diff options
Diffstat (limited to 'ReleaseNotes')
| -rw-r--r-- | ReleaseNotes | 2196 |
1 files changed, 2195 insertions, 1 deletions
diff --git a/ReleaseNotes b/ReleaseNotes index af61a4d739..1e56ffaf89 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -2,6 +2,2200 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file. +Changes in version 0.3.0.8 - 2017-06-08 + Tor 0.3.0.8 fixes a pair of bugs that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-004 and TROVE-2017-005. + + Tor 0.3.0.8 also includes fixes for several key management bugs + that sometimes made relays unreliable, as well as several other + bugfixes described below. + + o Major bugfixes (hidden service, relay, security, backport + from 0.3.1.3-alpha): + - Fix a remotely triggerable assertion failure when a hidden service + handles a malformed BEGIN cell. Fixes bug 22493, tracked as + TROVE-2017-004 and as CVE-2017-0375; bugfix on 0.3.0.1-alpha. + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Major bugfixes (relay, link handshake, backport from 0.3.1.3-alpha): + - When performing the v3 link handshake on a TLS connection, report + that we have the x509 certificate that we actually used on that + connection, even if we have changed certificates since that + connection was first opened. Previously, we would claim to have + used our most recent x509 link certificate, which would sometimes + make the link handshake fail. Fixes one case of bug 22460; bugfix + on 0.2.3.6-alpha. + + o Major bugfixes (relays, key management, backport from 0.3.1.3-alpha): + - Regenerate link and authentication certificates whenever the key + that signs them changes; also, regenerate link certificates + whenever the signed key changes. Previously, these processes were + only weakly coupled, and we relays could (for minutes to hours) + wind up with an inconsistent set of keys and certificates, which + other relays would not accept. Fixes two cases of bug 22460; + bugfix on 0.3.0.1-alpha. + - When sending an Ed25519 signing->link certificate in a CERTS cell, + send the certificate that matches the x509 certificate that we + used on the TLS connection. Previously, there was a race condition + if the TLS context rotated after we began the TLS handshake but + before we sent the CERTS cell. Fixes a case of bug 22460; bugfix + on 0.3.0.1-alpha. + + o Major bugfixes (hidden service v3, backport from 0.3.1.1-alpha): + - Stop rejecting v3 hidden service descriptors because their size + did not match an old padding rule. Fixes bug 22447; bugfix on + tor-0.3.0.1-alpha. + + o Minor features (fallback directory list, backport from 0.3.1.3-alpha): + - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in + December 2016 (of which ~126 were still functional) with a list of + 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May + 2017. Resolves ticket 21564. + + o Minor bugfixes (configuration, backport from 0.3.1.1-alpha): + - Do not crash when starting with LearnCircuitBuildTimeout 0. Fixes + bug 22252; bugfix on 0.2.9.3-alpha. + + o Minor bugfixes (correctness, backport from 0.3.1.3-alpha): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + + o Minor bugfixes (link handshake, backport from 0.3.1.3-alpha): + - Lower the lifetime of the RSA->Ed25519 cross-certificate to six + months, and regenerate it when it is within one month of expiring. + Previously, we had generated this certificate at startup with a + ten-year lifetime, but that could lead to weird behavior when Tor + was started with a grossly inaccurate clock. Mitigates bug 22466; + mitigation on 0.3.0.1-alpha. + + o Minor bugfixes (memory leak, directory authority, backport from + 0.3.1.2-alpha): + - When directory authorities reject a router descriptor due to + keypinning, free the router descriptor rather than leaking the + memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha. + + +Changes in version 0.2.9.11 - 2017-06-08 + Tor 0.2.9.11 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + Tor 0.2.9.11 also backports fixes for several key management bugs + that sometimes made relays unreliable, as well as several other + bugfixes described below. + + o Major bugfixes (hidden service, relay, security, backport + from 0.3.1.3-alpha): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Major bugfixes (relay, link handshake, backport from 0.3.1.3-alpha): + - When performing the v3 link handshake on a TLS connection, report + that we have the x509 certificate that we actually used on that + connection, even if we have changed certificates since that + connection was first opened. Previously, we would claim to have + used our most recent x509 link certificate, which would sometimes + make the link handshake fail. Fixes one case of bug 22460; bugfix + on 0.2.3.6-alpha. + + o Minor features (fallback directory list, backport from 0.3.1.3-alpha): + - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in + December 2016 (of which ~126 were still functional) with a list of + 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May + 2017. Resolves ticket 21564. + + o Minor features (future-proofing, backport from 0.3.0.7): + - Tor no longer refuses to download microdescriptors or descriptors if + they are listed as "published in the future". This change will + eventually allow us to stop listing meaningful "published" dates + in microdescriptor consensuses, and thereby allow us to reduce the + resources required to download consensus diffs by over 50%. + Implements part of ticket 21642; implements part of proposal 275. + + o Minor features (directory authorities, backport from 0.3.0.4-rc) + - Directory authorities now reject relays running versions + 0.2.9.1-alpha through 0.2.9.4-alpha, because those relays + suffer from bug 20499 and don't keep their consensus cache + up-to-date. Resolves ticket 20509. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (control port, backport from 0.3.0.6): + - The GETINFO extra-info/digest/<digest> command was broken because + of a wrong base16 decode return value check, introduced when + refactoring that API. Fixes bug 22034; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (correctness, backport from 0.3.1.3-alpha): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + + o Minor bugfixes (Linux seccomp2 sandbox, backport from 0.3.0.7): + - The getpid() system call is now permitted under the Linux seccomp2 + sandbox, to avoid crashing with versions of OpenSSL (and other + libraries) that attempt to learn the process's PID by using the + syscall rather than the VDSO code. Fixes bug 21943; bugfix + on 0.2.5.1-alpha. + + o Minor bugfixes (memory leak, directory authority, backport + from 0.3.1.2-alpha): + - When directory authorities reject a router descriptor due to + keypinning, free the router descriptor rather than leaking the + memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha. + +Changes in version 0.2.8.14 - 2017-06-08 + Tor 0.2.7.8 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor features (fallback directory list, backport from 0.3.1.3-alpha): + - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in + December 2016 (of which ~126 were still functional) with a list of + 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May + 2017. Resolves ticket 21564. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + +Changes in version 0.2.7.8 - 2017-06-08 + Tor 0.2.7.8 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + + +Changes in version 0.2.6.12 - 2017-06-08 + Tor 0.2.6.12 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + +Changes in version 0.2.5.14 - 2017-06-08 + Tor 0.2.5.14 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + +Changes in version 0.2.4.29 - 2017-06-08 + Tor 0.2.4.29 backports a fix for a bug that would allow an attacker to + remotely crash a hidden service with an assertion failure. Anyone + running a hidden service should upgrade to this version, or to some + other version with fixes for TROVE-2017-005. (Versions before 0.3.0 + are not affected by TROVE-2017-004.) + + o Major bugfixes (hidden service, relay, security): + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (correctness): + - Avoid undefined behavior when parsing IPv6 entries from the geoip6 + file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. + + +Changes in version 0.3.0.7 - 2017-05-15 + Tor 0.3.0.7 fixes a medium-severity security bug in earlier versions + of Tor 0.3.0.x, where an attacker could cause a Tor relay process + to exit. Relays running earlier versions of Tor 0.3.0.x should upgrade; + clients are not affected. + + o Major bugfixes (hidden service directory, security): + - Fix an assertion failure in the hidden service directory code, which + could be used by an attacker to remotely cause a Tor relay process to + exit. Relays running earlier versions of Tor 0.3.0.x should upgrade. + should upgrade. This security issue is tracked as TROVE-2017-002. + Fixes bug 22246; bugfix on 0.3.0.1-alpha. + + o Minor features: + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor features (future-proofing): + - Tor no longer refuses to download microdescriptors or descriptors + if they are listed as "published in the future". This change will + eventually allow us to stop listing meaningful "published" dates + in microdescriptor consensuses, and thereby allow us to reduce the + resources required to download consensus diffs by over 50%. + Implements part of ticket 21642; implements part of proposal 275. + + o Minor bugfixes (Linux seccomp2 sandbox): + - The getpid() system call is now permitted under the Linux seccomp2 + sandbox, to avoid crashing with versions of OpenSSL (and other + libraries) that attempt to learn the process's PID by using the + syscall rather than the VDSO code. Fixes bug 21943; bugfix + on 0.2.5.1-alpha. + + +Changes in version 0.3.0.6 - 2017-04-26 + Tor 0.3.0.6 is the first stable release of the Tor 0.3.0 series. + + With the 0.3.0 series, clients and relays now use Ed25519 keys to + authenticate their link connections to relays, rather than the old + RSA1024 keys that they used before. (Circuit crypto has been + Curve25519-authenticated since 0.2.4.8-alpha.) We have also replaced + the guard selection and replacement algorithm to behave more robustly + in the presence of unreliable networks, and to resist guard- + capture attacks. + + This series also includes numerous other small features and bugfixes, + along with more groundwork for the upcoming hidden-services revamp. + + Per our stable release policy, we plan to support the Tor 0.3.0 + release series for at least the next nine months, or for three months + after the first stable release of the 0.3.1 series: whichever is + longer. If you need a release with long-term support, we recommend + that you stay with the 0.2.9 series. + + Below are the changes since 0.2.9.10. For a list of only the changes + since 0.3.0.5-rc, see the ChangeLog file. + + o Major features (directory authority, security): + - The default for AuthDirPinKeys is now 1: directory authorities + will reject relays where the RSA identity key matches a previously + seen value, but the Ed25519 key has changed. Closes ticket 18319. + + o Major features (guard selection algorithm): + - Tor's guard selection algorithm has been redesigned from the + ground up, to better support unreliable networks and restrictive + sets of entry nodes, and to better resist guard-capture attacks by + hostile local networks. Implements proposal 271; closes + ticket 19877. + + o Major features (next-generation hidden services): + - Relays can now handle v3 ESTABLISH_INTRO cells as specified by + prop224 aka "Next Generation Hidden Services". Service and clients + don't use this functionality yet. Closes ticket 19043. Based on + initial code by Alec Heifetz. + - Relays now support the HSDir version 3 protocol, so that they can + can store and serve v3 descriptors. This is part of the next- + generation onion service work detailled in proposal 224. Closes + ticket 17238. + + o Major features (protocol, ed25519 identity keys): + - Clients now support including Ed25519 identity keys in the EXTEND2 + cells they generate. By default, this is controlled by a consensus + parameter, currently disabled. You can turn this feature on for + testing by setting ExtendByEd25519ID in your configuration. This + might make your traffic appear different than the traffic + generated by other users, however. Implements part of ticket + 15056; part of proposal 220. + - Relays now understand requests to extend to other relays by their + Ed25519 identity keys. When an Ed25519 identity key is included in + an EXTEND2 cell, the relay will only extend the circuit if the + other relay can prove ownership of that identity. Implements part + of ticket 15056; part of proposal 220. + - Relays now use Ed25519 to prove their Ed25519 identities and to + one another, and to clients. This algorithm is faster and more + secure than the RSA-based handshake we've been doing until now. + Implements the second big part of proposal 220; Closes + ticket 15055. + + o Major features (security): + - Change the algorithm used to decide DNS TTLs on client and server + side, to better resist DNS-based correlation attacks like the + DefecTor attack of Greschbach, Pulls, Roberts, Winter, and + Feamster. Now relays only return one of two possible DNS TTL + values, and clients are willing to believe DNS TTL values up to 3 + hours long. Closes ticket 19769. + + o Major bugfixes (client, onion service, also in 0.2.9.9): + - Fix a client-side onion service reachability bug, where multiple + socks requests to an onion service (or a single slow request) + could cause us to mistakenly mark some of the service's + introduction points as failed, and we cache that failure so + eventually we run out and can't reach the service. Also resolves a + mysterious "Remote server sent bogus reason code 65021" log + warning. The bug was introduced in ticket 17218, where we tried to + remember the circuit end reason as a uint16_t, which mangled + negative values. Partially fixes bug 21056 and fixes bug 20307; + bugfix on 0.2.8.1-alpha. + + o Major bugfixes (crash, directory connections): + - Fix a rare crash when sending a begin cell on a circuit whose + linked directory connection had already been closed. Fixes bug + 21576; bugfix on 0.2.9.3-alpha. Reported by Alec Muffett. + + o Major bugfixes (directory authority): + - During voting, when marking a relay as a probable sybil, do not + clear its BadExit flag: sybils can still be bad in other ways + too. (We still clear the other flags.) Fixes bug 21108; bugfix + on 0.2.0.13-alpha. + + o Major bugfixes (DNS): + - Fix a bug that prevented exit nodes from caching DNS records for + more than 60 seconds. Fixes bug 19025; bugfix on 0.2.4.7-alpha. + + o Major bugfixes (IPv6 Exits): + - Stop rejecting all IPv6 traffic on Exits whose exit policy rejects + any IPv6 addresses. Instead, only reject a port over IPv6 if the + exit policy rejects that port on more than an IPv6 /16 of + addresses. This bug was made worse by 17027 in 0.2.8.1-alpha, + which rejected a relay's own IPv6 address by default. Fixes bug + 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha. + + o Major bugfixes (parsing): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + - When parsing a malformed content-length field from an HTTP + message, do not read off the end of the buffer. This bug was a + potential remote denial-of-service attack against Tor clients and + relays. A workaround was released in October 2016, to prevent this + bug from crashing Tor. This is a fix for the underlying issue, + which should no longer matter (if you applied the earlier patch). + Fixes bug 20894; bugfix on 0.2.0.16-alpha. Bug found by fuzzing + using AFL (http://lcamtuf.coredump.cx/afl/). + + o Major bugfixes (scheduler): + - Actually compare circuit policies in ewma_cmp_cmux(). This bug + caused the channel scheduler to behave more or less randomly, + rather than preferring channels with higher-priority circuits. + Fixes bug 20459; bugfix on 0.2.6.2-alpha. + + o Major bugfixes (security, also in 0.2.9.9): + - Downgrade the "-ftrapv" option from "always on" to "only on when + --enable-expensive-hardening is provided." This hardening option, + like others, can turn survivable bugs into crashes--and having it + on by default made a (relatively harmless) integer overflow bug + into a denial-of-service bug. Fixes bug 21278 (TROVE-2017-001); + bugfix on 0.2.9.1-alpha. + + o Minor feature (client): + - Enable IPv6 traffic on the SocksPort by default. To disable this, + a user will have to specify "NoIPv6Traffic". Closes ticket 21269. + + o Minor feature (fallback scripts): + - Add a check_existing mode to updateFallbackDirs.py, which checks + if fallbacks in the hard-coded list are working. Closes ticket + 20174. Patch by haxxpop. + + o Minor feature (protocol versioning): + - Add new protocol version for proposal 224. HSIntro now advertises + version "3-4" and HSDir version "1-2". Fixes ticket 20656. + + o Minor features (ciphersuite selection): + - Allow relays to accept a wider range of ciphersuites, including + chacha20-poly1305 and AES-CCM. Closes the other part of 15426. + - Clients now advertise a list of ciphersuites closer to the ones + preferred by Firefox. Closes part of ticket 15426. + + o Minor features (controller): + - Add "GETINFO sr/current" and "GETINFO sr/previous" keys, to expose + shared-random values to the controller. Closes ticket 19925. + - When HSFETCH arguments cannot be parsed, say "Invalid argument" + rather than "unrecognized." Closes ticket 20389; patch from + Ivan Markin. + + o Minor features (controller, configuration): + - Each of the *Port options, such as SocksPort, ORPort, ControlPort, + and so on, now comes with a __*Port variant that will not be saved + to the torrc file by the controller's SAVECONF command. This + change allows TorBrowser to set up a single-use domain socket for + each time it launches Tor. Closes ticket 20956. + - The GETCONF command can now query options that may only be + meaningful in context-sensitive lists. This allows the controller + to query the mixed SocksPort/__SocksPort style options introduced + in feature 20956. Implements ticket 21300. + + o Minor features (diagnostic, directory client): + - Warn when we find an unexpected inconsistency in directory + download status objects. Prevents some negative consequences of + bug 20593. + + o Minor features (directory authorities): + - Directory authorities now reject descriptors that claim to be + malformed versions of Tor. Helps prevent exploitation of + bug 21278. + - Reject version numbers with components that exceed INT32_MAX. + Otherwise 32-bit and 64-bit platforms would behave inconsistently. + Fixes bug 21450; bugfix on 0.0.8pre1. + + o Minor features (directory authority): + - Add a new authority-only AuthDirTestEd25519LinkKeys option (on by + default) to control whether authorities should try to probe relays + by their Ed25519 link keys. This option will go away in a few + releases--unless we encounter major trouble in our ed25519 link + protocol rollout, in which case it will serve as a safety option. + + o Minor features (directory cache): + - Relays and bridges will now refuse to serve the consensus they + have if they know it is too old for a client to use. Closes + ticket 20511. + + o Minor features (ed25519 link handshake): + - Advertise support for the ed25519 link handshake using the + subprotocol-versions mechanism, so that clients can tell which + relays can identity themselves by Ed25519 ID. Closes ticket 20552. + + o Minor features (entry guards): + - Add UseEntryGuards to TEST_OPTIONS_DEFAULT_VALUES in order to not + break regression tests. + - Require UseEntryGuards when UseBridges is set, in order to make + sure bridges aren't bypassed. Resolves ticket 20502. + + o Minor features (fallback directories): + - Allow 3 fallback relays per operator, which is safe now that we + are choosing 200 fallback relays. Closes ticket 20912. + - Annotate updateFallbackDirs.py with the bandwidth and consensus + weight for each candidate fallback. Closes ticket 20878. + - Display the relay fingerprint when downloading consensuses from + fallbacks. Closes ticket 20908. + - Exclude relays affected by bug 20499 from the fallback list. + Exclude relays from the fallback list if they are running versions + known to be affected by bug 20499, or if in our tests they deliver + a stale consensus (i.e. one that expired more than 24 hours ago). + Closes ticket 20539. + - Make it easier to change the output sort order of fallbacks. + Closes ticket 20822. + - Reduce the minimum fallback bandwidth to 1 MByte/s. Part of + ticket 18828. + - Require fallback directories to have the same address and port for + 7 days (now that we have enough relays with this stability). + Relays whose OnionOO stability timer is reset on restart by bug + 18050 should upgrade to Tor 0.2.8.7 or later, which has a fix for + this issue. Closes ticket 20880; maintains short-term fix + in 0.2.8.2-alpha. + - Require fallbacks to have flags for 90% of the time (weighted + decaying average), rather than 95%. This allows at least 73% of + clients to bootstrap in the first 5 seconds without contacting an + authority. Part of ticket 18828. + - Select 200 fallback directories for each release. Closes + ticket 20881. + + o Minor features (fingerprinting resistence, authentication): + - Extend the length of RSA keys used for TLS link authentication to + 2048 bits. (These weren't used for forward secrecy; for forward + secrecy, we used P256.) Closes ticket 13752. + + o Minor features (geoip): + - Update geoip and geoip6 to the April 4 2017 Maxmind GeoLite2 + Country database. + + o Minor features (geoip, also in 0.2.9.9): + - Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2 + Country database. + + o Minor features (infrastructure): + - Implement smartlist_add_strdup() function. Replaces the use of + smartlist_add(sl, tor_strdup(str)). Closes ticket 20048. + + o Minor features (linting): + - Enhance the changes file linter to warn on Tor versions that are + prefixed with "tor-". Closes ticket 21096. + + o Minor features (logging): + - In several places, describe unset ed25519 keys as "<unset>", + rather than the scary "AAAAAAAA...AAA". Closes ticket 21037. + + o Minor features (portability, compilation): + - Autoconf now checks to determine if OpenSSL structures are opaque, + instead of explicitly checking for OpenSSL version numbers. Part + of ticket 21359. + - Support building with recent LibreSSL code that uses opaque + structures. Closes ticket 21359. + + o Minor features (relay): + - We now allow separation of exit and relay traffic to different + source IP addresses, using the OutboundBindAddressExit and + OutboundBindAddressOR options respectively. Closes ticket 17975. + Written by Michael Sonntag. + + o Minor features (reliability, crash): + - Try better to detect problems in buffers where they might grow (or + think they have grown) over 2 GB in size. Diagnostic for + bug 21369. + + o Minor features (testing): + - During 'make test-network-all', if tor logs any warnings, ask + chutney to output them. Requires a recent version of chutney with + the 21572 patch. Implements 21570. + + o Minor bugfix (control protocol): + - The reply to a "GETINFO config/names" request via the control + protocol now spells the type "Dependent" correctly. This is a + breaking change in the control protocol. (The field seems to be + ignored by the most common known controllers.) Fixes bug 18146; + bugfix on 0.1.1.4-alpha. + - The GETINFO extra-info/digest/<digest> command was broken because + of a wrong base16 decode return value check, introduced when + refactoring that API. Fixes bug 22034; bugfix on 0.2.9.1-alpha. + + o Minor bugfix (logging): + - Don't recommend the use of Tor2web in non-anonymous mode. + Recommending Tor2web is a bad idea because the client loses all + anonymity. Tor2web should only be used in specific cases by users + who *know* and understand the issues. Fixes bug 21294; bugfix + on 0.2.9.3-alpha. + + o Minor bugfixes (bug resilience): + - Fix an unreachable size_t overflow in base64_decode(). Fixes bug + 19222; bugfix on 0.2.0.9-alpha. Found by Guido Vranken; fixed by + Hans Jerry Illikainen. + + o Minor bugfixes (build): + - Replace obsolete Autoconf macros with their modern equivalent and + prevent similar issues in the future. Fixes bug 20990; bugfix + on 0.1.0.1-rc. + + o Minor bugfixes (certificate expiration time): + - Avoid using link certificates that don't become valid till some + time in the future. Fixes bug 21420; bugfix on 0.2.4.11-alpha + + o Minor bugfixes (client): + - Always recover from failures in extend_info_from_node(), in an + attempt to prevent any recurrence of bug 21242. Fixes bug 21372; + bugfix on 0.2.3.1-alpha. + - When clients that use bridges start up with a cached consensus on + disk, they were ignoring it and downloading a new one. Now they + use the cached one. Fixes bug 20269; bugfix on 0.2.3.12-alpha. + + o Minor bugfixes (code correctness): + - Repair a couple of (unreachable or harmless) cases of the risky + comparison-by-subtraction pattern that caused bug 21278. + + o Minor bugfixes (config): + - Don't assert on startup when trying to get the options list and + LearnCircuitBuildTimeout is set to 0: we are currently parsing the + options so of course they aren't ready yet. Fixes bug 21062; + bugfix on 0.2.9.3-alpha. + + o Minor bugfixes (configuration): + - Accept non-space whitespace characters after the severity level in + the `Log` option. Fixes bug 19965; bugfix on 0.2.1.1-alpha. + - Support "TByte" and "TBytes" units in options given in bytes. + "TB", "terabyte(s)", "TBit(s)" and "terabit(s)" were already + supported. Fixes bug 20622; bugfix on 0.2.0.14-alpha. + + o Minor bugfixes (configure, autoconf): + - Rename the configure option --enable-expensive-hardening to + --enable-fragile-hardening. Expensive hardening makes the tor + daemon abort when some kinds of issues are detected. Thus, it + makes tor more at risk of remote crashes but safer against RCE or + heartbleed bug category. We now try to explain this issue in a + message from the configure script. Fixes bug 21290; bugfix + on 0.2.5.4-alpha. + + o Minor bugfixes (consensus weight): + - Add new consensus method that initializes bw weights to 1 instead + of 0. This prevents a zero weight from making it all the way to + the end (happens in small testing networks) and causing an error. + Fixes bug 14881; bugfix on 0.2.2.17-alpha. + + o Minor bugfixes (crash prevention): + - Fix an (currently untriggerable, but potentially dangerous) crash + bug when base32-encoding inputs whose sizes are not a multiple of + 5. Fixes bug 21894; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (dead code): + - Remove a redundant check for PidFile changes at runtime in + options_transition_allowed(): this check is already performed + regardless of whether the sandbox is active. Fixes bug 21123; + bugfix on 0.2.5.4-alpha. + + o Minor bugfixes (descriptors): + - Correctly recognise downloaded full descriptors as valid, even + when using microdescriptors as circuits. This affects clients with + FetchUselessDescriptors set, and may affect directory authorities. + Fixes bug 20839; bugfix on 0.2.3.2-alpha. + + o Minor bugfixes (directory mirrors): + - Allow relays to use directory mirrors without a DirPort: these + relays need to be contacted over their ORPorts using a begindir + connection. Fixes one case of bug 20711; bugfix on 0.2.8.2-alpha. + - Clarify the message logged when a remote relay is unexpectedly + missing an ORPort or DirPort: users were confusing this with a + local port. Fixes another case of bug 20711; bugfix + on 0.2.8.2-alpha. + + o Minor bugfixes (directory system): + - Bridges and relays now use microdescriptors (like clients do) + rather than old-style router descriptors. Now bridges will blend + in with clients in terms of the circuits they build. Fixes bug + 6769; bugfix on 0.2.3.2-alpha. + - Download all consensus flavors, descriptors, and authority + certificates when FetchUselessDescriptors is set, regardless of + whether tor is a directory cache or not. Fixes bug 20667; bugfix + on all recent tor versions. + + o Minor bugfixes (documentation): + - Update the tor manual page to document every option that can not + be changed while tor is running. Fixes bug 21122. + + o Minor bugfixes (ed25519 certificates): + - Correctly interpret ed25519 certificates that would expire some + time after 19 Jan 2038. Fixes bug 20027; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (fallback directories): + - Avoid checking fallback candidates' DirPorts if they are down in + OnionOO. When a relay operator has multiple relays, this + prioritizes relays that are up over relays that are down. Fixes + bug 20926; bugfix on 0.2.8.3-alpha. + - Stop failing when OUTPUT_COMMENTS is True in updateFallbackDirs.py. + Fixes bug 20877; bugfix on 0.2.8.3-alpha. + - Stop failing when a relay has no uptime data in + updateFallbackDirs.py. Fixes bug 20945; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (hidden service): + - Clean up the code for expiring intro points with no associated + circuits. It was causing, rarely, a service with some expiring + introduction points to not open enough additional introduction + points. Fixes part of bug 21302; bugfix on 0.2.7.2-alpha. + - Resolve two possible underflows which could lead to creating and + closing a lot of introduction point circuits in a non-stop loop. + Fixes bug 21302; bugfix on 0.2.7.2-alpha. + - Stop setting the torrc option HiddenServiceStatistics to "0" just + because we're not a bridge or relay. Instead, we preserve whatever + value the user set (or didn't set). Fixes bug 21150; bugfix + on 0.2.6.2-alpha. + + o Minor bugfixes (hidden services): + - Make hidden services check for failed intro point connections, + even when they have exceeded their intro point creation limit. + Fixes bug 21596; bugfix on 0.2.7.2-alpha. Reported by Alec Muffett. + - Make hidden services with 8 to 10 introduction points check for + failed circuits immediately after startup. Previously, they would + wait for 5 minutes before performing their first checks. Fixes bug + 21594; bugfix on 0.2.3.9-alpha. Reported by Alec Muffett. + - Stop ignoring misconfigured hidden services. Instead, refuse to + start tor until the misconfigurations have been corrected. Fixes + bug 20559; bugfix on multiple commits in 0.2.7.1-alpha + and earlier. + + o Minor bugfixes (IPv6): + - Make IPv6-using clients try harder to find an IPv6 directory + server. Fixes bug 20999; bugfix on 0.2.8.2-alpha. + - When IPv6 addresses have not been downloaded yet (microdesc + consensus documents don't list relay IPv6 addresses), use hard- + coded addresses for authorities, fallbacks, and configured + bridges. Now IPv6-only clients can use microdescriptors. Fixes bug + 20996; bugfix on b167e82 from 19608 in 0.2.8.5-alpha. + + o Minor bugfixes (memory leak at exit): + - Fix a small harmless memory leak at exit of the previously unused + RSA->Ed identity cross-certificate. Fixes bug 17779; bugfix + on 0.2.7.2-alpha. + + o Minor bugfixes (onion services): + - Allow the number of introduction points to be as low as 0, rather + than as low as 3. Fixes bug 21033; bugfix on 0.2.7.2-alpha. + + o Minor bugfixes (portability): + - Use "OpenBSD" compiler macro instead of "OPENBSD" or "__OpenBSD__". + It is supported by OpenBSD itself, and also by most OpenBSD + variants (such as Bitrig). Fixes bug 20980; bugfix + on 0.1.2.1-alpha. + + o Minor bugfixes (portability, also in 0.2.9.9): + - Avoid crashing when Tor is built using headers that contain + CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel + without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix + on 0.2.9.1-alpha. + - Fix Libevent detection on platforms without Libevent 1 headers + installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (relay): + - Avoid a double-marked-circuit warning that could happen when we + receive DESTROY cells under heavy load. Fixes bug 20059; bugfix + on 0.1.0.1-rc. + - Honor DataDirectoryGroupReadable when tor is a relay. Previously, + initializing the keys would reset the DataDirectory to 0700 + instead of 0750 even if DataDirectoryGroupReadable was set to 1. + Fixes bug 19953; bugfix on 0.0.2pre16. Patch by "redfish". + + o Minor bugfixes (testing): + - Fix Raspbian build issues related to missing socket errno in + test_util.c. Fixes bug 21116; bugfix on 0.2.8.2. Patch by "hein". + - Remove undefined behavior from the backtrace generator by removing + its signal handler. Fixes bug 21026; bugfix on 0.2.5.2-alpha. + - Use bash in src/test/test-network.sh. This ensures we reliably + call chutney's newer tools/test-network.sh when available. Fixes + bug 21562; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (tor-resolve): + - The tor-resolve command line tool now rejects hostnames over 255 + characters in length. Previously, it would silently truncate them, + which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5. + Patch by "junglefowl". + + o Minor bugfixes (unit tests): + - Allow the unit tests to pass even when DNS lookups of bogus + addresses do not fail as expected. Fixes bug 20862 and 20863; + bugfix on unit tests introduced in 0.2.8.1-alpha + through 0.2.9.4-alpha. + + o Minor bugfixes (util): + - When finishing writing a file to disk, if we were about to replace + the file with the temporary file created before and we fail to + replace it, remove the temporary file so it doesn't stay on disk. + Fixes bug 20646; bugfix on 0.2.0.7-alpha. Patch by fk. + + o Minor bugfixes (Windows services): + - Be sure to initialize the monotonic time subsystem before using + it, even when running as an NT service. Fixes bug 21356; bugfix + on 0.2.9.1-alpha. + + o Minor bugfixes (Windows): + - Check for getpagesize before using it to mmap files. This fixes + compilation in some MinGW environments. Fixes bug 20530; bugfix on + 0.1.2.1-alpha. Reported by "ice". + + o Code simplification and refactoring: + - Abolish all global guard context in entrynodes.c; replace with new + guard_selection_t structure as preparation for proposal 271. + Closes ticket 19858. + - Extract magic numbers in circuituse.c into defined variables. + - Introduce rend_service_is_ephemeral() that tells if given onion + service is ephemeral. Replace unclear NULL-checkings for service + directory with this function. Closes ticket 20526. + - Refactor circuit_is_available_for_use to remove unnecessary check. + - Refactor circuit_predict_and_launch_new for readability and + testability. Closes ticket 18873. + - Refactor code to manipulate global_origin_circuit_list into + separate functions. Closes ticket 20921. + - Refactor large if statement in purpose_needs_anonymity to use + switch statement instead. Closes part of ticket 20077. + - Refactor the hashing API to return negative values for errors, as + is done as throughout the codebase. Closes ticket 20717. + - Remove data structures that were used to index or_connection + objects by their RSA identity digests. These structures are fully + redundant with the similar structures used in the + channel abstraction. + - Remove duplicate code in the channel_write_*cell() functions. + Closes ticket 13827; patch from Pingl. + - Remove redundant behavior of is_sensitive_dir_purpose, refactor to + use only purpose_needs_anonymity. Closes part of ticket 20077. + - The code to generate and parse EXTEND and EXTEND2 cells has been + replaced with code automatically generated by the + "trunnel" utility. + + o Documentation (formatting): + - Clean up formatting of tor.1 man page and HTML doc, where <pre> + blocks were incorrectly appearing. Closes ticket 20885. + + o Documentation (man page): + - Clarify many options in tor.1 and add some min/max values for + HiddenService options. Closes ticket 21058. + + o Documentation: + - Change '1' to 'weight_scale' in consensus bw weights calculation + comments, as that is reality. Closes ticket 20273. Patch + from pastly. + - Clarify that when ClientRejectInternalAddresses is enabled (which + is the default), multicast DNS hostnames for machines on the local + network (of the form *.local) are also rejected. Closes + ticket 17070. + - Correct the value for AuthDirGuardBWGuarantee in the manpage, from + 250 KBytes to 2 MBytes. Fixes bug 20435; bugfix on 0.2.5.6-alpha. + - Include the "TBits" unit in Tor's man page. Fixes part of bug + 20622; bugfix on 0.2.5.1-alpha. + - Small fixes to the fuzzing documentation. Closes ticket 21472. + - Stop the man page from incorrectly stating that HiddenServiceDir + must already exist. Fixes 20486. + - Update the description of the directory server options in the + manual page, to clarify that a relay no longer needs to set + DirPort in order to be a directory cache. Closes ticket 21720. + + o Removed features: + - The AuthDirMaxServersPerAuthAddr option no longer exists: The same + limit for relays running on a single IP applies to authority IP + addresses as well as to non-authority IP addresses. Closes + ticket 20960. + - The UseDirectoryGuards torrc option no longer exists: all users + that use entry guards will also use directory guards. Related to + proposal 271; implements part of ticket 20831. + + o Testing: + - Add tests for networkstatus_compute_bw_weights_v10. + - Add unit tests circuit_predict_and_launch_new. + - Extract dummy_origin_circuit_new so it can be used by other + test functions. + - New unit tests for tor_htonll(). Closes ticket 19563. Patch + from "overcaffeinated". + - Perform the coding style checks when running the tests and fail + when coding style violations are found. Closes ticket 5500. + + +Changes in version 0.2.8.13 - 2017-03-03 + Tor 0.2.8.13 backports a security fix from later Tor + releases. Anybody running Tor 0.2.8.12 or earlier should upgrade to this + this release, if for some reason they cannot upgrade to a later + release series, and if they build Tor with the --enable-expensive-hardening + option. + + Note that support for Tor 0.2.8.x is ending next year: we will not issue + any fixes for the Tor 0.2.8.x series after 1 Jan 2018. If you need + a Tor release series with longer-term support, we recommend Tor 0.2.9.x. + + o Major bugfixes (parsing, backported from 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + +Changes in version 0.2.7.7 - 2017-03-03 + Tor 0.2.7.7 backports a number of security fixes from later Tor + releases. Anybody running Tor 0.2.7.6 or earlier should upgrade to + this release, if for some reason they cannot upgrade to a later + release series. + + Note that support for Tor 0.2.7.x is ending this year: we will not issue + any fixes for the Tor 0.2.7.x series after 1 August 2017. If you need + a Tor release series with longer-term support, we recommend Tor 0.2.9.x. + + o Directory authority changes (backport from 0.2.8.5-rc): + - Urras is no longer a directory authority. Closes ticket 19271. + + o Directory authority changes (backport from 0.2.9.2-alpha): + - The "Tonga" bridge authority has been retired; the new bridge + authority is "Bifroest". Closes tickets 19728 and 19690. + + o Directory authority key updates (backport from 0.2.8.1-alpha): + - Update the V3 identity key for the dannenberg directory authority: + it was changed on 18 November 2015. Closes task 17906. Patch + by "teor". + + o Major bugfixes (parsing, security, backport from 0.2.9.8): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha): + - Stop a crash that could occur when a client running with DNSPort + received a query with multiple address types, and the first + address type was not supported. Found and fixed by Scott Dial. + Fixes bug 18710; bugfix on 0.2.5.4-alpha. + - Prevent a class of security bugs caused by treating the contents + of a buffer chunk as if they were a NUL-terminated string. At + least one such bug seems to be present in all currently used + versions of Tor, and would allow an attacker to remotely crash + most Tor instances, especially those compiled with extra compiler + hardening. With this defense in place, such bugs can't crash Tor, + though we should still fix them as they occur. Closes ticket + 20384 (TROVE-2016-10-001). + + o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha): + - Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug 18162; + bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely. + Reported by Guido Vranken. + + o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha): + - Avoid crashing when running as a DNS proxy. Fixes bug 16248; + bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". + + o Major bugfixes (key management, backport from 0.2.8.3-alpha): + - If OpenSSL fails to generate an RSA key, do not retain a dangling + pointer to the previous (uninitialized) key value. The impact here + should be limited to a difficult-to-trigger crash, if OpenSSL is + running an engine that makes key generation failures possible, or + if OpenSSL runs out of memory. Fixes bug 19152; bugfix on + 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and + Baishakhi Ray. + + o Major bugfixes (parsing, backported from 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (security, memory erasure, backport from 0.2.8.1-alpha): + - Make memwipe() do nothing when passed a NULL pointer or buffer of + zero size. Check size argument to memwipe() for underflow. Fixes + bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", + patch by "teor". + + o Minor features (bug-resistance, backport from 0.2.8.2-alpha): + - Make Tor survive errors involving connections without a + corresponding event object. Previously we'd fail with an + assertion; now we produce a log message. Related to bug 16248. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + +Changes in version 0.2.6.11 - 2017-03-03 + Tor 0.2.6.11 backports a number of security fixes from later Tor + releases. Anybody running Tor 0.2.6.10 or earlier should upgrade to + this release, if for some reason they cannot upgrade to a later + release series. + + Note that support for Tor 0.2.6.x is ending this year: we will not issue + any fixes for the Tor 0.2.6.x series after 1 August 2017. If you need + a Tor release series with longer-term support, we recommend Tor 0.2.9.x. + + o Directory authority changes (backport from 0.2.8.5-rc): + - Urras is no longer a directory authority. Closes ticket 19271. + + o Directory authority changes (backport from 0.2.9.2-alpha): + - The "Tonga" bridge authority has been retired; the new bridge + authority is "Bifroest". Closes tickets 19728 and 19690. + + o Directory authority key updates (backport from 0.2.8.1-alpha): + - Update the V3 identity key for the dannenberg directory authority: + it was changed on 18 November 2015. Closes task 17906. Patch + by "teor". + + o Major features (security fixes, backport from 0.2.9.4-alpha): + - Prevent a class of security bugs caused by treating the contents + of a buffer chunk as if they were a NUL-terminated string. At + least one such bug seems to be present in all currently used + versions of Tor, and would allow an attacker to remotely crash + most Tor instances, especially those compiled with extra compiler + hardening. With this defense in place, such bugs can't crash Tor, + though we should still fix them as they occur. Closes ticket + 20384 (TROVE-2016-10-001). + + o Major bugfixes (parsing, security, backport from 0.2.9.8): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha): + - Stop a crash that could occur when a client running with DNSPort + received a query with multiple address types, and the first + address type was not supported. Found and fixed by Scott Dial. + Fixes bug 18710; bugfix on 0.2.5.4-alpha. + + o Major bugfixes (security, correctness, backport from 0.2.7.4-rc): + - Fix an error that could cause us to read 4 bytes before the + beginning of an openssl string. This bug could be used to cause + Tor to crash on systems with unusual malloc implementations, or + systems with unusual hardening installed. Fixes bug 17404; bugfix + on 0.2.3.6-alpha. + + o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha): + - Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug 18162; + bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely. + Reported by Guido Vranken. + + o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha): + - Avoid crashing when running as a DNS proxy. Fixes bug 16248; + bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". + + o Major bugfixes (guard selection, backport from 0.2.7.6): + - Actually look at the Guard flag when selecting a new directory + guard. When we implemented the directory guard design, we + accidentally started treating all relays as if they have the Guard + flag during guard selection, leading to weaker anonymity and worse + performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered + by Mohsen Imani. + + o Major bugfixes (key management, backport from 0.2.8.3-alpha): + - If OpenSSL fails to generate an RSA key, do not retain a dangling + pointer to the previous (uninitialized) key value. The impact here + should be limited to a difficult-to-trigger crash, if OpenSSL is + running an engine that makes key generation failures possible, or + if OpenSSL runs out of memory. Fixes bug 19152; bugfix on + 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and + Baishakhi Ray. + + o Major bugfixes (parsing, backported from 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (security, memory erasure, backport from 0.2.8.1-alpha): + - Make memwipe() do nothing when passed a NULL pointer or buffer of + zero size. Check size argument to memwipe() for underflow. Fixes + bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", + patch by "teor". + + o Minor features (bug-resistance, backport from 0.2.8.2-alpha): + - Make Tor survive errors involving connections without a + corresponding event object. Previously we'd fail with an + assertion; now we produce a log message. Related to bug 16248. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation, backport from 0.2.7.6): + - Fix a compilation warning with Clang 3.6: Do not check the + presence of an address which can never be NULL. Fixes bug 17781. + + +Changes in version 0.2.5.13 - 2017-03-03 + Tor 0.2.5.13 backports a number of security fixes from later Tor + releases. Anybody running Tor 0.2.5.13 or earlier should upgrade to + this release, if for some reason they cannot upgrade to a later + release series. + + Note that support for Tor 0.2.5.x is ending next year: we will not issue + any fixes for the Tor 0.2.5.x series after 1 May 2018. If you need + a Tor release series with longer-term support, we recommend Tor 0.2.9.x. + + o Directory authority changes (backport from 0.2.8.5-rc): + - Urras is no longer a directory authority. Closes ticket 19271. + + o Directory authority changes (backport from 0.2.9.2-alpha): + - The "Tonga" bridge authority has been retired; the new bridge + authority is "Bifroest". Closes tickets 19728 and 19690. + + o Directory authority key updates (backport from 0.2.8.1-alpha): + - Update the V3 identity key for the dannenberg directory authority: + it was changed on 18 November 2015. Closes task 17906. Patch + by "teor". + + o Major features (security fixes, backport from 0.2.9.4-alpha): + - Prevent a class of security bugs caused by treating the contents + of a buffer chunk as if they were a NUL-terminated string. At + least one such bug seems to be present in all currently used + versions of Tor, and would allow an attacker to remotely crash + most Tor instances, especially those compiled with extra compiler + hardening. With this defense in place, such bugs can't crash Tor, + though we should still fix them as they occur. Closes ticket + 20384 (TROVE-2016-10-001). + + o Major bugfixes (parsing, security, backport from 0.2.9.8): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha): + - Stop a crash that could occur when a client running with DNSPort + received a query with multiple address types, and the first + address type was not supported. Found and fixed by Scott Dial. + Fixes bug 18710; bugfix on 0.2.5.4-alpha. + + o Major bugfixes (security, correctness, backport from 0.2.7.4-rc): + - Fix an error that could cause us to read 4 bytes before the + beginning of an openssl string. This bug could be used to cause + Tor to crash on systems with unusual malloc implementations, or + systems with unusual hardening installed. Fixes bug 17404; bugfix + on 0.2.3.6-alpha. + + o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha): + - Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug 18162; + bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely. + Reported by Guido Vranken. + + o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha): + - Avoid crashing when running as a DNS proxy. Fixes bug 16248; + bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". + + o Major bugfixes (guard selection, backport from 0.2.7.6): + - Actually look at the Guard flag when selecting a new directory + guard. When we implemented the directory guard design, we + accidentally started treating all relays as if they have the Guard + flag during guard selection, leading to weaker anonymity and worse + performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered + by Mohsen Imani. + + o Major bugfixes (key management, backport from 0.2.8.3-alpha): + - If OpenSSL fails to generate an RSA key, do not retain a dangling + pointer to the previous (uninitialized) key value. The impact here + should be limited to a difficult-to-trigger crash, if OpenSSL is + running an engine that makes key generation failures possible, or + if OpenSSL runs out of memory. Fixes bug 19152; bugfix on + 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and + Baishakhi Ray. + + o Major bugfixes (parsing, backported from 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (security, memory erasure, backport from 0.2.8.1-alpha): + - Make memwipe() do nothing when passed a NULL pointer or buffer of + zero size. Check size argument to memwipe() for underflow. Fixes + bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", + patch by "teor". + + o Minor features (bug-resistance, backport from 0.2.8.2-alpha): + - Make Tor survive errors involving connections without a + corresponding event object. Previously we'd fail with an + assertion; now we produce a log message. Related to bug 16248. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation, backport from 0.2.7.6): + - Fix a compilation warning with Clang 3.6: Do not check the + presence of an address which can never be NULL. Fixes bug 17781. + + o Minor bugfixes (crypto error-handling, backport from 0.2.7.2-alpha): + - Check for failures from crypto_early_init, and refuse to continue. + A previous typo meant that we could keep going with an + uninitialized crypto library, and would have OpenSSL initialize + its own PRNG. Fixes bug 16360; bugfix on 0.2.5.2-alpha, introduced + when implementing ticket 4900. Patch by "teor". + + o Minor bugfixes (hidden service, backport from 0.2.7.1-alpha): + - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on + a client authorized hidden service. Fixes bug 15823; bugfix + on 0.2.1.6-alpha. + + +Changes in version 0.2.4.28 - 2017-03-03 + Tor 0.2.4.28 backports a number of security fixes from later Tor + releases. Anybody running Tor 0.2.4.27 or earlier should upgrade to + this release, if for some reason they cannot upgrade to a later + release series. + + Note that support for Tor 0.2.4.x is ending soon: we will not issue + any fixes for the Tor 0.2.4.x series after 1 August 2017. If you need + a Tor release series with long-term support, we recommend Tor 0.2.9.x. + + o Directory authority changes (backport from 0.2.8.5-rc): + - Urras is no longer a directory authority. Closes ticket 19271. + + o Directory authority changes (backport from 0.2.9.2-alpha): + - The "Tonga" bridge authority has been retired; the new bridge + authority is "Bifroest". Closes tickets 19728 and 19690. + + o Directory authority key updates (backport from 0.2.8.1-alpha): + - Update the V3 identity key for the dannenberg directory authority: + it was changed on 18 November 2015. Closes task 17906. Patch + by "teor". + + o Major features (security fixes, backport from 0.2.9.4-alpha): + - Prevent a class of security bugs caused by treating the contents + of a buffer chunk as if they were a NUL-terminated string. At + least one such bug seems to be present in all currently used + versions of Tor, and would allow an attacker to remotely crash + most Tor instances, especially those compiled with extra compiler + hardening. With this defense in place, such bugs can't crash Tor, + though we should still fix them as they occur. Closes ticket + 20384 (TROVE-2016-10-001). + + o Major bugfixes (parsing, security, backport from 0.2.9.8): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Major bugfixes (security, correctness, backport from 0.2.7.4-rc): + - Fix an error that could cause us to read 4 bytes before the + beginning of an openssl string. This bug could be used to cause + Tor to crash on systems with unusual malloc implementations, or + systems with unusual hardening installed. Fixes bug 17404; bugfix + on 0.2.3.6-alpha. + + o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha): + - Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug 18162; + bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely. + Reported by Guido Vranken. + + o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha): + - Avoid crashing when running as a DNS proxy. Fixes bug 16248; + bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". + + o Major bugfixes (guard selection, backport from 0.2.7.6): + - Actually look at the Guard flag when selecting a new directory + guard. When we implemented the directory guard design, we + accidentally started treating all relays as if they have the Guard + flag during guard selection, leading to weaker anonymity and worse + performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered + by Mohsen Imani. + + o Major bugfixes (key management, backport from 0.2.8.3-alpha): + - If OpenSSL fails to generate an RSA key, do not retain a dangling + pointer to the previous (uninitialized) key value. The impact here + should be limited to a difficult-to-trigger crash, if OpenSSL is + running an engine that makes key generation failures possible, or + if OpenSSL runs out of memory. Fixes bug 19152; bugfix on + 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and + Baishakhi Ray. + + o Major bugfixes (parsing, backported from 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (security, memory erasure, backport from 0.2.8.1-alpha): + - Make memwipe() do nothing when passed a NULL pointer or buffer of + zero size. Check size argument to memwipe() for underflow. Fixes + bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", + patch by "teor". + + o Minor features (bug-resistance, backport from 0.2.8.2-alpha): + - Make Tor survive errors involving connections without a + corresponding event object. Previously we'd fail with an + assertion; now we produce a log message. Related to bug 16248. + + o Minor features (DoS-resistance, backport from 0.2.7.1-alpha): + - Make it harder for attackers to overload hidden services with + introductions, by blocking multiple introduction requests on the + same circuit. Resolves ticket 15515. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation, backport from 0.2.7.6): + - Fix a compilation warning with Clang 3.6: Do not check the + presence of an address which can never be NULL. Fixes bug 17781. + + o Minor bugfixes (hidden service, backport from 0.2.7.1-alpha): + - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on + a client authorized hidden service. Fixes bug 15823; bugfix + on 0.2.1.6-alpha. + + +Changes in version 0.2.9.10 - 2017-03-01 + Tor 0.2.9.10 backports a security fix from later Tor release. It also + includes fixes for some major issues affecting directory authorities, + LibreSSL compatibility, and IPv6 correctness. + + The Tor 0.2.9.x release series is now marked as a long-term-support + series. We intend to backport security fixes to 0.2.9.x until at + least January of 2020. + + o Major bugfixes (directory authority, 0.3.0.3-alpha): + - During voting, when marking a relay as a probable sybil, do not + clear its BadExit flag: sybils can still be bad in other ways + too. (We still clear the other flags.) Fixes bug 21108; bugfix + on 0.2.0.13-alpha. + + o Major bugfixes (IPv6 Exits, backport from 0.3.0.3-alpha): + - Stop rejecting all IPv6 traffic on Exits whose exit policy rejects + any IPv6 addresses. Instead, only reject a port over IPv6 if the + exit policy rejects that port on more than an IPv6 /16 of + addresses. This bug was made worse by 17027 in 0.2.8.1-alpha, + which rejected a relay's own IPv6 address by default. Fixes bug + 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha. + + o Major bugfixes (parsing, also in 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor + versions. This bug could crash Tor when built with + --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor + 0.2.9.8, which were built with -ftrapv by default. In other cases + it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix + on 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (directory authorities, also in 0.3.0.4-rc): + - Directory authorities now reject descriptors that claim to be + malformed versions of Tor. Helps prevent exploitation of + bug 21278. + - Reject version numbers with components that exceed INT32_MAX. + Otherwise 32-bit and 64-bit platforms would behave inconsistently. + Fixes bug 21450; bugfix on 0.0.8pre1. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + o Minor features (portability, compilation, backport from 0.3.0.3-alpha): + - Autoconf now checks to determine if OpenSSL structures are opaque, + instead of explicitly checking for OpenSSL version numbers. Part + of ticket 21359. + - Support building with recent LibreSSL code that uses opaque + structures. Closes ticket 21359. + + o Minor bugfixes (code correctness, also in 0.3.0.4-rc): + - Repair a couple of (unreachable or harmless) cases of the risky + comparison-by-subtraction pattern that caused bug 21278. + + o Minor bugfixes (tor-resolve, backport from 0.3.0.3-alpha): + - The tor-resolve command line tool now rejects hostnames over 255 + characters in length. Previously, it would silently truncate them, + which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5. + Patch by "junglefowl". + + +Changes in version 0.2.9.9 - 2017-01-23 + Tor 0.2.9.9 fixes a denial-of-service bug where an attacker could + cause relays and clients to crash, even if they were not built with + the --enable-expensive-hardening option. This bug affects all 0.2.9.x + versions, and also affects 0.3.0.1-alpha: all relays running an affected + version should upgrade. + + This release also resolves a client-side onion service reachability + bug, and resolves a pair of small portability issues. + + o Major bugfixes (security): + - Downgrade the "-ftrapv" option from "always on" to "only on when + --enable-expensive-hardening is provided." This hardening option, + like others, can turn survivable bugs into crashes -- and having + it on by default made a (relatively harmless) integer overflow bug + into a denial-of-service bug. Fixes bug 21278 (TROVE-2017-001); + bugfix on 0.2.9.1-alpha. + + o Major bugfixes (client, onion service): + - Fix a client-side onion service reachability bug, where multiple + socks requests to an onion service (or a single slow request) + could cause us to mistakenly mark some of the service's + introduction points as failed, and we cache that failure so + eventually we run out and can't reach the service. Also resolves a + mysterious "Remote server sent bogus reason code 65021" log + warning. The bug was introduced in ticket 17218, where we tried to + remember the circuit end reason as a uint16_t, which mangled + negative values. Partially fixes bug 21056 and fixes bug 20307; + bugfix on 0.2.8.1-alpha. + + o Minor features (geoip): + - Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (portability): + - Avoid crashing when Tor is built using headers that contain + CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel + without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix + on 0.2.9.1-alpha. + - Fix Libevent detection on platforms without Libevent 1 headers + installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha. + + +Changes in version 0.2.8.12 - 2016-12-19 + Tor 0.2.8.12 backports a fix for a medium-severity issue (bug 21018 + below) where Tor clients could crash when attempting to visit a + hostile hidden service. Clients are recommended to upgrade as packages + become available for their systems. + + It also includes an updated list of fallback directories, backported + from 0.2.9. + + Now that the Tor 0.2.9 series is stable, only major bugfixes will be + backported to 0.2.8 in the future. + + o Major bugfixes (parsing, security, backported from 0.2.9.8): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Minor features (fallback directory list, backported from 0.2.9.8): + - Replace the 81 remaining fallbacks of the 100 originally + introduced in Tor 0.2.8.3-alpha in March 2016, with a list of 177 + fallbacks (123 new, 54 existing, 27 removed) generated in December + 2016. Resolves ticket 20170. + + o Minor features (geoip, backported from 0.2.9.7-rc): + - Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2 + Country database. + + +Changes in version 0.2.9.8 - 2016-12-19 + Tor 0.2.9.8 is the first stable release of the Tor 0.2.9 series. + + The Tor 0.2.9 series makes mandatory a number of security features + that were formerly optional. It includes support for a new shared- + randomness protocol that will form the basis for next generation + hidden services, includes a single-hop hidden service mode for + optimizing .onion services that don't actually want to be hidden, + tries harder not to overload the directory authorities with excessive + downloads, and supports a better protocol versioning scheme for + improved compatibility with other implementations of the Tor protocol. + + And of course, there are numerous other bugfixes and improvements. + + This release also includes a fix for a medium-severity issue (bug + 21018 below) where Tor clients could crash when attempting to visit a + hostile hidden service. Clients are recommended to upgrade as packages + become available for their systems. + + Below are listed the changes since Tor 0.2.8.11. For a list of + changes since 0.2.9.7-rc, see the ChangeLog file. + + o New system requirements: + - When building with OpenSSL, Tor now requires version 1.0.1 or + later. OpenSSL 1.0.0 and earlier are no longer supported by the + OpenSSL team, and should not be used. Closes ticket 20303. + - Tor now requires Libevent version 2.0.10-stable or later. Older + versions of Libevent have less efficient backends for several + platforms, and lack the DNS code that we use for our server-side + DNS support. This implements ticket 19554. + - Tor now requires zlib version 1.2 or later, for security, + efficiency, and (eventually) gzip support. (Back when we started, + zlib 1.1 and zlib 1.0 were still found in the wild. 1.2 was + released in 2003. We recommend the latest version.) + + o Deprecated features: + - A number of DNS-cache-related sub-options for client ports are now + deprecated for security reasons, and may be removed in a future + version of Tor. (We believe that client-side DNS caching is a bad + idea for anonymity, and you should not turn it on.) The options + are: CacheDNS, CacheIPv4DNS, CacheIPv6DNS, UseDNSCache, + UseIPv4Cache, and UseIPv6Cache. + - A number of options are deprecated for security reasons, and may + be removed in a future version of Tor. The options are: + AllowDotExit, AllowInvalidNodes, AllowSingleHopCircuits, + AllowSingleHopExits, ClientDNSRejectInternalAddresses, + CloseHSClientCircuitsImmediatelyOnTimeout, + CloseHSServiceRendCircuitsImmediatelyOnTimeout, + ExcludeSingleHopRelays, FastFirstHopPK, TLSECGroup, + UseNTorHandshake, and WarnUnsafeSocks. + - The *ListenAddress options are now deprecated as unnecessary: the + corresponding *Port options should be used instead. These options + may someday be removed. The affected options are: + ControlListenAddress, DNSListenAddress, DirListenAddress, + NATDListenAddress, ORListenAddress, SocksListenAddress, + and TransListenAddress. + + o Major bugfixes (parsing, security, new since 0.2.9.7-rc): + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be used + to cause hardened clients (built with --enable-expensive-hardening) + to crash if they tried to visit a hostile hidden service. Non- + hardened clients are only affected depending on the details of + their platform's memory allocator. Fixes bug 21018; bugfix on + 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- + 2016-12-002 and as CVE-2016-1254. + + o Major features (build, hardening): + - Tor now builds with -ftrapv by default on compilers that support + it. This option detects signed integer overflow (which C forbids), + and turns it into a hard-failure. We do not apply this option to + code that needs to run in constant time to avoid side-channels; + instead, we use -fwrapv in that code. Closes ticket 17983. + - When --enable-expensive-hardening is selected, stop applying the + clang/gcc sanitizers to code that needs to run in constant time. + Although we are aware of no introduced side-channels, we are not + able to prove that there are none. Related to ticket 17983. + + o Major features (circuit building, security): + - Authorities, relays, and clients now require ntor keys in all + descriptors, for all hops (except for rare hidden service protocol + cases), for all circuits, and for all other roles. Part of + ticket 19163. + - Authorities, relays, and clients only use ntor, except for + rare cases in the hidden service protocol. Part of ticket 19163. + + o Major features (compilation): + - Our big list of extra GCC warnings is now enabled by default when + building with GCC (or with anything like Clang that claims to be + GCC-compatible). To make all warnings into fatal compilation + errors, pass --enable-fatal-warnings to configure. Closes + ticket 19044. + - Use the Autoconf macro AC_USE_SYSTEM_EXTENSIONS to automatically + turn on C and POSIX extensions. (Previously, we attempted to do + this on an ad hoc basis.) Closes ticket 19139. + + o Major features (directory authorities, hidden services): + - Directory authorities can now perform the shared randomness + protocol specified by proposal 250. Using this protocol, directory + authorities generate a global fresh random value every day. In the + future, this value will be used by hidden services to select + HSDirs. This release implements the directory authority feature; + the hidden service side will be implemented in the future as part + of proposal 224. Resolves ticket 16943; implements proposal 250. + + o Major features (downloading, random exponential backoff): + - When we fail to download an object from a directory service, wait + for an (exponentially increasing) randomized amount of time before + retrying, rather than a fixed interval as we did before. This + prevents a group of Tor instances from becoming too synchronized, + or a single Tor instance from becoming too predictable, in its + download schedule. Closes ticket 15942. + + o Major features (resource management): + - Tor can now notice it is about to run out of sockets, and + preemptively close connections of lower priority. (This feature is + off by default for now, since the current prioritizing method is + yet not mature enough. You can enable it by setting + "DisableOOSCheck 0", but watch out: it might close some sockets + you would rather have it keep.) Closes ticket 18640. + + o Major features (single-hop "hidden" services): + - Add experimental HiddenServiceSingleHopMode and + HiddenServiceNonAnonymousMode options. When both are set to 1, + every hidden service on that Tor instance becomes a non-anonymous + Single Onion Service. Single Onions make one-hop (direct) + connections to their introduction and rendezvous points. One-hop + circuits make Single Onion servers easily locatable, but clients + remain location-anonymous. This is compatible with the existing + hidden service implementation, and works on the current Tor + network without any changes to older relays or clients. Implements + proposal 260, completes ticket 17178. Patch by teor and asn. + + o Major features (subprotocol versions): + - Tor directory authorities now vote on a set of recommended + "subprotocol versions", and on a set of required subprotocol + versions. Clients and relays that lack support for a _required_ + subprotocol version will not start; those that lack support for a + _recommended_ subprotocol version will warn the user to upgrade. + This change allows compatible implementations of the Tor protocol(s) + to exist without pretending to be 100% bug-compatible with + particular releases of Tor itself. Closes ticket 19958; implements + part of proposal 264. + + o Major bugfixes (circuit building): + - Hidden service client-to-intro-point and service-to-rendezvous- + point circuits use the TAP key supplied by the protocol, to avoid + epistemic attacks. Fixes bug 19163; bugfix on 0.2.4.18-rc. + + o Major bugfixes (download scheduling): + - Avoid resetting download status for consensuses hourly, since we + already have another, smarter retry mechanism. Fixes bug 8625; + bugfix on 0.2.0.9-alpha. + - If a consensus expires while we are waiting for certificates to + download, stop waiting for certificates. + - If we stop waiting for certificates less than a minute after we + started downloading them, do not consider the certificate download + failure a separate failure. Fixes bug 20533; bugfix + on 0.2.0.9-alpha. + - When using exponential backoff in test networks, use a lower + exponent, so the delays do not vary as much. This helps test + networks bootstrap consistently. Fixes bug 20597; bugfix on 20499. + + o Major bugfixes (exit policies): + - Avoid disclosing exit outbound bind addresses, configured port + bind addresses, and local interface addresses in relay descriptors + by default under ExitPolicyRejectPrivate. Instead, only reject + these (otherwise unlisted) addresses if + ExitPolicyRejectLocalInterfaces is set. Fixes bug 18456; bugfix on + 0.2.7.2-alpha. Patch by teor. + + o Major bugfixes (hidden services): + - Allow Tor clients with appropriate controllers to work with + FetchHidServDescriptors set to 0. Previously, this option also + disabled descriptor cache lookup, thus breaking hidden services + entirely. Fixes bug 18704; bugfix on 0.2.0.20-rc. Patch by "twim". + - Clients now require hidden services to include the TAP keys for + their intro points in the hidden service descriptor. This prevents + an inadvertent upgrade to ntor, which a malicious hidden service + could use to distinguish clients by consensus version. Fixes bug + 20012; bugfix on 0.2.4.8-alpha. Patch by teor. + + o Major bugfixes (relay, resolver, logging): + - For relays that don't know their own address, avoid attempting a + local hostname resolve for each descriptor we download. This + will cut down on the number of "Success: chose address 'x.x.x.x'" + log lines, and also avoid confusing clock jumps if the resolver + is slow. Fixes bugs 20423 and 20610; bugfix on 0.2.8.1-alpha. + + o Minor features (port flags): + - Add new flags to the *Port options to give finer control over which + requests are allowed. The flags are NoDNSRequest, NoOnionTraffic, + and the synthetic flag OnionTrafficOnly, which is equivalent to + NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. Closes enhancement + 18693; patch by "teor". + + o Minor features (build, hardening): + - Detect and work around a libclang_rt problem that would prevent + clang from finding __mulodi4() on some 32-bit platforms, and thus + keep -ftrapv from linking on those systems. Closes ticket 19079. + - When building on a system without runtime support for the runtime + hardening options, try to log a useful warning at configuration + time, rather than an incomprehensible warning at link time. If + expensive hardening was requested, this warning becomes an error. + Closes ticket 18895. + + o Minor features (client, directory): + - Since authorities now omit all routers that lack the Running and + Valid flags, we assume that any relay listed in the consensus must + have those flags. Closes ticket 20001; implements part of + proposal 272. + + o Minor features (code safety): + - In our integer-parsing functions, ensure that the maximum value we + allow is no smaller than the minimum value. Closes ticket 19063; + patch from "U+039b". + + o Minor features (compilation, portability): + - Compile correctly on MacOS 10.12 (aka "Sierra"). Closes + ticket 20241. + + o Minor features (config): + - Warn users when descriptor and port addresses are inconsistent. + Mitigates bug 13953; patch by teor. + + o Minor features (controller): + - Allow controllers to configure basic client authorization on + hidden services when they create them with the ADD_ONION controller + command. Implements ticket 15588. Patch by "special". + - Fire a STATUS_SERVER controller event whenever the hibernation + status changes between "awake"/"soft"/"hard". Closes ticket 18685. + - Implement new GETINFO queries for all downloads that use + download_status_t to schedule retries. This allows controllers to + examine the schedule for pending downloads. Closes ticket 19323. + + o Minor features (development tools, etags): + - Teach the "make tags" Makefile target how to correctly find + "MOCK_IMPL" function definitions. Patch from nherring; closes + ticket 16869. + + o Minor features (directory authority): + - After voting, if the authorities decide that a relay is not + "Valid", they no longer include it in the consensus at all. Closes + ticket 20002; implements part of proposal 272. + - Directory authorities now only give the Guard flag to a relay if + they are also giving it the Stable flag. This change allows us to + simplify path selection for clients. It should have minimal effect + in practice, since >99% of Guards already have the Stable flag. + Implements ticket 18624. + - Directory authorities now write their v3-status-votes file out to + disk earlier in the consensus process, so we have a record of the + votes even if we abort the consensus process. Resolves + ticket 19036. + + o Minor features (fallback directory list, new since 0.2.9.7-rc): + - Replace the 81 remaining fallbacks of the 100 originally + introduced in Tor 0.2.8.3-alpha in March 2016, with a list of 177 + fallbacks (123 new, 54 existing, 27 removed) generated in December + 2016. Resolves ticket 20170. + + o Minor features (hidden service): + - Stop being so strict about the payload length of "rendezvous1" + cells. We used to be locked in to the "TAP" handshake length, and + now we can handle better handshakes like "ntor". Resolves + ticket 18998. + + o Minor features (infrastructure, time): + - Tor now includes an improved timer backend, so that we can + efficiently support tens or hundreds of thousands of concurrent + timers, as will be needed for some of our planned anti-traffic- + analysis work. This code is based on William Ahern's "timeout.c" + project, which implements a "tickless hierarchical timing wheel". + Closes ticket 18365. + - Tor now uses the operating system's monotonic timers (where + available) for internal fine-grained timing. Previously we would + look at the system clock, and then attempt to compensate for the + clock running backwards. Closes ticket 18908. + + o Minor features (logging): + - Add a set of macros to check nonfatal assertions, for internal + use. Migrating more of our checks to these should help us avoid + needless crash bugs. Closes ticket 18613. + - Provide a more useful warning message when configured with an + invalid Nickname. Closes ticket 18300; patch from "icanhasaccount". + - When dumping unparseable router descriptors, optionally store them + in separate files, named by digest, up to a configurable size + limit. You can change the size limit by setting the + MaxUnparseableDescSizeToLog option, and disable this feature by + setting that option to 0. Closes ticket 18322. + + o Minor features (performance): + - Change the "optimistic data" extension from "off by default" to + "on by default". The default was ordinarily overridden by a + consensus option, but when clients were bootstrapping for the + first time, they would not have a consensus to get the option + from. Changing this default saves a round-trip during startup. + Closes ticket 18815. + + o Minor features (relay, usability): + - When the directory authorities refuse a bad relay's descriptor, + encourage the relay operator to contact us. Many relay operators + won't notice this line in their logs, but it's a win if even a few + learn why we don't like what their relay was doing. Resolves + ticket 18760. + + o Minor features (security, TLS): + - Servers no longer support clients that lack AES ciphersuites. + (3DES is no longer considered an acceptable cipher.) We believe + that no such Tor clients currently exist, since Tor has required + OpenSSL 0.9.7 or later since 2009. Closes ticket 19998. + + o Minor features (testing): + - Disable memory protections on OpenBSD when performing our unit + tests for memwipe(). The test deliberately invokes undefined + behavior, and the OpenBSD protections interfere with this. Patch + from "rubiate". Closes ticket 20066. + - Move the test-network.sh script to chutney, and modify tor's test- + network.sh to call the (newer) chutney version when available. + Resolves ticket 19116. Patch by teor. + - Use the lcov convention for marking lines as unreachable, so that + we don't count them when we're generating test coverage data. + Update our coverage tools to understand this convention. Closes + ticket 16792. + - Our link-handshake unit tests now check that when invalid + handshakes fail, they fail with the error messages we expected. + - Our unit testing code that captures log messages no longer + prevents them from being written out if the user asked for them + (by passing --debug or --info or --notice or --warn to the "test" + binary). This change prevents us from missing unexpected log + messages simply because we were looking for others. Related to + ticket 19999. + - The unit tests now log all warning messages with the "BUG" flag. + Previously, they only logged errors by default. This change will + help us make our testing code more correct, and make sure that we + only hit this code when we mean to. In the meantime, however, + there will be more warnings in the unit test logs than before. + This is preparatory work for ticket 19999. + - The unit tests now treat any failure of a "tor_assert_nonfatal()" + assertion as a test failure. + - We've done significant work to make the unit tests run faster. + + o Minor features (testing, ipv6): + - Add the hs-ipv6 chutney target to make test-network-all's IPv6 + tests. Remove bridges+hs, as it's somewhat redundant. This + requires a recent chutney version that supports IPv6 clients, + relays, and authorities. Closes ticket 20069; patch by teor. + - Add the single-onion and single-onion-ipv6 chutney targets to + "make test-network-all". This requires a recent chutney version + with the single onion network flavors (git c72a652 or later). + Closes ticket 20072; patch by teor. + + o Minor features (Tor2web): + - Make Tor2web clients respect ReachableAddresses. This feature was + inadvertently enabled in 0.2.8.6, then removed by bugfix 19973 on + 0.2.8.7. Implements feature 20034. Patch by teor. + + o Minor features (unix domain sockets): + - When configuring a unix domain socket for a SocksPort, + ControlPort, or Hidden service, you can now wrap the address in + quotes, using C-style escapes inside the quotes. This allows unix + domain socket paths to contain spaces. Resolves ticket 18753. + + o Minor features (user interface): + - Tor now supports the ability to declare options deprecated, so + that we can recommend that people stop using them. Previously, this + was done in an ad-hoc way. There is a new --list-deprecated-options + command-line option to list all of the deprecated options. Closes + ticket 19820. + + o Minor features (virtual addresses): + - Increase the maximum number of bits for the IPv6 virtual network + prefix from 16 to 104. In this way, the condition for address + allocation is less restrictive. Closes ticket 20151; feature + on 0.2.4.7-alpha. + + o Minor bug fixes (circuits): + - Use the CircuitBuildTimeout option whenever + LearnCircuitBuildTimeout is disabled. Previously, we would respect + the option when a user disabled it, but not when it was disabled + because some other option was set. Fixes bug 20073; bugfix on + 0.2.4.12-alpha. Patch by teor. + + o Minor bugfixes (build): + - The current Git revision when building from a local repository is + now detected correctly when using git worktrees. Fixes bug 20492; + bugfix on 0.2.3.9-alpha. + + o Minor bugfixes (relay address discovery): + - Stop reordering IP addresses returned by the OS. This makes it + more likely that Tor will guess the same relay IP address every + time. Fixes issue 20163; bugfix on 0.2.7.1-alpha, ticket 17027. + Reported by René Mayrhofer, patch by "cypherpunks". + + o Minor bugfixes (memory allocation): + - Change how we allocate memory for large chunks on buffers, to + avoid a (currently impossible) integer overflow, and to waste less + space when allocating unusually large chunks. Fixes bug 20081; + bugfix on 0.2.0.16-alpha. Issue identified by Guido Vranken. + + o Minor bugfixes (bootstrap): + - Remember the directory server we fetched the consensus or previous + certificates from, and use it to fetch future authority + certificates. This change improves bootstrapping performance. + Fixes bug 18963; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (circuits): + - Make sure extend_info_from_router() is only called on servers. + Fixes bug 19639; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (client, fascistfirewall): + - Avoid spurious warnings when ReachableAddresses or FascistFirewall + is set. Fixes bug 20306; bugfix on 0.2.8.2-alpha. + + o Minor bugfixes (client, unix domain sockets): + - Disable IsolateClientAddr when using AF_UNIX backed SocksPorts as + the client address is meaningless. Fixes bug 20261; bugfix + on 0.2.6.3-alpha. + + o Minor bugfixes (code style): + - Fix an integer signedness conversion issue in the case conversion + tables. Fixes bug 19168; bugfix on 0.2.1.11-alpha. + + o Minor bugfixes (compilation): + - Build correctly on versions of libevent2 without support for + evutil_secure_rng_add_bytes(). Fixes bug 19904; bugfix + on 0.2.5.4-alpha. + - When building with Clang, use a full set of GCC warnings. + (Previously, we included only a subset, because of the way we + detected them.) Fixes bug 19216; bugfix on 0.2.0.1-alpha. + - Detect Libevent2 functions correctly on systems that provide + libevent2, but where libevent1 is linked with -levent. Fixes bug + 19904; bugfix on 0.2.2.24-alpha. Patch from Rubiate. + - Run correctly when built on Windows build environments that + require _vcsprintf(). Fixes bug 20560; bugfix on 0.2.2.11-alpha. + + o Minor bugfixes (configuration): + - When parsing quoted configuration values from the torrc file, + handle Windows line endings correctly. Fixes bug 19167; bugfix on + 0.2.0.16-alpha. Patch from "Pingl". + + o Minor bugfixes (directory authority): + - Authorities now sort the "package" lines in their votes, for ease + of debugging. (They are already sorted in consensus documents.) + Fixes bug 18840; bugfix on 0.2.6.3-alpha. + - Die with a more useful error when the operator forgets to place + the authority_signing_key file into the keys directory. This + avoids an uninformative assert & traceback about having an invalid + key. Fixes bug 20065; bugfix on 0.2.0.1-alpha. + - When allowing private addresses, mark Exits that only exit to + private locations as such. Fixes bug 20064; bugfix + on 0.2.2.9-alpha. + - When parsing a detached signature, make sure we use the length of + the digest algorithm instead of a hardcoded DIGEST256_LEN in + order to avoid comparing bytes out-of-bounds with a smaller digest + length such as SHA1. Fixes bug 19066; bugfix on 0.2.2.6-alpha. + + o Minor bugfixes (getpass): + - Defensively fix a non-triggerable heap corruption at do_getpass() + to protect ourselves from mistakes in the future. Fixes bug + 19223; bugfix on 0.2.7.3-rc. Bug found by Guido Vranken, patch + by nherring. + + o Minor bugfixes (guard selection): + - Don't mark guards as unreachable if connection_connect() fails. + That function fails for local reasons, so it shouldn't reveal + anything about the status of the guard. Fixes bug 14334; bugfix + on 0.2.3.10-alpha. + - Use a single entry guard even if the NumEntryGuards consensus + parameter is not provided. Fixes bug 17688; bugfix + on 0.2.5.6-alpha. + + o Minor bugfixes (hidden services): + - Increase the minimum number of internal circuits we preemptively + build from 2 to 3, so a circuit is available when a client + connects to another onion service. Fixes bug 13239; bugfix + on 0.1.0.1-rc. + - Allow hidden services to run on IPv6 addresses even when the + IPv6Exit option is not set. Fixes bug 18357; bugfix + on 0.2.4.7-alpha. + - Stop logging intro point details to the client log on certain + error conditions. Fixed as part of bug 20012; bugfix on + 0.2.4.8-alpha. Patch by teor. + - When deleting an ephemeral hidden service, close its intro points + even if they are not completely open. Fixes bug 18604; bugfix + on 0.2.7.1-alpha. + - When configuring hidden services, check every hidden service + directory's permissions. Previously, we only checked the last + hidden service. Fixes bug 20529; bugfix on 0.2.6.2-alpha. + + o Minor bugfixes (IPv6, testing): + - Check for IPv6 correctly on Linux when running test networks. + Fixes bug 19905; bugfix on 0.2.7.3-rc; patch by teor. + + o Minor bugfixes (Linux seccomp2 sandbox): + - Add permission to run the sched_yield() and sigaltstack() system + calls, in order to support versions of Tor compiled with asan or + ubsan code that use these calls. Now "sandbox 1" and + "--enable-expensive-hardening" should be compatible on more + systems. Fixes bug 20063; bugfix on 0.2.5.1-alpha. + + o Minor bugfixes (logging): + - Downgrade a harmless log message about the + pending_entry_connections list from "warn" to "info". Mitigates + bug 19926. + - Log a more accurate message when we fail to dump a microdescriptor. + Fixes bug 17758; bugfix on 0.2.2.8-alpha. Patch from Daniel Pinto. + - When logging a directory ownership mismatch, log the owning + username correctly. Fixes bug 19578; bugfix on 0.2.2.29-beta. + - When we are unable to remove the bw_accounting file, do not warn + if the reason we couldn't remove it was that it didn't exist. + Fixes bug 19964; bugfix on 0.2.5.4-alpha. Patch from pastly. + + o Minor bugfixes (memory leak): + - Fix a series of slow memory leaks related to parsing torrc files + and options. Fixes bug 19466; bugfix on 0.2.1.6-alpha. + - Avoid a small memory leak when informing worker threads about + rotated onion keys. Fixes bug 20401; bugfix on 0.2.6.3-alpha. + - Fix a small memory leak when receiving AF_UNIX connections on a + SocksPort. Fixes bug 20716; bugfix on 0.2.6.3-alpha. + - When moving a signed descriptor object from a source to an + existing destination, free the allocated memory inside that + destination object. Fixes bug 20715; bugfix on 0.2.8.3-alpha. + - Fix a memory leak and use-after-free error when removing entries + from the sandbox's getaddrinfo() cache. Fixes bug 20710; bugfix on + 0.2.5.5-alpha. Patch from "cypherpunks". + - Fix a small, uncommon memory leak that could occur when reading a + truncated ed25519 key file. Fixes bug 18956; bugfix + on 0.2.6.1-alpha. + + o Minor bugfixes (option parsing): + - Count unix sockets when counting client listeners (SOCKS, Trans, + NATD, and DNS). This has no user-visible behavior changes: these + options are set once, and never read. Required for correct + behavior in ticket 17178. Fixes bug 19677; bugfix on + 0.2.6.3-alpha. Patch by teor. + + o Minor bugfixes (options): + - Check the consistency of UseEntryGuards and EntryNodes more + reliably. Fixes bug 20074; bugfix on 0.2.4.12-alpha. Patch + by teor. + - Stop changing the configured value of UseEntryGuards on + authorities and Tor2web clients. Fixes bug 20074; bugfix on + commits 51fc6799 in 0.1.1.16-rc and acda1735 in 0.2.4.3-alpha. + Patch by teor. + + o Minor bugfixes (relay): + - Ensure relays don't make multiple connections during bootstrap. + Fixes bug 20591; bugfix on 0.2.8.1-alpha. + - Do not try to parallelize workers more than 16x without the user + explicitly configuring us to do so, even if we do detect more than + 16 CPU cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha. + + o Minor bugfixes (testing): + - The test-stem and test-network makefile targets now depend only on + the tor binary that they are testing. Previously, they depended on + "make all". Fixes bug 18240; bugfix on 0.2.8.2-alpha. Based on a + patch from "cypherpunks". + - Allow clients to retry HSDirs much faster in test networks. Fixes + bug 19702; bugfix on 0.2.7.1-alpha. Patch by teor. + - Avoid a unit test failure on systems with over 16 detectable CPU + cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha. + - Let backtrace tests work correctly under AddressSanitizer: + disable ASAN's detection of segmentation faults while running + test_bt.sh, so that we can make sure that our own backtrace + generation code works. Fixes bug 18934; bugfix + on 0.2.5.2-alpha. Patch from "cypherpunks". + - Fix the test-network-all target on out-of-tree builds by using the + correct path to the test driver script. Fixes bug 19421; bugfix + on 0.2.7.3-rc. + - Stop spurious failures in the local interface address discovery + unit tests. Fixes bug 20634; bugfix on 0.2.8.1-alpha; patch by + Neel Chauhan. + - Use ECDHE ciphers instead of ECDH in tortls tests. LibreSSL has + removed the ECDH ciphers which caused the tests to fail on + platforms which use it. Fixes bug 20460; bugfix on 0.2.8.1-alpha. + - The tor_tls_server_info_callback unit test no longer crashes when + debug-level logging is turned on. Fixes bug 20041; bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (time): + - Improve overflow checks in tv_udiff and tv_mdiff. Fixes bug 19483; + bugfix on all released tor versions. + - When computing the difference between two times in milliseconds, + we now round to the nearest millisecond correctly. Previously, we + could sometimes round in the wrong direction. Fixes bug 19428; + bugfix on 0.2.2.2-alpha. + + o Minor bugfixes (Tor2web): + - Prevent Tor2web clients from running hidden services: these services + are not anonymous due to the one-hop client paths. Fixes bug + 19678. Patch by teor. + + o Minor bugfixes (user interface): + - Display a more accurate number of suppressed messages in the log + rate-limiter. Previously, there was a potential integer overflow + in the counter. Now, if the number of messages hits a maximum, the + rate-limiter doesn't count any further. Fixes bug 19435; bugfix + on 0.2.4.11-alpha. + - Fix a typo in the passphrase prompt for the ed25519 identity key. + Fixes bug 19503; bugfix on 0.2.7.2-alpha. + + o Code simplification and refactoring: + - Remove redundant declarations of the MIN macro. Closes + ticket 18889. + - Rename tor_dup_addr() to tor_addr_to_str_dup() to avoid confusion. + Closes ticket 18462; patch from "icanhasaccount". + - Split the 600-line directory_handle_command_get function into + separate functions for different URL types. Closes ticket 16698. + + o Documentation: + - Add module-level internal documentation for 36 C files that + previously didn't have a high-level overview. Closes ticket 20385. + - Correct the IPv6 syntax in our documentation for the + VirtualAddrNetworkIPv6 torrc option. Closes ticket 19743. + - Correct the minimum bandwidth value in torrc.sample, and queue a + corresponding change for torrc.minimal. Closes ticket 20085. + - Fix spelling of "--enable-tor2web-mode" in the manpage. Closes + ticket 19153. Patch from "U+039b". + - Module-level documentation for several more modules. Closes + tickets 19287 and 19290. + - Document the --passphrase-fd option in the tor manpage. Fixes bug + 19504; bugfix on 0.2.7.3-rc. + - Document the default PathsNeededToBuildCircuits value that's used + by clients when the directory authorities don't set + min_paths_for_circs_pct. Fixes bug 20117; bugfix on 0.2.4.10-alpha. + Patch by teor, reported by Jesse V. + - Fix manual for the User option: it takes a username, not a UID. + Fixes bug 19122; bugfix on 0.0.2pre16 (the first version to have + a manpage!). + - Fix the description of the --passphrase-fd option in the + tor-gencert manpage. The option is used to pass the number of a + file descriptor to read the passphrase from, not to read the file + descriptor from. Fixes bug 19505; bugfix on 0.2.0.20-alpha. + + o Removed code: + - We no longer include the (dead, deprecated) bufferevent code in + Tor. Closes ticket 19450. Based on a patch from "U+039b". + + o Removed features: + - Remove support for "GET /tor/bytes.txt" DirPort request, and + "GETINFO dir-usage" controller request, which were only available + via a compile-time option in Tor anyway. Feature was added in + 0.2.2.1-alpha. Resolves ticket 19035. + - There is no longer a compile-time option to disable support for + TransPort. (If you don't want TransPort, just don't use it.) Patch + from "U+039b". Closes ticket 19449. + + o Testing: + - Run more workqueue tests as part of "make check". These had + previously been implemented, but you needed to know special + command-line options to enable them. + - We now have unit tests for our code to reject zlib "compression + bombs". (Fortunately, the code works fine.) + + +Changes in version 0.2.8.11 - 2016-12-08 + Tor 0.2.8.11 backports fixes for additional portability issues that + could prevent Tor from building correctly on OSX Sierra, or with + OpenSSL 1.1. Affected users should upgrade; others can safely stay + with 0.2.8.10. + + o Minor bugfixes (portability): + - Avoid compilation errors when building on OSX Sierra. Sierra began + to support the getentropy() and clock_gettime() APIs, but created + a few problems in doing so. Tor 0.2.9 has a more thorough set of + workarounds; in 0.2.8, we are just using the /dev/urandom and mach + monotonic time interfaces. Fixes bug 20865. Bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (portability, backport from 0.2.9.5-alpha): + - Fix compilation with OpenSSL 1.1 and less commonly-used CPU + architectures. Closes ticket 20588. + + +Changes in version 0.2.8.10 - 2016-12-02 + Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients + unusable after they left standby mode. It also backports fixes for + a few portability issues and a small but problematic memory leak. + + o Major bugfixes (client reliability, backport from 0.2.9.5-alpha): + - When Tor leaves standby because of a new application request, open + circuits as needed to serve that request. Previously, we would + potentially wait a very long time. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. + + o Major bugfixes (client performance, backport from 0.2.9.5-alpha): + - Clients now respond to new application stream requests immediately + when they arrive, rather than waiting up to one second before + starting to handle them. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (portability, backport from 0.2.9.6-rc): + - Work around a bug in the OSX 10.12 SDK that would prevent us from + successfully targeting earlier versions of OSX. Resolves + ticket 20235. + + o Minor bugfixes (portability, backport from 0.2.9.5-alpha): + - Fix implicit conversion warnings under OpenSSL 1.1. Fixes bug + 20551; bugfix on 0.2.1.1-alpha. + + o Minor bugfixes (relay, backport from 0.2.9.5-alpha): + - Work around a memory leak in OpenSSL 1.1 when encoding public + keys. Fixes bug 20553; bugfix on 0.0.2pre8. + + o Minor features (geoip): + - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2 + Country database. + + Changes in version 0.2.8.9 - 2016-10-17 Tor 0.2.8.9 backports a fix for a security hole in previous versions of Tor that would allow a remote attacker to crash a Tor client, @@ -449,7 +2643,7 @@ Changes in version 0.2.8.6 - 2016-08-02 o Minor bugfixes (build): - Avoid spurious failures from configure files related to calling - exit(0) in TOR_SEARCH_LIBRARY. Fixes bug 18625; bugfix on + exit(0) in TOR_SEARCH_LIBRARY. Fixes bug 18626; bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". - Do not link the unit tests against both the testing and non- testing versions of the static libraries. Fixes bug 18490; bugfix |