diff options
Diffstat (limited to 'changes')
87 files changed, 195 insertions, 307 deletions
diff --git a/changes/18640 b/changes/18640 new file mode 100644 index 0000000000..de63da6655 --- /dev/null +++ b/changes/18640 @@ -0,0 +1,6 @@ + o Major features (resource management): + - Tor now includes support for noticing when we are about to run out of + sockets, and preemptively closing connections of lower priority. + (This feature is off by default for now, since the current prioritizing + method is not mature enough yet. You can enable it by setting + "DisableOOSCheck 0".) Closes ticket 18640. diff --git a/changes/19122 b/changes/19122 new file mode 100644 index 0000000000..80f38a6a94 --- /dev/null +++ b/changes/19122 @@ -0,0 +1,4 @@ + o Minor bugfixes (documentation): + - Fix manual for the User option: it takes a username, not a UID. + Fixes bug 19122; bugfix on 0.0.2pre16 (the first version to have + a manpage!). diff --git a/changes/19271 b/changes/19271 deleted file mode 100644 index dc06ead999..0000000000 --- a/changes/19271 +++ /dev/null @@ -1,2 +0,0 @@ - o Directory authority changes: - - Urras is no longer a directory authority. Closes ticket 19271. diff --git a/changes/19977 b/changes/19977 new file mode 100644 index 0000000000..0e55fbd567 --- /dev/null +++ b/changes/19977 @@ -0,0 +1,6 @@ + o Minor bugfixes (unit tests): + - Fix shared random unit test that was failing on big endian architecture + due to internal representation of a integer copied to a buffer. The test + is changed to take a full 32 bytes of data and use the output of a + python script that make the COMMIT and REVEAL calculation according to + the spec. Fixes bug 19977; bugfix on tor-0.2.9.1-alpha. diff --git a/changes/asciidoc-UTC b/changes/asciidoc-UTC deleted file mode 100644 index 21fbfc1d67..0000000000 --- a/changes/asciidoc-UTC +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (build): - - When building manual pages, set the timezone to "UTC", so that the - output is reproducible. Fixes bug 19558; bugfix on 0.2.2.9-alpha. - Patch from intrigeri. diff --git a/changes/bug17150 b/changes/bug17150 deleted file mode 100644 index 686cc34296..0000000000 --- a/changes/bug17150 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (directory warnings): - - When fetching extrainfo documents, compare their SHA256 digests - and Ed25519 signing key certificates - with the routerinfo that led us to fetch them, rather than - with the most recent routerinfo. Otherwise we generate many - spurious warnings about mismatches. Fixes bug 17150; bugfix - on 0.2.7.2-alpha. diff --git a/changes/bug17744_redux b/changes/bug17744_redux deleted file mode 100644 index d61e17fec3..0000000000 --- a/changes/bug17744_redux +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (build): - - Remove a pair of redundant AM_CONDITIONAL declarations from - configure.ac. Fixes one final case of bug 17744; bugfix on - 0.2.8.2-alpha. - diff --git a/changes/bug18133 b/changes/bug18133 deleted file mode 100644 index 177d286495..0000000000 --- a/changes/bug18133 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (logging): - - When we can't generate a signing key because OfflineMasterKey is set, - do not imply that we should have been able to load it. - Fixes bug 18133; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug18286 b/changes/bug18286 deleted file mode 100644 index e398fb004b..0000000000 --- a/changes/bug18286 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (build): - - Tor now builds again with the recent OpenSSL 1.1 development branch - (tested against 1.1.0-pre4 and 1.1.0-pre5-dev). Closes ticket 18286. - - diff --git a/changes/bug18312 b/changes/bug18312 deleted file mode 100644 index 7dcb3266bf..0000000000 --- a/changes/bug18312 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Stop recommending use of nicknames to identify relays in our - MapAddress documentation. Closes ticket 18312. - diff --git a/changes/bug18397 b/changes/bug18397 deleted file mode 100644 index 53993da4e6..0000000000 --- a/changes/bug18397 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (Linux seccomp2 sandbox): - - Add a few missing syscalls to the seccomp2 sandbox: sysinfo, - getsockopt(SO_SNDBUF), and setsockopt(SO_SNDBUFFORCE). On - some systems, these are required for Tor to start with - "Sandbox 1" enabled. - Fixes bug 18397; bugfix on 0.2.5.1-alpha. Patch from - Daniel Pinto. diff --git a/changes/bug18460 b/changes/bug18460 deleted file mode 100644 index a8c1a19774..0000000000 --- a/changes/bug18460 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (statistics): - - We now include consensus downloads via IPv6 in our directory-request statistics. - Fixes bug 18460; bugfix on 0.2.3.14-alpha. - diff --git a/changes/bug18481 b/changes/bug18481 deleted file mode 100644 index 6fd882b36b..0000000000 --- a/changes/bug18481 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (client): - - Turn all TestingClientBootstrap* into non-testing torrc options. This - changes simply renames them by removing "Testing" in front of them and - they do not require TestingTorNetwork to be enabled anymore. Fixes - bug 18481; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug18616 b/changes/bug18616 deleted file mode 100644 index ec59e846ed..0000000000 --- a/changes/bug18616 +++ /dev/null @@ -1,14 +0,0 @@ - o Major bugfixes (directory mirrors): - - Decide whether to advertise begindir support the same way we decide - whether to advertise our DirPort. These decisions being out of sync - led to surprising behavior like advertising begindir support when - our hibernation config options made us not advertise a DirPort. - Resolves bug 18616; bugfix on 0.2.8.1-alpha. Patch by teor. - - o Minor bugfixes: - - Consider more config options when relays decide whether to regenerate - their descriptor. Fixes more of bug 12538; bugfix on 0.2.8.1-alpha. - - Resolve some edge cases where we might launch an ORPort reachability - check even when DisableNetwork is set. Noticed while fixing bug - 18616; bugfix on 0.2.3.9-alpha. - diff --git a/changes/bug18668 b/changes/bug18668 deleted file mode 100644 index 4b186b5c05..0000000000 --- a/changes/bug18668 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (tests): - - Avoid "WSANOTINITIALISED" warnings in the unit tests. Fixes bug 18668; - bugfix on 0.2.8.1-alpha. diff --git a/changes/bug18673 b/changes/bug18673 deleted file mode 100644 index 5d6161718a..0000000000 --- a/changes/bug18673 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (memory leak): - - Fix a small memory leak that would occur when the - TestingEnableCellStatsEvent option was turned on. Fixes bug 18673; - bugfix on 0.2.5.2-alpha. diff --git a/changes/bug18686 b/changes/bug18686 deleted file mode 100644 index 23547d211d..0000000000 --- a/changes/bug18686 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (pluggable transports): - - Avoid reporting a spurious error when we decide that we don't - need to terminate a pluggable transport because it has already - exited. Fixes bug 18686; bugfix on 0.2.5.5-alpha. - diff --git a/changes/bug18710 b/changes/bug18710 deleted file mode 100644 index 269395563d..0000000000 --- a/changes/bug18710 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (DNS proxy): - - Stop a crash that could occur when a client running with DNSPort - received a query with multiple address types, where the first - address type was not supported. Found and fixed by Scott Dial. - Fixes bug 18710; bugfix on 0.2.5.4-alpha. - diff --git a/changes/bug18716 b/changes/bug18716 deleted file mode 100644 index b15a343f4c..0000000000 --- a/changes/bug18716 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (assert, portability): - - Fix an assertion failure in memarea.c on systems where "long" is - shorter than the size of a pointer. - Fixes bug 18716; bugfix on 0.2.1.1-alpha diff --git a/changes/bug18728 b/changes/bug18728 deleted file mode 100644 index e181c17e65..0000000000 --- a/changes/bug18728 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (build): - - Resolve warnings when building on systems that are concerned with - signed char. Fixes bug 18728; bugfix on 0.2.7.2-alpha and - 0.2.6.1-alpha. diff --git a/changes/bug18729 b/changes/bug18729 deleted file mode 100644 index 4ec9ca3254..0000000000 --- a/changes/bug18729 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (logging): - - Stop blasting twelve lines per second from periodic_event_dispatch() - at loglevel debug. Resolves ticket 18729; fix on 0.2.8.1-alpha. diff --git a/changes/bug18761 b/changes/bug18761 deleted file mode 100644 index 78500a88ea..0000000000 --- a/changes/bug18761 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor feature (logging): - - When rejecting a misformed INTRODUCE2 cell, only log at PROTOCOL_WARN - severity. Closes ticket 18761. diff --git a/changes/bug18809 b/changes/bug18809 deleted file mode 100644 index 1e151874b7..0000000000 --- a/changes/bug18809 +++ /dev/null @@ -1,16 +0,0 @@ - o Major bugfixes (bootstrap): - - Check if bootstrap consensus downloads are still needed - when the linked connection attaches. This prevents tor - making unnecessary begindir-style connections, which are - the only directory connections tor clients make since - the fix for 18483 was merged. - - Fix some edge cases where consensus download connections - may not have been closed, even though they were not needed. - Related to fix 18809. - - Make relays retry consensus downloads the correct number of - times, rather than the more aggressive client retry count. - Fixes part of ticket 18809. - - Stop downloading consensuses when we have a consensus, - even if we don't have all the certificates for it yet. - Fixes bug 18809; bugfix on 0.2.8.1-alpha. - Patches by arma and teor. diff --git a/changes/bug18812 b/changes/bug18812 deleted file mode 100644 index 793e1102f7..0000000000 --- a/changes/bug18812 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (bootstrap): - - When a fallback changes its fingerprint from the hard-coded - fingerprint, log a less severe, more explanatory log message. - Fixes bug 18812; bugfix on 0.2.8.1-alpha. Patch by teor. diff --git a/changes/bug18816 b/changes/bug18816 deleted file mode 100644 index 103f816962..0000000000 --- a/changes/bug18816 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfix (bootstrap): - - Consistently use the consensus download schedule for - authority certificates. - Fixes bug 18816; bugfix on 0.2.4.13-alpha. diff --git a/changes/bug18841.1 b/changes/bug18841.1 deleted file mode 100644 index 205ee5a425..0000000000 --- a/changes/bug18841.1 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (compilation): - - Correctly detect compiler flags on systems where _FORTIFY_SOURCE - is predefined. Previously, our use of -D_FORTIFY_SOURCE would - cause a compiler warning, thereby making other checks fail. - Fixes one case of bug 18841; bugfix on 0.2.3.17-beta. Patch from - "trudokal". - diff --git a/changes/bug18849 b/changes/bug18849 deleted file mode 100644 index b12a8da011..0000000000 --- a/changes/bug18849 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfix (logging): - - Reduce excessive logging when directories can't be found. - Fixes bug 18849; bugfix on 0.2.8.3-alpha and 0.2.8.1-alpha. - Patch by teor. diff --git a/changes/bug18920 b/changes/bug18920 deleted file mode 100644 index 1babfd6656..0000000000 --- a/changes/bug18920 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (controller, microdescriptors): - - Make GETINFO dir/status-vote/current/consensus conform to the control - specification by returning "551 Could not open cached consensus..." - when not caching consensuses. - Fixes bug 18920; bugfix on 0.2.2.6-alpha. diff --git a/changes/bug18921 b/changes/bug18921 deleted file mode 100644 index cdd868a005..0000000000 --- a/changes/bug18921 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (IPv6 bridges): - - Fix directory address selection for IPv6 bridges. - Fixes bug 18921; bugfix on 0.2.8.1-alpha. - Patch by "teor". diff --git a/changes/bug18929 b/changes/bug18929 deleted file mode 100644 index c607e630a6..0000000000 --- a/changes/bug18929 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (IPv6): - - Make directory node selection more reliable, mainly for - IPv6-only clients and clients with few reachable addresses. - Fixes bug 18929; bugfix on 0.2.8.1-alpha. - Patch by "teor". diff --git a/changes/bug18943 b/changes/bug18943 deleted file mode 100644 index 6bcd868460..0000000000 --- a/changes/bug18943 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (crypto, portability): - - The SHA3 and SHAKE routines now produce the correct output on - Big Endian systems, unbreaking the unit tests. No code calls - either algorithm family yet, so this is primarily a build fix. - Fixes bug 18943; bugfix on 0.2.8.1-alpha. - diff --git a/changes/bug18977 b/changes/bug18977 deleted file mode 100644 index 3f46b09fba..0000000000 --- a/changes/bug18977 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (time handling): - - When correcting a corrupt 'struct tm' value, fill in the tm_wday - field. Otherwise, our unit tests crash on Windows. - Fixes bug 18977; bugfix on 0.2.2.25-alpha. diff --git a/changes/bug19003 b/changes/bug19003 deleted file mode 100644 index ca94938ef9..0000000000 --- a/changes/bug19003 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (small networks): - - Allow directories in small networks to bootstrap by - skipping DirPort checks when the consensus has no exits. - Fixes bug 19003; bugfix on 0.2.8.1-alpha. - Patch by teor. diff --git a/changes/bug19008 b/changes/bug19008 deleted file mode 100644 index c51c98faa6..0000000000 --- a/changes/bug19008 +++ /dev/null @@ -1,3 +0,0 @@ - o Major bugfixes (testing): - - Fix a bug that would block 'make test-network-all' on systems - where IPv6 packets were lost. Fixes bug 19008; bugfix on tor-0.2.7.3-rc. diff --git a/changes/bug19032 b/changes/bug19032 deleted file mode 100644 index 93f17c2f91..0000000000 --- a/changes/bug19032 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (security, directory authorities): - - Fix a crash and out-of-bounds write during authority voting, when the - list of relays includes duplicate ed25519 identity keys. Fixes bug 19032; - bugfix on 0.2.8.2-alpha. diff --git a/changes/bug19161 b/changes/bug19161 deleted file mode 100644 index 78c2165308..0000000000 --- a/changes/bug19161 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - When libscrypt.h is found, but no libscrypt library can be linked, - treat libscrypt as absent. Fixes bug 19161; bugfix on 0.2.6.1-alpha. diff --git a/changes/bug19191 b/changes/bug19191 deleted file mode 100644 index 8670aaa7fd..0000000000 --- a/changes/bug19191 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (downloading): - - Predict more correctly whether we'll be downloading over HTTP when we - determine the maximum length of a URL. This should avoid a "BUG" - warning about the Squid HTTP proxy and its URL limits. Fixes bug 19191; - bugfix on ?????. diff --git a/changes/bug19203 b/changes/bug19203 deleted file mode 100644 index 96bc1e855a..0000000000 --- a/changes/bug19203 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (user interface): - - Correctly give a warning in the cases where a relay is specified by - nickname, and one such relay is found, but it is not officially Named. - Fixes bug 19203; bugfix on 0.2.3.1-alpha. diff --git a/changes/bug19213 b/changes/bug19213 deleted file mode 100644 index 6217814fb4..0000000000 --- a/changes/bug19213 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Cause the unit tests to compile correctly on mingw64 versions - that lack sscanf. Fixes bug 19213; bugfix on 0.2.7.1-alpha. diff --git a/changes/bug19406 b/changes/bug19406 deleted file mode 100644 index e8b661b512..0000000000 --- a/changes/bug19406 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (build): - - Tor now again builds with the recent OpenSSL 1.1 development branch - (tested against 1.1.0-pre5 and 1.1.0-pre6-dev). - diff --git a/changes/bug19454 b/changes/bug19454 deleted file mode 100644 index 05650b5c61..0000000000 --- a/changes/bug19454 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (heartbeat): - - Fix regression that crashes Tor when disabling heartbeats. Fixes bug - 19454; bugfix on tor-0.2.8.1-alpha. Reported by "kubaku". diff --git a/changes/bug19464 b/changes/bug19464 deleted file mode 100644 index 22c9e73dc7..0000000000 --- a/changes/bug19464 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (user interface): - - Remove a warning message "Service [scrubbed] not found after - descriptor upload". This message appears when one uses HSPOST control - command to upload a service descriptor. Since there is only a descriptor - and no service, showing this message is pointless and confusing. - Fixes bug 19464; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug19499 b/changes/bug19499 deleted file mode 100644 index 59bdb29dfa..0000000000 --- a/changes/bug19499 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (build): - - Tor now again builds with the recent OpenSSL 1.1 development branch - (tested against 1.1.0-pre6-dev). Closes ticket 19499. - diff --git a/changes/bug19556 b/changes/bug19556 deleted file mode 100644 index 31856b3db9..0000000000 --- a/changes/bug19556 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (sandboxing): - - When sandboxing is enabled, we could not write any stats to - disk. check_or_create_data_subdir("stats"), which prepares the - private stats directory, calls check_private_dir(), which also - opens and not just stats() the directory. Therefore, we need to - also allow open() for the stats dir in our sandboxing setup. - Fixes bug 19556; bugfix on 0.2.5.1-alpha. diff --git a/changes/bug19557 b/changes/bug19557 deleted file mode 100644 index 55214b0c97..0000000000 --- a/changes/bug19557 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (sandboxing): - - Our sandboxing code would not allow us to write to stats/hidserv-stats, - causing tor to abort while trying to write stats. This was previously - masked by bug 19556. Fixes bug 19557; bugfix on 0.2.6.1-alpha. diff --git a/changes/bug19608 b/changes/bug19608 deleted file mode 100644 index 66c2de214e..0000000000 --- a/changes/bug19608 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (IPv6, microdescriptors): - - Don't check node addresses when we only have a routerstatus. - This allows IPv6-only clients to bootstrap by fetching - microdescriptors from fallback directory mirrors. - (The microdescriptor consensus has no IPv6 addresses in it.) - Fixes bug 19608; bugfix on c281c036 in 0.2.8.2-alpha. diff --git a/changes/bug19660 b/changes/bug19660 deleted file mode 100644 index 72d32c8fe2..0000000000 --- a/changes/bug19660 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes (sandboxing): - - If we did not find a non-private IPaddress by iterating over - interfaces, we would try to get one via - get_interface_address6_via_udp_socket_hack(). This opens a - datagram socket with IPPROTO_UDP. Previously all our datagram - sockets (via libevent) used IPPROTO_IP, so we did not have that - in the sandboxing whitelist. Add (SOCK_DGRAM, IPPROTO_UDP) - sockets to the sandboxing whitelist. Fixes bug 19660. diff --git a/changes/bug19677 b/changes/bug19677 new file mode 100644 index 0000000000..2c84b7e0c5 --- /dev/null +++ b/changes/bug19677 @@ -0,0 +1,6 @@ + o Minor bugfixes (option parsing): + - Count unix sockets when counting client listeners (SOCKS, Trans, + NATD, and DNS). This has no user-visible behaviour changes: these + options are set once, and never read. + Required for correct behaviour in ticket 17178. + Fixes bug 19677; bugfix on 0.2.6.3-alpha. Patch by teor. diff --git a/changes/bug19682 b/changes/bug19682 deleted file mode 100644 index c799c417ac..0000000000 --- a/changes/bug19682 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix compilation warning in the unit tests on systems where - char is signed. Fixes bug 19682; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug19728 b/changes/bug19728 deleted file mode 100644 index 98ba34290f..0000000000 --- a/changes/bug19728 +++ /dev/null @@ -1,3 +0,0 @@ - o Directory authority changes: - - The "Tonga" bridge authority has been retired; the new bridge - authority is "Bifroest". Closes tickets 19728 and 19690. diff --git a/changes/bug19767 b/changes/bug19767 new file mode 100644 index 0000000000..a5349228f5 --- /dev/null +++ b/changes/bug19767 @@ -0,0 +1,6 @@ + o Minor bugfixes (compilation): + - Always include orconfig.h before including any other C headers. + Sometimes, it includes macros that affect the behavior of the + standard headers. Fixes bug 19767; bugfix on 0.2.9.1-alpha (the first + version to use AC_USE_SYSTEM_EXTENSIONS). + diff --git a/changes/bug19782 b/changes/bug19782 deleted file mode 100644 index 37660ead73..0000000000 --- a/changes/bug19782 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (fallback directories): - - Remove a fallback that was on the hardcoded list, then opted-out. - Fixes bug 19782; update to fallback list from 0.2.8.2-alpha. diff --git a/changes/bug19902 b/changes/bug19902 new file mode 100644 index 0000000000..297570ea0d --- /dev/null +++ b/changes/bug19902 @@ -0,0 +1,5 @@ + o Major bugfixes (compilation, OpenBSD): + + - Fix a Libevent-detection bug in our autoconf script that would + prevent Tor from linking successfully on OpenBSD. Patch from + rubiate. Fixes bug 19902; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug19903 b/changes/bug19903 deleted file mode 100644 index 33aa8789d7..0000000000 --- a/changes/bug19903 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Remove an inappropriate "inline" in tortls.c that was causing warnings - on older versions of GCC. Fixes bug 19903; 0.2.8.1-alpha. - diff --git a/changes/bug19905 b/changes/bug19905 new file mode 100644 index 0000000000..b689740594 --- /dev/null +++ b/changes/bug19905 @@ -0,0 +1,3 @@ + o Minor bugfixes (IPv6, testing): + - Check for IPv6 correctly on Linux when running test networks. + Fixes bug 19905; bugfix on 0.2.7.3-rc; patch by teor. diff --git a/changes/bug19947 b/changes/bug19947 deleted file mode 100644 index b9dce8b753..0000000000 --- a/changes/bug19947 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (fallback directories): - - Avoid logging a NULL string pointer when loading fallback directory information. - Fixes bug 19947; bugfix on 0.2.4.7-alpha and 0.2.8.1-alpha. - Report and patch by "rubiate". diff --git a/changes/bug19964 b/changes/bug19964 new file mode 100644 index 0000000000..af719424cb --- /dev/null +++ b/changes/bug19964 @@ -0,0 +1,6 @@ + o Minor bugfixes (logging): + - When we are unable to remove the bw_accounting file, do not warn + if the reason we couldn't remove it was that it didn't exist. + Fixes bug 19964; bugfix on 0.2.5.4-alpha. Patch + from 'pastly'. + diff --git a/changes/bug19973 b/changes/bug19973 deleted file mode 100644 index 7bd5c554f9..0000000000 --- a/changes/bug19973 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (client, security): - - Only use the ReachableAddresses option to restrict the first hop - in a path. Previously, it would apply to every hop in the path, - with a possible degredation in anonymity for anyone using an - uncommon ReachableAddress setting. Fixes bug 19973; bugfix on - 0.2.8.2-alpha. diff --git a/changes/bug19998 b/changes/bug19998 new file mode 100644 index 0000000000..d01589da03 --- /dev/null +++ b/changes/bug19998 @@ -0,0 +1,6 @@ + o Minor features (security, TLS): + - Servers no longer support clients that do not provide AES + ciphersuites. (3DES is no longer considered an acceptable + cipher.) We believe that no such clients currently exist, + since we have required OpenSSL 0.9.7 or later since 2009. + Closes ticket 19998. diff --git a/changes/bug19999_prep b/changes/bug19999_prep new file mode 100644 index 0000000000..769c870fe9 --- /dev/null +++ b/changes/bug19999_prep @@ -0,0 +1,22 @@ + o Minor features (unit tests): + - The unit tests now log all warning messages with the "BUG" flag. + Previously, they only logged errors by default. This change will + help us make our testing code more correct, and make sure that + we only hit this code when we mean to. This is preparatory work + for ticket 19999. + - Our unit testing code that captures log messages no longer prevents + them from being written out if the user asked for them (by passing + --debug or --info or or --notice --warn to the "test" binary). This + change will prevent us from missing unexpected log messages simply + because we were looking for others. Related to ticket 19999. + - Our link-handshake unit tests now check, that when invalid + handshakes fail, they fail with the error messages we + expected. + - The unit tests now treat any failure of a "tor_assert_nonfatal()" + assertion as a test failure. + + o Minor bugfixes (unit tests): + - The tor_tls_server_info_callback unit test no longer crashes when + debug-level logging is turned on. Fixes bug 20041; bugfix on + 0.2.8.1-alpha. + diff --git a/changes/bug20012 b/changes/bug20012 new file mode 100644 index 0000000000..f67ee65867 --- /dev/null +++ b/changes/bug20012 @@ -0,0 +1,12 @@ + o Major bugfixes (hidden services): + - Clients require hidden services to include the TAP keys + for their intro points in the hidden service descriptor. + This prevents an inadvertent upgrade to ntor, which a + malicious hidden service could use to discover which + consensus a client has. + Fixes bug 20012; bugfix on 0.2.4.8-alpha. Patch by teor. + o Minor bugfixes (hidden services): + - Stop logging intro point details to the client log on + certain error conditions. + Fixed as part of bug 20012; bugfix on 0.2.4.8-alpha. + Patch by teor. diff --git a/changes/bug20063 b/changes/bug20063 new file mode 100644 index 0000000000..aa9ec23d03 --- /dev/null +++ b/changes/bug20063 @@ -0,0 +1,6 @@ + o Minor bugfixes (Linux seccomp2 sandbox): + - Add permission to run the sched_yield() and sigaltstack() system + calls, in order to support versions of Tor compiled with + asan or ubsan code that use these calls. Now "sandbox 1" and + "--enable-expensive-hardening" should be compatible. + Fixes bug 20063; bugfix on 0.2.5.1-alpha. diff --git a/changes/bug20064 b/changes/bug20064 new file mode 100644 index 0000000000..38d3b91cfa --- /dev/null +++ b/changes/bug20064 @@ -0,0 +1,5 @@ + o Minor bugfixes (Directory Authority): + - When allowing private addresses, mark Exits that only exit to + private locations as such. Fixes bug 20064; bugfix on + 0.2.2.9-alpha. + diff --git a/changes/bug20065 b/changes/bug20065 new file mode 100644 index 0000000000..cdeb698991 --- /dev/null +++ b/changes/bug20065 @@ -0,0 +1,5 @@ + o Minor bugfixes (directory authorities): + - Die with a useful error when the operator forgets to place the + authority_signing_key file into the keys directory. This avoids an + uninformative assert & traceback about having an invalid key. + Fixes bug 20065; bugfix on 0.2.0.1-alpha. diff --git a/changes/bug20081 b/changes/bug20081 new file mode 100644 index 0000000000..a95161cdc3 --- /dev/null +++ b/changes/bug20081 @@ -0,0 +1,5 @@ + o Minor bugfixes (allocation): + - Change how we allocate memory for large chunks on buffers, to avoid + a (currently impossible) integer overflow, and to waste less space + when allocating unusually large chunks. Fixes bug 20081; bugfix on + 0.2.0.16-alpha. Issue identified by Guido Vranken. diff --git a/changes/bug20093 b/changes/bug20093 new file mode 100644 index 0000000000..ef3260143b --- /dev/null +++ b/changes/bug20093 @@ -0,0 +1,4 @@ + o Minor bugfixes (logging): + - When logging a message from the BUG() macro, be explicit about what + we were asserting. Previously we were confusing what we were asserting + with what the bug was. Fixes bug 20093; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug20110 b/changes/bug20110 new file mode 100644 index 0000000000..bb56a13268 --- /dev/null +++ b/changes/bug20110 @@ -0,0 +1,6 @@ + o Minor bugfixes (compilation): + + - Stop trying to build with Clang 4.0's -Wthread-safety + warnings. They apparently require a set of annotations that we + aren't currently using, and they create false positives in our + pthreads wrappers. Fixes bug 20110; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug20117 b/changes/bug20117 new file mode 100644 index 0000000000..653226068b --- /dev/null +++ b/changes/bug20117 @@ -0,0 +1,6 @@ + o Minor bugfixes (documentation): + - Document the default PathsNeededToBuildCircuits value that's + used by clients when the directory authorities don't set + min_paths_for_circs_pct. + Fixes bug 20117; bugfix on 02c320916e02 in tor-0.2.4.10-alpha. + Patch by teor, reported by Jesse V. diff --git a/changes/bug20141 b/changes/bug20141 new file mode 100644 index 0000000000..99ecf0ad62 --- /dev/null +++ b/changes/bug20141 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation): + - Fix a syntax error in the IF_BUG_ONCE__() macro in non- + GCC-compatible compilers. Fixes bug 20141; bugfix on + 0.2.9.1-alpha. Patch from Gisle Vanem. diff --git a/changes/doc17621 b/changes/doc17621 deleted file mode 100644 index ab37d29b50..0000000000 --- a/changes/doc17621 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation: - - Document the contents of the 'datadir/keys' subdirectory in the manual - page. Closes ticket 17621. diff --git a/changes/fallbacks-201604 b/changes/fallbacks-201604 deleted file mode 100644 index 7acefaaf08..0000000000 --- a/changes/fallbacks-201604 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (fallback directory mirrors): - - Give each fallback the same weight for client selection; - restrict fallbacks to one per operator; - report fallback directory detail changes when rebuilding list; - add new fallback directory mirrors to the whitelist; - update fallback directories based on the latest OnionOO data; - and any other minor simplifications and fixes. - Closes tasks 17158, 17905, 18749, bug 18689, and fixes part of - bug 18812 on 0.2.8.1-alpha; patch by "teor". diff --git a/changes/feature17178 b/changes/feature17178 new file mode 100644 index 0000000000..d6a8e8d8d3 --- /dev/null +++ b/changes/feature17178 @@ -0,0 +1,30 @@ + o Major features (onion services): + - Add experimental HiddenServiceSingleHopMode and + HiddenServiceNonAnonymousMode options. When both are set to 1, every + hidden service on a tor instance becomes a non-anonymous Single Onion + Service. Single Onions make one-hop (direct) connections to their + introduction and renzedvous points. One-hop circuits make Single Onion + servers easily locatable, but clients remain location-anonymous. + This is compatible with the existing hidden service implementation, and + works on the current tor network without any changes to older relays or + clients. + Implements proposal 260, completes ticket 17178. Patch by teor and asn. + o Minor features (Tor2web): + - Make Tor2web clients respect ReachableAddresses. + This feature was inadvertently enabled in 0.2.8.6, then removed + by bugfix 19973 on 0.2.8.7. + Implements feature 20034. Patch by teor. + o Minor bug fixes (Tor2web): + - Prevent Tor2web clients running hidden services, these services are + not anonymous due to the one-hop client paths. + Fixes bug 19678. Patch by teor. + o Minor bug fixes (circuits): + - Use CircuitBuildTimeout whenever LearnCircuitBuildTimeout is disabled. + Fixes bug 19678; bugfix on commit 5b0b51ca3 in 0.2.4.12-alpha. Patch by teor. + o Minor bug fixes (options): + - Stop changing the configured value of UseEntryGuards on authorities + and Tor2web clients. + Fixes bug 20074; bugfix on commits 51fc6799 in tor-0.1.1.16-rc and + acda1735 in tor-0.2.4.3-alpha. Patch by teor. + - Check the consistency of UseEntryGuards and EntryNodes more reliably. + Fixes bug 20074; bugfix on commit 686aaa5c in tor-0.2.4.12-alpha. Patch by teor. diff --git a/changes/feature18483 b/changes/feature18483 deleted file mode 100644 index d0fa8df58d..0000000000 --- a/changes/feature18483 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (clients): - - Make clients, onion services, and bridge relays always - use an encrypted begindir connection for directory requests. - Resolves ticket 18483. Patch by "teor". diff --git a/changes/feature18693 b/changes/feature18693 new file mode 100644 index 0000000000..ce7c9939a0 --- /dev/null +++ b/changes/feature18693 @@ -0,0 +1,5 @@ + o Minor feature (port flags): + - Add *Port flags NoDNSRequest and NoOnionTraffic, and + the synthetic flag OnionTrafficOnly, which is equivalent to + NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. + Closes enhancement 18693; patch by "teor". diff --git a/changes/feature20069 b/changes/feature20069 new file mode 100644 index 0000000000..039fb754d2 --- /dev/null +++ b/changes/feature20069 @@ -0,0 +1,6 @@ + o Minor feature (testing, ipv6): + - Add the hs-ipv6 chutney target to make test-network-all's IPv6 + tests. Remove bridges+hs, as it's somewhat redundant. + This requires a recent chutney version that supports IPv6 clients, + relays, and authorities. + Closes ticket 20069; patch by teor. diff --git a/changes/feature20072 b/changes/feature20072 new file mode 100644 index 0000000000..1afabca5a3 --- /dev/null +++ b/changes/feature20072 @@ -0,0 +1,5 @@ + o Minor feature (testing, hidden services, ipv6): + - Add the single-onion and single-onion-ipv6 chutney targets to + make test-network-all. This requires a recent chutney version + with the single onion network flavours (git c72a652 or later). + Closes ticket 20072; patch by teor. diff --git a/changes/geoip-april2016 b/changes/geoip-april2016 deleted file mode 100644 index c55aa179b5..0000000000 --- a/changes/geoip-april2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the April 5 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-august2016 b/changes/geoip-august2016 deleted file mode 100644 index 370ab64cac..0000000000 --- a/changes/geoip-august2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the August 2 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-july2016 b/changes/geoip-july2016 deleted file mode 100644 index d9963bd6a8..0000000000 --- a/changes/geoip-july2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the July 6 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-jun2016 b/changes/geoip-jun2016 deleted file mode 100644 index 6c9847ca58..0000000000 --- a/changes/geoip-jun2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the June 7 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-may2016 b/changes/geoip-may2016 deleted file mode 100644 index cf78ab10c7..0000000000 --- a/changes/geoip-may2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the May 4 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/memarea_overflow b/changes/memarea_overflow deleted file mode 100644 index 8fdc38cc09..0000000000 --- a/changes/memarea_overflow +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (pointer arithmetic): - - Fix a bug in memarea_alloc() that could have resulted in remote heap - write access, if Tor had ever passed an unchecked size to - memarea_alloc(). Fortunately, all the sizes we pass to memarea_alloc() - are pre-checked to be less than 128 kilobytes. Fixes bug 19150; bugfix - on 0.2.1.1-alpha. Bug found by Guido Vranken. - diff --git a/changes/reject-tap b/changes/reject-tap new file mode 100644 index 0000000000..dad554f2b6 --- /dev/null +++ b/changes/reject-tap @@ -0,0 +1,17 @@ + o Major features (circuit building, security): + - Tor authorities, relays, and clients only use ntor, except for + rare cases in the hidden service protocol. + - Authorities, relays and clients specifically check that each + descriptor has an ntor key. + - Clients avoid downloading a descriptor if the relay version is + too old to support ntor. + - Client code never chooses nodes without ntor keys: they will not + be selected during circuit-building, or as guards, or as directory + mirrors, or as introduction or rendezvous points. + - Circuit-building code assumes that all hops can use ntor, + except for rare hidden service protocol cases. + + o Major bugfixes (circuit building): + - Hidden service client to intro point and service to rendezvous point + connections use the TAP key supplied by the protocol. + Fixes bug 19163; bugfix on 0.2.4.18-rc. diff --git a/changes/rsa_init_bug b/changes/rsa_init_bug deleted file mode 100644 index 6b5fb4f2f9..0000000000 --- a/changes/rsa_init_bug +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (key management): - - If OpenSSL fails to generate an RSA key, do not retain a dangling pointer - to the previous (uninitialized) key value. The impact here should be - limited to a difficult-to-trigger crash, if OpenSSL is running an - engine that makes key generation failures possible, or if OpenSSL runs - out of memory. Fixes bug 19152; bugfix on 0.2.1.10-alpha. Found by - Yuan Jochen Kang, Suman Jana, and Baishakhi Ray. diff --git a/changes/ticket19071-19480 b/changes/ticket19071-19480 deleted file mode 100644 index ab5c72a2d1..0000000000 --- a/changes/ticket19071-19480 +++ /dev/null @@ -1,13 +0,0 @@ - o Minor bugfixes (fallback directory selection): - - Avoid errors during fallback selection if there are no eligible - fallbacks. Fixes bug 19480; bugfix on ba76910 and 78ec782 in - 0.2.8.3-alpha. Patch by teor. - o Minor features (fallback directory list): - - Update hard-coded fallback list to remove unsuitable fallbacks. - Resolves ticket 19071. Patch by teor. - - Add a comment to the generated list that explains how to comment-out - unsuitable fallbacks in a way that's compatible with the stem fallback - parser. - - Update fallback whitelist and blacklist based on relay operator - emails. Blacklist unsuitable fallbacks. Resolves ticket 19071. - Patch by teor. diff --git a/changes/ticket20002 b/changes/ticket20002 new file mode 100644 index 0000000000..28eaa8d60d --- /dev/null +++ b/changes/ticket20002 @@ -0,0 +1,4 @@ + o Minor features (directory authority): + - After voting, if the authorities decide that a relay is not "Valid", + they no longer include it in the consensus at all. Closes ticket + 20002; implements part of proposal 272. diff --git a/changes/ticket20066 b/changes/ticket20066 new file mode 100644 index 0000000000..970793d4ee --- /dev/null +++ b/changes/ticket20066 @@ -0,0 +1,5 @@ + o Minor features (testing): + - Disable memory protections on OpenBSD when testing memwipe(). + The test deliberately invokes undefined behaviour which the + protections interfere with. Patch from "rubiate". Closes ticket + 20066. |