diff options
Diffstat (limited to 'changes')
88 files changed, 161 insertions, 271 deletions
diff --git a/changes/13295 b/changes/13295 deleted file mode 100644 index 433432595f..0000000000 --- a/changes/13295 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Disable sandbox name resolver cache when running tor-resolve: - tor-resolve doesn't use the sandbox code, and turning it on was - breaking attempts to do tor-resolve on a non-default server on - Linux. Fixes bug 13295; bugfix on 0.2.5.3-alpha. diff --git a/changes/15188 b/changes/15188 new file mode 100644 index 0000000000..2065b3974c --- /dev/null +++ b/changes/15188 @@ -0,0 +1,3 @@ + o Minor bugfixes (testing): + - Avoid a side-effect in a tor_assert() in the unit tests. Fixes bug + 15188; bugfix on 0.1.2.3-alpha. Patch from Tom van der Woerdt. diff --git a/changes/bufferevent_compilation b/changes/bufferevent_compilation deleted file mode 100644 index 3a328731fe..0000000000 --- a/changes/bufferevent_compilation +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - Fix compilation when building with bufferevents enabled. (This - configuration is still not expected to work, however.) - Fixes bugs 12438, 12474, 11578; bugfixes on 0.2.5.1-alpha and - 0.2.5.3-alpha. Patches from Anthony G. Basile and Sathyanarayanan - Gunasekaran. diff --git a/changes/bug1038-3 b/changes/bug1038-3 deleted file mode 100644 index 5af4afa46f..0000000000 --- a/changes/bug1038-3 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - Warn and drop the circuit if we receive an inbound 'relay early' - cell. Those used to be normal to receive on hidden service circuits - due to bug 1038, but the buggy Tor versions are long gone from - the network so we can afford to resume watching for them. Resolves - the rest of bug 1038; bugfix on 0.2.1.19. diff --git a/changes/bug11200-caching b/changes/bug11200-caching deleted file mode 100644 index e3fbaeca73..0000000000 --- a/changes/bug11200-caching +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes: - - When Tor starts with DisabledNetwork set, it would correctly - conclude that it shouldn't try making circuits, but it would - mistakenly cache this conclusion and continue believing it even - when DisableNetwork is set to 0. Fixes the bug introduced by the - fix for bug 11200; bugfix on 0.2.5.4-alpha. - diff --git a/changes/bug11447 b/changes/bug11447 new file mode 100644 index 0000000000..8cd4f5b467 --- /dev/null +++ b/changes/bug11447 @@ -0,0 +1,5 @@ + o Minor features (DoS-resistance): + - Decrease the amount of reattempts that a hidden service is + willing to perform when its rendezvous circuits fail. This + reduces the computational cost for hidden service under heavy + load. Resolves ticket #11447.
\ No newline at end of file diff --git a/changes/bug11454 b/changes/bug11454 new file mode 100644 index 0000000000..b37a7d9728 --- /dev/null +++ b/changes/bug11454 @@ -0,0 +1,6 @@ + o Minor bugfixes (certificate handling): + - Remove any old authority certificates that have been superseded + for at least two days. Previously, we would keep superseded + certificates until they expired, if they were published close + in time to the certificate that superseded them. + Fixes bug 11454; bugfix on 0.2.1.8-alpha. diff --git a/changes/bug11457 b/changes/bug11457 new file mode 100644 index 0000000000..cf64c1d10d --- /dev/null +++ b/changes/bug11457 @@ -0,0 +1,5 @@ + o Minor bugfixes (certificate handling): + - If an authority operator accidentally makes a signing certificate with + a future publication time, do not discard its real signing + certificates. Fixes bug 11457; bugfix on 0.2.0.3-alpha. + diff --git a/changes/bug12160 b/changes/bug12160 deleted file mode 100644 index 2a7ace3410..0000000000 --- a/changes/bug12160 +++ /dev/null @@ -1,4 +0,0 @@ - o Bugfixes - - Correctly update the local mark on the controlling channel when changing - the address of an or_connection_t after the handshake. Fixes bug #12160; - bugfix on 0.2.4.4-alpha. diff --git a/changes/bug12602 b/changes/bug12602 deleted file mode 100644 index 29fa49ac45..0000000000 --- a/changes/bug12602 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (portability): - - Compile correctly with builds and forks of OpenSSL (such as - LibreSSL) that disable compression. Fixes bug 12602; bugfix on - 0.2.1.1-alpha. Patch from "dhill". - diff --git a/changes/bug12700 b/changes/bug12700 deleted file mode 100644 index 1d8caeb8bd..0000000000 --- a/changes/bug12700 +++ /dev/null @@ -1,10 +0,0 @@ - o Minor bugfixes: - - When logging information about an EXTEND2 or EXTENDED2 cell, log - their names correctly. Fixes part of bug 12700; bugfix on - 0.2.4.8-alpha. - - o Minor bugfixes: - - When logging information about a relay cell whose command we - don't recognize, log its command as an integer. Fixes part of - bug 12700; bugfix on 0.2.1.10-alpha. - diff --git a/changes/bug12718 b/changes/bug12718 deleted file mode 100644 index 0c5f708446..0000000000 --- a/changes/bug12718 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Correct a confusing error message when trying to extend a circuit - via the control protocol but we don't know a descriptor or - microdescriptor for one of the specified relays. Fixes bug 12718; - bugfix on 0.2.3.1-alpha. diff --git a/changes/bug12730-systemd-verify-config b/changes/bug12730-systemd-verify-config deleted file mode 100644 index 221633c78e..0000000000 --- a/changes/bug12730-systemd-verify-config +++ /dev/null @@ -1,3 +0,0 @@ - o Distribution: - - Verify configuration file via ExecStartPre in the systemd unit file. - Patch from intrigeri; resolves ticket 12730. diff --git a/changes/bug12731-systemd-no-run-as-daemon b/changes/bug12731-systemd-no-run-as-daemon deleted file mode 100644 index f92e5aff00..0000000000 --- a/changes/bug12731-systemd-no-run-as-daemon +++ /dev/null @@ -1,9 +0,0 @@ - o Distribution: - - Explicitly disable RunAsDaemon in the systemd unit file. - Our current systemd unit uses "Type = simple", so systemd does - not expect tor to fork. If the user has "RunAsDaemon 1" in their - torrc, then things won't work as expected. This is e.g. the case - on Debian (and derivatives), since there we pass - "--defaults-torrc /usr/share/tor/tor-service-defaults-torrc" - (that contains "RunAsDaemon 1") by default. - Patch by intrigeri; resolves ticket 12731. diff --git a/changes/bug12830 b/changes/bug12830 deleted file mode 100644 index 835ebe2fa7..0000000000 --- a/changes/bug12830 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Adjust the URLs in the README to refer to the new locations of - several documents on the website. Patch from Matt Pagan. Fixes - bug 12830. diff --git a/changes/bug12848 b/changes/bug12848 deleted file mode 100644 index 7aa79c395e..0000000000 --- a/changes/bug12848 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (relay): - - Avoid queuing or sending destroy cells for circuit ID zero when - we fail to send a CREATE cell. Fixes bug 12848; bugfix on - 0.0.8pre1. Found and fixed by "cypherpunks". diff --git a/changes/bug12864 b/changes/bug12864 deleted file mode 100644 index 79e751f427..0000000000 --- a/changes/bug12864 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes: - - Restore the functionality of CookieAuthFileGroupReadable. Fixes bug - 12864; bugfix on 0.2.5.1-alpha. - - o Minor features: - - Add an ExtORPortCookieAuthFileGroupReadable option to make the - cookie file for the ExtORPort g+r by default. diff --git a/changes/bug12878 b/changes/bug12878 deleted file mode 100644 index a05fc446b9..0000000000 --- a/changes/bug12878 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation: - - Document 'reject6' and 'accept6' ExitPolicy entries. Resolves - ticket 12878. diff --git a/changes/bug12908 b/changes/bug12908 deleted file mode 100644 index bd6784cbd2..0000000000 --- a/changes/bug12908 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Warn about attempts to run hidden services and relays in the - same process: that's probably not a good idea. Closes ticket - 12908. diff --git a/changes/bug12948 b/changes/bug12948 deleted file mode 100644 index 431c0a1019..0000000000 --- a/changes/bug12948 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes: - - Resume expanding abbreviations for command-line options. The fix - for bug 4647 accidentally removed our hack from bug 586 that rewrote - HashedControlPassword to __HashedControlSessionPassword when it - appears on the commandline (which allowed the user to set her - own HashedControlPassword in the torrc file while the controller - generates a fresh session password for each run). Fixes bug 12948; - bugfix on 0.2.5.1-alpha. diff --git a/changes/bug12996 b/changes/bug12996 deleted file mode 100644 index 4b4fb0dceb..0000000000 --- a/changes/bug12996 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Downgrade "Unexpected onionskin length after decryption" warning - to a protocol-warn, since there's nothing relay operators can do - about a client that sends them a malformed create cell. Resolves - bug 12996; bugfix on 0.0.6rc1. diff --git a/changes/bug12997 b/changes/bug12997 deleted file mode 100644 index fb6e7a8459..0000000000 --- a/changes/bug12997 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Log more specific warnings when we get an ESTABLISH_RENDEZVOUS cell - on a cannibalized or non-OR circuit. Resolves ticket 12997. diff --git a/changes/bug13071 b/changes/bug13071 deleted file mode 100644 index 8212b6c049..0000000000 --- a/changes/bug13071 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (relay): - - Escape all strings from the directory connection before logging them. - Fixes bug 13071; bugfix on 0.1.1.15. Patch from "teor". diff --git a/changes/bug13081 b/changes/bug13081 deleted file mode 100644 index 154f73fb0a..0000000000 --- a/changes/bug13081 +++ /dev/null @@ -1,3 +0,0 @@ - o Compilation fixes: - - Make the nmake make files work again. Fixes bug 13081. Bugfix on 0.2.5.1-alpha. Patch - from "NewEraCracker". diff --git a/changes/bug13085 b/changes/bug13085 deleted file mode 100644 index a46457c797..0000000000 --- a/changes/bug13085 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (controller): - - Actually send TRANSPORT_LAUNCHED and HS_DESC events to controllers. - Fixes bug 13085; bugfix on 0.2.5.1-alpha. Patch by "teor". diff --git a/changes/bug13096 b/changes/bug13096 deleted file mode 100644 index 521faaf143..0000000000 --- a/changes/bug13096 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (conformance): - - In routerlist_assert_ok(), don't take the address of a routerinfo's - cache_info member unless that routerinfo is non-NULL. Fixes bug - 13096; bugfix on 0.1.1.9-alpha. Patch by "teor". diff --git a/changes/bug13100 b/changes/bug13100 deleted file mode 100644 index bbe43e65a7..0000000000 --- a/changes/bug13100 +++ /dev/null @@ -1,3 +0,0 @@ - o Directory authority changes: - - Change IP address for gabelmoo (v3 directory authority). - diff --git a/changes/bug13124 b/changes/bug13124 deleted file mode 100644 index be7df70347..0000000000 --- a/changes/bug13124 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes: - - Reduce the log severity of the "Pluggable transport proxy does - not provide any needed transports and will not be launched." - message, since Tor Browser includes several ClientTransportPlugin - lines in its torrc-defaults file, leading every Tor Browser user - who looks at her logs to see these notices and wonder if they're - dangerous. Resolves bug 13124; bugfix on 0.2.5.3-alpha. - diff --git a/changes/bug13151-client b/changes/bug13151-client deleted file mode 100644 index 1218dfdfab..0000000000 --- a/changes/bug13151-client +++ /dev/null @@ -1,13 +0,0 @@ - o Major bugfixes: - - Clients now send the correct address for their chosen rendezvous - point when trying to access a hidden service. They used to send - the wrong address, which would still work some of the time because - they also sent the identity digest of the rendezvous point, and if - the hidden service happened to try connecting to the rendezvous - point from a relay that already had a connection open to it, - the relay would reuse that connection. Now connections to hidden - services should be more robust and faster. Also, this bug meant - that clients were leaking to the hidden service whether they were - on a little-endian (common) or big-endian (rare) system, which for - some users might have reduced their anonymity. Fixes bug 13151; - bugfix on 0.2.1.5-alpha. diff --git a/changes/bug13296 b/changes/bug13296 deleted file mode 100644 index d6fe038c30..0000000000 --- a/changes/bug13296 +++ /dev/null @@ -1,5 +0,0 @@ - o Directory authority changes: - - Remove turtles as a directory authority. - - Add longclaw as a new (v3) directory authority. This implements - ticket 13296. This keeps the directory authority count at 9. - diff --git a/changes/bug13325 b/changes/bug13325 deleted file mode 100644 index b1da4d0bd5..0000000000 --- a/changes/bug13325 +++ /dev/null @@ -1,4 +0,0 @@ - o Compilation fixes: - - Build and run correctly on systems like OpenBSD-current that - have patched OpenSSL to remove get_cipher_by_char and/or its - implementations. Fixes issue 13325. diff --git a/changes/bug13471 b/changes/bug13471 deleted file mode 100644 index c116a4aeeb..0000000000 --- a/changes/bug13471 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (openssl bug workaround): - - Avoid crashing when using OpenSSL version 0.9.8zc, 1.0.0o, or - 1.0.1j, built with the 'no-ssl3' configuration option. Fixes - bug 13471. This is a workaround for an OpenSSL bug. - diff --git a/changes/bug13988 b/changes/bug13988 deleted file mode 100644 index e816335a3b..0000000000 --- a/changes/bug13988 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (statistics): - - Increase period over which bandwidth observations are aggregated - from 15 minutes to 4 hours. Fixes bug 13988; bugfix on 0.0.8pre1. diff --git a/changes/bug14013 b/changes/bug14013 deleted file mode 100644 index 640cf859f5..0000000000 --- a/changes/bug14013 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - When reading a hexadecimal, base-32, or base-64 encoded value - from a string, always overwrite the complete output buffer. This - prevents some bugs where we would look at (but fortunately, not - reveal) uninitialized memory on the stack. Fixes bug 14013; - bugfix on all versions of Tor. diff --git a/changes/bug14125 b/changes/bug14125 deleted file mode 100644 index fe6821a332..0000000000 --- a/changes/bug14125 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (dirauth): - - Enlarge the buffer to read bw-auth generated files to avoid an - issue when parsing the file in dirserv_read_measured_bandwidths(). - Bugfix on 0.2.2.1-alpha, fixes #14125. - diff --git a/changes/bug14129 b/changes/bug14129 deleted file mode 100644 index 6153cd84fd..0000000000 --- a/changes/bug14129 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (exit node stability): - - - Fix an assertion failure that could occur under high DNS load. Fixes - bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr"; diagnosed and fixed - by "cypherpunks". - - diff --git a/changes/bug14142-parse-virtual-addr b/changes/bug14142-parse-virtual-addr deleted file mode 100644 index f78b7c7d81..0000000000 --- a/changes/bug14142-parse-virtual-addr +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (client): - - Check for a missing option value in parse_virtual_addr_network - before asserting on the NULL in tor_addr_parse_mask_ports. - This avoids crashing on torrc lines like - Vi[rtualAddrNetworkIPv[4|6]] when no value follows the option. - Bugfix on 0.2.3 (de4cc126cbb5 on 24 November 2012), fixes #14142. - Patch by "teor". diff --git a/changes/bug14195 b/changes/bug14195 deleted file mode 100644 index d2b82f31b0..0000000000 --- a/changes/bug14195 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (client): - - Fix a memory leak when using AutomapHostsOnResolve. - Fixes bug 14195; bugfix on 0.1.0.1-rc. diff --git a/changes/bug14220 b/changes/bug14220 deleted file mode 100644 index 51cfa502bc..0000000000 --- a/changes/bug14220 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Build without warnings with the stock OpenSSL srtp.h header, - which has a duplicate declaration of SSL_get_selected_srtp_profile(). - Fixes bug 14220; this is OpenSSL's bug, not ours. diff --git a/changes/bug14261 b/changes/bug14261 deleted file mode 100644 index 1260ccba1e..0000000000 --- a/changes/bug14261 +++ /dev/null @@ -1,5 +0,0 @@ - O Minor bugfixes (directory authority): - - Allow directory authorities to fetch more data from one - another if they find themselves missing lots of votes. - Previously, they had been bumping against the 10 MB queued - data limit. Fixes bug 14261. Bugfix on 0.1.2.5-alpha. diff --git a/changes/bug14848_redux b/changes/bug14848_redux new file mode 100644 index 0000000000..c10320fb23 --- /dev/null +++ b/changes/bug14848_redux @@ -0,0 +1,5 @@ + o Removed code: + - Remove some lingering dead code that once supported mempools. Mempools + were disabled by default in 0.2.5, and removed entirely in + 0.2.6.3-alpha. Closes more of ticket 14848; patch by "cypherpunks". + diff --git a/changes/bug14950 b/changes/bug14950 new file mode 100644 index 0000000000..33cea9cb58 --- /dev/null +++ b/changes/bug14950 @@ -0,0 +1,3 @@ + o Minor features (logs): + - Quiet some log messages in the heartbeat and at startup. Closes + ticket 14950.
\ No newline at end of file diff --git a/changes/bug14980 b/changes/bug14980 new file mode 100644 index 0000000000..b873bb009c --- /dev/null +++ b/changes/bug14980 @@ -0,0 +1,4 @@ + o Minor bugfixes (testing): + - Fix endianness issues in unit test for resolve_my_address() to + have it pass on big endian systems. Fixes bug 14980; bugfix on + Tor 0.2.6.3-alpha. diff --git a/changes/bug14988 b/changes/bug14988 new file mode 100644 index 0000000000..67dc96e443 --- /dev/null +++ b/changes/bug14988 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation): + - Fix a compilation warning on s390. Fixes bug 14988; bugfix on + 0.2.5.2-alpha. + diff --git a/changes/bug14989 b/changes/bug14989 new file mode 100644 index 0000000000..f4432d468b --- /dev/null +++ b/changes/bug14989 @@ -0,0 +1,4 @@ + o Major bugfixes (Linux seccomp2 sandbox): + - Pass IPPROTO_TCP rather than 0 to socket(), so that the + Linux seccomp2 sandbox doesn't fail. Fixes bug 14989; + bugfix on 0.2.6.3-alpha. diff --git a/changes/bug15003 b/changes/bug15003 new file mode 100644 index 0000000000..2dcce74dfe --- /dev/null +++ b/changes/bug15003 @@ -0,0 +1,3 @@ + o Major bugfixes (linux seccomp2 sandbox): + - Allow AF_UNIX hidden services to be used with the seccomp2 sandbox. + Fixes bug 15003; bugfix on 0.2.6.3-alpha. diff --git a/changes/bug15033 b/changes/bug15033 new file mode 100644 index 0000000000..953e6c3d59 --- /dev/null +++ b/changes/bug15033 @@ -0,0 +1,4 @@ + o Minor bugfixes (tests): + - When running the zero-length-keys check, do not use the default + torrc file. Fixes bug 15033; bugfix on 0.2.6.3-alpha. Reported + by "reezer". diff --git a/changes/bug15037 b/changes/bug15037 new file mode 100644 index 0000000000..587d63186e --- /dev/null +++ b/changes/bug15037 @@ -0,0 +1,4 @@ + o Minor bugfixes (testing): + - When running the new 'make test-stem' target, use the configured + python binary. Fixes bug 15037; bugfix on 0.2.6.3-alpha. Patch + from "cypherpunks". diff --git a/changes/bug15064 b/changes/bug15064 new file mode 100644 index 0000000000..e6bd747b1f --- /dev/null +++ b/changes/bug15064 @@ -0,0 +1,4 @@ + o Major bugfixes (FreeBSD IPFW transparent proxy): + - Fix address detection with FreeBSD transparent proxies, + when "TransProxyType ipfw" is in use. + Fixes bug 15064; bugfix on 0.2.5.4-alpha. diff --git a/changes/bug15151 b/changes/bug15151 new file mode 100644 index 0000000000..b9c3061554 --- /dev/null +++ b/changes/bug15151 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation): + - Fix a compilation warning on FreeBSD. Fixes bug 15151; bugfix on + 0.2.6.2-alpha. diff --git a/changes/bug15240 b/changes/bug15240 new file mode 100644 index 0000000000..e11f804a12 --- /dev/null +++ b/changes/bug15240 @@ -0,0 +1,6 @@ + o Minor bugfixes (pluggable transports): + - Initialize the extended OR Port authentication cookie before launching + pluggable transports. This prevents a race condition that occured when + server-side pluggable transports would cache the authentication cookie + before it has been (re)generated. Fixes bug 15240; bugfix on + 0.2.5.1-alpha. diff --git a/changes/bug15245 b/changes/bug15245 new file mode 100644 index 0000000000..520a370eeb --- /dev/null +++ b/changes/bug15245 @@ -0,0 +1,5 @@ + o Major bugfixes: + - Avoid crashing when making certain configuration option changes + on clients. Fixes bug 15245; bugfix on 0.2.6.3-alpha. Reported + by "anonym". + diff --git a/changes/bug15436 b/changes/bug15436 new file mode 100644 index 0000000000..4fa44d1e16 --- /dev/null +++ b/changes/bug15436 @@ -0,0 +1,4 @@ + o Minor bugfixes (portability): + - Use the correct datatype in the SipHash-2-4 function to prevent compilers + from assuming any sort of alignment. Fixes bug 15436; bugfix on + 0.2.5.3-alpha. diff --git a/changes/bug15850 b/changes/bug15850 new file mode 100644 index 0000000000..48a7c7bdd7 --- /dev/null +++ b/changes/bug15850 @@ -0,0 +1,4 @@ + o Major bugfix + - Revert commit that made directory authority assign the HSDir flag to + relay without a DirPort which is bad because relay can't handle + BEGIN_DIR cells. Fixes #15850. Bugfix on tor-0.2.6.3-alpha; diff --git a/changes/bug16013 b/changes/bug16013 new file mode 100644 index 0000000000..d194c609f8 --- /dev/null +++ b/changes/bug16013 @@ -0,0 +1,5 @@ + o Major bugfixes (hidden service, stability): + - Stop randomly crashing with an assertion failure when connecting to a + busy hidden service, or connecting to a hidden service while a NEWNYM + is in progress. Fixes bug 16013; bugfix on 0.1.0.1-rc. + diff --git a/changes/bug16030 b/changes/bug16030 new file mode 100644 index 0000000000..c14fd62303 --- /dev/null +++ b/changes/bug16030 @@ -0,0 +1,3 @@ + o Minor bugfixes (tests): + - Fix a crash in the unit tests on MSVC2013. Fixes bug 16030; bugfix on + 0.2.6.2-alpha. Patch from "NewEraCracker".
\ No newline at end of file diff --git a/changes/bug16164 b/changes/bug16164 new file mode 100644 index 0000000000..fbb383c26d --- /dev/null +++ b/changes/bug16164 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation): + - Build with --enable-systemd correctly when libsystemd is installed, + but systemd is not. Fixes bug 16164, bugfix on 0.2.6.3-alpha. Patch + from Peter Palfrader. diff --git a/changes/bug16212 b/changes/bug16212 new file mode 100644 index 0000000000..bc1246376d --- /dev/null +++ b/changes/bug16212 @@ -0,0 +1,5 @@ + o Minor bugfixes (sandbox, systemd): + - Allow systemd connections to work with the Linux seccomp2 sandbox + code. Fixes bug 16212; bugfix on 0.2.6.2-alpha. + Patch by Peter Palfrader. + diff --git a/changes/bug16244 b/changes/bug16244 new file mode 100644 index 0000000000..00bc557983 --- /dev/null +++ b/changes/bug16244 @@ -0,0 +1,7 @@ + o Minor bugfixes (sandbox, relay): + - Fix sandboxing to work when running as a relay again. This + includes correctly allowing renaming secret_id_key and + allowing the eventfd2 and futex syscalls. + Fixes bug 16244; bugfix on 0.2.6.1-alpha. + Patch by Peter Palfrader. + diff --git a/changes/bug16247 b/changes/bug16247 new file mode 100644 index 0000000000..9464b1cb24 --- /dev/null +++ b/changes/bug16247 @@ -0,0 +1,5 @@ + o Minor bugfixes (client-side privacy): + - Properly separate out each SOCKSPort when applying stream isolation. + The error occured because each port's session group was being + overwritten by a default value. Fixes bug 16247; bugfix on + 0.2.6.3-alpha. Patch by "jojelino". diff --git a/changes/bug16363 b/changes/bug16363 new file mode 100644 index 0000000000..1a6f8c6eff --- /dev/null +++ b/changes/bug16363 @@ -0,0 +1,4 @@ + o Minor bugfixes (Linux seccomp2 sandbox): + - Allow pipe() and pipe2() syscalls; we need these when eventfd2() + support is missing. Fixes bug 16363; bugfix on 0.2.6.3-alpha. + Patch from "teor". diff --git a/changes/bug16381 b/changes/bug16381 new file mode 100644 index 0000000000..51a9b53007 --- /dev/null +++ b/changes/bug16381 @@ -0,0 +1,13 @@ + o Major bugfix (Hidden service client) + - Revert commit 9407040c592184e05e45a3c1a00739c2dd302288 of bug #14219 + that indeed fixed an issue but introduced a major hidden service + reachability regression detailed in bug #16381. This is a temporary + fix since we can live with the minor issue in #14219 but the + regression introduced is too much of a set back. + + To be clear, #14219 bug just results in some load on the network, and + some delay for the client when visiting a hidden service that will + ultimately fail. + + This is only a bandaid for #16381 thus it does _not_ fixes it. bugfix + on tor-0.2.6.3-alpha~138. diff --git a/changes/bug16400 b/changes/bug16400 new file mode 100644 index 0000000000..3e5f9c5843 --- /dev/null +++ b/changes/bug16400 @@ -0,0 +1,5 @@ + o Major bugfixes: + - Do not crash with an assertion error when parsing certain kinds + of malformed or truncated microdescriptors. Fixes bug 16400; + bugfix on 0.2.6.1-alpha. Found by "torkeln"; fix based on a patch by + "cypherpunks_backup". diff --git a/changes/bug17354 b/changes/bug17354 new file mode 100644 index 0000000000..53da007fbb --- /dev/null +++ b/changes/bug17354 @@ -0,0 +1,4 @@ + o Minor bugfixes (sandbox): + - Add the "hidserv-stats" filename to our sandbox filter for the + HiddenServiceStatistics option to work properly. Fixes bug 17354; + bugfix on tor-0.2.6.2-alpha~54^2~1. Patch from David Goulet. diff --git a/changes/bug18089 b/changes/bug18089 new file mode 100644 index 0000000000..c1fb342f77 --- /dev/null +++ b/changes/bug18089 @@ -0,0 +1,6 @@ + o Minor fixes (security): + - Make memwipe() do nothing when passed a NULL pointer + or zero size. Check size argument to memwipe() for underflow. + Closes bug #18089. Reported by "gk", patch by "teor". + Bugfix on 0.2.3.25 and 0.2.4.6-alpha (#7352), + commit 49dd5ef3 on 7 Nov 2012. diff --git a/changes/bug8093 b/changes/bug8093 deleted file mode 100644 index f0fbc618c2..0000000000 --- a/changes/bug8093 +++ /dev/null @@ -1,3 +0,0 @@ - o Downgraded warnings: - - Downgrade the severity of the 'unexpected sendme cell from client' from - 'warn' to 'protocol warning'. Closes ticket 8093. diff --git a/changes/bug8387 b/changes/bug8387 deleted file mode 100644 index 2ec0487bf8..0000000000 --- a/changes/bug8387 +++ /dev/null @@ -1,11 +0,0 @@ - o Major bugfixes (client): - - - Perform circuit cleanup operations even when circuit - construction operations are disabled (because the network is - disabled, or because there isn't enough directory information). - Previously, when we were not building predictive circuits, we - were not closing expired circuits either. - - Fixes bug 8387; bugfix on 0.1.1.11-alpha. This bug became visible - in 0.2.4.10-alpha when we became more strict about when we have - "enough directory information to build circuits". diff --git a/changes/bug9495_redux b/changes/bug9495_redux new file mode 100644 index 0000000000..74b0cdf2a8 --- /dev/null +++ b/changes/bug9495_redux @@ -0,0 +1,4 @@ + o Major bugfixes (portability): + - Do not crash on startup when running on Solaris. Fixes a bug + related to our fix for 9495; bugfix on 0.2.6.1-alpha. Reported + by "ruebezahl". diff --git a/changes/curve25519-donna32-bug b/changes/curve25519-donna32-bug deleted file mode 100644 index 7fccab1b0c..0000000000 --- a/changes/curve25519-donna32-bug +++ /dev/null @@ -1,12 +0,0 @@ - o Major bugfixes: - - - Fix a bug in the bounds-checking in the 32-bit curve25519-donna - implementation that caused incorrect results on 32-bit - implementations when certain malformed inputs were used along with - a small class of private ntor keys. This bug does not currently - appear to allow an attacker to learn private keys or impersonate a - Tor server, but it could provide a means to distinguish 32-bit Tor - implementations from 64-bit Tor implementations. Fixes bug 12694; - bugfix on 0.2.4.8-alpha. Bug found by Robert Ransom; fix from - Adam Langley. - diff --git a/changes/disable_sslv3 b/changes/disable_sslv3 deleted file mode 100644 index bb4c2df7a2..0000000000 --- a/changes/disable_sslv3 +++ /dev/null @@ -1,4 +0,0 @@ - o Major security fixes: - - Disable support for SSLv3. All versions of OpenSSL in use with - Tor today support TLS 1.0 or later, so we can safely turn off - support for this old (and insecure) protocol. Fixes bug 13426. diff --git a/changes/feature15006 b/changes/feature15006 new file mode 100644 index 0000000000..168a440ba0 --- /dev/null +++ b/changes/feature15006 @@ -0,0 +1,4 @@ + o Minor features (controller): + - Messages about problems in the bootstrap process now include + information about the server we were trying to connect to when we + noticed the problem. Closes ticket 15006. diff --git a/changes/further-12184-diagnostic b/changes/further-12184-diagnostic deleted file mode 100644 index 89e9f4612f..0000000000 --- a/changes/further-12184-diagnostic +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features (diagnostic): - - Slightly enhance the diagnostic message for bug 12184. diff --git a/changes/geoip-august2014 b/changes/geoip-august2014 deleted file mode 100644 index 90d8ecb300..0000000000 --- a/changes/geoip-august2014 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip to the August 7 2014 Maxmind GeoLite2 Country database. - diff --git a/changes/geoip-january2015 b/changes/geoip-january2015 deleted file mode 100644 index 67324f27f2..0000000000 --- a/changes/geoip-january2015 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip to the January 7 2015 Maxmind GeoLite2 Country database. - diff --git a/changes/geoip-july2014 b/changes/geoip-july2014 deleted file mode 100644 index a0523ecac9..0000000000 --- a/changes/geoip-july2014 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip to the July 10 2014 Maxmind GeoLite2 Country database. - diff --git a/changes/geoip-november2014 b/changes/geoip-november2014 deleted file mode 100644 index 52cbeb3e41..0000000000 --- a/changes/geoip-november2014 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip to the November 15 2014 Maxmind GeoLite2 Country database. - diff --git a/changes/geoip6-august2014 b/changes/geoip6-august2014 deleted file mode 100644 index 7e7c9a975d..0000000000 --- a/changes/geoip6-august2014 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip6 to the August 7 2014 Maxmind GeoLite2 Country database. - diff --git a/changes/geoip6-january2015 b/changes/geoip6-january2015 deleted file mode 100644 index b86fe2be57..0000000000 --- a/changes/geoip6-january2015 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features: - - Update geoip6 to the January 7 2015 Maxmind GeoLite2 Country database. diff --git a/changes/geoip6-july2014 b/changes/geoip6-july2014 deleted file mode 100644 index 155788ef88..0000000000 --- a/changes/geoip6-july2014 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features: - - Update geoip6 to the July 10 2014 Maxmind GeoLite2 Country database. diff --git a/changes/geoip6-november2014 b/changes/geoip6-november2014 deleted file mode 100644 index e91fcc0d3b..0000000000 --- a/changes/geoip6-november2014 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip6 to the November 15 2014 Maxmind GeoLite2 Country database. - diff --git a/changes/test.h_msvc b/changes/test.h_msvc deleted file mode 100644 index 3afbc13aaa..0000000000 --- a/changes/test.h_msvc +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix compilation of test.h with MSVC. Patch from Gisle Vanem; - bugfix on 0.2.5.5-alpha. diff --git a/changes/ticket12688 b/changes/ticket12688 deleted file mode 100644 index 88228e5506..0000000000 --- a/changes/ticket12688 +++ /dev/null @@ -1,6 +0,0 @@ - Major features: - - Make the number of entry guards configurable via a new - NumEntryGuards consensus parameter, and the number of directory - guards configurable via a new NumDirectoryGuards consensus - parameter. Implements ticket 12688. - diff --git a/changes/ticket12690 b/changes/ticket12690 deleted file mode 100644 index 5091883602..0000000000 --- a/changes/ticket12690 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features: - - Authorities now assign the Guard flag to the fastest 25% of the - network (it used to be the fastest 50%). Also raise the consensus - weight that guarantees the Guard flag from 250 to 2000. For the - current network, this results in about 1100 guards, down from 2500. - This step paves the way for moving the number of entry guards - down to 1 (proposal 236) while still providing reasonable expected - performance for most users. Implements ticket 12690. - diff --git a/changes/ticket13036 b/changes/ticket13036 deleted file mode 100644 index 1b4784358a..0000000000 --- a/changes/ticket13036 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Fix a large number of false positive warnings from the clang - analyzer static analysis tool. This should make real warnings - easier for clang analyzer to find. Patch from "teor". Closes - ticket 13036. diff --git a/changes/ticket14128 b/changes/ticket14128 deleted file mode 100644 index 38b25fa7dc..0000000000 --- a/changes/ticket14128 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (controller): - - New "GETINFO bw-event-cache" to get information about recent bandwidth - events. Closes ticket 14128. Useful for controllers to get recent - bandwidth history after the fix for 13988. - diff --git a/changes/ticket15176 b/changes/ticket15176 new file mode 100644 index 0000000000..6d12723728 --- /dev/null +++ b/changes/ticket15176 @@ -0,0 +1,3 @@ + o Code simplification and refactoring: + - Refactor main loop to extract the 'loop' part. This makes it easier + to run Tor under Shadow. Closes ticket 15176. diff --git a/changes/ticket15212 b/changes/ticket15212 new file mode 100644 index 0000000000..2c41e3865c --- /dev/null +++ b/changes/ticket15212 @@ -0,0 +1,6 @@ + o Minor features (heartbeat): + + - On relays, report how many connections we negotiated using each + version of the Tor link protocols. This information will let us + know if removing support for very old versions of the Tor + protocols is harming the network. Closes ticket 15212. diff --git a/changes/ticket8243 b/changes/ticket8243 new file mode 100644 index 0000000000..8946a21a59 --- /dev/null +++ b/changes/ticket8243 @@ -0,0 +1,7 @@ + o Minor feature: + - The HSDir flag given by authorities now requires the Stable flag. For + the current network, this results in going from 2887 to 2806 HSDirs. + Also, it makes it harder for an attacker to launch a sybil attack by + raising the effort for a relay to become Stable which takes at the + very least 7 days to do so and by keeping the 96 hours uptime + requirement for HSDir. Implements ticket #8243. |