diff options
Diffstat (limited to 'changes')
43 files changed, 82 insertions, 201 deletions
diff --git a/changes/16869 b/changes/16869 new file mode 100644 index 0000000000..6687243551 --- /dev/null +++ b/changes/16869 @@ -0,0 +1,4 @@ + o Minor features (development tools, etags): + - Teach the "make tags" Makefile target how to correctly find + "MOCK_IMPL" function definitions. Patch from nherring; closes + ticket 16869. diff --git a/changes/18640 b/changes/18640 deleted file mode 100644 index de63da6655..0000000000 --- a/changes/18640 +++ /dev/null @@ -1,6 +0,0 @@ - o Major features (resource management): - - Tor now includes support for noticing when we are about to run out of - sockets, and preemptively closing connections of lower priority. - (This feature is off by default for now, since the current prioritizing - method is not mature enough yet. You can enable it by setting - "DisableOOSCheck 0".) Closes ticket 18640. diff --git a/changes/19122 b/changes/19122 deleted file mode 100644 index cface80679..0000000000 --- a/changes/19122 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (documentation): - - man page incorrectly states the User option takes a UID when it really - takes a username. Fixes bug 19122. diff --git a/changes/19977 b/changes/19977 deleted file mode 100644 index 0ca1af1cea..0000000000 --- a/changes/19977 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (unit test) - - Fix shared random unit test that was failing on big endian architecture - due to internal representation of a integer copied to a buffer. The test - is changed to take a full 32 bytes of data and use the output of a - python script that make the COMMIT and REVEAL calculation according to - the spec. Fixes #19977; bugfix on tor-0.2.9.1-alpha. diff --git a/changes/20163 b/changes/20163 new file mode 100644 index 0000000000..04074ded37 --- /dev/null +++ b/changes/20163 @@ -0,0 +1,6 @@ + o Minor bugfixes (address discovery): + - Stop reordering IP addresses returned by the OS. +This makes is more likely that Tor will guess the same relay IP address every time. +Fixes issue 20163; bugfix on 0.2.7.1-alpha, ticket 17027. +Reported by René Mayrhofer, patch by "cypherpunks". + diff --git a/changes/broken-028-fallbacks b/changes/broken-028-fallbacks new file mode 100644 index 0000000000..698fd6e37a --- /dev/null +++ b/changes/broken-028-fallbacks @@ -0,0 +1,3 @@ + o Minor feature (fallback directories): + - Remove broken fallbacks from the hard-coded fallback directory list. + Closes ticket 20190; patch by teor. diff --git a/changes/bug18357 b/changes/bug18357 new file mode 100644 index 0000000000..5f19d1454e --- /dev/null +++ b/changes/bug18357 @@ -0,0 +1,5 @@ + o Minor bugfixes (hidden service): + - Allow hidden services to run on IPv6 addresses even when the + IPv6Exit option is not set. Fixes bug 18357; bugfix on + 0.2.4.7-alpha. + diff --git a/changes/bug19167 b/changes/bug19167 new file mode 100644 index 0000000000..4a6c22dfc6 --- /dev/null +++ b/changes/bug19167 @@ -0,0 +1,4 @@ + o Minor bugfixes (configuration): + - When parsing quoted configuration values from the torrc file, + handle windows line endings correctly. Fixes bug 19167; bugfix on + 0.2.0.16-alpha. Patch from "Pingl". diff --git a/changes/bug19223 b/changes/bug19223 new file mode 100644 index 0000000000..e8ca6d4ec7 --- /dev/null +++ b/changes/bug19223 @@ -0,0 +1,4 @@ + o Minor bugfixes (getpass): + - Defensively fix a non-triggerable heap corruption at do_getpass() tow + protect ourselves from mistakes in the future. Fixes bug #19223; bugfix + on 0.2.7.3-rc. Bug found by Guido Vranken, patch by nherring.
\ No newline at end of file diff --git a/changes/bug19677 b/changes/bug19677 deleted file mode 100644 index e8ba3dd61a..0000000000 --- a/changes/bug19677 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bug fixes (option parsing): - - Count unix sockets when counting client listeners (SOCKS, Trans, - NATD, and DNS). This has no user-visible behaviour changes: these - options are set once, and never read. - Required for correct behaviour in ticket #17178. - Fixes bug #19677, patch by teor. diff --git a/changes/bug19767 b/changes/bug19767 deleted file mode 100644 index f0a010be0c..0000000000 --- a/changes/bug19767 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Always include orconfig.h before including any other C headers. - Sometimes, it includes macros that affect the behavior of the - standard headers. Closes bug 19767. diff --git a/changes/bug19902 b/changes/bug19902 deleted file mode 100644 index 297570ea0d..0000000000 --- a/changes/bug19902 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (compilation, OpenBSD): - - - Fix a Libevent-detection bug in our autoconf script that would - prevent Tor from linking successfully on OpenBSD. Patch from - rubiate. Fixes bug 19902; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug19904 b/changes/bug19904 new file mode 100644 index 0000000000..cdfb6feaac --- /dev/null +++ b/changes/bug19904 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation, OpenBSD): + - Detect Libevent2 functions correctly on systems that provide + libevent2, but where libevent1 is linked with -levent. Fixes bug + 19904; bugfix on 0.2.2.24-alpha. Patch from Rubiate. diff --git a/changes/bug19905 b/changes/bug19905 deleted file mode 100644 index b689740594..0000000000 --- a/changes/bug19905 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (IPv6, testing): - - Check for IPv6 correctly on Linux when running test networks. - Fixes bug 19905; bugfix on 0.2.7.3-rc; patch by teor. diff --git a/changes/bug19964 b/changes/bug19964 deleted file mode 100644 index af719424cb..0000000000 --- a/changes/bug19964 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (logging): - - When we are unable to remove the bw_accounting file, do not warn - if the reason we couldn't remove it was that it didn't exist. - Fixes bug 19964; bugfix on 0.2.5.4-alpha. Patch - from 'pastly'. - diff --git a/changes/bug19998 b/changes/bug19998 deleted file mode 100644 index d01589da03..0000000000 --- a/changes/bug19998 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (security, TLS): - - Servers no longer support clients that do not provide AES - ciphersuites. (3DES is no longer considered an acceptable - cipher.) We believe that no such clients currently exist, - since we have required OpenSSL 0.9.7 or later since 2009. - Closes ticket 19998. diff --git a/changes/bug19999_prep b/changes/bug19999_prep deleted file mode 100644 index 769c870fe9..0000000000 --- a/changes/bug19999_prep +++ /dev/null @@ -1,22 +0,0 @@ - o Minor features (unit tests): - - The unit tests now log all warning messages with the "BUG" flag. - Previously, they only logged errors by default. This change will - help us make our testing code more correct, and make sure that - we only hit this code when we mean to. This is preparatory work - for ticket 19999. - - Our unit testing code that captures log messages no longer prevents - them from being written out if the user asked for them (by passing - --debug or --info or or --notice --warn to the "test" binary). This - change will prevent us from missing unexpected log messages simply - because we were looking for others. Related to ticket 19999. - - Our link-handshake unit tests now check, that when invalid - handshakes fail, they fail with the error messages we - expected. - - The unit tests now treat any failure of a "tor_assert_nonfatal()" - assertion as a test failure. - - o Minor bugfixes (unit tests): - - The tor_tls_server_info_callback unit test no longer crashes when - debug-level logging is turned on. Fixes bug 20041; bugfix on - 0.2.8.1-alpha. - diff --git a/changes/bug20012 b/changes/bug20012 deleted file mode 100644 index f67ee65867..0000000000 --- a/changes/bug20012 +++ /dev/null @@ -1,12 +0,0 @@ - o Major bugfixes (hidden services): - - Clients require hidden services to include the TAP keys - for their intro points in the hidden service descriptor. - This prevents an inadvertent upgrade to ntor, which a - malicious hidden service could use to discover which - consensus a client has. - Fixes bug 20012; bugfix on 0.2.4.8-alpha. Patch by teor. - o Minor bugfixes (hidden services): - - Stop logging intro point details to the client log on - certain error conditions. - Fixed as part of bug 20012; bugfix on 0.2.4.8-alpha. - Patch by teor. diff --git a/changes/bug20063 b/changes/bug20063 deleted file mode 100644 index aa9ec23d03..0000000000 --- a/changes/bug20063 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (Linux seccomp2 sandbox): - - Add permission to run the sched_yield() and sigaltstack() system - calls, in order to support versions of Tor compiled with - asan or ubsan code that use these calls. Now "sandbox 1" and - "--enable-expensive-hardening" should be compatible. - Fixes bug 20063; bugfix on 0.2.5.1-alpha. diff --git a/changes/bug20064 b/changes/bug20064 deleted file mode 100644 index 38d3b91cfa..0000000000 --- a/changes/bug20064 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (Directory Authority): - - When allowing private addresses, mark Exits that only exit to - private locations as such. Fixes bug 20064; bugfix on - 0.2.2.9-alpha. - diff --git a/changes/bug20065 b/changes/bug20065 deleted file mode 100644 index cdeb698991..0000000000 --- a/changes/bug20065 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (directory authorities): - - Die with a useful error when the operator forgets to place the - authority_signing_key file into the keys directory. This avoids an - uninformative assert & traceback about having an invalid key. - Fixes bug 20065; bugfix on 0.2.0.1-alpha. diff --git a/changes/bug20081 b/changes/bug20081 deleted file mode 100644 index a95161cdc3..0000000000 --- a/changes/bug20081 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (allocation): - - Change how we allocate memory for large chunks on buffers, to avoid - a (currently impossible) integer overflow, and to waste less space - when allocating unusually large chunks. Fixes bug 20081; bugfix on - 0.2.0.16-alpha. Issue identified by Guido Vranken. diff --git a/changes/bug20093 b/changes/bug20093 deleted file mode 100644 index ef3260143b..0000000000 --- a/changes/bug20093 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (logging): - - When logging a message from the BUG() macro, be explicit about what - we were asserting. Previously we were confusing what we were asserting - with what the bug was. Fixes bug 20093; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug20103 b/changes/bug20103 deleted file mode 100644 index c2b81d3797..0000000000 --- a/changes/bug20103 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bug fixes (crash): - - - Fix a complicated crash bug that could affect Tor clients - configured to use bridges when replacing a networkstatus consensus - in which one of their bridges was mentioned. OpenBSD users saw - more crashes here, but all platforms were potentially affected. - Fixes bug 20103; bugfix on 0.2.8.2-alpha. diff --git a/changes/bug20110 b/changes/bug20110 deleted file mode 100644 index bb56a13268..0000000000 --- a/changes/bug20110 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (compilation): - - - Stop trying to build with Clang 4.0's -Wthread-safety - warnings. They apparently require a set of annotations that we - aren't currently using, and they create false positives in our - pthreads wrappers. Fixes bug 20110; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug20117 b/changes/bug20117 deleted file mode 100644 index 653226068b..0000000000 --- a/changes/bug20117 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (documentation): - - Document the default PathsNeededToBuildCircuits value that's - used by clients when the directory authorities don't set - min_paths_for_circs_pct. - Fixes bug 20117; bugfix on 02c320916e02 in tor-0.2.4.10-alpha. - Patch by teor, reported by Jesse V. diff --git a/changes/bug20141 b/changes/bug20141 deleted file mode 100644 index 99ecf0ad62..0000000000 --- a/changes/bug20141 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Fix a syntax error in the IF_BUG_ONCE__() macro in non- - GCC-compatible compilers. Fixes bug 20141; bugfix on - 0.2.9.1-alpha. Patch from Gisle Vanem. diff --git a/changes/bug20261 b/changes/bug20261 new file mode 100644 index 0000000000..dfdd15924b --- /dev/null +++ b/changes/bug20261 @@ -0,0 +1,4 @@ + o Minor bugfixes (client, unix domain sockets): + - Disable IsolateClientAddr when using AF_UNIX backed SocksPorts + as the client address is meaningless. Fixes bug 20261; bugfix on + 0.2.6.3-alpha. diff --git a/changes/feature17178 b/changes/feature17178 deleted file mode 100644 index 172097cd62..0000000000 --- a/changes/feature17178 +++ /dev/null @@ -1,30 +0,0 @@ - o Major features (onion services): - - Add experimental HiddenServiceSingleHopMode and - HiddenServiceNonAnonymousMode options. When both are set to 1, every - hidden service on a tor instance becomes a non-anonymous Single Onion - Service. Single Onions make one-hop (direct) connections to their - introduction and renzedvous points. One-hop circuits make Single Onion - servers easily locatable, but clients remain location-anonymous. - This is compatible with the existing hidden service implementation, and - works on the current tor network without any changes to older relays or - clients. - Implements proposal #260, completes ticket #17178. Patch by teor & asn. - o Minor features (Tor2web): - - Make Tor2web clients respect ReachableAddresses. - This feature was inadvertently enabled in 0.2.8.6, then removed - by bugfix #19973 on 0.2.8.7. - Implements feature #20034. Patch by teor. - o Minor bug fixes (Tor2web): - - Prevent Tor2web clients running hidden services, these services are - not anonymous due to the one-hop client paths. - Fixes bug #19678. Patch by teor. - o Minor bug fixes (circuits): - - Use CircuitBuildTimeout whenever LearnCircuitBuildTimeout is disabled. - Fixes bug #19678 in commit 5b0b51ca3 in 0.2.4.12-alpha. Patch by teor. - o Minor bug fixes (options): - - Stop changing the configured value of UseEntryGuards on authorities - and Tor2web clients. - Fixes bug #20074 in commits 51fc6799 in tor-0.1.1.16-rc and - acda1735 in tor-0.2.4.3-alpha. Patch by teor. - - Check the consistency of UseEntryGuards and EntryNodes more reliably. - Fixes bug #20074 in commit 686aaa5c in tor-0.2.4.12-alpha. Patch by teor. diff --git a/changes/feature18693 b/changes/feature18693 deleted file mode 100644 index ce7c9939a0..0000000000 --- a/changes/feature18693 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor feature (port flags): - - Add *Port flags NoDNSRequest and NoOnionTraffic, and - the synthetic flag OnionTrafficOnly, which is equivalent to - NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. - Closes enhancement 18693; patch by "teor". diff --git a/changes/feature18753 b/changes/feature18753 new file mode 100644 index 0000000000..2eb0e359da --- /dev/null +++ b/changes/feature18753 @@ -0,0 +1,6 @@ + o Minor features (unix domain sockets): + - When configuring a unix domain socket for a SocksPort, + ControlPort, or Hidden service, you can now wrap the address + in quotes, using C-style escapes inside the quotes. This + allows unix domain socket paths to contain spaces. + diff --git a/changes/feature20069 b/changes/feature20069 deleted file mode 100644 index 039fb754d2..0000000000 --- a/changes/feature20069 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor feature (testing, ipv6): - - Add the hs-ipv6 chutney target to make test-network-all's IPv6 - tests. Remove bridges+hs, as it's somewhat redundant. - This requires a recent chutney version that supports IPv6 clients, - relays, and authorities. - Closes ticket 20069; patch by teor. diff --git a/changes/feature20072 b/changes/feature20072 deleted file mode 100644 index 1afabca5a3..0000000000 --- a/changes/feature20072 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor feature (testing, hidden services, ipv6): - - Add the single-onion and single-onion-ipv6 chutney targets to - make test-network-all. This requires a recent chutney version - with the single onion network flavours (git c72a652 or later). - Closes ticket 20072; patch by teor. diff --git a/changes/geoip-october2016 b/changes/geoip-october2016 new file mode 100644 index 0000000000..fff9a1eeb5 --- /dev/null +++ b/changes/geoip-october2016 @@ -0,0 +1,4 @@ + o Minor features: + - Update geoip and geoip6 to the October 4 2016 Maxmind GeoLite2 + Country database. + diff --git a/changes/geoip-september2016 b/changes/geoip-september2016 deleted file mode 100644 index a14c7c699f..0000000000 --- a/changes/geoip-september2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/no_openssl_100 b/changes/no_openssl_100 new file mode 100644 index 0000000000..dd89da8126 --- /dev/null +++ b/changes/no_openssl_100 @@ -0,0 +1,4 @@ + o Required libraries: + - When building with OpenSSL, Tor now requires version 1.0.1 or later. + OpenSSL 1.0.0 and earlier are no longer supported by the openssl team, + and should not be used. Closes ticket 20303. diff --git a/changes/prop264 b/changes/prop264 new file mode 100644 index 0000000000..bab8a400e1 --- /dev/null +++ b/changes/prop264 @@ -0,0 +1,18 @@ + o Major features (subprotocol versions): + + - Tor now uses "subprotocol versions" to indicate + compatibility. Previously, versions of Tor looked at the declared Tor + version of a relay to tell whether they could use a given feature. + Now, they should be able to rely on its declared subprotocol versions. + This change allows compatible implementations of the Tor protocol(s) to + exist without declaring compatibility with pretending to be particular + releases of Tor itself. Closes ticket 19958; implements part of + proposal 264. + + - Tor directory authorities now vote on a set of recommended subprotocol + versions, and on a set of required subprotocol versions. Clients and + relays that lack support for a _required_ suprotocol version will not + start; those that lack support for a _recommended_ subprotocol version + will warn the user to upgrade. Closes ticket 19958; implements part of + proposal 264. + diff --git a/changes/reject-tap b/changes/reject-tap deleted file mode 100644 index 8e616de301..0000000000 --- a/changes/reject-tap +++ /dev/null @@ -1,15 +0,0 @@ - o Major bug fixes (circuit building): - - Tor authorities, relays, and clients only use ntor, except for - rare cases in the hidden service protocol. - - Authorities, relays and clients specifically check that each - descriptor has an ntor key. - - Clients avoid downloading a descriptor if the relay version is - too old to support ntor. - - Client code never chooses nodes without ntor keys: they will not - be selected during circuit-building, or as guards, or as directory - mirrors, or as introduction or rendezvous points. - - Circuit-building code assumes that all hops can use ntor, - except for rare hidden service protocol cases. - - Hidden service client to intro point and service to rendezvous point - connections use the TAP key supplied by the protocol. - Fixes bug 19163; bugfix on 0.2.4.18-rc. diff --git a/changes/ticket20001 b/changes/ticket20001 new file mode 100644 index 0000000000..a096e3a3d5 --- /dev/null +++ b/changes/ticket20001 @@ -0,0 +1,6 @@ + o Minor features (client, directory): + - Since authorities now omit all routers that lack the Running and Valid + flags, we assume that any authority present in the consensus must + have those flags. Closes ticket 20001; implements part of proposal + 272. + diff --git a/changes/ticket20002 b/changes/ticket20002 deleted file mode 100644 index 28eaa8d60d..0000000000 --- a/changes/ticket20002 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (directory authority): - - After voting, if the authorities decide that a relay is not "Valid", - they no longer include it in the consensus at all. Closes ticket - 20002; implements part of proposal 272. diff --git a/changes/ticket20066 b/changes/ticket20066 deleted file mode 100644 index 970793d4ee..0000000000 --- a/changes/ticket20066 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (testing): - - Disable memory protections on OpenBSD when testing memwipe(). - The test deliberately invokes undefined behaviour which the - protections interfere with. Patch from "rubiate". Closes ticket - 20066. diff --git a/changes/ticket20151 b/changes/ticket20151 new file mode 100644 index 0000000000..5d246d9062 --- /dev/null +++ b/changes/ticket20151 @@ -0,0 +1,7 @@ + o Minor features: + - Increase the maximum number of bits for the IPv6 virtual network prefix + from 16 to 104. In this way, the condition for address allocation is less + restrictive. Also, the variable max_bits is called max_prefix_bits, + making it clearer the meaning of the condition (bits > max_prefix_bits). + Closes ticket 20151; feature on 0.2.4.7-alpha. + diff --git a/changes/ticket20241 b/changes/ticket20241 new file mode 100644 index 0000000000..7c592f7367 --- /dev/null +++ b/changes/ticket20241 @@ -0,0 +1,3 @@ + o Minor features (compilation, portability): + - Tor now compiles correctly on MacOS 10.12 (aka "Sierra"). Closes + ticket 20241. |