diff options
Diffstat (limited to 'changes')
-rw-r--r-- | changes/40241 | 4 | ||||
-rw-r--r-- | changes/40241_v2 | 4 | ||||
-rw-r--r-- | changes/bug31036 | 3 | ||||
-rw-r--r-- | changes/bug32588 | 4 | ||||
-rw-r--r-- | changes/bug40076 | 5 | ||||
-rw-r--r-- | changes/bug40080 | 6 | ||||
-rw-r--r-- | changes/bug40099 | 4 | ||||
-rw-r--r-- | changes/bug40113 | 3 | ||||
-rw-r--r-- | changes/bug40117 | 5 | ||||
-rw-r--r-- | changes/bug40179_part1 | 4 | ||||
-rw-r--r-- | changes/bug40190 | 4 | ||||
-rw-r--r-- | changes/bug40210 | 5 | ||||
-rw-r--r-- | changes/log_32868 | 4 | ||||
-rw-r--r-- | changes/parallel_unit_test | 4 | ||||
-rw-r--r-- | changes/ticket33747 | 7 | ||||
-rw-r--r-- | changes/ticket33880 | 6 | ||||
-rw-r--r-- | changes/ticket40003 | 3 | ||||
-rw-r--r-- | changes/ticket40035 | 5 | ||||
-rw-r--r-- | changes/ticket40061 | 5 | ||||
-rw-r--r-- | changes/ticket40073 | 3 | ||||
-rw-r--r-- | changes/ticket40081 | 6 | ||||
-rw-r--r-- | changes/ticket40125 | 4 | ||||
-rw-r--r-- | changes/ticket40126 | 4 | ||||
-rw-r--r-- | changes/ticket40133 | 5 | ||||
-rw-r--r-- | changes/ticket40135 | 3 | ||||
-rw-r--r-- | changes/ticket40165 | 5 | ||||
-rw-r--r-- | changes/ticket40170 | 3 | ||||
-rw-r--r-- | changes/ticket40227 | 4 | ||||
-rw-r--r-- | changes/ticket40237 | 5 |
29 files changed, 127 insertions, 0 deletions
diff --git a/changes/40241 b/changes/40241 new file mode 100644 index 0000000000..c9b2e2c011 --- /dev/null +++ b/changes/40241 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation): + - Fix a compilation warning about unreachable fallthrough annotations + when building with "--enable-all-bugs-are-fatal" on some compilers. + Fixes bug 40241; bugfix on 0.3.5.4-alpha. diff --git a/changes/40241_v2 b/changes/40241_v2 new file mode 100644 index 0000000000..85038297f7 --- /dev/null +++ b/changes/40241_v2 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation): + - Fix another warning about unreachable fallthrough annotations + when building with "--enable-all-bugs-are-fatal" on some compilers. + Fixes bug 40241; bugfix on 0.4.5.3-rc. diff --git a/changes/bug31036 b/changes/bug31036 new file mode 100644 index 0000000000..d9921dba43 --- /dev/null +++ b/changes/bug31036 @@ -0,0 +1,3 @@ + o Minor bugfixes (windows): + - Fix a bug that prevented Tor from starting if its log file + grew above 2GB. Fixes bug 31036; bugfix on 0.2.1.8-alpha. diff --git a/changes/bug32588 b/changes/bug32588 new file mode 100644 index 0000000000..f31f2ce1ad --- /dev/null +++ b/changes/bug32588 @@ -0,0 +1,4 @@ + o Minor bugfixes (relays): + - Stop advertising incorrect IPv6 ORPorts in relay and bridge descriptors, + when the IPv6 port was configured as "auto". + Fixes bug 32588; bugfix on 0.2.3.9-alpha diff --git a/changes/bug40076 b/changes/bug40076 new file mode 100644 index 0000000000..9ef5969ae8 --- /dev/null +++ b/changes/bug40076 @@ -0,0 +1,5 @@ + o Minor bugfixes (correctness, buffers): + - Fix a correctness bug that could cause an assertion failure if we ever + tried using the buf_move_all() function with an empty input. + As far as we know, no released versions of Tor do this. + Fixes bug 40076; bugfix on 0.3.3.1-alpha. diff --git a/changes/bug40080 b/changes/bug40080 new file mode 100644 index 0000000000..8162466354 --- /dev/null +++ b/changes/bug40080 @@ -0,0 +1,6 @@ + o Minor bugfixes (security): + - When completing a channel, relays now check more thoroughly to make + sure that it matches any pending circuits before attaching those + circuits. Previously, address correctness and Ed25519 identities were not + checked in this case, but only when extending circuits on an existing + channel. Fixes bug 40080; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug40099 b/changes/bug40099 new file mode 100644 index 0000000000..278ede2023 --- /dev/null +++ b/changes/bug40099 @@ -0,0 +1,4 @@ + o Minor bugfixes (tests): + - Fix the behavior of the rend_cache/clean_v2_descs_as_dir when run on + its own. Previously, it would exit with an error. + Fixes bug 40099; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug40113 b/changes/bug40113 new file mode 100644 index 0000000000..adf4634097 --- /dev/null +++ b/changes/bug40113 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation): + - Resolve a compilation warning that could occur in test_connection.c. + Fixes bug 40113; bugfix on 0.2.9.3-alpha. diff --git a/changes/bug40117 b/changes/bug40117 new file mode 100644 index 0000000000..77646edf9c --- /dev/null +++ b/changes/bug40117 @@ -0,0 +1,5 @@ + o Major bugfixes (stats, onion services): + - Fix a bug where we were undercounting the Tor network's total onion + service traffic, by only counting rendezvous traffic originating from + services and ignoring any traffic originating from clients. Fixes bug + 40117; bugfix on 0.2.6.2-alpha. diff --git a/changes/bug40179_part1 b/changes/bug40179_part1 new file mode 100644 index 0000000000..c302373534 --- /dev/null +++ b/changes/bug40179_part1 @@ -0,0 +1,4 @@ + o Minor bugfixes (testing, portability): + - Fix our Python reference-implementation for the v3 onion service + handshake so that it works correctly with the version of hashlib provided + by Python 3.9. Fixes part of bug 40179; bugfix on 0.3.1.6-rc. diff --git a/changes/bug40190 b/changes/bug40190 new file mode 100644 index 0000000000..0f3d6941dc --- /dev/null +++ b/changes/bug40190 @@ -0,0 +1,4 @@ + o Minor bugfixes (SOCKS5): + - Handle partial socks5 messages correctly. Previously, our code would + send an incorrect error message if it got a socks5 request that wasn't + complete. Fixes bug 40190; bugfix on 0.3.5.1-alpha. diff --git a/changes/bug40210 b/changes/bug40210 new file mode 100644 index 0000000000..f492262a11 --- /dev/null +++ b/changes/bug40210 @@ -0,0 +1,5 @@ + o Minor features (crypto): + - Fix undefined behavior on our Keccak library. The bug only appears on + platforms with 32-byte CPU cache lines (e.g. armv5tel) and would result + in wrong digests. Fixes bug 40210; bugfix on 0.2.8.1-alpha. Thanks to + Bernhard Übelacker, Arnd Bergmann and weasel for diagnosing this. diff --git a/changes/log_32868 b/changes/log_32868 new file mode 100644 index 0000000000..34476078b2 --- /dev/null +++ b/changes/log_32868 @@ -0,0 +1,4 @@ + o Minor features (debugging, directory system): + - Don't crash when we find a non-guard with a guard-fraction value set. + Instead, log a bug warning, in an attempt to figure out how this + happened. Diagnostic for ticket 32868. diff --git a/changes/parallel_unit_test b/changes/parallel_unit_test new file mode 100644 index 0000000000..79de28636d --- /dev/null +++ b/changes/parallel_unit_test @@ -0,0 +1,4 @@ + o Minor features (tests): + - Our "make check" target now runs the unit tests in 8 parallel chunks. + Doing this speeds up hardened CI builds by more than a factor of two. + Closes ticket 40098. diff --git a/changes/ticket33747 b/changes/ticket33747 new file mode 100644 index 0000000000..57c72e9d0a --- /dev/null +++ b/changes/ticket33747 @@ -0,0 +1,7 @@ + o Minor bugfixes (rate limiting, bridges, pluggable transports): + - On a bridge, treat all connections from an ExtORPort as remote + by default for the purposes of rate-limiting. Previously, + bridges would treat the connection as local unless they explicitly + received a "USERADDR" command. ExtORPort connections still + count as local if there is a USERADDR command with an explicit local + address. Fixes bug 33747; bugfix on 0.2.5.1-alpha. diff --git a/changes/ticket33880 b/changes/ticket33880 new file mode 100644 index 0000000000..c1889bb134 --- /dev/null +++ b/changes/ticket33880 @@ -0,0 +1,6 @@ + o Minor bugfixes (relay, usability): + - Adjust the rules for when to warn about having too many connections + to other relays. Previously we'd tolerate up to 1.5 connections + per relay on average. Now we tolerate more connections for directory + authorities, and raise the number of total connections we need + to see before we warn. Fixes bug 33880; bugfix on 0.3.1.1-alpha. diff --git a/changes/ticket40003 b/changes/ticket40003 new file mode 100644 index 0000000000..240f464353 --- /dev/null +++ b/changes/ticket40003 @@ -0,0 +1,3 @@ + o Deprecated features (onion service v2): + - Add deprecation warning for onion service version 2. Tor now logs a + warning once if a version 2 service is configured. Closes ticket 40003. diff --git a/changes/ticket40035 b/changes/ticket40035 new file mode 100644 index 0000000000..8cdd447199 --- /dev/null +++ b/changes/ticket40035 @@ -0,0 +1,5 @@ + o Major bugfixes (NSS): + - When running with NSS enabled, make sure that NSS knows to expect + nonblocking sockets. Previously, we set our TCP sockets as blocking, + but did not tell NSS about the fact, which in turn could lead to + unexpected blocking behavior. Fixes bug 40035; bugfix on 0.3.5.1-alpha. diff --git a/changes/ticket40061 b/changes/ticket40061 new file mode 100644 index 0000000000..227664d010 --- /dev/null +++ b/changes/ticket40061 @@ -0,0 +1,5 @@ + o Major feature (fallback directory list): + - Replace the 148 fallback directories originally included in + Tor 0.4.1.4-rc (of which around 105 are still functional) with + a list of 144 fallbacks generated in July 2020. + Closes ticket 40061. diff --git a/changes/ticket40073 b/changes/ticket40073 new file mode 100644 index 0000000000..30b028c042 --- /dev/null +++ b/changes/ticket40073 @@ -0,0 +1,3 @@ + o Minor bugfixes (relay configuration, crash): + - Avoid a fatal assert() when failing to create a listener connection for an + address that was in use. Fixes bug 40073; bugfix on 0.3.5.1-alpha. diff --git a/changes/ticket40081 b/changes/ticket40081 new file mode 100644 index 0000000000..683ae33518 --- /dev/null +++ b/changes/ticket40081 @@ -0,0 +1,6 @@ + o Minor features (security): + - Channels using obsolete versions of the Tor link protocol are no + longer allowed to circumvent address-canonicity checks. + (This is only a minor issue, since such channels have no way to + set ed25519 keys, and therefore should always be rejected.) + Closes ticket 40081. diff --git a/changes/ticket40125 b/changes/ticket40125 new file mode 100644 index 0000000000..c68e3ce7b3 --- /dev/null +++ b/changes/ticket40125 @@ -0,0 +1,4 @@ + o Testing (onion service v2): + - Fix a rendezvous cache unit test that was triggering an underflow on the + global rend cache allocation. Fixes bug 40125; bugfix on + 0.2.8.1-alpha. diff --git a/changes/ticket40126 b/changes/ticket40126 new file mode 100644 index 0000000000..1f5806e6cb --- /dev/null +++ b/changes/ticket40126 @@ -0,0 +1,4 @@ + o Testing (onion service v2): + - Fix another rendezvous cache unit test that was triggering an underflow on the + global rend cache allocation. Fixes bug 40126; bugfix on + 0.2.8.1-alpha. diff --git a/changes/ticket40133 b/changes/ticket40133 new file mode 100644 index 0000000000..8bbe00b6b2 --- /dev/null +++ b/changes/ticket40133 @@ -0,0 +1,5 @@ + o Minor features (protocol simplification): + - Tor no longer allows subprotocol versions larger than 63. Previously + versions up to UINT32_MAX were allowed, which significantly complicated + our code. + Implements proposal 318; closes ticket 40133. diff --git a/changes/ticket40135 b/changes/ticket40135 new file mode 100644 index 0000000000..9b60b4f655 --- /dev/null +++ b/changes/ticket40135 @@ -0,0 +1,3 @@ + o Minor bugfix (logging): + - Remove a debug logging statement that uselessly spam the logs. Fixes bug + 40135; bugfix on 0.3.5.0-alpha. diff --git a/changes/ticket40165 b/changes/ticket40165 new file mode 100644 index 0000000000..a8dd0a339b --- /dev/null +++ b/changes/ticket40165 @@ -0,0 +1,5 @@ + o Minor features (compilation): + - Disable deprecation warnings when building with OpenSSL 3.0.0 or later. + There are a number of newly deprecated APIs in OpenSSL 3.0.0 that Tor + still requires. (A later version of Tor will try to stop depending on + these.) Closes ticket 40165. diff --git a/changes/ticket40170 b/changes/ticket40170 new file mode 100644 index 0000000000..cc1c8dbad1 --- /dev/null +++ b/changes/ticket40170 @@ -0,0 +1,3 @@ + o Minor bugfixes (tests): + - Fix the "tortls/openssl/log_one_error" test to work with OpenSSL 3.0.0. + Fixes bug 40170; bugfix on 0.2.8.1-alpha. diff --git a/changes/ticket40227 b/changes/ticket40227 new file mode 100644 index 0000000000..e5efad0f95 --- /dev/null +++ b/changes/ticket40227 @@ -0,0 +1,4 @@ + o Minor feature (build system): + - New "make lsp" command to auto generate the compile_commands.json file + used by the ccls server. The "bear" program is needed for this. Closes + ticket 40227. diff --git a/changes/ticket40237 b/changes/ticket40237 new file mode 100644 index 0000000000..fc32f59cd4 --- /dev/null +++ b/changes/ticket40237 @@ -0,0 +1,5 @@ + o Major bugfixes (onion service v3): + - Stop requiring a live consensus for v3 clients and services to work. The + use of a reasonably live consensus will allow v3 to work properly in most + cases if the network failed to generate a consensus for more than 2 hours + in a row. Fixes bug 40237; bugfix on 0.3.5.1-alpha. |