diff options
Diffstat (limited to 'changes')
144 files changed, 312 insertions, 403 deletions
diff --git a/changes/bug15582 b/changes/bug15582 deleted file mode 100644 index 5ea6431cf8..0000000000 --- a/changes/bug15582 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Avoid compiler warnings in the unit tests for running tor_sscanf() - with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha. - diff --git a/changes/bug16082 b/changes/bug16082 deleted file mode 100644 index 0f2f04fb35..0000000000 --- a/changes/bug16082 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Correctly note that bandwidth accounting values are stored in the - state file, and the bw_accounting file is now obsolete. Closes - ticket 16082. diff --git a/changes/bug17857 b/changes/bug17857 deleted file mode 100644 index 6c88638231..0000000000 --- a/changes/bug17857 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (defensive programming): - - Create a pair of consensus parameters nf_pad_tor2web and - nf_pad_single_onion that allow us to disable netflow padding in the - consensus for non-anonymous connections, in case the overhead is high. - Closes #17857. - diff --git a/changes/bug18329-minimal b/changes/bug18329-minimal deleted file mode 100644 index 804c4e8dd1..0000000000 --- a/changes/bug18329-minimal +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (bridge): - - Bridges now include notice in their descriptors that they are bridges, - and notice of their distribution status, based on their publication - settings. Implements ticket 18329. For more fine-grained control of - how a bridge is distributed, upgrade to 0.3.2.x or later. - diff --git a/changes/bug18859 b/changes/bug18859 new file mode 100644 index 0000000000..1fe5bc2107 --- /dev/null +++ b/changes/bug18859 @@ -0,0 +1,7 @@ + o Major bugfixes (circuit prediction): + - Fix circuit prediction logic so that a client doesn't treat a stream as + being "handled" by a circuit if that circuit already has isolation + settings on it that might make it incompatible with the stream. This + change should make Tor clients more responsive by improving their + chances of having a pre-created circuit ready for use when a new client + request arrives. Fixes bug 18859; bugfix on 0.2.3.3-alpha. diff --git a/changes/bug19418 b/changes/bug19418 deleted file mode 100644 index fb5f6ad5df..0000000000 --- a/changes/bug19418 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (robustness, error handling): - - Improve our handling of the cases where OpenSSL encounters a - memory error while encoding keys and certificates. We haven't - observed these happening in the wild, but if they do happen, - we now detect and respond better. Fixes bug 19418; bugfix - on all versions of Tor. Reported by Guido Vranken. - diff --git a/changes/bug20247 b/changes/bug20247 deleted file mode 100644 index 731cf0046f..0000000000 --- a/changes/bug20247 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (linux seccomp2 sandbox): - - Avoid a sandbox failure when trying to re-bind to a socket and mark - it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha. - diff --git a/changes/bug20532 b/changes/bug20532 new file mode 100644 index 0000000000..7c190ea032 --- /dev/null +++ b/changes/bug20532 @@ -0,0 +1,4 @@ + o Minor bugfixes (bridges): + - Overwrite the bridge address earlier in the process of directly + retrieving its descriptor, to make sure we reach it on the configured + address. Fixes bug 20532; bugfix on 0.2.0.10-alpha. diff --git a/changes/bug20963 b/changes/bug20963 new file mode 100644 index 0000000000..a65c58399c --- /dev/null +++ b/changes/bug20963 @@ -0,0 +1,4 @@ + o Minor features (logging): + - Improve the message we log when re-enabling circuit build timeouts + after having received a consensus. Closes ticket 20963. + diff --git a/changes/bug21509 b/changes/bug21509 new file mode 100644 index 0000000000..593a01ef20 --- /dev/null +++ b/changes/bug21509 @@ -0,0 +1,3 @@ + o Minor bugfixes (hidden service v3, fuzzing): + - Fix the hidden service v3 descriptor decoding fuzzing to use the latest + decoding API correctly. Fixes bug 21509; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug22159 b/changes/bug22159 deleted file mode 100644 index c319c7e322..0000000000 --- a/changes/bug22159 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (hidden service): - - A service is allowed to open a maximum number of circuits for a specific - period of time. That value was lower than it should be (8 vs 12) in the - normal case of 3 introduction points. Fixes bug 22159.; bugfix on - tor-0.3.0.5-rc. - - Rate limit the log if we ever go above the maximum number of allowed - intro circuits. Fixes bug 22159.; bugfix on tor-0.3.1.1-alpha. diff --git a/changes/bug22212 b/changes/bug22212 deleted file mode 100644 index f92d6701d3..0000000000 --- a/changes/bug22212 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (netflow padding logging): - - Demote a warn that was caused by libevent delays to info if - the padding is less than 4.5 seconds late, or notice if it is more - (4.5 seconds is the amount of time that a netflow record might - be emitted after, if we chose the maximum timeout). Fixes bug #22212. diff --git a/changes/bug22286 b/changes/bug22286 deleted file mode 100644 index f72e8fe2c7..0000000000 --- a/changes/bug22286 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (tests): - - Add a couple more tests for compression backend initialization. - Closes ticket 22286. diff --git a/changes/bug22347 b/changes/bug22347 deleted file mode 100644 index f294ba0a2d..0000000000 --- a/changes/bug22347 +++ /dev/null @@ -1,2 +0,0 @@ - o Documentation: - - Add a manpage description for the key-pinning-journal file. diff --git a/changes/bug22349 b/changes/bug22349 deleted file mode 100644 index bb43404bfe..0000000000 --- a/changes/bug22349 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes (directory authority): - - When a directory authority rejects a descriptor or extrainfo with - a given digest, mark that digest as undownloadable, so that we - do not attempt to download it again over and over. We previously - tried to avoid downloading such descriptors by other means, but - we didn't notice if we accidentally downloaded one anyway. This - behavior became problematic in 0.2.7.2-alpha, when authorities - began pinning Ed25519 keys. Fixes ticket - 22349; bugfix on 0.2.1.19-alpha. diff --git a/changes/bug22356 b/changes/bug22356 deleted file mode 100644 index 0082b542be..0000000000 --- a/changes/bug22356 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (logging, relay): - - Downgrade "assigned_to_cpuworker failed" message to INFO-level - severity. In every case that can reach it, either a better warning - has already been logged, or no warning is warranted. Fixes bug 22356; - bugfix on 0.2.6.3-alpha. diff --git a/changes/bug22400_01 b/changes/bug22400_01 deleted file mode 100644 index 454c5f746f..0000000000 --- a/changes/bug22400_01 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (entry guards): - - When starting with an old consensus, do not add new entry guards - unless the consensus is "reasonably live" (under 1 day old). Fixes - one root cause of bug 22400; bugfix on 0.3.0.1-alpha. diff --git a/changes/bug22446 b/changes/bug22446 deleted file mode 100644 index eab65aac00..0000000000 --- a/changes/bug22446 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (code style, backport from 0.3.1.3-alpha): - - Add "Falls through" comments to our codebase, in order to silence - GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas - Stieger. Closes ticket 22446. diff --git a/changes/bug22502_part1 b/changes/bug22502_part1 deleted file mode 100644 index bd95b7c7c4..0000000000 --- a/changes/bug22502_part1 +++ /dev/null @@ -1,12 +0,0 @@ - o Major bugfixes (compression, zstd): - - Correctly detect a full buffer when decompessing a large - zstd-compressed input. Fixes bug 22628; bugfix on 0.3.1.1-alpha. - - o Minor bugfixes (compression): - - When compressing or decompressing a buffer, check for a failure to - create a compression object. Fixes bug 22626; bugfix on - 0.3.1.1-alpha. - - - When decompressing a buffer, check for extra data after the end of - the compressed data. Fixes bug 22629; bugfix on 0.3.1.1-alpha. - diff --git a/changes/bug22516 b/changes/bug22516 deleted file mode 100644 index f024a3c470..0000000000 --- a/changes/bug22516 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (linux seccomp2 sandbox): - - Permit the fchmod system call, to avoid crashing on startup when - starting with the seccomp2 sandbox and an unexpected set of permissions - on the data directory or its contents. Fixes bug 22516; bugfix on - 0.2.5.4-alpha. diff --git a/changes/bug22520 b/changes/bug22520 deleted file mode 100644 index cc14f7214c..0000000000 --- a/changes/bug22520 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (error reporting, windows): - - When formatting Windows error messages, use the English format - to avoid codepage issues. Fixes bug 22520; bugfix on - 0.1.2.8-alpha. Patch from "Vort". - diff --git a/changes/bug22636 b/changes/bug22636 deleted file mode 100644 index 770cac72e9..0000000000 --- a/changes/bug22636 +++ /dev/null @@ -1,8 +0,0 @@ - o Build features: - - Tor's repository now includes a Travis Continuous Integration (CI) - configuration file (.travis.yml). This is meant to help new developers and - contributors who fork Tor to a Github repository be better able to test - their changes, and understand what we expect to pass. To use this new build - feature, you must fork Tor to your Github account, then go into the - "Integrations" menu in the repository settings for your fork and enable - Travis, then push your changes. diff --git a/changes/bug22644 b/changes/bug22644 deleted file mode 100644 index 9b8742edaf..0000000000 --- a/changes/bug22644 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (controller): - - Do not crash when receiving a POSTDESCRIPTOR command with an - empty body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha. - - Do not crash when receiving a HSPOST command with an empty body. - Fixes part of bug 22644; bugfix on 0.2.7.1-alpha. diff --git a/changes/bug22669 b/changes/bug22669 deleted file mode 100644 index 804a39e781..0000000000 --- a/changes/bug22669 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compression): - - When serving directory votes compressed with zlib, - do not claim to have compressed them with zstd. Fixes bug 22669; - bugfix on 0.3.1.1-alpha. diff --git a/changes/bug22670 b/changes/bug22670 deleted file mode 100644 index 47403277d2..0000000000 --- a/changes/bug22670 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (logging, compression): - - When decompressing, do not warn if we fail to decompress using a - compression method that we merely guessed. Fixes part of - bug 22670; bugfix on 0.1.1.14-alpha. diff --git a/changes/bug22670_02 b/changes/bug22670_02 deleted file mode 100644 index 3e7a428faf..0000000000 --- a/changes/bug22670_02 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (logging, compression): - - When decompressing, treat mismatch between content-encoding and - actual compression type as a protocol warning. Fixes part of bug - 22670; bugfix on 0.1.1.9-alpha. diff --git a/changes/bug22670_03 b/changes/bug22670_03 deleted file mode 100644 index 8a7aa49bcd..0000000000 --- a/changes/bug22670_03 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (compression): - - When decompressing an object received over an anonymous directory - connection, if we have already successfully decompressed it using an - acceptable compression method, do not reject it for looking like an - unacceptable compression method. Fixes part of bug 22670; bugfix on - 0.3.1.1-alpha. diff --git a/changes/bug22672 b/changes/bug22672 deleted file mode 100644 index ec6681149d..0000000000 --- a/changes/bug22672 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (compression, defensive programming): - - Detect and break out of infinite loops in our compression code. - We don't think that any such loops exist now, but it's best to be - safe. Closes ticket 22672. - diff --git a/changes/bug22702 b/changes/bug22702 deleted file mode 100644 index a2044c70bf..0000000000 --- a/changes/bug22702 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (directory protocol): - - Ensure that we sent "304 Not modified" as HTTP status code when a - client is attempting to fetch a consensus or consensus diff that - matches the latest consensus we have available. Fixes bug 22702; - bugfix on 0.3.1.1-alpha. diff --git a/changes/bug22719 b/changes/bug22719 deleted file mode 100644 index bfcda0a4e1..0000000000 --- a/changes/bug22719 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (compression): - - When spooling compressed data to an output buffer, don't try to - spool more data when there is no more data to spool and we are - not trying to flush the input. Previously, we would sometimes - launch compression requests with nothing to do, which interferes - with our 22672 checks. Fixes bug 22719; bugfix on 0.2.0.16-alpha. - diff --git a/changes/bug22720 b/changes/bug22720 deleted file mode 100644 index 4893b577f0..0000000000 --- a/changes/bug22720 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes (process behavior): - - When exiting because of an error, always exit with a nonzero - exit status. Previously, we would fail to report an error in - our exit status in cases related to lockfile contention, - __OwningControllerProcess failure, and Ed25519 key - initialization. Fixes bug 22720; bugfix on versions - 0.2.1.6-alpha, 0.2.2.28-beta, and 0.2.7.2-alpha - respectively. Reported by "f55jwk4f"; patch from "huyvq". - diff --git a/changes/bug22737 b/changes/bug22737 deleted file mode 100644 index f0de8e6c41..0000000000 --- a/changes/bug22737 +++ /dev/null @@ -1,12 +0,0 @@ - o Minor bugfixes (defensive programming, undefined behavior): - - - Fix a memset() off the end of an array when packing cells. This - bug should be harmless in practice, since the corrupted bytes - are still in the same structure, and are always padding bytes, - ignored, or immediately overwritten, depending on compiler - behavior. Nevertheless, because the memset()'s purpose is to - make sure that any other cell-handling bugs can't expose bytes - to the network, we need to fix it. Fixes bug 22737; bugfix on - 0.2.4.11-alpha. Fixes CID 1401591. - - diff --git a/changes/bug22751 b/changes/bug22751 deleted file mode 100644 index 714525c8af..0000000000 --- a/changes/bug22751 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (compression): - - Fix crash in LZMA module, when the Sandbox is enabled, where - liblzma would allocate more than 16 MB of memory. We solve this - by bumping the mprotect() limit in the Sandbox module from 16 MB - to 20 MB. Fixes bug 22751; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug22752_simple b/changes/bug22752_simple deleted file mode 100644 index 7e60357052..0000000000 --- a/changes/bug22752_simple +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (windows, directory cache): - - On windows, do not try to delete cached consensus documents and - diffs, until they unmapped from memory. Allow the diff storage - directory to grow larger in order to handle files that might - need to stay around longer. Fixes bug 22752; bugfix on - 0.3.1.1-alpha. diff --git a/changes/bug22753 b/changes/bug22753 deleted file mode 100644 index 32a6dfa56c..0000000000 --- a/changes/bug22753 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (path selection, security): - - When choosing which guard to use for a circuit, avoid the - exit's family along with the exit itself. Previously, the new - guard selection logic avoided the exit, but did not consider - its family. Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked - as TROVE-2016-006 and CVE-2017-0377. - diff --git a/changes/bug22789 b/changes/bug22789 deleted file mode 100644 index a653592848..0000000000 --- a/changes/bug22789 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (openbsd, denial-of-service): - - Avoid an assertion failure bug affecting our implementation of - inet_pton(AF_INET6) on certain OpenBSD systems whose strtol() - handling of "0xfoo" differs from what we had expected. - Fixes bug 22789; bugfix on 0.2.3.8-alpha. Also tracked as - TROVE-2017-007. - diff --git a/changes/bug22797 b/changes/bug22797 deleted file mode 100644 index 619baaa409..0000000000 --- a/changes/bug22797 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (file limits): - - When setting the maximum number of connections allowed by the OS, - always allow some extra file descriptors for other files. - Fixes bug 22797; bugfix on 0.2.0.10-alpha. diff --git a/changes/bug22801 b/changes/bug22801 deleted file mode 100644 index 7edc79bc84..0000000000 --- a/changes/bug22801 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (compilation): - - When building with certain versions the mingw C header files, avoid - float-conversion warnings when calling the C functions isfinite(), - isnan(), and signbit(). Fixes bug 22801; bugfix on 0.2.8.1-alpha. - diff --git a/changes/bug22803 b/changes/bug22803 deleted file mode 100644 index 80b4b9f589..0000000000 --- a/changes/bug22803 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (unit tests): - - Fix a memory leak in the link-handshake/certs_ok_ed25519 test. - Fixes bug 22803; bugfix on 0.3.0.1-alpha. diff --git a/changes/bug22830 b/changes/bug22830 deleted file mode 100644 index 123b725aff..0000000000 --- a/changes/bug22830 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Fix a problem with Rust toolchains not being found when building - without --enable-cargo-online-mode, due to setting the $HOME - environment variable instead of $CARGO_HOME. Fixes bug 22830; - fix by Chelsea Komlo. Bugfix on 0.3.1.1-alpha. diff --git a/changes/bug22883-config b/changes/bug22883-config deleted file mode 100644 index d60594d9ae..0000000000 --- a/changes/bug22883-config +++ /dev/null @@ -1,7 +0,0 @@ - o Minor features (directory cache, consensus diff): - - Add a new MaxConsensusAgeForDiffs option to allow directory cache - operators with low-resource environments to adjust the number of - consensuses they'll store and generate diffs from. Most cache operators - should leave it unchanged. Helps to work around bug 22883. - - diff --git a/changes/bug22883-priority b/changes/bug22883-priority deleted file mode 100644 index 4b3531c30b..0000000000 --- a/changes/bug22883-priority +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (relay, performance): - - - Perform circuit handshake operations at a higher priority than we use - for consensus diff creation and compression. This should prevent - circuits from starving when a relay or bridge receive a new consensus, - especially on lower-powered machines. Fixes bug 22883; bugfix on - 0.3.1.1-alpha. - diff --git a/changes/bug22892 b/changes/bug22892 deleted file mode 100644 index 9a70cb0576..0000000000 --- a/changes/bug22892 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Compile correctly when both openssl 1.1.0 and libscrypt are detected. - Previously this would cause an error. Fixes bug 22892; bugfix on - 0.3.1.1-alpha. diff --git a/changes/bug22915 b/changes/bug22915 deleted file mode 100644 index 17a9c6018f..0000000000 --- a/changes/bug22915 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation warnings): - - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915; - bugfix on 0.2.8.1-alpha. diff --git a/changes/bug22916_027 b/changes/bug22916_027 deleted file mode 100644 index 5cf99c7d15..0000000000 --- a/changes/bug22916_027 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (Compilation): - - Fix warnings when building with libscrypt and openssl scrypt support - on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug22927 b/changes/bug22927 deleted file mode 100644 index 6e68e6ff08..0000000000 --- a/changes/bug22927 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (compatibility, zstd): - - Write zstd epilogues correctly when the epilogue requires reallocation - of the output buffer, even with zstd 1.3.0. (Previously, - we worked on 1.2.0 and failed with 1.3.0). Fixes bug 22927; bugfix on - 0.3.1.1-alpha. - diff --git a/changes/bug23030_029 b/changes/bug23030_029 deleted file mode 100644 index 89a1b507d7..0000000000 --- a/changes/bug23030_029 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (coverity builds): - - Avoid Coverity build warnings related to our BUG() macro. By - default, Coverity treats BUG() as the Linux kernel does: an - instant abort(). We need to override that so our BUG() macro - doesn't prevent Coverity from analyzing functions that use it. - Fixes bug 23030; bugfix on 0.2.9.1-alpha. - diff --git a/changes/bug23053 b/changes/bug23053 deleted file mode 100644 index 082e239409..0000000000 --- a/changes/bug23053 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (memory leak): - - Fix a small memory leak when validating a configuration that - uses two or more AF_UNIX sockets for the same port type. - Fixes bug 23053; bugfix on 0.2.6.3-alpha. This is CID - 1415725. diff --git a/changes/bug23071 b/changes/bug23071 deleted file mode 100644 index 4756dd6252..0000000000 --- a/changes/bug23071 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (tests): - - Port the hs_ntor handshake test to work correctly with recent - versions of the pysha3 module. Fixes bug 23071; bugfix on - 0.3.1.1-alpha. - diff --git a/changes/bug23077 b/changes/bug23077 deleted file mode 100644 index 5ed1c56742..0000000000 --- a/changes/bug23077 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (unit tests): - - Fix a channelpadding unit test failure on extremely slow systems - by using mocked time instead of actual time. Fixes bug 23077; bugfix on - 0.3.1.1-alpha. diff --git a/changes/bug23078 b/changes/bug23078 deleted file mode 100644 index 67624007cf..0000000000 --- a/changes/bug23078 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (logging, relay): - - Remove a log_warn() that has been forgotten when an introduction point - successfully established a hidden service prop224 circuit with a client. - - Three other log_warn() for an introduction point have been changed to - protocol warning because they can be failure from the network and are - not relevant to the operator. Fixes bug 23078; bugfix on - tor-0.3.0.1-alpha and tor-0.3.0.2-alpha. diff --git a/changes/bug23081 b/changes/bug23081 deleted file mode 100644 index 76c4e30971..0000000000 --- a/changes/bug23081 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes (Windows service): - - When running as a Windows service, set the ID of the main thread - correctly. Failure to do so made us fail to send log messages - to the controller in 0.2.1.16-rc, slowed down controller - event delivery in 0.2.7.3-rc and later, and crash with an assertion - failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha. - Patch and diagnosis from "Vort". - diff --git a/changes/bug23105-diagnostic b/changes/bug23105-diagnostic deleted file mode 100644 index 8ba4931e36..0000000000 --- a/changes/bug23105-diagnostic +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (diagnostic): - - Add a stack trace to the bug warnings that can be logged when - trying to send an outgoing relay cell with n_chan == 0. - Diagnostic attempt for bug 23105. diff --git a/changes/bug23139 b/changes/bug23139 deleted file mode 100644 index ed63ce85e2..0000000000 --- a/changes/bug23139 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (directory cache): - - Fix a memory leak in the code that recovers space in the consensus - directory cache. Fixes bug 23139; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug23155 b/changes/bug23155 deleted file mode 100644 index 4c24ab136c..0000000000 --- a/changes/bug23155 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (stability): - - Avoid crashing on double-free when unable to load or process - an included file. Fixes bug 23155; bugfix on 0.3.1.1-alpha. - Found with the clang static analyzer. diff --git a/changes/bug23233 b/changes/bug23233 deleted file mode 100644 index 689a99a2a8..0000000000 --- a/changes/bug23233 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (hidden service): - - Fix a BUG alert during HSv3 descriptor decoding that could trigger with a - specially crafted descriptor. Fixes bug #23233; bugfix on 0.3.0.1-alpha. - Bug found by "haxxpop". diff --git a/changes/bug23275 b/changes/bug23275 deleted file mode 100644 index d6c3c47743..0000000000 --- a/changes/bug23275 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (relay): - - When a relay is not running as a directory cache, it will no longer - generate compressed consensuses and consensus diff information. - Previously, this was a waste of disk and CPU. Fixes bug 23275; - bugfix on 0.3.1.1-alpha. diff --git a/changes/bug23291 b/changes/bug23291 deleted file mode 100644 index a5b0efda0a..0000000000 --- a/changes/bug23291 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (testing): - - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; bugfix on - 0.2.7.2-alpha. Found and patched by Ties Stuij. diff --git a/changes/bug23470 b/changes/bug23470 deleted file mode 100644 index 33367b3a30..0000000000 --- a/changes/bug23470 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfix (relay address resolution): - - Avoid unnecessary calls to directory_fetches_from_authorities() - on relays. This avoids spurious address resolutions and - descriptor rebuilds. This is a mitigation for 21789. The original - bug was introduced in commit 35bbf2e as part of prop210. - Fixes 23470 in 0.2.8.1-alpha. diff --git a/changes/bug23533 b/changes/bug23533 deleted file mode 100644 index b5bfdc0ce2..0000000000 --- a/changes/bug23533 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (relay): - - Inform the geoip and rephist modules about all requests, even - on relays that are only fetching microdescriptors. Fixes a bug related - to 21585; bugfix on 0.3.0.1-alpha. diff --git a/changes/bug23551 b/changes/bug23551 deleted file mode 100644 index 2f918bfa3a..0000000000 --- a/changes/bug23551 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compression): - - Handle a pathological case when decompressing Zstandard data when the - output buffer size is zero. Fixes bug 23551; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug23568 b/changes/bug23568 deleted file mode 100644 index cac4655687..0000000000 --- a/changes/bug23568 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Fix a compilation warning when building with zstd support - on 32-bit platforms. Fixes bug 23568; bugfix on 0.3.1.1-alpha. - Found and fixed by Andreas Stieger. diff --git a/changes/bug23603 b/changes/bug23603 new file mode 100644 index 0000000000..dfb2052c9a --- /dev/null +++ b/changes/bug23603 @@ -0,0 +1,7 @@ + o Minor bugfixes (hidden service v3): + - Fix a race between the circuit close and free where the service would + launch a new intro circuit after the close, and then fail to register it + before the free of the previously closed circuit. This was making the + service unable to find the established intro circuit and thus not upload + its descriptor. It can make a service unavailable for up to 24 hours. + Fixes bug 23603; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23608 b/changes/bug23608 deleted file mode 100644 index 16cf88aa3d..0000000000 --- a/changes/bug23608 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (unit tests): - - Fix additional channelpadding unit test failures by using mocked time - instead of actual time for all tests. Fixes bug 23608; - bugfix on 0.3.1.1-alpha. diff --git a/changes/bug23610 b/changes/bug23610 deleted file mode 100644 index f2dc8bd1a6..0000000000 --- a/changes/bug23610 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (hidden service, relay): - - Avoid a possible double close of a circuit by the intro point on error - of sending the INTRO_ESTABLISHED cell. Fixes ticket 23610; bugfix on - 0.3.0.1-alpha. diff --git a/changes/bug23623 b/changes/bug23623 new file mode 100644 index 0000000000..1e2e5c2ac0 --- /dev/null +++ b/changes/bug23623 @@ -0,0 +1,4 @@ + o Minor bugfixes (onion services): + - Cache some needed onion service client information instead of + continuously computing it over and over again. Fixes bug 23623; bugfix + on 0.3.2.1-alpha. diff --git a/changes/bug23653 b/changes/bug23653 new file mode 100644 index 0000000000..81760cbb82 --- /dev/null +++ b/changes/bug23653 @@ -0,0 +1,7 @@ + o Minor bugfixes (hidden service client): + - When getting multiple SOCKS request for the same .onion address, don't + trigger multiple descriptor fetches. + - When the descriptor fetch fails with an internal error, no more HSDir to + query or we aren't allowed to fetch (FetchHidServDescriptors 0), close + all pending SOCKS request for that .onion. Fixes bug 23653; bugfix on + 0.3.2.1-alpha. diff --git a/changes/bug23662 b/changes/bug23662 new file mode 100644 index 0000000000..1000bde3d6 --- /dev/null +++ b/changes/bug23662 @@ -0,0 +1,4 @@ + o Minor bugfixes (onion services): + - Silence a warning about failed v3 onion descriptor uploads since it can + happen naturally under certain edge-cases. Fixes part of bug 23662; + bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23670 b/changes/bug23670 new file mode 100644 index 0000000000..039bc39478 --- /dev/null +++ b/changes/bug23670 @@ -0,0 +1,3 @@ + o Minor features (entry guards): + - Improve logs issued when we are missing descriptors of primary guards. + Resolves ticket 23670. diff --git a/changes/bug23678 b/changes/bug23678 new file mode 100644 index 0000000000..8138ea71ea --- /dev/null +++ b/changes/bug23678 @@ -0,0 +1,7 @@ + o Minor bugfixes (warnings): + - When we get an HTTP request on a SOCKS port, tell the user about + the new HTTPTunnelPort option. Previously, we would give a + "Tor is not an HTTP Proxy" message, which stopped being true when + HTTPTunnelPort was introduced. Fixes bug 23678; bugfix on + 0.3.2.1-alpha. + diff --git a/changes/bug23681 b/changes/bug23681 new file mode 100644 index 0000000000..e317f36d50 --- /dev/null +++ b/changes/bug23681 @@ -0,0 +1,5 @@ + o Minor bugfixes (hidden service client): + - The introduction circuit was being timed out too quickly while waiting + for the rendezvous circuit to complete. Keep the intro circuit around + longer instead of timing out and reopening new ones constantly. Fixes + bug 23681; bugfix on 0.2.4.8-alpha. diff --git a/changes/bug23690 b/changes/bug23690 deleted file mode 100644 index 36ff32e499..0000000000 --- a/changes/bug23690 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (relay, crash, assertion failure): - - Fix a timing-based assertion failure that could occur when the - circuit out-of-memory handler freed a connection's output buffer. - Fixes bug 23690; bugfix on 0.2.6.1-alpha. - diff --git a/changes/bug23696 b/changes/bug23696 new file mode 100644 index 0000000000..c5d18583d4 --- /dev/null +++ b/changes/bug23696 @@ -0,0 +1,5 @@ + o Minor bugfix (KIST scheduler): + - Downgrade a warning to log info when the monotonic time diff is + negative. This can happen on platform not supporting monotonic time. The + scheduler recovers from this without any problem. Fixes bug 23696; + bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23739 b/changes/bug23739 new file mode 100644 index 0000000000..3207b5eaf3 --- /dev/null +++ b/changes/bug23739 @@ -0,0 +1,3 @@ + o Minor bugfixes (documentation): + - Document better how to read gcov and what our postprocessing scripts do. + Fixes bug 23739; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug23741 b/changes/bug23741 new file mode 100644 index 0000000000..92f06f5270 --- /dev/null +++ b/changes/bug23741 @@ -0,0 +1,4 @@ + o Minor bugfixes (testing): + - Prevent scripts/test/coverage from attempting to move gcov + output to the root directory. Fixes bug 23741; bugfix on + 0.2.5.1-alpha. diff --git a/changes/bug23748 b/changes/bug23748 new file mode 100644 index 0000000000..0bd3f3f8ff --- /dev/null +++ b/changes/bug23748 @@ -0,0 +1,5 @@ + o Minor bugfixes (hidden service): + - Always make sure the hidden service generate the public key file if it + is missing. Prior to this, if the public key was deleted from disk, it + wouldn't get recreated. Fixes bug 23748; bugfix on 0.3.2.2-alpha. + Patch from "cathugger". diff --git a/changes/bug23751 b/changes/bug23751 new file mode 100644 index 0000000000..2fd7021664 --- /dev/null +++ b/changes/bug23751 @@ -0,0 +1,6 @@ + o Minor bugfixes (scheduler, channel): + - Ignore channels that have been closed while flushing cells. This can + happen if the write on the connection fails leading to the channel being + closed while in the scheduler loop. This is not a complete fix, it is a + bandaid until we are able to refactor those interactions. Fixes bug + 23751; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23753 b/changes/bug23753 new file mode 100644 index 0000000000..8782a8e2d0 --- /dev/null +++ b/changes/bug23753 @@ -0,0 +1,4 @@ + o Minor features (logging, scheduler): + - Introduce a SCHED_BUG() function to log extra information about the + scheduler state if we ever catch a bug in the scheduler. Closes ticket + 23753. diff --git a/changes/bug23755 b/changes/bug23755 new file mode 100644 index 0000000000..98f0970344 --- /dev/null +++ b/changes/bug23755 @@ -0,0 +1,4 @@ + o Minor bugfixes (testing): + - Stop unconditionally mirroring the tor repository in GitLab CI. + This prevented developers from enabling GitLab CI on master. + Fixes bug 23755; bugfix on 0.3.2.2-alpha. diff --git a/changes/bug23757 b/changes/bug23757 new file mode 100644 index 0000000000..02507a0b4d --- /dev/null +++ b/changes/bug23757 @@ -0,0 +1,4 @@ + o Minor bugfixes (testing): + - Adjust the GitLab CI configuration to more closely match that of Travis + CI. Fixes bug 23757; bugfix on 0.3.2.2-alpha. + diff --git a/changes/bug23758 b/changes/bug23758 new file mode 100644 index 0000000000..565791e8f4 --- /dev/null +++ b/changes/bug23758 @@ -0,0 +1,4 @@ + o Minor bugfixes (testing): + - Skip a test that would fail if run as root (because it expects a + permissions error). This affects some continuous integration setups. + Fixes bug 23758; bugfix on 0.3.2.2-alpha. diff --git a/changes/bug23762 b/changes/bug23762 new file mode 100644 index 0000000000..741a88e21f --- /dev/null +++ b/changes/bug23762 @@ -0,0 +1,4 @@ + o Minor bugfixes (hidden service v3): + - Properly retry HSv3 descriptor fetches in the case where we were initially + missing required directory information. Fixes bug 23762; bugfix on + 0.3.2.1-alpha. diff --git a/changes/bug23774 b/changes/bug23774 new file mode 100644 index 0000000000..2ea5c0122a --- /dev/null +++ b/changes/bug23774 @@ -0,0 +1,4 @@ + o Minor bugfixes (memory leak): + - Fix a minor memory-leak-at-exit in the KIST scheduler. This + bug should have no user-visible impact. Fixes bug 23774; + bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23783 b/changes/bug23783 new file mode 100644 index 0000000000..98c583a12b --- /dev/null +++ b/changes/bug23783 @@ -0,0 +1,5 @@ + o Minor bugfixes (compilation, windows): + - When detecting OpenSSL on Windows from our configure script, make sure + to try linking with the ws2_32 library. Fixes bug 23783; bugfix on + 0.3.2.2-alpha. + diff --git a/changes/bug23790 b/changes/bug23790 new file mode 100644 index 0000000000..5ebe77f806 --- /dev/null +++ b/changes/bug23790 @@ -0,0 +1,6 @@ + o Minor bugfixes (hidden service v2): + - When reloading tor (HUP) configured with hidden service(s), some + information weren't copy to the new service object. One problem with + this was that tor would wait at least the RendPostPeriod time before + uploading the descriptor if the reload happened before the descriptor + needed to be published. Fixes bug 23790; bugfix on 0.2.1.9-alpha. diff --git a/changes/bug23816 b/changes/bug23816 new file mode 100644 index 0000000000..6139dec9e8 --- /dev/null +++ b/changes/bug23816 @@ -0,0 +1,6 @@ + o Minor bugfixes (directory client): + - On failure to download directory information, delay retry attempts + by a random amount based on the "decorrelated jitter" algorithm. + Our previous delay algorithm tended to produce extra-long delays too + easily. Fixes bug 23816; bugfix on 0.2.9.1-alpha. + diff --git a/changes/bug23820 b/changes/bug23820 new file mode 100644 index 0000000000..4e920d0498 --- /dev/null +++ b/changes/bug23820 @@ -0,0 +1,5 @@ + o Minor bugfixes (IPv6, v3 single onion services): + - Remove buggy code for IPv6-only v3 single onion services, and reject + attempts to configure them. This release supports IPv4, dual-stack, and + IPv6-only v3 hidden services; and IPv4 and dual-stack v3 single onion + services. Fixes bug 23820; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug23861 b/changes/bug23861 new file mode 100644 index 0000000000..c6f017640d --- /dev/null +++ b/changes/bug23861 @@ -0,0 +1,5 @@ + o Minor bugfixes (logging, relay): + - Suppress a log notice when relay descriptors arrive. We already have a + bootstrap progress for this so no need to log notice everytime tor + receives relay descriptors. Microdescriptors behave the same. Fixes bug + 23861; bugfix on 0.2.8.2-alpha. diff --git a/changes/bug23908 b/changes/bug23908 deleted file mode 100644 index f641b66bb9..0000000000 --- a/changes/bug23908 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (directory authority, backport from 0.3.2.1-alpha): - - Remove the length limit on HTTP status lines that authorities can send - in their replies. Fixes bug 23499; bugfix on 0.3.1.6-rc. diff --git a/changes/bug23952 b/changes/bug23952 new file mode 100644 index 0000000000..ab1462e522 --- /dev/null +++ b/changes/bug23952 @@ -0,0 +1,4 @@ + o Minor bugfixes (relay): + - Avoid a BUG warning when receiving a dubious CREATE cell while + an option transition is in progress. Fixes bug 23952; bugfix on + 0.3.2.1-alpha. diff --git a/changes/bug24002 b/changes/bug24002 new file mode 100644 index 0000000000..cdb6081110 --- /dev/null +++ b/changes/bug24002 @@ -0,0 +1,5 @@ + o Minor bugfixes (hidden service): + - Make sure that we have a usable ed25519 key when the intro point relay + does support ed25519 link authentication. We do check for an empty key + when the relay does not support it so this makes it nice and symmetric. + Fixes bug 24002; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24025 b/changes/bug24025 new file mode 100644 index 0000000000..1d7841af53 --- /dev/null +++ b/changes/bug24025 @@ -0,0 +1,5 @@ + o Minor bugfixes (logging, relay): + - Downgrade a warning to a protocol warning in the case the ed25519 key is + not consistent between the descriptor and micro descriptor of a relay. + This can happen for instance if the relay has been flagged + NoEdConsensus. Fixes bug 24025; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24050 b/changes/bug24050 new file mode 100644 index 0000000000..d184a77ac0 --- /dev/null +++ b/changes/bug24050 @@ -0,0 +1,5 @@ + o Minor bugfixes (client): + - By default, do not enable storage of client-side DNS values. + These values were unused by default previously, but they should + not have been cached at all. Fixes bug 24050; bugfix on + 0.2.6.3-alpha. diff --git a/changes/bug24082 b/changes/bug24082 new file mode 100644 index 0000000000..1523239351 --- /dev/null +++ b/changes/bug24082 @@ -0,0 +1,3 @@ + o Minor bugfixes (testing): + - Fix a spurious fuzzing-only use of an uninitialized value. + Found by Brian Carpenter. Fixes bug 24082; bugfix on 0.3.0.3-alpha. diff --git a/changes/bug24115 b/changes/bug24115 new file mode 100644 index 0000000000..767f13840b --- /dev/null +++ b/changes/bug24115 @@ -0,0 +1,4 @@ + o Minor bugfixes (manpage, hidden service): + - Mention that the HiddenServiceNumIntroductionPoints option is 0-10 for + v2 service and 0-20 for v3 service. Fixes bug 24115; bugfix on + 0.3.2.1-alpha. diff --git a/changes/bug24150 b/changes/bug24150 new file mode 100644 index 0000000000..cfda7c40da --- /dev/null +++ b/changes/bug24150 @@ -0,0 +1,4 @@ + o Minor bugfixes (v3 onion services): + - Fix a memory leak when decrypting a badly formatted v3 onion + service descriptor. Fixes bug 24150; bugfix on 0.3.2.1-alpha. + Found by OSS-Fuzz; this is OSS-Fuzz issue 3994. diff --git a/changes/bug24230 b/changes/bug24230 new file mode 100644 index 0000000000..b08c4cde24 --- /dev/null +++ b/changes/bug24230 @@ -0,0 +1,4 @@ + o Minor bugfixes (control port, hidden service): + - Control port was reporting the action "UPLOAD_FAILED" instead of + "FAILED" for the HS_DESC event when a service was not able to upload a + descriptor. Fixes bug 24230; bugfix on 0.2.7.1-alpha. diff --git a/changes/bug24247 b/changes/bug24247 new file mode 100644 index 0000000000..1f4ddcdde2 --- /dev/null +++ b/changes/bug24247 @@ -0,0 +1,6 @@ + o Minor bugfixes (fuzzing): + - Fix a bug in our fuzzing mock replacement for crypto_pk_checksig(), to + correctly handle cases where a caller gives it an RSA key of under 160 + bits. (This is not actually a bug in Tor itself, but wrather in our + fuzzing code.) Fixes bug 24247; bugfix on 0.3.0.3-alpha. + Found by OSS-Fuzz as issue 4177. diff --git a/changes/bug24279 b/changes/bug24279 new file mode 100644 index 0000000000..ab2932b341 --- /dev/null +++ b/changes/bug24279 @@ -0,0 +1,5 @@ + o Minor bugfixes (compilation, hardening): + - Fix a memory leak warning in one of the libevent-related + configuration tests that could occur when manually specifying + -fsanitize=address. Fixes bug 24279; bugfix on 0.3.0.2-alpha. + Found and patched by Alex Xu. diff --git a/changes/bug24345 b/changes/bug24345 new file mode 100644 index 0000000000..22eb412514 --- /dev/null +++ b/changes/bug24345 @@ -0,0 +1,3 @@ + o Minor bugfixes (tests): + - Fix a unit test in one of the bridge-distribution test cases. + Fixes bug 24345; bugfix on 0.3.2.3-alpha. diff --git a/changes/bug24367 b/changes/bug24367 new file mode 100644 index 0000000000..09ef3bb877 --- /dev/null +++ b/changes/bug24367 @@ -0,0 +1,13 @@ + o Minor bugfixes (bridge clients, bootstrap): + - Retry directory downloads when we get our first bridge descriptor + during bootstrap or while reconnecting to the network. Keep retrying + every time we get a bridge descriptor, until we have a reachable bridge. + Fixes bug 24367; bugfix on 0.2.0.3-alpha. + - Stop delaying bridge descriptor fetches when we have cached bridge + descriptors. Instead, only delay bridge descriptor fetches when we + have at least one reachable bridge. + Fixes bug 24367; bugfix on 0.2.0.3-alpha. + - Stop delaying directory fetches when we have cached bridge descriptors. + Instead, only delay bridge descriptor fetches when all our bridges are + definitely unreachable. + Fixes bug 24367; bugfix on 0.2.0.3-alpha. diff --git a/changes/bug24424 b/changes/bug24424 new file mode 100644 index 0000000000..63c2d39ba1 --- /dev/null +++ b/changes/bug24424 @@ -0,0 +1,3 @@ + o Minor features (portability): + - Tor now compiles correctly on arm64 with libseccomp-dev installed. + (It doesn't yet work with the sandbox enabled.) Closes ticket 24424. diff --git a/changes/bug24502 b/changes/bug24502 new file mode 100644 index 0000000000..3fa6fb58dd --- /dev/null +++ b/changes/bug24502 @@ -0,0 +1,4 @@ + o Minor bugfixes (scheduler): + - Properly set the scheduler state of an unopened channel in the KIST + scheduler main loop. This prevents a harmless but annoying log warning. + Fixes bug 24502; bugfix on 0.3.2.4-alpha. diff --git a/changes/bug24526 b/changes/bug24526 new file mode 100644 index 0000000000..4d69defa9b --- /dev/null +++ b/changes/bug24526 @@ -0,0 +1,4 @@ + o Documentation: + - Document that operators who run more than one relay or bridge are + expected to set MyFamily and ContactInfo correctly. Closes ticket + 24526. diff --git a/changes/bug24590 b/changes/bug24590 new file mode 100644 index 0000000000..77e039f8d2 --- /dev/null +++ b/changes/bug24590 @@ -0,0 +1,5 @@ + o Minor bugfixes (scheduler, KIST): + - Avoid a possible integer overflow when computing the available space on + the TCP buffer of a channel. This has no security implications but can + make KIST not behave properly by allowing more cells on a already + saturated connection. Fixes bug 24590; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24634 b/changes/bug24634 new file mode 100644 index 0000000000..ac82b94fbb --- /dev/null +++ b/changes/bug24634 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation): + - Resolve a few shadowed-variable warnings in the onion service code. + Fixes bug 24634; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24652 b/changes/bug24652 new file mode 100644 index 0000000000..6e35e259e9 --- /dev/null +++ b/changes/bug24652 @@ -0,0 +1,6 @@ + o Minor bugfixes (build, compatibility, rust, OSX): + + - When building with Rust on OSX, link against libresolv, to + work around the issue at + https://github.com/rust-lang/rust/issues/46797. Fixes bug + 24652; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug24665 b/changes/bug24665 new file mode 100644 index 0000000000..f950d9dd01 --- /dev/null +++ b/changes/bug24665 @@ -0,0 +1,6 @@ + o Major bugfixes (KIST, scheduler): + - The KIST scheduler did not correctly account for data already enqueued + in each connection's send socket buffer, particularly in cases when the + TCP/IP congestion window was reduced between scheduler calls. This + situation lead to excessive per-connection buffering in the kernel, and + a potential memory DoS. Fixes bug 24665; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24671 b/changes/bug24671 new file mode 100644 index 0000000000..34d09e704d --- /dev/null +++ b/changes/bug24671 @@ -0,0 +1,6 @@ + o Minor bugfixes (scheduler, KIST): + - Use a sane write limit for KISTLite when writing onto a connection + buffer instead of using INT_MAX and shoving as much as it can. Because + the OOM handler cleans up circuit queues, we are better off at keeping + them in that queue instead of the connection's buffer. Fixes bug 24671; + bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24700 b/changes/bug24700 new file mode 100644 index 0000000000..74dc581a0b --- /dev/null +++ b/changes/bug24700 @@ -0,0 +1,4 @@ + o Minor bugfixes (scheduler, KIST): + - Avoid adding the same channel twice in the KIST scheduler pending list + wasting CPU cycles at handling the same channel twice. Fixes bug 24700; + bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24894 b/changes/bug24894 new file mode 100644 index 0000000000..b08cdce1f0 --- /dev/null +++ b/changes/bug24894 @@ -0,0 +1,5 @@ + o Major bugfixes (v3 onion services): + - New-style (v3) onion services now obey the "max rendezvous circuit + attempts" logic. Previously they would make as many rendezvous + circuit attempts as they could fit in the MAX_REND_TIMEOUT second + window before giving up. Fixes bug 24894; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug24898-029 b/changes/bug24898-029 deleted file mode 100644 index b33f093841..0000000000 --- a/changes/bug24898-029 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (relay): - - Make the internal channel_is_client() function look at what sort - of connection handshake the other side used, rather than whether - the other side ever sent a create_fast cell to us. Backports part - of the fixes from bugs 22805 and 24898. - diff --git a/changes/bug24972 b/changes/bug24972 new file mode 100644 index 0000000000..5adf970abf --- /dev/null +++ b/changes/bug24972 @@ -0,0 +1,4 @@ + o Minor features (logging, diagnostic): + - When logging a failure to check a hidden service's certificate, + also log what the problem with the certificate was. Diagnostic + for ticket 24972. diff --git a/changes/bug24975 b/changes/bug24975 new file mode 100644 index 0000000000..32a5dfc929 --- /dev/null +++ b/changes/bug24975 @@ -0,0 +1,6 @@ + o Major bugfixes (scheduler, consensus): + - A logic in the code was preventing the scheduler subystem to properly + make a decision based on the latest consensus when it arrives. This lead + to the scheduler failing to notice any consensus parameters that might + have changed between consensuses. Fixes bug 24975; bugfix on + 0.3.2.1-alpha. diff --git a/changes/bug24976 b/changes/bug24976 new file mode 100644 index 0000000000..9c3be86eab --- /dev/null +++ b/changes/bug24976 @@ -0,0 +1,5 @@ + o Minor bugfixes (hidden service v3 client): + - Remove a BUG() statement which can be triggered in normal circumstances + where a client fetches a descriptor that has a lower revision counter + than the one in its cache. This can happen due to HSDir desync. Fixes + bug 24976; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug25005 b/changes/bug25005 new file mode 100644 index 0000000000..dedf283aa9 --- /dev/null +++ b/changes/bug25005 @@ -0,0 +1,4 @@ + o Minor bugfixes (unit tests): + - Fix a memory leak in the scheduler/loop_kist unit test. Fixes bug + 25005; bugfix on 0.3.2.7-rc. + diff --git a/changes/bug25105 b/changes/bug25105 new file mode 100644 index 0000000000..36d1a5f16f --- /dev/null +++ b/changes/bug25105 @@ -0,0 +1,5 @@ + o Minor bugfixes (v3 onion services): + - Look at the "HSRend" protocol version, not the "HSDir" protocol + version, when deciding whether a consensus entry can support + the v3 onion service protocol as a rendezvous point. + Fixes bug 25105; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug8185_025 b/changes/bug8185_025 deleted file mode 100644 index 1bfc12b1e4..0000000000 --- a/changes/bug8185_025 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (logging, relay shutdown, annoyance): - - When a circuit is marked for close, do not attempt to package any cells - for channels on that circuit. Previously, we would detect this - condition lower in the call stack, when we noticed that the circuit had - no attached channel, and log an annoying message. Fixes bug 8185; - bugfix on 0.2.5.4-alpha. diff --git a/changes/diagnose_22752 b/changes/diagnose_22752 deleted file mode 100644 index b5bda05ec0..0000000000 --- a/changes/diagnose_22752 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (bug mitigation, diagnostics, logging): - - Avoid an assertion failure, and log a better error message, - when unable to remove a file from the consensus cache on - Windows. Attempts to mitigate and diagnose bug 22752. diff --git a/changes/feature18329 b/changes/feature18329 new file mode 100644 index 0000000000..1dabf50244 --- /dev/null +++ b/changes/feature18329 @@ -0,0 +1,9 @@ + o Minor features (bridge): + - Bridge relays can now set the BridgeDistribution config option to + add a "bridge-distribution-request" line to their bridge descriptor, + which tells BridgeDB how they'd like their bridge address to be + given out. (Note that as of Oct 2017, BridgeDB does not yet implement + this feature.) As a side benefit, this feature provides a way + to distinguish bridge descriptors from non-bridge descriptors. + Implements tickets 18329. + diff --git a/changes/geoip-august2017 b/changes/geoip-august2017 deleted file mode 100644 index 2dab18a63f..0000000000 --- a/changes/geoip-august2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the August 3 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-july2017 b/changes/geoip-july2017 deleted file mode 100644 index ed10369f1b..0000000000 --- a/changes/geoip-july2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the July 4 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-june2017 b/changes/geoip-june2017 deleted file mode 100644 index 2ea7bf105e..0000000000 --- a/changes/geoip-june2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the June 8 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-september2017 b/changes/geoip-september2017 deleted file mode 100644 index be01ff9521..0000000000 --- a/changes/geoip-september2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/hsdescv3_fuzz_more b/changes/hsdescv3_fuzz_more new file mode 100644 index 0000000000..25626bb9a4 --- /dev/null +++ b/changes/hsdescv3_fuzz_more @@ -0,0 +1,3 @@ + o Minor features (testing): + - Our fuzzing tests now test the encrypted portions of the + v3 hidden service descriptors. Implements more of 21509. diff --git a/changes/longclaw-ipv6 b/changes/longclaw-ipv6 deleted file mode 100644 index 75899c9d07..0000000000 --- a/changes/longclaw-ipv6 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (directory authorities): - - Remove longclaw's IPv6 address, as it will soon change. - Authority IPv6 addresses were originally added in 0.2.8.1-alpha. - This leaves 3/8 directory authorities with IPv6 addresses, but there - are also 52 fallback directory mirrors with IPv6 addresses. - Resolves 19760. diff --git a/changes/more-files b/changes/more-files deleted file mode 100644 index 861d6a3143..0000000000 --- a/changes/more-files +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Document more of the files in the Tor data directory, including - cached-extrainfo, secret_onion_key{,_ntor}.old, hidserv-stats, - approved-routers, sr-random, and diff-cache. diff --git a/changes/more-threads b/changes/more-threads deleted file mode 100644 index eae88b70fd..0000000000 --- a/changes/more-threads +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (relay, performance): - - Always start relays with at least two worker threads, to prevent - priority inversion on slow tasks. Part of the fix for bug 22883. diff --git a/changes/multi-priority b/changes/multi-priority deleted file mode 100644 index 6f19314b53..0000000000 --- a/changes/multi-priority +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (relay, thread pool): - - Allow background work to be queued with different priorities, so - that a big pile of slow low-priority jobs will not starve out - higher priority jobs. This lays the groundwork for a fix for bug - 22883. diff --git a/changes/new_requirement_pkgconfig b/changes/new_requirement_pkgconfig deleted file mode 100644 index 503ff58c9e..0000000000 --- a/changes/new_requirement_pkgconfig +++ /dev/null @@ -1,5 +0,0 @@ - o New dependencies: - - To build with zstd and lzma support, Tor now requires the - pkg-config tool at build time. (This requirement was new in - 0.3.1.1-alpha, but was not noted at the time. Noting it here to - close ticket 22623.) diff --git a/changes/stack b/changes/stack new file mode 100644 index 0000000000..ffdf536cb9 --- /dev/null +++ b/changes/stack @@ -0,0 +1,7 @@ + o Minor bugfixes (correctness): + - Fix several places in our codebase where a C compiler would be likely + to eliminate a check, based on assuming that undefined behavior had not + happened elsewhere in the code. These cases are usually a sign of + redundant checking, or dubious arithmetic. Found by Georg Koppen using + the "STACK" tool from Wang, Zeldovich, Kaashoek, and + Solar-Lezama. Fixes bug 24423; bugfix on various Tor versions. diff --git a/changes/task-22207 b/changes/task-22207 deleted file mode 100644 index 63544834bf..0000000000 --- a/changes/task-22207 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Add "fingerprint" line to networkstatus-bridges produced by - bridge authorities. Implements #22207. - diff --git a/changes/ticket21031 b/changes/ticket21031 new file mode 100644 index 0000000000..b081fb018f --- /dev/null +++ b/changes/ticket21031 @@ -0,0 +1,7 @@ + o Minor features (removed deprecations): + - The ClientDNSRejectInternalAddresses flag can once again be set in + non-testing Tor networks, so long as they do not use the default + directory authorities. + This change also removes the deprecation of this + flag in 0.2.9.2-alpha. Closes ticket 21031. + diff --git a/changes/ticket22348 b/changes/ticket22348 deleted file mode 100644 index 49ae94cdf3..0000000000 --- a/changes/ticket22348 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (directory authority): - - Improve the message that authorities report to relays when - the RSA/Ed25519 key pair they present conflicts with a previously - pinned key. Closes ticket 22348. - diff --git a/changes/ticket22870 b/changes/ticket22870 deleted file mode 100644 index 07cc8a1d04..0000000000 --- a/changes/ticket22870 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (consensus diff): - - test_consdiff_base64cmp would fail on OS X because while OS X - follows the standard of (less than zero/zero/greater than zero), - it doesn't follow the convention of (-1/0/+1). Make the test - comply with the standard. Fixes bug 22870; bugfix on 0.3.1.1-alpha. diff --git a/changes/ticket22895 b/changes/ticket22895 deleted file mode 100644 index a3f7b86019..0000000000 --- a/changes/ticket22895 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix unused variable warnings in donna's Curve25519 SSE2 code. - Fixes bug 22895; bugfix on 0.2.7.2-alpha. diff --git a/changes/ticket23637 b/changes/ticket23637 new file mode 100644 index 0000000000..0c524f34c3 --- /dev/null +++ b/changes/ticket23637 @@ -0,0 +1,5 @@ + o Minor features (directory authority): + - Make the "Exit" flag assignment only depend on whether the exit + policy allows connections to ports 80 and 443. Previously relays + would get the Exit flag if they allowed connections to one of + these ports and also port 6667. Resolves ticket 23637. diff --git a/changes/ticket24097 b/changes/ticket24097 new file mode 100644 index 0000000000..36547a8ddb --- /dev/null +++ b/changes/ticket24097 @@ -0,0 +1,4 @@ + o Minor features (logging): + - Downgrade a pair of log messages that could occur when an exit's + resolver gave us an unusual (but not forbidden) response. + Closes ticket 24097. diff --git a/changes/ticket24109 b/changes/ticket24109 new file mode 100644 index 0000000000..f66271817d --- /dev/null +++ b/changes/ticket24109 @@ -0,0 +1,4 @@ + o Minor features (integration tests): + - Test that IPv6-only clients can use microdescriptors when running + "make test-network-all". Requires chutney master 61c28b9 or later. + Closes ticket 24109. diff --git a/changes/ticket24158 b/changes/ticket24158 new file mode 100644 index 0000000000..3cdc06afae --- /dev/null +++ b/changes/ticket24158 @@ -0,0 +1,3 @@ + o Minor bugfixes (logging): + Only log about no longer having KIST support once. Fixes bug 24158; bugfix + on 0.3.2 diff --git a/changes/ticket24254 b/changes/ticket24254 new file mode 100644 index 0000000000..98d5d6bacd --- /dev/null +++ b/changes/ticket24254 @@ -0,0 +1,3 @@ + o Documentation: + Add notes in man page regarding OS support for the various scheduler types. + Attempt to use less jargon in the scheduler section. Closes ticket 24254. diff --git a/changes/ticket24425 b/changes/ticket24425 new file mode 100644 index 0000000000..aa6f082bcc --- /dev/null +++ b/changes/ticket24425 @@ -0,0 +1,4 @@ + o Minor bugfixes (hidden service v3): + - Bump hsdir_spread_store parameter from 3 to 4 in order to increase the + probability of reaching a service for a client missing microdescriptors. + Fixes bug 24425; bugfix on 0.3.2.1-alpha. diff --git a/changes/ticket24500 b/changes/ticket24500 new file mode 100644 index 0000000000..b49b7a5551 --- /dev/null +++ b/changes/ticket24500 @@ -0,0 +1,3 @@ + o Minor features (logging): + - Provide better warnings when the getrandom() syscall fails. + Closes ticket 24500. diff --git a/changes/trove-2017-008 b/changes/trove-2017-008 deleted file mode 100644 index 4b9c5b0a12..0000000000 --- a/changes/trove-2017-008 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (security, hidden services, loggging): - - Fix a bug where we could log uninitialized stack when a certain - hidden service error occurred while SafeLogging was disabled. - Fixes bug #23490; bugfix on 0.2.7.2-alpha. - This is also tracked as TROVE-2017-008 and CVE-2017-0380. |