diff options
Diffstat (limited to 'changes')
80 files changed, 204 insertions, 190 deletions
diff --git a/changes/14881 b/changes/14881 new file mode 100644 index 0000000000..e95929623b --- /dev/null +++ b/changes/14881 @@ -0,0 +1,8 @@ + o Minor bugfixes (consensus weight): + - Add new consensus method that initializes bw weights to 1 instead of 0. This + prevents a zero weight from making it all the way to the end (happens in + small testing networks) and causing an error. Fixes bug 14881; bugfix + on 0.2.2.17-alpha. + + o Minor features (unit tests): + - Add tests for networkstatus_compute_bw_weights_v10. diff --git a/changes/17070 b/changes/17070 new file mode 100644 index 0000000000..ffe616f38d --- /dev/null +++ b/changes/17070 @@ -0,0 +1,4 @@ + o Documentation (SOCKS connections): + - Clarify that when `ClientRejectInternalAddresses` is enabled (which is the + default), multicast DNS hostnames for machines on the local network (of + the form *.local) are also rejected. Closes ticket 17070. diff --git a/changes/19965 b/changes/19965 new file mode 100644 index 0000000000..904f5c9db0 --- /dev/null +++ b/changes/19965 @@ -0,0 +1,3 @@ + o Minor bugfix (configuration): + - Accept non-space whitespace characters after the severity level in the + `Log` option. Fixes bug 19965; bugfix on 0.2.1.1-alpha. diff --git a/changes/19974 b/changes/19974 deleted file mode 100644 index 5496143ddf..0000000000 --- a/changes/19974 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (unit tests): - - Fix tolerances in unit tests for monotonic time comparisons between - nanoseconds and microseconds. Previously, we accepted a 10 us - difference only, which is not realistic on every platform's - clock_gettime(). Fixes bug 19974; bugfix on 0.2.9.1-alpha. diff --git a/changes/20273 b/changes/20273 new file mode 100644 index 0000000000..714beda29c --- /dev/null +++ b/changes/20273 @@ -0,0 +1,4 @@ + o Documentation (comments): + - Change '1' to 'weight_scale' in consensus bw weights calculation + comments, as that is reality. Closes ticket 20273. Patch from pastly. + diff --git a/changes/20460 b/changes/20460 deleted file mode 100644 index 9fbb4a7986..0000000000 --- a/changes/20460 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (testing): - - Use ECDHE ciphers instead of ECDH in tortls tests. LibreSSL has - removed the ECDH ciphers which caused the tests to fail on - platforms which use it. Fixes bug 20460; bugfix on 0.2.8.1-alpha. diff --git a/changes/20492 b/changes/20492 deleted file mode 100644 index fdcd4d0b4b..0000000000 --- a/changes/20492 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfix (build): - - The current Git revision when building from a local repository is now - detected correctly when using git worktrees. Fixes bug 20492; bugfix on - 0.2.3.9-alpha. diff --git a/changes/20511 b/changes/20511 new file mode 100644 index 0000000000..d6e962eeb7 --- /dev/null +++ b/changes/20511 @@ -0,0 +1,3 @@ + o Minor feature: + - Relays and bridges will now refuse to serve the consensus they have if + they know it is too old for a client to use. Closes ticket 20511. diff --git a/changes/20526 b/changes/20526 new file mode 100644 index 0000000000..bd07d09bfc --- /dev/null +++ b/changes/20526 @@ -0,0 +1,5 @@ + o Code simplification and refactoring: + - Introduce rend_service_is_ephemeral() that tells if given onion + service is ephemeral. Replace unclear NULL-checkings for service + directory with this function. + Closes ticket 20526. diff --git a/changes/20853 b/changes/20853 new file mode 100644 index 0000000000..84d95c41e0 --- /dev/null +++ b/changes/20853 @@ -0,0 +1,4 @@ + o Minor bugfix (hidden services): + - Change ephemeral service checks in `rendservice.c` to use the new + `rend_service_is_ephemeral` helper function. Fixes bug 20853; bugfix on + bug 20526; not in any released version of Tor. diff --git a/changes/bug13827 b/changes/bug13827 new file mode 100644 index 0000000000..2235a3fbd7 --- /dev/null +++ b/changes/bug13827 @@ -0,0 +1,3 @@ + o Code simplification and refactoring: + - Remove duplicate code in the channel_write_*cell() functions. + Closes ticket 13827; patch from Pingl. diff --git a/changes/bug17779 b/changes/bug17779 new file mode 100644 index 0000000000..a81c334690 --- /dev/null +++ b/changes/bug17779 @@ -0,0 +1,6 @@ + o Minor bugfixes (leak at exit): + - Fix a small harmless memory leak at exit of the previously unused + RSA->Ed identity cross-certificate. Fixes bug 17779; bugfix on + 0.2.7.2-alpha. + + diff --git a/changes/bug19043 b/changes/bug19043 new file mode 100644 index 0000000000..70c35dfa7b --- /dev/null +++ b/changes/bug19043 @@ -0,0 +1,5 @@ + o Major features (hidden services): + - Relays can now handle v3 ESTABLISH_INTRO cells as specified by prop224 + aka "Next Generation Hidden Services". Service and clients don't yet use + this code functionnality. It marks another step towards prop224 + deployment. Resolves ticket 19043. Initial code by Alec Heifetz. diff --git a/changes/bug19563 b/changes/bug19563 new file mode 100644 index 0000000000..dbf3859135 --- /dev/null +++ b/changes/bug19563 @@ -0,0 +1,3 @@ + o Testing: + - New unit tests for tor_htonll(). Closes ticket 19563. Patch from + "overcaffeinated". diff --git a/changes/bug19869 b/changes/bug19869 deleted file mode 100644 index 430048f161..0000000000 --- a/changes/bug19869 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (DNSPort): - - On DNSPort, stop logging a BUG warning on a failed hostname lookup. - Fixes bug 19869; bugfix on 0.2.9.1-alpha. - diff --git a/changes/bug19926_029_info b/changes/bug19926_029_info deleted file mode 100644 index 93fd81b6cb..0000000000 --- a/changes/bug19926_029_info +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (logging): - - Downgrade a harmless log message about the pending_entry_connections - list from "warn" to "info". Mitigates bug 19926. diff --git a/changes/bug19960 b/changes/bug19960 deleted file mode 100644 index 5d655859a6..0000000000 --- a/changes/bug19960 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (netbsd, unit tests): - - Stop expecting NetBSD unit tests to report success for ipfw; - on NetBSD, it's only pf that's supported. - Part of a fix for bug 19960; bugfix on 0.2.9.5-alpha. diff --git a/changes/bug19968 b/changes/bug19968 deleted file mode 100644 index b285706e70..0000000000 --- a/changes/bug19968 +++ /dev/null @@ -1,11 +0,0 @@ - o Minor bugfixes (relay): - - Do not try to parallelize workers more than 16x without the - user explicitly configuring us to do so, even if we do detect more than - 16 CPU cores. Fixes bug 19968; bugfix on - 0.2.3.1-alpha. - - - o Minor bugfixes (testing): - - Avoid a unit test failure on systems with over 16 detectable - CPU cores. Fixes bug 19968; bugfix on - 0.2.3.1-alpha. diff --git a/changes/bug19969 b/changes/bug19969 deleted file mode 100644 index c760c6de03..0000000000 --- a/changes/bug19969 +++ /dev/null @@ -1,10 +0,0 @@ - o Major bugfixes (client performance): - - Clients now respond to new application stream requests when - they arrive, rather than waiting up to one second before starting - to handle them. Fixes part of bug 19969; bugfix on 0.2.8.1-alpha. - - o Major bugfixes (clients on flaky network connections): - - When Tor leaves standby because of a new application request, open - circuits as needed to serve that request. Previously, we would - potentially wait a very long time. Fixes part of bug 19969; bugfix - on 0.2.8.1-alpha. diff --git a/changes/bug20027 b/changes/bug20027 new file mode 100644 index 0000000000..79d154064a --- /dev/null +++ b/changes/bug20027 @@ -0,0 +1,3 @@ + o Minor bugfixes (ed25519 certificates): + - Correctly interpret ed25519 certificates that would expire some + time after 19 Jan 2038. Fixes bug 20027; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug20048 b/changes/bug20048 new file mode 100644 index 0000000000..5cc9f45545 --- /dev/null +++ b/changes/bug20048 @@ -0,0 +1,4 @@ + o Minor features (infrastructure): + - Implement smartlist_add_strdup() function. Replaces the use of + smartlist_add(sl, tor_strdup(str)). Closes ticket 20048. + diff --git a/changes/bug20085 b/changes/bug20085 deleted file mode 100644 index fd10e7eeeb..0000000000 --- a/changes/bug20085 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Correct the minimum bandwidth value in torrc.sample, and queue a - corresponding change for torrc.minimal. Closes ticket 20085. - diff --git a/changes/bug20235 b/changes/bug20235 deleted file mode 100644 index 54026a8943..0000000000 --- a/changes/bug20235 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (compatibility): - - Work around a bug in the OSX 10.12 SDK that would prevent us - from successfully targetting earlier versions of OSX. - Resolves ticket 20235. diff --git a/changes/bug20269 b/changes/bug20269 new file mode 100644 index 0000000000..814eb8ff0b --- /dev/null +++ b/changes/bug20269 @@ -0,0 +1,4 @@ + o Minor bugfixes (client): + - When clients that use bridges start up with a cached consensus + on disk, they were ignoring it and downloading a new one. Now they + use the cached one. Fixes bug 20269; bugfix on 0.2.3.12-alpha. diff --git a/changes/bug20306_029 b/changes/bug20306_029 deleted file mode 100644 index ada2676b2b..0000000000 --- a/changes/bug20306_029 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (fascistfirewall): - - Avoid spurious warnings when ReachableAddresses or FascistFirewall - is set. Fixes bug 20306; bugfix on 0.2.8.2-alpha. - diff --git a/changes/bug20389 b/changes/bug20389 new file mode 100644 index 0000000000..8f1b9f5e03 --- /dev/null +++ b/changes/bug20389 @@ -0,0 +1,4 @@ + o Minor features (controller): + - When HSFETCH arguments cannot be parsed, say "Invalid argument" + rather than "unrecognized." Closes ticket 20389; patch from + Ivan Markin. diff --git a/changes/bug20401 b/changes/bug20401 deleted file mode 100644 index 85ab3c7322..0000000000 --- a/changes/bug20401 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (relay): - - Avoid a small memory leak when informing worker threads about rotated - onion keys. Fixes bug 20401; bugfix on 0.2.6.3-alpha. - diff --git a/changes/bug20423 b/changes/bug20423 deleted file mode 100644 index 32bdc3f081..0000000000 --- a/changes/bug20423 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - For relays that don't know their own address, avoid attempting - a local hostname resolve for each descriptor we download. Also cut - down on the number of "Success: chose address 'x.x.x.x'" log lines. - Fixes bugs 20423 and 20610; bugfix on 0.2.8.1-alpha. - diff --git a/changes/bug20435 b/changes/bug20435 new file mode 100644 index 0000000000..00d5ac744e --- /dev/null +++ b/changes/bug20435 @@ -0,0 +1,4 @@ + o Documentation (man page): + - Set the default value from 250 KBytes to 2 MBytes for + AuthDirGuardBWGuarantee in the man page which is what the code is using; + Fixes bug 20435; bugfix on tor-0.2.5.6-alpha. diff --git a/changes/bug20459 b/changes/bug20459 new file mode 100644 index 0000000000..2571fc0f4a --- /dev/null +++ b/changes/bug20459 @@ -0,0 +1,6 @@ + o Major bugfixes (scheduler): + - Fix an issue where the ewma_cmp_cmux() function would never consider + circuit policies to be different. This bug caused the channel scheduler + to behave more or less randomly, rather than preferring channels with + higher-priority circuits. + Fixes bug 20459; bugfix on 0.2.6.2-alpha. diff --git a/changes/bug20472 b/changes/bug20472 deleted file mode 100644 index 4d90c39f5b..0000000000 --- a/changes/bug20472 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (circuits): - - Remove a BUG warning in circuit_pick_extend_handshake. Instead, assume - all nodes support EXTEND2. Use ntor whenever a key is available. - Fixes bug 20472; bugfix on 0.2.9.3-alpha. - diff --git a/changes/bug20484 b/changes/bug20484 deleted file mode 100644 index 9a0b95cb39..0000000000 --- a/changes/bug20484 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (single onion services): - - Start correctly when creating a single onion service in a - directory that did not previously exist. Fixes bug 20484; bugfix on - 0.2.9.3-alpha. - diff --git a/changes/bug20487 b/changes/bug20487 deleted file mode 100644 index 4435f14a95..0000000000 --- a/changes/bug20487 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Clarify that setting HiddenServiceNonAnonymousMode requires - you to also set "SOCKSPort 0". Fixes bug 20487; bugfix on - 0.2.9.3-alpha. diff --git a/changes/bug20529 b/changes/bug20529 deleted file mode 100644 index 276be5b2b6..0000000000 --- a/changes/bug20529 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (hidden services): - - When configuring hidden services, check every hidden service directory's - permissions. Previously, we only checked the last hidden service. - Fixes bug 20529; bugfix on 13942 commit 85bfad1 in 0.2.6.2-alpha. diff --git a/changes/bug20530 b/changes/bug20530 new file mode 100644 index 0000000000..85d1b0115b --- /dev/null +++ b/changes/bug20530 @@ -0,0 +1,4 @@ + o Minor bugfixes (Windows): + - Check for getpagesize before using it to mmap files. This fixes + compilation in some MinGW environments. Fixes bug 20530; bugfix on + 0.1.2.1-alpha. Reported by "ice". diff --git a/changes/bug20533 b/changes/bug20533 deleted file mode 100644 index 7d1a456328..0000000000 --- a/changes/bug20533 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (consensus downloads): - - If a consensus expires while we are waiting for certificates to download, - stop waiting for certificates. - - If we stop waiting for certificates less than a minute after we started - downloading them, do not consider the certificate download failure a - separate failure. - Fixes bug 20533; bugfix on commit e0204f21 in 0.2.0.9-alpha. diff --git a/changes/bug20534 b/changes/bug20534 deleted file mode 100644 index 49db433a01..0000000000 --- a/changes/bug20534 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes (directory download scheduling): - - Remove the maximum delay on exponential-backoff scheduling. - Since we now allow an infinite number of failures (see ticket - 20536), we must now allow the time to grow longer on each failure. - Fixes part of bug 20534; bugfix on 0.2.9.1-alpha. - - Use initial delays and decrements in download scheduling closer to - those from 0.2.8. Fixes another part of bug 20534; bugfix on - 0.2.9.1-alpha. diff --git a/changes/bug20536 b/changes/bug20536 deleted file mode 100644 index 9e0dd164bb..0000000000 --- a/changes/bug20536 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (download scheduling): - - When using an exponential backoff schedule, do not give up on - dowloading just because we have failed a bunch of times. Since - each delay is longer than the last, retrying indefinitely won't - hurt. Fixes bug 20536; bugfix on 0.2.9.1-alpha. - diff --git a/changes/bug20551 b/changes/bug20551 deleted file mode 100644 index b7ec4ca7cc..0000000000 --- a/changes/bug20551 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix implicit conversion warnings under OpenSSL 1.1. - Fixes bug 20551; bugfix on 0.2.1.1-alpha. diff --git a/changes/bug20553 b/changes/bug20553 deleted file mode 100644 index 12a2780303..0000000000 --- a/changes/bug20553 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (memory leak): - - Work around a memory leak in OpenSSL 1.1 when encoding public keys. - Fixes bug 20553; bugfix on 0.0.2pre8. diff --git a/changes/bug20559 b/changes/bug20559 new file mode 100644 index 0000000000..f117162dde --- /dev/null +++ b/changes/bug20559 @@ -0,0 +1,4 @@ + o Minor bugfixes (hidden services): + - Stop ignoring misconfigured hidden services. Instead, refuse to start + tor until the misconfigurations have been corrected. + Fixes bug 20559; bugfix on multiple commits in 0.2.7.1-alpha and earlier. diff --git a/changes/bug20560 b/changes/bug20560 deleted file mode 100644 index 43d605b296..0000000000 --- a/changes/bug20560 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (portability): - - Run correctly when built on Windows build environments that require - _vcsprintf(). Fixes bug 20560; bugfix on 0.2.2.11-alpha. - diff --git a/changes/bug20587 b/changes/bug20587 deleted file mode 100644 index 341b001363..0000000000 --- a/changes/bug20587 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (download timing): - - When determining when to download a directory object, handle times - after 2038 if the operating system supports that. (Someday this will be - important!) Fixes bug 20587; bugfix on 0.2.8.1-alpha. - diff --git a/changes/bug20588 b/changes/bug20588 deleted file mode 100644 index 832ef81336..0000000000 --- a/changes/bug20588 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (portability): - - Fix compilation with OpenSSL 1.1 and less commonly-used - CPU architectures. Closes ticket 20588. diff --git a/changes/bug20591 b/changes/bug20591 deleted file mode 100644 index deaa738f5e..0000000000 --- a/changes/bug20591 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (relay bootstrap): - - Ensure relays don't make multiple connections during bootstrap. - Fixes bug 20591; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug20593 b/changes/bug20593 deleted file mode 100644 index e9f54d317a..0000000000 --- a/changes/bug20593 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (client directory scheduling): - - Treat "relay too busy to answer request" as a failed request and a - reason to back off on our retry frequency. This is safe now that - exponential backups retry indefinitely, and avoids a bug where we would - reset our download schedule erroneously. - Fixes bug 20593; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug20593.2 b/changes/bug20593.2 new file mode 100644 index 0000000000..bdaaf00eea --- /dev/null +++ b/changes/bug20593.2 @@ -0,0 +1,4 @@ + o Minor features (diagnostic, directory client): + - Warn if we find an unexpected inconsistency in directory download + status objects. Prevents some negative consequences of bug 20593. + diff --git a/changes/bug20597 b/changes/bug20597 deleted file mode 100644 index f199b63933..0000000000 --- a/changes/bug20597 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (test networks, exponential backoff): - - When using exponential backoff in test networks, use a lower exponent, - so the delays do not vary as much. This helps test networks bootstrap - consistently. Fixes bug 20597; bugfix on 20499; not in any released - version of tor. diff --git a/changes/bug20613 b/changes/bug20613 deleted file mode 100644 index 19bb61f4e0..0000000000 --- a/changes/bug20613 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (single onion services, Tor2web): - - Stop logging long-term one-hop circuits deliberately created by single - onion services and Tor2web. These log messages are intended to diagnose - issue 8387, which relates to circuits hanging around forever for no - reason. - Fixes bug 20613; bugfix on 0.2.9.1-alpha. Reported by "pastly". diff --git a/changes/bug20622 b/changes/bug20622 new file mode 100644 index 0000000000..eb7a8fb9b8 --- /dev/null +++ b/changes/bug20622 @@ -0,0 +1,8 @@ + o Minor bugfixes (configuration): + - Support "TByte" and "TBytes" units in options given in bytes. + "TB", "terabyte(s)", "TBit(s)" and "terabit(s)" were already + supported. Fixes bug 20622; bugfix on 0.2.0.14-alpha. + + o Minor bugfixes (documentation): + - Include the "TBits" unit in Tor's man page. Fixes part of bug + 20622; bugfix on tor-0.2.5.1-alpha. diff --git a/changes/bug20634 b/changes/bug20634 deleted file mode 100644 index 62fc9f4787..0000000000 --- a/changes/bug20634 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (unit tests): - - Stop spurious failures in the local interface address discovery unit - tests. Fixes bug 20634; bugfix on 0.2.8.1-alpha; patch by Neel Chauhan. diff --git a/changes/bug20638 b/changes/bug20638 deleted file mode 100644 index 260d7d0a75..0000000000 --- a/changes/bug20638 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (hidden services): - - Stop ignoring hidden service key anonymity when first starting tor. - Instead, refuse to start tor if any hidden service key has been used in - a different hidden service anonymity mode. - Fixes bug 20638; bugfix on 17178 in 0.2.9.3-alpha; reported by ahf. diff --git a/changes/bug20646 b/changes/bug20646 new file mode 100644 index 0000000000..7cff38fb80 --- /dev/null +++ b/changes/bug20646 @@ -0,0 +1,5 @@ + o Minor bugfix (util): + - When finishing writing a file to disk, if we were about to replace the + file with the temporary file created before and we fail to replace it, + remove the temporary file so it doesn't stay on disk. Fixes bug 20646; + bugfix on tor-0.2.0.7-alpha. Patch by fk. diff --git a/changes/bug20667 b/changes/bug20667 new file mode 100644 index 0000000000..93b293a4e6 --- /dev/null +++ b/changes/bug20667 @@ -0,0 +1,5 @@ + o Minor bugfixes (directory downloads): + - Download all consensus flavors, descriptors, and authority certificates + when FetchUselessDescriptors is set, regardless of whether tor is a + directory cache or not. + Fixes bug 20667; bugfix on all recent tor versions. diff --git a/changes/bug20710_025 b/changes/bug20710_025 deleted file mode 100644 index 12bd07536c..0000000000 --- a/changes/bug20710_025 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (memory leak, use-after-free, linux seccomp2 sandbox): - - Fix a memory leak and use-after-free error when removing entries - from the sandbox's getaddrinfo() cache. Fixes bug 20710; bugfix on - 0.2.5.5-alpha. Patch from "cypherpunks". diff --git a/changes/bug20715 b/changes/bug20715 deleted file mode 100644 index 737a560cec..0000000000 --- a/changes/bug20715 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (memory leak) - - When moving a signed descriptor object from a source to an existing - destination, free the allocated memory inside that destination object. - Bugfix on tor-0.2.8.3-alpha; Closes #20715. diff --git a/changes/bug20716 b/changes/bug20716 deleted file mode 100644 index 37fd6feecf..0000000000 --- a/changes/bug20716 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (client, memory leak): - - Fix a small memory leak when receiving AF_UNIX connections on - a SocksPort. Fixes bug 20716; bugfix on 0.2.6.3-alpha. diff --git a/changes/bug20810 b/changes/bug20810 deleted file mode 100644 index 5420a73175..0000000000 --- a/changes/bug20810 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (relay) - - When computing old Tor protocol line version in protover, we were - looking at 0.2.7.5 twice instead of a specific case for 0.2.9.1-alpha. - Bugfix on tor-0.2.9.4-alpha. diff --git a/changes/bug20839 b/changes/bug20839 new file mode 100644 index 0000000000..c290097d80 --- /dev/null +++ b/changes/bug20839 @@ -0,0 +1,5 @@ + o Minor bugfixes (descriptors): + - Correctly recognise downloaded full descriptors as valid, even when + using microdescriptors as circuits. This affects clients with + FetchUselessDescriptors set, and may affect directory authorities. + Fixes bug 20839; bugfix on commit 6083276 in 0.2.3.2-alpha. diff --git a/changes/bug20860 b/changes/bug20860 new file mode 100644 index 0000000000..81b0dd8fc0 --- /dev/null +++ b/changes/bug20860 @@ -0,0 +1,4 @@ + o Minor bugfixes (hidden services): + - Stop ignoring duplicate hidden services when validating: this could + lead to a crash when those services were created. + Fixes bug 20860; bugfix on 20559; not in any released version of tor. diff --git a/changes/bug20864 b/changes/bug20864 deleted file mode 100644 index 7b8c70fad6..0000000000 --- a/changes/bug20864 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (unit tests, hidden services): - - Remove a double-free in the single onion service unit test. Stop - ignoring a return value. Make future changes less error-prone. - Fixes bug 20864; bugfix on 0.2.9.6-rc. diff --git a/changes/bug20875 b/changes/bug20875 deleted file mode 100644 index 6bba2cbc12..0000000000 --- a/changes/bug20875 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (download scheduling) - - Resolve a "bug" warning when considering a download schedule whose - delay had approached INT_MAX. Fixes 20875; bugfix on 0.2.9.5-alpha. - diff --git a/changes/bug20935 b/changes/bug20935 deleted file mode 100644 index 78068c7c06..0000000000 --- a/changes/bug20935 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (portability): - - Use the correct spelling of MAC_OS_X_VERSION_10_12 on configure.ac - Fixes bug 20935; bugfix on 0.2.9.6-rc. diff --git a/changes/bug6769 b/changes/bug6769 new file mode 100644 index 0000000000..773850fb1f --- /dev/null +++ b/changes/bug6769 @@ -0,0 +1,5 @@ + o Minor bugfixes (directory system): + - Bridges and relays now use microdescriptors (like clients do) + rather than old-style router descriptors. Now bridges will blend in + with clients in terms of the circuits they build. Fixes bug 6769; + bugfix on 0.2.3.2-alpha. diff --git a/changes/feature13752 b/changes/feature13752 new file mode 100644 index 0000000000..f318cc29f5 --- /dev/null +++ b/changes/feature13752 @@ -0,0 +1,4 @@ + o Minor features (fingerprinting resistence, authentication): + - Extend the length of RSA keys used for TLS link authentication to + 2048 bits. (These weren't used for forward secrecy; for forward + secrecy, we used P256.) Closes ticket 13752. diff --git a/changes/feature15055 b/changes/feature15055 new file mode 100644 index 0000000000..06cc06a281 --- /dev/null +++ b/changes/feature15055 @@ -0,0 +1,6 @@ + o Major features (protocol, Ed25519): + - Tor relays now use Ed25519 to prove their Ed25519 identities and + Ed25519 to one another, and to clients. This algorithm is faster + and more secure than the RSA-based handshake we've been doing until + now. Implements the second big part of proposal 220; Closes ticket + 15055. diff --git a/changes/feature15056 b/changes/feature15056 new file mode 100644 index 0000000000..46226f881f --- /dev/null +++ b/changes/feature15056 @@ -0,0 +1,28 @@ + o Major features (ed25519 identity keys): + - Relays now understand requests to extend to other relays + by their Ed25519 identity keys. When an Ed25519 identity key + is included in an EXTEND2 cell, the relay will only extend + the circuit if the other relay can prove ownership of that identity. + Implements part of ticket 15056; part of proposal 220. + - Clients now support including Ed25519 identity keys in the EXTEND2 + cells they generate. By default, this is controlled by a consensus + parameter, currently disabled. You can turn this feature on for + testing by setting ExtendByEd25519ID in your configuration. This might + make your traffic appear different than the traffic generated by other + users, however. + Implements part of ticket 15056; part of proposal 220. + + o Code simplification and refactoring: + - The code to generate and parse EXTEND and EXTEND2 cells has + been replaced with code automatically generated by the "trunnel" + utility. + - Remove data structures that were used to index or_connection objects by + their RSA identity digests. These structures are fully redundant with + the similar structures used in the channel abstraction. + + o Minor features (directory authority): + - Add a new authority-only AuthDirTestEd25519LinkKeys option (on by + default) to control whether authorities should try to probe relays by + their Ed25519 link keys. This option will go away in a few + releases--unless we encounter major trouble in our ed25519 link + protocol rollout, in which case it will serve as a safety option. diff --git a/changes/feature17238 b/changes/feature17238 new file mode 100644 index 0000000000..88dfee92cf --- /dev/null +++ b/changes/feature17238 @@ -0,0 +1,6 @@ + o Major features (onion services): + - Tor relays now support the HSDir version 3 protocol meaning they can + store and serve v3 descriptors. This is part of the next generation + onion service work detailled in proposal 224. The tor daemon also + contains all the necessary code to encode and decode a v3 descriptor but + it's currently only used by the directory subsystem. Closes ticket 17238. diff --git a/changes/feature20552 b/changes/feature20552 new file mode 100644 index 0000000000..75fbdde56b --- /dev/null +++ b/changes/feature20552 @@ -0,0 +1,4 @@ + o Minor features (ed25519 link handshake): + - Advertise support for the ed25519 link handshake using the + subprotocol-versions mechanism, so that clients can tell which + relays can identity themselves by Ed25519 ID. Closes ticket 20552. diff --git a/changes/geoip-december2016 b/changes/geoip-december2016 deleted file mode 100644 index 60754ea21d..0000000000 --- a/changes/geoip-december2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-november2016 b/changes/geoip-november2016 deleted file mode 100644 index b3f9913bb1..0000000000 --- a/changes/geoip-november2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (ge0oip): - - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/more_module_docs b/changes/more_module_docs deleted file mode 100644 index 0066ddfcf0..0000000000 --- a/changes/more_module_docs +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Module-level documentation for several more modules. Closes tickets - 19287 and - 19290. diff --git a/changes/ticket18873 b/changes/ticket18873 new file mode 100644 index 0000000000..11a867d393 --- /dev/null +++ b/changes/ticket18873 @@ -0,0 +1,10 @@ + o Code simplification and refactoring: + - Refactor circuit_predict_and_launch_new for readability and + testability. Closes ticket 18873. + - Extract magic numbers in circuituse.c into defined variables. + - Refactor circuit_is_available_for_use to remove unnecessary check. + + o Minor features (unit tests): + - Extract dummy_origin_circuit_new so it can be used by other test + functions. + - Add unit tests circuit_predict_and_launch_new. diff --git a/changes/ticket19858 b/changes/ticket19858 new file mode 100644 index 0000000000..777b7906a8 --- /dev/null +++ b/changes/ticket19858 @@ -0,0 +1,4 @@ + o Code simplification and refactoring (guards): + - Abolish all global guard context in entrynodes.c; replace with new + guard_selection_t structure as preparation for proposal 271. Closes + ticket 19858. diff --git a/changes/ticket20077 b/changes/ticket20077 new file mode 100644 index 0000000000..cd8149ad15 --- /dev/null +++ b/changes/ticket20077 @@ -0,0 +1,5 @@ + o Code simplification and refactoring: + - Remove redundant behavior of is_sensitive_dir_purpose, refactor to use + only purpose_needs_anonymity. Closes part of ticket 20077. + - Refactor large if statement in purpose_needs_anonymity to use switch + statement instead. Closes part of ticket 20077. diff --git a/changes/ticket20486 b/changes/ticket20486 new file mode 100644 index 0000000000..9c1bb1e67f --- /dev/null +++ b/changes/ticket20486 @@ -0,0 +1,3 @@ + o Documentation (Onion Services): + - tor's man page incorrectly states that HiddenServiceDir must already + exist. This is not true. Fixes 20486. diff --git a/changes/ticket20717 b/changes/ticket20717 new file mode 100644 index 0000000000..71d3edd13e --- /dev/null +++ b/changes/ticket20717 @@ -0,0 +1,3 @@ + o Code simplification and refactoring: + - Refactor the hashing API to return negative values for errors, as is done + as throughout the codebase. Closes ticket 20717. diff --git a/changes/ticket20831 b/changes/ticket20831 new file mode 100644 index 0000000000..c5be2431a8 --- /dev/null +++ b/changes/ticket20831 @@ -0,0 +1,6 @@ + o Removed features: + - The UseDirectoryGuards torrc options is + no longer present: all users that use entry guards will also use + directory guards. Related to proposal 271; implements part of + ticket 20831. + diff --git a/changes/ticket20960 b/changes/ticket20960 new file mode 100644 index 0000000000..3c21ae680f --- /dev/null +++ b/changes/ticket20960 @@ -0,0 +1,5 @@ + o Removed features: + - The AuthDirMaxServersPerAuthAddr option no longer exists: The same + limit for relays running on a single IP applies to authority IP + addresses as well as to non-authority IP addresses. Closes ticket + 20960. diff --git a/changes/ticket5500 b/changes/ticket5500 new file mode 100644 index 0000000000..0cdd8e1f1d --- /dev/null +++ b/changes/ticket5500 @@ -0,0 +1,3 @@ + o Testing: + - Perform the coding style checks when running the tests and fail when + coding style violations are found. Closes ticket 5500. |