diff options
Diffstat (limited to 'changes')
112 files changed, 131 insertions, 442 deletions
diff --git a/changes/6153_circuittime_accessor b/changes/6153_circuittime_accessor deleted file mode 100644 index 16f1f557d5..0000000000 --- a/changes/6153_circuittime_accessor +++ /dev/null @@ -1,4 +0,0 @@ - o Code simplification and refactoring: - - - Add a set of accessor functions for the circuit timeout data - structure. Fixes ticket 6153; patch from "piet". diff --git a/changes/address_tests b/changes/address_tests deleted file mode 100644 index b5a8012436..0000000000 --- a/changes/address_tests +++ /dev/null @@ -1,2 +0,0 @@ - o New unit tests: - - More unit tests for address-manipulation functions. diff --git a/changes/bug10169 b/changes/bug10169 new file mode 100644 index 0000000000..979c4e4288 --- /dev/null +++ b/changes/bug10169 @@ -0,0 +1,4 @@ + o Major features: + - Also consider stream buffer sizes when calculating OOM + conditions. Rename MaxMemInCellQueues to MaxMemInQueues. Fixes + bug 10169. diff --git a/changes/bug10449 b/changes/bug10449 new file mode 100644 index 0000000000..93811f07bb --- /dev/null +++ b/changes/bug10449 @@ -0,0 +1,8 @@ + o Minor bugfixes: + - Exit immediately when exiting because of dropped connection from + a process-owning controller. Previously, if we were running in + server mode, we would wait for a little while as in the when we + got an INT signal--but this was problematic, since there was no + feedback for the user. Controllers that want to do a clean + shutdown should send an INT signal, and let the user know what's + going on. Fix for bug 10449; bugfix on 0.2.2.28-beta.
\ No newline at end of file diff --git a/changes/bug10722_msg b/changes/bug10722_msg new file mode 100644 index 0000000000..fbfa37c264 --- /dev/null +++ b/changes/bug10722_msg @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Log an improved message when excluding hidden service directory + nodes prevents a hidden service from working. + Improves on our fix for bug #10722, which was a bugfix on + 0.2.0.10-alpha.
\ No newline at end of file diff --git a/changes/bug10841 b/changes/bug10841 new file mode 100644 index 0000000000..5b065a8b2f --- /dev/null +++ b/changes/bug10841 @@ -0,0 +1,6 @@ + o Removed code + - Remove all code for hidden service authorities to accept and serve + version 0 descriptors and left-over code for hidden services and + hidden service clients to upload and fetch version 0 descriptors. + Version 0 descriptors are not in use anymore since 0.2.2.1-alpha. + Fixes the rest of bug 10841. diff --git a/changes/bug10884 b/changes/bug10884 new file mode 100644 index 0000000000..815d893de3 --- /dev/null +++ b/changes/bug10884 @@ -0,0 +1,5 @@ + o Minor features: + - Bridges write the SHA1 digest of their identity key fingerprint to + notice-level logs and to hashed-fingerprint, so that bridge + operators can look up their bridge in Globe and similar tools. + diff --git a/changes/bug10904 b/changes/bug10904 new file mode 100644 index 0000000000..6f551ea412 --- /dev/null +++ b/changes/bug10904 @@ -0,0 +1,5 @@ + o Minor bugfixes (compilation): + - Build without warnings under clang 3.4. (We have some macros that + define static functions only some of which will get used later in + the module. Starting with clang 3.4, these give a warning unless the + unused attribute is set on them.) diff --git a/changes/bug10928 b/changes/bug10928 new file mode 100644 index 0000000000..86bc5aa46c --- /dev/null +++ b/changes/bug10928 @@ -0,0 +1,5 @@ + o Minor bugfixes (unit tests); + - Fix a small bug in the unit tests that might have made the tests + call 'chmod' with an uninitialized bitmask. + Fixes bug 10928; bugfix on 0.2.5.1-alpha. Patch from Dana Koch. + diff --git a/changes/bug10929 b/changes/bug10929 new file mode 100644 index 0000000000..acf3960471 --- /dev/null +++ b/changes/bug10929 @@ -0,0 +1,6 @@ + - Minor bugfixes: + - Fix build warnings about missing "a2x" comment when building the + manpages from scratch on OpenBSD; OpenBSD calls it "a2x.py". + Fixes bug 10929; bugfix on tor-0.2.2.9-alpha. Patch from + Dana Koch. + diff --git a/changes/bug10987 b/changes/bug10987 new file mode 100644 index 0000000000..cc5dd8ff55 --- /dev/null +++ b/changes/bug10987 @@ -0,0 +1,7 @@ + o Minor bugfixes + + - Fix IPv6 support when using the SocksPort with SOCKS5. Using IPv6 + through a SOCKS5 using the SocksPort option will now work with + this fix. This part of the code has never been updated to support + IPv6 thus this does not fix a previously introduced regression. + Fixes bug 10987; bugfix on 0.2.4.7-alpha. diff --git a/changes/bug11047 b/changes/bug11047 new file mode 100644 index 0000000000..25acd8e36d --- /dev/null +++ b/changes/bug11047 @@ -0,0 +1,9 @@ + o Minor bugfixes: + + - Build using the -fasynchronous-unwind-tables option so that more + platforms (in particular, ones like 32-bit Intel where the + -fomit-frame-pointer option is on by default and table + generation is not) will support generating backtraces. This + doesn't yet add Windows support yet; only Linux, OSX, and some BSD + are affected. Reported by 'cypherpunks'; fixes bug 11047; bugfix + on 0.2.5.2-alpha. diff --git a/changes/bug11048 b/changes/bug11048 new file mode 100644 index 0000000000..684abf9596 --- /dev/null +++ b/changes/bug11048 @@ -0,0 +1,8 @@ + o Minor bugfixes: + + - Avoid strange behavior if two threads hit failed asswertions + at the same time and both try to log backtraces at + once. (Previously, if this had happened, both threads would + have stored their intermediate results in the same buffer, and + generated junk outputs.) Reported by "cypherpunks". Fixes bug + 11048; bugfix on 0.2.5.2-alpha. diff --git a/changes/bug11118 b/changes/bug11118 new file mode 100644 index 0000000000..6354ab2db9 --- /dev/null +++ b/changes/bug11118 @@ -0,0 +1,4 @@ + o Documentation: + - Fix the max client name length in the manpage's description of + HiddenServiceAuthorizeClient description: it should have been + 16, not 19. Fixes bug 11118; bugfix on 0.2.1.6-alpha. diff --git a/changes/bug2767 b/changes/bug2767 deleted file mode 100644 index 974ce63267..0000000000 --- a/changes/bug2767 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor bugfixes: - - No longer accepting malformed http headers when parsing urls from headers, replies with Bad Request(400). Fixes #2767.
\ No newline at end of file diff --git a/changes/bug3594 b/changes/bug3594 deleted file mode 100644 index 110252d008..0000000000 --- a/changes/bug3594 +++ /dev/null @@ -1,3 +0,0 @@ - o Major bugfixes: - - Add support for passing arguments to managed pluggable transport - proxies. Implements ticket #3594. diff --git a/changes/bug4282 b/changes/bug4282 deleted file mode 100644 index 4d4f4896fe..0000000000 --- a/changes/bug4282 +++ /dev/null @@ -1,4 +0,0 @@ - o Code simplifications and refactoring: - - Extract the common duplicated code for creating a subdirectory - of the data directory and writing to a file in it. Fixes ticket - 4282; patch from Peter Retzlaff. diff --git a/changes/bug4341 b/changes/bug4341 deleted file mode 100644 index 8853a86a04..0000000000 --- a/changes/bug4341 +++ /dev/null @@ -1,2 +0,0 @@ -o Minor bugfix: - - Config now handles fingerprints which are missing their initial '$' diff --git a/changes/bug4647 b/changes/bug4647 deleted file mode 100644 index f756a7db1e..0000000000 --- a/changes/bug4647 +++ /dev/null @@ -1,18 +0,0 @@ - o Minor bugfixes: - - - Use a single command-line parser for parsing torrc options on the - command line and for finding special command-line options to avoid - inconsistent behavior for torrc option arguments that have the same - names as command-line options. Fixes bugs 4647 and 9578; bugfix on - 0.0.9pre5. - - - No longer allow 'tor --hash-password' with no arguments. Fixes bug - 9573; bugfix on 0.0.9pre5. - - o Minor features: - - - Support a --dump-config optoin to dump some or all of the configured - options. Mainly useful for debugging the command-line option parsing - code. - - diff --git a/changes/bug5040 b/changes/bug5040 deleted file mode 100644 index 720665b4d4..0000000000 --- a/changes/bug5040 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor features: - - Bridges now track GeoIP information and the number of their - users even when pluggable transports are in use. These - statistics are reported in their extra-info descriptors like - normal bridges do. Resolves ticket 4773. - - Bridges now track the usage of their pluggable transports and - report statistics in their extra-info descriptors. Resolves - ticket 5040. diff --git a/changes/bug5170 b/changes/bug5170 deleted file mode 100644 index 4e52c5ea6b..0000000000 --- a/changes/bug5170 +++ /dev/null @@ -1,5 +0,0 @@ - o Code simplification and refactoring: - - Remove contrib/id_to_fp.c since it wasn't used anywhere. - - Since OpenSSL 0.9.7 i2d_* functions support allocating output - buffer. Avoid calling twice: i2d_RSAPublicKey, i2d_DHparams, - i2d_X509, i2d_PublicKey. Fixes #5170. diff --git a/changes/bug5584 b/changes/bug5584 deleted file mode 100644 index a81be00ae4..0000000000 --- a/changes/bug5584 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Raise awareness of safer logging - notice user of potentially - unsafe configuration options: logging above "notice" or - clearning SafeLogging flag. Fixes #5584. diff --git a/changes/bug5595 b/changes/bug5595 deleted file mode 100644 index 31f4b84b03..0000000000 --- a/changes/bug5595 +++ /dev/null @@ -1,8 +0,0 @@ - o Critical bugfixes: - - Distinguish downloading an authority certificate by identity digest from - downloading one by identity digest/signing key digest pair; formerly we - always request them only by identity digest and get the newest one even - when we wanted one with a different signing key. Then we would complain - about being given a certificate we already had, and never get the one we - really wanted. Now we use the "fp-sk/" resource as well as the "fp/" - resource to request the one we want. Fixes bug 5595. diff --git a/changes/bug5609 b/changes/bug5609 deleted file mode 100644 index 1057e30b05..0000000000 --- a/changes/bug5609 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Implement the TRANSPORT_LAUNCHED control port event that - notifies controllers about new launched pluggable - transports. Resolves ticket 5609. diff --git a/changes/bug5824 b/changes/bug5824 new file mode 100644 index 0000000000..15d366fe52 --- /dev/null +++ b/changes/bug5824 @@ -0,0 +1,4 @@ + o Minor bugfixes: + - Bridges now never collect statistics that were designed for relays. + Fix for bug 5824; bugfix on 0.2.3.8-alpha. + diff --git a/changes/bug5824-2 b/changes/bug5824-2 new file mode 100644 index 0000000000..f5963ca4c8 --- /dev/null +++ b/changes/bug5824-2 @@ -0,0 +1,4 @@ + o Minor bugfixes: + - Bridges now report complete directory request statistics. Related to + bug 5824; bugfix on 0.2.2.1-alpha. + diff --git a/changes/bug6026 b/changes/bug6026 deleted file mode 100644 index de5d6ead01..0000000000 --- a/changes/bug6026 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Relays now treat a changed IPv6 ORPort as sufficient reason to - publish an updated descriptor. Fix for bug 6026; bugfix for - 0.2.4.1-alpha. diff --git a/changes/bug6384 b/changes/bug6384 deleted file mode 100644 index c0e8446b3c..0000000000 --- a/changes/bug6384 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features: - - Add support for `--library-versions` flag. Implements ticket #6384. diff --git a/changes/bug6506 b/changes/bug6506 deleted file mode 100644 index 4c6f4900da..0000000000 --- a/changes/bug6506 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (build): - - Detect a missing asciidoc, and warn the user about it, during - configure, rather than at build time. Fixes issue 6506. Patch - from Arlo Breault. diff --git a/changes/bug6520 b/changes/bug6520 deleted file mode 100644 index 9f24f0dc39..0000000000 --- a/changes/bug6520 +++ /dev/null @@ -1,5 +0,0 @@ - o Removed features: - - Remove migration code from when we renamed the "cached-routers" - file to "cached-descriptors" back in 0.2.0.8-alpha. This - incidentally resolves #6502 by cleaning up the related code - a bit. Patch from Akshay Hebbar. diff --git a/changes/bug6752 b/changes/bug6752 deleted file mode 100644 index 8d620d56ee..0000000000 --- a/changes/bug6752 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - Lower directory fetch retry schedules and maximum interval without - directory requests, and raise maximum download tries in testing - networks. Implements #6752. - diff --git a/changes/bug7912 b/changes/bug7912 deleted file mode 100644 index 48c65d2241..0000000000 --- a/changes/bug7912 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes: - - Instead of writing destroy cells directly to outgoing connection - buffers, queue them and intersperse them with other outgoing cells. - This can prevent a set of resource starvation conditions where too - many pending destroy cells prevent data cells from actually getting - delivered. Reported by "oftc_must_be_destroyed". Fixes bug 7912; - bugfix on 0.2.0.1-alpha. - diff --git a/changes/bug7982 b/changes/bug7982 deleted file mode 100644 index 46aa53249c..0000000000 --- a/changes/bug7982 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes: - - Copy-paste description for PathBias params from man page into or.h - comment. Fixes bug 7982. diff --git a/changes/bug8093.part1 b/changes/bug8093.part1 deleted file mode 100644 index 2450794dd7..0000000000 --- a/changes/bug8093.part1 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Downgrade "unexpected SENDME" warnings to protocol-warn for 0.2.4, - for bug 8093. diff --git a/changes/bug8093.part2 b/changes/bug8093.part2 deleted file mode 100644 index 263c7e8b86..0000000000 --- a/changes/bug8093.part2 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Return the "unexpected sendme" warnings to a warn severity, but make - them rate limited. Related to ticket #8093. diff --git a/changes/bug8253-fix b/changes/bug8253-fix deleted file mode 100644 index 3d36d06c88..0000000000 --- a/changes/bug8253-fix +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (log messages) - - Fix a scaling issue in the path bias accounting code that resulted in - "Bug:" log messages from either pathbias_scale_close_rates() or - pathbias_count_build_success(). This represents a bugfix on a previous - bugfix: The original fix attempted in 0.2.4.10-alpha was incomplete. - Fixes bug 8235; bugfix on 0.2.4.1-alpha. diff --git a/changes/bug8530 b/changes/bug8530 deleted file mode 100644 index f66b602dbd..0000000000 --- a/changes/bug8530 +++ /dev/null @@ -1,3 +0,0 @@ - o Enhancements - - Add make target 'test-network' running tests on a Chutney - network. diff --git a/changes/bug8532 b/changes/bug8532 deleted file mode 100644 index e9fd06829a..0000000000 --- a/changes/bug8532 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features - - Add support for offsetting the voting interval in order to - bootstrap a network faster by adding configuration option - TestingV3AuthVotingStartOffset. Addresses #8532. diff --git a/changes/bug8561 b/changes/bug8561 deleted file mode 100644 index 598071a728..0000000000 --- a/changes/bug8561 +++ /dev/null @@ -1,3 +0,0 @@ - o Major features: - - The ntor handshake is now on-by-default, no matter what the - directory authorities recommend. Implements ticket 8561. diff --git a/changes/bug8639 b/changes/bug8639 deleted file mode 100644 index 0db5c91429..0000000000 --- a/changes/bug8639 +++ /dev/null @@ -1,5 +0,0 @@ - o Normal bugfixes: - - When launching a resolve request on behalf of an AF_UNIX control - socket, omit the address field of the new entry connection, used in - subsequent controller events, rather than letting tor_dup_addr() set - it to "<unknown address type>". Fixes bug 8639. diff --git a/changes/bug8711 b/changes/bug8711 deleted file mode 100644 index 28a1daa454..0000000000 --- a/changes/bug8711 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (authority): - - Add a "ignoring-advertised-bws" boolean to our flag-thresholds - lines to describe whether we have enough measured bandwidths to - ignore advertised bandwidth claims. Closes ticket 8711. - - diff --git a/changes/bug8716 b/changes/bug8716 deleted file mode 100644 index 74c74f82a6..0000000000 --- a/changes/bug8716 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (memory leak): - - Fix a memory leak that would occur whenever a configuration - option changed. Fixes bug #8718; bugfix on 0.2.3.3-alpha. diff --git a/changes/bug8719 b/changes/bug8719 deleted file mode 100644 index c05b79ddec..0000000000 --- a/changes/bug8719 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (memory leak): - - Avoid a memory leak where we would leak a consensus body when we find - that a consensus which we couldn't previously verify due to missing - certificates is now verifiable. Fixes bug 8719; bugfix on - 0.2.0.10-alpha. - diff --git a/changes/bug8788 b/changes/bug8788 new file mode 100644 index 0000000000..26fb5bc4f3 --- /dev/null +++ b/changes/bug8788 @@ -0,0 +1,3 @@ + o Minor bugfixes: + - Avoid crashing on a malformed resolv.conf file when running a + server using Libevent 1. Fixes bug 8788; bugfix on 0.1.1.23. diff --git a/changes/bug8789 b/changes/bug8789 deleted file mode 100644 index e3bcc40749..0000000000 --- a/changes/bug8789 +++ /dev/null @@ -1,3 +0,0 @@ - o Code simplifications and refactoring: - - Clean up exit path from connection_listener_new. Closes bug - 8789. Patch from Arlo Breault. diff --git a/changes/bug8790 b/changes/bug8790 deleted file mode 100644 index 9f1f0ba17d..0000000000 --- a/changes/bug8790 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor code improvements: - - Remove instances of strcpy from the unit tests. They weren't - hurting anything, since they were only in the unit tests, but - it's embarassing to have strcpy() in the code at all, and some - analysis tools don't like it. Fixes 8790. Patch from Arlo Breault. - diff --git a/changes/bug8791 b/changes/bug8791 deleted file mode 100644 index 0a65e286c0..0000000000 --- a/changes/bug8791 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - In the function munge_extrainfo_into_routerinfo(), check the return - value of memchr(). This would have been a serious issue if we ever - passed a non-extrainfo to munge_extrainfo_into_routerinfo. Fixes - bug 8791; bugfix on 0.2.0.6-alpha. Patch from Arlo Breault. diff --git a/changes/bug8792 b/changes/bug8792 deleted file mode 100644 index 6f4e3bf7b1..0000000000 --- a/changes/bug8792 +++ /dev/null @@ -1,4 +0,0 @@ - o Removed code - - Remove constants and tests for PKCS1 padding; it's insecure and - shouldn't be used for anything new. Fixes bug #8792; patch - from Arlo Breault. diff --git a/changes/bug8822 b/changes/bug8822 deleted file mode 100644 index c6787afe06..0000000000 --- a/changes/bug8822 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (windows): - - Prevent failures on Windows Vista and later when rebuilding the - microdescriptor cache. Diagnosed by Robert Ransom. Fixes bug 8822; - bugfix on 0.2.4.12-alpha. - diff --git a/changes/bug8833 b/changes/bug8833 deleted file mode 100644 index 681a86191f..0000000000 --- a/changes/bug8833 +++ /dev/null @@ -1,3 +0,0 @@ - o Major bugfixes (directory authority): - - Fix a crash bug when building a consensus using an older consensus as - its basis. Fixes bug 8833. Bugfix on 0.2.4.12-alpha. diff --git a/changes/bug8844 b/changes/bug8844 deleted file mode 100644 index 320e5f2845..0000000000 --- a/changes/bug8844 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - Prevent the get_freelists() function from running off the end of - the list of freelists if it somehow gets an unrecognized - allocation. Fixes bug 8844; bugfix on 0.2.0.16-alpha. Reported by - eugenis. - diff --git a/changes/bug8845 b/changes/bug8845 deleted file mode 100644 index ace043ab9b..0000000000 --- a/changes/bug8845 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (test): - - Fix an impossible buffer overrun in the AES unit tests. Fixes bug 8845; - bugfix on 0.2.0.7-alpha. Found by eugenis. diff --git a/changes/bug8846 b/changes/bug8846 deleted file mode 100644 index 377cc3708a..0000000000 --- a/changes/bug8846 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Give a less useless error message when the user asks for an IPv4 - address on an IPv6-only port, or vice versa. Fixes bug 8846; bugfix - on 0.2.4.7-alpha. diff --git a/changes/bug8879 b/changes/bug8879 deleted file mode 100644 index 0d2a70086c..0000000000 --- a/changes/bug8879 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Follow the socks5 protocol when offering username/password - authentication. The fix for bug 8117 exposed this bug, and it - turns out real-world applications like Pidgin do care. Bugfix on - 0.2.3.2-alpha; fixes bug 8879. diff --git a/changes/bug8929 b/changes/bug8929 deleted file mode 100644 index 2a1898b8a9..0000000000 --- a/changes/bug8929 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Add a new torrc option "ServerTransportOptions" that allows - bridge operators to pass configuration parameters to their - pluggable transports. Resolves ticket 8929. diff --git a/changes/bug8965 b/changes/bug8965 deleted file mode 100644 index b5af279632..0000000000 --- a/changes/bug8965 +++ /dev/null @@ -1,3 +0,0 @@ - o Removed documentation: - - Remove some of the older contents of doc/ as obsolete; move others - to torspec.git. Fixes bug 8965. diff --git a/changes/bug9002 b/changes/bug9002 deleted file mode 100644 index c41ace394a..0000000000 --- a/changes/bug9002 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes: - - Limit hidden service descriptors to at most ten introduction - points, to slow one kind of guard enumeration. Fixes bug 9002; - bugfix on 0.1.1.11-alpha. diff --git a/changes/bug9017 b/changes/bug9017 deleted file mode 100644 index 359c526b00..0000000000 --- a/changes/bug9017 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - Avoid an assertion failure on OpenBSD (and perhaps other BSDs) - when an exit connection with optimistic data succeeds immediately - rather than returning EINPROGRESS. Fixes bug 9017; bugfix on - 0.2.3.1-alpha. - diff --git a/changes/bug9030 b/changes/bug9030 deleted file mode 100644 index d0be582929..0000000000 --- a/changes/bug9030 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - The tor-fw-helper program now follows the standard convention and - exits with status code "0" on success. Fixes bug 9030; bugfix on - 0.2.3.1-alpha. Patch by Arlo Breault. diff --git a/changes/bug9043 b/changes/bug9043 deleted file mode 100644 index c3135ef0f4..0000000000 --- a/changes/bug9043 +++ /dev/null @@ -1,3 +0,0 @@ - o Code simplification and refactoring: - - Since OpenSSL 0.9.8 we can use EVP_PKEY_cmp instead of - implementing the same thing as pkey_eq. Fixes #9043. diff --git a/changes/bug9047 b/changes/bug9047 deleted file mode 100644 index 497f0d3372..0000000000 --- a/changes/bug9047 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - If for some reason we fail to write a microdescriptor while - rebuilding the cache, do not let the annotations from that - microdescriptor linger in the cache file, and do not let the - microdescriptor stay recorded as present in its old location. - Fixes bug 9047; bugfix on 0.2.2.6-alpha. diff --git a/changes/bug9063 b/changes/bug9063 deleted file mode 100644 index e1d0a5e780..0000000000 --- a/changes/bug9063 +++ /dev/null @@ -1,4 +0,0 @@ - o Normal bugfixes: - - Close any circuit that has 10% more cells queued than the spec permits - and warn when the queue length exceeds that threshold. Fixes bug - #9063; bugfix on 0.2.4.12. diff --git a/changes/bug9063_redux b/changes/bug9063_redux deleted file mode 100644 index e6fae72efc..0000000000 --- a/changes/bug9063_redux +++ /dev/null @@ -1,15 +0,0 @@ - o Major bugfixes: - - When we have too much memory queued in circuits (according to a new - MaxMemInCellQueues option), close the circuits consuming the most - memory. This prevents us from running out of memory as a relay if - circuits fill up faster than they can be drained. Fixes - bug 9063; bugfix on the 54th commit of Tor. This bug is a further - fix beyond bug 6252, whose fix was merged into 0.2.3.21-rc. - - Also fixes an earlier approach taken in 0.2.4.13-alpha, where we - tried to solve this issue simply by imposing an upper limit on the - number of queued cells for a single circuit. That approach proved to - be problematic, since there are ways to provoke clients to send a - number of cells in excess of any such reasonable limit. - Fixes bug 9072; bugfix on 0.2.4.13-alpha. - diff --git a/changes/bug9072 b/changes/bug9072 deleted file mode 100644 index e594a38335..0000000000 --- a/changes/bug9072 +++ /dev/null @@ -1,3 +0,0 @@ - o Critical bugfixes: - - Disable middle relay queue overfill detection code due to possible - guard discovery attack, pending further analysis. Fixes bug #9072. diff --git a/changes/bug9099 b/changes/bug9099 new file mode 100644 index 0000000000..5cd963ea8f --- /dev/null +++ b/changes/bug9099 @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Fix a comment about the rend_server_descriptor_t.protocols field + to more accurately describe its range. Also, make that + field unsigned, to more accurately reflect its usage. + Fixes bug 9099; bugfix on 0.2.1.5-alpha. diff --git a/changes/bug9108 b/changes/bug9108 deleted file mode 100644 index 9d2d3d8b65..0000000000 --- a/changes/bug9108 +++ /dev/null @@ -1,3 +0,0 @@ - o Code simplifications and refactoring: - - Make global_circuitlist data structure in circuitlist.c - a doubly-linked list. Bug #9108. diff --git a/changes/bug9122 b/changes/bug9122 deleted file mode 100644 index 5009da6126..0000000000 --- a/changes/bug9122 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes: - - When receiving a new configuration file via the control port's - LOADCONF command, do not treat the defaults file as absent. - Fixes bug 9122; bugfix on 0.2.3.9-alpha. diff --git a/changes/bug9147 b/changes/bug9147 deleted file mode 100644 index e6064ea0e5..0000000000 --- a/changes/bug9147 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Issue a warning when running with the bufferevents backend enabled. - It's still not stable, and people should know that they're likely - to hit unexpected problems. Closes ticket 9147. diff --git a/changes/bug9200 b/changes/bug9200 deleted file mode 100644 index 7b64dd1744..0000000000 --- a/changes/bug9200 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Fix a bug in the voting algorithm that could yield incorrect results - when a non-naming authority declared too many flags. Fixes bug 9200; - bugfix on 0.2.0.3-alpha. - diff --git a/changes/bug9207 b/changes/bug9207 deleted file mode 100644 index 66f8e344e0..0000000000 --- a/changes/bug9207 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor Bugfixes: - - Updated configuration advice for installing openssl on Debian. Fixes #9207. diff --git a/changes/bug9222 b/changes/bug9222 new file mode 100644 index 0000000000..bd66277118 --- /dev/null +++ b/changes/bug9222 @@ -0,0 +1,5 @@ + o Documentation: + + - Document in the manpage that "KBytes" may also be written as + "kilobytes" or "KB", that "Kbits" may also be written as + "kilobits", and so forth. Closes ticket #9222. diff --git a/changes/bug9254 b/changes/bug9254 deleted file mode 100644 index 5179bdc523..0000000000 --- a/changes/bug9254 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Fix a spurious compilation warning with some older versions of - GCC on FreeBSD. Fixes bug 9254; bugfix on 0.2.4.14-alpha. - diff --git a/changes/bug9258 b/changes/bug9258 deleted file mode 100644 index 5165b3a677..0000000000 --- a/changes/bug9258 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - Reject relative control socket paths and emit a warning. - Previously single-component control socket paths would be rejected, - but Tor would not log why it could not validate the config. - Now we reject all relative control socket paths and print a warning. - Fixes bug 9047; bugfix on 0.2.2.6-alpha. diff --git a/changes/bug9267 b/changes/bug9267 deleted file mode 100644 index 95a621148d..0000000000 --- a/changes/bug9267 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Added optional parameter to contrib/coverage script to specify directory - to put gcov files in, and added reset-gcov target to top-level makefile. - Fixes bug #9267. diff --git a/changes/bug9288 b/changes/bug9288 deleted file mode 100644 index 59bf414ea1..0000000000 --- a/changes/bug9288 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Fix an invalid memory read that occured when a pluggable - transport proxy failed its configuration protocol. - Fixes bug 9288. diff --git a/changes/bug9295 b/changes/bug9295 deleted file mode 100644 index 2c113616c3..0000000000 --- a/changes/bug9295 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes: - - Avoid a crash when using --hash-password. Fixes bug 9295; bugfix on - 0.2.4.15-rc. Found by stem integration tests. - diff --git a/changes/bug9309 b/changes/bug9309 deleted file mode 100644 index 38c462bc0f..0000000000 --- a/changes/bug9309 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - When evaluating whether to use a connection that we haven't - decided is canonical using a recent link protocol version, - decide that it's canonical only if it used address _does_ - match the desired address. Fixes bug 9309; bugfix on - 0.2.4.4-alpha. Reported by skruffy. diff --git a/changes/bug9337 b/changes/bug9337 deleted file mode 100644 index ce99bc8184..0000000000 --- a/changes/bug9337 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (DNS): - - Avoid an assertion failure when processing DNS replies without the - answer types we expected. Fixes bug 9337; bugfix on 0.2.4.7-alpha. - diff --git a/changes/bug9354 b/changes/bug9354 deleted file mode 100644 index 68fc81a595..0000000000 --- a/changes/bug9354 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Make the default behavior of NumDirectoryGuards be to track - NumEntryGuards. Now a user who changes only NumEntryGuards will get - the behavior she expects. Fixes bug 9354; bugfix on 0.2.4.8-alpha. - diff --git a/changes/bug9366 b/changes/bug9366 deleted file mode 100644 index acc919e77f..0000000000 --- a/changes/bug9366 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (usability): - - Warn and fail if a server is configured not to advertise any - ORPorts at all. (We need *something* to put in our descriptor, or - we just won't work.) diff --git a/changes/bug9400 b/changes/bug9400 deleted file mode 100644 index 974224068a..0000000000 --- a/changes/bug9400 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes: - - - Avoid double-closing the listener socket in our socketpair replacement - (used on Windows) in the case where the addresses on our opened - sockets don't match what we expected. Fixes bug 9400; bugfix on - every released Tor version. Found by Coverity. - diff --git a/changes/bug9543 b/changes/bug9543 deleted file mode 100644 index 753947f6fd..0000000000 --- a/changes/bug9543 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Avoid overflows when the user sets MaxCircuitDirtiness to a - ridiculously high value, by imposing a (ridiculously high) 30-day - maximum on MaxCircuitDirtiness. diff --git a/changes/bug9546 b/changes/bug9546 deleted file mode 100644 index 2145e35d8f..0000000000 --- a/changes/bug9546 +++ /dev/null @@ -1,11 +0,0 @@ - o Major bugfixes: - - - When a relay is extending a circuit to a bridge, it needs to send a - NETINFO cell, even when the bridge hasn't sent an AUTH_CHALLENGE - cell. Fixes bug 9546; bugfix on 0.2.3.6-alpha. - - - Bridges send AUTH_CHALLENGE cells during their handshakes; previously - they did not, which prevented relays from successfully connecting - to a bridge for self-test or bandwidth testing. Fixes bug 9546; - bugfix on 0.2.3.6-alpha. - diff --git a/changes/bug9564 b/changes/bug9564 deleted file mode 100644 index 0df00e3698..0000000000 --- a/changes/bug9564 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - If the time to download the next old-style networkstatus is in - the future, do not decline to consider whether to download the - next microdescriptor networkstatus. Fixes bug 9564. Bugfix on - 0.2.3.14-alpha. diff --git a/changes/bug9645a b/changes/bug9645a deleted file mode 100644 index 2daba65a00..0000000000 --- a/changes/bug9645a +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - If we are unable to save a microdescriptor to the journal, do not - drop it from memory and then reattempt downloading it. Fixes bug - 9645; bugfix on 0.2.2.6-alpha. - diff --git a/changes/bug965 b/changes/bug965 new file mode 100644 index 0000000000..d0870d0384 --- /dev/null +++ b/changes/bug965 @@ -0,0 +1,6 @@ + o Minor bugfixes: + + - Non-exit servers no longer launch mock DNS requests to check for + DNS hijacking. This has been unnecessary since 0.2.1.7-alpha, + when non-exit servers stopped servicing DNS requests. Fixes bug + 965; bugfix on 0.2.1.7-alpha. Patch from Matt Pagan. diff --git a/changes/bug9671_023 b/changes/bug9671_023 deleted file mode 100644 index 035ca5cdea..0000000000 --- a/changes/bug9671_023 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - If the circuit build timeout logic is disabled (via the consensus, - or because we are an authority), then don't build testing circuits. - Fixes bug 9657; bugfix on 0.2.2.14-alpha. - diff --git a/changes/bug9686 b/changes/bug9686 new file mode 100644 index 0000000000..82a8f44471 --- /dev/null +++ b/changes/bug9686 @@ -0,0 +1,3 @@ + o Minor changes: + - Decrease the lower limit of MaxMemInQueues to 256 MBytes, to + appease raspberry pi users. Fixes bug 9686.
\ No newline at end of file diff --git a/changes/doc-heartbeat-loglevel b/changes/doc-heartbeat-loglevel deleted file mode 100644 index 91f40ad260..0000000000 --- a/changes/doc-heartbeat-loglevel +++ /dev/null @@ -1,3 +0,0 @@ - o Minor documentation fixes: - - Fix the documentation of HeartbeatPeriod to say that the heartbeat - message is logged at notice, not at info. diff --git a/changes/fancy_testing b/changes/fancy_testing deleted file mode 100644 index fa5b5703c4..0000000000 --- a/changes/fancy_testing +++ /dev/null @@ -1,27 +0,0 @@ - o Build features: - - - Tor now builds each source file in two modes: a mode that avoids - exposing identifiers needlessly, and another mode that exposes - more identifiers for testing. This lets the compiler do better at - optimizing the production code, while enabling us to take more - radical measures to let the unit tests test things. - - - The production builds no longer include functions used only - in the unit tests; all functions exposed from a module for - unit-testing only are now static in production builds. - - - Add an --enable-coverage configuration option to make the unit - tests (and a new src/or/tor-cov target) to build with gcov test - coverage support. - - o Testing: - - - We now have rudimentary function mocking support that our unit - tests can use to test functions in isolation. Function mocking - lets the tests temporarily replace a function's dependencies with - stub functions, so that the tests can check the function without - invoking the other functions it calls. - - - Add more unit tests for the <circid,channel>->circuit map, and - the destroy-cell-tracking code to fix bug 7912. - diff --git a/changes/feature4900 b/changes/feature4900 new file mode 100644 index 0000000000..378ce12ae6 --- /dev/null +++ b/changes/feature4900 @@ -0,0 +1,12 @@ + o Minor features: + + - Avoid hash-flooding denial-of-service attacks by using the secure + SipHash-2-4 hash function for our hashtables. Without this + feature, an attacker could degrade performance of a targeted + client or server by flooding their data structures with a large + number of data entries all calculated to be stored at the same + hash table position, thereby degrading hash table + performance. With this feature, hash table positions are derived + from a randomized cryptographic key using SipHash-2-4, and an + attacker cannot predict which entries will collide. + Closes ticket 4900. diff --git a/changes/feature9574 b/changes/feature9574 deleted file mode 100644 index 723606e396..0000000000 --- a/changes/feature9574 +++ /dev/null @@ -1,7 +0,0 @@ - o Major features: - - Relays now process the new "NTor" circuit-level handshake requests - with higher priority than the old "TAP" circuit-level handshake - requests. We still process some TAP requests to not totally starve - 0.2.3 clients when NTor becomes popular. A new consensus parameter - "NumNTorsPerTAP" lets us tune the balance later if we need to. - Implements ticket 9574. diff --git a/changes/fomit-frame-pointer b/changes/fomit-frame-pointer deleted file mode 100644 index 67706246ad..0000000000 --- a/changes/fomit-frame-pointer +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (performance): - - If we're using the pure-C 32-bit curve25519_donna implementation - of curve25519, build it with the -fomit-frame-pointer option to - make it go faster on register-starved hosts. This improves our - handshake performance by about 6% on i386 hosts without nacl. - Closes ticket 8109. diff --git a/changes/geoip-august2013 b/changes/geoip-august2013 deleted file mode 100644 index bd15177a0c..0000000000 --- a/changes/geoip-august2013 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the August 7 2013 Maxmind GeoLite Country database. - diff --git a/changes/geoip-february2014 b/changes/geoip-february2014 new file mode 100644 index 0000000000..f8657b468e --- /dev/null +++ b/changes/geoip-february2014 @@ -0,0 +1,3 @@ + o Minor features: + - Update to the February 7 2014 Maxmind GeoLite2 Country database. + diff --git a/changes/geoip-february2014-regcountry b/changes/geoip-february2014-regcountry new file mode 100644 index 0000000000..c2ddf092aa --- /dev/null +++ b/changes/geoip-february2014-regcountry @@ -0,0 +1,3 @@ + o Minor features: + - Fix our version of the February 7 2014 Maxmind GeoLite2 Country database. + diff --git a/changes/geoip-july2013 b/changes/geoip-july2013 deleted file mode 100644 index 097819dd7c..0000000000 --- a/changes/geoip-july2013 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the July 3 2013 Maxmind GeoLite Country database. - diff --git a/changes/geoip-june2013 b/changes/geoip-june2013 deleted file mode 100644 index f8e00a62c6..0000000000 --- a/changes/geoip-june2013 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the June 5 2013 Maxmind GeoLite Country database. - diff --git a/changes/geoip-may2013 b/changes/geoip-may2013 deleted file mode 100644 index ff4b98f22b..0000000000 --- a/changes/geoip-may2013 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the May 9 2013 Maxmind GeoLite Country database. - diff --git a/changes/geoip6-february2014 b/changes/geoip6-february2014 new file mode 100644 index 0000000000..af30be00b1 --- /dev/null +++ b/changes/geoip6-february2014 @@ -0,0 +1,3 @@ + o Minor features: + - Update geoip6 to the February 7 2014 Maxmind GeoLite2 Country + database. diff --git a/changes/less_charbuf_usage b/changes/less_charbuf_usage deleted file mode 100644 index 2ec42b544a..0000000000 --- a/changes/less_charbuf_usage +++ /dev/null @@ -1,5 +0,0 @@ - o Code simplification and refactoring: - - Avoid using character buffers when constructing most directory - objects: this approach was unweildy and error-prone. Instead, - build smartlists of strings, and concatenate them when done. - diff --git a/changes/onion_tap_tests b/changes/onion_tap_tests deleted file mode 100644 index f98243323e..0000000000 --- a/changes/onion_tap_tests +++ /dev/null @@ -1,2 +0,0 @@ - o New unit tests: - - Unit tests for failing cases of the TAP onion handshake. diff --git a/changes/seccomp2_sandbox b/changes/seccomp2_sandbox deleted file mode 100644 index 73b3a8d5e4..0000000000 --- a/changes/seccomp2_sandbox +++ /dev/null @@ -1,12 +0,0 @@ - o Major features (security): - - Use the seccomp2 syscall filtering facility on Linux to limit - which system calls Tor can invoke. This is an experimental, - Linux-only feature to provide defense-in-depth against unknown - attacks. To try turning it on, set "Sandbox 1" in your torrc - file. This is an experimental feature, however, and some things - may break, so please be ready to report bugs. We hope to add - support for better sandboxing in the future, - including more fine-grained filters, better division of - responsibility, and support for more platforms. This work has - been done by Cristian-Matei Toader for Google Summer of Code. - diff --git a/changes/sigsafe_fmt_warning b/changes/sigsafe_fmt_warning new file mode 100644 index 0000000000..eeb4710288 --- /dev/null +++ b/changes/sigsafe_fmt_warning @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation): + - Fix a 64-to-32-conversion warning in format_number_sigsafe(). + Bugfix on 0.2.5.2-alpha; patch from Nick Hopper. + diff --git a/changes/ticket5129 b/changes/ticket5129 deleted file mode 100644 index c05ca68a3b..0000000000 --- a/changes/ticket5129 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Use the SOCK_NONBLOCK socket type, if supported, to open nonblocking - sockets in a single system call. Implements ticket #5129. diff --git a/changes/ticket5526 b/changes/ticket5526 deleted file mode 100644 index 35911d4b0c..0000000000 --- a/changes/ticket5526 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Log current accounting state (bytes sent and received + remaining - time for the current accounting period) in the server's - heartbeat message. Implements ticket 5526; patch from Peter Retzlaff. diff --git a/changes/ticket5528 b/changes/ticket5528 new file mode 100644 index 0000000000..69b2c1d168 --- /dev/null +++ b/changes/ticket5528 @@ -0,0 +1,4 @@ + o Code simplifications and refactoring: + - Get rid of router->address, since in all cases it was just the + string representation of router->addr. Resolves ticket 5528. + diff --git a/changes/ticket9108 b/changes/ticket9108 deleted file mode 100644 index 3d3038cc2a..0000000000 --- a/changes/ticket9108 +++ /dev/null @@ -1,3 +0,0 @@ - o Code simplification and refactoring: - - Use a doubly-linked list to implement the global circuit list. - Fix for ticket 9108. Patch from Marek Majkowski. diff --git a/changes/ticket9658 b/changes/ticket9658 deleted file mode 100644 index a8db2efba8..0000000000 --- a/changes/ticket9658 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Track how many "TAP" and "NTor" circuit handshake requests we get, - and how many we complete, and log it every hour to help relay - operators follow trends in network load. Addresses ticket 9658. diff --git a/changes/ticket_9214 b/changes/ticket_9214 deleted file mode 100644 index f1e43caeb0..0000000000 --- a/changes/ticket_9214 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features: - - Accept bandwidth and space limits in bits as well as bytes. - (Anywhere in the configuration file that you can say "2 Kilobytes", - you can now say "16 kilobits", and so on.) Resolves ticket 9214. - Patch by CharlieB. - diff --git a/changes/v3_intro_len b/changes/v3_intro_len deleted file mode 100644 index fbe39bce3b..0000000000 --- a/changes/v3_intro_len +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes: - - - Fix an uninitialized read that could (in some cases) lead to a remote - crash while parsing INTRODUCE 1 cells. (This is, so far as we know, - unrelated to the recent news.) Fixes bug XXX; bugfix on - 0.2.4.1-alpha. Anybody running a hidden service on the experimental - 0.2.4.x branch should upgrade. - diff --git a/changes/warn-unsigned-time_t b/changes/warn-unsigned-time_t deleted file mode 100644 index f57f85ae37..0000000000 --- a/changes/warn-unsigned-time_t +++ /dev/null @@ -1,11 +0,0 @@ - o Minor bugfixes (portability): - - On the chance that somebody manages to build Tor on a - platform where time_t is unsigned, correct the way that - microdesc_add_to_cache handles negative time arguments. Fix for - bug 8042; bugfix on 0.2.3.1-alpha. - - o Build improvements: - - Warn if building on a platform with an unsigned time_t: there - are too many places where Tor currently assumes that time_t can - hold negative values. We'd like to fix them all, but probably - some will remain. |