aboutsummaryrefslogtreecommitdiff
path: root/changes
diff options
context:
space:
mode:
Diffstat (limited to 'changes')
-rw-r--r--changes/6783_big_hammer6
-rw-r--r--changes/address_tests2
-rw-r--r--changes/bug199211
-rw-r--r--changes/bug22865
-rw-r--r--changes/bug35943
-rw-r--r--changes/bug42824
-rw-r--r--changes/bug51705
-rw-r--r--changes/bug55844
-rw-r--r--changes/bug56505
-rw-r--r--changes/bug61746
-rw-r--r--changes/bug62066
-rw-r--r--changes/bug63044
-rw-r--r--changes/bug65064
-rw-r--r--changes/bug65205
-rw-r--r--changes/bug65724
-rw-r--r--changes/bug66734
-rw-r--r--changes/bug67525
-rw-r--r--changes/bug70544
-rw-r--r--changes/bug70655
-rw-r--r--changes/bug71434
-rw-r--r--changes/bug7164_diagnostic4
-rw-r--r--changes/bug72804
-rw-r--r--changes/bug730211
-rw-r--r--changes/bug73504
-rw-r--r--changes/bug75829
-rw-r--r--changes/bug7707_diagnostic5
-rw-r--r--changes/bug77683
-rw-r--r--changes/bug77997
-rw-r--r--changes/bug780113
-rw-r--r--changes/bug7816.0248
-rw-r--r--changes/bug7816_0237
-rw-r--r--changes/bug7816_023_small3
-rw-r--r--changes/bug79027
-rw-r--r--changes/bug79128
-rw-r--r--changes/bug79474
-rw-r--r--changes/bug79504
-rw-r--r--changes/bug80025
-rw-r--r--changes/bug80145
-rw-r--r--changes/bug80317
-rw-r--r--changes/bug80378
-rw-r--r--changes/bug80596
-rw-r--r--changes/bug80625
-rw-r--r--changes/bug80656
-rw-r--r--changes/bug8093.part23
-rw-r--r--changes/bug811713
-rw-r--r--changes/bug81217
-rw-r--r--changes/bug81515
-rw-r--r--changes/bug81583
-rw-r--r--changes/bug81616
-rw-r--r--changes/bug81807
-rw-r--r--changes/bug8185_diagnostic3
-rw-r--r--changes/bug82005
-rw-r--r--changes/bug82034
-rw-r--r--changes/bug82077
-rw-r--r--changes/bug82084
-rw-r--r--changes/bug82096
-rw-r--r--changes/bug82106
-rw-r--r--changes/bug82186
-rw-r--r--changes/bug82315
-rw-r--r--changes/bug8235-diagnosing5
-rw-r--r--changes/bug82733
-rw-r--r--changes/bug82909
-rw-r--r--changes/bug83773
-rw-r--r--changes/bug84084
-rw-r--r--changes/bug84275
-rw-r--r--changes/bug84354
-rw-r--r--changes/bug84645
-rw-r--r--changes/bug84754
-rw-r--r--changes/bug8477-easypart3
-rw-r--r--changes/bug85303
-rw-r--r--changes/bug85324
-rw-r--r--changes/bug85613
-rw-r--r--changes/bug85875
-rw-r--r--changes/bug85963
-rw-r--r--changes/bug85986
-rw-r--r--changes/bug85994
-rw-r--r--changes/bug86383
-rw-r--r--changes/bug87893
-rw-r--r--changes/bug87906
-rw-r--r--changes/bug87915
-rw-r--r--changes/bug87924
-rw-r--r--changes/bug89294
-rw-r--r--changes/bug90304
-rw-r--r--changes/bug90433
-rw-r--r--changes/bug90637
-rw-r--r--changes/bug92586
-rw-r--r--changes/bug92674
-rw-r--r--changes/cov9806504
-rw-r--r--changes/easy.ratelim3
-rw-r--r--changes/fancy_testing27
-rw-r--r--changes/feature49947
-rw-r--r--changes/fix-geoipexclude-doc4
-rw-r--r--changes/fomit-frame-pointer6
-rw-r--r--changes/geoip-apr20133
-rw-r--r--changes/geoip-feb20133
-rw-r--r--changes/geoip-mar20133
-rw-r--r--changes/integers_donna3
-rw-r--r--changes/log-noise11
-rw-r--r--changes/onion_tap_tests2
-rw-r--r--changes/seccomp2_sandbox12
-rw-r--r--changes/signof_enum7
-rw-r--r--changes/ticket22678
-rw-r--r--changes/ticket82404
-rw-r--r--changes/ticket84434
-rw-r--r--changes/ticket_92146
-rw-r--r--changes/warn-unsigned-time_t6
106 files changed, 155 insertions, 419 deletions
diff --git a/changes/6783_big_hammer b/changes/6783_big_hammer
deleted file mode 100644
index 2ff3249b33..0000000000
--- a/changes/6783_big_hammer
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major features (deprecation):
- - There's now a "DisableV2DirectoryInfo_" option that prevents us
- from serving any directory requests for v2 directory information.
- This is for us to test disabling the old deprecated V2 directory
- format, so that we can see whether doing so has any effect on
- network load. Part of a fix for bug 6783.
diff --git a/changes/address_tests b/changes/address_tests
new file mode 100644
index 0000000000..b5a8012436
--- /dev/null
+++ b/changes/address_tests
@@ -0,0 +1,2 @@
+ o New unit tests:
+ - More unit tests for address-manipulation functions.
diff --git a/changes/bug1992 b/changes/bug1992
deleted file mode 100644
index 6a751dc7e6..0000000000
--- a/changes/bug1992
+++ /dev/null
@@ -1,11 +0,0 @@
- o Minor bugfixes:
- - Stop trying to resolve our hostname so often (e.g. every time we
- think about doing a directory fetch). Now we reuse the cached
- answer in some cases. Fixes bugs 1992 (bugfix on 0.2.0.20-rc)
- and 2410 (bugfix on 0.1.2.2-alpha).
-
- o Minor features:
- - Make bridge relays check once a minute for whether their IP
- address has changed, rather than only every 15 minutes. Resolves
- bugs 1913 and 1992.
-
diff --git a/changes/bug2286 b/changes/bug2286
deleted file mode 100644
index 4f8dfbbf68..0000000000
--- a/changes/bug2286
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major features (directory authority):
- - Directory authorities now support a new consensus method (17)
- where they cap the published bandwidth of servers for which
- insufficient bandwidth measurements exist. Fixes part of bug
- 2286.
diff --git a/changes/bug3594 b/changes/bug3594
new file mode 100644
index 0000000000..110252d008
--- /dev/null
+++ b/changes/bug3594
@@ -0,0 +1,3 @@
+ o Major bugfixes:
+ - Add support for passing arguments to managed pluggable transport
+ proxies. Implements ticket #3594.
diff --git a/changes/bug4282 b/changes/bug4282
new file mode 100644
index 0000000000..4d4f4896fe
--- /dev/null
+++ b/changes/bug4282
@@ -0,0 +1,4 @@
+ o Code simplifications and refactoring:
+ - Extract the common duplicated code for creating a subdirectory
+ of the data directory and writing to a file in it. Fixes ticket
+ 4282; patch from Peter Retzlaff.
diff --git a/changes/bug5170 b/changes/bug5170
new file mode 100644
index 0000000000..4e52c5ea6b
--- /dev/null
+++ b/changes/bug5170
@@ -0,0 +1,5 @@
+ o Code simplification and refactoring:
+ - Remove contrib/id_to_fp.c since it wasn't used anywhere.
+ - Since OpenSSL 0.9.7 i2d_* functions support allocating output
+ buffer. Avoid calling twice: i2d_RSAPublicKey, i2d_DHparams,
+ i2d_X509, i2d_PublicKey. Fixes #5170.
diff --git a/changes/bug5584 b/changes/bug5584
new file mode 100644
index 0000000000..a81be00ae4
--- /dev/null
+++ b/changes/bug5584
@@ -0,0 +1,4 @@
+ o Minor features:
+ - Raise awareness of safer logging - notice user of potentially
+ unsafe configuration options: logging above "notice" or
+ clearning SafeLogging flag. Fixes #5584.
diff --git a/changes/bug5650 b/changes/bug5650
deleted file mode 100644
index 401e317074..0000000000
--- a/changes/bug5650
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major bugfixes:
- - Avoid a bug where our response to TLS renegotation under certain
- network conditions could lead to a busy-loop, with 100% CPU
- consumption. Fixes bug 5650; bugfix on 0.2.0.16-alpha.
-
diff --git a/changes/bug6174 b/changes/bug6174
deleted file mode 100644
index 79d2930ec3..0000000000
--- a/changes/bug6174
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major bugfixes:
- - When we mark a circuit as unusable for new circuits, have it
- continue to be unusable for new circuits even if MaxCircuitDirtiness
- is increased too much at the wrong time, or the system clock jumped
- backwards. Fix for bug 6174; bugfix on 0.0.2pre26.
-
diff --git a/changes/bug6206 b/changes/bug6206
deleted file mode 100644
index 61a16d291a..0000000000
--- a/changes/bug6206
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - Always check the return values of functions fcntl() and
- setsockopt(). We don't believe these are ever actually failing in
- practice, but better safe than sorry. Also, checking these return
- values should please some analysis tools (like Coverity). Patch
- from 'flupzor'. Fix for bug 8206; bugfix on all versions of Tor.
diff --git a/changes/bug6304 b/changes/bug6304
deleted file mode 100644
index 445560a8e1..0000000000
--- a/changes/bug6304
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Behave correctly when the user disables LearnCircuitBuildTimeout
- but doesn't tell us what they would like the timeout to be. Fixes
- bug 6304; bugfix on 0.2.2.14-alpha.
diff --git a/changes/bug6506 b/changes/bug6506
new file mode 100644
index 0000000000..4c6f4900da
--- /dev/null
+++ b/changes/bug6506
@@ -0,0 +1,4 @@
+ o Minor features (build):
+ - Detect a missing asciidoc, and warn the user about it, during
+ configure, rather than at build time. Fixes issue 6506. Patch
+ from Arlo Breault.
diff --git a/changes/bug6520 b/changes/bug6520
new file mode 100644
index 0000000000..9f24f0dc39
--- /dev/null
+++ b/changes/bug6520
@@ -0,0 +1,5 @@
+ o Removed features:
+ - Remove migration code from when we renamed the "cached-routers"
+ file to "cached-descriptors" back in 0.2.0.8-alpha. This
+ incidentally resolves #6502 by cleaning up the related code
+ a bit. Patch from Akshay Hebbar.
diff --git a/changes/bug6572 b/changes/bug6572
deleted file mode 100644
index 6508d1bcb5..0000000000
--- a/changes/bug6572
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (log messages)
- - Use circuit creation time for network liveness evaluation. This
- should eliminate warning log messages about liveness caused by
- changes in timeout evaluation. Fixes bug 6572; bugfix on 0.2.4.8-alpha.
diff --git a/changes/bug6673 b/changes/bug6673
deleted file mode 100644
index 506b449892..0000000000
--- a/changes/bug6673
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (build):
- - Detect and reject attempts to build Tor with threading support
- when OpenSSL have been compiled with threading support disabled.
- Fixes bug 6673.
diff --git a/changes/bug6752 b/changes/bug6752
new file mode 100644
index 0000000000..8d620d56ee
--- /dev/null
+++ b/changes/bug6752
@@ -0,0 +1,5 @@
+ o Minor features:
+ - Lower directory fetch retry schedules and maximum interval without
+ directory requests, and raise maximum download tries in testing
+ networks. Implements #6752.
+
diff --git a/changes/bug7054 b/changes/bug7054
deleted file mode 100644
index 15680d72ce..0000000000
--- a/changes/bug7054
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (man page):
- - Say "KBytes" rather than "KB" in the man page (for various values
- of K), to further reduce confusion about whether Tor counts in
- units of memory or fractions of units of memory. Fixes bug 7054.
diff --git a/changes/bug7065 b/changes/bug7065
deleted file mode 100644
index 1ca6841021..0000000000
--- a/changes/bug7065
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfix (log cleanups):
- - Eliminate several instances where we use Nickname=ID to refer to
- nodes in logs. Use Nickname (ID) instead. (Elsewhere, we still use
- $ID=Nickname, which is also acceptable.) Fixes bug #7065. Bugfix
- on 0.2.3.21-rc, 0.2.4.5-alpha, 0.2.4.8-alpha, and 0.2.4.10-alpha.
diff --git a/changes/bug7143 b/changes/bug7143
deleted file mode 100644
index d26135ae65..0000000000
--- a/changes/bug7143
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (build):
- - Add the old src/or/micro-revision.i filename to CLEANFILES.
- On the off chance that somebody has one, it will go away as soon
- as they run "make clean". Fix for bug 7143; bugfix on 0.2.4.1-alpha.
diff --git a/changes/bug7164_diagnostic b/changes/bug7164_diagnostic
deleted file mode 100644
index 8bedfc4bd5..0000000000
--- a/changes/bug7164_diagnostic
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (bug diagnostic):
- - If we fail to free a microdescriptor because of bug #7164, log
- the filename and line number from which we tried to free it.
- This should help us finally fix #7164.
diff --git a/changes/bug7280 b/changes/bug7280
deleted file mode 100644
index ef5d36a802..0000000000
--- a/changes/bug7280
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Fix some bugs in tor-fw-helper-natpmp when trying to build and
- run it on Windows. More bugs likely remain. Patch from Gisle Vanem.
- Fixes bug 7280; bugfix on 0.2.3.1-alpha.
diff --git a/changes/bug7302 b/changes/bug7302
deleted file mode 100644
index fec615ff90..0000000000
--- a/changes/bug7302
+++ /dev/null
@@ -1,11 +0,0 @@
- o Minor bugfixes:
- - Don't log inappropriate heartbeat messages when hibernating: a
- hibernating node is _expected_ to drop out of the consensus,
- decide it isn't bootstrapped, and so forth. Fixes part of bug
- 7302; bugfix on 0.2.3.1-alpha.
-
- - Don't complain about bootstrapping problems while hibernating.
- These complaints reflect a general code problems, but not one
- with any problematic effects. (No connections are actually
- opened.) Fixes part of bug 7302; bugfix on 0.2.3.2-alpha.
-
diff --git a/changes/bug7350 b/changes/bug7350
deleted file mode 100644
index b0ee9d0919..0000000000
--- a/changes/bug7350
+++ /dev/null
@@ -1,4 +0,0 @@
- o Major bugfixes:
- - Avoid an assertion when we discover that we'd like to write a cell
- onto a closing connection: just discard the cell. Fixes another
- case of bug 7350; bugfix on 0.2.4.4-alpha.
diff --git a/changes/bug7582 b/changes/bug7582
deleted file mode 100644
index f3b0635765..0000000000
--- a/changes/bug7582
+++ /dev/null
@@ -1,9 +0,0 @@
- o Major bugfixes:
-
- - When an exit node tells us that it is rejecting because of its
- exit policy a stream we expected it to accept (because of its exit
- policy), do not mark the node as useless for exiting if our
- expectation was only based on an exit policy summary. Instead,
- mark the circuit as unsuitable for that particular address. Fixes
- part of bug 7582; bugfix on 0.2.3.2-alpha.
-
diff --git a/changes/bug7707_diagnostic b/changes/bug7707_diagnostic
deleted file mode 100644
index 0c3138e785..0000000000
--- a/changes/bug7707_diagnostic
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features:
- - Add another diagnostic to the heartbeat message: track and log
- overhead that TLS is adding to the data we write. If this is
- high, we are sending too little data to SSL_write at a time.
- Diagnostic for bug 7707.
diff --git a/changes/bug7768 b/changes/bug7768
deleted file mode 100644
index e3f9600afb..0000000000
--- a/changes/bug7768
+++ /dev/null
@@ -1,3 +0,0 @@
- o Documentation fixes:
- - Update tor-fw-helper.1.txt and tor-fw-helper.c to make option
- names match. Fixes bug 7768.
diff --git a/changes/bug7799 b/changes/bug7799
deleted file mode 100644
index ed4570129c..0000000000
--- a/changes/bug7799
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor changes (log clarification)
- - Add more detail to a log message about relaxed timeouts. Hopefully
- this additional detail will allow us to diagnose the cause of bug 7799.
- o Minor bugfixes
- - Don't attempt to relax the timeout of already opened 1-hop circuits.
- They might never timeout. This should eliminate some/all cases of
- the relaxed timeout log message.
diff --git a/changes/bug7801 b/changes/bug7801
deleted file mode 100644
index 1d6d021f3f..0000000000
--- a/changes/bug7801
+++ /dev/null
@@ -1,13 +0,0 @@
- o Minor bugfixes:
- - When choosing which stream on a formerly stalled circuit to wake
- first, make better use of the platform's weak RNG. Previously, we
- had been using the % ("modulo") operator to try to generate a 1/N
- chance of picking each stream, but this behaves badly with many
- platforms' choice of weak RNG. Fix for bug 7801; bugfix on
- 0.2.2.20-alpha.
- - Use our own weak RNG when we need a weak RNG. Windows's rand()
- and Irix's random() only return 15 bits; Solaris's random()
- returns more bits but its RAND_MAX says it only returns 15, and
- so on. Fixes another aspect of bug 7801; bugfix on
- 0.2.2.20-alpha.
-
diff --git a/changes/bug7816.024 b/changes/bug7816.024
deleted file mode 100644
index b5d55f5d6d..0000000000
--- a/changes/bug7816.024
+++ /dev/null
@@ -1,8 +0,0 @@
- o Minor bugfixes:
- - Avoid leaking IPv6 policy content if we fail to format it into
- a router descriptor. Spotted by Coverity. Fixes part of 7816;
- bugfix on 0.2.4.7-alpha.
-
- - Avoid leaking memory if we fail to compute a consensus signature
- or we generated a consensus we couldn't parse. Spotted by Coverity.
- Fixes part of 7816; bugfix on 0.2.0.5-alpha.
diff --git a/changes/bug7816_023 b/changes/bug7816_023
deleted file mode 100644
index a4530292cc..0000000000
--- a/changes/bug7816_023
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes (memory leak, controller):
- - Fix a memory leak during safe-cookie controller authentication.
- Spotted by Coverity. Fixes part of bug 7816; bugfix on 0.2.3.13-alpha.
-
- o Minor bugfixes (memory leak, HTTPS proxy support):
- - Fix a memory leak when receiving headers from an HTTPS proxy.
- Spotted by Coverity. Fixes part of bug 7816; bugfix on 0.2.1.1-alpha.
diff --git a/changes/bug7816_023_small b/changes/bug7816_023_small
deleted file mode 100644
index cd90f035f1..0000000000
--- a/changes/bug7816_023_small
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes:
- - Fix various places where we leak file descriptors or memory on
- error cases. Spotted by coverity. Fixes parts of bug 7816.
diff --git a/changes/bug7902 b/changes/bug7902
deleted file mode 100644
index 051759dc0a..0000000000
--- a/changes/bug7902
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes:
- - When we receive a RELAY_END cell with the reason DONE, or with no
- reason, before receiving a RELAY_CONNECTED cell, report the SOCKS
- status as "connection refused." Previously we reporting these
- cases as success but then immediately closing the connection.
- Fixes bug 7902; bugfix on 0.1.0.1-rc. Reported by "oftc_must_
- be_destroyed."
diff --git a/changes/bug7912 b/changes/bug7912
new file mode 100644
index 0000000000..48c65d2241
--- /dev/null
+++ b/changes/bug7912
@@ -0,0 +1,8 @@
+ o Major bugfixes:
+ - Instead of writing destroy cells directly to outgoing connection
+ buffers, queue them and intersperse them with other outgoing cells.
+ This can prevent a set of resource starvation conditions where too
+ many pending destroy cells prevent data cells from actually getting
+ delivered. Reported by "oftc_must_be_destroyed". Fixes bug 7912;
+ bugfix on 0.2.0.1-alpha.
+
diff --git a/changes/bug7947 b/changes/bug7947
deleted file mode 100644
index 6200ba2d8a..0000000000
--- a/changes/bug7947
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Fix the handling of a TRUNCATE cell when it arrives while the circuit
- extension is in progress. Fixes bug 7947; bugfix on 0.0.7.1.
-
diff --git a/changes/bug7950 b/changes/bug7950
deleted file mode 100644
index e62cca07a1..0000000000
--- a/changes/bug7950
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - When rejecting a configuration because we were unable to parse a
- quoted string, log an actual error message. Fix for bug 7950;
- bugfix on 0.2.0.16-alpha.
diff --git a/changes/bug8002 b/changes/bug8002
deleted file mode 100644
index d6e2ff2492..0000000000
--- a/changes/bug8002
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - When autodetecting the number of CPUs, use the number of available
- CPUs in preferernce to the number of configured CPUs. Inform the
- user if this reduces the number of avialable CPUs. Fix for bug 8002.
- Bugfix on 0.2.3.1-alpha.
diff --git a/changes/bug8014 b/changes/bug8014
deleted file mode 100644
index c09a86098c..0000000000
--- a/changes/bug8014
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor usability improvements (build):
- - Clarify that when autconf is checking for nacl, it is checking
- specifically for nacl with a fast curve25519 implementation.
- Fixes bug 8014.
-
diff --git a/changes/bug8031 b/changes/bug8031
deleted file mode 100644
index 17329ec5b5..0000000000
--- a/changes/bug8031
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes:
- - Use direct writes rather than stdio when building microdescriptor
- caches, in an attempt to mitigate bug 8031, or at least make it
- less common.
- - Warn more aggressively when flushing microdescriptors to a
- microdescriptor cache fails, in an attempt to mitegate bug 8031,
- or at least make it more diagnosable.
diff --git a/changes/bug8037 b/changes/bug8037
deleted file mode 100644
index 989745fc39..0000000000
--- a/changes/bug8037
+++ /dev/null
@@ -1,8 +0,0 @@
- o Minor bugfixes:
- - Correctly store microdescriptors and extrainfo descriptors with
- an internal NUL byte. Fixes bug 8037; bugfix on 0.2.0.1-alpha.
- Bug reported by "cypherpunks".
-
- o Minor features:
- - Reject as invalid most directory objects containing a
- NUL. Belt-and-suspender fix for bug 8037.
diff --git a/changes/bug8059 b/changes/bug8059
deleted file mode 100644
index 47273ed0ac..0000000000
--- a/changes/bug8059
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes (protocol conformance):
- - Fix a misframing issue when reading the version numbers in a
- VERSIONS cell. Previously we would recognize [00 01 00 02] as
- 'version 1, version 2, and version 0x100', when it should have
- only included versions 1 and 2. Fixes bug 8059; bugfix on
- 0.2.0.10-alpha. Reported pseudonymously.
diff --git a/changes/bug8062 b/changes/bug8062
deleted file mode 100644
index 805e51ed41..0000000000
--- a/changes/bug8062
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - Increase the width of the field used to remember a connection's
- link protocol version to two bytes. Harmless for now, since the
- only currently recognized versions are one byte long. Reported
- pseudynmously. Fixes bug 8062, bugfix on 0.2.0.10-alpha.
diff --git a/changes/bug8065 b/changes/bug8065
deleted file mode 100644
index 06dbae8cd7..0000000000
--- a/changes/bug8065
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - Downgrade an assertion in connection_ap_expire_beginning to
- an LD_BUG message. The fix for bug 8024 should prevent this
- message from displaying, but just in case a warn that we can
- diagnose is better than more assert crashes. Fix for bug 8065;
- bugfix on 0.2.4.8-alpha.
diff --git a/changes/bug8093.part2 b/changes/bug8093.part2
new file mode 100644
index 0000000000..263c7e8b86
--- /dev/null
+++ b/changes/bug8093.part2
@@ -0,0 +1,3 @@
+ o Minor features:
+ - Return the "unexpected sendme" warnings to a warn severity, but make
+ them rate limited. Related to ticket #8093.
diff --git a/changes/bug8117 b/changes/bug8117
deleted file mode 100644
index 910e8056f4..0000000000
--- a/changes/bug8117
+++ /dev/null
@@ -1,13 +0,0 @@
- o Major bugfixes:
-
- - Many SOCKS5 clients, when configured to offer a username/password,
- offer both username/password authentication and "no authentication".
- Tor had previously preferred no authentication, but this was
- problematic when trying to make applications get proper stream
- isolation with IsolateSOCKSAuth. Now, on any SOCKS port with
- IsolateSOCKSAuth turned on (which is the default), Tor selects
- username/password authentication if it's offered. If this confuses your
- application, you can disable it on a per-SOCKSPort basis via
- PreferSOCKSNoAuth. Fixes bug 8117; bugfix on 0.2.3.3-alpha.
-
-
diff --git a/changes/bug8121 b/changes/bug8121
deleted file mode 100644
index 60cba72848..0000000000
--- a/changes/bug8121
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor features:
- - Clear the high bit on curve25519 public keys before passing them to
- our backend, in case we ever wind up using a backend that doesn't do
- so itself. If we used such a backend, and *didn't* clear the high bit,
- we could wind up in a situation where users with such backends would
- be distinguishable from users without. Fix for bug 8121; bugfix on
- 0.2.4.8-alpha.
diff --git a/changes/bug8151 b/changes/bug8151
deleted file mode 100644
index e20fa3c31a..0000000000
--- a/changes/bug8151
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (directory authority):
- - Include inside each vote a statement of the performance
- thresholds that made the authority vote for its flags. Implements
- ticket 8151.
- \ No newline at end of file
diff --git a/changes/bug8158 b/changes/bug8158
deleted file mode 100644
index 65b21c2a26..0000000000
--- a/changes/bug8158
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes:
- - Use less space when formatting identical microdescriptor lines in
- directory votes. Fixes bug 8158; bugfix on 0.2.4.1-alpha.
diff --git a/changes/bug8161 b/changes/bug8161
deleted file mode 100644
index ab7b9c0cad..0000000000
--- a/changes/bug8161
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor changes:
- - Lower path use bias thresholds to .80 for notice and .60 for warn.
- Fixes bug #8161; bugfix on 0.2.4.10-alpa.
- - Make the rate limiting flags for the path use bias log messages
- independent from the original path bias flags. Fixes bug #8161;
- bugfix on 0.2.4.10-alpha.
diff --git a/changes/bug8180 b/changes/bug8180
deleted file mode 100644
index 39e6ce7f9a..0000000000
--- a/changes/bug8180
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes (security usability):
- - Elevate the severity of the warning message when setting
- EntryNodes but disabling UseGuardNodes to an error. The outcome
- of letting Tor procede with those options enabled (which causes
- EntryNodes to get ignored) is sufficiently different from what
- was expected that it's best to just refuse to proceed. Fixes bug
- 8180; bugfix on 0.2.3.11-alpha.
diff --git a/changes/bug8185_diagnostic b/changes/bug8185_diagnostic
deleted file mode 100644
index b0f8884758..0000000000
--- a/changes/bug8185_diagnostic
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features:
- - Improve debugging output to attempt to diagnose the underlying
- cause of bug 8185.
diff --git a/changes/bug8200 b/changes/bug8200
deleted file mode 100644
index 65fc9dd03a..0000000000
--- a/changes/bug8200
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfix:
- - Stop sending a stray "(null)" in some cases for the server status
- "EXTERNAL_ADDRESS" controller event. Resolves bug 8200; bugfix
- on 0.1.2.6-alpha.
-
diff --git a/changes/bug8203 b/changes/bug8203
deleted file mode 100644
index d26dc0fccf..0000000000
--- a/changes/bug8203
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Make the format and order of STREAM events for DNS lookups consistent
- among the various ways to launch DNS lookups. Fix for bug 8203;
- bugfix on 0.2.0.24-rc. Patch by "Desoxy."
diff --git a/changes/bug8207 b/changes/bug8207
deleted file mode 100644
index 0028d3380f..0000000000
--- a/changes/bug8207
+++ /dev/null
@@ -1,7 +0,0 @@
- o Major bugfixes (hidden services):
- - Allow hidden service authentication to succeed again. When we
- refactored the hidden service introduction code back in 0.2.4.1-alpha,
- we didn't update the code that checks whether authentication
- information is present, causing all authentication checks to
- return "false". Fix for bug 8207; bugfix on 0.2.4.1-alpha. Found by
- Coverity; this is CID 718615.
diff --git a/changes/bug8208 b/changes/bug8208
deleted file mode 100644
index c85db90b52..0000000000
--- a/changes/bug8208
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Avoid a crash if we fail to generate an extrinfo descriptor.
- Fixes bug 8208; bugfix on 0.2.3.16-alpha. Found by Coverity;
- this is CID 718634.
diff --git a/changes/bug8209 b/changes/bug8209
deleted file mode 100644
index c58923540b..0000000000
--- a/changes/bug8209
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - When detecting the largest possible file descriptor (in order to close
- all file descriptors when launching a new program), actually use
- _SC_OPEN_MAX. The old code for doing this was very, very broken.
- Fix for bug 8209; bugfix on 0.2.3.1-alpha. Found by Coverity; this
- is CID 743383.
diff --git a/changes/bug8210 b/changes/bug8210
deleted file mode 100644
index 85d41b844a..0000000000
--- a/changes/bug8210
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - Fix an impossible-to-trigger integer overflow when
- estimating how long out onionskin queue would take. (This overflow
- would require us to accept 4 million onionskins before processing
- 100 of them.) Fixes bug 8210; bugfix on 0.2.4.10-alpha.
-
diff --git a/changes/bug8218 b/changes/bug8218
deleted file mode 100644
index ce8d53ba62..0000000000
--- a/changes/bug8218
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major bugfixes:
- - Stop marking every relay as having been down for one hour every
- time we restart a directory authority. These artificial downtimes
- were messing with our Stable and Guard flag calculations. Fixes
- bug 8218 (introduced by the fix for 1035). Bugfix on 0.2.2.23-alpha.
-
diff --git a/changes/bug8231 b/changes/bug8231
deleted file mode 100644
index fd87a1daec..0000000000
--- a/changes/bug8231
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major bugfixes:
- - When unable to find any working directory nodes to use as a
- directory guard, give up rather than adding the same non-working
- nodes to the list over and over. Fixes bug 8231; bugfix on
- 0.2.4.8-alpha.
diff --git a/changes/bug8235-diagnosing b/changes/bug8235-diagnosing
deleted file mode 100644
index b760035cfc..0000000000
--- a/changes/bug8235-diagnosing
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (diagnostic)
- - If the state file's path bias counts are invalid (presumably from a
- buggy tor prior to 0.2.4.10-alpha), make them correct.
- - Add additional checks and log messages to the scaling of Path Bias
- counts, in case there still are remaining issues with scaling.
diff --git a/changes/bug8273 b/changes/bug8273
deleted file mode 100644
index 257f57e7ab..0000000000
--- a/changes/bug8273
+++ /dev/null
@@ -1,3 +0,0 @@
- o Critical bugfixes:
- - When dirserv.c computes flags and thresholds, use measured bandwidths
- in preference to advertised ones.
diff --git a/changes/bug8290 b/changes/bug8290
deleted file mode 100644
index d1fce7d8b5..0000000000
--- a/changes/bug8290
+++ /dev/null
@@ -1,9 +0,0 @@
- o Removed files:
- - The tor-tsocks.conf is no longer distributed or installed. We
- recommend that tsocks users use torsocks instead. Resolves
- ticket 8290.
-
- o Documentation fixes:
- - The torify manpage no longer refers to tsocks; torify hasn't
- supported tsocks since 0.2.3.14-alpha.
- - The manpages no longer reference tsocks.
diff --git a/changes/bug8377 b/changes/bug8377
deleted file mode 100644
index c9ad151bc9..0000000000
--- a/changes/bug8377
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes:
- - Correctly recognize that [::1] is a loopback address. Fixes bug #8377;
- bugfix on 0.2.1.3-alpha.
diff --git a/changes/bug8408 b/changes/bug8408
deleted file mode 100644
index ae9cf172e1..0000000000
--- a/changes/bug8408
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Allow TestingTorNetworks to override the 4096-byte minimum for the Fast
- threshold. Otherwise they can't bootstrap until they've observed more
- traffic. Fixes bug 8508; bugfix on 0.2.4.10-alpha.
diff --git a/changes/bug8427 b/changes/bug8427
deleted file mode 100644
index 22b003fc38..0000000000
--- a/changes/bug8427
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - If we encounter a write failure on a SOCKS connection before we
- finish our SOCKS handshake, don't warn that we closed the
- connection before we could send a SOCKS reply. Fixes bug 8427;
- bugfix on 0.1.0.1-rc.
diff --git a/changes/bug8435 b/changes/bug8435
deleted file mode 100644
index da7ca7c1f8..0000000000
--- a/changes/bug8435
+++ /dev/null
@@ -1,4 +0,0 @@
- o Major bugfixes:
- - When dirserv.c computes flags and thresholds, ignore advertised
- bandwidths if we have more than a threshold number of routers with
- measured bandwidths.
diff --git a/changes/bug8464 b/changes/bug8464
deleted file mode 100644
index 74ff2e39ff..0000000000
--- a/changes/bug8464
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - Correct our check for which versions of Tor support the EXTEND2
- cell. We had been willing to send it to Tor 0.2.4.7-alpha and
- later, when support was really added in version 0.2.4.8-alpha.
- Fixes bug 8464; bugfix on 0.2.4.8-alpha.
diff --git a/changes/bug8475 b/changes/bug8475
deleted file mode 100644
index eb8debedba..0000000000
--- a/changes/bug8475
+++ /dev/null
@@ -1,4 +0,0 @@
- o Major bugfixes:
- - If configured via ClientDNSRejectInternalAddresses not to report
- DNS queries which have resolved to internal addresses, apply that
- rule to IPv6 as well. Fixes bug 8475; bugfix on 0.2.0.7-alpha.
diff --git a/changes/bug8477-easypart b/changes/bug8477-easypart
deleted file mode 100644
index 0f8f1031c5..0000000000
--- a/changes/bug8477-easypart
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes:
- - Log the purpose of a path-bias testing circuit correctly.
- Improves a log message from bug 8477; bugfix on 0.2.4.8-alpha.
diff --git a/changes/bug8530 b/changes/bug8530
new file mode 100644
index 0000000000..f66b602dbd
--- /dev/null
+++ b/changes/bug8530
@@ -0,0 +1,3 @@
+ o Enhancements
+ - Add make target 'test-network' running tests on a Chutney
+ network.
diff --git a/changes/bug8532 b/changes/bug8532
new file mode 100644
index 0000000000..e9fd06829a
--- /dev/null
+++ b/changes/bug8532
@@ -0,0 +1,4 @@
+ o Minor features
+ - Add support for offsetting the voting interval in order to
+ bootstrap a network faster by adding configuration option
+ TestingV3AuthVotingStartOffset. Addresses #8532.
diff --git a/changes/bug8561 b/changes/bug8561
new file mode 100644
index 0000000000..598071a728
--- /dev/null
+++ b/changes/bug8561
@@ -0,0 +1,3 @@
+ o Major features:
+ - The ntor handshake is now on-by-default, no matter what the
+ directory authorities recommend. Implements ticket 8561.
diff --git a/changes/bug8587 b/changes/bug8587
deleted file mode 100644
index 84d2f1ec0d..0000000000
--- a/changes/bug8587
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (build):
- - Build Tor correctly on 32-bit platforms where the compiler can build
- but not run code using the "uint128_t" construction. Fixes bug 8587;
- bugfix on 0.2.4.8-alpha.
-
diff --git a/changes/bug8596 b/changes/bug8596
deleted file mode 100644
index dd36bad855..0000000000
--- a/changes/bug8596
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features:
- - Add CACHED keyword to ADDRMAP events in the control protocol to indicate
- whether a DNS result will be cached or not.
diff --git a/changes/bug8598 b/changes/bug8598
deleted file mode 100644
index e31c8f3c74..0000000000
--- a/changes/bug8598
+++ /dev/null
@@ -1,6 +0,0 @@
- o Bugfixes:
- - Fix compilation warning with some versions of clang that would prefer
- the -Wswitch-enum compiler flag to warn about switch statements with
- missing enum values, even if those switch statements have a default:
- statement. Fixes bug 8598; bugfix on 0.2.4.10-alpha.
-
diff --git a/changes/bug8599 b/changes/bug8599
deleted file mode 100644
index 204ef58c3f..0000000000
--- a/changes/bug8599
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Fix some logic errors when the user manually overrides the
- PathsNeededToBuildCircuits option in torrc. Fixes bug 8599; bugfix
- on 0.2.4.10-alpha.
diff --git a/changes/bug8638 b/changes/bug8638
deleted file mode 100644
index 3a790e567d..0000000000
--- a/changes/bug8638
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features
- In our testsuite, create temporary directories with a bit more entropy
- in their name to make name collissions less likely. Fixes bug 8638.
diff --git a/changes/bug8789 b/changes/bug8789
new file mode 100644
index 0000000000..e3bcc40749
--- /dev/null
+++ b/changes/bug8789
@@ -0,0 +1,3 @@
+ o Code simplifications and refactoring:
+ - Clean up exit path from connection_listener_new. Closes bug
+ 8789. Patch from Arlo Breault.
diff --git a/changes/bug8790 b/changes/bug8790
new file mode 100644
index 0000000000..9f1f0ba17d
--- /dev/null
+++ b/changes/bug8790
@@ -0,0 +1,6 @@
+ o Minor code improvements:
+ - Remove instances of strcpy from the unit tests. They weren't
+ hurting anything, since they were only in the unit tests, but
+ it's embarassing to have strcpy() in the code at all, and some
+ analysis tools don't like it. Fixes 8790. Patch from Arlo Breault.
+
diff --git a/changes/bug8791 b/changes/bug8791
new file mode 100644
index 0000000000..0a65e286c0
--- /dev/null
+++ b/changes/bug8791
@@ -0,0 +1,5 @@
+ o Minor bugfixes:
+ - In the function munge_extrainfo_into_routerinfo(), check the return
+ value of memchr(). This would have been a serious issue if we ever
+ passed a non-extrainfo to munge_extrainfo_into_routerinfo. Fixes
+ bug 8791; bugfix on 0.2.0.6-alpha. Patch from Arlo Breault.
diff --git a/changes/bug8792 b/changes/bug8792
new file mode 100644
index 0000000000..6f4e3bf7b1
--- /dev/null
+++ b/changes/bug8792
@@ -0,0 +1,4 @@
+ o Removed code
+ - Remove constants and tests for PKCS1 padding; it's insecure and
+ shouldn't be used for anything new. Fixes bug #8792; patch
+ from Arlo Breault.
diff --git a/changes/bug8929 b/changes/bug8929
new file mode 100644
index 0000000000..2a1898b8a9
--- /dev/null
+++ b/changes/bug8929
@@ -0,0 +1,4 @@
+ o Minor features:
+ - Add a new torrc option "ServerTransportOptions" that allows
+ bridge operators to pass configuration parameters to their
+ pluggable transports. Resolves ticket 8929.
diff --git a/changes/bug9030 b/changes/bug9030
new file mode 100644
index 0000000000..d0be582929
--- /dev/null
+++ b/changes/bug9030
@@ -0,0 +1,4 @@
+ o Minor bugfixes:
+ - The tor-fw-helper program now follows the standard convention and
+ exits with status code "0" on success. Fixes bug 9030; bugfix on
+ 0.2.3.1-alpha. Patch by Arlo Breault.
diff --git a/changes/bug9043 b/changes/bug9043
new file mode 100644
index 0000000000..c3135ef0f4
--- /dev/null
+++ b/changes/bug9043
@@ -0,0 +1,3 @@
+ o Code simplification and refactoring:
+ - Since OpenSSL 0.9.8 we can use EVP_PKEY_cmp instead of
+ implementing the same thing as pkey_eq. Fixes #9043.
diff --git a/changes/bug9063 b/changes/bug9063
index dcbecf6179..e1d0a5e780 100644
--- a/changes/bug9063
+++ b/changes/bug9063
@@ -1,3 +1,4 @@
- o Normal bugfixes:
- - Close any circuit that has more cells queued than the spec permits.
- Fixes bug #9063; bugfix on 0.2.4.12.
+ o Normal bugfixes:
+ - Close any circuit that has 10% more cells queued than the spec permits
+ and warn when the queue length exceeds that threshold. Fixes bug
+ #9063; bugfix on 0.2.4.12.
diff --git a/changes/bug9258 b/changes/bug9258
new file mode 100644
index 0000000000..5165b3a677
--- /dev/null
+++ b/changes/bug9258
@@ -0,0 +1,6 @@
+ o Minor bugfixes:
+ - Reject relative control socket paths and emit a warning.
+ Previously single-component control socket paths would be rejected,
+ but Tor would not log why it could not validate the config.
+ Now we reject all relative control socket paths and print a warning.
+ Fixes bug 9047; bugfix on 0.2.2.6-alpha.
diff --git a/changes/bug9267 b/changes/bug9267
new file mode 100644
index 0000000000..95a621148d
--- /dev/null
+++ b/changes/bug9267
@@ -0,0 +1,4 @@
+ o Minor bugfixes:
+ - Added optional parameter to contrib/coverage script to specify directory
+ to put gcov files in, and added reset-gcov target to top-level makefile.
+ Fixes bug #9267.
diff --git a/changes/cov980650 b/changes/cov980650
deleted file mode 100644
index cbbada2e66..0000000000
--- a/changes/cov980650
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Fix a copy-and-paste error when adding a missing A1 to a routerset
- because of GeoIPExcludeUnknown. Fix for coverity CID 980650.
- Bugfix on 0.2.4.10-alpha.
diff --git a/changes/easy.ratelim b/changes/easy.ratelim
deleted file mode 100644
index cadd1e4f5e..0000000000
--- a/changes/easy.ratelim
+++ /dev/null
@@ -1,3 +0,0 @@
- o Code simplification and refactoring:
- - Add a wrapper function for the common "log a message with a rate-limit"
- case.
diff --git a/changes/fancy_testing b/changes/fancy_testing
new file mode 100644
index 0000000000..fa5b5703c4
--- /dev/null
+++ b/changes/fancy_testing
@@ -0,0 +1,27 @@
+ o Build features:
+
+ - Tor now builds each source file in two modes: a mode that avoids
+ exposing identifiers needlessly, and another mode that exposes
+ more identifiers for testing. This lets the compiler do better at
+ optimizing the production code, while enabling us to take more
+ radical measures to let the unit tests test things.
+
+ - The production builds no longer include functions used only
+ in the unit tests; all functions exposed from a module for
+ unit-testing only are now static in production builds.
+
+ - Add an --enable-coverage configuration option to make the unit
+ tests (and a new src/or/tor-cov target) to build with gcov test
+ coverage support.
+
+ o Testing:
+
+ - We now have rudimentary function mocking support that our unit
+ tests can use to test functions in isolation. Function mocking
+ lets the tests temporarily replace a function's dependencies with
+ stub functions, so that the tests can check the function without
+ invoking the other functions it calls.
+
+ - Add more unit tests for the <circid,channel>->circuit map, and
+ the destroy-cell-tracking code to fix bug 7912.
+
diff --git a/changes/feature4994 b/changes/feature4994
deleted file mode 100644
index 4fa0e037b7..0000000000
--- a/changes/feature4994
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor features:
- - Teach bridge-using clients to avoid 0.2.2 bridges when making
- microdescriptor-related dir requests, and only fall back to normal
- descriptors if none of their bridges can handle microdescriptors
- (as opposed to the fix in ticket 4013, which caused them to fall
- back to normal descriptors if *any* of their bridges preferred
- them). Resolves ticket 4994.
diff --git a/changes/fix-geoipexclude-doc b/changes/fix-geoipexclude-doc
deleted file mode 100644
index 63b544ef29..0000000000
--- a/changes/fix-geoipexclude-doc
+++ /dev/null
@@ -1,4 +0,0 @@
- o Documentation fixes:
- - Fix the GeoIPExcludeUnknown documentation to refer to ExcludeExitNodes
- rather than the currently nonexistent ExcludeEntryNodes. Spotted by
- "hamahangi" on tor-talk.
diff --git a/changes/fomit-frame-pointer b/changes/fomit-frame-pointer
new file mode 100644
index 0000000000..67706246ad
--- /dev/null
+++ b/changes/fomit-frame-pointer
@@ -0,0 +1,6 @@
+ o Minor features (performance):
+ - If we're using the pure-C 32-bit curve25519_donna implementation
+ of curve25519, build it with the -fomit-frame-pointer option to
+ make it go faster on register-starved hosts. This improves our
+ handshake performance by about 6% on i386 hosts without nacl.
+ Closes ticket 8109.
diff --git a/changes/geoip-apr2013 b/changes/geoip-apr2013
deleted file mode 100644
index 74d9c63b79..0000000000
--- a/changes/geoip-apr2013
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features:
- - Update to the April 3 2013 Maxmind GeoLite Country database.
-
diff --git a/changes/geoip-feb2013 b/changes/geoip-feb2013
deleted file mode 100644
index b5d794258f..0000000000
--- a/changes/geoip-feb2013
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features:
- - Update to the February 6 2013 Maxmind GeoLite Country database.
-
diff --git a/changes/geoip-mar2013 b/changes/geoip-mar2013
deleted file mode 100644
index e9cc3981b3..0000000000
--- a/changes/geoip-mar2013
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features:
- - Update to the March 6 2013 Maxmind GeoLite Country database.
-
diff --git a/changes/integers_donna b/changes/integers_donna
deleted file mode 100644
index e9c69e8e1c..0000000000
--- a/changes/integers_donna
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (portability)
- - Tweak the curve25519-donna*.c implementations to tolerate systems
- that lack stdint.h. Fixes bug 3894; bugfix on 0.2.4.8-alpha.
diff --git a/changes/log-noise b/changes/log-noise
deleted file mode 100644
index bbbf0d2c0c..0000000000
--- a/changes/log-noise
+++ /dev/null
@@ -1,11 +0,0 @@
- o Minor bugfixes (log message reduction)
- - Fix a path state issue that triggered a notice during relay startup.
- Fixes bug #8320; bugfix on 0.2.4.10-alpha.
- - Reduce occurrences of warns about circuit purpose in
- connection_ap_expire_building(). Fixes bug #8477; bugfix on
- 0.2.4.11-alpha.
- - Fix a directory authority warn caused when we have a large amount
- of badexit bandwidth. Fixes bug #8419; bugfix on 0.2.2.10-alpha.
- - Reduce a path bias length check notice log to info. The notice
- is triggered when creating controller circuits. Fixes bug #8196;
- bugfix on 0.2.4.8-alpha.
diff --git a/changes/onion_tap_tests b/changes/onion_tap_tests
new file mode 100644
index 0000000000..f98243323e
--- /dev/null
+++ b/changes/onion_tap_tests
@@ -0,0 +1,2 @@
+ o New unit tests:
+ - Unit tests for failing cases of the TAP onion handshake.
diff --git a/changes/seccomp2_sandbox b/changes/seccomp2_sandbox
new file mode 100644
index 0000000000..73b3a8d5e4
--- /dev/null
+++ b/changes/seccomp2_sandbox
@@ -0,0 +1,12 @@
+ o Major features (security):
+ - Use the seccomp2 syscall filtering facility on Linux to limit
+ which system calls Tor can invoke. This is an experimental,
+ Linux-only feature to provide defense-in-depth against unknown
+ attacks. To try turning it on, set "Sandbox 1" in your torrc
+ file. This is an experimental feature, however, and some things
+ may break, so please be ready to report bugs. We hope to add
+ support for better sandboxing in the future,
+ including more fine-grained filters, better division of
+ responsibility, and support for more platforms. This work has
+ been done by Cristian-Matei Toader for Google Summer of Code.
+
diff --git a/changes/signof_enum b/changes/signof_enum
deleted file mode 100644
index ba4fb597d7..0000000000
--- a/changes/signof_enum
+++ /dev/null
@@ -1,7 +0,0 @@
- o Code simplifications and refactoring:
- - Use Ville Laurikari's implementation of AX_CHECK_SIGN() to determine
- the signs of types during autoconf. This is better than our old
- approach, which didn't work when cross-compiling.
- - Detect the sign of enum values, rather than assuming that MSC is the
- only compiler where enum types are all signed. Fix for bug 7727;
- bugfix on 0.2.4.10-alpha.
diff --git a/changes/ticket2267 b/changes/ticket2267
deleted file mode 100644
index b589b5721f..0000000000
--- a/changes/ticket2267
+++ /dev/null
@@ -1,8 +0,0 @@
- o Minor features:
- - Refactor resolve_my_address() so it returns the method by which we
- decided our public IP address (explicitly configured, resolved from
- explicit hostname, guessed from interfaces, learned by gethostname).
- Now we can provide more helpful log messages when a relay guesses
- its IP address incorrectly (e.g. due to unexpected lines in
- /etc/hosts). Resolves ticket 2267.
-
diff --git a/changes/ticket8240 b/changes/ticket8240
deleted file mode 100644
index 91e6f8c14a..0000000000
--- a/changes/ticket8240
+++ /dev/null
@@ -1,4 +0,0 @@
- o Major security fixes:
- - Make the default guard lifetime controllable via a new
- GuardLifetime torrc option and a GuardLifetime consensus
- parameter. Start of a fix for bug 8240; bugfix on 0.1.1.11-alpha.
diff --git a/changes/ticket8443 b/changes/ticket8443
deleted file mode 100644
index ca6fb2f471..0000000000
--- a/changes/ticket8443
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features:
- - Randomize the lifetime of our SSL link certificate, so censors can't
- use the static value for filtering Tor flows. Resolves ticket 8443;
- related to ticket 4014 which was included in 0.2.2.33.
diff --git a/changes/ticket_9214 b/changes/ticket_9214
new file mode 100644
index 0000000000..f1e43caeb0
--- /dev/null
+++ b/changes/ticket_9214
@@ -0,0 +1,6 @@
+ o Minor features:
+ - Accept bandwidth and space limits in bits as well as bytes.
+ (Anywhere in the configuration file that you can say "2 Kilobytes",
+ you can now say "16 kilobits", and so on.) Resolves ticket 9214.
+ Patch by CharlieB.
+
diff --git a/changes/warn-unsigned-time_t b/changes/warn-unsigned-time_t
index 5f0c36d099..f57f85ae37 100644
--- a/changes/warn-unsigned-time_t
+++ b/changes/warn-unsigned-time_t
@@ -1,3 +1,9 @@
+ o Minor bugfixes (portability):
+ - On the chance that somebody manages to build Tor on a
+ platform where time_t is unsigned, correct the way that
+ microdesc_add_to_cache handles negative time arguments. Fix for
+ bug 8042; bugfix on 0.2.3.1-alpha.
+
o Build improvements:
- Warn if building on a platform with an unsigned time_t: there
are too many places where Tor currently assumes that time_t can