diff options
Diffstat (limited to 'changes')
103 files changed, 230 insertions, 261 deletions
diff --git a/changes/19044 b/changes/19044 new file mode 100644 index 0000000000..a7f938a248 --- /dev/null +++ b/changes/19044 @@ -0,0 +1,5 @@ + o Minor features (compilation): + - Our big list of extra GCC warnings is now enabled by default when + building with GCC (or with anything like Clang that claims to be + GCC-compatible). To make all warnings into fatal compilation errors, + pass --enable-fatal-warnings to configure. Closes ticket 19044. diff --git a/changes/19271 b/changes/19271 deleted file mode 100644 index dc06ead999..0000000000 --- a/changes/19271 +++ /dev/null @@ -1,2 +0,0 @@ - o Directory authority changes: - - Urras is no longer a directory authority. Closes ticket 19271. diff --git a/changes/asciidoc-UTC b/changes/asciidoc-UTC deleted file mode 100644 index 21fbfc1d67..0000000000 --- a/changes/asciidoc-UTC +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (build): - - When building manual pages, set the timezone to "UTC", so that the - output is reproducible. Fixes bug 19558; bugfix on 0.2.2.9-alpha. - Patch from intrigeri. diff --git a/changes/assert_nonfatal b/changes/assert_nonfatal new file mode 100644 index 0000000000..0cbee4419b --- /dev/null +++ b/changes/assert_nonfatal @@ -0,0 +1,5 @@ + o Minor features (safety, debugging): + + * Add a set of macros to check nonfatal assertions, for internal + use. Migrating more of our checks to these should help us avoid + needless crash bugs. Closes ticket 18613. diff --git a/changes/bug13239 b/changes/bug13239 new file mode 100644 index 0000000000..17030c923a --- /dev/null +++ b/changes/bug13239 @@ -0,0 +1,4 @@ + o Minor bugfixes (hidden service client): + - Increase the minimum number of internal circuits we preemptively build + from 2 to 3 so they are available when a client connects to another + onion service. Fixes bug 13239; bugfix on tor-0.1.0.1-rc~460. diff --git a/changes/bug14334 b/changes/bug14334 new file mode 100644 index 0000000000..c53781ecf2 --- /dev/null +++ b/changes/bug14334 @@ -0,0 +1,4 @@ + o Minor bugfixes (guards): + - Don't mark guards as unreachable if connection_connect() fails. That + function fails for local reasons, so it shouldn't reveal anything about + the status of the guard. Fixes bug #14334; bugfix on 0.2.3.10-alpha. diff --git a/changes/bug15942 b/changes/bug15942 new file mode 100644 index 0000000000..0edc2b7980 --- /dev/null +++ b/changes/bug15942 @@ -0,0 +1,3 @@ + o Bugfixes (downloading): + - Use random exponential backoffs when retrying downloads from the dir + servers. Fixes bug 15942; bugfix on ?????. diff --git a/changes/bug16943 b/changes/bug16943 new file mode 100644 index 0000000000..7b96d1aee3 --- /dev/null +++ b/changes/bug16943 @@ -0,0 +1,8 @@ + o Major features (dirauths, security, hidden services): + - Directory authorities can now perform the shared randomness protocol + specified by proposal 250. Using this protocol, directory authorities can + generate a global fresh random number every day. In the future, this + global randomness will be used by hidden services to select their + responsible HSDirs. This release only implements the directory authority + feature; the hidden service side will be implemented in the future as + part of proposal 224 . Resolves ticket #16943 and proposal 250. diff --git a/changes/bug17150 b/changes/bug17150 deleted file mode 100644 index 686cc34296..0000000000 --- a/changes/bug17150 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (directory warnings): - - When fetching extrainfo documents, compare their SHA256 digests - and Ed25519 signing key certificates - with the routerinfo that led us to fetch them, rather than - with the most recent routerinfo. Otherwise we generate many - spurious warnings about mismatches. Fixes bug 17150; bugfix - on 0.2.7.2-alpha. diff --git a/changes/bug17688 b/changes/bug17688 new file mode 100644 index 0000000000..aae60082c0 --- /dev/null +++ b/changes/bug17688 @@ -0,0 +1,3 @@ + o Minor bugfixes (guard selection): + - Use a single entry guard even if the NumEntryGuards consensus parameter + is not provided. Fixes bug #17688. diff --git a/changes/bug17744_redux b/changes/bug17744_redux deleted file mode 100644 index d61e17fec3..0000000000 --- a/changes/bug17744_redux +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (build): - - Remove a pair of redundant AM_CONDITIONAL declarations from - configure.ac. Fixes one final case of bug 17744; bugfix on - 0.2.8.2-alpha. - diff --git a/changes/bug17983 b/changes/bug17983 new file mode 100644 index 0000000000..db52a37615 --- /dev/null +++ b/changes/bug17983 @@ -0,0 +1,11 @@ + o Minor features (bug-finding): + - Tor now builds with -ftrapv by default on compilers that support it. + This option detects signed integer overflow, and turns it into a + hard-failure. We do not apply this option to code that needs to run + in constant time to avoid side-channels; instead, we use -fwrapv. + Closes ticket 17983. + - When --enable-expensive-hardening is selected, stop applying the clang/gcc + sanitizers to code that needs to run in constant-time to avoid side + channels: although we are aware of no introduced side-channels, we + are not able to prove that this is safe. Related to ticket 17983. + diff --git a/changes/bug18133 b/changes/bug18133 deleted file mode 100644 index 177d286495..0000000000 --- a/changes/bug18133 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (logging): - - When we can't generate a signing key because OfflineMasterKey is set, - do not imply that we should have been able to load it. - Fixes bug 18133; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug18240 b/changes/bug18240 new file mode 100644 index 0000000000..6be7ba18de --- /dev/null +++ b/changes/bug18240 @@ -0,0 +1,5 @@ + o Minor bugfixes (build): + - Make the test-stem and test-network targets depend only on the + tor binary to be tested. Previously, they depended on "make all". + Fixes bug 18240; bugfix on 0.2.8.2-alpha. + Based on a patch from "cypherpunks". diff --git a/changes/bug18286 b/changes/bug18286 deleted file mode 100644 index e398fb004b..0000000000 --- a/changes/bug18286 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (build): - - Tor now builds again with the recent OpenSSL 1.1 development branch - (tested against 1.1.0-pre4 and 1.1.0-pre5-dev). Closes ticket 18286. - - diff --git a/changes/bug18300 b/changes/bug18300 new file mode 100644 index 0000000000..791752ae0b --- /dev/null +++ b/changes/bug18300 @@ -0,0 +1,3 @@ + o Minor features (logging): + - Provide a more useful warning message when configured with an + invalid Nickname. Closes ticket 18300; patch from "icanhasaccount". diff --git a/changes/bug18312 b/changes/bug18312 deleted file mode 100644 index 7dcb3266bf..0000000000 --- a/changes/bug18312 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Stop recommending use of nicknames to identify relays in our - MapAddress documentation. Closes ticket 18312. - diff --git a/changes/bug18322 b/changes/bug18322 new file mode 100644 index 0000000000..8330798818 --- /dev/null +++ b/changes/bug18322 @@ -0,0 +1,4 @@ + o Minor features (debugging): + - When dumping unparseable router descriptors, optionally store them in + separate filenames by hash, up to a configurable limit. + Closes ticket 18322. diff --git a/changes/bug18456 b/changes/bug18456 new file mode 100644 index 0000000000..843c70a587 --- /dev/null +++ b/changes/bug18456 @@ -0,0 +1,6 @@ + o Major bugfixes (exit policies): + - Avoid disclosing exit outbound bind addresses, configured port bind + addresses, and local interface addresses in relay descriptors by + default under ExitPolicyRejectPrivate. Instead, only reject these + (otherwise unlisted) addresses if ExitPolicyRejectLocalInterfaces is set. + Fixes bug 18456; bugfix on 0.2.7.2-alpha. Patch by teor. diff --git a/changes/bug18460 b/changes/bug18460 deleted file mode 100644 index a8c1a19774..0000000000 --- a/changes/bug18460 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (statistics): - - We now include consensus downloads via IPv6 in our directory-request statistics. - Fixes bug 18460; bugfix on 0.2.3.14-alpha. - diff --git a/changes/bug18481 b/changes/bug18481 deleted file mode 100644 index 6fd882b36b..0000000000 --- a/changes/bug18481 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (client): - - Turn all TestingClientBootstrap* into non-testing torrc options. This - changes simply renames them by removing "Testing" in front of them and - they do not require TestingTorNetwork to be enabled anymore. Fixes - bug 18481; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug18604 b/changes/bug18604 new file mode 100644 index 0000000000..114c67e1c0 --- /dev/null +++ b/changes/bug18604 @@ -0,0 +1,4 @@ + o Minor bugfixes (ephemeral hidden service) + - When deleting an ephemeral hidden service, close its intro points even + if not in the open state. Resolves ticket #18604; bugfix on + tor-0.2.7.1-alpha. diff --git a/changes/bug18616 b/changes/bug18616 deleted file mode 100644 index ec59e846ed..0000000000 --- a/changes/bug18616 +++ /dev/null @@ -1,14 +0,0 @@ - o Major bugfixes (directory mirrors): - - Decide whether to advertise begindir support the same way we decide - whether to advertise our DirPort. These decisions being out of sync - led to surprising behavior like advertising begindir support when - our hibernation config options made us not advertise a DirPort. - Resolves bug 18616; bugfix on 0.2.8.1-alpha. Patch by teor. - - o Minor bugfixes: - - Consider more config options when relays decide whether to regenerate - their descriptor. Fixes more of bug 12538; bugfix on 0.2.8.1-alpha. - - Resolve some edge cases where we might launch an ORPort reachability - check even when DisableNetwork is set. Noticed while fixing bug - 18616; bugfix on 0.2.3.9-alpha. - diff --git a/changes/bug18668 b/changes/bug18668 deleted file mode 100644 index 4b186b5c05..0000000000 --- a/changes/bug18668 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (tests): - - Avoid "WSANOTINITIALISED" warnings in the unit tests. Fixes bug 18668; - bugfix on 0.2.8.1-alpha. diff --git a/changes/bug18673 b/changes/bug18673 deleted file mode 100644 index 5d6161718a..0000000000 --- a/changes/bug18673 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (memory leak): - - Fix a small memory leak that would occur when the - TestingEnableCellStatsEvent option was turned on. Fixes bug 18673; - bugfix on 0.2.5.2-alpha. diff --git a/changes/bug18686 b/changes/bug18686 deleted file mode 100644 index 23547d211d..0000000000 --- a/changes/bug18686 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (pluggable transports): - - Avoid reporting a spurious error when we decide that we don't - need to terminate a pluggable transport because it has already - exited. Fixes bug 18686; bugfix on 0.2.5.5-alpha. - diff --git a/changes/bug18704 b/changes/bug18704 new file mode 100644 index 0000000000..966cc2a5f3 --- /dev/null +++ b/changes/bug18704 @@ -0,0 +1,5 @@ + o Major bugfixes (hidden service client) + - With FetchHidServDescriptors set to 0, there is no descriptor fetch + (which is intended) but also no descriptor cache lookup was done + making any Tor client not working with this option unset. Resolves + ticket #18704. Patch by "twim"; Bugfix on tor-0.2.0.20-rc. diff --git a/changes/bug18710 b/changes/bug18710 deleted file mode 100644 index 269395563d..0000000000 --- a/changes/bug18710 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (DNS proxy): - - Stop a crash that could occur when a client running with DNSPort - received a query with multiple address types, where the first - address type was not supported. Found and fixed by Scott Dial. - Fixes bug 18710; bugfix on 0.2.5.4-alpha. - diff --git a/changes/bug18716 b/changes/bug18716 deleted file mode 100644 index b15a343f4c..0000000000 --- a/changes/bug18716 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (assert, portability): - - Fix an assertion failure in memarea.c on systems where "long" is - shorter than the size of a pointer. - Fixes bug 18716; bugfix on 0.2.1.1-alpha diff --git a/changes/bug18728 b/changes/bug18728 deleted file mode 100644 index e181c17e65..0000000000 --- a/changes/bug18728 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (build): - - Resolve warnings when building on systems that are concerned with - signed char. Fixes bug 18728; bugfix on 0.2.7.2-alpha and - 0.2.6.1-alpha. diff --git a/changes/bug18729 b/changes/bug18729 deleted file mode 100644 index 4ec9ca3254..0000000000 --- a/changes/bug18729 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (logging): - - Stop blasting twelve lines per second from periodic_event_dispatch() - at loglevel debug. Resolves ticket 18729; fix on 0.2.8.1-alpha. diff --git a/changes/bug18761 b/changes/bug18761 deleted file mode 100644 index 78500a88ea..0000000000 --- a/changes/bug18761 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor feature (logging): - - When rejecting a misformed INTRODUCE2 cell, only log at PROTOCOL_WARN - severity. Closes ticket 18761. diff --git a/changes/bug18809 b/changes/bug18809 deleted file mode 100644 index 1e151874b7..0000000000 --- a/changes/bug18809 +++ /dev/null @@ -1,16 +0,0 @@ - o Major bugfixes (bootstrap): - - Check if bootstrap consensus downloads are still needed - when the linked connection attaches. This prevents tor - making unnecessary begindir-style connections, which are - the only directory connections tor clients make since - the fix for 18483 was merged. - - Fix some edge cases where consensus download connections - may not have been closed, even though they were not needed. - Related to fix 18809. - - Make relays retry consensus downloads the correct number of - times, rather than the more aggressive client retry count. - Fixes part of ticket 18809. - - Stop downloading consensuses when we have a consensus, - even if we don't have all the certificates for it yet. - Fixes bug 18809; bugfix on 0.2.8.1-alpha. - Patches by arma and teor. diff --git a/changes/bug18812 b/changes/bug18812 deleted file mode 100644 index 793e1102f7..0000000000 --- a/changes/bug18812 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (bootstrap): - - When a fallback changes its fingerprint from the hard-coded - fingerprint, log a less severe, more explanatory log message. - Fixes bug 18812; bugfix on 0.2.8.1-alpha. Patch by teor. diff --git a/changes/bug18815 b/changes/bug18815 new file mode 100644 index 0000000000..cb504b2a8e --- /dev/null +++ b/changes/bug18815 @@ -0,0 +1,3 @@ + o Minor features (performance): + - When fetching a consensus for the first time, use optimistic data. + This saves a round-trip during startup. Closes ticket 18815. diff --git a/changes/bug18816 b/changes/bug18816 deleted file mode 100644 index 103f816962..0000000000 --- a/changes/bug18816 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfix (bootstrap): - - Consistently use the consensus download schedule for - authority certificates. - Fixes bug 18816; bugfix on 0.2.4.13-alpha. diff --git a/changes/bug18840 b/changes/bug18840 new file mode 100644 index 0000000000..b8de1aae88 --- /dev/null +++ b/changes/bug18840 @@ -0,0 +1,4 @@ + o Minor bugfixes: + - Authorities now sort the "package" lines in their votes, for ease + of debugging. (They are already sorted in the consensus documents.) + Fixes bug 18840; bugfix on 0.2.6.3-alpha. diff --git a/changes/bug18841.1 b/changes/bug18841.1 deleted file mode 100644 index 205ee5a425..0000000000 --- a/changes/bug18841.1 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (compilation): - - Correctly detect compiler flags on systems where _FORTIFY_SOURCE - is predefined. Previously, our use of -D_FORTIFY_SOURCE would - cause a compiler warning, thereby making other checks fail. - Fixes one case of bug 18841; bugfix on 0.2.3.17-beta. Patch from - "trudokal". - diff --git a/changes/bug18849 b/changes/bug18849 deleted file mode 100644 index b12a8da011..0000000000 --- a/changes/bug18849 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfix (logging): - - Reduce excessive logging when directories can't be found. - Fixes bug 18849; bugfix on 0.2.8.3-alpha and 0.2.8.1-alpha. - Patch by teor. diff --git a/changes/bug18889 b/changes/bug18889 new file mode 100644 index 0000000000..45b09921d6 --- /dev/null +++ b/changes/bug18889 @@ -0,0 +1,2 @@ + o Code simplification and refactoring: + - Remove redundant declarations of the MIN macro. Closes ticket 18889. diff --git a/changes/bug18895 b/changes/bug18895 new file mode 100644 index 0000000000..9ad857c546 --- /dev/null +++ b/changes/bug18895 @@ -0,0 +1,6 @@ + o Minor features (build): + - When building on a system without runtime support for some of the + runtime hardening options, try to log a useful warning at configuration + time, rather than an incomprehensible warning at link time. + If expensive hardening was requested, this warning becomes an error. + Closes ticket 18895. diff --git a/changes/bug18920 b/changes/bug18920 deleted file mode 100644 index 1babfd6656..0000000000 --- a/changes/bug18920 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (controller, microdescriptors): - - Make GETINFO dir/status-vote/current/consensus conform to the control - specification by returning "551 Could not open cached consensus..." - when not caching consensuses. - Fixes bug 18920; bugfix on 0.2.2.6-alpha. diff --git a/changes/bug18921 b/changes/bug18921 deleted file mode 100644 index cdd868a005..0000000000 --- a/changes/bug18921 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (IPv6 bridges): - - Fix directory address selection for IPv6 bridges. - Fixes bug 18921; bugfix on 0.2.8.1-alpha. - Patch by "teor". diff --git a/changes/bug18929 b/changes/bug18929 deleted file mode 100644 index c607e630a6..0000000000 --- a/changes/bug18929 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (IPv6): - - Make directory node selection more reliable, mainly for - IPv6-only clients and clients with few reachable addresses. - Fixes bug 18929; bugfix on 0.2.8.1-alpha. - Patch by "teor". diff --git a/changes/bug18934 b/changes/bug18934 new file mode 100644 index 0000000000..fba703e5a4 --- /dev/null +++ b/changes/bug18934 @@ -0,0 +1,3 @@ + o Minor features (testing): + - Let backtrace tests work correctly under AddressSanitizer. + Fixes part of bug 18934. diff --git a/changes/bug18934_2 b/changes/bug18934_2 new file mode 100644 index 0000000000..039feafb89 --- /dev/null +++ b/changes/bug18934_2 @@ -0,0 +1,4 @@ + o Minor bugfixes (testing): + - Disable ASAN's detection of segmentation faults while running + test_bt.sh, so that we can make sure that our own backtrace generation + code works. Fixes another aspect of bug 18934. Patch from "cypherpunks". diff --git a/changes/bug18943 b/changes/bug18943 deleted file mode 100644 index 6bcd868460..0000000000 --- a/changes/bug18943 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (crypto, portability): - - The SHA3 and SHAKE routines now produce the correct output on - Big Endian systems, unbreaking the unit tests. No code calls - either algorithm family yet, so this is primarily a build fix. - Fixes bug 18943; bugfix on 0.2.8.1-alpha. - diff --git a/changes/bug18956 b/changes/bug18956 new file mode 100644 index 0000000000..0cf10e9224 --- /dev/null +++ b/changes/bug18956 @@ -0,0 +1,5 @@ + o Minor bugfixes (memory leaks): + - Fix a small, uncommon memory leak that could occur when reading a + truncated ed25519 key file. Fixes bug 18956; bugfix on 0.2.6.1-alpha. + + diff --git a/changes/bug18963 b/changes/bug18963 new file mode 100644 index 0000000000..f122288b1d --- /dev/null +++ b/changes/bug18963 @@ -0,0 +1,5 @@ + o Minor bugfix (bootstrap): + - Remember the directory we fetched the consensus or previous + certificates from, and use it to fetch future authority + certificates. + Resolves ticket 18963; fix on #4483 in 0.2.8.1-alpha. diff --git a/changes/bug18977 b/changes/bug18977 deleted file mode 100644 index 3f46b09fba..0000000000 --- a/changes/bug18977 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (time handling): - - When correcting a corrupt 'struct tm' value, fill in the tm_wday - field. Otherwise, our unit tests crash on Windows. - Fixes bug 18977; bugfix on 0.2.2.25-alpha. diff --git a/changes/bug19003 b/changes/bug19003 deleted file mode 100644 index ca94938ef9..0000000000 --- a/changes/bug19003 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (small networks): - - Allow directories in small networks to bootstrap by - skipping DirPort checks when the consensus has no exits. - Fixes bug 19003; bugfix on 0.2.8.1-alpha. - Patch by teor. diff --git a/changes/bug19008 b/changes/bug19008 deleted file mode 100644 index c51c98faa6..0000000000 --- a/changes/bug19008 +++ /dev/null @@ -1,3 +0,0 @@ - o Major bugfixes (testing): - - Fix a bug that would block 'make test-network-all' on systems - where IPv6 packets were lost. Fixes bug 19008; bugfix on tor-0.2.7.3-rc. diff --git a/changes/bug19032 b/changes/bug19032 deleted file mode 100644 index 93f17c2f91..0000000000 --- a/changes/bug19032 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (security, directory authorities): - - Fix a crash and out-of-bounds write during authority voting, when the - list of relays includes duplicate ed25519 identity keys. Fixes bug 19032; - bugfix on 0.2.8.2-alpha. diff --git a/changes/bug19063 b/changes/bug19063 new file mode 100644 index 0000000000..10020098bc --- /dev/null +++ b/changes/bug19063 @@ -0,0 +1,4 @@ + o Minor features (code safety): + - In our integer-parsing functions, check that the maxiumum + value given is no smaller than the minimum value. Closes ticket + 19063; patch from U+039b. diff --git a/changes/bug19066 b/changes/bug19066 new file mode 100644 index 0000000000..c3d1fc789a --- /dev/null +++ b/changes/bug19066 @@ -0,0 +1,5 @@ + o Minor bugfixes (directory authority): + - When parsing detached signature, make sure we use the length of the + digest algorithm instead of an hardcoded DIGEST256_LEN in order to + avoid comparing bytes out of bound with a smaller digest length such + as SHA1. Fixes #19066; bugfix on tor-0.2.2.6-alpha. diff --git a/changes/bug19079 b/changes/bug19079 new file mode 100644 index 0000000000..6cbc6cee3b --- /dev/null +++ b/changes/bug19079 @@ -0,0 +1,4 @@ + o Minor features (build): + - Detect and work around a libclang_rt problem that prevents clang from + finding __mulodi4() on some 32-bit platforms. This clang bug would keep + -ftrapv from linking on those systems. Closes ticket 19079. diff --git a/changes/bug19139 b/changes/bug19139 new file mode 100644 index 0000000000..2e53d7d445 --- /dev/null +++ b/changes/bug19139 @@ -0,0 +1,3 @@ + o Minor features (build): + - Use the Autoconf macro AC_USE_SYSTEM_EXTENSIONS to automatically + turn on C and POSIX extensions. Closes ticket 19139. diff --git a/changes/bug19153 b/changes/bug19153 new file mode 100644 index 0000000000..ac235c5e3a --- /dev/null +++ b/changes/bug19153 @@ -0,0 +1,3 @@ + o Documentation: + - Fix spelling of "--enable-tor2web-mode" in the manpage. Closes + ticket #19153. Patch from "U+039b". diff --git a/changes/bug19161 b/changes/bug19161 deleted file mode 100644 index 78c2165308..0000000000 --- a/changes/bug19161 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - When libscrypt.h is found, but no libscrypt library can be linked, - treat libscrypt as absent. Fixes bug 19161; bugfix on 0.2.6.1-alpha. diff --git a/changes/bug19191 b/changes/bug19191 deleted file mode 100644 index 8670aaa7fd..0000000000 --- a/changes/bug19191 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (downloading): - - Predict more correctly whether we'll be downloading over HTTP when we - determine the maximum length of a URL. This should avoid a "BUG" - warning about the Squid HTTP proxy and its URL limits. Fixes bug 19191; - bugfix on ?????. diff --git a/changes/bug19203 b/changes/bug19203 deleted file mode 100644 index 96bc1e855a..0000000000 --- a/changes/bug19203 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (user interface): - - Correctly give a warning in the cases where a relay is specified by - nickname, and one such relay is found, but it is not officially Named. - Fixes bug 19203; bugfix on 0.2.3.1-alpha. diff --git a/changes/bug19213 b/changes/bug19213 deleted file mode 100644 index 6217814fb4..0000000000 --- a/changes/bug19213 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Cause the unit tests to compile correctly on mingw64 versions - that lack sscanf. Fixes bug 19213; bugfix on 0.2.7.1-alpha. diff --git a/changes/bug19216 b/changes/bug19216 new file mode 100644 index 0000000000..0bca7d1cab --- /dev/null +++ b/changes/bug19216 @@ -0,0 +1,4 @@ + o Minor bugfixes: + - When building with Clang, include our full array of GCC warnings. + (Previously, we included only a subset, because of the way we + detected them.) Fixes bug 19216; bugfix on 0.2.0.1-alpha. diff --git a/changes/bug19406 b/changes/bug19406 deleted file mode 100644 index e8b661b512..0000000000 --- a/changes/bug19406 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (build): - - Tor now again builds with the recent OpenSSL 1.1 development branch - (tested against 1.1.0-pre5 and 1.1.0-pre6-dev). - diff --git a/changes/bug19421 b/changes/bug19421 new file mode 100644 index 0000000000..c7aba2637d --- /dev/null +++ b/changes/bug19421 @@ -0,0 +1,4 @@ + o Minor bugfixes (testing): + - Fix the test-network-all target on out-of-tree builds by using the + correct path to the test driver script. Fixes bug #19421; bugfix on + 0.2.7.3-rc. diff --git a/changes/bug19428 b/changes/bug19428 new file mode 100644 index 0000000000..32d293eb8e --- /dev/null +++ b/changes/bug19428 @@ -0,0 +1,5 @@ + - Minor bugfixes (timing): + o When computing the difference between two times in milliseconds, + we now round to the nearest millisecond correctly. Previously, + we could sometimes round in the wrong direction. Fixes bug 19428; + bugfix on 0.2.2.2-alpha. diff --git a/changes/bug19449 b/changes/bug19449 new file mode 100644 index 0000000000..45926287d5 --- /dev/null +++ b/changes/bug19449 @@ -0,0 +1,4 @@ + o Removed features: + - There is no longer a compile-time option to disable support + for TransPort. (If you don't want TransPort; just don't use it.) + Patch from "U+039b". Closes ticket 19449. diff --git a/changes/bug19454 b/changes/bug19454 deleted file mode 100644 index 05650b5c61..0000000000 --- a/changes/bug19454 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (heartbeat): - - Fix regression that crashes Tor when disabling heartbeats. Fixes bug - 19454; bugfix on tor-0.2.8.1-alpha. Reported by "kubaku". diff --git a/changes/bug19464 b/changes/bug19464 deleted file mode 100644 index 22c9e73dc7..0000000000 --- a/changes/bug19464 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (user interface): - - Remove a warning message "Service [scrubbed] not found after - descriptor upload". This message appears when one uses HSPOST control - command to upload a service descriptor. Since there is only a descriptor - and no service, showing this message is pointless and confusing. - Fixes bug 19464; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug19483 b/changes/bug19483 new file mode 100644 index 0000000000..034ff3090d --- /dev/null +++ b/changes/bug19483 @@ -0,0 +1,3 @@ + o Minor fixes (time): + - Improve overflow checks in tv_udiff and tv_mdiff. + Fixes bug 19483, present in all tor versions. diff --git a/changes/bug19499 b/changes/bug19499 deleted file mode 100644 index 59bdb29dfa..0000000000 --- a/changes/bug19499 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (build): - - Tor now again builds with the recent OpenSSL 1.1 development branch - (tested against 1.1.0-pre6-dev). Closes ticket 19499. - diff --git a/changes/bug19503 b/changes/bug19503 new file mode 100644 index 0000000000..08fc801d56 --- /dev/null +++ b/changes/bug19503 @@ -0,0 +1,3 @@ + o Minor bugfixes (user interface): + - Fix a typo in the getting passphrase prompt for the ed25519 + identity key. Fixes bug 19503; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug19504 b/changes/bug19504 new file mode 100644 index 0000000000..1a7676a1e3 --- /dev/null +++ b/changes/bug19504 @@ -0,0 +1,3 @@ + o Minor bugfixes (documentation): + - Document the --passphrase-fd option in the tor manpage. + Fixes bug 19504. diff --git a/changes/bug19505 b/changes/bug19505 new file mode 100644 index 0000000000..47387b0da5 --- /dev/null +++ b/changes/bug19505 @@ -0,0 +1,5 @@ + o Minor bugfixes (documentation): + - Fix the description of the --passphrase-fd option in the tor-gencert + manpage. The option is used to pass the number of a file descriptor to + read the passphrase from, not to read the file descriptor from. Fixes + bug 19505; bugfix on 0.2.0.20-alpha. diff --git a/changes/bug19530 b/changes/bug19530 new file mode 100644 index 0000000000..355d778886 --- /dev/null +++ b/changes/bug19530 @@ -0,0 +1,6 @@ + o Minor bugfixes (directory downloads): + - Hex-encode a relay identity fingerprint before printing it. + - When downloading authority certificates, re-download from + the last successful bridge before retrying a random bridge. + Fixes bug 19530; bugfix on #18963, not in any released version + of tor. diff --git a/changes/bug19554 b/changes/bug19554 new file mode 100644 index 0000000000..5855586908 --- /dev/null +++ b/changes/bug19554 @@ -0,0 +1,4 @@ + o Dependency changes (Libevent) + - Tor requires Libevent version 2.0.10-stable or later now. + Implements ticket 19554. + diff --git a/changes/bug19556 b/changes/bug19556 deleted file mode 100644 index 31856b3db9..0000000000 --- a/changes/bug19556 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (sandboxing): - - When sandboxing is enabled, we could not write any stats to - disk. check_or_create_data_subdir("stats"), which prepares the - private stats directory, calls check_private_dir(), which also - opens and not just stats() the directory. Therefore, we need to - also allow open() for the stats dir in our sandboxing setup. - Fixes bug 19556; bugfix on 0.2.5.1-alpha. diff --git a/changes/bug19557 b/changes/bug19557 deleted file mode 100644 index 55214b0c97..0000000000 --- a/changes/bug19557 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (sandboxing): - - Our sandboxing code would not allow us to write to stats/hidserv-stats, - causing tor to abort while trying to write stats. This was previously - masked by bug 19556. Fixes bug 19557; bugfix on 0.2.6.1-alpha. diff --git a/changes/bug19608 b/changes/bug19608 deleted file mode 100644 index 66c2de214e..0000000000 --- a/changes/bug19608 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (IPv6, microdescriptors): - - Don't check node addresses when we only have a routerstatus. - This allows IPv6-only clients to bootstrap by fetching - microdescriptors from fallback directory mirrors. - (The microdescriptor consensus has no IPv6 addresses in it.) - Fixes bug 19608; bugfix on c281c036 in 0.2.8.2-alpha. diff --git a/changes/doc17621 b/changes/doc17621 deleted file mode 100644 index ab37d29b50..0000000000 --- a/changes/doc17621 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation: - - Document the contents of the 'datadir/keys' subdirectory in the manual - page. Closes ticket 17621. diff --git a/changes/fallbacks-201604 b/changes/fallbacks-201604 deleted file mode 100644 index 7acefaaf08..0000000000 --- a/changes/fallbacks-201604 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (fallback directory mirrors): - - Give each fallback the same weight for client selection; - restrict fallbacks to one per operator; - report fallback directory detail changes when rebuilding list; - add new fallback directory mirrors to the whitelist; - update fallback directories based on the latest OnionOO data; - and any other minor simplifications and fixes. - Closes tasks 17158, 17905, 18749, bug 18689, and fixes part of - bug 18812 on 0.2.8.1-alpha; patch by "teor". diff --git a/changes/feature15588 b/changes/feature15588 new file mode 100644 index 0000000000..b5563079e1 --- /dev/null +++ b/changes/feature15588 @@ -0,0 +1,4 @@ + o Minor features (controller): + - Add support for configuring basic client authorization on hidden + services created with the ADD_ONION control command. + Implements ticket 15588. Patch by "special". diff --git a/changes/feature18483 b/changes/feature18483 deleted file mode 100644 index d0fa8df58d..0000000000 --- a/changes/feature18483 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (clients): - - Make clients, onion services, and bridge relays always - use an encrypted begindir connection for directory requests. - Resolves ticket 18483. Patch by "teor". diff --git a/changes/feature18624 b/changes/feature18624 new file mode 100644 index 0000000000..a3be90f745 --- /dev/null +++ b/changes/feature18624 @@ -0,0 +1,7 @@ + o Minor features: + - Directory authorities now only give the Guard flag to a relay if + they are also giving it the Stable flag. This change allows us to + simplify path selection for clients, and it should have minimal + effect in practice since >99% of Guards already have the Stable + flag. Implements ticket 18624. + diff --git a/changes/feature18685 b/changes/feature18685 new file mode 100644 index 0000000000..bc0d1be8e5 --- /dev/null +++ b/changes/feature18685 @@ -0,0 +1,3 @@ + o Minor features (controller): + - Fire a `STATUS_SERVER` event whenever the hibernation status changes + between "awake"/"soft"/"hard". Closes ticket 18685. diff --git a/changes/feature18760 b/changes/feature18760 new file mode 100644 index 0000000000..e6e8f6aad3 --- /dev/null +++ b/changes/feature18760 @@ -0,0 +1,6 @@ + o Minor features: + - When the directory authorities refuse a bad relay's descriptor, + encourage the relay operator to contact us. Many relay operators + won't notice this line in their logs, but it's a win if even a + few learn why we don't like what their relay was doing. Resolves + ticket 18760. diff --git a/changes/feature18998 b/changes/feature18998 new file mode 100644 index 0000000000..a2679c016c --- /dev/null +++ b/changes/feature18998 @@ -0,0 +1,5 @@ + o Minor features: + - Stop being so strict about the payload length of "rendezvous1" + cells. We used to be locked in to the "tap" handshake length, + and now we can handle better handshakes like "ntor". Resolves + ticket 18998. diff --git a/changes/feature19036 b/changes/feature19036 new file mode 100644 index 0000000000..98bcfca515 --- /dev/null +++ b/changes/feature19036 @@ -0,0 +1,4 @@ + o Minor features: + - Make directory authorities write the v3-status-votes file out + to disk earlier in the consensus process, so we have the votes + even if we abort the consensus process below. Resolves ticket 19036. diff --git a/changes/geoip-april2016 b/changes/geoip-april2016 deleted file mode 100644 index c55aa179b5..0000000000 --- a/changes/geoip-april2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the April 5 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-jun2016 b/changes/geoip-jun2016 deleted file mode 100644 index 6c9847ca58..0000000000 --- a/changes/geoip-jun2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the June 7 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-may2016 b/changes/geoip-may2016 deleted file mode 100644 index cf78ab10c7..0000000000 --- a/changes/geoip-may2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the May 4 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/lcov_excl b/changes/lcov_excl new file mode 100644 index 0000000000..474181cfa3 --- /dev/null +++ b/changes/lcov_excl @@ -0,0 +1,7 @@ + o Minor features (testing): + - Use the lcov convention for marking lines as unreachable, so that + we don't count them when we're generating test coverage data. + Update our coverage tools to understand this convention. + Closes ticket #16792. + + diff --git a/changes/memarea_overflow b/changes/memarea_overflow deleted file mode 100644 index 8fdc38cc09..0000000000 --- a/changes/memarea_overflow +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (pointer arithmetic): - - Fix a bug in memarea_alloc() that could have resulted in remote heap - write access, if Tor had ever passed an unchecked size to - memarea_alloc(). Fortunately, all the sizes we pass to memarea_alloc() - are pre-checked to be less than 128 kilobytes. Fixes bug 19150; bugfix - on 0.2.1.1-alpha. Bug found by Guido Vranken. - diff --git a/changes/rsa_init_bug b/changes/rsa_init_bug deleted file mode 100644 index 6b5fb4f2f9..0000000000 --- a/changes/rsa_init_bug +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (key management): - - If OpenSSL fails to generate an RSA key, do not retain a dangling pointer - to the previous (uninitialized) key value. The impact here should be - limited to a difficult-to-trigger crash, if OpenSSL is running an - engine that makes key generation failures possible, or if OpenSSL runs - out of memory. Fixes bug 19152; bugfix on 0.2.1.10-alpha. Found by - Yuan Jochen Kang, Suman Jana, and Baishakhi Ray. diff --git a/changes/task19035 b/changes/task19035 new file mode 100644 index 0000000000..15c376fb9a --- /dev/null +++ b/changes/task19035 @@ -0,0 +1,5 @@ + o Removed features: + - Remove support for "GET /tor/bytes.txt" DirPort request, and + "GETINFO dir-usage" controller request, which were only available + via a compile-time option in Tor anyway. Feature was added in + 0.2.2.1-alpha. Resolves ticket 19035. diff --git a/changes/test_zlib_bombs b/changes/test_zlib_bombs new file mode 100644 index 0000000000..26121ed8ce --- /dev/null +++ b/changes/test_zlib_bombs @@ -0,0 +1,3 @@ + o Testing: + - We now have unit tests for our code to reject zlib "compression bombs". + (Fortunately, the code works fine.) diff --git a/changes/ticket16698 b/changes/ticket16698 new file mode 100644 index 0000000000..5057050c16 --- /dev/null +++ b/changes/ticket16698 @@ -0,0 +1,3 @@ + o Code simplification and refactoring: + - Split the 600-line directory_handle_command_get function into + separate functions for different URL types. Closes ticket 16698. diff --git a/changes/ticket18462 b/changes/ticket18462 new file mode 100644 index 0000000000..04e7e60e0b --- /dev/null +++ b/changes/ticket18462 @@ -0,0 +1,3 @@ + o Code simplification and refactoring: + - Rename tor_dup_addr() to tor_addr_to_str_dup() to avoid confusion. + Closes ticket #18462; patch from "icanhasaccount". diff --git a/changes/ticket19071-19480 b/changes/ticket19071-19480 deleted file mode 100644 index ab5c72a2d1..0000000000 --- a/changes/ticket19071-19480 +++ /dev/null @@ -1,13 +0,0 @@ - o Minor bugfixes (fallback directory selection): - - Avoid errors during fallback selection if there are no eligible - fallbacks. Fixes bug 19480; bugfix on ba76910 and 78ec782 in - 0.2.8.3-alpha. Patch by teor. - o Minor features (fallback directory list): - - Update hard-coded fallback list to remove unsuitable fallbacks. - Resolves ticket 19071. Patch by teor. - - Add a comment to the generated list that explains how to comment-out - unsuitable fallbacks in a way that's compatible with the stem fallback - parser. - - Update fallback whitelist and blacklist based on relay operator - emails. Blacklist unsuitable fallbacks. Resolves ticket 19071. - Patch by teor. diff --git a/changes/ticket19323 b/changes/ticket19323 new file mode 100644 index 0000000000..38e5af4196 --- /dev/null +++ b/changes/ticket19323 @@ -0,0 +1,3 @@ + o Control port: + - Implement new GETINFO queries for all downloads using download_status_t + to schedule retries. Closes ticket #19323. diff --git a/changes/timeouts b/changes/timeouts new file mode 100644 index 0000000000..dc8f724974 --- /dev/null +++ b/changes/timeouts @@ -0,0 +1,7 @@ + o Minor features (infrastructure): + - Tor now includes an improved timer backend, so that we can efficiently + support tens or hundreds of thousands of concurrent timers, as will be + needed for some of our planned anti-traffic-analysis work. This code + is based on William Ahern's "timeout.c" project, which implements + a "tickless hierarchical timing wheel". Closes ticket #18365. + diff --git a/changes/workqueue_tests b/changes/workqueue_tests new file mode 100644 index 0000000000..7c5d756f76 --- /dev/null +++ b/changes/workqueue_tests @@ -0,0 +1,4 @@ + o Testing: + - Run more workqueue tests as part of "make check". These had previously + been implemented, but you needed to know special command-line options + to enable them. diff --git a/changes/zlib_12 b/changes/zlib_12 new file mode 100644 index 0000000000..3344286861 --- /dev/null +++ b/changes/zlib_12 @@ -0,0 +1,4 @@ + o New system requirements: + - We now require zlib version 1.2 or later. (Back when we started, + zlib 1.1 and zlib 1.0 were still found in the wild. 1.2 was released in + 2003. We recommend the latest version.) |