diff options
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 4730 |
1 files changed, 4723 insertions, 7 deletions
@@ -1,3 +1,4718 @@ +Changes in version 0.3.2.1-alpha - 2017-09-18 + Tor 0.3.2.1-alpha is the first release in the 0.3.2.x series. It + includes support for our next-generation ("v3") onion service + protocol, and adds a new circuit scheduler for more responsive + forwarding decisions from relays. There are also numerous other small + features and bugfixes here. + + Below are the changes since Tor 0.3.1.7. + + o Major feature (scheduler, channel): + - Tor now uses new schedulers to decide which circuits should + deliver cells first, in order to improve congestion at relays. The + first type is called "KIST" ("Kernel Informed Socket Transport"), + and is only available on Linux-like systems: it uses feedback from + the kernel to prevent the kernel's TCP buffers from growing too + full. The second new scheduler type is called "KISTLite": it + behaves the same as KIST, but runs on systems without kernel + support for inspecting TCP implementation details. The old + scheduler is still available, under the name "Vanilla". To change + the default scheduler preference order, use the new "Schedulers" + option. (The default preference order is "KIST,KISTLite,Vanilla".) + + Matt Traudt implemented KIST, based on research by Rob Jansen, + John Geddes, Christ Wacek, Micah Sherr, and Paul Syverson. For + more information, see the design paper at + http://www.robgjansen.com/publications/kist-sec2014.pdf and the + followup implementation paper at https://arxiv.org/abs/1709.01044. + Closes ticket 12541. + + o Major features (next-generation onion services): + - Tor now supports the next-generation onion services protocol for + clients and services! As part of this release, the core of + proposal 224 has been implemented and is available for + experimentation and testing by our users. This newer version of + onion services ("v3") features many improvements over the legacy + system, including: + + a) Better crypto (replaced SHA1/DH/RSA1024 + with SHA3/ed25519/curve25519) + + b) Improved directory protocol, leaking much less information to + directory servers. + + c) Improved directory protocol, with smaller surface for + targeted attacks. + + d) Better onion address security against impersonation. + + e) More extensible introduction/rendezvous protocol. + + f) A cleaner and more modular codebase. + + You can identify a next-generation onion address by its length: + they are 56 characters long, as in + "4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad.onion". + + In the future, we will release more options and features for v3 + onion services, but we first need a testing period, so that the + current codebase matures and becomes more robust. Planned features + include: offline keys, advanced client authorization, improved + guard algorithms, and statistics. For full details, see + proposal 224. + + Legacy ("v2") onion services will still work for the foreseeable + future, and will remain the default until this new codebase gets + tested and hardened. Service operators who want to experiment with + the new system can use the 'HiddenServiceVersion 3' torrc + directive along with the regular onion service configuration + options. We will publish a blog post about this new feature + soon! Enjoy! + + o Major bugfixes (usability, control port): + - Report trusted clock skew indications as bootstrap errors, so + controllers can more easily alert users when their clocks are + wrong. Fixes bug 23506; bugfix on 0.1.2.6-alpha. + + o Minor features (bug detection): + - Log a warning message with a stack trace for any attempt to call + get_options() during option validation. This pattern has caused + subtle bugs in the past. Closes ticket 22281. + + o Minor features (client): + - You can now use Tor as a tunneled HTTP proxy: use the new + HTTPTunnelPort option to open a port that accepts HTTP CONNECT + requests. Closes ticket 22407. + - Add an extra check to make sure that we always use the newer guard + selection code for picking our guards. Closes ticket 22779. + - When downloading (micro)descriptors, don't split the list into + multiple requests unless we want at least 32 descriptors. + Previously, we split at 4, not 32, which led to significant + overhead in HTTP request size and degradation in compression + performance. Closes ticket 23220. + + o Minor features (command line): + - Add a new commandline option, --key-expiration, which prints when + the current signing key is going to expire. Implements ticket + 17639; patch by Isis Lovecruft. + + o Minor features (control port): + - If an application tries to use the control port as an HTTP proxy, + respond with a meaningful "This is the Tor control port" message, + and log the event. Closes ticket 1667. Patch from Ravi + Chandra Padmala. + - Provide better error message for GETINFO desc/(id|name) when not + fetching router descriptors. Closes ticket 5847. Patch by + Kevin Butler. + - Add GETINFO "{desc,md}/download-enabled", to inform the controller + whether Tor will try to download router descriptors and + microdescriptors respectively. Closes ticket 22684. + - Added new GETINFO targets "ip-to-country/{ipv4,ipv6}-available", + so controllers can tell whether the geoip databases are loaded. + Closes ticket 23237. + - Adds a timestamp field to the CIRC_BW and STREAM_BW bandwidth + events. Closes ticket 19254. Patch by "DonnchaC". + + o Minor features (development support): + - Developers can now generate a call-graph for Tor using the + "calltool" python program, which post-processes object dumps. It + should work okay on many Linux and OSX platforms, and might work + elsewhere too. To run it, install calltool from + https://gitweb.torproject.org/user/nickm/calltool.git and run + "make callgraph". Closes ticket 19307. + + o Minor features (ed25519): + - Add validation function to checks for torsion components in + ed25519 public keys, used by prop224 client-side code. Closes + ticket 22006. Math help by Ian Goldberg. + + o Minor features (exit relay, DNS): + - Improve the clarity and safety of the log message from evdns when + receiving an apparently spoofed DNS reply. Closes ticket 3056. + + o Minor features (integration, hardening): + - Add a new NoExec option to prevent Tor from running other + programs. When this option is set to 1, Tor will never try to run + another program, regardless of the settings of + PortForwardingHelper, ClientTransportPlugin, or + ServerTransportPlugin. Once NoExec is set, it cannot be disabled + without restarting Tor. Closes ticket 22976. + + o Minor features (logging): + - Improve the warning message for specifying a relay by nickname. + The previous message implied that nickname registration was still + part of the Tor network design, which it isn't. Closes + ticket 20488. + - If the sandbox filter fails to load, suggest to the user that + their kernel might not support seccomp2. Closes ticket 23090. + + o Minor features (portability): + - Check at configure time whether uint8_t is the same type as + unsigned char. Lots of existing code already makes this + assumption, and there could be strict aliasing issues if the + assumption is violated. Closes ticket 22410. + + o Minor features (relay, configuration): + - Reject attempts to use relative file paths when RunAsDaemon is + set. Previously, Tor would accept these, but the directory- + changing step of RunAsDaemon would give strange and/or confusing + results. Closes ticket 22731. + + o Minor features (startup, safety): + - When configured to write a PID file, Tor now exits if it is unable + to do so. Previously, it would warn and continue. Closes + ticket 20119. + + o Minor features (static analysis): + - The BUG() macro has been changed slightly so that Coverity no + longer complains about dead code if the bug is impossible. Closes + ticket 23054. + + o Minor features (testing): + - The default chutney network tests now include tests for the v3 + hidden service design. Make sure you have the latest version of + chutney if you want to run these. Closes ticket 22437. + - Add a unit test to verify that we can parse a hardcoded v2 hidden + service descriptor. Closes ticket 15554. + + o Minor bugfixes (certificate handling): + - Fix a time handling bug in Tor certificates set to expire after + the year 2106. Fixes bug 23055; bugfix on 0.3.0.1-alpha. Found by + Coverity as CID 1415728. + + o Minor bugfixes (client, usability): + - Refrain from needlessly rejecting SOCKS5-with-hostnames and + SOCKS4a requests that contain IP address strings, even when + SafeSocks in enabled, as this prevents user from connecting to + known IP addresses without relying on DNS for resolving. SafeSocks + still rejects SOCKS connections that connect to IP addresses when + those addresses are _not_ encoded as hostnames. Fixes bug 22461; + bugfix on Tor 0.2.6.2-alpha. + + o Minor bugfixes (code correctness): + - Call htons() in extend_cell_format() for encoding a 16-bit value. + Previously we used ntohs(), which happens to behave the same on + all the platforms we support, but which isn't really correct. + Fixes bug 23106; bugfix on 0.2.4.8-alpha. + - For defense-in-depth, make the controller's write_escaped_data() + function robust to extremely long inputs. Fixes bug 19281; bugfix + on 0.1.1.1-alpha. Reported by Guido Vranken. + + o Minor bugfixes (compilation): + - Fix unused-variable warnings in donna's Curve25519 SSE2 code. + Fixes bug 22895; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (consensus expiry): + - Check for adequate directory information correctly. Previously, Tor + would reconsider whether it had sufficient directory information + every 2 minutes. Fixes bug 23091; bugfix on 0.2.0.19-alpha. + + o Minor bugfixes (directory protocol): + - Directory servers now include a "Date:" http header for response + codes other than 200. Clients starting with a skewed clock and a + recent consensus were getting "304 Not modified" responses from + directory authorities, so without the Date header, the client + would never hear about a wrong clock. Fixes bug 23499; bugfix + on 0.0.8rc1. + - Make clients wait for 6 seconds before trying to download a + consensus from an authority. Fixes bug 17750; bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (DoS-resistance): + - If future code asks if there are any running bridges, without + checking if bridges are enabled, log a BUG warning rather than + crashing. Fixes bug 23524; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (format strictness): + - Restrict several data formats to decimal. Previously, the + BuildTimeHistogram entries in the state file, the "bw=" entries in + the bandwidth authority file, and the process IDs passed to the + __OwningControllerProcess option could all be specified in hex or + octal as well as in decimal. This was not an intentional feature. + Fixes bug 22802; bugfixes on 0.2.2.1-alpha, 0.2.2.2-alpha, + and 0.2.2.28-beta. + + o Minor bugfixes (heartbeat): + - If we fail to write a heartbeat message, schedule a retry for the + minimum heartbeat interval number of seconds in the future. Fixes + bug 19476; bugfix on 0.2.3.1-alpha. + + o Minor bugfixes (linux seccomp2 sandbox, logging): + - Fix some messages on unexpected errors from the seccomp2 library. + Fixes bug 22750; bugfix on 0.2.5.1-alpha. Patch from "cypherpunks". + + o Minor bugfixes (logging): + - Remove duplicate log messages regarding opening non-local + SocksPorts upon parsing config and opening listeners at startup. + Fixes bug 4019; bugfix on 0.2.3.3-alpha. + - Use a more comprehensible log message when telling the user + they've excluded every running exit node. Fixes bug 7890; bugfix + on 0.2.2.25-alpha. + - When logging the number of descriptors we intend to download per + directory request, do not log a number higher than then the number + of descriptors we're fetching in total. Fixes bug 19648; bugfix + on 0.1.1.8-alpha. + - When warning about a directory owned by the wrong user, log the + actual name of the user owning the directory. Previously, we'd log + the name of the process owner twice. Fixes bug 23487; bugfix + on 0.2.9.1-alpha. + - The tor specification says hop counts are 1-based, so fix two log + messages that mistakenly logged 0-based hop counts. Fixes bug + 18982; bugfix on 0.2.6.2-alpha and 0.2.4.5-alpha. Patch by teor. + Credit to Xiaofan Li for reporting this issue. + + o Minor bugfixes (portability): + - Stop using the PATH_MAX variable, which is not defined on GNU + Hurd. Fixes bug 23098; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (relay): + - When uploading our descriptor for the first time after startup, + report the reason for uploading as "Tor just started" rather than + leaving it blank. Fixes bug 22885; bugfix on 0.2.3.4-alpha. + - Avoid unnecessary calls to directory_fetches_from_authorities() on + relays, to prevent spurious address resolutions and descriptor + rebuilds. This is a mitigation for bug 21789. Fixes bug 23470; + bugfix on in 0.2.8.1-alpha. + + o Minor bugfixes (tests): + - Fix a broken unit test for the OutboundAddress option: the parsing + function was never returning an error on failure. Fixes bug 23366; + bugfix on 0.3.0.3-alpha. + - Fix a signed-integer overflow in the unit tests for + dir/download_status_random_backoff, which was untriggered until we + fixed bug 17750. Fixes bug 22924; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (usability, control port): + - Stop making an unnecessary routerlist check in NETINFO clock skew + detection; this was preventing clients from reporting NETINFO clock + skew to controllers. Fixes bug 23532; bugfix on 0.2.4.4-alpha. + + o Code simplification and refactoring: + - Extract the code for handling newly-open channels into a separate + function from the general code to handle channel state + transitions. This change simplifies our callgraph, reducing the + size of the largest strongly connected component by roughly a + factor of two. Closes ticket 22608. + - Remove dead code for largely unused statistics on the number of + times we've attempted various public key operations. Fixes bug + 19871; bugfix on 0.1.2.4-alpha. Fix by Isis Lovecruft. + - Remove several now-obsolete functions for asking about old + variants directory authority status. Closes ticket 22311; patch + from "huyvq". + - Remove some of the code that once supported "Named" and "Unnamed" + routers. Authorities no longer vote for these flags. Closes + ticket 22215. + - Rename the obsolete malleable hybrid_encrypt functions used in TAP + and old hidden services, to indicate that they aren't suitable for + new protocols or formats. Closes ticket 23026. + - Replace our STRUCT_OFFSET() macro with offsetof(). Closes ticket + 22521. Patch from Neel Chauhan. + - Split the enormous circuit_send_next_onion_skin() function into + multiple subfunctions. Closes ticket 22804. + - Split the portions of the buffer.c module that handle particular + protocols into separate modules. Part of ticket 23149. + - Use our test macros more consistently, to produce more useful + error messages when our unit tests fail. Add coccinelle patches to + allow us to re-check for test macro uses. Closes ticket 22497. + + o Deprecated features: + - Deprecate HTTPProxy/HTTPProxyAuthenticator config options. They + only applies to direct unencrypted HTTP connections to your + directory server, which your Tor probably isn't using. Closes + ticket 20575. + + o Documentation: + - Clarify in the manual that "Sandbox 1" is only supported on Linux + kernels. Closes ticket 22677. + - Document all values of PublishServerDescriptor in the manpage. + Closes ticket 15645. + - Improve the documentation for the directory port part of the + DirAuthority line. Closes ticket 20152. + - Restore documentation for the authorities' "approved-routers" + file. Closes ticket 21148. + + o Removed features: + - The AllowDotExit option has been removed as unsafe. It has been + deprecated since 0.2.9.2-alpha. Closes ticket 23426. + - The ClientDNSRejectInternalAddresses flag can no longer be set on + non-testing networks. It has been deprecated since 0.2.9.2-alpha. + Closes ticket 21031. + - The controller API no longer includes an AUTHDIR_NEWDESCS event: + nobody was using it any longer. Closes ticket 22377. + + +Changes in version 0.2.8.15 - 2017-09-18 + Tor 0.2.8.15 backports a collection of bugfixes from later + Tor series. + + Most significantly, it includes a fix for TROVE-2017-008, a + security bug that affects hidden services running with the + SafeLogging option disabled. For more information, see + https://trac.torproject.org/projects/tor/ticket/23490 + + Note that Tor 0.2.8.x will no longer be supported after 1 Jan + 2018. We suggest that you upgrade to the latest stable release if + possible. If you can't, we recommend that you upgrade at least to + 0.2.9, which will be supported until 2020. + + o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha): + - Avoid an assertion failure bug affecting our implementation of + inet_pton(AF_INET6) on certain OpenBSD systems whose strtol() + handling of "0xx" differs from what we had expected. Fixes bug + 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007. + + o Minor features: + - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha): + - Backport a fix for an "unused variable" warning that appeared + in some versions of mingw. Fixes bug 22838; bugfix on + 0.2.8.1-alpha. + + o Minor bugfixes (defensive programming, undefined behavior, backport from 0.3.1.4-alpha): + - Fix a memset() off the end of an array when packing cells. This + bug should be harmless in practice, since the corrupted bytes are + still in the same structure, and are always padding bytes, + ignored, or immediately overwritten, depending on compiler + behavior. Nevertheless, because the memset()'s purpose is to make + sure that any other cell-handling bugs can't expose bytes to the + network, we need to fix it. Fixes bug 22737; bugfix on + 0.2.4.11-alpha. Fixes CID 1401591. + + o Build features (backport from 0.3.1.5-alpha): + - Tor's repository now includes a Travis Continuous Integration (CI) + configuration file (.travis.yml). This is meant to help new + developers and contributors who fork Tor to a Github repository be + better able to test their changes, and understand what we expect + to pass. To use this new build feature, you must fork Tor to your + Github account, then go into the "Integrations" menu in the + repository settings for your fork and enable Travis, then push + your changes. Closes ticket 22636. + + +Changes in version 0.2.9.12 - 2017-09-18 + Tor 0.2.9.12 backports a collection of bugfixes from later + Tor series. + + Most significantly, it includes a fix for TROVE-2017-008, a + security bug that affects hidden services running with the + SafeLogging option disabled. For more information, see + https://trac.torproject.org/projects/tor/ticket/23490 + + o Major features (security, backport from 0.3.0.2-alpha): + - Change the algorithm used to decide DNS TTLs on client and server + side, to better resist DNS-based correlation attacks like the + DefecTor attack of Greschbach, Pulls, Roberts, Winter, and + Feamster. Now relays only return one of two possible DNS TTL + values, and clients are willing to believe DNS TTL values up to 3 + hours long. Closes ticket 19769. + + o Major bugfixes (crash, directory connections, backport from 0.3.0.5-rc): + - Fix a rare crash when sending a begin cell on a circuit whose + linked directory connection had already been closed. Fixes bug + 21576; bugfix on 0.2.9.3-alpha. Reported by Alec Muffett. + + o Major bugfixes (DNS, backport from 0.3.0.2-alpha): + - Fix a bug that prevented exit nodes from caching DNS records for + more than 60 seconds. Fixes bug 19025; bugfix on 0.2.4.7-alpha. + + o Major bugfixes (linux TPROXY support, backport from 0.3.1.1-alpha): + - Fix a typo that had prevented TPROXY-based transparent proxying + from working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha. + Patch from "d4fq0fQAgoJ". + + o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha): + - Avoid an assertion failure bug affecting our implementation of + inet_pton(AF_INET6) on certain OpenBSD systems whose strtol() + handling of "0xx" differs from what we had expected. Fixes bug + 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007. + + o Minor features (code style, backport from 0.3.1.3-alpha): + - Add "Falls through" comments to our codebase, in order to silence + GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas + Stieger. Closes ticket 22446. + + o Minor features (geoip): + - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (bandwidth accounting, backport from 0.3.1.1-alpha): + - Roll over monthly accounting at the configured hour and minute, + rather than always at 00:00. Fixes bug 22245; bugfix on 0.0.9rc1. + Found by Andrey Karpov with PVS-Studio. + + o Minor bugfixes (compilation, backport from 0.3.1.5-alpha): + - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915; + bugfix on 0.2.8.1-alpha. + - Fix warnings when building with libscrypt and openssl scrypt support + on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha. + - When building with certain versions the mingw C header files, avoid + float-conversion warnings when calling the C functions isfinite(), + isnan(), and signbit(). Fixes bug 22801; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (compilation, backport from 0.3.1.7): + - Avoid compiler warnings in the unit tests for running tor_sscanf() + with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha. + + o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha): + - Backport a fix for an "unused variable" warning that appeared + in some versions of mingw. Fixes bug 22838; bugfix on + 0.2.8.1-alpha. + + o Minor bugfixes (controller, backport from 0.3.1.7): + - Do not crash when receiving a HSPOST command with an empty body. + Fixes part of bug 22644; bugfix on 0.2.7.1-alpha. + - Do not crash when receiving a POSTDESCRIPTOR command with an + empty body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha. + + o Minor bugfixes (coverity build support, backport from 0.3.1.5-alpha): + - Avoid Coverity build warnings related to our BUG() macro. By + default, Coverity treats BUG() as the Linux kernel does: an + instant abort(). We need to override that so our BUG() macro + doesn't prevent Coverity from analyzing functions that use it. + Fixes bug 23030; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (defensive programming, undefined behavior, backport from 0.3.1.4-alpha): + - Fix a memset() off the end of an array when packing cells. This + bug should be harmless in practice, since the corrupted bytes are + still in the same structure, and are always padding bytes, + ignored, or immediately overwritten, depending on compiler + behavior. Nevertheless, because the memset()'s purpose is to make + sure that any other cell-handling bugs can't expose bytes to the + network, we need to fix it. Fixes bug 22737; bugfix on + 0.2.4.11-alpha. Fixes CID 1401591. + + o Minor bugfixes (file limits, osx, backport from 0.3.1.5-alpha): + - When setting the maximum number of connections allowed by the OS, + always allow some extra file descriptors for other files. Fixes + bug 22797; bugfix on 0.2.0.10-alpha. + + o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.5-alpha): + - Avoid a sandbox failure when trying to re-bind to a socket and + mark it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha. + + o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.4-alpha): + - Permit the fchmod system call, to avoid crashing on startup when + starting with the seccomp2 sandbox and an unexpected set of + permissions on the data directory or its contents. Fixes bug + 22516; bugfix on 0.2.5.4-alpha. + + o Minor bugfixes (relay, backport from 0.3.0.5-rc): + - Avoid a double-marked-circuit warning that could happen when we + receive DESTROY cells under heavy load. Fixes bug 20059; bugfix + on 0.1.0.1-rc. + + o Minor bugfixes (voting consistency, backport from 0.3.1.1-alpha): + - Reject version numbers with non-numeric prefixes (such as +, -, or + whitespace). Disallowing whitespace prevents differential version + parsing between POSIX-based and Windows platforms. Fixes bug 21507 + and part of 21508; bugfix on 0.0.8pre1. + + o Build features (backport from 0.3.1.5-alpha): + - Tor's repository now includes a Travis Continuous Integration (CI) + configuration file (.travis.yml). This is meant to help new + developers and contributors who fork Tor to a Github repository be + better able to test their changes, and understand what we expect + to pass. To use this new build feature, you must fork Tor to your + Github account, then go into the "Integrations" menu in the + repository settings for your fork and enable Travis, then push + your changes. Closes ticket 22636. + + +Changes in version 0.3.0.11 - 2017-09-18 + Tor 0.3.0.11 backports a collection of bugfixes from Tor the 0.3.1 + series. + + Most significantly, it includes a fix for TROVE-2017-008, a + security bug that affects hidden services running with the + SafeLogging option disabled. For more information, see + https://trac.torproject.org/projects/tor/ticket/23490 + + o Minor features (code style, backport from 0.3.1.7): + - Add "Falls through" comments to our codebase, in order to silence + GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas + Stieger. Closes ticket 22446. + + o Minor features: + - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation, backport from 0.3.1.7): + - Avoid compiler warnings in the unit tests for calling tor_sscanf() + with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha. + + o Minor bugfixes (controller, backport from 0.3.1.7): + - Do not crash when receiving a HSPOST command with an empty body. + Fixes part of bug 22644; bugfix on 0.2.7.1-alpha. + - Do not crash when receiving a POSTDESCRIPTOR command with an empty + body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha. + + o Minor bugfixes (file limits, osx, backport from 0.3.1.5-alpha): + - When setting the maximum number of connections allowed by the OS, + always allow some extra file descriptors for other files. Fixes + bug 22797; bugfix on 0.2.0.10-alpha. + + o Minor bugfixes (logging, relay, backport from 0.3.1.6-rc): + - Remove a forgotten debugging message when an introduction point + successfully establishes a hidden service prop224 circuit with + a client. + - Change three other log_warn() for an introduction point to + protocol warnings, because they can be failure from the network + and are not relevant to the operator. Fixes bug 23078; bugfix on + 0.3.0.1-alpha and 0.3.0.2-alpha. + + +Changes in version 0.3.1.7 - 2017-09-18 + Tor 0.3.1.7 is the first stable release in the 0.3.1 series. + + With the 0.3.1 series, Tor now serves and downloads directory + information in more compact formats, to save on bandwidth overhead. It + also contains a new padding system to resist netflow-based traffic + analysis, and experimental support for building parts of Tor in Rust + (though no parts of Tor are in Rust yet). There are also numerous + small features, bugfixes on earlier release series, and groundwork for + the hidden services revamp of 0.3.2. + + This release also includes a fix for TROVE-2017-008, a security bug + that affects hidden services running with the SafeLogging option + disabled. For more information, see + https://trac.torproject.org/projects/tor/ticket/23490 + + Per our stable release policy, we plan to support each stable release + series for at least the next nine months, or for three months after + the first stable release of the next series: whichever is longer. If + you need a release with long-term support, we recommend that you stay + with the 0.2.9 series. + + Below is a list of the changes since 0.3.1.6-rc. For a list of all + changes since 0.3.0, see the ReleaseNotes file. + + o Major bugfixes (security, hidden services, loggging): + - Fix a bug where we could log uninitialized stack when a certain + hidden service error occurred while SafeLogging was disabled. + Fixes bug #23490; bugfix on 0.2.7.2-alpha. This is also tracked as + TROVE-2017-008 and CVE-2017-0380. + + o Minor features (defensive programming): + - Create a pair of consensus parameters, nf_pad_tor2web and + nf_pad_single_onion, to disable netflow padding in the consensus + for non-anonymous connections in case the overhead is high. Closes + ticket 17857. + + o Minor features (diagnostic): + - Add a stack trace to the bug warnings that can be logged when + trying to send an outgoing relay cell with n_chan == 0. Diagnostic + attempt for bug 23105. + + o Minor features (geoip): + - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation): + - Avoid compiler warnings in the unit tests for calling tor_sscanf() + with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha. + + o Minor bugfixes (controller): + - Do not crash when receiving a HSPOST command with an empty body. + Fixes part of bug 22644; bugfix on 0.2.7.1-alpha. + - Do not crash when receiving a POSTDESCRIPTOR command with an empty + body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha. + + o Minor bugfixes (relay): + - Inform the geoip and rephist modules about all requests, even on + relays that are only fetching microdescriptors. Fixes a bug + related to 21585; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (unit tests): + - Fix a channelpadding unit test failure on slow systems by using + mocked time instead of actual time. Fixes bug 23077; bugfix + on 0.3.1.1-alpha. + + +Changes in version 0.3.1.6-rc - 2017-09-05 + Tor 0.3.1.6-rc fixes a few small bugs and annoyances in the 0.3.1 + release series, including a bug that produced weird behavior on + Windows directory caches. + + This is the first release candidate in the Tor 0.3.1 series. If we + find no new bugs or regressions here, the first stable 0.3.1 release + will be nearly identical to it. + + o Major bugfixes (windows, directory cache): + - On Windows, do not try to delete cached consensus documents and + diffs before they are unmapped from memory--Windows won't allow + that. Instead, allow the consensus cache directory to grow larger, + to hold files that might need to stay around longer. Fixes bug + 22752; bugfix on 0.3.1.1-alpha. + + o Minor features (directory authority): + - Improve the message that authorities report to relays that present + RSA/Ed25519 keypairs that conflict with previously pinned keys. + Closes ticket 22348. + + o Minor features (geoip): + - Update geoip and geoip6 to the August 3 2017 Maxmind GeoLite2 + Country database. + + o Minor features (testing): + - Add more tests for compression backend initialization. Closes + ticket 22286. + + o Minor bugfixes (directory cache): + - Fix a memory leak when recovering space in the consensus cache. + Fixes bug 23139; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (hidden service): + - Increase the number of circuits that a service is allowed to + open over a specific period of time. The value was lower than it + should be (8 vs 12) in the normal case of 3 introduction points. + Fixes bug 22159; bugfix on 0.3.0.5-rc. + - Fix a BUG warning during HSv3 descriptor decoding that could be + cause by a specially crafted descriptor. Fixes bug 23233; bugfix + on 0.3.0.1-alpha. Bug found by "haxxpop". + - Rate-limit the log messages if we exceed the maximum number of + allowed intro circuits. Fixes bug 22159; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (logging, relay): + - Remove a forgotten debugging message when an introduction point + successfully establishes a hidden service prop224 circuit with + a client. + - Change three other log_warn() for an introduction point to + protocol warnings, because they can be failure from the network + and are not relevant to the operator. Fixes bug 23078; bugfix on + 0.3.0.1-alpha and 0.3.0.2-alpha. + + o Minor bugfixes (relay): + - When a relay is not running as a directory cache, it will no + longer generate compressed consensuses and consensus diff + information. Previously, this was a waste of disk and CPU. Fixes + bug 23275; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (robustness, error handling): + - Improve our handling of the cases where OpenSSL encounters a + memory error while encoding keys and certificates. We haven't + observed these errors in the wild, but if they do happen, we now + detect and respond better. Fixes bug 19418; bugfix on all versions + of Tor. Reported by Guido Vranken. + + o Minor bugfixes (stability): + - Avoid crashing on a double-free when unable to load or process an + included file. Fixes bug 23155; bugfix on 0.3.1.1-alpha. Found + with the clang static analyzer. + + o Minor bugfixes (testing): + - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; + bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij. + - Port the hs_ntor handshake test to work correctly with recent + versions of the pysha3 module. Fixes bug 23071; bugfix + on 0.3.1.1-alpha. + + o Minor bugfixes (Windows service): + - When running as a Windows service, set the ID of the main thread + correctly. Failure to do so made us fail to send log messages to + the controller in 0.2.1.16-rc, slowed down controller event + delivery in 0.2.7.3-rc and later, and crash with an assertion + failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha. + Patch and diagnosis from "Vort". + + +Changes in version 0.3.0.10 - 2017-08-02 + Tor 0.3.0.10 backports a collection of small-to-medium bugfixes + from the current Tor alpha series. OpenBSD users and TPROXY users + should upgrade; others are probably okay sticking with 0.3.0.9. + + o Major features (build system, continuous integration, backport from 0.3.1.5-alpha): + - Tor's repository now includes a Travis Continuous Integration (CI) + configuration file (.travis.yml). This is meant to help new + developers and contributors who fork Tor to a Github repository be + better able to test their changes, and understand what we expect + to pass. To use this new build feature, you must fork Tor to your + Github account, then go into the "Integrations" menu in the + repository settings for your fork and enable Travis, then push + your changes. Closes ticket 22636. + + o Major bugfixes (linux TPROXY support, backport from 0.3.1.1-alpha): + - Fix a typo that had prevented TPROXY-based transparent proxying + from working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha. + Patch from "d4fq0fQAgoJ". + + o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha): + - Avoid an assertion failure bug affecting our implementation of + inet_pton(AF_INET6) on certain OpenBSD systems whose strtol() + handling of "0xbar" differs from what we had expected. Fixes bug + 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007. + + o Minor features (backport from 0.3.1.5-alpha): + - Update geoip and geoip6 to the July 4 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (bandwidth accounting, backport from 0.3.1.2-alpha): + - Roll over monthly accounting at the configured hour and minute, + rather than always at 00:00. Fixes bug 22245; bugfix on 0.0.9rc1. + Found by Andrey Karpov with PVS-Studio. + + o Minor bugfixes (compilation warnings, backport from 0.3.1.5-alpha): + - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915; + bugfix on 0.2.8.1-alpha. + - Fix warnings when building with libscrypt and openssl scrypt + support on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha. + - When building with certain versions of the mingw C header files, + avoid float-conversion warnings when calling the C functions + isfinite(), isnan(), and signbit(). Fixes bug 22801; bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha): + - Backport a fix for an "unused variable" warning that appeared + in some versions of mingw. Fixes bug 22838; bugfix on + 0.2.8.1-alpha. + + o Minor bugfixes (coverity build support, backport from 0.3.1.5-alpha): + - Avoid Coverity build warnings related to our BUG() macro. By + default, Coverity treats BUG() as the Linux kernel does: an + instant abort(). We need to override that so our BUG() macro + doesn't prevent Coverity from analyzing functions that use it. + Fixes bug 23030; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (directory authority, backport from 0.3.1.1-alpha): + - When rejecting a router descriptor for running an obsolete version + of Tor without ntor support, warn about the obsolete tor version, + not the missing ntor key. Fixes bug 20270; bugfix on 0.2.9.3-alpha. + + o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.5-alpha): + - Avoid a sandbox failure when trying to re-bind to a socket and + mark it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha. + + o Minor bugfixes (unit tests, backport from 0.3.1.5-alpha) + - Fix a memory leak in the link-handshake/certs_ok_ed25519 test. + Fixes bug 22803; bugfix on 0.3.0.1-alpha. + + +Changes in version 0.3.1.5-alpha - 2017-08-01 + Tor 0.3.1.5-alpha improves the performance of consensus diff + calculation, fixes a crash bug on older versions of OpenBSD, and fixes + several other bugs. If no serious bugs are found in this version, the + next version will be a release candidate. + + This release also marks the end of support for the Tor 0.2.4.x, + 0.2.6.x, and 0.2.7.x release series. Those releases will receive no + further bug or security fixes. Anyone still running or distributing + one of those versions should upgrade. + + o Major features (build system, continuous integration): + - Tor's repository now includes a Travis Continuous Integration (CI) + configuration file (.travis.yml). This is meant to help new + developers and contributors who fork Tor to a Github repository be + better able to test their changes, and understand what we expect + to pass. To use this new build feature, you must fork Tor to your + Github account, then go into the "Integrations" menu in the + repository settings for your fork and enable Travis, then push + your changes. Closes ticket 22636. + + o Major bugfixes (openbsd, denial-of-service): + - Avoid an assertion failure bug affecting our implementation of + inet_pton(AF_INET6) on certain OpenBSD systems whose strtol() + handling of "0xbar" differs from what we had expected. Fixes bug + 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007. + + o Major bugfixes (relay, performance): + - Perform circuit handshake operations at a higher priority than we + use for consensus diff creation and compression. This should + prevent circuits from starving when a relay or bridge receives a + new consensus, especially on lower-powered machines. Fixes bug + 22883; bugfix on 0.3.1.1-alpha. + + o Minor features (bridge authority): + - Add "fingerprint" lines to the networkstatus-bridges file produced + by bridge authorities. Closes ticket 22207. + + o Minor features (directory cache, consensus diff): + - Add a new MaxConsensusAgeForDiffs option to allow directory cache + operators with low-resource environments to adjust the number of + consensuses they'll store and generate diffs from. Most cache + operators should leave it unchanged. Helps to work around + bug 22883. + + o Minor features (geoip): + - Update geoip and geoip6 to the July 4 2017 Maxmind GeoLite2 + Country database. + + o Minor features (relay, performance): + - Always start relays with at least two worker threads, to prevent + priority inversion on slow tasks. Part of the fix for bug 22883. + - Allow background work to be queued with different priorities, so + that a big pile of slow low-priority jobs will not starve out + higher priority jobs. This lays the groundwork for a fix for + bug 22883. + + o Minor bugfixes (build system, rust): + - Fix a problem where Rust toolchains were not being found when + building without --enable-cargo-online-mode, due to setting the + $HOME environment variable instead of $CARGO_HOME. Fixes bug + 22830; bugfix on 0.3.1.1-alpha. Fix by Chelsea Komlo. + + o Minor bugfixes (compatibility, zstd): + - Write zstd epilogues correctly when the epilogue requires + reallocation of the output buffer, even with zstd 1.3.0. + (Previously, we worked on 1.2.0 and failed with 1.3.0). Fixes bug + 22927; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (compilation warnings): + - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug + 22915; bugfix on 0.2.8.1-alpha. + - Fix warnings when building with libscrypt and openssl scrypt + support on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha. + - Compile correctly when both openssl 1.1.0 and libscrypt are + detected. Previously this would cause an error. Fixes bug 22892; + bugfix on 0.3.1.1-alpha. + - When building with certain versions of the mingw C header files, + avoid float-conversion warnings when calling the C functions + isfinite(), isnan(), and signbit(). Fixes bug 22801; bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (coverity build support): + - Avoid Coverity build warnings related to our BUG() macro. By + default, Coverity treats BUG() as the Linux kernel does: an + instant abort(). We need to override that so our BUG() macro + doesn't prevent Coverity from analyzing functions that use it. + Fixes bug 23030; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (directory authority): + - When a directory authority rejects a descriptor or extrainfo with + a given digest, mark that digest as undownloadable, so that we do + not attempt to download it again over and over. We previously + tried to avoid downloading such descriptors by other means, but we + didn't notice if we accidentally downloaded one anyway. This + behavior became problematic in 0.2.7.2-alpha, when authorities + began pinning Ed25519 keys. Fixes bug 22349; bugfix + on 0.2.1.19-alpha. + + o Minor bugfixes (error reporting, windows): + - When formatting Windows error messages, use the English format to + avoid codepage issues. Fixes bug 22520; bugfix on 0.1.2.8-alpha. + Patch from "Vort". + + o Minor bugfixes (file limits, osx): + - When setting the maximum number of connections allowed by the OS, + always allow some extra file descriptors for other files. Fixes + bug 22797; bugfix on 0.2.0.10-alpha. + + o Minor bugfixes (linux seccomp2 sandbox): + - Avoid a sandbox failure when trying to re-bind to a socket and + mark it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha. + + o Minor bugfixes (memory leaks): + - Fix a small memory leak when validating a configuration that uses + two or more AF_UNIX sockets for the same port type. Fixes bug + 23053; bugfix on 0.2.6.3-alpha. This is CID 1415725. + + o Minor bugfixes (unit tests): + - test_consdiff_base64cmp would fail on OS X because while OS X + follows the standard of (less than zero/zero/greater than zero), + it doesn't follow the convention of (-1/0/+1). Make the test + comply with the standard. Fixes bug 22870; bugfix on 0.3.1.1-alpha. + - Fix a memory leak in the link-handshake/certs_ok_ed25519 test. + Fixes bug 22803; bugfix on 0.3.0.1-alpha. + + +Changes in version 0.3.1.4-alpha - 2017-06-29 + Tor 0.3.1.4-alpha fixes a path selection bug that would allow a client + to use a guard that was in the same network family as a chosen exit + relay. This is a security regression; all clients running earlier + versions of 0.3.0.x or 0.3.1.x should upgrade to 0.3.0.9 + or 0.3.1.4-alpha. + + This release also fixes several other bugs introduced in 0.3.0.x + and 0.3.1.x, including others that can affect bandwidth usage + and correctness. + + o New dependencies: + - To build with zstd and lzma support, Tor now requires the + pkg-config tool at build time. (This requirement was new in + 0.3.1.1-alpha, but was not noted at the time. Noting it here to + close ticket 22623.) + + o Major bugfixes (path selection, security): + - When choosing which guard to use for a circuit, avoid the exit's + family along with the exit itself. Previously, the new guard + selection logic avoided the exit, but did not consider its family. + Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked as TROVE-2017- + 006 and CVE-2017-0377. + + o Major bugfixes (compression, zstd): + - Correctly detect a full buffer when decompressing a large zstd- + compressed input. Previously, we would sometimes treat a full + buffer as an error. Fixes bug 22628; bugfix on 0.3.1.1-alpha. + + o Major bugfixes (directory protocol): + - Ensure that we send "304 Not modified" as HTTP status code when a + client is attempting to fetch a consensus or consensus diff, and + the best one we can send them is one they already have. Fixes bug + 22702; bugfix on 0.3.1.1-alpha. + + o Major bugfixes (entry guards): + - When starting with an old consensus, do not add new entry guards + unless the consensus is "reasonably live" (under 1 day old). Fixes + one root cause of bug 22400; bugfix on 0.3.0.1-alpha. + + o Minor features (bug mitigation, diagnostics, logging): + - Avoid an assertion failure, and log a better error message, when + unable to remove a file from the consensus cache on Windows. + Attempts to mitigate and diagnose bug 22752. + + o Minor features (geoip): + - Update geoip and geoip6 to the June 8 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compression): + - When compressing or decompressing a buffer, check for a failure to + create a compression object. Fixes bug 22626; bugfix + on 0.3.1.1-alpha. + - When decompressing a buffer, check for extra data after the end of + the compressed data. Fixes bug 22629; bugfix on 0.3.1.1-alpha. + - When decompressing an object received over an anonymous directory + connection, if we have already decompressed it using an acceptable + compression method, do not reject it for looking like an + unacceptable compression method. Fixes part of bug 22670; bugfix + on 0.3.1.1-alpha. + - When serving directory votes compressed with zlib, do not claim to + have compressed them with zstd. Fixes bug 22669; bugfix + on 0.3.1.1-alpha. + - When spooling compressed data to an output buffer, don't try to + spool more data when there is no more data to spool and we are not + trying to flush the input. Previously, we would sometimes launch + compression requests with nothing to do, which interferes with our + 22672 checks. Fixes bug 22719; bugfix on 0.2.0.16-alpha. + + o Minor bugfixes (defensive programming): + - Detect and break out of infinite loops in our compression code. We + don't think that any such loops exist now, but it's best to be + safe. Closes ticket 22672. + - Fix a memset() off the end of an array when packing cells. This + bug should be harmless in practice, since the corrupted bytes are + still in the same structure, and are always padding bytes, + ignored, or immediately overwritten, depending on compiler + behavior. Nevertheless, because the memset()'s purpose is to make + sure that any other cell-handling bugs can't expose bytes to the + network, we need to fix it. Fixes bug 22737; bugfix on + 0.2.4.11-alpha. Fixes CID 1401591. + + o Minor bugfixes (linux seccomp2 sandbox): + - Permit the fchmod system call, to avoid crashing on startup when + starting with the seccomp2 sandbox and an unexpected set of + permissions on the data directory or its contents. Fixes bug + 22516; bugfix on 0.2.5.4-alpha. + - Fix a crash in the LZMA module, when the sandbox was enabled, and + liblzma would allocate more than 16 MB of memory. We solve this by + bumping the mprotect() limit in the sandbox module from 16 MB to + 20 MB. Fixes bug 22751; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (logging): + - When decompressing, do not warn if we fail to decompress using a + compression method that we merely guessed. Fixes part of bug + 22670; bugfix on 0.1.1.14-alpha. + - When decompressing, treat mismatch between content-encoding and + actual compression type as a protocol warning. Fixes part of bug + 22670; bugfix on 0.1.1.9-alpha. + - Downgrade "assigned_to_cpuworker failed" message to info-level + severity. In every case that can reach it, either a better warning + has already been logged, or no warning is warranted. Fixes bug + 22356; bugfix on 0.2.6.3-alpha. + - Demote a warn that was caused by libevent delays to info if + netflow padding is less than 4.5 seconds late, or to notice + if it is more (4.5 seconds is the amount of time that a netflow + record might be emitted after, if we chose the maximum timeout). + Fixes bug 22212; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (process behavior): + - When exiting because of an error, always exit with a nonzero exit + status. Previously, we would fail to report an error in our exit + status in cases related to __OwningControllerProcess failure, + lockfile contention, and Ed25519 key initialization. Fixes bug + 22720; bugfix on versions 0.2.1.6-alpha, 0.2.2.28-beta, and + 0.2.7.2-alpha respectively. Reported by "f55jwk4f"; patch + from "huyvq". + + o Documentation: + - Add a manpage description for the key-pinning-journal file. Closes + ticket 22347. + - Correctly note that bandwidth accounting values are stored in the + state file, and the bw_accounting file is now obsolete. Closes + ticket 16082. + - Document more of the files in the Tor data directory, including + cached-extrainfo, secret_onion_key{,_ntor}.old, hidserv-stats, + approved-routers, sr-random, and diff-cache. Found while fixing + ticket 22347. + + +Changes in version 0.3.0.9 - 2017-06-29 + Tor 0.3.0.9 fixes a path selection bug that would allow a client + to use a guard that was in the same network family as a chosen exit + relay. This is a security regression; all clients running earlier + versions of 0.3.0.x or 0.3.1.x should upgrade to 0.3.0.9 or + 0.3.1.4-alpha. + + This release also backports several other bugfixes from the 0.3.1.x + series. + + o Major bugfixes (path selection, security, backport from 0.3.1.4-alpha): + - When choosing which guard to use for a circuit, avoid the exit's + family along with the exit itself. Previously, the new guard + selection logic avoided the exit, but did not consider its family. + Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked as TROVE-2017- + 006 and CVE-2017-0377. + + o Major bugfixes (entry guards, backport from 0.3.1.1-alpha): + - Don't block bootstrapping when a primary bridge is offline and we + can't get its descriptor. Fixes bug 22325; fixes one case of bug + 21969; bugfix on 0.3.0.3-alpha. + + o Major bugfixes (entry guards, backport from 0.3.1.4-alpha): + - When starting with an old consensus, do not add new entry guards + unless the consensus is "reasonably live" (under 1 day old). Fixes + one root cause of bug 22400; bugfix on 0.3.0.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the June 8 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (voting consistency, backport from 0.3.1.1-alpha): + - Reject version numbers with non-numeric prefixes (such as +, -, or + whitespace). Disallowing whitespace prevents differential version + parsing between POSIX-based and Windows platforms. Fixes bug 21507 + and part of 21508; bugfix on 0.0.8pre1. + + o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.4-alpha): + - Permit the fchmod system call, to avoid crashing on startup when + starting with the seccomp2 sandbox and an unexpected set of + permissions on the data directory or its contents. Fixes bug + 22516; bugfix on 0.2.5.4-alpha. + + o Minor bugfixes (defensive programming, backport from 0.3.1.4-alpha): + - Fix a memset() off the end of an array when packing cells. This + bug should be harmless in practice, since the corrupted bytes are + still in the same structure, and are always padding bytes, + ignored, or immediately overwritten, depending on compiler + behavior. Nevertheless, because the memset()'s purpose is to make + sure that any other cell-handling bugs can't expose bytes to the + network, we need to fix it. Fixes bug 22737; bugfix on + 0.2.4.11-alpha. Fixes CID 1401591. + + +Changes in version 0.3.1.3-alpha - 2017-06-08 + Tor 0.3.1.3-alpha fixes a pair of bugs that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-004 and TROVE-2017-005. + + Tor 0.3.1.3-alpha also includes fixes for several key management bugs + that sometimes made relays unreliable, as well as several other + bugfixes described below. + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure when a hidden service + handles a malformed BEGIN cell. Fixes bug 22493, tracked as + TROVE-2017-004 and as CVE-2017-0375; bugfix on 0.3.0.1-alpha. + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Major bugfixes (relay, link handshake): + - When performing the v3 link handshake on a TLS connection, report + that we have the x509 certificate that we actually used on that + connection, even if we have changed certificates since that + connection was first opened. Previously, we would claim to have + used our most recent x509 link certificate, which would sometimes + make the link handshake fail. Fixes one case of bug 22460; bugfix + on 0.2.3.6-alpha. + + o Major bugfixes (relays, key management): + - Regenerate link and authentication certificates whenever the key + that signs them changes; also, regenerate link certificates + whenever the signed key changes. Previously, these processes were + only weakly coupled, and we relays could (for minutes to hours) + wind up with an inconsistent set of keys and certificates, which + other relays would not accept. Fixes two cases of bug 22460; + bugfix on 0.3.0.1-alpha. + - When sending an Ed25519 signing->link certificate in a CERTS cell, + send the certificate that matches the x509 certificate that we + used on the TLS connection. Previously, there was a race condition + if the TLS context rotated after we began the TLS handshake but + before we sent the CERTS cell. Fixes a case of bug 22460; bugfix + on 0.3.0.1-alpha. + + o Major bugfixes (torrc, crash): + - Fix a crash bug when using %include in torrc. Fixes bug 22417; + bugfix on 0.3.1.1-alpha. Patch by Daniel Pinto. + + o Minor features (code style): + - Add "Falls through" comments to our codebase, in order to silence + GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas + Stieger. Closes ticket 22446. + + o Minor features (diagnostic): + - Add logging messages to try to diagnose a rare bug that seems to + generate RSA->Ed25519 cross-certificates dated in the 1970s. We + think this is happening because of incorrect system clocks, but + we'd like to know for certain. Diagnostic for bug 22466. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + + o Minor bugfixes (directory protocol): + - Check for libzstd >= 1.1, because older versions lack the + necessary streaming API. Fixes bug 22413; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (link handshake): + - Lower the lifetime of the RSA->Ed25519 cross-certificate to six + months, and regenerate it when it is within one month of expiring. + Previously, we had generated this certificate at startup with a + ten-year lifetime, but that could lead to weird behavior when Tor + was started with a grossly inaccurate clock. Mitigates bug 22466; + mitigation on 0.3.0.1-alpha. + + o Minor bugfixes (storage directories): + - Always check for underflows in the cached storage directory usage. + If the usage does underflow, re-calculate it. Also, avoid a + separate underflow when the usage is not known. Fixes bug 22424; + bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (unit tests): + - The unit tests now pass on systems where localhost is misconfigured + to some IPv4 address other than 127.0.0.1. Fixes bug 6298; bugfix + on 0.0.9pre2. + + o Documentation: + - Clarify the manpage for the (deprecated) torify script. Closes + ticket 6892. + +Changes in version 0.3.0.8 - 2017-06-08 + Tor 0.3.0.8 fixes a pair of bugs that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-004 and TROVE-2017-005. + + Tor 0.3.0.8 also includes fixes for several key management bugs + that sometimes made relays unreliable, as well as several other + bugfixes described below. + + o Major bugfixes (hidden service, relay, security, backport + from 0.3.1.3-alpha): + - Fix a remotely triggerable assertion failure when a hidden service + handles a malformed BEGIN cell. Fixes bug 22493, tracked as + TROVE-2017-004 and as CVE-2017-0375; bugfix on 0.3.0.1-alpha. + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Major bugfixes (relay, link handshake, backport from 0.3.1.3-alpha): + - When performing the v3 link handshake on a TLS connection, report + that we have the x509 certificate that we actually used on that + connection, even if we have changed certificates since that + connection was first opened. Previously, we would claim to have + used our most recent x509 link certificate, which would sometimes + make the link handshake fail. Fixes one case of bug 22460; bugfix + on 0.2.3.6-alpha. + + o Major bugfixes (relays, key management, backport from 0.3.1.3-alpha): + - Regenerate link and authentication certificates whenever the key + that signs them changes; also, regenerate link certificates + whenever the signed key changes. Previously, these processes were + only weakly coupled, and we relays could (for minutes to hours) + wind up with an inconsistent set of keys and certificates, which + other relays would not accept. Fixes two cases of bug 22460; + bugfix on 0.3.0.1-alpha. + - When sending an Ed25519 signing->link certificate in a CERTS cell, + send the certificate that matches the x509 certificate that we + used on the TLS connection. Previously, there was a race condition + if the TLS context rotated after we began the TLS handshake but + before we sent the CERTS cell. Fixes a case of bug 22460; bugfix + on 0.3.0.1-alpha. + + o Major bugfixes (hidden service v3, backport from 0.3.1.1-alpha): + - Stop rejecting v3 hidden service descriptors because their size + did not match an old padding rule. Fixes bug 22447; bugfix on + tor-0.3.0.1-alpha. + + o Minor features (fallback directory list, backport from 0.3.1.3-alpha): + - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in + December 2016 (of which ~126 were still functional) with a list of + 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May + 2017. Resolves ticket 21564. + + o Minor bugfixes (configuration, backport from 0.3.1.1-alpha): + - Do not crash when starting with LearnCircuitBuildTimeout 0. Fixes + bug 22252; bugfix on 0.2.9.3-alpha. + + o Minor bugfixes (correctness, backport from 0.3.1.3-alpha): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + + o Minor bugfixes (link handshake, backport from 0.3.1.3-alpha): + - Lower the lifetime of the RSA->Ed25519 cross-certificate to six + months, and regenerate it when it is within one month of expiring. + Previously, we had generated this certificate at startup with a + ten-year lifetime, but that could lead to weird behavior when Tor + was started with a grossly inaccurate clock. Mitigates bug 22466; + mitigation on 0.3.0.1-alpha. + + o Minor bugfixes (memory leak, directory authority, backport from + 0.3.1.2-alpha): + - When directory authorities reject a router descriptor due to + keypinning, free the router descriptor rather than leaking the + memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha. + + +Changes in version 0.2.9.11 - 2017-06-08 + Tor 0.2.9.11 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + Tor 0.2.9.11 also backports fixes for several key management bugs + that sometimes made relays unreliable, as well as several other + bugfixes described below. + + o Major bugfixes (hidden service, relay, security, backport + from 0.3.1.3-alpha): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Major bugfixes (relay, link handshake, backport from 0.3.1.3-alpha): + - When performing the v3 link handshake on a TLS connection, report + that we have the x509 certificate that we actually used on that + connection, even if we have changed certificates since that + connection was first opened. Previously, we would claim to have + used our most recent x509 link certificate, which would sometimes + make the link handshake fail. Fixes one case of bug 22460; bugfix + on 0.2.3.6-alpha. + + o Minor features (fallback directory list, backport from 0.3.1.3-alpha): + - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in + December 2016 (of which ~126 were still functional) with a list of + 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May + 2017. Resolves ticket 21564. + + o Minor features (future-proofing, backport from 0.3.0.7): + - Tor no longer refuses to download microdescriptors or descriptors if + they are listed as "published in the future". This change will + eventually allow us to stop listing meaningful "published" dates + in microdescriptor consensuses, and thereby allow us to reduce the + resources required to download consensus diffs by over 50%. + Implements part of ticket 21642; implements part of proposal 275. + + o Minor features (directory authorities, backport from 0.3.0.4-rc) + - Directory authorities now reject relays running versions + 0.2.9.1-alpha through 0.2.9.4-alpha, because those relays + suffer from bug 20499 and don't keep their consensus cache + up-to-date. Resolves ticket 20509. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (control port, backport from 0.3.0.6): + - The GETINFO extra-info/digest/<digest> command was broken because + of a wrong base16 decode return value check, introduced when + refactoring that API. Fixes bug 22034; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (correctness, backport from 0.3.1.3-alpha): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + + o Minor bugfixes (Linux seccomp2 sandbox, backport from 0.3.0.7): + - The getpid() system call is now permitted under the Linux seccomp2 + sandbox, to avoid crashing with versions of OpenSSL (and other + libraries) that attempt to learn the process's PID by using the + syscall rather than the VDSO code. Fixes bug 21943; bugfix + on 0.2.5.1-alpha. + + o Minor bugfixes (memory leak, directory authority, backport + from 0.3.1.2-alpha): + - When directory authorities reject a router descriptor due to + keypinning, free the router descriptor rather than leaking the + memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha. + +Changes in version 0.2.8.14 - 2017-06-08 + Tor 0.2.7.8 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor features (fallback directory list, backport from 0.3.1.3-alpha): + - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in + December 2016 (of which ~126 were still functional) with a list of + 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May + 2017. Resolves ticket 21564. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + +Changes in version 0.2.7.8 - 2017-06-08 + Tor 0.2.7.8 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + + +Changes in version 0.2.6.12 - 2017-06-08 + Tor 0.2.6.12 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + +Changes in version 0.2.5.14 - 2017-06-08 + Tor 0.2.5.14 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + +Changes in version 0.2.4.29 - 2017-06-08 + Tor 0.2.4.29 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + + +Changes in version 0.3.1.2-alpha - 2017-05-26 + Tor 0.3.1.2-alpha is the second release in the 0.3.1.x series. It + fixes a few bugs found while testing 0.3.1.1-alpha, including a + memory corruption bug that affected relay stability. + + o Major bugfixes (crash, relay): + - Fix a memory-corruption bug in relays that set MyFamily. + Previously, they would double-free MyFamily elements when making + the next descriptor or when changing their configuration. Fixes + bug 22368; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (logging): + - Log a better message when a directory authority replies to an + upload with an unexpected status code. Fixes bug 11121; bugfix + on 0.1.0.1-rc. + + o Minor bugfixes (memory leak, directory authority): + - When directory authorities reject a router descriptor due to + keypinning, free the router descriptor rather than leaking the + memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha. + + +Changes in version 0.3.1.1-alpha - 2017-05-22 + Tor 0.3.1.1-alpha is the first release in the 0.3.1.x series. It + reduces the bandwidth usage for Tor's directory protocol, adds some + basic padding to resist netflow-based traffic analysis and to serve as + the basis of other padding in the future, and adds rust support to the + build system. + + It also contains numerous other small features and improvements to + security, correctness, and performance. + + Below are the changes since 0.3.0.7. + + o Major features (directory protocol): + - Tor relays and authorities can now serve clients an abbreviated + version of the consensus document, containing only the changes + since an older consensus document that the client holds. Clients + now request these documents when available. When both client and + server use this new protocol, they will use far less bandwidth (up + to 94% less) to keep the client's consensus up-to-date. Implements + proposal 140; closes ticket 13339. Based on work by Daniel MartÃ. + - Tor can now compress directory traffic with lzma or with zstd + compression algorithms, which can deliver better bandwidth + performance. Because lzma is computationally expensive, it's only + used for documents that can be compressed once and served many + times. Support for these algorithms requires that tor is built + with the libzstd and/or liblzma libraries available. Implements + proposal 278; closes ticket 21662. + - Relays now perform the more expensive compression operations, and + consensus diff generation, in worker threads. This separation + avoids delaying the main thread when a new consensus arrives. + + o Major features (experimental): + - Tor can now build modules written in Rust. To turn this on, pass + the "--enable-rust" flag to the configure script. It's not time to + get excited yet: currently, there is no actual Rust functionality + beyond some simple glue code, and a notice at startup to tell you + that Rust is running. Still, we hope that programmers and + packagers will try building Tor with Rust support, so that we can + find issues and solve portability problems. Closes ticket 22106. + + o Major features (traffic analysis resistance): + - Connections between clients and relays now send a padding cell in + each direction every 1.5 to 9.5 seconds (tunable via consensus + parameters). This padding will not resist specialized + eavesdroppers, but it should be enough to make many ISPs' routine + network flow logging less useful in traffic analysis against + Tor users. + + Padding is negotiated using Tor's link protocol, so both relays + and clients must upgrade for this to take effect. Clients may + still send padding despite the relay's version by setting + ConnectionPadding 1 in torrc, and may disable padding by setting + ConnectionPadding 0 in torrc. Padding may be minimized for mobile + users with the torrc option ReducedConnectionPadding. Implements + Proposal 251 and Section 2 of Proposal 254; closes ticket 16861. + - Relays will publish 24 hour totals of padding and non-padding cell + counts to their extra-info descriptors, unless PaddingStatistics 0 + is set in torrc. These 24 hour totals are also rounded to + multiples of 10000. + + o Major bugfixes (connection usage): + - We use NETINFO cells to try to determine if both relays involved + in a connection will agree on the canonical status of that + connection. We prefer the connections where this is the case for + extend cells, and try to close connections where relays disagree + on their canonical status early. Also, we now prefer the oldest + valid connection for extend cells. These two changes should reduce + the number of long-term connections that are kept open between + relays. Fixes bug 17604; bugfix on 0.2.5.5-alpha. + - Relays now log hourly statistics (look for + "channel_check_for_duplicates" lines) on the total number of + connections to other relays. If the number of connections per + relay is unexpectedly large, this log message is at notice level. + Otherwise it is at info. + + o Major bugfixes (entry guards): + - Don't block bootstrapping when a primary bridge is offline and we + can't get its descriptor. Fixes bug 22325; fixes one case of bug + 21969; bugfix on 0.3.0.3-alpha. + + o Major bugfixes (linux TPROXY support): + - Fix a typo that had prevented TPROXY-based transparent proxying + from working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha. + Patch from "d4fq0fQAgoJ". + + o Minor features (security, windows): + - Enable a couple of pieces of Windows hardening: one + (HeapEnableTerminationOnCorruption) that has been on-by-default + since Windows 8, and unavailable before Windows 7; and one + (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't + affect us, but shouldn't do any harm. Closes ticket 21953. + + o Minor features (config options): + - Allow "%include" directives in torrc configuration files. These + directives import the settings from other files, or from all the + files in a directory. Closes ticket 1922. Code by Daniel Pinto. + - Make SAVECONF return an error when overwriting a torrc that has + includes. Using SAVECONF with the FORCE option will allow it to + overwrite torrc even if includes are used. Related to ticket 1922. + - Add "GETINFO config-can-saveconf" to tell controllers if SAVECONF + will work without the FORCE option. Related to ticket 1922. + + o Minor features (controller): + - Warn the first time that a controller requests data in the long- + deprecated 'GETINFO network-status' format. Closes ticket 21703. + + o Minor features (defaults): + - The default value for UseCreateFast is now 0: clients which + haven't yet received a consensus document will now use a proper + ntor handshake to talk to their directory servers whenever they + can. Closes ticket 21407. + - Onion key rotation and expiry intervals are now defined as a + network consensus parameter, per proposal 274. The default + lifetime of an onion key is increased from 7 to 28 days. Old onion + keys will expire after 7 days by default. This change will make + consensus diffs much smaller, and save significant bandwidth. + Closes ticket 21641. + + o Minor features (fallback directory list): + - Update the fallback directory mirror whitelist and blacklist based + on operator emails. Closes task 21121. + - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in + December 2016 (of which ~126 were still functional) with a list of + 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May + 2017. Resolves ticket 21564. + + o Minor features (hidden services, logging): + - Log a message when a hidden service descriptor has fewer + introduction points than specified in + HiddenServiceNumIntroductionPoints. Closes tickets 21598. + - Log a message when a hidden service reaches its introduction point + circuit limit, and when that limit is reset. Follow up to ticket + 21594; closes ticket 21622. + - Warn user if multiple entries in EntryNodes and at least one + HiddenService are used together. Pinning EntryNodes along with a + hidden service can be possibly harmful; for instance see ticket + 14917 or 21155. Closes ticket 21155. + + o Minor features (linux seccomp2 sandbox): + - We now have a document storage backend compatible with the Linux + seccomp2 sandbox. This backend is used for consensus documents and + diffs between them; in the long term, we'd like to use it for + unparseable directory material too. Closes ticket 21645 + - Increase the maximum allowed size passed to mprotect(PROT_WRITE) + from 1MB to 16MB. This was necessary with the glibc allocator in + order to allow worker threads to allocate more memory -- which in + turn is necessary because of our new use of worker threads for + compression. Closes ticket 22096. + + o Minor features (logging): + - Log files are no longer created world-readable by default. + (Previously, most distributors would store the logs in a non- + world-readable location to prevent inappropriate access. This + change is an extra precaution.) Closes ticket 21729; patch + from toralf. + + o Minor features (performance): + - Our Keccak (SHA-3) implementation now accesses memory more + efficiently, especially on little-endian systems. Closes + ticket 21737. + - Add an O(1) implementation of channel_find_by_global_id(), to + speed some controller functions. + + o Minor features (relay, configuration): + - The MyFamily option may now be repeated as many times as desired, + for relays that want to configure large families. Closes ticket + 4998; patch by Daniel Pinto. + + o Minor features (safety): + - Add an explicit check to extrainfo_parse_entry_from_string() for + NULL inputs. We don't believe this can actually happen, but it may + help silence a warning from the Clang analyzer. Closes + ticket 21496. + + o Minor features (testing): + - Add a "--disable-memory-sentinels" feature to help with fuzzing. + When Tor is compiled with this option, we disable a number of + redundant memory-safety failsafes that are intended to stop bugs + from becoming security issues. This makes it easier to hunt for + bugs that would be security issues without the failsafes turned + on. Closes ticket 21439. + - Add a general event-tracing instrumentation support to Tor. This + subsystem will enable developers and researchers to add fine- + grained instrumentation to their Tor instances, for use when + examining Tor network performance issues. There are no trace + events yet, and event-tracing is off by default unless enabled at + compile time. Implements ticket 13802. + - Improve our version parsing tests: add tests for typical version + components, add tests for invalid versions, including numeric + range and non-numeric prefixes. Unit tests 21278, 21450, and + 21507. Partially implements 21470. + + o Minor bugfixes (bandwidth accounting): + - Roll over monthly accounting at the configured hour and minute, + rather than always at 00:00. Fixes bug 22245; bugfix on 0.0.9rc1. + Found by Andrey Karpov with PVS-Studio. + + o Minor bugfixes (code correctness): + - Accurately identify client connections by their lack of peer + authentication. This means that we bail out earlier if asked to + extend to a client. Follow-up to 21407. Fixes bug 21406; bugfix + on 0.2.4.23. + + o Minor bugfixes (configuration): + - Do not crash when starting with LearnCircuitBuildTimeout 0. Fixes + bug 22252; bugfix on 0.2.9.3-alpha. + + o Minor bugfixes (connection lifespan): + - Allow more control over how long TLS connections are kept open: + unify CircuitIdleTimeout and PredictedPortsRelevanceTime into a + single option called CircuitsAvailableTimeout. Also, allow the + consensus to control the default values for both this preference + and the lifespan of relay-to-relay connections. Fixes bug 17592; + bugfix on 0.2.5.5-alpha. + - Increase the initial circuit build timeout testing frequency, to + help ensure that ReducedConnectionPadding clients finish learning + a timeout before their orconn would expire. The initial testing + rate was set back in the days of TAP and before the Tor Browser + updater, when we had to be much more careful about new clients + making lots of circuits. With this change, a circuit build timeout + is learned in about 15-20 minutes, instead of 100-120 minutes. + + o Minor bugfixes (controller): + - GETINFO onions/current and onions/detached no longer respond with + 551 on empty lists. Fixes bug 21329; bugfix on 0.2.7.1-alpha. + - Trigger HS descriptor events on the control port when the client + fails to pick a hidden service directory for a hidden service. + This can happen if all the hidden service directories are in + ExcludeNodes, or they have all been queried within the last 15 + minutes. Fixes bug 22042; bugfix on 0.2.5.2-alpha. + + o Minor bugfixes (directory authority): + - When rejecting a router descriptor for running an obsolete version + of Tor without ntor support, warn about the obsolete tor version, + not the missing ntor key. Fixes bug 20270; bugfix on 0.2.9.3-alpha. + - Prevent the shared randomness subsystem from asserting when + initialized by a bridge authority with an incomplete configuration + file. Fixes bug 21586; bugfix on 0.2.9.8. + + o Minor bugfixes (exit-side DNS): + - Fix an untriggerable assertion that checked the output of a + libevent DNS error, so that the assertion actually behaves as + expected. Fixes bug 22244; bugfix on 0.2.0.20-rc. Found by Andrey + Karpov using PVS-Studio. + + o Minor bugfixes (fallback directories): + - Make the usage example in updateFallbackDirs.py actually work, and + explain what it does. Fixes bug 22270; bugfix on 0.3.0.3-alpha. + - Decrease the guard flag average required to be a fallback. This + allows us to keep relays that have their guard flag removed when + they restart. Fixes bug 20913; bugfix on 0.2.8.1-alpha. + - Decrease the minimum number of fallbacks to 100. Fixes bug 20913; + bugfix on 0.2.8.1-alpha. + - Make sure fallback directory mirrors have the same address, port, + and relay identity key for at least 30 days before they are + selected. Fixes bug 20913; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (hidden services): + - Stop printing a cryptic warning when a hidden service gets a + request to connect to a virtual port that it hasn't configured. + Fixes bug 16706; bugfix on 0.2.6.3-alpha. + - Simplify hidden service descriptor creation by using an existing + flag to check if an introduction point is established. Fixes bug + 21599; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (memory leak): + - Fix a small memory leak at exit from the backtrace handler code. + Fixes bug 21788; bugfix on 0.2.5.2-alpha. Patch from Daniel Pinto. + + o Minor bugfixes (protocol, logging): + - Downgrade a log statement about unexpected relay cells from "bug" + to "protocol warning", because there is at least one use case + where it can be triggered by a buggy tor implementation. Fixes bug + 21293; bugfix on 0.1.1.14-alpha. + + o Minor bugfixes (testing): + - Use unbuffered I/O for utility functions around the + process_handle_t type. This fixes unit test failures reported on + OpenBSD and FreeBSD. Fixes bug 21654; bugfix on 0.2.3.1-alpha. + - Make display of captured unit test log messages consistent. Fixes + bug 21510; bugfix on 0.2.9.3-alpha. + - Make test-network.sh always call chutney's test-network.sh. + Previously, this only worked on systems which had bash installed, + due to some bash-specific code in the script. Fixes bug 19699; + bugfix on 0.3.0.4-rc. Follow-up to ticket 21581. + + o Minor bugfixes (voting consistency): + - Reject version numbers with non-numeric prefixes (such as +, -, or + whitespace). Disallowing whitespace prevents differential version + parsing between POSIX-based and Windows platforms. Fixes bug 21507 + and part of 21508; bugfix on 0.0.8pre1. + + o Minor bugfixes (windows, relay): + - Resolve "Failure from drain_fd: No error" warnings on Windows + relays. Fixes bug 21540; bugfix on 0.2.6.3-alpha. + + o Code simplification and refactoring: + - Break up the 630-line function connection_dir_client_reached_eof() + into a dozen smaller functions. This change should help + maintainability and readability of the client directory code. + - Isolate our use of the openssl headers so that they are only + included from our crypto wrapper modules, and from tests that + examine those modules' internals. Closes ticket 21841. + - Simplify our API to launch directory requests, making it more + extensible and less error-prone. Now it's easier to add extra + headers to directory requests. Closes ticket 21646. + - Our base64 decoding functions no longer overestimate the output + space that they need when parsing unpadded inputs. Closes + ticket 17868. + - Remove unused "ROUTER_ADDED_NOTIFY_GENERATOR" internal value. + Resolves ticket 22213. + - The logic that directory caches use to spool request to clients, + serving them one part at a time so as not to allocate too much + memory, has been refactored for consistency. Previously there was + a separate spooling implementation per type of spoolable data. Now + there is one common spooling implementation, with extensible data + types. Closes ticket 21651. + - Tor's compression module now supports multiple backends. Part of + the implementation for proposal 278; closes ticket 21663. + + o Documentation: + - Clarify the behavior of the KeepAliveIsolateSOCKSAuth sub-option. + Closes ticket 21873. + - Correct documentation about the default DataDirectory value. + Closes ticket 21151. + - Document the default behavior of NumEntryGuards and + NumDirectoryGuards correctly. Fixes bug 21715; bugfix + on 0.3.0.1-alpha. + - Document key=value pluggable transport arguments for Bridge lines + in torrc. Fixes bug 20341; bugfix on 0.2.5.1-alpha. + - Note that bandwidth-limiting options don't affect TCP headers or + DNS. Closes ticket 17170. + + o Removed features (configuration options, all in ticket 22060): + - These configuration options are now marked Obsolete, and no longer + have any effect: AllowInvalidNodes, AllowSingleHopCircuits, + AllowSingleHopExits, ExcludeSingleHopRelays, FastFirstHopPK, + TLSECGroup, WarnUnsafeSocks. They were first marked as deprecated + in 0.2.9.2-alpha and have now been removed. The previous default + behavior is now always chosen; the previous (less secure) non- + default behavior is now unavailable. + - CloseHSClientCircuitsImmediatelyOnTimeout and + CloseHSServiceRendCircuitsImmediatelyOnTimeout were deprecated in + 0.2.9.2-alpha and now have been removed. HS circuits never close + on circuit build timeout; they have a longer timeout period. + - {Control,DNS,Dir,Socks,Trans,NATD,OR}ListenAddress were deprecated + in 0.2.9.2-alpha and now have been removed. Use the ORPort option + (and others) to configure listen-only and advertise-only addresses. + + o Removed features (tools): + - We've removed the tor-checkkey tool from src/tools. Long ago, we + used it to help people detect RSA keys that were generated by + versions of Debian affected by CVE-2008-0166. But those keys have + been out of circulation for ages, and this tool is no longer + required. Closes ticket 21842. + + +Changes in version 0.3.0.7 - 2017-05-15 + Tor 0.3.0.7 fixes a medium-severity security bug in earlier versions + of Tor 0.3.0.x, where an attacker could cause a Tor relay process + to exit. Relays running earlier versions of Tor 0.3.0.x should upgrade; + clients are not affected. + + o Major bugfixes (hidden service directory, security): + - Fix an assertion failure in the hidden service directory code, which + could be used by an attacker to remotely cause a Tor relay process to + exit. Relays running earlier versions of Tor 0.3.0.x should upgrade. + should upgrade. This security issue is tracked as TROVE-2017-002. + Fixes bug 22246; bugfix on 0.3.0.1-alpha. + + o Minor features: + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor features (future-proofing): + - Tor no longer refuses to download microdescriptors or descriptors + if they are listed as "published in the future". This change will + eventually allow us to stop listing meaningful "published" dates + in microdescriptor consensuses, and thereby allow us to reduce the + resources required to download consensus diffs by over 50%. + Implements part of ticket 21642; implements part of proposal 275. + + o Minor bugfixes (Linux seccomp2 sandbox): + - The getpid() system call is now permitted under the Linux seccomp2 + sandbox, to avoid crashing with versions of OpenSSL (and other + libraries) that attempt to learn the process's PID by using the + syscall rather than the VDSO code. Fixes bug 21943; bugfix + on 0.2.5.1-alpha. + + +Changes in version 0.3.0.6 - 2017-04-26 + Tor 0.3.0.6 is the first stable release of the Tor 0.3.0 series. + + With the 0.3.0 series, clients and relays now use Ed25519 keys to + authenticate their link connections to relays, rather than the old + RSA1024 keys that they used before. (Circuit crypto has been + Curve25519-authenticated since 0.2.4.8-alpha.) We have also replaced + the guard selection and replacement algorithm to behave more robustly + in the presence of unreliable networks, and to resist guard- + capture attacks. + + This series also includes numerous other small features and bugfixes, + along with more groundwork for the upcoming hidden-services revamp. + + Per our stable release policy, we plan to support the Tor 0.3.0 + release series for at least the next nine months, or for three months + after the first stable release of the 0.3.1 series: whichever is + longer. If you need a release with long-term support, we recommend + that you stay with the 0.2.9 series. + + Below are the changes since 0.3.0.5-rc. For a list of all changes + since 0.2.9, see the ReleaseNotes file. + + o Minor features (geoip): + - Update geoip and geoip6 to the April 4 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (control port): + - The GETINFO extra-info/digest/<digest> command was broken because + of a wrong base16 decode return value check, introduced when + refactoring that API. Fixes bug 22034; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (crash prevention): + - Fix a (currently untriggerable, but potentially dangerous) crash + bug when base32-encoding inputs whose sizes are not a multiple of + 5. Fixes bug 21894; bugfix on 0.2.9.1-alpha. + + +Changes in version 0.3.0.5-rc - 2017-04-05 + Tor 0.3.0.5-rc fixes a few remaining bugs, large and small, in the + 0.3.0 release series. + + This is the second release candidate in the Tor 0.3.0 series, and has + much fewer changes than the first. If we find no new bugs or + regressions here, the first stable 0.3.0 release will be nearly + identical to it. + + o Major bugfixes (crash, directory connections): + - Fix a rare crash when sending a begin cell on a circuit whose + linked directory connection had already been closed. Fixes bug + 21576; bugfix on 0.2.9.3-alpha. Reported by Alec Muffett. + + o Major bugfixes (guard selection): + - Fix a guard selection bug where Tor would refuse to bootstrap in + some cases if the user swapped a bridge for another bridge in + their configuration file. Fixes bug 21771; bugfix on 0.3.0.1-alpha. + Reported by "torvlnt33r". + + o Minor features (geoip): + - Update geoip and geoip6 to the March 7 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfix (compilation): + - Fix a warning when compiling hs_service.c. Previously, it had no + exported symbols when compiled for libor.a, resulting in a + compilation warning from clang. Fixes bug 21825; bugfix + on 0.3.0.1-alpha. + + o Minor bugfixes (hidden services): + - Make hidden services check for failed intro point connections, + even when they have exceeded their intro point creation limit. + Fixes bug 21596; bugfix on 0.2.7.2-alpha. Reported by Alec Muffett. + - Make hidden services with 8 to 10 introduction points check for + failed circuits immediately after startup. Previously, they would + wait for 5 minutes before performing their first checks. Fixes bug + 21594; bugfix on 0.2.3.9-alpha. Reported by Alec Muffett. + + o Minor bugfixes (memory leaks): + - Fix a memory leak when using GETCONF on a port option. Fixes bug + 21682; bugfix on 0.3.0.3-alpha. + + o Minor bugfixes (relay): + - Avoid a double-marked-circuit warning that could happen when we + receive DESTROY cells under heavy load. Fixes bug 20059; bugfix + on 0.1.0.1-rc. + + o Minor bugfixes (tests): + - Run the entry_guard_parse_from_state_full() test with the time set + to a specific date. (The guard state that this test was parsing + contained guards that had expired since the test was first + written.) Fixes bug 21799; bugfix on 0.3.0.1-alpha. + + o Documentation: + - Update the description of the directory server options in the + manual page, to clarify that a relay no longer needs to set + DirPort in order to be a directory cache. Closes ticket 21720. + + + +Changes in version 0.2.8.13 - 2017-03-03 + Tor 0.2.8.13 backports a security fix from later Tor + releases. Anybody running Tor 0.2.8.12 or earlier should upgrade to this + this release, if for some reason they cannot upgrade to a later + release series, and if they build Tor with the --enable-expensive-hardening + option. + + Note that support for Tor 0.2.8.x is ending next year: we will not issue + any fixes for the Tor 0.2.8.x series after 1 Jan 2018. If you need + a Tor release series with longer-term support, we recommend Tor 0.2.9.x. + + o Major bugfixes (parsing, backported from 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + +Changes in version 0.2.7.7 - 2017-03-03 + Tor 0.2.7.7 backports a number of security fixes from later Tor + releases. Anybody running Tor 0.2.7.6 or earlier should upgrade to + this release, if for some reason they cannot upgrade to a later + release series. + + Note that support for Tor 0.2.7.x is ending this year: we will not issue + any fixes for the Tor 0.2.7.x series after 1 August 2017. If you need + a Tor release series with longer-term support, we recommend Tor 0.2.9.x. + + o Directory authority changes (backport from 0.2.8.5-rc): + - Urras is no longer a directory authority. Closes ticket 19271. + + o Directory authority changes (backport from 0.2.9.2-alpha): + - The "Tonga" bridge authority has been retired; the new bridge + authority is "Bifroest". Closes tickets 19728 and 19690. + + o Directory authority key updates (backport from 0.2.8.1-alpha): + - Update the V3 identity key for the dannenberg directory authority: + it was changed on 18 November 2015. Closes task 17906. Patch + by "teor". + + o Major bugfixes (parsing, security, backport from 0.2.9.8): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha): + - Stop a crash that could occur when a client running with DNSPort + received a query with multiple address types, and the first + address type was not supported. Found and fixed by Scott Dial. + Fixes bug 18710; bugfix on 0.2.5.4-alpha. + - Prevent a class of security bugs caused by treating the contents + of a buffer chunk as if they were a NUL-terminated string. At + least one such bug seems to be present in all currently used + versions of Tor, and would allow an attacker to remotely crash + most Tor instances, especially those compiled with extra compiler + hardening. With this defense in place, such bugs can't crash Tor, + though we should still fix them as they occur. Closes ticket + 20384 (TROVE-2016-10-001). + + o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha): + - Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug 18162; + bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely. + Reported by Guido Vranken. + + o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha): + - Avoid crashing when running as a DNS proxy. Fixes bug 16248; + bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". + + o Major bugfixes (key management, backport from 0.2.8.3-alpha): + - If OpenSSL fails to generate an RSA key, do not retain a dangling + pointer to the previous (uninitialized) key value. The impact here + should be limited to a difficult-to-trigger crash, if OpenSSL is + running an engine that makes key generation failures possible, or + if OpenSSL runs out of memory. Fixes bug 19152; bugfix on + 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and + Baishakhi Ray. + + o Major bugfixes (parsing, backported from 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (security, memory erasure, backport from 0.2.8.1-alpha): + - Make memwipe() do nothing when passed a NULL pointer or buffer of + zero size. Check size argument to memwipe() for underflow. Fixes + bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", + patch by "teor". + + o Minor features (bug-resistance, backport from 0.2.8.2-alpha): + - Make Tor survive errors involving connections without a + corresponding event object. Previously we'd fail with an + assertion; now we produce a log message. Related to bug 16248. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + +Changes in version 0.2.6.11 - 2017-03-03 + Tor 0.2.6.11 backports a number of security fixes from later Tor + releases. Anybody running Tor 0.2.6.10 or earlier should upgrade to + this release, if for some reason they cannot upgrade to a later + release series. + + Note that support for Tor 0.2.6.x is ending this year: we will not issue + any fixes for the Tor 0.2.6.x series after 1 August 2017. If you need + a Tor release series with longer-term support, we recommend Tor 0.2.9.x. + + o Directory authority changes (backport from 0.2.8.5-rc): + - Urras is no longer a directory authority. Closes ticket 19271. + + o Directory authority changes (backport from 0.2.9.2-alpha): + - The "Tonga" bridge authority has been retired; the new bridge + authority is "Bifroest". Closes tickets 19728 and 19690. + + o Directory authority key updates (backport from 0.2.8.1-alpha): + - Update the V3 identity key for the dannenberg directory authority: + it was changed on 18 November 2015. Closes task 17906. Patch + by "teor". + + o Major features (security fixes, backport from 0.2.9.4-alpha): + - Prevent a class of security bugs caused by treating the contents + of a buffer chunk as if they were a NUL-terminated string. At + least one such bug seems to be present in all currently used + versions of Tor, and would allow an attacker to remotely crash + most Tor instances, especially those compiled with extra compiler + hardening. With this defense in place, such bugs can't crash Tor, + though we should still fix them as they occur. Closes ticket + 20384 (TROVE-2016-10-001). + + o Major bugfixes (parsing, security, backport from 0.2.9.8): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha): + - Stop a crash that could occur when a client running with DNSPort + received a query with multiple address types, and the first + address type was not supported. Found and fixed by Scott Dial. + Fixes bug 18710; bugfix on 0.2.5.4-alpha. + + o Major bugfixes (security, correctness, backport from 0.2.7.4-rc): + - Fix an error that could cause us to read 4 bytes before the + beginning of an openssl string. This bug could be used to cause + Tor to crash on systems with unusual malloc implementations, or + systems with unusual hardening installed. Fixes bug 17404; bugfix + on 0.2.3.6-alpha. + + o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha): + - Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug 18162; + bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely. + Reported by Guido Vranken. + + o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha): + - Avoid crashing when running as a DNS proxy. Fixes bug 16248; + bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". + + o Major bugfixes (guard selection, backport from 0.2.7.6): + - Actually look at the Guard flag when selecting a new directory + guard. When we implemented the directory guard design, we + accidentally started treating all relays as if they have the Guard + flag during guard selection, leading to weaker anonymity and worse + performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered + by Mohsen Imani. + + o Major bugfixes (key management, backport from 0.2.8.3-alpha): + - If OpenSSL fails to generate an RSA key, do not retain a dangling + pointer to the previous (uninitialized) key value. The impact here + should be limited to a difficult-to-trigger crash, if OpenSSL is + running an engine that makes key generation failures possible, or + if OpenSSL runs out of memory. Fixes bug 19152; bugfix on + 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and + Baishakhi Ray. + + o Major bugfixes (parsing, backported from 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (security, memory erasure, backport from 0.2.8.1-alpha): + - Make memwipe() do nothing when passed a NULL pointer or buffer of + zero size. Check size argument to memwipe() for underflow. Fixes + bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", + patch by "teor". + + o Minor features (bug-resistance, backport from 0.2.8.2-alpha): + - Make Tor survive errors involving connections without a + corresponding event object. Previously we'd fail with an + assertion; now we produce a log message. Related to bug 16248. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation, backport from 0.2.7.6): + - Fix a compilation warning with Clang 3.6: Do not check the + presence of an address which can never be NULL. Fixes bug 17781. + + +Changes in version 0.2.5.13 - 2017-03-03 + Tor 0.2.5.13 backports a number of security fixes from later Tor + releases. Anybody running Tor 0.2.5.13 or earlier should upgrade to + this release, if for some reason they cannot upgrade to a later + release series. + + Note that support for Tor 0.2.5.x is ending next year: we will not issue + any fixes for the Tor 0.2.5.x series after 1 May 2018. If you need + a Tor release series with longer-term support, we recommend Tor 0.2.9.x. + + o Directory authority changes (backport from 0.2.8.5-rc): + - Urras is no longer a directory authority. Closes ticket 19271. + + o Directory authority changes (backport from 0.2.9.2-alpha): + - The "Tonga" bridge authority has been retired; the new bridge + authority is "Bifroest". Closes tickets 19728 and 19690. + + o Directory authority key updates (backport from 0.2.8.1-alpha): + - Update the V3 identity key for the dannenberg directory authority: + it was changed on 18 November 2015. Closes task 17906. Patch + by "teor". + + o Major features (security fixes, backport from 0.2.9.4-alpha): + - Prevent a class of security bugs caused by treating the contents + of a buffer chunk as if they were a NUL-terminated string. At + least one such bug seems to be present in all currently used + versions of Tor, and would allow an attacker to remotely crash + most Tor instances, especially those compiled with extra compiler + hardening. With this defense in place, such bugs can't crash Tor, + though we should still fix them as they occur. Closes ticket + 20384 (TROVE-2016-10-001). + + o Major bugfixes (parsing, security, backport from 0.2.9.8): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha): + - Stop a crash that could occur when a client running with DNSPort + received a query with multiple address types, and the first + address type was not supported. Found and fixed by Scott Dial. + Fixes bug 18710; bugfix on 0.2.5.4-alpha. + + o Major bugfixes (security, correctness, backport from 0.2.7.4-rc): + - Fix an error that could cause us to read 4 bytes before the + beginning of an openssl string. This bug could be used to cause + Tor to crash on systems with unusual malloc implementations, or + systems with unusual hardening installed. Fixes bug 17404; bugfix + on 0.2.3.6-alpha. + + o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha): + - Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug 18162; + bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely. + Reported by Guido Vranken. + + o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha): + - Avoid crashing when running as a DNS proxy. Fixes bug 16248; + bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". + + o Major bugfixes (guard selection, backport from 0.2.7.6): + - Actually look at the Guard flag when selecting a new directory + guard. When we implemented the directory guard design, we + accidentally started treating all relays as if they have the Guard + flag during guard selection, leading to weaker anonymity and worse + performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered + by Mohsen Imani. + + o Major bugfixes (key management, backport from 0.2.8.3-alpha): + - If OpenSSL fails to generate an RSA key, do not retain a dangling + pointer to the previous (uninitialized) key value. The impact here + should be limited to a difficult-to-trigger crash, if OpenSSL is + running an engine that makes key generation failures possible, or + if OpenSSL runs out of memory. Fixes bug 19152; bugfix on + 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and + Baishakhi Ray. + + o Major bugfixes (parsing, backported from 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (security, memory erasure, backport from 0.2.8.1-alpha): + - Make memwipe() do nothing when passed a NULL pointer or buffer of + zero size. Check size argument to memwipe() for underflow. Fixes + bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", + patch by "teor". + + o Minor features (bug-resistance, backport from 0.2.8.2-alpha): + - Make Tor survive errors involving connections without a + corresponding event object. Previously we'd fail with an + assertion; now we produce a log message. Related to bug 16248. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation, backport from 0.2.7.6): + - Fix a compilation warning with Clang 3.6: Do not check the + presence of an address which can never be NULL. Fixes bug 17781. + + o Minor bugfixes (crypto error-handling, backport from 0.2.7.2-alpha): + - Check for failures from crypto_early_init, and refuse to continue. + A previous typo meant that we could keep going with an + uninitialized crypto library, and would have OpenSSL initialize + its own PRNG. Fixes bug 16360; bugfix on 0.2.5.2-alpha, introduced + when implementing ticket 4900. Patch by "teor". + + o Minor bugfixes (hidden service, backport from 0.2.7.1-alpha): + - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on + a client authorized hidden service. Fixes bug 15823; bugfix + on 0.2.1.6-alpha. + + +Changes in version 0.2.4.28 - 2017-03-03 + Tor 0.2.4.28 backports a number of security fixes from later Tor + releases. Anybody running Tor 0.2.4.27 or earlier should upgrade to + this release, if for some reason they cannot upgrade to a later + release series. + + Note that support for Tor 0.2.4.x is ending soon: we will not issue + any fixes for the Tor 0.2.4.x series after 1 August 2017. If you need + a Tor release series with long-term support, we recommend Tor 0.2.9.x. + + o Directory authority changes (backport from 0.2.8.5-rc): + - Urras is no longer a directory authority. Closes ticket 19271. + + o Directory authority changes (backport from 0.2.9.2-alpha): + - The "Tonga" bridge authority has been retired; the new bridge + authority is "Bifroest". Closes tickets 19728 and 19690. + + o Directory authority key updates (backport from 0.2.8.1-alpha): + - Update the V3 identity key for the dannenberg directory authority: + it was changed on 18 November 2015. Closes task 17906. Patch + by "teor". + + o Major features (security fixes, backport from 0.2.9.4-alpha): + - Prevent a class of security bugs caused by treating the contents + of a buffer chunk as if they were a NUL-terminated string. At + least one such bug seems to be present in all currently used + versions of Tor, and would allow an attacker to remotely crash + most Tor instances, especially those compiled with extra compiler + hardening. With this defense in place, such bugs can't crash Tor, + though we should still fix them as they occur. Closes ticket + 20384 (TROVE-2016-10-001). + + o Major bugfixes (parsing, security, backport from 0.2.9.8): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Major bugfixes (security, correctness, backport from 0.2.7.4-rc): + - Fix an error that could cause us to read 4 bytes before the + beginning of an openssl string. This bug could be used to cause + Tor to crash on systems with unusual malloc implementations, or + systems with unusual hardening installed. Fixes bug 17404; bugfix + on 0.2.3.6-alpha. + + o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha): + - Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug 18162; + bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely. + Reported by Guido Vranken. + + o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha): + - Avoid crashing when running as a DNS proxy. Fixes bug 16248; + bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". + + o Major bugfixes (guard selection, backport from 0.2.7.6): + - Actually look at the Guard flag when selecting a new directory + guard. When we implemented the directory guard design, we + accidentally started treating all relays as if they have the Guard + flag during guard selection, leading to weaker anonymity and worse + performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered + by Mohsen Imani. + + o Major bugfixes (key management, backport from 0.2.8.3-alpha): + - If OpenSSL fails to generate an RSA key, do not retain a dangling + pointer to the previous (uninitialized) key value. The impact here + should be limited to a difficult-to-trigger crash, if OpenSSL is + running an engine that makes key generation failures possible, or + if OpenSSL runs out of memory. Fixes bug 19152; bugfix on + 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and + Baishakhi Ray. + + o Major bugfixes (parsing, backported from 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (security, memory erasure, backport from 0.2.8.1-alpha): + - Make memwipe() do nothing when passed a NULL pointer or buffer of + zero size. Check size argument to memwipe() for underflow. Fixes + bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", + patch by "teor". + + o Minor features (bug-resistance, backport from 0.2.8.2-alpha): + - Make Tor survive errors involving connections without a + corresponding event object. Previously we'd fail with an + assertion; now we produce a log message. Related to bug 16248. + + o Minor features (DoS-resistance, backport from 0.2.7.1-alpha): + - Make it harder for attackers to overload hidden services with + introductions, by blocking multiple introduction requests on the + same circuit. Resolves ticket 15515. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation, backport from 0.2.7.6): + - Fix a compilation warning with Clang 3.6: Do not check the + presence of an address which can never be NULL. Fixes bug 17781. + + o Minor bugfixes (hidden service, backport from 0.2.7.1-alpha): + - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on + a client authorized hidden service. Fixes bug 15823; bugfix + on 0.2.1.6-alpha. + + +Changes in version 0.3.0.4-rc - 2017-03-01 + Tor 0.3.0.4-rc fixes some remaining bugs, large and small, in the + 0.3.0 release series, and introduces a few reliability features to + keep them from coming back. + + This is the first release candidate in the Tor 0.3.0 series. If we + find no new bugs or regressions here, the first stable 0.3.0 release + will be nearly identical to it. + + o Major bugfixes (bridges): + - When the same bridge is configured multiple times with the same + identity, but at different address:port combinations, treat those + bridge instances as separate guards. This fix restores the ability + of clients to configure the same bridge with multiple pluggable + transports. Fixes bug 21027; bugfix on 0.3.0.1-alpha. + + o Major bugfixes (hidden service directory v3): + - Stop crashing on a failed v3 hidden service descriptor lookup + failure. Fixes bug 21471; bugfixes on tor-0.3.0.1-alpha. + + o Major bugfixes (parsing): + - When parsing a malformed content-length field from an HTTP + message, do not read off the end of the buffer. This bug was a + potential remote denial-of-service attack against Tor clients and + relays. A workaround was released in October 2016, to prevent this + bug from crashing Tor. This is a fix for the underlying issue, + which should no longer matter (if you applied the earlier patch). + Fixes bug 20894; bugfix on 0.2.0.16-alpha. Bug found by fuzzing + using AFL (http://lcamtuf.coredump.cx/afl/). + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor feature (protocol versioning): + - Add new protocol version for proposal 224. HSIntro now advertises + version "3-4" and HSDir version "1-2". Fixes ticket 20656. + + o Minor features (directory authorities): + - Directory authorities now reject descriptors that claim to be + malformed versions of Tor. Helps prevent exploitation of + bug 21278. + - Reject version numbers with components that exceed INT32_MAX. + Otherwise 32-bit and 64-bit platforms would behave inconsistently. + Fixes bug 21450; bugfix on 0.0.8pre1. + - Directory authorities now reject relays running versions + 0.2.9.1-alpha through 0.2.9.4-alpha, because those relays + suffer from bug 20499 and don't keep their consensus cache + up-to-date. Resolves ticket 20509. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + o Minor features (reliability, crash): + - Try better to detect problems in buffers where they might grow (or + think they have grown) over 2 GB in size. Diagnostic for + bug 21369. + + o Minor features (testing): + - During 'make test-network-all', if tor logs any warnings, ask + chutney to output them. Requires a recent version of chutney with + the 21572 patch. Implements 21570. + + o Minor bugfixes (certificate expiration time): + - Avoid using link certificates that don't become valid till some + time in the future. Fixes bug 21420; bugfix on 0.2.4.11-alpha + + o Minor bugfixes (code correctness): + - Repair a couple of (unreachable or harmless) cases of the risky + comparison-by-subtraction pattern that caused bug 21278. + - Remove a redundant check for the UseEntryGuards option from the + options_transition_affects_guards() function. Fixes bug 21492; + bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (directory mirrors): + - Allow relays to use directory mirrors without a DirPort: these + relays need to be contacted over their ORPorts using a begindir + connection. Fixes one case of bug 20711; bugfix on 0.2.8.2-alpha. + - Clarify the message logged when a remote relay is unexpectedly + missing an ORPort or DirPort: users were confusing this with a + local port. Fixes another case of bug 20711; bugfix + on 0.2.8.2-alpha. + + o Minor bugfixes (guards): + - Don't warn about a missing guard state on timeout-measurement + circuits: they aren't supposed to be using guards. Fixes an + instance of bug 21007; bugfix on 0.3.0.1-alpha. + - Silence a BUG() warning when attempting to use a guard whose + descriptor we don't know, and make this scenario less likely to + happen. Fixes bug 21415; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (hidden service): + - Pass correct buffer length when encoding legacy ESTABLISH_INTRO + cells. Previously, we were using sizeof() on a pointer, instead of + the real destination buffer. Fortunately, that value was only used + to double-check that there was enough room--which was already + enforced elsewhere. Fixes bug 21553; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (testing): + - Fix Raspbian build issues related to missing socket errno in + test_util.c. Fixes bug 21116; bugfix on tor-0.2.8.2. Patch + by "hein". + - Rename "make fuzz" to "make test-fuzz-corpora", since it doesn't + actually fuzz anything. Fixes bug 21447; bugfix on 0.3.0.3-alpha. + - Use bash in src/test/test-network.sh. This ensures we reliably + call chutney's newer tools/test-network.sh when available. Fixes + bug 21562; bugfix on 0.2.9.1-alpha. + + o Documentation: + - Small fixes to the fuzzing documentation. Closes ticket 21472. + + +Changes in version 0.2.9.10 - 2017-03-01 + Tor 0.2.9.10 backports a security fix from later Tor release. It also + includes fixes for some major issues affecting directory authorities, + LibreSSL compatibility, and IPv6 correctness. + + The Tor 0.2.9.x release series is now marked as a long-term-support + series. We intend to backport security fixes to 0.2.9.x until at + least January of 2020. + + o Major bugfixes (directory authority, 0.3.0.3-alpha): + - During voting, when marking a relay as a probable sybil, do not + clear its BadExit flag: sybils can still be bad in other ways + too. (We still clear the other flags.) Fixes bug 21108; bugfix + on 0.2.0.13-alpha. + + o Major bugfixes (IPv6 Exits, backport from 0.3.0.3-alpha): + - Stop rejecting all IPv6 traffic on Exits whose exit policy rejects + any IPv6 addresses. Instead, only reject a port over IPv6 if the + exit policy rejects that port on more than an IPv6 /16 of + addresses. This bug was made worse by 17027 in 0.2.8.1-alpha, + which rejected a relay's own IPv6 address by default. Fixes bug + 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha. + + o Major bugfixes (parsing, also in 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (directory authorities, also in 0.3.0.4-rc): + - Directory authorities now reject descriptors that claim to be + malformed versions of Tor. Helps prevent exploitation of + bug 21278. + - Reject version numbers with components that exceed INT32_MAX. + Otherwise 32-bit and 64-bit platforms would behave inconsistently. + Fixes bug 21450; bugfix on 0.0.8pre1. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + o Minor features (portability, compilation, backport from 0.3.0.3-alpha): + - Autoconf now checks to determine if OpenSSL structures are opaque, + instead of explicitly checking for OpenSSL version numbers. Part + of ticket 21359. + - Support building with recent LibreSSL code that uses opaque + structures. Closes ticket 21359. + + o Minor bugfixes (code correctness, also in 0.3.0.4-rc): + - Repair a couple of (unreachable or harmless) cases of the risky + comparison-by-subtraction pattern that caused bug 21278. + + o Minor bugfixes (tor-resolve, backport from 0.3.0.3-alpha): + - The tor-resolve command line tool now rejects hostnames over 255 + characters in length. Previously, it would silently truncate them, + which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5. + Patch by "junglefowl". + + +Changes in version 0.3.0.3-alpha - 2017-02-03 + Tor 0.3.0.3-alpha fixes a few significant bugs introduced over the + 0.3.0.x development series, including some that could cause + authorities to behave badly. There is also a fix for a longstanding + bug that could prevent IPv6 exits from working. Tor 0.3.0.3-alpha also + includes some smaller features and bugfixes. + + The Tor 0.3.0.x release series is now in patch-freeze: no additional + features will be considered for inclusion in 0.3.0.x. We suspect that + some bugs will probably remain, however, and we encourage people to + test this release. + + o Major bugfixes (directory authority): + - During voting, when marking a relay as a probable sybil, do not + clear its BadExit flag: sybils can still be bad in other ways + too. (We still clear the other flags.) Fixes bug 21108; bugfix + on 0.2.0.13-alpha. + - When deciding whether we have just found a router to be reachable, + do not penalize it for not having performed an Ed25519 link + handshake if it does not claim to support an Ed25519 handshake. + Previously, we would treat such relays as non-running. Fixes bug + 21107; bugfix on 0.3.0.1-alpha. + + o Major bugfixes (entry guards): + - Stop trying to build circuits through entry guards for which we + have no descriptor. Also, stop crashing in the case that we *do* + accidentally try to build a circuit in such a state. Fixes bug + 21242; bugfix on 0.3.0.1-alpha. + + o Major bugfixes (IPv6 Exits): + - Stop rejecting all IPv6 traffic on Exits whose exit policy rejects + any IPv6 addresses. Instead, only reject a port over IPv6 if the + exit policy rejects that port on more than an IPv6 /16 of + addresses. This bug was made worse by 17027 in 0.2.8.1-alpha, + which rejected a relay's own IPv6 address by default. Fixes bug + 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha. + + o Minor feature (client): + - Enable IPv6 traffic on the SocksPort by default. To disable this, + a user will have to specify "NoIPv6Traffic". Closes ticket 21269. + + o Minor feature (fallback scripts): + - Add a check_existing mode to updateFallbackDirs.py, which checks + if fallbacks in the hard-coded list are working. Closes ticket + 20174. Patch by haxxpop. + + o Minor features (ciphersuite selection): + - Clients now advertise a list of ciphersuites closer to the ones + preferred by Firefox. Closes part of ticket 15426. + - Allow relays to accept a wider range of ciphersuites, including + chacha20-poly1305 and AES-CCM. Closes the other part of 15426. + + o Minor features (controller, configuration): + - Each of the *Port options, such as SocksPort, ORPort, ControlPort, + and so on, now comes with a __*Port variant that will not be saved + to the torrc file by the controller's SAVECONF command. This + change allows TorBrowser to set up a single-use domain socket for + each time it launches Tor. Closes ticket 20956. + - The GETCONF command can now query options that may only be + meaningful in context-sensitive lists. This allows the controller + to query the mixed SocksPort/__SocksPort style options introduced + in feature 20956. Implements ticket 21300. + + o Minor features (portability, compilation): + - Autoconf now checks to determine if OpenSSL structures are opaque, + instead of explicitly checking for OpenSSL version numbers. Part + of ticket 21359. + - Support building with recent LibreSSL code that uses opaque + structures. Closes ticket 21359. + + o Minor features (relay): + - We now allow separation of exit and relay traffic to different + source IP addresses, using the OutboundBindAddressExit and + OutboundBindAddressOR options respectively. Closes ticket 17975. + Written by Michael Sonntag. + + o Minor bugfix (logging): + - Don't recommend the use of Tor2web in non-anonymous mode. + Recommending Tor2web is a bad idea because the client loses all + anonymity. Tor2web should only be used in specific cases by users + who *know* and understand the issues. Fixes bug 21294; bugfix + on 0.2.9.3-alpha. + + o Minor bugfixes (client): + - Always recover from failures in extend_info_from_node(), in an + attempt to prevent any recurrence of bug 21242. Fixes bug 21372; + bugfix on 0.2.3.1-alpha. + + o Minor bugfixes (client, entry guards): + - Fix a bug warning (with backtrace) when we fail a channel that + circuits to fallback directories on it. Fixes bug 21128; bugfix + on 0.3.0.1-alpha. + - Fix a spurious bug warning (with backtrace) when removing an + expired entry guard. Fixes bug 21129; bugfix on 0.3.0.1-alpha. + - Fix a bug of the new guard algorithm where tor could stall for up + to 10 minutes before retrying a guard after a long period of no + network. Fixes bug 21052; bugfix on 0.3.0.1-alpha. + - Do not try to build circuits until we have descriptors for our + primary entry guards. Related to fix for bug 21242. + + o Minor bugfixes (configure, autoconf): + - Rename the configure option --enable-expensive-hardening to + --enable-fragile-hardening. Expensive hardening makes the tor + daemon abort when some kinds of issues are detected. Thus, it + makes tor more at risk of remote crashes but safer against RCE or + heartbleed bug category. We now try to explain this issue in a + message from the configure script. Fixes bug 21290; bugfix + on 0.2.5.4-alpha. + + o Minor bugfixes (controller): + - Restore the (deprecated) DROPGUARDS controller command. Fixes bug + 20824; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (hidden service): + - Clean up the code for expiring intro points with no associated + circuits. It was causing, rarely, a service with some expiring + introduction points to not open enough additional introduction + points. Fixes part of bug 21302; bugfix on 0.2.7.2-alpha. + - Stop setting the torrc option HiddenServiceStatistics to "0" just + because we're not a bridge or relay. Instead, we preserve whatever + value the user set (or didn't set). Fixes bug 21150; bugfix + on 0.2.6.2-alpha. + - Resolve two possible underflows which could lead to creating and + closing a lot of introduction point circuits in a non-stop loop. + Fixes bug 21302; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (portability): + - Use "OpenBSD" compiler macro instead of "OPENBSD" or "__OpenBSD__". + It is supported by OpenBSD itself, and also by most OpenBSD + variants (such as Bitrig). Fixes bug 20980; bugfix + on 0.1.2.1-alpha. + - When mapping a file of length greater than SIZE_MAX, do not + silently truncate its contents. This issue could occur on 32 bit + systems with large file support and files which are larger than 4 + GB. Fixes bug 21134; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (tor-resolve): + - The tor-resolve command line tool now rejects hostnames over 255 + characters in length. Previously, it would silently truncate them, + which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5. + Patch by "junglefowl". + + o Minor bugfixes (Windows services): + - Be sure to initialize the monotonic time subsystem before using + it, even when running as an NT service. Fixes bug 21356; bugfix + on 0.2.9.1-alpha. + + +Changes in version 0.3.0.2-alpha - 2017-01-23 + Tor 0.3.0.2-alpha fixes a denial-of-service bug where an attacker could + cause relays and clients to crash, even if they were not built with + the --enable-expensive-hardening option. This bug affects all 0.2.9.x + versions, and also affects 0.3.0.1-alpha: all relays running an affected + version should upgrade. + + Tor 0.3.0.2-alpha also improves how exit relays and clients handle DNS + time-to-live values, makes directory authorities enforce the 1-to-1 + mapping of relay RSA identity keys to ED25519 identity keys, fixes a + client-side onion service reachability bug, does better at selecting + the set of fallback directories, and more. + + o Major bugfixes (security, also in 0.2.9.9): + - Downgrade the "-ftrapv" option from "always on" to "only on when + --enable-expensive-hardening is provided." This hardening option, like + others, can turn survivable bugs into crashes--and having it on by + default made a (relatively harmless) integer overflow bug into a + denial-of-service bug. Fixes bug 21278 (TROVE-2017-001); bugfix on + 0.2.9.1-alpha. + + o Major features (security): + - Change the algorithm used to decide DNS TTLs on client and server + side, to better resist DNS-based correlation attacks like the + DefecTor attack of Greschbach, Pulls, Roberts, Winter, and + Feamster. Now relays only return one of two possible DNS TTL + values, and clients are willing to believe DNS TTL values up to 3 + hours long. Closes ticket 19769. + + o Major features (directory authority, security): + - The default for AuthDirPinKeys is now 1: directory authorities + will reject relays where the RSA identity key matches a previously + seen value, but the Ed25519 key has changed. Closes ticket 18319. + + o Major bugfixes (client, guard, crash): + - In circuit_get_global_origin_list(), return the actual list of + origin circuits. The previous version of this code returned the + list of all the circuits, and could have caused strange bugs, + including possible crashes. Fixes bug 21118; bugfix + on 0.3.0.1-alpha. + + o Major bugfixes (client, onion service, also in 0.2.9.9): + - Fix a client-side onion service reachability bug, where multiple + socks requests to an onion service (or a single slow request) + could cause us to mistakenly mark some of the service's + introduction points as failed, and we cache that failure so + eventually we run out and can't reach the service. Also resolves a + mysterious "Remote server sent bogus reason code 65021" log + warning. The bug was introduced in ticket 17218, where we tried to + remember the circuit end reason as a uint16_t, which mangled + negative values. Partially fixes bug 21056 and fixes bug 20307; + bugfix on 0.2.8.1-alpha. + + o Major bugfixes (DNS): + - Fix a bug that prevented exit nodes from caching DNS records for + more than 60 seconds. Fixes bug 19025; bugfix on 0.2.4.7-alpha. + + o Minor features (controller): + - Add "GETINFO sr/current" and "GETINFO sr/previous" keys, to expose + shared-random values to the controller. Closes ticket 19925. + + o Minor features (entry guards): + - Add UseEntryGuards to TEST_OPTIONS_DEFAULT_VALUES in order to not + break regression tests. + - Require UseEntryGuards when UseBridges is set, in order to make + sure bridges aren't bypassed. Resolves ticket 20502. + + o Minor features (fallback directories): + - Select 200 fallback directories for each release. Closes + ticket 20881. + - Allow 3 fallback relays per operator, which is safe now that we + are choosing 200 fallback relays. Closes ticket 20912. + - Exclude relays affected by bug 20499 from the fallback list. + Exclude relays from the fallback list if they are running versions + known to be affected by bug 20499, or if in our tests they deliver + a stale consensus (i.e. one that expired more than 24 hours ago). + Closes ticket 20539. + - Reduce the minimum fallback bandwidth to 1 MByte/s. Part of + ticket 18828. + - Require fallback directories to have the same address and port for + 7 days (now that we have enough relays with this stability). + Relays whose OnionOO stability timer is reset on restart by bug + 18050 should upgrade to Tor 0.2.8.7 or later, which has a fix for + this issue. Closes ticket 20880; maintains short-term fix + in 0.2.8.2-alpha. + - Require fallbacks to have flags for 90% of the time (weighted + decaying average), rather than 95%. This allows at least 73% of + clients to bootstrap in the first 5 seconds without contacting an + authority. Part of ticket 18828. + - Annotate updateFallbackDirs.py with the bandwidth and consensus + weight for each candidate fallback. Closes ticket 20878. + - Make it easier to change the output sort order of fallbacks. + Closes ticket 20822. + - Display the relay fingerprint when downloading consensuses from + fallbacks. Closes ticket 20908. + + o Minor features (geoip, also in 0.2.9.9): + - Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2 + Country database. + + o Minor features (next-gen onion service directories): + - Remove the "EnableOnionServicesV3" consensus parameter that we + introduced in 0.3.0.1-alpha: relays are now always willing to act + as v3 onion service directories. Resolves ticket 19899. + + o Minor features (linting): + - Enhance the changes file linter to warn on Tor versions that are + prefixed with "tor-". Closes ticket 21096. + + o Minor features (logging): + - In several places, describe unset ed25519 keys as "<unset>", + rather than the scary "AAAAAAAA...AAA". Closes ticket 21037. + + o Minor bugfix (control protocol): + - The reply to a "GETINFO config/names" request via the control + protocol now spells the type "Dependent" correctly. This is a + breaking change in the control protocol. (The field seems to be + ignored by the most common known controllers.) Fixes bug 18146; + bugfix on 0.1.1.4-alpha. + + o Minor bugfixes (bug resilience): + - Fix an unreachable size_t overflow in base64_decode(). Fixes bug + 19222; bugfix on 0.2.0.9-alpha. Found by Guido Vranken; fixed by + Hans Jerry Illikainen. + + o Minor bugfixes (build): + - Replace obsolete Autoconf macros with their modern equivalent and + prevent similar issues in the future. Fixes bug 20990; bugfix + on 0.1.0.1-rc. + + o Minor bugfixes (client, guards): + - Fix bug where Tor would think that there are circuits waiting for + better guards even though those circuits have been freed. Fixes + bug 21142; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (config): + - Don't assert on startup when trying to get the options list and + LearnCircuitBuildTimeout is set to 0: we are currently parsing the + options so of course they aren't ready yet. Fixes bug 21062; + bugfix on 0.2.9.3-alpha. + + o Minor bugfixes (controller): + - Make the GETINFO interface for inquiring about entry guards + support the new guards backend. Fixes bug 20823; bugfix + on 0.3.0.1-alpha. + + o Minor bugfixes (dead code): + - Remove a redundant check for PidFile changes at runtime in + options_transition_allowed(): this check is already performed + regardless of whether the sandbox is active. Fixes bug 21123; + bugfix on 0.2.5.4-alpha. + + o Minor bugfixes (documentation): + - Update the tor manual page to document every option that can not + be changed while tor is running. Fixes bug 21122. + + o Minor bugfixes (fallback directories): + - Stop failing when a relay has no uptime data in + updateFallbackDirs.py. Fixes bug 20945; bugfix on 0.2.8.1-alpha. + - Avoid checking fallback candidates' DirPorts if they are down in + OnionOO. When a relay operator has multiple relays, this + prioritizes relays that are up over relays that are down. Fixes + bug 20926; bugfix on 0.2.8.3-alpha. + - Stop failing when OUTPUT_COMMENTS is True in updateFallbackDirs.py. + Fixes bug 20877; bugfix on 0.2.8.3-alpha. + + o Minor bugfixes (guards, bootstrapping): + - When connecting to a directory guard during bootstrap, do not mark + the guard as successful until we receive a good-looking directory + response from it. Fixes bug 20974; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (onion services): + - Fix the config reload pruning of old vs new services so it + actually works when both ephemeral and non-ephemeral services are + configured. Fixes bug 21054; bugfix on 0.3.0.1-alpha. + - Allow the number of introduction points to be as low as 0, rather + than as low as 3. Fixes bug 21033; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (IPv6): + - Make IPv6-using clients try harder to find an IPv6 directory + server. Fixes bug 20999; bugfix on 0.2.8.2-alpha. + - When IPv6 addresses have not been downloaded yet (microdesc + consensus documents don't list relay IPv6 addresses), use hard- + coded addresses for authorities, fallbacks, and configured + bridges. Now IPv6-only clients can use microdescriptors. Fixes bug + 20996; bugfix on b167e82 from 19608 in 0.2.8.5-alpha. + + o Minor bugfixes (memory leaks): + - Fix a memory leak when configuring hidden services. Fixes bug + 20987; bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (portability, also in 0.2.9.9): + - Avoid crashing when Tor is built using headers that contain + CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel + without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix + on 0.2.9.1-alpha. + - Fix Libevent detection on platforms without Libevent 1 headers + installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (relay): + - Honor DataDirectoryGroupReadable when tor is a relay. Previously, + initializing the keys would reset the DataDirectory to 0700 + instead of 0750 even if DataDirectoryGroupReadable was set to 1. + Fixes bug 19953; bugfix on 0.0.2pre16. Patch by "redfish". + + o Minor bugfixes (testing): + - Remove undefined behavior from the backtrace generator by removing + its signal handler. Fixes bug 21026; bugfix on 0.2.5.2-alpha. + + o Minor bugfixes (unit tests): + - Allow the unit tests to pass even when DNS lookups of bogus + addresses do not fail as expected. Fixes bug 20862 and 20863; + bugfix on unit tests introduced in 0.2.8.1-alpha + through 0.2.9.4-alpha. + + o Code simplification and refactoring: + - Refactor code to manipulate global_origin_circuit_list into + separate functions. Closes ticket 20921. + + o Documentation (formatting): + - Clean up formatting of tor.1 man page and HTML doc, where <pre> + blocks were incorrectly appearing. Closes ticket 20885. + + o Documentation (man page): + - Clarify many options in tor.1 and add some min/max values for + HiddenService options. Closes ticket 21058. + + +Changes in version 0.2.9.9 - 2017-01-23 + Tor 0.2.9.9 fixes a denial-of-service bug where an attacker could + cause relays and clients to crash, even if they were not built with + the --enable-expensive-hardening option. This bug affects all 0.2.9.x + versions, and also affects 0.3.0.1-alpha: all relays running an affected + version should upgrade. + + This release also resolves a client-side onion service reachability + bug, and resolves a pair of small portability issues. + + o Major bugfixes (security): + - Downgrade the "-ftrapv" option from "always on" to "only on when + --enable-expensive-hardening is provided." This hardening option, + like others, can turn survivable bugs into crashes -- and having + it on by default made a (relatively harmless) integer overflow bug + into a denial-of-service bug. Fixes bug 21278 (TROVE-2017-001); + bugfix on 0.2.9.1-alpha. + + o Major bugfixes (client, onion service): + - Fix a client-side onion service reachability bug, where multiple + socks requests to an onion service (or a single slow request) + could cause us to mistakenly mark some of the service's + introduction points as failed, and we cache that failure so + eventually we run out and can't reach the service. Also resolves a + mysterious "Remote server sent bogus reason code 65021" log + warning. The bug was introduced in ticket 17218, where we tried to + remember the circuit end reason as a uint16_t, which mangled + negative values. Partially fixes bug 21056 and fixes bug 20307; + bugfix on 0.2.8.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (portability): + - Avoid crashing when Tor is built using headers that contain + CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel + without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix + on 0.2.9.1-alpha. + - Fix Libevent detection on platforms without Libevent 1 headers + installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha. + + +Changes in version 0.3.0.1-alpha - 2016-12-19 + Tor 0.3.0.1-alpha is the first alpha release in the 0.3.0 development + series. It strengthens Tor's link and circuit handshakes by + identifying relays by their Ed25519 keys, improves the algorithm that + clients use to choose and maintain their list of guards, and includes + additional backend support for the next-generation hidden service + design. It also contains numerous other small features and + improvements to security, correctness, and performance. + + Below are the changes since 0.2.9.8. + + o Major features (guard selection algorithm): + - Tor's guard selection algorithm has been redesigned from the + ground up, to better support unreliable networks and restrictive + sets of entry nodes, and to better resist guard-capture attacks by + hostile local networks. Implements proposal 271; closes + ticket 19877. + + o Major features (next-generation hidden services): + - Relays can now handle v3 ESTABLISH_INTRO cells as specified by + prop224 aka "Next Generation Hidden Services". Service and clients + don't use this functionality yet. Closes ticket 19043. Based on + initial code by Alec Heifetz. + - Relays now support the HSDir version 3 protocol, so that they can + can store and serve v3 descriptors. This is part of the next- + generation onion service work detailled in proposal 224. Closes + ticket 17238. + + o Major features (protocol, ed25519 identity keys): + - Relays now use Ed25519 to prove their Ed25519 identities and to + one another, and to clients. This algorithm is faster and more + secure than the RSA-based handshake we've been doing until now. + Implements the second big part of proposal 220; Closes + ticket 15055. + - Clients now support including Ed25519 identity keys in the EXTEND2 + cells they generate. By default, this is controlled by a consensus + parameter, currently disabled. You can turn this feature on for + testing by setting ExtendByEd25519ID in your configuration. This + might make your traffic appear different than the traffic + generated by other users, however. Implements part of ticket + 15056; part of proposal 220. + - Relays now understand requests to extend to other relays by their + Ed25519 identity keys. When an Ed25519 identity key is included in + an EXTEND2 cell, the relay will only extend the circuit if the + other relay can prove ownership of that identity. Implements part + of ticket 15056; part of proposal 220. + + o Major bugfixes (scheduler): + - Actually compare circuit policies in ewma_cmp_cmux(). This bug + caused the channel scheduler to behave more or less randomly, + rather than preferring channels with higher-priority circuits. + Fixes bug 20459; bugfix on 0.2.6.2-alpha. + + o Minor features (controller): + - When HSFETCH arguments cannot be parsed, say "Invalid argument" + rather than "unrecognized." Closes ticket 20389; patch from + Ivan Markin. + + o Minor features (diagnostic, directory client): + - Warn when we find an unexpected inconsistency in directory + download status objects. Prevents some negative consequences of + bug 20593. + + o Minor features (directory authority): + - Add a new authority-only AuthDirTestEd25519LinkKeys option (on by + default) to control whether authorities should try to probe relays + by their Ed25519 link keys. This option will go away in a few + releases--unless we encounter major trouble in our ed25519 link + protocol rollout, in which case it will serve as a safety option. + + o Minor features (directory cache): + - Relays and bridges will now refuse to serve the consensus they + have if they know it is too old for a client to use. Closes + ticket 20511. + + o Minor features (ed25519 link handshake): + - Advertise support for the ed25519 link handshake using the + subprotocol-versions mechanism, so that clients can tell which + relays can identity themselves by Ed25519 ID. Closes ticket 20552. + + o Minor features (fingerprinting resistance, authentication): + - Extend the length of RSA keys used for TLS link authentication to + 2048 bits. (These weren't used for forward secrecy; for forward + secrecy, we used P256.) Closes ticket 13752. + + o Minor features (infrastructure): + - Implement smartlist_add_strdup() function. Replaces the use of + smartlist_add(sl, tor_strdup(str)). Closes ticket 20048. + + o Minor bugfixes (client): + - When clients that use bridges start up with a cached consensus on + disk, they were ignoring it and downloading a new one. Now they + use the cached one. Fixes bug 20269; bugfix on 0.2.3.12-alpha. + + o Minor bugfixes (configuration): + - Accept non-space whitespace characters after the severity level in + the `Log` option. Fixes bug 19965; bugfix on 0.2.1.1-alpha. + - Support "TByte" and "TBytes" units in options given in bytes. + "TB", "terabyte(s)", "TBit(s)" and "terabit(s)" were already + supported. Fixes bug 20622; bugfix on 0.2.0.14-alpha. + + o Minor bugfixes (consensus weight): + - Add new consensus method that initializes bw weights to 1 instead + of 0. This prevents a zero weight from making it all the way to + the end (happens in small testing networks) and causing an error. + Fixes bug 14881; bugfix on 0.2.2.17-alpha. + + o Minor bugfixes (descriptors): + - Correctly recognise downloaded full descriptors as valid, even + when using microdescriptors as circuits. This affects clients with + FetchUselessDescriptors set, and may affect directory authorities. + Fixes bug 20839; bugfix on 0.2.3.2-alpha. + + o Minor bugfixes (directory system): + - Download all consensus flavors, descriptors, and authority + certificates when FetchUselessDescriptors is set, regardless of + whether tor is a directory cache or not. Fixes bug 20667; bugfix + on all recent tor versions. + - Bridges and relays now use microdescriptors (like clients do) + rather than old-style router descriptors. Now bridges will blend + in with clients in terms of the circuits they build. Fixes bug + 6769; bugfix on 0.2.3.2-alpha. + + o Minor bugfixes (ed25519 certificates): + - Correctly interpret ed25519 certificates that would expire some + time after 19 Jan 2038. Fixes bug 20027; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (hidden services): + - Stop ignoring misconfigured hidden services. Instead, refuse to + start tor until the misconfigurations have been corrected. Fixes + bug 20559; bugfix on multiple commits in 0.2.7.1-alpha + and earlier. + + o Minor bugfixes (memory leak at exit): + - Fix a small harmless memory leak at exit of the previously unused + RSA->Ed identity cross-certificate. Fixes bug 17779; bugfix + on 0.2.7.2-alpha. + + o Minor bugfixes (util): + - When finishing writing a file to disk, if we were about to replace + the file with the temporary file created before and we fail to + replace it, remove the temporary file so it doesn't stay on disk. + Fixes bug 20646; bugfix on tor-0.2.0.7-alpha. Patch by fk. + + o Minor bugfixes (Windows): + - Check for getpagesize before using it to mmap files. This fixes + compilation in some MinGW environments. Fixes bug 20530; bugfix on + 0.1.2.1-alpha. Reported by "ice". + + o Code simplification and refactoring: + - Abolish all global guard context in entrynodes.c; replace with new + guard_selection_t structure as preparation for proposal 271. + Closes ticket 19858. + - Introduce rend_service_is_ephemeral() that tells if given onion + service is ephemeral. Replace unclear NULL-checkings for service + directory with this function. Closes ticket 20526. + - Extract magic numbers in circuituse.c into defined variables. + - Refactor circuit_is_available_for_use to remove unnecessary check. + - Refactor circuit_predict_and_launch_new for readability and + testability. Closes ticket 18873. + - Refactor large if statement in purpose_needs_anonymity to use + switch statement instead. Closes part of ticket 20077. + - Refactor the hashing API to return negative values for errors, as + is done as throughout the codebase. Closes ticket 20717. + - Remove data structures that were used to index or_connection + objects by their RSA identity digests. These structures are fully + redundant with the similar structures used in the + channel abstraction. + - Remove duplicate code in the channel_write_*cell() functions. + Closes ticket 13827; patch from Pingl. + - Remove redundant behavior of is_sensitive_dir_purpose, refactor to + use only purpose_needs_anonymity. Closes part of ticket 20077. + - The code to generate and parse EXTEND and EXTEND2 cells has been + replaced with code automatically generated by the + "trunnel" utility. + + o Documentation: + - Include the "TBits" unit in Tor's man page. Fixes part of bug + 20622; bugfix on tor-0.2.5.1-alpha. + - Change '1' to 'weight_scale' in consensus bw weights calculation + comments, as that is reality. Closes ticket 20273. Patch + from pastly. + - Correct the value for AuthDirGuardBWGuarantee in the manpage, from + 250 KBytes to 2 MBytes. Fixes bug 20435; bugfix + on tor-0.2.5.6-alpha. + - Stop the man page from incorrectly stating that HiddenServiceDir + must already exist. Fixes 20486. + - Clarify that when ClientRejectInternalAddresses is enabled (which + is the default), multicast DNS hostnames for machines on the local + network (of the form *.local) are also rejected. Closes + ticket 17070. + + o Removed features: + - The AuthDirMaxServersPerAuthAddr option no longer exists: The same + limit for relays running on a single IP applies to authority IP + addresses as well as to non-authority IP addresses. Closes + ticket 20960. + - The UseDirectoryGuards torrc option no longer exists: all users + that use entry guards will also use directory guards. Related to + proposal 271; implements part of ticket 20831. + + o Testing: + - New unit tests for tor_htonll(). Closes ticket 19563. Patch + from "overcaffeinated". + - Perform the coding style checks when running the tests and fail + when coding style violations are found. Closes ticket 5500. + - Add tests for networkstatus_compute_bw_weights_v10. + - Add unit tests circuit_predict_and_launch_new. + - Extract dummy_origin_circuit_new so it can be used by other + test functions. + + +Changes in version 0.2.8.12 - 2016-12-19 + Tor 0.2.8.12 backports a fix for a medium-severity issue (bug 21018 + below) where Tor clients could crash when attempting to visit a + hostile hidden service. Clients are recommended to upgrade as packages + become available for their systems. + + It also includes an updated list of fallback directories, backported + from 0.2.9. + + Now that the Tor 0.2.9 series is stable, only major bugfixes will be + backported to 0.2.8 in the future. + + o Major bugfixes (parsing, security, backported from 0.2.9.8): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Minor features (fallback directory list, backported from 0.2.9.8): + - Replace the 81 remaining fallbacks of the 100 originally + introduced in Tor 0.2.8.3-alpha in March 2016, with a list of 177 + fallbacks (123 new, 54 existing, 27 removed) generated in December + 2016. Resolves ticket 20170. + + o Minor features (geoip, backported from 0.2.9.7-rc): + - Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2 + Country database. + + +Changes in version 0.2.9.8 - 2016-12-19 + Tor 0.2.9.8 is the first stable release of the Tor 0.2.9 series. + + The Tor 0.2.9 series makes mandatory a number of security features + that were formerly optional. It includes support for a new shared- + randomness protocol that will form the basis for next generation + hidden services, includes a single-hop hidden service mode for + optimizing .onion services that don't actually want to be hidden, + tries harder not to overload the directory authorities with excessive + downloads, and supports a better protocol versioning scheme for + improved compatibility with other implementations of the Tor protocol. + + And of course, there are numerous other bugfixes and improvements. + + This release also includes a fix for a medium-severity issue (bug + 21018 below) where Tor clients could crash when attempting to visit a + hostile hidden service. Clients are recommended to upgrade as packages + become available for their systems. + + Below are the changes since 0.2.9.7-rc. For a list of all changes + since 0.2.8, see the ReleaseNotes file. + + o Major bugfixes (parsing, security): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Minor features (fallback directory list): + - Replace the 81 remaining fallbacks of the 100 originally + introduced in Tor 0.2.8.3-alpha in March 2016, with a list of 177 + fallbacks (123 new, 54 existing, 27 removed) generated in December + 2016. Resolves ticket 20170. + + +Changes in version 0.2.9.7-rc - 2016-12-12 + Tor 0.2.9.7-rc fixes a few small bugs remaining in Tor 0.2.9.6-rc, + including a few that had prevented tests from passing on + some platforms. + + o Minor features (geoip): + - Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2 + Country database. + + o Minor bugfix (build): + - The current Git revision when building from a local repository is + now detected correctly when using git worktrees. Fixes bug 20492; + bugfix on 0.2.3.9-alpha. + + o Minor bugfixes (directory authority): + - When computing old Tor protocol line version in protover, we were + looking at 0.2.7.5 twice instead of a specific case for + 0.2.9.1-alpha. Fixes bug 20810; bugfix on 0.2.9.4-alpha. + + o Minor bugfixes (download scheduling): + - Resolve a "bug" warning when considering a download schedule whose + delay had approached INT_MAX. Fixes 20875; bugfix on 0.2.9.5-alpha. + + o Minor bugfixes (logging): + - Downgrade a harmless log message about the + pending_entry_connections list from "warn" to "info". Mitigates + bug 19926. + + o Minor bugfixes (memory leak): + - Fix a small memory leak when receiving AF_UNIX connections on a + SocksPort. Fixes bug 20716; bugfix on 0.2.6.3-alpha. + - When moving a signed descriptor object from a source to an + existing destination, free the allocated memory inside that + destination object. Fixes bug 20715; bugfix on 0.2.8.3-alpha. + + o Minor bugfixes (memory leak, use-after-free, linux seccomp2 sandbox): + - Fix a memory leak and use-after-free error when removing entries + from the sandbox's getaddrinfo() cache. Fixes bug 20710; bugfix on + 0.2.5.5-alpha. Patch from "cypherpunks". + + o Minor bugfixes (portability): + - Use the correct spelling of MAC_OS_X_VERSION_10_12 on configure.ac + Fixes bug 20935; bugfix on 0.2.9.6-rc. + + o Minor bugfixes (unit tests): + - Stop expecting NetBSD unit tests to report success for ipfw. Part + of a fix for bug 19960; bugfix on 0.2.9.5-alpha. + - Fix tolerances in unit tests for monotonic time comparisons + between nanoseconds and microseconds. Previously, we accepted a 10 + us difference only, which is not realistic on every platform's + clock_gettime(). Fixes bug 19974; bugfix on 0.2.9.1-alpha. + - Remove a double-free in the single onion service unit test. Stop + ignoring a return value. Make future changes less error-prone. + Fixes bug 20864; bugfix on 0.2.9.6-rc. + + +Changes in version 0.2.8.11 - 2016-12-08 + Tor 0.2.8.11 backports fixes for additional portability issues that + could prevent Tor from building correctly on OSX Sierra, or with + OpenSSL 1.1. Affected users should upgrade; others can safely stay + with 0.2.8.10. + + o Minor bugfixes (portability): + - Avoid compilation errors when building on OSX Sierra. Sierra began + to support the getentropy() and clock_gettime() APIs, but created + a few problems in doing so. Tor 0.2.9 has a more thorough set of + workarounds; in 0.2.8, we are just using the /dev/urandom and mach + monotonic time interfaces. Fixes bug 20865. Bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (portability, backport from 0.2.9.5-alpha): + - Fix compilation with OpenSSL 1.1 and less commonly-used CPU + architectures. Closes ticket 20588. + + +Changes in version 0.2.8.10 - 2016-12-02 + Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients + unusable after they left standby mode. It also backports fixes for + a few portability issues and a small but problematic memory leak. + + o Major bugfixes (client reliability, backport from 0.2.9.5-alpha): + - When Tor leaves standby because of a new application request, open + circuits as needed to serve that request. Previously, we would + potentially wait a very long time. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. + + o Major bugfixes (client performance, backport from 0.2.9.5-alpha): + - Clients now respond to new application stream requests immediately + when they arrive, rather than waiting up to one second before + starting to handle them. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (portability, backport from 0.2.9.6-rc): + - Work around a bug in the OSX 10.12 SDK that would prevent us from + successfully targeting earlier versions of OSX. Resolves + ticket 20235. + + o Minor bugfixes (portability, backport from 0.2.9.5-alpha): + - Fix implicit conversion warnings under OpenSSL 1.1. Fixes bug + 20551; bugfix on 0.2.1.1-alpha. + + o Minor bugfixes (relay, backport from 0.2.9.5-alpha): + - Work around a memory leak in OpenSSL 1.1 when encoding public + keys. Fixes bug 20553; bugfix on 0.0.2pre8. + + o Minor features (geoip): + - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2 + Country database. + +Changes in version 0.2.9.6-rc - 2016-12-02 + Tor 0.2.9.6-rc fixes a few remaining bugs found in the previous alpha + version. We hope that it will be ready to become stable soon, and we + encourage everyone to test this release. If no showstopper bugs are + found here, the next 0.2.9 release will be stable. + + o Major bugfixes (relay, resolver, logging): + - For relays that don't know their own address, avoid attempting a + local hostname resolve for each descriptor we download. This + will cut down on the number of "Success: chose address 'x.x.x.x'" + log lines, and also avoid confusing clock jumps if the resolver + is slow. Fixes bugs 20423 and 20610; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (client, fascistfirewall): + - Avoid spurious warnings when ReachableAddresses or FascistFirewall + is set. Fixes bug 20306; bugfix on 0.2.8.2-alpha. + + o Minor bugfixes (hidden services): + - Stop ignoring the anonymity status of saved keys for hidden + services and single onion services when first starting tor. + Instead, refuse to start tor if any hidden service key has been + used in a different hidden service anonymity mode. Fixes bug + 20638; bugfix on 17178 in 0.2.9.3-alpha; reported by ahf. + + o Minor bugfixes (portability): + - Work around a bug in the OSX 10.12 SDK that would prevent us from + successfully targeting earlier versions of OSX. Resolves + ticket 20235. + - Run correctly when built on Windows build environments that + require _vcsprintf(). Fixes bug 20560; bugfix on 0.2.2.11-alpha. + + o Minor bugfixes (single onion services, Tor2web): + - Stop complaining about long-term one-hop circuits deliberately + created by single onion services and Tor2web. These log messages + are intended to diagnose issue 8387, which relates to circuits + hanging around forever for no reason. Fixes bug 20613; bugfix on + 0.2.9.1-alpha. Reported by "pastly". + + o Minor bugfixes (unit tests): + - Stop spurious failures in the local interface address discovery + unit tests. Fixes bug 20634; bugfix on 0.2.8.1-alpha; patch by + Neel Chauhan. + + o Documentation: + - Correct the minimum bandwidth value in torrc.sample, and queue a + corresponding change for torrc.minimal. Closes ticket 20085. + + +Changes in version 0.2.9.5-alpha - 2016-11-08 + Tor 0.2.9.5-alpha fixes numerous bugs discovered in the previous alpha + version. We believe one or two probably remain, and we encourage + everyone to test this release. + + o Major bugfixes (client performance): + - Clients now respond to new application stream requests immediately + when they arrive, rather than waiting up to one second before + starting to handle them. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. + + o Major bugfixes (client reliability): + - When Tor leaves standby because of a new application request, open + circuits as needed to serve that request. Previously, we would + potentially wait a very long time. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. + + o Major bugfixes (download scheduling): + - When using an exponential backoff schedule, do not give up on + downloading just because we have failed a bunch of times. Since + each delay is longer than the last, retrying indefinitely won't + hurt. Fixes bug 20536; bugfix on 0.2.9.1-alpha. + - If a consensus expires while we are waiting for certificates to + download, stop waiting for certificates. + - If we stop waiting for certificates less than a minute after we + started downloading them, do not consider the certificate download + failure a separate failure. Fixes bug 20533; bugfix + on 0.2.0.9-alpha. + - Remove the maximum delay on exponential-backoff scheduling. Since + we now allow an infinite number of failures (see ticket 20536), we + must now allow the time to grow longer on each failure. Fixes part + of bug 20534; bugfix on 0.2.9.1-alpha. + - Make our initial download delays closer to those from 0.2.8. Fixes + another part of bug 20534; bugfix on 0.2.9.1-alpha. + - When determining when to download a directory object, handle times + after 2038 if the operating system supports them. (Someday this + will be important!) Fixes bug 20587; bugfix on 0.2.8.1-alpha. + - When using exponential backoff in test networks, use a lower + exponent, so the delays do not vary as much. This helps test + networks bootstrap consistently. Fixes bug 20597; bugfix on 20499. + + o Minor features (geoip): + - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (client directory scheduling): + - Treat "relay too busy to answer request" as a failed request and a + reason to back off on our retry frequency. This is safe now that + exponential backoffs retry indefinitely, and avoids a bug where we + would reset our download schedule erroneously. Fixes bug 20593; + bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (client, logging): + - Remove a BUG warning in circuit_pick_extend_handshake(). Instead, + assume all nodes support EXTEND2. Use ntor whenever a key is + available. Fixes bug 20472; bugfix on 0.2.9.3-alpha. + - On DNSPort, stop logging a BUG warning on a failed hostname + lookup. Fixes bug 19869; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (hidden services): + - When configuring hidden services, check every hidden service + directory's permissions. Previously, we only checked the last + hidden service. Fixes bug 20529; bugfix the work to fix 13942 + in 0.2.6.2-alpha. + + o Minor bugfixes (portability): + - Fix compilation with OpenSSL 1.1 and less commonly-used CPU + architectures. Closes ticket 20588. + - Use ECDHE ciphers instead of ECDH in tortls tests. LibreSSL has + removed the ECDH ciphers which caused the tests to fail on + platforms which use it. Fixes bug 20460; bugfix on 0.2.8.1-alpha. + - Fix implicit conversion warnings under OpenSSL 1.1. Fixes bug + 20551; bugfix on 0.2.1.1-alpha. + + o Minor bugfixes (relay bootstrap): + - Ensure relays don't make multiple connections during bootstrap. + Fixes bug 20591; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (relay): + - Work around a memory leak in OpenSSL 1.1 when encoding public + keys. Fixes bug 20553; bugfix on 0.0.2pre8. + - Avoid a small memory leak when informing worker threads about + rotated onion keys. Fixes bug 20401; bugfix on 0.2.6.3-alpha. + - Do not try to parallelize workers more than 16x without the user + explicitly configuring us to do so, even if we do detect more than + 16 CPU cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha. + + o Minor bugfixes (single onion services): + - Start correctly when creating a single onion service in a + directory that did not previously exist. Fixes bug 20484; bugfix + on 0.2.9.3-alpha. + + o Minor bugfixes (testing): + - Avoid a unit test failure on systems with over 16 detectable CPU + cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha. + + o Documentation: + - Clarify that setting HiddenServiceNonAnonymousMode requires you to + also set "SOCKSPort 0". Fixes bug 20487; bugfix on 0.2.9.3-alpha. + - Module-level documentation for several more modules. Closes + tickets 19287 and 19290. + + +Changes in version 0.2.8.9 - 2016-10-17 + Tor 0.2.8.9 backports a fix for a security hole in previous versions + of Tor that would allow a remote attacker to crash a Tor client, + hidden service, relay, or authority. All Tor users should upgrade to + this version, or to 0.2.9.4-alpha. Patches will be released for older + versions of Tor. + + o Major features (security fixes, also in 0.2.9.4-alpha): + - Prevent a class of security bugs caused by treating the contents + of a buffer chunk as if they were a NUL-terminated string. At + least one such bug seems to be present in all currently used + versions of Tor, and would allow an attacker to remotely crash + most Tor instances, especially those compiled with extra compiler + hardening. With this defense in place, such bugs can't crash Tor, + though we should still fix them as they occur. Closes ticket + 20384 (TROVE-2016-10-001). + + o Minor features (geoip): + - Update geoip and geoip6 to the October 4 2016 Maxmind GeoLite2 + Country database. + + +Changes in version 0.2.9.4-alpha - 2016-10-17 + Tor 0.2.9.4-alpha fixes a security hole in previous versions of Tor + that would allow a remote attacker to crash a Tor client, hidden + service, relay, or authority. All Tor users should upgrade to this + version, or to 0.2.8.9. Patches will be released for older versions + of Tor. + + Tor 0.2.9.4-alpha also adds numerous small features and fix-ups to + previous versions of Tor, including the implementation of a feature to + future- proof the Tor ecosystem against protocol changes, some bug + fixes necessary for Tor Browser to use unix domain sockets correctly, + and several portability improvements. We anticipate that this will be + the last alpha in the Tor 0.2.9 series, and that the next release will + be a release candidate. + + o Major features (security fixes): + - Prevent a class of security bugs caused by treating the contents + of a buffer chunk as if they were a NUL-terminated string. At + least one such bug seems to be present in all currently used + versions of Tor, and would allow an attacker to remotely crash + most Tor instances, especially those compiled with extra compiler + hardening. With this defense in place, such bugs can't crash Tor, + though we should still fix them as they occur. Closes ticket + 20384 (TROVE-2016-10-001). + + o Major features (subprotocol versions): + - Tor directory authorities now vote on a set of recommended + subprotocol versions, and on a set of required subprotocol + versions. Clients and relays that lack support for a _required_ + subprotocol version will not start; those that lack support for a + _recommended_ subprotocol version will warn the user to upgrade. + Closes ticket 19958; implements part of proposal 264. + - Tor now uses "subprotocol versions" to indicate compatibility. + Previously, versions of Tor looked at the declared Tor version of + a relay to tell whether they could use a given feature. Now, they + should be able to rely on its declared subprotocol versions. This + change allows compatible implementations of the Tor protocol(s) to + exist without pretending to be 100% bug-compatible with particular + releases of Tor itself. Closes ticket 19958; implements part of + proposal 264. + + o Minor feature (fallback directories): + - Remove broken fallbacks from the hard-coded fallback directory + list. Closes ticket 20190; patch by teor. + + o Minor features (client, directory): + - Since authorities now omit all routers that lack the Running and + Valid flags, we assume that any relay listed in the consensus must + have those flags. Closes ticket 20001; implements part of + proposal 272. + + o Minor features (compilation, portability): + - Compile correctly on MacOS 10.12 (aka "Sierra"). Closes + ticket 20241. + + o Minor features (development tools, etags): + - Teach the "make tags" Makefile target how to correctly find + "MOCK_IMPL" function definitions. Patch from nherring; closes + ticket 16869. + + o Minor features (geoip): + - Update geoip and geoip6 to the October 4 2016 Maxmind GeoLite2 + Country database. + + o Minor features (unix domain sockets): + - When configuring a unix domain socket for a SocksPort, + ControlPort, or Hidden service, you can now wrap the address in + quotes, using C-style escapes inside the quotes. This allows unix + domain socket paths to contain spaces. + + o Minor features (virtual addresses): + - Increase the maximum number of bits for the IPv6 virtual network + prefix from 16 to 104. In this way, the condition for address + allocation is less restrictive. Closes ticket 20151; feature + on 0.2.4.7-alpha. + + o Minor bugfixes (address discovery): + - Stop reordering IP addresses returned by the OS. This makes it + more likely that Tor will guess the same relay IP address every + time. Fixes issue 20163; bugfix on 0.2.7.1-alpha, ticket 17027. + Reported by René Mayrhofer, patch by "cypherpunks". + + o Minor bugfixes (client, unix domain sockets): + - Disable IsolateClientAddr when using AF_UNIX backed SocksPorts as + the client address is meaningless. Fixes bug 20261; bugfix + on 0.2.6.3-alpha. + + o Minor bugfixes (compilation, OpenBSD): + - Detect Libevent2 functions correctly on systems that provide + libevent2, but where libevent1 is linked with -levent. Fixes bug + 19904; bugfix on 0.2.2.24-alpha. Patch from Rubiate. + + o Minor bugfixes (configuration): + - When parsing quoted configuration values from the torrc file, + handle windows line endings correctly. Fixes bug 19167; bugfix on + 0.2.0.16-alpha. Patch from "Pingl". + + o Minor bugfixes (getpass): + - Defensively fix a non-triggerable heap corruption at do_getpass() + to protect ourselves from mistakes in the future. Fixes bug + 19223; bugfix on 0.2.7.3-rc. Bug found by Guido Vranken, patch + by nherring. + + o Minor bugfixes (hidden service): + - Allow hidden services to run on IPv6 addresses even when the + IPv6Exit option is not set. Fixes bug 18357; bugfix + on 0.2.4.7-alpha. + + o Documentation: + - Add module-level internal documentation for 36 C files that + previously didn't have a high-level overview. Closes ticket #20385. + + o Required libraries: + - When building with OpenSSL, Tor now requires version 1.0.1 or + later. OpenSSL 1.0.0 and earlier are no longer supported by the + OpenSSL team, and should not be used. Closes ticket 20303. + + +Changes in version 0.2.9.3-alpha - 2016-09-23 + Tor 0.2.9.3-alpha adds improved support for entities that want to make + high-performance services available through the Tor .onion mechanism + without themselves receiving anonymity as they host those services. It + also tries harder to ensure that all steps on a circuit are using the + strongest crypto possible, strengthens some TLS properties, and + resolves several bugs -- including a pair of crash bugs from the 0.2.8 + series. Anybody running an earlier version of 0.2.9.x should upgrade. + + o Major bugfixes (crash, also in 0.2.8.8): + - Fix a complicated crash bug that could affect Tor clients + configured to use bridges when replacing a networkstatus consensus + in which one of their bridges was mentioned. OpenBSD users saw + more crashes here, but all platforms were potentially affected. + Fixes bug 20103; bugfix on 0.2.8.2-alpha. + + o Major bugfixes (relay, OOM handler, also in 0.2.8.8): + - Fix a timing-dependent assertion failure that could occur when we + tried to flush from a circuit after having freed its cells because + of an out-of-memory condition. Fixes bug 20203; bugfix on + 0.2.8.1-alpha. Thanks to "cypherpunks" for help diagnosing + this one. + + o Major features (circuit building, security): + - Authorities, relays and clients now require ntor keys in all + descriptors, for all hops (except for rare hidden service protocol + cases), for all circuits, and for all other roles. Part of + ticket 19163. + - Tor authorities, relays, and clients only use ntor, except for + rare cases in the hidden service protocol. Part of ticket 19163. + + o Major features (single-hop "hidden" services): + - Add experimental HiddenServiceSingleHopMode and + HiddenServiceNonAnonymousMode options. When both are set to 1, + every hidden service on a Tor instance becomes a non-anonymous + Single Onion Service. Single Onions make one-hop (direct) + connections to their introduction and renzedvous points. One-hop + circuits make Single Onion servers easily locatable, but clients + remain location-anonymous. This is compatible with the existing + hidden service implementation, and works on the current tor + network without any changes to older relays or clients. Implements + proposal 260, completes ticket 17178. Patch by teor and asn. + + o Major features (resource management): + - Tor can now notice it is about to run out of sockets, and + preemptively close connections of lower priority. (This feature is + off by default for now, since the current prioritizing method is + yet not mature enough. You can enable it by setting + "DisableOOSCheck 0", but watch out: it might close some sockets + you would rather have it keep.) Closes ticket 18640. + + o Major bugfixes (circuit building): + - Hidden service client-to-intro-point and service-to-rendezvous- + point circuits use the TAP key supplied by the protocol, to avoid + epistemic attacks. Fixes bug 19163; bugfix on 0.2.4.18-rc. + + o Major bugfixes (compilation, OpenBSD): + - Fix a Libevent-detection bug in our autoconf script that would + prevent Tor from linking successfully on OpenBSD. Patch from + rubiate. Fixes bug 19902; bugfix on 0.2.9.1-alpha. + + o Major bugfixes (hidden services): + - Clients now require hidden services to include the TAP keys for + their intro points in the hidden service descriptor. This prevents + an inadvertent upgrade to ntor, which a malicious hidden service + could use to distinguish clients by consensus version. Fixes bug + 20012; bugfix on 0.2.4.8-alpha. Patch by teor. + + o Minor features (security, TLS): + - Servers no longer support clients that without AES ciphersuites. + (3DES is no longer considered an acceptable cipher.) We believe + that no such Tor clients currently exist, since Tor has required + OpenSSL 0.9.7 or later since 2009. Closes ticket 19998. + + o Minor feature (fallback directories): + - Remove 8 fallbacks that are no longer suitable, leaving 81 of the + 100 fallbacks originally introduced in Tor 0.2.8.2-alpha in March + 2016. Closes ticket 20190; patch by teor. + + o Minor features (geoip, also in 0.2.8.8): + - Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2 + Country database. + + o Minor feature (port flags): + - Add new flags to the *Port options to finer control over which + requests are allowed. The flags are NoDNSRequest, NoOnionTraffic, + and the synthetic flag OnionTrafficOnly, which is equivalent to + NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. Closes enhancement + 18693; patch by "teor". + + o Minor features (directory authority): + - After voting, if the authorities decide that a relay is not + "Valid", they no longer include it in the consensus at all. Closes + ticket 20002; implements part of proposal 272. + + o Minor features (testing): + - Disable memory protections on OpenBSD when performing our unit + tests for memwipe(). The test deliberately invokes undefined + behavior, and the OpenBSD protections interfere with this. Patch + from "rubiate". Closes ticket 20066. + + o Minor features (testing, ipv6): + - Add the single-onion and single-onion-ipv6 chutney targets to + "make test-network-all". This requires a recent chutney version + with the single onion network flavours (git c72a652 or later). + Closes ticket 20072; patch by teor. + - Add the hs-ipv6 chutney target to make test-network-all's IPv6 + tests. Remove bridges+hs, as it's somewhat redundant. This + requires a recent chutney version that supports IPv6 clients, + relays, and authorities. Closes ticket 20069; patch by teor. + + o Minor features (Tor2web): + - Make Tor2web clients respect ReachableAddresses. This feature was + inadvertently enabled in 0.2.8.6, then removed by bugfix 19973 on + 0.2.8.7. Implements feature 20034. Patch by teor. + + o Minor features (unit tests): + - We've done significant work to make the unit tests run faster. + - Our link-handshake unit tests now check that when invalid + handshakes fail, they fail with the error messages we expected. + - Our unit testing code that captures log messages no longer + prevents them from being written out if the user asked for them + (by passing --debug or --info or or --notice --warn to the "test" + binary). This change prevents us from missing unexpected log + messages simply because we were looking for others. Related to + ticket 19999. + - The unit tests now log all warning messages with the "BUG" flag. + Previously, they only logged errors by default. This change will + help us make our testing code more correct, and make sure that we + only hit this code when we mean to. In the meantime, however, + there will be more warnings in the unit test logs than before. + This is preparatory work for ticket 19999. + - The unit tests now treat any failure of a "tor_assert_nonfatal()" + assertion as a test failure. + + o Minor bug fixes (circuits): + - Use the CircuitBuildTimeout option whenever + LearnCircuitBuildTimeout is disabled. Previously, we would respect + the option when a user disabled it, but not when it was disabled + because some other option was set. Fixes bug 20073; bugfix on + 0.2.4.12-alpha. Patch by teor. + + o Minor bugfixes (allocation): + - Change how we allocate memory for large chunks on buffers, to + avoid a (currently impossible) integer overflow, and to waste less + space when allocating unusually large chunks. Fixes bug 20081; + bugfix on 0.2.0.16-alpha. Issue identified by Guido Vranken. + - Always include orconfig.h before including any other C headers. + Sometimes, it includes macros that affect the behavior of the + standard headers. Fixes bug 19767; bugfix on 0.2.9.1-alpha (the + first version to use AC_USE_SYSTEM_EXTENSIONS). + - Fix a syntax error in the IF_BUG_ONCE__() macro in non-GCC- + compatible compilers. Fixes bug 20141; bugfix on 0.2.9.1-alpha. + Patch from Gisle Vanem. + - Stop trying to build with Clang 4.0's -Wthread-safety warnings. + They apparently require a set of annotations that we aren't + currently using, and they create false positives in our pthreads + wrappers. Fixes bug 20110; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (directory authority): + - Die with a more useful error when the operator forgets to place + the authority_signing_key file into the keys directory. This + avoids an uninformative assert & traceback about having an invalid + key. Fixes bug 20065; bugfix on 0.2.0.1-alpha. + - When allowing private addresses, mark Exits that only exit to + private locations as such. Fixes bug 20064; bugfix + on 0.2.2.9-alpha. + + o Minor bugfixes (documentation): + - Document the default PathsNeededToBuildCircuits value that's used + by clients when the directory authorities don't set + min_paths_for_circs_pct. Fixes bug 20117; bugfix on 02c320916e02 + in 0.2.4.10-alpha. Patch by teor, reported by Jesse V. + - Fix manual for the User option: it takes a username, not a UID. + Fixes bug 19122; bugfix on 0.0.2pre16 (the first version to have + a manpage!). + + o Minor bugfixes (hidden services): + - Stop logging intro point details to the client log on certain + error conditions. Fixed as part of bug 20012; bugfix on + 0.2.4.8-alpha. Patch by teor. + + o Minor bugfixes (IPv6, testing): + - Check for IPv6 correctly on Linux when running test networks. + Fixes bug 19905; bugfix on 0.2.7.3-rc; patch by teor. + + o Minor bugfixes (Linux seccomp2 sandbox): + - Add permission to run the sched_yield() and sigaltstack() system + calls, in order to support versions of Tor compiled with asan or + ubsan code that use these calls. Now "sandbox 1" and + "--enable-expensive-hardening" should be compatible on more + systems. Fixes bug 20063; bugfix on 0.2.5.1-alpha. + + o Minor bugfixes (logging): + - When logging a message from the BUG() macro, be explicit about + what we were asserting. Previously we were confusing what we were + asserting with what the bug was. Fixes bug 20093; bugfix + on 0.2.9.1-alpha. + - When we are unable to remove the bw_accounting file, do not warn + if the reason we couldn't remove it was that it didn't exist. + Fixes bug 19964; bugfix on 0.2.5.4-alpha. Patch from 'pastly'. + + o Minor bugfixes (option parsing): + - Count unix sockets when counting client listeners (SOCKS, Trans, + NATD, and DNS). This has no user-visible behaviour changes: these + options are set once, and never read. Required for correct + behaviour in ticket 17178. Fixes bug 19677; bugfix on + 0.2.6.3-alpha. Patch by teor. + + o Minor bugfixes (options): + - Check the consistency of UseEntryGuards and EntryNodes more + reliably. Fixes bug 20074; bugfix on 0.2.4.12-alpha. Patch + by teor. + - Stop changing the configured value of UseEntryGuards on + authorities and Tor2web clients. Fixes bug 20074; bugfix on + commits 51fc6799 in 0.1.1.16-rc and acda1735 in 0.2.4.3-alpha. + Patch by teor. + + o Minor bugfixes (Tor2web): + - Prevent Tor2web clients running hidden services, these services + are not anonymous due to the one-hop client paths. Fixes bug + 19678. Patch by teor. + + o Minor bugfixes (unit tests): + - Fix a shared-random unit test that was failing on big endian + architectures due to internal representation of a integer copied + to a buffer. The test is changed to take a full 32 bytes of data + and use the output of a python script that make the COMMIT and + REVEAL calculation according to the spec. Fixes bug 19977; bugfix + on 0.2.9.1-alpha. + - The tor_tls_server_info_callback unit test no longer crashes when + debug-level logging is turned on. Fixes bug 20041; bugfix + on 0.2.8.1-alpha. + + +Changes in version 0.2.8.8 - 2016-09-23 + Tor 0.2.8.8 fixes two crash bugs present in previous versions of the + 0.2.8.x series. Relays running 0.2.8.x should upgrade, as should users + who select public relays as their bridges. + + o Major bugfixes (crash): + - Fix a complicated crash bug that could affect Tor clients + configured to use bridges when replacing a networkstatus consensus + in which one of their bridges was mentioned. OpenBSD users saw + more crashes here, but all platforms were potentially affected. + Fixes bug 20103; bugfix on 0.2.8.2-alpha. + + o Major bugfixes (relay, OOM handler): + - Fix a timing-dependent assertion failure that could occur when we + tried to flush from a circuit after having freed its cells because + of an out-of-memory condition. Fixes bug 20203; bugfix on + 0.2.8.1-alpha. Thanks to "cypherpunks" for help diagnosing + this one. + + o Minor feature (fallback directories): + - Remove 8 fallbacks that are no longer suitable, leaving 81 of the + 100 fallbacks originally introduced in Tor 0.2.8.2-alpha in March + 2016. Closes ticket 20190; patch by teor. + + o Minor features (geoip): + - Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2 + Country database. + + +Changes in version 0.2.9.2-alpha - 2016-08-24 + Tor 0.2.9.2-alpha continues development of the 0.2.9 series with + several new features and bugfixes. It also includes an important + authority update and an important bugfix from 0.2.8.7. Everyone who + sets the ReachableAddresses option, and all bridges, are strongly + encouraged to upgrade to 0.2.8.7, or to 0.2.9.2-alpha. + + o Directory authority changes (also in 0.2.8.7): + - The "Tonga" bridge authority has been retired; the new bridge + authority is "Bifroest". Closes tickets 19728 and 19690. + + o Major bugfixes (client, security, also in 0.2.8.7): + - Only use the ReachableAddresses option to restrict the first hop + in a path. In earlier versions of 0.2.8.x, it would apply to + every hop in the path, with a possible degradation in anonymity + for anyone using an uncommon ReachableAddress setting. Fixes bug + 19973; bugfix on 0.2.8.2-alpha. + + o Major features (user interface): + - Tor now supports the ability to declare options deprecated, so + that we can recommend that people stop using them. Previously, + this was done in an ad-hoc way. Closes ticket 19820. + + o Major bugfixes (directory downloads): + - Avoid resetting download status for consensuses hourly, since we + already have another, smarter retry mechanism. Fixes bug 8625; + bugfix on 0.2.0.9-alpha. + + o Minor features (config): + - Warn users when descriptor and port addresses are inconsistent. + Mitigates bug 13953; patch by teor. + + o Minor features (geoip): + - Update geoip and geoip6 to the August 2 2016 Maxmind GeoLite2 + Country database. + + o Minor features (user interface): + - There is a new --list-deprecated-options command-line option to + list all of the deprecated options. Implemented as part of + ticket 19820. + + o Minor bugfixes (code style): + - Fix an integer signedness conversion issue in the case conversion + tables. Fixes bug 19168; bugfix on 0.2.1.11-alpha. + + o Minor bugfixes (compilation): + - Build correctly on versions of libevent2 without support for + evutil_secure_rng_add_bytes(). Fixes bug 19904; bugfix + on 0.2.5.4-alpha. + - Fix a compilation warning on GCC versions before 4.6. Our + ENABLE_GCC_WARNING macro used the word "warning" as an argument, + when it is also required as an argument to the compiler pragma. + Fixes bug 19901; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (compilation, also in 0.2.8.7): + - Remove an inappropriate "inline" in tortls.c that was causing + warnings on older versions of GCC. Fixes bug 19903; bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (fallback directories, also in 0.2.8.7): + - Avoid logging a NULL string pointer when loading fallback + directory information. Fixes bug 19947; bugfix on 0.2.4.7-alpha + and 0.2.8.1-alpha. Report and patch by "rubiate". + + o Minor bugfixes (logging): + - Log a more accurate message when we fail to dump a microdescriptor. + Fixes bug 17758; bugfix on 0.2.2.8-alpha. Patch from Daniel Pinto. + + o Minor bugfixes (memory leak): + - Fix a series of slow memory leaks related to parsing torrc files + and options. Fixes bug 19466; bugfix on 0.2.1.6-alpha. + + o Deprecated features: + - A number of DNS-cache-related sub-options for client ports are now + deprecated for security reasons, and may be removed in a future + version of Tor. (We believe that client-side DNS cacheing is a bad + idea for anonymity, and you should not turn it on.) The options + are: CacheDNS, CacheIPv4DNS, CacheIPv6DNS, UseDNSCache, + UseIPv4Cache, and UseIPv6Cache. + - A number of options are deprecated for security reasons, and may + be removed in a future version of Tor. The options are: + AllowDotExit, AllowInvalidNodes, AllowSingleHopCircuits, + AllowSingleHopExits, ClientDNSRejectInternalAddresses, + CloseHSClientCircuitsImmediatelyOnTimeout, + CloseHSServiceRendCircuitsImmediatelyOnTimeout, + ExcludeSingleHopRelays, FastFirstHopPK, TLSECGroup, + UseNTorHandshake, and WarnUnsafeSocks. + - The *ListenAddress options are now deprecated as unnecessary: the + corresponding *Port options should be used instead. These options + may someday be removed. The affected options are: + ControlListenAddress, DNSListenAddress, DirListenAddress, + NATDListenAddress, ORListenAddress, SocksListenAddress, + and TransListenAddress. + + o Documentation: + - Correct the IPv6 syntax in our documentation for the + VirtualAddrNetworkIPv6 torrc option. Closes ticket 19743. + + o Removed code: + - We no longer include the (dead, deprecated) bufferevent code in + Tor. Closes ticket 19450. Based on a patch from U+039b. + + +Changes in version 0.2.8.7 - 2016-08-24 + Tor 0.2.8.7 fixes an important bug related to the ReachableAddresses + option in 0.2.8.6, and replaces a retiring bridge authority. Everyone + who sets the ReachableAddresses option, and all bridges, are strongly + encouraged to upgrade. + + o Directory authority changes: + - The "Tonga" bridge authority has been retired; the new bridge + authority is "Bifroest". Closes tickets 19728 and 19690. + + o Major bugfixes (client, security): + - Only use the ReachableAddresses option to restrict the first hop + in a path. In earlier versions of 0.2.8.x, it would apply to + every hop in the path, with a possible degradation in anonymity + for anyone using an uncommon ReachableAddress setting. Fixes bug + 19973; bugfix on 0.2.8.2-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the August 2 2016 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation): + - Remove an inappropriate "inline" in tortls.c that was causing + warnings on older versions of GCC. Fixes bug 19903; bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (fallback directories): + - Avoid logging a NULL string pointer when loading fallback + directory information. Fixes bug 19947; bugfix on 0.2.4.7-alpha + and 0.2.8.1-alpha. Report and patch by "rubiate". + + +Changes in version 0.2.9.1-alpha - 2016-08-08 + Tor 0.2.9.1-alpha is the first alpha release in the 0.2.9 development + series. It improves our support for hardened builds and compiler + warnings, deploys some critical infrastructure for improvements to + hidden services, includes a new timing backend that we hope to use for + better support for traffic padding, makes it easier for programmers to + log unexpected events, and contains other small improvements to + security, correctness, and performance. + + Below are the changes since 0.2.8.6. + + o New system requirements: + - Tor now requires Libevent version 2.0.10-stable or later. Older + versions of Libevent have less efficient backends for several + platforms, and lack the DNS code that we use for our server-side + DNS support. This implements ticket 19554. + - Tor now requires zlib version 1.2 or later, for security, + efficiency, and (eventually) gzip support. (Back when we started, + zlib 1.1 and zlib 1.0 were still found in the wild. 1.2 was + released in 2003. We recommend the latest version.) + + o Major features (build, hardening): + - Tor now builds with -ftrapv by default on compilers that support + it. This option detects signed integer overflow (which C forbids), + and turns it into a hard-failure. We do not apply this option to + code that needs to run in constant time to avoid side-channels; + instead, we use -fwrapv in that code. Closes ticket 17983. + - When --enable-expensive-hardening is selected, stop applying the + clang/gcc sanitizers to code that needs to run in constant time. + Although we are aware of no introduced side-channels, we are not + able to prove that there are none. Related to ticket 17983. + + o Major features (compilation): + - Our big list of extra GCC warnings is now enabled by default when + building with GCC (or with anything like Clang that claims to be + GCC-compatible). To make all warnings into fatal compilation + errors, pass --enable-fatal-warnings to configure. Closes + ticket 19044. + - Use the Autoconf macro AC_USE_SYSTEM_EXTENSIONS to automatically + turn on C and POSIX extensions. (Previously, we attempted to do + this on an ad hoc basis.) Closes ticket 19139. + + o Major features (directory authorities, hidden services): + - Directory authorities can now perform the shared randomness + protocol specified by proposal 250. Using this protocol, directory + authorities generate a global fresh random value every day. In the + future, this value will be used by hidden services to select + HSDirs. This release implements the directory authority feature; + the hidden service side will be implemented in the future as part + of proposal 224. Resolves ticket 16943; implements proposal 250. + + o Major features (downloading, random exponential backoff): + - When we fail to download an object from a directory service, wait + for an (exponentially increasing) randomized amount of time before + retrying, rather than a fixed interval as we did before. This + prevents a group of Tor instances from becoming too synchronized, + or a single Tor instance from becoming too predictable, in its + download schedule. Closes ticket 15942. + + o Major bugfixes (exit policies): + - Avoid disclosing exit outbound bind addresses, configured port + bind addresses, and local interface addresses in relay descriptors + by default under ExitPolicyRejectPrivate. Instead, only reject + these (otherwise unlisted) addresses if + ExitPolicyRejectLocalInterfaces is set. Fixes bug 18456; bugfix on + 0.2.7.2-alpha. Patch by teor. + + o Major bugfixes (hidden service client): + - Allow Tor clients with appropriate controllers to work with + FetchHidServDescriptors set to 0. Previously, this option also + disabled descriptor cache lookup, thus breaking hidden services + entirely. Fixes bug 18704; bugfix on 0.2.0.20-rc. Patch by "twim". + + o Minor features (build, hardening): + - Detect and work around a libclang_rt problem that would prevent + clang from finding __mulodi4() on some 32-bit platforms, and thus + keep -ftrapv from linking on those systems. Closes ticket 19079. + - When building on a system without runtime support for the runtime + hardening options, try to log a useful warning at configuration + time, rather than an incomprehensible warning at link time. If + expensive hardening was requested, this warning becomes an error. + Closes ticket 18895. + + o Minor features (code safety): + - In our integer-parsing functions, ensure that maxiumum value we + give is no smaller than the minimum value. Closes ticket 19063; + patch from U+039b. + + o Minor features (controller): + - Implement new GETINFO queries for all downloads that use + download_status_t to schedule retries. This allows controllers to + examine the schedule for pending downloads. Closes ticket 19323. + - Allow controllers to configure basic client authorization on + hidden services when they create them with the ADD_ONION control + command. Implements ticket 15588. Patch by "special". + - Fire a STATUS_SERVER controller event whenever the hibernation + status changes between "awake"/"soft"/"hard". Closes ticket 18685. + + o Minor features (directory authority): + - Directory authorities now only give the Guard flag to a relay if + they are also giving it the Stable flag. This change allows us to + simplify path selection for clients. It should have minimal effect + in practice, since >99% of Guards already have the Stable flag. + Implements ticket 18624. + - Directory authorities now write their v3-status-votes file out to + disk earlier in the consensus process, so we have a record of the + votes even if we abort the consensus process. Resolves + ticket 19036. + + o Minor features (hidden service): + - Stop being so strict about the payload length of "rendezvous1" + cells. We used to be locked in to the "TAP" handshake length, and + now we can handle better handshakes like "ntor". Resolves + ticket 18998. + + o Minor features (infrastructure, time): + - Tor now uses the operating system's monotonic timers (where + available) for internal fine-grained timing. Previously we would + look at the system clock, and then attempt to compensate for the + clock running backwards. Closes ticket 18908. + - Tor now includes an improved timer backend, so that we can + efficiently support tens or hundreds of thousands of concurrent + timers, as will be needed for some of our planned anti-traffic- + analysis work. This code is based on William Ahern's "timeout.c" + project, which implements a "tickless hierarchical timing wheel". + Closes ticket 18365. + + o Minor features (logging): + - Provide a more useful warning message when configured with an + invalid Nickname. Closes ticket 18300; patch from "icanhasaccount". + - When dumping unparseable router descriptors, optionally store them + in separate files, named by digest, up to a configurable size + limit. You can change the size limit by setting the + MaxUnparseableDescSizeToLog option, and disable this feature by + setting that option to 0. Closes ticket 18322. + - Add a set of macros to check nonfatal assertions, for internal + use. Migrating more of our checks to these should help us avoid + needless crash bugs. Closes ticket 18613. + + o Minor features (performance): + - Changer the "optimistic data" extension from "off by default" to + "on by default". The default was ordinarily overridden by a + consensus option, but when clients were bootstrapping for the + first time, they would not have a consensus to get the option + from. Changing this default When fetching a consensus for the + first time, use optimistic data. This saves a round-trip during + startup. Closes ticket 18815. + + o Minor features (relay, usability): + - When the directory authorities refuse a bad relay's descriptor, + encourage the relay operator to contact us. Many relay operators + won't notice this line in their logs, but it's a win if even a few + learn why we don't like what their relay was doing. Resolves + ticket 18760. + + o Minor features (testing): + - Let backtrace tests work correctly under AddressSanitizer. Fixes + part of bug 18934; bugfix on 0.2.5.2-alpha. + - Move the test-network.sh script to chutney, and modify tor's test- + network.sh to call the (newer) chutney version when available. + Resolves ticket 19116. Patch by teor. + - Use the lcov convention for marking lines as unreachable, so that + we don't count them when we're generating test coverage data. + Update our coverage tools to understand this convention. Closes + ticket 16792. + + o Minor bugfixes (bootstrap): + - Remember the directory we fetched the consensus or previous + certificates from, and use it to fetch future authority + certificates. This change improves bootstrapping performance. + Fixes bug 18963; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (build): + - The test-stem and test-network makefile targets now depend only on + the tor binary that they are testing. Previously, they depended on + "make all". Fixes bug 18240; bugfix on 0.2.8.2-alpha. Based on a + patch from "cypherpunks". + + o Minor bugfixes (circuits): + - Make sure extend_info_from_router() is only called on servers. + Fixes bug 19639; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (compilation): + - When building with Clang, use a full set of GCC warnings. + (Previously, we included only a subset, because of the way we + detected them.) Fixes bug 19216; bugfix on 0.2.0.1-alpha. + + o Minor bugfixes (directory authority): + - Authorities now sort the "package" lines in their votes, for ease + of debugging. (They are already sorted in consensus documents.) + Fixes bug 18840; bugfix on 0.2.6.3-alpha. + - When parsing a detached signature, make sure we use the length of + the digest algorithm instead of an hardcoded DIGEST256_LEN in + order to avoid comparing bytes out-of-bounds with a smaller digest + length such as SHA1. Fixes bug 19066; bugfix on 0.2.2.6-alpha. + + o Minor bugfixes (documentation): + - Document the --passphrase-fd option in the tor manpage. Fixes bug + 19504; bugfix on 0.2.7.3-rc. + - Fix the description of the --passphrase-fd option in the + tor-gencert manpage. The option is used to pass the number of a + file descriptor to read the passphrase from, not to read the file + descriptor from. Fixes bug 19505; bugfix on 0.2.0.20-alpha. + + o Minor bugfixes (ephemeral hidden service): + - When deleting an ephemeral hidden service, close its intro points + even if they are not completely open. Fixes bug 18604; bugfix + on 0.2.7.1-alpha. + + o Minor bugfixes (guard selection): + - Use a single entry guard even if the NumEntryGuards consensus + parameter is not provided. Fixes bug 17688; bugfix + on 0.2.5.6-alpha. + - Don't mark guards as unreachable if connection_connect() fails. + That function fails for local reasons, so it shouldn't reveal + anything about the status of the guard. Fixes bug 14334; bugfix + on 0.2.3.10-alpha. + + o Minor bugfixes (hidden service client): + - Increase the minimum number of internal circuits we preemptively + build from 2 to 3, so a circuit is available when a client + connects to another onion service. Fixes bug 13239; bugfix + on 0.1.0.1-rc. + + o Minor bugfixes (logging): + - When logging a directory ownership mismatch, log the owning + username correctly. Fixes bug 19578; bugfix on 0.2.2.29-beta. + + o Minor bugfixes (memory leaks): + - Fix a small, uncommon memory leak that could occur when reading a + truncated ed25519 key file. Fixes bug 18956; bugfix + on 0.2.6.1-alpha. + + o Minor bugfixes (testing): + - Allow clients to retry HSDirs much faster in test networks. Fixes + bug 19702; bugfix on 0.2.7.1-alpha. Patch by teor. + - Disable ASAN's detection of segmentation faults while running + test_bt.sh, so that we can make sure that our own backtrace + generation code works. Fixes another aspect of bug 18934; bugfix + on 0.2.5.2-alpha. Patch from "cypherpunks". + - Fix the test-network-all target on out-of-tree builds by using the + correct path to the test driver script. Fixes bug 19421; bugfix + on 0.2.7.3-rc. + + o Minor bugfixes (time): + - Improve overflow checks in tv_udiff and tv_mdiff. Fixes bug 19483; + bugfix on all released tor versions. + - When computing the difference between two times in milliseconds, + we now round to the nearest millisecond correctly. Previously, we + could sometimes round in the wrong direction. Fixes bug 19428; + bugfix on 0.2.2.2-alpha. + + o Minor bugfixes (user interface): + - Display a more accurate number of suppressed messages in the log + rate-limiter. Previously, there was a potential integer overflow + in the counter. Now, if the number of messages hits a maximum, the + rate-limiter doesn't count any further. Fixes bug 19435; bugfix + on 0.2.4.11-alpha. + - Fix a typo in the passphrase prompt for the ed25519 identity key. + Fixes bug 19503; bugfix on 0.2.7.2-alpha. + + o Code simplification and refactoring: + - Remove redundant declarations of the MIN macro. Closes + ticket 18889. + - Rename tor_dup_addr() to tor_addr_to_str_dup() to avoid confusion. + Closes ticket 18462; patch from "icanhasaccount". + - Split the 600-line directory_handle_command_get function into + separate functions for different URL types. Closes ticket 16698. + + o Documentation: + - Fix spelling of "--enable-tor2web-mode" in the manpage. Closes + ticket 19153. Patch from "U+039b". + + o Removed features: + - Remove support for "GET /tor/bytes.txt" DirPort request, and + "GETINFO dir-usage" controller request, which were only available + via a compile-time option in Tor anyway. Feature was added in + 0.2.2.1-alpha. Resolves ticket 19035. + - There is no longer a compile-time option to disable support for + TransPort. (If you don't want TransPort; just don't use it.) Patch + from "U+039b". Closes ticket 19449. + + o Testing: + - Run more workqueue tests as part of "make check". These had + previously been implemented, but you needed to know special + command-line options to enable them. + - We now have unit tests for our code to reject zlib "compression + bombs". (Fortunately, the code works fine.) + + +Changes in version 0.2.8.6 - 2016-08-02 + + Tor 0.2.8.6 is the first stable version of the Tor 0.2.8 series. + + The Tor 0.2.8 series improves client bootstrapping performance, + completes the authority-side implementation of improved identity + keys for relays, and includes numerous bugfixes and performance + improvements throughout the program. This release continues to + improve the coverage of Tor's test suite. For a full list of + changes since Tor 0.2.7, see the ReleaseNotes file. + + Changes since 0.2.8.5-rc: + + o Minor features (geoip): + - Update geoip and geoip6 to the July 6 2016 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation): + - Fix a compilation warning in the unit tests on systems where char + is signed. Fixes bug 19682; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (fallback directories): + - Remove 1 fallback that was on the hardcoded list, then opted-out, + leaving 89 of the 100 fallbacks originally introduced in Tor + 0.2.8.2-alpha in March 2016. Closes ticket 19782; patch by teor. + + o Minor bugfixes (Linux seccomp2 sandbox): + - Allow more syscalls when running with "Sandbox 1" enabled: + sysinfo, getsockopt(SO_SNDBUF), and setsockopt(SO_SNDBUFFORCE). On + some systems, these are required for Tor to start. Fixes bug + 18397; bugfix on 0.2.5.1-alpha. Patch from Daniel Pinto. + - Allow IPPROTO_UDP datagram sockets when running with "Sandbox 1", + so that get_interface_address6_via_udp_socket_hack() can work. + Fixes bug 19660; bugfix on 0.2.5.1-alpha. + + +Changes in version 0.2.8.5-rc - 2016-07-07 + Tor 0.2.8.5-rc is the second release candidate in the Tor 0.2.8 + series. If we find no new bugs or regressions here, the first stable + 0.2.8 release will be identical to it. It has a few small bugfixes + against previous versions. + + o Directory authority changes: + - Urras is no longer a directory authority. Closes ticket 19271. + + o Major bugfixes (heartbeat): + - Fix a regression that would crash Tor when the periodic + "heartbeat" log messages were disabled. Fixes bug 19454; bugfix on + 0.2.8.1-alpha. Reported by "kubaku". + + o Minor features (build): + - Tor now again builds with the recent OpenSSL 1.1 development + branch (tested against 1.1.0-pre6-dev). Closes ticket 19499. + - When building manual pages, set the timezone to "UTC", so that the + output is reproducible. Fixes bug 19558; bugfix on 0.2.2.9-alpha. + Patch from intrigeri. + + o Minor bugfixes (fallback directory selection): + - Avoid errors during fallback selection if there are no eligible + fallbacks. Fixes bug 19480; bugfix on 0.2.8.3-alpha. Patch + by teor. + + o Minor bugfixes (IPv6, microdescriptors): + - Don't check node addresses when we only have a routerstatus. This + allows IPv6-only clients to bootstrap by fetching microdescriptors + from fallback directory mirrors. (The microdescriptor consensus + has no IPv6 addresses in it.) Fixes bug 19608; bugfix + on 0.2.8.2-alpha. + + o Minor bugfixes (logging): + - Reduce pointlessly verbose log messages when directory servers + can't be found. Fixes bug 18849; bugfix on 0.2.8.3-alpha and + 0.2.8.1-alpha. Patch by teor. + - When a fallback directory changes its fingerprint from the hard- + coded fingerprint, log a less severe, more explanatory log + message. Fixes bug 18812; bugfix on 0.2.8.1-alpha. Patch by teor. + + o Minor bugfixes (Linux seccomp2 sandboxing): + - Allow statistics to be written to disk when "Sandbox 1" is + enabled. Fixes bugs 19556 and 19957; bugfix on 0.2.5.1-alpha and + 0.2.6.1-alpha respectively. + + o Minor bugfixes (user interface): + - Remove a warning message "Service [scrubbed] not found after + descriptor upload". This message appears when one uses HSPOST + control command to upload a service descriptor. Since there is + only a descriptor and no service, showing this message is + pointless and confusing. Fixes bug 19464; bugfix on 0.2.7.2-alpha. + + o Fallback directory list: + - Add a comment to the generated fallback directory list that + explains how to comment out unsuitable fallbacks in a way that's + compatible with the stem fallback parser. + - Update fallback whitelist and blacklist based on relay operator + emails. Blacklist unsuitable (non-working, over-volatile) + fallbacks. Resolves ticket 19071. Patch by teor. + - Remove 10 unsuitable fallbacks, leaving 90 of the 100 fallbacks + originally introduced in Tor 0.2.8.2-alpha in March 2016. Closes + ticket 19071; patch by teor. + + +Changes in version 0.2.8.4-rc - 2016-06-15 + Tor 0.2.8.4-rc is the first release candidate in the Tor 0.2.8 series. + If we find no new bugs or regressions here, the first stable 0.2.8 + release will be identical to it. It has a few small bugfixes against + previous versions. + + o Major bugfixes (user interface): + - Correctly give a warning in the cases where a relay is specified + by nickname, and one such relay is found, but it is not officially + Named. Fixes bug 19203; bugfix on 0.2.3.1-alpha. + + o Minor features (build): + - Tor now builds once again with the recent OpenSSL 1.1 development + branch (tested against 1.1.0-pre5 and 1.1.0-pre6-dev). + + o Minor features (geoip): + - Update geoip and geoip6 to the June 7 2016 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation): + - Cause the unit tests to compile correctly on mingw64 versions that + lack sscanf. Fixes bug 19213; bugfix on 0.2.7.1-alpha. + + o Minor bugfixes (downloading): + - Predict more correctly whether we'll be downloading over HTTP when + we determine the maximum length of a URL. This should avoid a + "BUG" warning about the Squid HTTP proxy and its URL limits. Fixes + bug 19191. + + +Changes in version 0.2.8.3-alpha - 2016-05-26 + Tor 0.2.8.3-alpha resolves several bugs, most of them introduced over + the course of the 0.2.8 development cycle. It improves the behavior of + directory clients, fixes several crash bugs, fixes a gap in compiler + hardening, and allows the full integration test suite to run on + more platforms. + + o Major bugfixes (security, client, DNS proxy): + - Stop a crash that could occur when a client running with DNSPort + received a query with multiple address types, and the first + address type was not supported. Found and fixed by Scott Dial. + Fixes bug 18710; bugfix on 0.2.5.4-alpha. + + o Major bugfixes (security, compilation): + - Correctly detect compiler flags on systems where _FORTIFY_SOURCE + is predefined. Previously, our use of -D_FORTIFY_SOURCE would + cause a compiler warning, thereby making other checks fail, and + needlessly disabling compiler-hardening support. Fixes one case of + bug 18841; bugfix on 0.2.3.17-beta. Patch from "trudokal". + + o Major bugfixes (security, directory authorities): + - Fix a crash and out-of-bounds write during authority voting, when + the list of relays includes duplicate ed25519 identity keys. Fixes + bug 19032; bugfix on 0.2.8.2-alpha. + + o Major bugfixes (client, bootstrapping): + - Check if bootstrap consensus downloads are still needed when the + linked connection attaches. This prevents tor making unnecessary + begindir-style connections, which are the only directory + connections tor clients make since the fix for 18483 was merged. + - Fix some edge cases where consensus download connections may not + have been closed, even though they were not needed. Related to fix + for 18809. + - Make relays retry consensus downloads the correct number of times, + rather than the more aggressive client retry count. Fixes part of + ticket 18809. + - Stop downloading consensuses when we have a consensus, even if we + don't have all the certificates for it yet. Fixes bug 18809; + bugfix on 0.2.8.1-alpha. Patches by arma and teor. + + o Major bugfixes (directory mirrors): + - Decide whether to advertise begindir support in the the same way + we decide whether to advertise our DirPort. Allowing these + decisions to become out-of-sync led to surprising behavior like + advertising begindir support when hibernation made us not + advertise a DirPort. Resolves bug 18616; bugfix on 0.2.8.1-alpha. + Patch by teor. + + o Major bugfixes (IPv6 bridges, client): + - Actually use IPv6 addresses when selecting directory addresses for + IPv6 bridges. Fixes bug 18921; bugfix on 0.2.8.1-alpha. Patch + by "teor". + + o Major bugfixes (key management): + - If OpenSSL fails to generate an RSA key, do not retain a dangling + pointer to the previous (uninitialized) key value. The impact here + should be limited to a difficult-to-trigger crash, if OpenSSL is + running an engine that makes key generation failures possible, or + if OpenSSL runs out of memory. Fixes bug 19152; bugfix on + 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and + Baishakhi Ray. + + o Major bugfixes (testing): + - Fix a bug that would block 'make test-network-all' on systems where + IPv6 packets were lost. Fixes bug 19008; bugfix on 0.2.7.3-rc. + - Avoid "WSANOTINITIALISED" warnings in the unit tests. Fixes bug 18668; + bugfix on 0.2.8.1-alpha. + + o Minor features (clients): + - Make clients, onion services, and bridge relays always use an + encrypted begindir connection for directory requests. Resolves + ticket 18483. Patch by "teor". + + o Minor features (fallback directory mirrors): + - Give each fallback the same weight for client selection; restrict + fallbacks to one per operator; report fallback directory detail + changes when rebuilding list; add new fallback directory mirrors + to the whitelist; and many other minor simplifications and fixes. + Closes tasks 17905, 18749, bug 18689, and fixes part of bug 18812 on + 0.2.8.1-alpha; patch by "teor". + - Replace the 21 fallbacks generated in January 2016 and included in + Tor 0.2.8.1-alpha, with a list of 100 fallbacks generated in March + 2016. Closes task 17158; patch by "teor". + + o Minor features (geoip): + - Update geoip and geoip6 to the May 4 2016 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (assert, portability): + - Fix an assertion failure in memarea.c on systems where "long" is + shorter than the size of a pointer. Fixes bug 18716; bugfix + on 0.2.1.1-alpha. + + o Minor bugfixes (bootstrap): + - Consistently use the consensus download schedule for authority + certificates. Fixes bug 18816; bugfix on 0.2.4.13-alpha. + + o Minor bugfixes (build): + - Remove a pair of redundant AM_CONDITIONAL declarations from + configure.ac. Fixes one final case of bug 17744; bugfix + on 0.2.8.2-alpha. + - Resolve warnings when building on systems that are concerned with + signed char. Fixes bug 18728; bugfix on 0.2.7.2-alpha + and 0.2.6.1-alpha. + - When libscrypt.h is found, but no libscrypt library can be linked, + treat libscrypt as absent. Fixes bug 19161; bugfix + on 0.2.6.1-alpha. + + o Minor bugfixes (client): + - Turn all TestingClientBootstrap* into non-testing torrc options. + This changes simply renames them by removing "Testing" in front of + them and they do not require TestingTorNetwork to be enabled + anymore. Fixes bug 18481; bugfix on 0.2.8.1-alpha. + - Make directory node selection more reliable, mainly for IPv6-only + clients and clients with few reachable addresses. Fixes bug 18929; + bugfix on 0.2.8.1-alpha. Patch by "teor". + + o Minor bugfixes (controller, microdescriptors): + - Make GETINFO dir/status-vote/current/consensus conform to the + control specification by returning "551 Could not open cached + consensus..." when not caching consensuses. Fixes bug 18920; + bugfix on 0.2.2.6-alpha. + + o Minor bugfixes (crypto, portability): + - The SHA3 and SHAKE routines now produce the correct output on Big + Endian systems. No code calls either algorithm yet, so this is + primarily a build fix. Fixes bug 18943; bugfix on 0.2.8.1-alpha. + - Tor now builds again with the recent OpenSSL 1.1 development + branch (tested against 1.1.0-pre4 and 1.1.0-pre5-dev). Closes + ticket 18286. + + o Minor bugfixes (directories): + - When fetching extrainfo documents, compare their SHA256 digests + and Ed25519 signing key certificates with the routerinfo that led + us to fetch them, rather than with the most recent routerinfo. + Otherwise we generate many spurious warnings about mismatches. + Fixes bug 17150; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (logging): + - When we can't generate a signing key because OfflineMasterKey is + set, do not imply that we should have been able to load it. Fixes + bug 18133; bugfix on 0.2.7.2-alpha. + - Stop periodic_event_dispatch() from blasting twelve lines per + second at loglevel debug. Fixes bug 18729; fix on 0.2.8.1-alpha. + - When rejecting a misformed INTRODUCE2 cell, only log at + PROTOCOL_WARN severity. Fixes bug 18761; bugfix on 0.2.8.2-alpha. + + o Minor bugfixes (pluggable transports): + - Avoid reporting a spurious error when we decide that we don't need + to terminate a pluggable transport because it has already exited. + Fixes bug 18686; bugfix on 0.2.5.5-alpha. + + o Minor bugfixes (pointer arithmetic): + - Fix a bug in memarea_alloc() that could have resulted in remote + heap write access, if Tor had ever passed an unchecked size to + memarea_alloc(). Fortunately, all the sizes we pass to + memarea_alloc() are pre-checked to be less than 128 kilobytes. + Fixes bug 19150; bugfix on 0.2.1.1-alpha. Bug found by + Guido Vranken. + + o Minor bugfixes (relays): + - Consider more config options when relays decide whether to + regenerate their descriptor. Fixes more of bug 12538; bugfix + on 0.2.8.1-alpha. + - Resolve some edge cases where we might launch an ORPort + reachability check even when DisableNetwork is set. Noticed while + fixing bug 18616; bugfix on 0.2.3.9-alpha. + + o Minor bugfixes (statistics): + - We now include consensus downloads via IPv6 in our directory- + request statistics. Fixes bug 18460; bugfix on 0.2.3.14-alpha. + + o Minor bugfixes (testing): + - Allow directories in small networks to bootstrap by skipping + DirPort checks when the consensus has no exits. Fixes bug 19003; + bugfix on 0.2.8.1-alpha. Patch by teor. + - Fix a small memory leak that would occur when the + TestingEnableCellStatsEvent option was turned on. Fixes bug 18673; + bugfix on 0.2.5.2-alpha. + + o Minor bugfixes (time handling): + - When correcting a corrupt 'struct tm' value, fill in the tm_wday + field. Otherwise, our unit tests crash on Windows. Fixes bug + 18977; bugfix on 0.2.2.25-alpha. + + o Documentation: + - Document the contents of the 'datadir/keys' subdirectory in the + manual page. Closes ticket 17621. + - Stop recommending use of nicknames to identify relays in our + MapAddress documentation. Closes ticket 18312. + + Changes in version 0.2.8.2-alpha - 2016-03-28 Tor 0.2.8.2-alpha is the second alpha in its series. It fixes numerous bugs in earlier versions of Tor, including some that prevented @@ -158,7 +4873,7 @@ Changes in version 0.2.8.2-alpha - 2016-03-28 testing versions of the static libraries. Fixes bug 18490; bugfix on 0.2.7.1-alpha. - Avoid spurious failures from configure files related to calling - exit(0) in TOR_SEARCH_LIBRARY. Fixes bug 18625; bugfix on + exit(0) in TOR_SEARCH_LIBRARY. Fixes bug 18626; bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". - Silence spurious clang-scan warnings in the ed25519_donna code by explicitly initializing some objects. Fixes bug 18384; bugfix on @@ -332,10 +5047,11 @@ Changes in version 0.2.8.1-alpha - 2016-02-04 should reduces failures due to fallback churn. Implements ticket 4483. Patch by "teor". Implements IPv4 portions of proposal 210 by "mikeperry" and "teor". - - Include a trial list of default fallback directories, based on an - opt-in survey of suitable relays. Doing this should make clients - bootstrap more quickly and reliably, and reduce the load on the - directory authorities. Closes ticket 15775. Patch by "teor". + - Include a trial list of 21 default fallback directories, generated + in January 2016, based on an opt-in survey of suitable relays. + Doing this should make clients bootstrap more quickly and reliably, + and reduce the load on the directory authorities. Closes ticket + 15775. Patch by "teor". Candidates identified using an OnionOO script by "weasel", "teor", "gsathya", and "karsten". - Previously only relays that explicitly opened a directory port @@ -1447,7 +6163,7 @@ Changes in version 0.2.6.8 - 2015-05-21 o Major bugfixes (hidden services, backport from 0.2.7.1-alpha): - Revert commit that made directory authorities assign the HSDir - flag to relay without a DirPort; this was bad because such relays + flag to relays without a DirPort; this was bad because such relays can't handle BEGIN_DIR cells. Fixes bug 15850; bugfix on 0.2.6.3-alpha. @@ -1488,7 +6204,7 @@ Changes in version 0.2.7.1-alpha - 2015-05-12 o Major bugfixes (hidden services): - Revert commit that made directory authorities assign the HSDir - flag to relay without a DirPort; this was bad because such relays + flag to relays without a DirPort; this was bad because such relays can't handle BEGIN_DIR cells. Fixes bug 15850; bugfix on 0.2.6.3-alpha. |