version 0.2.8.6 - 2016-08-02 is signed. Fixes bug 19682; bugfix on 0.2.8.1-alpha. o Minor bugfixes (fallback directories): - - Remove a fallback that was on the hardcoded list, then opted-out. - Fixes bug 19782; update to fallback list from 0.2.8.2-alpha. + - Remove 1 fallback that was on the hardcoded list, then opted-out, + leaving 89 of the 100 fallbacks originally introduced in Tor + 0.2.8.2-alpha in March 2016. Closes ticket 19782; patch by teor. o Minor bugfixes (Linux seccomp2 sandbox): - Allow more syscalls when running with "Sandbox 1" enabled: @@ -875,7 +6346,7 @@ Changes in version 0.2.8.5-rc - 2016-07-07 o Major bugfixes (heartbeat): - Fix a regression that would crash Tor when the periodic "heartbeat" log messages were disabled. Fixes bug 19454; bugfix on - tor-0.2.8.1-alpha. Reported by "kubaku". + 0.2.8.1-alpha. Reported by "kubaku". o Minor features (build): - Tor now again builds with the recent OpenSSL 1.1 development @@ -923,8 +6394,9 @@ Changes in version 0.2.8.5-rc - 2016-07-07 - Update fallback whitelist and blacklist based on relay operator emails. Blacklist unsuitable (non-working, over-volatile) fallbacks. Resolves ticket 19071. Patch by teor. - - Update hard-coded fallback list to remove unsuitable fallbacks. - Resolves ticket 19071. Patch by teor. + - Remove 10 unsuitable fallbacks, leaving 90 of the 100 fallbacks + originally introduced in Tor 0.2.8.2-alpha in March 2016. Closes + ticket 19071; patch by teor. Changes in version 0.2.8.4-rc - 2016-06-15 @@ -1021,7 +6493,7 @@ Changes in version 0.2.8.3-alpha - 2016-05-26 o Major bugfixes (testing): - Fix a bug that would block 'make test-network-all' on systems where - IPv6 packets were lost. Fixes bug 19008; bugfix on tor-0.2.7.3-rc. + IPv6 packets were lost. Fixes bug 19008; bugfix on 0.2.7.3-rc. - Avoid "WSANOTINITIALISED" warnings in the unit tests. Fixes bug 18668; bugfix on 0.2.8.1-alpha. @@ -1034,10 +6506,12 @@ Changes in version 0.2.8.3-alpha - 2016-05-26 - Give each fallback the same weight for client selection; restrict fallbacks to one per operator; report fallback directory detail changes when rebuilding list; add new fallback directory mirrors - to the whitelist; update fallback directories based on the latest - OnionOO data; and any other minor simplifications and fixes. - Closes tasks 17158, 17905, 18749, bug 18689, and fixes part of bug - 18812 on 0.2.8.1-alpha; patch by "teor". + to the whitelist; and many other minor simplifications and fixes. + Closes tasks 17905, 18749, bug 18689, and fixes part of bug 18812 on + 0.2.8.1-alpha; patch by "teor". + - Replace the 21 fallbacks generated in January 2016 and included in + Tor 0.2.8.1-alpha, with a list of 100 fallbacks generated in March + 2016. Closes task 17158; patch by "teor". o Minor features (geoip): - Update geoip and geoip6 to the May 4 2016 Maxmind GeoLite2 @@ -1307,7 +6781,7 @@ Changes in version 0.2.8.2-alpha - 2016-03-28 testing versions of the static libraries. Fixes bug 18490; bugfix on 0.2.7.1-alpha. - Avoid spurious failures from configure files related to calling - exit(0) in TOR_SEARCH_LIBRARY. Fixes bug 18625; bugfix on + exit(0) in TOR_SEARCH_LIBRARY. Fixes bug 18626; bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". - Silence spurious clang-scan warnings in the ed25519_donna code by explicitly initializing some objects. Fixes bug 18384; bugfix on @@ -1481,10 +6955,11 @@ Changes in version 0.2.8.1-alpha - 2016-02-04 should reduces failures due to fallback churn. Implements ticket 4483. Patch by "teor". Implements IPv4 portions of proposal 210 by "mikeperry" and "teor". - - Include a trial list of default fallback directories, based on an - opt-in survey of suitable relays. Doing this should make clients - bootstrap more quickly and reliably, and reduce the load on the - directory authorities. Closes ticket 15775. Patch by "teor". + - Include a trial list of 21 default fallback directories, generated + in January 2016, based on an opt-in survey of suitable relays. + Doing this should make clients bootstrap more quickly and reliably, + and reduce the load on the directory authorities. Closes ticket + 15775. Patch by "teor". Candidates identified using an OnionOO script by "weasel", "teor", "gsathya", and "karsten". - Previously only relays that explicitly opened a directory port @@ -2596,7 +8071,7 @@ Changes in version 0.2.6.8 - 2015-05-21 o Major bugfixes (hidden services, backport from 0.2.7.1-alpha): - Revert commit that made directory authorities assign the HSDir - flag to relay without a DirPort; this was bad because such relays + flag to relays without a DirPort; this was bad because such relays can't handle BEGIN_DIR cells. Fixes bug 15850; bugfix on 0.2.6.3-alpha. @@ -2637,7 +8112,7 @@ Changes in version 0.2.7.1-alpha - 2015-05-12 o Major bugfixes (hidden services): - Revert commit that made directory authorities assign the HSDir - flag to relay without a DirPort; this was bad because such relays + flag to relays without a DirPort; this was bad because such relays can't handle BEGIN_DIR cells. Fixes bug 15850; bugfix on 0.2.6.3-alpha. @@ -2943,7 +8418,7 @@ Changes in version 0.2.6.5-rc - 2015-03-18 o Major bugfixes (pluggable transports): - Initialize the extended OR Port authentication cookie before launching pluggable transports. This prevents a race condition - that occured when server-side pluggable transports would cache the + that occurred when server-side pluggable transports would cache the authentication cookie before it has been (re)generated. Fixes bug 15240; bugfix on 0.2.5.1-alpha. @@ -3686,7 +9161,7 @@ Changes in version 0.2.6.2-alpha - 2014-12-31 some bugs where we would look at (but fortunately, not reveal) uninitialized memory on the stack. Fixes bug 14013; bugfix on all versions of Tor. - - Clear all memory targetted by tor_addr_{to,from}_sockaddr(), not + - Clear all memory targeted by tor_addr_{to,from}_sockaddr(), not just the part that's used. This makes it harder for data leak bugs to occur in the event of other programming failures. Resolves ticket 14041. @@ -4829,7 +10304,7 @@ Changes in version 0.2.5.5-alpha - 2014-06-18 directory authority options, remove the documentation for a V2-directory fetching option that no longer exists. Resolves ticket 11634. - - Correct the documenation so that it lists the correct directory + - Correct the documentation so that it lists the correct directory for the stats files. (They are in a subdirectory called "stats", not "status".) - In the manpage, move more authority-only options into the @@ -6114,7 +11589,7 @@ Changes in version 0.2.5.1-alpha - 2013-10-02 from Arlo Breault. - Remove instances of strcpy() from the unit tests. They weren't hurting anything, since they were only in the unit tests, but it's - embarassing to have strcpy() in the code at all, and some analysis + embarrassing to have strcpy() in the code at all, and some analysis tools don't like it. Fixes bug 8790; bugfix on 0.2.3.6-alpha and 0.2.3.8-alpha. Patch from Arlo Breault. @@ -6215,7 +11690,7 @@ Changes in version 0.2.4.16-rc - 2013-08-10 0.2.4.15-rc. Found by stem integration tests. o Minor bugfixes: - - Fix an invalid memory read that occured when a pluggable + - Fix an invalid memory read that occurred when a pluggable transport proxy failed its configuration protocol. Fixes bug 9288; bugfix on 0.2.4.1-alpha. - When evaluating whether to use a connection that we haven't @@ -6473,7 +11948,7 @@ Changes in version 0.2.4.12-alpha - 2013-04-18 0.2.0.10-alpha. Reported pseudonymously. - Make the format and order of STREAM events for DNS lookups consistent among the various ways to launch DNS lookups. Fixes - bug 8203; bugfix on 0.2.0.24-rc. Patch by "Desoxy." + bug 8203; bugfix on 0.2.0.24-rc. Patch by "Desoxy". - Correct our check for which versions of Tor support the EXTEND2 cell. We had been willing to send it to Tor 0.2.4.7-alpha and later, when support was really added in version 0.2.4.8-alpha. @@ -9006,7 +14481,7 @@ Changes in version 0.2.3.11-alpha - 2012-01-22 CloseHSServiceRendCircuitsImmediatelyOnTimeout option. Fixes the remaining part of bug 1297; bugfix on 0.2.2.2-alpha. - Make sure we never mark the wrong rendezvous circuit as having - had its introduction cell acknowleged by the introduction-point + had its introduction cell acknowledged by the introduction-point relay. Previously, when we received an INTRODUCE_ACK cell on a client-side hidden-service introduction circuit, we might have marked a rendezvous circuit other than the one we specified in @@ -10313,7 +15788,7 @@ Changes in version 0.2.3.3-alpha - 2011-09-01 raised by bug 3898. - The "--quiet" and "--hush" options now apply not only to Tor's behavior before logs are configured, but also to Tor's behavior in - the absense of configured logs. Fixes bug 3550; bugfix on + the absence of configured logs. Fixes bug 3550; bugfix on 0.2.0.10-alpha. o Minor bugfixes (also part of 0.2.2.31-rc): @@ -12814,7 +18289,7 @@ Changes in version 0.2.2.8-alpha - 2010-01-26 please upgrade. o Major bugfixes: - - Fix a memory corruption bug on bridges that occured during the + - Fix a memory corruption bug on bridges that occurred during the inclusion of stats data in extra-info descriptors. Also fix the interface for geoip_get_bridge_stats* to prevent similar bugs in the future. Diagnosis by Tas, patch by Karsten and Sebastian. @@ -13228,7 +18703,7 @@ Changes in version 0.2.2.2-alpha - 2009-09-21 to EDGE and find out if the build-time data in the .tor/state gets reset without loss of Tor usability. You should also see a notice log message telling you that Tor has reset its timeout. - - Directory authorities can now vote on arbitary integer values as + - Directory authorities can now vote on arbitrary integer values as part of the consensus process. This is designed to help set network-wide parameters. Implements proposal 167. - Tor now reads the "circwindow" parameter out of the consensus, @@ -16256,7 +21731,7 @@ Changes in version 0.2.0.9-alpha - 2007-10-24 - Distinguish between detached signatures for the wrong period, and detached signatures for a divergent vote. - Fix a small memory leak when computing a consensus. - - When there's no concensus, we were forming a vote every 30 + - When there's no consensus, we were forming a vote every 30 minutes, but writing the "valid-after" line in our vote based on our configured V3AuthVotingInterval: so unless the intervals matched up, we immediately rejected our own vote because it didn't @@ -19643,7 +25118,7 @@ Changes in version 0.1.0.9-rc - 2005-06-09 KeepalivePeriod, ClientOnly, NoPublish, HttpProxy, HttpsProxy, HttpProxyAuthenticator - Stop warning about sigpipes in the logs. We're going to - pretend that getting these occassionally is normal and fine. + pretend that getting these occasionally is normal and fine. - Resolve OS X installer bugs: stop claiming to be 0.0.9.2 in certain installer screens; and don't put stuff into StartupItems unless @@ -20108,7 +25583,7 @@ Changes in version 0.1.0.1-rc - 2005-03-28 Changes in version 0.0.9.6 - 2005-03-24 o Bugfixes on 0.0.9.x (crashes and asserts): - - Add new end stream reasons to maintainance branch. Fix bug where + - Add new end stream reasons to maintenance branch. Fix bug where reason (8) could trigger an assert. Prevent bug from recurring. - Apparently win32 stat wants paths to not end with a slash. - Fix assert triggers in assert_cpath_layer_ok(), where we were |