diff options
Diffstat (limited to 'changes')
146 files changed, 332 insertions, 414 deletions
diff --git a/changes/bastet_v6 b/changes/bastet_v6 deleted file mode 100644 index ee4e2c8094..0000000000 --- a/changes/bastet_v6 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (directory authority): - - Add an IPv6 address for the "bastet" directory authority. - Closes ticket 24394. - diff --git a/changes/bug12062 b/changes/bug12062 new file mode 100644 index 0000000000..8972929d84 --- /dev/null +++ b/changes/bug12062 @@ -0,0 +1,16 @@ + o Minor bugfixes (hibernation, bandwidth accounting, shutdown): + + - When hibernating, do not attempt to launch DNS checks. Fixes a + case of bug 12062; bugfix on 0.1.2.2-alpha. + + - Resolve several bugs related to descriptor fetching on bridge + clients with bandwidth accounting enabled. (This combination is + not recommended!) Fixes a case of bug 12062; bugfix on + 0.2.0.3-alpha. + + - When hibernating, do not try to upload or download + descriptors. Fixes a case of bug 12062; bugfix on 0.0.9pre5. + + - Do not attempt to launch self-reachability tests when entering + hibernation. Fixes a base of bug 12062; bugfix on 0.0.9pre5. + diff --git a/changes/bug18859 b/changes/bug18859 deleted file mode 100644 index 1fe5bc2107..0000000000 --- a/changes/bug18859 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (circuit prediction): - - Fix circuit prediction logic so that a client doesn't treat a stream as - being "handled" by a circuit if that circuit already has isolation - settings on it that might make it incompatible with the stream. This - change should make Tor clients more responsive by improving their - chances of having a pre-created circuit ready for use when a new client - request arrives. Fixes bug 18859; bugfix on 0.2.3.3-alpha. diff --git a/changes/bug20532 b/changes/bug20532 deleted file mode 100644 index 7c190ea032..0000000000 --- a/changes/bug20532 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (bridges): - - Overwrite the bridge address earlier in the process of directly - retrieving its descriptor, to make sure we reach it on the configured - address. Fixes bug 20532; bugfix on 0.2.0.10-alpha. diff --git a/changes/bug20942 b/changes/bug20942 new file mode 100644 index 0000000000..f806ddced3 --- /dev/null +++ b/changes/bug20942 @@ -0,0 +1,3 @@ + o Minor features (fallback directory mirrors): + - Reject any fallback directory mirror that serves an expired consensus. + Implements ticket 20942, patch by "minik". diff --git a/changes/bug20963 b/changes/bug20963 deleted file mode 100644 index a65c58399c..0000000000 --- a/changes/bug20963 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (logging): - - Improve the message we log when re-enabling circuit build timeouts - after having received a consensus. Closes ticket 20963. - diff --git a/changes/bug21074_downgrade b/changes/bug21074_downgrade new file mode 100644 index 0000000000..33d0b2c613 --- /dev/null +++ b/changes/bug21074_downgrade @@ -0,0 +1,4 @@ + o Minor bugfixes (OSX): + - Don't exit the Tor process if setrlimit() fails to change the file + limit (which can happen sometimes on some versions of OSX). Fixes + bug 21074; bugfix on 0.0.9pre5. diff --git a/changes/bug21394 b/changes/bug21394 deleted file mode 100644 index e5452e20ba..0000000000 --- a/changes/bug21394 +++ /dev/null @@ -1,9 +0,0 @@ - o Major bugfixes (Exit nodes): - - Fix an issue causing high-bandwidth exit nodes to fail a majority - or all of their DNS requests, making them basically unsuitable for - regular usage in Tor circuits. The problem is related to - libevent's DNS handling, but we can work around it in Tor. Fixes - bugs 21394 and 18580; bugfix on 0.1.2.2-alpha which introduced - eventdns. Credit goes to Dhalgren for identifying and finding a - workaround to this bug and to gamambel, arthuredelstein and - arma in helping to track it down and analyze it. diff --git a/changes/bug21509 b/changes/bug21509 deleted file mode 100644 index 593a01ef20..0000000000 --- a/changes/bug21509 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (hidden service v3, fuzzing): - - Fix the hidden service v3 descriptor decoding fuzzing to use the latest - decoding API correctly. Fixes bug 21509; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug22605 b/changes/bug22605 new file mode 100644 index 0000000000..fdfe202021 --- /dev/null +++ b/changes/bug22605 @@ -0,0 +1,5 @@ + o Minor bugfixes (linux seccomp2 sandbox): + - When running with the sandbox enabled, reload configuration files + correctly even when %include was used. Previously we + would crash. Fixes bug 22605; bugfix on 0.3.1. + Patch from Daniel Pinto. diff --git a/changes/bug22907 b/changes/bug22907 new file mode 100644 index 0000000000..ff6ab8375b --- /dev/null +++ b/changes/bug22907 @@ -0,0 +1,3 @@ + o Documentation: + - Add documentation on how to build tor with Rust dependencies without + requiring being online. Closes ticket 22907; bugfix on tor-0.3.0.3-alpha. diff --git a/changes/bug23100 b/changes/bug23100 new file mode 100644 index 0000000000..22e2485d64 --- /dev/null +++ b/changes/bug23100 @@ -0,0 +1,7 @@ + o Minor bugfixes (Performance): + - Use hidden service circuits (and other circuits longer than 3 hops) + to calculate a circuit build timeout. Previously, Tor only calculated + its build timeout based on circuits that planned to be exactly 3 hops + long. With this change, we include measurements from all circuits at + the point where they complete their third hop. Fixes bug 23100; + bugfix on 0.2.2.2-alpha. diff --git a/changes/bug23114 b/changes/bug23114 new file mode 100644 index 0000000000..b67f75a5aa --- /dev/null +++ b/changes/bug23114 @@ -0,0 +1,6 @@ + o Minor bugfixes (Performance): + - Consider circuits for timeout as soon as they complete a hop. This + is more accurate than applying the timeout in circuit_expire_building() + because that function is only called once per second, which is now + too slow for typical timeouts on the current network. Fixes bug 23114; + bugfix on 0.2.2.2-alpha. diff --git a/changes/bug23318 b/changes/bug23318 deleted file mode 100644 index 7fcb8d4487..0000000000 --- a/changes/bug23318 +++ /dev/null @@ -1,11 +0,0 @@ - o Minor bugfixes (path selection): - - When selecting relays by bandwidth, avoid a rounding error that - could sometimes cause load to be imbalanced incorrectly. Previously, - we would always round upwards; now, we round towards the nearest - integer. This had the biggest effect when a relay's weight adjustments - should have given it weight 0, but it got weight 1 instead. - Fixes bug 23318; bugfix on 0.2.4.3-alpha. - - When calculating the fraction of nodes that have descriptors, and all - all nodes in the network have zero bandwidths, count the number of nodes - instead. - Fixes bug 23318; bugfix on 0.2.4.10-alpha. diff --git a/changes/bug23571 b/changes/bug23571 new file mode 100644 index 0000000000..f2efbdfb96 --- /dev/null +++ b/changes/bug23571 @@ -0,0 +1,3 @@ + o Minor bugfixes (hibernation): + - When hibernating, close connections normally and allow them to flush. + Fixes bug 23571; bugfix on 0.2.4.7-alpha. Also fixes bug 7267. diff --git a/changes/bug23603 b/changes/bug23603 deleted file mode 100644 index dfb2052c9a..0000000000 --- a/changes/bug23603 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (hidden service v3): - - Fix a race between the circuit close and free where the service would - launch a new intro circuit after the close, and then fail to register it - before the free of the previously closed circuit. This was making the - service unable to find the established intro circuit and thus not upload - its descriptor. It can make a service unavailable for up to 24 hours. - Fixes bug 23603; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23623 b/changes/bug23623 deleted file mode 100644 index 1e2e5c2ac0..0000000000 --- a/changes/bug23623 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (onion services): - - Cache some needed onion service client information instead of - continuously computing it over and over again. Fixes bug 23623; bugfix - on 0.3.2.1-alpha. diff --git a/changes/bug23653 b/changes/bug23653 deleted file mode 100644 index 81760cbb82..0000000000 --- a/changes/bug23653 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (hidden service client): - - When getting multiple SOCKS request for the same .onion address, don't - trigger multiple descriptor fetches. - - When the descriptor fetch fails with an internal error, no more HSDir to - query or we aren't allowed to fetch (FetchHidServDescriptors 0), close - all pending SOCKS request for that .onion. Fixes bug 23653; bugfix on - 0.3.2.1-alpha. diff --git a/changes/bug23662 b/changes/bug23662 deleted file mode 100644 index 1000bde3d6..0000000000 --- a/changes/bug23662 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (onion services): - - Silence a warning about failed v3 onion descriptor uploads since it can - happen naturally under certain edge-cases. Fixes part of bug 23662; - bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23670 b/changes/bug23670 deleted file mode 100644 index 039bc39478..0000000000 --- a/changes/bug23670 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (entry guards): - - Improve logs issued when we are missing descriptors of primary guards. - Resolves ticket 23670. diff --git a/changes/bug23678 b/changes/bug23678 deleted file mode 100644 index 8138ea71ea..0000000000 --- a/changes/bug23678 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (warnings): - - When we get an HTTP request on a SOCKS port, tell the user about - the new HTTPTunnelPort option. Previously, we would give a - "Tor is not an HTTP Proxy" message, which stopped being true when - HTTPTunnelPort was introduced. Fixes bug 23678; bugfix on - 0.3.2.1-alpha. - diff --git a/changes/bug23681 b/changes/bug23681 deleted file mode 100644 index e317f36d50..0000000000 --- a/changes/bug23681 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (hidden service client): - - The introduction circuit was being timed out too quickly while waiting - for the rendezvous circuit to complete. Keep the intro circuit around - longer instead of timing out and reopening new ones constantly. Fixes - bug 23681; bugfix on 0.2.4.8-alpha. diff --git a/changes/bug23693 b/changes/bug23693 deleted file mode 100644 index 796398be51..0000000000 --- a/changes/bug23693 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (relay, crash): - - Avoid a crash when transitioning from client mode to bridge mode. - Previously, we would launch the worker threads whenever our "public - server" mode changed, but not when our "server" mode changed. - Fixes bug 23693; bugfix on 0.2.6.3-alpha. - diff --git a/changes/bug23696 b/changes/bug23696 deleted file mode 100644 index c5d18583d4..0000000000 --- a/changes/bug23696 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfix (KIST scheduler): - - Downgrade a warning to log info when the monotonic time diff is - negative. This can happen on platform not supporting monotonic time. The - scheduler recovers from this without any problem. Fixes bug 23696; - bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23739 b/changes/bug23739 deleted file mode 100644 index 3207b5eaf3..0000000000 --- a/changes/bug23739 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (documentation): - - Document better how to read gcov and what our postprocessing scripts do. - Fixes bug 23739; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug23741 b/changes/bug23741 deleted file mode 100644 index 92f06f5270..0000000000 --- a/changes/bug23741 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (testing): - - Prevent scripts/test/coverage from attempting to move gcov - output to the root directory. Fixes bug 23741; bugfix on - 0.2.5.1-alpha. diff --git a/changes/bug23748 b/changes/bug23748 deleted file mode 100644 index 0bd3f3f8ff..0000000000 --- a/changes/bug23748 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (hidden service): - - Always make sure the hidden service generate the public key file if it - is missing. Prior to this, if the public key was deleted from disk, it - wouldn't get recreated. Fixes bug 23748; bugfix on 0.3.2.2-alpha. - Patch from "cathugger". diff --git a/changes/bug23751 b/changes/bug23751 deleted file mode 100644 index 2fd7021664..0000000000 --- a/changes/bug23751 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (scheduler, channel): - - Ignore channels that have been closed while flushing cells. This can - happen if the write on the connection fails leading to the channel being - closed while in the scheduler loop. This is not a complete fix, it is a - bandaid until we are able to refactor those interactions. Fixes bug - 23751; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23753 b/changes/bug23753 deleted file mode 100644 index 8782a8e2d0..0000000000 --- a/changes/bug23753 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (logging, scheduler): - - Introduce a SCHED_BUG() function to log extra information about the - scheduler state if we ever catch a bug in the scheduler. Closes ticket - 23753. diff --git a/changes/bug23755 b/changes/bug23755 deleted file mode 100644 index 98f0970344..0000000000 --- a/changes/bug23755 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (testing): - - Stop unconditionally mirroring the tor repository in GitLab CI. - This prevented developers from enabling GitLab CI on master. - Fixes bug 23755; bugfix on 0.3.2.2-alpha. diff --git a/changes/bug23757 b/changes/bug23757 deleted file mode 100644 index 02507a0b4d..0000000000 --- a/changes/bug23757 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (testing): - - Adjust the GitLab CI configuration to more closely match that of Travis - CI. Fixes bug 23757; bugfix on 0.3.2.2-alpha. - diff --git a/changes/bug23758 b/changes/bug23758 deleted file mode 100644 index 565791e8f4..0000000000 --- a/changes/bug23758 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (testing): - - Skip a test that would fail if run as root (because it expects a - permissions error). This affects some continuous integration setups. - Fixes bug 23758; bugfix on 0.3.2.2-alpha. diff --git a/changes/bug23762 b/changes/bug23762 deleted file mode 100644 index 741a88e21f..0000000000 --- a/changes/bug23762 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (hidden service v3): - - Properly retry HSv3 descriptor fetches in the case where we were initially - missing required directory information. Fixes bug 23762; bugfix on - 0.3.2.1-alpha. diff --git a/changes/bug23774 b/changes/bug23774 deleted file mode 100644 index 2ea5c0122a..0000000000 --- a/changes/bug23774 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (memory leak): - - Fix a minor memory-leak-at-exit in the KIST scheduler. This - bug should have no user-visible impact. Fixes bug 23774; - bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23783 b/changes/bug23783 deleted file mode 100644 index 98c583a12b..0000000000 --- a/changes/bug23783 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (compilation, windows): - - When detecting OpenSSL on Windows from our configure script, make sure - to try linking with the ws2_32 library. Fixes bug 23783; bugfix on - 0.3.2.2-alpha. - diff --git a/changes/bug23790 b/changes/bug23790 deleted file mode 100644 index 5ebe77f806..0000000000 --- a/changes/bug23790 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (hidden service v2): - - When reloading tor (HUP) configured with hidden service(s), some - information weren't copy to the new service object. One problem with - this was that tor would wait at least the RendPostPeriod time before - uploading the descriptor if the reload happened before the descriptor - needed to be published. Fixes bug 23790; bugfix on 0.2.1.9-alpha. diff --git a/changes/bug23816 b/changes/bug23816 deleted file mode 100644 index 6139dec9e8..0000000000 --- a/changes/bug23816 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (directory client): - - On failure to download directory information, delay retry attempts - by a random amount based on the "decorrelated jitter" algorithm. - Our previous delay algorithm tended to produce extra-long delays too - easily. Fixes bug 23816; bugfix on 0.2.9.1-alpha. - diff --git a/changes/bug23817 b/changes/bug23817 deleted file mode 100644 index 4740942799..0000000000 --- a/changes/bug23817 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (descriptors): - - Don't try fetching microdescriptors from relays that have failed to - deliver them in the past. Fixes bug 23817; bugfix on 0.3.0.1-alpha. diff --git a/changes/bug23820 b/changes/bug23820 deleted file mode 100644 index 4e920d0498..0000000000 --- a/changes/bug23820 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (IPv6, v3 single onion services): - - Remove buggy code for IPv6-only v3 single onion services, and reject - attempts to configure them. This release supports IPv4, dual-stack, and - IPv6-only v3 hidden services; and IPv4 and dual-stack v3 single onion - services. Fixes bug 23820; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23826-23828 b/changes/bug23826-23828 new file mode 100644 index 0000000000..2b991e5c1b --- /dev/null +++ b/changes/bug23826-23828 @@ -0,0 +1,14 @@ + o Major features (IPv6, directory documents): + - Add consensus method 27, which adds IPv6 ORPorts to the microdesc + consensus. This makes it easier for IPv6 clients to bootstrap and + choose reachable entry guards. + Implements 23826. + - Add consensus method 28, which removes IPv6 ORPorts from + microdescriptors. Now that there are IPv6 ORPorts in the microdesc + consensus, they are redundant in microdescs. This change is compatible + with tor clients on 0.2.8.x and later. (0.2.8.x introduced client IPv6 + bootstrap and guard support.) + Implements 23828. + - Expand the documentation for AuthDirHasIPv6Connectivity when it is set + by different numbers of authorities. + Fixes 23870 on 0.2.4.1-alpha. diff --git a/changes/bug23827 b/changes/bug23827 new file mode 100644 index 0000000000..75279abb85 --- /dev/null +++ b/changes/bug23827 @@ -0,0 +1,8 @@ + o Minor feature (IPv6): + - When a consensus has IPv6 ORPorts, make IPv6-only clients use them, + rather than waiting to download microdescriptors. + Implements 23827. + - Make IPv6-only clients wait for microdescs for relays, even if we were + previously using descriptors (or were using them as a bridge) and have + a cached descriptor for them. + Implements 23827. diff --git a/changes/bug23848 b/changes/bug23848 new file mode 100644 index 0000000000..e2aec687ca --- /dev/null +++ b/changes/bug23848 @@ -0,0 +1,8 @@ + o Minor features (embedding): + - On most errors that would cause Tor to exit, it now tries to return + from the tor_main() function, rather than calling the system exit() + function. Most users won't notice a difference here, but it should + make a significant difference on platforms that try to run Tor inside + a separate thread: they should now be able to survive Tor's exit + conditions rather than having Tor shut down the entire process. + Closes ticket 23848. diff --git a/changes/bug23861 b/changes/bug23861 deleted file mode 100644 index c6f017640d..0000000000 --- a/changes/bug23861 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (logging, relay): - - Suppress a log notice when relay descriptors arrive. We already have a - bootstrap progress for this so no need to log notice everytime tor - receives relay descriptors. Microdescriptors behave the same. Fixes bug - 23861; bugfix on 0.2.8.2-alpha. diff --git a/changes/bug23862 b/changes/bug23862 deleted file mode 100644 index 301ce73672..0000000000 --- a/changes/bug23862 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (entry guards): - - Tor now updates its guard state when it reads a consensus regardless of - whether it's missing descriptors. That makes tor use its primary guards - to fetch descriptors in some edge cases where it would have used fallback - directories in the past. Fixes bug 23862; bugfix on 0.3.0.1-alpha.
\ No newline at end of file diff --git a/changes/bug23874 b/changes/bug23874 deleted file mode 100644 index bf6620553d..0000000000 --- a/changes/bug23874 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (memory safety): - - Clear the address when node_get_prim_orport() returns early. - Fixes bug 23874; bugfix on 0.2.8.2-alpha. diff --git a/changes/bug23952 b/changes/bug23952 deleted file mode 100644 index ab1462e522..0000000000 --- a/changes/bug23952 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (relay): - - Avoid a BUG warning when receiving a dubious CREATE cell while - an option transition is in progress. Fixes bug 23952; bugfix on - 0.3.2.1-alpha. diff --git a/changes/bug23953 b/changes/bug23953 new file mode 100644 index 0000000000..10d41a00d2 --- /dev/null +++ b/changes/bug23953 @@ -0,0 +1,3 @@ + o Minor features (performance): + - Use stdatomic.h where available, rather than mutexes, to implement + atomic_counter_t. Closes ticket 23953. diff --git a/changes/bug23985 b/changes/bug23985 deleted file mode 100644 index 9cb5937962..0000000000 --- a/changes/bug23985 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes (bootstrapping): - - Fetch descriptors aggressively whenever we lack enough - to build circuits, regardless of how many descriptors we are missing. - Previously, we would delay launching the fetch when we had fewer than - 15 missing descriptors, even if some of those descriptors were - blocking circuits from building. Fixes bug 23985; bugfix on - 0.1.1.11-alpha. The effects of this bug became worse in 0.3.0.3-alpha, - when we began treating missing descriptors from our primary guards - as a reason to delay circuits. diff --git a/changes/bug24002 b/changes/bug24002 deleted file mode 100644 index cdb6081110..0000000000 --- a/changes/bug24002 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (hidden service): - - Make sure that we have a usable ed25519 key when the intro point relay - does support ed25519 link authentication. We do check for an empty key - when the relay does not support it so this makes it nice and symmetric. - Fixes bug 24002; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24025 b/changes/bug24025 deleted file mode 100644 index 1d7841af53..0000000000 --- a/changes/bug24025 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (logging, relay): - - Downgrade a warning to a protocol warning in the case the ed25519 key is - not consistent between the descriptor and micro descriptor of a relay. - This can happen for instance if the relay has been flagged - NoEdConsensus. Fixes bug 24025; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24050 b/changes/bug24050 deleted file mode 100644 index d184a77ac0..0000000000 --- a/changes/bug24050 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (client): - - By default, do not enable storage of client-side DNS values. - These values were unused by default previously, but they should - not have been cached at all. Fixes bug 24050; bugfix on - 0.2.6.3-alpha. diff --git a/changes/bug24082 b/changes/bug24082 deleted file mode 100644 index 1523239351..0000000000 --- a/changes/bug24082 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (testing): - - Fix a spurious fuzzing-only use of an uninitialized value. - Found by Brian Carpenter. Fixes bug 24082; bugfix on 0.3.0.3-alpha. diff --git a/changes/bug24086 b/changes/bug24086 deleted file mode 100644 index 2ae0b37e65..0000000000 --- a/changes/bug24086 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (directory cache): - - When a consensus diff calculation is only partially successful, only - record the successful parts as having succeeded. Partial success - can happen if (for example) one compression method fails but - the others succeed. Previously we misrecorded all the calculations as - having succeeded, which would later cause a nonfatal assertion failure. - Fixes bug 24086; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug24099 b/changes/bug24099 deleted file mode 100644 index dca3992664..0000000000 --- a/changes/bug24099 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (directory cache): - - Recover better from empty or corrupt files in the consensus cache - directory. Fixes bug 24099; bugfix on 0.3.1.1-alpha. - diff --git a/changes/bug24115 b/changes/bug24115 deleted file mode 100644 index 767f13840b..0000000000 --- a/changes/bug24115 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (manpage, hidden service): - - Mention that the HiddenServiceNumIntroductionPoints option is 0-10 for - v2 service and 0-20 for v3 service. Fixes bug 24115; bugfix on - 0.3.2.1-alpha. diff --git a/changes/bug24119 b/changes/bug24119 new file mode 100644 index 0000000000..5014257602 --- /dev/null +++ b/changes/bug24119 @@ -0,0 +1,4 @@ + o Code simplification and refactoring: + - Rewrite channel_rsa_id_group_set_badness to reduce temporary memory + allocations with large numbers of OR connections (e.g. relays). Closes + ticket 24119. diff --git a/changes/bug24137 b/changes/bug24137 new file mode 100644 index 0000000000..588e68d199 --- /dev/null +++ b/changes/bug24137 @@ -0,0 +1,3 @@ + o Minor bugfixes (Private Networks): + - Give out Exit flags in bootstrapping networks. Fixes bug 24137; + bugfix on 0.2.3.1-alpha. diff --git a/changes/bug24150 b/changes/bug24150 deleted file mode 100644 index cfda7c40da..0000000000 --- a/changes/bug24150 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (v3 onion services): - - Fix a memory leak when decrypting a badly formatted v3 onion - service descriptor. Fixes bug 24150; bugfix on 0.3.2.1-alpha. - Found by OSS-Fuzz; this is OSS-Fuzz issue 3994. diff --git a/changes/bug24167 b/changes/bug24167 deleted file mode 100644 index fd0d87efff..0000000000 --- a/changes/bug24167 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (network layer): - - When closing a connection via close_connection_immediately(), we - mark it as "not blocked on bandwidth", to prevent later calls - from trying to unblock it, and give it permission to read. This - fixes a backtrace warning that can happen on relays under various - circumstances. Fixes bug 24167; bugfix on 0.1.0.1-rc. - diff --git a/changes/bug24170 b/changes/bug24170 deleted file mode 100644 index d3d7347693..0000000000 --- a/changes/bug24170 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (path selection): - - Actually log the total bandwidth in compute_weighted_bandwidths(). - Fixes bug 24170; bugfix on 0.2.4.3-alpha. diff --git a/changes/bug24198 b/changes/bug24198 deleted file mode 100644 index 6790706872..0000000000 --- a/changes/bug24198 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (controller, linux seccomp2 sandbox): - - Avoid a crash when attempting to use the seccomp2 sandbox - together with the OwningControllerProcess feature. - Fixes bug 24198; bugfix on 0.2.5.1-alpha. diff --git a/changes/bug24230 b/changes/bug24230 deleted file mode 100644 index b08c4cde24..0000000000 --- a/changes/bug24230 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (control port, hidden service): - - Control port was reporting the action "UPLOAD_FAILED" instead of - "FAILED" for the HS_DESC event when a service was not able to upload a - descriptor. Fixes bug 24230; bugfix on 0.2.7.1-alpha. diff --git a/changes/bug24247 b/changes/bug24247 deleted file mode 100644 index 1f4ddcdde2..0000000000 --- a/changes/bug24247 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (fuzzing): - - Fix a bug in our fuzzing mock replacement for crypto_pk_checksig(), to - correctly handle cases where a caller gives it an RSA key of under 160 - bits. (This is not actually a bug in Tor itself, but wrather in our - fuzzing code.) Fixes bug 24247; bugfix on 0.3.0.3-alpha. - Found by OSS-Fuzz as issue 4177. diff --git a/changes/bug24262 b/changes/bug24262 deleted file mode 100644 index eee69512e4..0000000000 --- a/changes/bug24262 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (hidden service): - - Fix the consensus parameter "hsdir-interval" to "hsdir_interval" so it - matches the dir-spec.txt. Fixes bug 24262; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug24279 b/changes/bug24279 deleted file mode 100644 index ab2932b341..0000000000 --- a/changes/bug24279 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (compilation, hardening): - - Fix a memory leak warning in one of the libevent-related - configuration tests that could occur when manually specifying - -fsanitize=address. Fixes bug 24279; bugfix on 0.3.0.2-alpha. - Found and patched by Alex Xu. diff --git a/changes/bug24313 b/changes/bug24313 deleted file mode 100644 index b927ec3ba6..0000000000 --- a/changes/bug24313 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (security, hidden service v2): - - Fix a use-after-free error that could crash v2 Tor hidden services - when it failed to open circuits while expiring introductions - points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This - issue is also tracked as TROVE-2017-013 and CVE-2017-8823. diff --git a/changes/bug24318 b/changes/bug24318 new file mode 100644 index 0000000000..c92f7209f1 --- /dev/null +++ b/changes/bug24318 @@ -0,0 +1,3 @@ + o Documentation: + - Clarify the behavior of RelayBandwidth{Rate,Burst} with client traffic. + Closes ticket 24318. diff --git a/changes/bug24337 b/changes/bug24337 new file mode 100644 index 0000000000..82b430425d --- /dev/null +++ b/changes/bug24337 @@ -0,0 +1,8 @@ + o Minor features (defensive programming): + - Most of the functions in Tor that free objects have been replaced + with macros that free the objects and set the corresponding pointers + to NULL. This change should help prevent a large class of dangling + pointer bugs. Closes ticket 24337. + + - Where possible, the tor_free() macro now only evaluates its input once. + Part of ticket 24337. diff --git a/changes/bug24345 b/changes/bug24345 deleted file mode 100644 index 22eb412514..0000000000 --- a/changes/bug24345 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (tests): - - Fix a unit test in one of the bridge-distribution test cases. - Fixes bug 24345; bugfix on 0.3.2.3-alpha. diff --git a/changes/bug24362 b/changes/bug24362 new file mode 100644 index 0000000000..15e393cf3f --- /dev/null +++ b/changes/bug24362 @@ -0,0 +1,2 @@ + o Minor features (logging, android): + - Added support for the Android logging subsystem. Closes ticket 24362. diff --git a/changes/bug24367 b/changes/bug24367 deleted file mode 100644 index 09ef3bb877..0000000000 --- a/changes/bug24367 +++ /dev/null @@ -1,13 +0,0 @@ - o Minor bugfixes (bridge clients, bootstrap): - - Retry directory downloads when we get our first bridge descriptor - during bootstrap or while reconnecting to the network. Keep retrying - every time we get a bridge descriptor, until we have a reachable bridge. - Fixes bug 24367; bugfix on 0.2.0.3-alpha. - - Stop delaying bridge descriptor fetches when we have cached bridge - descriptors. Instead, only delay bridge descriptor fetches when we - have at least one reachable bridge. - Fixes bug 24367; bugfix on 0.2.0.3-alpha. - - Stop delaying directory fetches when we have cached bridge descriptors. - Instead, only delay bridge descriptor fetches when all our bridges are - definitely unreachable. - Fixes bug 24367; bugfix on 0.2.0.3-alpha. diff --git a/changes/bug24374 b/changes/bug24374 new file mode 100644 index 0000000000..d0b07f12da --- /dev/null +++ b/changes/bug24374 @@ -0,0 +1,4 @@ + o Minor features (performance, 32-bit): + - Improve performance on 32-bit systems by avoiding 64-bit division + when timestamping cells and buffer chunks for OOM calculations. + Implements ticket 24374. diff --git a/changes/bug24424 b/changes/bug24424 deleted file mode 100644 index 63c2d39ba1..0000000000 --- a/changes/bug24424 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (portability): - - Tor now compiles correctly on arm64 with libseccomp-dev installed. - (It doesn't yet work with the sandbox enabled.) Closes ticket 24424. diff --git a/changes/bug24480 b/changes/bug24480 deleted file mode 100644 index 94e5b91a0c..0000000000 --- a/changes/bug24480 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix a signed/unsigned comparison warning introduced by our - fix to TROVE-2017-009. Fixes bug 24480; bugfix on 0.2.5.16. diff --git a/changes/bug24488 b/changes/bug24488 new file mode 100644 index 0000000000..b8094e29e6 --- /dev/null +++ b/changes/bug24488 @@ -0,0 +1,4 @@ + o Minor bugfixes (directory authorities, IPv6): + - When creating a routerstatus (vote) from a routerinfo (descriptor), + set the IPv6 address to the unspecified IPv6 address, and explicitly + initialise the port to zero. Fixes bug 24488; bugfix on 0.2.4.1-alpha. diff --git a/changes/bug24489 b/changes/bug24489 new file mode 100644 index 0000000000..6864ba6f57 --- /dev/null +++ b/changes/bug24489 @@ -0,0 +1,3 @@ + o Code simplification and refactoring (controller): + - Make most of the variables in networkstatus_getinfo_by_purpose() const. + Implements ticket 24489. diff --git a/changes/bug24502 b/changes/bug24502 deleted file mode 100644 index 3fa6fb58dd..0000000000 --- a/changes/bug24502 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (scheduler): - - Properly set the scheduler state of an unopened channel in the KIST - scheduler main loop. This prevents a harmless but annoying log warning. - Fixes bug 24502; bugfix on 0.3.2.4-alpha. diff --git a/changes/bug24581 b/changes/bug24581 new file mode 100644 index 0000000000..9a5daa01c8 --- /dev/null +++ b/changes/bug24581 @@ -0,0 +1,8 @@ + o Major features (embedding): + - Tor now has support for restarting in the same process. + Controllers that run Tor using the "tor_api.h" interface can now + restart Tor after Tor has exited. This support is incomplete, however: + we have fixed the crash bugs that prevented it from working at all + before, but many bugs probably remain, including the possibility of + security issues. Implements ticket 24581. + diff --git a/changes/bug24582 b/changes/bug24582 new file mode 100644 index 0000000000..8317a082cb --- /dev/null +++ b/changes/bug24582 @@ -0,0 +1,4 @@ + o Minor bugfixes (debugging, memory leaks): + - Fix a harmless memory leak in tor-resolve. Fixes bug 24582; + bugfix on 0.2.1.1-alpha. + diff --git a/changes/bug24584 b/changes/bug24584 new file mode 100644 index 0000000000..071c7c2a13 --- /dev/null +++ b/changes/bug24584 @@ -0,0 +1,5 @@ + o Minor bugfixes (memory cleanup): + - Avoid possible at-exit memory leaks related to use of Libevent's + event_base_once() function. (This function tends to leak memory + if the event_base is closed before the event fires.) Fixes bug 24584; + bugfix on 0.2.8.1-alpha. diff --git a/changes/bug24590 b/changes/bug24590 deleted file mode 100644 index 77e039f8d2..0000000000 --- a/changes/bug24590 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (scheduler, KIST): - - Avoid a possible integer overflow when computing the available space on - the TCP buffer of a channel. This has no security implications but can - make KIST not behave properly by allowing more cells on a already - saturated connection. Fixes bug 24590; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24605 b/changes/bug24605 new file mode 100644 index 0000000000..7ee292b27b --- /dev/null +++ b/changes/bug24605 @@ -0,0 +1,4 @@ + o Minor features (instrumentation): + - Add the MainloopStats option to Tor that allows developers to get + instrumentation information from the main event loop via the heartbeat + messages. Closes ticket 24605. diff --git a/changes/bug24612 b/changes/bug24612 new file mode 100644 index 0000000000..83db7f1df5 --- /dev/null +++ b/changes/bug24612 @@ -0,0 +1,4 @@ + o Minor bugfixes (build): + - Fix output of autoconf checks to display success messages for + Rust dependencies and a suitable rustc compiler version. Fixes + bug 24612; bugfix on 0.3.1.3-alpha. diff --git a/changes/bug24613 b/changes/bug24613 new file mode 100644 index 0000000000..d718f8f942 --- /dev/null +++ b/changes/bug24613 @@ -0,0 +1,4 @@ + o Minor features (performance, 32-bit): + - Improve performance on 32-bit systems by avoiding 64-bit division + to calculate the current timestamp in milliseconds for channel + padding computations. Implements ticket 24613. diff --git a/changes/bug24665 b/changes/bug24665 deleted file mode 100644 index f950d9dd01..0000000000 --- a/changes/bug24665 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (KIST, scheduler): - - The KIST scheduler did not correctly account for data already enqueued - in each connection's send socket buffer, particularly in cases when the - TCP/IP congestion window was reduced between scheduler calls. This - situation lead to excessive per-connection buffering in the kernel, and - a potential memory DoS. Fixes bug 24665; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24666 b/changes/bug24666 deleted file mode 100644 index 830775f5f6..0000000000 --- a/changes/bug24666 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (memory usage): - - - When queuing DESTROY cells on a channel, only queue the - circuit-id and reason fields: not the entire 514-byte - cell. This fix should help mitigate any bugs or attacks that - fill up these queues, and free more RAM for other uses. Fixes - bug 24666; bugfix on 0.2.5.1-alpha. diff --git a/changes/bug24671 b/changes/bug24671 deleted file mode 100644 index 34d09e704d..0000000000 --- a/changes/bug24671 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (scheduler, KIST): - - Use a sane write limit for KISTLite when writing onto a connection - buffer instead of using INT_MAX and shoving as much as it can. Because - the OOM handler cleans up circuit queues, we are better off at keeping - them in that queue instead of the connection's buffer. Fixes bug 24671; - bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24708 b/changes/bug24708 new file mode 100644 index 0000000000..89eb4f97f0 --- /dev/null +++ b/changes/bug24708 @@ -0,0 +1,4 @@ + o Minor bugfixes (fallback directory mirrors): + - Make updateFallbackDirs.py search harder for python. + (Some OSs don't put it in /usr/bin.) + Fixes bug 24708; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug24733 b/changes/bug24733 new file mode 100644 index 0000000000..e333e4fa5d --- /dev/null +++ b/changes/bug24733 @@ -0,0 +1,6 @@ + o Minor bugfixes (code correctness): + - Stop invoking undefined behaviour by using tor_free() on an unaligned + pointer in get_interface_addresses_ioctl(). This pointer alignment issue + exists on x86_64 macOS, but is unlikely to exist elsewhere. + Fixes bug 24733; bugfix on 0.3.0.0-alpha-dev; + not in any released version of tor. diff --git a/changes/cargo-build-problem b/changes/cargo-build-problem new file mode 100644 index 0000000000..6691b0efca --- /dev/null +++ b/changes/cargo-build-problem @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation, rust): + - Build correctly when building from outside Tor's source tree with the + TOR_RUST_DEPENDENCIES option set. Fixes bug 22768; bugfix on 0.3.1.7. diff --git a/changes/feature18329 b/changes/feature18329 deleted file mode 100644 index 1dabf50244..0000000000 --- a/changes/feature18329 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (bridge): - - Bridge relays can now set the BridgeDistribution config option to - add a "bridge-distribution-request" line to their bridge descriptor, - which tells BridgeDB how they'd like their bridge address to be - given out. (Note that as of Oct 2017, BridgeDB does not yet implement - this feature.) As a side benefit, this feature provides a way - to distinguish bridge descriptors from non-bridge descriptors. - Implements tickets 18329. - diff --git a/changes/feature24427 b/changes/feature24427 new file mode 100644 index 0000000000..8650c45d31 --- /dev/null +++ b/changes/feature24427 @@ -0,0 +1,5 @@ + o Minor features (OSX, iOS, performance): + - Use the mach_approximate_time() function (when available) to + implement coarse monotonic time. Having a coarse time function + should avoid a large number of system calls, and improve + performance slightly, especially under load. Closes ticket 24427. diff --git a/changes/geoip-2017-11-06 b/changes/geoip-2017-11-06 deleted file mode 100644 index f034be9006..0000000000 --- a/changes/geoip-2017-11-06 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-2017-12-06 b/changes/geoip-2017-12-06 deleted file mode 100644 index ae4fb1149f..0000000000 --- a/changes/geoip-2017-12-06 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the December 6 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-october2017 b/changes/geoip-october2017 deleted file mode 100644 index 11f623e85f..0000000000 --- a/changes/geoip-october2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/hsdescv3_fuzz_more b/changes/hsdescv3_fuzz_more deleted file mode 100644 index 25626bb9a4..0000000000 --- a/changes/hsdescv3_fuzz_more +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (testing): - - Our fuzzing tests now test the encrypted portions of the - v3 hidden service descriptors. Implements more of 21509. diff --git a/changes/longclaw_23592 b/changes/longclaw_23592 deleted file mode 100644 index 91e2da8972..0000000000 --- a/changes/longclaw_23592 +++ /dev/null @@ -1,3 +0,0 @@ - o Directory authority changes: - - The directory authority "Longclaw" has changed its IP address. - Closes ticket 23592. diff --git a/changes/stack b/changes/stack deleted file mode 100644 index ffdf536cb9..0000000000 --- a/changes/stack +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (correctness): - - Fix several places in our codebase where a C compiler would be likely - to eliminate a check, based on assuming that undefined behavior had not - happened elsewhere in the code. These cases are usually a sign of - redundant checking, or dubious arithmetic. Found by Georg Koppen using - the "STACK" tool from Wang, Zeldovich, Kaashoek, and - Solar-Lezama. Fixes bug 24423; bugfix on various Tor versions. diff --git a/changes/ticket13605 b/changes/ticket13605 new file mode 100644 index 0000000000..0456881ff9 --- /dev/null +++ b/changes/ticket13605 @@ -0,0 +1,5 @@ + o Major features (relay): + - Implement an option, ReducedExitPolicy, to allow an Tor exit relay + operator to use a more reasonable ("reduced") exit policy, rather + than the default one. Closes ticket 13605. Patch from Neel Chauhan. + diff --git a/changes/ticket20020 b/changes/ticket20020 new file mode 100644 index 0000000000..737fb95980 --- /dev/null +++ b/changes/ticket20020 @@ -0,0 +1,4 @@ + o Minor features (logging): + - Improve a warning message that happens when we fail to re-parse + an old router because of an expired certificate. Closes ticket + 20020. diff --git a/changes/ticket20699 b/changes/ticket20699 new file mode 100644 index 0000000000..a93236ba40 --- /dev/null +++ b/changes/ticket20699 @@ -0,0 +1,14 @@ + o Major features (hidden service v3, control port): + - Control port now supports command and events for hidden service v3. See + proposal 284 for more information on what has been done exactly. Only + the HSFETCH command hasn't been implemented at this stage because of a + lack of use case with v3. + + It is now possible to create ephemeral v3 services using the ADD_ONION + command. Here is a summary of the events and commands that have been + modified to support v3: + + Events: HS_DESC, HS_DESC_CONTENT, CIRC and CIRC_MINOR The + Commands: GETINFO, HSPOST, ADD_ONION and DEL_ONION. + + This closes ticket 20699. diff --git a/changes/ticket20895 b/changes/ticket20895 new file mode 100644 index 0000000000..a1d8204997 --- /dev/null +++ b/changes/ticket20895 @@ -0,0 +1,6 @@ + o Minor features (forward-compatibility): + - If a relay supports some link authentication protocol that we do not + recognize, then include that relay's ed25519 key when telling other + relays to extend to it. Previously, we treated future versions as if + they were too old to support ed25519 link authentication. + Closes ticket 20895. diff --git a/changes/ticket21031 b/changes/ticket21031 deleted file mode 100644 index b081fb018f..0000000000 --- a/changes/ticket21031 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor features (removed deprecations): - - The ClientDNSRejectInternalAddresses flag can once again be set in - non-testing Tor networks, so long as they do not use the default - directory authorities. - This change also removes the deprecation of this - flag in 0.2.9.2-alpha. Closes ticket 21031. - diff --git a/changes/ticket22145 b/changes/ticket22145 new file mode 100644 index 0000000000..b53da07e5f --- /dev/null +++ b/changes/ticket22145 @@ -0,0 +1,3 @@ + o Documentation: + - Document that OutboundBindAddress doesn't apply to DNS requests. + Closes ticket 22145. Patch from Aruna Maurya. diff --git a/changes/ticket22321 b/changes/ticket22321 new file mode 100644 index 0000000000..fcac1bccc7 --- /dev/null +++ b/changes/ticket22321 @@ -0,0 +1,3 @@ + o Minor features (fallbacks): + - Update the fallback whitelist and blacklist based on opt-ins and relay + changes. Closes tickets 22321, 24678, 22527, 24135, and 24695. diff --git a/changes/ticket22342 b/changes/ticket22342 new file mode 100644 index 0000000000..53505509d2 --- /dev/null +++ b/changes/ticket22342 @@ -0,0 +1,3 @@ + o Code simplification and refactoring: + - Small changes to Tor's buf_t API to make it suitable for use as + a general-purpose safe string constructor. Closes ticket 22342. diff --git a/changes/ticket22703 b/changes/ticket22703 new file mode 100644 index 0000000000..c1eda615f5 --- /dev/null +++ b/changes/ticket22703 @@ -0,0 +1,6 @@ + o Major features (storage): + - Users can choose to store cached directory documents somewhere other + than the DataDirectory by using the CacheDirectory option. + Similarly, the storage location for relay's keys can be overridden + with the KeyDirectory option. + Closes ticket 22703. diff --git a/changes/ticket22759 b/changes/ticket22759 new file mode 100644 index 0000000000..a393d428a8 --- /dev/null +++ b/changes/ticket22759 @@ -0,0 +1,5 @@ + o Minor features (fallback directory mirrors): + - Add an extrainfo cache flag for each fallback in a C comment. + This allows stem to use fallbacks to fetch extra-info documents, + rather than using authorities. + Implements ticket 22759. diff --git a/changes/ticket22840 b/changes/ticket22840 new file mode 100644 index 0000000000..6d234fb0d4 --- /dev/null +++ b/changes/ticket22840 @@ -0,0 +1,8 @@ + o Major features (Rust experimentation): + - Tor now ships with an optional implementation of one of its smaller + modules (protover.c) in the Rust programming language. To try it + out, install a Rust build environment, and configure Tor with + "--enable-rust --enable-cargo-online-mode". This should not + cause any user-visible changes, but should help us gain more experience + with Rust, and plan future Rust integration work. + Implementation by Chelsea Komlo. Closes ticket 22840. diff --git a/changes/ticket23271 b/changes/ticket23271 new file mode 100644 index 0000000000..42d5921a70 --- /dev/null +++ b/changes/ticket23271 @@ -0,0 +1,6 @@ + o Code simplification and refactoring: + - Separate the function that deletes ephemeral files when Tor stops + gracefully. + o Minor features (cleanup): + - Tor now deletes the CookieAuthFile and ExtORPortCookieAuthFile when it + stops. Closes ticket 23271. diff --git a/changes/ticket23459 b/changes/ticket23459 new file mode 100644 index 0000000000..a6452e4ee3 --- /dev/null +++ b/changes/ticket23459 @@ -0,0 +1,4 @@ + o Code simplification and refactoring (circuit rendezvous): + - Split get rendezvous circuit on client side on two different functions. + One that returns only established circuits and another that returns all + kinds of circuits. Closes ticket 23459. diff --git a/changes/ticket23577 b/changes/ticket23577 new file mode 100644 index 0000000000..7cd80bcb69 --- /dev/null +++ b/changes/ticket23577 @@ -0,0 +1,7 @@ + o Major features (v3 onion services): + - When v3 onion service clients send introduce cells, include the IPv6 + address of the rendezvous point, if it has one. v3 onion services running + 0.3.2 ignore IPv6 addresses. In future Tor versions, IPv6-only v3 single + onion services can use IPv6 addresses to connect directly to the + rendezvous point. Closes ticket 23577. Patch by Neel Chauhan. + diff --git a/changes/ticket23709 b/changes/ticket23709 new file mode 100644 index 0000000000..7948f9ae03 --- /dev/null +++ b/changes/ticket23709 @@ -0,0 +1,11 @@ + o Major feature (channel): + - Remove the incoming and outgoing channel queues. The reason to do so was + due to the fact that they were always empty meaning never used but still + looked at in our fast path. Bottom line, it was an unused code path. + - We've simplify a lot the channel subsystem by removing those queues but + also by removing a lot of unused code or dead code around it. Overall + this is a cleanup removing more than 1500 lines of code overall and + adding very little except for unit test. + - The majority ot the channel unit tests have been rewritten and the code + coverage has now been raised to 83.6% for channel.c. + Closes ticket 23709. diff --git a/changes/ticket23760 b/changes/ticket23760 new file mode 100644 index 0000000000..9213b14627 --- /dev/null +++ b/changes/ticket23760 @@ -0,0 +1,4 @@ + o Code simplification and refactoring: + - We make extend_info_from_node() use node_get_curve25519_onion_key() + introduced in ticket 23577 to access the curve25519 public keys rather + than accessing it directly. Closes ticket 23760. Patch by Neel Chauhan. diff --git a/changes/ticket23845 b/changes/ticket23845 new file mode 100644 index 0000000000..93c150bdb0 --- /dev/null +++ b/changes/ticket23845 @@ -0,0 +1,9 @@ + o Major features (embedding): + - There is now a documented stable API for programs that need to + embed Tor. See tor_api.h for full documentation and known bugs. + Closes ticket 23684. + + o Code simplification and refactoring: + - The tor_git_revision[] constant no longer needs to be redeclared + by everything that links against the rest of Tor. Done as part + of ticket 23845, to simplify our external API. diff --git a/changes/ticket23856 b/changes/ticket23856 deleted file mode 100644 index 049da18d06..0000000000 --- a/changes/ticket23856 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor feature (relay statistics): - - Change relay bandwidth reporting stats interval from 4 hours to 24 hours - in order to reduce the efficiency of guard discovery attacks. Fixes - ticket 23856. diff --git a/changes/ticket23900 b/changes/ticket23900 new file mode 100644 index 0000000000..0f949f4f4e --- /dev/null +++ b/changes/ticket23900 @@ -0,0 +1,7 @@ + o Minor features (API, embedding): + - Tor can now start with a preauthenticated control connection + created by the process that launched it. This feature is meant + for use by programs that want to launch and manage a Tor process + without allowing other programs to manage it as well. + For more information, see the __OwningControllerFD option + documented in control-spec.txt. Closes ticket 23900. diff --git a/changes/ticket23910 b/changes/ticket23910 deleted file mode 100644 index eb38fcf32f..0000000000 --- a/changes/ticket23910 +++ /dev/null @@ -1,3 +0,0 @@ - o Directory authority changes: - - Add bastet as a ninth directory authority to the default list. Closes - ticket 23910. diff --git a/changes/ticket23966 b/changes/ticket23966 new file mode 100644 index 0000000000..72889c4cb6 --- /dev/null +++ b/changes/ticket23966 @@ -0,0 +1,5 @@ + o Code simplification and refactoring: + - Remove duplicate code in node_has_curve25519_onion_key() and + node_get_curve25519_onion_key(), and add a check for a zero microdesc + curve25519 onion key. Closes ticket 23966, patch by "aruna1234" and + "teor". diff --git a/changes/ticket24001 b/changes/ticket24001 new file mode 100644 index 0000000000..4701a38ede --- /dev/null +++ b/changes/ticket24001 @@ -0,0 +1,4 @@ + o Minor features (code correctness, descriptors): + - Check that microdesc ed25519 ids are non-zero in node_get_ed25519_id(), + before returning them. + Implements 24001, patch by "aruna1234". diff --git a/changes/ticket24097 b/changes/ticket24097 deleted file mode 100644 index 36547a8ddb..0000000000 --- a/changes/ticket24097 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (logging): - - Downgrade a pair of log messages that could occur when an exit's - resolver gave us an unusual (but not forbidden) response. - Closes ticket 24097. diff --git a/changes/ticket24109 b/changes/ticket24109 deleted file mode 100644 index f66271817d..0000000000 --- a/changes/ticket24109 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (integration tests): - - Test that IPv6-only clients can use microdescriptors when running - "make test-network-all". Requires chutney master 61c28b9 or later. - Closes ticket 24109. diff --git a/changes/ticket24158 b/changes/ticket24158 deleted file mode 100644 index 3cdc06afae..0000000000 --- a/changes/ticket24158 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (logging): - Only log about no longer having KIST support once. Fixes bug 24158; bugfix - on 0.3.2 diff --git a/changes/ticket24254 b/changes/ticket24254 deleted file mode 100644 index 98d5d6bacd..0000000000 --- a/changes/ticket24254 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation: - Add notes in man page regarding OS support for the various scheduler types. - Attempt to use less jargon in the scheduler section. Closes ticket 24254. diff --git a/changes/ticket24315 b/changes/ticket24315 deleted file mode 100644 index df34dbf412..0000000000 --- a/changes/ticket24315 +++ /dev/null @@ -1,3 +0,0 @@ - o Major features (linux seccomp2 sandbox): - - Update the sandbox rules so that they should now work correctly with - Glibc 2.26. Closes ticket 24315. diff --git a/changes/ticket24363 b/changes/ticket24363 new file mode 100644 index 0000000000..6f90fc066e --- /dev/null +++ b/changes/ticket24363 @@ -0,0 +1,2 @@ + o Code simplification and refactoring: + - Remove /usr/athena from search path in configure.ac. Closes ticket 24363. diff --git a/changes/ticket24425 b/changes/ticket24425 deleted file mode 100644 index aa6f082bcc..0000000000 --- a/changes/ticket24425 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (hidden service v3): - - Bump hsdir_spread_store parameter from 3 to 4 in order to increase the - probability of reaching a service for a client missing microdescriptors. - Fixes bug 24425; bugfix on 0.3.2.1-alpha. diff --git a/changes/ticket24467 b/changes/ticket24467 new file mode 100644 index 0000000000..1b1c223f5f --- /dev/null +++ b/changes/ticket24467 @@ -0,0 +1,3 @@ + o Code simplification and refactoring: + - Switch -Wnormalized=id to -Wnormalized=nfkc in configure.ac to avoid + source code identifier confusion. Closes ticket 24467. diff --git a/changes/ticket24500 b/changes/ticket24500 deleted file mode 100644 index b49b7a5551..0000000000 --- a/changes/ticket24500 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (logging): - - Provide better warnings when the getrandom() syscall fails. - Closes ticket 24500. diff --git a/changes/ticket24501 b/changes/ticket24501 new file mode 100644 index 0000000000..4a87462e9e --- /dev/null +++ b/changes/ticket24501 @@ -0,0 +1,3 @@ + o Minor features (logging): + - Make the log more quantitative when we hit MaxMemInQueues threshold + exposing some values. Closes ticket 24501. diff --git a/changes/ticket24518 b/changes/ticket24518 new file mode 100644 index 0000000000..28d40a3f26 --- /dev/null +++ b/changes/ticket24518 @@ -0,0 +1,4 @@ + o Minor bugfixes (build, rust): + - Don't pass the --quiet option to cargo: it seems to suppress some + errors, which is not what we want to do when building. + Fixes bug 24518; bugfix on 0.3.1.7. diff --git a/changes/ticket24531 b/changes/ticket24531 new file mode 100644 index 0000000000..96a8eea5c3 --- /dev/null +++ b/changes/ticket24531 @@ -0,0 +1,3 @@ + o Code simplification and refactoring: + Add a function to log channels' scheduler state changes to aide debugging + efforts. Closes ticket 24531. diff --git a/changes/ticket24573 b/changes/ticket24573 new file mode 100644 index 0000000000..3026c1a12a --- /dev/null +++ b/changes/ticket24573 @@ -0,0 +1,7 @@ + o Minor bugfixes (IPv6 preferences on bridges): + - Tor now always sets IPv6 preferences for bridges, even if there is only + router information or router status and warns about them. Fixes bug + 24573; bugfix on c213f277cde in 0.2.8.2-alpha. + - Tor now sets IPv6 address in rs as well as it's set the one in ri. Closes + ticket 24572; bugfix on 9e9edf71f7d in 0.2.4.5-alpha. + Patch by "ffmancera". diff --git a/changes/ticket24600 b/changes/ticket24600 new file mode 100644 index 0000000000..c464d0b16e --- /dev/null +++ b/changes/ticket24600 @@ -0,0 +1,5 @@ + o Minor features (fallback directory mirrors): + - Add a nickname to each fallback in a C comment. This makes it easier for + operators to find their relays, and allows stem to use nicknames to + identify fallbacks. + Implements ticket 24600. diff --git a/changes/ticket24677 b/changes/ticket24677 new file mode 100644 index 0000000000..5e6d55186f --- /dev/null +++ b/changes/ticket24677 @@ -0,0 +1,4 @@ + o Minor bugfix (network IPv6 test): + - Tor test now checks if "ping -6 ::1" works when the user runs "make + test-network-all". Fixes bug 24677; bugfix on 0.2.9.3-alpha. + Patch by "ffmancera". diff --git a/changes/ticket24679 b/changes/ticket24679 new file mode 100644 index 0000000000..183e60ae97 --- /dev/null +++ b/changes/ticket24679 @@ -0,0 +1,5 @@ + o Minor features (fallback directory mirrors): + - Remove the "weight=10" line from fallback directory mirror entries. + Ticket 24681 will maintain the current fallback weights by changing + Tor's default fallback weight to 10. + Implements ticket 24679. diff --git a/changes/ticket24706 b/changes/ticket24706 new file mode 100644 index 0000000000..fadb7a23be --- /dev/null +++ b/changes/ticket24706 @@ -0,0 +1,6 @@ + o Minor features (fallback directory mirrors): + - Add the generateFallbackDirLine.py script for automatically generating + fallback directory mirror lines from relay fingerprints. No more typos! + Add the lookupFallbackDirContact.py script for automatically looking up + operator contact info from relay fingerprints. + Implements ticket 24706, patch by teor and atagar. diff --git a/changes/ticket24725 b/changes/ticket24725 new file mode 100644 index 0000000000..9db7ef8b10 --- /dev/null +++ b/changes/ticket24725 @@ -0,0 +1,5 @@ + o Minor features (fallback directory mirrors): + - Add a type and version header to the fallback directory mirror file. + Also add a delimiter to the end of each fallback entry. + This helps external parsers like stem and Relay Search. + Implements ticket 24725. diff --git a/changes/ticket24726 b/changes/ticket24726 new file mode 100644 index 0000000000..2bbdfa91af --- /dev/null +++ b/changes/ticket24726 @@ -0,0 +1,4 @@ + o Minor features (fallback directory mirrors): + - Remove commas and equals signs from external string inputs to the + fallback list. This avoids format confusion attacks. + Implements ticket 24726. diff --git a/changes/ticket24785 b/changes/ticket24785 new file mode 100644 index 0000000000..39667cb8db --- /dev/null +++ b/changes/ticket24785 @@ -0,0 +1,6 @@ + o Minor features (fallbacks): + - Avoid selecting fallbacks that change their IP addresses too often. + Select more fallbacks by ignoring the Guard flag, and allowing lower + cutoffs for the Running and V2Dir flags. Also allow a lower bandwidth, + and a higher number of fallbacks per operator (5% of the list). + Implements ticket 24785. diff --git a/changes/ticket24791 b/changes/ticket24791 new file mode 100644 index 0000000000..092ae85111 --- /dev/null +++ b/changes/ticket24791 @@ -0,0 +1,3 @@ + o Code simplification and refactoring (fallbacks): + - Stop logging excessive information about fallback netblocks. + Implements ticket 24791. diff --git a/changes/trove-2017-009 b/changes/trove-2017-009 deleted file mode 100644 index 166a5faec6..0000000000 --- a/changes/trove-2017-009 +++ /dev/null @@ -1,10 +0,0 @@ - o Major bugfixes (security): - - When checking for replays in the INTRODUCE1 cell data for a (legacy) - hiddden service, correctly detect replays in the RSA-encrypted part of - the cell. We were previously checking for replays on the entire cell, - but those can be circumvented due to the malleability of Tor's legacy - hybrid encryption. This fix helps prevent a traffic confirmation - attack. Fixes bug 24244; bugfix on 0.2.4.1-alpha. This issue is also - tracked as TROVE-2017-009 and CVE-2017-8819. - - diff --git a/changes/trove-2017-010 b/changes/trove-2017-010 deleted file mode 100644 index d5bf9333da..0000000000 --- a/changes/trove-2017-010 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (security): - - Fix a denial-of-service issue where an attacker could crash - a directory authority using a malformed router descriptor. - Fixes bug 24245; bugfix on 0.2.9.4-alpha. Also tracked - as TROVE-2017-010 and CVE-2017-8820. - diff --git a/changes/trove-2017-011 b/changes/trove-2017-011 deleted file mode 100644 index 82d20d9e78..0000000000 --- a/changes/trove-2017-011 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (security): - - Fix a denial of service bug where an attacker could use a malformed - directory object to cause a Tor instance to pause while OpenSSL would - try to read a passphrase from the terminal. (If the terminal was not - available, tor would continue running.) Fixes bug 24246; bugfix on - every version of Tor. Also tracked as TROVE-2017-011 and - CVE-2017-8821. Found by OSS-Fuzz as testcase 6360145429790720. - diff --git a/changes/trove-2017-012-part1 b/changes/trove-2017-012-part1 deleted file mode 100644 index 9fccc2cf65..0000000000 --- a/changes/trove-2017-012-part1 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (security, relay): - - When running as a relay, make sure that we never build a path through - ourselves, even in the case where we have somehow lost the version of - our descriptor appearing in the consensus. Fixes part of bug 21534; - bugfix on 0.2.0.1-alpha. This issue is also tracked as TROVE-2017-012 - and CVE-2017-8822. diff --git a/changes/trove-2017-012-part2 b/changes/trove-2017-012-part2 deleted file mode 100644 index ed994c5b02..0000000000 --- a/changes/trove-2017-012-part2 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (security, relay): - - When running as a relay, make sure that we never ever choose ourselves - as a guard. Previously, this was possible. Fixes part of bug 21534; - bugfix on 0.3.0.1-alpha. This issue is also tracked as TROVE-2017-012 - and CVE-2017-8822. |