diff options
Diffstat (limited to 'changes')
110 files changed, 360 insertions, 145 deletions
diff --git a/changes/bug27315 b/changes/bug27315 new file mode 100644 index 0000000000..8af3ac8559 --- /dev/null +++ b/changes/bug27315 @@ -0,0 +1,6 @@ + o Minor bugfixes (linux seccomp2 sandbox): + - Fix a regression on sandboxing rules for the openat() syscall. + The fix for bug 25440 fixed the problem on systems with glibc >= + 2.27 but broke tor on previous versions of glibc. We now apply + the correct seccomp rule according to the running glibc version. + Patch from Daniel Pinto. Fixes bug 27315; bugfix on 0.3.5.11. diff --git a/changes/bug31669 b/changes/bug31669 deleted file mode 100644 index 8079c98f62..0000000000 --- a/changes/bug31669 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (onion services v3): - - Relax severity of a log message that can appear naturally when decoding - onion service descriptors as a relay. Also add some diagnostics to debug - any future bugs in that area. Fixes bug 31669; bugfix on 0.3.0.1-alpha.
\ No newline at end of file diff --git a/changes/bug32709 b/changes/bug32709 new file mode 100644 index 0000000000..d00b112be6 --- /dev/null +++ b/changes/bug32709 @@ -0,0 +1,4 @@ + o Major features (v3 onion services): + - Allow v3 onion services to act as OnionBalance backend instances using + the HiddenServiceOnionBalanceInstance torrc option. Closes ticket 32709. + diff --git a/changes/bug33032 b/changes/bug33032 deleted file mode 100644 index 0c665f25df..0000000000 --- a/changes/bug33032 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (key portability): - - When reading PEM-encoded key data, tolerate CRLF line-endings even if - we are not running on Windows. Previously, non-Windows hosts - would reject these line-endings in certain positions, making - certain key files hard to move from one host to another. - Fixes bug 33032; bugfix on 0.3.5.1-alpha. diff --git a/changes/bug33087 b/changes/bug33087 deleted file mode 100644 index ab6df58cc6..0000000000 --- a/changes/bug33087 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (logging): - - Stop closing stderr and stdout during shutdown. Closing these file - descriptors can hide sanitiser logs. - Fixes bug 33087; bugfix on 0.4.1.6. - - Flush stderr, stdout, and file logs during shutdown, if supported by the - OS. This change helps make sure that any final logs are recorded. - Fixes bug 33087; bugfix on 0.4.1.6. diff --git a/changes/bug33131 b/changes/bug33131 new file mode 100644 index 0000000000..bc5ef7bc2d --- /dev/null +++ b/changes/bug33131 @@ -0,0 +1,3 @@ + o Minor bugfixes (mainloop): + - Better guard against growing a buffer past its maximum 2GB in size. + Fixes bug 33131; bugfix on 0.3.0.4-rc. diff --git a/changes/bug33284 b/changes/bug33284 new file mode 100644 index 0000000000..e6aed4d2d4 --- /dev/null +++ b/changes/bug33284 @@ -0,0 +1,4 @@ + o Minor bugfixes (git scripts): + - Stop executing the checked-out pre-commit hook from the pre-push hook. + Instead, execute the copy in the user's git dir. Fixes bug 33284; bugfix + on 0.4.1.1-alpha. diff --git a/changes/bug33285 b/changes/bug33285 new file mode 100644 index 0000000000..a4d06a7eb8 --- /dev/null +++ b/changes/bug33285 @@ -0,0 +1,3 @@ + o Minor bugfixes (protocol versions): + - Sort tor's supported protocol version lists, as recommended by the + tor directory specification. Fixes bug 33285; bugfix on 0.4.0.1-alpha. diff --git a/changes/bug33374 b/changes/bug33374 deleted file mode 100644 index d1141faf78..0000000000 --- a/changes/bug33374 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (coding best practices checks): - - Allow the "practracker" coding best practices checking script to read - unicode files, when using Python 2. We made the script use unicode - literals in 0.4.3.1-alpha, but didn't change the codec for opening files. - Fixes bug 33374; bugfix on 0.4.3.1-alpha. diff --git a/changes/bug33531 b/changes/bug33531 new file mode 100644 index 0000000000..c4284c55c9 --- /dev/null +++ b/changes/bug33531 @@ -0,0 +1,3 @@ + o Minor bugfixes (logs): + - Remove surprising empty line in info-level log about circuit build + timeout. Fixes bug 33531; bugfix on 0.3.3.1-alpha. diff --git a/changes/bug33545 b/changes/bug33545 deleted file mode 100644 index c051b01605..0000000000 --- a/changes/bug33545 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (hidden services): - - Block a client-side assert by disallowing the registration of an x25519 - client auth key that's all zeroes. Fixes bug 33545; bugfix on - 0.4.3.1-alpha. Patch based on patch from "cypherpunks".
\ No newline at end of file diff --git a/changes/bug33608 b/changes/bug33608 deleted file mode 100644 index 0e82a8eec9..0000000000 --- a/changes/bug33608 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (client IPv6): - - Stop forcing all non-SOCKSPorts to prefer IPv6 exit connections. Instead, - prefer IPv6 connections by default, but allow users to change their - configs using the "NoPreferIPv6" port flag. - Fixes bug 33608; bugfix on 0.4.3.1-alpha. diff --git a/changes/bug33668 b/changes/bug33668 deleted file mode 100644 index 2b0830d6d8..0000000000 --- a/changes/bug33668 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (--disable-module-relay): - - Fix an assertion failure when Tor is build without the relay module, - and then invoked with the "User" option. Fixes bug 33668; bugfix on - 0.4.3.1-alpha. diff --git a/changes/bug33673 b/changes/bug33673 deleted file mode 100644 index 37c00f2e6e..0000000000 --- a/changes/bug33673 +++ /dev/null @@ -1,6 +0,0 @@ - o Testing: - - In our Appveyor Windows CI, copy required DLLs to test and app, before - running tor's tests. This ensures that tor.exe and test*.exe use the - correct version of each DLL. This fix is not required, but we hope it - will avoid DLL search issues in future. - Fixes bug 33673; bugfix on 0.3.4.2-alpha. diff --git a/changes/bug33674 b/changes/bug33674 deleted file mode 100644 index bcc3fcab03..0000000000 --- a/changes/bug33674 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (--disable-module-relay,--disable-module-dirauth): - - Set some output arguments in the relay and dirauth module stubs, to - guard against future stub argument handling bugs like 33668. - Fixes bug 33674; bugfix on 0.4.3.1-alpha. diff --git a/changes/bug33782 b/changes/bug33782 deleted file mode 100644 index 9d4a0e7a79..0000000000 --- a/changes/bug33782 +++ /dev/null @@ -1,7 +0,0 @@ - o Testing: - - Avoid conflicts between the fake sockets in tor's unit tests, and real - file descriptors. Resolves issues running unit tests with GitHub Actions, - where the process that embeds or launches the tests has already opened a - large number of file descriptors. - Fixes bug 33782; bugfix on 0.2.8.1-alpha. - Found and fixed by Putta Khunchalee. diff --git a/changes/bug33899 b/changes/bug33899 new file mode 100644 index 0000000000..b9b7d7cf13 --- /dev/null +++ b/changes/bug33899 @@ -0,0 +1,9 @@ + o Minor bugfixes (IPv6, relay): + - Consider IPv6 addresses when checking if a connection is canonical. + In 17604, relays assumed that a remote relay could consider an IPv6 + connection canonical, but did not set the canonical flag on their side + of the connection. Fixes bug 33899; bugfix on 0.3.1.1-alpha. + - Log IPv6 addresses on connections where this relay is the responder. + Previously, responding relays would replace the remote IPv6 address with + the IPv4 address from the consensus. + Fixes bug 33899; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug33900 b/changes/bug33900 new file mode 100644 index 0000000000..c1649d2284 --- /dev/null +++ b/changes/bug33900 @@ -0,0 +1,3 @@ + o Minor bugfixes (IPv4, relay): + - Check for invalid zero IPv4 addresses and ports, when sending and + receiving extend cells. Fixes bug 33900; bugfix on 0.2.4.8-alpha. diff --git a/changes/bug33917 b/changes/bug33917 new file mode 100644 index 0000000000..6a8daa9e26 --- /dev/null +++ b/changes/bug33917 @@ -0,0 +1,5 @@ + o Minor bugfixes (logging, testing): + - Make all of tor's assertion macros support the ALL_BUGS_ARE_FATAL and + DISABLE_ASSERTS_IN_UNIT_TESTS debugging modes. Implements these modes + for IF_BUG_ONCE(). (It used to log a non-fatal warning, regardless of + the debugging mode.) Fixes bug 33917; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug33918 b/changes/bug33918 deleted file mode 100644 index e1467b4aaf..0000000000 --- a/changes/bug33918 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (IPv6, logging): - - Stop truncating IPv6 addresses and ports in channel and connection logs. - Fixes bug 33918; bugfix on 0.2.4.4-alpha. diff --git a/changes/bug33977 b/changes/bug33977 new file mode 100644 index 0000000000..b424a811a2 --- /dev/null +++ b/changes/bug33977 @@ -0,0 +1,4 @@ + o Minor bugfix (refactoring): + - Lift circuit_build_times_disabled out of circuit_expire_building loop to + save CPU time with many circuits open. Fixes bug 33977; bugfix on + 0.3.5.9. diff --git a/changes/bug34077 b/changes/bug34077 deleted file mode 100644 index 29458bd9de..0000000000 --- a/changes/bug34077 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compiler warnings): - - Fix compilation warnings with GCC 10.0.1. Fixes bug 34077; bugfix on - 0.4.0.3-alpha. diff --git a/changes/bug34078 b/changes/bug34078 deleted file mode 100644 index 1015d24547..0000000000 --- a/changes/bug34078 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (compiler compatibility): - - Avoid compiler warnings from Clang 10 related to the use of - GCC-style "/* falls through */" comments. Both Clang and GCC allow - __attribute__((fallthrough)) instead, so that's what we're using now. - Fixes bug 34078; bugfix on 0.3.1.3-alpha. diff --git a/changes/bug34084 b/changes/bug34084 new file mode 100644 index 0000000000..524c4cf68e --- /dev/null +++ b/changes/bug34084 @@ -0,0 +1,3 @@ + o Minor bugfixes (onion services v3): + - Avoid a non-fatal assert log in an edge-case of opening an intro circuit + as a client. Fixes bug 34084; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug34086 b/changes/bug34086 new file mode 100644 index 0000000000..245992f8f4 --- /dev/null +++ b/changes/bug34086 @@ -0,0 +1,3 @@ + o Minor bugfixes (onion service v3): + - Remove a BUG() warning that could trigger in certain unlikely edge-cases. + Fixes bug 34086; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug34131 b/changes/bug34131 deleted file mode 100644 index eb3a3feba2..0000000000 --- a/changes/bug34131 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (logging): - - Fix a logic error in a log message about whether an address was - invalid. Previously, the code would never report that onion addresses - were onion addresses. Fixes bug 34131; bugfix on 0.4.3.1-alpha. diff --git a/changes/bug40001 b/changes/bug40001 new file mode 100644 index 0000000000..0e3f454619 --- /dev/null +++ b/changes/bug40001 @@ -0,0 +1,3 @@ + o Minor features (entry guards): + - Reinstate support for GUARD NEW/UP/DOWN control port events. + Closes ticket 40001.
\ No newline at end of file diff --git a/changes/bug40020 b/changes/bug40020 new file mode 100644 index 0000000000..ca6ee2b85b --- /dev/null +++ b/changes/bug40020 @@ -0,0 +1,9 @@ + o Minor bugfixes (linux seccomp2 sandbox): + - Makes the seccomp sandbox allow the correct syscall for opendir + according to the running glibc version. The opendir function + either uses open or openat but the current code does not + differenciate between opendir and open calls. This adds a new + seccomp sandbox rule for opendir. This fixes crashes when + reloading torrc with sandbox enabled when running on glibc + 2.15 to 2.21 and 2.26. Patch from Daniel Pinto. Fixes bug 40020; + bugfix on 0.3.5.11. diff --git a/changes/bug40072 b/changes/bug40072 new file mode 100644 index 0000000000..2b82f3f18b --- /dev/null +++ b/changes/bug40072 @@ -0,0 +1,4 @@ + o Minor bugfixes (linux seccomp2 sandbox): + - Fix startup crash with seccomp sandbox enabled when tor tries to + open the data directory. Patch from Daniel Pinto. Fixes bug 40072; + bugfix on 0.4.4.3-alpha-dev. diff --git a/changes/bug40083 b/changes/bug40083 new file mode 100644 index 0000000000..db26017664 --- /dev/null +++ b/changes/bug40083 @@ -0,0 +1,5 @@ + o Minor bugfixes (relay, self-testing): + - When starting up as a relay, if we haven't been able to verify that + we're reachable, only launch reachability tests at most once a minute. + Previously, we had been launching tests up to once a second, which + was needlessly noisy. Fixes bug 40083; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug40095 b/changes/bug40095 new file mode 100644 index 0000000000..5c4b3a2b7e --- /dev/null +++ b/changes/bug40095 @@ -0,0 +1,4 @@ + o Minor bugfixes (testing): + - When running the subsystem order check, use the python binary + configured with the PYTHON environment variable. Fixes bug 40095; + bugfix on 0.4.4.1-alpha. diff --git a/changes/bug40105 b/changes/bug40105 new file mode 100644 index 0000000000..330b6a9744 --- /dev/null +++ b/changes/bug40105 @@ -0,0 +1,3 @@ + o Minor bugfixes (guard selection algorithm): + - Avoid needless guard-related warning when upgrading from 0.4.3 to 0.4.4. + Fixes bug 40105; bugfix on 0.4.4.1-alpha.
\ No newline at end of file diff --git a/changes/bug40117 b/changes/bug40117 new file mode 100644 index 0000000000..77646edf9c --- /dev/null +++ b/changes/bug40117 @@ -0,0 +1,5 @@ + o Major bugfixes (stats, onion services): + - Fix a bug where we were undercounting the Tor network's total onion + service traffic, by only counting rendezvous traffic originating from + services and ignoring any traffic originating from clients. Fixes bug + 40117; bugfix on 0.2.6.2-alpha. diff --git a/changes/bug40129 b/changes/bug40129 new file mode 100644 index 0000000000..80de5ef355 --- /dev/null +++ b/changes/bug40129 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation): + - Fix compiler warnings that would occur when building with + "--enable-all-bugs-are-fatal" and "--disable-module-relay" + at the same time. Fixes bug 40129; bugfix on 0.4.4.1-alpha. diff --git a/changes/bug4631 b/changes/bug4631 new file mode 100644 index 0000000000..be3dd2b43e --- /dev/null +++ b/changes/bug4631 @@ -0,0 +1,6 @@ + o Minor bugfixes (directory authorities): + - Directory authorities reject votes that arrive too late. In particular, + once an authority has started fetching missing votes, it no longer + accepts new votes posted by other authorities. This change helps prevent + a consensus split, where only some authorities have the late vote. + Fixes bug 4631; bugfix on 0.2.0.5-alpha. diff --git a/changes/doc32971 b/changes/doc32971 deleted file mode 100644 index 014d2a7cec..0000000000 --- a/changes/doc32971 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation (manpage): - - Document __OwningControllerProcess torrc option and specify polling - interval. Resolves issue 32971. diff --git a/changes/doc33417 b/changes/doc33417 new file mode 100644 index 0000000000..0fc868fc65 --- /dev/null +++ b/changes/doc33417 @@ -0,0 +1,3 @@ + o Documentation (manpage): + - Refrain from mentioning nicknames in manpage section for MyFamily torrc + option. Resolves issue 33417. diff --git a/changes/doc34133 b/changes/doc34133 new file mode 100644 index 0000000000..abe9db6148 --- /dev/null +++ b/changes/doc34133 @@ -0,0 +1,6 @@ + o Documentation: + - Correctly document that we search for a system torrc file before + Document the limitations of using %include on config files with + seccomp sandbox enabled. No new files can be added to the + %included directories. Fixes documentation bug 34133; bugfix + on 0.3.1.1-alpha. Patch by Daniel Pinto. diff --git a/changes/ticket24308 b/changes/ticket24308 new file mode 100644 index 0000000000..e614785265 --- /dev/null +++ b/changes/ticket24308 @@ -0,0 +1,6 @@ + o Minor features (denial-of-service memory limiter): + - Allow the user to configure even lower values for the MaxMemInQueues + parameter. Relays now enforce a minimum of 64 MB, when previously + the minimum was 256 MB. On clients, there is no minimum. Relays and + clients will both warn if the value is set so low that Tor is likely + to stop working. Closes ticket 24308. diff --git a/changes/ticket24844 b/changes/ticket24844 new file mode 100644 index 0000000000..da55b4cf67 --- /dev/null +++ b/changes/ticket24844 @@ -0,0 +1,4 @@ + o Minor features (v3 onion servies): + - Add v3 onion service status to the dumpstats() call which is + triggered by a SIGUSR1 signal. Previously, we only did v2 + onion services. Closes ticket 24844. Patch by Neel Chauhan. diff --git a/changes/ticket28208 b/changes/ticket28208 new file mode 100644 index 0000000000..8818aad1d5 --- /dev/null +++ b/changes/ticket28208 @@ -0,0 +1,4 @@ + o Testing: + - Use the "bridges+hs-v23" chutney network flavor in "make test-network". + This test requires a recent version of chutney (mid-February 2020). + Closes ticket 28208. diff --git a/changes/ticket31576 b/changes/ticket31576 new file mode 100644 index 0000000000..ab984cf3d4 --- /dev/null +++ b/changes/ticket31576 @@ -0,0 +1,3 @@ + o Removed features: + - Stop shipping contrib/dist/rc.subr file, as it is not being used on + FreeBSD anymore. Closes issue 31576. diff --git a/changes/ticket31634 b/changes/ticket31634 new file mode 100644 index 0000000000..2777595036 --- /dev/null +++ b/changes/ticket31634 @@ -0,0 +1,4 @@ + o Minor features (testing, architeture): + - Our test scripts now double-check that subsystem initialization order + is consistent with the inter-module dependencies established by our + .may_include files. Implements ticket 31634. diff --git a/changes/ticket31812 b/changes/ticket31812 new file mode 100644 index 0000000000..869e494892 --- /dev/null +++ b/changes/ticket31812 @@ -0,0 +1,4 @@ + o Documentation: + - Replace most http:// URLs in our code and documentation with https:// + URLs. (We have left unchanged the code in src/ext/, and the text in + LICENSE.) Closes ticket 31812. Patch from Jeremy Rand. diff --git a/changes/ticket32088 b/changes/ticket32088 new file mode 100644 index 0000000000..0d4fc74754 --- /dev/null +++ b/changes/ticket32088 @@ -0,0 +1,13 @@ + o Major features (Proposal 310, performance + security): + - Implements Proposal 310 - Bandaid on guard selection. + Proposal 310 solves a load-balancing issue within Prop271 which strongly + impact experimental research with Shadow. + Security improvement: Proposal 310 prevents any newly Guard relay to + have a chance to get into the primary list of older Tor clients, + except if the N first sampled guards of these clients are unreachable. + Implements recommendation from 32088. + + Proposal 310 is linked to the CLAPS project researching optimal + client location-aware path selections. This project is a collaboration + between the UCLouvain Crypto Group, the U.S. Naval Research Laboratory and + Princeton University. diff --git a/changes/ticket32143 b/changes/ticket32143 new file mode 100644 index 0000000000..7f8a809ba5 --- /dev/null +++ b/changes/ticket32143 @@ -0,0 +1,4 @@ + o Minor features (continuous integration): + - Run unit-test and integration test (Stem, Chutney) jobs with + ALL_BUGS_ARE_FATAL macro being enabled on Travis and Appveyor. + Resolves ticket 32143. diff --git a/changes/ticket32542 b/changes/ticket32542 new file mode 100644 index 0000000000..c52335b059 --- /dev/null +++ b/changes/ticket32542 @@ -0,0 +1,3 @@ + o Minor feature (onion service client, SOCKS5): + - Add 3 new SocksPort ExtendedErrors (F2, F3, F7) that reports back new type + of onion service connection failures. Closes ticket 32542. diff --git a/changes/ticket32622 b/changes/ticket32622 new file mode 100644 index 0000000000..1c663567fd --- /dev/null +++ b/changes/ticket32622 @@ -0,0 +1,5 @@ + o Minor features (bootstrap reporting): + - Report more detailed reasons for bootstrap failure when the failure + happens due to a TLS error. Previously we would just call these errors + "MISC" when they happened during read, and "DONE" when they + happened during any other TLS operation. Closes ticket 32622. diff --git a/changes/ticket32672 b/changes/ticket32672 deleted file mode 100644 index 351329ba2e..0000000000 --- a/changes/ticket32672 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (directory authorities): - - Directory authorities now reject descriptors from relays running Tor - versions from the 0.2.9 and 0.4.0 series, but still allow the 0.3.5 - series. Resolves ticket 32672. Patch by Neel Chauhan. diff --git a/changes/ticket32696 b/changes/ticket32696 new file mode 100644 index 0000000000..8f56fc394e --- /dev/null +++ b/changes/ticket32696 @@ -0,0 +1,7 @@ + o Minor features (directory authority): + - Authorities now recommend protocol versions that are supported + by Tor 0.3.5 and later. (Earlier versions of Tor have been + deprecated since January of this year.) This recommendation + will cause older clients and relays to give a warning on startup, + or when they download a consensus directory. + Closes ticket 32696. diff --git a/changes/ticket32720 b/changes/ticket32720 new file mode 100644 index 0000000000..87c540b7ff --- /dev/null +++ b/changes/ticket32720 @@ -0,0 +1,4 @@ + o Minor features (directory): + - Remember the number of bytes we have downloaded for each directory + purpose while bootstrapping, and while fully bootstrapped. Log this + information as part of the heartbeat message. Closes ticket 32720. diff --git a/changes/ticket32873 b/changes/ticket32873 new file mode 100644 index 0000000000..65ea1f64ad --- /dev/null +++ b/changes/ticket32873 @@ -0,0 +1,6 @@ + o Minor features (control port): + - Return a descriptive error message from the 'GETINFO + status/fresh-relay-descs' command on the control port. + Previously, we returned a generic error of "Error + generating descriptor". Closes ticket 32873. Patch by + Neel Chauhan. diff --git a/changes/ticket32888 b/changes/ticket32888 new file mode 100644 index 0000000000..ce7fb40b30 --- /dev/null +++ b/changes/ticket32888 @@ -0,0 +1,4 @@ + o Minor features (logging): + - When trying to find our own address, add debug-level logging + to report the sources of candidate addresses. Closes ticket + 32888. diff --git a/changes/ticket32905 b/changes/ticket32905 new file mode 100644 index 0000000000..6f420ec693 --- /dev/null +++ b/changes/ticket32905 @@ -0,0 +1,6 @@ + o Removed features: + - Remove the ClientAutoIPv6ORPort option. This option attempted + to randomly choose between IPv4 and IPv6 for client connections, + and isn't a true implementation of Happy Eyeballs. Often, this + option failed on IPv4-only or IPv6-only connections. Closes + ticket 32905. Patch by Neel Chauhan. diff --git a/changes/ticket32994 b/changes/ticket32994 new file mode 100644 index 0000000000..43a32afa78 --- /dev/null +++ b/changes/ticket32994 @@ -0,0 +1,3 @@ + o Code simplification and refactoring: + - Rewrite port_parse_config() to use the default port flags from + port_cfg_new(). Closes ticket 32994. Patch by MrSquanchee. diff --git a/changes/ticket33014 b/changes/ticket33014 new file mode 100644 index 0000000000..885051d9cf --- /dev/null +++ b/changes/ticket33014 @@ -0,0 +1,3 @@ + o Code simplification and refactoring (onion service): + - Refactor configuration parsing to use the new config subsystem code. + Closes ticket 33014. diff --git a/changes/ticket33029 b/changes/ticket33029 deleted file mode 100644 index c32ee4ad84..0000000000 --- a/changes/ticket33029 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (directory authority): - - Directory authorities will now send a 503 (not enough bandwidth) code to - clients when under bandwidth pressure. Known relays and other authorities - will always be answered regardless of the bandwidth situation. Fixes bug - 33029; bugfix on 0.1.2.5-alpha. diff --git a/changes/ticket33119 b/changes/ticket33119 deleted file mode 100644 index 11c20bc7a2..0000000000 --- a/changes/ticket33119 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (security, denial-of-service): - - Fix a denial-of-service bug that could be used by anyone to consume a - bunch of CPU on any Tor relay or authority, or by directories to - consume a bunch of CPU on clients or hidden services. Because - of the potential for CPU consumption to introduce observable - timing patterns, we are treating this as a high-severity security - issue. Fixes bug 33119; bugfix on 0.2.1.5-alpha. We are also tracking - this issue as TROVE-2020-002. diff --git a/changes/ticket33188 b/changes/ticket33188 deleted file mode 100644 index 7bec15b99b..0000000000 --- a/changes/ticket33188 +++ /dev/null @@ -1,5 +0,0 @@ - o Documentation (manpage): - - Alphabetize the Server and Directory server sections of the tor - manpage. Also split Statistics options into their own section - of the manpage. Closes ticket 33188. Work by Swati Thacker as - part of Google Season of Docs. diff --git a/changes/ticket33192 b/changes/ticket33192 new file mode 100644 index 0000000000..97f976226b --- /dev/null +++ b/changes/ticket33192 @@ -0,0 +1,5 @@ + o Minor feature (python): + - Stop assuming that /usr/bin/python exists. Instead of using a + hardcoded path in scripts that still use Python 2, use /usr/bin/env, + similarly to the scripts that use Python 3. Fixes bug 33192; bugfix + on 0.4.2.
\ No newline at end of file diff --git a/changes/ticket33213 b/changes/ticket33213 deleted file mode 100644 index f1da591bd1..0000000000 --- a/changes/ticket33213 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (continuous integration): - - Remove the buggy and unused mirroring job. Fixes bug 33213; - bugfix on 0.3.2.2-alpha. diff --git a/changes/ticket33275 b/changes/ticket33275 new file mode 100644 index 0000000000..bff3a7a3ad --- /dev/null +++ b/changes/ticket33275 @@ -0,0 +1,5 @@ + o Documentation (manpage): + - Alphabetize the Denial of Service Mitigation Options, Directory + Authority Server Options, Hidden Service Options, and Testing + Network Options sections of the tor(1) manpage. Closes ticket + 33275. Work by Swati Thacker as part of Google Season of Docs. diff --git a/changes/ticket33280 b/changes/ticket33280 new file mode 100644 index 0000000000..b90c3086ea --- /dev/null +++ b/changes/ticket33280 @@ -0,0 +1,4 @@ + o Testing: + - Add test-network-ipv4 and test-network-ipv6 jobs to the Makefile. + These jobs run the IPv4-only and dual-stack chutney flavours from + test-network-all. Closes ticket 33280. diff --git a/changes/ticket33290 b/changes/ticket33290 deleted file mode 100644 index 882764020e..0000000000 --- a/changes/ticket33290 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (diagnostic): - - Improve assertions and add some memory-poisoning code to try to track - down possible causes of a rare crash (32564) in the EWMA code. - Closes ticket 33290. diff --git a/changes/ticket33300 b/changes/ticket33300 new file mode 100644 index 0000000000..9b0bdce372 --- /dev/null +++ b/changes/ticket33300 @@ -0,0 +1,3 @@ + o Testing: + - Add a basic IPv6 test to "make test-network". This test only runs when + the local machine has an IPv6 stack. Closes ticket 33300. diff --git a/changes/ticket33303 b/changes/ticket33303 new file mode 100644 index 0000000000..b7ac7b5067 --- /dev/null +++ b/changes/ticket33303 @@ -0,0 +1,4 @@ + o Testing: + - Run the test-network-ipv6 Makefile target in the Travis CI IPv6 chutney + job. This job runs on macOS, so it's a bit slow. + Closes ticket 33303. diff --git a/changes/ticket33316 b/changes/ticket33316 new file mode 100644 index 0000000000..25b0444078 --- /dev/null +++ b/changes/ticket33316 @@ -0,0 +1,15 @@ + o Minor bugfixes (initialization): + - Initialize the subsystems in our code in an order more closely + corresponding to their dependencies, so that every system is + initialized before the ones that (theoretically) depend on it. + Fixes bug 33316; bugfix on 0.4.0.1-alpha. + + o Minor features (tests): + - Initialize all subsystems at the beginning of our unit test harness, + to avoid crashes due to uninitialized subsystems. + Follow-up from ticket 33316. + + o Code simplification and refactoring: + - Merge the orconn and ocirc events into the "core" subsystem, which + manages or connections and origin circuits. Previously they + were isolated in subsystems of their own. diff --git a/changes/ticket33334 b/changes/ticket33334 new file mode 100644 index 0000000000..ada3cb284c --- /dev/null +++ b/changes/ticket33334 @@ -0,0 +1,5 @@ + o Testing: + - Test v3 onion services to tor's mixed IPv4 chutney network. And add a + mixed IPv6 chutney network. These networks are used in the + test-network-all, test-network-ipv4, and test-network-ipv6 make targets. + Closes ticket 33334. diff --git a/changes/ticket33339 b/changes/ticket33339 new file mode 100644 index 0000000000..75ccb3546f --- /dev/null +++ b/changes/ticket33339 @@ -0,0 +1,3 @@ + o Minor feature (developer tools): + - Add a script to help check the alphabetical ordering of option + names in a manpage. Closes ticket 33339. diff --git a/changes/ticket33346 b/changes/ticket33346 new file mode 100644 index 0000000000..acbbae5169 --- /dev/null +++ b/changes/ticket33346 @@ -0,0 +1,3 @@ + o Minor features (linux seccomp2 sandbox): + - Permit the unlinkat() syscall, which some Libc implementations + use to implement unlink(). Closes ticket 33346. diff --git a/changes/ticket33349 b/changes/ticket33349 new file mode 100644 index 0000000000..0458a72c8d --- /dev/null +++ b/changes/ticket33349 @@ -0,0 +1,4 @@ + o Code simplification and refactoring: + - Updated comments in 'scheduler.c' to reflect old code changes, + and simplified the scheduler channel state change code. Closes + ticket 33349. diff --git a/changes/ticket33361 b/changes/ticket33361 deleted file mode 100644 index bc9715d6a1..0000000000 --- a/changes/ticket33361 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfix (relay, configuration): - - Now warn if the ContactInfo field is not set and mention that the relay - might get rejected if so. Fixes bug 33361; bugfix on 0.1.1.10-alpha. diff --git a/changes/ticket33366 b/changes/ticket33366 new file mode 100644 index 0000000000..1310c493c2 --- /dev/null +++ b/changes/ticket33366 @@ -0,0 +1,3 @@ + o Minor features (compilation size): + - Most Server-side DNS code is now disabled when building without + support for relay mode. Closes ticket 33366. diff --git a/changes/ticket33368 b/changes/ticket33368 new file mode 100644 index 0000000000..ecc6f66f4e --- /dev/null +++ b/changes/ticket33368 @@ -0,0 +1,3 @@ + o Minor features (client-only compilation): + - Disable more code related to the ext_orport protocol when compiling + without support for relay mode. Closes ticket 33368. diff --git a/changes/ticket33369 b/changes/ticket33369 new file mode 100644 index 0000000000..c55335c5b7 --- /dev/null +++ b/changes/ticket33369 @@ -0,0 +1,4 @@ + o Documentation (manpage): + - Add cross reference links and a table of contents to the HTML + tor manpage. Closes ticket 33369. Work by Swati Thacker as + part of Google Season of Docs. diff --git a/changes/ticket33370 b/changes/ticket33370 new file mode 100644 index 0000000000..41e03357f0 --- /dev/null +++ b/changes/ticket33370 @@ -0,0 +1,3 @@ + o Minor features (client-only compilation): + - Disable more of our self-testing code when support for relay mode is + disabled. Closes ticket 33370. diff --git a/changes/ticket33400 b/changes/ticket33400 new file mode 100644 index 0000000000..7603890765 --- /dev/null +++ b/changes/ticket33400 @@ -0,0 +1,3 @@ + o Minor feature (onion service v3): + - Log at INFO level why the service can not upload its descriptor(s). Closes + ticket 33400; bugfix on 0.3.2.1-alpha. diff --git a/changes/ticket33436 b/changes/ticket33436 new file mode 100644 index 0000000000..69b5545c6d --- /dev/null +++ b/changes/ticket33436 @@ -0,0 +1,4 @@ + o Minor features (directory authority, shared random): + - Refactor more authority-only parts of the shared-random scheduling code + to reside in the dirauth module, and to be disabled when compiling with + --disable-module-dirauth. Closes ticket 33436. diff --git a/changes/ticket33451 b/changes/ticket33451 new file mode 100644 index 0000000000..74dd6d1ad8 --- /dev/null +++ b/changes/ticket33451 @@ -0,0 +1,3 @@ + o Minor features (developer tools): + - Add a script ("git-install-tools.sh") to install git hooks and helper + scripts. Closes ticket 33451. diff --git a/changes/ticket33460 b/changes/ticket33460 deleted file mode 100644 index 21e0fc966c..0000000000 --- a/changes/ticket33460 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (usability): - - Include more information when failing to parse a configuration value. - This should make it easier to tell what's going wrong when a - configuration file doesn't parse. Closes ticket 33460. diff --git a/changes/ticket33491 b/changes/ticket33491 deleted file mode 100644 index 595ea863ea..0000000000 --- a/changes/ticket33491 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (DoS defenses, bridges, pluggable transport): - - DoS subsystem was not given the transport name of the client connection - when tor is a bridge and thus failing to find the GeoIP cache entry for - that client address. This resulted in failing to apply DoS defenses on - bridges with a pluggable transport. Fixes bug 33491; bugfix on - 0.3.3.2-alpha. diff --git a/changes/ticket33619 b/changes/ticket33619 deleted file mode 100644 index 3c52858b35..0000000000 --- a/changes/ticket33619 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (circuit padding, memory leaks): - - Avoid a remotely triggered memory leak in the case that a circuit - padding machine is somehow negotiated twice on the same circuit. Fixes - bug 33619; bugfix on 0.4.0.1-alpha. Found by Tobias Pulls. This is - also tracked as TROVE-2020-004. diff --git a/changes/ticket33623 b/changes/ticket33623 deleted file mode 100644 index 528af3ca02..0000000000 --- a/changes/ticket33623 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor feature (sendme, flow control): - - Default on sending SENDME version 1 cells. Closes ticket 33623. diff --git a/changes/ticket33633 b/changes/ticket33633 new file mode 100644 index 0000000000..de030a6000 --- /dev/null +++ b/changes/ticket33633 @@ -0,0 +1,6 @@ + o Code simplification and refactoring: + - Move the circuit extend code to the relay module. + Split the circuit extend function into smaller functions. + Closes ticket 33633. + - Move LOG_PROTOCOL_WARN to app/config.c. Resolves a dependency inversion. + Closes ticket 33633. diff --git a/changes/ticket33642 b/changes/ticket33642 new file mode 100644 index 0000000000..b81edf7613 --- /dev/null +++ b/changes/ticket33642 @@ -0,0 +1,4 @@ + o Minor features (developer tooling): + - Refrain from listing all .a files that are generated by Tor build in + .gitignore. Add a single wildcard *.a entry that covers all of them for + present and future. Closes ticket 33642. diff --git a/changes/ticket33643 b/changes/ticket33643 deleted file mode 100644 index 7fddab74eb..0000000000 --- a/changes/ticket33643 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (testing): - - The unit tests now support a "TOR_SKIP_TESTCASES" environment variable - to specify a list of space-separated test cases that should not be - executed. We will use this to disable certain tests that are failing on - Appveyor because of mismatched OpenSSL libraries. Part of ticket 33643. diff --git a/changes/ticket33643_part2 b/changes/ticket33643_part2 deleted file mode 100644 index 28193d2af5..0000000000 --- a/changes/ticket33643_part2 +++ /dev/null @@ -1,3 +0,0 @@ - o Testing (CI): - - On appveyor, skip the crypto/openssl_version test, which is failing - because of a mismatched library installation. Fix for 33643. diff --git a/changes/ticket33646 b/changes/ticket33646 deleted file mode 100644 index 751c5d5bf2..0000000000 --- a/changes/ticket33646 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (build system): - - Correctly output the enabled module in the configure summary. Before that, - the list shown was just plain wrong. Fixes bug 33646; bugfix on - 0.4.3.2-alpha. diff --git a/changes/ticket33678_043 b/changes/ticket33678_043 deleted file mode 100644 index 12316262fd..0000000000 --- a/changes/ticket33678_043 +++ /dev/null @@ -1,3 +0,0 @@ - o Code simplification and refactoring: - - Disable our coding standards best practices tracker in our git hooks. - (0.4.3 branches only.) Closes ticket 33678. diff --git a/changes/ticket33679 b/changes/ticket33679 new file mode 100644 index 0000000000..d37842d065 --- /dev/null +++ b/changes/ticket33679 @@ -0,0 +1,4 @@ + o Minor features (IPv6 Support, address.c): + - Adds IPv6 support to tor_addr_is_valid(). Adds tests for the + above changes and tor_addr_is_null(). Closes ticket 33679. + Patch by MrSquanchee. diff --git a/changes/ticket33778 b/changes/ticket33778 new file mode 100644 index 0000000000..a33c647a6e --- /dev/null +++ b/changes/ticket33778 @@ -0,0 +1,3 @@ + o Documentation (manpage): + - Updated the options set by TestingTorNetwork in the man page. + Closes ticket 33778. diff --git a/changes/ticket33779 b/changes/ticket33779 new file mode 100644 index 0000000000..d4bc769ebb --- /dev/null +++ b/changes/ticket33779 @@ -0,0 +1,3 @@ + o Minor bugfixes (onion service, logging): + - Typo in a log info level when PublishHidServDescriptors is set to 0. + Fixes bug 33779; bugfix on 0.3.2.1-alpha. diff --git a/changes/ticket33788 b/changes/ticket33788 new file mode 100644 index 0000000000..236c056623 --- /dev/null +++ b/changes/ticket33788 @@ -0,0 +1,4 @@ + o Minor features (code safety): + - Check for failures of tor_inet_ntop() and tor_inet_ntoa() functions in + DNS and IP address processing code and adjust codepaths to make them + less likely to crash entire Tor instance. Resolves issue 33788. diff --git a/changes/ticket33789 b/changes/ticket33789 new file mode 100644 index 0000000000..a7e69793e6 --- /dev/null +++ b/changes/ticket33789 @@ -0,0 +1,4 @@ + o Code simplification and refactoring (relay address): + - Move a series of functions related to address resolving into their own + files. Closes ticket 33789. + diff --git a/changes/ticket33796 b/changes/ticket33796 new file mode 100644 index 0000000000..9a98bf2d9a --- /dev/null +++ b/changes/ticket33796 @@ -0,0 +1,7 @@ + o Removed features (IPv6, revert): + - Revert the client port prefer IPv6 feature because it breaks the + torsocks use case. The SOCKS resolve command is lacking a mechanism to + ask for a specific address family (v4 or v6) thus prioritizing IPv6 when + an IPv4 address is asked on the resolve SOCKS interface resulting in a + failure. Tor Browser explicitly set PreferIPv6 so this should not affect + the majority of our users. Closes ticket 33796; bugfix on 0.4.4.1-alpha. diff --git a/changes/ticket33804 b/changes/ticket33804 deleted file mode 100644 index 254246dacf..0000000000 --- a/changes/ticket33804 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (client, SocksPort, IPv6): - - Revert PreferIPv6 set by default on the SocksPort because it brokes the - torsocks use case. Tor doesn't have a way for an application to request - the hostname to be resolved for a specific IP version but torsocks - requires that. Up until now, IPv4 was used by default so it is expecting - that, and can't handle a possible IPv6 being returned. Fixes bug 33804; - bugfix on 0.4.3.1-alpha. diff --git a/changes/ticket33817 b/changes/ticket33817 new file mode 100644 index 0000000000..9c22d084eb --- /dev/null +++ b/changes/ticket33817 @@ -0,0 +1,12 @@ + o Major features (IPv6, relay): + - Relays may extend circuits over IPv6, if the relay has an IPv6 ORPort, + and the client supplies the other relay's IPv6 ORPort in the EXTEND2 + cell. IPv6 extends will be used by the relay IPv6 ORPort self-tests in + 33222. Closes ticket 33817. + - Consider IPv6-only EXTEND2 cells valid on relays. Log a protocol warning + if the IPv4 or IPv6 address is an internal address, and internal + addresses are not allowed. But continue to use the other address, if it + is valid. Closes ticket 33817. + - If a relay can extend over IPv4 and IPv6, it chooses between them + uniformly at random. Closes ticket 33817. + - Re-use existing IPv6 connections for circuit extends. Closes ticket 33817. diff --git a/changes/ticket33873 b/changes/ticket33873 new file mode 100644 index 0000000000..c45191181a --- /dev/null +++ b/changes/ticket33873 @@ -0,0 +1,4 @@ + o Minor bugfix (SOCKS, onion service client): + - Also detect bad v3 onion service address of the wrong length when + returning the F6 ExtendedErrors code. Fixes bug 33873; bugfix on + 0.4.3.1-alpha. diff --git a/changes/ticket33901 b/changes/ticket33901 new file mode 100644 index 0000000000..b824cc5b07 --- /dev/null +++ b/changes/ticket33901 @@ -0,0 +1,4 @@ + o Minor features (IPv6, relay): + - Allow clients and relays to send dual-stack and IPv6-only EXTEND2 cells. + Parse dual-stack and IPv6-only EXTEND2 cells on relays. + Closes ticket 33901. diff --git a/changes/ticket33956 b/changes/ticket33956 new file mode 100644 index 0000000000..7ad802797d --- /dev/null +++ b/changes/ticket33956 @@ -0,0 +1,5 @@ + o Code simplification and refactoring: + - Define and use a new constant TOR_ADDRPORT_BUF_LEN which is like + TOR_ADDR_BUF_LEN but includes enough space for an IP address, + brackets, seperating colon, and port number. Closes ticket 33956. + Patch by Neel Chauhan. diff --git a/changes/ticket34087 b/changes/ticket34087 new file mode 100644 index 0000000000..16990c305a --- /dev/null +++ b/changes/ticket34087 @@ -0,0 +1,3 @@ + o Minor bugfix (onion service v3 client): + - Remove a BUG() warning that can occur naturally. Fixes bug 34087; bugfix + on 0.3.2.1-alpha. diff --git a/changes/ticket34211 b/changes/ticket34211 new file mode 100644 index 0000000000..b454873abf --- /dev/null +++ b/changes/ticket34211 @@ -0,0 +1,3 @@ + o Minor features (windows): + - Add support for console control signals like Ctrl+C in Windows + Closes ticket 34211. Patch from Damon Harris (TheDcoder). diff --git a/changes/ticket34382 b/changes/ticket34382 new file mode 100644 index 0000000000..0bdfe22a5e --- /dev/null +++ b/changes/ticket34382 @@ -0,0 +1,6 @@ + o Minor features (Linux seccomp2 sandbox, compilation): + - Allow Tor to build on platforms where it doesn't know how to + report which syscall had caused the linux seccomp2 sandbox + to fail. This change should make the sandbox code more portable + to less common Linux architectures. + Closes ticket 34382. diff --git a/changes/ticket40005 b/changes/ticket40005 new file mode 100644 index 0000000000..12727e0a06 --- /dev/null +++ b/changes/ticket40005 @@ -0,0 +1,3 @@ + o Minor bugfix (control port, onion service): + - Consistently use 'address' in "Invalid v3 address" response to + ONION_CLIENT_AUTH commands. Fixes bug 40005; bugfix on 0.4.3.1-alpha. diff --git a/changes/ticket40089 b/changes/ticket40089 new file mode 100644 index 0000000000..121e8e9820 --- /dev/null +++ b/changes/ticket40089 @@ -0,0 +1,4 @@ + o Minor features (control port): + - If a ClientName was specified in ONION_CLIENT_AUTH_ADD for an + onion service, display it when we use ONION_CLIENT_AUTH_VIEW + on it. Closes ticket 40089. Patch by Neel Chauhan. diff --git a/changes/ticket40109 b/changes/ticket40109 new file mode 100644 index 0000000000..d99db65aa4 --- /dev/null +++ b/changes/ticket40109 @@ -0,0 +1,6 @@ + o Major bugfixes (onion services, DoS): + - The consensus parameters for the onion service DoS defenses was + overwriting the circuit parameters that could have been set by the service + operator using HiddenServiceEnableIntroDoSDefense. Fixes bug 40109; bugfix + on 0.4.2.1-alpha. + diff --git a/changes/ticket40162 b/changes/ticket40162 new file mode 100644 index 0000000000..093042f9af --- /dev/null +++ b/changes/ticket40162 @@ -0,0 +1,7 @@ + o Minor features (authorities): + - Authorities now list a different set of protocols as required and + recommended. These lists are chosen so that only truly recommended + and/or required protocols are included, and so that clients using 0.2.9 + or later will continue to work (even though they are not supported), + whereas only relays running 0.3.5 or later will meet the requirements. + Closes ticket 40162. diff --git a/changes/ticket40164 b/changes/ticket40164 new file mode 100644 index 0000000000..c96118d0a4 --- /dev/null +++ b/changes/ticket40164 @@ -0,0 +1,6 @@ + o Minor features (directory authority): + - Make it possible to specify multiple ConsensusParams torrc lines. + Now directory authority operators can for example put the main + ConsensusParams config in one torrc file and then add to it from + a different torrc file. Closes ticket 40164. + diff --git a/changes/ticket6198 b/changes/ticket6198 new file mode 100644 index 0000000000..7f3fdf2fa7 --- /dev/null +++ b/changes/ticket6198 @@ -0,0 +1,3 @@ + o Minor features (defense in depth): + - Wipe more data from connection address fields before returning them to + the memory heap. Closes ticket 6198. diff --git a/changes/trove_2020_003 b/changes/trove_2020_003 deleted file mode 100644 index aa1a8f1c78..0000000000 --- a/changes/trove_2020_003 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (onion services v3): - - Fix assertion failure that could result from a corrupted ADD_ONION control - port command. Found by Saibato. Fixes bug 33137; bugfix on - 0.3.3.1-alpha. This issue is also being tracked as TROVE-2020-003. |