aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog241
-rw-r--r--changes/116223
-rw-r--r--changes/120324
-rw-r--r--changes/bug10849_0236
-rw-r--r--changes/bug10849_0256
-rw-r--r--changes/bug112334
-rw-r--r--changes/bug114696
-rw-r--r--changes/bug114765
-rw-r--r--changes/bug114774
-rw-r--r--changes/bug116052
-rw-r--r--changes/bug116085
-rw-r--r--changes/bug116095
-rw-r--r--changes/bug116185
-rw-r--r--changes/bug116233
-rw-r--r--changes/bug116284
-rw-r--r--changes/bug116325
-rw-r--r--changes/bug11633_part14
-rw-r--r--changes/bug11633_part24
-rw-r--r--changes/bug116346
-rw-r--r--changes/bug116356
-rw-r--r--changes/bug116488
-rw-r--r--changes/bug116544
-rw-r--r--changes/bug117295
-rw-r--r--changes/bug11737_diagnostic5
-rw-r--r--changes/bug117424
-rw-r--r--changes/bug1174316
-rw-r--r--changes/bug117505
-rw-r--r--changes/bug117614
-rw-r--r--changes/bug118055
-rw-r--r--changes/bug119465
-rw-r--r--changes/bug119656
-rw-r--r--changes/bug120285
-rw-r--r--changes/bug120324
-rw-r--r--changes/bug120415
-rw-r--r--changes/bug120434
-rw-r--r--changes/bug12064_part14
-rw-r--r--changes/bug12064_part25
-rw-r--r--changes/bug121153
-rw-r--r--changes/bug121394
-rw-r--r--changes/bug434510
-rw-r--r--changes/bug83684
-rw-r--r--changes/bug96353
-rw-r--r--changes/bug97815
-rw-r--r--changes/diagnose_83874
-rw-r--r--changes/md_leak_bug5
-rw-r--r--changes/msvc_fix3
-rw-r--r--changes/stats_not_status4
-rw-r--r--changes/ticket83685
-rw-r--r--changes/ticket89667
-rwxr-xr-xscripts/maint/sortChanges.py40
50 files changed, 280 insertions, 239 deletions
diff --git a/ChangeLog b/ChangeLog
index 987369619..72d5f9742 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,243 @@
-Changes in version 0.2.5.5-alpha - 2014-05-??
+Changes in version 0.2.5.5-alpha - 2014-06-??
+ Write a blurb here.
+
+ o Major bugfixes (security, OOM, new since 0.2.5.4-alpha, also in 0.2.4.22):
+ - Fix a memory leak that could occur if a microdescriptor parse
+ fails during the tokenizing step. This bug could enable a memory
+ exhaustion attack by directory servers. Fixes bug 11649; bugfix
+ on 0.2.2.6-alpha.
+
+ o Major bugfixes (relay):
+ - When uploading to the directory authorities, use a direct dirport
+ connection if we are a uploading an ordinary, non-anonymous directory
+ object. Previously, relays would used tunnel connections under a
+ fairly wide variety of circumstances. Fixes bug 11469; bugfix on
+ 0.2.4.3-alpha.
+
+ o Major security fixes (directory authorities):
+ - Directory authorities now include a digest of each relay's
+ identity key as a part of its microdescriptor.
+
+ This is a workaround for bug #11743 (reported by "cypherpunks"),
+ where Tor clients do not
+ support receiving multiple microdescriptors with the same SHA256
+ digest in the same consensus. When clients receive a consensus
+ like this, they only use one of the relays. Without this fix, a
+ hostile relay could selectively disable some client use of target
+ relays by constucting a router descriptor with a different
+ identity and the same microdescriptor parameters and getting the
+ authorities to list it in a microdescriptor consensus. This fix
+ prevents an attacker from causing a microdescriptor collision,
+ because the router's identity is not forgeable.
+
+ o Minor features (diagnostic):
+ - When logging a warning because of bug #7164, additionally check the
+ hash table for consistency (as proposed on ticket #11737). This may
+ help diagnose bug #7164.
+ - When we log a heartbeat, log how many one-hop circuits we have that
+ are at least 30 minutes old, and log status information about a
+ few of them. This is an attempt to track down bug 8387.
+
+ o Minor features (security):
+ - Apply the secure SipHash-2-4 function to the hash table mapping
+ circuit IDs and channels to circuits. We missed this one when we
+ were converting all the other hash functions to use SipHash back
+ in 0.2.5.3-alpha. Resolves ticket 11750.
+
+ o Minor features:
+ - Add a systemd service file (tor.service) that can be installed by
+ Linux distributions that make use of the systemd init daemon.
+ Fixes bug 8368.
+
+ o Minor features:
+ - Give more specific warnings when we notice at the client side that
+ an onion handshake has failed. Fixes ticket 9635.
+
+ o Minor features:
+ - The configure script has a --disable-seccomp option to turn off
+ support for libseccomp on systems that have it, in case it (or
+ Tor's use of it) is broken. Resolves ticket 11628.
+
+ o Minor features:
+ - When we encounter an unexpected CR in text that we're trying to
+ write to a file on Windows, log the name of the file. Should help
+ diagnosing bug 11233.
+
+ o Minor bugfixes (configuration, security, new since 0.2.5.4-alpha, also in 0.2.4.22):
+ - When running a hidden service, do not allow TunneledDirConns 0;
+ this will keep the hidden service from running, and also
+ make it publish its descriptors directly over HTTP. Fixes bug 10849;
+ bugfix on 0.2.1.1-alpha.
+
+ o Minor bugfixes (compilation):
+ - Fix compilation of test_status.c when building with MVSC.
+ Bugfix on 0.2.5.4-alpha. Patch from Gisle Vanem.
+ - Resolve GCC complaints on OpenBSD about discarding constness in
+ TO_{ORIGIN,OR}_CIRCUIT functions. Fixes part of bug 11633; bugfix on
+ 0.1.1.23. Patch from Dana Koch.
+ - Resolve clang complaints on OpenBSD with -Wshorten-64-to-32 due to
+ treatment of long and time_t as comparable types. Fixes part of bug 11633.
+ Patch from Dana Koch.
+
+ o Minor bugfixes (build):
+ - When deciding whether to build the 64-bit curve25519 implementation,
+ detect platforms where we can compile 128-bit arithmetic but cannot
+ link it. Fixes bug 11729; bugfix on 0.2.4.8-alpha. Patch
+ from "conradev".
+
+ o Minor bugfixes (Directory server):
+ - When sending a compressed set of descriptors or microdescriptors,
+ make sure to finalize the zlib stream. Previously, we would write
+ all the compressed data, but if the last descriptor we wanted to
+ send was missing or too old, we would not mark the stream as
+ finished. This caused problems for decompression tools. Fixes bug
+ 11648; bugfix on 0.1.1.23.
+
+ o Minor bugfixes (dmalloc):
+ - Fix compilation with dmalloc. Fixes bug 11605; bugfix on 0.2.4.10-alpha.
+
+ o Minor bugfixes (documentation):
+ - Correct the documenation so that it lists the correct directories
+ for the stats files. (They are in a subdirectory called "stats",
+ not "status".)
+
+ o Minor bugfixes (linux seccomp sandbox)
+ - Make the seccomp sandbox code compile with ARM linux. Fixes bug
+ 11622; bugfix on 0.2.5.1-alpha.
+ - Avoid crashing when re-opening listener ports with the seccomp
+ sandbox active. Fixes bug 12115; bugfix on 0.2.5.1-alpha.
+ - Avoid crashing with the seccomp sandbox enabled along with
+ ConstrainedSockets. Fixes bug 12139; bugfix on 0.2.5.1-alpha.
+ - When we receive a SIGHUP with the sandbox enabled, correctly
+ support rotating our log files. Fixes bug 12032; bugfix on
+ 0.2.5.1-alpha.
+ - Avoid crash when running with sandboxing enabled and
+ DirReqStatistics not disabled. Fixes bug 12035; bugfix on
+ 0.2.5.1-alpha.
+ - Fix a "BUG" warning when trying to write bridge-stats files with
+ the Linux syscall sandbox filter enabled. Fixes bug 12041;
+ bugfix on 0.2.5.1-alpha.
+ - Prevent the sandbox from crashing on startup when run with the
+ --enable-expensive-hardening configuration option. Fixes bug
+ 11477; bugfix on 0.2.5.4-alpha.
+ - When running with DirPortFrontPage and Sandbox both enabled, reload
+ the DirPortFrontPage correctly when restarting. Fixes bug 12028;
+ bugfix on 0.2.5.1-alpha.
+ - Don't try to enable the sandbox when using the Tor binary to
+ check its configuration, hash a passphrase, or so on. Doing
+ so was crashing on startup for some users. Fixes bug 11609;
+ bugfix on 0.2.5.1-alpha.
+ - Avoid warnings when running with sandboxing and node statistics
+ enabled at the same time.
+ Fixes part of 12064; bugfix on 0.2.5.1-alpha. Patch from Michael Wolf.
+ - Avoid warnings when running with sandboxing enabled at the same
+ time as cookie authentication, hidden services or directory
+ authority voting. Fixes part of 12064; bugfix on 0.2.5.1-alpha.
+ - Do not allow options which would require us to call exec to be
+ enabled along with the seccomp2 sandbox: they will inevitably
+ crash. Fix for bug 12043; bugfix on 0.2.5.1-alpha.
+ - Handle failures in getpwnam()/getpwuid() when running with the
+ User option set and the Linux syscall sandbox enabled. Fixes bug
+ 11946; bugfix on 0.2.5.1-alpha.
+
+ o Minor bugfixes (pluggable transports):
+ - Enable the ExtORPortCookieAuthFile option, to allow changing the
+ default location of the authentication token for the extended OR Port
+ as used by sever-side pluggable transports. We had implemented this
+ option before, but the code to make it settable had been omitted.
+ Fixes bug 11635; bugfix on 0.2.5.1-alpha.
+
+ o Minor bugfixes (testing):
+ - The Python parts of the test scripts now work on Python 3 as well
+ as Python 2, so systems where '/usr/bin/python' is Python 3 will
+ no longer have the tests break. Fixes bug 11608; bugfix on
+ 0.2.5.2-alpha.
+ - When looking for versions of python that we could run the tests
+ with, check for "python2.7" and "python3.3"; previously we were
+ only looking for "python", "python2", and "python3". Patch from
+ Dana Koch. Fixes bug 11632; bugfix on 0.2.5.2-alpha.
+
+ o Minor bugfixes (tor-fw-helper):
+ - Give a correct log message when tor-fw-helper fails to launch.
+ (Previously, we would say something like "tor-fw-helper sent us a
+ string we could not parse".) Fixes bug 9781; bugfix on 0.2.4.2-alpha.
+
+ o Minor bugfixes:
+ - Avoid another 60-second delay when starting Tor in a
+ pluggable-transport-using configuration when we already have
+ cached descriptors for our bridges. Fixes bug 11965; bugfix on
+ 0.2.3.6-alpha.
+
+ o Minor bugfixes:
+ - Check return code on spawn_func() in cpuworker code, so that we don't
+ think we've spawned a nonworking cpuworker and write junk to it
+ forever. Fix related to bug 4345; bugfix on all released Tor versions.
+ Found by "skruffy".
+ - Use a pthread_attr to make sure that spawn_func() cannot return
+ an error while at the same time launching a thread. Fix related
+ to bug 4345; bugfix on all released Tor versions. Reported by
+ "cypherpunks".
+
+ o Minor bugfixes:
+ - Correctly detect the total available system memory. We tried to do this
+ in 0.2.5.4-alpha, but the code was set up to always return an error
+ value, even on success.
+ Fixes bug 11805; bugfix on 0.2.5.4-alpha.
+
+ o Minor bugfixes:
+ - Fix a broken log message about delayed directory fetches that
+ was caused by a misuse of strlcpy(). Fixes bug 11654; bugfix on
+ 0.2.5.3-alpha.
+
+ o Minor bugfixes:
+ - Fix all valgrind warnings produced by the unit tests. There were
+ over a thousand memory leak warnings previously, mostly produced
+ by forgetting to free things in the unit test code. Fixes bug
+ 11618, bugfixes on many versions of Tor.
+
+ o Minor bugfixes:
+ - Fix compilation when DNS_CACHE_DEBUG is enabled. Fixes bug 11761;
+ bugfix on 0.2.3.13-alpha. Found by "cypherpunks".
+
+ o Minor bugfixes:
+ - Make Tor compile correctly with --disable-buf-freelists.
+ Fixes bug 11623; bugfix on 0.2.5.3-alpha.
+
+ o Bugfixes:
+ - Add configure options controlling allocator tricks like mempools and
+ freelists, and turn them off by default; on most platforms malloc is
+ reasonable enough for this not to be necessary, and a similar feature
+ in OpenSSL exacerbated Heartbleed. Fixes bug #11476.
+
+ o Distribution:
+ - Include a tor.service file in contrib.dist for use with
+ systemd. Some distributions will be able to use this file unmodified;
+ others will need to tweak it, or write their own. Patch from
+ Jamie Nguyen; resolves ticket 8368.
+
+ o Documentation:
+ - Clean up several option names in the manpage to match their real
+ names, add the missing documentation for a couple of testing and
+ directory authority options, remove the documentation for a
+ V2-directory fetching option that no longer exists. Resolves
+ ticket 11634.
+
+ o Package cleanup:
+ - The contrib directory has been sorted and tidy. Before, it was an
+ unsorted dumping ground for useful and not-so-useful things. Now,
+ it has been divided based on functionality, and the items which
+ seemed to be nonfunctional or useless have been removed. Resolves
+ ticket 8966; based on patches from "rl1987".
+
+ o Removed code:
+ - Remove /tor/dbg-stability.txt URL that was meant to help debug WFU
+ and MTBF calculations, but that nobody was using. Fixes #11742.
+ - The TunnelDirConns and PreferTunnelledDirConns options no longer
+ exist; tunneled directory connections have been available since
+ 0.1.2.5-alpha, and turning them off is not a good idea. This is a
+ brute-force fix for 10849, where "TunnelDirConns 0" would break
+ hidden services.
+
Changes in version 0.2.4.22 - 2014-05-16
diff --git a/changes/11622 b/changes/11622
deleted file mode 100644
index 9e4be4145..000000000
--- a/changes/11622
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (linux seccomp sandbox)
- - Make the seccomp sandbox code compile with ARM linux. Fixes bug
- 11622; bugfix on 0.2.5.1-alpha. \ No newline at end of file
diff --git a/changes/12032 b/changes/12032
deleted file mode 100644
index c51ddb85a..000000000
--- a/changes/12032
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (linux syscall sandbox):
- - Avoid crash when running with sandboxing enabled and
- DirReqStatistics not disabled. Fixes bug 12035; bugfix on
- 0.2.5.1-alpha. \ No newline at end of file
diff --git a/changes/bug10849_023 b/changes/bug10849_023
deleted file mode 100644
index 480dea3de..000000000
--- a/changes/bug10849_023
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major bugfixes:
- - When running a hidden service, do not allow TunneledDirConns 0;
- this will keep the hidden service from running, and also
- make it publish its descriptors directly over HTTP. Fixes bug 10849;
- bugfix on 0.2.1.1-alpha.
-
diff --git a/changes/bug10849_025 b/changes/bug10849_025
deleted file mode 100644
index 1a3b71bab..000000000
--- a/changes/bug10849_025
+++ /dev/null
@@ -1,6 +0,0 @@
- o Removed code:
- - The TunnelDirConns and PreferTunnelledDirConns options no longer
- exist; tunneled directory connections have been available since
- 0.1.2.5-alpha, and turning them off is not a good idea. This is a
- brute-force fix for 10849, where "TunnelDirConns 0" would break
- hidden services.
diff --git a/changes/bug11233 b/changes/bug11233
deleted file mode 100644
index 1161b6dfd..000000000
--- a/changes/bug11233
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features:
- - When we encounter an unexpected CR in text that we're trying to
- write to a file on Windows, log the name of the file. Should help
- diagnosing bug 11233.
diff --git a/changes/bug11469 b/changes/bug11469
deleted file mode 100644
index 8517d388e..000000000
--- a/changes/bug11469
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major bugfixes (relay):
- - When uploading to the directory authorities, use a direct dirport
- connection if we are a uploading an ordinary, non-anonymous directory
- object. Previously, relays would used tunnel connections under a
- fairly wide variety of circumstances. Fixes bug 11469; bugfix on
- 0.2.4.3-alpha.
diff --git a/changes/bug11476 b/changes/bug11476
deleted file mode 100644
index cb3d217cd..000000000
--- a/changes/bug11476
+++ /dev/null
@@ -1,5 +0,0 @@
- o Bugfixes:
- - Add configure options controlling allocator tricks like mempools and
- freelists, and turn them off by default; on most platforms malloc is
- reasonable enough for this not to be necessary, and a similar feature
- in OpenSSL exacerbated Heartbleed. Fixes bug #11476.
diff --git a/changes/bug11477 b/changes/bug11477
deleted file mode 100644
index 21dd34591..000000000
--- a/changes/bug11477
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (linux syscall sandbox):
- - Prevent the sandbox from crashing on startup when run with the
- --enable-expensive-hardening configuration option. Fixes bug
- 11477; bugfix on 0.2.5.4-alpha.
diff --git a/changes/bug11605 b/changes/bug11605
deleted file mode 100644
index 973ac6db1..000000000
--- a/changes/bug11605
+++ /dev/null
@@ -1,2 +0,0 @@
- o Minor bugfixes (dmalloc):
- - Fix compilation with dmalloc. Fixes bug 11605; bugfix on 0.2.4.10-alpha.
diff --git a/changes/bug11608 b/changes/bug11608
deleted file mode 100644
index f34c9eb17..000000000
--- a/changes/bug11608
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (testing):
- - The Python parts of the test scripts now work on Python 3 as well
- as Python 2, so systems where '/usr/bin/python' is Python 3 will
- no longer have the tests break. Fixes bug 11608; bugfix on
- 0.2.5.2-alpha.
diff --git a/changes/bug11609 b/changes/bug11609
deleted file mode 100644
index 2a116137c..000000000
--- a/changes/bug11609
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (sandbox):
- - Don't try to enable the sandbox when using the Tor binary to
- check its configuration, hash a passphrase, or so on. Doing
- so was crashing on startup for some users. Fixes bug 11609;
- bugfix on 0.2.5.1-alpha.
diff --git a/changes/bug11618 b/changes/bug11618
deleted file mode 100644
index e650d55cd..000000000
--- a/changes/bug11618
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - Fix all valgrind warnings produced by the unit tests. There were
- over a thousand memory leak warnings previously, mostly produced
- by forgetting to free things in the unit test code. Fixes bug
- 11618, bugfixes on many versions of Tor.
diff --git a/changes/bug11623 b/changes/bug11623
deleted file mode 100644
index 58ff06d38..000000000
--- a/changes/bug11623
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes:
- - Make Tor compile correctly with --disable-buf-freelists.
- Fixes bug 11623; bugfix on 0.2.5.3-alpha.
diff --git a/changes/bug11628 b/changes/bug11628
deleted file mode 100644
index b93e1f4fc..000000000
--- a/changes/bug11628
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features:
- - The configure script has a --disable-seccomp option to turn off
- support for libseccomp on systems that have it, in case it (or
- Tor's use of it) is broken. Resolves ticket 11628.
diff --git a/changes/bug11632 b/changes/bug11632
deleted file mode 100644
index 0dc7f8f1e..000000000
--- a/changes/bug11632
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (testing):
- - When looking for versions of python that we could run the tests
- with, check for "python2.7" and "python3.3"; previously we were
- only looking for "python", "python2", and "python3". Patch from
- Dana Koch. Fixes bug 11632; bugfix on 0.2.5.2-alpha.
diff --git a/changes/bug11633_part1 b/changes/bug11633_part1
deleted file mode 100644
index fb281bd7d..000000000
--- a/changes/bug11633_part1
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (build):
- - Resolve GCC complaints on OpenBSD about discarding constness in
- TO_{ORIGIN,OR}_CIRCUIT functions. Fixes part of bug 11633; bugfix on
- 0.1.1.23. Patch from Dana Koch.
diff --git a/changes/bug11633_part2 b/changes/bug11633_part2
deleted file mode 100644
index 574660dec..000000000
--- a/changes/bug11633_part2
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (build):
- - Resolve clang complaints on OpenBSD with -Wshorten-64-to-32 due to
- treatment of long and time_t as comparable types. Fixes part of bug 11633.
- Patch from Dana Koch.
diff --git a/changes/bug11634 b/changes/bug11634
deleted file mode 100644
index 2a52b3fcf..000000000
--- a/changes/bug11634
+++ /dev/null
@@ -1,6 +0,0 @@
- o Documentation:
- - Clean up several option names in the manpage to match their real
- names, add the missing documentation for a couple of testing and
- directory authority options, remove the documentation for a
- V2-directory fetching option that no longer exists. Resolves
- ticket 11634.
diff --git a/changes/bug11635 b/changes/bug11635
deleted file mode 100644
index bb5eceee3..000000000
--- a/changes/bug11635
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes (pluggable transports):
- - Enable the ExtORPortCookieAuthFile option, to allow changing the
- default location of the authentication token for the extended OR Port
- as used by sever-side pluggable transports. We had implemented this
- option before, but the code to make it settable had been omitted.
- Fixes bug 11635; bugfix on 0.2.5.1-alpha.
diff --git a/changes/bug11648 b/changes/bug11648
deleted file mode 100644
index 0e8927435..000000000
--- a/changes/bug11648
+++ /dev/null
@@ -1,8 +0,0 @@
- o Minor bugfixes (Directory server):
- - When sending a compressed set of descriptors or microdescriptors,
- make sure to finalize the zlib stream. Previously, we would write
- all the compressed data, but if the last descriptor we wanted to
- send was missing or too old, we would not mark the stream as
- finished. This caused problems for decompression tools. Fixes bug
- 11648; bugfix on 0.1.1.23.
-
diff --git a/changes/bug11654 b/changes/bug11654
deleted file mode 100644
index 97c70b25d..000000000
--- a/changes/bug11654
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Fix a broken log message about delayed directory fetches that
- was caused by a misuse of strlcpy(). Fixes bug 11654; bugfix on
- 0.2.5.3-alpha.
diff --git a/changes/bug11729 b/changes/bug11729
deleted file mode 100644
index 93751cfea..000000000
--- a/changes/bug11729
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (build):
- - When deciding whether to build the 64-bit curve25519 implementation,
- detect platforms where we can compile 128-bit arithmetic but cannot
- link it. Fixes bug 11729; bugfix on 0.2.4.8-alpha. Patch
- from "conradev".
diff --git a/changes/bug11737_diagnostic b/changes/bug11737_diagnostic
deleted file mode 100644
index 62e7a4a78..000000000
--- a/changes/bug11737_diagnostic
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (diagnostic):
- - When logging a warning because of bug #7164, additionally check the
- hash table for consistency (as proposed on ticket #11737). This may
- help diagnose bug #7164.
-
diff --git a/changes/bug11742 b/changes/bug11742
deleted file mode 100644
index 000487120..000000000
--- a/changes/bug11742
+++ /dev/null
@@ -1,4 +0,0 @@
- o Removed code:
- - Remove /tor/dbg-stability.txt URL that was meant to help debug WFU
- and MTBF calculations, but that nobody was using. Fixes #11742.
-
diff --git a/changes/bug11743 b/changes/bug11743
deleted file mode 100644
index 843517908..000000000
--- a/changes/bug11743
+++ /dev/null
@@ -1,16 +0,0 @@
- o Major security fixes (directory authorities):
-
- - Directory authorities now include a digest of each relay's
- identity key as a part of its microdescriptor.
-
- This is a workaround for bug #11743 (reported by "cypherpunks"),
- where Tor clients do not
- support receiving multiple microdescriptors with the same SHA256
- digest in the same consensus. When clients receive a consensus
- like this, they only use one of the relays. Without this fix, a
- hostile relay could selectively disable some client use of target
- relays by constucting a router descriptor with a different
- identity and the same microdescriptor parameters and getting the
- authorities to list it in a microdescriptor consensus. This fix
- prevents an attacker from causing a microdescriptor collision,
- because the router's identity is not forgeable.
diff --git a/changes/bug11750 b/changes/bug11750
deleted file mode 100644
index f779ac8fe..000000000
--- a/changes/bug11750
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (security):
- - Apply the secure SipHash-2-4 function to the hash table mapping
- circuit IDs and channels to circuits. We missed this one when we
- were converting all the other hash functions to use SipHash back
- in 0.2.5.3-alpha. Resolves ticket 11750.
diff --git a/changes/bug11761 b/changes/bug11761
deleted file mode 100644
index ffcae5a71..000000000
--- a/changes/bug11761
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Fix compilation when DNS_CACHE_DEBUG is enabled. Fixes bug 11761;
- bugfix on 0.2.3.13-alpha. Found by "cypherpunks".
-
diff --git a/changes/bug11805 b/changes/bug11805
deleted file mode 100644
index 02a553894..000000000
--- a/changes/bug11805
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - Correctly detect the total available system memory. We tried to do this
- in 0.2.5.4-alpha, but the code was set up to always return an error
- value, even on success.
- Fixes bug 11805; bugfix on 0.2.5.4-alpha.
diff --git a/changes/bug11946 b/changes/bug11946
deleted file mode 100644
index 9ea48311b..000000000
--- a/changes/bug11946
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (sandbox):
-
- - Handle failures in getpwnam()/getpwuid() when running with the
- User option set and the Linux syscall sandbox enabled. Fixes bug
- 11946; bugfix on 0.2.5.1-alpha.
diff --git a/changes/bug11965 b/changes/bug11965
deleted file mode 100644
index a3bfd876b..000000000
--- a/changes/bug11965
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
-
- - Avoid another 60-second delay when starting Tor in a
- pluggable-transport-using configuration when we already have
- cached descriptors for our bridges. Fixes bug 11965; bugfix on
- 0.2.3.6-alpha.
diff --git a/changes/bug12028 b/changes/bug12028
deleted file mode 100644
index f88d4e546..000000000
--- a/changes/bug12028
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (linux syscall sandbox):
- - When running with DirPortFrontPage and Sandbox both enabled, reload
- the DirPortFrontPage correctly when restarting. Fixes bug 12028;
- bugfix on 0.2.5.1-alpha.
-
diff --git a/changes/bug12032 b/changes/bug12032
deleted file mode 100644
index 44fc6c756..000000000
--- a/changes/bug12032
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (Linux syscall sandbox):
- - When we receive a SIGHUP with the sandbox enabled, correctly
- support rotating our log files. Fixes bug 12032; bugfix on
- 0.2.5.1-alpha.
diff --git a/changes/bug12041 b/changes/bug12041
deleted file mode 100644
index ddbc7de97..000000000
--- a/changes/bug12041
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (linux syscall sandbox):
- - Fix a "BUG" warning when trying to write bridge-stats files with
- the Linux syscall sandbox filter enabled. Fixes bug 12041;
- bugfix on 0.2.5.1-alpha.
-
diff --git a/changes/bug12043 b/changes/bug12043
deleted file mode 100644
index 4ec735c1e..000000000
--- a/changes/bug12043
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (linux syscall sandboxing):
- - Do not allow options which would require us to call exec to be
- enabled along with the seccomp2 sandbox: they will inevitably
- crash. Fix for bug 12043; bugfix on 0.2.5.1-alpha.
diff --git a/changes/bug12064_part1 b/changes/bug12064_part1
deleted file mode 100644
index b40b64aa3..000000000
--- a/changes/bug12064_part1
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (seccomp sandbox):
- - Avoid warnings when running with sandboxing and node statistics
- enabled at the same time.
- Fixes part of 12064; bugfix on 0.2.5.1-alpha. Patch from Michael Wolf.
diff --git a/changes/bug12064_part2 b/changes/bug12064_part2
deleted file mode 100644
index 4fa86a641..000000000
--- a/changes/bug12064_part2
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (seccomp sandbox):
- - Avoid warnings when running with sandboxing enabled at the same
- time as cookie authentication, hidden services or directory
- authority voting. Fixes part of 12064; bugfix on 0.2.5.1-alpha.
-
diff --git a/changes/bug12115 b/changes/bug12115
deleted file mode 100644
index 7b846492f..000000000
--- a/changes/bug12115
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (linux seccomp sandbox):
- - Avoid crashing when re-opening listener ports with the seccomp
- sandbox active. Fixes bug 12115; bugfix on 0.2.5.1-alpha.
diff --git a/changes/bug12139 b/changes/bug12139
deleted file mode 100644
index 8d31dab2c..000000000
--- a/changes/bug12139
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (linux seccomp sandbox):
- - Avoid crashing with the seccomp sandbox enabled along with
- ConstrainedSockets. Fixes bug 12139; bugfix on 0.2.5.1-alpha.
-
diff --git a/changes/bug4345 b/changes/bug4345
deleted file mode 100644
index 5e650fc34..000000000
--- a/changes/bug4345
+++ /dev/null
@@ -1,10 +0,0 @@
- o Minor bugfixes:
- - Check return code on spawn_func() in cpuworker code, so that we don't
- think we've spawned a nonworking cpuworker and write junk to it
- forever. Fix related to bug 4345; bugfix on all released Tor versions.
- Found by "skruffy".
-
- - Use a pthread_attr to make sure that spawn_func() cannot return
- an error while at the same time launching a thread. Fix related
- to bug 4345; bugfix on all released Tor versions. Reported by
- "cypherpunks".
diff --git a/changes/bug8368 b/changes/bug8368
deleted file mode 100644
index fa3991c3a..000000000
--- a/changes/bug8368
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features:
- - Add a systemd service file (tor.service) that can be installed by
- Linux distributions that make use of the systemd init daemon.
- Fixes bug 8368.
diff --git a/changes/bug9635 b/changes/bug9635
deleted file mode 100644
index 042da7b8c..000000000
--- a/changes/bug9635
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features:
- - Give more specific warnings when we notice at the client side that
- an onion handshake has failed. Fixes ticket 9635.
diff --git a/changes/bug9781 b/changes/bug9781
deleted file mode 100644
index 0a3c557cb..000000000
--- a/changes/bug9781
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (tor-fw-helper):
-
- - Give a correct log message when tor-fw-helper fails to launch.
- (Previously, we would say something like "tor-fw-helper sent us a
- string we could not parse".) Fixes bug 9781; bugfix on 0.2.4.2-alpha.
diff --git a/changes/diagnose_8387 b/changes/diagnose_8387
deleted file mode 100644
index 3dfc84578..000000000
--- a/changes/diagnose_8387
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (diagnostic):
- - When we log a heartbeat, log how many one-hop circuits we have that
- are at least 30 minutes old, and log status information about a
- few of them. This is an attempt to track down bug 8387.
diff --git a/changes/md_leak_bug b/changes/md_leak_bug
deleted file mode 100644
index 26270aacc..000000000
--- a/changes/md_leak_bug
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major bugfixes (security, OOM)
- - Fix a memory leak that could occur if a microdescriptor parse
- fails during the tokenizing step. This could enable a memory
- exhaustion attack by directory servers. Fixes bug #11649; bugfix
- on 0.2.2.6-alpha.
diff --git a/changes/msvc_fix b/changes/msvc_fix
deleted file mode 100644
index 6d4531bff..000000000
--- a/changes/msvc_fix
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (build):
- - Fix compilation of test_status.c when building with MVSC.
- Bugfix on 0.2.5.4-alpha. Patch from Gisle Vanem.
diff --git a/changes/stats_not_status b/changes/stats_not_status
deleted file mode 100644
index e2bc37e5e..000000000
--- a/changes/stats_not_status
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (documentation):
- - Correct the documenation so that it lists the correct directories
- for the stats files. (They are in a subdirectory called "stats",
- not "status".)
diff --git a/changes/ticket8368 b/changes/ticket8368
deleted file mode 100644
index 206a76654..000000000
--- a/changes/ticket8368
+++ /dev/null
@@ -1,5 +0,0 @@
- o Distribution:
- - Include a tor.service file in contrib.dist for use with
- systemd. Some distributions will be able to use this file unmodified;
- others will need to tweak it, or write their own. Patch from
- Jamie Nguyen; resolves ticket 8368.
diff --git a/changes/ticket8966 b/changes/ticket8966
deleted file mode 100644
index d6967a4e3..000000000
--- a/changes/ticket8966
+++ /dev/null
@@ -1,7 +0,0 @@
- o Package cleanup:
- - The contrib directory has been sorted and tidy. Before, it was an
- unsorted dumping ground for useful and not-so-useful things. Now,
- it has been divided based on functionality, and the items which
- seemed to be nonfunctional or useless have been removed. Resolves
- ticket 8966; based on patches from "rl1987".
-
diff --git a/scripts/maint/sortChanges.py b/scripts/maint/sortChanges.py
new file mode 100755
index 000000000..f70490bad
--- /dev/null
+++ b/scripts/maint/sortChanges.py
@@ -0,0 +1,40 @@
+#!/usr/bin/python
+
+import re
+import sys
+
+def fetch(fn):
+ with open(fn) as f:
+ s = f.read()
+ s = "%s\n" % s.rstrip()
+ return s
+
+def score(s):
+ m = re.match(r'^ +o (.*)', s)
+ if not m:
+ print >>sys.stderr, "Can't score %r"%s
+ lw = m.group(1).lower()
+ if lw.startswith("major feature"):
+ score = 0
+ elif lw.startswith("major bug"):
+ score = 1
+ elif lw.startswith("major"):
+ score = 2
+ elif lw.startswith("minor feature"):
+ score = 10
+ elif lw.startswith("minor bug"):
+ score = 11
+ elif lw.startswith("minor"):
+ score = 12
+ else:
+ score = 100
+
+ return (score, lw, s)
+
+
+changes = [ score(fetch(fn)) for fn in sys.argv[1:] if not fn.endswith('~') ]
+
+changes.sort()
+
+for _, _, s in changes:
+ print s