diff options
Diffstat (limited to 'changes')
94 files changed, 248 insertions, 197 deletions
diff --git a/changes/asciidoc-UTC b/changes/asciidoc-UTC new file mode 100644 index 0000000000..21fbfc1d67 --- /dev/null +++ b/changes/asciidoc-UTC @@ -0,0 +1,4 @@ + o Minor bugfixes (build): + - When building manual pages, set the timezone to "UTC", so that the + output is reproducible. Fixes bug 19558; bugfix on 0.2.2.9-alpha. + Patch from intrigeri. diff --git a/changes/bug14821 b/changes/bug14821 deleted file mode 100644 index e9ccc2fd1b..0000000000 --- a/changes/bug14821 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (compilation): - - Repair hardened builds under the clang compiler. Previously, - our use of _FORTIFY_SOURCE would conflict with clang's address - sanitizer. Fixes bug 14821; bugfix on 0.2.5.4-alpha. diff --git a/changes/bug15221 b/changes/bug15221 deleted file mode 100644 index ed72309857..0000000000 --- a/changes/bug15221 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (sandbox): - - Allow the setrlimit syscall, and the prlimit and prlimit64 syscalls, - which some libc implementations - use under the hood. Fixes bug 15221. Bugfix on 0.2.5.1-alpha. diff --git a/changes/bug15609 b/changes/bug15609 deleted file mode 100644 index efaccdeaae..0000000000 --- a/changes/bug15609 +++ /dev/null @@ -1,2 +0,0 @@ - o Documentation: - - Fix capitalization of SOCKS in sample torrc. Closes ticket 15609. diff --git a/changes/bug16056 b/changes/bug16056 deleted file mode 100644 index e3311c0f93..0000000000 --- a/changes/bug16056 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (relay, IPv6): - - When displaying an IPv6 exit policy, include the mask bits correctly - even when the number is greater than 31. Fixes bug 16056; bugfix on - 0.2.4.7-alpha. Patch from "gturner".
\ No newline at end of file diff --git a/changes/bug16248 b/changes/bug16248 deleted file mode 100644 index 399b7093cd..0000000000 --- a/changes/bug16248 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (dns proxy mode, crash): - - Avoid crashing when running as a DNS proxy. Closes bug 16248; bugfix on - 0.2.0.1-alpha. Patch from 'cypherpunks'. - - o Minor features (bug-resistance): - - Make Tor survive errors involving connections without a corresponding - event object. Previously we'd fail with an assertion; now we produce a - log message. Related to bug 16248. diff --git a/changes/bug16702 b/changes/bug16702 deleted file mode 100644 index 5de36cd351..0000000000 --- a/changes/bug16702 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (hidden service) - - The wrong list was used when looking up expired intro points in a rend - service object causing what we think could be reachability issues and - triggering a BUG log. Fixes 16702; bugfix on tor-0.2.7.2-alpha. diff --git a/changes/bug17150 b/changes/bug17150 new file mode 100644 index 0000000000..686cc34296 --- /dev/null +++ b/changes/bug17150 @@ -0,0 +1,7 @@ + o Minor bugfixes (directory warnings): + - When fetching extrainfo documents, compare their SHA256 digests + and Ed25519 signing key certificates + with the routerinfo that led us to fetch them, rather than + with the most recent routerinfo. Otherwise we generate many + spurious warnings about mismatches. Fixes bug 17150; bugfix + on 0.2.7.2-alpha. diff --git a/changes/bug17151 b/changes/bug17151 deleted file mode 100644 index 0993b90eac..0000000000 --- a/changes/bug17151 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (portability): - - Use libexecinfo on FreeBSD, to enable backtrace support. Fixes part of - bug 17151; bugfix on 0.2.5.2-alpha. Patch from Marcin Cieślak. - - o Minor bugfixes (testing): - - Skip backtrace tests when backtrace support is not compiled in. Fixes - part of bug 17151; bugfix on 0.2.7.1-alpha. Patch from Marcin Cieślak. diff --git a/changes/bug17154 b/changes/bug17154 deleted file mode 100644 index 6ad7b74468..0000000000 --- a/changes/bug17154 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (testing): - - Fix breakage when running 'make check' with BSD make. Fixes bug - 17154; bugfix on 0.2.7.3-rc. Patch by Marcin Cieślak. diff --git a/changes/bug17173-socket-hack-rv b/changes/bug17173-socket-hack-rv deleted file mode 100644 index d5132114b4..0000000000 --- a/changes/bug17173-socket-hack-rv +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bug fixes (addresses, testing): - - Add unit tests for get_interface_address* failure cases. - Fixes bug 17173; bugfix on 0.2.7.3-rc. Patch by fk/teor. diff --git a/changes/bug17237_027 b/changes/bug17237_027 deleted file mode 100644 index e5978d0ec8..0000000000 --- a/changes/bug17237_027 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (compilation): - - Repair compilation with the most recent (unreleased, alpha) - vesions of OpenSSL 1.1. Fixes part of ticket 17237. diff --git a/changes/bug17251 b/changes/bug17251 deleted file mode 100644 index edd7739d2f..0000000000 --- a/changes/bug17251 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix an integer overflow warning in test_crypto_slow.c. - Fixes bug 17251; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug17347 b/changes/bug17347 deleted file mode 100644 index 487b1320e2..0000000000 --- a/changes/bug17347 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Fix compilation of sandbox.c with musl-libc. - Fixes bug 17347; bugfix on 0.2.5.1-alpha. - Patch from 'jamestk'. diff --git a/changes/bug17354 b/changes/bug17354 deleted file mode 100644 index 53da007fbb..0000000000 --- a/changes/bug17354 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (sandbox): - - Add the "hidserv-stats" filename to our sandbox filter for the - HiddenServiceStatistics option to work properly. Fixes bug 17354; - bugfix on tor-0.2.6.2-alpha~54^2~1. Patch from David Goulet. diff --git a/changes/bug17364 b/changes/bug17364 deleted file mode 100644 index dd9ff12784..0000000000 --- a/changes/bug17364 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation: - - Note that HiddenServicePorts can take a unix domain socket. - Closes ticket 17364. diff --git a/changes/bug17398 b/changes/bug17398 deleted file mode 100644 index 66e27a6966..0000000000 --- a/changes/bug17398 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (memory leaks): - - Fix a memory leak in ed25519 batch signature checking. - Fixes bug 17398; bugfix on 0.2.6.1-alpha. diff --git a/changes/bug17401 b/changes/bug17401 deleted file mode 100644 index a22f79c431..0000000000 --- a/changes/bug17401 +++ /dev/null @@ -1,3 +0,0 @@ - o Major bugfixes (correctness): - - Fix a use-after-free bug in validate_intro_point_failure(). - Fixes bug 17401; bugfix on 0.2.7.3-rc. diff --git a/changes/bug17402 b/changes/bug17402 deleted file mode 100644 index 4760e00b04..0000000000 --- a/changes/bug17402 +++ /dev/null @@ -1,3 +0,0 @@ - o Major bugfixes (memory leak): - - Fix a memory leak in rend_cache_failure_entry_free(). - Fixes bug 17402; bugfix on 0.2.7.3-rc. diff --git a/changes/bug17403 b/changes/bug17403 deleted file mode 100644 index e83a4a247b..0000000000 --- a/changes/bug17403 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (memory leaks): - - Fix a memory leak when reading an expired signing key from disk. - Fixes bug 17403; bugfix on 0.2.7.2-rc. diff --git a/changes/bug17404 b/changes/bug17404 deleted file mode 100644 index d524f6662d..0000000000 --- a/changes/bug17404 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (security, correctness): - - Fix a programming error that could cause us to read 4 bytes before - the beginning of an openssl string. This could be used to provoke - a crash on systems with an unusual malloc implementation, or - systems with unsual hardening installed. Fixes bug 17404; bugfix - on 0.2.3.6-alpha. diff --git a/changes/bug17551 b/changes/bug17551 deleted file mode 100644 index 27e467979e..0000000000 --- a/changes/bug17551 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - When checking for net/pfvar.h, include netinet/in.h if possible. - This fixes transparent proxy detection on OpenBSD. Fixes bug - 17551; bugfix on 0.1.2.1-alpha. Patch from "rubiate". diff --git a/changes/bug17583 b/changes/bug17583 deleted file mode 100644 index d77d46759a..0000000000 --- a/changes/bug17583 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Add a description of the correct use of the '--keygen' command-line - option. Closes ticket 17583; based on text by 's7r'. - diff --git a/changes/bug17668 b/changes/bug17668 deleted file mode 100644 index fa5c1c8081..0000000000 --- a/changes/bug17668 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (voting): - - When collating votes by Ed25519 identities, authorities now - include a "NoEdConsensus" flag if the ed25519 value (or lack thereof) - for a server does not reflect the majority consensus. Related to bug - 17668; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug17675 b/changes/bug17675 deleted file mode 100644 index 8326a0b9e8..0000000000 --- a/changes/bug17675 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (linux seccomp2 sandbox): - - Fix a crash when using offline master ed25519 keys with the - Linux seccomp2 sandbox enabled. Fixes bug 17675; bugfix on - 0.2.7.3-alpha. diff --git a/changes/bug17702 b/changes/bug17702 deleted file mode 100644 index 4fda36f736..0000000000 --- a/changes/bug17702 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - Actually enable Ed25519-based directory collation. - Previously, the code had been written, but some debugging code that had - accidentally been left in the codebase made it stay turned off. - Fixes bug 17702; bugfix on 0.2.7.2-alpha. - diff --git a/changes/bug17722 b/changes/bug17722 deleted file mode 100644 index 1b18d4af2b..0000000000 --- a/changes/bug17722 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (code correctness) - - Fix undefined behavior in the tor_cert_checksig function. Fixes bug - 17722; bugfix on tor-0.2.7.2-alpha. diff --git a/changes/bug17744_redux b/changes/bug17744_redux new file mode 100644 index 0000000000..d61e17fec3 --- /dev/null +++ b/changes/bug17744_redux @@ -0,0 +1,5 @@ + o Minor bugfixes (build): + - Remove a pair of redundant AM_CONDITIONAL declarations from + configure.ac. Fixes one final case of bug 17744; bugfix on + 0.2.8.2-alpha. + diff --git a/changes/bug17772 b/changes/bug17772 deleted file mode 100644 index 54d457c601..0000000000 --- a/changes/bug17772 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (guard selection): - - Actually look at the Guard flag when selecting a new directory - guard. When we implemented the directory guard design, we - accidentally started treating all relays as if they have the Guard - flag during guard selection, leading to weaker anonymity and worse - performance. Fixes bug 17222; bugfix on 0.2.4.8-alpha. Discovered - by Mohsen Imani. diff --git a/changes/bug17781 b/changes/bug17781 deleted file mode 100644 index 01ed231b0a..0000000000 --- a/changes/bug17781 +++ /dev/null @@ -1,3 +0,0 @@ - o Compilation fixes: - - Fix a compilation warning with Clang 3.6: Do not check the - presence of an address which can never be NULL. Fixes bug 17781. diff --git a/changes/bug17818 b/changes/bug17818 deleted file mode 100644 index 3d9afe329e..0000000000 --- a/changes/bug17818 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Isolate environment variables meant for tests from the rest of the - build system. Fixes bug 17818; bugfix on tor-0.2.7.3-rc. diff --git a/changes/bug17819 b/changes/bug17819 deleted file mode 100644 index 45c55f74b6..0000000000 --- a/changes/bug17819 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Don't try to use the pthrad_condattr_setclock() function unless - it actually exists. Fixes compilation on NetBSD-6.x. Fixes bug - 17819; bugfix on 0.2.6.3-alpha. diff --git a/changes/bug17827 b/changes/bug17827 deleted file mode 100644 index 04cd3b5977..0000000000 --- a/changes/bug17827 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix backtrace compilation on FreeBSD. Fixes bug 17827; bugfix on - tor-0.2.5.2-alpha. diff --git a/changes/bug17906 b/changes/bug17906 deleted file mode 100644 index 2937369f0a..0000000000 --- a/changes/bug17906 +++ /dev/null @@ -1,4 +0,0 @@ - o Major features (authorities): - - Update the V3 identity key for the dannenberg authority, which changed on - 18 November 2015. - Closes task 17906. Patch by "teor". diff --git a/changes/bug17923 b/changes/bug17923 deleted file mode 100644 index 94849fb06a..0000000000 --- a/changes/bug17923 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (portability): - - Add an #endif to configure.ac so that we correctly detect - the presence of in6_addr.s6_addr32. Fixes bug 17923; bugfix on - 0.2.0.13-alpha. diff --git a/changes/bug18050 b/changes/bug18050 deleted file mode 100644 index 27456bea80..0000000000 --- a/changes/bug18050 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (relays): - - Check that both the ORPort and DirPort (if present) are reachable - before publishing a relay descriptor. Otherwise, relays publish a - descriptor with DirPort 0 when the DirPort reachability test takes - longer than the ORPort reachability test. - Fixes bug 18050; - bugfix on 0.1.0.1-rc. Reported by "starlight", patch by "teor". diff --git a/changes/bug18089 b/changes/bug18089 deleted file mode 100644 index 8ff75b8b8e..0000000000 --- a/changes/bug18089 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (security): - - Make memwipe() do nothing when passed a NULL pointer - or zero size. Check size argument to memwipe() for underflow. - Fixes bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", patch by "teor". diff --git a/changes/bug18133 b/changes/bug18133 new file mode 100644 index 0000000000..177d286495 --- /dev/null +++ b/changes/bug18133 @@ -0,0 +1,4 @@ + o Minor bugfixes (logging): + - When we can't generate a signing key because OfflineMasterKey is set, + do not imply that we should have been able to load it. + Fixes bug 18133; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug18162 b/changes/bug18162 deleted file mode 100644 index 88d19a87cc..0000000000 --- a/changes/bug18162 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (security, pointers): - - - Avoid a difficult-to-trigger heap corruption attack when extending - a smartlist to contain over 16GB of pointers. Fixes bug 18162; - bugfix on Tor 0.1.1.11-alpha, which fixed a related bug - incompletely. Reported by Guido Vranken. - diff --git a/changes/bug18286 b/changes/bug18286 new file mode 100644 index 0000000000..e398fb004b --- /dev/null +++ b/changes/bug18286 @@ -0,0 +1,5 @@ + o Minor features (build): + - Tor now builds again with the recent OpenSSL 1.1 development branch + (tested against 1.1.0-pre4 and 1.1.0-pre5-dev). Closes ticket 18286. + + diff --git a/changes/bug18312 b/changes/bug18312 new file mode 100644 index 0000000000..7dcb3266bf --- /dev/null +++ b/changes/bug18312 @@ -0,0 +1,4 @@ + o Documentation: + - Stop recommending use of nicknames to identify relays in our + MapAddress documentation. Closes ticket 18312. + diff --git a/changes/bug18318_ed b/changes/bug18318_ed deleted file mode 100644 index af39234d53..0000000000 --- a/changes/bug18318_ed +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes: - - When generating a vote with keypinning disabled, never include two - entries for the same ed25519 identity. This bug was causing - authorities to generate votes that they could not parse when a router - violated key pinning by changing its RSA identity but keeping its - Ed25519 identity. Fixes bug 17668; fixes part of bug 18318. Bugfix on - 0.2.7.2-alpha. diff --git a/changes/bug18368 b/changes/bug18368 deleted file mode 100644 index 17218d432f..0000000000 --- a/changes/bug18368 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - When logging information about an unparseable networkstatus vote or - consensus, do not say "vote" when we mean consensus. Fixes bug - 18368; bugfix on 0.2.0.8-alpha. - diff --git a/changes/bug18397 b/changes/bug18397 new file mode 100644 index 0000000000..53993da4e6 --- /dev/null +++ b/changes/bug18397 @@ -0,0 +1,7 @@ + o Minor bugfixes (Linux seccomp2 sandbox): + - Add a few missing syscalls to the seccomp2 sandbox: sysinfo, + getsockopt(SO_SNDBUF), and setsockopt(SO_SNDBUFFORCE). On + some systems, these are required for Tor to start with + "Sandbox 1" enabled. + Fixes bug 18397; bugfix on 0.2.5.1-alpha. Patch from + Daniel Pinto. diff --git a/changes/bug18460 b/changes/bug18460 new file mode 100644 index 0000000000..a8c1a19774 --- /dev/null +++ b/changes/bug18460 @@ -0,0 +1,4 @@ + o Minor bugfixes (statistics): + - We now include consensus downloads via IPv6 in our directory-request statistics. + Fixes bug 18460; bugfix on 0.2.3.14-alpha. + diff --git a/changes/bug18481 b/changes/bug18481 new file mode 100644 index 0000000000..6fd882b36b --- /dev/null +++ b/changes/bug18481 @@ -0,0 +1,5 @@ + o Minor bugfixes (client): + - Turn all TestingClientBootstrap* into non-testing torrc options. This + changes simply renames them by removing "Testing" in front of them and + they do not require TestingTorNetwork to be enabled anymore. Fixes + bug 18481; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug18570 b/changes/bug18570 deleted file mode 100644 index 04f72f4c9e..0000000000 --- a/changes/bug18570 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (correctness): - - Fix a bad memory handling bug that would occur if we had queued - a cell on a channel's incoming queue. Fortunately, we can't actually - queue a cell like that as our code is constructed today, but it's best - to avoid this kind of error, even if there isn't any code that triggers - it today. Fixes bug 18570; bugfix on 0.2.4.4-alpha. - diff --git a/changes/bug18616 b/changes/bug18616 new file mode 100644 index 0000000000..ec59e846ed --- /dev/null +++ b/changes/bug18616 @@ -0,0 +1,14 @@ + o Major bugfixes (directory mirrors): + - Decide whether to advertise begindir support the same way we decide + whether to advertise our DirPort. These decisions being out of sync + led to surprising behavior like advertising begindir support when + our hibernation config options made us not advertise a DirPort. + Resolves bug 18616; bugfix on 0.2.8.1-alpha. Patch by teor. + + o Minor bugfixes: + - Consider more config options when relays decide whether to regenerate + their descriptor. Fixes more of bug 12538; bugfix on 0.2.8.1-alpha. + - Resolve some edge cases where we might launch an ORPort reachability + check even when DisableNetwork is set. Noticed while fixing bug + 18616; bugfix on 0.2.3.9-alpha. + diff --git a/changes/bug18668 b/changes/bug18668 new file mode 100644 index 0000000000..4b186b5c05 --- /dev/null +++ b/changes/bug18668 @@ -0,0 +1,3 @@ + o Minor bugfixes (tests): + - Avoid "WSANOTINITIALISED" warnings in the unit tests. Fixes bug 18668; + bugfix on 0.2.8.1-alpha. diff --git a/changes/bug18673 b/changes/bug18673 new file mode 100644 index 0000000000..5d6161718a --- /dev/null +++ b/changes/bug18673 @@ -0,0 +1,4 @@ + o Minor bugfixes (memory leak): + - Fix a small memory leak that would occur when the + TestingEnableCellStatsEvent option was turned on. Fixes bug 18673; + bugfix on 0.2.5.2-alpha. diff --git a/changes/bug18686 b/changes/bug18686 new file mode 100644 index 0000000000..23547d211d --- /dev/null +++ b/changes/bug18686 @@ -0,0 +1,5 @@ + o Minor bugfixes (pluggable transports): + - Avoid reporting a spurious error when we decide that we don't + need to terminate a pluggable transport because it has already + exited. Fixes bug 18686; bugfix on 0.2.5.5-alpha. + diff --git a/changes/bug18710 b/changes/bug18710 new file mode 100644 index 0000000000..269395563d --- /dev/null +++ b/changes/bug18710 @@ -0,0 +1,6 @@ + o Major bugfixes (DNS proxy): + - Stop a crash that could occur when a client running with DNSPort + received a query with multiple address types, where the first + address type was not supported. Found and fixed by Scott Dial. + Fixes bug 18710; bugfix on 0.2.5.4-alpha. + diff --git a/changes/bug18716 b/changes/bug18716 new file mode 100644 index 0000000000..b15a343f4c --- /dev/null +++ b/changes/bug18716 @@ -0,0 +1,4 @@ + o Minor bugfixes (assert, portability): + - Fix an assertion failure in memarea.c on systems where "long" is + shorter than the size of a pointer. + Fixes bug 18716; bugfix on 0.2.1.1-alpha diff --git a/changes/bug18728 b/changes/bug18728 new file mode 100644 index 0000000000..e181c17e65 --- /dev/null +++ b/changes/bug18728 @@ -0,0 +1,4 @@ + o Minor bugfixes (build): + - Resolve warnings when building on systems that are concerned with + signed char. Fixes bug 18728; bugfix on 0.2.7.2-alpha and + 0.2.6.1-alpha. diff --git a/changes/bug18729 b/changes/bug18729 new file mode 100644 index 0000000000..4ec9ca3254 --- /dev/null +++ b/changes/bug18729 @@ -0,0 +1,3 @@ + o Minor features (logging): + - Stop blasting twelve lines per second from periodic_event_dispatch() + at loglevel debug. Resolves ticket 18729; fix on 0.2.8.1-alpha. diff --git a/changes/bug18761 b/changes/bug18761 new file mode 100644 index 0000000000..78500a88ea --- /dev/null +++ b/changes/bug18761 @@ -0,0 +1,3 @@ + o Minor feature (logging): + - When rejecting a misformed INTRODUCE2 cell, only log at PROTOCOL_WARN + severity. Closes ticket 18761. diff --git a/changes/bug18809 b/changes/bug18809 new file mode 100644 index 0000000000..1e151874b7 --- /dev/null +++ b/changes/bug18809 @@ -0,0 +1,16 @@ + o Major bugfixes (bootstrap): + - Check if bootstrap consensus downloads are still needed + when the linked connection attaches. This prevents tor + making unnecessary begindir-style connections, which are + the only directory connections tor clients make since + the fix for 18483 was merged. + - Fix some edge cases where consensus download connections + may not have been closed, even though they were not needed. + Related to fix 18809. + - Make relays retry consensus downloads the correct number of + times, rather than the more aggressive client retry count. + Fixes part of ticket 18809. + - Stop downloading consensuses when we have a consensus, + even if we don't have all the certificates for it yet. + Fixes bug 18809; bugfix on 0.2.8.1-alpha. + Patches by arma and teor. diff --git a/changes/bug18812 b/changes/bug18812 new file mode 100644 index 0000000000..793e1102f7 --- /dev/null +++ b/changes/bug18812 @@ -0,0 +1,4 @@ + o Minor bugfixes (bootstrap): + - When a fallback changes its fingerprint from the hard-coded + fingerprint, log a less severe, more explanatory log message. + Fixes bug 18812; bugfix on 0.2.8.1-alpha. Patch by teor. diff --git a/changes/bug18816 b/changes/bug18816 new file mode 100644 index 0000000000..103f816962 --- /dev/null +++ b/changes/bug18816 @@ -0,0 +1,4 @@ + o Minor bugfix (bootstrap): + - Consistently use the consensus download schedule for + authority certificates. + Fixes bug 18816; bugfix on 0.2.4.13-alpha. diff --git a/changes/bug18849 b/changes/bug18849 new file mode 100644 index 0000000000..b12a8da011 --- /dev/null +++ b/changes/bug18849 @@ -0,0 +1,4 @@ + o Minor bugfix (logging): + - Reduce excessive logging when directories can't be found. + Fixes bug 18849; bugfix on 0.2.8.3-alpha and 0.2.8.1-alpha. + Patch by teor. diff --git a/changes/bug18920 b/changes/bug18920 new file mode 100644 index 0000000000..1babfd6656 --- /dev/null +++ b/changes/bug18920 @@ -0,0 +1,5 @@ + o Minor bugfixes (controller, microdescriptors): + - Make GETINFO dir/status-vote/current/consensus conform to the control + specification by returning "551 Could not open cached consensus..." + when not caching consensuses. + Fixes bug 18920; bugfix on 0.2.2.6-alpha. diff --git a/changes/bug18921 b/changes/bug18921 new file mode 100644 index 0000000000..cdd868a005 --- /dev/null +++ b/changes/bug18921 @@ -0,0 +1,4 @@ + o Major bugfixes (IPv6 bridges): + - Fix directory address selection for IPv6 bridges. + Fixes bug 18921; bugfix on 0.2.8.1-alpha. + Patch by "teor". diff --git a/changes/bug18929 b/changes/bug18929 new file mode 100644 index 0000000000..c607e630a6 --- /dev/null +++ b/changes/bug18929 @@ -0,0 +1,5 @@ + o Minor bugfixes (IPv6): + - Make directory node selection more reliable, mainly for + IPv6-only clients and clients with few reachable addresses. + Fixes bug 18929; bugfix on 0.2.8.1-alpha. + Patch by "teor". diff --git a/changes/bug18943 b/changes/bug18943 new file mode 100644 index 0000000000..6bcd868460 --- /dev/null +++ b/changes/bug18943 @@ -0,0 +1,6 @@ + o Major bugfixes (crypto, portability): + - The SHA3 and SHAKE routines now produce the correct output on + Big Endian systems, unbreaking the unit tests. No code calls + either algorithm family yet, so this is primarily a build fix. + Fixes bug 18943; bugfix on 0.2.8.1-alpha. + diff --git a/changes/bug19003 b/changes/bug19003 new file mode 100644 index 0000000000..ca94938ef9 --- /dev/null +++ b/changes/bug19003 @@ -0,0 +1,5 @@ + o Minor bugfixes (small networks): + - Allow directories in small networks to bootstrap by + skipping DirPort checks when the consensus has no exits. + Fixes bug 19003; bugfix on 0.2.8.1-alpha. + Patch by teor. diff --git a/changes/bug19161 b/changes/bug19161 new file mode 100644 index 0000000000..78c2165308 --- /dev/null +++ b/changes/bug19161 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation): + - When libscrypt.h is found, but no libscrypt library can be linked, + treat libscrypt as absent. Fixes bug 19161; bugfix on 0.2.6.1-alpha. diff --git a/changes/bug19191 b/changes/bug19191 new file mode 100644 index 0000000000..8670aaa7fd --- /dev/null +++ b/changes/bug19191 @@ -0,0 +1,5 @@ + o Minor bugfixes (downloading): + - Predict more correctly whether we'll be downloading over HTTP when we + determine the maximum length of a URL. This should avoid a "BUG" + warning about the Squid HTTP proxy and its URL limits. Fixes bug 19191; + bugfix on ?????. diff --git a/changes/bug19203 b/changes/bug19203 new file mode 100644 index 0000000000..96bc1e855a --- /dev/null +++ b/changes/bug19203 @@ -0,0 +1,4 @@ + o Major bugfixes (user interface): + - Correctly give a warning in the cases where a relay is specified by + nickname, and one such relay is found, but it is not officially Named. + Fixes bug 19203; bugfix on 0.2.3.1-alpha. diff --git a/changes/bug19213 b/changes/bug19213 index f912ffb0c3..6217814fb4 100644 --- a/changes/bug19213 +++ b/changes/bug19213 @@ -1,3 +1,3 @@ o Minor bugfixes (compilation): - Cause the unit tests to compile correctly on mingw64 versions - that lack sscanf. Fixes bug 19213. Bugfix on 0.2.7.1-alpha. + that lack sscanf. Fixes bug 19213; bugfix on 0.2.7.1-alpha. diff --git a/changes/bug19406 b/changes/bug19406 new file mode 100644 index 0000000000..e8b661b512 --- /dev/null +++ b/changes/bug19406 @@ -0,0 +1,4 @@ + o Minor features (build): + - Tor now again builds with the recent OpenSSL 1.1 development branch + (tested against 1.1.0-pre5 and 1.1.0-pre6-dev). + diff --git a/changes/bug19454 b/changes/bug19454 new file mode 100644 index 0000000000..05650b5c61 --- /dev/null +++ b/changes/bug19454 @@ -0,0 +1,3 @@ + o Minor bugfixes (heartbeat): + - Fix regression that crashes Tor when disabling heartbeats. Fixes bug + 19454; bugfix on tor-0.2.8.1-alpha. Reported by "kubaku". diff --git a/changes/bug19464 b/changes/bug19464 new file mode 100644 index 0000000000..22c9e73dc7 --- /dev/null +++ b/changes/bug19464 @@ -0,0 +1,6 @@ + o Minor bugfixes (user interface): + - Remove a warning message "Service [scrubbed] not found after + descriptor upload". This message appears when one uses HSPOST control + command to upload a service descriptor. Since there is only a descriptor + and no service, showing this message is pointless and confusing. + Fixes bug 19464; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug19499 b/changes/bug19499 new file mode 100644 index 0000000000..59bdb29dfa --- /dev/null +++ b/changes/bug19499 @@ -0,0 +1,4 @@ + o Minor features (build): + - Tor now again builds with the recent OpenSSL 1.1 development branch + (tested against 1.1.0-pre6-dev). Closes ticket 19499. + diff --git a/changes/bug19556 b/changes/bug19556 new file mode 100644 index 0000000000..31856b3db9 --- /dev/null +++ b/changes/bug19556 @@ -0,0 +1,7 @@ + o Minor bugfixes (sandboxing): + - When sandboxing is enabled, we could not write any stats to + disk. check_or_create_data_subdir("stats"), which prepares the + private stats directory, calls check_private_dir(), which also + opens and not just stats() the directory. Therefore, we need to + also allow open() for the stats dir in our sandboxing setup. + Fixes bug 19556; bugfix on 0.2.5.1-alpha. diff --git a/changes/bug19557 b/changes/bug19557 new file mode 100644 index 0000000000..55214b0c97 --- /dev/null +++ b/changes/bug19557 @@ -0,0 +1,4 @@ + o Major bugfixes (sandboxing): + - Our sandboxing code would not allow us to write to stats/hidserv-stats, + causing tor to abort while trying to write stats. This was previously + masked by bug 19556. Fixes bug 19557; bugfix on 0.2.6.1-alpha. diff --git a/changes/bug19608 b/changes/bug19608 new file mode 100644 index 0000000000..66c2de214e --- /dev/null +++ b/changes/bug19608 @@ -0,0 +1,6 @@ + o Minor bugfixes (IPv6, microdescriptors): + - Don't check node addresses when we only have a routerstatus. + This allows IPv6-only clients to bootstrap by fetching + microdescriptors from fallback directory mirrors. + (The microdescriptor consensus has no IPv6 addresses in it.) + Fixes bug 19608; bugfix on c281c036 in 0.2.8.2-alpha. diff --git a/changes/bug19660 b/changes/bug19660 new file mode 100644 index 0000000000..72d32c8fe2 --- /dev/null +++ b/changes/bug19660 @@ -0,0 +1,8 @@ + o Minor bugfixes (sandboxing): + - If we did not find a non-private IPaddress by iterating over + interfaces, we would try to get one via + get_interface_address6_via_udp_socket_hack(). This opens a + datagram socket with IPPROTO_UDP. Previously all our datagram + sockets (via libevent) used IPPROTO_IP, so we did not have that + in the sandboxing whitelist. Add (SOCK_DGRAM, IPPROTO_UDP) + sockets to the sandboxing whitelist. Fixes bug 19660. diff --git a/changes/bug19682 b/changes/bug19682 new file mode 100644 index 0000000000..c799c417ac --- /dev/null +++ b/changes/bug19682 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation): + - Fix compilation warning in the unit tests on systems where + char is signed. Fixes bug 19682; bugfix on 0.2.8.1-alpha. diff --git a/changes/build18490 b/changes/build18490 deleted file mode 100644 index 466a133cb2..0000000000 --- a/changes/build18490 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (build): - - Do not link the unit tests against both the testing and non-testing - versions of the static libraries. Fixes bug 18490; bugfix on - 0.2.7.1-alpha. diff --git a/changes/doc17621 b/changes/doc17621 new file mode 100644 index 0000000000..ab37d29b50 --- /dev/null +++ b/changes/doc17621 @@ -0,0 +1,3 @@ + o Documentation: + - Document the contents of the 'datadir/keys' subdirectory in the manual + page. Closes ticket 17621. diff --git a/changes/fallbacks-201604 b/changes/fallbacks-201604 new file mode 100644 index 0000000000..7acefaaf08 --- /dev/null +++ b/changes/fallbacks-201604 @@ -0,0 +1,9 @@ + o Minor features (fallback directory mirrors): + - Give each fallback the same weight for client selection; + restrict fallbacks to one per operator; + report fallback directory detail changes when rebuilding list; + add new fallback directory mirrors to the whitelist; + update fallback directories based on the latest OnionOO data; + and any other minor simplifications and fixes. + Closes tasks 17158, 17905, 18749, bug 18689, and fixes part of + bug 18812 on 0.2.8.1-alpha; patch by "teor". diff --git a/changes/feature18483 b/changes/feature18483 new file mode 100644 index 0000000000..d0fa8df58d --- /dev/null +++ b/changes/feature18483 @@ -0,0 +1,4 @@ + o Minor features (clients): + - Make clients, onion services, and bridge relays always + use an encrypted begindir connection for directory requests. + Resolves ticket 18483. Patch by "teor". diff --git a/changes/geoip-april2016 b/changes/geoip-april2016 index 4cd03e556b..c55aa179b5 100644 --- a/changes/geoip-april2016 +++ b/changes/geoip-april2016 @@ -1,4 +1,4 @@ - o Minor features: + o Minor features (geoip): - Update geoip and geoip6 to the April 5 2016 Maxmind GeoLite2 Country database. diff --git a/changes/geoip-december2015 b/changes/geoip-december2015 deleted file mode 100644 index 597bcc92f8..0000000000 --- a/changes/geoip-december2015 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the December 1 2015 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-february2016 b/changes/geoip-february2016 deleted file mode 100644 index 49a8041fad..0000000000 --- a/changes/geoip-february2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the February 2 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-january2016 b/changes/geoip-january2016 deleted file mode 100644 index fe2d5c7dc7..0000000000 --- a/changes/geoip-january2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the January 5 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-jun2016 b/changes/geoip-jun2016 index 8d308f6f72..6c9847ca58 100644 --- a/changes/geoip-jun2016 +++ b/changes/geoip-jun2016 @@ -1,4 +1,4 @@ - o Minor features: + o Minor features (geoip): - Update geoip and geoip6 to the June 7 2016 Maxmind GeoLite2 Country database. diff --git a/changes/geoip-march2016 b/changes/geoip-march2016 deleted file mode 100644 index a66599f5a9..0000000000 --- a/changes/geoip-march2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the March 3 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-may2016 b/changes/geoip-may2016 index 3fd42dce24..cf78ab10c7 100644 --- a/changes/geoip-may2016 +++ b/changes/geoip-may2016 @@ -1,4 +1,4 @@ - o Minor features: + o Minor features (geoip): - Update geoip and geoip6 to the May 4 2016 Maxmind GeoLite2 Country database. diff --git a/changes/geoip-october2015 b/changes/geoip-october2015 deleted file mode 100644 index f20febec5a..0000000000 --- a/changes/geoip-october2015 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the October 9 2015 Maxmind GeoLite2 Country database. - diff --git a/changes/ifaddrs-tests-network-configs b/changes/ifaddrs-tests-network-configs deleted file mode 100644 index 6b5ed4d484..0000000000 --- a/changes/ifaddrs-tests-network-configs +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (testing): - - Make the get_ifaddrs_* unit tests more tolerant of different network - configurations. (Don't assume every test box has an IPv4 address, and - Don't assume every test box has a non-localhost address. - Fixes bug 17255; bugfix on 0.2.7.3-rc. Patch by "teor". diff --git a/changes/memarea_overflow b/changes/memarea_overflow new file mode 100644 index 0000000000..8fdc38cc09 --- /dev/null +++ b/changes/memarea_overflow @@ -0,0 +1,7 @@ + o Minor bugfixes (pointer arithmetic): + - Fix a bug in memarea_alloc() that could have resulted in remote heap + write access, if Tor had ever passed an unchecked size to + memarea_alloc(). Fortunately, all the sizes we pass to memarea_alloc() + are pre-checked to be less than 128 kilobytes. Fixes bug 19150; bugfix + on 0.2.1.1-alpha. Bug found by Guido Vranken. + diff --git a/changes/rsa_init_bug b/changes/rsa_init_bug new file mode 100644 index 0000000000..6b5fb4f2f9 --- /dev/null +++ b/changes/rsa_init_bug @@ -0,0 +1,7 @@ + o Major bugfixes (key management): + - If OpenSSL fails to generate an RSA key, do not retain a dangling pointer + to the previous (uninitialized) key value. The impact here should be + limited to a difficult-to-trigger crash, if OpenSSL is running an + engine that makes key generation failures possible, or if OpenSSL runs + out of memory. Fixes bug 19152; bugfix on 0.2.1.10-alpha. Found by + Yuan Jochen Kang, Suman Jana, and Baishakhi Ray. diff --git a/changes/ticket19071-19480 b/changes/ticket19071-19480 new file mode 100644 index 0000000000..ab5c72a2d1 --- /dev/null +++ b/changes/ticket19071-19480 @@ -0,0 +1,13 @@ + o Minor bugfixes (fallback directory selection): + - Avoid errors during fallback selection if there are no eligible + fallbacks. Fixes bug 19480; bugfix on ba76910 and 78ec782 in + 0.2.8.3-alpha. Patch by teor. + o Minor features (fallback directory list): + - Update hard-coded fallback list to remove unsuitable fallbacks. + Resolves ticket 19071. Patch by teor. + - Add a comment to the generated list that explains how to comment-out + unsuitable fallbacks in a way that's compatible with the stem fallback + parser. + - Update fallback whitelist and blacklist based on relay operator + emails. Blacklist unsuitable fallbacks. Resolves ticket 19071. + Patch by teor. |