diff options
Diffstat (limited to 'changes')
133 files changed, 235 insertions, 445 deletions
diff --git a/changes/19271 b/changes/19271 deleted file mode 100644 index dc06ead999..0000000000 --- a/changes/19271 +++ /dev/null @@ -1,2 +0,0 @@ - o Directory authority changes: - - Urras is no longer a directory authority. Closes ticket 19271. diff --git a/changes/asciidoc-UTC b/changes/asciidoc-UTC deleted file mode 100644 index 21fbfc1d67..0000000000 --- a/changes/asciidoc-UTC +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (build): - - When building manual pages, set the timezone to "UTC", so that the - output is reproducible. Fixes bug 19558; bugfix on 0.2.2.9-alpha. - Patch from intrigeri. diff --git a/changes/broken-028-fallbacks b/changes/broken-028-fallbacks deleted file mode 100644 index 698fd6e37a..0000000000 --- a/changes/broken-028-fallbacks +++ /dev/null @@ -1,3 +0,0 @@ - o Minor feature (fallback directories): - - Remove broken fallbacks from the hard-coded fallback directory list. - Closes ticket 20190; patch by teor. diff --git a/changes/buf-sentinel b/changes/buf-sentinel deleted file mode 100644 index 7c5b829c19..0000000000 --- a/changes/buf-sentinel +++ /dev/null @@ -1,11 +0,0 @@ - o Major features (security fixes): - - - Prevent a class of security bugs caused by treating the contents - of a buffer chunk as if they were a NUL-terminated string. At - least one such bug seems to be present in all currently used - versions of Tor, and would allow an attacker to remotely crash - most Tor instances, especially those compiled with extra compiler - hardening. With this defense in place, such bugs can't crash Tor, - though we should still fix them as they occur. Closes ticket 20384 - (TROVE-2016-10-001). - diff --git a/changes/bug16082 b/changes/bug16082 new file mode 100644 index 0000000000..0f2f04fb35 --- /dev/null +++ b/changes/bug16082 @@ -0,0 +1,4 @@ + o Documentation: + - Correctly note that bandwidth accounting values are stored in the + state file, and the bw_accounting file is now obsolete. Closes + ticket 16082. diff --git a/changes/bug17150 b/changes/bug17150 deleted file mode 100644 index 686cc34296..0000000000 --- a/changes/bug17150 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (directory warnings): - - When fetching extrainfo documents, compare their SHA256 digests - and Ed25519 signing key certificates - with the routerinfo that led us to fetch them, rather than - with the most recent routerinfo. Otherwise we generate many - spurious warnings about mismatches. Fixes bug 17150; bugfix - on 0.2.7.2-alpha. diff --git a/changes/bug17744_redux b/changes/bug17744_redux deleted file mode 100644 index d61e17fec3..0000000000 --- a/changes/bug17744_redux +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (build): - - Remove a pair of redundant AM_CONDITIONAL declarations from - configure.ac. Fixes one final case of bug 17744; bugfix on - 0.2.8.2-alpha. - diff --git a/changes/bug18133 b/changes/bug18133 deleted file mode 100644 index 177d286495..0000000000 --- a/changes/bug18133 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (logging): - - When we can't generate a signing key because OfflineMasterKey is set, - do not imply that we should have been able to load it. - Fixes bug 18133; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug18286 b/changes/bug18286 deleted file mode 100644 index e398fb004b..0000000000 --- a/changes/bug18286 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (build): - - Tor now builds again with the recent OpenSSL 1.1 development branch - (tested against 1.1.0-pre4 and 1.1.0-pre5-dev). Closes ticket 18286. - - diff --git a/changes/bug18312 b/changes/bug18312 deleted file mode 100644 index 7dcb3266bf..0000000000 --- a/changes/bug18312 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Stop recommending use of nicknames to identify relays in our - MapAddress documentation. Closes ticket 18312. - diff --git a/changes/bug18397 b/changes/bug18397 deleted file mode 100644 index 53993da4e6..0000000000 --- a/changes/bug18397 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (Linux seccomp2 sandbox): - - Add a few missing syscalls to the seccomp2 sandbox: sysinfo, - getsockopt(SO_SNDBUF), and setsockopt(SO_SNDBUFFORCE). On - some systems, these are required for Tor to start with - "Sandbox 1" enabled. - Fixes bug 18397; bugfix on 0.2.5.1-alpha. Patch from - Daniel Pinto. diff --git a/changes/bug18460 b/changes/bug18460 deleted file mode 100644 index a8c1a19774..0000000000 --- a/changes/bug18460 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (statistics): - - We now include consensus downloads via IPv6 in our directory-request statistics. - Fixes bug 18460; bugfix on 0.2.3.14-alpha. - diff --git a/changes/bug18481 b/changes/bug18481 deleted file mode 100644 index 6fd882b36b..0000000000 --- a/changes/bug18481 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (client): - - Turn all TestingClientBootstrap* into non-testing torrc options. This - changes simply renames them by removing "Testing" in front of them and - they do not require TestingTorNetwork to be enabled anymore. Fixes - bug 18481; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug18616 b/changes/bug18616 deleted file mode 100644 index ec59e846ed..0000000000 --- a/changes/bug18616 +++ /dev/null @@ -1,14 +0,0 @@ - o Major bugfixes (directory mirrors): - - Decide whether to advertise begindir support the same way we decide - whether to advertise our DirPort. These decisions being out of sync - led to surprising behavior like advertising begindir support when - our hibernation config options made us not advertise a DirPort. - Resolves bug 18616; bugfix on 0.2.8.1-alpha. Patch by teor. - - o Minor bugfixes: - - Consider more config options when relays decide whether to regenerate - their descriptor. Fixes more of bug 12538; bugfix on 0.2.8.1-alpha. - - Resolve some edge cases where we might launch an ORPort reachability - check even when DisableNetwork is set. Noticed while fixing bug - 18616; bugfix on 0.2.3.9-alpha. - diff --git a/changes/bug18668 b/changes/bug18668 deleted file mode 100644 index 4b186b5c05..0000000000 --- a/changes/bug18668 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (tests): - - Avoid "WSANOTINITIALISED" warnings in the unit tests. Fixes bug 18668; - bugfix on 0.2.8.1-alpha. diff --git a/changes/bug18673 b/changes/bug18673 deleted file mode 100644 index 5d6161718a..0000000000 --- a/changes/bug18673 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (memory leak): - - Fix a small memory leak that would occur when the - TestingEnableCellStatsEvent option was turned on. Fixes bug 18673; - bugfix on 0.2.5.2-alpha. diff --git a/changes/bug18686 b/changes/bug18686 deleted file mode 100644 index 23547d211d..0000000000 --- a/changes/bug18686 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (pluggable transports): - - Avoid reporting a spurious error when we decide that we don't - need to terminate a pluggable transport because it has already - exited. Fixes bug 18686; bugfix on 0.2.5.5-alpha. - diff --git a/changes/bug18710 b/changes/bug18710 deleted file mode 100644 index 269395563d..0000000000 --- a/changes/bug18710 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (DNS proxy): - - Stop a crash that could occur when a client running with DNSPort - received a query with multiple address types, where the first - address type was not supported. Found and fixed by Scott Dial. - Fixes bug 18710; bugfix on 0.2.5.4-alpha. - diff --git a/changes/bug18716 b/changes/bug18716 deleted file mode 100644 index b15a343f4c..0000000000 --- a/changes/bug18716 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (assert, portability): - - Fix an assertion failure in memarea.c on systems where "long" is - shorter than the size of a pointer. - Fixes bug 18716; bugfix on 0.2.1.1-alpha diff --git a/changes/bug18728 b/changes/bug18728 deleted file mode 100644 index e181c17e65..0000000000 --- a/changes/bug18728 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (build): - - Resolve warnings when building on systems that are concerned with - signed char. Fixes bug 18728; bugfix on 0.2.7.2-alpha and - 0.2.6.1-alpha. diff --git a/changes/bug18729 b/changes/bug18729 deleted file mode 100644 index 4ec9ca3254..0000000000 --- a/changes/bug18729 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (logging): - - Stop blasting twelve lines per second from periodic_event_dispatch() - at loglevel debug. Resolves ticket 18729; fix on 0.2.8.1-alpha. diff --git a/changes/bug18761 b/changes/bug18761 deleted file mode 100644 index 78500a88ea..0000000000 --- a/changes/bug18761 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor feature (logging): - - When rejecting a misformed INTRODUCE2 cell, only log at PROTOCOL_WARN - severity. Closes ticket 18761. diff --git a/changes/bug18809 b/changes/bug18809 deleted file mode 100644 index 1e151874b7..0000000000 --- a/changes/bug18809 +++ /dev/null @@ -1,16 +0,0 @@ - o Major bugfixes (bootstrap): - - Check if bootstrap consensus downloads are still needed - when the linked connection attaches. This prevents tor - making unnecessary begindir-style connections, which are - the only directory connections tor clients make since - the fix for 18483 was merged. - - Fix some edge cases where consensus download connections - may not have been closed, even though they were not needed. - Related to fix 18809. - - Make relays retry consensus downloads the correct number of - times, rather than the more aggressive client retry count. - Fixes part of ticket 18809. - - Stop downloading consensuses when we have a consensus, - even if we don't have all the certificates for it yet. - Fixes bug 18809; bugfix on 0.2.8.1-alpha. - Patches by arma and teor. diff --git a/changes/bug18812 b/changes/bug18812 deleted file mode 100644 index 793e1102f7..0000000000 --- a/changes/bug18812 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (bootstrap): - - When a fallback changes its fingerprint from the hard-coded - fingerprint, log a less severe, more explanatory log message. - Fixes bug 18812; bugfix on 0.2.8.1-alpha. Patch by teor. diff --git a/changes/bug18816 b/changes/bug18816 deleted file mode 100644 index 103f816962..0000000000 --- a/changes/bug18816 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfix (bootstrap): - - Consistently use the consensus download schedule for - authority certificates. - Fixes bug 18816; bugfix on 0.2.4.13-alpha. diff --git a/changes/bug18841.1 b/changes/bug18841.1 deleted file mode 100644 index 205ee5a425..0000000000 --- a/changes/bug18841.1 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (compilation): - - Correctly detect compiler flags on systems where _FORTIFY_SOURCE - is predefined. Previously, our use of -D_FORTIFY_SOURCE would - cause a compiler warning, thereby making other checks fail. - Fixes one case of bug 18841; bugfix on 0.2.3.17-beta. Patch from - "trudokal". - diff --git a/changes/bug18849 b/changes/bug18849 deleted file mode 100644 index b12a8da011..0000000000 --- a/changes/bug18849 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfix (logging): - - Reduce excessive logging when directories can't be found. - Fixes bug 18849; bugfix on 0.2.8.3-alpha and 0.2.8.1-alpha. - Patch by teor. diff --git a/changes/bug18920 b/changes/bug18920 deleted file mode 100644 index 1babfd6656..0000000000 --- a/changes/bug18920 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (controller, microdescriptors): - - Make GETINFO dir/status-vote/current/consensus conform to the control - specification by returning "551 Could not open cached consensus..." - when not caching consensuses. - Fixes bug 18920; bugfix on 0.2.2.6-alpha. diff --git a/changes/bug18921 b/changes/bug18921 deleted file mode 100644 index cdd868a005..0000000000 --- a/changes/bug18921 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (IPv6 bridges): - - Fix directory address selection for IPv6 bridges. - Fixes bug 18921; bugfix on 0.2.8.1-alpha. - Patch by "teor". diff --git a/changes/bug18929 b/changes/bug18929 deleted file mode 100644 index c607e630a6..0000000000 --- a/changes/bug18929 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (IPv6): - - Make directory node selection more reliable, mainly for - IPv6-only clients and clients with few reachable addresses. - Fixes bug 18929; bugfix on 0.2.8.1-alpha. - Patch by "teor". diff --git a/changes/bug18943 b/changes/bug18943 deleted file mode 100644 index 6bcd868460..0000000000 --- a/changes/bug18943 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (crypto, portability): - - The SHA3 and SHAKE routines now produce the correct output on - Big Endian systems, unbreaking the unit tests. No code calls - either algorithm family yet, so this is primarily a build fix. - Fixes bug 18943; bugfix on 0.2.8.1-alpha. - diff --git a/changes/bug18977 b/changes/bug18977 deleted file mode 100644 index 3f46b09fba..0000000000 --- a/changes/bug18977 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (time handling): - - When correcting a corrupt 'struct tm' value, fill in the tm_wday - field. Otherwise, our unit tests crash on Windows. - Fixes bug 18977; bugfix on 0.2.2.25-alpha. diff --git a/changes/bug19003 b/changes/bug19003 deleted file mode 100644 index ca94938ef9..0000000000 --- a/changes/bug19003 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (small networks): - - Allow directories in small networks to bootstrap by - skipping DirPort checks when the consensus has no exits. - Fixes bug 19003; bugfix on 0.2.8.1-alpha. - Patch by teor. diff --git a/changes/bug19008 b/changes/bug19008 deleted file mode 100644 index c51c98faa6..0000000000 --- a/changes/bug19008 +++ /dev/null @@ -1,3 +0,0 @@ - o Major bugfixes (testing): - - Fix a bug that would block 'make test-network-all' on systems - where IPv6 packets were lost. Fixes bug 19008; bugfix on tor-0.2.7.3-rc. diff --git a/changes/bug19032 b/changes/bug19032 deleted file mode 100644 index 93f17c2f91..0000000000 --- a/changes/bug19032 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (security, directory authorities): - - Fix a crash and out-of-bounds write during authority voting, when the - list of relays includes duplicate ed25519 identity keys. Fixes bug 19032; - bugfix on 0.2.8.2-alpha. diff --git a/changes/bug19161 b/changes/bug19161 deleted file mode 100644 index 78c2165308..0000000000 --- a/changes/bug19161 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - When libscrypt.h is found, but no libscrypt library can be linked, - treat libscrypt as absent. Fixes bug 19161; bugfix on 0.2.6.1-alpha. diff --git a/changes/bug19191 b/changes/bug19191 deleted file mode 100644 index 8670aaa7fd..0000000000 --- a/changes/bug19191 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (downloading): - - Predict more correctly whether we'll be downloading over HTTP when we - determine the maximum length of a URL. This should avoid a "BUG" - warning about the Squid HTTP proxy and its URL limits. Fixes bug 19191; - bugfix on ?????. diff --git a/changes/bug19203 b/changes/bug19203 deleted file mode 100644 index 96bc1e855a..0000000000 --- a/changes/bug19203 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (user interface): - - Correctly give a warning in the cases where a relay is specified by - nickname, and one such relay is found, but it is not officially Named. - Fixes bug 19203; bugfix on 0.2.3.1-alpha. diff --git a/changes/bug19213 b/changes/bug19213 deleted file mode 100644 index 6217814fb4..0000000000 --- a/changes/bug19213 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Cause the unit tests to compile correctly on mingw64 versions - that lack sscanf. Fixes bug 19213; bugfix on 0.2.7.1-alpha. diff --git a/changes/bug19406 b/changes/bug19406 deleted file mode 100644 index e8b661b512..0000000000 --- a/changes/bug19406 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (build): - - Tor now again builds with the recent OpenSSL 1.1 development branch - (tested against 1.1.0-pre5 and 1.1.0-pre6-dev). - diff --git a/changes/bug19454 b/changes/bug19454 deleted file mode 100644 index 05650b5c61..0000000000 --- a/changes/bug19454 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (heartbeat): - - Fix regression that crashes Tor when disabling heartbeats. Fixes bug - 19454; bugfix on tor-0.2.8.1-alpha. Reported by "kubaku". diff --git a/changes/bug19464 b/changes/bug19464 deleted file mode 100644 index 22c9e73dc7..0000000000 --- a/changes/bug19464 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (user interface): - - Remove a warning message "Service [scrubbed] not found after - descriptor upload". This message appears when one uses HSPOST control - command to upload a service descriptor. Since there is only a descriptor - and no service, showing this message is pointless and confusing. - Fixes bug 19464; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug19499 b/changes/bug19499 deleted file mode 100644 index 59bdb29dfa..0000000000 --- a/changes/bug19499 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (build): - - Tor now again builds with the recent OpenSSL 1.1 development branch - (tested against 1.1.0-pre6-dev). Closes ticket 19499. - diff --git a/changes/bug19556 b/changes/bug19556 deleted file mode 100644 index 31856b3db9..0000000000 --- a/changes/bug19556 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (sandboxing): - - When sandboxing is enabled, we could not write any stats to - disk. check_or_create_data_subdir("stats"), which prepares the - private stats directory, calls check_private_dir(), which also - opens and not just stats() the directory. Therefore, we need to - also allow open() for the stats dir in our sandboxing setup. - Fixes bug 19556; bugfix on 0.2.5.1-alpha. diff --git a/changes/bug19557 b/changes/bug19557 deleted file mode 100644 index 55214b0c97..0000000000 --- a/changes/bug19557 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (sandboxing): - - Our sandboxing code would not allow us to write to stats/hidserv-stats, - causing tor to abort while trying to write stats. This was previously - masked by bug 19556. Fixes bug 19557; bugfix on 0.2.6.1-alpha. diff --git a/changes/bug19608 b/changes/bug19608 deleted file mode 100644 index 66c2de214e..0000000000 --- a/changes/bug19608 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (IPv6, microdescriptors): - - Don't check node addresses when we only have a routerstatus. - This allows IPv6-only clients to bootstrap by fetching - microdescriptors from fallback directory mirrors. - (The microdescriptor consensus has no IPv6 addresses in it.) - Fixes bug 19608; bugfix on c281c036 in 0.2.8.2-alpha. diff --git a/changes/bug19660 b/changes/bug19660 deleted file mode 100644 index 72d32c8fe2..0000000000 --- a/changes/bug19660 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes (sandboxing): - - If we did not find a non-private IPaddress by iterating over - interfaces, we would try to get one via - get_interface_address6_via_udp_socket_hack(). This opens a - datagram socket with IPPROTO_UDP. Previously all our datagram - sockets (via libevent) used IPPROTO_IP, so we did not have that - in the sandboxing whitelist. Add (SOCK_DGRAM, IPPROTO_UDP) - sockets to the sandboxing whitelist. Fixes bug 19660. diff --git a/changes/bug19682 b/changes/bug19682 deleted file mode 100644 index c799c417ac..0000000000 --- a/changes/bug19682 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix compilation warning in the unit tests on systems where - char is signed. Fixes bug 19682; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug19728 b/changes/bug19728 deleted file mode 100644 index 98ba34290f..0000000000 --- a/changes/bug19728 +++ /dev/null @@ -1,3 +0,0 @@ - o Directory authority changes: - - The "Tonga" bridge authority has been retired; the new bridge - authority is "Bifroest". Closes tickets 19728 and 19690. diff --git a/changes/bug19782 b/changes/bug19782 deleted file mode 100644 index 37660ead73..0000000000 --- a/changes/bug19782 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (fallback directories): - - Remove a fallback that was on the hardcoded list, then opted-out. - Fixes bug 19782; update to fallback list from 0.2.8.2-alpha. diff --git a/changes/bug19903 b/changes/bug19903 deleted file mode 100644 index 33aa8789d7..0000000000 --- a/changes/bug19903 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Remove an inappropriate "inline" in tortls.c that was causing warnings - on older versions of GCC. Fixes bug 19903; 0.2.8.1-alpha. - diff --git a/changes/bug19947 b/changes/bug19947 deleted file mode 100644 index b9dce8b753..0000000000 --- a/changes/bug19947 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (fallback directories): - - Avoid logging a NULL string pointer when loading fallback directory information. - Fixes bug 19947; bugfix on 0.2.4.7-alpha and 0.2.8.1-alpha. - Report and patch by "rubiate". diff --git a/changes/bug19969 b/changes/bug19969 deleted file mode 100644 index 0bdd880bb7..0000000000 --- a/changes/bug19969 +++ /dev/null @@ -1,10 +0,0 @@ - o Major bugfixes (client performance); - - Clients now respond to new application stream requests when - they arrive, rather than waiting up to one second before starting - to handle them. Fixes part of bug 19969; bugfix on 0.2.8.1-alpha. - - o Major bugfixes (clients on flaky network connections); - - When Tor leaves standby because of a new application request, open - circuits as needed to serve that request. Previously, we would - potentially wait a very long time. Fixes part of bug 19969; bugfix - on 0.2.8.1-alpha. diff --git a/changes/bug19973 b/changes/bug19973 deleted file mode 100644 index 7bd5c554f9..0000000000 --- a/changes/bug19973 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (client, security): - - Only use the ReachableAddresses option to restrict the first hop - in a path. Previously, it would apply to every hop in the path, - with a possible degredation in anonymity for anyone using an - uncommon ReachableAddress setting. Fixes bug 19973; bugfix on - 0.2.8.2-alpha. diff --git a/changes/bug20103 b/changes/bug20103 deleted file mode 100644 index bf0aeec009..0000000000 --- a/changes/bug20103 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (crash): - - - Fix a complicated crash bug that could affect Tor clients - configured to use bridges when replacing a networkstatus consensus - in which one of their bridges was mentioned. OpenBSD users saw - more crashes here, but all platforms were potentially affected. - Fixes bug 20103; bugfix on 0.2.8.2-alpha. diff --git a/changes/bug20203 b/changes/bug20203 deleted file mode 100644 index 711c91ba85..0000000000 --- a/changes/bug20203 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (relay, OOM handler): - - Fix a timing-dependent assertion failure that could occur when we - tried to flush from a circuit after having freed its cells because - of an out-of-memory condition. Fixes bug 20203; bugfix on - 0.2.8.1-alpha. Thanks to "cypherpunks" for help diagnosing this - one. diff --git a/changes/bug20235 b/changes/bug20235 deleted file mode 100644 index 54026a8943..0000000000 --- a/changes/bug20235 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (compatibility): - - Work around a bug in the OSX 10.12 SDK that would prevent us - from successfully targetting earlier versions of OSX. - Resolves ticket 20235. diff --git a/changes/bug20247 b/changes/bug20247 new file mode 100644 index 0000000000..731cf0046f --- /dev/null +++ b/changes/bug20247 @@ -0,0 +1,4 @@ + o Minor bugfixes (linux seccomp2 sandbox): + - Avoid a sandbox failure when trying to re-bind to a socket and mark + it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha. + diff --git a/changes/bug20551 b/changes/bug20551 deleted file mode 100644 index 1e0746b666..0000000000 --- a/changes/bug20551 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation); - - Fix implicit conversion warnings under OpenSSL 1.1. - Fixes bug 20551; bugfix on 0.2.1.1-alpha. diff --git a/changes/bug20553 b/changes/bug20553 deleted file mode 100644 index 12a2780303..0000000000 --- a/changes/bug20553 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (memory leak): - - Work around a memory leak in OpenSSL 1.1 when encoding public keys. - Fixes bug 20553; bugfix on 0.0.2pre8. diff --git a/changes/bug20588 b/changes/bug20588 deleted file mode 100644 index be199b2de0..0000000000 --- a/changes/bug20588 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (portability): - - Fix compilation with OpenSSL 1.1 and less commonly-used - CPU architectures. Closes ticket 20588. diff --git a/changes/bug20865 b/changes/bug20865 deleted file mode 100644 index 575d886a3e..0000000000 --- a/changes/bug20865 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (portability): - - Avoid compilation errors when building on OSX Sierra. Sierra began - to support the getentropy() API, but created a few problems in - doing so. Tor 0.2.9 has a more thorough set of workarounds; in - 0.2.8, we are just using the /dev/urandom interface. Fixes - bug 20865. Bugfix on 0.2.8.1-alpha. - diff --git a/changes/bug21018 b/changes/bug21018 deleted file mode 100644 index 49a8b47a25..0000000000 --- a/changes/bug21018 +++ /dev/null @@ -1,11 +0,0 @@ - o Major bugfixes (parsing, security): - - - Fix a bug in parsing that could cause clients to read a single - byte past the end of an allocated region. This bug could be - used to cause hardened clients (built with - --enable-expensive-hardening) to crash if they tried to visit - a hostile hidden service. Non-hardened clients are only - affected depending on the details of their platform's memory - allocator. Fixes bug 21018; bugfix on 0.2.0.8-alpha. Found by - using libFuzzer. Also tracked as TROVE-2016-12-002 and as - CVE-2016-1254. diff --git a/changes/bug22212 b/changes/bug22212 new file mode 100644 index 0000000000..f92d6701d3 --- /dev/null +++ b/changes/bug22212 @@ -0,0 +1,5 @@ + o Minor bugfixes (netflow padding logging): + - Demote a warn that was caused by libevent delays to info if + the padding is less than 4.5 seconds late, or notice if it is more + (4.5 seconds is the amount of time that a netflow record might + be emitted after, if we chose the maximum timeout). Fixes bug #22212. diff --git a/changes/bug22286 b/changes/bug22286 new file mode 100644 index 0000000000..f72e8fe2c7 --- /dev/null +++ b/changes/bug22286 @@ -0,0 +1,3 @@ + o Minor features (tests): + - Add a couple more tests for compression backend initialization. + Closes ticket 22286. diff --git a/changes/bug22347 b/changes/bug22347 new file mode 100644 index 0000000000..f294ba0a2d --- /dev/null +++ b/changes/bug22347 @@ -0,0 +1,2 @@ + o Documentation: + - Add a manpage description for the key-pinning-journal file. diff --git a/changes/bug22349 b/changes/bug22349 new file mode 100644 index 0000000000..bb43404bfe --- /dev/null +++ b/changes/bug22349 @@ -0,0 +1,9 @@ + o Minor bugfixes (directory authority): + - When a directory authority rejects a descriptor or extrainfo with + a given digest, mark that digest as undownloadable, so that we + do not attempt to download it again over and over. We previously + tried to avoid downloading such descriptors by other means, but + we didn't notice if we accidentally downloaded one anyway. This + behavior became problematic in 0.2.7.2-alpha, when authorities + began pinning Ed25519 keys. Fixes ticket + 22349; bugfix on 0.2.1.19-alpha. diff --git a/changes/bug22356 b/changes/bug22356 new file mode 100644 index 0000000000..0082b542be --- /dev/null +++ b/changes/bug22356 @@ -0,0 +1,5 @@ + o Minor bugfixes (logging, relay): + - Downgrade "assigned_to_cpuworker failed" message to INFO-level + severity. In every case that can reach it, either a better warning + has already been logged, or no warning is warranted. Fixes bug 22356; + bugfix on 0.2.6.3-alpha. diff --git a/changes/bug22400_01 b/changes/bug22400_01 new file mode 100644 index 0000000000..454c5f746f --- /dev/null +++ b/changes/bug22400_01 @@ -0,0 +1,4 @@ + o Major bugfixes (entry guards): + - When starting with an old consensus, do not add new entry guards + unless the consensus is "reasonably live" (under 1 day old). Fixes + one root cause of bug 22400; bugfix on 0.3.0.1-alpha. diff --git a/changes/bug22490 b/changes/bug22490 deleted file mode 100644 index 244dd50b36..0000000000 --- a/changes/bug22490 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (correctness): - - Avoid undefined behavior when parsing IPv6 entries from the geoip6 - file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. diff --git a/changes/bug22502_part1 b/changes/bug22502_part1 new file mode 100644 index 0000000000..bd95b7c7c4 --- /dev/null +++ b/changes/bug22502_part1 @@ -0,0 +1,12 @@ + o Major bugfixes (compression, zstd): + - Correctly detect a full buffer when decompessing a large + zstd-compressed input. Fixes bug 22628; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (compression): + - When compressing or decompressing a buffer, check for a failure to + create a compression object. Fixes bug 22626; bugfix on + 0.3.1.1-alpha. + + - When decompressing a buffer, check for extra data after the end of + the compressed data. Fixes bug 22629; bugfix on 0.3.1.1-alpha. + diff --git a/changes/bug22516 b/changes/bug22516 new file mode 100644 index 0000000000..f024a3c470 --- /dev/null +++ b/changes/bug22516 @@ -0,0 +1,5 @@ + o Minor bugfixes (linux seccomp2 sandbox): + - Permit the fchmod system call, to avoid crashing on startup when + starting with the seccomp2 sandbox and an unexpected set of permissions + on the data directory or its contents. Fixes bug 22516; bugfix on + 0.2.5.4-alpha. diff --git a/changes/bug22520 b/changes/bug22520 new file mode 100644 index 0000000000..cc14f7214c --- /dev/null +++ b/changes/bug22520 @@ -0,0 +1,5 @@ + o Minor bugfixes (error reporting, windows): + - When formatting Windows error messages, use the English format + to avoid codepage issues. Fixes bug 22520; bugfix on + 0.1.2.8-alpha. Patch from "Vort". + diff --git a/changes/bug22669 b/changes/bug22669 new file mode 100644 index 0000000000..804a39e781 --- /dev/null +++ b/changes/bug22669 @@ -0,0 +1,4 @@ + o Minor bugfixes (compression): + - When serving directory votes compressed with zlib, + do not claim to have compressed them with zstd. Fixes bug 22669; + bugfix on 0.3.1.1-alpha. diff --git a/changes/bug22670 b/changes/bug22670 new file mode 100644 index 0000000000..47403277d2 --- /dev/null +++ b/changes/bug22670 @@ -0,0 +1,4 @@ + o Minor bugfixes (logging, compression): + - When decompressing, do not warn if we fail to decompress using a + compression method that we merely guessed. Fixes part of + bug 22670; bugfix on 0.1.1.14-alpha. diff --git a/changes/bug22670_02 b/changes/bug22670_02 new file mode 100644 index 0000000000..3e7a428faf --- /dev/null +++ b/changes/bug22670_02 @@ -0,0 +1,4 @@ + o Minor bugfixes (logging, compression): + - When decompressing, treat mismatch between content-encoding and + actual compression type as a protocol warning. Fixes part of bug + 22670; bugfix on 0.1.1.9-alpha. diff --git a/changes/bug22670_03 b/changes/bug22670_03 new file mode 100644 index 0000000000..8a7aa49bcd --- /dev/null +++ b/changes/bug22670_03 @@ -0,0 +1,6 @@ + o Minor bugfixes (compression): + - When decompressing an object received over an anonymous directory + connection, if we have already successfully decompressed it using an + acceptable compression method, do not reject it for looking like an + unacceptable compression method. Fixes part of bug 22670; bugfix on + 0.3.1.1-alpha. diff --git a/changes/bug22672 b/changes/bug22672 new file mode 100644 index 0000000000..ec6681149d --- /dev/null +++ b/changes/bug22672 @@ -0,0 +1,5 @@ + o Minor features (compression, defensive programming): + - Detect and break out of infinite loops in our compression code. + We don't think that any such loops exist now, but it's best to be + safe. Closes ticket 22672. + diff --git a/changes/bug22702 b/changes/bug22702 new file mode 100644 index 0000000000..a2044c70bf --- /dev/null +++ b/changes/bug22702 @@ -0,0 +1,5 @@ + o Major bugfixes (directory protocol): + - Ensure that we sent "304 Not modified" as HTTP status code when a + client is attempting to fetch a consensus or consensus diff that + matches the latest consensus we have available. Fixes bug 22702; + bugfix on 0.3.1.1-alpha. diff --git a/changes/bug22719 b/changes/bug22719 new file mode 100644 index 0000000000..bfcda0a4e1 --- /dev/null +++ b/changes/bug22719 @@ -0,0 +1,7 @@ + o Minor bugfixes (compression): + - When spooling compressed data to an output buffer, don't try to + spool more data when there is no more data to spool and we are + not trying to flush the input. Previously, we would sometimes + launch compression requests with nothing to do, which interferes + with our 22672 checks. Fixes bug 22719; bugfix on 0.2.0.16-alpha. + diff --git a/changes/bug22720 b/changes/bug22720 new file mode 100644 index 0000000000..4893b577f0 --- /dev/null +++ b/changes/bug22720 @@ -0,0 +1,9 @@ + o Minor bugfixes (process behavior): + - When exiting because of an error, always exit with a nonzero + exit status. Previously, we would fail to report an error in + our exit status in cases related to lockfile contention, + __OwningControllerProcess failure, and Ed25519 key + initialization. Fixes bug 22720; bugfix on versions + 0.2.1.6-alpha, 0.2.2.28-beta, and 0.2.7.2-alpha + respectively. Reported by "f55jwk4f"; patch from "huyvq". + diff --git a/changes/bug22751 b/changes/bug22751 new file mode 100644 index 0000000000..714525c8af --- /dev/null +++ b/changes/bug22751 @@ -0,0 +1,5 @@ + o Major bugfixes (compression): + - Fix crash in LZMA module, when the Sandbox is enabled, where + liblzma would allocate more than 16 MB of memory. We solve this + by bumping the mprotect() limit in the Sandbox module from 16 MB + to 20 MB. Fixes bug 22751; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug22753 b/changes/bug22753 new file mode 100644 index 0000000000..32a6dfa56c --- /dev/null +++ b/changes/bug22753 @@ -0,0 +1,7 @@ + o Major bugfixes (path selection, security): + - When choosing which guard to use for a circuit, avoid the + exit's family along with the exit itself. Previously, the new + guard selection logic avoided the exit, but did not consider + its family. Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked + as TROVE-2016-006 and CVE-2017-0377. + diff --git a/changes/bug22797 b/changes/bug22797 new file mode 100644 index 0000000000..619baaa409 --- /dev/null +++ b/changes/bug22797 @@ -0,0 +1,4 @@ + o Minor bugfixes (file limits): + - When setting the maximum number of connections allowed by the OS, + always allow some extra file descriptors for other files. + Fixes bug 22797; bugfix on 0.2.0.10-alpha. diff --git a/changes/bug22801 b/changes/bug22801 new file mode 100644 index 0000000000..7edc79bc84 --- /dev/null +++ b/changes/bug22801 @@ -0,0 +1,5 @@ + o Minor bugfixes (compilation): + - When building with certain versions the mingw C header files, avoid + float-conversion warnings when calling the C functions isfinite(), + isnan(), and signbit(). Fixes bug 22801; bugfix on 0.2.8.1-alpha. + diff --git a/changes/bug22803 b/changes/bug22803 new file mode 100644 index 0000000000..80b4b9f589 --- /dev/null +++ b/changes/bug22803 @@ -0,0 +1,3 @@ + o Minor bugfixes (unit tests): + - Fix a memory leak in the link-handshake/certs_ok_ed25519 test. + Fixes bug 22803; bugfix on 0.3.0.1-alpha. diff --git a/changes/bug22830 b/changes/bug22830 new file mode 100644 index 0000000000..123b725aff --- /dev/null +++ b/changes/bug22830 @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Fix a problem with Rust toolchains not being found when building + without --enable-cargo-online-mode, due to setting the $HOME + environment variable instead of $CARGO_HOME. Fixes bug 22830; + fix by Chelsea Komlo. Bugfix on 0.3.1.1-alpha. diff --git a/changes/bug22838_028 b/changes/bug22838_028 deleted file mode 100644 index 1d0a4fbfd1..0000000000 --- a/changes/bug22838_028 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha): - - Backport a fix for an "unused variable" warning that appeared - in some versions of mingw. Fixes bug 22838; bugfix on - 0.2.8.1-alpha. - diff --git a/changes/bug22883-config b/changes/bug22883-config new file mode 100644 index 0000000000..d60594d9ae --- /dev/null +++ b/changes/bug22883-config @@ -0,0 +1,7 @@ + o Minor features (directory cache, consensus diff): + - Add a new MaxConsensusAgeForDiffs option to allow directory cache + operators with low-resource environments to adjust the number of + consensuses they'll store and generate diffs from. Most cache operators + should leave it unchanged. Helps to work around bug 22883. + + diff --git a/changes/bug22883-priority b/changes/bug22883-priority new file mode 100644 index 0000000000..4b3531c30b --- /dev/null +++ b/changes/bug22883-priority @@ -0,0 +1,8 @@ + o Major bugfixes (relay, performance): + + - Perform circuit handshake operations at a higher priority than we use + for consensus diff creation and compression. This should prevent + circuits from starving when a relay or bridge receive a new consensus, + especially on lower-powered machines. Fixes bug 22883; bugfix on + 0.3.1.1-alpha. + diff --git a/changes/bug22892 b/changes/bug22892 new file mode 100644 index 0000000000..9a70cb0576 --- /dev/null +++ b/changes/bug22892 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation): + - Compile correctly when both openssl 1.1.0 and libscrypt are detected. + Previously this would cause an error. Fixes bug 22892; bugfix on + 0.3.1.1-alpha. diff --git a/changes/bug22915 b/changes/bug22915 new file mode 100644 index 0000000000..17a9c6018f --- /dev/null +++ b/changes/bug22915 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation warnings): + - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915; + bugfix on 0.2.8.1-alpha. diff --git a/changes/bug22916_027 b/changes/bug22916_027 new file mode 100644 index 0000000000..5cf99c7d15 --- /dev/null +++ b/changes/bug22916_027 @@ -0,0 +1,3 @@ + o Minor bugfixes (Compilation): + - Fix warnings when building with libscrypt and openssl scrypt support + on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug22927 b/changes/bug22927 new file mode 100644 index 0000000000..6e68e6ff08 --- /dev/null +++ b/changes/bug22927 @@ -0,0 +1,6 @@ + o Minor bugfixes (compatibility, zstd): + - Write zstd epilogues correctly when the epilogue requires reallocation + of the output buffer, even with zstd 1.3.0. (Previously, + we worked on 1.2.0 and failed with 1.3.0). Fixes bug 22927; bugfix on + 0.3.1.1-alpha. + diff --git a/changes/bug23030_029 b/changes/bug23030_029 new file mode 100644 index 0000000000..89a1b507d7 --- /dev/null +++ b/changes/bug23030_029 @@ -0,0 +1,7 @@ + o Minor bugfixes (coverity builds): + - Avoid Coverity build warnings related to our BUG() macro. By + default, Coverity treats BUG() as the Linux kernel does: an + instant abort(). We need to override that so our BUG() macro + doesn't prevent Coverity from analyzing functions that use it. + Fixes bug 23030; bugfix on 0.2.9.1-alpha. + diff --git a/changes/bug23053 b/changes/bug23053 new file mode 100644 index 0000000000..082e239409 --- /dev/null +++ b/changes/bug23053 @@ -0,0 +1,5 @@ + o Minor bugfixes (memory leak): + - Fix a small memory leak when validating a configuration that + uses two or more AF_UNIX sockets for the same port type. + Fixes bug 23053; bugfix on 0.2.6.3-alpha. This is CID + 1415725. diff --git a/changes/bug23071 b/changes/bug23071 new file mode 100644 index 0000000000..4756dd6252 --- /dev/null +++ b/changes/bug23071 @@ -0,0 +1,5 @@ + o Minor bugfixes (tests): + - Port the hs_ntor handshake test to work correctly with recent + versions of the pysha3 module. Fixes bug 23071; bugfix on + 0.3.1.1-alpha. + diff --git a/changes/bug23078 b/changes/bug23078 new file mode 100644 index 0000000000..67624007cf --- /dev/null +++ b/changes/bug23078 @@ -0,0 +1,7 @@ + o Minor bugfixes (logging, relay): + - Remove a log_warn() that has been forgotten when an introduction point + successfully established a hidden service prop224 circuit with a client. + - Three other log_warn() for an introduction point have been changed to + protocol warning because they can be failure from the network and are + not relevant to the operator. Fixes bug 23078; bugfix on + tor-0.3.0.1-alpha and tor-0.3.0.2-alpha. diff --git a/changes/bug23081 b/changes/bug23081 new file mode 100644 index 0000000000..76c4e30971 --- /dev/null +++ b/changes/bug23081 @@ -0,0 +1,8 @@ + o Minor bugfixes (Windows service): + - When running as a Windows service, set the ID of the main thread + correctly. Failure to do so made us fail to send log messages + to the controller in 0.2.1.16-rc, slowed down controller + event delivery in 0.2.7.3-rc and later, and crash with an assertion + failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha. + Patch and diagnosis from "Vort". + diff --git a/changes/bug23139 b/changes/bug23139 new file mode 100644 index 0000000000..ed63ce85e2 --- /dev/null +++ b/changes/bug23139 @@ -0,0 +1,3 @@ + o Minor bugfixes (directory cache): + - Fix a memory leak in the code that recovers space in the consensus + directory cache. Fixes bug 23139; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug23155 b/changes/bug23155 new file mode 100644 index 0000000000..4c24ab136c --- /dev/null +++ b/changes/bug23155 @@ -0,0 +1,4 @@ + o Minor bugfixes (stability): + - Avoid crashing on double-free when unable to load or process + an included file. Fixes bug 23155; bugfix on 0.3.1.1-alpha. + Found with the clang static analyzer. diff --git a/changes/bug23233 b/changes/bug23233 new file mode 100644 index 0000000000..689a99a2a8 --- /dev/null +++ b/changes/bug23233 @@ -0,0 +1,4 @@ + o Minor bugfixes (hidden service): + - Fix a BUG alert during HSv3 descriptor decoding that could trigger with a + specially crafted descriptor. Fixes bug #23233; bugfix on 0.3.0.1-alpha. + Bug found by "haxxpop". diff --git a/changes/diagnose_22752 b/changes/diagnose_22752 new file mode 100644 index 0000000000..b5bda05ec0 --- /dev/null +++ b/changes/diagnose_22752 @@ -0,0 +1,4 @@ + o Minor features (bug mitigation, diagnostics, logging): + - Avoid an assertion failure, and log a better error message, + when unable to remove a file from the consensus cache on + Windows. Attempts to mitigate and diagnose bug 22752. diff --git a/changes/doc17621 b/changes/doc17621 deleted file mode 100644 index ab37d29b50..0000000000 --- a/changes/doc17621 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation: - - Document the contents of the 'datadir/keys' subdirectory in the manual - page. Closes ticket 17621. diff --git a/changes/fallbacks-201604 b/changes/fallbacks-201604 deleted file mode 100644 index 7acefaaf08..0000000000 --- a/changes/fallbacks-201604 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (fallback directory mirrors): - - Give each fallback the same weight for client selection; - restrict fallbacks to one per operator; - report fallback directory detail changes when rebuilding list; - add new fallback directory mirrors to the whitelist; - update fallback directories based on the latest OnionOO data; - and any other minor simplifications and fixes. - Closes tasks 17158, 17905, 18749, bug 18689, and fixes part of - bug 18812 on 0.2.8.1-alpha; patch by "teor". diff --git a/changes/feature18483 b/changes/feature18483 deleted file mode 100644 index d0fa8df58d..0000000000 --- a/changes/feature18483 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (clients): - - Make clients, onion services, and bridge relays always - use an encrypted begindir connection for directory requests. - Resolves ticket 18483. Patch by "teor". diff --git a/changes/geoip-april2016 b/changes/geoip-april2016 deleted file mode 100644 index c55aa179b5..0000000000 --- a/changes/geoip-april2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the April 5 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-april2017 b/changes/geoip-april2017 deleted file mode 100644 index b489eaf016..0000000000 --- a/changes/geoip-april2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the April 4 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-august2016 b/changes/geoip-august2016 deleted file mode 100644 index 370ab64cac..0000000000 --- a/changes/geoip-august2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the August 2 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-december2016 b/changes/geoip-december2016 deleted file mode 100644 index 60754ea21d..0000000000 --- a/changes/geoip-december2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-february2017 b/changes/geoip-february2017 deleted file mode 100644 index ec54b6122a..0000000000 --- a/changes/geoip-february2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-january2017 b/changes/geoip-january2017 deleted file mode 100644 index de1a4cbe2a..0000000000 --- a/changes/geoip-january2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-july2016 b/changes/geoip-july2016 deleted file mode 100644 index d9963bd6a8..0000000000 --- a/changes/geoip-july2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the July 6 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-jun2016 b/changes/geoip-jun2016 deleted file mode 100644 index 6c9847ca58..0000000000 --- a/changes/geoip-jun2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the June 7 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-march2017 b/changes/geoip-march2017 deleted file mode 100644 index 6dc92baa2f..0000000000 --- a/changes/geoip-march2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the March 7 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-may2016 b/changes/geoip-may2016 deleted file mode 100644 index cf78ab10c7..0000000000 --- a/changes/geoip-may2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the May 4 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-may2017 b/changes/geoip-may2017 deleted file mode 100644 index 4e504d7a0a..0000000000 --- a/changes/geoip-may2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-november2016 b/changes/geoip-november2016 deleted file mode 100644 index 5190ed66f4..0000000000 --- a/changes/geoip-november2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-october2016 b/changes/geoip-october2016 deleted file mode 100644 index fff9a1eeb5..0000000000 --- a/changes/geoip-october2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the October 4 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-september2016 b/changes/geoip-september2016 deleted file mode 100644 index 1bf5570f2d..0000000000 --- a/changes/geoip-september2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/memarea_overflow b/changes/memarea_overflow deleted file mode 100644 index 8fdc38cc09..0000000000 --- a/changes/memarea_overflow +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (pointer arithmetic): - - Fix a bug in memarea_alloc() that could have resulted in remote heap - write access, if Tor had ever passed an unchecked size to - memarea_alloc(). Fortunately, all the sizes we pass to memarea_alloc() - are pre-checked to be less than 128 kilobytes. Fixes bug 19150; bugfix - on 0.2.1.1-alpha. Bug found by Guido Vranken. - diff --git a/changes/more-files b/changes/more-files new file mode 100644 index 0000000000..861d6a3143 --- /dev/null +++ b/changes/more-files @@ -0,0 +1,4 @@ + o Documentation: + - Document more of the files in the Tor data directory, including + cached-extrainfo, secret_onion_key{,_ntor}.old, hidserv-stats, + approved-routers, sr-random, and diff-cache. diff --git a/changes/more-threads b/changes/more-threads new file mode 100644 index 0000000000..eae88b70fd --- /dev/null +++ b/changes/more-threads @@ -0,0 +1,3 @@ + o Minor features (relay, performance): + - Always start relays with at least two worker threads, to prevent + priority inversion on slow tasks. Part of the fix for bug 22883. diff --git a/changes/multi-priority b/changes/multi-priority new file mode 100644 index 0000000000..6f19314b53 --- /dev/null +++ b/changes/multi-priority @@ -0,0 +1,5 @@ + o Minor features (relay, thread pool): + - Allow background work to be queued with different priorities, so + that a big pile of slow low-priority jobs will not starve out + higher priority jobs. This lays the groundwork for a fix for bug + 22883. diff --git a/changes/new_requirement_pkgconfig b/changes/new_requirement_pkgconfig new file mode 100644 index 0000000000..503ff58c9e --- /dev/null +++ b/changes/new_requirement_pkgconfig @@ -0,0 +1,5 @@ + o New dependencies: + - To build with zstd and lzma support, Tor now requires the + pkg-config tool at build time. (This requirement was new in + 0.3.1.1-alpha, but was not noted at the time. Noting it here to + close ticket 22623.) diff --git a/changes/rsa_init_bug b/changes/rsa_init_bug deleted file mode 100644 index 6b5fb4f2f9..0000000000 --- a/changes/rsa_init_bug +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (key management): - - If OpenSSL fails to generate an RSA key, do not retain a dangling pointer - to the previous (uninitialized) key value. The impact here should be - limited to a difficult-to-trigger crash, if OpenSSL is running an - engine that makes key generation failures possible, or if OpenSSL runs - out of memory. Fixes bug 19152; bugfix on 0.2.1.10-alpha. Found by - Yuan Jochen Kang, Suman Jana, and Baishakhi Ray. diff --git a/changes/task-22207 b/changes/task-22207 new file mode 100644 index 0000000000..63544834bf --- /dev/null +++ b/changes/task-22207 @@ -0,0 +1,4 @@ + o Minor features: + - Add "fingerprint" line to networkstatus-bridges produced by + bridge authorities. Implements #22207. + diff --git a/changes/ticket19071-19480 b/changes/ticket19071-19480 deleted file mode 100644 index ab5c72a2d1..0000000000 --- a/changes/ticket19071-19480 +++ /dev/null @@ -1,13 +0,0 @@ - o Minor bugfixes (fallback directory selection): - - Avoid errors during fallback selection if there are no eligible - fallbacks. Fixes bug 19480; bugfix on ba76910 and 78ec782 in - 0.2.8.3-alpha. Patch by teor. - o Minor features (fallback directory list): - - Update hard-coded fallback list to remove unsuitable fallbacks. - Resolves ticket 19071. Patch by teor. - - Add a comment to the generated list that explains how to comment-out - unsuitable fallbacks in a way that's compatible with the stem fallback - parser. - - Update fallback whitelist and blacklist based on relay operator - emails. Blacklist unsuitable fallbacks. Resolves ticket 19071. - Patch by teor. diff --git a/changes/ticket20170-v3 b/changes/ticket20170-v3 deleted file mode 100644 index d634e72053..0000000000 --- a/changes/ticket20170-v3 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (fallback directory list): - - Replace the 81 remaining fallbacks of the 100 originally introduced - in Tor 0.2.8.3-alpha in March 2016, with a list of 177 fallbacks - (123 new, 54 existing, 27 removed) generated in December 2016. - Resolves ticket 20170. diff --git a/changes/ticket21564 b/changes/ticket21564 deleted file mode 100644 index 7e01f41f8f..0000000000 --- a/changes/ticket21564 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (fallback directory list): - - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in - December 2016 (of which ~126 were still functional), with a list of - 151 fallbacks (32 new, 119 existing, 58 removed) generated in - May 2017. - Resolves ticket 21564. diff --git a/changes/ticket22870 b/changes/ticket22870 new file mode 100644 index 0000000000..07cc8a1d04 --- /dev/null +++ b/changes/ticket22870 @@ -0,0 +1,5 @@ + o Minor bugfixes (consensus diff): + - test_consdiff_base64cmp would fail on OS X because while OS X + follows the standard of (less than zero/zero/greater than zero), + it doesn't follow the convention of (-1/0/+1). Make the test + comply with the standard. Fixes bug 22870; bugfix on 0.3.1.1-alpha. diff --git a/changes/trove-2017-001.2 b/changes/trove-2017-001.2 deleted file mode 100644 index 3ef073cf9f..0000000000 --- a/changes/trove-2017-001.2 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (parsing): - - Fix an integer underflow bug when comparing malformed Tor versions. - This bug is harmless, except when Tor has been built with - --enable-expensive-hardening, which would turn it into a crash; - or on Tor 0.2.9.1-alpha through Tor 0.2.9.8, which were built with - -ftrapv by default. - Part of TROVE-2017-001. Fixes bug 21278; bugfix on - 0.0.8pre1. Found by OSS-Fuzz. diff --git a/changes/trove-2017-005 b/changes/trove-2017-005 deleted file mode 100644 index cebb013f86..0000000000 --- a/changes/trove-2017-005 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (hidden service, relay, security): - - Fix an assertion failure caused by receiving a BEGIN_DIR cell on - a hidden service rendezvous circuit. Fixes bug 22494, tracked as - TROVE-2017-005 and CVE-2017-0376; bugfix on 0.2.2.1-alpha. Found - by armadev. - - |