diff options
Diffstat (limited to 'changes')
119 files changed, 481 insertions, 26 deletions
diff --git a/changes/27286 b/changes/27286 new file mode 100644 index 0000000000..5f5f7a4ae7 --- /dev/null +++ b/changes/27286 @@ -0,0 +1,4 @@ + o Minor features (directory authorities): + - Authorities no longer vote to make the subprotocol version "LinkAuth=1" + a requirement: it is unsupportable with NSS, and hasn't been needed + since Tor 0.3.0.1-alpha. Closes ticket 27286. diff --git a/changes/bug20424_029_minimal b/changes/bug20424_029_minimal new file mode 100644 index 0000000000..eb7886233e --- /dev/null +++ b/changes/bug20424_029_minimal @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation): + - When compiling with --enable-openbsd-malloc or --enable-tcmalloc, tell + the compiler not to include the system malloc implementation. Fixes bug + 20424; bugfix on 0.2.0.20-rc. diff --git a/changes/bug21394.2 b/changes/bug21394.2 deleted file mode 100644 index b580d2a786..0000000000 --- a/changes/bug21394.2 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfix (Exit node DNS retries): - - Re-attempt timed-out DNS queries 3 times before failure, since our - timeout is 5 seconds for them, but clients wait 10-15. Also allow - slightly more timeouts per resolver before giving up on it in the - case where an exit has multiple resolvers configured. Fixes bug 21394; - bugfix on 0.3.1.9. - diff --git a/changes/bug23681 b/changes/bug23681 deleted file mode 100644 index e317f36d50..0000000000 --- a/changes/bug23681 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (hidden service client): - - The introduction circuit was being timed out too quickly while waiting - for the rendezvous circuit to complete. Keep the intro circuit around - longer instead of timing out and reopening new ones constantly. Fixes - bug 23681; bugfix on 0.2.4.8-alpha. diff --git a/changes/bug24891 b/changes/bug24891 new file mode 100644 index 0000000000..403b2b1123 --- /dev/null +++ b/changes/bug24891 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation): + - Refrain from compiling unit testing related object files + when --disable-unittests is set to configure script. + Fixes bug 24891; bugfix on 0.2.5.1-alpha. diff --git a/changes/bug24903 b/changes/bug24903 deleted file mode 100644 index 01c9b53f23..0000000000 --- a/changes/bug24903 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (controller, reliability): - - Avoid a (nonfatal) assertion failure when extending a one-hop circuit - from the controller to become a multihop circuit. Fixes bug 24903; - bugfix on 0.2.5.2-alpha. - diff --git a/changes/bug24977 b/changes/bug24977 new file mode 100644 index 0000000000..f8127a2a73 --- /dev/null +++ b/changes/bug24977 @@ -0,0 +1,5 @@ + o Minor bugfixes (onion services): + - Recompute some consensus information after clock skews or when we + transition from a non-live consensus to a live consensus. We do this to + avoid having an outdated state which could impact next-generation onion + services. Fixes bug 24977; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug25113 b/changes/bug25113 deleted file mode 100644 index 4a020b784d..0000000000 --- a/changes/bug25113 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (unit test, monotonic time): - - Bump a gap of 1msec to 10msec used in the monotonic time test that makes - sure the nsec/usec/msec time read are synchronized. This change was - needed to accommodate slow system like armel or when the clock_gettime() - is not a VDSO on the running kernel. Fixes bug 25113; bugfix on 0.2.9.1. diff --git a/changes/bug25116 b/changes/bug25116 deleted file mode 100644 index b3e73feeaa..0000000000 --- a/changes/bug25116 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (hidden service, heartbeat): - - Don't log in the heartbeat any long term established one hop rendezvous - points if tor is a single onion service. Fixes bug 25116; bugfix on - 0.2.9.6-rc; diff --git a/changes/bug25440 b/changes/bug25440 new file mode 100644 index 0000000000..f8d9dd4fab --- /dev/null +++ b/changes/bug25440 @@ -0,0 +1,5 @@ + o Minor bugfixes (linux seccomp2 sandbox): + - Fix a bug in out sandboxing rules for the openat() syscall. + Previously, no openat() call would be permitted, which would break + filesystem operations on recent glibc versions. Fixes bug 25440; + bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto. diff --git a/changes/bug25505 b/changes/bug25505 new file mode 100644 index 0000000000..101c7d5246 --- /dev/null +++ b/changes/bug25505 @@ -0,0 +1,3 @@ + o Minor bugfixes (netflow padding): + - Ensure circuitmux queues are empty before scheduling or sending padding. + Fixes bug 25505; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug25686_diagnostic b/changes/bug25686_diagnostic new file mode 100644 index 0000000000..96323145d8 --- /dev/null +++ b/changes/bug25686_diagnostic @@ -0,0 +1,4 @@ + o Minor features (relay, diagnostic): + - Add several checks to detect whether Tor relays are uploading their + descriptors without specifying why they regenerated. Diagnostic for + ticket 25686. diff --git a/changes/bug25787 b/changes/bug25787 new file mode 100644 index 0000000000..3041e8a603 --- /dev/null +++ b/changes/bug25787 @@ -0,0 +1,7 @@ + o Minor bugfixes (testing): + - Instead of trying to read the geoip configuration files from within the + unit tests, instead create our own ersatz files with just enough + geoip data in the format we expect. Trying to read from the source + directory created problems on Windows with mingw, where the + build system's paths are not the same as the platform's paths. + Fixes bug 25787; bugfix on 0.3.4.1-alpha. diff --git a/changes/bug26158 b/changes/bug26158 new file mode 100644 index 0000000000..0d74cf1167 --- /dev/null +++ b/changes/bug26158 @@ -0,0 +1,5 @@ + o Minor bugfixes (relay): + - Relays now correctly block attempts to re-extend to the previous + relay by Ed25519 identity. Previously they would warn in this case, + but not actually reject the attempt. Fixes bug 26158; bugfix on + 0.3.0.1-alpha. diff --git a/changes/bug26196 b/changes/bug26196 new file mode 100644 index 0000000000..e63f09a2d6 --- /dev/null +++ b/changes/bug26196 @@ -0,0 +1,7 @@ + o Minor bugfixes (testing, compilation): + - Refrain from trying to get an item from empty smartlist in + test_bridges_clear_bridge_list. Set DEBUG_SMARTLIST in unit + tests to catch improper smartlist usage. Furthermore, + enable DEBUG_SMARTLIST globally when build is configured + with fragile hardening. Fixes bug 26196; bugfix on + 0.3.4.1-alpha. diff --git a/changes/bug26214 b/changes/bug26214 new file mode 100644 index 0000000000..4277b9c6ec --- /dev/null +++ b/changes/bug26214 @@ -0,0 +1,3 @@ + o Minor bugfixes (correctness, flow control): + - Upon receiving a stream-level SENDME cell, verify that our window has + not grown too large. Fixes bug 26214; bugfix on svn r54 (pre-0.0.1) diff --git a/changes/bug26245 b/changes/bug26245 new file mode 100644 index 0000000000..7a14cea0bc --- /dev/null +++ b/changes/bug26245 @@ -0,0 +1,3 @@ + o Minor features (compilation): + o The --enable-fatal-warnings flag now affects Rust code as well. + Closes ticket 26245. diff --git a/changes/bug26258_033 b/changes/bug26258_033 new file mode 100644 index 0000000000..ceca383335 --- /dev/null +++ b/changes/bug26258_033 @@ -0,0 +1,4 @@ + o Major bugfixes (rust, testing): + - Fix a bug where a failure in the rust unit tests would not actually + cause the build to fail. Fixes bug 26258; bugfix on 0.3.3.4-alpha. + diff --git a/changes/bug26269 b/changes/bug26269 new file mode 100644 index 0000000000..73dcdbf5c5 --- /dev/null +++ b/changes/bug26269 @@ -0,0 +1,5 @@ + o Minor bugfixes (compilation): + - Fix a compilation warning on some versions of GCC when + building code that calls routerinfo_get_my_routerinfo() twice, + assuming that the second call will succeed if the first one did. + Fixes bug 26269; bugfix on 0.2.8.2-alpha. diff --git a/changes/bug26402 b/changes/bug26402 new file mode 100644 index 0000000000..b21283a2d2 --- /dev/null +++ b/changes/bug26402 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation): + - When linking the libtor_testing.a library, only include the dirauth + object files once. Previously, they were getting added twice. + Fixes bug 26402; bugfix on 0.3.4.1-alpha. diff --git a/changes/bug26415 b/changes/bug26415 new file mode 100644 index 0000000000..497fbb7365 --- /dev/null +++ b/changes/bug26415 @@ -0,0 +1,3 @@ + o Minor bugfixes (testing): + - Fix compilation of the doctests in the Rust crypto crate. Fixes + bug 26415; bugfix on 0.3.4.1-alpha. diff --git a/changes/bug26435 b/changes/bug26435 new file mode 100644 index 0000000000..f66c503dd5 --- /dev/null +++ b/changes/bug26435 @@ -0,0 +1,5 @@ + o Major bugfixes (directory authority): + - Fix a memory leak where directory authorities would leak a chunk + of memory for every router descriptor every time they considered + voting. This bug was taking down directory authorities due to + out-of-memory issues. Fixes bug 26435; bugfix on 0.3.3.6. diff --git a/changes/bug26470 b/changes/bug26470 new file mode 100644 index 0000000000..854ec7ea72 --- /dev/null +++ b/changes/bug26470 @@ -0,0 +1,4 @@ + o Minor bugfixes (HTTP tunnel): + - Fix a bug warning when closing an HTTP tunnel connection due to + an HTTP request we couldn't handle. Fixes bug 26470; bugfix on + 0.3.2.1-alpha. diff --git a/changes/bug26485 b/changes/bug26485 new file mode 100644 index 0000000000..5a40b7a78e --- /dev/null +++ b/changes/bug26485 @@ -0,0 +1,4 @@ + o Minor bugfixes (directory authority): + - When voting for recommended versions, make sure that all of the + versions are well-formed and parsable. Fixes bug 26485; bugfix on + 0.1.1.6-alpha. diff --git a/changes/bug26497 b/changes/bug26497 new file mode 100644 index 0000000000..d0c05ff3e4 --- /dev/null +++ b/changes/bug26497 @@ -0,0 +1,3 @@ + o Minor bugfixes (rust): + - Stop setting $CARGO_HOME. cargo will use the user's $CARGO_HOME, or + $HOME/.cargo by default. Fixes bug 26497; bugfix on 0.3.1.5-alpha. diff --git a/changes/bug26497-backport b/changes/bug26497-backport new file mode 100644 index 0000000000..1d86e01bf3 --- /dev/null +++ b/changes/bug26497-backport @@ -0,0 +1,3 @@ + o Minor bugfixes (rust): + - Backport test_rust.sh from master. + Fixes bug 26497; bugfix on 0.3.1.5-alpha. diff --git a/changes/bug26497-cd b/changes/bug26497-cd new file mode 100644 index 0000000000..37bf1bc956 --- /dev/null +++ b/changes/bug26497-cd @@ -0,0 +1,4 @@ + o Minor bugfixes (rust): + - cd to ${abs_top_builddir}/src/rust before running cargo in + src/test/test_rust.sh. This makes the working directory consistent + between builds and tests. Fixes bug 26497; bugfix on 0.3.3.2-alpha. diff --git a/changes/bug26523 b/changes/bug26523 new file mode 100644 index 0000000000..a739d240e9 --- /dev/null +++ b/changes/bug26523 @@ -0,0 +1,5 @@ + o Minor bugfixes (hidden service, control port): + - The HSPOST command wasn't parsing properly the HSADDRESS= parameter and + thus not using it. It now handles it correctly. Fixes bug 26523; bugfix on + 0.3.3.1-alpha. Patch by "akwizgran". + diff --git a/changes/bug26535.029 b/changes/bug26535.029 new file mode 100644 index 0000000000..111b539f17 --- /dev/null +++ b/changes/bug26535.029 @@ -0,0 +1,5 @@ + o Minor bugfixes (testing, compatibility): + - When running the ntor_ref.py test, make sure only to pass strings + (rather than "bytes" objects) to the Python subprocess module. + Python 3 on Windows seems to require this. Fixes bug 26535; bugfix on + 0.2.5.5-alpha. diff --git a/changes/bug26535.032 b/changes/bug26535.032 new file mode 100644 index 0000000000..395d08d816 --- /dev/null +++ b/changes/bug26535.032 @@ -0,0 +1,5 @@ + o Minor bugfixes (testing, compatibility): + - When running the hs_ntor_ref.py test, make sure only to pass strings + (rather than "bytes" objects) to the Python subprocess module. + Python 3 on Windows seems to require this. Fixes bug 26535; bugfix on + 0.3.1.1-alpha. diff --git a/changes/bug26568 b/changes/bug26568 new file mode 100644 index 0000000000..0c4c05d043 --- /dev/null +++ b/changes/bug26568 @@ -0,0 +1,3 @@ + o Minor bugfixes (controller): + - Report the port correctly when a port is configured to bind to "auto". + Fixes bug 26568; bugfix on 0.3.4.1-alpha. diff --git a/changes/bug26627 b/changes/bug26627 new file mode 100644 index 0000000000..d28bd05d53 --- /dev/null +++ b/changes/bug26627 @@ -0,0 +1,7 @@ + o Minor bugfixes (v3 onion services): + - Stop sending ed25519 link specifiers in v3 onion service introduce + cells, when the rendezvous point doesn't support ed25519 link + authentication. Fixes bug 26627; bugfix on 0.3.2.4-alpha. + - Stop putting ed25519 link specifiers in v3 onion service descriptors, + when the intro point doesn't support ed25519 link authentication. + Fixes bug 26627; bugfix on 0.3.2.4-alpha. diff --git a/changes/bug26779 b/changes/bug26779 new file mode 100644 index 0000000000..fb7f6160ea --- /dev/null +++ b/changes/bug26779 @@ -0,0 +1,4 @@ + o Minor features (bug workaround): + - Compile correctly on systems that provide the C11 stdatomic.h header, + but where C11 atomic functions don't actually compile. + Closes ticket 26779; workaround for Debian issue 903709. diff --git a/changes/bug26785 b/changes/bug26785 new file mode 100644 index 0000000000..e6392fcbdd --- /dev/null +++ b/changes/bug26785 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation, portability): + - Don't try to use a pragma to temporarily disable + -Wunused-const-variable if the compiler doesn't support it. + Fixes bug 26785; bugfix on 0.3.2.11. diff --git a/changes/bug26787 b/changes/bug26787 new file mode 100644 index 0000000000..b32e519a93 --- /dev/null +++ b/changes/bug26787 @@ -0,0 +1,3 @@ + o Minor bugfixes (testing): + - Disable core dumps in test_bt.sh, to avoid failures in "make + distcheck". Fixes bug 26787; bugfix on 0.2.5.2-alpha. diff --git a/changes/bug26789 b/changes/bug26789 new file mode 100644 index 0000000000..9b3520543d --- /dev/null +++ b/changes/bug26789 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation): + - Update build system so that tor builds again with + --disable-unittests after recent refactoring efforts. + Fixes bug 26789; bugfix on 0.3.4.3-alpha. diff --git a/changes/bug26830 b/changes/bug26830 new file mode 100644 index 0000000000..c002f19530 --- /dev/null +++ b/changes/bug26830 @@ -0,0 +1,3 @@ + o Minor bugfixes (continuous integration): + - Skip an unreliable key generation test on Windows, until the underlying + issue in bug 26076 is resolved. Fixes bug 26830; bugfix on 0.2.7.3-rc. diff --git a/changes/bug26853 b/changes/bug26853 new file mode 100644 index 0000000000..6ee47789b9 --- /dev/null +++ b/changes/bug26853 @@ -0,0 +1,3 @@ + o Minor bugfixes (continuous integration): + - Skip an unreliable key expiration test on Windows, until the underlying + issue in bug 26076 is resolved. Fixes bug 26853; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug26873 b/changes/bug26873 new file mode 100644 index 0000000000..565f8bf0b1 --- /dev/null +++ b/changes/bug26873 @@ -0,0 +1,4 @@ + o Minor bugfixes (portability): + - Fix compilation of the unit tests on GNU/Hurd, which does not + define PATH_MAX. Fixes bug 26873; bugfix on 0.3.3.1-alpha. + Patch from "paulusASol". diff --git a/changes/bug26876 b/changes/bug26876 new file mode 100644 index 0000000000..b661104236 --- /dev/null +++ b/changes/bug26876 @@ -0,0 +1,4 @@ + o Minor bugfixes (portability): + - Work around two different bugs in the OS X 10.10 and later SDKs that + would prevent us from successfully targeting earlier versions of OS X. + Fixes bug 26876; bugfix on 0.3.3.1-alpha. diff --git a/changes/bug26896 b/changes/bug26896 new file mode 100644 index 0000000000..9762dc7fac --- /dev/null +++ b/changes/bug26896 @@ -0,0 +1,3 @@ + o Minor bugfixes (directory connection shutdown): + - Avoid a double-close when shutting down a stalled directory connection. + Fixes bug 26896; bugfix on 0.3.4.1-alpha. diff --git a/changes/bug26924 b/changes/bug26924 new file mode 100644 index 0000000000..882db56b40 --- /dev/null +++ b/changes/bug26924 @@ -0,0 +1,4 @@ + o Minor bugfixes (single onion services, Tor2web): + - Log a protocol warning when single onion services or Tor2web clients + fail to authenticate direct connections to relays. + Fixes bug 26924; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug26927 b/changes/bug26927 new file mode 100644 index 0000000000..cd035bba8e --- /dev/null +++ b/changes/bug26927 @@ -0,0 +1,4 @@ + o Minor bugfixes (logging): + - Improve the log message when connection initiators fail to authenticate + direct connections to relays. + Fixes bug 26927; bugfix on 0.3.0.1-alpha. diff --git a/changes/bug26932 b/changes/bug26932 new file mode 100644 index 0000000000..7d9481dcd3 --- /dev/null +++ b/changes/bug26932 @@ -0,0 +1,3 @@ + o Minor bugfixes (onion services): + - Fix bug that causes services to not ever rotate their descriptors if they + were getting SIGHUPed often. Fixes bug 26932; bugfix on 0.3.2.1-alpha.
\ No newline at end of file diff --git a/changes/bug26948 b/changes/bug26948 new file mode 100644 index 0000000000..0f0728843f --- /dev/null +++ b/changes/bug26948 @@ -0,0 +1,4 @@ + o Minor bugfixes (in-process restart): + - Always call tor_free_all() when leaving tor_run_main(). When we + did not, restarting tor in-process would cause an assertion failure. + Fixes bug 26948; bugfix on 0.3.3.1-alpha. diff --git a/changes/bug26979 b/changes/bug26979 new file mode 100644 index 0000000000..e615207b74 --- /dev/null +++ b/changes/bug26979 @@ -0,0 +1,4 @@ + o Minor bugfixes (appveyor ci): + - Improve Appveyor CI IRC logging. Generate correct branches and URLs for + pull requests and tags. Use unambiguous short commits. + Fixes bug 26979; bugfix on master. diff --git a/changes/bug26994 b/changes/bug26994 new file mode 100644 index 0000000000..664894a7fc --- /dev/null +++ b/changes/bug26994 @@ -0,0 +1,3 @@ + o Minor bugfixes (portability): + - Avoid a compilation error in test_bwmgt.c on Solaris 10. + Fixes bug 26994; bugfix on 0.3.4.1-alpha. diff --git a/changes/bug27003 b/changes/bug27003 new file mode 100644 index 0000000000..4f2045afc7 --- /dev/null +++ b/changes/bug27003 @@ -0,0 +1,6 @@ + o Major bugfixes (event scheduler): + - When we enable a periodic event, schedule it in the event loop + rather than running it immediately. Previously, we would re-run + periodic events immediately in the middle of (for example) + changing our options, with unpredictable effects. Fixes bug + 27003; bugfix on 0.3.4.1-alpha. diff --git a/changes/bug27081 b/changes/bug27081 new file mode 100644 index 0000000000..74e0efbd29 --- /dev/null +++ b/changes/bug27081 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation, windows): + - Don't link or search for pthreads when building for Windows, even if we + are using build environment (like mingw) that provides a pthreads + library. Fixes bug 27081; bugfix on 0.1.0.1-rc. diff --git a/changes/bug27088 b/changes/bug27088 new file mode 100644 index 0000000000..d4d3b292c5 --- /dev/null +++ b/changes/bug27088 @@ -0,0 +1,5 @@ + o Minor bugfixes (continuous integration): + - Pass the module flags to distcheck configure, and + log the flags before running configure. (Backported + to 0.2.9 and later as a precaution.) + Fixes bug 27088; bugfix on 0.3.4.1-alpha. diff --git a/changes/bug27090 b/changes/bug27090 new file mode 100644 index 0000000000..3d119a9c30 --- /dev/null +++ b/changes/bug27090 @@ -0,0 +1,3 @@ + o Minor bugfixes (continuous integration): + - Build with zstd on macOS. + Fixes bug 27090; bugfix on 0.3.1.5-alpha. diff --git a/changes/bug27093 b/changes/bug27093 new file mode 100644 index 0000000000..6c097f1196 --- /dev/null +++ b/changes/bug27093 @@ -0,0 +1,3 @@ + o Minor bugfixes (rust): + - Consistently use ../../.. as a fallback for $abs_top_srcdir in + test_rust.sh. Fixes bug 27093; bugfix on 0.3.4.3-alpha. diff --git a/changes/bug27139 b/changes/bug27139 new file mode 100644 index 0000000000..0d1e3b4329 --- /dev/null +++ b/changes/bug27139 @@ -0,0 +1,14 @@ + o Minor bugfixes (32-bit OSX and iOS, timing): + - Fix an integer overflow bug in our optimized 32-bit millisecond- + difference algorithm for 32-bit Apple platforms. Previously, it + would overflow when calculating the difference between two times + more than 47 days apart. Fixes part of bug 27139; bugfix on + 0.3.4.1-alpha. + - Improve the precision of our 32-bit millisecond difference + algorithm for 32-bit Apple platforms. Fixes part of bug 27139; + bugfix on 0.3.4.1-alpha. + - Relax the tolerance on the mainloop/update_time_jumps test + when running on 32-bit Apple platforms. Fixes part of bug 27139; + bugfix on 0.3.4.1-alpha. + + diff --git a/changes/bug27164 b/changes/bug27164 new file mode 100644 index 0000000000..d04d2f28f4 --- /dev/null +++ b/changes/bug27164 @@ -0,0 +1,4 @@ + o Minor bugfixes (rust): + - Protover parsing was ignoring a 2nd hyphen and everything after it, + accepting entries like "Link=1-5-foo". Fixes bug 27164; bugfix on + 0.3.3.1-alpha. diff --git a/changes/bug27177 b/changes/bug27177 new file mode 100644 index 0000000000..b03bbc96ea --- /dev/null +++ b/changes/bug27177 @@ -0,0 +1,4 @@ + o Minor bugfixes (rust): + - Protover parsing was accepting the presence of whitespace in version + strings, which the C implementation would choke on, e.g. "Desc=1\t,2". + Fixes bug 27177; bugfix on 0.3.3.5-rc. diff --git a/changes/bug27185 b/changes/bug27185 new file mode 100644 index 0000000000..79221b3df4 --- /dev/null +++ b/changes/bug27185 @@ -0,0 +1,3 @@ + o Minor bugfixes (Windows, compilation): + - Silence a compilation warning on MSVC 2017 and clang-cl. + Fixes bug 27185; bugfix on 0.2.2.2-alpha. diff --git a/changes/bug27206 b/changes/bug27206 new file mode 100644 index 0000000000..c0fbbed702 --- /dev/null +++ b/changes/bug27206 @@ -0,0 +1,4 @@ + o Minor bugfixes (rust): + - protover_all_supported() would attempt to allocate up to 16GB on some + inputs, leading to a potential memory DoS. Fixes bug 27206; bugfix on + 0.3.3.5-rc. diff --git a/changes/bug27226 b/changes/bug27226 new file mode 100644 index 0000000000..9030773cd5 --- /dev/null +++ b/changes/bug27226 @@ -0,0 +1,5 @@ + o Minor bugfixes (testing, openssl compatibility): + - Our "tortls/cert_matches_key" unit test no longer relies on OpenSSL + internals. Previously, it relied on unsupported OpenSSL behavior in + a way that caused it to crash with OpenSSL 1.0.2p. Fixes bug 27226; + bugfix on 0.2.5.1-alpha. diff --git a/changes/bug27236 b/changes/bug27236 new file mode 100644 index 0000000000..76d792f4c9 --- /dev/null +++ b/changes/bug27236 @@ -0,0 +1,5 @@ + o Minor bugfixes (testing, bootstrap): + - When calculating bootstrap progress, check exit policies and the exit + flag. Previously, Tor would only check the exit flag, which caused + race conditions in small and fast networks like chutney. + Fixes bug 27236; bugfix on 0.2.6.3-alpha. diff --git a/changes/bug27295 b/changes/bug27295 new file mode 100644 index 0000000000..c5a364877a --- /dev/null +++ b/changes/bug27295 @@ -0,0 +1,3 @@ + o Minor bugfixes (testing, chutney): + - Before running make test-network-all, delete old logs and test result + files, to avoid spurious failures. Fixes bug 27295; bugfix on 0.2.7.3-rc. diff --git a/changes/bug27335 b/changes/bug27335 new file mode 100644 index 0000000000..dcc55a945a --- /dev/null +++ b/changes/bug27335 @@ -0,0 +1,4 @@ + o Minor bugfixes (hidden service v3): + - In case the hidden service directory can't be created or has wrong + permissions, do not BUG() on it which lead to a non fatal stacktrace. + Fixes bug 27335; bugfix on 0.3.2.1. diff --git a/changes/bug27344 b/changes/bug27344 new file mode 100644 index 0000000000..9f66855586 --- /dev/null +++ b/changes/bug27344 @@ -0,0 +1,4 @@ + o Minor features (compatibility): + - Tell OpenSSL to maintain backward compatibility with previous + RSA1024/DH1024 users in Tor. With OpenSSL 1.1.1-pre6, these ciphers + are disabled by default. Closes ticket 27344. diff --git a/changes/bug27345 b/changes/bug27345 new file mode 100644 index 0000000000..d98f4afbcc --- /dev/null +++ b/changes/bug27345 @@ -0,0 +1,5 @@ + o Minor bugfixes (testing): + - When running make test-network-all, use the mixed+hs-v2 network. + (A previous fix to chutney removed v3 onion services from the + mixed+hs-v23 network, so seeing "mixed+hs-v23" in tests is + confusing.) Fixes bug 27345; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug27418 b/changes/bug27418 new file mode 100644 index 0000000000..1d99497dc4 --- /dev/null +++ b/changes/bug27418 @@ -0,0 +1,3 @@ + o Minor bugfixes (continuous integration): + - When we use echo in Travis, don't pass a --flag as the first argument. + Fixes bug 27418; bugfix on 0.3.4.7-rc. diff --git a/changes/bug27453 b/changes/bug27453 new file mode 100644 index 0000000000..4501346d2c --- /dev/null +++ b/changes/bug27453 @@ -0,0 +1,3 @@ + o Minor bugfixes (continuous integration): + - When a Travis build fails, and showing a log fails, keep trying to + show the other logs. Fixes bug 27453; bugfix on 0.3.4.7-rc. diff --git a/changes/bug27460 b/changes/bug27460 new file mode 100644 index 0000000000..53c4c7daf3 --- /dev/null +++ b/changes/bug27460 @@ -0,0 +1,6 @@ + o Minor bugfixes (continuous integration): + - Disable gcc hardening in Appveyor Windows 64-bit builds. As of + August 29, 2018, Appveyor images come with gcc 8.2.0 by default. + 64-bit Windows executables compiled with gcc 8.2.0 and + tor's --enable-gcc-hardening crash. + Fixes bug 27460; bugfix on 0.3.4.1-alpha. diff --git a/changes/bug27461 b/changes/bug27461 new file mode 100644 index 0000000000..3571ee816a --- /dev/null +++ b/changes/bug27461 @@ -0,0 +1,5 @@ + o Minor bugfixes (compilation): + - Stop calling SetProcessDEPPolicy() on 64-bit Windows. It is not + supported, and always fails. Some compilers warn about the function + pointer cast on 64-bit Windows. + Fixes bug 27461; bugfix on 0.2.2.23-alpha. diff --git a/changes/bug27463 b/changes/bug27463 new file mode 100644 index 0000000000..073acdd997 --- /dev/null +++ b/changes/bug27463 @@ -0,0 +1,3 @@ + o Minor bugfixes (onion services): + - Silence a spurious compiler warning in rend_client_send_introduction(). + Fixes bug 27463; bugfix on 0.1.1.2-alpha. diff --git a/changes/bug27464 b/changes/bug27464 new file mode 100644 index 0000000000..9dedd06f41 --- /dev/null +++ b/changes/bug27464 @@ -0,0 +1,3 @@ + o Minor bugfixes (continuous integration): + - Stop reinstalling identical packages in our Windows CI. + Fixes bug 27464; bugfix on 0.3.4.1-alpha. diff --git a/changes/bug27465 b/changes/bug27465 new file mode 100644 index 0000000000..743b35130f --- /dev/null +++ b/changes/bug27465 @@ -0,0 +1,5 @@ + o Minor bugfixes (compilation): + - Silence a spurious compiler warning on the GetAdaptersAddresses + function pointer cast. This issue is already fixed by 26481 in + 0.3.5 and later, by removing the lookup and cast. + Fixes bug 27465; bugfix on 0.2.3.11-alpha. diff --git a/changes/bug27649 b/changes/bug27649 new file mode 100644 index 0000000000..55bfc3a842 --- /dev/null +++ b/changes/bug27649 @@ -0,0 +1,4 @@ + o Minor bugfixes (rust): + - The protover rewrite in 24031 allowed repeated votes from the same + voter for the same protocol version to be counted multiple times in + protover_compute_vote(). Fixes bug 27649; bugfix on 0.3.3.5-rc. diff --git a/changes/bug27687 b/changes/bug27687 new file mode 100644 index 0000000000..8b7903b63e --- /dev/null +++ b/changes/bug27687 @@ -0,0 +1,4 @@ + o Minor bugfixes (rust): + - protover parsed and accepted unknown protocol names containing invalid + characters outside the range [A-Za-z0-9-]. Fixes bug 27687; bugfix on + 0.3.3.1-alpha. diff --git a/changes/bug27708 b/changes/bug27708 new file mode 100644 index 0000000000..d283b19515 --- /dev/null +++ b/changes/bug27708 @@ -0,0 +1,4 @@ + o Major bugfixes (restart-in-process): + - Fix a use-after-free error that could be caused by passing Tor an + impossible set of options that would fail during options_act(). + Fixes bug 27708; bugfix on 0.3.3.1-alpha. diff --git a/changes/bug27740 b/changes/bug27740 new file mode 100644 index 0000000000..76a17b7dda --- /dev/null +++ b/changes/bug27740 @@ -0,0 +1,4 @@ + o Minor bugfixes (rust): + - Return a string that can be safely freed by C code, not one created by + the rust allocator, in protover_all_supported(). Fixes bug 27740; bugfix + on 0.3.3.1-alpha. diff --git a/changes/bug27741 b/changes/bug27741 new file mode 100644 index 0000000000..531e264b63 --- /dev/null +++ b/changes/bug27741 @@ -0,0 +1,5 @@ + o Minor bugfixes (rust, directory authority): + - Fix an API mismatch in the rust implementation of + protover_compute_vote(). This bug could have caused crashes on any + directory authorities running Tor with Rust (which we do not yet + recommend). Fixes bug 27741; bugfix on 0.3.3.6. diff --git a/changes/bug27750 b/changes/bug27750 new file mode 100644 index 0000000000..c234788b1c --- /dev/null +++ b/changes/bug27750 @@ -0,0 +1,6 @@ + o Minor bugfixes (connection, relay): + - Avoid a wrong BUG() stacktrace in case a closing connection is being held + open because the write side is rate limited but not the read side. Now, + the connection read side is simply shutdown instead of kept open until tor + is able to flush the connection and then fully close it. Fixes bug 27750; + bugfix on 0.3.4.1-alpha. diff --git a/changes/bug27781 b/changes/bug27781 new file mode 100644 index 0000000000..44d838af8a --- /dev/null +++ b/changes/bug27781 @@ -0,0 +1,4 @@ + o Major bugfixes (compilation): + - Fix compilation on arm (and other less-used CPUs) + when compiling with OpenSSL before 1.1. Fixes bug 27781; + bugfix on 0.3.4.1-alpha. diff --git a/changes/bug27800 b/changes/bug27800 new file mode 100644 index 0000000000..63d5dbc681 --- /dev/null +++ b/changes/bug27800 @@ -0,0 +1,4 @@ + o Minor bugfixes (directory authority): + - Log additional info when we get a relay that shares an ed25519 + ID with a different relay, instead making a BUG() warning. + Fixes bug 27800; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug27804 b/changes/bug27804 new file mode 100644 index 0000000000..fa7fec0bc5 --- /dev/null +++ b/changes/bug27804 @@ -0,0 +1,3 @@ + o Minor bugfixes (rust): + - Fix a potential null dereference in protover_all_supported(). + Add a test for it. Fixes bug 27804; bugfix on 0.3.3.1-alpha. diff --git a/changes/bug28399 b/changes/bug28399 new file mode 100644 index 0000000000..9096db70b0 --- /dev/null +++ b/changes/bug28399 @@ -0,0 +1,4 @@ + o Minor bugfixes (continuous integration, Windows): + - Stop using an external OpenSSL install, and stop installing MSYS2 + packages, when building using mingw on Appveyor Windows CI. + Fixes bug 28399; bugfix on 0.3.4.1-alpha. diff --git a/changes/bug28419 b/changes/bug28419 new file mode 100644 index 0000000000..52ceb0a2a7 --- /dev/null +++ b/changes/bug28419 @@ -0,0 +1,3 @@ + o Minor bugfixes (memory leaks): + - Fix a harmless memory leak in libtorrunner.a. Fixes bug 28419; + bugfix on 0.3.3.1-alpha. Patch from Martin Kepplinger.
\ No newline at end of file diff --git a/changes/bug28454 b/changes/bug28454 new file mode 100644 index 0000000000..ca46ae2777 --- /dev/null +++ b/changes/bug28454 @@ -0,0 +1,4 @@ + o Minor bugfixes (continuous integration, Windows): + - Manually configure the zstd compiler options, when building using + mingw on Appveyor Windows CI. The MSYS2 mingw zstd package does not + come with a pkg-config file. Fixes bug 28454; bugfix on 0.3.4.1-alpha. diff --git a/changes/bug28554 b/changes/bug28554 new file mode 100644 index 0000000000..9a0b281406 --- /dev/null +++ b/changes/bug28554 @@ -0,0 +1,3 @@ + o Minor bugfixes (unit tests, guard selection): + - Stop leaking memory in an entry guard unit test. Fixes bug 28554; + bugfix on 0.3.0.1-alpha. diff --git a/changes/bug28619 b/changes/bug28619 new file mode 100644 index 0000000000..86be8cb2fb --- /dev/null +++ b/changes/bug28619 @@ -0,0 +1,6 @@ + o Minor bugfixes (hidden service v3): + - When deleting an ephemeral onion service (DEL_ONION), do not close any + rendezvous circuits in order to let the existing client connections + finish by themselves or closed by the application. The HS v2 is doing + that already so now we have the same behavior for all versions. Fixes + bug 28619; bugfix on 0.3.3.1-alpha. diff --git a/changes/bug29244 b/changes/bug29244 new file mode 100644 index 0000000000..6206a95463 --- /dev/null +++ b/changes/bug29244 @@ -0,0 +1,4 @@ + o Minor bugfixes (build, compatibility): + - Update Cargo.lock file to match the version made by the latest + version of Rust, so that "make distcheck" will pass again. + Fixes bug 29244; bugfix on 0.3.3.4-alpha. diff --git a/changes/feature26372_029 b/changes/feature26372_029 new file mode 100644 index 0000000000..150ac30555 --- /dev/null +++ b/changes/feature26372_029 @@ -0,0 +1,4 @@ + o Minor features (compilation): + + - When building Tor, prefer to use Python 3 over Python 2, and more + recent (contemplated) versions over older ones. Closes ticket 26372. diff --git a/changes/geoip-2018-07-03 b/changes/geoip-2018-07-03 new file mode 100644 index 0000000000..e921d63c99 --- /dev/null +++ b/changes/geoip-2018-07-03 @@ -0,0 +1,4 @@ + o Minor features (geoip): + - Update geoip and geoip6 to the July 3 2018 Maxmind GeoLite2 + Country database. Closes ticket 26674. + diff --git a/changes/geoip-2018-08-07 b/changes/geoip-2018-08-07 new file mode 100644 index 0000000000..9ddbe7b1b2 --- /dev/null +++ b/changes/geoip-2018-08-07 @@ -0,0 +1,4 @@ + o Minor features (geoip): + - Update geoip and geoip6 to the August 7 2018 Maxmind GeoLite2 + Country database. Closes ticket 27089. + diff --git a/changes/rust_cross b/changes/rust_cross new file mode 100644 index 0000000000..d490403a28 --- /dev/null +++ b/changes/rust_cross @@ -0,0 +1,2 @@ + o Minor feature (Rust, portability): + - Rust cross-compilation is now supported. Closes ticket 25895. diff --git a/changes/task26771 b/changes/task26771 new file mode 100644 index 0000000000..fd700900f7 --- /dev/null +++ b/changes/task26771 @@ -0,0 +1,4 @@ + o Directory authority changes: + - The "Bifroest" bridge authority has been retired; the new bridge + authority is "Serge", and it is operated by George from the + TorBSD project. Closes ticket 26771. diff --git a/changes/ticket24629 b/changes/ticket24629 new file mode 100644 index 0000000000..482c0a1a6d --- /dev/null +++ b/changes/ticket24629 @@ -0,0 +1,3 @@ + o Minor features (continuous integration): + - Enable macOS builds in our Travis CI configuration. + Closes ticket 24629. diff --git a/changes/ticket24629-backport b/changes/ticket24629-backport new file mode 100644 index 0000000000..dfbc465634 --- /dev/null +++ b/changes/ticket24629-backport @@ -0,0 +1,3 @@ + o Minor features (continuous integration): + - Backport Travis rust distcheck to 0.3.3. + Closes ticket 24629. diff --git a/changes/ticket25573 b/changes/ticket25573 new file mode 100644 index 0000000000..9939601b50 --- /dev/null +++ b/changes/ticket25573 @@ -0,0 +1,5 @@ + o Minor features (controller): + - For purposes of CIRC_BW-based dropped cell detection, track half-closed + stream ids, and allow their ENDs, SENDMEs, DATA and path bias check + cells to arrive without counting it as dropped until either the END arrvies, + or the windows are empty. Closes ticket 25573. diff --git a/changes/ticket25947 b/changes/ticket25947 new file mode 100644 index 0000000000..68559a73f8 --- /dev/null +++ b/changes/ticket25947 @@ -0,0 +1,4 @@ + o Minor feature (unit tests): + - Test complete bandwidth measurements files and test that incomplete lines + only give warnings when the end of the header has not been + detected. Fixes bug 25947; bugfix on 0.2.2.1-alpha diff --git a/changes/ticket25960 b/changes/ticket25960 new file mode 100644 index 0000000000..0d1be2119b --- /dev/null +++ b/changes/ticket25960 @@ -0,0 +1,5 @@ + o Minor feature (directory authorities): + - Stop warning about incomplete bw lines before the first complete bw line + has been found, so that additional header lines can be ignored. + Fixes bug 25960; bugfix on 0.2.2.1-alpha + diff --git a/changes/ticket26467 b/changes/ticket26467 new file mode 100644 index 0000000000..45883786c2 --- /dev/null +++ b/changes/ticket26467 @@ -0,0 +1,3 @@ + o Minor bugfixes (memory, correctness): + - Fix a number of small memory leaks identified by coverity. Fixes + bug 26467; bugfix on numerous Tor versions. diff --git a/changes/ticket26560 b/changes/ticket26560 new file mode 100644 index 0000000000..5b4fb1bfe7 --- /dev/null +++ b/changes/ticket26560 @@ -0,0 +1,3 @@ + o Minor features (continuous integration): + - Install libcap-dev and libseccomp2-dev so these optional + dependencies get tested on Travis CI. Closes ticket 26560. diff --git a/changes/ticket26647 b/changes/ticket26647 new file mode 100644 index 0000000000..1c2e917c6d --- /dev/null +++ b/changes/ticket26647 @@ -0,0 +1,4 @@ + o Minor features (controller): + - The control port now exposes the list of HTTPTunnelPorts and + ExtOrPorts via GETINFO net/listeners/httptunnel and net/listeners/extor + respectively. Closes ticket 26647. diff --git a/changes/ticket26913 b/changes/ticket26913 new file mode 100644 index 0000000000..d6555764ec --- /dev/null +++ b/changes/ticket26913 @@ -0,0 +1,7 @@ + o Minor bugfixes (directory permissions): + - When a user requests a group-readable DataDirectory, give it to + them. Previously, when the DataDirectory and the CacheDirectory + were the same, the default setting (0) for + CacheDirectoryGroupReadable would always override the setting for + DataDirectoryGroupReadable. Fixes bug 26913; bugfix on + 0.3.3.1-alpha. diff --git a/changes/ticket26952-cargo b/changes/ticket26952-cargo new file mode 100644 index 0000000000..e1efdfcd74 --- /dev/null +++ b/changes/ticket26952-cargo @@ -0,0 +1,3 @@ + o Minor features (continuous integration, rust): + - Use cargo cache in our Travis CI configuration. + Closes ticket 26952. diff --git a/changes/ticket26952-ccache b/changes/ticket26952-ccache new file mode 100644 index 0000000000..edc115e9de --- /dev/null +++ b/changes/ticket26952-ccache @@ -0,0 +1,3 @@ + o Minor features (continuous integration): + - Use ccache in our Travis CI configuration. + Closes ticket 26952. diff --git a/changes/ticket27087 b/changes/ticket27087 new file mode 100644 index 0000000000..b8af70aaa0 --- /dev/null +++ b/changes/ticket27087 @@ -0,0 +1,3 @@ + o Minor features (continuous integration): + - Run asciidoc during Travis CI. + Implements ticket 27087. diff --git a/changes/ticket27252-032 b/changes/ticket27252-032 new file mode 100644 index 0000000000..4752aedcf6 --- /dev/null +++ b/changes/ticket27252-032 @@ -0,0 +1,5 @@ + o Minor features (continuous integration): + - Only run one online rust build in Travis, to reduce network errors. + Skip offline rust builds on Travis for Linux gcc, because they're + redundant. + Implements ticket 27252. diff --git a/changes/ticket27252-034 b/changes/ticket27252-034 new file mode 100644 index 0000000000..620ad83efe --- /dev/null +++ b/changes/ticket27252-034 @@ -0,0 +1,3 @@ + o Minor features (continuous integration): + - Don't do a distcheck with --disable-module-dirauth in Travis. + Implements ticket 27252. diff --git a/changes/ticket27275 b/changes/ticket27275 new file mode 100644 index 0000000000..d1332e9540 --- /dev/null +++ b/changes/ticket27275 @@ -0,0 +1,3 @@ + o Minor features (continuous integration): + - Only post Appveyor IRC notifications when the build fails. + Implements ticket 27275. diff --git a/changes/ticket27410 b/changes/ticket27410 new file mode 100644 index 0000000000..a21fdde58e --- /dev/null +++ b/changes/ticket27410 @@ -0,0 +1,5 @@ + o Minor bugfixes (hidden service v3): + - Close all SOCKS request (for the same .onion) if the newly fetched + descriptor is unusable. Before that, we would close only the first one + leaving the other hanging and let to time out by themselves. Fixes bug + 27410; bugfix on 0.3.2.1-alpha. diff --git a/changes/ticket27430 b/changes/ticket27430 new file mode 100644 index 0000000000..4e016e91e7 --- /dev/null +++ b/changes/ticket27430 @@ -0,0 +1,4 @@ + o Minor features (continuous integration): + - Show config.log and test-suite.log after failed Appveyor builds. + Also upload the zipped full logs as a build artifact. + Implements ticket 27430. diff --git a/changes/ticket27449 b/changes/ticket27449 new file mode 100644 index 0000000000..2a0984c09c --- /dev/null +++ b/changes/ticket27449 @@ -0,0 +1,3 @@ + o Minor features (continuous integration): + - Log the compiler path and version during Appveyor builds. + Implements ticket 27449. diff --git a/changes/ticket27550 b/changes/ticket27550 new file mode 100644 index 0000000000..87f9b5cbe9 --- /dev/null +++ b/changes/ticket27550 @@ -0,0 +1,5 @@ + o Minor bugfixes (hidden service v3): + - Don't warn so loudly when tor is unable to decode a descriptor. This can + now happen as a normal use case if a client gets a descriptor with + client authorization but the client is not authorized. Fixes bug 27550; + bugfix on 0.3.5.1-alpha. diff --git a/changes/ticket27797 b/changes/ticket27797 new file mode 100644 index 0000000000..f07e35f84c --- /dev/null +++ b/changes/ticket27797 @@ -0,0 +1,5 @@ + o Minor bugfixes (node, hidden service v3): + - When selecting a v3 rendezvous point, not only look at the protover but + also if the curve25519 onion key is present. That way we avoid picking a + node that supports the v3 rendezvous but for which we don't have the + descriptor yet for the key. Fixes bug 27797; bugfix on 0.3.2.1-alpha. diff --git a/changes/ticket27810 b/changes/ticket27810 new file mode 100644 index 0000000000..119f781cb9 --- /dev/null +++ b/changes/ticket27810 @@ -0,0 +1,5 @@ + o Minor bugfixes (test, hidden service v3): + - Make the the hs_service tests uses the same time source when creating + the introduction point and testing it. This helps make test work on very + slow system like ARM or Travis. Fixes bug 27810; bugfix on + 0.3.2.1-alpha. diff --git a/changes/ticket27849 b/changes/ticket27849 new file mode 100644 index 0000000000..c2babeffc7 --- /dev/null +++ b/changes/ticket27849 @@ -0,0 +1,5 @@ + o Major bugfixes (mainloop, bootstrap): + - Make sure Tor bootstraps and works properly if only the ControlPort is + set. Prior to this fix, Tor would only bootstrap with at least a client + port being set (Socks, Trans, NATD, DNS or HTTPTunnel port). Fixes bug + 27849; bugfix on 0.3.4.1-alpha. diff --git a/changes/ticket28089 b/changes/ticket28089 new file mode 100644 index 0000000000..a900ec18f5 --- /dev/null +++ b/changes/ticket28089 @@ -0,0 +1,6 @@ + o Major bugfixes (relay): + - When our write bandwidth limit is exhausted, stop writing on the + connection. Previously, we had a typo in the code that would make us stop + reading leading to relay connections being stuck indefinitely. Fixes bug + 28089; bugfix on 0.3.4.1-alpha. + diff --git a/changes/ticket28459 b/changes/ticket28459 new file mode 100644 index 0000000000..6b5839b52b --- /dev/null +++ b/changes/ticket28459 @@ -0,0 +1,4 @@ + o Minor features (continuous integration, Windows): + - Always show the configure and test logs, and upload them as build + artifacts, when building for Windows using Appveyor CI. + Implements 28459. diff --git a/changes/ticket28574 b/changes/ticket28574 new file mode 100644 index 0000000000..562810f511 --- /dev/null +++ b/changes/ticket28574 @@ -0,0 +1,4 @@ + o Minor bugfixes (continuous integration, Windows): + - Explicitly specify the path to the OpenSSL library and do not download + OpenSSL from Pacman, but instead use the library that is already provided + by AppVeyor. Fixes bug 28574; bugfix on master. diff --git a/changes/ticket28912 b/changes/ticket28912 new file mode 100644 index 0000000000..4119b778bc --- /dev/null +++ b/changes/ticket28912 @@ -0,0 +1,6 @@ + o Major bugfixes (relay, directory): + - A connection serving directory information wouldn't get reactivated after + the first chunk of data was sent (usually 32KB). Tor now always activate + the main loop event that goes through these connections as long as at + least one connection is still active. Fixes bug 28912; bugfix on + 0.3.4.1-alpha. Patch by "cypherpunks3". diff --git a/changes/ticket28973 b/changes/ticket28973 new file mode 100644 index 0000000000..b1d208ee51 --- /dev/null +++ b/changes/ticket28973 @@ -0,0 +1,6 @@ + o Minor features (OpenSSL bug workaround): + - Work around a bug in OpenSSL 1.1.1a, which prevented the TLS 1.3 + key export function from handling long labels. When this bug + is detected, Tor will disable TLS 1.3. We recommend upgrading to + a version of OpenSSL without this bug when it becomes available. + Closes ticket 28973. diff --git a/changes/ticket29168 b/changes/ticket29168 new file mode 100644 index 0000000000..65c5232f65 --- /dev/null +++ b/changes/ticket29168 @@ -0,0 +1,5 @@ + o Major bugfixes (cell scheduler, KIST): + - Make KIST to always take into account the outbuf length when computing + what we can actually put in the outbuf. This could lead to the outbuf + being filled up and thus a possible memory DoS vector. TROVE-2019-001. + Fixes bug 29168; bugfix on 0.3.2.1-alpha. diff --git a/changes/tickets_27765_27943 b/changes/tickets_27765_27943 new file mode 100644 index 0000000000..e8468545f1 --- /dev/null +++ b/changes/tickets_27765_27943 @@ -0,0 +1,5 @@ + o Minor bugfixes (CI, appveyor): + - Only install the necessary mingw packages during our appveyor + builds. This change makes the build a little faster, and prevents a + conflict with a preinstalled mingw openssl that appveyor now ships. + Fixes bugs 27943 and 27765; bugfix on 0.3.4.2-alpha. |