aboutsummaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog691
1 files changed, 691 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 9ddbfa95fd..866a1153e7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,694 @@
+Changes in version 0.3.5.11 - 2020-07-09
+ Tor 0.3.5.11 backports fixes from later tor releases, including several
+ usability, portability, and reliability fixes.
+
+ This release also fixes TROVE-2020-001, a medium-severity denial of
+ service vulnerability affecting all versions of Tor when compiled with
+ the NSS encryption library. (This is not the default configuration.)
+ Using this vulnerability, an attacker could cause an affected Tor
+ instance to crash remotely. This issue is also tracked as CVE-2020-
+ 15572. Anybody running a version of Tor built with the NSS library
+ should upgrade to 0.3.5.11, 0.4.2.8, 0.4.3.6, or 0.4.4.2-alpha
+ or later.
+
+ o Major bugfixes (NSS, security, backport from 0.4.4.2-alpha):
+ - Fix a crash due to an out-of-bound memory access when Tor is
+ compiled with NSS support. Fixes bug 33119; bugfix on
+ 0.3.5.1-alpha. This issue is also tracked as TROVE-2020-001
+ and CVE-2020-15572.
+
+ o Major bugfixes (DoS defenses, bridges, pluggable transport, backport from 0.4.3.4-rc):
+ - Fix a bug that was preventing DoS defenses from running on bridges
+ with a pluggable transport. Previously, the DoS subsystem was not
+ given the transport name of the client connection, thus failed to
+ find the GeoIP cache entry for that client address. Fixes bug
+ 33491; bugfix on 0.3.3.2-alpha.
+
+ o Minor features (testing, backport from 0.4.3.4-rc):
+ - The unit tests now support a "TOR_SKIP_TESTCASES" environment
+ variable to specify a list of space-separated test cases that
+ should not be executed. We will use this to disable certain tests
+ that are failing on Appveyor because of mismatched OpenSSL
+ libraries. Part of ticket 33643.
+
+ o Minor bugfix (CI, Windows, backport from 0.4.4.2-alpha):
+ - Use the correct 64-bit printf format when compiling with MINGW on
+ Appveyor. Fixes bug 40026; bugfix on 0.3.5.5-alpha.
+
+ o Minor bugfix (relay, configuration, backport from 0.4.3.3-alpha):
+ - Warn if the ContactInfo field is not set, and tell the relay
+ operator that not having a ContactInfo field set might cause their
+ relay to get rejected in the future. Fixes bug 33361; bugfix
+ on 0.1.1.10-alpha.
+
+ o Minor bugfixes (client performance, backport from 0.4.4.1-alpha):
+ - Resume use of preemptively-built circuits when UseEntryGuards is set
+ to 0. We accidentally disabled this feature with that config
+ setting, leading to slower load times. Fixes bug 34303; bugfix
+ on 0.3.3.2-alpha.
+
+ o Minor bugfixes (compiler compatibility, backport from 0.4.3.5):
+ - Avoid compiler warnings from Clang 10 related to the use of GCC-
+ style "/* falls through */" comments. Both Clang and GCC allow
+ __attribute__((fallthrough)) instead, so that's what we're using
+ now. Fixes bug 34078; bugfix on 0.3.1.3-alpha.
+
+ o Minor bugfixes (compiler warnings, backport from 0.4.4.2-alpha):
+ - Fix a compiler warning on platforms with 32-bit time_t values.
+ Fixes bug 40028; bugfix on 0.3.2.8-rc.
+
+ o Minor bugfixes (embedded Tor, backport from 0.4.3.1-alpha):
+ - When starting Tor any time after the first time in a process,
+ register the thread in which it is running as the main thread.
+ Previously, we only did this on Windows, which could lead to bugs
+ like 23081 on non-Windows platforms. Fixes bug 32884; bugfix
+ on 0.3.3.1-alpha.
+
+ o Minor bugfixes (key portability, backport from 0.4.3.4-rc):
+ - When reading PEM-encoded key data, tolerate CRLF line-endings even
+ if we are not running on Windows. Previously, non-Windows hosts
+ would reject these line-endings in certain positions, making
+ certain key files hard to move from one host to another. Fixes bug
+ 33032; bugfix on 0.3.5.1-alpha.
+
+ o Minor bugfixes (logging, backport from 0.4.4.2-alpha):
+ - Downgrade a noisy log message that could occur naturally when
+ receiving an extrainfo document that we no longer want. Fixes bug
+ 16016; bugfix on 0.2.6.3-alpha.
+
+ o Minor bugfixes (onion service v3, client, backport from 0.4.3.3-alpha):
+ - Remove a BUG() warning that would cause a stack trace if an onion
+ service descriptor was freed while we were waiting for a
+ rendezvous circuit to complete. Fixes bug 28992; bugfix
+ on 0.3.2.1-alpha.
+
+ o Testing (CI, backport from 0.4.3.4-rc):
+ - In our Appveyor Windows CI, copy required DLLs to test and app
+ directories, before running tor's tests. This ensures that tor.exe
+ and test*.exe use the correct version of each DLL. This fix is not
+ required, but we hope it will avoid DLL search issues in future.
+ Fixes bug 33673; bugfix on 0.3.4.2-alpha.
+ - On Appveyor, skip the crypto/openssl_version test, which is
+ failing because of a mismatched library installation. Fix
+ for 33643.
+
+
+Changes in version 0.4.2.8 - 2020-07-09
+ Tor 0.4.2.8 backports various fixes from later releases, including
+ several that affect usability and portability.
+
+ This release also fixes TROVE-2020-001, a medium-severity denial of
+ service vulnerability affecting all versions of Tor when compiled with
+ the NSS encryption library. (This is not the default configuration.)
+ Using this vulnerability, an attacker could cause an affected Tor
+ instance to crash remotely. This issue is also tracked as CVE-2020-
+ 15572. Anybody running a version of Tor built with the NSS library
+ should upgrade to 0.3.5.11, 0.4.2.8, 0.4.3.6, or 0.4.4.2-alpha
+ or later.
+
+ o Major bugfixes (NSS, security, backport from 0.4.4.2-alpha):
+ - Fix a crash due to an out-of-bound memory access when Tor is
+ compiled with NSS support. Fixes bug 33119; bugfix on
+ 0.3.5.1-alpha. This issue is also tracked as TROVE-2020-001
+ and CVE-2020-15572.
+
+ o Major bugfixes (DoS defenses, bridges, pluggable transport, backport from 0.4.3.4-rc):
+ - Fix a bug that was preventing DoS defenses from running on bridges
+ with a pluggable transport. Previously, the DoS subsystem was not
+ given the transport name of the client connection, thus failed to
+ find the GeoIP cache entry for that client address. Fixes bug
+ 33491; bugfix on 0.3.3.2-alpha.
+
+ o Minor feature (sendme, flow control, backport form 0.4.3.4-rc):
+ - Default to sending SENDME version 1 cells. (Clients are already
+ sending these, because of a consensus parameter telling them to do
+ so: this change only affects what clients would do if the
+ consensus didn't contain a recommendation.) Closes ticket 33623.
+
+ o Minor features (diagnostic, backport from 0.4.3.3-alpha):
+ - Improve assertions and add some memory-poisoning code to try to
+ track down possible causes of a rare crash (32564) in the EWMA
+ code. Closes ticket 33290.
+
+ o Minor features (testing, backport from 0.4.3.4-rc):
+ - The unit tests now support a "TOR_SKIP_TESTCASES" environment
+ variable to specify a list of space-separated test cases that
+ should not be executed. We will use this to disable certain tests
+ that are failing on Appveyor because of mismatched OpenSSL
+ libraries. Part of ticket 33643.
+
+ o Minor bugfix (CI, Windows, backport from 0.4.4.2-alpha):
+ - Use the correct 64-bit printf format when compiling with MINGW on
+ Appveyor. Fixes bug 40026; bugfix on 0.3.5.5-alpha.
+
+ o Minor bugfix (relay, configuration, backport from 0.4.3.3-alpha):
+ - Warn if the ContactInfo field is not set, and tell the relay
+ operator that not having a ContactInfo field set might cause their
+ relay to get rejected in the future. Fixes bug 33361; bugfix
+ on 0.1.1.10-alpha.
+
+ o Minor bugfixes (client performance, backport from 0.4.4.1-alpha):
+ - Resume use of preemptively-built circuits when UseEntryGuards is set
+ to 0. We accidentally disabled this feature with that config
+ setting, leading to slower load times. Fixes bug 34303; bugfix
+ on 0.3.3.2-alpha.
+
+ o Minor bugfixes (compiler compatibility, backport from 0.4.3.5):
+ - Avoid compiler warnings from Clang 10 related to the use of GCC-
+ style "/* falls through */" comments. Both Clang and GCC allow
+ __attribute__((fallthrough)) instead, so that's what we're using
+ now. Fixes bug 34078; bugfix on 0.3.1.3-alpha.
+ - Fix compilation warnings with GCC 10.0.1. Fixes bug 34077; bugfix
+ on 0.4.0.3-alpha.
+
+ o Minor bugfixes (compiler warnings, backport from 0.4.4.2-alpha):
+ - Fix a compiler warning on platforms with 32-bit time_t values.
+ Fixes bug 40028; bugfix on 0.3.2.8-rc.
+
+ o Minor bugfixes (controller protocol, backport from 0.4.3.2-alpha):
+ - When receiving "ACTIVE" or "DORMANT" signals on the control port,
+ report them as SIGNAL events. Previously we would log a bug
+ warning. Fixes bug 33104; bugfix on 0.4.0.1-alpha.
+
+ o Minor bugfixes (embedded Tor, backport from 0.4.3.1-alpha):
+ - When starting Tor any time after the first time in a process,
+ register the thread in which it is running as the main thread.
+ Previously, we only did this on Windows, which could lead to bugs
+ like 23081 on non-Windows platforms. Fixes bug 32884; bugfix
+ on 0.3.3.1-alpha.
+
+ o Minor bugfixes (key portability, backport from 0.4.3.4-rc):
+ - When reading PEM-encoded key data, tolerate CRLF line-endings even
+ if we are not running on Windows. Previously, non-Windows hosts
+ would reject these line-endings in certain positions, making
+ certain key files hard to move from one host to another. Fixes bug
+ 33032; bugfix on 0.3.5.1-alpha.
+
+ o Minor bugfixes (logging, backport from 0.4.3.2-rc):
+ - When logging a bug, do not say "Future instances of this warning
+ will be silenced" unless we are actually going to silence them.
+ Previously we would say this whenever a BUG() check failed in the
+ code. Fixes bug 33095; bugfix on 0.4.1.1-alpha.
+
+ o Minor bugfixes (logging, backport from 0.4.3.4-rc):
+ - Flush stderr, stdout, and file logs during shutdown, if supported
+ by the OS. This change helps make sure that any final logs are
+ recorded. Fixes bug 33087; bugfix on 0.4.1.6.
+
+ o Minor bugfixes (logging, backport from 0.4.4.2-alpha):
+ - Downgrade a noisy log message that could occur naturally when
+ receiving an extrainfo document that we no longer want. Fixes bug
+ 16016; bugfix on 0.2.6.3-alpha.
+
+ o Minor bugfixes (onion service v3, client, backport from 0.4.3.3-alpha):
+ - Remove a BUG() warning that would cause a stack trace if an onion
+ service descriptor was freed while we were waiting for a
+ rendezvous circuit to complete. Fixes bug 28992; bugfix
+ on 0.3.2.1-alpha.
+
+ o Testing (CI, backport from 0.4.3.4-rc):
+ - In our Appveyor Windows CI, copy required DLLs to test and app
+ directories, before running tor's tests. This ensures that tor.exe
+ and test*.exe use the correct version of each DLL. This fix is not
+ required, but we hope it will avoid DLL search issues in future.
+ Fixes bug 33673; bugfix on 0.3.4.2-alpha.
+ - On Appveyor, skip the crypto/openssl_version test, which is
+ failing because of a mismatched library installation. Fix
+ for 33643.
+
+
+Changes in version 0.4.3.6 - 2020-07-09
+ Tor 0.4.3.6 backports several bugfixes from later releases, including
+ some affecting usability.
+
+ This release also fixes TROVE-2020-001, a medium-severity denial of
+ service vulnerability affecting all versions of Tor when compiled with
+ the NSS encryption library. (This is not the default configuration.)
+ Using this vulnerability, an attacker could cause an affected Tor
+ instance to crash remotely. This issue is also tracked as CVE-2020-
+ 15572. Anybody running a version of Tor built with the NSS library
+ should upgrade to 0.3.5.11, 0.4.2.8, 0.4.3.6, or 0.4.4.2-alpha
+ or later.
+
+ o Major bugfixes (NSS, security, backport from 0.4.4.2-alpha):
+ - Fix a crash due to an out-of-bound memory access when Tor is
+ compiled with NSS support. Fixes bug 33119; bugfix on
+ 0.3.5.1-alpha. This issue is also tracked as TROVE-2020-001
+ and CVE-2020-15572.
+
+ o Minor bugfix (CI, Windows, backport from 0.4.4.2-alpha):
+ - Use the correct 64-bit printf format when compiling with MINGW on
+ Appveyor. Fixes bug 40026; bugfix on 0.3.5.5-alpha.
+
+ o Minor bugfixes (client performance, backport from 0.4.4.1-alpha):
+ - Resume use of preemptively-built circuits when UseEntryGuards is set
+ to 0. We accidentally disabled this feature with that config
+ setting, leading to slower load times. Fixes bug 34303; bugfix
+ on 0.3.3.2-alpha.
+
+ o Minor bugfixes (compiler warnings, backport from 0.4.4.2-alpha):
+ - Fix a compiler warning on platforms with 32-bit time_t values.
+ Fixes bug 40028; bugfix on 0.3.2.8-rc.
+
+ o Minor bugfixes (linux seccomp sandbox, nss, backport from 0.4.4.1-alpha):
+ - Fix a startup crash when tor is compiled with --enable-nss and
+ sandbox support is enabled. Fixes bug 34130; bugfix on
+ 0.3.5.1-alpha. Patch by Daniel Pinto.
+
+ o Minor bugfixes (logging, backport from 0.4.4.2-alpha):
+ - Downgrade a noisy log message that could occur naturally when
+ receiving an extrainfo document that we no longer want. Fixes bug
+ 16016; bugfix on 0.2.6.3-alpha.
+
+ o Minor bugfixes (manual page, backport from 0.4.4.1-alpha):
+ - Update the man page to reflect that MinUptimeHidServDirectoryV2
+ defaults to 96 hours. Fixes bug 34299; bugfix on 0.2.6.3-alpha.
+
+ o Minor bugfixes (onion service v3, backport from 0.4.4.1-alpha):
+ - Prevent an assert() that would occur when cleaning the client
+ descriptor cache, and attempting to close circuits for a non-
+ decrypted descriptor (lacking client authorization). Fixes bug
+ 33458; bugfix on 0.4.2.1-alpha.
+
+ o Minor bugfixes (portability, backport from 0.4.4.1-alpha):
+ - Fix a portability error in the configure script, where we were
+ using "==" instead of "=". Fixes bug 34233; bugfix on 0.4.3.5.
+
+ o Minor bugfixes (relays, backport from 0.4.4.1-alpha):
+ - Stop advertising incorrect IPv6 ORPorts in relay and bridge
+ descriptors, when the IPv6 port was configured as "auto". Fixes
+ bug 32588; bugfix on 0.2.3.9-alpha.
+
+ o Documentation (backport from 0.4.4.1-alpha):
+ - Fix several doxygen warnings related to imbalanced groups. Closes
+ ticket 34255.
+
+
+Changes in version 0.4.4.2-alpha - 2020-07-09
+ This is the second alpha release in the 0.4.4.x series. It fixes a few
+ bugs in the previous release, and solves a few usability,
+ compatibility, and portability issues.
+
+ This release also fixes TROVE-2020-001, a medium-severity denial of
+ service vulnerability affecting all versions of Tor when compiled with
+ the NSS encryption library. (This is not the default configuration.)
+ Using this vulnerability, an attacker could cause an affected Tor
+ instance to crash remotely. This issue is also tracked as CVE-2020-
+ 15572. Anybody running a version of Tor built with the NSS library
+ should upgrade to 0.3.5.11, 0.4.2.8, 0.4.3.6, or 0.4.4.2-alpha
+ or later.
+
+ o Major bugfixes (NSS, security):
+ - Fix a crash due to an out-of-bound memory access when Tor is
+ compiled with NSS support. Fixes bug 33119; bugfix on
+ 0.3.5.1-alpha. This issue is also tracked as TROVE-2020-001
+ and CVE-2020-15572.
+
+ o Minor features (bootstrap reporting):
+ - Report more detailed reasons for bootstrap failure when the
+ failure happens due to a TLS error. Previously we would just call
+ these errors "MISC" when they happened during read, and "DONE"
+ when they happened during any other TLS operation. Closes
+ ticket 32622.
+
+ o Minor features (directory authority):
+ - Authorities now recommend the protocol versions that are supported
+ by Tor 0.3.5 and later. (Earlier versions of Tor have been
+ deprecated since January of this year.) This recommendation will
+ cause older clients and relays to give a warning on startup, or
+ when they download a consensus directory. Closes ticket 32696.
+
+ o Minor features (entry guards):
+ - Reinstate support for GUARD NEW/UP/DOWN control port events.
+ Closes ticket 40001.
+
+ o Minor features (linux seccomp2 sandbox, portability):
+ - Allow Tor to build on platforms where it doesn't know how to
+ report which syscall caused the linux seccomp2 sandbox to fail.
+ This change should make the sandbox code more portable to less
+ common Linux architectures. Closes ticket 34382.
+ - Permit the unlinkat() syscall, which some Libc implementations use
+ to implement unlink(). Closes ticket 33346.
+
+ o Minor bugfix (CI, Windows):
+ - Use the correct 64-bit printf format when compiling with MINGW on
+ Appveyor. Fixes bug 40026; bugfix on 0.3.5.5-alpha.
+
+ o Minor bugfix (onion service v3 client):
+ - Remove a BUG() warning that could occur naturally. Fixes bug
+ 34087; bugfix on 0.3.2.1-alpha.
+
+ o Minor bugfix (SOCKS, onion service client):
+ - Detect v3 onion service addresses of the wrong length when
+ returning the F6 ExtendedErrors code. Fixes bug 33873; bugfix
+ on 0.4.3.1-alpha.
+
+ o Minor bugfixes (compiler warnings):
+ - Fix a compiler warning on platforms with 32-bit time_t values.
+ Fixes bug 40028; bugfix on 0.3.2.8-rc.
+
+ o Minor bugfixes (control port, onion service):
+ - Consistently use 'address' in "Invalid v3 address" response to
+ ONION_CLIENT_AUTH commands. Previously, we would sometimes say
+ 'addr'. Fixes bug 40005; bugfix on 0.4.3.1-alpha.
+
+ o Minor bugfixes (logging):
+ - Downgrade a noisy log message that could occur naturally when
+ receiving an extrainfo document that we no longer want. Fixes bug
+ 16016; bugfix on 0.2.6.3-alpha.
+
+ o Minor bugfixes (onion services v3):
+ - Avoid a non-fatal assertion failure in certain edge-cases when
+ opening an intro circuit as a client. Fixes bug 34084; bugfix
+ on 0.3.2.1-alpha.
+
+ o Deprecated features (onion service v2):
+ - Add a deprecation warning for version 2 onion services. Closes
+ ticket 40003.
+
+ o Removed features (IPv6, revert):
+ - Revert the change in the default value of ClientPreferIPv6OrPort:
+ it breaks the torsocks use case. The SOCKS resolve command has no
+ mechanism to ask for a specific address family (v4 or v6), and so
+ prioritizing IPv6 when an IPv4 address is requested on the SOCKS
+ interface resulted in a failure. Tor Browser explicitly sets
+ PreferIPv6, so this should not affect the majority of our users.
+ Closes ticket 33796; bugfix on 0.4.4.1-alpha.
+
+
+Changes in version 0.4.4.1-alpha - 2020-06-16
+ This is the first alpha release in the 0.4.4.x series. It improves
+ our guard selection algorithms, improves the amount of code that
+ can be disabled when running without relay support, and includes numerous
+ small bugfixes and enhancements. It also lays the ground for some IPv6
+ features that we'll be developing more in the next (0.4.5) series.
+
+ Here are the changes since 0.4.3.5.
+
+ o Major features (Proposal 310, performance + security):
+ - Implements Proposal 310, "Bandaid on guard selection". Proposal
+ 310 solves load-balancing issues with older versions of the guard
+ selection algorithm, and improves its security. Under this new
+ algorithm, a newly selected guard never becomes Primary unless all
+ previously sampled guards are unreachable. Implements
+ recommendation from 32088. (Proposal 310 is linked to the CLAPS
+ project researching optimal client location-aware path selections.
+ This project is a collaboration between the UCLouvain Crypto Group,
+ the U.S. Naval Research Laboratory, and Princeton University.)
+
+ o Major features (IPv6, relay):
+ - Consider IPv6-only EXTEND2 cells valid on relays. Log a protocol
+ warning if the IPv4 or IPv6 address is an internal address, and
+ internal addresses are not allowed. But continue to use the other
+ address, if it is valid. Closes ticket 33817.
+ - If a relay can extend over IPv4 and IPv6, and both addresses are
+ provided, it chooses between them uniformly at random. Closes
+ ticket 33817.
+ - Re-use existing IPv6 connections for circuit extends. Closes
+ ticket 33817.
+ - Relays may extend circuits over IPv6, if the relay has an IPv6
+ ORPort, and the client supplies the other relay's IPv6 ORPort in
+ the EXTEND2 cell. IPv6 extends will be used by the relay IPv6
+ ORPort self-tests in 33222. Closes ticket 33817.
+
+ o Major features (v3 onion services):
+ - Allow v3 onion services to act as OnionBalance backend instances,
+ by using the HiddenServiceOnionBalanceInstance torrc option.
+ Closes ticket 32709.
+
+ o Minor feature (developer tools):
+ - Add a script to help check the alphabetical ordering of option
+ names in the manual page. Closes ticket 33339.
+
+ o Minor feature (onion service client, SOCKS5):
+ - Add 3 new SocksPort ExtendedErrors (F2, F3, F7) that reports back
+ new type of onion service connection failures. The semantics of
+ these error codes are documented in proposal 309. Closes
+ ticket 32542.
+
+ o Minor feature (onion service v3):
+ - If a service cannot upload its descriptor(s), log why at INFO
+ level. Closes ticket 33400; bugfix on 0.3.2.1-alpha.
+
+ o Minor feature (python scripts):
+ - Stop assuming that /usr/bin/python exists. Instead of using a
+ hardcoded path in scripts that still use Python 2, use
+ /usr/bin/env, similarly to the scripts that use Python 3. Fixes
+ bug 33192; bugfix on 0.4.2.
+
+ o Minor features (client-only compilation):
+ - Disable more code related to the ext_orport protocol when
+ compiling without support for relay mode. Closes ticket 33368.
+ - Disable more of our self-testing code when support for relay mode
+ is disabled. Closes ticket 33370.
+
+ o Minor features (code safety):
+ - Check for failures of tor_inet_ntop() and tor_inet_ntoa()
+ functions in DNS and IP address processing code, and adjust
+ codepaths to make them less likely to crash entire Tor instances.
+ Resolves issue 33788.
+
+ o Minor features (compilation size):
+ - Most server-side DNS code is now disabled when building without
+ support for relay mode. Closes ticket 33366.
+
+ o Minor features (continuous integration):
+ - Run unit-test and integration test (Stem, Chutney) jobs with
+ ALL_BUGS_ARE_FATAL macro being enabled on Travis and Appveyor.
+ Resolves ticket 32143.
+
+ o Minor features (control port):
+ - Return a descriptive error message from the 'GETINFO status/fresh-
+ relay-descs' command on the control port. Previously, we returned
+ a generic error of "Error generating descriptor". Closes ticket
+ 32873. Patch by Neel Chauhan.
+
+ o Minor features (developer tooling):
+ - Refrain from listing all .a files that are generated by the Tor
+ build in .gitignore. Add a single wildcard *.a entry that covers
+ all of them for present and future. Closes ticket 33642.
+ - Add a script ("git-install-tools.sh") to install git hooks and
+ helper scripts. Closes ticket 33451.
+
+ o Minor features (directory authority, shared random):
+ - Refactor more authority-only parts of the shared-random scheduling
+ code to reside in the dirauth module, and to be disabled when
+ compiling with --disable-module-dirauth. Closes ticket 33436.
+
+ o Minor features (directory):
+ - Remember the number of bytes we have downloaded for each directory
+ purpose while bootstrapping, and while fully bootstrapped. Log
+ this information as part of the heartbeat message. Closes
+ ticket 32720.
+
+ o Minor features (IPv6 support):
+ - Adds IPv6 support to tor_addr_is_valid(). Adds tests for the above
+ changes and tor_addr_is_null(). Closes ticket 33679. Patch
+ by MrSquanchee.
+ - Allow clients and relays to send dual-stack and IPv6-only EXTEND2
+ cells. Parse dual-stack and IPv6-only EXTEND2 cells on relays.
+ Closes ticket 33901.
+
+ o Minor features (logging):
+ - When trying to find our own address, add debug-level logging to
+ report the sources of candidate addresses. Closes ticket 32888.
+
+ o Minor features (testing, architecture):
+ - Our test scripts now double-check that subsystem initialization
+ order is consistent with the inter-module dependencies established
+ by our .may_include files. Implements ticket 31634.
+ - Initialize all subsystems at the beginning of our unit test
+ harness, to avoid crashes due to uninitialized subsystems. Follow-
+ up from ticket 33316.
+
+ o Minor features (v3 onion services):
+ - Add v3 onion service status to the dumpstats() call which is
+ triggered by a SIGUSR1 signal. Previously, we only did v2 onion
+ services. Closes ticket 24844. Patch by Neel Chauhan.
+
+ o Minor features (windows):
+ - Add support for console control signals like Ctrl+C in Windows.
+ Closes ticket 34211. Patch from Damon Harris (TheDcoder).
+
+ o Minor bugfix (onion service v3):
+ - Prevent an assert() that would occur when cleaning the client
+ descriptor cache, and attempting to close circuits for a non-
+ decrypted descriptor (lacking client authorization). Fixes bug
+ 33458; bugfix on 0.4.2.1-alpha.
+
+ o Minor bugfix (refactoring):
+ - Lift circuit_build_times_disabled() out of the
+ circuit_expire_building() loop, to save CPU time when there are
+ many circuits open. Fixes bug 33977; bugfix on 0.3.5.9.
+
+ o Minor bugfixes (client performance):
+ - Resume use of preemptively-built circuits when UseEntryGuards is set
+ to 0. We accidentally disabled this feature with that config
+ setting, leading to slower load times. Fixes bug 34303; bugfix
+ on 0.3.3.2-alpha.
+
+ o Minor bugfixes (directory authorities):
+ - Directory authorities now reject votes that arrive too late. In
+ particular, once an authority has started fetching missing votes,
+ it no longer accepts new votes posted by other authorities. This
+ change helps prevent a consensus split, where only some authorities
+ have the late vote. Fixes bug 4631; bugfix on 0.2.0.5-alpha.
+
+ o Minor bugfixes (git scripts):
+ - Stop executing the checked-out pre-commit hook from the pre-push
+ hook. Instead, execute the copy in the user's git directory. Fixes
+ bug 33284; bugfix on 0.4.1.1-alpha.
+
+ o Minor bugfixes (initialization):
+ - Initialize the subsystems in our code in an order more closely
+ corresponding to their dependencies, so that every system is
+ initialized before the ones that (theoretically) depend on it.
+ Fixes bug 33316; bugfix on 0.4.0.1-alpha.
+
+ o Minor bugfixes (IPv4, relay):
+ - Check for invalid zero IPv4 addresses and ports when sending and
+ receiving extend cells. Fixes bug 33900; bugfix on 0.2.4.8-alpha.
+
+ o Minor bugfixes (IPv6, relay):
+ - Consider IPv6 addresses when checking if a connection is
+ canonical. In 17604, relays assumed that a remote relay could
+ consider an IPv6 connection canonical, but did not set the
+ canonical flag on their side of the connection. Fixes bug 33899;
+ bugfix on 0.3.1.1-alpha.
+ - Log IPv6 addresses on connections where this relay is the
+ responder. Previously, responding relays would replace the remote
+ IPv6 address with the IPv4 address from the consensus. Fixes bug
+ 33899; bugfix on 0.3.1.1-alpha.
+
+ o Minor bugfixes (linux seccomp sandbox nss):
+ - Fix a startup crash when tor is compiled with --enable-nss and
+ sandbox support is enabled. Fixes bug 34130; bugfix on
+ 0.3.5.1-alpha. Patch by Daniel Pinto.
+
+ o Minor bugfixes (logging, testing):
+ - Make all of tor's assertion macros support the ALL_BUGS_ARE_FATAL
+ and DISABLE_ASSERTS_IN_UNIT_TESTS debugging modes. (IF_BUG_ONCE()
+ used to log a non-fatal warning, regardless of the debugging
+ mode.) Fixes bug 33917; bugfix on 0.2.9.1-alpha.
+
+ o Minor bugfixes (logs):
+ - Remove surprising empty line in the INFO-level log about circuit
+ build timeout. Fixes bug 33531; bugfix on 0.3.3.1-alpha.
+
+ o Minor bugfixes (mainloop):
+ - Better guard against growing a buffer past its maximum 2GB in
+ size. Fixes bug 33131; bugfix on 0.3.0.4-rc.
+
+ o Minor bugfixes (manual page):
+ - Update the man page to reflect that MinUptimeHidServDirectoryV2
+ defaults to 96 hours. Fixes bug 34299; bugfix on 0.2.6.3-alpha.
+
+ o Minor bugfixes (onion service v3, client):
+ - Remove a BUG() that was causing a stacktrace when a descriptor
+ changed at an unexpected time. Fixes bug 28992; bugfix
+ on 0.3.2.1-alpha.
+
+ o Minor bugfixes (onion service, logging):
+ - Fix a typo in a log message PublishHidServDescriptors is set to 0.
+ Fixes bug 33779; bugfix on 0.3.2.1-alpha.
+
+ o Minor bugfixes (portability):
+ - Fix a portability error in the configure script, where we were
+ using "==" instead of "=". Fixes bug 34233; bugfix on 0.4.3.5.
+
+ o Minor bugfixes (protocol versions):
+ - Sort tor's supported protocol version lists, as recommended by the
+ tor directory specification. Fixes bug 33285; bugfix
+ on 0.4.0.1-alpha.
+
+ o Minor bugfixes (relays):
+ - Stop advertising incorrect IPv6 ORPorts in relay and bridge
+ descriptors, when the IPv6 port was configured as "auto". Fixes
+ bug 32588; bugfix on 0.2.3.9-alpha.
+
+ o Code simplification and refactoring:
+ - Define and use a new constant TOR_ADDRPORT_BUF_LEN which is like
+ TOR_ADDR_BUF_LEN but includes enough space for an IP address,
+ brackets, separating colon, and port number. Closes ticket 33956.
+ Patch by Neel Chauhan.
+ - Merge the orconn and ocirc events into the "core" subsystem, which
+ manages or connections and origin circuits. Previously they were
+ isolated in subsystems of their own.
+ - Move LOG_PROTOCOL_WARN to app/config. Resolves a dependency
+ inversion. Closes ticket 33633.
+ - Move the circuit extend code to the relay module. Split the
+ circuit extend function into smaller functions. Closes
+ ticket 33633.
+ - Rewrite port_parse_config() to use the default port flags from
+ port_cfg_new(). Closes ticket 32994. Patch by MrSquanchee.
+ - Updated comments in 'scheduler.c' to reflect old code changes, and
+ simplified the scheduler channel state change code. Closes
+ ticket 33349.
+
+ o Documentation:
+ - Document the limitations of using %include on config files with
+ seccomp sandbox enabled. Fixes documentation bug 34133; bugfix on
+ 0.3.1.1-alpha. Patch by Daniel Pinto.
+ - Fix several doxygen warnings related to imbalanced groups. Closes
+ ticket 34255.
+
+ o Removed features:
+ - Remove the ClientAutoIPv6ORPort option. This option attempted to
+ randomly choose between IPv4 and IPv6 for client connections, and
+ wasn't a true implementation of Happy Eyeballs. Often, this option
+ failed on IPv4-only or IPv6-only connections. Closes ticket 32905.
+ Patch by Neel Chauhan.
+ - Stop shipping contrib/dist/rc.subr file, as it is not being used
+ on FreeBSD anymore. Closes issue 31576.
+
+ o Testing:
+ - Add a basic IPv6 test to "make test-network". This test only runs
+ when the local machine has an IPv6 stack. Closes ticket 33300.
+ - Add test-network-ipv4 and test-network-ipv6 jobs to the Makefile.
+ These jobs run the IPv4-only and dual-stack chutney flavours from
+ test-network-all. Closes ticket 33280.
+ - Remove a redundant distcheck job. Closes ticket 33194.
+ - Run the test-network-ipv6 Makefile target in the Travis CI IPv6
+ chutney job. This job runs on macOS, so it's a bit slow. Closes
+ ticket 33303.
+ - Sort the Travis jobs in order of speed. Putting the slowest jobs
+ first takes full advantage of Travis job concurrency. Closes
+ ticket 33194.
+ - Stop allowing the Chutney IPv6 Travis job to fail. This job was
+ previously configured to fast_finish (which requires
+ allow_failure), to speed up the build. Closes ticket 33195.
+ - Test v3 onion services to tor's mixed IPv4 chutney network. And
+ add a mixed IPv6 chutney network. These networks are used in the
+ test-network-all, test-network-ipv4, and test-network-ipv6 make
+ targets. Closes ticket 33334.
+ - Use the "bridges+hs-v23" chutney network flavour in "make test-
+ network". This test requires a recent version of chutney (mid-
+ February 2020). Closes ticket 28208.
+ - When a Travis chutney job fails, use chutney's new "diagnostics.sh"
+ tool to produce detailed diagnostic output. Closes ticket 32792.
+
+ o Code simplification and refactoring (onion service):
+ - Refactor configuration parsing to use the new config subsystem
+ code. Closes ticket 33014.
+
+ o Code simplification and refactoring (relay address):
+ - Move a series of functions related to address resolving into their
+ own files. Closes ticket 33789.
+
+ o Documentation (manual page):
+ - Add cross reference links and a table of contents to the HTML tor
+ manual page. Closes ticket 33369. Work by Swati Thacker as part of
+ Google Season of Docs.
+ - Alphabetize the Denial of Service Mitigation Options, Directory
+ Authority Server Options, Hidden Service Options, and Testing
+ Network Options sections of the tor(1) manual page. Closes ticket
+ 33275. Work by Swati Thacker as part of Google Season of Docs.
+ - Refrain from mentioning nicknames in manpage section for MyFamily
+ torrc option. Resolves issue 33417.
+ - Updated the options set by TestingTorNetwork in the manual page.
+ Closes ticket 33778.
+
+
Changes in version 0.4.3.5 - 2020-05-15
Tor 0.4.3.5 is the first stable release in the 0.4.3.x series. This
series adds support for building without relay code enabled, and
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion