summaryrefslogtreecommitdiff
path: root/changes
diff options
context:
space:
mode:
Diffstat (limited to 'changes')
-rw-r--r--changes/bug124854
-rw-r--r--changes/bug125859
-rw-r--r--changes/bug13111-generate-keys-on-empty-file23
-rw-r--r--changes/bug133974
-rw-r--r--changes/bug134017
-rw-r--r--changes/bug138053
-rw-r--r--changes/bug138068
-rw-r--r--changes/bug14001-clang-warning6
-rw-r--r--changes/bug14067-TestingDirAuthVoteHSDir6
-rw-r--r--changes/bug140904
-rw-r--r--changes/bug141297
-rw-r--r--changes/bug1414111
-rw-r--r--changes/bug14142-parse-virtual-addr7
-rw-r--r--changes/bug141494
-rw-r--r--changes/bug141953
-rw-r--r--changes/bug142073
-rw-r--r--changes/bug142155
-rw-r--r--changes/bug142196
-rw-r--r--changes/bug142204
-rw-r--r--changes/bug142615
-rw-r--r--changes/bug85466
-rw-r--r--changes/remove-bad-fp4
-rw-r--r--changes/ticket130374
23 files changed, 143 insertions, 0 deletions
diff --git a/changes/bug12485 b/changes/bug12485
new file mode 100644
index 0000000000..53ce33ef7b
--- /dev/null
+++ b/changes/bug12485
@@ -0,0 +1,4 @@
+ o Minor features (Guard nodes):
+ - Reduce the time delay before saving guard status to disk from 10
+ minute to 30 seconds (or from one hour to 10 minutes if
+ AvoidDiskWrites is set). Closes ticket 12485.
diff --git a/changes/bug12585 b/changes/bug12585
new file mode 100644
index 0000000000..495a2f0d71
--- /dev/null
+++ b/changes/bug12585
@@ -0,0 +1,9 @@
+ o Major features (security)
+ - Implementation of SocksSocket option - SocksSocket implements a SOCKS
+ proxy reachable by Unix Domain Socket. This allows client applications to
+ communicate with Tor without having the ability to create AF_INET or
+ AF_INET6 family sockets. If an application has permission to create a socket
+ with AF_UNIX, it may directly communicate with Tor as if it were an other
+ SOCKS proxy. This should allow high risk applications to be entirely prevented
+ from connecting directly with TCP/IP, they will be able to only connect to the
+ internet through AF_UNIX and only through Tor. Closes ticket 12585.
diff --git a/changes/bug13111-generate-keys-on-empty-file b/changes/bug13111-generate-keys-on-empty-file
new file mode 100644
index 0000000000..20c10c7443
--- /dev/null
+++ b/changes/bug13111-generate-keys-on-empty-file
@@ -0,0 +1,23 @@
+ o Minor bugfixes (file handling):
+ - Stop failing when key files are zero-length. Instead, generate new
+ keys, and overwrite the empty key files.
+ Fixes bug 13111. Patch by "teor".
+ - Stop generating a fresh .old RSA key file when the .old file is missing.
+ - Avoid overwriting .old key files with empty key files.
+ - Stop crashing when a NULL filename is passed to file_status().
+ Fixed as part of bug 13111. Patches by "teor".
+
+ o Minor enhancements (file handling):
+ - Skip loading zero-length extra info store, router store, stats, state,
+ and key files.
+ - Return FN_ERROR when a zero-length filename is passed to file_status().
+ Fixed as part of bug 13111. Patches by "teor".
+
+ o Minor enhancements (testing):
+ - Test that tor does not fail when key files are zero-length.
+ Check that tor generates new keys, and overwrites the empty key files.
+ - Test that tor generates new keys when keys are missing (existing
+ behaviour).
+ - Test that tor does not overwrite key files that already contain data
+ (existing behaviour).
+ Tests bug 13111. Patch by "teor".
diff --git a/changes/bug13397 b/changes/bug13397
new file mode 100644
index 0000000000..502092801f
--- /dev/null
+++ b/changes/bug13397
@@ -0,0 +1,4 @@
+ o Minor bugfixes:
+ - Avoid crashing when trying to reload a torrc specified as a relative
+ path with RunAsDaemon turned on. Fixes bug 13397; bugfix on
+ 0.2.3.11-alpha.
diff --git a/changes/bug13401 b/changes/bug13401
new file mode 100644
index 0000000000..e2834a09d3
--- /dev/null
+++ b/changes/bug13401
@@ -0,0 +1,7 @@
+ o Minor features (testing networks):
+ - Drop the minimum RendPostPeriod on a testing network to 5 seconds,
+ and the default to 2 minutes. Closes ticket 13401. Patch by "nickm".
+ - Drop the MIN_REND_INITIAL_POST_DELAY on a testing network to 5 seconds,
+ but keep the default at 30 seconds. This reduces HS bootstrap time to
+ around 25 seconds. Change src/test/test-network.sh default time to match.
+ Closes ticket 13401. Patch by "teor".
diff --git a/changes/bug13805 b/changes/bug13805
new file mode 100644
index 0000000000..321cd58958
--- /dev/null
+++ b/changes/bug13805
@@ -0,0 +1,3 @@
+ o Minor features (systemd):
+ - Various improvements and modernizations in systemd hardening support.
+ Closes ticket 13805. Patch from Craig Andrews.
diff --git a/changes/bug13806 b/changes/bug13806
new file mode 100644
index 0000000000..0a6b268c02
--- /dev/null
+++ b/changes/bug13806
@@ -0,0 +1,8 @@
+ o Minor features (DOS resistance):
+ - Count the total number of bytes used storing hidden service descriptors
+ against the value of MaxMemInQueues. If we're low on memory, and more
+ than 20% of our memory is used holding hidden service descriptors, free
+ them until no more than 10% of our memory holds hidden service
+ descriptors. Free the least recently fetched descriptors first.
+ Resolves ticket 13806.
+
diff --git a/changes/bug14001-clang-warning b/changes/bug14001-clang-warning
new file mode 100644
index 0000000000..b932af6ab7
--- /dev/null
+++ b/changes/bug14001-clang-warning
@@ -0,0 +1,6 @@
+ o Minor bugfixes:
+ - The address of an array in the middle of a structure will
+ always be non-NULL. clang recognises this and complains.
+ Disable the tautologous and redundant check to silence
+ this warning.
+ Fixes bug 14001.
diff --git a/changes/bug14067-TestingDirAuthVoteHSDir b/changes/bug14067-TestingDirAuthVoteHSDir
new file mode 100644
index 0000000000..52d2bee5e6
--- /dev/null
+++ b/changes/bug14067-TestingDirAuthVoteHSDir
@@ -0,0 +1,6 @@
+ o Minor features (authorities, testing):
+ - Create TestingDirAuthVoteHSDir like TestingDirAuthVoteExit/Guard.
+ Ensures that authorities vote the HSDir flag for the listed
+ relays regardless of uptime or ORPort connectivity.
+ Respects the value of VoteOnHidServDirectoriesV2.
+ Partial fix for bug 14067. Patch by "teor".
diff --git a/changes/bug14090 b/changes/bug14090
new file mode 100644
index 0000000000..d6a6df4860
--- /dev/null
+++ b/changes/bug14090
@@ -0,0 +1,4 @@
+ o Minor bugfixes:
+ - Avoid undefined behavior when sampling huge values from the
+ Laplace distribution. This made unittests fail on Raspberry Pi.
+ Bug found by Device. Fixes bug 14090; bugfix on 0.2.6.2-alpha.
diff --git a/changes/bug14129 b/changes/bug14129
new file mode 100644
index 0000000000..6153cd84fd
--- /dev/null
+++ b/changes/bug14129
@@ -0,0 +1,7 @@
+ o Major bugfixes (exit node stability):
+
+ - Fix an assertion failure that could occur under high DNS load. Fixes
+ bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr"; diagnosed and fixed
+ by "cypherpunks".
+
+
diff --git a/changes/bug14141 b/changes/bug14141
new file mode 100644
index 0000000000..75cdcd5f3a
--- /dev/null
+++ b/changes/bug14141
@@ -0,0 +1,11 @@
+ o Minor bugfixes (systemd support):
+ - Fix detection and operation of systemd watchdog. Fixes part of
+ bug 14141; bugfix on 0.2.6.2-alpha. Patch from Tomasz Torcz.
+
+ - Run correctly under systemd with the RunAsDaemon option set.
+ Fixes part of bug 14141; bugfix on 0.2.5.7-rc. Patch from Tomasz
+ Torcz.
+
+ o Minor featurs (systemd support):
+ - Inform the systemd supervisor about more changes in the Tor process
+ status. Implements part of ticket 14141. Patch from Tomasz Torcz. \ No newline at end of file
diff --git a/changes/bug14142-parse-virtual-addr b/changes/bug14142-parse-virtual-addr
new file mode 100644
index 0000000000..f78b7c7d81
--- /dev/null
+++ b/changes/bug14142-parse-virtual-addr
@@ -0,0 +1,7 @@
+ o Minor bugfixes (client):
+ - Check for a missing option value in parse_virtual_addr_network
+ before asserting on the NULL in tor_addr_parse_mask_ports.
+ This avoids crashing on torrc lines like
+ Vi[rtualAddrNetworkIPv[4|6]] when no value follows the option.
+ Bugfix on 0.2.3 (de4cc126cbb5 on 24 November 2012), fixes #14142.
+ Patch by "teor".
diff --git a/changes/bug14149 b/changes/bug14149
new file mode 100644
index 0000000000..d655a14354
--- /dev/null
+++ b/changes/bug14149
@@ -0,0 +1,4 @@
+ o Minor features (hidden service parameters):
+ - Make hidden service Sybil attacks harder by changing the minimum
+ time required to become an HSDir from 25 hours up to 96 hours.
+ Addresses ticket #14149. \ No newline at end of file
diff --git a/changes/bug14195 b/changes/bug14195
new file mode 100644
index 0000000000..d2b82f31b0
--- /dev/null
+++ b/changes/bug14195
@@ -0,0 +1,3 @@
+ o Minor bugfixes (client):
+ - Fix a memory leak when using AutomapHostsOnResolve.
+ Fixes bug 14195; bugfix on 0.1.0.1-rc.
diff --git a/changes/bug14207 b/changes/bug14207
new file mode 100644
index 0000000000..987bb25acb
--- /dev/null
+++ b/changes/bug14207
@@ -0,0 +1,3 @@
+ o Minor bugfixes (controller):
+ - Add a code for the END_CIRC_REASON_IP_NOW_REDUNDANT circuit close
+ reason. Fixes bug 12407; bugfix on 0.2.6.2-alpha.
diff --git a/changes/bug14215 b/changes/bug14215
new file mode 100644
index 0000000000..70bcdaaefc
--- /dev/null
+++ b/changes/bug14215
@@ -0,0 +1,5 @@
+ o Minor bugfixes (tests):
+ - Make the checkdir/perms test complete successfully even if the
+ global umask is not 022. Fixes bug 14215; bugfix on 0.2.6.2-alpha.
+
+
diff --git a/changes/bug14219 b/changes/bug14219
new file mode 100644
index 0000000000..9d845db94e
--- /dev/null
+++ b/changes/bug14219
@@ -0,0 +1,6 @@
+ o Minor bugfixes (hidden services):
+
+ - When fetching a hidden service descriptor for a down service that we
+ recently up, do not keep refetching until we try the same replica twice
+ in a row. Fixes bug 14219; bugfix on 0.2.0.10-alpha.
+
diff --git a/changes/bug14220 b/changes/bug14220
new file mode 100644
index 0000000000..51cfa502bc
--- /dev/null
+++ b/changes/bug14220
@@ -0,0 +1,4 @@
+ o Minor bugfixes (compilation):
+ - Build without warnings with the stock OpenSSL srtp.h header,
+ which has a duplicate declaration of SSL_get_selected_srtp_profile().
+ Fixes bug 14220; this is OpenSSL's bug, not ours.
diff --git a/changes/bug14261 b/changes/bug14261
new file mode 100644
index 0000000000..1260ccba1e
--- /dev/null
+++ b/changes/bug14261
@@ -0,0 +1,5 @@
+ O Minor bugfixes (directory authority):
+ - Allow directory authorities to fetch more data from one
+ another if they find themselves missing lots of votes.
+ Previously, they had been bumping against the 10 MB queued
+ data limit. Fixes bug 14261. Bugfix on 0.1.2.5-alpha.
diff --git a/changes/bug8546 b/changes/bug8546
new file mode 100644
index 0000000000..dc6a52a026
--- /dev/null
+++ b/changes/bug8546
@@ -0,0 +1,6 @@
+ o Code simplification and refactoring:
+ - Move fields related to isolating and configuring client ports
+ into a shared structure. Previously, they were duplicated across
+ port_cfg_t, listener_connection_t, and edge_connection_t.
+ Failure to copy one of them correctly had been the cause of at
+ least one bug in the past. \ No newline at end of file
diff --git a/changes/remove-bad-fp b/changes/remove-bad-fp
new file mode 100644
index 0000000000..a07e3ba00c
--- /dev/null
+++ b/changes/remove-bad-fp
@@ -0,0 +1,4 @@
+
+ o Removed features:
+ - Remove a test for a long-defunct broken directory server.
+
diff --git a/changes/ticket13037 b/changes/ticket13037
new file mode 100644
index 0000000000..24c4100454
--- /dev/null
+++ b/changes/ticket13037
@@ -0,0 +1,4 @@
+ o Minor features (build):
+ - New --disable-system-torrc compile-time option to prevent Tor from
+ looking for a system-wide torrc or torrc-defaults tile. Resolves
+ ticket 13037.