diff options
Diffstat (limited to 'changes')
91 files changed, 261 insertions, 214 deletions
diff --git a/changes/.dummy b/changes/.dummy new file mode 100644 index 0000000000..dd9738feb2 --- /dev/null +++ b/changes/.dummy @@ -0,0 +1,37 @@ +This file is here to keep git from removing the changes directory when +all the changes files have been merged. + + + + + + + + + + + + + + + + + + + + + + + + +"I'm Nobody! Who are you? + Are you--Nobody--too? + Then there's a pair of us! + Don’t tell! they'd advertise--you know! + + How dreary--to be--Somebody! + How public--like a Frog-- + To tell one's name--the livelong June-- + To an admiring Bog!" + -- Emily Dickinson + diff --git a/changes/15188 b/changes/15188 deleted file mode 100644 index 2065b3974c..0000000000 --- a/changes/15188 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (testing): - - Avoid a side-effect in a tor_assert() in the unit tests. Fixes bug - 15188; bugfix on 0.1.2.3-alpha. Patch from Tom van der Woerdt. diff --git a/changes/16679_16685_etc b/changes/16679_16685_etc new file mode 100644 index 0000000000..8284614278 --- /dev/null +++ b/changes/16679_16685_etc @@ -0,0 +1,13 @@ + + o Major features (relay, Ed25519): + - Significant improvements to the usability of relay-side Ed25519 + key management. Log messages are better, and the code can + recover from far more failure conditions. Thanks to "s7r" for + reporting and diagnosing so many of these! + + o Major bugfixes (relay, Ed25519): + - Avoid crashing on 'tor --keygen'. Fixes bug 16679; bugfix on + 0.2.7.2-alpha. Reported by "s7r". + - Improve handling of expired signing keys along with offline + master keys. Fixes bug 16685; bugfix on 0.2.7.2-alpha. Reported + by "s7r". diff --git a/changes/autodetect-chutney-path b/changes/autodetect-chutney-path new file mode 100644 index 0000000000..4da6b246e8 --- /dev/null +++ b/changes/autodetect-chutney-path @@ -0,0 +1,4 @@ + o Minor features (testing): + - Autodetect CHUTNEY_PATH if the chutney and tor sources are + side-by-side in the same parent directory. + Closes ticket 16903. Patch by "teor". diff --git a/changes/bug11447 b/changes/bug11447 deleted file mode 100644 index 8cd4f5b467..0000000000 --- a/changes/bug11447 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (DoS-resistance): - - Decrease the amount of reattempts that a hidden service is - willing to perform when its rendezvous circuits fail. This - reduces the computational cost for hidden service under heavy - load. Resolves ticket #11447.
\ No newline at end of file diff --git a/changes/bug11454 b/changes/bug11454 deleted file mode 100644 index b37a7d9728..0000000000 --- a/changes/bug11454 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (certificate handling): - - Remove any old authority certificates that have been superseded - for at least two days. Previously, we would keep superseded - certificates until they expired, if they were published close - in time to the certificate that superseded them. - Fixes bug 11454; bugfix on 0.2.1.8-alpha. diff --git a/changes/bug11457 b/changes/bug11457 deleted file mode 100644 index cf64c1d10d..0000000000 --- a/changes/bug11457 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (certificate handling): - - If an authority operator accidentally makes a signing certificate with - a future publication time, do not discard its real signing - certificates. Fixes bug 11457; bugfix on 0.2.0.3-alpha. - diff --git a/changes/bug14848_redux b/changes/bug14848_redux deleted file mode 100644 index c10320fb23..0000000000 --- a/changes/bug14848_redux +++ /dev/null @@ -1,5 +0,0 @@ - o Removed code: - - Remove some lingering dead code that once supported mempools. Mempools - were disabled by default in 0.2.5, and removed entirely in - 0.2.6.3-alpha. Closes more of ticket 14848; patch by "cypherpunks". - diff --git a/changes/bug14917 b/changes/bug14917 new file mode 100644 index 0000000000..92a985ca7b --- /dev/null +++ b/changes/bug14917 @@ -0,0 +1,5 @@ + o Major bugfix + - For an hidden service, it is now prohibited to use one single + EntryNodes to avoid a very easy guard discovery attack. For more + details, see the ticket description here: + https://trac.torproject.org/projects/tor/ticket/14917. Fixes #14917. diff --git a/changes/bug14950 b/changes/bug14950 deleted file mode 100644 index 33cea9cb58..0000000000 --- a/changes/bug14950 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (logs): - - Quiet some log messages in the heartbeat and at startup. Closes - ticket 14950.
\ No newline at end of file diff --git a/changes/bug14980 b/changes/bug14980 deleted file mode 100644 index b873bb009c..0000000000 --- a/changes/bug14980 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (testing): - - Fix endianness issues in unit test for resolve_my_address() to - have it pass on big endian systems. Fixes bug 14980; bugfix on - Tor 0.2.6.3-alpha. diff --git a/changes/bug14988 b/changes/bug14988 deleted file mode 100644 index 67dc96e443..0000000000 --- a/changes/bug14988 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Fix a compilation warning on s390. Fixes bug 14988; bugfix on - 0.2.5.2-alpha. - diff --git a/changes/bug14989 b/changes/bug14989 deleted file mode 100644 index f4432d468b..0000000000 --- a/changes/bug14989 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (Linux seccomp2 sandbox): - - Pass IPPROTO_TCP rather than 0 to socket(), so that the - Linux seccomp2 sandbox doesn't fail. Fixes bug 14989; - bugfix on 0.2.6.3-alpha. diff --git a/changes/bug15003 b/changes/bug15003 deleted file mode 100644 index 2dcce74dfe..0000000000 --- a/changes/bug15003 +++ /dev/null @@ -1,3 +0,0 @@ - o Major bugfixes (linux seccomp2 sandbox): - - Allow AF_UNIX hidden services to be used with the seccomp2 sandbox. - Fixes bug 15003; bugfix on 0.2.6.3-alpha. diff --git a/changes/bug15033 b/changes/bug15033 deleted file mode 100644 index 953e6c3d59..0000000000 --- a/changes/bug15033 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (tests): - - When running the zero-length-keys check, do not use the default - torrc file. Fixes bug 15033; bugfix on 0.2.6.3-alpha. Reported - by "reezer". diff --git a/changes/bug15037 b/changes/bug15037 deleted file mode 100644 index 587d63186e..0000000000 --- a/changes/bug15037 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (testing): - - When running the new 'make test-stem' target, use the configured - python binary. Fixes bug 15037; bugfix on 0.2.6.3-alpha. Patch - from "cypherpunks". diff --git a/changes/bug15064 b/changes/bug15064 deleted file mode 100644 index e6bd747b1f..0000000000 --- a/changes/bug15064 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (FreeBSD IPFW transparent proxy): - - Fix address detection with FreeBSD transparent proxies, - when "TransProxyType ipfw" is in use. - Fixes bug 15064; bugfix on 0.2.5.4-alpha. diff --git a/changes/bug15083 b/changes/bug15083 deleted file mode 100644 index 5cc79b5ba1..0000000000 --- a/changes/bug15083 +++ /dev/null @@ -1,10 +0,0 @@ - o Major bugfixes (relay, stability, possible security): - - Fix a bug that could lead to a relay crashing with an assertion - failure if a buffer of exactly the wrong layout was passed - to buf_pullup() at exactly the wrong time. Fixes bug 15083; - bugfix on 0.2.0.10-alpha. Patch from 'cypherpunks'. - - - Do not assert if the 'data' pointer on a buffer is advanced to the very - end of the buffer; log a BUG message instead. Only assert if it is - past that point. Fixes bug 15083; bugfix on 0.2.0.10-alpha. - diff --git a/changes/bug15088 b/changes/bug15088 deleted file mode 100644 index 95878bdb39..0000000000 --- a/changes/bug15088 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (Linux seccomp2 sandbox): - - Upon receiving sighup, do not crash during attempts to call - wait4. Fixes bug 15088; bugfix on 0.2.5.1-alpha. Patch from - "sanic". diff --git a/changes/bug15151 b/changes/bug15151 deleted file mode 100644 index b9c3061554..0000000000 --- a/changes/bug15151 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix a compilation warning on FreeBSD. Fixes bug 15151; bugfix on - 0.2.6.2-alpha. diff --git a/changes/bug15205 b/changes/bug15205 deleted file mode 100644 index 0cb9f3f4bc..0000000000 --- a/changes/bug15205 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (crash, OSX, security): - - Fix a remote denial-of-service opportunity caused by a bug - in OSX's _strlcat_chk() function. Fixes bug 15205; bug first - appeared in OSX 10.9. - diff --git a/changes/bug15240 b/changes/bug15240 deleted file mode 100644 index e11f804a12..0000000000 --- a/changes/bug15240 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (pluggable transports): - - Initialize the extended OR Port authentication cookie before launching - pluggable transports. This prevents a race condition that occured when - server-side pluggable transports would cache the authentication cookie - before it has been (re)generated. Fixes bug 15240; bugfix on - 0.2.5.1-alpha. diff --git a/changes/bug15245 b/changes/bug15245 deleted file mode 100644 index 520a370eeb..0000000000 --- a/changes/bug15245 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Avoid crashing when making certain configuration option changes - on clients. Fixes bug 15245; bugfix on 0.2.6.3-alpha. Reported - by "anonym". - diff --git a/changes/bug15436 b/changes/bug15436 deleted file mode 100644 index 4fa44d1e16..0000000000 --- a/changes/bug15436 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (portability): - - Use the correct datatype in the SipHash-2-4 function to prevent compilers - from assuming any sort of alignment. Fixes bug 15436; bugfix on - 0.2.5.3-alpha. diff --git a/changes/bug15515 b/changes/bug15515 deleted file mode 100644 index dda7c2fcd8..0000000000 --- a/changes/bug15515 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (DoS-resistance): - - Make it harder for attackers to overwhelm hidden services with - introductions, by blocking multiple introduction requests on the - same circuit. Resolves ticket #15515. diff --git a/changes/bug15600 b/changes/bug15600 deleted file mode 100644 index ee1d6cfe19..0000000000 --- a/changes/bug15600 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (security, hidden service): - - Fix an issue that would allow a malicious client to trigger - an assertion failure and halt a hidden service. Fixes - bug 15600; bugfix on 0.2.1.6-alpha. Reported by "skruffy". - diff --git a/changes/bug15601 b/changes/bug15601 deleted file mode 100644 index 2cc880af7f..0000000000 --- a/changes/bug15601 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (security, hidden service): - - Fix a bug that could cause a client to crash with an assertion - failure when parsing a malformed hidden service descriptor. - Fixes bug 15601; bugfix on 0.2.1.5-alpha. Found by "DonnCha". diff --git a/changes/bug15823 b/changes/bug15823 deleted file mode 100644 index 987de5d9ac..0000000000 --- a/changes/bug15823 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (hidden service): - - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells - on a client authorized hidden service. Fixes bug 15823; bugfix - on 0.2.1.6-alpha. diff --git a/changes/bug15850 b/changes/bug15850 deleted file mode 100644 index 48a7c7bdd7..0000000000 --- a/changes/bug15850 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfix - - Revert commit that made directory authority assign the HSDir flag to - relay without a DirPort which is bad because relay can't handle - BEGIN_DIR cells. Fixes #15850. Bugfix on tor-0.2.6.3-alpha; diff --git a/changes/bug16013 b/changes/bug16013 deleted file mode 100644 index d194c609f8..0000000000 --- a/changes/bug16013 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (hidden service, stability): - - Stop randomly crashing with an assertion failure when connecting to a - busy hidden service, or connecting to a hidden service while a NEWNYM - is in progress. Fixes bug 16013; bugfix on 0.1.0.1-rc. - diff --git a/changes/bug16030 b/changes/bug16030 deleted file mode 100644 index c14fd62303..0000000000 --- a/changes/bug16030 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (tests): - - Fix a crash in the unit tests on MSVC2013. Fixes bug 16030; bugfix on - 0.2.6.2-alpha. Patch from "NewEraCracker".
\ No newline at end of file diff --git a/changes/bug16164 b/changes/bug16164 deleted file mode 100644 index fbb383c26d..0000000000 --- a/changes/bug16164 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Build with --enable-systemd correctly when libsystemd is installed, - but systemd is not. Fixes bug 16164, bugfix on 0.2.6.3-alpha. Patch - from Peter Palfrader. diff --git a/changes/bug16212 b/changes/bug16212 deleted file mode 100644 index bc1246376d..0000000000 --- a/changes/bug16212 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (sandbox, systemd): - - Allow systemd connections to work with the Linux seccomp2 sandbox - code. Fixes bug 16212; bugfix on 0.2.6.2-alpha. - Patch by Peter Palfrader. - diff --git a/changes/bug16244 b/changes/bug16244 deleted file mode 100644 index 00bc557983..0000000000 --- a/changes/bug16244 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (sandbox, relay): - - Fix sandboxing to work when running as a relay again. This - includes correctly allowing renaming secret_id_key and - allowing the eventfd2 and futex syscalls. - Fixes bug 16244; bugfix on 0.2.6.1-alpha. - Patch by Peter Palfrader. - diff --git a/changes/bug16247 b/changes/bug16247 deleted file mode 100644 index 9464b1cb24..0000000000 --- a/changes/bug16247 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (client-side privacy): - - Properly separate out each SOCKSPort when applying stream isolation. - The error occured because each port's session group was being - overwritten by a default value. Fixes bug 16247; bugfix on - 0.2.6.3-alpha. Patch by "jojelino". diff --git a/changes/bug16274 b/changes/bug16274 new file mode 100644 index 0000000000..4eec571761 --- /dev/null +++ b/changes/bug16274 @@ -0,0 +1,5 @@ + o Minor bugfix (open file limit): + - Fix set_max_file_descriptors() to set by default the max open file + limit to the current limit in case setrlimit() fails so we at least + have a usable value; Fixes #16274; bugfix on tor-0.2.0.10-alpha~71; + Patch by dgoulet. diff --git a/changes/bug16286 b/changes/bug16286 new file mode 100644 index 0000000000..7b30493576 --- /dev/null +++ b/changes/bug16286 @@ -0,0 +1,8 @@ + o Minor bugfixes (authority): + - Downgrade log messages about Ed25519 key issues, if they are in + old cached router descriptors. Fixes part of bug 16286; bugfix on + 0.2.7.2-alpha. + + - When we find an Ed25519 key issue in a cached descriptor, stop saying + the descriptor was just "uploaded". Fixes another part of bug 16286; + bugfix on 0.2.7.2-alpha. diff --git a/changes/bug16360-failed-crypto-early-init b/changes/bug16360-failed-crypto-early-init deleted file mode 100644 index 21972bce52..0000000000 --- a/changes/bug16360-failed-crypto-early-init +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (crypto error-handling): - - If crypto_early_init fails, a typo in a return value from tor_init - means that tor_main continues running, rather than returning - an error value. - Fixes bug 16360; bugfix on d3fb846d8c98 in 0.2.5.2-alpha, - introduced when implementing #4900. - Patch by "teor". diff --git a/changes/bug16363 b/changes/bug16363 deleted file mode 100644 index 1a6f8c6eff..0000000000 --- a/changes/bug16363 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (Linux seccomp2 sandbox): - - Allow pipe() and pipe2() syscalls; we need these when eventfd2() - support is missing. Fixes bug 16363; bugfix on 0.2.6.3-alpha. - Patch from "teor". diff --git a/changes/bug16381 b/changes/bug16381 deleted file mode 100644 index 51a9b53007..0000000000 --- a/changes/bug16381 +++ /dev/null @@ -1,13 +0,0 @@ - o Major bugfix (Hidden service client) - - Revert commit 9407040c592184e05e45a3c1a00739c2dd302288 of bug #14219 - that indeed fixed an issue but introduced a major hidden service - reachability regression detailed in bug #16381. This is a temporary - fix since we can live with the minor issue in #14219 but the - regression introduced is too much of a set back. - - To be clear, #14219 bug just results in some load on the network, and - some delay for the client when visiting a hidden service that will - ultimately fail. - - This is only a bandaid for #16381 thus it does _not_ fixes it. bugfix - on tor-0.2.6.3-alpha~138. diff --git a/changes/bug16389 b/changes/bug16389 new file mode 100644 index 0000000000..b7eb35034a --- /dev/null +++ b/changes/bug16389 @@ -0,0 +1,12 @@ + o Hidden Service Enhancement + Client now uses an introduction point failure cache to know when to + fetch or keep a descriptor in their cache. + + When fetching a descriptor, for every introduction points in it, we look + them up in the failure cache to know if we keep the descriptor or not. + For this to work, everytime an introduction points is discarded (ex: + receiving a NACK), we note it down in our introduction cache. If all + introduction points for an onion service are in our failure cache, we + discard the descriptor and fetch a new one. + + See rendcache.c for a detailed explanation of the cache's behavior. diff --git a/changes/bug16400 b/changes/bug16400 deleted file mode 100644 index 3e5f9c5843..0000000000 --- a/changes/bug16400 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Do not crash with an assertion error when parsing certain kinds - of malformed or truncated microdescriptors. Fixes bug 16400; - bugfix on 0.2.6.1-alpha. Found by "torkeln"; fix based on a patch by - "cypherpunks_backup". diff --git a/changes/bug16524 b/changes/bug16524 new file mode 100644 index 0000000000..1268fe8ca9 --- /dev/null +++ b/changes/bug16524 @@ -0,0 +1,3 @@ + o Minor bugfixes (authority): + - Don't assign "HSDir" to a router if it isn't Valid and Running. + Fixes bug 16524; bugfix on 0.2.7.2-alpha.
\ No newline at end of file diff --git a/changes/bug16539 b/changes/bug16539 new file mode 100644 index 0000000000..8a0b6d251c --- /dev/null +++ b/changes/bug16539 @@ -0,0 +1,4 @@ + o Minor bugfixes (Ed25519): + - Fix a memory leak when reading router descriptors with + expired Ed25519 certificate. Fixes bug 16539; bugfix on 0.2.7.2-alpha. + diff --git a/changes/bug16644 b/changes/bug16644 new file mode 100644 index 0000000000..f7126bdc9d --- /dev/null +++ b/changes/bug16644 @@ -0,0 +1,3 @@ + o Minor bugfixes (relay): + - Unblock threads before releasing the mutex to ensure predictable + scheduling behavior. Fixes bug 16644; bugfix on 0.2.6.3-alpha. diff --git a/changes/bug16697 b/changes/bug16697 new file mode 100644 index 0000000000..ae6cf2b83e --- /dev/null +++ b/changes/bug16697 @@ -0,0 +1,10 @@ + o Minor bugfixes + - Control port was using set_max_file_descriptors() with a limit set to + 0 to get the max value. A recent fix made this use case return an + error and introduced dead code in that function. This triggered a + warning that our limit (ConnLimit) was invalid but in reality it was + not. + + Now, to the control port uses a specific getter function to query the + value and set_max_file_descriptors() should never be used again for + that purpose. Fixes #16697; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug16741 b/changes/bug16741 new file mode 100644 index 0000000000..ce3dfdcfc7 --- /dev/null +++ b/changes/bug16741 @@ -0,0 +1,3 @@ + o Minor bugfixes: + - Check correctly for windows socket errors in the workqueue backend. + Fixes bug 16741; bugfix on 0.2.6.3-alpha. diff --git a/changes/bug16742 b/changes/bug16742 new file mode 100644 index 0000000000..2002cb7c72 --- /dev/null +++ b/changes/bug16742 @@ -0,0 +1,3 @@ + o Documentation: + - Recommend a 40 GB example AccountingMax in torrc.sample rather + than a 4 GB max. Closes ticket 16742. diff --git a/changes/bug16901 b/changes/bug16901 new file mode 100644 index 0000000000..c008ebdbd8 --- /dev/null +++ b/changes/bug16901 @@ -0,0 +1,3 @@ + o Minor features (compilation): + - Give a warning as early as possible when trying to build with an + unsupported OpenSSL version. Closes ticket 16901. diff --git a/changes/bug16913 b/changes/bug16913 new file mode 100644 index 0000000000..464140b538 --- /dev/null +++ b/changes/bug16913 @@ -0,0 +1,4 @@ + o Minor bugfixes: + - Fix an usage message of tor-resolve(1) so that it no longer lists + the removed -F option. Resolves ticket #16913; bugfix on Tor + 0.2.2.28-beta. diff --git a/changes/bug16924 b/changes/bug16924 new file mode 100644 index 0000000000..a1bc96e54d --- /dev/null +++ b/changes/bug16924 @@ -0,0 +1,6 @@ + o Minor bugfixes: + - When calling channel_free_list(), avoid calling smartlist_remove() + while inside a FOREACH loop. This partially reverts commit + 17356fe7fd96af where the correct SMARTLIST_DEL_CURRENT was + removed. Fixes bug 16929; bugfix on 0.2.4.4-alpha. + diff --git a/changes/bug16929 b/changes/bug16929 new file mode 100644 index 0000000000..83e60d7eb2 --- /dev/null +++ b/changes/bug16929 @@ -0,0 +1,5 @@ + o Minor bugfixes: + - include the TUNING document in our source tarball. It is referred + to in the ChangeLog and an error message. Fixes bug 16929; bugfix + on 0.2.6.1-alpha. + diff --git a/changes/bug16964 b/changes/bug16964 new file mode 100644 index 0000000000..46ff565fc6 --- /dev/null +++ b/changes/bug16964 @@ -0,0 +1,4 @@ + o Minor bugfixes (linux seccomp2 sandbox): + - Allow bridge authorities to run correctly under the seccomp2 + sandbox. Fixes bug 16964; bugfix on 0.2.5.1-alpha. + diff --git a/changes/bug16965 b/changes/bug16965 new file mode 100644 index 0000000000..841d7235b0 --- /dev/null +++ b/changes/bug16965 @@ -0,0 +1,4 @@ + o Minor bugfixes (linux seccomp2 sandbox): + - Allow routers with ed25519 keys to run correctly under the seccomp2 + sandbox. Fixes bug 16964; bugfix on 0.2.7.2-alpha. + diff --git a/changes/bug9495_redux b/changes/bug9495_redux deleted file mode 100644 index 74b0cdf2a8..0000000000 --- a/changes/bug9495_redux +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (portability): - - Do not crash on startup when running on Solaris. Fixes a bug - related to our fix for 9495; bugfix on 0.2.6.1-alpha. Reported - by "ruebezahl". diff --git a/changes/callgraph b/changes/callgraph new file mode 100644 index 0000000000..64f7f9cf24 --- /dev/null +++ b/changes/callgraph @@ -0,0 +1,5 @@ + o Testing: + - Add a new set of callgraph analysis scripts that use clang to + produce a list of which Tor functions are reachable from which + other Tor functions. We're planning to use these to help simplify + our code structure by identifying illogical dependencies. diff --git a/changes/chutney-coverage b/changes/chutney-coverage new file mode 100644 index 0000000000..53983c87ff --- /dev/null +++ b/changes/chutney-coverage @@ -0,0 +1,3 @@ + o Testing: + - When building Tor with testing coverage enabled, run Chutney tests + (if any) using the 'tor-cov' coverage binary. diff --git a/changes/decouple-write-handle_write b/changes/decouple-write-handle_write new file mode 100644 index 0000000000..4ef9b3fbad --- /dev/null +++ b/changes/decouple-write-handle_write @@ -0,0 +1,7 @@ + o Removed features: + - Remove the code that would try to aggressively flush controller + connections while writing to them. This code was introduced in + 0.1.2.7-alpha, in order to keep output buffers from exceeding their + limits. But there is no longer a maximum output buffer size, and + flushing data in this way caused some undesirable recursions + in our call graph. Closes ticket 16480. diff --git a/changes/decouple_control_events b/changes/decouple_control_events new file mode 100644 index 0000000000..67c9c11f87 --- /dev/null +++ b/changes/decouple_control_events @@ -0,0 +1,8 @@ + o Code simplification and refactoring: + - When generating an event to send to the controller, we no longer + put the event over the network immediately. Instead, we queue + these events, and use a Libevent callback to deliver them. + This change simplifies Tor's callgraph by reducing the number + of functions from which all other Tor functions are reachable. + Closes ticket 16695. + diff --git a/changes/decouple_dir_all_unreachable b/changes/decouple_dir_all_unreachable new file mode 100644 index 0000000000..1e57b3dfbd --- /dev/null +++ b/changes/decouple_dir_all_unreachable @@ -0,0 +1,4 @@ + o Code simplification and refactoring: + - Simply the control graph further by deferring the inner body of + directory_all_unreachable() into a callback. Closes ticket + 16762.
\ No newline at end of file diff --git a/changes/decouple_init_keys b/changes/decouple_init_keys new file mode 100644 index 0000000000..7f48d2b9d3 --- /dev/null +++ b/changes/decouple_init_keys @@ -0,0 +1,3 @@ + o Code simplification and refactoring: + - Move the client-only parts of init_keys() into a separate function. + Closes ticket 16763. diff --git a/changes/decouple_lost_owner b/changes/decouple_lost_owner new file mode 100644 index 0000000000..88adb18546 --- /dev/null +++ b/changes/decouple_lost_owner @@ -0,0 +1,4 @@ + o Code simplification and refactoring: + - Treat the loss of an owning controller as equivalent to a SIGTERM + signal. This removes a tiny amount of duplicated code, and simplifies + our callgraph. Closes ticekt 16788. diff --git a/changes/decouple_retry_directory b/changes/decouple_retry_directory new file mode 100644 index 0000000000..11f901b04f --- /dev/null +++ b/changes/decouple_retry_directory @@ -0,0 +1,6 @@ + o Code simplification and refactoring: + - Change the function that's called when we need to retry all downloads + so that it only reschedules the downloads to happen immediately, rather + than launching them all at once itself. This further simplifies + Tor's callgraph. + diff --git a/changes/early-check-paths b/changes/early-check-paths new file mode 100644 index 0000000000..44bebbe660 --- /dev/null +++ b/changes/early-check-paths @@ -0,0 +1,3 @@ + o Testing: + - When running test-network or test-stem, check for the absence + of stem/chutney before doing any build operations.
\ No newline at end of file diff --git a/changes/feature14175-chutney-performance b/changes/feature14175-chutney-performance new file mode 100644 index 0000000000..ba3a6fee4d --- /dev/null +++ b/changes/feature14175-chutney-performance @@ -0,0 +1,9 @@ + o Major enhancements (performance testing): + - Add chutney performance testing support to src/test/test-network.sh + The following arguments change how chutney verifies the network: + --bytes n sends n bytes per test connection (10 KBytes) + --connections n makes n test connections per client (1) + --hs-multi-client 1 makes each client connect to each HS (0) + Requires the corresponding chutney performance testing changes. + Note: using --connections 7 or greater on a HS will trigger #15937. + Patch by "teor". diff --git a/changes/feature14882-TestingDirAuthVoteIsStrict b/changes/feature14882-TestingDirAuthVoteIsStrict new file mode 100644 index 0000000000..62d513e27e --- /dev/null +++ b/changes/feature14882-TestingDirAuthVoteIsStrict @@ -0,0 +1,18 @@ + o Minor features (testing, authorities): + - New TestingDirAuthVote{Exit,Guard,HSDir}IsStrict flags. + "A node will never receive the corresponding flag unless + that node is specified in the + TestingDirAuthVote{Exit,Guard,HSDir} list, regardless of + its uptime, bandwidth, exit policy, or DirPort". + Closes ticket 14882. Patch by "robgjansen", modified by + "teor" as VoteOnHidServDirectoriesV2 is now obsolete. + Commit message and changes file by "teor" & "robgjansen". + o Minor features (testing, authorities, documentation): + - Fix an error in the manual page and comments for + TestingDirAuthVoteHSDir[IsStrict], which suggested that a + HSDir required "ORPort connectivity". While this is true, + it is in no way unique to the HSDir flag. Of all the flags, + only HSDirs need a DirPort configured in order for the + authorities to assign that particular flag. + Fixed as part of 14882. Patch by "teor". + Bugfix on 0.2.6.3 (f9d57473e1ff on 10 January 2015). diff --git a/changes/feature15006 b/changes/feature15006 deleted file mode 100644 index 168a440ba0..0000000000 --- a/changes/feature15006 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (controller): - - Messages about problems in the bootstrap process now include - information about the server we were trying to connect to when we - noticed the problem. Closes ticket 15006. diff --git a/changes/feature16533 b/changes/feature16533 new file mode 100644 index 0000000000..e9fea94c7e --- /dev/null +++ b/changes/feature16533 @@ -0,0 +1,4 @@ + o Minor features (performance) + - Improve the runtime speed of Ed25519 signature verification by using + Ed25519-donna's batch verification support when there are a lot of + signatures to verify at once. Implements ticket 16533. diff --git a/changes/feature16535 b/changes/feature16535 new file mode 100644 index 0000000000..3df46b658a --- /dev/null +++ b/changes/feature16535 @@ -0,0 +1,4 @@ + o Minor features (performance) + - Improve the runtime speed of Ed25519 operations and Curve25519 keypair + generation when built targeting 32 bit x86 platforms with SSE2 + available. Implements ticket 16535. diff --git a/changes/geoip-april2015 b/changes/geoip-april2015 deleted file mode 100644 index 7db38ed797..0000000000 --- a/changes/geoip-april2015 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip to the April 8 2015 Maxmind GeoLite2 Country database. - diff --git a/changes/geoip-june2015 b/changes/geoip-june2015 deleted file mode 100644 index 9d6cd3658b..0000000000 --- a/changes/geoip-june2015 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip to the June 3 2015 Maxmind GeoLite2 Country database. - diff --git a/changes/geoip-march2015 b/changes/geoip-march2015 deleted file mode 100644 index 565781280a..0000000000 --- a/changes/geoip-march2015 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip to the March 3 2015 Maxmind GeoLite2 Country database. - diff --git a/changes/geoip6-april2015 b/changes/geoip6-april2015 deleted file mode 100644 index 241c9119b6..0000000000 --- a/changes/geoip6-april2015 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features: - - Update geoip6 to the April 8 2015 Maxmind GeoLite2 Country database. diff --git a/changes/geoip6-june2015 b/changes/geoip6-june2015 deleted file mode 100644 index 527dbff53b..0000000000 --- a/changes/geoip6-june2015 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip6 to the June 3 2015 Maxmind GeoLite2 Country database. - diff --git a/changes/geoip6-march2015 b/changes/geoip6-march2015 deleted file mode 100644 index 9a38c65e62..0000000000 --- a/changes/geoip6-march2015 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip6 to the March 3 2015 Maxmind GeoLite2 Country database. - diff --git a/changes/malformed-hostname-safe-logging b/changes/malformed-hostname-safe-logging new file mode 100644 index 0000000000..e561425943 --- /dev/null +++ b/changes/malformed-hostname-safe-logging @@ -0,0 +1,3 @@ + o Minor bugfixes: + - When logging malformed hostnames in socks5 requests, respect + SafeLogging configuration. Fixes bug 16891; bugfix on 0.1.1.16-rc. diff --git a/changes/microdesc_cycle b/changes/microdesc_cycle new file mode 100644 index 0000000000..fddc2be609 --- /dev/null +++ b/changes/microdesc_cycle @@ -0,0 +1,4 @@ + o Code simplification and refactoring: + - Simplify the microdesc_free() implementation so that it no longer + appears (to code analysis tools) to potentially invoke a huge suite + of other microdesc functions. diff --git a/changes/move_formatting_functions b/changes/move_formatting_functions new file mode 100644 index 0000000000..4ad5806f23 --- /dev/null +++ b/changes/move_formatting_functions @@ -0,0 +1,3 @@ + o Code simplification and refactoring: + - Move some format-parsing functions out of crypto.c and + crypto_curve25519.c into crypto_format.c and/or util_format.c. diff --git a/changes/pullup_nulterm b/changes/pullup_nulterm new file mode 100644 index 0000000000..3f3bd5447a --- /dev/null +++ b/changes/pullup_nulterm @@ -0,0 +1,2 @@ + o Code simplifications and refactoring: + - Remove the unused "nulterminate" argument from buf_pullup(). diff --git a/changes/test-full b/changes/test-full new file mode 100644 index 0000000000..5ff51db803 --- /dev/null +++ b/changes/test-full @@ -0,0 +1,3 @@ + o Testing: + - Add new 'test-full' and 'test-full-online' targets to run all tests, + including integration tests with stem and chutney. diff --git a/changes/test-network-bridges-hs b/changes/test-network-bridges-hs new file mode 100644 index 0000000000..a8f3521f3a --- /dev/null +++ b/changes/test-network-bridges-hs @@ -0,0 +1,6 @@ + o Minor features (testing, bridges, hidden services): + - Make "bridges+hs" the default test network. This tests almost all + tor functionality during make test-network, while allowing tests + to succeed on non-IPv6 systems. + Requires chutney commit 396da92 in test-network-bridges-hs. + Closes tickets 16945 (tor), 16946 (chutney) . Patches by "teor". diff --git a/changes/test-workqueue-windows b/changes/test-workqueue-windows new file mode 100644 index 0000000000..8d7b7f664b --- /dev/null +++ b/changes/test-workqueue-windows @@ -0,0 +1,3 @@ + o Testing: + - Make the test-workqueue test work on windows by initializing the + network before we begin. diff --git a/changes/ticket13338 b/changes/ticket13338 new file mode 100644 index 0000000000..a1d242fcca --- /dev/null +++ b/changes/ticket13338 @@ -0,0 +1,6 @@ + o Removed code: + - The internal pure-C tor-fw-helper tool is now removed from the + Tor distribution, in favor of the pure-Go clone available from + https://github.com/Yawning/tor-fw-helper . The libraries used + by the C tor-fw-helper are not, in our opinion, very confidence- + inspiring in their secure-proggramming techniques. Closes ticket 13338. diff --git a/changes/ticket14487 b/changes/ticket14487 deleted file mode 100644 index 577337ff24..0000000000 --- a/changes/ticket14487 +++ /dev/null @@ -1,3 +0,0 @@ - o Directory authority IP change: - - The directory authority Faravahar has a new IP address. Closes - ticket 14487. diff --git a/changes/ticket15176 b/changes/ticket15176 deleted file mode 100644 index 6d12723728..0000000000 --- a/changes/ticket15176 +++ /dev/null @@ -1,3 +0,0 @@ - o Code simplification and refactoring: - - Refactor main loop to extract the 'loop' part. This makes it easier - to run Tor under Shadow. Closes ticket 15176. diff --git a/changes/ticket15212 b/changes/ticket15212 deleted file mode 100644 index 2c41e3865c..0000000000 --- a/changes/ticket15212 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (heartbeat): - - - On relays, report how many connections we negotiated using each - version of the Tor link protocols. This information will let us - know if removing support for very old versions of the Tor - protocols is harming the network. Closes ticket 15212. diff --git a/changes/ticket15254-hs-stats-default b/changes/ticket15254-hs-stats-default new file mode 100644 index 0000000000..14913ea604 --- /dev/null +++ b/changes/ticket15254-hs-stats-default @@ -0,0 +1,4 @@ + o Hidden Service Statistics + - Turn on hidden service statistics collection by setting the torrc + option HiddenServiceStatistics to "1" by default. Closes ticket + #15254. diff --git a/changes/ticket16831_part1 b/changes/ticket16831_part1 new file mode 100644 index 0000000000..3ced089144 --- /dev/null +++ b/changes/ticket16831_part1 @@ -0,0 +1,3 @@ + o Testing: + - Unit test dns_resolve(), dns_clip_ttl() and dns_get_expiry_ttl() + functions in dns.c. Implements a portion of ticket 16831. diff --git a/changes/ticket8243 b/changes/ticket8243 deleted file mode 100644 index 8946a21a59..0000000000 --- a/changes/ticket8243 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor feature: - - The HSDir flag given by authorities now requires the Stable flag. For - the current network, this results in going from 2887 to 2806 HSDirs. - Also, it makes it harder for an attacker to launch a sybil attack by - raising the effort for a relay to become Stable which takes at the - very least 7 days to do so and by keeping the 96 hours uptime - requirement for HSDir. Implements ticket #8243. diff --git a/changes/windows_only_files b/changes/windows_only_files new file mode 100644 index 0000000000..0ec64b9c43 --- /dev/null +++ b/changes/windows_only_files @@ -0,0 +1,4 @@ + o Code simplification and refactoring: + - Wrap windows-only C files inside '#ifdef _WIN32' so that tools that + try to scan or compile every file on Unix won't decide that they + are broken. diff --git a/changes/workqueue_reply_t b/changes/workqueue_reply_t new file mode 100644 index 0000000000..c2d3f4ad65 --- /dev/null +++ b/changes/workqueue_reply_t @@ -0,0 +1,6 @@ + o Minor bugfixes: + - Ensure that worker threads actually exit when a fatal error or + shutdown is indicated. This doesn't currently affect the behaviour + of Tor, because Tor never indicates fatal error or shutdown except + in its unit tests. Fixes bug 16868; bugfix on 0.2.6.3-alpha. + |