commit 8028d8fded9c9fede1e39b169dd06272ceca024b
Author: Roger Dingledine <arma(a)torproject.org>
Date: Thu Feb 13 02:46:26 2014 -0500
fold in the changes files to the new 0.2.5.2-alpha changelog
---
ChangeLog | 263 ++++++++++++++++++++++++++++++++++++++---
changes/10582_tproxy | 6 -
changes/10777_netunreach | 6 -
changes/bug10046 | 4 -
changes/bug10297 | 5 -
changes/bug10313 | 6 -
changes/bug10324 | 4 -
changes/bug10365 | 7 --
changes/bug10470 | 4 -
changes/bug10485 | 4 -
changes/bug10536 | 5 -
changes/bug10543 | 6 -
changes/bug10565 | 3 -
changes/bug10722 | 8 --
changes/bug10758 | 4 -
changes/bug10777_internal_024 | 5 -
changes/bug10793 | 4 -
changes/bug10835 | 4 -
changes/bug10842 | 5 -
changes/bug10870 | 6 -
changes/bug10881 | 7 --
changes/bug1376 | 3 -
changes/bug4677 | 4 -
changes/bug5018 | 5 -
changes/bug5605 | 7 --
changes/bug7359 | 9 --
changes/bug9162 | 8 --
changes/bug9206 | 6 -
changes/bug9578 | 7 --
changes/bug9602 | 4 -
changes/bug9651 | 5 -
changes/bug9698 | 3 -
changes/bug9859 | 10 --
changes/bug9869 | 5 -
changes/bug9922 | 5 -
changes/bug9926 | 6 -
changes/bug9934 | 5 -
changes/bug9948 | 4 -
changes/bug9958 | 8 --
changes/feature9777 | 7 --
changes/prop157-require | 5 -
changes/prop221 | 7 --
changes/python-tests | 4 -
changes/seccomp2-fixes | 4 -
changes/stack_trace | 8 --
changes/ticket10043 | 4 -
changes/ticket10060 | 5 -
changes/ticket8510 | 3 -
changes/ticket9839 | 3 -
49 files changed, 247 insertions(+), 273 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 457ba11..2e99ca4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,52 @@
-Changes in version 0.2.5.2 - 2013-01-??
+Changes in version 0.2.5.2 - 2013-02-13
+
+ o Major features (client security):
+ - When we choose a path for a 3-hop circuit, make sure it contains
+ at least one relay that supports the NTor circuit extension
+ handshake. Otherwise, there is a chance that we're building
+ a circuit that's worth attacking by an adversary who finds
+ breaking 1024-bit crypto doable, and that chance changes the game
+ theory. Implements ticket 9777.
+ - Clients now look at the "usecreatefast" consensus parameter to
+ decide whether to use CREATE_FAST or CREATE cells for the first hop
+ of their circuit. This approach can improve security on connections
+ where Tor's circuit handshake is stronger than the available TLS
+ connection security levels, but the tradeoff is more computational
+ load on guard relays. Implements proposal 221. Resolves ticket 9386.
+
+ o Major features (bridges):
+ - Don't launch pluggable transport proxies if we don't have any
+ bridges configured that would use them. Now we can list many
+ pluggable transports, and Tor will dynamically start one when it
+ hears a bridge address that needs it. Resolves ticket 5018.
+ - The bridge directory authority now assigns status flags (Stable,
+ Guard, etc) to bridges based on thresholds calculated over all
+ Running bridges. Now bridgedb can finally make use of its features
+ to e.g. include at least one Stable bridge in its answers. Fixes
+ bug 9859.
+
+ o Major features (other):
+ - Extend ORCONN controller event to include an "ID" parameter,
+ and add four new controller event types CONN_BW, CIRC_BW,
+ CELL_STATS, and TB_EMPTY that show connection and circuit usage.
+ The new events are emitted in private Tor networks only, with the
+ goal of being able to better track performance and load during
+ full-network simulations. Implements proposal 218 and ticket 7359.
+ - On some platforms (currently: recent OSX versions, glibc-based
+ platforms that support the ELF format, and a few other
+ Unix-like operating systems), Tor can now dump stack traces
+ when a crash occurs or an assertion fails. By default, traces
+ are dumped to stderr (if possible) and to any logs that are
+ reporting errors. Implements ticket 9299.
+
+ o Major bugfixes:
+ - Avoid a segfault on SIGUSR1, where we had freed a connection but did
+ not entirely remove it from the connection lists. Fixes bug 9602;
+ bugfix on 0.2.4.4-alpha.
+ - Do not treat streams that fail with reason
+ END_STREAM_REASON_INTERNAL as indicating a definite circuit failure,
+ since it could also indicate an ENETUNREACH connection error. Fixes
+ part of bug 10777; bugfix on 0.2.4.8-alpha.
o Major bugfixes (new since 0.2.5.1-alpha, also in 0.2.4.20):
- Do not allow OpenSSL engines to replace the PRNG, even when
@@ -25,6 +73,167 @@ Changes in version 0.2.5.2 - 2013-01-??
only our first guard. Discovered while fixing bug 9946; bugfix
on 0.2.4.8-alpha.
+ o Minor features (bridges, pluggable transports):
+ - Add threshold cutoffs to the networkstatus document created by
+ the Bridge Authority. Fixes bug 1117.
+ - On Windows, spawn background processes using the CREATE_NO_WINDOW
+ flag. Now Tor Browser Bundle 3.5 with pluggable transports enabled
+ doesn't pop up a blank console window. (In Tor Browser Bundle 2.x,
+ Vidalia set this option for us.) Implements ticket 10297.
+
+ o Minor features (security):
+ - Always clear OpenSSL bignums before freeing them -- even bignums
+ that don't contain secrets. Resolves ticket 10793. Patch by
+ Florent Daigniere.
+
+ o Minor features (config options and command line):
+ - Add an --allow-missing-torrc commandline option that tells Tor to
+ run even if the configuration file specified by -f is not available.
+ Implements ticket 10060.
+ - Add support for the TPROXY transparent proxying facility on Linux.
+ See documentation for the new TransProxyType option for more
+ details. Implementation by "thomo". Closes ticket 10582.
+
+ o Minor features (controller):
+ - Add a new "HS_DESC" controller event that reports activities
+ related to hidden service descriptors. Resolves ticket 8510.
+ - New "DROPGUARDS" controller command to forget all current entry
+ guards. Not recommended for ordinary use, since replacing guards
+ too frequently makes several attacks easier. Resolves ticket 9934;
+ patch from "ra".
+
+ o Minor features (build):
+ - Assume that a user using ./configure --host wants to cross-compile,
+ and give an error if we cannot find a properly named
+ tool-chain. Add a --disable-tool-name-check option to proceed
+ nevertheless. Addresses ticket 9869. Patch by Benedikt Gollatz.
+ - If we run ./configure and the compiler recognizes -fstack-protector
+ but the linker rejects it, warn the user about a potentially missing
+ libssp package. Addresses ticket 9948. Patch from Benedikt Gollatz.
+
+ o Minor features (testing):
+ - If Python is installed, "make check" now runs extra tests beyond
+ the unit test scripts.
+ - When bootstrapping a test network, sometimes very few relays get
+ the Guard flag. Now a new option "TestingDirAuthVoteGuard" can
+ specify a set of relays which should be voted Guard regardless of
+ their uptime or bandwidth. Addresses ticket 9206.
+
+ o Minor features (log messages):
+ - When ServerTransportPlugin is set on a bridge, Tor can write more
+ useful statistics about bridge use in its extrainfo descriptors,
+ but only if the Extended ORPort ("ExtORPort") is set too. Add a
+ log message to inform the user in this case. Resolves ticket 9651.
+ - When receiving a new controller connection, log the origin address.
+ Resolves ticket 9698; patch from "sigpipe".
+ - When logging OpenSSL engine status at startup, log the status of
+ more engines. Fixes ticket 10043; patch from Joshua Datko.
+ - Turn "circuit handshake stats since last time" log messages into a
+ heartbeat message. Fixes bug 10485; bugfix on 0.2.4.17-rc.
+
+ o Minor features (new since 0.2.5.1-alpha, also in 0.2.4.18-rc):
+ - Improve the circuit queue out-of-memory handler. Previously, when
+ we ran low on memory, we'd close whichever circuits had the most
+ queued cells. Now, we close those that have the *oldest* queued
+ cells, on the theory that those are most responsible for us
+ running low on memory. Based on analysis from a forthcoming paper
+ by Jansen, Tschorsch, Johnson, and Scheuermann. Fixes bug 9093.
+ - Generate bootstrapping status update events correctly when fetching
+ microdescriptors. Fixes bug 9927.
+ - Update to the October 2 2013 Maxmind GeoLite Country database.
+
+ o Minor bugfixes (clients):
+ - When closing a channel that has already been open, do not close
+ pending circuits that were waiting to connect to the same relay.
+ Fixes bug 9880; bugfix on 0.2.5.1-alpha. Thanks to skruffy for
+ finding this bug.
+
+ o Minor bugfixes (relays):
+ - Treat ENETUNREACH, EACCES, and EPERM connection failures at an
+ exit node as a NOROUTE error, not an INTERNAL error, since they
+ can apparently happen when trying to connect to the wrong sort
+ of netblocks. Fixes part of bug 10777; bugfix on 0.1.0.1-rc.
+
+ o Minor bugfixes (bridges):
+ - Fix a bug where the first connection works to a bridge that uses a
+ pluggable transport with client-side parameters, but we don't send
+ the client-side parameters on subsequent connections. (We don't
+ use any pluggable transports with client-side parameters yet,
+ but ScrambleSuit will soon become the first one.) Fixes bug 9162;
+ bugfix on 0.2.0.3-alpha. Based on a patch from "rl1987".
+
+ o Minor bugfixes (node selection):
+ - If ExcludeNodes is set, consider non-excluded hidden service
+ directory servers before excluded ones. Do not consider excluded
+ hidden service directory servers at all if StrictNodes is
+ set. (Previously, we would sometimes decide to connect to those
+ servers, and then realize before we initiated a connection that
+ we had excluded them.) Fixes bug 10722; bugfix on 0.2.0.10-alpha.
+ Reported by "mr-4".
+ - If we set the ExitNodes option but it doesn't include any nodes
+ that have the Exit flag, we would choose not to bootstrap. Now we
+ bootstrap so long as ExitNodes includes nodes which can exit to
+ some port. Fixes bug 10543; bugfix on 0.2.4.10-alpha.
+
+ o Minor bugfixes (controller and command-line):
+ - If changing a config option via "setconf" fails in a recoverable
+ way, we used to nonetheless write our new control ports to the
+ file described by the "ControlPortWriteToFile" option. Now we only
+ write out that file if we successfully switch to the new config
+ option. Fixes bug 5605; bugfix on 0.2.2.26-beta. Patch from "Ryman".
+ - When a command-line option such as --version or --help that
+ ordinarily implies --hush appears on the command line along with
+ --quiet, then actually obey --quiet. Previously, we obeyed --quiet
+ only if it appeared later on the command line. Fixes bug 9578;
+ bugfix on 0.2.5.1-alpha.
+
+ o Minor bugfixes (code correctness):
+ - Previously we used two temporary files when writing descriptors to
+ disk; now we only use one. Fixes bug 1376.
+ - Remove an erroneous (but impossible and thus harmless) pointer
+ comparison that would have allowed compilers to skip a bounds
+ check in channeltls.c. Fixes bugs 10313 and 9980; bugfix on
+ 0.2.0.10-alpha. Noticed by Jared L Wong and David Fifield.
+ - Fix an always-true assertion in pluggable transports code so it
+ actually checks what it was trying to check. Fixes bug 10046;
+ bugfix on 0.2.3.9-alpha. Found by "dcb".
+
+ o Minor bugfixes (protocol correctness):
+ - When receiving a VERSIONS cell with an odd number of bytes, close
+ the connection immediately since the cell is malformed. Fixes bug
+ 10365; bugfix on 0.2.0.10-alpha. Spotted by "bobnomnom"; fix by
+ "rl1987".
+
+ o Minor bugfixes (build):
+ - Restore the ability to compile Tor with V2_HANDSHAKE_SERVER
+ turned off (that is, without support for v2 link handshakes). Fixes
+ bug 4677; bugfix on 0.2.3.2-alpha. Patch from "piet".
+ - Fix compilation warnings and startup issues when running with
+ "Sandbox 1" and libseccomp-2.1.0. Fixes bug 10563; bugfix on
+ 0.2.5.1-alpha.
+ - Fix compilation on Solaris 9, which didn't like us having an
+ identifier named "sun". Fixes bug 10565; bugfix in 0.2.5.1-alpha.
+
+ o Minor bugfixes (testing):
+ - Fix a segmentation fault in our benchmark code when running with
+ Fedora's OpenSSL package, or any other OpenSSL that provides
+ ECDH but not P224. Fixes bug 10835; bugfix on 0.2.4.8-alpha.
+
+ o Minor bugfixes (log messages):
+ - Fix a bug where clients using bridges would report themselves
+ as 50% bootstrapped even without a live consensus document.
+ Fixes bug 9922; bugfix on 0.2.1.1-alpha.
+ - Suppress a warning where, if there's only one directory authority
+ in the network, we would complain that votes and signatures cannot
+ be uploaded to other directory authorities. Fixes bug 10842;
+ bugfix on 0.2.2.26-beta.
+ - Report bootstrapping progress correctly when we're downloading
+ microdescriptors. We had updated our "do we have enough microdescs
+ to begin building circuits?" logic most recently in 0.2.4.10-alpha
+ (see bug 5956), but we left the bootstrap status event logic at
+ "how far through getting 1/4 of them are we?" Fixes bug 9958;
+ bugfix on 0.2.2.36, which is where they diverged (see bug 5343).
+
o Minor bugfixes (new since 0.2.5.1-alpha, also in 0.2.4.20):
- Avoid a crash bug when starting with a corrupted microdescriptor
cache file. Fixes bug 10406; bugfix on 0.2.2.6-alpha.
@@ -63,22 +272,39 @@ Changes in version 0.2.5.2 - 2013-01-??
sorry. Fixes bug 9928; bugfix on 0.2.3.18-rc. Bug found by
Pedro Ribeiro.
- o Minor bugfixes:
- - When closing a channel that has already been open, do not close
- pending circuits that were waiting to connect to the same relay.
- Fixes bug 9880; bugfix on 0.2.5.1-alpha. Thanks to skruffy for
- finding this bug.
+ o Removed code and features:
+ - Clients now reject any directory authority certificates lacking
+ a dir-key-crosscert element. These have been included since
+ 0.2.1.9-alpha, so there's no real reason for them to be optional
+ any longer. Completes proposal 157. Resolves ticket 10162.
+ - Remove all code that existed to support the v2 directory system,
+ since there are no longer any v2 directory authorities. Resolves
+ ticket 10758.
+ - Remove the HSAuthoritativeDir and AlternateHSAuthority torrc
+ options, which were used for designating authorities as "Hidden
+ service authorities". There has been no use of hidden service
+ authorities since 0.2.2.1-alpha, when we stopped uploading or
+ downloading v0 hidden service descriptors. Fixes bug 10881; also
+ part of a fix for bug 10841.
- o Minor features (new since 0.2.5.1-alpha, also in 0.2.4.18-rc):
- - Improve the circuit queue out-of-memory handler. Previously, when
- we ran low on memory, we'd close whichever circuits had the most
- queued cells. Now, we close those that have the *oldest* queued
- cells, on the theory that those are most responsible for us
- running low on memory. Based on analysis from a forthcoming paper
- by Jansen, Tschorsch, Johnson, and Scheuermann. Fixes bug 9093.
- - Generate bootstrapping status update events correctly when fetching
- microdescriptors. Fixes bug 9927.
- - Update to the October 2 2013 Maxmind GeoLite Country database.
+ o Code simplification and refactoring:
+ - Remove some old fallback code designed to keep Tor clients working
+ in a network with only two working relays. Elsewhere in the code we
+ have long since stopped supporting such networks, so there wasn't
+ much point in keeping it around. Addresses ticket 9926.
+ - Reject 0-length EXTEND2 cells more explicitly. Fixes bug 10536;
+ bugfix on 0.2.4.8-alpha. Reported by "cypherpunks".
+ - Remove data structures which were introduced to implement the
+ CellStatistics option: they are now redundant with the addition
+ of a timestamp to the regular packed_cell_t data structure, which
+ we did in 0.2.4.18-rc in order to resolve ticket 9093. Implements
+ ticket 10870.
+
+ o Documentation (man page) fixes:
+ - Update manpage to describe some of the files you can expect to
+ find in Tor's DataDirectory. Addresses ticket 9839.
+ - Document that all but one DirPort entry must have the NoAdvertise
+ flag set. Fixes bug 10470; bugfix on 0.2.3.3-alpha / 0.2.3.16-alpha.
o Documentation fixes (new since 0.2.5.1-alpha, also in 0.2.4.18-rc):
- Clarify the usage and risks of setting the ContactInfo torrc line
@@ -88,6 +314,11 @@ Changes in version 0.2.5.2 - 2013-01-??
- Replace remaining references to DirServer in man page and
log entries. Resolves ticket 10124.
+ o Tool changes:
+ - Make the "tor-gencert" tool used by directory authority operators
+ create 2048-bit signing keys by default (rather than 1024-bit, since
+ 1024-bit is uncomfortably small these days). Addresses ticket 10324.
+
Changes in version 0.2.4.20 - 2013-12-22
Tor 0.2.4.20 fixes potentially poor random number generation for users
diff --git a/changes/10582_tproxy b/changes/10582_tproxy
deleted file mode 100644
index 0a05152..0000000
--- a/changes/10582_tproxy
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor features:
- - Add support for the TPROXY transparent proxying facility on Linux.
- See documentation for the new TransProxyType option for more
- details. Implementation by "thomo". Closes ticket 10582.
-
-
diff --git a/changes/10777_netunreach b/changes/10777_netunreach
deleted file mode 100644
index 1156bca..0000000
--- a/changes/10777_netunreach
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - Treat ENETUNREACH, EACCES, and EPERM connection failures at an
- exit node as a NOROUTE error, not an INTERNAL error, since they
- can apparently happen when trying to connect to the wrong sort
- of netblocks. Fixes part of bug 10777; bugfix on 0.1.0.1-rc.
-
diff --git a/changes/bug10046 b/changes/bug10046
deleted file mode 100644
index 3286c21..0000000
--- a/changes/bug10046
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Fix an always-true assertion in pluggable transports code so it
- actually checks what it was trying to check. Fixes bug 10046;
- bugfix on 0.2.3.9-alpha. Found by "dcb".
diff --git a/changes/bug10297 b/changes/bug10297
deleted file mode 100644
index 73c4cde..0000000
--- a/changes/bug10297
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features:
- - On Windows, spawn background processes using the CREATE_NO_WINDOW
- flag. Now Tor Browser Bundle 3.5 with pluggable transports enabled
- doesn't pop up a blank console window. (In Tor Browser Bundle 2.x,
- Vidalia set this option for us.) Implements ticket 10297.
diff --git a/changes/bug10313 b/changes/bug10313
deleted file mode 100644
index 36b3634..0000000
--- a/changes/bug10313
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - Remove an erroneous (but impossible and thus harmless) pointer
- comparison that would have allowed compilers to skip a bounds
- check in channeltls.c. Fixes bugs 10313 and 9980; bugfix on
- 0.2.0.10-alpha. Noticed by Jared L Wong and David Fifield.
-
diff --git a/changes/bug10324 b/changes/bug10324
deleted file mode 100644
index 786a4c1..0000000
--- a/changes/bug10324
+++ /dev/null
@@ -1,4 +0,0 @@
- o Tool changes:
- - Make the "tor-gencert" tool used by directory authority operators
- create 2048-bit signing keys by default (rather than 1024-bit, since
- 1024-bit is uncomfortably small these days). Addresses ticket 10324.
diff --git a/changes/bug10365 b/changes/bug10365
deleted file mode 100644
index f916537..0000000
--- a/changes/bug10365
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes:
- - When receiving a VERSIONS cell with an odd number of bytes, close
- the connection immediately since the cell is malformed. Fixes bug
- 10365; bugfix on 0.2.0.10-alpha. Spotted by "bobnomnom"; fix by
- "rl1987".
-
-
diff --git a/changes/bug10470 b/changes/bug10470
deleted file mode 100644
index 274abc9..0000000
--- a/changes/bug10470
+++ /dev/null
@@ -1,4 +0,0 @@
- o Documentation fixes:
- - Document that all but one DirPort entry must have the NoAdvertise
- flag set. Fixes bug 10470; bugfix on 0.2.3.3-alpha / 0.2.3.16-alpha.
-
diff --git a/changes/bug10485 b/changes/bug10485
deleted file mode 100644
index aa599fb..0000000
--- a/changes/bug10485
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Turn "circuit handshake stats since last time" log messages into a
- heartbeat message. Fixes bug 10485; bugfix on 0.2.4.17-rc.
-
diff --git a/changes/bug10536 b/changes/bug10536
deleted file mode 100644
index be95eaf..0000000
--- a/changes/bug10536
+++ /dev/null
@@ -1,5 +0,0 @@
-
- o Code simplification and refactoring:
- - Reject 0-length EXTEND2 cells more explicitly. Fixes bug 10536;
- bugfix on 0.2.4.8-alpha. Reported by "cypherpunks".
-
diff --git a/changes/bug10543 b/changes/bug10543
deleted file mode 100644
index ebc97b0..0000000
--- a/changes/bug10543
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes:
- - If we set the ExitNodes option but it doesn't include any nodes
- that have the Exit flag, we would choose not to bootstrap. Now we
- bootstrap so long as ExitNodes includes nodes which can exit to
- some port. Fixes bug 10543; bugfix on 0.2.4.10-alpha.
-
diff --git a/changes/bug10565 b/changes/bug10565
deleted file mode 100644
index 92902e7..0000000
--- a/changes/bug10565
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes:
- - Fix compilation on Solaris 9, which didn't like us having an
- identifier named "sun". Fixes bug 10565; bugfix in 0.2.5.1-alpha.
diff --git a/changes/bug10722 b/changes/bug10722
deleted file mode 100644
index 0a62e44..0000000
--- a/changes/bug10722
+++ /dev/null
@@ -1,8 +0,0 @@
- o Minor bugfixes:
- - If ExcludeNodes is set, consider non-excluded hidden service
- directory servers before excluded ones. Do not consider excluded
- hidden service directory servers at all if StrictNodes is
- set. (Previously, we would sometimes decide to connect to those
- servers, and then realize before we initiated a connection that
- we had excluded them.) Fixes bug 10722; bugfix on 0.2.0.10-alpha.
- Reported by "mr-4".
diff --git a/changes/bug10758 b/changes/bug10758
deleted file mode 100644
index ab4075d..0000000
--- a/changes/bug10758
+++ /dev/null
@@ -1,4 +0,0 @@
- o Removed code and features:
- - Remove all code that existed to support the v2 directory system,
- since there are no longer any v2 directory authorities. Resolves
- ticket 10758.
diff --git a/changes/bug10777_internal_024 b/changes/bug10777_internal_024
deleted file mode 100644
index c0bd9bf..0000000
--- a/changes/bug10777_internal_024
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major bugfixes:
- - Do not treat streams that fail with reason
- END_STREAM_REASON_INTERNAL as indicating a definite circuit failure,
- since it could also indicate an ENETUNREACH connection error. Fixes
- part of bug 10777; bugfix on 0.2.4.8-alpha.
diff --git a/changes/bug10793 b/changes/bug10793
deleted file mode 100644
index ea15cc3..0000000
--- a/changes/bug10793
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (security):
- - Always clear OpenSSL bignums before freeing them -- even bignums
- that don't contain secrets. Resolves ticket 10793. Patch by
- Florent Daigniere.
diff --git a/changes/bug10835 b/changes/bug10835
deleted file mode 100644
index 9df7bdd..0000000
--- a/changes/bug10835
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (testing):
- - Fix a segmentation fault in our benchmark code when running with
- Fedora's OpenSSL package, or any other OpenSSL that provides
- ECDH but not P224. Fixes bug 10835; bugfix on 0.2.4.8-alpha.
diff --git a/changes/bug10842 b/changes/bug10842
deleted file mode 100644
index 9c757e2..0000000
--- a/changes/bug10842
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (log messages):
- - Suppress a warning where, if there's only one directory authority
- in the network, we would complain that votes and signatures cannot
- be uploaded to other directory authorities. Fixes bug 10842;
- bugfix on 0.2.2.26-beta.
diff --git a/changes/bug10870 b/changes/bug10870
deleted file mode 100644
index 4c8d043e..0000000
--- a/changes/bug10870
+++ /dev/null
@@ -1,6 +0,0 @@
- o Code simplification and refactoring:
- - Remove data structures which were introduced to implement the
- CellStatistics option: they are now redundant with the addition
- of a timestamp to the regular packed_cell_t data structure, which
- we did in 0.2.4.18-rc in order to resolve ticket 9093. Implements
- ticket 10870.
diff --git a/changes/bug10881 b/changes/bug10881
deleted file mode 100644
index 62da79e..0000000
--- a/changes/bug10881
+++ /dev/null
@@ -1,7 +0,0 @@
- o Removed config options:
- - Remove the HSAuthoritativeDir and AlternateHSAuthority torrc
- options, which were used for designating authorities as "Hidden
- service authorities". There has been no use of hidden service
- authorities since 0.2.2.1-alpha, when we stopped uploading or
- downloading v0 hidden service descriptors. Fixes bug 10881; also
- part of a fix for bug 10841.
diff --git a/changes/bug1376 b/changes/bug1376
deleted file mode 100644
index e685a55..0000000
--- a/changes/bug1376
+++ /dev/null
@@ -1,3 +0,0 @@
- o Code simplification and refactoring:
- - Previously we used two temporary files when writing descriptors to
- disk; now we only use one. Implements ticket 1376.
diff --git a/changes/bug4677 b/changes/bug4677
deleted file mode 100644
index e043308..0000000
--- a/changes/bug4677
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (build):
- - Restore the ability to compile Tor with V2_HANDSHAKE_SERVER
- turned off (that is, without support for v2 link handshakes). Fixes
- bug 4677; bugfix on 0.2.3.2-alpha. Patch from "piet".
diff --git a/changes/bug5018 b/changes/bug5018
deleted file mode 100644
index 5c3a440..0000000
--- a/changes/bug5018
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major features:
- - Don't launch pluggable transport proxies if we don't have any
- bridges configured that would use them. Now we can list many
- pluggable transports, and Tor will dynamically start one when it
- hears a bridge address that needs it. Resolves ticket 5018.
diff --git a/changes/bug5605 b/changes/bug5605
deleted file mode 100644
index 0bee820..0000000
--- a/changes/bug5605
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes:
- - If changing a config option via "setconf" fails in a recoverable
- way, we used to nonetheless write our new control ports to the
- file described by the "ControlPortWriteToFile" option. Now we only
- write out that file if we successfully switch to the new config
- option. Fixes bug 5605; bugfix on 0.2.2.26-beta. Patch from "Ryman".
-
diff --git a/changes/bug7359 b/changes/bug7359
deleted file mode 100644
index a91b730..0000000
--- a/changes/bug7359
+++ /dev/null
@@ -1,9 +0,0 @@
- o Major features (controller):
- - Extend ORCONN controller event to include an "ID" parameter,
- and add four new controller event types CONN_BW, CIRC_BW,
- CELL_STATS, and TB_EMPTY that show connection and circuit usage.
- The new events are emitted in private Tor networks only, with the
- goal of being able to better track performance and load during
- full-network simulations. Implements proposal 218. Resolves
- ticket 7359.
-
diff --git a/changes/bug9162 b/changes/bug9162
deleted file mode 100644
index b5ac27f..0000000
--- a/changes/bug9162
+++ /dev/null
@@ -1,8 +0,0 @@
- o Minor bugfixes:
- - Fix a bug where the first connection works to a bridge that uses a
- pluggable transport with client-side parameters, but we don't send
- the client-side parameters on subsequent connections. (We don't
- use any pluggable transports with client-side parameters yet,
- but ScrambleSuit will soon become the first one.) Fixes bug 9162;
- bugfix on 0.2.0.3-alpha. Based on a patch from "rl1987".
-
diff --git a/changes/bug9206 b/changes/bug9206
deleted file mode 100644
index 36167ff..0000000
--- a/changes/bug9206
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor features (testing):
- - When bootstrapping a test network, sometimes very few relays get
- the Guard flag. Now a new option "TestingDirAuthVoteGuard" can
- specify a set of relays which should be voted Guard regardless of
- their uptime or bandwidth. Addresses ticket 9206.
-
diff --git a/changes/bug9578 b/changes/bug9578
deleted file mode 100644
index 5b50200..0000000
--- a/changes/bug9578
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes:
- - When a command-line option such as --version or --help that
- ordinarily implies --hush appears on the command line along with
- --quiet, then actually obey --quiet. Previously, we obeyed --quiet
- only if it appeared later on the command line. Fixes bug 9578;
- bugfix on 0.2.5.1-alpha.
-
diff --git a/changes/bug9602 b/changes/bug9602
deleted file mode 100644
index 86248ab..0000000
--- a/changes/bug9602
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Avoid a segfault on SIGUSR1, where we had freed a connection but did
- not entirely remove it from the connection lists. Fixes bug 9602;
- bugfix on 0.2.4.4-alpha.
diff --git a/changes/bug9651 b/changes/bug9651
deleted file mode 100644
index 8933c20..0000000
--- a/changes/bug9651
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features:
- - When ServerTransportPlugin is set on a bridge, Tor can write more
- useful statistics about bridge use in its extrainfo descriptors,
- but only if the Extended ORPort ("ExtORPort") is set too. Add a
- log message to inform the user in this case. Resolves ticket 9651.
diff --git a/changes/bug9698 b/changes/bug9698
deleted file mode 100644
index ee5c4f6..0000000
--- a/changes/bug9698
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features:
- - When receiving a new controller connection, log the origin address.
- Resolves ticket 9698; patch from "sigpipe".
diff --git a/changes/bug9859 b/changes/bug9859
deleted file mode 100644
index 38a7ace..0000000
--- a/changes/bug9859
+++ /dev/null
@@ -1,10 +0,0 @@
- o Major features:
- - The bridge directory authority now assigns status flags (Stable,
- Guard, etc) to bridges based on thresholds calculated over all
- Running bridges. Now bridgedb can finally make use of its features
- to e.g. include at least one Stable bridge in its answers. Fixes
- bug 9859.
- o Minor features:
- - Add threshold cutoffs to the networkstatus document created by
- the Bridge Authority. Fixes bug 1117.
-
diff --git a/changes/bug9869 b/changes/bug9869
deleted file mode 100644
index 42f8928..0000000
--- a/changes/bug9869
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (build):
- - Assume that a user using ./configure --host wants to cross-compile,
- and give an error if we cannot find a properly named
- tool-chain. Add a --disable-tool-name-check option to proceed
- nevertheless. Addresses ticket 9869. Patch by Benedikt Gollatz.
diff --git a/changes/bug9922 b/changes/bug9922
deleted file mode 100644
index 9ac2111..0000000
--- a/changes/bug9922
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes:
- - Fix a bug where clients using bridges would report themselves
- as 50% bootstrapped even without a live consensus document.
- Fixes bug 9922; bugfix on 0.2.1.1-alpha.
-
diff --git a/changes/bug9926 b/changes/bug9926
deleted file mode 100644
index 6d33ecb..0000000
--- a/changes/bug9926
+++ /dev/null
@@ -1,6 +0,0 @@
- o Code simplification and refactoring:
- - Remove some old fallback code designed to keep Tor clients working
- in a network with only two working relays. Elsewhere in the code we
- have long since stopped supporting such networks, so there wasn't
- much point in keeping it around. Addresses ticket 9926.
-
diff --git a/changes/bug9934 b/changes/bug9934
deleted file mode 100644
index 31e6613..0000000
--- a/changes/bug9934
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (controller):
- - New "DROPGUARDS" controller command to forget all current entry
- guards. Not recommended for ordinary use, since replacing guards
- too frequently makes several attacks easier. Resolves ticket 9934;
- patch from "ra".
diff --git a/changes/bug9948 b/changes/bug9948
deleted file mode 100644
index 492744b..0000000
--- a/changes/bug9948
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (build):
- - If we run ./configure and the compiler recognizes -fstack-protector
- but the linker rejects it, warn the user about a potentially missing
- libssp package. Addresses ticket 9948. Patch from Benedikt Gollatz.
diff --git a/changes/bug9958 b/changes/bug9958
deleted file mode 100644
index b801dcf..0000000
--- a/changes/bug9958
+++ /dev/null
@@ -1,8 +0,0 @@
- o Minor bugfixes:
- - Report bootstrapping progress correctly when we're downloading
- microdescriptors. We had updated our "do we have enough microdescs
- to begin building circuits?" logic most recently in 0.2.4.10-alpha
- (see bug 5956), but we left the bootstrap status event logic at
- "how far through getting 1/4 of them are we?" Fixes bug 9958;
- bugfix on 0.2.2.36, which is where they diverged (see bug 5343).
-
diff --git a/changes/feature9777 b/changes/feature9777
deleted file mode 100644
index b9f111c..0000000
--- a/changes/feature9777
+++ /dev/null
@@ -1,7 +0,0 @@
- o Major features:
- - When we choose a path for a 3-hop circuit, make sure it contains
- at least one relay that supports the NTor circuit extension
- handshake. Otherwise, there is a chance that we're building
- a circuit that's worth attacking by an adversary who finds
- breaking 1024-bit crypto doable, and that chance changes the game
- theory. Implements ticket 9777.
diff --git a/changes/prop157-require b/changes/prop157-require
deleted file mode 100644
index 309d7f8..0000000
--- a/changes/prop157-require
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features:
- - Clients now reject any directory authority certificates lacking
- a dir-key-crosscert element. These have been included since
- 0.2.1.9-alpha, so there's no real reason for them to be optional
- any longer. Completes proposal 157. Resolves ticket 10162.
diff --git a/changes/prop221 b/changes/prop221
deleted file mode 100644
index 63ef763..0000000
--- a/changes/prop221
+++ /dev/null
@@ -1,7 +0,0 @@
- o Major features:
- - Clients now look at the "usecreatefast" consensus parameter to
- decide whether to use CREATE_FAST or CREATE cells for the first hop
- of their circuit. This approach can improve security on connections
- where Tor's circuit handshake is stronger than the available TLS
- connection security levels, but the tradeoff is more computational
- load on guard relays. Implements proposal 221. Resolves ticket 9386.
diff --git a/changes/python-tests b/changes/python-tests
deleted file mode 100644
index 8a5fcf5..0000000
--- a/changes/python-tests
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features:
- - If Python is installed, "make check" now runs extra tests beyond
- the unit test scripts.
-
diff --git a/changes/seccomp2-fixes b/changes/seccomp2-fixes
deleted file mode 100644
index e050565..0000000
--- a/changes/seccomp2-fixes
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes:
- - Fix compilation warnings and startup issues when running with
- "Sandbox 1" and libseccomp-2.1.0. Fixes bug 10563; bugfix on
- 0.2.5.1-alpha.
diff --git a/changes/stack_trace b/changes/stack_trace
deleted file mode 100644
index 33dfcd3..0000000
--- a/changes/stack_trace
+++ /dev/null
@@ -1,8 +0,0 @@
- o Major features:
- - On some platforms (currently: recent OSX versions, glibc-based
- platforms that support the ELF format, and a few other
- Unix-like operating systems), Tor can now dump stack traces
- when a crash occurs or an assertion fails. By default, traces
- are dumped to stderr (if possible) and to any logs that are
- reporting errors. Implements ticket 9299.
-
diff --git a/changes/ticket10043 b/changes/ticket10043
deleted file mode 100644
index 21541be..0000000
--- a/changes/ticket10043
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features:
- - When logging OpenSSL engine status at startup, log the status of
- more engines. Fixes ticket 10043; patch from Joshua Datko.
-
diff --git a/changes/ticket10060 b/changes/ticket10060
deleted file mode 100644
index ff61c29..0000000
--- a/changes/ticket10060
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features:
- - Add an --allow-missing-torrc commandline option that tells Tor to
- run even if the configuration file specified by -f is not available.
- Implements ticket 10060.
-
diff --git a/changes/ticket8510 b/changes/ticket8510
deleted file mode 100644
index 0cd7a8c..0000000
--- a/changes/ticket8510
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features:
- - Add a new "HS_DESC" controller event that reports activities
- related to hidden service descriptors. Resolves ticket 8510.
diff --git a/changes/ticket9839 b/changes/ticket9839
deleted file mode 100644
index e85c280..0000000
--- a/changes/ticket9839
+++ /dev/null
@@ -1,3 +0,0 @@
- o Documentation:
- - Update manpage to describe some of the files you can expect to
- find in Tor's DataDirectory. Addresses ticket 9839.
