diff options
Diffstat (limited to 'changes')
77 files changed, 331 insertions, 56 deletions
diff --git a/changes/asciidoc-UTC b/changes/asciidoc-UTC new file mode 100644 index 0000000000..21fbfc1d67 --- /dev/null +++ b/changes/asciidoc-UTC @@ -0,0 +1,4 @@ + o Minor bugfixes (build): + - When building manual pages, set the timezone to "UTC", so that the + output is reproducible. Fixes bug 19558; bugfix on 0.2.2.9-alpha. + Patch from intrigeri. diff --git a/changes/broken-028-fallbacks b/changes/broken-028-fallbacks new file mode 100644 index 0000000000..698fd6e37a --- /dev/null +++ b/changes/broken-028-fallbacks @@ -0,0 +1,3 @@ + o Minor feature (fallback directories): + - Remove broken fallbacks from the hard-coded fallback directory list. + Closes ticket 20190; patch by teor. diff --git a/changes/bug16248 b/changes/bug16248 deleted file mode 100644 index 399b7093cd..0000000000 --- a/changes/bug16248 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (dns proxy mode, crash): - - Avoid crashing when running as a DNS proxy. Closes bug 16248; bugfix on - 0.2.0.1-alpha. Patch from 'cypherpunks'. - - o Minor features (bug-resistance): - - Make Tor survive errors involving connections without a corresponding - event object. Previously we'd fail with an assertion; now we produce a - log message. Related to bug 16248. diff --git a/changes/bug17150 b/changes/bug17150 new file mode 100644 index 0000000000..686cc34296 --- /dev/null +++ b/changes/bug17150 @@ -0,0 +1,7 @@ + o Minor bugfixes (directory warnings): + - When fetching extrainfo documents, compare their SHA256 digests + and Ed25519 signing key certificates + with the routerinfo that led us to fetch them, rather than + with the most recent routerinfo. Otherwise we generate many + spurious warnings about mismatches. Fixes bug 17150; bugfix + on 0.2.7.2-alpha. diff --git a/changes/bug17354 b/changes/bug17354 deleted file mode 100644 index 53da007fbb..0000000000 --- a/changes/bug17354 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (sandbox): - - Add the "hidserv-stats" filename to our sandbox filter for the - HiddenServiceStatistics option to work properly. Fixes bug 17354; - bugfix on tor-0.2.6.2-alpha~54^2~1. Patch from David Goulet. diff --git a/changes/bug17744_redux b/changes/bug17744_redux new file mode 100644 index 0000000000..d61e17fec3 --- /dev/null +++ b/changes/bug17744_redux @@ -0,0 +1,5 @@ + o Minor bugfixes (build): + - Remove a pair of redundant AM_CONDITIONAL declarations from + configure.ac. Fixes one final case of bug 17744; bugfix on + 0.2.8.2-alpha. + diff --git a/changes/bug17906 b/changes/bug17906 deleted file mode 100644 index fff76d1c59..0000000000 --- a/changes/bug17906 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (authorities): - - Update the V3 identity key for dannenberg, it was changed on - 18 November 2015. - Closes task #17906. Patch by "teor". diff --git a/changes/bug18089 b/changes/bug18089 deleted file mode 100644 index c1fb342f77..0000000000 --- a/changes/bug18089 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor fixes (security): - - Make memwipe() do nothing when passed a NULL pointer - or zero size. Check size argument to memwipe() for underflow. - Closes bug #18089. Reported by "gk", patch by "teor". - Bugfix on 0.2.3.25 and 0.2.4.6-alpha (#7352), - commit 49dd5ef3 on 7 Nov 2012. diff --git a/changes/bug18133 b/changes/bug18133 new file mode 100644 index 0000000000..177d286495 --- /dev/null +++ b/changes/bug18133 @@ -0,0 +1,4 @@ + o Minor bugfixes (logging): + - When we can't generate a signing key because OfflineMasterKey is set, + do not imply that we should have been able to load it. + Fixes bug 18133; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug18162 b/changes/bug18162 deleted file mode 100644 index 0844d6f62f..0000000000 --- a/changes/bug18162 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (security, pointers): - - - Avoid a difficult-to-trigger heap corruption attack when extending - a smartlist to contain over 16GB of pointers. Fixes bug #18162; - bugfix on Tor 0.1.1.11-alpha, which fixed a related bug - incompletely. Reported by Guido Vranken. - diff --git a/changes/bug18286 b/changes/bug18286 new file mode 100644 index 0000000000..e398fb004b --- /dev/null +++ b/changes/bug18286 @@ -0,0 +1,5 @@ + o Minor features (build): + - Tor now builds again with the recent OpenSSL 1.1 development branch + (tested against 1.1.0-pre4 and 1.1.0-pre5-dev). Closes ticket 18286. + + diff --git a/changes/bug18312 b/changes/bug18312 new file mode 100644 index 0000000000..7dcb3266bf --- /dev/null +++ b/changes/bug18312 @@ -0,0 +1,4 @@ + o Documentation: + - Stop recommending use of nicknames to identify relays in our + MapAddress documentation. Closes ticket 18312. + diff --git a/changes/bug18397 b/changes/bug18397 new file mode 100644 index 0000000000..53993da4e6 --- /dev/null +++ b/changes/bug18397 @@ -0,0 +1,7 @@ + o Minor bugfixes (Linux seccomp2 sandbox): + - Add a few missing syscalls to the seccomp2 sandbox: sysinfo, + getsockopt(SO_SNDBUF), and setsockopt(SO_SNDBUFFORCE). On + some systems, these are required for Tor to start with + "Sandbox 1" enabled. + Fixes bug 18397; bugfix on 0.2.5.1-alpha. Patch from + Daniel Pinto. diff --git a/changes/bug18460 b/changes/bug18460 new file mode 100644 index 0000000000..a8c1a19774 --- /dev/null +++ b/changes/bug18460 @@ -0,0 +1,4 @@ + o Minor bugfixes (statistics): + - We now include consensus downloads via IPv6 in our directory-request statistics. + Fixes bug 18460; bugfix on 0.2.3.14-alpha. + diff --git a/changes/bug18481 b/changes/bug18481 new file mode 100644 index 0000000000..6fd882b36b --- /dev/null +++ b/changes/bug18481 @@ -0,0 +1,5 @@ + o Minor bugfixes (client): + - Turn all TestingClientBootstrap* into non-testing torrc options. This + changes simply renames them by removing "Testing" in front of them and + they do not require TestingTorNetwork to be enabled anymore. Fixes + bug 18481; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug18616 b/changes/bug18616 new file mode 100644 index 0000000000..ec59e846ed --- /dev/null +++ b/changes/bug18616 @@ -0,0 +1,14 @@ + o Major bugfixes (directory mirrors): + - Decide whether to advertise begindir support the same way we decide + whether to advertise our DirPort. These decisions being out of sync + led to surprising behavior like advertising begindir support when + our hibernation config options made us not advertise a DirPort. + Resolves bug 18616; bugfix on 0.2.8.1-alpha. Patch by teor. + + o Minor bugfixes: + - Consider more config options when relays decide whether to regenerate + their descriptor. Fixes more of bug 12538; bugfix on 0.2.8.1-alpha. + - Resolve some edge cases where we might launch an ORPort reachability + check even when DisableNetwork is set. Noticed while fixing bug + 18616; bugfix on 0.2.3.9-alpha. + diff --git a/changes/bug18668 b/changes/bug18668 new file mode 100644 index 0000000000..4b186b5c05 --- /dev/null +++ b/changes/bug18668 @@ -0,0 +1,3 @@ + o Minor bugfixes (tests): + - Avoid "WSANOTINITIALISED" warnings in the unit tests. Fixes bug 18668; + bugfix on 0.2.8.1-alpha. diff --git a/changes/bug18673 b/changes/bug18673 new file mode 100644 index 0000000000..5d6161718a --- /dev/null +++ b/changes/bug18673 @@ -0,0 +1,4 @@ + o Minor bugfixes (memory leak): + - Fix a small memory leak that would occur when the + TestingEnableCellStatsEvent option was turned on. Fixes bug 18673; + bugfix on 0.2.5.2-alpha. diff --git a/changes/bug18686 b/changes/bug18686 new file mode 100644 index 0000000000..23547d211d --- /dev/null +++ b/changes/bug18686 @@ -0,0 +1,5 @@ + o Minor bugfixes (pluggable transports): + - Avoid reporting a spurious error when we decide that we don't + need to terminate a pluggable transport because it has already + exited. Fixes bug 18686; bugfix on 0.2.5.5-alpha. + diff --git a/changes/bug18716 b/changes/bug18716 new file mode 100644 index 0000000000..b15a343f4c --- /dev/null +++ b/changes/bug18716 @@ -0,0 +1,4 @@ + o Minor bugfixes (assert, portability): + - Fix an assertion failure in memarea.c on systems where "long" is + shorter than the size of a pointer. + Fixes bug 18716; bugfix on 0.2.1.1-alpha diff --git a/changes/bug18728 b/changes/bug18728 new file mode 100644 index 0000000000..e181c17e65 --- /dev/null +++ b/changes/bug18728 @@ -0,0 +1,4 @@ + o Minor bugfixes (build): + - Resolve warnings when building on systems that are concerned with + signed char. Fixes bug 18728; bugfix on 0.2.7.2-alpha and + 0.2.6.1-alpha. diff --git a/changes/bug18729 b/changes/bug18729 new file mode 100644 index 0000000000..4ec9ca3254 --- /dev/null +++ b/changes/bug18729 @@ -0,0 +1,3 @@ + o Minor features (logging): + - Stop blasting twelve lines per second from periodic_event_dispatch() + at loglevel debug. Resolves ticket 18729; fix on 0.2.8.1-alpha. diff --git a/changes/bug18761 b/changes/bug18761 new file mode 100644 index 0000000000..78500a88ea --- /dev/null +++ b/changes/bug18761 @@ -0,0 +1,3 @@ + o Minor feature (logging): + - When rejecting a misformed INTRODUCE2 cell, only log at PROTOCOL_WARN + severity. Closes ticket 18761. diff --git a/changes/bug18809 b/changes/bug18809 new file mode 100644 index 0000000000..1e151874b7 --- /dev/null +++ b/changes/bug18809 @@ -0,0 +1,16 @@ + o Major bugfixes (bootstrap): + - Check if bootstrap consensus downloads are still needed + when the linked connection attaches. This prevents tor + making unnecessary begindir-style connections, which are + the only directory connections tor clients make since + the fix for 18483 was merged. + - Fix some edge cases where consensus download connections + may not have been closed, even though they were not needed. + Related to fix 18809. + - Make relays retry consensus downloads the correct number of + times, rather than the more aggressive client retry count. + Fixes part of ticket 18809. + - Stop downloading consensuses when we have a consensus, + even if we don't have all the certificates for it yet. + Fixes bug 18809; bugfix on 0.2.8.1-alpha. + Patches by arma and teor. diff --git a/changes/bug18812 b/changes/bug18812 new file mode 100644 index 0000000000..793e1102f7 --- /dev/null +++ b/changes/bug18812 @@ -0,0 +1,4 @@ + o Minor bugfixes (bootstrap): + - When a fallback changes its fingerprint from the hard-coded + fingerprint, log a less severe, more explanatory log message. + Fixes bug 18812; bugfix on 0.2.8.1-alpha. Patch by teor. diff --git a/changes/bug18816 b/changes/bug18816 new file mode 100644 index 0000000000..103f816962 --- /dev/null +++ b/changes/bug18816 @@ -0,0 +1,4 @@ + o Minor bugfix (bootstrap): + - Consistently use the consensus download schedule for + authority certificates. + Fixes bug 18816; bugfix on 0.2.4.13-alpha. diff --git a/changes/bug18841.1 b/changes/bug18841.1 new file mode 100644 index 0000000000..205ee5a425 --- /dev/null +++ b/changes/bug18841.1 @@ -0,0 +1,7 @@ + o Major bugfixes (compilation): + - Correctly detect compiler flags on systems where _FORTIFY_SOURCE + is predefined. Previously, our use of -D_FORTIFY_SOURCE would + cause a compiler warning, thereby making other checks fail. + Fixes one case of bug 18841; bugfix on 0.2.3.17-beta. Patch from + "trudokal". + diff --git a/changes/bug18849 b/changes/bug18849 new file mode 100644 index 0000000000..b12a8da011 --- /dev/null +++ b/changes/bug18849 @@ -0,0 +1,4 @@ + o Minor bugfix (logging): + - Reduce excessive logging when directories can't be found. + Fixes bug 18849; bugfix on 0.2.8.3-alpha and 0.2.8.1-alpha. + Patch by teor. diff --git a/changes/bug18920 b/changes/bug18920 new file mode 100644 index 0000000000..1babfd6656 --- /dev/null +++ b/changes/bug18920 @@ -0,0 +1,5 @@ + o Minor bugfixes (controller, microdescriptors): + - Make GETINFO dir/status-vote/current/consensus conform to the control + specification by returning "551 Could not open cached consensus..." + when not caching consensuses. + Fixes bug 18920; bugfix on 0.2.2.6-alpha. diff --git a/changes/bug18921 b/changes/bug18921 new file mode 100644 index 0000000000..cdd868a005 --- /dev/null +++ b/changes/bug18921 @@ -0,0 +1,4 @@ + o Major bugfixes (IPv6 bridges): + - Fix directory address selection for IPv6 bridges. + Fixes bug 18921; bugfix on 0.2.8.1-alpha. + Patch by "teor". diff --git a/changes/bug18929 b/changes/bug18929 new file mode 100644 index 0000000000..c607e630a6 --- /dev/null +++ b/changes/bug18929 @@ -0,0 +1,5 @@ + o Minor bugfixes (IPv6): + - Make directory node selection more reliable, mainly for + IPv6-only clients and clients with few reachable addresses. + Fixes bug 18929; bugfix on 0.2.8.1-alpha. + Patch by "teor". diff --git a/changes/bug18943 b/changes/bug18943 new file mode 100644 index 0000000000..6bcd868460 --- /dev/null +++ b/changes/bug18943 @@ -0,0 +1,6 @@ + o Major bugfixes (crypto, portability): + - The SHA3 and SHAKE routines now produce the correct output on + Big Endian systems, unbreaking the unit tests. No code calls + either algorithm family yet, so this is primarily a build fix. + Fixes bug 18943; bugfix on 0.2.8.1-alpha. + diff --git a/changes/bug18977 b/changes/bug18977 new file mode 100644 index 0000000000..3f46b09fba --- /dev/null +++ b/changes/bug18977 @@ -0,0 +1,4 @@ + o Minor bugfixes (time handling): + - When correcting a corrupt 'struct tm' value, fill in the tm_wday + field. Otherwise, our unit tests crash on Windows. + Fixes bug 18977; bugfix on 0.2.2.25-alpha. diff --git a/changes/bug19003 b/changes/bug19003 new file mode 100644 index 0000000000..ca94938ef9 --- /dev/null +++ b/changes/bug19003 @@ -0,0 +1,5 @@ + o Minor bugfixes (small networks): + - Allow directories in small networks to bootstrap by + skipping DirPort checks when the consensus has no exits. + Fixes bug 19003; bugfix on 0.2.8.1-alpha. + Patch by teor. diff --git a/changes/bug19008 b/changes/bug19008 new file mode 100644 index 0000000000..c51c98faa6 --- /dev/null +++ b/changes/bug19008 @@ -0,0 +1,3 @@ + o Major bugfixes (testing): + - Fix a bug that would block 'make test-network-all' on systems + where IPv6 packets were lost. Fixes bug 19008; bugfix on tor-0.2.7.3-rc. diff --git a/changes/bug19032 b/changes/bug19032 new file mode 100644 index 0000000000..93f17c2f91 --- /dev/null +++ b/changes/bug19032 @@ -0,0 +1,4 @@ + o Major bugfixes (security, directory authorities): + - Fix a crash and out-of-bounds write during authority voting, when the + list of relays includes duplicate ed25519 identity keys. Fixes bug 19032; + bugfix on 0.2.8.2-alpha. diff --git a/changes/bug19161 b/changes/bug19161 new file mode 100644 index 0000000000..78c2165308 --- /dev/null +++ b/changes/bug19161 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation): + - When libscrypt.h is found, but no libscrypt library can be linked, + treat libscrypt as absent. Fixes bug 19161; bugfix on 0.2.6.1-alpha. diff --git a/changes/bug19191 b/changes/bug19191 new file mode 100644 index 0000000000..8670aaa7fd --- /dev/null +++ b/changes/bug19191 @@ -0,0 +1,5 @@ + o Minor bugfixes (downloading): + - Predict more correctly whether we'll be downloading over HTTP when we + determine the maximum length of a URL. This should avoid a "BUG" + warning about the Squid HTTP proxy and its URL limits. Fixes bug 19191; + bugfix on ?????. diff --git a/changes/bug19203 b/changes/bug19203 new file mode 100644 index 0000000000..96bc1e855a --- /dev/null +++ b/changes/bug19203 @@ -0,0 +1,4 @@ + o Major bugfixes (user interface): + - Correctly give a warning in the cases where a relay is specified by + nickname, and one such relay is found, but it is not officially Named. + Fixes bug 19203; bugfix on 0.2.3.1-alpha. diff --git a/changes/bug19213 b/changes/bug19213 new file mode 100644 index 0000000000..6217814fb4 --- /dev/null +++ b/changes/bug19213 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation): + - Cause the unit tests to compile correctly on mingw64 versions + that lack sscanf. Fixes bug 19213; bugfix on 0.2.7.1-alpha. diff --git a/changes/bug19406 b/changes/bug19406 new file mode 100644 index 0000000000..e8b661b512 --- /dev/null +++ b/changes/bug19406 @@ -0,0 +1,4 @@ + o Minor features (build): + - Tor now again builds with the recent OpenSSL 1.1 development branch + (tested against 1.1.0-pre5 and 1.1.0-pre6-dev). + diff --git a/changes/bug19454 b/changes/bug19454 new file mode 100644 index 0000000000..05650b5c61 --- /dev/null +++ b/changes/bug19454 @@ -0,0 +1,3 @@ + o Minor bugfixes (heartbeat): + - Fix regression that crashes Tor when disabling heartbeats. Fixes bug + 19454; bugfix on tor-0.2.8.1-alpha. Reported by "kubaku". diff --git a/changes/bug19464 b/changes/bug19464 new file mode 100644 index 0000000000..22c9e73dc7 --- /dev/null +++ b/changes/bug19464 @@ -0,0 +1,6 @@ + o Minor bugfixes (user interface): + - Remove a warning message "Service [scrubbed] not found after + descriptor upload". This message appears when one uses HSPOST control + command to upload a service descriptor. Since there is only a descriptor + and no service, showing this message is pointless and confusing. + Fixes bug 19464; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug19499 b/changes/bug19499 new file mode 100644 index 0000000000..59bdb29dfa --- /dev/null +++ b/changes/bug19499 @@ -0,0 +1,4 @@ + o Minor features (build): + - Tor now again builds with the recent OpenSSL 1.1 development branch + (tested against 1.1.0-pre6-dev). Closes ticket 19499. + diff --git a/changes/bug19556 b/changes/bug19556 new file mode 100644 index 0000000000..31856b3db9 --- /dev/null +++ b/changes/bug19556 @@ -0,0 +1,7 @@ + o Minor bugfixes (sandboxing): + - When sandboxing is enabled, we could not write any stats to + disk. check_or_create_data_subdir("stats"), which prepares the + private stats directory, calls check_private_dir(), which also + opens and not just stats() the directory. Therefore, we need to + also allow open() for the stats dir in our sandboxing setup. + Fixes bug 19556; bugfix on 0.2.5.1-alpha. diff --git a/changes/bug19557 b/changes/bug19557 new file mode 100644 index 0000000000..55214b0c97 --- /dev/null +++ b/changes/bug19557 @@ -0,0 +1,4 @@ + o Major bugfixes (sandboxing): + - Our sandboxing code would not allow us to write to stats/hidserv-stats, + causing tor to abort while trying to write stats. This was previously + masked by bug 19556. Fixes bug 19557; bugfix on 0.2.6.1-alpha. diff --git a/changes/bug19608 b/changes/bug19608 new file mode 100644 index 0000000000..66c2de214e --- /dev/null +++ b/changes/bug19608 @@ -0,0 +1,6 @@ + o Minor bugfixes (IPv6, microdescriptors): + - Don't check node addresses when we only have a routerstatus. + This allows IPv6-only clients to bootstrap by fetching + microdescriptors from fallback directory mirrors. + (The microdescriptor consensus has no IPv6 addresses in it.) + Fixes bug 19608; bugfix on c281c036 in 0.2.8.2-alpha. diff --git a/changes/bug19660 b/changes/bug19660 new file mode 100644 index 0000000000..72d32c8fe2 --- /dev/null +++ b/changes/bug19660 @@ -0,0 +1,8 @@ + o Minor bugfixes (sandboxing): + - If we did not find a non-private IPaddress by iterating over + interfaces, we would try to get one via + get_interface_address6_via_udp_socket_hack(). This opens a + datagram socket with IPPROTO_UDP. Previously all our datagram + sockets (via libevent) used IPPROTO_IP, so we did not have that + in the sandboxing whitelist. Add (SOCK_DGRAM, IPPROTO_UDP) + sockets to the sandboxing whitelist. Fixes bug 19660. diff --git a/changes/bug19682 b/changes/bug19682 new file mode 100644 index 0000000000..c799c417ac --- /dev/null +++ b/changes/bug19682 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation): + - Fix compilation warning in the unit tests on systems where + char is signed. Fixes bug 19682; bugfix on 0.2.8.1-alpha. diff --git a/changes/bifroest b/changes/bug19728 index 41af658ed8..98ba34290f 100644 --- a/changes/bifroest +++ b/changes/bug19728 @@ -1,3 +1,3 @@ - o Directory authority changes (also in 0.2.8.7): + o Directory authority changes: - The "Tonga" bridge authority has been retired; the new bridge authority is "Bifroest". Closes tickets 19728 and 19690. diff --git a/changes/bug19782 b/changes/bug19782 new file mode 100644 index 0000000000..37660ead73 --- /dev/null +++ b/changes/bug19782 @@ -0,0 +1,3 @@ + o Minor bugfixes (fallback directories): + - Remove a fallback that was on the hardcoded list, then opted-out. + Fixes bug 19782; update to fallback list from 0.2.8.2-alpha. diff --git a/changes/bug19903 b/changes/bug19903 new file mode 100644 index 0000000000..33aa8789d7 --- /dev/null +++ b/changes/bug19903 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation): + - Remove an inappropriate "inline" in tortls.c that was causing warnings + on older versions of GCC. Fixes bug 19903; 0.2.8.1-alpha. + diff --git a/changes/bug19947 b/changes/bug19947 new file mode 100644 index 0000000000..b9dce8b753 --- /dev/null +++ b/changes/bug19947 @@ -0,0 +1,4 @@ + o Minor bugfixes (fallback directories): + - Avoid logging a NULL string pointer when loading fallback directory information. + Fixes bug 19947; bugfix on 0.2.4.7-alpha and 0.2.8.1-alpha. + Report and patch by "rubiate". diff --git a/changes/bug19969 b/changes/bug19969 new file mode 100644 index 0000000000..0bdd880bb7 --- /dev/null +++ b/changes/bug19969 @@ -0,0 +1,10 @@ + o Major bugfixes (client performance); + - Clients now respond to new application stream requests when + they arrive, rather than waiting up to one second before starting + to handle them. Fixes part of bug 19969; bugfix on 0.2.8.1-alpha. + + o Major bugfixes (clients on flaky network connections); + - When Tor leaves standby because of a new application request, open + circuits as needed to serve that request. Previously, we would + potentially wait a very long time. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. diff --git a/changes/bug19973 b/changes/bug19973 new file mode 100644 index 0000000000..7bd5c554f9 --- /dev/null +++ b/changes/bug19973 @@ -0,0 +1,6 @@ + o Major bugfixes (client, security): + - Only use the ReachableAddresses option to restrict the first hop + in a path. Previously, it would apply to every hop in the path, + with a possible degredation in anonymity for anyone using an + uncommon ReachableAddress setting. Fixes bug 19973; bugfix on + 0.2.8.2-alpha. diff --git a/changes/bug20103 b/changes/bug20103 new file mode 100644 index 0000000000..bf0aeec009 --- /dev/null +++ b/changes/bug20103 @@ -0,0 +1,7 @@ + o Major bugfixes (crash): + + - Fix a complicated crash bug that could affect Tor clients + configured to use bridges when replacing a networkstatus consensus + in which one of their bridges was mentioned. OpenBSD users saw + more crashes here, but all platforms were potentially affected. + Fixes bug 20103; bugfix on 0.2.8.2-alpha. diff --git a/changes/bug20203 b/changes/bug20203 new file mode 100644 index 0000000000..711c91ba85 --- /dev/null +++ b/changes/bug20203 @@ -0,0 +1,6 @@ + o Major bugfixes (relay, OOM handler): + - Fix a timing-dependent assertion failure that could occur when we + tried to flush from a circuit after having freed its cells because + of an out-of-memory condition. Fixes bug 20203; bugfix on + 0.2.8.1-alpha. Thanks to "cypherpunks" for help diagnosing this + one. diff --git a/changes/bug20235 b/changes/bug20235 new file mode 100644 index 0000000000..54026a8943 --- /dev/null +++ b/changes/bug20235 @@ -0,0 +1,4 @@ + o Minor features (compatibility): + - Work around a bug in the OSX 10.12 SDK that would prevent us + from successfully targetting earlier versions of OSX. + Resolves ticket 20235. diff --git a/changes/bug20384 b/changes/bug20384 deleted file mode 100644 index 591015ad94..0000000000 --- a/changes/bug20384 +++ /dev/null @@ -1,10 +0,0 @@ - o Major features (security fixes): - - Prevent a class of security bugs caused by treating the contents - of a buffer chunk as if they were a NUL-terminated string. At - least one such bug seems to be present in all currently used - versions of Tor, and would allow an attacker to remotely crash - most Tor instances, especially those compiled with extra compiler - hardening. With this defense in place, such bugs can't crash Tor, - though we should still fix them as they occur. Closes ticket - 20384 (TROVE-2016-10-001). - diff --git a/changes/bug20551 b/changes/bug20551 new file mode 100644 index 0000000000..1e0746b666 --- /dev/null +++ b/changes/bug20551 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation); + - Fix implicit conversion warnings under OpenSSL 1.1. + Fixes bug 20551; bugfix on 0.2.1.1-alpha. diff --git a/changes/bug20553 b/changes/bug20553 new file mode 100644 index 0000000000..12a2780303 --- /dev/null +++ b/changes/bug20553 @@ -0,0 +1,3 @@ + o Minor bugfixes (memory leak): + - Work around a memory leak in OpenSSL 1.1 when encoding public keys. + Fixes bug 20553; bugfix on 0.0.2pre8. diff --git a/changes/bug20588 b/changes/bug20588 new file mode 100644 index 0000000000..be199b2de0 --- /dev/null +++ b/changes/bug20588 @@ -0,0 +1,3 @@ + o Minor bugfixes (portability): + - Fix compilation with OpenSSL 1.1 and less commonly-used + CPU architectures. Closes ticket 20588. diff --git a/changes/bug20865 b/changes/bug20865 new file mode 100644 index 0000000000..575d886a3e --- /dev/null +++ b/changes/bug20865 @@ -0,0 +1,7 @@ + o Minor bugfixes (portability): + - Avoid compilation errors when building on OSX Sierra. Sierra began + to support the getentropy() API, but created a few problems in + doing so. Tor 0.2.9 has a more thorough set of workarounds; in + 0.2.8, we are just using the /dev/urandom interface. Fixes + bug 20865. Bugfix on 0.2.8.1-alpha. + diff --git a/changes/doc17621 b/changes/doc17621 new file mode 100644 index 0000000000..ab37d29b50 --- /dev/null +++ b/changes/doc17621 @@ -0,0 +1,3 @@ + o Documentation: + - Document the contents of the 'datadir/keys' subdirectory in the manual + page. Closes ticket 17621. diff --git a/changes/fallbacks-201604 b/changes/fallbacks-201604 new file mode 100644 index 0000000000..7acefaaf08 --- /dev/null +++ b/changes/fallbacks-201604 @@ -0,0 +1,9 @@ + o Minor features (fallback directory mirrors): + - Give each fallback the same weight for client selection; + restrict fallbacks to one per operator; + report fallback directory detail changes when rebuilding list; + add new fallback directory mirrors to the whitelist; + update fallback directories based on the latest OnionOO data; + and any other minor simplifications and fixes. + Closes tasks 17158, 17905, 18749, bug 18689, and fixes part of + bug 18812 on 0.2.8.1-alpha; patch by "teor". diff --git a/changes/feature18483 b/changes/feature18483 new file mode 100644 index 0000000000..d0fa8df58d --- /dev/null +++ b/changes/feature18483 @@ -0,0 +1,4 @@ + o Minor features (clients): + - Make clients, onion services, and bridge relays always + use an encrypted begindir connection for directory requests. + Resolves ticket 18483. Patch by "teor". diff --git a/changes/geoip-april2016 b/changes/geoip-april2016 index 4cd03e556b..c55aa179b5 100644 --- a/changes/geoip-april2016 +++ b/changes/geoip-april2016 @@ -1,4 +1,4 @@ - o Minor features: + o Minor features (geoip): - Update geoip and geoip6 to the April 5 2016 Maxmind GeoLite2 Country database. diff --git a/changes/geoip-february2016 b/changes/geoip-february2016 deleted file mode 100644 index 49a8041fad..0000000000 --- a/changes/geoip-february2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the February 2 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-january2016 b/changes/geoip-january2016 deleted file mode 100644 index fe2d5c7dc7..0000000000 --- a/changes/geoip-january2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the January 5 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-jun2016 b/changes/geoip-jun2016 index 8d308f6f72..6c9847ca58 100644 --- a/changes/geoip-jun2016 +++ b/changes/geoip-jun2016 @@ -1,4 +1,4 @@ - o Minor features: + o Minor features (geoip): - Update geoip and geoip6 to the June 7 2016 Maxmind GeoLite2 Country database. diff --git a/changes/geoip-march2016 b/changes/geoip-march2016 deleted file mode 100644 index d7b1bd42f9..0000000000 --- a/changes/geoip-march2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the March 3 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-may2016 b/changes/geoip-may2016 index 3fd42dce24..cf78ab10c7 100644 --- a/changes/geoip-may2016 +++ b/changes/geoip-may2016 @@ -1,4 +1,4 @@ - o Minor features: + o Minor features (geoip): - Update geoip and geoip6 to the May 4 2016 Maxmind GeoLite2 Country database. diff --git a/changes/geoip-september2016 b/changes/geoip-september2016 index a14c7c699f..1bf5570f2d 100644 --- a/changes/geoip-september2016 +++ b/changes/geoip-september2016 @@ -1,4 +1,4 @@ - o Minor features: + o Minor features (geoip): - Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2 Country database. diff --git a/changes/memarea_overflow b/changes/memarea_overflow new file mode 100644 index 0000000000..8fdc38cc09 --- /dev/null +++ b/changes/memarea_overflow @@ -0,0 +1,7 @@ + o Minor bugfixes (pointer arithmetic): + - Fix a bug in memarea_alloc() that could have resulted in remote heap + write access, if Tor had ever passed an unchecked size to + memarea_alloc(). Fortunately, all the sizes we pass to memarea_alloc() + are pre-checked to be less than 128 kilobytes. Fixes bug 19150; bugfix + on 0.2.1.1-alpha. Bug found by Guido Vranken. + diff --git a/changes/ticket19071-19480 b/changes/ticket19071-19480 new file mode 100644 index 0000000000..ab5c72a2d1 --- /dev/null +++ b/changes/ticket19071-19480 @@ -0,0 +1,13 @@ + o Minor bugfixes (fallback directory selection): + - Avoid errors during fallback selection if there are no eligible + fallbacks. Fixes bug 19480; bugfix on ba76910 and 78ec782 in + 0.2.8.3-alpha. Patch by teor. + o Minor features (fallback directory list): + - Update hard-coded fallback list to remove unsuitable fallbacks. + Resolves ticket 19071. Patch by teor. + - Add a comment to the generated list that explains how to comment-out + unsuitable fallbacks in a way that's compatible with the stem fallback + parser. + - Update fallback whitelist and blacklist based on relay operator + emails. Blacklist unsuitable fallbacks. Resolves ticket 19071. + Patch by teor. diff --git a/changes/ticket20170-v3 b/changes/ticket20170-v3 new file mode 100644 index 0000000000..d634e72053 --- /dev/null +++ b/changes/ticket20170-v3 @@ -0,0 +1,5 @@ + o Minor features (fallback directory list): + - Replace the 81 remaining fallbacks of the 100 originally introduced + in Tor 0.2.8.3-alpha in March 2016, with a list of 177 fallbacks + (123 new, 54 existing, 27 removed) generated in December 2016. + Resolves ticket 20170. diff --git a/changes/ticket21564 b/changes/ticket21564 new file mode 100644 index 0000000000..7e01f41f8f --- /dev/null +++ b/changes/ticket21564 @@ -0,0 +1,6 @@ + o Minor features (fallback directory list): + - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in + December 2016 (of which ~126 were still functional), with a list of + 151 fallbacks (32 new, 119 existing, 58 removed) generated in + May 2017. + Resolves ticket 21564. |