commit 03e9aa094185e55e120f2fffa01da62b5a7b44df
Author: Nick Mathewson <nickm(a)torproject.org>
Date: Tue Dec 30 09:53:13 2014 -0500
Fold more things into the 0.2.6.2-alpha changelog
---
ChangeLog | 106 +++++++++++++++++++--
changes/bug13667 | 6 --
changes/bug13718-add-internal-bootstrap-statuses | 9 --
changes/bug13718-avoid-excluding-guards | 8 --
changes/bug13808 | 9 --
changes/bug13811 | 6 --
changes/bug13814-avoid-exit-paths-no-exits | 8 --
changes/bug13814-reachability-without-exits | 9 --
changes/bug13823-decrease-consensus-interval | 9 --
changes/bug13839-fix-TestingMinExitFlagThreshold | 7 --
changes/bug13913 | 7 --
changes/bug13924-fix-testing-reachability | 7 --
changes/bug13963-decrease-if-modified-since-delay | 8 --
changes/bug14013 | 6 --
changes/bug14041 | 5 -
changes/resolvemyaddr-tests | 3 -
changes/ticket11016 | 6 --
17 files changed, 99 insertions(+), 120 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index d7c9430..18bd536 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -18,6 +18,10 @@ Changes in version 0.2.6.2-alpha - 2014-12-??
implements ticket 9262.
o Major features (hidden services):
+ - Make HS port scanning more difficult by sending back REASON_DONE
+ if the exit policy didn't match. Furthermore, immediately close
+ the circuit to slow down port scanning attempts. Closes
+ ticket 13667.
- Add a HiddenServiceStatistics option that allows Tor relays to
gather and publish statistics the overall size and volume of
hidden service usage. Specifically, when this option is turned on,
@@ -30,6 +34,13 @@ Changes in version 0.2.6.2-alpha - 2014-12-??
proposal 238, "Better hidden service stats from Tor relays". This
feature is currently disabled by default. Implements feature 13192.
+ o Major bugfixes (client, automap):
+ - Repair automapping with IPv6 addresses; this automapping should
+ have worked previously, but one piece of debugging code that we
+ inserted to detect a regression actually caused the regression to
+ manifest itself again. Fixes bug 13811; bugfix on 0.2.4.7-alpha.
+ Diagnosed and fixed by Francisco Blas Izquierdo Riera.
+
o Major bugfixes (hidden services):
- When closing an introduction circuit that was opened in parallel
with others, don't mark the introduction point as unreachable.
@@ -37,6 +48,12 @@ Changes in version 0.2.6.2-alpha - 2014-12-??
point would make the other introduction points get marked as
having timed out. Fixes bug 13698; bugfix on 0.0.6rc2.
+ o Major removed features:
+ - Tor clients no longer support connecting to hidden services
+ running on Tor 0.2.2.x and earlier; the Support022HiddenServices
+ option has been removed. (There shouldn't be any hidden services
+ running these versions on the network.) Closes ticket 7803.
+
o Minor features (client):
- Validate hostnames in SOCKS5 requests more strictly. If SafeSocks
is enabled, reject requests with IP addresses as hostnames.
@@ -63,9 +80,29 @@ Changes in version 0.2.6.2-alpha - 2014-12-??
directories and hostname files to be created group-readable. Patch
from "anon", David Stainton, and "meejah". Closes ticket 11291.
- o Minor features (transparent firewall):
+ o Minor features (systemd):
+ - Where supported, when running with systemd, report successful
+ startup to systemd. Part of ticket 11016. Patch by Michael Scherer.
+ - When running with systemd, support systemd watchdog messages. Part
+ of ticket 11016. Patch by Michael Scherer.
+
+ o Minor features (transparent proxy):
- Update the transparent proxy option checks to allow for both ipfw
and pf on OS X. Closes ticket 14002.
+ - Use the correct option when using IPv6 with transparent proxy
+ support on Linux. Resolves 13808. Patch by Francisco Blas
+ Izquierdo Riera.
+
+ o Minor bugfixes (preventative security, C safety):
+ - When reading a hexadecimal, base-32, or base-64 encoded value from
+ a string, always overwrite the complete output buffer. This
+ prevents some bugs where we would look at (but fortunately, not
+ reveal) uninitialized memory on the stack. Fixes bug 14013; bugfix
+ on all versions of Tor.
+ - Clear all memory targetted by tor_addr_{to,from}_sockaddr(), not
+ just the part that's used. This makes it harder for data leak bugs
+ to occur in the event of other programming failures. Resolves
+ ticket 14041.
o Minor bugfixes (client, micordescriptors):
- Use a full 256 bits of the SHA256 digest of a microdescriptor when
@@ -103,6 +140,11 @@ Changes in version 0.2.6.2-alpha - 2014-12-??
directories. Fixes bug 13214; bugfix on 0.2.1.6-alpha. Reported
by "special".
+ o Minor bugfixes (Linux seccomp2 sandbox):
+ - Make transparent proxy support work along with the seccomp2
+ sandbox. Fixes part of bug 13808; bugfix on 0.2.5.1-alpha. Patch
+ by Francisco Blas Izquierdo Riera.
+
o Minor bugfixes (logging):
- Downgrade warnings about RSA signature failures to info log level.
Emit a warning when extra info document is found incompatible with
@@ -118,6 +160,56 @@ Changes in version 0.2.6.2-alpha - 2014-12-??
our address-range parsing code. Fixes bug 7484; bugfix
on 0.0.2pre14.
+ o Minor bugfixes (testing networks):
+ - Allow Tor to build circuits using a consensus with no exits. If
+ the consensus has no exits (typical of a bootstrapping test
+ network), allow Tor to build circuits once enough descriptors have
+ been downloaded. This assists in bootstrapping a testing Tor
+ network. Fixes bug 13718; bugfix on 0.2.4.10-alpha. Patch
+ by "teor".
+ - When V3AuthVotingInterval is low, give a lower If-Modified-Since
+ header to directory servers. This allows us to obtain consensuses
+ promptly when the consensus interval is very short. This assists
+ in bootstrapping a testing Tor network. Fixes parts of bugs 13718
+ and 13963; bugfix on 0.2.0.3-alpha. Patch by "teor".
+ - Stop assuming that private addresses are local when checking
+ reachability in a TestingTorNetwork. Instead, when testing, assume
+ all OR connections are remote. (This is necessary due to many test
+ scenarios running all nodes on localhost.) This assists in
+ bootstrapping a testing Tor network. Fixes bug 13924; bugfix on
+ 0.1.0.1-rc. Patch by "teor".
+ - Avoid building exit circuits from a consensus with no exits. Now
+ thanks to our fix for 13718, we accept a no-exit network as not
+ wholly lost, but we need to remember not to try to build exit
+ circuits on it. Closes ticket 13814; patch by "teor".
+ - Stop requiring exits to have non-zero bandwithcapacity in a
+ TestingTorNetwork. Instead, when TestingMinExitFlagThreshold is 0,
+ ignore exit bandwidthcapacity. This assists in bootstrapping a
+ testing Tor network. Fixes parts of bugs 13718 and 13839; bugfix
+ on 0.2.0.3-alpha. Patch by "teor".
+ - Add "internal" to some bootstrap statuses when no exits are
+ available. If the consensus does not contain Exits, Tor will only
+ build internal circuits. In this case, relevant statuses will
+ contain the word "internal" as indicated in the Tor control-
+ spec.txt. When bootstrap completes, Tor will be ready to handle an
+ application requesting an internal circuit to hidden services at
+ ".onion" addresses. If a future consensus contains Exits, exit
+ circuits may become available. Fixes part of bug 13718; bugfix on
+ 0.2.4.10-alpha. Patch by "teor".
+ - Decrease minimum consensus interval to 10 seconds when
+ TestingTorNetwork is set, or 5 seconds for the first consensus.
+ Fix assumptions throughout the code that assume larger interval
+ values. This assists in quickly bootstrapping a testing Tor
+ network. Fixes bugs 13718 and 13823; bugfix on 0.2.0.3-alpha.
+ Patch by "teor".
+ - Avoid excluding guards from path building in minimal test
+ networks, when we're in a test network, and excluding guards would
+ exclude all nodes. This typically occurs in incredibly small tor
+ networks, and those using TestingAuthVoteGuard * This fix only
+ applies to minimal, testing tor networks, so it's no less secure.
+ Fixes part of bug 13718; bugfix on 0.1.1.11-alpha. Patch
+ by "teor".
+
o Code simplification and refactoring:
- Stop using can_complete_circuits as a global variable; access it
with a function instead.
@@ -153,12 +245,10 @@ Changes in version 0.2.6.2-alpha - 2014-12-??
good idea. Also, properly cross-reference how to specify nodes in
all parts of the manual for options that take a list of nodes.
Closes ticket 13381.
-
- o Major removed features:
- - Tor clients no longer support connecting to hidden services
- running on Tor 0.2.2.x and earlier; the Support022HiddenServices
- option has been removed. (There shouldn't be any hidden services
- running these versions on the network.) Closes ticket 7803.
+ - Clarify HiddenServiceDir option description in manpage to make it
+ clear that relative paths are taken with respect to the current
+ working directory of Tor instance. Also clarify that this behavior
+ is not guaranteed to remain indefinitely. Fixes issue 13913.
o Testing:
- New tests for many parts of channel, relay, and circuit mux
@@ -168,6 +258,8 @@ Changes in version 0.2.6.2-alpha - 2014-12-??
test temporary directory to the current user, so that the sticky
bit doesn't interfere with tests that check directory groups.
Closes 13678.
+ - Add unit tests for resolve_my_addr(). Part of ticket 12376; patch
+ by 'rl1987'.
Changes in version 0.2.6.1-alpha - 2014-10-30
diff --git a/changes/bug13667 b/changes/bug13667
deleted file mode 100644
index 852e61f..0000000
--- a/changes/bug13667
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major features (security, hidden services):
- - Make HS port scanning more difficult by sending back REASON_DONE if the
- exit policy didn't match. Furthermore, immediately close the circuit to
- avoid other connection attempts on it from the possible attacker trying
- multiple ports on that same circuits. Closes ticket 13667.
-
diff --git a/changes/bug13718-add-internal-bootstrap-statuses b/changes/bug13718-add-internal-bootstrap-statuses
deleted file mode 100644
index add2e8e..0000000
--- a/changes/bug13718-add-internal-bootstrap-statuses
+++ /dev/null
@@ -1,9 +0,0 @@
- o Minor bugfixes (Testing networks):
- - Add "internal" to some bootstrap statuses when no exits are available.
- If the consensus does not contain Exits, Tor will only build internal
- circuits. In this case, relevant statuses will contain the word
- "internal" as indicated in the Tor control-spec.txt. When bootstrap
- completes, Tor will be ready to handle an application requesting an
- internal circuit to hidden services at ".onion" addresses.
- If a future consensus contains Exits, exit circuits may become available.
- Fixes part of bug 13718; bugfix on 0.2.4.10-alpha. Patch by "teor".
diff --git a/changes/bug13718-avoid-excluding-guards b/changes/bug13718-avoid-excluding-guards
deleted file mode 100644
index 8bb4fa3..0000000
--- a/changes/bug13718-avoid-excluding-guards
+++ /dev/null
@@ -1,8 +0,0 @@
- o Minor bugfixes (Test networks):
- - Avoid excluding guards from path building in minimal test networks,
- when we're in a test network, and excluding guards would exclude
- all nodes. This typically occurs in incredibly small tor networks,
- and those using TestingAuthVoteGuard *
- This fix only applies to minimal, testing tor networks,
- so it's no less secure.
- Fixes part of bug 13718; bugfix on 0.1.1.11-alpha. Patch by "teor".
diff --git a/changes/bug13808 b/changes/bug13808
deleted file mode 100644
index b24a01c..0000000
--- a/changes/bug13808
+++ /dev/null
@@ -1,9 +0,0 @@
- o Minor features (transparent proxy):
- - Use the correct option when using IPv6 with transparent proxy
- support on Linux. Resolves 13808. Patch by Francisco Blas
- Izquierdo Riera.
-
- o Minor bugfixes (sandbox):
- - Make transparent proxy support work along with the seccomp2
- sandbox. Fixes part of bug 13808; bugfix on 0.2.5.1-alpha.
- Patch by Francisco Blas Izquierdo Riera.
diff --git a/changes/bug13811 b/changes/bug13811
deleted file mode 100644
index 1b9bd9c..0000000
--- a/changes/bug13811
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major bugfixes (client, automap):
- - Repair automapping with IPv6 addresses; this automapping should
- have worked previously, but one piece of debugging code that we
- inserted to detect a regression actually caused the regression
- to manifest itself again. Fixes bug 13811; bugfix on
- 0.2.4.7-alpha. Diagnosed and fixed by Francisco Blas Izquierdo Riera.
\ No newline at end of file
diff --git a/changes/bug13814-avoid-exit-paths-no-exits b/changes/bug13814-avoid-exit-paths-no-exits
deleted file mode 100644
index 8276121..0000000
--- a/changes/bug13814-avoid-exit-paths-no-exits
+++ /dev/null
@@ -1,8 +0,0 @@
- o Minor features (Testing networks):
- - Avoid building exit circuits from a consensus with no exits.
- Now thanks to our fix for 13718,
- we accept a no-exit network as not wholly lost, but
- we need to remember not to try to build exit circuits on it.
- Closes ticket 13814;
- patch by "teor".
-
diff --git a/changes/bug13814-reachability-without-exits b/changes/bug13814-reachability-without-exits
deleted file mode 100644
index 07f2d8a..0000000
--- a/changes/bug13814-reachability-without-exits
+++ /dev/null
@@ -1,9 +0,0 @@
- o Minor bugfixes (Testing networks):
- - Allow Tor to build circuits using a consensus with
- no exits. If the consensus has no exits (typical of
- a bootstrapping test network), allow Tor to build
- circuits once enough descriptors have been
- downloaded.
- This assists in bootstrapping a testing Tor
- network.
- Fixes bug 13718; bugfix on 0.2.4.10-alpha. Patch by "teor".
diff --git a/changes/bug13823-decrease-consensus-interval b/changes/bug13823-decrease-consensus-interval
deleted file mode 100644
index cc0e6c7..0000000
--- a/changes/bug13823-decrease-consensus-interval
+++ /dev/null
@@ -1,9 +0,0 @@
- o Minor bugfixes (Testing networks):
- - Decrease minimum consensus interval to 10 seconds
- when TestingTorNetwork is set, or 5 seconds for
- the first consensus.
- Fix assumptions throughout the code that assume larger interval values.
- This assists in quickly bootstrapping a testing
- Tor network.
- Fixes bugs 13718 and 13823; bugfix on 0.2.0.3-alpha.
- Patch by "teor".
diff --git a/changes/bug13839-fix-TestingMinExitFlagThreshold b/changes/bug13839-fix-TestingMinExitFlagThreshold
deleted file mode 100644
index 86315de..0000000
--- a/changes/bug13839-fix-TestingMinExitFlagThreshold
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes (Testing networks)
- - Stop requiring exits to have non-zero bandwithcapacity in a
- TestingTorNetwork. Instead, when TestingMinExitFlagThreshold is 0,
- ignore exit bandwidthcapacity.
- This assists in bootstrapping a testing Tor network.
- Fixes parts of bugs 13718 and 13839;
- bugfix on 0.2.0.3-alpha. Patch by "teor".
diff --git a/changes/bug13913 b/changes/bug13913
deleted file mode 100644
index 9a23180..0000000
--- a/changes/bug13913
+++ /dev/null
@@ -1,7 +0,0 @@
- o Documentation:
- - Clarify HiddenServiceDir option description in manpage to make it
- clear that relative paths are taken with respect to the current
- working
- directory of Tor instance. Also clarify that this behavior is
- not guaranteed to remain indefinitely. Fixes
- issue 13913.
diff --git a/changes/bug13924-fix-testing-reachability b/changes/bug13924-fix-testing-reachability
deleted file mode 100644
index e10dda8..0000000
--- a/changes/bug13924-fix-testing-reachability
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes (Testing networks)
- - Stop assuming that private addresses are local when checking
- reachability in a TestingTorNetwork. Instead, when testing, assume
- all OR connections are remote. (This is necessary due to many test
- scenarios running all nodes on localhost.)
- This assists in bootstrapping a testing Tor network.
- Fixes bug 13924; bugfix on 0.1.0.1-rc. Patch by "teor".
diff --git a/changes/bug13963-decrease-if-modified-since-delay b/changes/bug13963-decrease-if-modified-since-delay
deleted file mode 100644
index 26bda82..0000000
--- a/changes/bug13963-decrease-if-modified-since-delay
+++ /dev/null
@@ -1,8 +0,0 @@
- o Minor bugfixes:
- - When V3AuthVotingInterval is low, decrease the delay on the
- If-Modified-Since header passed to directory servers.
- This allows us to obtain consensuses promptly when the consensus
- interval is very short.
- This assists in bootstrapping a testing Tor network.
- Fixes parts of bugs 13718 and 13963; bugfix on 0.2.0.3-alpha.
- Patch by "teor".
\ No newline at end of file
diff --git a/changes/bug14013 b/changes/bug14013
deleted file mode 100644
index 640cf85..0000000
--- a/changes/bug14013
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major bugfixes:
- - When reading a hexadecimal, base-32, or base-64 encoded value
- from a string, always overwrite the complete output buffer. This
- prevents some bugs where we would look at (but fortunately, not
- reveal) uninitialized memory on the stack. Fixes bug 14013;
- bugfix on all versions of Tor.
diff --git a/changes/bug14041 b/changes/bug14041
deleted file mode 100644
index d3d6538..0000000
--- a/changes/bug14041
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (security):
- - Clear all memory targetted by tor_addr_{to,from}_sockaddr(),
- not just the part that's used. This makes it harder for data leak
- bugs to occur in the event of other programming failures.
- Resolves ticket 14041.
diff --git a/changes/resolvemyaddr-tests b/changes/resolvemyaddr-tests
deleted file mode 100644
index c019bb8..0000000
--- a/changes/resolvemyaddr-tests
+++ /dev/null
@@ -1,3 +0,0 @@
- o Testing:
- - Add unit tests for resolve_my_addr(). Part of ticket 12376;
- patch by 'rl1987'.
diff --git a/changes/ticket11016 b/changes/ticket11016
deleted file mode 100644
index 98d5d49..0000000
--- a/changes/ticket11016
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor features (systemd):
- - Where supported, when running with systemd, report successful
- startup to systemd. Part of ticket 11016. Patch by Michael
- Scherer.
- - When running with systemd, support systemd watchdog messages.
- Part of ticket 11016. Patch by Michael Scherer.