From 8028d8fded9c9fede1e39b169dd06272ceca024b Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Thu, 13 Feb 2014 02:46:26 -0500 Subject: fold in the changes files to the new 0.2.5.2-alpha changelog --- ChangeLog | 263 +++++++++++++++++++++++++++++++++++++++--- changes/10582_tproxy | 6 - changes/10777_netunreach | 6 - changes/bug10046 | 4 - changes/bug10297 | 5 - changes/bug10313 | 6 - changes/bug10324 | 4 - changes/bug10365 | 7 -- changes/bug10470 | 4 - changes/bug10485 | 4 - changes/bug10536 | 5 - changes/bug10543 | 6 - changes/bug10565 | 3 - changes/bug10722 | 8 -- changes/bug10758 | 4 - changes/bug10777_internal_024 | 5 - changes/bug10793 | 4 - changes/bug10835 | 4 - changes/bug10842 | 5 - changes/bug10870 | 6 - changes/bug10881 | 7 -- changes/bug1376 | 3 - changes/bug4677 | 4 - changes/bug5018 | 5 - changes/bug5605 | 7 -- changes/bug7359 | 9 -- changes/bug9162 | 8 -- changes/bug9206 | 6 - changes/bug9578 | 7 -- changes/bug9602 | 4 - changes/bug9651 | 5 - changes/bug9698 | 3 - changes/bug9859 | 10 -- changes/bug9869 | 5 - changes/bug9922 | 5 - changes/bug9926 | 6 - changes/bug9934 | 5 - changes/bug9948 | 4 - changes/bug9958 | 8 -- changes/feature9777 | 7 -- changes/prop157-require | 5 - changes/prop221 | 7 -- changes/python-tests | 4 - changes/seccomp2-fixes | 4 - changes/stack_trace | 8 -- changes/ticket10043 | 4 - changes/ticket10060 | 5 - changes/ticket8510 | 3 - changes/ticket9839 | 3 - 49 files changed, 247 insertions(+), 273 deletions(-) delete mode 100644 changes/10582_tproxy delete mode 100644 changes/10777_netunreach delete mode 100644 changes/bug10046 delete mode 100644 changes/bug10297 delete mode 100644 changes/bug10313 delete mode 100644 changes/bug10324 delete mode 100644 changes/bug10365 delete mode 100644 changes/bug10470 delete mode 100644 changes/bug10485 delete mode 100644 changes/bug10536 delete mode 100644 changes/bug10543 delete mode 100644 changes/bug10565 delete mode 100644 changes/bug10722 delete mode 100644 changes/bug10758 delete mode 100644 changes/bug10777_internal_024 delete mode 100644 changes/bug10793 delete mode 100644 changes/bug10835 delete mode 100644 changes/bug10842 delete mode 100644 changes/bug10870 delete mode 100644 changes/bug10881 delete mode 100644 changes/bug1376 delete mode 100644 changes/bug4677 delete mode 100644 changes/bug5018 delete mode 100644 changes/bug5605 delete mode 100644 changes/bug7359 delete mode 100644 changes/bug9162 delete mode 100644 changes/bug9206 delete mode 100644 changes/bug9578 delete mode 100644 changes/bug9602 delete mode 100644 changes/bug9651 delete mode 100644 changes/bug9698 delete mode 100644 changes/bug9859 delete mode 100644 changes/bug9869 delete mode 100644 changes/bug9922 delete mode 100644 changes/bug9926 delete mode 100644 changes/bug9934 delete mode 100644 changes/bug9948 delete mode 100644 changes/bug9958 delete mode 100644 changes/feature9777 delete mode 100644 changes/prop157-require delete mode 100644 changes/prop221 delete mode 100644 changes/python-tests delete mode 100644 changes/seccomp2-fixes delete mode 100644 changes/stack_trace delete mode 100644 changes/ticket10043 delete mode 100644 changes/ticket10060 delete mode 100644 changes/ticket8510 delete mode 100644 changes/ticket9839 diff --git a/ChangeLog b/ChangeLog index 457ba11e4..2e99ca467 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,52 @@ -Changes in version 0.2.5.2 - 2013-01-?? +Changes in version 0.2.5.2 - 2013-02-13 + + o Major features (client security): + - When we choose a path for a 3-hop circuit, make sure it contains + at least one relay that supports the NTor circuit extension + handshake. Otherwise, there is a chance that we're building + a circuit that's worth attacking by an adversary who finds + breaking 1024-bit crypto doable, and that chance changes the game + theory. Implements ticket 9777. + - Clients now look at the "usecreatefast" consensus parameter to + decide whether to use CREATE_FAST or CREATE cells for the first hop + of their circuit. This approach can improve security on connections + where Tor's circuit handshake is stronger than the available TLS + connection security levels, but the tradeoff is more computational + load on guard relays. Implements proposal 221. Resolves ticket 9386. + + o Major features (bridges): + - Don't launch pluggable transport proxies if we don't have any + bridges configured that would use them. Now we can list many + pluggable transports, and Tor will dynamically start one when it + hears a bridge address that needs it. Resolves ticket 5018. + - The bridge directory authority now assigns status flags (Stable, + Guard, etc) to bridges based on thresholds calculated over all + Running bridges. Now bridgedb can finally make use of its features + to e.g. include at least one Stable bridge in its answers. Fixes + bug 9859. + + o Major features (other): + - Extend ORCONN controller event to include an "ID" parameter, + and add four new controller event types CONN_BW, CIRC_BW, + CELL_STATS, and TB_EMPTY that show connection and circuit usage. + The new events are emitted in private Tor networks only, with the + goal of being able to better track performance and load during + full-network simulations. Implements proposal 218 and ticket 7359. + - On some platforms (currently: recent OSX versions, glibc-based + platforms that support the ELF format, and a few other + Unix-like operating systems), Tor can now dump stack traces + when a crash occurs or an assertion fails. By default, traces + are dumped to stderr (if possible) and to any logs that are + reporting errors. Implements ticket 9299. + + o Major bugfixes: + - Avoid a segfault on SIGUSR1, where we had freed a connection but did + not entirely remove it from the connection lists. Fixes bug 9602; + bugfix on 0.2.4.4-alpha. + - Do not treat streams that fail with reason + END_STREAM_REASON_INTERNAL as indicating a definite circuit failure, + since it could also indicate an ENETUNREACH connection error. Fixes + part of bug 10777; bugfix on 0.2.4.8-alpha. o Major bugfixes (new since 0.2.5.1-alpha, also in 0.2.4.20): - Do not allow OpenSSL engines to replace the PRNG, even when @@ -25,6 +73,167 @@ Changes in version 0.2.5.2 - 2013-01-?? only our first guard. Discovered while fixing bug 9946; bugfix on 0.2.4.8-alpha. + o Minor features (bridges, pluggable transports): + - Add threshold cutoffs to the networkstatus document created by + the Bridge Authority. Fixes bug 1117. + - On Windows, spawn background processes using the CREATE_NO_WINDOW + flag. Now Tor Browser Bundle 3.5 with pluggable transports enabled + doesn't pop up a blank console window. (In Tor Browser Bundle 2.x, + Vidalia set this option for us.) Implements ticket 10297. + + o Minor features (security): + - Always clear OpenSSL bignums before freeing them -- even bignums + that don't contain secrets. Resolves ticket 10793. Patch by + Florent Daigniere. + + o Minor features (config options and command line): + - Add an --allow-missing-torrc commandline option that tells Tor to + run even if the configuration file specified by -f is not available. + Implements ticket 10060. + - Add support for the TPROXY transparent proxying facility on Linux. + See documentation for the new TransProxyType option for more + details. Implementation by "thomo". Closes ticket 10582. + + o Minor features (controller): + - Add a new "HS_DESC" controller event that reports activities + related to hidden service descriptors. Resolves ticket 8510. + - New "DROPGUARDS" controller command to forget all current entry + guards. Not recommended for ordinary use, since replacing guards + too frequently makes several attacks easier. Resolves ticket 9934; + patch from "ra". + + o Minor features (build): + - Assume that a user using ./configure --host wants to cross-compile, + and give an error if we cannot find a properly named + tool-chain. Add a --disable-tool-name-check option to proceed + nevertheless. Addresses ticket 9869. Patch by Benedikt Gollatz. + - If we run ./configure and the compiler recognizes -fstack-protector + but the linker rejects it, warn the user about a potentially missing + libssp package. Addresses ticket 9948. Patch from Benedikt Gollatz. + + o Minor features (testing): + - If Python is installed, "make check" now runs extra tests beyond + the unit test scripts. + - When bootstrapping a test network, sometimes very few relays get + the Guard flag. Now a new option "TestingDirAuthVoteGuard" can + specify a set of relays which should be voted Guard regardless of + their uptime or bandwidth. Addresses ticket 9206. + + o Minor features (log messages): + - When ServerTransportPlugin is set on a bridge, Tor can write more + useful statistics about bridge use in its extrainfo descriptors, + but only if the Extended ORPort ("ExtORPort") is set too. Add a + log message to inform the user in this case. Resolves ticket 9651. + - When receiving a new controller connection, log the origin address. + Resolves ticket 9698; patch from "sigpipe". + - When logging OpenSSL engine status at startup, log the status of + more engines. Fixes ticket 10043; patch from Joshua Datko. + - Turn "circuit handshake stats since last time" log messages into a + heartbeat message. Fixes bug 10485; bugfix on 0.2.4.17-rc. + + o Minor features (new since 0.2.5.1-alpha, also in 0.2.4.18-rc): + - Improve the circuit queue out-of-memory handler. Previously, when + we ran low on memory, we'd close whichever circuits had the most + queued cells. Now, we close those that have the *oldest* queued + cells, on the theory that those are most responsible for us + running low on memory. Based on analysis from a forthcoming paper + by Jansen, Tschorsch, Johnson, and Scheuermann. Fixes bug 9093. + - Generate bootstrapping status update events correctly when fetching + microdescriptors. Fixes bug 9927. + - Update to the October 2 2013 Maxmind GeoLite Country database. + + o Minor bugfixes (clients): + - When closing a channel that has already been open, do not close + pending circuits that were waiting to connect to the same relay. + Fixes bug 9880; bugfix on 0.2.5.1-alpha. Thanks to skruffy for + finding this bug. + + o Minor bugfixes (relays): + - Treat ENETUNREACH, EACCES, and EPERM connection failures at an + exit node as a NOROUTE error, not an INTERNAL error, since they + can apparently happen when trying to connect to the wrong sort + of netblocks. Fixes part of bug 10777; bugfix on 0.1.0.1-rc. + + o Minor bugfixes (bridges): + - Fix a bug where the first connection works to a bridge that uses a + pluggable transport with client-side parameters, but we don't send + the client-side parameters on subsequent connections. (We don't + use any pluggable transports with client-side parameters yet, + but ScrambleSuit will soon become the first one.) Fixes bug 9162; + bugfix on 0.2.0.3-alpha. Based on a patch from "rl1987". + + o Minor bugfixes (node selection): + - If ExcludeNodes is set, consider non-excluded hidden service + directory servers before excluded ones. Do not consider excluded + hidden service directory servers at all if StrictNodes is + set. (Previously, we would sometimes decide to connect to those + servers, and then realize before we initiated a connection that + we had excluded them.) Fixes bug 10722; bugfix on 0.2.0.10-alpha. + Reported by "mr-4". + - If we set the ExitNodes option but it doesn't include any nodes + that have the Exit flag, we would choose not to bootstrap. Now we + bootstrap so long as ExitNodes includes nodes which can exit to + some port. Fixes bug 10543; bugfix on 0.2.4.10-alpha. + + o Minor bugfixes (controller and command-line): + - If changing a config option via "setconf" fails in a recoverable + way, we used to nonetheless write our new control ports to the + file described by the "ControlPortWriteToFile" option. Now we only + write out that file if we successfully switch to the new config + option. Fixes bug 5605; bugfix on 0.2.2.26-beta. Patch from "Ryman". + - When a command-line option such as --version or --help that + ordinarily implies --hush appears on the command line along with + --quiet, then actually obey --quiet. Previously, we obeyed --quiet + only if it appeared later on the command line. Fixes bug 9578; + bugfix on 0.2.5.1-alpha. + + o Minor bugfixes (code correctness): + - Previously we used two temporary files when writing descriptors to + disk; now we only use one. Fixes bug 1376. + - Remove an erroneous (but impossible and thus harmless) pointer + comparison that would have allowed compilers to skip a bounds + check in channeltls.c. Fixes bugs 10313 and 9980; bugfix on + 0.2.0.10-alpha. Noticed by Jared L Wong and David Fifield. + - Fix an always-true assertion in pluggable transports code so it + actually checks what it was trying to check. Fixes bug 10046; + bugfix on 0.2.3.9-alpha. Found by "dcb". + + o Minor bugfixes (protocol correctness): + - When receiving a VERSIONS cell with an odd number of bytes, close + the connection immediately since the cell is malformed. Fixes bug + 10365; bugfix on 0.2.0.10-alpha. Spotted by "bobnomnom"; fix by + "rl1987". + + o Minor bugfixes (build): + - Restore the ability to compile Tor with V2_HANDSHAKE_SERVER + turned off (that is, without support for v2 link handshakes). Fixes + bug 4677; bugfix on 0.2.3.2-alpha. Patch from "piet". + - Fix compilation warnings and startup issues when running with + "Sandbox 1" and libseccomp-2.1.0. Fixes bug 10563; bugfix on + 0.2.5.1-alpha. + - Fix compilation on Solaris 9, which didn't like us having an + identifier named "sun". Fixes bug 10565; bugfix in 0.2.5.1-alpha. + + o Minor bugfixes (testing): + - Fix a segmentation fault in our benchmark code when running with + Fedora's OpenSSL package, or any other OpenSSL that provides + ECDH but not P224. Fixes bug 10835; bugfix on 0.2.4.8-alpha. + + o Minor bugfixes (log messages): + - Fix a bug where clients using bridges would report themselves + as 50% bootstrapped even without a live consensus document. + Fixes bug 9922; bugfix on 0.2.1.1-alpha. + - Suppress a warning where, if there's only one directory authority + in the network, we would complain that votes and signatures cannot + be uploaded to other directory authorities. Fixes bug 10842; + bugfix on 0.2.2.26-beta. + - Report bootstrapping progress correctly when we're downloading + microdescriptors. We had updated our "do we have enough microdescs + to begin building circuits?" logic most recently in 0.2.4.10-alpha + (see bug 5956), but we left the bootstrap status event logic at + "how far through getting 1/4 of them are we?" Fixes bug 9958; + bugfix on 0.2.2.36, which is where they diverged (see bug 5343). + o Minor bugfixes (new since 0.2.5.1-alpha, also in 0.2.4.20): - Avoid a crash bug when starting with a corrupted microdescriptor cache file. Fixes bug 10406; bugfix on 0.2.2.6-alpha. @@ -63,22 +272,39 @@ Changes in version 0.2.5.2 - 2013-01-?? sorry. Fixes bug 9928; bugfix on 0.2.3.18-rc. Bug found by Pedro Ribeiro. - o Minor bugfixes: - - When closing a channel that has already been open, do not close - pending circuits that were waiting to connect to the same relay. - Fixes bug 9880; bugfix on 0.2.5.1-alpha. Thanks to skruffy for - finding this bug. + o Removed code and features: + - Clients now reject any directory authority certificates lacking + a dir-key-crosscert element. These have been included since + 0.2.1.9-alpha, so there's no real reason for them to be optional + any longer. Completes proposal 157. Resolves ticket 10162. + - Remove all code that existed to support the v2 directory system, + since there are no longer any v2 directory authorities. Resolves + ticket 10758. + - Remove the HSAuthoritativeDir and AlternateHSAuthority torrc + options, which were used for designating authorities as "Hidden + service authorities". There has been no use of hidden service + authorities since 0.2.2.1-alpha, when we stopped uploading or + downloading v0 hidden service descriptors. Fixes bug 10881; also + part of a fix for bug 10841. - o Minor features (new since 0.2.5.1-alpha, also in 0.2.4.18-rc): - - Improve the circuit queue out-of-memory handler. Previously, when - we ran low on memory, we'd close whichever circuits had the most - queued cells. Now, we close those that have the *oldest* queued - cells, on the theory that those are most responsible for us - running low on memory. Based on analysis from a forthcoming paper - by Jansen, Tschorsch, Johnson, and Scheuermann. Fixes bug 9093. - - Generate bootstrapping status update events correctly when fetching - microdescriptors. Fixes bug 9927. - - Update to the October 2 2013 Maxmind GeoLite Country database. + o Code simplification and refactoring: + - Remove some old fallback code designed to keep Tor clients working + in a network with only two working relays. Elsewhere in the code we + have long since stopped supporting such networks, so there wasn't + much point in keeping it around. Addresses ticket 9926. + - Reject 0-length EXTEND2 cells more explicitly. Fixes bug 10536; + bugfix on 0.2.4.8-alpha. Reported by "cypherpunks". + - Remove data structures which were introduced to implement the + CellStatistics option: they are now redundant with the addition + of a timestamp to the regular packed_cell_t data structure, which + we did in 0.2.4.18-rc in order to resolve ticket 9093. Implements + ticket 10870. + + o Documentation (man page) fixes: + - Update manpage to describe some of the files you can expect to + find in Tor's DataDirectory. Addresses ticket 9839. + - Document that all but one DirPort entry must have the NoAdvertise + flag set. Fixes bug 10470; bugfix on 0.2.3.3-alpha / 0.2.3.16-alpha. o Documentation fixes (new since 0.2.5.1-alpha, also in 0.2.4.18-rc): - Clarify the usage and risks of setting the ContactInfo torrc line @@ -88,6 +314,11 @@ Changes in version 0.2.5.2 - 2013-01-?? - Replace remaining references to DirServer in man page and log entries. Resolves ticket 10124. + o Tool changes: + - Make the "tor-gencert" tool used by directory authority operators + create 2048-bit signing keys by default (rather than 1024-bit, since + 1024-bit is uncomfortably small these days). Addresses ticket 10324. + Changes in version 0.2.4.20 - 2013-12-22 Tor 0.2.4.20 fixes potentially poor random number generation for users diff --git a/changes/10582_tproxy b/changes/10582_tproxy deleted file mode 100644 index 0a05152dd..000000000 --- a/changes/10582_tproxy +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features: - - Add support for the TPROXY transparent proxying facility on Linux. - See documentation for the new TransProxyType option for more - details. Implementation by "thomo". Closes ticket 10582. - - diff --git a/changes/10777_netunreach b/changes/10777_netunreach deleted file mode 100644 index 1156bca5f..000000000 --- a/changes/10777_netunreach +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - Treat ENETUNREACH, EACCES, and EPERM connection failures at an - exit node as a NOROUTE error, not an INTERNAL error, since they - can apparently happen when trying to connect to the wrong sort - of netblocks. Fixes part of bug 10777; bugfix on 0.1.0.1-rc. - diff --git a/changes/bug10046 b/changes/bug10046 deleted file mode 100644 index 3286c21b3..000000000 --- a/changes/bug10046 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Fix an always-true assertion in pluggable transports code so it - actually checks what it was trying to check. Fixes bug 10046; - bugfix on 0.2.3.9-alpha. Found by "dcb". diff --git a/changes/bug10297 b/changes/bug10297 deleted file mode 100644 index 73c4cde2a..000000000 --- a/changes/bug10297 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - On Windows, spawn background processes using the CREATE_NO_WINDOW - flag. Now Tor Browser Bundle 3.5 with pluggable transports enabled - doesn't pop up a blank console window. (In Tor Browser Bundle 2.x, - Vidalia set this option for us.) Implements ticket 10297. diff --git a/changes/bug10313 b/changes/bug10313 deleted file mode 100644 index 36b363474..000000000 --- a/changes/bug10313 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - Remove an erroneous (but impossible and thus harmless) pointer - comparison that would have allowed compilers to skip a bounds - check in channeltls.c. Fixes bugs 10313 and 9980; bugfix on - 0.2.0.10-alpha. Noticed by Jared L Wong and David Fifield. - diff --git a/changes/bug10324 b/changes/bug10324 deleted file mode 100644 index 786a4c184..000000000 --- a/changes/bug10324 +++ /dev/null @@ -1,4 +0,0 @@ - o Tool changes: - - Make the "tor-gencert" tool used by directory authority operators - create 2048-bit signing keys by default (rather than 1024-bit, since - 1024-bit is uncomfortably small these days). Addresses ticket 10324. diff --git a/changes/bug10365 b/changes/bug10365 deleted file mode 100644 index f91653734..000000000 --- a/changes/bug10365 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes: - - When receiving a VERSIONS cell with an odd number of bytes, close - the connection immediately since the cell is malformed. Fixes bug - 10365; bugfix on 0.2.0.10-alpha. Spotted by "bobnomnom"; fix by - "rl1987". - - diff --git a/changes/bug10470 b/changes/bug10470 deleted file mode 100644 index 274abc990..000000000 --- a/changes/bug10470 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation fixes: - - Document that all but one DirPort entry must have the NoAdvertise - flag set. Fixes bug 10470; bugfix on 0.2.3.3-alpha / 0.2.3.16-alpha. - diff --git a/changes/bug10485 b/changes/bug10485 deleted file mode 100644 index aa599fba7..000000000 --- a/changes/bug10485 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Turn "circuit handshake stats since last time" log messages into a - heartbeat message. Fixes bug 10485; bugfix on 0.2.4.17-rc. - diff --git a/changes/bug10536 b/changes/bug10536 deleted file mode 100644 index be95eafa6..000000000 --- a/changes/bug10536 +++ /dev/null @@ -1,5 +0,0 @@ - - o Code simplification and refactoring: - - Reject 0-length EXTEND2 cells more explicitly. Fixes bug 10536; - bugfix on 0.2.4.8-alpha. Reported by "cypherpunks". - diff --git a/changes/bug10543 b/changes/bug10543 deleted file mode 100644 index ebc97b0db..000000000 --- a/changes/bug10543 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - If we set the ExitNodes option but it doesn't include any nodes - that have the Exit flag, we would choose not to bootstrap. Now we - bootstrap so long as ExitNodes includes nodes which can exit to - some port. Fixes bug 10543; bugfix on 0.2.4.10-alpha. - diff --git a/changes/bug10565 b/changes/bug10565 deleted file mode 100644 index 92902e76f..000000000 --- a/changes/bug10565 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes: - - Fix compilation on Solaris 9, which didn't like us having an - identifier named "sun". Fixes bug 10565; bugfix in 0.2.5.1-alpha. diff --git a/changes/bug10722 b/changes/bug10722 deleted file mode 100644 index 0a62e44c2..000000000 --- a/changes/bug10722 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes: - - If ExcludeNodes is set, consider non-excluded hidden service - directory servers before excluded ones. Do not consider excluded - hidden service directory servers at all if StrictNodes is - set. (Previously, we would sometimes decide to connect to those - servers, and then realize before we initiated a connection that - we had excluded them.) Fixes bug 10722; bugfix on 0.2.0.10-alpha. - Reported by "mr-4". diff --git a/changes/bug10758 b/changes/bug10758 deleted file mode 100644 index ab4075d5f..000000000 --- a/changes/bug10758 +++ /dev/null @@ -1,4 +0,0 @@ - o Removed code and features: - - Remove all code that existed to support the v2 directory system, - since there are no longer any v2 directory authorities. Resolves - ticket 10758. diff --git a/changes/bug10777_internal_024 b/changes/bug10777_internal_024 deleted file mode 100644 index c0bd9bf00..000000000 --- a/changes/bug10777_internal_024 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Do not treat streams that fail with reason - END_STREAM_REASON_INTERNAL as indicating a definite circuit failure, - since it could also indicate an ENETUNREACH connection error. Fixes - part of bug 10777; bugfix on 0.2.4.8-alpha. diff --git a/changes/bug10793 b/changes/bug10793 deleted file mode 100644 index ea15cc3ad..000000000 --- a/changes/bug10793 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (security): - - Always clear OpenSSL bignums before freeing them -- even bignums - that don't contain secrets. Resolves ticket 10793. Patch by - Florent Daigniere. diff --git a/changes/bug10835 b/changes/bug10835 deleted file mode 100644 index 9df7bdd27..000000000 --- a/changes/bug10835 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (testing): - - Fix a segmentation fault in our benchmark code when running with - Fedora's OpenSSL package, or any other OpenSSL that provides - ECDH but not P224. Fixes bug 10835; bugfix on 0.2.4.8-alpha. diff --git a/changes/bug10842 b/changes/bug10842 deleted file mode 100644 index 9c757e2d7..000000000 --- a/changes/bug10842 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (log messages): - - Suppress a warning where, if there's only one directory authority - in the network, we would complain that votes and signatures cannot - be uploaded to other directory authorities. Fixes bug 10842; - bugfix on 0.2.2.26-beta. diff --git a/changes/bug10870 b/changes/bug10870 deleted file mode 100644 index 4c8d043e1..000000000 --- a/changes/bug10870 +++ /dev/null @@ -1,6 +0,0 @@ - o Code simplification and refactoring: - - Remove data structures which were introduced to implement the - CellStatistics option: they are now redundant with the addition - of a timestamp to the regular packed_cell_t data structure, which - we did in 0.2.4.18-rc in order to resolve ticket 9093. Implements - ticket 10870. diff --git a/changes/bug10881 b/changes/bug10881 deleted file mode 100644 index 62da79eca..000000000 --- a/changes/bug10881 +++ /dev/null @@ -1,7 +0,0 @@ - o Removed config options: - - Remove the HSAuthoritativeDir and AlternateHSAuthority torrc - options, which were used for designating authorities as "Hidden - service authorities". There has been no use of hidden service - authorities since 0.2.2.1-alpha, when we stopped uploading or - downloading v0 hidden service descriptors. Fixes bug 10881; also - part of a fix for bug 10841. diff --git a/changes/bug1376 b/changes/bug1376 deleted file mode 100644 index e685a5513..000000000 --- a/changes/bug1376 +++ /dev/null @@ -1,3 +0,0 @@ - o Code simplification and refactoring: - - Previously we used two temporary files when writing descriptors to - disk; now we only use one. Implements ticket 1376. diff --git a/changes/bug4677 b/changes/bug4677 deleted file mode 100644 index e04330847..000000000 --- a/changes/bug4677 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (build): - - Restore the ability to compile Tor with V2_HANDSHAKE_SERVER - turned off (that is, without support for v2 link handshakes). Fixes - bug 4677; bugfix on 0.2.3.2-alpha. Patch from "piet". diff --git a/changes/bug5018 b/changes/bug5018 deleted file mode 100644 index 5c3a4405e..000000000 --- a/changes/bug5018 +++ /dev/null @@ -1,5 +0,0 @@ - o Major features: - - Don't launch pluggable transport proxies if we don't have any - bridges configured that would use them. Now we can list many - pluggable transports, and Tor will dynamically start one when it - hears a bridge address that needs it. Resolves ticket 5018. diff --git a/changes/bug5605 b/changes/bug5605 deleted file mode 100644 index 0bee820aa..000000000 --- a/changes/bug5605 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes: - - If changing a config option via "setconf" fails in a recoverable - way, we used to nonetheless write our new control ports to the - file described by the "ControlPortWriteToFile" option. Now we only - write out that file if we successfully switch to the new config - option. Fixes bug 5605; bugfix on 0.2.2.26-beta. Patch from "Ryman". - diff --git a/changes/bug7359 b/changes/bug7359 deleted file mode 100644 index a91b730ec..000000000 --- a/changes/bug7359 +++ /dev/null @@ -1,9 +0,0 @@ - o Major features (controller): - - Extend ORCONN controller event to include an "ID" parameter, - and add four new controller event types CONN_BW, CIRC_BW, - CELL_STATS, and TB_EMPTY that show connection and circuit usage. - The new events are emitted in private Tor networks only, with the - goal of being able to better track performance and load during - full-network simulations. Implements proposal 218. Resolves - ticket 7359. - diff --git a/changes/bug9162 b/changes/bug9162 deleted file mode 100644 index b5ac27f5b..000000000 --- a/changes/bug9162 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes: - - Fix a bug where the first connection works to a bridge that uses a - pluggable transport with client-side parameters, but we don't send - the client-side parameters on subsequent connections. (We don't - use any pluggable transports with client-side parameters yet, - but ScrambleSuit will soon become the first one.) Fixes bug 9162; - bugfix on 0.2.0.3-alpha. Based on a patch from "rl1987". - diff --git a/changes/bug9206 b/changes/bug9206 deleted file mode 100644 index 36167ffb2..000000000 --- a/changes/bug9206 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (testing): - - When bootstrapping a test network, sometimes very few relays get - the Guard flag. Now a new option "TestingDirAuthVoteGuard" can - specify a set of relays which should be voted Guard regardless of - their uptime or bandwidth. Addresses ticket 9206. - diff --git a/changes/bug9578 b/changes/bug9578 deleted file mode 100644 index 5b502005e..000000000 --- a/changes/bug9578 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes: - - When a command-line option such as --version or --help that - ordinarily implies --hush appears on the command line along with - --quiet, then actually obey --quiet. Previously, we obeyed --quiet - only if it appeared later on the command line. Fixes bug 9578; - bugfix on 0.2.5.1-alpha. - diff --git a/changes/bug9602 b/changes/bug9602 deleted file mode 100644 index 86248ab4d..000000000 --- a/changes/bug9602 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Avoid a segfault on SIGUSR1, where we had freed a connection but did - not entirely remove it from the connection lists. Fixes bug 9602; - bugfix on 0.2.4.4-alpha. diff --git a/changes/bug9651 b/changes/bug9651 deleted file mode 100644 index 8933c2090..000000000 --- a/changes/bug9651 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - When ServerTransportPlugin is set on a bridge, Tor can write more - useful statistics about bridge use in its extrainfo descriptors, - but only if the Extended ORPort ("ExtORPort") is set too. Add a - log message to inform the user in this case. Resolves ticket 9651. diff --git a/changes/bug9698 b/changes/bug9698 deleted file mode 100644 index ee5c4f64a..000000000 --- a/changes/bug9698 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - When receiving a new controller connection, log the origin address. - Resolves ticket 9698; patch from "sigpipe". diff --git a/changes/bug9859 b/changes/bug9859 deleted file mode 100644 index 38a7ace65..000000000 --- a/changes/bug9859 +++ /dev/null @@ -1,10 +0,0 @@ - o Major features: - - The bridge directory authority now assigns status flags (Stable, - Guard, etc) to bridges based on thresholds calculated over all - Running bridges. Now bridgedb can finally make use of its features - to e.g. include at least one Stable bridge in its answers. Fixes - bug 9859. - o Minor features: - - Add threshold cutoffs to the networkstatus document created by - the Bridge Authority. Fixes bug 1117. - diff --git a/changes/bug9869 b/changes/bug9869 deleted file mode 100644 index 42f892881..000000000 --- a/changes/bug9869 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (build): - - Assume that a user using ./configure --host wants to cross-compile, - and give an error if we cannot find a properly named - tool-chain. Add a --disable-tool-name-check option to proceed - nevertheless. Addresses ticket 9869. Patch by Benedikt Gollatz. diff --git a/changes/bug9922 b/changes/bug9922 deleted file mode 100644 index 9ac21118d..000000000 --- a/changes/bug9922 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Fix a bug where clients using bridges would report themselves - as 50% bootstrapped even without a live consensus document. - Fixes bug 9922; bugfix on 0.2.1.1-alpha. - diff --git a/changes/bug9926 b/changes/bug9926 deleted file mode 100644 index 6d33ecb3d..000000000 --- a/changes/bug9926 +++ /dev/null @@ -1,6 +0,0 @@ - o Code simplification and refactoring: - - Remove some old fallback code designed to keep Tor clients working - in a network with only two working relays. Elsewhere in the code we - have long since stopped supporting such networks, so there wasn't - much point in keeping it around. Addresses ticket 9926. - diff --git a/changes/bug9934 b/changes/bug9934 deleted file mode 100644 index 31e6613db..000000000 --- a/changes/bug9934 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (controller): - - New "DROPGUARDS" controller command to forget all current entry - guards. Not recommended for ordinary use, since replacing guards - too frequently makes several attacks easier. Resolves ticket 9934; - patch from "ra". diff --git a/changes/bug9948 b/changes/bug9948 deleted file mode 100644 index 492744b2b..000000000 --- a/changes/bug9948 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (build): - - If we run ./configure and the compiler recognizes -fstack-protector - but the linker rejects it, warn the user about a potentially missing - libssp package. Addresses ticket 9948. Patch from Benedikt Gollatz. diff --git a/changes/bug9958 b/changes/bug9958 deleted file mode 100644 index b801dcf77..000000000 --- a/changes/bug9958 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes: - - Report bootstrapping progress correctly when we're downloading - microdescriptors. We had updated our "do we have enough microdescs - to begin building circuits?" logic most recently in 0.2.4.10-alpha - (see bug 5956), but we left the bootstrap status event logic at - "how far through getting 1/4 of them are we?" Fixes bug 9958; - bugfix on 0.2.2.36, which is where they diverged (see bug 5343). - diff --git a/changes/feature9777 b/changes/feature9777 deleted file mode 100644 index b9f111cdf..000000000 --- a/changes/feature9777 +++ /dev/null @@ -1,7 +0,0 @@ - o Major features: - - When we choose a path for a 3-hop circuit, make sure it contains - at least one relay that supports the NTor circuit extension - handshake. Otherwise, there is a chance that we're building - a circuit that's worth attacking by an adversary who finds - breaking 1024-bit crypto doable, and that chance changes the game - theory. Implements ticket 9777. diff --git a/changes/prop157-require b/changes/prop157-require deleted file mode 100644 index 309d7f8a3..000000000 --- a/changes/prop157-require +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - Clients now reject any directory authority certificates lacking - a dir-key-crosscert element. These have been included since - 0.2.1.9-alpha, so there's no real reason for them to be optional - any longer. Completes proposal 157. Resolves ticket 10162. diff --git a/changes/prop221 b/changes/prop221 deleted file mode 100644 index 63ef763e9..000000000 --- a/changes/prop221 +++ /dev/null @@ -1,7 +0,0 @@ - o Major features: - - Clients now look at the "usecreatefast" consensus parameter to - decide whether to use CREATE_FAST or CREATE cells for the first hop - of their circuit. This approach can improve security on connections - where Tor's circuit handshake is stronger than the available TLS - connection security levels, but the tradeoff is more computational - load on guard relays. Implements proposal 221. Resolves ticket 9386. diff --git a/changes/python-tests b/changes/python-tests deleted file mode 100644 index 8a5fcf550..000000000 --- a/changes/python-tests +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - If Python is installed, "make check" now runs extra tests beyond - the unit test scripts. - diff --git a/changes/seccomp2-fixes b/changes/seccomp2-fixes deleted file mode 100644 index e050565aa..000000000 --- a/changes/seccomp2-fixes +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Fix compilation warnings and startup issues when running with - "Sandbox 1" and libseccomp-2.1.0. Fixes bug 10563; bugfix on - 0.2.5.1-alpha. diff --git a/changes/stack_trace b/changes/stack_trace deleted file mode 100644 index 33dfcd3e8..000000000 --- a/changes/stack_trace +++ /dev/null @@ -1,8 +0,0 @@ - o Major features: - - On some platforms (currently: recent OSX versions, glibc-based - platforms that support the ELF format, and a few other - Unix-like operating systems), Tor can now dump stack traces - when a crash occurs or an assertion fails. By default, traces - are dumped to stderr (if possible) and to any logs that are - reporting errors. Implements ticket 9299. - diff --git a/changes/ticket10043 b/changes/ticket10043 deleted file mode 100644 index 21541bedb..000000000 --- a/changes/ticket10043 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - When logging OpenSSL engine status at startup, log the status of - more engines. Fixes ticket 10043; patch from Joshua Datko. - diff --git a/changes/ticket10060 b/changes/ticket10060 deleted file mode 100644 index ff61c2939..000000000 --- a/changes/ticket10060 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - Add an --allow-missing-torrc commandline option that tells Tor to - run even if the configuration file specified by -f is not available. - Implements ticket 10060. - diff --git a/changes/ticket8510 b/changes/ticket8510 deleted file mode 100644 index 0cd7a8c72..000000000 --- a/changes/ticket8510 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Add a new "HS_DESC" controller event that reports activities - related to hidden service descriptors. Resolves ticket 8510. diff --git a/changes/ticket9839 b/changes/ticket9839 deleted file mode 100644 index e85c280a7..000000000 --- a/changes/ticket9839 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation: - - Update manpage to describe some of the files you can expect to - find in Tor's DataDirectory. Addresses ticket 9839. -- cgit v1.2.3