diff options
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 3497 |
1 files changed, 3440 insertions, 57 deletions
@@ -1,3 +1,3384 @@ +Changes in version 0.2.2.36 - 2012-05-24 + Tor 0.2.2.36 updates the addresses for two of the eight directory + authorities, fixes some potential anonymity and security issues, + and fixes several crash bugs. + + Tor 0.2.1.x has reached its end-of-life. Those Tor versions have many + known flaws, and nobody should be using them. You should upgrade. If + you're using a Linux or BSD and its packages are obsolete, stop using + those packages and upgrade anyway. + + o Directory authority changes: + - Change IP address for maatuska (v3 directory authority). + - Change IP address for ides (v3 directory authority), and rename + it to turtles. + + o Security fixes: + - When building or running with any version of OpenSSL earlier + than 0.9.8s or 1.0.0f, disable SSLv3 support. These OpenSSL + versions have a bug (CVE-2011-4576) in which their block cipher + padding includes uninitialized data, potentially leaking sensitive + information to any peer with whom they make a SSLv3 connection. Tor + does not use SSL v3 by default, but a hostile client or server + could force an SSLv3 connection in order to gain information that + they shouldn't have been able to get. The best solution here is to + upgrade to OpenSSL 0.9.8s or 1.0.0f (or later). But when building + or running with a non-upgraded OpenSSL, we disable SSLv3 entirely + to make sure that the bug can't happen. + - Never use a bridge or a controller-supplied node as an exit, even + if its exit policy allows it. Found by wanoskarnet. Fixes bug + 5342. Bugfix on 0.1.1.15-rc (for controller-purpose descriptors) + and 0.2.0.3-alpha (for bridge-purpose descriptors). + - Only build circuits if we have a sufficient threshold of the total + descriptors that are marked in the consensus with the "Exit" + flag. This mitigates an attack proposed by wanoskarnet, in which + all of a client's bridges collude to restrict the exit nodes that + the client knows about. Fixes bug 5343. + - Provide controllers with a safer way to implement the cookie + authentication mechanism. With the old method, if another locally + running program could convince a controller that it was the Tor + process, then that program could trick the contoller into telling + it the contents of an arbitrary 32-byte file. The new "SAFECOOKIE" + authentication method uses a challenge-response approach to prevent + this attack. Fixes bug 5185; implements proposal 193. + + o Major bugfixes: + - Avoid logging uninitialized data when unable to decode a hidden + service descriptor cookie. Fixes bug 5647; bugfix on 0.2.1.5-alpha. + - Avoid a client-side assertion failure when receiving an INTRODUCE2 + cell on a general purpose circuit. Fixes bug 5644; bugfix on + 0.2.1.6-alpha. + - Fix builds when the path to sed, openssl, or sha1sum contains + spaces, which is pretty common on Windows. Fixes bug 5065; bugfix + on 0.2.2.1-alpha. + - Correct our replacements for the timeradd() and timersub() functions + on platforms that lack them (for example, Windows). The timersub() + function is used when expiring circuits, while timeradd() is + currently unused. Bug report and patch by Vektor. Fixes bug 4778; + bugfix on 0.2.2.24-alpha. + - Fix the SOCKET_OK test that we use to tell when socket + creation fails so that it works on Win64. Fixes part of bug 4533; + bugfix on 0.2.2.29-beta. Bug found by wanoskarnet. + + o Minor bugfixes: + - Reject out-of-range times like 23:59:61 in parse_rfc1123_time(). + Fixes bug 5346; bugfix on 0.0.8pre3. + - Make our number-parsing functions always treat too-large values + as an error, even when those values exceed the width of the + underlying type. Previously, if the caller provided these + functions with minima or maxima set to the extreme values of the + underlying integer type, these functions would return those + values on overflow rather than treating overflow as an error. + Fixes part of bug 5786; bugfix on 0.0.9. + - Older Linux kernels erroneously respond to strange nmap behavior + by having accept() return successfully with a zero-length + socket. When this happens, just close the connection. Previously, + we would try harder to learn the remote address: but there was + no such remote address to learn, and our method for trying to + learn it was incorrect. Fixes bugs 1240, 4745, and 4747. Bugfix + on 0.1.0.3-rc. Reported and diagnosed by "r1eo". + - Correct parsing of certain date types in parse_http_time(). + Without this patch, If-Modified-Since would behave + incorrectly. Fixes bug 5346; bugfix on 0.2.0.2-alpha. Patch from + Esteban Manchado Velázques. + - Change the BridgePassword feature (part of the "bridge community" + design, which is not yet implemented) to use a time-independent + comparison. The old behavior might have allowed an adversary + to use timing to guess the BridgePassword value. Fixes bug 5543; + bugfix on 0.2.0.14-alpha. + - Detect and reject certain misformed escape sequences in + configuration values. Previously, these values would cause us + to crash if received in a torrc file or over an authenticated + control port. Bug found by Esteban Manchado Velázquez, and + independently by Robert Connolly from Matta Consulting who further + noted that it allows a post-authentication heap overflow. Patch + by Alexander Schrijver. Fixes bugs 5090 and 5402 (CVE 2012-1668); + bugfix on 0.2.0.16-alpha. + - Fix a compile warning when using the --enable-openbsd-malloc + configure option. Fixes bug 5340; bugfix on 0.2.0.20-rc. + - During configure, detect when we're building with clang version + 3.0 or lower and disable the -Wnormalized=id and -Woverride-init + CFLAGS. clang doesn't support them yet. + - When sending an HTTP/1.1 proxy request, include a Host header. + Fixes bug 5593; bugfix on 0.2.2.1-alpha. + - Fix a NULL-pointer dereference on a badly formed SETCIRCUITPURPOSE + command. Found by mikeyc. Fixes bug 5796; bugfix on 0.2.2.9-alpha. + - If we hit the error case where routerlist_insert() replaces an + existing (old) server descriptor, make sure to remove that + server descriptor from the old_routers list. Fix related to bug + 1776. Bugfix on 0.2.2.18-alpha. + + o Minor bugfixes (documentation and log messages): + - Fix a typo in a log message in rend_service_rendezvous_has_opened(). + Fixes bug 4856; bugfix on Tor 0.0.6. + - Update "ClientOnly" man page entry to explain that there isn't + really any point to messing with it. Resolves ticket 5005. + - Document the GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays + directory authority option (introduced in Tor 0.2.2.34). + - Downgrade the "We're missing a certificate" message from notice + to info: people kept mistaking it for a real problem, whereas it + is seldom the problem even when we are failing to bootstrap. Fixes + bug 5067; bugfix on 0.2.0.10-alpha. + - Correctly spell "connect" in a log message on failure to create a + controlsocket. Fixes bug 4803; bugfix on 0.2.2.26-beta. + - Clarify the behavior of MaxCircuitDirtiness with hidden service + circuits. Fixes issue 5259. + + o Minor features: + - Directory authorities now reject versions of Tor older than + 0.2.1.30, and Tor versions between 0.2.2.1-alpha and 0.2.2.20-alpha + inclusive. These versions accounted for only a small fraction of + the Tor network, and have numerous known security issues. Resolves + issue 4788. + - Update to the May 1 2012 Maxmind GeoLite Country database. + + - Feature removal: + - When sending or relaying a RELAY_EARLY cell, we used to convert + it to a RELAY cell if the connection was using the v1 link + protocol. This was a workaround for older versions of Tor, which + didn't handle RELAY_EARLY cells properly. Now that all supported + versions can handle RELAY_EARLY cells, and now that we're enforcing + the "no RELAY_EXTEND commands except in RELAY_EARLY cells" rule, + remove this workaround. Addresses bug 4786. + + +Changes in version 0.2.3.15-alpha - 2012-04-30 + Tor 0.2.3.15-alpha fixes a variety of smaller bugs, including making + the development branch build on Windows again. + + o Minor bugfixes (on 0.2.2.x and earlier): + - Make sure that there are no unhandled pending TLS errors before + reading from a TLS stream. We had checks in 0.1.0.3-rc, but + lost them in 0.1.0.5-rc when we refactored read_to_buf_tls(). + Bugfix on 0.1.0.5-rc; fixes bug 4528. + - Fix an assert that directory authorities could trigger on sighup + during some configuration state transitions. We now don't treat + it as a fatal error when the new descriptor we just generated in + init_keys() isn't accepted. Fixes bug 4438; bugfix on 0.2.1.9-alpha. + - After we pick a directory mirror, we would refuse to use it if + it's in our ExcludeExitNodes list, resulting in mysterious failures + to bootstrap for people who just wanted to avoid exiting from + certain locations. Fixes bug 5623; bugfix on 0.2.2.25-alpha. + - When building with --enable-static-tor on OpenBSD, do not + erroneously attempt to link -lrt. Fixes bug 5103. + + o Minor bugfixes (on 0.2.3.x): + - When Tor is built with kernel headers from a recent (last few + years) Linux kernel, do not fail to run on older (pre-2.6.28 + Linux kernels). Fixes bug 5112; bugfix on 0.2.3.1-alpha. + - Fix cross-compilation isssues with mingw. Bugfixes on 0.2.3.6-alpha + and 0.2.3.12-alpha. + - Fix compilation with miniupnpc version 1.6; patch from + Anthony G. Basile. Fixes bug 5434; bugfix on 0.2.3.12-alpha. + - Fix compilation with MSVC, which had defined MS_WINDOWS. Bugfix + on 0.2.3.13-alpha; found and fixed by Gisle Vanem. + - Fix compilation on platforms without unistd.h, or where environ + is defined in stdlib.h. Fixes bug 5704; bugfix on 0.2.3.13-alpha. + + o Minor features: + - Directory authorities are now a little more lenient at accepting + older router descriptors, or newer router descriptors that don't + make big changes. This should help ameliorate past and future + issues where routers think they have uploaded valid descriptors, + but the authorities don't think so. Fix for ticket 2479. + - Make the code that clients use to detect an address change be + IPv6-aware, so that it won't fill clients' logs with error + messages when trying to get the IPv4 address of an IPv6 + connection. Implements ticket 5537. + + o Removed features: + - Remove the GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays option; + authorities needed to use it for a while to keep the network working + as people upgraded to 0.2.1.31, 0.2.2.34, or 0.2.3.6-alpha, but + that was six months ago. As of now, it should no longer be needed + or used. + + +Changes in version 0.2.3.14-alpha - 2012-04-23 + Tor 0.2.3.14-alpha fixes yet more bugs to get us closer to a release + candidate. It also dramatically speeds up AES: fast relays should + consider switching to the newer OpenSSL library. + + o Directory authority changes: + - Change IP address for ides (v3 directory authority), and rename + it to turtles. + + o Major bugfixes: + - Avoid logging uninitialized data when unable to decode a hidden + service descriptor cookie. Fixes bug 5647; bugfix on 0.2.1.5-alpha. + - Avoid a client-side assertion failure when receiving an INTRODUCE2 + cell on a general purpose circuit. Fixes bug 5644; bugfix on + 0.2.1.6-alpha. + - If authorities are unable to get a v2 consensus document from other + directory authorities, they no longer fall back to fetching + them from regular directory caches. Fixes bug 5635; bugfix on + 0.2.2.26-beta, where routers stopped downloading v2 consensus + documents entirely. + - When we start a Tor client with a normal consensus already cached, + be willing to download a microdescriptor consensus. Fixes bug 4011; + fix on 0.2.3.1-alpha. + + o Major features (performance): + - When built to use OpenSSL 1.0.1, and built for an x86 or x86_64 + instruction set, take advantage of OpenSSL's AESNI, bitsliced, or + vectorized AES implementations as appropriate. These can be much, + much faster than other AES implementations. + + o Minor bugfixes (0.2.2.x and earlier): + - Don't launch more than 10 service-side introduction-point circuits + for a hidden service in five minutes. Previously, we would consider + launching more introduction-point circuits if at least one second + had passed without any introduction-point circuits failing. Fixes + bug 4607; bugfix on 0.0.7pre1. + - Change the BridgePassword feature (part of the "bridge community" + design, which is not yet implemented) to use a time-independent + comparison. The old behavior might have allowed an adversary + to use timing to guess the BridgePassword value. Fixes bug 5543; + bugfix on 0.2.0.14-alpha. + - Enforce correct return behavior of tor_vsscanf() when the '%%' + pattern is used. Fixes bug 5558. Bugfix on 0.2.1.13. + - When sending an HTTP/1.1 proxy request, include a Host header. + Fixes bug 5593; bugfix on 0.2.2.1-alpha. + - Don't log that we have "decided to publish new relay descriptor" + unless we are actually publishing a descriptor. Fixes bug 3942; + bugfix on 0.2.2.28-beta. + + o Minor bugfixes (0.2.3.x): + - Fix a bug where a bridge authority crashes (on a failed assert) + if it has seen no directory requests when it's time to write + statistics to disk. Fixes bug 5508. Bugfix on 0.2.3.6-alpha. + - Fix bug stomping on ORPort option NoListen and ignoring option + NoAdvertise. Fixes bug 5151; bugfix on 0.2.3.9-alpha. + - In the testsuite, provide a large enough buffer in the tor_sscanf + unit test. Otherwise we'd overrun that buffer and crash during + the unit tests. Found by weasel. Fixes bug 5449; bugfix on + 0.2.3.12-alpha. + - Make sure we create the keys directory if it doesn't exist and we're + about to store the dynamic Diffie-Hellman parameters. Fixes bug + 5572; bugfix on 0.2.3.13-alpha. + - Fix a small memory leak when trying to decode incorrect base16 + authenticator during SAFECOOKIE authentication. Found by + Coverity Scan. Fixes CID 507. Bugfix on 0.2.3.13-alpha. + + o Minor features: + - Add more information to a log statement that might help track down + bug 4091. If you're seeing "Bug: tor_addr_is_internal() called with a + non-IP address" messages (or any Bug messages, for that matter!), + please let us know about it. + - Relays now understand an IPv6 address when they get one from a + directory server. Resolves ticket 4875. + - Resolve IPv6 addresses in bridge and entry statistics to country + code "??" which means we at least count them. Resolves ticket 5053; + improves on 0.2.3.9-alpha. + - Update to the April 3 2012 Maxmind GeoLite Country database. + - Begin a doc/state-contents.txt file to explain the contents of + the Tor state file. Fixes bug 2987. + + o Default torrc changes: + - Stop listing "socksport 9050" in torrc.sample. We open a socks + port on 9050 by default anyway, so this should not change anything + in practice. + - Stop mentioning the deprecated *ListenAddress options in + torrc.sample. Fixes bug 5438. + - Document unit of bandwidth related options in sample torrc. + Fixes bug 5621. + + o Removed features: + - The "torify" script no longer supports the "tsocks" socksifier + tool, since tsocks doesn't support DNS and UDP right for Tor. + Everyone should be using torsocks instead. Fixes bugs 3530 and + 5180. Based on a patch by "ugh". + + o Code refactoring: + - Change the symmetric cipher interface so that creating and + initializing a stream cipher are no longer separate functions. + - Remove all internal support for unpadded RSA. We never used it, and + it would be a bad idea to start. + + +Changes in version 0.2.3.13-alpha - 2012-03-26 + Tor 0.2.3.13-alpha fixes a variety of stability and correctness bugs + in managed pluggable transports, as well as providing other cleanups + that get us closer to a release candidate. + + o Directory authority changes: + - Change IP address for maatuska (v3 directory authority). + + o Security fixes: + - Provide controllers with a safer way to implement the cookie + authentication mechanism. With the old method, if another locally + running program could convince a controller that it was the Tor + process, then that program could trick the contoller into telling + it the contents of an arbitrary 32-byte file. The new "SAFECOOKIE" + authentication method uses a challenge-response approach to prevent + this attack. Fixes bug 5185, implements proposal 193. + - Never use a bridge or a controller-supplied node as an exit, even + if its exit policy allows it. Found by wanoskarnet. Fixes bug + 5342. Bugfix on 0.1.1.15-rc (for controller-purpose descriptors) + and 0.2.0.3-alpha (for bridge-purpose descriptors). + - Only build circuits if we have a sufficient threshold of the total + descriptors that are marked in the consensus with the "Exit" + flag. This mitigates an attack proposed by wanoskarnet, in which + all of a client's bridges collude to restrict the exit nodes that + the client knows about. Fixes bug 5343. + + o Major bugfixes (on Tor 0.2.3.x): + - Avoid an assert when managed proxies like obfsproxy are configured, + and we receive HUP signals or setconf attempts too rapidly. This + situation happens most commonly when Vidalia tries to attach to + Tor or tries to configure the Tor it's attached to. Fixes bug 5084; + bugfix on 0.2.3.6-alpha. + - Fix a relay-side pluggable transports bug where managed proxies were + unreachable from the Internet, because Tor asked them to bind on + localhost. Fixes bug 4725; bugfix on 0.2.3.9-alpha. + - Stop discarding command-line arguments when TestingTorNetwork + is set. Discovered by Kevin Bauer. Fixes bug 5373; bugfix on + 0.2.3.9-alpha, where task 4552 added support for two layers of + torrc files. + - Resume allowing the unit tests to run in gdb. This was accidentally + made impossible when the DisableDebuggerAttachment option was + introduced. Fixes bug 5448; bugfix on 0.2.3.9-alpha. + - Resume building with nat-pmp support. Fixes bug 4955; bugfix on + 0.2.3.11-alpha. Reported by Anthony G. Basile. + + o Minor bugfixes (on 0.2.2.x and earlier): + - Ensure we don't cannibalize circuits that are longer than three hops + already, so we don't end up making circuits with 5 or more + hops. Patch contributed by wanoskarnet. Fixes bug 5231; bugfix on + 0.1.0.1-rc which introduced cannibalization. + - Detect and reject certain misformed escape sequences in + configuration values. Previously, these values would cause us + to crash if received in a torrc file or over an authenticated + control port. Bug found by Esteban Manchado Velázquez, and + independently by Robert Connolly from Matta Consulting who further + noted that it allows a post-authentication heap overflow. Patch + by Alexander Schrijver. Fixes bugs 5090 and 5402 (CVE 2012-1668); + bugfix on 0.2.0.16-alpha. + - Fix a compile warning when using the --enable-openbsd-malloc + configure option. Fixes bug 5340; bugfix on 0.2.0.20-rc. + - Directory caches no longer refuse to clean out descriptors because + of missing v2 networkstatus documents, unless they're configured + to retrieve v2 networkstatus documents. Fixes bug 4838; bugfix on + 0.2.2.26-beta. Patch by Daniel Bryg. + - Update to the latest version of the tinytest unit testing framework. + This includes a couple of bugfixes that can be relevant for + running forked unit tests on Windows, and removes all reserved + identifiers. + + o Minor bugfixes (on 0.2.3.x): + - On a failed pipe() call, don't leak file descriptors. Fixes bug + 4296; bugfix on 0.2.3.1-alpha. + - Spec conformance: on a v3 handshake, do not send a NETINFO cell + until after we have received a CERTS cell. Fixes bug 4361; bugfix + on 0.2.3.6-alpha. Patch by "frosty". + - When binding to an IPv6 address, set the IPV6_V6ONLY socket + option, so that the IP stack doesn't decide to use it for IPv4 + too. Fixes bug 4760; bugfix on 0.2.3.9-alpha. + - Ensure that variables set in Tor's environment cannot override + environment variables that Tor passes to a managed + pluggable-transport proxy. Previously, Tor would pass every + variable in its environment to managed proxies along with the new + ones, in such a way that on many operating systems, the inherited + environment variables would override those which Tor tried to + explicitly set. Bugfix on 0.2.3.12-alpha for most Unixoid systems; + bugfix on 0.2.3.9-alpha for Windows. + + o Minor features: + - A wide variety of new unit tests by Esteban Manchado Velázquez. + - Shorten links in the tor-exit-notice file. Patch by Christian Kujau. + - Update to the March 6 2012 Maxmind GeoLite Country database. + + +Changes in version 0.2.3.12-alpha - 2012-02-13 + Tor 0.2.3.12-alpha lets fast exit relays scale better, allows clients + to use bridges that run Tor 0.2.2.x, and resolves several big bugs + when Tor is configured to use a pluggable transport like obfsproxy. + + o Major bugfixes: + - Fix builds when the path to sed, openssl, or sha1sum contains + spaces, which is pretty common on Windows. Fixes bug 5065; bugfix + on 0.2.2.1-alpha. + - Set the SO_REUSEADDR socket option before we call bind() on outgoing + connections. This change should allow busy exit relays to stop + running out of available sockets as quickly. Fixes bug 4950; + bugfix on 0.2.2.26-beta. + - Allow 0.2.3.x clients to use 0.2.2.x bridges. Previously the client + would ask the bridge for microdescriptors, which are only supported + in 0.2.3.x, and then fail to bootstrap when it didn't get the + answers it wanted. Fixes bug 4013; bugfix on 0.2.3.2-alpha. + - Properly set up obfsproxy's environment when in managed mode. The + Tor Browser Bundle needs LD_LIBRARY_PATH to be passed to obfsproxy, + and when you run your Tor as a daemon, there's no HOME. Fixes bugs + 5076 and 5082; bugfix on 0.2.3.6-alpha. + + o Minor features: + - Use the dead_strip option when building Tor on OS X. This reduces + binary size by almost 19% when linking openssl and libevent + statically, which we do for Tor Browser Bundle. + - Fix broken URLs in the sample torrc file, and tell readers about + the OutboundBindAddress, ExitPolicyRejectPrivate, and + PublishServerDescriptor options. Addresses bug 4652. + - Update to the February 7 2012 Maxmind GeoLite Country database. + + o Minor bugfixes: + - Downgrade the "We're missing a certificate" message from notice + to info: people kept mistaking it for a real problem, whereas it + is seldom the problem even when we are failing to bootstrap. Fixes + bug 5067; bugfix on 0.2.0.10-alpha. + - Don't put "TOR_PT_EXTENDED_SERVER_PORT=127.0.0.1:4200" in a + managed pluggable transport server proxy's environment. + Previously, we would put it there, even though Tor doesn't + implement an 'extended server port' yet, and even though Tor + almost certainly isn't listening at that address. For now, we set + it to an empty string to avoid crashing older obfsproxies. Bugfix + on 0.2.3.6-alpha. + - Log the heartbeat message every HeartbeatPeriod seconds, not every + HeartbeatPeriod + 1 seconds. Fixes bug 4942; bugfix on + 0.2.3.1-alpha. Bug reported by Scott Bennett. + - Calculate absolute paths correctly on Windows. Fixes bug 4973; + bugfix on 0.2.3.11-alpha. + - Update "ClientOnly" man page entry to explain that there isn't + really any point to messing with it. Resolves ticket 5005. + - Use the correct CVE number for CVE-2011-4576 in our comments and + log messages. Found by "fermenthor". Resolves bug 5066; bugfix on + 0.2.3.11-alpha. + + o Code simplifications and refactoring: + - Use the _WIN32 macro throughout our code to detect Windows. + (Previously we had used the obsolete 'WIN32' and the idiosyncratic + 'MS_WINDOWS'.) + + +Changes in version 0.2.3.11-alpha - 2012-01-22 + Tor 0.2.3.11-alpha marks feature-freeze for the 0.2.3 tree. It deploys + the last step of the plan to limit maximum circuit length, includes + a wide variety of hidden service performance and correctness fixes, + works around an OpenSSL security flaw if your distro is too stubborn + to upgrade, and fixes a bunch of smaller issues. + + o Major features: + - Now that Tor 0.2.0.x is completely deprecated, enable the final + part of "Proposal 110: Avoiding infinite length circuits" by + refusing all circuit-extend requests that do not use a relay_early + cell. This change helps Tor resist a class of denial-of-service + attacks by limiting the maximum circuit length. + - Adjust the number of introduction points that a hidden service + will try to maintain based on how long its introduction points + remain in use and how many introductions they handle. Fixes + part of bug 3825. + - Try to use system facilities for enumerating local interface + addresses, before falling back to our old approach (which was + binding a UDP socket, and calling getsockname() on it). That + approach was scaring OS X users whose draconian firewall + software warned about binding to UDP sockets, regardless of + whether packets were sent. Now we try to use getifaddrs(), + SIOCGIFCONF, or GetAdaptersAddresses(), depending on what the + system supports. Resolves ticket 1827. + + o Major security workaround: + - When building or running with any version of OpenSSL earlier + than 0.9.8s or 1.0.0f, disable SSLv3 support. These OpenSSL + versions have a bug (CVE-2011-4576) in which their block cipher + padding includes uninitialized data, potentially leaking sensitive + information to any peer with whom they make a SSLv3 connection. Tor + does not use SSL v3 by default, but a hostile client or server + could force an SSLv3 connection in order to gain information that + they shouldn't have been able to get. The best solution here is to + upgrade to OpenSSL 0.9.8s or 1.0.0f (or later). But when building + or running with a non-upgraded OpenSSL, we disable SSLv3 entirely + to make sure that the bug can't happen. + + o Major bugfixes: + - Fix the SOCKET_OK test that we use to tell when socket + creation fails so that it works on Win64. Fixes part of bug 4533; + bugfix on 0.2.2.29-beta. Bug found by wanoskarnet. + - Correct our replacements for the timeradd() and timersub() functions + on platforms that lack them (for example, Windows). The timersub() + function is used when expiring circuits, while timeradd() is + currently unused. Bug report and patch by Vektor. Fixes bug 4778; + bugfix on 0.2.2.24-alpha and 0.2.3.1-alpha. + - Do not use OpenSSL 1.0.0's counter mode: it has a critical bug + that was fixed in OpenSSL 1.0.0a. We test for the counter mode + bug at runtime, not compile time, because some distributions hack + their OpenSSL to mis-report its version. Fixes bug 4779; bugfix + on 0.2.3.9-alpha. Found by Pascal. + + o Minor features (controller): + - Use absolute path names when reporting the torrc filename in the + control protocol, so a controller can more easily find the torrc + file. Resolves bug 1101. + - Extend the control protocol to report flags that control a circuit's + path selection in CIRC events and in replies to 'GETINFO + circuit-status'. Implements part of ticket 2411. + - Extend the control protocol to report the hidden service address + and current state of a hidden-service-related circuit in CIRC + events and in replies to 'GETINFO circuit-status'. Implements part + of ticket 2411. + - When reporting the path to the cookie file to the controller, + give an absolute path. Resolves ticket 4881. + - Allow controllers to request an event notification whenever a + circuit is cannibalized or its purpose is changed. Implements + part of ticket 3457. + - Include the creation time of a circuit in CIRC and CIRC2 + control-port events and the list produced by the 'GETINFO + circuit-status' control-port command. + + o Minor features (directory authorities): + - Directory authorities now reject versions of Tor older than + 0.2.1.30, and Tor versions between 0.2.2.1-alpha and 0.2.2.20-alpha + inclusive. These versions accounted for only a small fraction of + the Tor network, and have numerous known security issues. Resolves + issue 4788. + - Authority operators can now vote for all relays in a given + set of countries to be BadDir/BadExit/Invalid/Rejected. + - Provide two consensus parameters (FastFlagMinThreshold and + FastFlagMaxThreshold) to control the range of allowable bandwidths + for the Fast directory flag. These allow authorities to run + experiments on appropriate requirements for being a "Fast" node. + The AuthDirFastGuarantee config value still applies. + - Document the GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays + directory authority option (introduced in Tor 0.2.2.34). + + o Minor features (other): + - Don't disable the DirPort when we cannot exceed our AccountingMax + limit during this interval because the effective bandwidthrate is + low enough. This is useful in a situation where AccountMax is only + used as an additional safeguard or to provide statistics. + - Prepend an informative header to generated dynamic_dh_params files. + - If EntryNodes are given, but UseEntryGuards is set to 0, warn that + EntryNodes will have no effect. Resolves issue 2571. + - Log more useful messages when we fail to disable debugger + attachment. + - Log which authority we're missing votes from when we go to fetch + them from the other auths. + - Log (at debug level) whenever a circuit's purpose is changed. + - Add missing documentation for the MaxClientCircuitsPending, + UseMicrodescriptors, UserspaceIOCPBuffers, and + _UseFilteringSSLBufferevents options, all introduced during + the 0.2.3.x series. + - Update to the January 3 2012 Maxmind GeoLite Country database. + + o Minor bugfixes (hidden services): + - Don't close hidden service client circuits which have almost + finished connecting to their destination when they reach + the normal circuit-build timeout. Previously, we would close + introduction circuits which are waiting for an acknowledgement + from the introduction point, and rendezvous circuits which have + been specified in an INTRODUCE1 cell sent to a hidden service, + after the normal CBT. Now, we mark them as 'timed out', and launch + another rendezvous attempt in parallel. This behavior change can + be disabled using the new CloseHSClientCircuitsImmediatelyOnTimeout + option. Fixes part of bug 1297; bugfix on 0.2.2.2-alpha. + - Don't close hidden-service-side rendezvous circuits when they + reach the normal circuit-build timeout. This behaviour change can + be disabled using the new + CloseHSServiceRendCircuitsImmediatelyOnTimeout option. Fixes the + remaining part of bug 1297; bugfix on 0.2.2.2-alpha. + - Make sure we never mark the wrong rendezvous circuit as having + had its introduction cell acknowleged by the introduction-point + relay. Previously, when we received an INTRODUCE_ACK cell on a + client-side hidden-service introduction circuit, we might have + marked a rendezvous circuit other than the one we specified in + the INTRODUCE1 cell as INTRO_ACKED, which would have produced + a warning message and interfered with the hidden service + connection-establishment process. Fixes bug 4759; bugfix on + 0.2.3.3-alpha, when we added the stream-isolation feature which + might cause Tor to open multiple rendezvous circuits for the same + hidden service. + - Don't trigger an assertion failure when we mark a new client-side + hidden-service introduction circuit for close during the process + of creating it. Fixes bug 4796; bugfix on 0.2.3.6-alpha. Reported + by murb. + + o Minor bugfixes (log messages): + - Correctly spell "connect" in a log message on failure to create a + controlsocket. Fixes bug 4803; bugfix on 0.2.2.26-beta and + 0.2.3.2-alpha. + - Fix a typo in a log message in rend_service_rendezvous_has_opened(). + Fixes bug 4856; bugfix on Tor 0.0.6. + - Fix the log message describing how we work around discovering + that our version is the ill-fated OpenSSL 0.9.8l. Fixes bug + 4837; bugfix on 0.2.2.9-alpha. + - When logging about a disallowed .exit name, do not also call it + an "invalid onion address". Fixes bug 3325; bugfix on 0.2.2.9-alpha. + + o Minor bugfixes (build fixes): + - During configure, detect when we're building with clang version + 3.0 or lower and disable the -Wnormalized=id and -Woverride-init + CFLAGS. clang doesn't support them yet. + - During configure, search for library containing cos function as + libm lives in libcore on some platforms (BeOS/Haiku). Linking + against libm was hard-coded before. Fixes the first part of bug + 4727; bugfix on 0.2.2.2-alpha. Patch and analysis by Martin Hebnes + Pedersen. + - Detect attempts to build Tor on (as yet hypothetical) versions + of Windows where sizeof(intptr_t) != sizeof(SOCKET). Partial + fix for bug 4533. Bugfix on 0.2.2.28-beta. + - Preprocessor directives should not be put inside the arguments + of a macro. This would break compilation with GCC releases prior + to version 3.3. We would never recommend such an old GCC version, + but it is apparently required for binary compatibility on some + platforms (namely, certain builds of Haiku). Fixes the other part + of bug 4727; bugfix on 0.2.3.3-alpha. Patch and analysis by Martin + Hebnes Pedersen. + + o Minor bugfixes (other): + - Older Linux kernels erroneously respond to strange nmap behavior + by having accept() return successfully with a zero-length + socket. When this happens, just close the connection. Previously, + we would try harder to learn the remote address: but there was + no such remote address to learn, and our method for trying to + learn it was incorrect. Fixes bugs 1240, 4745, and 4747. Bugfix + on 0.1.0.3-rc. Reported and diagnosed by "r1eo". + - Fix null-pointer access that could occur if TLS allocation failed. + Fixes bug 4531; bugfix on 0.2.0.20-rc. Found by "troll_un". This was + erroneously listed as fixed in 0.2.3.9-alpha, but the fix had + accidentally been reverted. + - Fix our implementation of crypto_random_hostname() so it can't + overflow on ridiculously large inputs. (No Tor version has ever + provided this kind of bad inputs, but let's be correct in depth.) + Fixes bug 4413; bugfix on 0.2.2.9-alpha. Fix by Stephen Palmateer. + - Find more places in the code that should have been testing for + invalid sockets using the SOCKET_OK macro. Required for a fix + for bug 4533. Bugfix on 0.2.2.28-beta. + - Fix an assertion failure when, while running with bufferevents, a + connection finishes connecting after it is marked for close, but + before it is closed. Fixes bug 4697; bugfix on 0.2.3.1-alpha. + - test_util_spawn_background_ok() hardcoded the expected value + for ENOENT to 2. This isn't portable as error numbers are + platform specific, and particularly the hurd has ENOENT at + 0x40000002. Construct expected string at runtime, using the correct + value for ENOENT. Fixes bug 4733; bugfix on 0.2.3.1-alpha. + - Reject attempts to disable DisableDebuggerAttachment while Tor is + running. Fixes bug 4650; bugfix on 0.2.3.9-alpha. + - Use an appropriate-width type for sockets in tor-fw-helper on + win64. Fixes bug 1983 at last. Bugfix on 0.2.3.9-alpha. + + o Feature removal: + - When sending or relaying a RELAY_EARLY cell, we used to convert + it to a RELAY cell if the connection was using the v1 link + protocol. This was a workaround for older versions of Tor, which + didn't handle RELAY_EARLY cells properly. Now that all supported + versions can handle RELAY_EARLY cells, and now that we're enforcing + the "no RELAY_EXTEND commands except in RELAY_EARLY cells" rule, + remove this workaround. Addresses bug 4786. + + o Code simplifications and refactoring: + - Use OpenSSL's built-in SSL_state_string_long() instead of our + own homebrewed ssl_state_to_string() replacement. Patch from + Emile Snyder. Fixes bug 4653. + - Use macros to indicate OpenSSL versions, so we don't need to worry + about accidental hexadecimal bit shifts. + - Remove some workaround code for OpenSSL 0.9.6 (which is no longer + supported). + - Convert more instances of tor_snprintf+tor_strdup into tor_asprintf. + - Use the smartlist_add_asprintf() alias more consistently. + - Use a TOR_INVALID_SOCKET macro when initializing a socket to an + invalid value, rather than just -1. + - Rename a handful of old identifiers, mostly related to crypto + structures and crypto functions. By convention, our "create an + object" functions are called "type_new()", our "free an object" + functions are called "type_free()", and our types indicate that + they are types only with a final "_t". But a handful of older + types and functions broke these rules, with function names like + "type_create" or "subsystem_op_type", or with type names like + type_env_t. + + +Changes in version 0.2.3.10-alpha - 2011-12-16 + Tor 0.2.3.10-alpha fixes a critical heap-overflow security issue in + Tor's buffers code. Absolutely everybody should upgrade. + + The bug relied on an incorrect calculation when making data continuous + in one of our IO buffers, if the first chunk of the buffer was + misaligned by just the wrong amount. The miscalculation would allow an + attacker to overflow a piece of heap-allocated memory. To mount this + attack, the attacker would need to either open a SOCKS connection to + Tor's SocksPort (usually restricted to localhost), or target a Tor + instance configured to make its connections through a SOCKS proxy + (which Tor does not do by default). + + Good security practice requires that all heap-overflow bugs should be + presumed to be exploitable until proven otherwise, so we are treating + this as a potential code execution attack. Please upgrade immediately! + This bug does not affect bufferevents-based builds of Tor. Special + thanks to "Vektor" for reporting this issue to us! + + This release also contains a few minor bugfixes for issues discovered + in 0.2.3.9-alpha. + + o Major bugfixes: + - Fix a heap overflow bug that could occur when trying to pull + data into the first chunk of a buffer, when that chunk had + already had some data drained from it. Fixes CVE-2011-2778; + bugfix on 0.2.0.16-alpha. Reported by "Vektor". + + o Minor bugfixes: + - If we can't attach streams to a rendezvous circuit when we + finish connecting to a hidden service, clear the rendezvous + circuit's stream-isolation state and try to attach streams + again. Previously, we cleared rendezvous circuits' isolation + state either too early (if they were freshly built) or not at all + (if they had been built earlier and were cannibalized). Bugfix on + 0.2.3.3-alpha; fixes bug 4655. + - Fix compilation of the libnatpmp helper on non-Windows. Bugfix on + 0.2.3.9-alpha; fixes bug 4691. Reported by Anthony G. Basile. + - Fix an assertion failure when a relay with accounting enabled + starts up while dormant. Fixes bug 4702; bugfix on 0.2.3.9-alpha. + + o Minor features: + - Update to the December 6 2011 Maxmind GeoLite Country database. + + +Changes in version 0.2.2.35 - 2011-12-16 + Tor 0.2.2.35 fixes a critical heap-overflow security issue in Tor's + buffers code. Absolutely everybody should upgrade. + + The bug relied on an incorrect calculation when making data continuous + in one of our IO buffers, if the first chunk of the buffer was + misaligned by just the wrong amount. The miscalculation would allow an + attacker to overflow a piece of heap-allocated memory. To mount this + attack, the attacker would need to either open a SOCKS connection to + Tor's SocksPort (usually restricted to localhost), or target a Tor + instance configured to make its connections through a SOCKS proxy + (which Tor does not do by default). + + Good security practice requires that all heap-overflow bugs should be + presumed to be exploitable until proven otherwise, so we are treating + this as a potential code execution attack. Please upgrade immediately! + This bug does not affect bufferevents-based builds of Tor. Special + thanks to "Vektor" for reporting this issue to us! + + Tor 0.2.2.35 also fixes several bugs in previous versions, including + crash bugs for unusual configurations, and a long-term bug that + would prevent Tor from starting on Windows machines with draconian + AV software. + + With this release, we remind everyone that 0.2.0.x has reached its + formal end-of-life. Those Tor versions have many known flaws, and + nobody should be using them. You should upgrade -- ideally to the + 0.2.2.x series. If you're using a Linux or BSD and its packages are + obsolete, stop using those packages and upgrade anyway. + + The Tor 0.2.1.x series is also approaching its end-of-life: it will no + longer receive support after some time in early 2012. + + o Major bugfixes: + - Fix a heap overflow bug that could occur when trying to pull + data into the first chunk of a buffer, when that chunk had + already had some data drained from it. Fixes CVE-2011-2778; + bugfix on 0.2.0.16-alpha. Reported by "Vektor". + - Initialize Libevent with the EVENT_BASE_FLAG_NOLOCK flag enabled, so + that it doesn't attempt to allocate a socketpair. This could cause + some problems on Windows systems with overzealous firewalls. Fix for + bug 4457; workaround for Libevent versions 2.0.1-alpha through + 2.0.15-stable. + - If we mark an OR connection for close based on a cell we process, + don't process any further cells on it. We already avoid further + reads on marked-for-close connections, but now we also discard the + cells we'd already read. Fixes bug 4299; bugfix on 0.2.0.10-alpha, + which was the first version where we might mark a connection for + close based on processing a cell on it. + - Correctly sanity-check that we don't underflow on a memory + allocation (and then assert) for hidden service introduction + point decryption. Bug discovered by Dan Rosenberg. Fixes bug 4410; + bugfix on 0.2.1.5-alpha. + - Fix a memory leak when we check whether a hidden service + descriptor has any usable introduction points left. Fixes bug + 4424. Bugfix on 0.2.2.25-alpha. + - Don't crash when we're running as a relay and don't have a GeoIP + file. Bugfix on 0.2.2.34; fixes bug 4340. This backports a fix + we've had in the 0.2.3.x branch already. + - When running as a client, do not print a misleading (and plain + wrong) log message that we're collecting "directory request" + statistics: clients don't collect statistics. Also don't create a + useless (because empty) stats file in the stats/ directory. Fixes + bug 4353; bugfix on 0.2.2.34. + + o Minor bugfixes: + - Detect failure to initialize Libevent. This fix provides better + detection for future instances of bug 4457. + - Avoid frequent calls to the fairly expensive cull_wedged_cpuworkers + function. This was eating up hideously large amounts of time on some + busy servers. Fixes bug 4518; bugfix on 0.0.9.8. + - Resolve an integer overflow bug in smartlist_ensure_capacity(). + Fixes bug 4230; bugfix on Tor 0.1.0.1-rc. Based on a patch by + Mansour Moufid. + - Don't warn about unused log_mutex in log.c when building with + --disable-threads using a recent GCC. Fixes bug 4437; bugfix on + 0.1.0.6-rc which introduced --disable-threads. + - When configuring, starting, or stopping an NT service, stop + immediately after the service configuration attempt has succeeded + or failed. Fixes bug 3963; bugfix on 0.2.0.7-alpha. + - When sending a NETINFO cell, include the original address + received for the other side, not its canonical address. Found + by "troll_un"; fixes bug 4349; bugfix on 0.2.0.10-alpha. + - Fix a typo in a hibernation-related log message. Fixes bug 4331; + bugfix on 0.2.2.23-alpha; found by "tmpname0901". + - Fix a memory leak in launch_direct_bridge_descriptor_fetch() that + occurred when a client tried to fetch a descriptor for a bridge + in ExcludeNodes. Fixes bug 4383; bugfix on 0.2.2.25-alpha. + - Backport fixes for a pair of compilation warnings on Windows. + Fixes bug 4521; bugfix on 0.2.2.28-beta and on 0.2.2.29-beta. + - If we had ever tried to call tor_addr_to_str on an address of + unknown type, we would have done a strdup on an uninitialized + buffer. Now we won't. Fixes bug 4529; bugfix on 0.2.1.3-alpha. + Reported by "troll_un". + - Correctly detect and handle transient lookup failures from + tor_addr_lookup. Fixes bug 4530; bugfix on 0.2.1.5-alpha. + Reported by "troll_un". + - Fix null-pointer access that could occur if TLS allocation failed. + Fixes bug 4531; bugfix on 0.2.0.20-rc. Found by "troll_un". + - Use tor_socket_t type for listener argument to accept(). Fixes bug + 4535; bugfix on 0.2.2.28-beta. Found by "troll_un". + + o Minor features: + - Add two new config options for directory authorities: + AuthDirFastGuarantee sets a bandwidth threshold for guaranteeing the + Fast flag, and AuthDirGuardBWGuarantee sets a bandwidth threshold + that is always sufficient to satisfy the bandwidth requirement for + the Guard flag. Now it will be easier for researchers to simulate + Tor networks with different values. Resolves ticket 4484. + - When Tor ignores a hidden service specified in its configuration, + include the hidden service's directory in the warning message. + Previously, we would only tell the user that some hidden service + was ignored. Bugfix on 0.0.6; fixes bug 4426. + - Update to the December 6 2011 Maxmind GeoLite Country database. + + o Packaging changes: + - Make it easier to automate expert package builds on Windows, + by removing an absolute path from makensis.exe command. + + +Changes in version 0.2.3.9-alpha - 2011-12-08 + Tor 0.2.3.9-alpha introduces initial IPv6 support for bridges, adds + a "DisableNetwork" security feature that bundles can use to avoid + touching the network until bridges are configured, moves forward on + the pluggable transport design, fixes a flaw in the hidden service + design that unnecessarily prevented clients with wrong clocks from + reaching hidden services, and fixes a wide variety of other issues. + + o Major features: + - Clients can now connect to private bridges over IPv6. Bridges + still need at least one IPv4 address in order to connect to + other relays. Note that we don't yet handle the case where the + user has two bridge lines for the same bridge (one IPv4, one + IPv6). Implements parts of proposal 186. + - New "DisableNetwork" config option to prevent Tor from launching any + connections or accepting any connections except on a control port. + Bundles and controllers can set this option before letting Tor talk + to the rest of the network, for example to prevent any connections + to a non-bridge address. Packages like Orbot can also use this + option to instruct Tor to save power when the network is off. + - Clients and bridges can now be configured to use a separate + "transport" proxy. This approach makes the censorship arms race + easier by allowing bridges to use protocol obfuscation plugins. It + implements the "managed proxy" part of proposal 180 (ticket 3472). + - When using OpenSSL 1.0.0 or later, use OpenSSL's counter mode + implementation. It makes AES_CTR about 7% faster than our old one + (which was about 10% faster than the one OpenSSL used to provide). + Resolves ticket 4526. + - Add a "tor2web mode" for clients that want to connect to hidden + services non-anonymously (and possibly more quickly). As a safety + measure to try to keep users from turning this on without knowing + what they are doing, tor2web mode must be explicitly enabled at + compile time, and a copy of Tor compiled to run in tor2web mode + cannot be used as a normal Tor client. Implements feature 2553. + - Add experimental support for running on Windows with IOCP and no + kernel-space socket buffers. This feature is controlled by a new + "UserspaceIOCPBuffers" config option (off by default), which has + no effect unless Tor has been built with support for bufferevents, + is running on Windows, and has enabled IOCP. This may, in the long + run, help solve or mitigate bug 98. + - Use a more secure consensus parameter voting algorithm. Now at + least three directory authorities or a majority of them must + vote on a given parameter before it will be included in the + consensus. Implements proposal 178. + + o Major bugfixes: + - Hidden services now ignore the timestamps on INTRODUCE2 cells. + They used to check that the timestamp was within 30 minutes + of their system clock, so they could cap the size of their + replay-detection cache, but that approach unnecessarily refused + service to clients with wrong clocks. Bugfix on 0.2.1.6-alpha, when + the v3 intro-point protocol (the first one which sent a timestamp + field in the INTRODUCE2 cell) was introduced; fixes bug 3460. + - Only use the EVP interface when AES acceleration is enabled, + to avoid a 5-7% performance regression. Resolves issue 4525; + bugfix on 0.2.3.8-alpha. + + o Privacy/anonymity features (bridge detection): + - Make bridge SSL certificates a bit more stealthy by using random + serial numbers, in the same fashion as OpenSSL when generating + self-signed certificates. Implements ticket 4584. + - Introduce a new config option "DynamicDHGroups", enabled by + default, which provides each bridge with a unique prime DH modulus + to be used during SSL handshakes. This option attempts to help + against censors who might use the Apache DH modulus as a static + identifier for bridges. Addresses ticket 4548. + + o Minor features (new/different config options): + - New configuration option "DisableDebuggerAttachment" (on by default) + to prevent basic debugging attachment attempts by other processes. + Supports Mac OS X and Gnu/Linux. Resolves ticket 3313. + - Allow MapAddress directives to specify matches against super-domains, + as in "MapAddress *.torproject.org *.torproject.org.torserver.exit". + Implements issue 933. + - Slightly change behavior of "list" options (that is, config + options that can appear more than once) when they appear both in + torrc and on the command line. Previously, the command-line options + would be appended to the ones from torrc. Now, the command-line + options override the torrc options entirely. This new behavior + allows the user to override list options (like exit policies and + ports to listen on) from the command line, rather than simply + appending to the list. + - You can get the old (appending) command-line behavior for "list" + options by prefixing the option name with a "+". + - You can remove all the values for a "list" option from the command + line without adding any new ones by prefixing the option name + with a "/". + - Add experimental support for a "defaults" torrc file to be parsed + before the regular torrc. Torrc options override the defaults file's + options in the same way that the command line overrides the torrc. + The SAVECONF controller command saves only those options which + differ between the current configuration and the defaults file. HUP + reloads both files. (Note: This is an experimental feature; its + behavior will probably be refined in future 0.2.3.x-alpha versions + to better meet packagers' needs.) Implements task 4552. + + o Minor features: + - Try to make the introductory warning message that Tor prints on + startup more useful for actually finding help and information. + Resolves ticket 2474. + - Running "make version" now displays the version of Tor that + we're about to build. Idea from katmagic; resolves issue 4400. + - Expire old or over-used hidden service introduction points. + Required by fix for bug 3460. + - Move the replay-detection cache for the RSA-encrypted parts of + INTRODUCE2 cells to the introduction point data structures. + Previously, we would use one replay-detection cache per hidden + service. Required by fix for bug 3460. + - Reduce the lifetime of elements of hidden services' Diffie-Hellman + public key replay-detection cache from 60 minutes to 5 minutes. This + replay-detection cache is now used only to detect multiple + INTRODUCE2 cells specifying the same rendezvous point, so we can + avoid launching multiple simultaneous attempts to connect to it. + + o Minor bugfixes (on Tor 0.2.2.x and earlier): + - Resolve an integer overflow bug in smartlist_ensure_capacity(). + Fixes bug 4230; bugfix on Tor 0.1.0.1-rc. Based on a patch by + Mansour Moufid. + - Fix a minor formatting issue in one of tor-gencert's error messages. + Fixes bug 4574. + - Prevent a false positive from the check-spaces script, by disabling + the "whitespace between function name and (" check for functions + named 'op()'. + - Fix a log message suggesting that people contact a non-existent + email address. Fixes bug 3448. + - Fix null-pointer access that could occur if TLS allocation failed. + Fixes bug 4531; bugfix on 0.2.0.20-rc. Found by "troll_un". + - Report a real bootstrap problem to the controller on router + identity mismatch. Previously we just said "foo", which probably + made a lot of sense at the time. Fixes bug 4169; bugfix on + 0.2.1.1-alpha. + - If we had ever tried to call tor_addr_to_str() on an address of + unknown type, we would have done a strdup() on an uninitialized + buffer. Now we won't. Fixes bug 4529; bugfix on 0.2.1.3-alpha. + Reported by "troll_un". + - Correctly detect and handle transient lookup failures from + tor_addr_lookup(). Fixes bug 4530; bugfix on 0.2.1.5-alpha. + Reported by "troll_un". + - Use tor_socket_t type for listener argument to accept(). Fixes bug + 4535; bugfix on 0.2.2.28-beta. Found by "troll_un". + - Initialize conn->addr to a valid state in spawn_cpuworker(). Fixes + bug 4532; found by "troll_un". + + o Minor bugfixes (on Tor 0.2.3.x): + - Fix a compile warning in tor_inet_pton(). Bugfix on 0.2.3.8-alpha; + fixes bug 4554. + - Don't send two ESTABLISH_RENDEZVOUS cells when opening a new + circuit for use as a hidden service client's rendezvous point. + Fixes bugs 4641 and 4171; bugfix on 0.2.3.3-alpha. Diagnosed + with help from wanoskarnet. + - Restore behavior of overriding SocksPort, ORPort, and similar + options from the command line. Bugfix on 0.2.3.3-alpha. + + o Build fixes: + - Properly handle the case where the build-tree is not the same + as the source tree when generating src/common/common_sha1.i, + src/or/micro-revision.i, and src/or/or_sha1.i. Fixes bug 3953; + bugfix on 0.2.0.1-alpha. + + o Code simplifications, cleanups, and refactorings: + - Remove the pure attribute from all functions that used it + previously. In many cases we assigned it incorrectly, because the + functions might assert or call impure functions, and we don't have + evidence that keeping the pure attribute is worthwhile. Implements + changes suggested in ticket 4421. + - Remove some dead code spotted by coverity. Fixes cid 432. + Bugfix on 0.2.3.1-alpha, closes bug 4637. + + +Changes in version 0.2.3.8-alpha - 2011-11-22 + Tor 0.2.3.8-alpha fixes some crash and assert bugs, including a + socketpair-related bug that has been bothering Windows users. It adds + support to serve microdescriptors to controllers, so Vidalia's network + map can resume listing relays (once Vidalia implements its side), + and adds better support for hardware AES acceleration. Finally, it + starts the process of adjusting the bandwidth cutoff for getting the + "Fast" flag from 20KB to (currently) 32KB -- preliminary results show + that tiny relays harm performance more than they help network capacity. + + o Major bugfixes: + - Initialize Libevent with the EVENT_BASE_FLAG_NOLOCK flag enabled, so + that it doesn't attempt to allocate a socketpair. This could cause + some problems on Windows systems with overzealous firewalls. Fix for + bug 4457; workaround for Libevent versions 2.0.1-alpha through + 2.0.15-stable. + - Correctly sanity-check that we don't underflow on a memory + allocation (and then assert) for hidden service introduction + point decryption. Bug discovered by Dan Rosenberg. Fixes bug 4410; + bugfix on 0.2.1.5-alpha. + - Remove the artificially low cutoff of 20KB to guarantee the Fast + flag. In the past few years the average relay speed has picked + up, and while the "top 7/8 of the network get the Fast flag" and + "all relays with 20KB or more of capacity get the Fast flag" rules + used to have the same result, now the top 7/8 of the network has + a capacity more like 32KB. Bugfix on 0.2.1.14-rc. Fixes bug 4489. + - Fix a rare assertion failure when checking whether a v0 hidden + service descriptor has any usable introduction points left, and + we don't have enough information to build a circuit to the first + intro point named in the descriptor. The HS client code in + 0.2.3.x no longer uses v0 HS descriptors, but this assertion can + trigger on (and crash) v0 HS authorities. Fixes bug 4411. + Bugfix on 0.2.3.1-alpha; diagnosed by frosty_un. + - Make bridge authorities not crash when they are asked for their own + descriptor. Bugfix on 0.2.3.7-alpha, reported by Lucky Green. + - When running as a client, do not print a misleading (and plain + wrong) log message that we're collecting "directory request" + statistics: clients don't collect statistics. Also don't create a + useless (because empty) stats file in the stats/ directory. Fixes + bug 4353; bugfix on 0.2.2.34 and 0.2.3.7-alpha. + + o Major features: + - Allow Tor controllers like Vidalia to obtain the microdescriptor + for a relay by identity digest or nickname. Previously, + microdescriptors were only available by their own digests, so a + controller would have to ask for and parse the whole microdescriptor + consensus in order to look up a single relay's microdesc. Fixes + bug 3832; bugfix on 0.2.3.1-alpha. + - Use OpenSSL's EVP interface for AES encryption, so that all AES + operations can use hardware acceleration (if present). Resolves + ticket 4442. + + o Minor bugfixes (on 0.2.2.x and earlier): + - Detect failure to initialize Libevent. This fix provides better + detection for future instances of bug 4457. + - Avoid frequent calls to the fairly expensive cull_wedged_cpuworkers + function. This was eating up hideously large amounts of time on some + busy servers. Fixes bug 4518; bugfix on 0.0.9.8. + - Don't warn about unused log_mutex in log.c when building with + --disable-threads using a recent GCC. Fixes bug 4437; bugfix on + 0.1.0.6-rc which introduced --disable-threads. + - Allow manual 'authenticate' commands to the controller interface + from netcat (nc) as well as telnet. We were rejecting them because + they didn't come with the expected whitespace at the end of the + command. Bugfix on 0.1.1.1-alpha; fixes bug 2893. + - Fix some (not actually triggerable) buffer size checks in usage of + tor_inet_ntop. Fixes bug 4434; bugfix on Tor 0.2.0.1-alpha. Patch + by Anders Sundman. + - Fix parsing of some corner-cases with tor_inet_pton(). Fixes + bug 4515; bugfix on 0.2.0.1-alpha; fix by Anders Sundman. + - When configuring, starting, or stopping an NT service, stop + immediately after the service configuration attempt has succeeded + or failed. Fixes bug 3963; bugfix on 0.2.0.7-alpha. + - When sending a NETINFO cell, include the original address + received for the other side, not its canonical address. Found + by "troll_un"; fixes bug 4349; bugfix on 0.2.0.10-alpha. + - Rename the bench_{aes,dmap} functions to test_*, so that tinytest + can pick them up when the tests aren't disabled. Bugfix on + 0.2.2.4-alpha which introduced tinytest. + - Fix a memory leak when we check whether a hidden service + descriptor has any usable introduction points left. Fixes bug + 4424. Bugfix on 0.2.2.25-alpha. + - Fix a memory leak in launch_direct_bridge_descriptor_fetch() that + occurred when a client tried to fetch a descriptor for a bridge + in ExcludeNodes. Fixes bug 4383; bugfix on 0.2.2.25-alpha. + + o Minor bugfixes (on 0.2.3.x): + - Make util unit tests build correctly with MSVC. Bugfix on + 0.2.3.3-alpha. Patch by Gisle Vanem. + - Successfully detect AUTH_CHALLENGE cells with no recognized + authentication type listed. Fixes bug 4367; bugfix on 0.2.3.6-alpha. + Found by frosty_un. + - If a relay receives an AUTH_CHALLENGE cell it can't answer, + it should still send a NETINFO cell to allow the connection to + become open. Fixes bug 4368; fix on 0.2.3.6-alpha; bug found by + "frosty". + - Log less loudly when we get an invalid authentication certificate + from a source other than a directory authority: it's not unusual + to see invalid certs because of clock skew. Fixes bug 4370; bugfix + on 0.2.3.6-alpha. + - Tolerate servers with more clock skew in their authentication + certificates than previously. Fixes bug 4371; bugfix on + 0.2.3.6-alpha. + - Fix a couple of compile warnings on Windows. Fixes bug 4469; bugfix + on 0.2.3.4-alpha and 0.2.3.6-alpha. + + o Minor features: + - Add two new config options for directory authorities: + AuthDirFastGuarantee sets a bandwidth threshold for guaranteeing the + Fast flag, and AuthDirGuardBWGuarantee sets a bandwidth threshold + that is always sufficient to satisfy the bandwidth requirement for + the Guard flag. Now it will be easier for researchers to simulate + Tor networks with different values. Resolves ticket 4484. + - When Tor ignores a hidden service specified in its configuration, + include the hidden service's directory in the warning message. + Previously, we would only tell the user that some hidden service + was ignored. Bugfix on 0.0.6; fixes bug 4426. + - When we fail to initialize Libevent, retry with IOCP disabled so we + don't need to turn on multi-threading support in Libevent, which in + turn requires a working socketpair(). This is a workaround for bug + 4457, which affects Libevent versions from 2.0.1-alpha through + 2.0.15-stable. + - Detect when we try to build on a platform that doesn't define + AF_UNSPEC to 0. We don't work there, so refuse to compile. + - Update to the November 1 2011 Maxmind GeoLite Country database. + + o Packaging changes: + - Make it easier to automate expert package builds on Windows, + by removing an absolute path from makensis.exe command. + + o Code simplifications and refactoring: + - Remove some redundant #include directives throughout the code. + Patch from Andrea Gelmini. + - Unconditionally use OpenSSL's AES implementation instead of our + old built-in one. OpenSSL's AES has been better for a while, and + relatively few servers should still be on any version of OpenSSL + that doesn't have good optimized assembly AES. + - Use the name "CERTS" consistently to refer to the new cell type; + we were calling it CERT in some places and CERTS in others. + + o Testing: + - Numerous new unit tests for functions in util.c and address.c by + Anders Sundman. + - The long-disabled benchmark tests are now split into their own + ./src/test/bench binary. + - The benchmark tests can now use more accurate timers than + gettimeofday() when such timers are available. + + +Changes in version 0.2.3.7-alpha - 2011-10-30 + Tor 0.2.3.7-alpha fixes a crash bug in 0.2.3.6-alpha introduced by + the new v3 handshake. It also resolves yet another bridge address + enumeration issue. + + o Major bugfixes: + - If we mark an OR connection for close based on a cell we process, + don't process any further cells on it. We already avoid further + reads on marked-for-close connections, but now we also discard the + cells we'd already read. Fixes bug 4299; bugfix on 0.2.0.10-alpha, + which was the first version where we might mark a connection for + close based on processing a cell on it. + - Fix a double-free bug that would occur when we received an invalid + certificate in a CERT cell in the new v3 handshake. Fixes bug 4343; + bugfix on 0.2.3.6-alpha. + - Bridges no longer include their address in NETINFO cells on outgoing + OR connections, to allow them to blend in better with clients. + Removes another avenue for enumerating bridges. Reported by + "troll_un". Fixes bug 4348; bugfix on 0.2.0.10-alpha, when NETINFO + cells were introduced. + + o Trivial fixes: + - Fixed a typo in a hibernation-related log message. Fixes bug 4331; + bugfix on 0.2.2.23-alpha; found by "tmpname0901". + + +Changes in version 0.2.3.6-alpha - 2011-10-26 + Tor 0.2.3.6-alpha includes the fix from 0.2.2.34 for a critical + anonymity vulnerability where an attacker can deanonymize Tor + users. Everybody should upgrade. + + This release also features support for a new v3 connection handshake + protocol, and fixes to make hidden service connections more robust. + + o Major features: + - Implement a new handshake protocol (v3) for authenticating Tors to + each other over TLS. It should be more resistant to fingerprinting + than previous protocols, and should require less TLS hacking for + future Tor implementations. Implements proposal 176. + - Allow variable-length padding cells to disguise the length of + Tor's TLS records. Implements part of proposal 184. + + o Privacy/anonymity fixes (clients): + - Clients and bridges no longer send TLS certificate chains on + outgoing OR connections. Previously, each client or bridge would + use the same cert chain for all outgoing OR connections until + its IP address changes, which allowed any relay that the client + or bridge contacted to determine which entry guards it is using. + Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un". + - If a relay receives a CREATE_FAST cell on a TLS connection, it + no longer considers that connection as suitable for satisfying a + circuit EXTEND request. Now relays can protect clients from the + CVE-2011-2768 issue even if the clients haven't upgraded yet. + - Directory authorities no longer assign the Guard flag to relays + that haven't upgraded to the above "refuse EXTEND requests + to client connections" fix. Now directory authorities can + protect clients from the CVE-2011-2768 issue even if neither + the clients nor the relays have upgraded yet. There's a new + "GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays" config option + to let us transition smoothly, else tomorrow there would be no + guard relays. + + o Major bugfixes (hidden services): + - Improve hidden service robustness: when an attempt to connect to + a hidden service ends, be willing to refetch its hidden service + descriptors from each of the HSDir relays responsible for them + immediately. Previously, we would not consider refetching the + service's descriptors from each HSDir for 15 minutes after the last + fetch, which was inconvenient if the hidden service was not running + during the first attempt. Bugfix on 0.2.0.18-alpha; fixes bug 3335. + - When one of a hidden service's introduction points appears to be + unreachable, stop trying it. Previously, we would keep trying + to build circuits to the introduction point until we lost the + descriptor, usually because the user gave up and restarted Tor. + Partly fixes bug 3825. + - Don't launch a useless circuit after failing to use one of a + hidden service's introduction points. Previously, we would + launch a new introduction circuit, but not set the hidden service + which that circuit was intended to connect to, so it would never + actually be used. A different piece of code would then create a + new introduction circuit correctly. Bug reported by katmagic and + found by Sebastian Hahn. Bugfix on 0.2.1.13-alpha; fixes bug 4212. + + o Major bugfixes (other): + - Bridges now refuse CREATE or CREATE_FAST cells on OR connections + that they initiated. Relays could distinguish incoming bridge + connections from client connections, creating another avenue for + enumerating bridges. Fixes CVE-2011-2769. Bugfix on 0.2.0.3-alpha. + Found by "frosty_un". + - Don't update the AccountingSoftLimitHitAt state file entry whenever + tor gets started. This prevents a wrong average bandwidth + estimate, which would cause relays to always start a new accounting + interval at the earliest possible moment. Fixes bug 2003; bugfix + on 0.2.2.7-alpha. Reported by BryonEldridge, who also helped + immensely in tracking this bug down. + - Fix a crash bug when changing node restrictions while a DNS lookup + is in-progress. Fixes bug 4259; bugfix on 0.2.2.25-alpha. Bugfix + by "Tey'". + + o Minor bugfixes (on 0.2.2.x and earlier): + - When a hidden service turns an extra service-side introduction + circuit into a general-purpose circuit, free the rend_data and + intro_key fields first, so we won't leak memory if the circuit + is cannibalized for use as another service-side introduction + circuit. Bugfix on 0.2.1.7-alpha; fixes bug 4251. + - Rephrase the log message emitted if the TestSocks check is + successful. Patch from Fabian Keil; fixes bug 4094. + - Bridges now skip DNS self-tests, to act a little more stealthily. + Fixes bug 4201; bugfix on 0.2.0.3-alpha, which first introduced + bridges. Patch by "warms0x". + - Remove a confusing dollar sign from the example fingerprint in the + man page, and also make the example fingerprint a valid one. Fixes + bug 4309; bugfix on 0.2.1.3-alpha. + - Fix internal bug-checking logic that was supposed to catch + failures in digest generation so that it will fail more robustly + if we ask for a nonexistent algorithm. Found by Coverity Scan. + Bugfix on 0.2.2.1-alpha; fixes Coverity CID 479. + - Report any failure in init_keys() calls launched because our + IP address has changed. Spotted by Coverity Scan. Bugfix on + 0.1.1.4-alpha; fixes CID 484. + + o Minor bugfixes (on 0.2.3.x): + - Fix a bug in configure.in that kept it from building a configure + script with autoconf versions earlier than 2.61. Fixes bug 2430; + bugfix on 0.2.3.1-alpha. + - Don't warn users that they are exposing a client port to the + Internet if they have specified an RFC1918 address. Previously, + we would warn if the user had specified any non-loopback + address. Bugfix on 0.2.3.3-alpha. Fixes bug 4018; reported by Tas. + - Fix memory leaks in the failing cases of the new SocksPort and + ControlPort code. Found by Coverity Scan. Bugfix on 0.2.3.3-alpha; + fixes coverity CIDs 485, 486, and 487. + + o Minor features: + - When a hidden service's introduction point times out, consider + trying it again during the next attempt to connect to the + HS. Previously, we would not try it again unless a newly fetched + descriptor contained it. Required by fixes for bugs 1297 and 3825. + - The next version of Windows will be called Windows 8, and it has + a major version of 6, minor version of 2. Correctly identify that + version instead of calling it "Very recent version". Resolves + ticket 4153; reported by funkstar. + - The Bridge Authority now writes statistics on how many bridge + descriptors it gave out in total, and how many unique descriptors + it gave out. It also lists how often the most and least commonly + fetched descriptors were given out, as well as the median and + 25th/75th percentile. Implements tickets 4200 and 4294. + - Update to the October 4 2011 Maxmind GeoLite Country database. + + o Code simplifications and refactoring: + - Remove some old code to remember statistics about which descriptors + we've served as a directory mirror. The feature wasn't used and + is outdated now that microdescriptors are around. + - Rename Tor functions that turn strings into addresses, so that + "parse" indicates that no hostname resolution occurs, and + "lookup" indicates that hostname resolution may occur. This + should help prevent mistakes in the future. Fixes bug 3512. + + +Changes in version 0.2.2.34 - 2011-10-26 + Tor 0.2.2.34 fixes a critical anonymity vulnerability where an attacker + can deanonymize Tor users. Everybody should upgrade. + + The attack relies on four components: 1) Clients reuse their TLS cert + when talking to different relays, so relays can recognize a user by + the identity key in her cert. 2) An attacker who knows the client's + identity key can probe each guard relay to see if that identity key + is connected to that guard relay right now. 3) A variety of active + attacks in the literature (starting from "Low-Cost Traffic Analysis + of Tor" by Murdoch and Danezis in 2005) allow a malicious website to + discover the guard relays that a Tor user visiting the website is using. + 4) Clients typically pick three guards at random, so the set of guards + for a given user could well be a unique fingerprint for her. This + release fixes components #1 and #2, which is enough to block the attack; + the other two remain as open research problems. Special thanks to + "frosty_un" for reporting the issue to us! + + Clients should upgrade so they are no longer recognizable by the TLS + certs they present. Relays should upgrade so they no longer allow a + remote attacker to probe them to test whether unpatched clients are + currently connected to them. + + This release also fixes several vulnerabilities that allow an attacker + to enumerate bridge relays. Some bridge enumeration attacks still + remain; see for example proposal 188. + + o Privacy/anonymity fixes (clients): + - Clients and bridges no longer send TLS certificate chains on + outgoing OR connections. Previously, each client or bridge would + use the same cert chain for all outgoing OR connections until + its IP address changes, which allowed any relay that the client + or bridge contacted to determine which entry guards it is using. + Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un". + - If a relay receives a CREATE_FAST cell on a TLS connection, it + no longer considers that connection as suitable for satisfying a + circuit EXTEND request. Now relays can protect clients from the + CVE-2011-2768 issue even if the clients haven't upgraded yet. + - Directory authorities no longer assign the Guard flag to relays + that haven't upgraded to the above "refuse EXTEND requests + to client connections" fix. Now directory authorities can + protect clients from the CVE-2011-2768 issue even if neither + the clients nor the relays have upgraded yet. There's a new + "GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays" config option + to let us transition smoothly, else tomorrow there would be no + guard relays. + + o Privacy/anonymity fixes (bridge enumeration): + - Bridge relays now do their directory fetches inside Tor TLS + connections, like all the other clients do, rather than connecting + directly to the DirPort like public relays do. Removes another + avenue for enumerating bridges. Fixes bug 4115; bugfix on 0.2.0.35. + - Bridges relays now build circuits for themselves in a more similar + way to how clients build them. Removes another avenue for + enumerating bridges. Fixes bug 4124; bugfix on 0.2.0.3-alpha, + when bridges were introduced. + - Bridges now refuse CREATE or CREATE_FAST cells on OR connections + that they initiated. Relays could distinguish incoming bridge + connections from client connections, creating another avenue for + enumerating bridges. Fixes CVE-2011-2769. Bugfix on 0.2.0.3-alpha. + Found by "frosty_un". + + o Major bugfixes: + - Fix a crash bug when changing node restrictions while a DNS lookup + is in-progress. Fixes bug 4259; bugfix on 0.2.2.25-alpha. Bugfix + by "Tey'". + - Don't launch a useless circuit after failing to use one of a + hidden service's introduction points. Previously, we would + launch a new introduction circuit, but not set the hidden service + which that circuit was intended to connect to, so it would never + actually be used. A different piece of code would then create a + new introduction circuit correctly. Bug reported by katmagic and + found by Sebastian Hahn. Bugfix on 0.2.1.13-alpha; fixes bug 4212. + + o Minor bugfixes: + - Change an integer overflow check in the OpenBSD_Malloc code so + that GCC is less likely to eliminate it as impossible. Patch + from Mansour Moufid. Fixes bug 4059. + - When a hidden service turns an extra service-side introduction + circuit into a general-purpose circuit, free the rend_data and + intro_key fields first, so we won't leak memory if the circuit + is cannibalized for use as another service-side introduction + circuit. Bugfix on 0.2.1.7-alpha; fixes bug 4251. + - Bridges now skip DNS self-tests, to act a little more stealthily. + Fixes bug 4201; bugfix on 0.2.0.3-alpha, which first introduced + bridges. Patch by "warms0x". + - Fix internal bug-checking logic that was supposed to catch + failures in digest generation so that it will fail more robustly + if we ask for a nonexistent algorithm. Found by Coverity Scan. + Bugfix on 0.2.2.1-alpha; fixes Coverity CID 479. + - Report any failure in init_keys() calls launched because our + IP address has changed. Spotted by Coverity Scan. Bugfix on + 0.1.1.4-alpha; fixes CID 484. + + o Minor bugfixes (log messages and documentation): + - Remove a confusing dollar sign from the example fingerprint in the + man page, and also make the example fingerprint a valid one. Fixes + bug 4309; bugfix on 0.2.1.3-alpha. + - The next version of Windows will be called Windows 8, and it has + a major version of 6, minor version of 2. Correctly identify that + version instead of calling it "Very recent version". Resolves + ticket 4153; reported by funkstar. + - Downgrade log messages about circuit timeout calibration from + "notice" to "info": they don't require or suggest any human + intervention. Patch from Tom Lowenthal. Fixes bug 4063; + bugfix on 0.2.2.14-alpha. + + o Minor features: + - Turn on directory request statistics by default and include them in + extra-info descriptors. Don't break if we have no GeoIP database. + Backported from 0.2.3.1-alpha; implements ticket 3951. + - Update to the October 4 2011 Maxmind GeoLite Country database. + + +Changes in version 0.2.1.31 - 2011-10-26 + Tor 0.2.1.31 backports important security and privacy fixes for + oldstable. This release is intended only for package maintainers and + others who cannot use the 0.2.2 stable series. All others should be + using Tor 0.2.2.x or newer. + + o Security fixes (also included in 0.2.2.x): + - Replace all potentially sensitive memory comparison operations + with versions whose runtime does not depend on the data being + compared. This will help resist a class of attacks where an + adversary can use variations in timing information to learn + sensitive data. Fix for one case of bug 3122. (Safe memcmp + implementation by Robert Ransom based partially on code by DJB.) + - Fix an assert in parsing router descriptors containing IPv6 + addresses. This one took down the directory authorities when + somebody tried some experimental code. Bugfix on 0.2.1.3-alpha. + + o Privacy/anonymity fixes (also included in 0.2.2.x): + - Clients and bridges no longer send TLS certificate chains on + outgoing OR connections. Previously, each client or bridge would + use the same cert chain for all outgoing OR connections until + its IP address changes, which allowed any relay that the client + or bridge contacted to determine which entry guards it is using. + Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un". + - If a relay receives a CREATE_FAST cell on a TLS connection, it + no longer considers that connection as suitable for satisfying a + circuit EXTEND request. Now relays can protect clients from the + CVE-2011-2768 issue even if the clients haven't upgraded yet. + - Bridges now refuse CREATE or CREATE_FAST cells on OR connections + that they initiated. Relays could distinguish incoming bridge + connections from client connections, creating another avenue for + enumerating bridges. Fixes CVE-2011-2769. Bugfix on 0.2.0.3-alpha. + Found by "frosty_un". + - When receiving a hidden service descriptor, check that it is for + the hidden service we wanted. Previously, Tor would store any + hidden service descriptors that a directory gave it, whether it + wanted them or not. This wouldn't have let an attacker impersonate + a hidden service, but it did let directories pre-seed a client + with descriptors that it didn't want. Bugfix on 0.0.6. + - Avoid linkability based on cached hidden service descriptors: forget + all hidden service descriptors cached as a client when processing a + SIGNAL NEWNYM command. Fixes bug 3000; bugfix on 0.0.6. + - Make the bridge directory authority refuse to answer directory + requests for "all" descriptors. It used to include bridge + descriptors in its answer, which was a major information leak. + Found by "piebeer". Bugfix on 0.2.0.3-alpha. + - Don't attach new streams to old rendezvous circuits after SIGNAL + NEWNYM. Previously, we would keep using an existing rendezvous + circuit if it remained open (i.e. if it were kept open by a + long-lived stream, or if a new stream were attached to it before + Tor could notice that it was old and no longer in use). Bugfix on + 0.1.1.15-rc; fixes bug 3375. + + o Minor bugfixes (also included in 0.2.2.x): + - When we restart our relay, we might get a successful connection + from the outside before we've started our reachability tests, + triggering a warning: "ORPort found reachable, but I have no + routerinfo yet. Failing to inform controller of success." This + bug was harmless unless Tor is running under a controller + like Vidalia, in which case the controller would never get a + REACHABILITY_SUCCEEDED status event. Bugfix on 0.1.2.6-alpha; + fixes bug 1172. + - Build correctly on OSX with zlib 1.2.4 and higher with all warnings + enabled. Fixes bug 1526. + - Remove undocumented option "-F" from tor-resolve: it hasn't done + anything since 0.2.1.16-rc. + - Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned. + None of the cases where we did this before were wrong, but by making + this change we avoid warnings. Fixes bug 2475; bugfix on 0.2.1.28. + - Fix a rare crash bug that could occur when a client was configured + with a large number of bridges. Fixes bug 2629; bugfix on + 0.2.1.2-alpha. Bugfix by trac user "shitlei". + - Correct the warning displayed when a rendezvous descriptor exceeds + the maximum size. Fixes bug 2750; bugfix on 0.2.1.5-alpha. Found by + John Brooks. + - Fix an uncommon assertion failure when running with DNSPort under + heavy load. Fixes bug 2933; bugfix on 0.2.0.1-alpha. + - When warning about missing zlib development packages during compile, + give the correct package names. Bugfix on 0.2.0.1-alpha. + - Require that introduction point keys and onion keys have public + exponent 65537. Bugfix on 0.2.0.10-alpha. + - Do not crash when our configuration file becomes unreadable, for + example due to a permissions change, between when we start up + and when a controller calls SAVECONF. Fixes bug 3135; bugfix + on 0.0.9pre6. + - Fix warnings from GCC 4.6's "-Wunused-but-set-variable" option. + Fixes bug 3208. + - Always NUL-terminate the sun_path field of a sockaddr_un before + passing it to the kernel. (Not a security issue: kernels are + smart enough to reject bad sockaddr_uns.) Found by Coverity; + CID #428. Bugfix on Tor 0.2.0.3-alpha. + - Don't stack-allocate the list of supplementary GIDs when we're + about to log them. Stack-allocating NGROUPS_MAX gid_t elements + could take up to 256K, which is way too much stack. Found by + Coverity; CID #450. Bugfix on 0.2.1.7-alpha. + + o Minor bugfixes (only in 0.2.1.x): + - Resume using micro-version numbers in 0.2.1.x: our Debian packages + rely on them. Bugfix on 0.2.1.30. + - Use git revisions instead of svn revisions when generating our + micro-version numbers. Bugfix on 0.2.1.15-rc; fixes bug 2402. + + o Minor features (also included in 0.2.2.x): + - Adjust the expiration time on our SSL session certificates to + better match SSL certs seen in the wild. Resolves ticket 4014. + - Allow nameservers with IPv6 address. Resolves bug 2574. + - Update to the October 4 2011 Maxmind GeoLite Country database. + + +Changes in version 0.2.3.5-alpha - 2011-09-28 + Tor 0.2.3.5-alpha fixes two bugs that make it possible to enumerate + bridge relays; fixes an assertion error that many users started hitting + today; and adds the ability to refill token buckets more often than + once per second, allowing significant performance improvements. + + o Security fixes: + - Bridge relays now do their directory fetches inside Tor TLS + connections, like all the other clients do, rather than connecting + directly to the DirPort like public relays do. Removes another + avenue for enumerating bridges. Fixes bug 4115; bugfix on 0.2.0.35. + - Bridges relays now build circuits for themselves in a more similar + way to how clients build them. Removes another avenue for + enumerating bridges. Fixes bug 4124; bugfix on 0.2.0.3-alpha, + when bridges were introduced. + + o Major bugfixes: + - Fix an "Assertion md->held_by_node == 1 failed" error that could + occur when the same microdescriptor was referenced by two node_t + objects at once. Fix for bug 4118; bugfix on Tor 0.2.3.1-alpha. + + o Major features (networking): + - Add a new TokenBucketRefillInterval option to refill token buckets + more frequently than once per second. This should improve network + performance, alleviate queueing problems, and make traffic less + bursty. Implements proposal 183; closes ticket 3630. Design by + Florian Tschorsch and Björn Scheuermann; implementation by + Florian Tschorsch. + + o Minor bugfixes: + - Change an integer overflow check in the OpenBSD_Malloc code so + that GCC is less likely to eliminate it as impossible. Patch + from Mansour Moufid. Fixes bug 4059. + + o Minor bugfixes (usability): + - Downgrade log messages about circuit timeout calibration from + "notice" to "info": they don't require or suggest any human + intervention. Patch from Tom Lowenthal. Fixes bug 4063; + bugfix on 0.2.2.14-alpha. + + o Minor features (diagnostics): + - When the system call to create a listener socket fails, log the + error message explaining why. This may help diagnose bug 4027. + + +Changes in version 0.2.3.4-alpha - 2011-09-13 + Tor 0.2.3.4-alpha includes the fixes from 0.2.2.33, including a slight + tweak to Tor's TLS handshake that makes relays and bridges that run + this new version reachable from Iran again. It also fixes a few new + bugs in 0.2.3.x, and teaches relays to recognize when they're not + listed in the network consensus and republish. + + o Major bugfixes (also part of 0.2.2.33): + - Avoid an assertion failure when reloading a configuration with + TrackExitHosts changes. Found and fixed by 'laruldan'. Fixes bug + 3923; bugfix on 0.2.2.25-alpha. + + o Minor features (security, also part of 0.2.2.33): + - Check for replays of the public-key encrypted portion of an + INTRODUCE1 cell, in addition to the current check for replays of + the g^x value. This prevents a possible class of active attacks + by an attacker who controls both an introduction point and a + rendezvous point, and who uses the malleability of AES-CTR to + alter the encrypted g^x portion of the INTRODUCE1 cell. We think + that these attacks is infeasible (requiring the attacker to send + on the order of zettabytes of altered cells in a short interval), + but we'd rather block them off in case there are any classes of + this attack that we missed. Reported by Willem Pinckaers. + + o Minor features (also part of 0.2.2.33): + - Adjust the expiration time on our SSL session certificates to + better match SSL certs seen in the wild. Resolves ticket 4014. + - Change the default required uptime for a relay to be accepted as + a HSDir (hidden service directory) from 24 hours to 25 hours. + Improves on 0.2.0.10-alpha; resolves ticket 2649. + - Add a VoteOnHidServDirectoriesV2 config option to allow directory + authorities to abstain from voting on assignment of the HSDir + consensus flag. Related to bug 2649. + - Update to the September 6 2011 Maxmind GeoLite Country database. + + o Minor bugfixes (also part of 0.2.2.33): + - Demote the 'replay detected' log message emitted when a hidden + service receives the same Diffie-Hellman public key in two different + INTRODUCE2 cells to info level. A normal Tor client can cause that + log message during its normal operation. Bugfix on 0.2.1.6-alpha; + fixes part of bug 2442. + - Demote the 'INTRODUCE2 cell is too {old,new}' log message to info + level. There is nothing that a hidden service's operator can do + to fix its clients' clocks. Bugfix on 0.2.1.6-alpha; fixes part + of bug 2442. + - Clarify a log message specifying the characters permitted in + HiddenServiceAuthorizeClient client names. Previously, the log + message said that "[A-Za-z0-9+-_]" were permitted; that could have + given the impression that every ASCII character between "+" and "_" + was permitted. Now we say "[A-Za-z0-9+_-]". Bugfix on 0.2.1.5-alpha. + + o Build fixes (also part of 0.2.2.33): + - Clean up some code issues that prevented Tor from building on older + BSDs. Fixes bug 3894; reported by "grarpamp". + - Search for a platform-specific version of "ar" when cross-compiling. + Should fix builds on iOS. Resolves bug 3909, found by Marco Bonetti. + + o Major bugfixes: + - Fix a bug where the SocksPort option (for example) would get + ignored and replaced by the default if a SocksListenAddress + option was set. Bugfix on 0.2.3.3-alpha; fixes bug 3936. Fix by + Fabian Keil. + + o Major features: + - Relays now try regenerating and uploading their descriptor more + frequently if they are not listed in the consensus, or if the + version of their descriptor listed in the consensus is too + old. This fix should prevent situations where a server declines + to re-publish itself because it has done so too recently, even + though the authorities decided not to list its recent-enough + descriptor. Fix for bug 3327. + + o Minor features: + - Relays now include a reason for regenerating their descriptors + in an HTTP header when uploading to the authorities. This will + make it easier to debug descriptor-upload issues in the future. + - When starting as root and then changing our UID via the User + control option, and we have a ControlSocket configured, make sure + that the ControlSocket is owned by the same account that Tor will + run under. Implements ticket 3421; fix by Jérémy Bobbio. + + o Minor bugfixes: + - Abort if tor_vasprintf fails in connection_printf_to_buf (a + utility function used in the control-port code). This shouldn't + ever happen unless Tor is completely out of memory, but if it did + happen and Tor somehow recovered from it, Tor could have sent a log + message to a control port in the middle of a reply to a controller + command. Fixes part of bug 3428; bugfix on 0.1.2.3-alpha. + - Make 'FetchUselessDescriptors' cause all descriptor types and + all consensus types (including microdescriptors) to get fetched. + Fixes bug 3851; bugfix on 0.2.3.1-alpha. + + o Code refactoring: + - Make a new "entry connection" struct as an internal subtype of "edge + connection", to simplify the code and make exit connections smaller. + + +Changes in version 0.2.2.33 - 2011-09-13 + Tor 0.2.2.33 fixes several bugs, and includes a slight tweak to Tor's + TLS handshake that makes relays and bridges that run this new version + reachable from Iran again. + + o Major bugfixes: + - Avoid an assertion failure when reloading a configuration with + TrackExitHosts changes. Found and fixed by 'laruldan'. Fixes bug + 3923; bugfix on 0.2.2.25-alpha. + + o Minor features (security): + - Check for replays of the public-key encrypted portion of an + INTRODUCE1 cell, in addition to the current check for replays of + the g^x value. This prevents a possible class of active attacks + by an attacker who controls both an introduction point and a + rendezvous point, and who uses the malleability of AES-CTR to + alter the encrypted g^x portion of the INTRODUCE1 cell. We think + that these attacks are infeasible (requiring the attacker to send + on the order of zettabytes of altered cells in a short interval), + but we'd rather block them off in case there are any classes of + this attack that we missed. Reported by Willem Pinckaers. + + o Minor features: + - Adjust the expiration time on our SSL session certificates to + better match SSL certs seen in the wild. Resolves ticket 4014. + - Change the default required uptime for a relay to be accepted as + a HSDir (hidden service directory) from 24 hours to 25 hours. + Improves on 0.2.0.10-alpha; resolves ticket 2649. + - Add a VoteOnHidServDirectoriesV2 config option to allow directory + authorities to abstain from voting on assignment of the HSDir + consensus flag. Related to bug 2649. + - Update to the September 6 2011 Maxmind GeoLite Country database. + + o Minor bugfixes (documentation and log messages): + - Correct the man page to explain that HashedControlPassword and + CookieAuthentication can both be set, in which case either method + is sufficient to authenticate to Tor. Bugfix on 0.2.0.7-alpha, + when we decided to allow these config options to both be set. Issue + raised by bug 3898. + - Demote the 'replay detected' log message emitted when a hidden + service receives the same Diffie-Hellman public key in two different + INTRODUCE2 cells to info level. A normal Tor client can cause that + log message during its normal operation. Bugfix on 0.2.1.6-alpha; + fixes part of bug 2442. + - Demote the 'INTRODUCE2 cell is too {old,new}' log message to info + level. There is nothing that a hidden service's operator can do + to fix its clients' clocks. Bugfix on 0.2.1.6-alpha; fixes part + of bug 2442. + - Clarify a log message specifying the characters permitted in + HiddenServiceAuthorizeClient client names. Previously, the log + message said that "[A-Za-z0-9+-_]" were permitted; that could have + given the impression that every ASCII character between "+" and "_" + was permitted. Now we say "[A-Za-z0-9+_-]". Bugfix on 0.2.1.5-alpha. + + o Build fixes: + - Provide a substitute implementation of lround() for MSVC, which + apparently lacks it. Patch from Gisle Vanem. + - Clean up some code issues that prevented Tor from building on older + BSDs. Fixes bug 3894; reported by "grarpamp". + - Search for a platform-specific version of "ar" when cross-compiling. + Should fix builds on iOS. Resolves bug 3909, found by Marco Bonetti. + + +Changes in version 0.2.3.3-alpha - 2011-09-01 + Tor 0.2.3.3-alpha adds a new "stream isolation" feature to improve Tor's + security, and provides client-side support for the microdescriptor + and optimistic data features introduced earlier in the 0.2.3.x + series. It also includes numerous critical bugfixes in the (optional) + bufferevent-based networking backend. + + o Major features (stream isolation): + - You can now configure Tor so that streams from different + applications are isolated on different circuits, to prevent an + attacker who sees your streams as they leave an exit node from + linking your sessions to one another. To do this, choose some way + to distinguish the applications: have them connect to different + SocksPorts, or have one of them use SOCKS4 while the other uses + SOCKS5, or have them pass different authentication strings to the + SOCKS proxy. Then, use the new SocksPort syntax to configure the + degree of isolation you need. This implements Proposal 171. + - There's a new syntax for specifying multiple client ports (such as + SOCKSPort, TransPort, DNSPort, NATDPort): you can now just declare + multiple *Port entries with full addr:port syntax on each. + The old *ListenAddress format is still supported, but you can't + mix it with the new *Port syntax. + + o Major features (other): + - Enable microdescriptor fetching by default for clients. This allows + clients to download a much smaller amount of directory information. + To disable it (and go back to the old-style consensus and + descriptors), set "UseMicrodescriptors 0" in your torrc file. + - Tor's firewall-helper feature, introduced in 0.2.3.1-alpha (see the + "PortForwarding" config option), now supports Windows. + - When using an exit relay running 0.2.3.x, clients can now + "optimistically" send data before the exit relay reports that + the stream has opened. This saves a round trip when starting + connections where the client speaks first (such as web browsing). + This behavior is controlled by a consensus parameter (currently + disabled). To turn it on or off manually, use the "OptimisticData" + torrc option. Implements proposal 181; code by Ian Goldberg. + + o Major bugfixes (bufferevents, fixes on 0.2.3.1-alpha): + - When using IOCP on Windows, we need to enable Libevent windows + threading support. + - The IOCP backend now works even when the user has not specified + the (internal, debugging-only) _UseFilteringSSLBufferevents option. + Fixes part of bug 3752. + - Correctly record the bytes we've read and written when using + bufferevents, so that we can include them in our bandwidth history + and advertised bandwidth. Fixes bug 3803. + - Apply rate-limiting only at the bottom of a chain of filtering + bufferevents. This prevents us from filling up internal read + buffers and violating rate-limits when filtering bufferevents + are enabled. Fixes part of bug 3804. + - Add high-watermarks to the output buffers for filtered + bufferevents. This prevents us from filling up internal write + buffers and wasting CPU cycles when filtering bufferevents are + enabled. Fixes part of bug 3804. + - Correctly notice when data has been written from a bufferevent + without flushing it completely. Fixes bug 3805. + - Fix a bug where server-side tunneled bufferevent-based directory + streams would get closed prematurely. Fixes bug 3814. + - Fix a use-after-free error with per-connection rate-limiting + buckets. Fixes bug 3888. + + o Major bugfixes (also part of 0.2.2.31-rc): + - If we're configured to write our ControlPorts to disk, only write + them after switching UID and creating the data directory. This way, + we don't fail when starting up with a nonexistent DataDirectory + and a ControlPortWriteToFile setting based on that directory. Fixes + bug 3747; bugfix on Tor 0.2.2.26-beta. + + o Minor features: + - Added a new CONF_CHANGED event so that controllers can be notified + of any configuration changes made by other controllers, or by the + user. Implements ticket 1692. + - Use evbuffer_copyout() in inspect_evbuffer(). This fixes a memory + leak when using bufferevents, and lets Libevent worry about how to + best copy data out of a buffer. + - Replace files in stats/ rather than appending to them. Now that we + include statistics in extra-info descriptors, it makes no sense to + keep old statistics forever. Implements ticket 2930. + + o Minor features (build compatibility): + - Limited, experimental support for building with nmake and MSVC. + - Provide a substitute implementation of lround() for MSVC, which + apparently lacks it. Patch from Gisle Vanem. + + o Minor features (also part of 0.2.2.31-rc): + - Update to the August 2 2011 Maxmind GeoLite Country database. + + o Minor bugfixes (on 0.2.3.x-alpha): + - Fix a spurious warning when parsing SOCKS requests with + bufferevents enabled. Fixes bug 3615; bugfix on 0.2.3.2-alpha. + - Get rid of a harmless warning that could happen on relays running + with bufferevents. The warning was caused by someone doing an http + request to a relay's orport. Also don't warn for a few related + non-errors. Fixes bug 3700; bugfix on 0.2.3.1-alpha. + + o Minor bugfixes (on 2.2.x and earlier): + - Correct the man page to explain that HashedControlPassword and + CookieAuthentication can both be set, in which case either method + is sufficient to authenticate to Tor. Bugfix on 0.2.0.7-alpha, + when we decided to allow these config options to both be set. Issue + raised by bug 3898. + - The "--quiet" and "--hush" options now apply not only to Tor's + behavior before logs are configured, but also to Tor's behavior in + the absense of configured logs. Fixes bug 3550; bugfix on + 0.2.0.10-alpha. + + o Minor bugfixes (also part of 0.2.2.31-rc): + - Write several files in text mode, on OSes that distinguish text + mode from binary mode (namely, Windows). These files are: + 'buffer-stats', 'dirreq-stats', and 'entry-stats' on relays + that collect those statistics; 'client_keys' and 'hostname' for + hidden services that use authentication; and (in the tor-gencert + utility) newly generated identity and signing keys. Previously, + we wouldn't specify text mode or binary mode, leading to an + assertion failure. Fixes bug 3607. Bugfix on 0.2.1.1-alpha (when + the DirRecordUsageByCountry option which would have triggered + the assertion failure was added), although this assertion failure + would have occurred in tor-gencert on Windows in 0.2.0.1-alpha. + - Selectively disable deprecation warnings on OS X because Lion + started deprecating the shipped copy of openssl. Fixes bug 3643. + - Remove an extra pair of quotation marks around the error + message in control-port STATUS_GENERAL BUG events. Bugfix on + 0.1.2.6-alpha; fixes bug 3732. + - When unable to format an address as a string, report its value + as "???" rather than reusing the last formatted address. Bugfix + on 0.2.1.5-alpha. + + o Code simplifications and refactoring: + - Rewrite the listener-selection logic so that parsing which ports + we want to listen on is now separate from binding to the ports + we want. + + o Build changes: + - Building Tor with bufferevent support now requires Libevent + 2.0.13-stable or later. Previous versions of Libevent had bugs in + SSL-related bufferevents and related issues that would make Tor + work badly with bufferevents. Requiring 2.0.13-stable also allows + Tor with bufferevents to take advantage of Libevent APIs + introduced after 2.0.8-rc. + + +Changes in version 0.2.2.32 - 2011-08-27 + The Tor 0.2.2 release series is dedicated to the memory of Andreas + Pfitzmann (1958-2010), a pioneer in anonymity and privacy research, + a founder of the PETS community, a leader in our field, a mentor, + and a friend. He left us with these words: "I had the possibility + to contribute to this world that is not as it should be. I hope I + could help in some areas to make the world a better place, and that + I could also encourage other people to be engaged in improving the + world. Please, stay engaged. This world needs you, your love, your + initiative -- now I cannot be part of that anymore." + + Tor 0.2.2.32, the first stable release in the 0.2.2 branch, is finally + ready. More than two years in the making, this release features improved + client performance and hidden service reliability, better compatibility + for Android, correct behavior for bridges that listen on more than + one address, more extensible and flexible directory object handling, + better reporting of network statistics, improved code security, and + many many other features and bugfixes. + + +Changes in version 0.2.2.31-rc - 2011-08-17 + Tor 0.2.2.31-rc is the second and hopefully final release candidate + for the Tor 0.2.2.x series. + + o Major bugfixes: + - Remove an extra pair of quotation marks around the error + message in control-port STATUS_GENERAL BUG events. Bugfix on + 0.1.2.6-alpha; fixes bug 3732. + - If we're configured to write our ControlPorts to disk, only write + them after switching UID and creating the data directory. This way, + we don't fail when starting up with a nonexistent DataDirectory + and a ControlPortWriteToFile setting based on that directory. Fixes + bug 3747; bugfix on Tor 0.2.2.26-beta. + + o Minor features: + - Update to the August 2 2011 Maxmind GeoLite Country database. + + o Minor bugfixes: + - Allow GETINFO fingerprint to return a fingerprint even when + we have not yet built a router descriptor. Fixes bug 3577; + bugfix on 0.2.0.1-alpha. + - Write several files in text mode, on OSes that distinguish text + mode from binary mode (namely, Windows). These files are: + 'buffer-stats', 'dirreq-stats', and 'entry-stats' on relays + that collect those statistics; 'client_keys' and 'hostname' for + hidden services that use authentication; and (in the tor-gencert + utility) newly generated identity and signing keys. Previously, + we wouldn't specify text mode or binary mode, leading to an + assertion failure. Fixes bug 3607. Bugfix on 0.2.1.1-alpha (when + the DirRecordUsageByCountry option which would have triggered + the assertion failure was added), although this assertion failure + would have occurred in tor-gencert on Windows in 0.2.0.1-alpha. + - Selectively disable deprecation warnings on OS X because Lion + started deprecating the shipped copy of openssl. Fixes bug 3643. + - When unable to format an address as a string, report its value + as "???" rather than reusing the last formatted address. Bugfix + on 0.2.1.5-alpha. + + +Changes in version 0.2.3.2-alpha - 2011-07-18 + Tor 0.2.3.2-alpha introduces two new experimental features: + microdescriptors and pluggable transports. It also continues cleaning + up a variety of recently introduced features. + + o Major features: + - Clients can now use microdescriptors instead of regular descriptors + to build circuits. Microdescriptors are authority-generated + summaries of regular descriptors' contents, designed to change + very rarely (see proposal 158 for details). This feature is + designed to save bandwidth, especially for clients on slow internet + connections. It's off by default for now, since nearly no caches + support it, but it will be on-by-default for clients in a future + version. You can use the UseMicrodescriptors option to turn it on. + - Tor clients using bridges can now be configured to use a separate + 'transport' proxy for each bridge. This approach helps to resist + censorship by allowing bridges to use protocol obfuscation + plugins. It implements part of proposal 180. Implements ticket 2841. + - While we're trying to bootstrap, record how many TLS connections + fail in each state, and report which states saw the most failures + in response to any bootstrap failures. This feature may speed up + diagnosis of censorship events. Implements ticket 3116. + + o Major bugfixes (on 0.2.3.1-alpha): + - When configuring a large set of nodes in EntryNodes (as with + 'EntryNodes {cc}' or 'EntryNodes 1.1.1.1/16'), choose only a + random subset to be guards, and choose them in random + order. Fixes bug 2798. + - Tor could crash when remembering a consensus in a non-used consensus + flavor without having a current consensus set. Fixes bug 3361. + - Comparing an unknown address to a microdescriptor's shortened exit + policy would always give a "rejected" result. Fixes bug 3599. + - Using microdescriptors as a client no longer prevents Tor from + uploading and downloading hidden service descriptors. Fixes + bug 3601. + + o Minor features: + - Allow nameservers with IPv6 address. Resolves bug 2574. + - Accept attempts to include a password authenticator in the + handshake, as supported by SOCKS5. This handles SOCKS clients that + don't know how to omit a password when authenticating. Resolves + bug 1666. + - When configuring a large set of nodes in EntryNodes, and there are + enough of them listed as Guard so that we don't need to consider + the non-guard entries, prefer the ones listed with the Guard flag. + - Check for and recover from inconsistency in the microdescriptor + cache. This will make it harder for us to accidentally free a + microdescriptor without removing it from the appropriate data + structures. Fixes issue 3135; issue noted by "wanoskarnet". + - Log SSL state transitions at log level DEBUG, log domain + HANDSHAKE. This can be useful for debugging censorship events. + Implements ticket 3264. + - Add port 6523 (Gobby) to LongLivedPorts. Patch by intrigeri; + implements ticket 3439. + + o Minor bugfixes (on 0.2.3.1-alpha): + - Do not free all general-purpose regular descriptors just + because microdescriptor use is enabled. Fixes bug 3113. + - Correctly link libevent_openssl when --enable-static-libevent + is passed to configure. Fixes bug 3118. + - Bridges should not complain during their heartbeat log messages that + they are unlisted in the consensus: that's more or less the point + of being a bridge. Fixes bug 3183. + - Report a SIGNAL event to controllers when acting on a delayed + SIGNAL NEWNYM command. Previously, we would report a SIGNAL + event to the controller if we acted on a SIGNAL NEWNYM command + immediately, and otherwise not report a SIGNAL event for the + command at all. Fixes bug 3349. + - Fix a crash when handling the SIGNAL controller command or + reporting ERR-level status events with bufferevents enabled. Found + by Robert Ransom. Fixes bug 3367. + - Always ship the tor-fw-helper manpage in our release tarballs. + Fixes bug 3389. Reported by Stephen Walker. + - Fix a class of double-mark-for-close bugs when bufferevents + are enabled. Fixes bug 3403. + - Update tor-fw-helper to support libnatpmp-20110618. Fixes bug 3434. + - Add SIGNAL to the list returned by the 'GETINFO events/names' + control-port command. Fixes part of bug 3465. + - Prevent using negative indices during unit test runs when read_all() + fails. Spotted by coverity. + - Fix a rare memory leak when checking the nodelist without it being + present. Found by coverity. + - Only try to download a microdescriptor-flavored consensus from + a directory cache that provides them. + + o Minor bugfixes (on 0.2.2.x and earlier): + - Assert that hidden-service-related operations are not performed + using single-hop circuits. Previously, Tor would assert that + client-side streams are not attached to single-hop circuits, + but not that other sensitive operations on the client and service + side are not performed using single-hop circuits. Fixes bug 3332; + bugfix on 0.0.6. + - Don't publish a new relay descriptor when we reload our onion key, + unless the onion key has actually changed. Fixes bug 3263 and + resolves another cause of bug 1810. Bugfix on 0.1.1.11-alpha. + - Allow GETINFO fingerprint to return a fingerprint even when + we have not yet built a router descriptor. Fixes bug 3577; + bugfix on 0.2.0.1-alpha. + - Make 'tor --digests' list hashes of all Tor source files. Bugfix + on 0.2.2.4-alpha; fixes bug 3427. + + o Code simplification and refactoring: + - Use tor_sscanf() in place of scanf() in more places through the + code. This makes us a little more locale-independent, and + should help shut up code-analysis tools that can't tell + a safe sscanf string from a dangerous one. + - Use tt_assert(), not tor_assert(), for checking for test failures. + This makes the unit tests more able to go on in the event that + one of them fails. + - Split connection_about_to_close() into separate functions for each + connection type. + + o Build changes: + - On Windows, we now define the _WIN32_WINNT macros only if they + are not already defined. This lets the person building Tor decide, + if they want, to require a later version of Windows. + + +Changes in version 0.2.2.30-rc - 2011-07-07 + Tor 0.2.2.30-rc is the first release candidate for the Tor 0.2.2.x + series. It fixes a few smaller bugs, but generally appears stable. + Please test it and let us know whether it is! + + o Minor bugfixes: + - Send a SUCCEEDED stream event to the controller when a reverse + resolve succeeded. Fixes bug 3536; bugfix on 0.0.8pre1. Issue + discovered by katmagic. + - Always NUL-terminate the sun_path field of a sockaddr_un before + passing it to the kernel. (Not a security issue: kernels are + smart enough to reject bad sockaddr_uns.) Found by Coverity; + CID #428. Bugfix on Tor 0.2.0.3-alpha. + - Don't stack-allocate the list of supplementary GIDs when we're + about to log them. Stack-allocating NGROUPS_MAX gid_t elements + could take up to 256K, which is way too much stack. Found by + Coverity; CID #450. Bugfix on 0.2.1.7-alpha. + - Add BUILDTIMEOUT_SET to the list returned by the 'GETINFO + events/names' control-port command. Bugfix on 0.2.2.9-alpha; + fixes part of bug 3465. + - Fix a memory leak when receiving a descriptor for a hidden + service we didn't ask for. Found by Coverity; CID #30. Bugfix + on 0.2.2.26-beta. + + o Minor features: + - Update to the July 1 2011 Maxmind GeoLite Country database. + + +Changes in version 0.2.2.29-beta - 2011-06-20 + Tor 0.2.2.29-beta reverts an accidental behavior change for users who + have bridge lines in their torrc but don't want to use them; gets + us closer to having the control socket feature working on Debian; + and fixes a variety of smaller bugs. + + o Major bugfixes: + - Revert the UseBridges option to its behavior before 0.2.2.28-beta. + When we changed the default behavior to "use bridges if any + are listed in the torrc", we surprised users who had bridges + in their torrc files but who didn't actually want to use them. + Partial resolution for bug 3354. + + o Privacy fixes: + - Don't attach new streams to old rendezvous circuits after SIGNAL + NEWNYM. Previously, we would keep using an existing rendezvous + circuit if it remained open (i.e. if it were kept open by a + long-lived stream, or if a new stream were attached to it before + Tor could notice that it was old and no longer in use). Bugfix on + 0.1.1.15-rc; fixes bug 3375. + + o Minor bugfixes: + - Fix a bug when using ControlSocketsGroupWritable with User. The + directory's group would be checked against the current group, not + the configured group. Patch by Jérémy Bobbio. Fixes bug 3393; + bugfix on 0.2.2.26-beta. + - Make connection_printf_to_buf()'s behaviour sane. Its callers + expect it to emit a CRLF iff the format string ends with CRLF; + it actually emitted a CRLF iff (a) the format string ended with + CRLF or (b) the resulting string was over 1023 characters long or + (c) the format string did not end with CRLF *and* the resulting + string was 1021 characters long or longer. Bugfix on 0.1.1.9-alpha; + fixes part of bug 3407. + - Make send_control_event_impl()'s behaviour sane. Its callers + expect it to always emit a CRLF at the end of the string; it + might have emitted extra control characters as well. Bugfix on + 0.1.1.9-alpha; fixes another part of bug 3407. + - Make crypto_rand_int() check the value of its input correctly. + Previously, it accepted values up to UINT_MAX, but could return a + negative number if given a value above INT_MAX+1. Found by George + Kadianakis. Fixes bug 3306; bugfix on 0.2.2pre14. + - Avoid a segfault when reading a malformed circuit build state + with more than INT_MAX entries. Found by wanoskarnet. Bugfix on + 0.2.2.4-alpha. + - When asked about a DNS record type we don't support via a + client DNSPort, reply with NOTIMPL rather than an empty + reply. Patch by intrigeri. Fixes bug 3369; bugfix on 2.0.1-alpha. + - Fix a rare memory leak during stats writing. Found by coverity. + + o Minor features: + - Update to the June 1 2011 Maxmind GeoLite Country database. + + o Code simplifications and refactoring: + - Remove some dead code as indicated by coverity. + - Remove a few dead assignments during router parsing. Found by + coverity. + - Add some forgotten return value checks during unit tests. Found + by coverity. + - Don't use 1-bit wide signed bit fields. Found by coverity. + + +Changes in version 0.2.2.28-beta - 2011-06-04 + Tor 0.2.2.28-beta makes great progress towards a new stable release: we + fixed a big bug in whether relays stay in the consensus consistently, + we moved closer to handling bridges and hidden services correctly, + and we started the process of better handling the dreaded "my Vidalia + died, and now my Tor demands a password when I try to reconnect to it" + usability issue. + + o Major bugfixes: + - Don't decide to make a new descriptor when receiving a HUP signal. + This bug has caused a lot of 0.2.2.x relays to disappear from the + consensus periodically. Fixes the most common case of triggering + bug 1810; bugfix on 0.2.2.7-alpha. + - Actually allow nameservers with IPv6 addresses. Fixes bug 2574. + - Don't try to build descriptors if "ORPort auto" is set and we + don't know our actual ORPort yet. Fix for bug 3216; bugfix on + 0.2.2.26-beta. + - Resolve a crash that occurred when setting BridgeRelay to 1 with + accounting enabled. Fixes bug 3228; bugfix on 0.2.2.18-alpha. + - Apply circuit timeouts to opened hidden-service-related circuits + based on the correct start time. Previously, we would apply the + circuit build timeout based on time since the circuit's creation; + it was supposed to be applied based on time since the circuit + entered its current state. Bugfix on 0.0.6; fixes part of bug 1297. + - Use the same circuit timeout for client-side introduction + circuits as for other four-hop circuits, rather than the timeout + for single-hop directory-fetch circuits; the shorter timeout may + have been appropriate with the static circuit build timeout in + 0.2.1.x and earlier, but caused many hidden service access attempts + to fail with the adaptive CBT introduced in 0.2.2.2-alpha. Bugfix + on 0.2.2.2-alpha; fixes another part of bug 1297. + - In ticket 2511 we fixed a case where you could use an unconfigured + bridge if you had configured it as a bridge the last time you ran + Tor. Now fix another edge case: if you had configured it as a bridge + but then switched to a different bridge via the controller, you + would still be willing to use the old one. Bugfix on 0.2.0.1-alpha; + fixes bug 3321. + + o Major features: + - Add an __OwningControllerProcess configuration option and a + TAKEOWNERSHIP control-port command. Now a Tor controller can ensure + that when it exits, Tor will shut down. Implements feature 3049. + - If "UseBridges 1" is set and no bridges are configured, Tor will + now refuse to build any circuits until some bridges are set. + If "UseBridges auto" is set, Tor will use bridges if they are + configured and we are not running as a server, but otherwise will + make circuits as usual. The new default is "auto". Patch by anonym, + so the Tails LiveCD can stop automatically revealing you as a Tor + user on startup. + + o Minor bugfixes: + - Fix warnings from GCC 4.6's "-Wunused-but-set-variable" option. + - Remove a trailing asterisk from "exit-policy/default" in the + output of the control port command "GETINFO info/names". Bugfix + on 0.1.2.5-alpha. + - Use a wide type to hold sockets when built for 64-bit Windows builds. + Fixes bug 3270. + - Warn when the user configures two HiddenServiceDir lines that point + to the same directory. Bugfix on 0.0.6 (the version introducing + HiddenServiceDir); fixes bug 3289. + - Remove dead code from rend_cache_lookup_v2_desc_as_dir. Fixes + part of bug 2748; bugfix on 0.2.0.10-alpha. + - Log malformed requests for rendezvous descriptors as protocol + warnings, not warnings. Also, use a more informative log message + in case someone sees it at log level warning without prior + info-level messages. Fixes the other part of bug 2748; bugfix + on 0.2.0.10-alpha. + - Clear the table recording the time of the last request for each + hidden service descriptor from each HS directory on SIGNAL NEWNYM. + Previously, we would clear our HS descriptor cache on SIGNAL + NEWNYM, but if we had previously retrieved a descriptor (or tried + to) from every directory responsible for it, we would refuse to + fetch it again for up to 15 minutes. Bugfix on 0.2.2.25-alpha; + fixes bug 3309. + - Fix a log message that said "bits" while displaying a value in + bytes. Found by wanoskarnet. Fixes bug 3318; bugfix on + 0.2.0.1-alpha. + - When checking for 1024-bit keys, check for 1024 bits, not 128 + bytes. This allows Tor to correctly discard keys of length 1017 + through 1023. Bugfix on 0.0.9pre5. + + o Minor features: + - Relays now log the reason for publishing a new relay descriptor, + so we have a better chance of hunting down instances of bug 1810. + Resolves ticket 3252. + - Revise most log messages that refer to nodes by nickname to + instead use the "$key=nickname at address" format. This should be + more useful, especially since nicknames are less and less likely + to be unique. Resolves ticket 3045. + - Log (at info level) when purging pieces of hidden-service-client + state because of SIGNAL NEWNYM. + + o Removed options: + - Remove undocumented option "-F" from tor-resolve: it hasn't done + anything since 0.2.1.16-rc. + + +Changes in version 0.2.2.27-beta - 2011-05-18 + Tor 0.2.2.27-beta fixes a bridge-related stability bug in the previous + release, and also adds a few more general bugfixes. + + o Major bugfixes: + - Fix a crash bug when changing bridges in a running Tor process. + Fixes bug 3213; bugfix on 0.2.2.26-beta. + - When the controller configures a new bridge, don't wait 10 to 60 + seconds before trying to fetch its descriptor. Bugfix on + 0.2.0.3-alpha; fixes bug 3198 (suggested by 2355). + + o Minor bugfixes: + - Require that onion keys have exponent 65537 in microdescriptors too. + Fixes more of bug 3207; bugfix on 0.2.2.26-beta. + - Tor used to limit HttpProxyAuthenticator values to 48 characters. + Changed the limit to 512 characters by removing base64 newlines. + Fixes bug 2752. Fix by Michael Yakubovich. + - When a client starts or stops using bridges, never use a circuit + that was built before the configuration change. This behavior could + put at risk a user who uses bridges to ensure that her traffic + only goes to the chosen addresses. Bugfix on 0.2.0.3-alpha; fixes + bug 3200. + + +Changes in version 0.2.2.26-beta - 2011-05-17 + Tor 0.2.2.26-beta fixes a variety of potential privacy problems. It + also introduces a new "socksport auto" approach that should make it + easier to run multiple Tors on the same system, and does a lot of + cleanup to get us closer to a release candidate. + + o Security/privacy fixes: + - Replace all potentially sensitive memory comparison operations + with versions whose runtime does not depend on the data being + compared. This will help resist a class of attacks where an + adversary can use variations in timing information to learn + sensitive data. Fix for one case of bug 3122. (Safe memcmp + implementation by Robert Ransom based partially on code by DJB.) + - When receiving a hidden service descriptor, check that it is for + the hidden service we wanted. Previously, Tor would store any + hidden service descriptors that a directory gave it, whether it + wanted them or not. This wouldn't have let an attacker impersonate + a hidden service, but it did let directories pre-seed a client + with descriptors that it didn't want. Bugfix on 0.0.6. + - On SIGHUP, do not clear out all TrackHostExits mappings, client + DNS cache entries, and virtual address mappings: that's what + NEWNYM is for. Fixes bug 1345; bugfix on 0.1.0.1-rc. + + o Major features: + - The options SocksPort, ControlPort, and so on now all accept a + value "auto" that opens a socket on an OS-selected port. A + new ControlPortWriteToFile option tells Tor to write its + actual control port or ports to a chosen file. If the option + ControlPortFileGroupReadable is set, the file is created as + group-readable. Now users can run two Tor clients on the same + system without needing to manually mess with parameters. Resolves + part of ticket 3076. + - Set SO_REUSEADDR on all sockets, not just listeners. This should + help busy exit nodes avoid running out of useable ports just + because all the ports have been used in the near past. Resolves + issue 2850. + + o Minor features: + - New "GETINFO net/listeners/(type)" controller command to return + a list of addresses and ports that are bound for listeners for a + given connection type. This is useful when the user has configured + "SocksPort auto" and the controller needs to know which port got + chosen. Resolves another part of ticket 3076. + - Add a new ControlSocketsGroupWritable configuration option: when + it is turned on, ControlSockets are group-writeable by the default + group of the current user. Patch by Jérémy Bobbio; implements + ticket 2972. + - Tor now refuses to create a ControlSocket in a directory that is + world-readable (or group-readable if ControlSocketsGroupWritable + is 0). This is necessary because some operating systems do not + enforce permissions on an AF_UNIX sockets. Permissions on the + directory holding the socket, however, seems to work everywhere. + - Rate-limit a warning about failures to download v2 networkstatus + documents. Resolves part of bug 1352. + - Backport code from 0.2.3.x that allows directory authorities to + clean their microdescriptor caches. Needed to resolve bug 2230. + - When an HTTPS proxy reports "403 Forbidden", we now explain + what it means rather than calling it an unexpected status code. + Closes bug 2503. Patch from Michael Yakubovich. + - Update to the May 1 2011 Maxmind GeoLite Country database. + + o Minor bugfixes: + - Authorities now clean their microdesc cache periodically and when + reading from disk initially, not only when adding new descriptors. + This prevents a bug where we could lose microdescriptors. Bugfix + on 0.2.2.6-alpha. Fixes bug 2230. + - Do not crash when our configuration file becomes unreadable, for + example due to a permissions change, between when we start up + and when a controller calls SAVECONF. Fixes bug 3135; bugfix + on 0.0.9pre6. + - Avoid a bug that would keep us from replacing a microdescriptor + cache on Windows. (We would try to replace the file while still + holding it open. That's fine on Unix, but Windows doesn't let us + do that.) Bugfix on 0.2.2.6-alpha; bug found by wanoskarnet. + - Add missing explanations for the authority-related torrc options + RephistTrackTime, BridgePassword, and V3AuthUseLegacyKey in the + man page. Resolves issue 2379. + - As an authority, do not upload our own vote or signature set to + ourself. It would tell us nothing new, and as of 0.2.2.24-alpha, + it would get flagged as a duplicate. Resolves bug 3026. + - Accept hidden service descriptors if we think we might be a hidden + service directory, regardless of what our consensus says. This + helps robustness, since clients and hidden services can sometimes + have a more up-to-date view of the network consensus than we do, + and if they think that the directory authorities list us a HSDir, + we might actually be one. Related to bug 2732; bugfix on + 0.2.0.10-alpha. + - When a controller changes TrackHostExits, remove mappings for + hosts that should no longer have their exits tracked. Bugfix on + 0.1.0.1-rc. + - When a controller changes VirtualAddrNetwork, remove any mappings + for hosts that were automapped to the old network. Bugfix on + 0.1.1.19-rc. + - When a controller changes one of the AutomapHosts* options, remove + any mappings for hosts that should no longer be automapped. Bugfix + on 0.2.0.1-alpha. + - Do not reset the bridge descriptor download status every time we + re-parse our configuration or get a configuration change. Fixes + bug 3019; bugfix on 0.2.0.3-alpha. + + o Minor bugfixes (code cleanup): + - When loading the microdesc journal, remember its current size. + In 0.2.2, this helps prevent the microdesc journal from growing + without limit on authorities (who are the only ones to use it in + 0.2.2). Fixes a part of bug 2230; bugfix on 0.2.2.6-alpha. + Fix posted by "cypherpunks." + - The microdesc journal is supposed to get rebuilt only if it is + at least _half_ the length of the store, not _twice_ the length + of the store. Bugfix on 0.2.2.6-alpha; fixes part of bug 2230. + - Fix a potential null-pointer dereference while computing a + consensus. Bugfix on tor-0.2.0.3-alpha, found with the help of + clang's analyzer. + - Avoid a possible null-pointer dereference when rebuilding the mdesc + cache without actually having any descriptors to cache. Bugfix on + 0.2.2.6-alpha. Issue discovered using clang's static analyzer. + - If we fail to compute the identity digest of a v3 legacy keypair, + warn, and don't use a buffer-full of junk instead. Bugfix on + 0.2.1.1-alpha; fixes bug 3106. + - Resolve an untriggerable issue in smartlist_string_num_isin(), + where if the function had ever in the future been used to check + for the presence of a too-large number, it would have given an + incorrect result. (Fortunately, we only used it for 16-bit + values.) Fixes bug 3175; bugfix on 0.1.0.1-rc. + - Require that introduction point keys and onion handshake keys + have a public exponent of 65537. Starts to fix bug 3207; bugfix + on 0.2.0.10-alpha. + + o Removed features: + - Caches no longer download and serve v2 networkstatus documents + unless FetchV2Networkstatus flag is set: these documents haven't + haven't been used by clients or relays since 0.2.0.x. Resolves + bug 3022. + + +Changes in version 0.2.3.1-alpha - 2011-05-05 + Tor 0.2.3.1-alpha adds some new experimental features, including support + for an improved network IO backend, IOCP networking on Windows, + microdescriptor caching, "fast-start" support for streams, and automatic + home router configuration. There are also numerous internal improvements + to try to make the code easier for developers to work with. + + This is the first alpha release in a new series, so expect there to be + bugs. Users who would rather test out a more stable branch should + stay with 0.2.2.x for now. + + o Major features: + - Tor can now optionally build with the "bufferevents" buffered IO + backend provided by Libevent 2. To use this feature, make sure you + have the latest possible version of Libevent, and pass the + --enable-bufferevents flag to configure when building Tor from + source. This feature will make our networking code more flexible, + let us stack layers on each other, and let us use more efficient + zero-copy transports where available. + - As an experimental feature, Tor can use IOCP for networking on Windows. + Once this code is tuned and optimized, it promises much better + performance than the select-based backend we've used in the past. To + try this feature, you must build Tor with Libevent 2, configure Tor + with the "bufferevents" buffered IO backend, and add "DisableIOCP 0" to + your torrc. There are known bugs here: only try this if you can help + debug it as it breaks. + - The EntryNodes option can now include country codes like {de} or IP + addresses or network masks. Previously we had disallowed these options + because we didn't have an efficient way to keep the list up to + date. Fixes bug 1982, but see bug 2798 for an unresolved issue here. + - Exit nodes now accept and queue data on not-yet-connected streams. + Previously, the client wasn't allowed to send data until the stream was + connected, which slowed down all connections. This change will enable + clients to perform a "fast-start" on streams and send data without + having to wait for a confirmation that the stream has opened. (Patch + from Ian Goldberg; implements the server side of Proposal 174.) + - Tor now has initial support for automatic port mapping on the many + home routers that support NAT-PMP or UPnP. (Not yet supported on + Windows). To build the support code, you'll need to have libnatpnp + library and/or the libminiupnpc library, and you'll need to enable the + feature specifically by passing "--enable-upnp" and/or + "--enable-natpnp" to configure. To turn it on, use the new + PortForwarding option. + - Caches now download, cache, and serve multiple "flavors" of the + consensus, including a flavor that describes microdescriptors. + - Caches now download, cache, and serve microdescriptors -- small + summaries of router descriptors that are authenticated by all of the + directory authorities. Once enough caches are running this code, + clients will be able to save significant amounts of directory bandwidth + by downloading microdescriptors instead of router descriptors. + + o Minor features: + - Make logging resolution configurable with a new LogTimeGranularity + option, and change the default from 1 millisecond to 1 second. + Implements enhancement 1668. + - We log which torrc file we're using on startup. Implements ticket + 2444. + - Ordinarily, Tor does not count traffic from private addresses (like + 127.0.0.1 or 10.0.0.1) when calculating rate limits or accounting. + There is now a new option, CountPrivateBandwidth, to disable this + behavior. Patch from Daniel Cagara. + - New --enable-static-tor configure option for building Tor as + statically as possible. Idea, general hackery and thoughts from + Alexei Czeskis, John Gilmore, Jacob Appelbaum. Implements ticket + 2702. + - If you set the NumCPUs option to 0, Tor will now try to detect how + many CPUs you have. This is the new default behavior. + - Turn on directory request statistics by default and include them in + extra-info descriptors. Don't break if we have no GeoIP database. + - Relays that set "ConnDirectionStatistics 1" write statistics on the + bidirectional use of connections to disk every 24 hours. + - Add a GeoIP file digest to the extra-info descriptor. Implements + enhancement 1883. + - The NodeFamily option -- which let you declare that you want to + consider nodes to be part of a family whether they list themselves + that way or not -- now allows IP address ranges and country codes. + - Add a new 'Heartbeat' log message type to periodically log a message + describing Tor's status at level Notice. This feature is meant for + operators who log at notice, and want to make sure that their Tor + server is still working. Implementation by George Kadianakis. + + o Minor bugfixes (on 0.2.2.25-alpha): + - When loading the microdesc journal, remember its current size. + In 0.2.2, this helps prevent the microdesc journal from growing + without limit on authorities (who are the only ones to use it in + 0.2.2). Fixes a part of bug 2230; bugfix on 0.2.2.6-alpha. + Fix posted by "cypherpunks." + - The microdesc journal is supposed to get rebuilt only if it is + at least _half_ the length of the store, not _twice_ the length + of the store. Bugfix on 0.2.2.6-alpha; fixes part of bug 2230. + - If as an authority we fail to compute the identity digest of a v3 + legacy keypair, warn, and don't use a buffer-full of junk instead. + Bugfix on 0.2.1.1-alpha; fixes bug 3106. + - Authorities now clean their microdesc cache periodically and when + reading from disk initially, not only when adding new descriptors. + This prevents a bug where we could lose microdescriptors. Bugfix + on 0.2.2.6-alpha. + + o Minor features (controller): + - Add a new SIGNAL event to the controller interface so that + controllers can be notified when Tor handles a signal. Resolves + issue 1955. Patch by John Brooks. + - Add a new GETINFO option to get total bytes read and written. Patch + from pipe, revised by atagar. Resolves ticket 2345. + - Implement some GETINFO controller fields to provide information about + the Tor process's pid, euid, username, and resource limits. + + o Build changes: + - Our build system requires automake 1.6 or later to create the + Makefile.in files. Previously, you could have used 1.4. + This only affects developers and people building Tor from git; + people who build Tor from the source distribution without changing + the Makefile.am files should be fine. + - Our autogen.sh script uses autoreconf to launch autoconf, automake, and + so on. This is more robust against some of the failure modes + associated with running the autotools pieces on their own. + + o Minor packaging issues: + - On OpenSUSE, create the /var/run/tor directory on startup if it is not + already created. Patch from Andreas Stieger. Fixes bug 2573. + + o Code simplifications and refactoring: + - A major revision to our internal node-selecting and listing logic. + Tor already had at least two major ways to look at the question of + "which Tor servers do we know about": a list of router descriptors, + and a list of entries in the current consensus. With + microdescriptors, we're adding a third. Having so many systems + without an abstraction layer over them was hurting the codebase. + Now, we have a new "node_t" abstraction that presents a consistent + interface to a client's view of a Tor node, and holds (nearly) all + of the mutable state formerly in routerinfo_t and routerstatus_t. + - The helper programs tor-gencert, tor-resolve, and tor-checkkey + no longer link against Libevent: they never used it, but + our library structure used to force them to link it. + + o Removed features: + - Remove some old code to work around even older versions of Tor that + used forked processes to handle DNS requests. Such versions of Tor + are no longer in use as servers. + + o Documentation fixes: + - Correct a broken faq link in the INSTALL file. Fixes bug 2307. + - Add missing documentation for the authority-related torrc options + RephistTrackTime, BridgePassword, and V3AuthUseLegacyKey. Resolves + issue 2379. + + +Changes in version 0.2.2.25-alpha - 2011-04-29 + Tor 0.2.2.25-alpha fixes many bugs: hidden service clients are more + robust, routers no longer overreport their bandwidth, Win7 should crash + a little less, and NEWNYM (as used by Vidalia's "new identity" button) + now prevents hidden service-related activity from being linkable. It + provides more information to Vidalia so you can see if your bridge is + working. Also, 0.2.2.25-alpha revamps the Entry/Exit/ExcludeNodes and + StrictNodes configuration options to make them more reliable, more + understandable, and more regularly applied. If you use those options, + please see the revised documentation for them in the manual page. + + o Major bugfixes: + - Relays were publishing grossly inflated bandwidth values because + they were writing their state files wrong--now they write the + correct value. Also, resume reading bandwidth history from the + state file correctly. Fixes bug 2704; bugfix on 0.2.2.23-alpha. + - Improve hidden service robustness: When we find that we have + extended a hidden service's introduction circuit to a relay not + listed as an introduction point in the HS descriptor we currently + have, retry with an introduction point from the current + descriptor. Previously we would just give up. Fixes bugs 1024 and + 1930; bugfix on 0.2.0.10-alpha. + - Clients now stop trying to use an exit node associated with a given + destination by TrackHostExits if they fail to reach that exit node. + Fixes bug 2999. Bugfix on 0.2.0.20-rc. + - Fix crash bug on platforms where gmtime and localtime can return + NULL. Windows 7 users were running into this one. Fixes part of bug + 2077. Bugfix on all versions of Tor. Found by boboper. + + o Security and stability fixes: + - Don't double-free a parsable, but invalid, microdescriptor, even if + it is followed in the blob we're parsing by an unparsable + microdescriptor. Fixes an issue reported in a comment on bug 2954. + Bugfix on 0.2.2.6-alpha; fix by "cypherpunks". + - If the Nickname configuration option isn't given, Tor would pick a + nickname based on the local hostname as the nickname for a relay. + Because nicknames are not very important in today's Tor and the + "Unnamed" nickname has been implemented, this is now problematic + behavior: It leaks information about the hostname without being + useful at all. Fixes bug 2979; bugfix on 0.1.2.2-alpha, which + introduced the Unnamed nickname. Reported by tagnaq. + - Fix an uncommon assertion failure when running with DNSPort under + heavy load. Fixes bug 2933; bugfix on 0.2.0.1-alpha. + - Avoid linkability based on cached hidden service descriptors: forget + all hidden service descriptors cached as a client when processing a + SIGNAL NEWNYM command. Fixes bug 3000; bugfix on 0.0.6. + + o Major features: + - Export GeoIP information on bridge usage to controllers even if we + have not yet been running for 24 hours. Now Vidalia bridge operators + can get more accurate and immediate feedback about their + contributions to the network. + + o Major features and bugfixes (node selection): + - Revise and reconcile the meaning of the ExitNodes, EntryNodes, + ExcludeEntryNodes, ExcludeExitNodes, ExcludeNodes, and StrictNodes + options. Previously, we had been ambiguous in describing what + counted as an "exit" node, and what operations exactly "StrictNodes + 0" would permit. This created confusion when people saw nodes built + through unexpected circuits, and made it hard to tell real bugs from + surprises. Now the intended behavior is: + . "Exit", in the context of ExitNodes and ExcludeExitNodes, means + a node that delivers user traffic outside the Tor network. + . "Entry", in the context of EntryNodes, means a node used as the + first hop of a multihop circuit. It doesn't include direct + connections to directory servers. + . "ExcludeNodes" applies to all nodes. + . "StrictNodes" changes the behavior of ExcludeNodes only. When + StrictNodes is set, Tor should avoid all nodes listed in + ExcludeNodes, even when it will make user requests fail. When + StrictNodes is *not* set, then Tor should follow ExcludeNodes + whenever it can, except when it must use an excluded node to + perform self-tests, connect to a hidden service, provide a + hidden service, fulfill a .exit request, upload directory + information, or fetch directory information. + Collectively, the changes to implement the behavior fix bug 1090. + - ExcludeNodes now takes precedence over EntryNodes and ExitNodes: if + a node is listed in both, it's treated as excluded. + - ExcludeNodes now applies to directory nodes -- as a preference if + StrictNodes is 0, or an absolute requirement if StrictNodes is 1. + Don't exclude all the directory authorities and set StrictNodes to 1 + unless you really want your Tor to break. + - ExcludeNodes and ExcludeExitNodes now override exit enclaving. + - ExcludeExitNodes now overrides .exit requests. + - We don't use bridges listed in ExcludeNodes. + - When StrictNodes is 1: + . We now apply ExcludeNodes to hidden service introduction points + and to rendezvous points selected by hidden service users. This + can make your hidden service less reliable: use it with caution! + . If we have used ExcludeNodes on ourself, do not try relay + reachability self-tests. + . If we have excluded all the directory authorities, we will not + even try to upload our descriptor if we're a relay. + . Do not honor .exit requests to an excluded node. + - Remove a misfeature that caused us to ignore the Fast/Stable flags + when ExitNodes is set. Bugfix on 0.2.2.7-alpha. + - When the set of permitted nodes changes, we now remove any mappings + introduced via TrackExitHosts to now-excluded nodes. Bugfix on + 0.1.0.1-rc. + - We never cannibalize a circuit that had excluded nodes on it, even + if StrictNodes is 0. Bugfix on 0.1.0.1-rc. + - Revert a change where we would be laxer about attaching streams to + circuits than when building the circuits. This was meant to prevent + a set of bugs where streams were never attachable, but our improved + code here should make this unnecessary. Bugfix on 0.2.2.7-alpha. + - Keep track of how many times we launch a new circuit to handle a + given stream. Too many launches could indicate an inconsistency + between our "launch a circuit to handle this stream" logic and our + "attach this stream to one of the available circuits" logic. + - Improve log messages related to excluded nodes. + + o Minor bugfixes: + - Fix a spurious warning when moving from a short month to a long + month on relays with month-based BandwidthAccounting. Bugfix on + 0.2.2.17-alpha; fixes bug 3020. + - When a client finds that an origin circuit has run out of 16-bit + stream IDs, we now mark it as unusable for new streams. Previously, + we would try to close the entire circuit. Bugfix on 0.0.6. + - Add a forgotten cast that caused a compile warning on OS X 10.6. + Bugfix on 0.2.2.24-alpha. + - Be more careful about reporting the correct error from a failed + connect() system call. Under some circumstances, it was possible to + look at an incorrect value for errno when sending the end reason. + Bugfix on 0.1.0.1-rc. + - Correctly handle an "impossible" overflow cases in connection byte + counting, where we write or read more than 4GB on an edge connection + in a single second. Bugfix on 0.1.2.8-beta. + - Correct the warning displayed when a rendezvous descriptor exceeds + the maximum size. Fixes bug 2750; bugfix on 0.2.1.5-alpha. Found by + John Brooks. + - Clients and hidden services now use HSDir-flagged relays for hidden + service descriptor downloads and uploads even if the relays have no + DirPort set and the client has disabled TunnelDirConns. This will + eventually allow us to give the HSDir flag to relays with no + DirPort. Fixes bug 2722; bugfix on 0.2.1.6-alpha. + - Downgrade "no current certificates known for authority" message from + Notice to Info. Fixes bug 2899; bugfix on 0.2.0.10-alpha. + - Make the SIGNAL DUMP control-port command work on FreeBSD. Fixes bug + 2917. Bugfix on 0.1.1.1-alpha. + - Only limit the lengths of single HS descriptors, even when multiple + HS descriptors are published to an HSDir relay in a single POST + operation. Fixes bug 2948; bugfix on 0.2.1.5-alpha. Found by hsdir. + - Write the current time into the LastWritten line in our state file, + rather than the time from the previous write attempt. Also, stop + trying to use a time of -1 in our log statements. Fixes bug 3039; + bugfix on 0.2.2.14-alpha. + - Be more consistent in our treatment of file system paths. "~" should + get expanded to the user's home directory in the Log config option. + Fixes bug 2971; bugfix on 0.2.0.1-alpha, which introduced the + feature for the -f and --DataDirectory options. + + o Minor features: + - Make sure every relay writes a state file at least every 12 hours. + Previously, a relay could go for weeks without writing its state + file, and on a crash could lose its bandwidth history, capacity + estimates, client country statistics, and so on. Addresses bug 3012. + - Send END_STREAM_REASON_NOROUTE in response to EHOSTUNREACH errors. + Clients before 0.2.1.27 didn't handle NOROUTE correctly, but such + clients are already deprecated because of security bugs. + - Don't allow v0 hidden service authorities to act as clients. + Required by fix for bug 3000. + - Ignore SIGNAL NEWNYM commands on relay-only Tor instances. Required + by fix for bug 3000. + - Ensure that no empty [dirreq-](read|write)-history lines are added + to an extrainfo document. Implements ticket 2497. + + o Code simplification and refactoring: + - Remove workaround code to handle directory responses from servers + that had bug 539 (they would send HTTP status 503 responses _and_ + send a body too). Since only server versions before + 0.2.0.16-alpha/0.1.2.19 were affected, there is no longer reason to + keep the workaround in place. + - Remove the old 'fuzzy time' logic. It was supposed to be used for + handling calculations where we have a known amount of clock skew and + an allowed amount of unknown skew. But we only used it in three + places, and we never adjusted the known/unknown skew values. This is + still something we might want to do someday, but if we do, we'll + want to do it differently. + - Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned. + None of the cases where we did this before were wrong, but by making + this change we avoid warnings. Fixes bug 2475; bugfix on 0.2.1.28. + - Use GetTempDir to find the proper temporary directory location on + Windows when generating temporary files for the unit tests. Patch by + Gisle Vanem. + + +Changes in version 0.2.2.24-alpha - 2011-04-08 + Tor 0.2.2.24-alpha fixes a variety of bugs, including a big bug that + prevented Tor clients from effectively using "multihomed" bridges, + that is, bridges that listen on multiple ports or IP addresses so users + can continue to use some of their addresses even if others get blocked. + + o Major bugfixes: + - Fix a bug where bridge users who configure the non-canonical + address of a bridge automatically switch to its canonical + address. If a bridge listens at more than one address, it should be + able to advertise those addresses independently and any non-blocked + addresses should continue to work. Bugfix on Tor 0.2.0.x. Fixes + bug 2510. + - If you configured Tor to use bridge A, and then quit and + configured Tor to use bridge B instead, it would happily continue + to use bridge A if it's still reachable. While this behavior is + a feature if your goal is connectivity, in some scenarios it's a + dangerous bug. Bugfix on Tor 0.2.0.1-alpha; fixes bug 2511. + - Directory authorities now use data collected from their own + uptime observations when choosing whether to assign the HSDir flag + to relays, instead of trusting the uptime value the relay reports in + its descriptor. This change helps prevent an attack where a small + set of nodes with frequently-changing identity keys can blackhole + a hidden service. (Only authorities need upgrade; others will be + fine once they do.) Bugfix on 0.2.0.10-alpha; fixes bug 2709. + + o Minor bugfixes: + - When we restart our relay, we might get a successful connection + from the outside before we've started our reachability tests, + triggering a warning: "ORPort found reachable, but I have no + routerinfo yet. Failing to inform controller of success." This + bug was harmless unless Tor is running under a controller + like Vidalia, in which case the controller would never get a + REACHABILITY_SUCCEEDED status event. Bugfix on 0.1.2.6-alpha; + fixes bug 1172. + - Make directory authorities more accurate at recording when + relays that have failed several reachability tests became + unreachable, so we can provide more accuracy at assigning Stable, + Guard, HSDir, etc flags. Bugfix on 0.2.0.6-alpha. Resolves bug 2716. + - Fix an issue that prevented static linking of libevent on + some platforms (notably Linux). Fixes bug 2698; bugfix on + versions 0.2.1.23/0.2.2.8-alpha (the versions introducing + the --with-static-libevent configure option). + - We now ask the other side of a stream (the client or the exit) + for more data on that stream when the amount of queued data on + that stream dips low enough. Previously, we wouldn't ask the + other side for more data until either it sent us more data (which + it wasn't supposed to do if it had exhausted its window!) or we + had completely flushed all our queued data. This flow control fix + should improve throughput. Fixes bug 2756; bugfix on the earliest + released versions of Tor (svn commit r152). + - Avoid a double-mark-for-free warning when failing to attach a + transparent proxy connection. (We thought we had fixed this in + 0.2.2.23-alpha, but it turns out our fix was checking the wrong + connection.) Fixes bug 2757; bugfix on 0.1.2.1-alpha (the original + bug) and 0.2.2.23-alpha (the incorrect fix). + - When warning about missing zlib development packages during compile, + give the correct package names. Bugfix on 0.2.0.1-alpha. + + o Minor features: + - Directory authorities now log the source of a rejected POSTed v3 + networkstatus vote. + - Make compilation with clang possible when using + --enable-gcc-warnings by removing two warning options that clang + hasn't implemented yet and by fixing a few warnings. Implements + ticket 2696. + - When expiring circuits, use microsecond timers rather than + one-second timers. This can avoid an unpleasant situation where a + circuit is launched near the end of one second and expired right + near the beginning of the next, and prevent fluctuations in circuit + timeout values. + - Use computed circuit-build timeouts to decide when to launch + parallel introduction circuits for hidden services. (Previously, + we would retry after 15 seconds.) + - Update to the April 1 2011 Maxmind GeoLite Country database. + + o Packaging fixes: + - Create the /var/run/tor directory on startup on OpenSUSE if it is + not already created. Patch from Andreas Stieger. Fixes bug 2573. + + o Documentation changes: + - Modernize the doxygen configuration file slightly. Fixes bug 2707. + - Resolve all doxygen warnings except those for missing documentation. + Fixes bug 2705. + - Add doxygen documentation for more functions, fields, and types. + + +Changes in version 0.2.2.23-alpha - 2011-03-08 + Tor 0.2.2.23-alpha lets relays record their bandwidth history so when + they restart they don't lose their bandwidth capacity estimate. This + release also fixes a diverse set of user-facing bugs, ranging from + relays overrunning their rate limiting to clients falsely warning about + clock skew to bridge descriptor leaks by our bridge directory authority. + + o Major bugfixes: + - Stop sending a CLOCK_SKEW controller status event whenever + we fetch directory information from a relay that has a wrong clock. + Instead, only inform the controller when it's a trusted authority + that claims our clock is wrong. Bugfix on 0.1.2.6-alpha; fixes + the rest of bug 1074. + - Fix an assert in parsing router descriptors containing IPv6 + addresses. This one took down the directory authorities when + somebody tried some experimental code. Bugfix on 0.2.1.3-alpha. + - Make the bridge directory authority refuse to answer directory + requests for "all" descriptors. It used to include bridge + descriptors in its answer, which was a major information leak. + Found by "piebeer". Bugfix on 0.2.0.3-alpha. + - If relays set RelayBandwidthBurst but not RelayBandwidthRate, + Tor would ignore their RelayBandwidthBurst setting, + potentially using more bandwidth than expected. Bugfix on + 0.2.0.1-alpha. Reported by Paul Wouters. Fixes bug 2470. + - Ignore and warn if the user mistakenly sets "PublishServerDescriptor + hidserv" in her torrc. The 'hidserv' argument never controlled + publication of hidden service descriptors. Bugfix on 0.2.0.1-alpha. + + o Major features: + - Relays now save observed peak bandwidth throughput rates to their + state file (along with total usage, which was already saved) + so that they can determine their correct estimated bandwidth on + restart. Resolves bug 1863, where Tor relays would reset their + estimated bandwidth to 0 after restarting. + - Directory authorities now take changes in router IP address and + ORPort into account when determining router stability. Previously, + if a router changed its IP or ORPort, the authorities would not + treat it as having any downtime for the purposes of stability + calculation, whereas clients would experience downtime since the + change could take a while to propagate to them. Resolves issue 1035. + - Enable Address Space Layout Randomization (ASLR) and Data Execution + Prevention (DEP) by default on Windows to make it harder for + attackers to exploit vulnerabilities. Patch from John Brooks. + + o Minor bugfixes (on 0.2.1.x and earlier): + - Fix a rare crash bug that could occur when a client was configured + with a large number of bridges. Fixes bug 2629; bugfix on + 0.2.1.2-alpha. Bugfix by trac user "shitlei". + - Avoid a double mark-for-free warning when failing to attach a + transparent proxy connection. Bugfix on 0.1.2.1-alpha. Fixes + bug 2279. + - Correctly detect failure to allocate an OpenSSL BIO. Fixes bug 2378; + found by "cypherpunks". This bug was introduced before the first + Tor release, in svn commit r110. + - Country codes aren't supported in EntryNodes until 0.2.3.x, so + don't mention them in the manpage. Fixes bug 2450; issue + spotted by keb and G-Lo. + - Fix a bug in bandwidth history state parsing that could have been + triggered if a future version of Tor ever changed the timing + granularity at which bandwidth history is measured. Bugfix on + Tor 0.1.1.11-alpha. + - When a relay decides that its DNS is too broken for it to serve + as an exit server, it advertised itself as a non-exit, but + continued to act as an exit. This could create accidental + partitioning opportunities for users. Instead, if a relay is + going to advertise reject *:* as its exit policy, it should + really act with exit policy "reject *:*". Fixes bug 2366. + Bugfix on Tor 0.1.2.5-alpha. Bugfix by user "postman" on trac. + - In the special case where you configure a public exit relay as your + bridge, Tor would be willing to use that exit relay as the last + hop in your circuit as well. Now we fail that circuit instead. + Bugfix on 0.2.0.12-alpha. Fixes bug 2403. Reported by "piebeer". + - Fix a bug with our locking implementation on Windows that couldn't + correctly detect when a file was already locked. Fixes bug 2504, + bugfix on 0.2.1.6-alpha. + - Fix IPv6-related connect() failures on some platforms (BSD, OS X). + Bugfix on 0.2.0.3-alpha; fixes first part of bug 2660. Patch by + "piebeer". + - Set target port in get_interface_address6() correctly. Bugfix + on 0.1.1.4-alpha and 0.2.0.3-alpha; fixes second part of bug 2660. + - Directory authorities are now more robust to hops back in time + when calculating router stability. Previously, if a run of uptime + or downtime appeared to be negative, the calculation could give + incorrect results. Bugfix on 0.2.0.6-alpha; noticed when fixing + bug 1035. + - Fix an assert that got triggered when using the TestingTorNetwork + configuration option and then issuing a GETINFO config-text control + command. Fixes bug 2250; bugfix on 0.2.1.2-alpha. + + o Minor bugfixes (on 0.2.2.x): + - Clients should not weight BadExit nodes as Exits in their node + selection. Similarly, directory authorities should not count BadExit + bandwidth as Exit bandwidth when computing bandwidth-weights. + Bugfix on 0.2.2.10-alpha; fixes bug 2203. + - Correctly clear our dir_read/dir_write history when there is an + error parsing any bw history value from the state file. Bugfix on + Tor 0.2.2.15-alpha. + - Resolve a bug in verifying signatures of directory objects + with digests longer than SHA1. Bugfix on 0.2.2.20-alpha. + Fixes bug 2409. Found by "piebeer". + - Bridge authorities no longer crash on SIGHUP when they try to + publish their relay descriptor to themselves. Fixes bug 2572. Bugfix + on 0.2.2.22-alpha. + + o Minor features: + - Log less aggressively about circuit timeout changes, and improve + some other circuit timeout messages. Resolves bug 2004. + - Log a little more clearly about the times at which we're no longer + accepting new connections. Resolves bug 2181. + - Reject attempts at the client side to open connections to private + IP addresses (like 127.0.0.1, 10.0.0.1, and so on) with + a randomly chosen exit node. Attempts to do so are always + ill-defined, generally prevented by exit policies, and usually + in error. This will also help to detect loops in transparent + proxy configurations. You can disable this feature by setting + "ClientRejectInternalAddresses 0" in your torrc. + - Always treat failure to allocate an RSA key as an unrecoverable + allocation error. + - Update to the March 1 2011 Maxmind GeoLite Country database. + + o Minor features (log subsystem): + - Add documentation for configuring logging at different severities in + different log domains. We've had this feature since 0.2.1.1-alpha, + but for some reason it never made it into the manpage. Fixes + bug 2215. + - Make it simpler to specify "All log domains except for A and B". + Previously you needed to say "[*,~A,~B]". Now you can just say + "[~A,~B]". + - Add a "LogMessageDomains 1" option to include the domains of log + messages along with the messages. Without this, there's no way + to use log domains without reading the source or doing a lot + of guessing. + + o Packaging changes: + - Stop shipping the Tor specs files and development proposal documents + in the tarball. They are now in a separate git repository at + git://git.torproject.org/torspec.git + + +Changes in version 0.2.1.30 - 2011-02-23 + Tor 0.2.1.30 fixes a variety of less critical bugs. The main other + change is a slight tweak to Tor's TLS handshake that makes relays + and bridges that run this new version reachable from Iran again. + We don't expect this tweak will win the arms race long-term, but it + buys us time until we roll out a better solution. + + o Major bugfixes: + - Stop sending a CLOCK_SKEW controller status event whenever + we fetch directory information from a relay that has a wrong clock. + Instead, only inform the controller when it's a trusted authority + that claims our clock is wrong. Bugfix on 0.1.2.6-alpha; fixes + the rest of bug 1074. + - Fix a bounds-checking error that could allow an attacker to + remotely crash a directory authority. Bugfix on 0.2.1.5-alpha. + Found by "piebeer". + - If relays set RelayBandwidthBurst but not RelayBandwidthRate, + Tor would ignore their RelayBandwidthBurst setting, + potentially using more bandwidth than expected. Bugfix on + 0.2.0.1-alpha. Reported by Paul Wouters. Fixes bug 2470. + - Ignore and warn if the user mistakenly sets "PublishServerDescriptor + hidserv" in her torrc. The 'hidserv' argument never controlled + publication of hidden service descriptors. Bugfix on 0.2.0.1-alpha. + + o Minor features: + - Adjust our TLS Diffie-Hellman parameters to match those used by + Apache's mod_ssl. + - Update to the February 1 2011 Maxmind GeoLite Country database. + + o Minor bugfixes: + - Check for and reject overly long directory certificates and + directory tokens before they have a chance to hit any assertions. + Bugfix on 0.2.1.28. Found by "doorss". + - Bring the logic that gathers routerinfos and assesses the + acceptability of circuits into line. This prevents a Tor OP from + getting locked in a cycle of choosing its local OR as an exit for a + path (due to a .exit request) and then rejecting the circuit because + its OR is not listed yet. It also prevents Tor clients from using an + OR running in the same instance as an exit (due to a .exit request) + if the OR does not meet the same requirements expected of an OR + running elsewhere. Fixes bug 1859; bugfix on 0.1.0.1-rc. + + o Packaging changes: + - Stop shipping the Tor specs files and development proposal documents + in the tarball. They are now in a separate git repository at + git://git.torproject.org/torspec.git + - Do not include Git version tags as though they are SVN tags when + generating a tarball from inside a repository that has switched + between branches. Bugfix on 0.2.1.15-rc; fixes bug 2402. + + +Changes in version 0.2.2.22-alpha - 2011-01-25 + Tor 0.2.2.22-alpha fixes a few more less-critical security issues. The + main other change is a slight tweak to Tor's TLS handshake that makes + relays and bridges that run this new version reachable from Iran again. + We don't expect this tweak will win the arms race long-term, but it + will buy us a bit more time until we roll out a better solution. + + o Major bugfixes: + - Fix a bounds-checking error that could allow an attacker to + remotely crash a directory authority. Bugfix on 0.2.1.5-alpha. + Found by "piebeer". + - Don't assert when changing from bridge to relay or vice versa + via the controller. The assert happened because we didn't properly + initialize our keys in this case. Bugfix on 0.2.2.18-alpha; fixes + bug 2433. Reported by bastik. + + o Minor features: + - Adjust our TLS Diffie-Hellman parameters to match those used by + Apache's mod_ssl. + - Provide a log message stating which geoip file we're parsing + instead of just stating that we're parsing the geoip file. + Implements ticket 2432. + + o Minor bugfixes: + - Check for and reject overly long directory certificates and + directory tokens before they have a chance to hit any assertions. + Bugfix on 0.2.1.28 / 0.2.2.20-alpha. Found by "doorss". + + +Changes in version 0.2.2.21-alpha - 2011-01-15 + Tor 0.2.2.21-alpha includes all the patches from Tor 0.2.1.29, which + continues our recent code security audit work. The main fix resolves + a remote heap overflow vulnerability that can allow remote code + execution (CVE-2011-0427). Other fixes address a variety of assert + and crash bugs, most of which we think are hard to exploit remotely. + + o Major bugfixes (security), also included in 0.2.1.29: + - Fix a heap overflow bug where an adversary could cause heap + corruption. This bug probably allows remote code execution + attacks. Reported by "debuger". Fixes CVE-2011-0427. Bugfix on + 0.1.2.10-rc. + - Prevent a denial-of-service attack by disallowing any + zlib-compressed data whose compression factor is implausibly + high. Fixes part of bug 2324; reported by "doorss". + - Zero out a few more keys in memory before freeing them. Fixes + bug 2384 and part of bug 2385. These key instances found by + "cypherpunks", based on Andrew Case's report about being able + to find sensitive data in Tor's memory space if you have enough + permissions. Bugfix on 0.0.2pre9. + + o Major bugfixes (crashes), also included in 0.2.1.29: + - Prevent calls to Libevent from inside Libevent log handlers. + This had potential to cause a nasty set of crashes, especially + if running Libevent with debug logging enabled, and running + Tor with a controller watching for low-severity log messages. + Bugfix on 0.1.0.2-rc. Fixes bug 2190. + - Add a check for SIZE_T_MAX to tor_realloc() to try to avoid + underflow errors there too. Fixes the other part of bug 2324. + - Fix a bug where we would assert if we ever had a + cached-descriptors.new file (or another file read directly into + memory) of exactly SIZE_T_CEILING bytes. Fixes bug 2326; bugfix + on 0.2.1.25. Found by doorss. + - Fix some potential asserts and parsing issues with grossly + malformed router caches. Fixes bug 2352; bugfix on Tor 0.2.1.27. + Found by doorss. + + o Minor bugfixes (other), also included in 0.2.1.29: + - Fix a bug with handling misformed replies to reverse DNS lookup + requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related to a + bug reported by doorss. + - Fix compilation on mingw when a pthreads compatibility library + has been installed. (We don't want to use it, so we shouldn't + be including pthread.h.) Fixes bug 2313; bugfix on 0.1.0.1-rc. + - Fix a bug where we would declare that we had run out of virtual + addresses when the address space was only half-exhausted. Bugfix + on 0.1.2.1-alpha. + - Correctly handle the case where AutomapHostsOnResolve is set but + no virtual addresses are available. Fixes bug 2328; bugfix on + 0.1.2.1-alpha. Bug found by doorss. + - Correctly handle wrapping around when we run out of virtual + address space. Found by cypherpunks; bugfix on 0.2.0.5-alpha. + + o Minor features, also included in 0.2.1.29: + - Update to the January 1 2011 Maxmind GeoLite Country database. + - Introduce output size checks on all of our decryption functions. + + o Build changes, also included in 0.2.1.29: + - Tor does not build packages correctly with Automake 1.6 and earlier; + added a check to Makefile.am to make sure that we're building with + Automake 1.7 or later. + - The 0.2.1.28 tarball was missing src/common/OpenBSD_malloc_Linux.c + because we built it with a too-old version of automake. Thus that + release broke ./configure --enable-openbsd-malloc, which is popular + among really fast exit relays on Linux. + + o Major bugfixes, new in 0.2.2.21-alpha: + - Prevent crash/heap corruption when the cbtnummodes consensus + parameter is set to 0 or large values. Fixes bug 2317; bugfix + on 0.2.2.14-alpha. + + o Major features, new in 0.2.2.21-alpha: + - Introduce minimum/maximum values that clients will believe + from the consensus. Now we'll have a better chance to avoid crashes + or worse when a consensus param has a weird value. + + o Minor features, new in 0.2.2.21-alpha: + - Make sure to disable DirPort if running as a bridge. DirPorts aren't + used on bridges, and it makes bridge scanning somewhat easier. + - If writing the state file to disk fails, wait up to an hour before + retrying again, rather than trying again each second. Fixes bug + 2346; bugfix on Tor 0.1.1.3-alpha. + - Make Libevent log messages get delivered to controllers later, + and not from inside the Libevent log handler. This prevents unsafe + reentrant Libevent calls while still letting the log messages + get through. + - Detect platforms that brokenly use a signed size_t, and refuse to + build there. Found and analyzed by doorss and rransom. + - Fix a bunch of compile warnings revealed by mingw with gcc 4.5. + Resolves bug 2314. + + o Minor bugfixes, new in 0.2.2.21-alpha: + - Handle SOCKS messages longer than 128 bytes long correctly, rather + than waiting forever for them to finish. Fixes bug 2330; bugfix + on 0.2.0.16-alpha. Found by doorss. + - Add assertions to check for overflow in arguments to + base32_encode() and base32_decode(); fix a signed-unsigned + comparison there too. These bugs are not actually reachable in Tor, + but it's good to prevent future errors too. Found by doorss. + - Correctly detect failures to create DNS requests when using Libevent + versions before v2. (Before Libevent 2, we used our own evdns + implementation. Its return values for Libevent's evdns_resolve_*() + functions are not consistent with those from Libevent.) Fixes bug + 2363; bugfix on 0.2.2.6-alpha. Found by "lodger". + + o Documentation, new in 0.2.2.21-alpha: + - Document the default socks host and port (127.0.0.1:9050) for + tor-resolve. + + +Changes in version 0.2.1.29 - 2011-01-15 + Tor 0.2.1.29 continues our recent code security audit work. The main + fix resolves a remote heap overflow vulnerability that can allow remote + code execution. Other fixes address a variety of assert and crash bugs, + most of which we think are hard to exploit remotely. + + o Major bugfixes (security): + - Fix a heap overflow bug where an adversary could cause heap + corruption. This bug probably allows remote code execution + attacks. Reported by "debuger". Fixes CVE-2011-0427. Bugfix on + 0.1.2.10-rc. + - Prevent a denial-of-service attack by disallowing any + zlib-compressed data whose compression factor is implausibly + high. Fixes part of bug 2324; reported by "doorss". + - Zero out a few more keys in memory before freeing them. Fixes + bug 2384 and part of bug 2385. These key instances found by + "cypherpunks", based on Andrew Case's report about being able + to find sensitive data in Tor's memory space if you have enough + permissions. Bugfix on 0.0.2pre9. + + o Major bugfixes (crashes): + - Prevent calls to Libevent from inside Libevent log handlers. + This had potential to cause a nasty set of crashes, especially + if running Libevent with debug logging enabled, and running + Tor with a controller watching for low-severity log messages. + Bugfix on 0.1.0.2-rc. Fixes bug 2190. + - Add a check for SIZE_T_MAX to tor_realloc() to try to avoid + underflow errors there too. Fixes the other part of bug 2324. + - Fix a bug where we would assert if we ever had a + cached-descriptors.new file (or another file read directly into + memory) of exactly SIZE_T_CEILING bytes. Fixes bug 2326; bugfix + on 0.2.1.25. Found by doorss. + - Fix some potential asserts and parsing issues with grossly + malformed router caches. Fixes bug 2352; bugfix on Tor 0.2.1.27. + Found by doorss. + + o Minor bugfixes (other): + - Fix a bug with handling misformed replies to reverse DNS lookup + requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related to a + bug reported by doorss. + - Fix compilation on mingw when a pthreads compatibility library + has been installed. (We don't want to use it, so we shouldn't + be including pthread.h.) Fixes bug 2313; bugfix on 0.1.0.1-rc. + - Fix a bug where we would declare that we had run out of virtual + addresses when the address space was only half-exhausted. Bugfix + on 0.1.2.1-alpha. + - Correctly handle the case where AutomapHostsOnResolve is set but + no virtual addresses are available. Fixes bug 2328; bugfix on + 0.1.2.1-alpha. Bug found by doorss. + - Correctly handle wrapping around to when we run out of virtual + address space. Found by cypherpunks, bugfix on 0.2.0.5-alpha. + - The 0.2.1.28 tarball was missing src/common/OpenBSD_malloc_Linux.c + because we built it with a too-old version of automake. Thus that + release broke ./configure --enable-openbsd-malloc, which is popular + among really fast exit relays on Linux. + + o Minor features: + - Update to the January 1 2011 Maxmind GeoLite Country database. + - Introduce output size checks on all of our decryption functions. + + o Build changes: + - Tor does not build packages correctly with Automake 1.6 and earlier; + added a check to Makefile.am to make sure that we're building with + Automake 1.7 or later. + + +Changes in version 0.2.2.20-alpha - 2010-12-17 + Tor 0.2.2.20-alpha does some code cleanup to reduce the risk of remotely + exploitable bugs. We also fix a variety of other significant bugs, + change the IP address for one of our directory authorities, and update + the minimum version that Tor relays must run to join the network. + + o Major bugfixes: + - Fix a remotely exploitable bug that could be used to crash instances + of Tor remotely by overflowing on the heap. Remote-code execution + hasn't been confirmed, but can't be ruled out. Everyone should + upgrade. Bugfix on the 0.1.1 series and later. + - Fix a bug that could break accounting on 64-bit systems with large + time_t values, making them hibernate for impossibly long intervals. + Fixes bug 2146. Bugfix on 0.0.9pre6; fix by boboper. + - Fix a logic error in directory_fetches_from_authorities() that + would cause all _non_-exits refusing single-hop-like circuits + to fetch from authorities, when we wanted to have _exits_ fetch + from authorities. Fixes more of 2097. Bugfix on 0.2.2.16-alpha; + fix by boboper. + - Fix a stream fairness bug that would cause newer streams on a given + circuit to get preference when reading bytes from the origin or + destination. Fixes bug 2210. Fix by Mashael AlSabah. This bug was + introduced before the first Tor release, in svn revision r152. + + o Directory authority changes: + - Change IP address and ports for gabelmoo (v3 directory authority). + + o Minor bugfixes: + - Avoid crashes when AccountingMax is set on clients. Fixes bug 2235. + Bugfix on 0.2.2.18-alpha. Diagnosed by boboper. + - Fix an off-by-one error in calculating some controller command + argument lengths. Fortunately, this mistake is harmless since + the controller code does redundant NUL termination too. Found by + boboper. Bugfix on 0.1.1.1-alpha. + - Do not dereference NULL if a bridge fails to build its + extra-info descriptor. Found by an anonymous commenter on + Trac. Bugfix on 0.2.2.19-alpha. + + o Minor features: + - Update to the December 1 2010 Maxmind GeoLite Country database. + - Directory authorities now reject relays running any versions of + Tor between 0.2.1.3-alpha and 0.2.1.18 inclusive; they have + known bugs that keep RELAY_EARLY cells from working on rendezvous + circuits. Followup to fix for bug 2081. + - Directory authorities now reject relays running any version of Tor + older than 0.2.0.26-rc. That version is the earliest that fetches + current directory information correctly. Fixes bug 2156. + - Report only the top 10 ports in exit-port stats in order not to + exceed the maximum extra-info descriptor length of 50 KB. Implements + task 2196. + + +Changes in version 0.2.1.28 - 2010-12-17 + Tor 0.2.1.28 does some code cleanup to reduce the risk of remotely + exploitable bugs. We also took this opportunity to change the IP address + for one of our directory authorities, and to update the geoip database + we ship. + + o Major bugfixes: + - Fix a remotely exploitable bug that could be used to crash instances + of Tor remotely by overflowing on the heap. Remote-code execution + hasn't been confirmed, but can't be ruled out. Everyone should + upgrade. Bugfix on the 0.1.1 series and later. + + o Directory authority changes: + - Change IP address and ports for gabelmoo (v3 directory authority). + + o Minor features: + - Update to the December 1 2010 Maxmind GeoLite Country database. + + +Changes in version 0.2.1.27 - 2010-11-23 + Yet another OpenSSL security patch broke its compatibility with Tor: + Tor 0.2.1.27 makes relays work with openssl 0.9.8p and 1.0.0.b. We + also took this opportunity to fix several crash bugs, integrate a new + directory authority, and update the bundled GeoIP database. + + o Major bugfixes: + - Resolve an incompatibility with OpenSSL 0.9.8p and OpenSSL 1.0.0b: + No longer set the tlsext_host_name extension on server SSL objects; + but continue to set it on client SSL objects. Our goal in setting + it was to imitate a browser, not a vhosting server. Fixes bug 2204; + bugfix on 0.2.1.1-alpha. + - Do not log messages to the controller while shrinking buffer + freelists. Doing so would sometimes make the controller connection + try to allocate a buffer chunk, which would mess up the internals + of the freelist and cause an assertion failure. Fixes bug 1125; + fixed by Robert Ransom. Bugfix on 0.2.0.16-alpha. + - Learn our external IP address when we're a relay or bridge, even if + we set PublishServerDescriptor to 0. Bugfix on 0.2.0.3-alpha, + where we introduced bridge relays that don't need to publish to + be useful. Fixes bug 2050. + - Do even more to reject (and not just ignore) annotations on + router descriptors received anywhere but from the cache. Previously + we would ignore such annotations at first, but cache them to disk + anyway. Bugfix on 0.2.0.8-alpha. Found by piebeer. + - When you're using bridges and your network goes away and your + bridges get marked as down, recover when you attempt a new socks + connection (if the network is back), rather than waiting up to an + hour to try fetching new descriptors for your bridges. Bugfix on + 0.2.0.3-alpha; fixes bug 1981. + + o Major features: + - Move to the November 2010 Maxmind GeoLite country db (rather + than the June 2009 ip-to-country GeoIP db) for our statistics that + count how many users relays are seeing from each country. Now we'll + have more accurate data, especially for many African countries. + + o New directory authorities: + - Set up maatuska (run by Linus Nordberg) as the eighth v3 directory + authority. + + o Minor bugfixes: + - Fix an assertion failure that could occur in directory caches or + bridge users when using a very short voting interval on a testing + network. Diagnosed by Robert Hogan. Fixes bug 1141; bugfix on + 0.2.0.8-alpha. + - Enforce multiplicity rules when parsing annotations. Bugfix on + 0.2.0.8-alpha. Found by piebeer. + - Allow handshaking OR connections to take a full KeepalivePeriod + seconds to handshake. Previously, we would close them after + IDLE_OR_CONN_TIMEOUT (180) seconds, the same timeout as if they + were open. Bugfix on 0.2.1.26; fixes bug 1840. Thanks to mingw-san + for analysis help. + - When building with --enable-gcc-warnings on OpenBSD, disable + warnings in system headers. This makes --enable-gcc-warnings + pass on OpenBSD 4.8. + + o Minor features: + - Exit nodes didn't recognize EHOSTUNREACH as a plausible error code, + and so sent back END_STREAM_REASON_MISC. Clients now recognize a new + stream ending reason for this case: END_STREAM_REASON_NOROUTE. + Servers can start sending this code when enough clients recognize + it. Bugfix on 0.1.0.1-rc; fixes part of bug 1793. + - Build correctly on mingw with more recent versions of OpenSSL 0.9.8. + Patch from mingw-san. + + o Removed files: + - Remove the old debian/ directory from the main Tor distribution. + The official Tor-for-debian git repository lives at the URL + https://git.torproject.org/debian/tor.git + - Stop shipping the old doc/website/ directory in the tarball. We + changed the website format in late 2010, and what we shipped in + 0.2.1.26 really wasn't that useful anyway. + + Changes in version 0.2.2.19-alpha - 2010-11-22 Yet another OpenSSL security patch broke its compatibility with Tor: Tor 0.2.2.19-alpha makes relays work with OpenSSL 0.9.8p and 1.0.0.b. @@ -543,9 +3924,10 @@ Changes in version 0.2.2.14-alpha - 2010-07-12 o Minor features: - New config option "WarnUnsafeSocks 0" disables the warning that - occurs whenever Tor receives only an IP address instead of a - hostname. Setups that do DNS locally over Tor are fine, and we - shouldn't spam the logs in that case. + occurs whenever Tor receives a socks handshake using a version of + the socks protocol that can only provide an IP address (rather + than a hostname). Setups that do DNS locally over Tor are fine, + and we shouldn't spam the logs in that case. - Convert the HACKING file to asciidoc, and add a few new sections to it, explaining how we use Git, how we make changelogs, and what should go in a patch. @@ -1307,8 +4689,9 @@ Changes in version 0.2.2.5-alpha - 2009-10-11 o Major bugfixes: - Make the tarball compile again. Oops. Bugfix on 0.2.2.4-alpha. - o New directory authorities: - - Move dizum to an alternate IP address. + o Directory authorities: + - Temporarily (just for this release) move dizum to an alternate + IP address. Changes in version 0.2.2.4-alpha - 2009-10-10 @@ -1478,8 +4861,8 @@ Changes in version 0.2.2.1-alpha - 2009-08-26 oldest-bug prize. o New options for gathering stats safely: - - Directories that set "DirReqStatistics 1" write statistics on - directory request to disk every 24 hours. As compared to the + - Directory mirrors that set "DirReqStatistics 1" write statistics + about directory requests to disk every 24 hours. As compared to the --enable-geoip-stats flag in 0.2.1.x, there are a few improvements: 1) stats are written to disk exactly every 24 hours; 2) estimated shares of v2 and v3 requests are determined as mean values, not at @@ -1517,9 +4900,9 @@ Changes in version 0.2.2.1-alpha - 2009-08-26 the git commit (when we're building from a git checkout). o Minor bugfixes: - - If any the v3 certs we download are unparseable, we should actually - notice the failure so we don't retry indefinitely. Bugfix on - 0.2.0.x; reported by "rotator". + - If any of the v3 certs we download are unparseable, we should + actually notice the failure so we don't retry indefinitely. Bugfix + on 0.2.0.x; reported by "rotator". - If the cached cert file is unparseable, warn but don't exit. - Fix possible segmentation fault on directory authorities. Bugfix on 0.2.1.14-rc. @@ -2306,7 +5689,7 @@ Changes in version 0.2.1.9-alpha - 2008-12-25 - When a download gets us zero good descriptors, do not notify Tor that new directory information has arrived. - Avoid some nasty corner cases in the logic for marking connections - as too old or obsolete or noncanonical for circuits. Partial + as too old or obsolete or noncanonical for circuits. Partial bugfix on bug 891. o Minor features (controller): @@ -3378,7 +6761,7 @@ Changes in version 0.2.0.22-rc - 2008-03-18 bugs. Bug found by lodger. Bugfix on 0.2.0.16-alpha. - Fix the implementation of ClientDNSRejectInternalAddresses so that it actually works, and doesn't warn about every single reverse lookup. - Fixes the other part of bug 617. Bugfix on 0.2.0.1-alpha. + Fixes the other part of bug 617. Bugfix on 0.2.0.1-alpha. o Minor features: - Only log guard node status when guard node status has changed. @@ -3561,7 +6944,7 @@ Changes in version 0.2.0.19-alpha - 2008-02-09 bandwidthburst values. o Minor features (controller): - - Reject controller commands over 1MB in length. This keeps rogue + - Reject controller commands over 1MB in length. This keeps rogue processes from running us out of memory. o Minor features (misc): @@ -3605,7 +6988,7 @@ Changes in version 0.2.0.19-alpha - 2008-02-09 - Fix shell error when warning about missing packages in configure script, on Fedora or Red Hat machines. Bugfix on 0.2.0.x. - Do not become confused when receiving a spurious VERSIONS-like - cell from a confused v1 client. Bugfix on 0.2.0.x. + cell from a confused v1 client. Bugfix on 0.2.0.x. - Re-fetch v2 (as well as v0) rendezvous descriptors when all introduction points for a hidden service have failed. Patch from Karsten Loesing. Bugfix on 0.2.0.x. @@ -3893,8 +7276,8 @@ Changes in version 0.2.0.14-alpha - 2007-12-23 - Make PublishServerDescriptor default to 1, so the default doesn't have to change as we invent new directory protocol versions. - Fix test for rlim_t on OSX 10.3: sys/resource.h doesn't want to - be included unless sys/time.h is already included. Fixes - bug 553. Bugfix on 0.2.0.x. + be included unless sys/time.h is already included. Fixes + bug 553. Bugfix on 0.2.0.x. - If we receive a general-purpose descriptor and then receive an identical bridge-purpose descriptor soon after, don't discard the next one as a duplicate. @@ -4001,7 +7384,7 @@ Changes in version 0.2.0.13-alpha - 2007-12-21 in really weird results on platforms whose sys/types.h files define nonstandard integer types. Bugfix on 0.1.2.x. - Fix compilation with --disable-threads set. Bugfix on 0.2.0.x. - - Don't crash on name lookup when we have no current consensus. Fixes + - Don't crash on name lookup when we have no current consensus. Fixes bug 538; bugfix on 0.2.0.x. - Only Tors that want to mirror the v2 directory info should create the "cached-status" directory in their datadir. (All Tors @@ -4185,7 +7568,7 @@ Changes in version 0.2.0.10-alpha - 2007-11-10 - Use "If-Modified-Since" to avoid retrieving consensus networkstatuses that we already have. - When we have no consensus, check FallbackNetworkstatusFile (defaults - to $PREFIX/share/tor/fallback-consensus) for a consensus. This way + to $PREFIX/share/tor/fallback-consensus) for a consensus. This way we start knowing some directory caches. - When we receive a consensus from the future, warn about skew. - Improve skew reporting: try to give the user a better log message @@ -4195,7 +7578,7 @@ Changes in version 0.2.0.10-alpha - 2007-11-10 - New --quiet command-line option to suppress the default console log. Good in combination with --hash-password. - Authorities send back an X-Descriptor-Not-New header in response to - an accepted-but-discarded descriptor upload. Partially implements + an accepted-but-discarded descriptor upload. Partially implements fix for bug 535. - Make the log message for "tls error. breaking." more useful. - Better log messages about certificate downloads, to attempt to @@ -4232,15 +7615,15 @@ Changes in version 0.2.0.10-alpha - 2007-11-10 on 0.2.0.1-alpha. - Stop leaking memory every time we load a v3 certificate. Bugfix on 0.2.0.1-alpha. Fixes bug 536. - - Stop leaking a cached networkstatus on exit. Bugfix on + - Stop leaking a cached networkstatus on exit. Bugfix on 0.2.0.3-alpha. - Stop leaking voter information every time we free a consensus. Bugfix on 0.2.0.3-alpha. - Stop leaking signed data every time we check a voter signature. Bugfix on 0.2.0.3-alpha. - Stop leaking a signature every time we fail to parse a consensus or - a vote. Bugfix on 0.2.0.3-alpha. - - Stop leaking v2_download_status_map on shutdown. Bugfix on + a vote. Bugfix on 0.2.0.3-alpha. + - Stop leaking v2_download_status_map on shutdown. Bugfix on 0.2.0.9-alpha. - Stop leaking conn->nickname every time we make a connection to a Tor relay without knowing its expected identity digest (e.g. when @@ -4371,7 +7754,7 @@ Changes in version 0.2.0.9-alpha - 2007-10-24 - Reattempt certificate downloads immediately on failure, as long as we haven't failed a threshold number of times yet. - Delay retrying consensus downloads while we're downloading - certificates to verify the one we just got. Also, count getting a + certificates to verify the one we just got. Also, count getting a consensus that we already have (or one that isn't valid) as a failure, and count failing to get the certificates after 20 minutes as a failure. @@ -4463,13 +7846,13 @@ Changes in version 0.2.0.9-alpha - 2007-10-24 yet. Bug found by spending four hours without a v3 consensus. Bugfix on 0.1.2.x. - Detect the reason for failing to mmap a descriptor file we just - wrote, and give a more useful log message. Fixes bug 533. Bugfix + wrote, and give a more useful log message. Fixes bug 533. Bugfix on 0.1.2.x. o Code simplifications and refactoring: - Remove support for the old bw_accounting file: we've been storing bandwidth accounting information in the state file since - 0.1.2.5-alpha. This may result in bandwidth accounting errors + 0.1.2.5-alpha. This may result in bandwidth accounting errors if you try to upgrade from 0.1.1.x or earlier, or if you try to downgrade to 0.1.1.x or earlier. - New convenience code to locate a file within the DataDirectory. @@ -4509,9 +7892,9 @@ Changes in version 0.2.0.8-alpha - 2007-10-12 - When a v3 authority is missing votes or signatures, it now tries to fetch them. - Directory authorities track weighted fractional uptime as well as - weighted mean-time-between failures. WFU is suitable for deciding + weighted mean-time-between failures. WFU is suitable for deciding whether a node is "usually up", while MTBF is suitable for deciding - whether a node is "likely to stay up." We need both, because + whether a node is "likely to stay up." We need both, because "usually up" is a good requirement for guards, while "likely to stay up" is a good requirement for long-lived connections. @@ -4932,7 +8315,7 @@ Changes in version 0.2.0.5-alpha - 2007-08-19 - If we require CookieAuthentication, stop generating a new cookie every time we change any piece of our config. - When loading bandwidth history, do not believe any information in - the future. Fixes bug 434. + the future. Fixes bug 434. - When loading entry guard information, do not believe any information in the future. - When we have our clock set far in the future and generate an @@ -5237,7 +8620,7 @@ Changes in version 0.2.0.1-alpha - 2007-06-01 - Change the way that Tor buffers data that it is waiting to write. Instead of queueing data cells in an enormous ring buffer for each client->OR or OR->OR connection, we now queue cells on a separate - queue for each circuit. This lets us use less slack memory, and + queue for each circuit. This lets us use less slack memory, and will eventually let us be smarter about prioritizing different kinds of traffic. - Use memory pools to allocate cells with better speed and memory @@ -5297,7 +8680,7 @@ Changes in version 0.2.0.1-alpha - 2007-06-01 authorities should set. This will let future authorities choose not to serve V2 directory information. - Directory authorities allow multiple router descriptors and/or extra - info documents to be uploaded in a single go. This will make + info documents to be uploaded in a single go. This will make implementing proposal 104 simpler. o Minor features (controller): @@ -5314,15 +8697,15 @@ Changes in version 0.2.0.1-alpha - 2007-06-01 o Minor features (hidden services): - Allow multiple HiddenServicePort directives with the same virtual port; when they occur, the user is sent round-robin to one - of the target ports chosen at random. Partially fixes bug 393 by + of the target ports chosen at random. Partially fixes bug 393 by adding limited ad-hoc round-robining. o Minor features (other): - More unit tests. - Add a new AutomapHostsOnResolve option: when it is enabled, any resolve request for hosts matching a given pattern causes Tor to - generate an internal virtual address mapping for that host. This - allows DNSPort to work sensibly with hidden service users. By + generate an internal virtual address mapping for that host. This + allows DNSPort to work sensibly with hidden service users. By default, .exit and .onion addresses are remapped; the list of patterns can be reconfigured with AutomapHostsSuffixes. - Add an "-F" option to tor-resolve to force a resolve for a .onion @@ -5336,7 +8719,7 @@ Changes in version 0.2.0.1-alpha - 2007-06-01 o Removed features: - Removed support for the old binary "version 0" controller protocol. This has been deprecated since 0.1.1, and warnings have been issued - since 0.1.2. When we encounter a v0 control message, we now send + since 0.1.2. When we encounter a v0 control message, we now send back an error and close the connection. - Remove the old "dns worker" server DNS code: it hasn't been default since 0.1.2.2-alpha, and all the servers seem to be using the new @@ -5359,7 +8742,7 @@ Changes in version 0.2.0.1-alpha - 2007-06-01 o Minor bugfixes (logging): - When we hit an EOF on a log (probably because we're shutting down), don't try to remove the log from the list: just mark it as - unusable. (Bulletproofs against bug 222.) + unusable. (Bulletproofs against bug 222.) o Minor bugfixes (other): - In the exitlist script, only consider the most recently published @@ -5369,7 +8752,7 @@ Changes in version 0.2.0.1-alpha - 2007-06-01 connections to that address. (Resolves bug 405.) - Stop allowing hibernating servers to be "stable" or "fast". - On Windows, we were preventing other processes from reading - cached-routers while Tor was running. (Reported by janbar) + cached-routers while Tor was running. (Reported by janbar) - Make the NodeFamilies config option work. (Reported by lodger -- it has never actually worked, even though we added it in Oct 2004.) @@ -5542,10 +8925,10 @@ Changes in version 0.1.2.9-rc - 2007-03-02 o Minor bugfixes (other): - Fix an assert that could trigger if a controller quickly set then - cleared EntryNodes. (Bug found by Udo van den Heuvel.) + cleared EntryNodes. Bug found by Udo van den Heuvel. - On architectures where sizeof(int)>4, still clamp declarable bandwidth to INT32_MAX. - - Fix a potential race condition in the rpm installer. Found by + - Fix a potential race condition in the rpm installer. Found by Stefan Nordhausen. - Try to fix eventdns warnings once and for all: do not treat a dns rcode of 2 as indicating that the server is completely bad; it sometimes @@ -5578,8 +8961,8 @@ Changes in version 0.1.2.8-beta - 2007-02-26 o Minor bugfixes (controller): - Give the controller END_STREAM_REASON_DESTROY events _before_ we clear the corresponding on_circuit variable, and remember later - that we don't need to send a redundant CLOSED event. (Resolves part - 3 of bug 367.) + that we don't need to send a redundant CLOSED event. Resolves part + 3 of bug 367. - Report events where a resolve succeeded or where we got a socks protocol error correctly, rather than calling both of them "INTERNAL". @@ -5613,7 +8996,7 @@ Changes in version 0.1.2.8-beta - 2007-02-26 tor_munmap() for systems with no mmap() call. - When Tor receives a router descriptor that it asked for, but no longer wants (because it has received fresh networkstatuses - in the meantime), do not warn the user. Cache the descriptor if + in the meantime), do not warn the user. Cache the descriptor if we're a cache; drop it if we aren't. - Make earlier entry guards _really_ get retried when the network comes back online. @@ -5624,7 +9007,7 @@ Changes in version 0.1.2.8-beta - 2007-02-26 o Minor features (controller): - Warn the user when an application uses the obsolete binary v0 - control protocol. We're planning to remove support for it during + control protocol. We're planning to remove support for it during the next development series, so it's good to give people some advance warning. - Add STREAM_BW events to report per-entry-stream bandwidth @@ -5644,7 +9027,7 @@ Changes in version 0.1.2.8-beta - 2007-02-26 (This is showing up in some profiles, but not others.) o Minor features: - - Remove some never-implemented options. Mark PathlenCoinWeight as + - Remove some never-implemented options. Mark PathlenCoinWeight as obsolete. - Implement proposal 106: Stop requiring clients to have well-formed certificates; stop checking nicknames in certificates. (Clients @@ -5685,10 +9068,10 @@ Changes in version 0.1.2.7-alpha - 2007-02-06 o Major bugfixes (NT services): - Install as NT_AUTHORITY\LocalService rather than as SYSTEM; add a command-line flag so that admins can override the default by saying - "tor --service install --user "SomeUser"". This will not affect - existing installed services. Also, warn the user that the service + "tor --service install --user "SomeUser"". This will not affect + existing installed services. Also, warn the user that the service will look for its configuration file in the service user's - %appdata% directory. (We can't do the 'hardwire the user's appdata + %appdata% directory. (We can't do the 'hardwire the user's appdata directory' trick any more, since we may not have read access to that directory.) @@ -5735,7 +9118,7 @@ Changes in version 0.1.2.7-alpha - 2007-02-06 "DNS resolve socks failed" handshake reply; just close it. - Stop using C functions that OpenBSD's linker doesn't like. - Don't launch requests for descriptors unless we have networkstatuses - from at least half of the authorities. This delays the first + from at least half of the authorities. This delays the first download slightly under pathological circumstances, but can prevent us from downloading a bunch of descriptors we don't need. - Do not log IPs with TLS failures for incoming TLS @@ -6113,7 +9496,7 @@ Changes in version 0.1.2.3-alpha - 2006-10-29 o Minor features, controller: - Add a REASON field to CIRC events; for backward compatibility, this field is sent only to controllers that have enabled the extended - event format. Also, add additional reason codes to explain why + event format. Also, add additional reason codes to explain why a given circuit has been destroyed or truncated. (Patches from Mike Perry) - Add a REMOTE_REASON field to extended CIRC events to tell the @@ -6142,14 +9525,14 @@ Changes in version 0.1.2.3-alpha - 2006-10-29 - When the controller does a "GETINFO network-status", tell it about even those routers whose descriptors are very old, and use long nicknames where appropriate. - - Change NT service functions to be loaded on demand. This lets us + - Change NT service functions to be loaded on demand. This lets us build with MinGW without breaking Tor for Windows 98 users. - Do DirPort reachability tests less often, since a single test chews through many circuits before giving up. - In the hidden service example in torrc.sample, stop recommending esoteric and discouraged hidden service options. - When stopping an NT service, wait up to 10 sec for it to actually - stop. (Patch from Matt Edman; resolves bug 295.) + stop. Patch from Matt Edman; resolves bug 295. - Fix handling of verbose nicknames with ORCONN controller events: make them show up exactly when requested, rather than exactly when not requested. @@ -6805,7 +10188,7 @@ Changes in version 0.1.1.15-rc - 2006-03-11 - Add a new circuit purpose 'controller' to let the controller ask for a circuit that Tor won't try to use. Extend the EXTENDCIRCUIT controller command to let you specify the purpose if you're - starting a new circuit. Add a new SETCIRCUITPURPOSE controller + starting a new circuit. Add a new SETCIRCUITPURPOSE controller command to let you change a circuit's purpose after it's been created. - Accept "private:*" in routerdesc exit policies; not generated yet @@ -6849,7 +10232,7 @@ Changes in version 0.1.1.14-alpha - 2006-02-20 be forward-compatible. - Generate 18.0.0.0/8 address policy format in descs when we can; warn when the mask is not reducible to a bit-prefix. - - Let the user set ControlListenAddress in the torrc. This can be + - Let the user set ControlListenAddress in the torrc. This can be dangerous, but there are some cases (like a secured LAN) where it makes sense. - Split ReachableAddresses into ReachableDirAddresses and @@ -7308,7 +10691,7 @@ Changes in version 0.1.1.9-alpha - 2005-11-15 - Start making directory caches retain old routerinfos, so soon clients can start asking by digest of descriptor rather than by fingerprint of server. - - Add half our entropy from RAND_poll in OpenSSL. This knows how + - Add half our entropy from RAND_poll in OpenSSL. This knows how to use egd (if present), openbsd weirdness (if present), vms/os2 weirdness (if we ever port there), and more in the future. @@ -8154,7 +11537,7 @@ Changes in version 0.1.0.1-rc - 2005-03-28 o Robustness/stability fixes: - Make Tor use Niels Provos's libevent instead of its current - poll-but-sometimes-select mess. This will let us use faster async + poll-but-sometimes-select mess. This will let us use faster async cores (like epoll, kpoll, and /dev/poll), and hopefully work better on Windows too. - pthread support now too. This was forced because when we forked, @@ -8272,7 +11655,7 @@ Changes in version 0.1.0.1-rc - 2005-03-28 Changes in version 0.0.9.6 - 2005-03-24 o Bugfixes on 0.0.9.x (crashes and asserts): - Add new end stream reasons to maintainance branch. Fix bug where - reason (8) could trigger an assert. Prevent bug from recurring. + reason (8) could trigger an assert. Prevent bug from recurring. - Apparently win32 stat wants paths to not end with a slash. - Fix assert triggers in assert_cpath_layer_ok(), where we were blowing away the circuit that conn->cpath_layer points to, then @@ -8495,7 +11878,7 @@ Changes in version 0.0.9rc5 - 2004-12-01 but doesn't seem to be currently; thanks to Ilja van Sprundel for finding it. - If anybody set DirFetchPostPeriod, give them StatusFetchPeriod - instead. Impose minima and maxima for all *Period options; impose + instead. Impose minima and maxima for all *Period options; impose even tighter maxima for fetching if we are a caching dirserver. Clip rather than rejecting. - Fetch cached running-routers from servers that serve it (that is, @@ -9476,7 +12859,7 @@ Changes in version 0.0.2pre20 - 2004-01-30 - I've split the TotalBandwidth option into BandwidthRate (how many bytes per second you want to allow, long-term) and BandwidthBurst (how many bytes you will allow at once before the cap - kicks in). This better token bucket approach lets you, say, set + kicks in). This better token bucket approach lets you, say, set BandwidthRate to 10KB/s and BandwidthBurst to 10MB, allowing good performance while not exceeding your monthly bandwidth quota. - Push out a tls record's worth of data once you've got it, rather |