diff options
Diffstat (limited to 'changes')
207 files changed, 463 insertions, 541 deletions
diff --git a/changes/19974 b/changes/19974 deleted file mode 100644 index 5496143ddf..0000000000 --- a/changes/19974 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (unit tests): - - Fix tolerances in unit tests for monotonic time comparisons between - nanoseconds and microseconds. Previously, we accepted a 10 us - difference only, which is not realistic on every platform's - clock_gettime(). Fixes bug 19974; bugfix on 0.2.9.1-alpha. diff --git a/changes/20460 b/changes/20460 deleted file mode 100644 index 9fbb4a7986..0000000000 --- a/changes/20460 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (testing): - - Use ECDHE ciphers instead of ECDH in tortls tests. LibreSSL has - removed the ECDH ciphers which caused the tests to fail on - platforms which use it. Fixes bug 20460; bugfix on 0.2.8.1-alpha. diff --git a/changes/20492 b/changes/20492 deleted file mode 100644 index fdcd4d0b4b..0000000000 --- a/changes/20492 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfix (build): - - The current Git revision when building from a local repository is now - detected correctly when using git worktrees. Fixes bug 20492; bugfix on - 0.2.3.9-alpha. diff --git a/changes/21359 b/changes/21359 deleted file mode 100644 index cc9b377d52..0000000000 --- a/changes/21359 +++ /dev/null @@ -1,8 +0,0 @@ - - o Minor features (portability, compilationc) - - Support building with recent LibreSSL code that uses opaque - structures. Closes ticket 21359. - - Autoconf now check to determine if OpenSSL - structures are opaque, instead of explicitly checking for - OpenSSL version numbers. - Part of ticket 21359. diff --git a/changes/27286 b/changes/27286 new file mode 100644 index 0000000000..5f5f7a4ae7 --- /dev/null +++ b/changes/27286 @@ -0,0 +1,4 @@ + o Minor features (directory authorities): + - Authorities no longer vote to make the subprotocol version "LinkAuth=1" + a requirement: it is unsupportable with NSS, and hasn't been needed + since Tor 0.3.0.1-alpha. Closes ticket 27286. diff --git a/changes/bug15582 b/changes/bug15582 deleted file mode 100644 index 5ea6431cf8..0000000000 --- a/changes/bug15582 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Avoid compiler warnings in the unit tests for running tor_sscanf() - with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha. - diff --git a/changes/bug18100 b/changes/bug18100 deleted file mode 100644 index cd3ba2c977..0000000000 --- a/changes/bug18100 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (linux TPROXY support): - - Fix a typo that had prevented TPROXY-based transparent proxying from - working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha. - Patch from "d4fq0fQAgoJ". - diff --git a/changes/bug18329-minimal b/changes/bug18329-minimal deleted file mode 100644 index 804c4e8dd1..0000000000 --- a/changes/bug18329-minimal +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (bridge): - - Bridges now include notice in their descriptors that they are bridges, - and notice of their distribution status, based on their publication - settings. Implements ticket 18329. For more fine-grained control of - how a bridge is distributed, upgrade to 0.3.2.x or later. - diff --git a/changes/bug18859 b/changes/bug18859 new file mode 100644 index 0000000000..1fe5bc2107 --- /dev/null +++ b/changes/bug18859 @@ -0,0 +1,7 @@ + o Major bugfixes (circuit prediction): + - Fix circuit prediction logic so that a client doesn't treat a stream as + being "handled" by a circuit if that circuit already has isolation + settings on it that might make it incompatible with the stream. This + change should make Tor clients more responsive by improving their + chances of having a pre-created circuit ready for use when a new client + request arrives. Fixes bug 18859; bugfix on 0.2.3.3-alpha. diff --git a/changes/bug19025 b/changes/bug19025 deleted file mode 100644 index 0f365f52ba..0000000000 --- a/changes/bug19025 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (DNS): - - Fix a bug that prevented exit nodes from caching DNS records for more - than 60 seconds. - Fixes bug 19025; bugfix on 0.2.4.7-alpha. diff --git a/changes/bug19869 b/changes/bug19869 deleted file mode 100644 index 430048f161..0000000000 --- a/changes/bug19869 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (DNSPort): - - On DNSPort, stop logging a BUG warning on a failed hostname lookup. - Fixes bug 19869; bugfix on 0.2.9.1-alpha. - diff --git a/changes/bug19926_029_info b/changes/bug19926_029_info deleted file mode 100644 index 93fd81b6cb..0000000000 --- a/changes/bug19926_029_info +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (logging): - - Downgrade a harmless log message about the pending_entry_connections - list from "warn" to "info". Mitigates bug 19926. diff --git a/changes/bug19960 b/changes/bug19960 deleted file mode 100644 index 5d655859a6..0000000000 --- a/changes/bug19960 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (netbsd, unit tests): - - Stop expecting NetBSD unit tests to report success for ipfw; - on NetBSD, it's only pf that's supported. - Part of a fix for bug 19960; bugfix on 0.2.9.5-alpha. diff --git a/changes/bug19968 b/changes/bug19968 deleted file mode 100644 index b285706e70..0000000000 --- a/changes/bug19968 +++ /dev/null @@ -1,11 +0,0 @@ - o Minor bugfixes (relay): - - Do not try to parallelize workers more than 16x without the - user explicitly configuring us to do so, even if we do detect more than - 16 CPU cores. Fixes bug 19968; bugfix on - 0.2.3.1-alpha. - - - o Minor bugfixes (testing): - - Avoid a unit test failure on systems with over 16 detectable - CPU cores. Fixes bug 19968; bugfix on - 0.2.3.1-alpha. diff --git a/changes/bug19969 b/changes/bug19969 deleted file mode 100644 index c760c6de03..0000000000 --- a/changes/bug19969 +++ /dev/null @@ -1,10 +0,0 @@ - o Major bugfixes (client performance): - - Clients now respond to new application stream requests when - they arrive, rather than waiting up to one second before starting - to handle them. Fixes part of bug 19969; bugfix on 0.2.8.1-alpha. - - o Major bugfixes (clients on flaky network connections): - - When Tor leaves standby because of a new application request, open - circuits as needed to serve that request. Previously, we would - potentially wait a very long time. Fixes part of bug 19969; bugfix - on 0.2.8.1-alpha. diff --git a/changes/bug20059 b/changes/bug20059 deleted file mode 100644 index 091fab06d1..0000000000 --- a/changes/bug20059 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (relay): - - Avoid a double-marked-circuit warning that can happen when we receive - DESTROY cells under heavy load. Fixes bug 20059; bugfix on 0.1.0.1-rc. diff --git a/changes/bug20085 b/changes/bug20085 deleted file mode 100644 index fd10e7eeeb..0000000000 --- a/changes/bug20085 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Correct the minimum bandwidth value in torrc.sample, and queue a - corresponding change for torrc.minimal. Closes ticket 20085. - diff --git a/changes/bug20235 b/changes/bug20235 deleted file mode 100644 index 54026a8943..0000000000 --- a/changes/bug20235 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (compatibility): - - Work around a bug in the OSX 10.12 SDK that would prevent us - from successfully targetting earlier versions of OSX. - Resolves ticket 20235. diff --git a/changes/bug20247 b/changes/bug20247 deleted file mode 100644 index 731cf0046f..0000000000 --- a/changes/bug20247 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (linux seccomp2 sandbox): - - Avoid a sandbox failure when trying to re-bind to a socket and mark - it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha. - diff --git a/changes/bug20306_029 b/changes/bug20306_029 deleted file mode 100644 index ada2676b2b..0000000000 --- a/changes/bug20306_029 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (fascistfirewall): - - Avoid spurious warnings when ReachableAddresses or FascistFirewall - is set. Fixes bug 20306; bugfix on 0.2.8.2-alpha. - diff --git a/changes/bug20307 b/changes/bug20307 deleted file mode 100644 index 9112c9c78d..0000000000 --- a/changes/bug20307 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (circuit, hidden service) - - When closing a circuit, the reason for doing so was assigned from an int - value to a uint16_t which is quite a problem for negative values that are - our internal reasons (ex: END_CIRC_REASON_IP_NOW_REDUNDANT). On the HS - side, this was causing introduction points to be flagged as unusable - because the reason wasn't the right one due to the bad conversion. - Partially fixes bug 21056 and fixes bug 20307; Bugfix on 0.2.8.1-alpha. diff --git a/changes/bug20401 b/changes/bug20401 deleted file mode 100644 index 85ab3c7322..0000000000 --- a/changes/bug20401 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (relay): - - Avoid a small memory leak when informing worker threads about rotated - onion keys. Fixes bug 20401; bugfix on 0.2.6.3-alpha. - diff --git a/changes/bug20423 b/changes/bug20423 deleted file mode 100644 index 32bdc3f081..0000000000 --- a/changes/bug20423 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - For relays that don't know their own address, avoid attempting - a local hostname resolve for each descriptor we download. Also cut - down on the number of "Success: chose address 'x.x.x.x'" log lines. - Fixes bugs 20423 and 20610; bugfix on 0.2.8.1-alpha. - diff --git a/changes/bug20472 b/changes/bug20472 deleted file mode 100644 index 4d90c39f5b..0000000000 --- a/changes/bug20472 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (circuits): - - Remove a BUG warning in circuit_pick_extend_handshake. Instead, assume - all nodes support EXTEND2. Use ntor whenever a key is available. - Fixes bug 20472; bugfix on 0.2.9.3-alpha. - diff --git a/changes/bug20484 b/changes/bug20484 deleted file mode 100644 index 9a0b95cb39..0000000000 --- a/changes/bug20484 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (single onion services): - - Start correctly when creating a single onion service in a - directory that did not previously exist. Fixes bug 20484; bugfix on - 0.2.9.3-alpha. - diff --git a/changes/bug20487 b/changes/bug20487 deleted file mode 100644 index 4435f14a95..0000000000 --- a/changes/bug20487 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Clarify that setting HiddenServiceNonAnonymousMode requires - you to also set "SOCKSPort 0". Fixes bug 20487; bugfix on - 0.2.9.3-alpha. diff --git a/changes/bug20509 b/changes/bug20509 deleted file mode 100644 index a39ca9f60b..0000000000 --- a/changes/bug20509 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - Directory authorities now reject relays running versions - 0.2.9.1-alpha through 0.2.9.4-alpha, because those relays - suffer from bug 20499 and don't keep their consensus cache - up-to-date. Resolves ticket 20509. diff --git a/changes/bug20529 b/changes/bug20529 deleted file mode 100644 index 276be5b2b6..0000000000 --- a/changes/bug20529 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (hidden services): - - When configuring hidden services, check every hidden service directory's - permissions. Previously, we only checked the last hidden service. - Fixes bug 20529; bugfix on 13942 commit 85bfad1 in 0.2.6.2-alpha. diff --git a/changes/bug20532 b/changes/bug20532 new file mode 100644 index 0000000000..7c190ea032 --- /dev/null +++ b/changes/bug20532 @@ -0,0 +1,4 @@ + o Minor bugfixes (bridges): + - Overwrite the bridge address earlier in the process of directly + retrieving its descriptor, to make sure we reach it on the configured + address. Fixes bug 20532; bugfix on 0.2.0.10-alpha. diff --git a/changes/bug20533 b/changes/bug20533 deleted file mode 100644 index 7d1a456328..0000000000 --- a/changes/bug20533 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (consensus downloads): - - If a consensus expires while we are waiting for certificates to download, - stop waiting for certificates. - - If we stop waiting for certificates less than a minute after we started - downloading them, do not consider the certificate download failure a - separate failure. - Fixes bug 20533; bugfix on commit e0204f21 in 0.2.0.9-alpha. diff --git a/changes/bug20534 b/changes/bug20534 deleted file mode 100644 index 49db433a01..0000000000 --- a/changes/bug20534 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes (directory download scheduling): - - Remove the maximum delay on exponential-backoff scheduling. - Since we now allow an infinite number of failures (see ticket - 20536), we must now allow the time to grow longer on each failure. - Fixes part of bug 20534; bugfix on 0.2.9.1-alpha. - - Use initial delays and decrements in download scheduling closer to - those from 0.2.8. Fixes another part of bug 20534; bugfix on - 0.2.9.1-alpha. diff --git a/changes/bug20536 b/changes/bug20536 deleted file mode 100644 index 9e0dd164bb..0000000000 --- a/changes/bug20536 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (download scheduling): - - When using an exponential backoff schedule, do not give up on - dowloading just because we have failed a bunch of times. Since - each delay is longer than the last, retrying indefinitely won't - hurt. Fixes bug 20536; bugfix on 0.2.9.1-alpha. - diff --git a/changes/bug20551 b/changes/bug20551 deleted file mode 100644 index b7ec4ca7cc..0000000000 --- a/changes/bug20551 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix implicit conversion warnings under OpenSSL 1.1. - Fixes bug 20551; bugfix on 0.2.1.1-alpha. diff --git a/changes/bug20553 b/changes/bug20553 deleted file mode 100644 index 12a2780303..0000000000 --- a/changes/bug20553 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (memory leak): - - Work around a memory leak in OpenSSL 1.1 when encoding public keys. - Fixes bug 20553; bugfix on 0.0.2pre8. diff --git a/changes/bug20560 b/changes/bug20560 deleted file mode 100644 index 43d605b296..0000000000 --- a/changes/bug20560 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (portability): - - Run correctly when built on Windows build environments that require - _vcsprintf(). Fixes bug 20560; bugfix on 0.2.2.11-alpha. - diff --git a/changes/bug20587 b/changes/bug20587 deleted file mode 100644 index 341b001363..0000000000 --- a/changes/bug20587 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (download timing): - - When determining when to download a directory object, handle times - after 2038 if the operating system supports that. (Someday this will be - important!) Fixes bug 20587; bugfix on 0.2.8.1-alpha. - diff --git a/changes/bug20588 b/changes/bug20588 deleted file mode 100644 index 832ef81336..0000000000 --- a/changes/bug20588 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (portability): - - Fix compilation with OpenSSL 1.1 and less commonly-used - CPU architectures. Closes ticket 20588. diff --git a/changes/bug20591 b/changes/bug20591 deleted file mode 100644 index deaa738f5e..0000000000 --- a/changes/bug20591 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (relay bootstrap): - - Ensure relays don't make multiple connections during bootstrap. - Fixes bug 20591; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug20593 b/changes/bug20593 deleted file mode 100644 index e9f54d317a..0000000000 --- a/changes/bug20593 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (client directory scheduling): - - Treat "relay too busy to answer request" as a failed request and a - reason to back off on our retry frequency. This is safe now that - exponential backups retry indefinitely, and avoids a bug where we would - reset our download schedule erroneously. - Fixes bug 20593; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug20597 b/changes/bug20597 deleted file mode 100644 index f199b63933..0000000000 --- a/changes/bug20597 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (test networks, exponential backoff): - - When using exponential backoff in test networks, use a lower exponent, - so the delays do not vary as much. This helps test networks bootstrap - consistently. Fixes bug 20597; bugfix on 20499; not in any released - version of tor. diff --git a/changes/bug20613 b/changes/bug20613 deleted file mode 100644 index 19bb61f4e0..0000000000 --- a/changes/bug20613 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (single onion services, Tor2web): - - Stop logging long-term one-hop circuits deliberately created by single - onion services and Tor2web. These log messages are intended to diagnose - issue 8387, which relates to circuits hanging around forever for no - reason. - Fixes bug 20613; bugfix on 0.2.9.1-alpha. Reported by "pastly". diff --git a/changes/bug20634 b/changes/bug20634 deleted file mode 100644 index 62fc9f4787..0000000000 --- a/changes/bug20634 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (unit tests): - - Stop spurious failures in the local interface address discovery unit - tests. Fixes bug 20634; bugfix on 0.2.8.1-alpha; patch by Neel Chauhan. diff --git a/changes/bug20638 b/changes/bug20638 deleted file mode 100644 index 260d7d0a75..0000000000 --- a/changes/bug20638 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (hidden services): - - Stop ignoring hidden service key anonymity when first starting tor. - Instead, refuse to start tor if any hidden service key has been used in - a different hidden service anonymity mode. - Fixes bug 20638; bugfix on 17178 in 0.2.9.3-alpha; reported by ahf. diff --git a/changes/bug20710_025 b/changes/bug20710_025 deleted file mode 100644 index 12bd07536c..0000000000 --- a/changes/bug20710_025 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (memory leak, use-after-free, linux seccomp2 sandbox): - - Fix a memory leak and use-after-free error when removing entries - from the sandbox's getaddrinfo() cache. Fixes bug 20710; bugfix on - 0.2.5.5-alpha. Patch from "cypherpunks". diff --git a/changes/bug20715 b/changes/bug20715 deleted file mode 100644 index 737a560cec..0000000000 --- a/changes/bug20715 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (memory leak) - - When moving a signed descriptor object from a source to an existing - destination, free the allocated memory inside that destination object. - Bugfix on tor-0.2.8.3-alpha; Closes #20715. diff --git a/changes/bug20716 b/changes/bug20716 deleted file mode 100644 index 37fd6feecf..0000000000 --- a/changes/bug20716 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (client, memory leak): - - Fix a small memory leak when receiving AF_UNIX connections on - a SocksPort. Fixes bug 20716; bugfix on 0.2.6.3-alpha. diff --git a/changes/bug20810 b/changes/bug20810 deleted file mode 100644 index 5420a73175..0000000000 --- a/changes/bug20810 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (relay) - - When computing old Tor protocol line version in protover, we were - looking at 0.2.7.5 twice instead of a specific case for 0.2.9.1-alpha. - Bugfix on tor-0.2.9.4-alpha. diff --git a/changes/bug20864 b/changes/bug20864 deleted file mode 100644 index 7b8c70fad6..0000000000 --- a/changes/bug20864 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (unit tests, hidden services): - - Remove a double-free in the single onion service unit test. Stop - ignoring a return value. Make future changes less error-prone. - Fixes bug 20864; bugfix on 0.2.9.6-rc. diff --git a/changes/bug20875 b/changes/bug20875 deleted file mode 100644 index 6bba2cbc12..0000000000 --- a/changes/bug20875 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (download scheduling) - - Resolve a "bug" warning when considering a download schedule whose - delay had approached INT_MAX. Fixes 20875; bugfix on 0.2.9.5-alpha. - diff --git a/changes/bug20935 b/changes/bug20935 deleted file mode 100644 index 78068c7c06..0000000000 --- a/changes/bug20935 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (portability): - - Use the correct spelling of MAC_OS_X_VERSION_10_12 on configure.ac - Fixes bug 20935; bugfix on 0.2.9.6-rc. diff --git a/changes/bug20963 b/changes/bug20963 new file mode 100644 index 0000000000..a65c58399c --- /dev/null +++ b/changes/bug20963 @@ -0,0 +1,4 @@ + o Minor features (logging): + - Improve the message we log when re-enabling circuit build timeouts + after having received a consensus. Closes ticket 20963. + diff --git a/changes/bug21018 b/changes/bug21018 deleted file mode 100644 index 49a8b47a25..0000000000 --- a/changes/bug21018 +++ /dev/null @@ -1,11 +0,0 @@ - o Major bugfixes (parsing, security): - - - Fix a bug in parsing that could cause clients to read a single - byte past the end of an allocated region. This bug could be - used to cause hardened clients (built with - --enable-expensive-hardening) to crash if they tried to visit - a hostile hidden service. Non-hardened clients are only - affected depending on the details of their platform's memory - allocator. Fixes bug 21018; bugfix on 0.2.0.8-alpha. Found by - using libFuzzer. Also tracked as TROVE-2016-12-002 and as - CVE-2016-1254. diff --git a/changes/bug21035 b/changes/bug21035 deleted file mode 100644 index bbf3340787..0000000000 --- a/changes/bug21035 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (portability): - - Avoid crashing when Tor is built using headers that contain - CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel - without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix on - 0.2.9.1-alpha. - diff --git a/changes/bug21051 b/changes/bug21051 deleted file mode 100644 index 8bb4f80c8e..0000000000 --- a/changes/bug21051 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix Libevent detection on platforms without Libevent 1 headers - installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug21108_029 b/changes/bug21108_029 deleted file mode 100644 index 3a3f004fc6..0000000000 --- a/changes/bug21108_029 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (directory authority): - - During voting, when marking a node as a probable sybil, do not - clear its BadExit flag: sybils can still be bad in other ways - too. (We still clear the other flags.) Fixes bug 21108; bugfix - on 0.2.0.13-alpha. - diff --git a/changes/bug21278_extras b/changes/bug21278_extras deleted file mode 100644 index ffdf4a047b..0000000000 --- a/changes/bug21278_extras +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (code correctness): - - Repair a couple of (unreachable or harmless) cases of the risky - comparison-by-subtraction pattern that caused bug 21278. diff --git a/changes/bug21278_prevention b/changes/bug21278_prevention deleted file mode 100644 index e07f0a670c..0000000000 --- a/changes/bug21278_prevention +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (directory authority): - - Directory authorities now reject descriptors that claim to be - malformed versions of Tor. Helps prevent exploitation of bug 21278. - diff --git a/changes/bug21280 b/changes/bug21280 deleted file mode 100644 index e9f0bc174c..0000000000 --- a/changes/bug21280 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (tor-resolve): - - The tor-resolve command line tool now rejects hostnames over 255 - characters in length. Previously, it would silently truncate - them, which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5. - Patch by "junglefowl". diff --git a/changes/bug21357 b/changes/bug21357 deleted file mode 100644 index a1cb43a78a..0000000000 --- a/changes/bug21357 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (IPv6 Exits): - - Stop rejecting all IPv6 traffic on Exits whose exit policy rejects IPv6 - addresses. Instead, only reject a port over IPv6 if the exit policy - rejects that port on more than an IPv6 /16 of addresses. This bug was - made worse by 17027 in 0.2.8.1-alpha, which rejects a relay's own IPv6 - address by default. - Fixes bug 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha. diff --git a/changes/bug21450 b/changes/bug21450 deleted file mode 100644 index a1cf89ab41..0000000000 --- a/changes/bug21450 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (voting consistency): - - Reject version numbers with components that exceed INT32_MAX. - Otherwise 32-bit and 64-bit platforms would behave inconsistently. - Fixes bug 21450; bugfix on 0.0.8pre1. diff --git a/changes/bug21507 b/changes/bug21507 deleted file mode 100644 index f83e291b63..0000000000 --- a/changes/bug21507 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (voting consistency): - - Reject version numbers with non-numeric prefixes (such as +, -, and - whitespace). Disallowing whitespace prevents differential version - parsing between POSIX-based and Windows platforms. - Fixes bug 21507 and part of 21508; bugfix on 0.0.8pre1. diff --git a/changes/bug21509 b/changes/bug21509 new file mode 100644 index 0000000000..593a01ef20 --- /dev/null +++ b/changes/bug21509 @@ -0,0 +1,3 @@ + o Minor bugfixes (hidden service v3, fuzzing): + - Fix the hidden service v3 descriptor decoding fuzzing to use the latest + decoding API correctly. Fixes bug 21509; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug21576 b/changes/bug21576 deleted file mode 100644 index 68d8471192..0000000000 --- a/changes/bug21576 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (crash, directory connections): - - Fix a rare crash when sending a begin cell on a circuit whose linked - directory connection has already been closed. Fixes bug 21576; - bugfix on Tor 0.2.9.3-alpha. Reported by alecmuffett. diff --git a/changes/bug21943 b/changes/bug21943 deleted file mode 100644 index dbe2c726d9..0000000000 --- a/changes/bug21943 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (Linux seccomp2 sandbox): - - The getpid() system call is now permitted under the Linux seccomp2 - sandbox, to avoid crashing with versions of OpenSSL (and other - libraries) that attempt to learn the process's PID by using the - syscall rather than the VDSO code. Fixes bug 21943; bugfix on - 0.2.5.1-alpha. diff --git a/changes/bug22034 b/changes/bug22034 deleted file mode 100644 index 6d9e188740..0000000000 --- a/changes/bug22034 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (control port, regression): - - The GETINFO extra-info/digest/<digest> command was broken because of a - wrong base16 decode return value check. In was introduced in a refactor - of that API. Fixex bug #22034; bugfix on tor-0.2.9.1-alpha. diff --git a/changes/bug22245 b/changes/bug22245 deleted file mode 100644 index 6ae18593ea..0000000000 --- a/changes/bug22245 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (bandwidth accounting): - - Roll over monthly accounting at the configured hour and minute, - rather than always at 00:00. - Fixes bug 22245; bugfix on 0.0.9rc1. - Found by Andrey Karpov with PVS-Studio. diff --git a/changes/bug22349 b/changes/bug22349 deleted file mode 100644 index bb43404bfe..0000000000 --- a/changes/bug22349 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes (directory authority): - - When a directory authority rejects a descriptor or extrainfo with - a given digest, mark that digest as undownloadable, so that we - do not attempt to download it again over and over. We previously - tried to avoid downloading such descriptors by other means, but - we didn't notice if we accidentally downloaded one anyway. This - behavior became problematic in 0.2.7.2-alpha, when authorities - began pinning Ed25519 keys. Fixes ticket - 22349; bugfix on 0.2.1.19-alpha. diff --git a/changes/bug22370 b/changes/bug22370 deleted file mode 100644 index e0e87e3339..0000000000 --- a/changes/bug22370 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (memory handling): - - When directory authorities reject a router descriptor due to keypinning, - free the router descriptor rather than leaking the memory. - Fixes bug 22370; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug22446 b/changes/bug22446 deleted file mode 100644 index eab65aac00..0000000000 --- a/changes/bug22446 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (code style, backport from 0.3.1.3-alpha): - - Add "Falls through" comments to our codebase, in order to silence - GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas - Stieger. Closes ticket 22446. diff --git a/changes/bug22460_case2 b/changes/bug22460_case2 deleted file mode 100644 index 0a11759832..0000000000 --- a/changes/bug22460_case2 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (relay, link handshake): - - - When performing the v3 link handshake on a TLS connection, report that - we have the x509 certificate that we actually used on that connection, - even if we have changed certificates since that connection was first - opened. Previously, we would claim to have used our most recent x509 - link certificate, which would sometimes make the link handshake fail. - Fixes one case of bug 22460; bugfix on 0.2.3.6-alpha. diff --git a/changes/bug22490 b/changes/bug22490 deleted file mode 100644 index 244dd50b36..0000000000 --- a/changes/bug22490 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (correctness): - - Avoid undefined behavior when parsing IPv6 entries from the geoip6 - file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. diff --git a/changes/bug22516 b/changes/bug22516 deleted file mode 100644 index f024a3c470..0000000000 --- a/changes/bug22516 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (linux seccomp2 sandbox): - - Permit the fchmod system call, to avoid crashing on startup when - starting with the seccomp2 sandbox and an unexpected set of permissions - on the data directory or its contents. Fixes bug 22516; bugfix on - 0.2.5.4-alpha. diff --git a/changes/bug22636 b/changes/bug22636 deleted file mode 100644 index 770cac72e9..0000000000 --- a/changes/bug22636 +++ /dev/null @@ -1,8 +0,0 @@ - o Build features: - - Tor's repository now includes a Travis Continuous Integration (CI) - configuration file (.travis.yml). This is meant to help new developers and - contributors who fork Tor to a Github repository be better able to test - their changes, and understand what we expect to pass. To use this new build - feature, you must fork Tor to your Github account, then go into the - "Integrations" menu in the repository settings for your fork and enable - Travis, then push your changes. diff --git a/changes/bug22644 b/changes/bug22644 deleted file mode 100644 index 9b8742edaf..0000000000 --- a/changes/bug22644 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (controller): - - Do not crash when receiving a POSTDESCRIPTOR command with an - empty body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha. - - Do not crash when receiving a HSPOST command with an empty body. - Fixes part of bug 22644; bugfix on 0.2.7.1-alpha. diff --git a/changes/bug22737 b/changes/bug22737 deleted file mode 100644 index f0de8e6c41..0000000000 --- a/changes/bug22737 +++ /dev/null @@ -1,12 +0,0 @@ - o Minor bugfixes (defensive programming, undefined behavior): - - - Fix a memset() off the end of an array when packing cells. This - bug should be harmless in practice, since the corrupted bytes - are still in the same structure, and are always padding bytes, - ignored, or immediately overwritten, depending on compiler - behavior. Nevertheless, because the memset()'s purpose is to - make sure that any other cell-handling bugs can't expose bytes - to the network, we need to fix it. Fixes bug 22737; bugfix on - 0.2.4.11-alpha. Fixes CID 1401591. - - diff --git a/changes/bug22789 b/changes/bug22789 deleted file mode 100644 index a653592848..0000000000 --- a/changes/bug22789 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (openbsd, denial-of-service): - - Avoid an assertion failure bug affecting our implementation of - inet_pton(AF_INET6) on certain OpenBSD systems whose strtol() - handling of "0xfoo" differs from what we had expected. - Fixes bug 22789; bugfix on 0.2.3.8-alpha. Also tracked as - TROVE-2017-007. - diff --git a/changes/bug22797 b/changes/bug22797 deleted file mode 100644 index 619baaa409..0000000000 --- a/changes/bug22797 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (file limits): - - When setting the maximum number of connections allowed by the OS, - always allow some extra file descriptors for other files. - Fixes bug 22797; bugfix on 0.2.0.10-alpha. diff --git a/changes/bug22801 b/changes/bug22801 deleted file mode 100644 index 7edc79bc84..0000000000 --- a/changes/bug22801 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (compilation): - - When building with certain versions the mingw C header files, avoid - float-conversion warnings when calling the C functions isfinite(), - isnan(), and signbit(). Fixes bug 22801; bugfix on 0.2.8.1-alpha. - diff --git a/changes/bug22838_028 b/changes/bug22838_028 deleted file mode 100644 index 1d0a4fbfd1..0000000000 --- a/changes/bug22838_028 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha): - - Backport a fix for an "unused variable" warning that appeared - in some versions of mingw. Fixes bug 22838; bugfix on - 0.2.8.1-alpha. - diff --git a/changes/bug22915 b/changes/bug22915 deleted file mode 100644 index 17a9c6018f..0000000000 --- a/changes/bug22915 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation warnings): - - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915; - bugfix on 0.2.8.1-alpha. diff --git a/changes/bug22916_027 b/changes/bug22916_027 deleted file mode 100644 index 5cf99c7d15..0000000000 --- a/changes/bug22916_027 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (Compilation): - - Fix warnings when building with libscrypt and openssl scrypt support - on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug23030_029 b/changes/bug23030_029 deleted file mode 100644 index 89a1b507d7..0000000000 --- a/changes/bug23030_029 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (coverity builds): - - Avoid Coverity build warnings related to our BUG() macro. By - default, Coverity treats BUG() as the Linux kernel does: an - instant abort(). We need to override that so our BUG() macro - doesn't prevent Coverity from analyzing functions that use it. - Fixes bug 23030; bugfix on 0.2.9.1-alpha. - diff --git a/changes/bug23081 b/changes/bug23081 deleted file mode 100644 index 76c4e30971..0000000000 --- a/changes/bug23081 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes (Windows service): - - When running as a Windows service, set the ID of the main thread - correctly. Failure to do so made us fail to send log messages - to the controller in 0.2.1.16-rc, slowed down controller - event delivery in 0.2.7.3-rc and later, and crash with an assertion - failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha. - Patch and diagnosis from "Vort". - diff --git a/changes/bug23291 b/changes/bug23291 deleted file mode 100644 index a5b0efda0a..0000000000 --- a/changes/bug23291 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (testing): - - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; bugfix on - 0.2.7.2-alpha. Found and patched by Ties Stuij. diff --git a/changes/bug23470 b/changes/bug23470 deleted file mode 100644 index 33367b3a30..0000000000 --- a/changes/bug23470 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfix (relay address resolution): - - Avoid unnecessary calls to directory_fetches_from_authorities() - on relays. This avoids spurious address resolutions and - descriptor rebuilds. This is a mitigation for 21789. The original - bug was introduced in commit 35bbf2e as part of prop210. - Fixes 23470 in 0.2.8.1-alpha. diff --git a/changes/bug23603 b/changes/bug23603 new file mode 100644 index 0000000000..dfb2052c9a --- /dev/null +++ b/changes/bug23603 @@ -0,0 +1,7 @@ + o Minor bugfixes (hidden service v3): + - Fix a race between the circuit close and free where the service would + launch a new intro circuit after the close, and then fail to register it + before the free of the previously closed circuit. This was making the + service unable to find the established intro circuit and thus not upload + its descriptor. It can make a service unavailable for up to 24 hours. + Fixes bug 23603; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23623 b/changes/bug23623 new file mode 100644 index 0000000000..1e2e5c2ac0 --- /dev/null +++ b/changes/bug23623 @@ -0,0 +1,4 @@ + o Minor bugfixes (onion services): + - Cache some needed onion service client information instead of + continuously computing it over and over again. Fixes bug 23623; bugfix + on 0.3.2.1-alpha. diff --git a/changes/bug23653 b/changes/bug23653 new file mode 100644 index 0000000000..81760cbb82 --- /dev/null +++ b/changes/bug23653 @@ -0,0 +1,7 @@ + o Minor bugfixes (hidden service client): + - When getting multiple SOCKS request for the same .onion address, don't + trigger multiple descriptor fetches. + - When the descriptor fetch fails with an internal error, no more HSDir to + query or we aren't allowed to fetch (FetchHidServDescriptors 0), close + all pending SOCKS request for that .onion. Fixes bug 23653; bugfix on + 0.3.2.1-alpha. diff --git a/changes/bug23662 b/changes/bug23662 new file mode 100644 index 0000000000..1000bde3d6 --- /dev/null +++ b/changes/bug23662 @@ -0,0 +1,4 @@ + o Minor bugfixes (onion services): + - Silence a warning about failed v3 onion descriptor uploads since it can + happen naturally under certain edge-cases. Fixes part of bug 23662; + bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23670 b/changes/bug23670 new file mode 100644 index 0000000000..039bc39478 --- /dev/null +++ b/changes/bug23670 @@ -0,0 +1,3 @@ + o Minor features (entry guards): + - Improve logs issued when we are missing descriptors of primary guards. + Resolves ticket 23670. diff --git a/changes/bug23678 b/changes/bug23678 new file mode 100644 index 0000000000..8138ea71ea --- /dev/null +++ b/changes/bug23678 @@ -0,0 +1,7 @@ + o Minor bugfixes (warnings): + - When we get an HTTP request on a SOCKS port, tell the user about + the new HTTPTunnelPort option. Previously, we would give a + "Tor is not an HTTP Proxy" message, which stopped being true when + HTTPTunnelPort was introduced. Fixes bug 23678; bugfix on + 0.3.2.1-alpha. + diff --git a/changes/bug23681 b/changes/bug23681 new file mode 100644 index 0000000000..e317f36d50 --- /dev/null +++ b/changes/bug23681 @@ -0,0 +1,5 @@ + o Minor bugfixes (hidden service client): + - The introduction circuit was being timed out too quickly while waiting + for the rendezvous circuit to complete. Keep the intro circuit around + longer instead of timing out and reopening new ones constantly. Fixes + bug 23681; bugfix on 0.2.4.8-alpha. diff --git a/changes/bug23690 b/changes/bug23690 deleted file mode 100644 index 36ff32e499..0000000000 --- a/changes/bug23690 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (relay, crash, assertion failure): - - Fix a timing-based assertion failure that could occur when the - circuit out-of-memory handler freed a connection's output buffer. - Fixes bug 23690; bugfix on 0.2.6.1-alpha. - diff --git a/changes/bug23693.1 b/changes/bug23693.1 new file mode 100644 index 0000000000..4b16788814 --- /dev/null +++ b/changes/bug23693.1 @@ -0,0 +1,4 @@ + o Minor bugfixes (relay, crash): + - Avoid a crash when running with DirPort set but ORPort tuned off. + Fixes a case of bug 23693; bugfix on 0.3.1.1-alpha. + diff --git a/changes/bug23696 b/changes/bug23696 new file mode 100644 index 0000000000..c5d18583d4 --- /dev/null +++ b/changes/bug23696 @@ -0,0 +1,5 @@ + o Minor bugfix (KIST scheduler): + - Downgrade a warning to log info when the monotonic time diff is + negative. This can happen on platform not supporting monotonic time. The + scheduler recovers from this without any problem. Fixes bug 23696; + bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23739 b/changes/bug23739 new file mode 100644 index 0000000000..3207b5eaf3 --- /dev/null +++ b/changes/bug23739 @@ -0,0 +1,3 @@ + o Minor bugfixes (documentation): + - Document better how to read gcov and what our postprocessing scripts do. + Fixes bug 23739; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug23741 b/changes/bug23741 new file mode 100644 index 0000000000..92f06f5270 --- /dev/null +++ b/changes/bug23741 @@ -0,0 +1,4 @@ + o Minor bugfixes (testing): + - Prevent scripts/test/coverage from attempting to move gcov + output to the root directory. Fixes bug 23741; bugfix on + 0.2.5.1-alpha. diff --git a/changes/bug23748 b/changes/bug23748 new file mode 100644 index 0000000000..0bd3f3f8ff --- /dev/null +++ b/changes/bug23748 @@ -0,0 +1,5 @@ + o Minor bugfixes (hidden service): + - Always make sure the hidden service generate the public key file if it + is missing. Prior to this, if the public key was deleted from disk, it + wouldn't get recreated. Fixes bug 23748; bugfix on 0.3.2.2-alpha. + Patch from "cathugger". diff --git a/changes/bug23751 b/changes/bug23751 new file mode 100644 index 0000000000..2fd7021664 --- /dev/null +++ b/changes/bug23751 @@ -0,0 +1,6 @@ + o Minor bugfixes (scheduler, channel): + - Ignore channels that have been closed while flushing cells. This can + happen if the write on the connection fails leading to the channel being + closed while in the scheduler loop. This is not a complete fix, it is a + bandaid until we are able to refactor those interactions. Fixes bug + 23751; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23753 b/changes/bug23753 new file mode 100644 index 0000000000..8782a8e2d0 --- /dev/null +++ b/changes/bug23753 @@ -0,0 +1,4 @@ + o Minor features (logging, scheduler): + - Introduce a SCHED_BUG() function to log extra information about the + scheduler state if we ever catch a bug in the scheduler. Closes ticket + 23753. diff --git a/changes/bug23755 b/changes/bug23755 new file mode 100644 index 0000000000..98f0970344 --- /dev/null +++ b/changes/bug23755 @@ -0,0 +1,4 @@ + o Minor bugfixes (testing): + - Stop unconditionally mirroring the tor repository in GitLab CI. + This prevented developers from enabling GitLab CI on master. + Fixes bug 23755; bugfix on 0.3.2.2-alpha. diff --git a/changes/bug23757 b/changes/bug23757 new file mode 100644 index 0000000000..02507a0b4d --- /dev/null +++ b/changes/bug23757 @@ -0,0 +1,4 @@ + o Minor bugfixes (testing): + - Adjust the GitLab CI configuration to more closely match that of Travis + CI. Fixes bug 23757; bugfix on 0.3.2.2-alpha. + diff --git a/changes/bug23758 b/changes/bug23758 new file mode 100644 index 0000000000..565791e8f4 --- /dev/null +++ b/changes/bug23758 @@ -0,0 +1,4 @@ + o Minor bugfixes (testing): + - Skip a test that would fail if run as root (because it expects a + permissions error). This affects some continuous integration setups. + Fixes bug 23758; bugfix on 0.3.2.2-alpha. diff --git a/changes/bug23762 b/changes/bug23762 new file mode 100644 index 0000000000..741a88e21f --- /dev/null +++ b/changes/bug23762 @@ -0,0 +1,4 @@ + o Minor bugfixes (hidden service v3): + - Properly retry HSv3 descriptor fetches in the case where we were initially + missing required directory information. Fixes bug 23762; bugfix on + 0.3.2.1-alpha. diff --git a/changes/bug23774 b/changes/bug23774 new file mode 100644 index 0000000000..2ea5c0122a --- /dev/null +++ b/changes/bug23774 @@ -0,0 +1,4 @@ + o Minor bugfixes (memory leak): + - Fix a minor memory-leak-at-exit in the KIST scheduler. This + bug should have no user-visible impact. Fixes bug 23774; + bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23783 b/changes/bug23783 new file mode 100644 index 0000000000..98c583a12b --- /dev/null +++ b/changes/bug23783 @@ -0,0 +1,5 @@ + o Minor bugfixes (compilation, windows): + - When detecting OpenSSL on Windows from our configure script, make sure + to try linking with the ws2_32 library. Fixes bug 23783; bugfix on + 0.3.2.2-alpha. + diff --git a/changes/bug23790 b/changes/bug23790 new file mode 100644 index 0000000000..5ebe77f806 --- /dev/null +++ b/changes/bug23790 @@ -0,0 +1,6 @@ + o Minor bugfixes (hidden service v2): + - When reloading tor (HUP) configured with hidden service(s), some + information weren't copy to the new service object. One problem with + this was that tor would wait at least the RendPostPeriod time before + uploading the descriptor if the reload happened before the descriptor + needed to be published. Fixes bug 23790; bugfix on 0.2.1.9-alpha. diff --git a/changes/bug23816 b/changes/bug23816 new file mode 100644 index 0000000000..6139dec9e8 --- /dev/null +++ b/changes/bug23816 @@ -0,0 +1,6 @@ + o Minor bugfixes (directory client): + - On failure to download directory information, delay retry attempts + by a random amount based on the "decorrelated jitter" algorithm. + Our previous delay algorithm tended to produce extra-long delays too + easily. Fixes bug 23816; bugfix on 0.2.9.1-alpha. + diff --git a/changes/bug23817 b/changes/bug23817 new file mode 100644 index 0000000000..4740942799 --- /dev/null +++ b/changes/bug23817 @@ -0,0 +1,3 @@ + o Minor bugfixes (descriptors): + - Don't try fetching microdescriptors from relays that have failed to + deliver them in the past. Fixes bug 23817; bugfix on 0.3.0.1-alpha. diff --git a/changes/bug23820 b/changes/bug23820 new file mode 100644 index 0000000000..4e920d0498 --- /dev/null +++ b/changes/bug23820 @@ -0,0 +1,5 @@ + o Minor bugfixes (IPv6, v3 single onion services): + - Remove buggy code for IPv6-only v3 single onion services, and reject + attempts to configure them. This release supports IPv4, dual-stack, and + IPv6-only v3 hidden services; and IPv4 and dual-stack v3 single onion + services. Fixes bug 23820; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23861 b/changes/bug23861 new file mode 100644 index 0000000000..c6f017640d --- /dev/null +++ b/changes/bug23861 @@ -0,0 +1,5 @@ + o Minor bugfixes (logging, relay): + - Suppress a log notice when relay descriptors arrive. We already have a + bootstrap progress for this so no need to log notice everytime tor + receives relay descriptors. Microdescriptors behave the same. Fixes bug + 23861; bugfix on 0.2.8.2-alpha. diff --git a/changes/bug23862 b/changes/bug23862 new file mode 100644 index 0000000000..301ce73672 --- /dev/null +++ b/changes/bug23862 @@ -0,0 +1,5 @@ + o Minor bugfixes (entry guards): + - Tor now updates its guard state when it reads a consensus regardless of + whether it's missing descriptors. That makes tor use its primary guards + to fetch descriptors in some edge cases where it would have used fallback + directories in the past. Fixes bug 23862; bugfix on 0.3.0.1-alpha.
\ No newline at end of file diff --git a/changes/bug23952 b/changes/bug23952 new file mode 100644 index 0000000000..ab1462e522 --- /dev/null +++ b/changes/bug23952 @@ -0,0 +1,4 @@ + o Minor bugfixes (relay): + - Avoid a BUG warning when receiving a dubious CREATE cell while + an option transition is in progress. Fixes bug 23952; bugfix on + 0.3.2.1-alpha. diff --git a/changes/bug24002 b/changes/bug24002 new file mode 100644 index 0000000000..cdb6081110 --- /dev/null +++ b/changes/bug24002 @@ -0,0 +1,5 @@ + o Minor bugfixes (hidden service): + - Make sure that we have a usable ed25519 key when the intro point relay + does support ed25519 link authentication. We do check for an empty key + when the relay does not support it so this makes it nice and symmetric. + Fixes bug 24002; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24025 b/changes/bug24025 new file mode 100644 index 0000000000..1d7841af53 --- /dev/null +++ b/changes/bug24025 @@ -0,0 +1,5 @@ + o Minor bugfixes (logging, relay): + - Downgrade a warning to a protocol warning in the case the ed25519 key is + not consistent between the descriptor and micro descriptor of a relay. + This can happen for instance if the relay has been flagged + NoEdConsensus. Fixes bug 24025; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24050 b/changes/bug24050 new file mode 100644 index 0000000000..d184a77ac0 --- /dev/null +++ b/changes/bug24050 @@ -0,0 +1,5 @@ + o Minor bugfixes (client): + - By default, do not enable storage of client-side DNS values. + These values were unused by default previously, but they should + not have been cached at all. Fixes bug 24050; bugfix on + 0.2.6.3-alpha. diff --git a/changes/bug24082 b/changes/bug24082 new file mode 100644 index 0000000000..1523239351 --- /dev/null +++ b/changes/bug24082 @@ -0,0 +1,3 @@ + o Minor bugfixes (testing): + - Fix a spurious fuzzing-only use of an uninitialized value. + Found by Brian Carpenter. Fixes bug 24082; bugfix on 0.3.0.3-alpha. diff --git a/changes/bug24086 b/changes/bug24086 new file mode 100644 index 0000000000..2ae0b37e65 --- /dev/null +++ b/changes/bug24086 @@ -0,0 +1,7 @@ + o Minor bugfixes (directory cache): + - When a consensus diff calculation is only partially successful, only + record the successful parts as having succeeded. Partial success + can happen if (for example) one compression method fails but + the others succeed. Previously we misrecorded all the calculations as + having succeeded, which would later cause a nonfatal assertion failure. + Fixes bug 24086; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug24099 b/changes/bug24099 new file mode 100644 index 0000000000..dca3992664 --- /dev/null +++ b/changes/bug24099 @@ -0,0 +1,4 @@ + o Minor bugfixes (directory cache): + - Recover better from empty or corrupt files in the consensus cache + directory. Fixes bug 24099; bugfix on 0.3.1.1-alpha. + diff --git a/changes/bug24115 b/changes/bug24115 new file mode 100644 index 0000000000..767f13840b --- /dev/null +++ b/changes/bug24115 @@ -0,0 +1,4 @@ + o Minor bugfixes (manpage, hidden service): + - Mention that the HiddenServiceNumIntroductionPoints option is 0-10 for + v2 service and 0-20 for v3 service. Fixes bug 24115; bugfix on + 0.3.2.1-alpha. diff --git a/changes/bug24150 b/changes/bug24150 new file mode 100644 index 0000000000..cfda7c40da --- /dev/null +++ b/changes/bug24150 @@ -0,0 +1,4 @@ + o Minor bugfixes (v3 onion services): + - Fix a memory leak when decrypting a badly formatted v3 onion + service descriptor. Fixes bug 24150; bugfix on 0.3.2.1-alpha. + Found by OSS-Fuzz; this is OSS-Fuzz issue 3994. diff --git a/changes/bug24230 b/changes/bug24230 new file mode 100644 index 0000000000..b08c4cde24 --- /dev/null +++ b/changes/bug24230 @@ -0,0 +1,4 @@ + o Minor bugfixes (control port, hidden service): + - Control port was reporting the action "UPLOAD_FAILED" instead of + "FAILED" for the HS_DESC event when a service was not able to upload a + descriptor. Fixes bug 24230; bugfix on 0.2.7.1-alpha. diff --git a/changes/bug24247 b/changes/bug24247 new file mode 100644 index 0000000000..1f4ddcdde2 --- /dev/null +++ b/changes/bug24247 @@ -0,0 +1,6 @@ + o Minor bugfixes (fuzzing): + - Fix a bug in our fuzzing mock replacement for crypto_pk_checksig(), to + correctly handle cases where a caller gives it an RSA key of under 160 + bits. (This is not actually a bug in Tor itself, but wrather in our + fuzzing code.) Fixes bug 24247; bugfix on 0.3.0.3-alpha. + Found by OSS-Fuzz as issue 4177. diff --git a/changes/bug24262 b/changes/bug24262 new file mode 100644 index 0000000000..eee69512e4 --- /dev/null +++ b/changes/bug24262 @@ -0,0 +1,3 @@ + o Minor bugfixes (hidden service): + - Fix the consensus parameter "hsdir-interval" to "hsdir_interval" so it + matches the dir-spec.txt. Fixes bug 24262; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug24279 b/changes/bug24279 new file mode 100644 index 0000000000..ab2932b341 --- /dev/null +++ b/changes/bug24279 @@ -0,0 +1,5 @@ + o Minor bugfixes (compilation, hardening): + - Fix a memory leak warning in one of the libevent-related + configuration tests that could occur when manually specifying + -fsanitize=address. Fixes bug 24279; bugfix on 0.3.0.2-alpha. + Found and patched by Alex Xu. diff --git a/changes/bug24345 b/changes/bug24345 new file mode 100644 index 0000000000..22eb412514 --- /dev/null +++ b/changes/bug24345 @@ -0,0 +1,3 @@ + o Minor bugfixes (tests): + - Fix a unit test in one of the bridge-distribution test cases. + Fixes bug 24345; bugfix on 0.3.2.3-alpha. diff --git a/changes/bug24367 b/changes/bug24367 new file mode 100644 index 0000000000..09ef3bb877 --- /dev/null +++ b/changes/bug24367 @@ -0,0 +1,13 @@ + o Minor bugfixes (bridge clients, bootstrap): + - Retry directory downloads when we get our first bridge descriptor + during bootstrap or while reconnecting to the network. Keep retrying + every time we get a bridge descriptor, until we have a reachable bridge. + Fixes bug 24367; bugfix on 0.2.0.3-alpha. + - Stop delaying bridge descriptor fetches when we have cached bridge + descriptors. Instead, only delay bridge descriptor fetches when we + have at least one reachable bridge. + Fixes bug 24367; bugfix on 0.2.0.3-alpha. + - Stop delaying directory fetches when we have cached bridge descriptors. + Instead, only delay bridge descriptor fetches when all our bridges are + definitely unreachable. + Fixes bug 24367; bugfix on 0.2.0.3-alpha. diff --git a/changes/bug24424 b/changes/bug24424 new file mode 100644 index 0000000000..63c2d39ba1 --- /dev/null +++ b/changes/bug24424 @@ -0,0 +1,3 @@ + o Minor features (portability): + - Tor now compiles correctly on arm64 with libseccomp-dev installed. + (It doesn't yet work with the sandbox enabled.) Closes ticket 24424. diff --git a/changes/bug24502 b/changes/bug24502 new file mode 100644 index 0000000000..3fa6fb58dd --- /dev/null +++ b/changes/bug24502 @@ -0,0 +1,4 @@ + o Minor bugfixes (scheduler): + - Properly set the scheduler state of an unopened channel in the KIST + scheduler main loop. This prevents a harmless but annoying log warning. + Fixes bug 24502; bugfix on 0.3.2.4-alpha. diff --git a/changes/bug24526 b/changes/bug24526 new file mode 100644 index 0000000000..4d69defa9b --- /dev/null +++ b/changes/bug24526 @@ -0,0 +1,4 @@ + o Documentation: + - Document that operators who run more than one relay or bridge are + expected to set MyFamily and ContactInfo correctly. Closes ticket + 24526. diff --git a/changes/bug24590 b/changes/bug24590 new file mode 100644 index 0000000000..77e039f8d2 --- /dev/null +++ b/changes/bug24590 @@ -0,0 +1,5 @@ + o Minor bugfixes (scheduler, KIST): + - Avoid a possible integer overflow when computing the available space on + the TCP buffer of a channel. This has no security implications but can + make KIST not behave properly by allowing more cells on a already + saturated connection. Fixes bug 24590; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24634 b/changes/bug24634 new file mode 100644 index 0000000000..ac82b94fbb --- /dev/null +++ b/changes/bug24634 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation): + - Resolve a few shadowed-variable warnings in the onion service code. + Fixes bug 24634; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24652 b/changes/bug24652 new file mode 100644 index 0000000000..6e35e259e9 --- /dev/null +++ b/changes/bug24652 @@ -0,0 +1,6 @@ + o Minor bugfixes (build, compatibility, rust, OSX): + + - When building with Rust on OSX, link against libresolv, to + work around the issue at + https://github.com/rust-lang/rust/issues/46797. Fixes bug + 24652; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug24665 b/changes/bug24665 new file mode 100644 index 0000000000..f950d9dd01 --- /dev/null +++ b/changes/bug24665 @@ -0,0 +1,6 @@ + o Major bugfixes (KIST, scheduler): + - The KIST scheduler did not correctly account for data already enqueued + in each connection's send socket buffer, particularly in cases when the + TCP/IP congestion window was reduced between scheduler calls. This + situation lead to excessive per-connection buffering in the kernel, and + a potential memory DoS. Fixes bug 24665; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24671 b/changes/bug24671 new file mode 100644 index 0000000000..34d09e704d --- /dev/null +++ b/changes/bug24671 @@ -0,0 +1,6 @@ + o Minor bugfixes (scheduler, KIST): + - Use a sane write limit for KISTLite when writing onto a connection + buffer instead of using INT_MAX and shoving as much as it can. Because + the OOM handler cleans up circuit queues, we are better off at keeping + them in that queue instead of the connection's buffer. Fixes bug 24671; + bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24700 b/changes/bug24700 new file mode 100644 index 0000000000..74dc581a0b --- /dev/null +++ b/changes/bug24700 @@ -0,0 +1,4 @@ + o Minor bugfixes (scheduler, KIST): + - Avoid adding the same channel twice in the KIST scheduler pending list + wasting CPU cycles at handling the same channel twice. Fixes bug 24700; + bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24826_031 b/changes/bug24826_031 new file mode 100644 index 0000000000..3d4a66184a --- /dev/null +++ b/changes/bug24826_031 @@ -0,0 +1,4 @@ + o Minor bugfixes (performance, fragile-hardening): + - Improve the performance of our consensus-diff application code when Tor + is built with the --enable-fragile-hardening option set. Fixes bug + 24826; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug24859 b/changes/bug24859 new file mode 100644 index 0000000000..122109d650 --- /dev/null +++ b/changes/bug24859 @@ -0,0 +1,4 @@ + o Minor bugfixes (logging): + - Don't treat inability to store a cached consensus object as a + bug: it can happen normally when we are out of disk space. + Fixes bug 24859; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug24894 b/changes/bug24894 new file mode 100644 index 0000000000..b08cdce1f0 --- /dev/null +++ b/changes/bug24894 @@ -0,0 +1,5 @@ + o Major bugfixes (v3 onion services): + - New-style (v3) onion services now obey the "max rendezvous circuit + attempts" logic. Previously they would make as many rendezvous + circuit attempts as they could fit in the MAX_REND_TIMEOUT second + window before giving up. Fixes bug 24894; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24898 b/changes/bug24898 new file mode 100644 index 0000000000..f64340d71b --- /dev/null +++ b/changes/bug24898 @@ -0,0 +1,8 @@ + o Major bugfixes (relays): + - Fix a set of false positives where relays would consider connections + to other relays as being client-only connections (and thus e.g. + deserving different link padding schemes) if those relays fell out + of the consensus briefly. Now we look only at the initial handshake + and whether the connection authenticated as a relay. Fixes bug + 24898; bugfix on 0.3.1.1-alpha. + diff --git a/changes/bug24898-029 b/changes/bug24898-029 deleted file mode 100644 index b33f093841..0000000000 --- a/changes/bug24898-029 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (relay): - - Make the internal channel_is_client() function look at what sort - of connection handshake the other side used, rather than whether - the other side ever sent a create_fast cell to us. Backports part - of the fixes from bugs 22805 and 24898. - diff --git a/changes/bug24972 b/changes/bug24972 new file mode 100644 index 0000000000..5adf970abf --- /dev/null +++ b/changes/bug24972 @@ -0,0 +1,4 @@ + o Minor features (logging, diagnostic): + - When logging a failure to check a hidden service's certificate, + also log what the problem with the certificate was. Diagnostic + for ticket 24972. diff --git a/changes/bug24975 b/changes/bug24975 new file mode 100644 index 0000000000..32a5dfc929 --- /dev/null +++ b/changes/bug24975 @@ -0,0 +1,6 @@ + o Major bugfixes (scheduler, consensus): + - A logic in the code was preventing the scheduler subystem to properly + make a decision based on the latest consensus when it arrives. This lead + to the scheduler failing to notice any consensus parameters that might + have changed between consensuses. Fixes bug 24975; bugfix on + 0.3.2.1-alpha. diff --git a/changes/bug24976 b/changes/bug24976 new file mode 100644 index 0000000000..9c3be86eab --- /dev/null +++ b/changes/bug24976 @@ -0,0 +1,5 @@ + o Minor bugfixes (hidden service v3 client): + - Remove a BUG() statement which can be triggered in normal circumstances + where a client fetches a descriptor that has a lower revision counter + than the one in its cache. This can happen due to HSDir desync. Fixes + bug 24976; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug25005 b/changes/bug25005 new file mode 100644 index 0000000000..dedf283aa9 --- /dev/null +++ b/changes/bug25005 @@ -0,0 +1,4 @@ + o Minor bugfixes (unit tests): + - Fix a memory leak in the scheduler/loop_kist unit test. Fixes bug + 25005; bugfix on 0.3.2.7-rc. + diff --git a/changes/bug25070 b/changes/bug25070 new file mode 100644 index 0000000000..c2f4e58c45 --- /dev/null +++ b/changes/bug25070 @@ -0,0 +1,3 @@ + o Major bugfixes (protocol versions): + - Add Link protocol version 5 to the supported protocols list. + Fixes bug 25070; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug25105 b/changes/bug25105 new file mode 100644 index 0000000000..36d1a5f16f --- /dev/null +++ b/changes/bug25105 @@ -0,0 +1,5 @@ + o Minor bugfixes (v3 onion services): + - Look at the "HSRend" protocol version, not the "HSDir" protocol + version, when deciding whether a consensus entry can support + the v3 onion service protocol as a rendezvous point. + Fixes bug 25105; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug25296_032 b/changes/bug25296_032 new file mode 100644 index 0000000000..f60048ca66 --- /dev/null +++ b/changes/bug25296_032 @@ -0,0 +1,5 @@ + o Minor bugfixes (documentation): + - Document that the PerConnBW{Rate,Burst} options will fall back to their + corresponding consensus parameters only if those parameters are + set. Previously we had claimed that these values would always be + set in the consensus. Fixes bug 25296; bugfix on 0.2.2.7-alpha. diff --git a/changes/bug25450 b/changes/bug25450 new file mode 100644 index 0000000000..ae14135a72 --- /dev/null +++ b/changes/bug25450 @@ -0,0 +1,8 @@ + o Minor bugfixes (testing): + - Avoid intermittent test failures due to relying on hidden service + introductory point creation within 5 seconds of real clock time. The + time limit for the test has been increased to 500 seconds, which may + still result in intermittent failures (e.g. if the system doing the + testing enters sleep/hibernation or experiences some other clock jump). + However, this should elliminate test failures currently happening on + developer and CI systems. Fixes bug 25450; bugfix on 0.3.1.3-alpha. diff --git a/changes/bug25474 b/changes/bug25474 new file mode 100644 index 0000000000..7d3bd1c5f5 --- /dev/null +++ b/changes/bug25474 @@ -0,0 +1,5 @@ + o Minor bugfixes (compilation): + - Fix a c99 compliance issue in our configuration script that was + causing compilation issues when compiling Tor with certain + versions of xtools. Fixes bug 25474; bugfix on 0.3.2.5-alpha. + diff --git a/changes/bug25686_diagnostic b/changes/bug25686_diagnostic new file mode 100644 index 0000000000..96323145d8 --- /dev/null +++ b/changes/bug25686_diagnostic @@ -0,0 +1,4 @@ + o Minor features (relay, diagnostic): + - Add several checks to detect whether Tor relays are uploading their + descriptors without specifying why they regenerated. Diagnostic for + ticket 25686. diff --git a/changes/bug25761 b/changes/bug25761 new file mode 100644 index 0000000000..096fadcf09 --- /dev/null +++ b/changes/bug25761 @@ -0,0 +1,3 @@ + o Major bugfixes (onion service): + - Correctly detect when onion services get disabled after HUP. + Fixes bug 25761; bugfix on 0.3.2.1. diff --git a/changes/bug25901 b/changes/bug25901 new file mode 100644 index 0000000000..3ad30c7676 --- /dev/null +++ b/changes/bug25901 @@ -0,0 +1,3 @@ + o Minor bugfixes (hidden service v3): + - Fix a memory leak when an hidden service v3 is configured and gets a + SIGHUP signal. Fixes bug 25901; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug26069 b/changes/bug26069 new file mode 100644 index 0000000000..192e97d782 --- /dev/null +++ b/changes/bug26069 @@ -0,0 +1,5 @@ + o Minor bugfixes (hidden service v3): + - When parsing the descriptor signature, look for the token plus an extra + white-space at the end. This is more correct but also will allow us to + support new fields that might start with "signature". Fixes bug 26069; + bugfix on 0.3.0.1-alpha. diff --git a/changes/bug26158 b/changes/bug26158 new file mode 100644 index 0000000000..0d74cf1167 --- /dev/null +++ b/changes/bug26158 @@ -0,0 +1,5 @@ + o Minor bugfixes (relay): + - Relays now correctly block attempts to re-extend to the previous + relay by Ed25519 identity. Previously they would warn in this case, + but not actually reject the attempt. Fixes bug 26158; bugfix on + 0.3.0.1-alpha. diff --git a/changes/bug26272 b/changes/bug26272 new file mode 100644 index 0000000000..9dcf42f0e1 --- /dev/null +++ b/changes/bug26272 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation): + - Silence unused-const-variable warnings in zstd.h on some gcc versions. + Fixes bug 26272; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug26497 b/changes/bug26497 new file mode 100644 index 0000000000..d0c05ff3e4 --- /dev/null +++ b/changes/bug26497 @@ -0,0 +1,3 @@ + o Minor bugfixes (rust): + - Stop setting $CARGO_HOME. cargo will use the user's $CARGO_HOME, or + $HOME/.cargo by default. Fixes bug 26497; bugfix on 0.3.1.5-alpha. diff --git a/changes/bug26497-backport b/changes/bug26497-backport new file mode 100644 index 0000000000..1d86e01bf3 --- /dev/null +++ b/changes/bug26497-backport @@ -0,0 +1,3 @@ + o Minor bugfixes (rust): + - Backport test_rust.sh from master. + Fixes bug 26497; bugfix on 0.3.1.5-alpha. diff --git a/changes/bug26535.032 b/changes/bug26535.032 new file mode 100644 index 0000000000..395d08d816 --- /dev/null +++ b/changes/bug26535.032 @@ -0,0 +1,5 @@ + o Minor bugfixes (testing, compatibility): + - When running the hs_ntor_ref.py test, make sure only to pass strings + (rather than "bytes" objects) to the Python subprocess module. + Python 3 on Windows seems to require this. Fixes bug 26535; bugfix on + 0.3.1.1-alpha. diff --git a/changes/bug26785 b/changes/bug26785 new file mode 100644 index 0000000000..e6392fcbdd --- /dev/null +++ b/changes/bug26785 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation, portability): + - Don't try to use a pragma to temporarily disable + -Wunused-const-variable if the compiler doesn't support it. + Fixes bug 26785; bugfix on 0.3.2.11. diff --git a/changes/bug26853 b/changes/bug26853 new file mode 100644 index 0000000000..6ee47789b9 --- /dev/null +++ b/changes/bug26853 @@ -0,0 +1,3 @@ + o Minor bugfixes (continuous integration): + - Skip an unreliable key expiration test on Windows, until the underlying + issue in bug 26076 is resolved. Fixes bug 26853; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug26927 b/changes/bug26927 new file mode 100644 index 0000000000..cd035bba8e --- /dev/null +++ b/changes/bug26927 @@ -0,0 +1,4 @@ + o Minor bugfixes (logging): + - Improve the log message when connection initiators fail to authenticate + direct connections to relays. + Fixes bug 26927; bugfix on 0.3.0.1-alpha. diff --git a/changes/bug26932 b/changes/bug26932 new file mode 100644 index 0000000000..7d9481dcd3 --- /dev/null +++ b/changes/bug26932 @@ -0,0 +1,3 @@ + o Minor bugfixes (onion services): + - Fix bug that causes services to not ever rotate their descriptors if they + were getting SIGHUPed often. Fixes bug 26932; bugfix on 0.3.2.1-alpha.
\ No newline at end of file diff --git a/changes/bug27090 b/changes/bug27090 new file mode 100644 index 0000000000..3d119a9c30 --- /dev/null +++ b/changes/bug27090 @@ -0,0 +1,3 @@ + o Minor bugfixes (continuous integration): + - Build with zstd on macOS. + Fixes bug 27090; bugfix on 0.3.1.5-alpha. diff --git a/changes/bug27093 b/changes/bug27093 new file mode 100644 index 0000000000..6c097f1196 --- /dev/null +++ b/changes/bug27093 @@ -0,0 +1,3 @@ + o Minor bugfixes (rust): + - Consistently use ../../.. as a fallback for $abs_top_srcdir in + test_rust.sh. Fixes bug 27093; bugfix on 0.3.4.3-alpha. diff --git a/changes/bug27345 b/changes/bug27345 new file mode 100644 index 0000000000..d98f4afbcc --- /dev/null +++ b/changes/bug27345 @@ -0,0 +1,5 @@ + o Minor bugfixes (testing): + - When running make test-network-all, use the mixed+hs-v2 network. + (A previous fix to chutney removed v3 onion services from the + mixed+hs-v23 network, so seeing "mixed+hs-v23" in tests is + confusing.) Fixes bug 27345; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug8185_025 b/changes/bug8185_025 deleted file mode 100644 index 1bfc12b1e4..0000000000 --- a/changes/bug8185_025 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (logging, relay shutdown, annoyance): - - When a circuit is marked for close, do not attempt to package any cells - for channels on that circuit. Previously, we would detect this - condition lower in the call stack, when we noticed that the circuit had - no attached channel, and log an annoying message. Fixes bug 8185; - bugfix on 0.2.5.4-alpha. diff --git a/changes/feature18329 b/changes/feature18329 new file mode 100644 index 0000000000..1dabf50244 --- /dev/null +++ b/changes/feature18329 @@ -0,0 +1,9 @@ + o Minor features (bridge): + - Bridge relays can now set the BridgeDistribution config option to + add a "bridge-distribution-request" line to their bridge descriptor, + which tells BridgeDB how they'd like their bridge address to be + given out. (Note that as of Oct 2017, BridgeDB does not yet implement + this feature.) As a side benefit, this feature provides a way + to distinguish bridge descriptors from non-bridge descriptors. + Implements tickets 18329. + diff --git a/changes/geoip-april2017 b/changes/geoip-april2017 deleted file mode 100644 index b489eaf016..0000000000 --- a/changes/geoip-april2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the April 4 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-august2017 b/changes/geoip-august2017 deleted file mode 100644 index 2dab18a63f..0000000000 --- a/changes/geoip-august2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the August 3 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-december2016 b/changes/geoip-december2016 deleted file mode 100644 index 60754ea21d..0000000000 --- a/changes/geoip-december2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-february2017 b/changes/geoip-february2017 deleted file mode 100644 index ec54b6122a..0000000000 --- a/changes/geoip-february2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-january2017 b/changes/geoip-january2017 deleted file mode 100644 index 77bc9a5991..0000000000 --- a/changes/geoip-january2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-july2017 b/changes/geoip-july2017 deleted file mode 100644 index ed10369f1b..0000000000 --- a/changes/geoip-july2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the July 4 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-june2017 b/changes/geoip-june2017 deleted file mode 100644 index 2ea7bf105e..0000000000 --- a/changes/geoip-june2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the June 8 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-march2017 b/changes/geoip-march2017 deleted file mode 100644 index 6dc92baa2f..0000000000 --- a/changes/geoip-march2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the March 7 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-may2017 b/changes/geoip-may2017 deleted file mode 100644 index 4e504d7a0a..0000000000 --- a/changes/geoip-may2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-november2016 b/changes/geoip-november2016 deleted file mode 100644 index b3f9913bb1..0000000000 --- a/changes/geoip-november2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (ge0oip): - - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-september2017 b/changes/geoip-september2017 deleted file mode 100644 index be01ff9521..0000000000 --- a/changes/geoip-september2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/hsdescv3_fuzz_more b/changes/hsdescv3_fuzz_more new file mode 100644 index 0000000000..25626bb9a4 --- /dev/null +++ b/changes/hsdescv3_fuzz_more @@ -0,0 +1,3 @@ + o Minor features (testing): + - Our fuzzing tests now test the encrypted portions of the + v3 hidden service descriptors. Implements more of 21509. diff --git a/changes/longclaw-ipv6 b/changes/longclaw-ipv6 deleted file mode 100644 index 75899c9d07..0000000000 --- a/changes/longclaw-ipv6 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (directory authorities): - - Remove longclaw's IPv6 address, as it will soon change. - Authority IPv6 addresses were originally added in 0.2.8.1-alpha. - This leaves 3/8 directory authorities with IPv6 addresses, but there - are also 52 fallback directory mirrors with IPv6 addresses. - Resolves 19760. diff --git a/changes/more_module_docs b/changes/more_module_docs deleted file mode 100644 index 0066ddfcf0..0000000000 --- a/changes/more_module_docs +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Module-level documentation for several more modules. Closes tickets - 19287 and - 19290. diff --git a/changes/prop275-minimal b/changes/prop275-minimal deleted file mode 100644 index 83d42f850b..0000000000 --- a/changes/prop275-minimal +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (future-proofing): - - - Tor no longer refuses to download microdescriptors or descriptors if - they are listed as "published in the future". This change will - eventually allow us to stop listing meaningful "published" dates - in microdescriptor consensuses, and thereby allow us to reduce the - resources required to download consensus diffs by over 50%. - Implements part of ticket 21642; implements part of proposal 275. - diff --git a/changes/stack b/changes/stack new file mode 100644 index 0000000000..ffdf536cb9 --- /dev/null +++ b/changes/stack @@ -0,0 +1,7 @@ + o Minor bugfixes (correctness): + - Fix several places in our codebase where a C compiler would be likely + to eliminate a check, based on assuming that undefined behavior had not + happened elsewhere in the code. These cases are usually a sign of + redundant checking, or dubious arithmetic. Found by Georg Koppen using + the "STACK" tool from Wang, Zeldovich, Kaashoek, and + Solar-Lezama. Fixes bug 24423; bugfix on various Tor versions. diff --git a/changes/ticket19769 b/changes/ticket19769 deleted file mode 100644 index 9fc05c3e9e..0000000000 --- a/changes/ticket19769 +++ /dev/null @@ -1,7 +0,0 @@ - o Major features (security): - - Change the algorithm used to decide DNS TTLs on client and server side, - to better resist DNS-based correlation attacks like the DefecTor attack - of Greschbach, Pulls, Roberts, Winter, and Feamster). Now - relays only return one of two possible DNS TTL values, and clients - are willing to believe DNS TTL values up to 3 hours long. - Closes ticket 19769. diff --git a/changes/ticket20170-v3 b/changes/ticket20170-v3 deleted file mode 100644 index d634e72053..0000000000 --- a/changes/ticket20170-v3 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (fallback directory list): - - Replace the 81 remaining fallbacks of the 100 originally introduced - in Tor 0.2.8.3-alpha in March 2016, with a list of 177 fallbacks - (123 new, 54 existing, 27 removed) generated in December 2016. - Resolves ticket 20170. diff --git a/changes/ticket21031 b/changes/ticket21031 new file mode 100644 index 0000000000..b081fb018f --- /dev/null +++ b/changes/ticket21031 @@ -0,0 +1,7 @@ + o Minor features (removed deprecations): + - The ClientDNSRejectInternalAddresses flag can once again be set in + non-testing Tor networks, so long as they do not use the default + directory authorities. + This change also removes the deprecation of this + flag in 0.2.9.2-alpha. Closes ticket 21031. + diff --git a/changes/ticket21564 b/changes/ticket21564 deleted file mode 100644 index 7e01f41f8f..0000000000 --- a/changes/ticket21564 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (fallback directory list): - - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in - December 2016 (of which ~126 were still functional), with a list of - 151 fallbacks (32 new, 119 existing, 58 removed) generated in - May 2017. - Resolves ticket 21564. diff --git a/changes/ticket21953 b/changes/ticket21953 deleted file mode 100644 index 7cc84f506d..0000000000 --- a/changes/ticket21953 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features: - - Enable a couple of pieces of Windows hardening: one - (HeapEnableTerminationOnCorruption) that has been on-by-default since - Windows 8, and unavailable before Windows 7, and one - (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't - affect us, but shouldn't do any harm. Closes ticket 21953. diff --git a/changes/ticket22895 b/changes/ticket22895 deleted file mode 100644 index a3f7b86019..0000000000 --- a/changes/ticket22895 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix unused variable warnings in donna's Curve25519 SSE2 code. - Fixes bug 22895; bugfix on 0.2.7.2-alpha. diff --git a/changes/ticket23637 b/changes/ticket23637 new file mode 100644 index 0000000000..0c524f34c3 --- /dev/null +++ b/changes/ticket23637 @@ -0,0 +1,5 @@ + o Minor features (directory authority): + - Make the "Exit" flag assignment only depend on whether the exit + policy allows connections to ports 80 and 443. Previously relays + would get the Exit flag if they allowed connections to one of + these ports and also port 6667. Resolves ticket 23637. diff --git a/changes/ticket24097 b/changes/ticket24097 new file mode 100644 index 0000000000..36547a8ddb --- /dev/null +++ b/changes/ticket24097 @@ -0,0 +1,4 @@ + o Minor features (logging): + - Downgrade a pair of log messages that could occur when an exit's + resolver gave us an unusual (but not forbidden) response. + Closes ticket 24097. diff --git a/changes/ticket24109 b/changes/ticket24109 new file mode 100644 index 0000000000..f66271817d --- /dev/null +++ b/changes/ticket24109 @@ -0,0 +1,4 @@ + o Minor features (integration tests): + - Test that IPv6-only clients can use microdescriptors when running + "make test-network-all". Requires chutney master 61c28b9 or later. + Closes ticket 24109. diff --git a/changes/ticket24158 b/changes/ticket24158 new file mode 100644 index 0000000000..3cdc06afae --- /dev/null +++ b/changes/ticket24158 @@ -0,0 +1,3 @@ + o Minor bugfixes (logging): + Only log about no longer having KIST support once. Fixes bug 24158; bugfix + on 0.3.2 diff --git a/changes/ticket24254 b/changes/ticket24254 new file mode 100644 index 0000000000..98d5d6bacd --- /dev/null +++ b/changes/ticket24254 @@ -0,0 +1,3 @@ + o Documentation: + Add notes in man page regarding OS support for the various scheduler types. + Attempt to use less jargon in the scheduler section. Closes ticket 24254. diff --git a/changes/ticket24425 b/changes/ticket24425 new file mode 100644 index 0000000000..aa6f082bcc --- /dev/null +++ b/changes/ticket24425 @@ -0,0 +1,4 @@ + o Minor bugfixes (hidden service v3): + - Bump hsdir_spread_store parameter from 3 to 4 in order to increase the + probability of reaching a service for a client missing microdescriptors. + Fixes bug 24425; bugfix on 0.3.2.1-alpha. diff --git a/changes/ticket24500 b/changes/ticket24500 new file mode 100644 index 0000000000..b49b7a5551 --- /dev/null +++ b/changes/ticket24500 @@ -0,0 +1,3 @@ + o Minor features (logging): + - Provide better warnings when the getrandom() syscall fails. + Closes ticket 24500. diff --git a/changes/ticket25323 b/changes/ticket25323 new file mode 100644 index 0000000000..836825de5d --- /dev/null +++ b/changes/ticket25323 @@ -0,0 +1,4 @@ + o Code simplification and refactoring: + - Update the "rust dependencies" submodule to be an project-level + repository, rather than a user repository. Closes ticket 25323. + diff --git a/changes/ticket25714 b/changes/ticket25714 new file mode 100644 index 0000000000..63823fc6ca --- /dev/null +++ b/changes/ticket25714 @@ -0,0 +1,4 @@ + o Minor feature (continuous integration): + - Update the Travis CI configuration to use the stable Rust + channel, now that we have decided to require that. Closes + ticket 25714. diff --git a/changes/ticket26647 b/changes/ticket26647 new file mode 100644 index 0000000000..1c2e917c6d --- /dev/null +++ b/changes/ticket26647 @@ -0,0 +1,4 @@ + o Minor features (controller): + - The control port now exposes the list of HTTPTunnelPorts and + ExtOrPorts via GETINFO net/listeners/httptunnel and net/listeners/extor + respectively. Closes ticket 26647. diff --git a/changes/ticket26952-cargo b/changes/ticket26952-cargo new file mode 100644 index 0000000000..e1efdfcd74 --- /dev/null +++ b/changes/ticket26952-cargo @@ -0,0 +1,3 @@ + o Minor features (continuous integration, rust): + - Use cargo cache in our Travis CI configuration. + Closes ticket 26952. diff --git a/changes/ticket27252-032 b/changes/ticket27252-032 new file mode 100644 index 0000000000..4752aedcf6 --- /dev/null +++ b/changes/ticket27252-032 @@ -0,0 +1,5 @@ + o Minor features (continuous integration): + - Only run one online rust build in Travis, to reduce network errors. + Skip offline rust builds on Travis for Linux gcc, because they're + redundant. + Implements ticket 27252. diff --git a/changes/trove-2017-001 b/changes/trove-2017-001 deleted file mode 100644 index 5187e6d5f1..0000000000 --- a/changes/trove-2017-001 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (security): - - Downgrade the "-ftrapv" option from "always on" to "only on when - --enable-expensive-hardening is provided." This hardening option, like - others, can turn survivable bugs into crashes--and having it on by - default made a (relatively harmless) integer overflow bug into a - denial-of-service bug. Fixes bug 21278 (TROVE-2017-001); bugfix on - 0.2.9.1-alpha. - diff --git a/changes/trove-2017-001.2 b/changes/trove-2017-001.2 deleted file mode 100644 index 3ef073cf9f..0000000000 --- a/changes/trove-2017-001.2 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (parsing): - - Fix an integer underflow bug when comparing malformed Tor versions. - This bug is harmless, except when Tor has been built with - --enable-expensive-hardening, which would turn it into a crash; - or on Tor 0.2.9.1-alpha through Tor 0.2.9.8, which were built with - -ftrapv by default. - Part of TROVE-2017-001. Fixes bug 21278; bugfix on - 0.0.8pre1. Found by OSS-Fuzz. diff --git a/changes/trove-2017-005 b/changes/trove-2017-005 deleted file mode 100644 index cebb013f86..0000000000 --- a/changes/trove-2017-005 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (hidden service, relay, security): - - Fix an assertion failure caused by receiving a BEGIN_DIR cell on - a hidden service rendezvous circuit. Fixes bug 22494, tracked as - TROVE-2017-005 and CVE-2017-0376; bugfix on 0.2.2.1-alpha. Found - by armadev. - - diff --git a/changes/trove-2017-008 b/changes/trove-2017-008 deleted file mode 100644 index 4b9c5b0a12..0000000000 --- a/changes/trove-2017-008 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (security, hidden services, loggging): - - Fix a bug where we could log uninitialized stack when a certain - hidden service error occurred while SafeLogging was disabled. - Fixes bug #23490; bugfix on 0.2.7.2-alpha. - This is also tracked as TROVE-2017-008 and CVE-2017-0380. diff --git a/changes/trove-2017-012-part2 b/changes/trove-2017-012-part2 new file mode 100644 index 0000000000..ed994c5b02 --- /dev/null +++ b/changes/trove-2017-012-part2 @@ -0,0 +1,5 @@ + o Major bugfixes (security, relay): + - When running as a relay, make sure that we never ever choose ourselves + as a guard. Previously, this was possible. Fixes part of bug 21534; + bugfix on 0.3.0.1-alpha. This issue is also tracked as TROVE-2017-012 + and CVE-2017-8822. |