February 2015 - tor-commits - lists.torproject.org

[tor/master] Use getsockname, not getsockopt, on TPROXY sockets
by nickm＠torproject.org 06 Feb '15

06 Feb '15

commit a8835170d710cae0ac1e8698cd5b750077025548 Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Feb 4 10:09:54 2015 -0500 Use getsockname, not getsockopt, on TPROXY sockets --- src/or/connection_edge.c | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 9690653..dd2f8d4 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -67,6 +67,10 @@ #define TRANS_PF #endif +#ifdef IP_TRANSPARENT +#define TRANS_TPROXY +#endif + #define SOCKS4_GRANTED 90 #define SOCKS4_REJECT 91 @@ -1583,7 +1587,7 @@ get_pf_socket(void) } #endif -#if defined(TRANS_NETFILTER) || defined(TRANS_PF) +#if defined(TRANS_NETFILTER) || defined(TRANS_PF) || defined(TRANS_TPROXY) /** Try fill in the address of req from the socket configured * with conn. */ static int @@ -1594,6 +1598,18 @@ destination_from_socket(entry_connection_t *conn, socks_request_t *req) tor_addr_t addr; int rv; +#ifdef TRANS_TRPOXY + if (options->TransProxyType_parsed == TPT_TPROXY) { + if (getsockname(ENTRY_TO_CONN(conn)->s, (struct sockaddr*)&orig_dst, + &orig_dst_len) < 0) { + int e = tor_socket_errno(ENTRY_TO_CONN(conn)->s); + log_warn(LD_NET, "getsockname() failed: %s", tor_socket_strerror(e)); + return -1; + } + goto done; + } +#endif + #ifdef TRANS_NETFILTER switch (ENTRY_TO_CONN(conn)->socket_family) { #ifdef TRANS_NETFILTER_IPV4 @@ -1619,6 +1635,7 @@ destination_from_socket(entry_connection_t *conn, socks_request_t *req) log_warn(LD_NET, "getsockopt() failed: %s", tor_socket_strerror(e)); return -1; } + goto done; #elif defined(TRANS_PF) if (getsockname(ENTRY_TO_CONN(conn)->s, (struct sockaddr*)&orig_dst, &orig_dst_len) < 0) { @@ -1626,6 +1643,7 @@ destination_from_socket(entry_connection_t *conn, socks_request_t *req) log_warn(LD_NET, "getsockname() failed: %s", tor_socket_strerror(e)); return -1; } + goto done; #else (void)conn; (void)req; @@ -1633,6 +1651,7 @@ destination_from_socket(entry_connection_t *conn, socks_request_t *req) return -1; #endif + done: tor_addr_from_sockaddr(&addr, (struct sockaddr*)&orig_dst, &req->port); tor_addr_to_str(req->address, &addr, sizeof(req->address), 1);

1 0

[tor/master] changes file for 13796
by nickm＠torproject.org 06 Feb '15

06 Feb '15

commit 4785cd361736377980bcb0d177ef609006c10e55 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Feb 5 22:54:34 2015 -0500 changes file for 13796 --- changes/bug13796 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/changes/bug13796 b/changes/bug13796 new file mode 100644 index 0000000..5c84f99 --- /dev/null +++ b/changes/bug13796 @@ -0,0 +1,3 @@ + o Minor bugfixes: + - Use getsockname, not getsockopt, to retrieve the address for + a TPROXY-redirected connection. Fixes bug 13796; bugfix on 0.2.5.2-alpha.

1 0

[tor/master] Run the format_changelog script for initial cleanup
by nickm＠torproject.org 05 Feb '15

05 Feb '15

commit 90928100b6e31268a1592a6876261510b625a8f9 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Feb 5 14:03:15 2015 -0500 Run the format_changelog script for initial cleanup --- ChangeLog | 379 +++++++++++++++++++++++++++++++------------------------------ 1 file changed, 190 insertions(+), 189 deletions(-) diff --git a/ChangeLog b/ChangeLog index 271a674..1343aba 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,31 +1,30 @@ Changes in version 0.2.6.3-alpha - 2015-02-?? - blah blah blah + o Major features (security): + - Implementation of an AF_UNIX socket option to implement a SOCKS + proxy reachable by Unix Domain Socket. This allows client + applications to communicate with Tor without having the ability to + create AF_INET or AF_INET6 family sockets. If an application has + permission to create a socket with AF_UNIX, it may directly + communicate with Tor as if it were an other SOCKS proxy. This + should allow high risk applications to be entirely prevented from + connecting directly with TCP/IP, they will be able to only connect + to the internet through AF_UNIX and only through Tor. To create a + socket of this type, use the syntax "unix:/path/to/socket". Closes + ticket 12585. + o Major features (changed defaults): - - Prevent relay operators from unintentionally running exits: When - a relay is configured as an exit node, we now warn the user - unless the 'ExitRelay' option is set to 1. We warn even more - loudly if the relay is configured with the default exit policy, - since this tends to indicate accidental misconfiguration. - Setting 'ExitRelay' to 0 stops Tor from running as an exit relay. - Closes ticket 10067. - - o Major features (security) - - Implementation of an AF_UNIX socket option to implement a SOCKS - proxy reachable by Unix Domain Socket. This allows client applications to - communicate with Tor without having the ability to create AF_INET or - AF_INET6 family sockets. If an application has permission to create a socket - with AF_UNIX, it may directly communicate with Tor as if it were an other - SOCKS proxy. This should allow high risk applications to be entirely prevented - from connecting directly with TCP/IP, they will be able to only connect to the - internet through AF_UNIX and only through Tor. - To create a socket of this type, use the syntax "unix:/path/to/socket". - Closes ticket 12585. + - Prevent relay operators from unintentionally running exits: When a + relay is configured as an exit node, we now warn the user unless + the 'ExitRelay' option is set to 1. We warn even more loudly if + the relay is configured with the default exit policy, since this + tends to indicate accidental misconfiguration. Setting 'ExitRelay' + to 0 stops Tor from running as an exit relay. Closes ticket 10067. o Major features (hidden services): - Support mapping hidden service virtual ports to AF_UNIX sockets on - suitable platforms. Resolves ticket #11485. + suitable platforms. Resolves ticket #11485. o Major features (performance): - Refactor the CPU worker implementation for better performance by @@ -37,35 +36,31 @@ Changes in version 0.2.6.3-alpha - 2015-02-?? memory, avoiding kernel IO where possible, and keeping more request in flight at once. Resolves issue #9682. - o Removed features: - - To avoid confusion with the 'ExitRelay' option, 'ExitNode' is no - longer silently accepted as an alias for 'ExitNodes'. - o Major bugfixes (client): - - Allow MapAddress and AutomapHostsOnResolve to work together when an - address is mapped into another address type that must be - automapped at resolve time. Fixes bug 7555; bugfix on - 0.2.0.1-alpha. + - Allow MapAddress and AutomapHostsOnResolve to work together when + an address is mapped into another address type that must be + automapped at resolve time. Fixes bug 7555; bugfix + on 0.2.0.1-alpha. o Major bugfixes (exit node stability): - - Fix an assertion failure that could occur under high DNS load. Fixes - bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr"; diagnosed and fixed - by "cypherpunks". + - Fix an assertion failure that could occur under high DNS load. + Fixes bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr"; + diagnosed and fixed by "cypherpunks". o Major bugfixes (mixed relay-client operation): - When running as a relay and a client at the same time (not - recommended), if we decide not to use a new guard because we - want to retry older guards, only close the locally-originating - circuits passing through that guard. Previously we would close - all the circuits. Fixes bug 9819; bugfix on - 0.2.1.1-alpha. Reported by "skruffy". + recommended), if we decide not to use a new guard because we want + to retry older guards, only close the locally-originating circuits + passing through that guard. Previously we would close all the + circuits. Fixes bug 9819; bugfix on 0.2.1.1-alpha. Reported + by "skruffy". o Minor features (authorities, testing): - Create TestingDirAuthVoteHSDir like TestingDirAuthVoteExit/Guard. - Ensures that authorities vote the HSDir flag for the listed - relays regardless of uptime or ORPort connectivity. - Respects the value of VoteOnHidServDirectoriesV2. - Partial implementation for ticket 14067. Patch by "teor". + Ensures that authorities vote the HSDir flag for the listed relays + regardless of uptime or ORPort connectivity. Respects the value of + VoteOnHidServDirectoriesV2. Partial implementation for ticket + 14067. Patch by "teor". o Minor features (build): - New --disable-system-torrc compile-time option to prevent Tor from @@ -74,51 +69,54 @@ Changes in version 0.2.6.3-alpha - 2015-02-?? o Minor features (controller): - Include SOCKS_USERNAME and SOCKS_PASSWORD values in controller - events to let controllers observe circuit isolation inputs. - Closes ticket 8405. - - ControlPort now supports the unix:/path/to/dir syntax as an alternative - to the ControlSocket option, for consistency with SocksPort and - hidden services. Closes ticket 14451. - - New "GETINFO bw-event-cache" to get information about recent bandwidth - events. Closes ticket 14128. Useful for controllers to get recent - bandwidth history after the fix for 13988. + events to let controllers observe circuit isolation inputs. Closes + ticket 8405. + - ControlPort now supports the unix:/path/to/dir syntax as an + alternative to the ControlSocket option, for consistency with + SocksPort and hidden services. Closes ticket 14451. + - New "GETINFO bw-event-cache" to get information about recent + bandwidth events. Closes ticket 14128. Useful for controllers to + get recent bandwidth history after the fix for 13988. o Minor features (directory client): - - When downloading server- or microdescriptors from a directory server, - we no longer launch multiple simultaneous requests to the same server. - This reduces load on the directory servers, especially when directory - guards are in use. Closes ticket 9969. + - When downloading server- or microdescriptors from a directory + server, we no longer launch multiple simultaneous requests to the + same server. This reduces load on the directory servers, + especially when directory guards are in use. Closes ticket 9969. - When downloading server- or microdescriptors over a tunneled - connection, do not limit the length of our request to what the Squid - proxy is willing to handle. Part of ticket 9969. + connection, do not limit the length of our request to what the + Squid proxy is willing to handle. Part of ticket 9969. o Minor features (directory system): - - Authorities can now vote on the correct digests and latest versions for - different software packages. This allows packages that include Tor to use - the Tor authority system as a way to get notified of updates and their - correct digests. Implements proposal 227. Closes ticket 10395. + - Authorities can now vote on the correct digests and latest + versions for different software packages. This allows packages + that include Tor to use the Tor authority system as a way to get + notified of updates and their correct digests. Implements proposal + 227. Closes ticket 10395. o Minor features (directory, memory usage): - When we have recently been under memory pressure (over 3/4 of - MaxMemInQueues is allocated), then allocate smaller zlib objects for - small requests. Closes ticket 11791. + MaxMemInQueues is allocated), then allocate smaller zlib objects + for small requests. Closes ticket 11791. o Minor features (DOS resistance): - - Count the total number of bytes used storing hidden service descriptors - against the value of MaxMemInQueues. If we're low on memory, and more - than 20% of our memory is used holding hidden service descriptors, free - them until no more than 10% of our memory holds hidden service - descriptors. Free the least recently fetched descriptors first. - Resolves ticket 13806. + - Count the total number of bytes used storing hidden service + descriptors against the value of MaxMemInQueues. If we're low on + memory, and more than 20% of our memory is used holding hidden + service descriptors, free them until no more than 10% of our + memory holds hidden service descriptors. Free the least recently + fetched descriptors first. Resolves ticket 13806. o Minor features (geoip): - - Update geoip to the January 7 2015 Maxmind GeoLite2 Country database. - - Update geoip6 to the January 7 2015 Maxmind GeoLite2 Country database. + - Update geoip to the January 7 2015 Maxmind GeoLite2 + Country database. + - Update geoip6 to the January 7 2015 Maxmind GeoLite2 + Country database. o Minor features (Guard nodes): - Reduce the time delay before saving guard status to disk from 10 minute to 30 seconds (or from one hour to 10 minutes if - AvoidDiskWrites is set). Closes ticket 12485. + AvoidDiskWrites is set). Closes ticket 12485. o Minor features (hidden service): - Make hidden service Sybil attacks harder by changing the minimum @@ -127,201 +125,201 @@ Changes in version 0.2.6.3-alpha - 2015-02-?? - New option "HiddenServiceAllowUnknownPorts" to allow hidden services to disable the anti-scanning feature introduced in 0.2.6.2-alpha. With this option not set, a connection to an - unlisted port closes the circuit. With this option set, only a - RELAY_DONE cell is sent. Closes ticket #14084. + unlisted port closes the circuit. With this option set, only a + RELAY_DONE cell is sent. Closes ticket #14084. o Minor features (interface): - - Implement '-f -' CLI suboption to allow torrc to be read - from standard input, thus not requiring to store torrc in file - system. Implements feature 13865. + - Implement '-f -' CLI suboption to allow torrc to be read from + standard input, thus not requiring to store torrc in file system. + Implements feature 13865. o Minor features (logging): - - Add a count of unique clients to the bridge heartbeat message. Resolves - ticket 6852. + - Add a count of unique clients to the bridge heartbeat message. + Resolves ticket 6852. - Suppress "router info incompatible with extra info" message when reading extrainfo documents from cache. (This message got loud - around when we closed bug 9812 in 0.2.6.2-alpha.) Closes ticket - 13762. + around when we closed bug 9812 in 0.2.6.2-alpha.) Closes + ticket 13762. - Elevate authorized-client message from DEBUG to INFO. Closes ticket 14015. - o Minor features (systemd): - - Various improvements and modernizations in systemd hardening support. - Closes ticket 13805. Patch from Craig Andrews. - o Minor features (stability): - Prevent bugs from causing infinite loops in our hash-table iteration code by adding assertions that cached hash values have not been corrupted. Closes ticket 11737. + o Minor features (systemd): + - Various improvements and modernizations in systemd hardening + support. Closes ticket 13805. Patch from Craig Andrews. + o Minor features (testing networks): - Drop the minimum RendPostPeriod on a testing network to 5 seconds, - and the default to 2 minutes. Closes ticket 13401. Patch by "nickm". - - Drop the MIN_REND_INITIAL_POST_DELAY on a testing network to 5 seconds, - but keep the default at 30 seconds. This reduces HS bootstrap time to - around 25 seconds. Change src/test/test-network.sh default time to match. - Closes ticket 13401. Patch by "teor". + and the default to 2 minutes. Closes ticket 13401. Patch + by "nickm". + - Drop the MIN_REND_INITIAL_POST_DELAY on a testing network to 5 + seconds, but keep the default at 30 seconds. This reduces HS + bootstrap time to around 25 seconds. Change src/test/test- + network.sh default time to match. Closes ticket 13401. Patch + by "teor". o Minor bugfixes (automapping): - - Prevent changes to other options from removing the wildcard value "." - from "AutomapHostsSuffixes". - Fixes bug 12509; bugfix on 0.2.0.1-alpha. + - Prevent changes to other options from removing the wildcard value + "." from "AutomapHostsSuffixes". Fixes bug 12509; bugfix + on 0.2.0.1-alpha. o Minor bugfixes (build): - - Avoid warnings when building with systemd 209 or later. - Fixes bug 14072; bugfix on 0.2.6.2-alpha. Patch from "h.venev". + - Avoid warnings when building with systemd 209 or later. Fixes bug + 14072; bugfix on 0.2.6.2-alpha. Patch from "h.venev". o Minor bugfixes (client DNS): - Report the correct cached DNS expiration times. Previously, we - would report everything as "never expires." Fixes bug 14193; + would report everything as "never expires." Fixes bug 14193; bugfix on 0.2.3.17-beta. - - Avoid a small memory leak when we find a cached answer for a reverse - DNS lookup in a client-side DNS cache. (Remember, client-side DNS - caching is off by default, and is not recommended.) Fixes bug 14259; - bugfix on 0.2.0.1-alpha. + - Avoid a small memory leak when we find a cached answer for a + reverse DNS lookup in a client-side DNS cache. (Remember, client- + side DNS caching is off by default, and is not recommended.) Fixes + bug 14259; bugfix on 0.2.0.1-alpha. o Minor bugfixes (client, automapping): - Check for a missing option value in parse_virtual_addr_network - before asserting on the NULL in tor_addr_parse_mask_ports. - This avoids crashing on torrc lines like - Vi[rtualAddrNetworkIPv[4|6]] when no value follows the option. - Fixes bug 14142; bugfix on 0.2.4.7-alpha. - Patch by "teor". - - Fix a memory leak when using AutomapHostsOnResolve. - Fixes bug 14195; bugfix on 0.1.0.1-rc. + before asserting on the NULL in tor_addr_parse_mask_ports. This + avoids crashing on torrc lines like Vi[rtualAddrNetworkIPv[4|6]] + when no value follows the option. Fixes bug 14142; bugfix on + 0.2.4.7-alpha. Patch by "teor". + - Fix a memory leak when using AutomapHostsOnResolve. Fixes bug + 14195; bugfix on 0.1.0.1-rc. + + o Minor bugfixes (client, bridges): + - When we are using bridges and we had a network connectivity + problem, only retry connecting to our currently configured + bridges, not all bridges we know about and remember using. Fixes + bug 14216; bugfix on tor-0.2.2.17-alpha. Patch from arma. o Minor bugfixes (client, IPV6): - Reject socks requests to literal IPv6 addresses when IPv6Traffic flag is not set; and not because the NoIPv4Traffic flag was set. - Previously we'd looked at the NoIPv4Traffic flag for both types - of literal addresses. Fixes bug 14280; bugfix on 0.2.4.7-alpha. - - o Minor bugfixes (client, bridges): - - When we are using bridges and we had a network connectivity problem, only - retry connecting to our currently configured bridges, not all bridges we - know about and remember using. - Fixes bug 14216; bugfix on tor-0.2.2.17-alpha. Patch from arma. + Previously we'd looked at the NoIPv4Traffic flag for both types of + literal addresses. Fixes bug 14280; bugfix on 0.2.4.7-alpha. o Minor bugfixes (compilation): - - Build without warnings with the stock OpenSSL srtp.h header, - which has a duplicate declaration of SSL_get_selected_srtp_profile(). + - Build without warnings with the stock OpenSSL srtp.h header, which + has a duplicate declaration of SSL_get_selected_srtp_profile(). Fixes bug 14220; this is OpenSSL's bug, not ours. - - The address of an array in the middle of a structure will - always be non-NULL. clang recognises this and complains. - Disable the tautologous and redundant check to silence - this warning. - Fixes bug 14001; bugfix on 0.2.1.2-alpha. + - The address of an array in the middle of a structure will always + be non-NULL. clang recognises this and complains. Disable the + tautologous and redundant check to silence this warning. Fixes bug + 14001; bugfix on 0.2.1.2-alpha. - Compile correctly with (unreleased) OpenSSL 1.1.0 headers. Addresses ticket 14188. o Minor bugfixes (controller): - Add a code for the END_CIRC_REASON_IP_NOW_REDUNDANT circuit close - reason. Fixes bug 14207; bugfix on 0.2.6.2-alpha. - - Avoid crashing on a malformed EXTENDCIRCUIT command. Fixes bug 14116; - bugfix on 0.2.2.9-alpha. + reason. Fixes bug 14207; bugfix on 0.2.6.2-alpha. + - Avoid crashing on a malformed EXTENDCIRCUIT command. Fixes bug + 14116; bugfix on 0.2.2.9-alpha. o Minor bugfixes (directory authority): - - Allow directory authorities to fetch more data from one - another if they find themselves missing lots of votes. - Previously, they had been bumping against the 10 MB queued - data limit. Fixes bug 14261; bugfix on 0.1.2.5-alpha. + - Allow directory authorities to fetch more data from one another if + they find themselves missing lots of votes. Previously, they had + been bumping against the 10 MB queued data limit. Fixes bug 14261; + bugfix on 0.1.2.5-alpha. - Enlarge the buffer to read bw-auth generated files to avoid an issue when parsing the file in dirserv_read_measured_bandwidths(). Fixes bug 14125; bugfix on 0.2.2.1-alpha. o Minor bugfixes (file handling): - Stop failing when key files are zero-length. Instead, generate new - keys, and overwrite the empty key files. - Fixes bug 13111; bugfix on all versions of Tor. Patch by "teor". + keys, and overwrite the empty key files. Fixes bug 13111; bugfix + on all versions of Tor. Patch by "teor". - Stop generating a fresh .old RSA key file when the .old file is missing. Fixes part of 13111; bugfix on 0.0.6rc1. - Avoid overwriting .old key files with empty key files. - - Skip loading zero-length extra info store, router store, stats, state, - and key files. - - Avoid crashing when trying to reload a torrc specified as a relative - path with RunAsDaemon turned on. Fixes bug 13397; bugfix on - 0.2.3.11-alpha. + - Skip loading zero-length extra info store, router store, stats, + state, and key files. + - Avoid crashing when trying to reload a torrc specified as a + relative path with RunAsDaemon turned on. Fixes bug 13397; bugfix + on 0.2.3.11-alpha. o Minor bugfixes (hidden services): - Close the intro circuit once we don't have any more usable intro - points instead of making it timeout at some point. This also make sure - no extra HS descriptor fetch is triggered. - Fixes bug 14224; bugfix on 0.0.6. - - When fetching a hidden service descriptor for a down service that we - recently up, do not keep refetching until we try the same replica twice - in a row. Fixes bug 14219; bugfix on 0.2.0.10-alpha. - - Successfully launch Tor with a nonexistent hidden service directory. - Our fix for bug 13942 didn't catch this case. Fixes bug 14106; - bugfix on 0.2.6.2-alpha. + points instead of making it timeout at some point. This also make + sure no extra HS descriptor fetch is triggered. Fixes bug 14224; + bugfix on 0.0.6. + - When fetching a hidden service descriptor for a down service that + we recently up, do not keep refetching until we try the same + replica twice in a row. Fixes bug 14219; bugfix on 0.2.0.10-alpha. + - Successfully launch Tor with a nonexistent hidden service + directory. Our fix for bug 13942 didn't catch this case. Fixes bug + 14106; bugfix on 0.2.6.2-alpha. o Minor bugfixes (logging): - Avoid crashing when there are more log domains than entries in - domain_list. Bugfix on 0.2.3.1-alpha. - - Add a string representation for LD_SCHED. Fixes bug 14740; - bugfix on 0.2.6.1-alpha. + domain_list. Bugfix on 0.2.3.1-alpha. + - Add a string representation for LD_SCHED. Fixes bug 14740; bugfix + on 0.2.6.1-alpha. o Minor bugfixes (parsing): - Stop accepting milliseconds (or other junk) at the end of - descriptor publication times. Fixes bug 9286; bugfix on - 0.0.2pre25. + descriptor publication times. Fixes bug 9286; bugfix on 0.0.2pre25. - Support two-number and three-number version numbers correctly, in - case we change the Tor versioning system in the future. Fixes bug + case we change the Tor versioning system in the future. Fixes bug 13661; bugfix on 0.0.8pre1. o Minor bugfixes (portability): - - Fix the ioctl()-based network interface lookup code so that it will - work on systems that have variable-length struct ifreq, for example - Mac OS X. + - Fix the ioctl()-based network interface lookup code so that it + will work on systems that have variable-length struct ifreq, for + example Mac OS X. o Minor bugfixes (shutdown): - When shutting down, always call event_del() on lingering read or write events before freeing them. Otherwise, we risk double-frees - or read-after-frees in event_base_free(). Fixes bug 12985; bugfix on - 0.1.0.2-rc. + or read-after-frees in event_base_free(). Fixes bug 12985; bugfix + on 0.1.0.2-rc. o Minor bugfixes (small memory leaks): - Avoid leaking memory when using IPv6 virtual address mappings. - Fixes bug 14123; bugfix on 0.2.4.7-alpha. Patch by Tom van der - Woerdt. + Fixes bug 14123; bugfix on 0.2.4.7-alpha. Patch by Tom van + der Woerdt. o Minor bugfixes (statistics): - Increase period over which bandwidth observations are aggregated from 15 minutes to 4 hours. Fixes bug 13988; bugfix on 0.0.8pre1. o Minor bugfixes (systemd support): - - Fix detection and operation of systemd watchdog. Fixes part of - bug 14141; bugfix on 0.2.6.2-alpha. Patch from Tomasz Torcz. - - Run correctly under systemd with the RunAsDaemon option set. - Fixes part of bug 14141; bugfix on 0.2.5.7-rc. Patch from Tomasz - Torcz. - - Inform the systemd supervisor about more changes in the Tor process - status. Implements part of ticket 14141. Patch from Tomasz Torcz. + - Fix detection and operation of systemd watchdog. Fixes part of bug + 14141; bugfix on 0.2.6.2-alpha. Patch from Tomasz Torcz. + - Run correctly under systemd with the RunAsDaemon option set. Fixes + part of bug 14141; bugfix on 0.2.5.7-rc. Patch from Tomasz Torcz. + - Inform the systemd supervisor about more changes in the Tor + process status. Implements part of ticket 14141. Patch from + Tomasz Torcz. - Cause the "--disable-systemd" option to actually disable systemd - support. Fixes bug 14350; bugfix on 0.2.6.2-alpha. Patch from - "blueness". + support. Fixes bug 14350; bugfix on 0.2.6.2-alpha. Patch + from "blueness". o Minor bugfixes (TLS): - - Check more thoroughly throughout the TLS code for possible unlogged - TLS errors. Possible diagnostic or fix for bug 13319. + - Check more thoroughly throughout the TLS code for possible + unlogged TLS errors. Possible diagnostic or fix for bug 13319. o Code simplification and refactoring: - - Move fields related to isolating and configuring client ports - into a shared structure. Previously, they were duplicated across - port_cfg_t, listener_connection_t, and edge_connection_t. - Failure to copy one of them correctly had been the cause of at - least one bug in the past. Closes ticket 8546. + - Move fields related to isolating and configuring client ports into + a shared structure. Previously, they were duplicated across + port_cfg_t, listener_connection_t, and edge_connection_t. Failure + to copy one of them correctly had been the cause of at least one + bug in the past. Closes ticket 8546. - Refactor the get_interface_addresses_raw() Doom-function into multiple smaller and easier to understand subfunctions. Cover the - resulting subfunctions with unit-tests. Fixes a significant portion - of issue 12376. - - Remove workaround in dirserv_thinks_router_is_hs_dir() that was only - for version <= 0.2.2.24 which is now deprecated. Closes ticket 14202. - - Remove a test for a long-defunct broken version-one directory server. + resulting subfunctions with unit-tests. Fixes a significant + portion of issue 12376. + - Remove workaround in dirserv_thinks_router_is_hs_dir() that was + only for version <= 0.2.2.24 which is now deprecated. Closes + ticket 14202. + - Remove a test for a long-defunct broken version-one + directory server. o Documentation: - - Adding section on OpenBSD to our TUNING document. Thanks to - mmcc for writing the OpenBSD-specific tips. Resolves ticket - 13702. + - Adding section on OpenBSD to our TUNING document. Thanks to mmcc + for writing the OpenBSD-specific tips. Resolves ticket 13702. - Make the tor-resolve documentation match its help string and its options. Resolves part of ticket 14325. - Log a more useful error message from tor-resolve when failing to @@ -331,29 +329,32 @@ Changes in version 0.2.6.3-alpha - 2015-02-?? - Don't warn when we've attempted to contact a relay using the wrong ntor onion key. Closes ticket 9635. + o Removed features: + - To avoid confusion with the 'ExitRelay' option, 'ExitNode' is no + longer silently accepted as an alias for 'ExitNodes'. + o Testing: - Make the checkdir/perms test complete successfully even if the global umask is not 022. Fixes bug 14215; bugfix on 0.2.6.2-alpha. - - Test that tor does not fail when key files are zero-length. - Check that tor generates new keys, and overwrites the empty key files. - - Test that tor generates new keys when keys are missing (existing - behaviour). - - Test that tor does not overwrite key files that already contain data + - Test that tor does not fail when key files are zero-length. Check + that tor generates new keys, and overwrites the empty key files. + - Test that tor generates new keys when keys are missing (existing behaviour). - Tests bug 13111. Patch by "teor". + - Test that tor does not overwrite key files that already contain + data (existing behaviour). Tests bug 13111. Patch by "teor". - New "make test-stem" target to run stem integration tests. Requires that the "STEM_SOURCE_DIR" environment variable be set. Closes ticket 14107. - Make the test_cmdline_args.py script work correctly on Windows. Patch from Gisle Vanem. - - Move the slower unit tests into a new "./src/test/test-slow" binary - that can be run independently of the other tests. Closes ticket 13243. + - Move the slower unit tests into a new "./src/test/test-slow" + binary that can be run independently of the other tests. Closes + ticket 13243. - Avoid undefined behavior when sampling huge values from the Laplace distribution. This made unittests fail on Raspberry Pi. Bug found by Device. Fixes bug 14090; bugfix on 0.2.6.2-alpha. - Changes in version 0.2.6.2-alpha - 2014-12-31 Tor 0.2.6.2-alpha is the second alpha release in the 0.2.6.x series. It introduces a major new backend for deciding when to send cells on

1 0

[tor/master] Start working on an 0.2.3 changelog
by nickm＠torproject.org 05 Feb '15

05 Feb '15

commit f8ecdd7031a16e560cf00d327b1f2b1938629762 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Feb 5 14:01:56 2015 -0500 Start working on an 0.2.3 changelog This is just sorting the entries and lightly editing a couple of problems I found. --- ChangeLog | 356 ++++++++++++++++++++++++++ changes/better_workqueues | 10 - changes/bug11791 | 4 - changes/bug12485 | 4 - changes/bug12509 | 4 - changes/bug12585 | 12 - changes/bug12985 | 5 - changes/bug13111-generate-keys-on-empty-file | 20 -- changes/bug13319 | 4 - changes/bug13397 | 4 - changes/bug13401 | 7 - changes/bug13661 | 6 - changes/bug13805 | 3 - changes/bug13806 | 8 - changes/bug13988 | 3 - changes/bug14001-clang-warning | 7 - changes/bug14067-TestingDirAuthVoteHSDir | 6 - changes/bug14072 | 3 - changes/bug14084 | 6 - changes/bug14090 | 4 - changes/bug14106 | 4 - changes/bug14116_025 | 3 - changes/bug14123 | 4 - changes/bug14125 | 5 - changes/bug14129 | 7 - changes/bug14141 | 11 - changes/bug14142-parse-virtual-addr | 7 - changes/bug14149 | 4 - changes/bug14193 | 4 - changes/bug14195 | 3 - changes/bug14202 | 3 - changes/bug14207 | 3 - changes/bug14215 | 5 - changes/bug14216 | 5 - changes/bug14219 | 6 - changes/bug14220 | 4 - changes/bug14224 | 7 - changes/bug14259 | 6 - changes/bug14261 | 5 - changes/bug14280 | 5 - changes/bug14350 | 4 - changes/bug14451 | 5 - changes/bug14740 | 5 - changes/bug6852 | 3 - changes/bug7555 | 5 - changes/bug8546 | 6 - changes/bug9286 | 4 - changes/bug9635 | 3 - changes/bug9819 | 8 - changes/doc13702 | 4 - changes/feature10067 | 12 - changes/feature13865 | 5 - changes/feature14015 | 3 - changes/feature8405 | 4 - changes/fix-test-cmdline-args | 4 - changes/geoip-january2015 | 3 - changes/geoip6-january2015 | 2 - changes/prop227 | 5 - changes/remove-bad-fp | 3 - changes/ticket11485 | 3 - changes/ticket11737 | 4 - changes/ticket12376_part2 | 11 - changes/ticket13037 | 4 - changes/ticket13243 | 3 - changes/ticket13762 | 5 - changes/ticket14107 | 6 - changes/ticket14128 | 5 - changes/ticket14188_part1 | 4 - changes/ticket14325 | 5 - changes/ticket9969 | 8 - 70 files changed, 356 insertions(+), 367 deletions(-) diff --git a/ChangeLog b/ChangeLog index 70e42de..271a674 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,359 @@ +Changes in version 0.2.6.3-alpha - 2015-02-?? + + blah blah blah + + o Major features (changed defaults): + - Prevent relay operators from unintentionally running exits: When + a relay is configured as an exit node, we now warn the user + unless the 'ExitRelay' option is set to 1. We warn even more + loudly if the relay is configured with the default exit policy, + since this tends to indicate accidental misconfiguration. + Setting 'ExitRelay' to 0 stops Tor from running as an exit relay. + Closes ticket 10067. + + o Major features (security) + - Implementation of an AF_UNIX socket option to implement a SOCKS + proxy reachable by Unix Domain Socket. This allows client applications to + communicate with Tor without having the ability to create AF_INET or + AF_INET6 family sockets. If an application has permission to create a socket + with AF_UNIX, it may directly communicate with Tor as if it were an other + SOCKS proxy. This should allow high risk applications to be entirely prevented + from connecting directly with TCP/IP, they will be able to only connect to the + internet through AF_UNIX and only through Tor. + To create a socket of this type, use the syntax "unix:/path/to/socket". + Closes ticket 12585. + + o Major features (hidden services): + - Support mapping hidden service virtual ports to AF_UNIX sockets on + suitable platforms. Resolves ticket #11485. + + o Major features (performance): + - Refactor the CPU worker implementation for better performance by + avoiding the kernel and lengthening pipelines. The original + implementation used sockets to transfer data from the main thread + to the worker threads, and didn't allow any thread to be assigned + more than a single piece of work at once. The new implementation + avoids communications overhead by making requests in shared + memory, avoiding kernel IO where possible, and keeping more + request in flight at once. Resolves issue #9682. + + o Removed features: + - To avoid confusion with the 'ExitRelay' option, 'ExitNode' is no + longer silently accepted as an alias for 'ExitNodes'. + + o Major bugfixes (client): + - Allow MapAddress and AutomapHostsOnResolve to work together when an + address is mapped into another address type that must be + automapped at resolve time. Fixes bug 7555; bugfix on + 0.2.0.1-alpha. + + o Major bugfixes (exit node stability): + - Fix an assertion failure that could occur under high DNS load. Fixes + bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr"; diagnosed and fixed + by "cypherpunks". + + o Major bugfixes (mixed relay-client operation): + - When running as a relay and a client at the same time (not + recommended), if we decide not to use a new guard because we + want to retry older guards, only close the locally-originating + circuits passing through that guard. Previously we would close + all the circuits. Fixes bug 9819; bugfix on + 0.2.1.1-alpha. Reported by "skruffy". + + o Minor features (authorities, testing): + - Create TestingDirAuthVoteHSDir like TestingDirAuthVoteExit/Guard. + Ensures that authorities vote the HSDir flag for the listed + relays regardless of uptime or ORPort connectivity. + Respects the value of VoteOnHidServDirectoriesV2. + Partial implementation for ticket 14067. Patch by "teor". + + o Minor features (build): + - New --disable-system-torrc compile-time option to prevent Tor from + looking for a system-wide torrc or torrc-defaults tile. Resolves + ticket 13037. + + o Minor features (controller): + - Include SOCKS_USERNAME and SOCKS_PASSWORD values in controller + events to let controllers observe circuit isolation inputs. + Closes ticket 8405. + - ControlPort now supports the unix:/path/to/dir syntax as an alternative + to the ControlSocket option, for consistency with SocksPort and + hidden services. Closes ticket 14451. + - New "GETINFO bw-event-cache" to get information about recent bandwidth + events. Closes ticket 14128. Useful for controllers to get recent + bandwidth history after the fix for 13988. + + o Minor features (directory client): + - When downloading server- or microdescriptors from a directory server, + we no longer launch multiple simultaneous requests to the same server. + This reduces load on the directory servers, especially when directory + guards are in use. Closes ticket 9969. + - When downloading server- or microdescriptors over a tunneled + connection, do not limit the length of our request to what the Squid + proxy is willing to handle. Part of ticket 9969. + + o Minor features (directory system): + - Authorities can now vote on the correct digests and latest versions for + different software packages. This allows packages that include Tor to use + the Tor authority system as a way to get notified of updates and their + correct digests. Implements proposal 227. Closes ticket 10395. + + o Minor features (directory, memory usage): + - When we have recently been under memory pressure (over 3/4 of + MaxMemInQueues is allocated), then allocate smaller zlib objects for + small requests. Closes ticket 11791. + + o Minor features (DOS resistance): + - Count the total number of bytes used storing hidden service descriptors + against the value of MaxMemInQueues. If we're low on memory, and more + than 20% of our memory is used holding hidden service descriptors, free + them until no more than 10% of our memory holds hidden service + descriptors. Free the least recently fetched descriptors first. + Resolves ticket 13806. + + o Minor features (geoip): + - Update geoip to the January 7 2015 Maxmind GeoLite2 Country database. + - Update geoip6 to the January 7 2015 Maxmind GeoLite2 Country database. + + o Minor features (Guard nodes): + - Reduce the time delay before saving guard status to disk from 10 + minute to 30 seconds (or from one hour to 10 minutes if + AvoidDiskWrites is set). Closes ticket 12485. + + o Minor features (hidden service): + - Make hidden service Sybil attacks harder by changing the minimum + time required to become an HSDir from 25 hours up to 96 hours. + Addresses ticket #14149. + - New option "HiddenServiceAllowUnknownPorts" to allow hidden + services to disable the anti-scanning feature introduced in + 0.2.6.2-alpha. With this option not set, a connection to an + unlisted port closes the circuit. With this option set, only a + RELAY_DONE cell is sent. Closes ticket #14084. + + o Minor features (interface): + - Implement '-f -' CLI suboption to allow torrc to be read + from standard input, thus not requiring to store torrc in file + system. Implements feature 13865. + + o Minor features (logging): + - Add a count of unique clients to the bridge heartbeat message. Resolves + ticket 6852. + - Suppress "router info incompatible with extra info" message when + reading extrainfo documents from cache. (This message got loud + around when we closed bug 9812 in 0.2.6.2-alpha.) Closes ticket + 13762. + - Elevate authorized-client message from DEBUG to INFO. Closes + ticket 14015. + + o Minor features (systemd): + - Various improvements and modernizations in systemd hardening support. + Closes ticket 13805. Patch from Craig Andrews. + + o Minor features (stability): + - Prevent bugs from causing infinite loops in our hash-table + iteration code by adding assertions that cached hash values have + not been corrupted. Closes ticket 11737. + + o Minor features (testing networks): + - Drop the minimum RendPostPeriod on a testing network to 5 seconds, + and the default to 2 minutes. Closes ticket 13401. Patch by "nickm". + - Drop the MIN_REND_INITIAL_POST_DELAY on a testing network to 5 seconds, + but keep the default at 30 seconds. This reduces HS bootstrap time to + around 25 seconds. Change src/test/test-network.sh default time to match. + Closes ticket 13401. Patch by "teor". + + o Minor bugfixes (automapping): + - Prevent changes to other options from removing the wildcard value "." + from "AutomapHostsSuffixes". + Fixes bug 12509; bugfix on 0.2.0.1-alpha. + + o Minor bugfixes (build): + - Avoid warnings when building with systemd 209 or later. + Fixes bug 14072; bugfix on 0.2.6.2-alpha. Patch from "h.venev". + + o Minor bugfixes (client DNS): + - Report the correct cached DNS expiration times. Previously, we + would report everything as "never expires." Fixes bug 14193; + bugfix on 0.2.3.17-beta. + - Avoid a small memory leak when we find a cached answer for a reverse + DNS lookup in a client-side DNS cache. (Remember, client-side DNS + caching is off by default, and is not recommended.) Fixes bug 14259; + bugfix on 0.2.0.1-alpha. + + o Minor bugfixes (client, automapping): + - Check for a missing option value in parse_virtual_addr_network + before asserting on the NULL in tor_addr_parse_mask_ports. + This avoids crashing on torrc lines like + Vi[rtualAddrNetworkIPv[4|6]] when no value follows the option. + Fixes bug 14142; bugfix on 0.2.4.7-alpha. + Patch by "teor". + - Fix a memory leak when using AutomapHostsOnResolve. + Fixes bug 14195; bugfix on 0.1.0.1-rc. + + o Minor bugfixes (client, IPV6): + - Reject socks requests to literal IPv6 addresses when IPv6Traffic + flag is not set; and not because the NoIPv4Traffic flag was set. + Previously we'd looked at the NoIPv4Traffic flag for both types + of literal addresses. Fixes bug 14280; bugfix on 0.2.4.7-alpha. + + o Minor bugfixes (client, bridges): + - When we are using bridges and we had a network connectivity problem, only + retry connecting to our currently configured bridges, not all bridges we + know about and remember using. + Fixes bug 14216; bugfix on tor-0.2.2.17-alpha. Patch from arma. + + o Minor bugfixes (compilation): + - Build without warnings with the stock OpenSSL srtp.h header, + which has a duplicate declaration of SSL_get_selected_srtp_profile(). + Fixes bug 14220; this is OpenSSL's bug, not ours. + - The address of an array in the middle of a structure will + always be non-NULL. clang recognises this and complains. + Disable the tautologous and redundant check to silence + this warning. + Fixes bug 14001; bugfix on 0.2.1.2-alpha. + - Compile correctly with (unreleased) OpenSSL 1.1.0 headers. + Addresses ticket 14188. + + o Minor bugfixes (controller): + - Add a code for the END_CIRC_REASON_IP_NOW_REDUNDANT circuit close + reason. Fixes bug 14207; bugfix on 0.2.6.2-alpha. + - Avoid crashing on a malformed EXTENDCIRCUIT command. Fixes bug 14116; + bugfix on 0.2.2.9-alpha. + + o Minor bugfixes (directory authority): + - Allow directory authorities to fetch more data from one + another if they find themselves missing lots of votes. + Previously, they had been bumping against the 10 MB queued + data limit. Fixes bug 14261; bugfix on 0.1.2.5-alpha. + - Enlarge the buffer to read bw-auth generated files to avoid an + issue when parsing the file in dirserv_read_measured_bandwidths(). + Fixes bug 14125; bugfix on 0.2.2.1-alpha. + + o Minor bugfixes (file handling): + - Stop failing when key files are zero-length. Instead, generate new + keys, and overwrite the empty key files. + Fixes bug 13111; bugfix on all versions of Tor. Patch by "teor". + - Stop generating a fresh .old RSA key file when the .old file is + missing. Fixes part of 13111; bugfix on 0.0.6rc1. + - Avoid overwriting .old key files with empty key files. + - Skip loading zero-length extra info store, router store, stats, state, + and key files. + - Avoid crashing when trying to reload a torrc specified as a relative + path with RunAsDaemon turned on. Fixes bug 13397; bugfix on + 0.2.3.11-alpha. + + o Minor bugfixes (hidden services): + - Close the intro circuit once we don't have any more usable intro + points instead of making it timeout at some point. This also make sure + no extra HS descriptor fetch is triggered. + Fixes bug 14224; bugfix on 0.0.6. + - When fetching a hidden service descriptor for a down service that we + recently up, do not keep refetching until we try the same replica twice + in a row. Fixes bug 14219; bugfix on 0.2.0.10-alpha. + - Successfully launch Tor with a nonexistent hidden service directory. + Our fix for bug 13942 didn't catch this case. Fixes bug 14106; + bugfix on 0.2.6.2-alpha. + + o Minor bugfixes (logging): + - Avoid crashing when there are more log domains than entries in + domain_list. Bugfix on 0.2.3.1-alpha. + - Add a string representation for LD_SCHED. Fixes bug 14740; + bugfix on 0.2.6.1-alpha. + + o Minor bugfixes (parsing): + - Stop accepting milliseconds (or other junk) at the end of + descriptor publication times. Fixes bug 9286; bugfix on + 0.0.2pre25. + - Support two-number and three-number version numbers correctly, in + case we change the Tor versioning system in the future. Fixes bug + 13661; bugfix on 0.0.8pre1. + + o Minor bugfixes (portability): + - Fix the ioctl()-based network interface lookup code so that it will + work on systems that have variable-length struct ifreq, for example + Mac OS X. + + o Minor bugfixes (shutdown): + - When shutting down, always call event_del() on lingering read or + write events before freeing them. Otherwise, we risk double-frees + or read-after-frees in event_base_free(). Fixes bug 12985; bugfix on + 0.1.0.2-rc. + + o Minor bugfixes (small memory leaks): + - Avoid leaking memory when using IPv6 virtual address mappings. + Fixes bug 14123; bugfix on 0.2.4.7-alpha. Patch by Tom van der + Woerdt. + + o Minor bugfixes (statistics): + - Increase period over which bandwidth observations are aggregated + from 15 minutes to 4 hours. Fixes bug 13988; bugfix on 0.0.8pre1. + + o Minor bugfixes (systemd support): + - Fix detection and operation of systemd watchdog. Fixes part of + bug 14141; bugfix on 0.2.6.2-alpha. Patch from Tomasz Torcz. + - Run correctly under systemd with the RunAsDaemon option set. + Fixes part of bug 14141; bugfix on 0.2.5.7-rc. Patch from Tomasz + Torcz. + - Inform the systemd supervisor about more changes in the Tor process + status. Implements part of ticket 14141. Patch from Tomasz Torcz. + - Cause the "--disable-systemd" option to actually disable systemd + support. Fixes bug 14350; bugfix on 0.2.6.2-alpha. Patch from + "blueness". + + o Minor bugfixes (TLS): + - Check more thoroughly throughout the TLS code for possible unlogged + TLS errors. Possible diagnostic or fix for bug 13319. + + o Code simplification and refactoring: + - Move fields related to isolating and configuring client ports + into a shared structure. Previously, they were duplicated across + port_cfg_t, listener_connection_t, and edge_connection_t. + Failure to copy one of them correctly had been the cause of at + least one bug in the past. Closes ticket 8546. + - Refactor the get_interface_addresses_raw() Doom-function into + multiple smaller and easier to understand subfunctions. Cover the + resulting subfunctions with unit-tests. Fixes a significant portion + of issue 12376. + - Remove workaround in dirserv_thinks_router_is_hs_dir() that was only + for version <= 0.2.2.24 which is now deprecated. Closes ticket 14202. + - Remove a test for a long-defunct broken version-one directory server. + + o Documentation: + - Adding section on OpenBSD to our TUNING document. Thanks to + mmcc for writing the OpenBSD-specific tips. Resolves ticket + 13702. + - Make the tor-resolve documentation match its help string and its + options. Resolves part of ticket 14325. + - Log a more useful error message from tor-resolve when failing to + look up a hidden service address. Resolves part of ticket 14325. + + o Downgraded warnings: + - Don't warn when we've attempted to contact a relay using the wrong + ntor onion key. Closes ticket 9635. + + o Testing: + - Make the checkdir/perms test complete successfully even if the + global umask is not 022. Fixes bug 14215; bugfix on 0.2.6.2-alpha. + - Test that tor does not fail when key files are zero-length. + Check that tor generates new keys, and overwrites the empty key files. + - Test that tor generates new keys when keys are missing (existing + behaviour). + - Test that tor does not overwrite key files that already contain data + (existing behaviour). + Tests bug 13111. Patch by "teor". + - New "make test-stem" target to run stem integration tests. + Requires that the "STEM_SOURCE_DIR" environment variable be set. + Closes ticket 14107. + - Make the test_cmdline_args.py script work correctly on Windows. + Patch from Gisle Vanem. + - Move the slower unit tests into a new "./src/test/test-slow" binary + that can be run independently of the other tests. Closes ticket 13243. + - Avoid undefined behavior when sampling huge values from the + Laplace distribution. This made unittests fail on Raspberry Pi. + Bug found by Device. Fixes bug 14090; bugfix on 0.2.6.2-alpha. + + + Changes in version 0.2.6.2-alpha - 2014-12-31 Tor 0.2.6.2-alpha is the second alpha release in the 0.2.6.x series. It introduces a major new backend for deciding when to send cells on diff --git a/changes/better_workqueues b/changes/better_workqueues deleted file mode 100644 index 32c984c..0000000 --- a/changes/better_workqueues +++ /dev/null @@ -1,10 +0,0 @@ - o Major features: - - Refactor the CPU worker implementation for better performance by - avoiding the kernel and lengthening pipelines. The original - implementation used sockets to transfer data from the main thread - to the worker threads, and didn't allow any thread to be assigned - more than a single piece of work at once. The new implementation - avoids communications overhead by making requests in shared - memory, avoiding kernel IO where possible, and keeping more - request in flight at once. Resolves issue #9682. - diff --git a/changes/bug11791 b/changes/bug11791 deleted file mode 100644 index 51a9327..0000000 --- a/changes/bug11791 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (directory, memory usage): - - When we have recently been under memory pressure (over 3/4 of - MaxMemInQueues is allocated), then allocate smaller zlib objects for - small requests. Closes ticket 11791. diff --git a/changes/bug12485 b/changes/bug12485 deleted file mode 100644 index 53ce33e..0000000 --- a/changes/bug12485 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (Guard nodes): - - Reduce the time delay before saving guard status to disk from 10 - minute to 30 seconds (or from one hour to 10 minutes if - AvoidDiskWrites is set). Closes ticket 12485. diff --git a/changes/bug12509 b/changes/bug12509 deleted file mode 100644 index bb49bd5..0000000 --- a/changes/bug12509 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (automapping): - - Prevent changes to other options from removing the wildcard value "." - from "AutomapHostsSuffixes". - Fixes bug 12509; bugfix on 0.2.0.1-alpha. diff --git a/changes/bug12585 b/changes/bug12585 deleted file mode 100644 index ac03993..0000000 --- a/changes/bug12585 +++ /dev/null @@ -1,12 +0,0 @@ - o Major features (security) - - Implementation of an AF_UNIX socket option to implement a SOCKS - proxy reachable by Unix Domain Socket. This allows client applications to - communicate with Tor without having the ability to create AF_INET or - AF_INET6 family sockets. If an application has permission to create a socket - with AF_UNIX, it may directly communicate with Tor as if it were an other - SOCKS proxy. This should allow high risk applications to be entirely prevented - from connecting directly with TCP/IP, they will be able to only connect to the - internet through AF_UNIX and only through Tor. - To create a socket of this type, use the syntax "unix:/path/to/socket". - Closes ticket 12585. - diff --git a/changes/bug12985 b/changes/bug12985 deleted file mode 100644 index 636ae4d..0000000 --- a/changes/bug12985 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (shutdown): - - When shutting down, always call event_del() on lingering read or - write events before freeing them. Otherwise, we risk double-frees - or read-after-frees in event_base_free(). Fixes bug 12985; bugfix on - 0.1.0.2-rc. diff --git a/changes/bug13111-generate-keys-on-empty-file b/changes/bug13111-generate-keys-on-empty-file deleted file mode 100644 index 1d602de..0000000 --- a/changes/bug13111-generate-keys-on-empty-file +++ /dev/null @@ -1,20 +0,0 @@ - o Minor bugfixes (file handling): - - Stop failing when key files are zero-length. Instead, generate new - keys, and overwrite the empty key files. - Fixes bug 13111; bugfix on all versions of Tor. Patch by "teor". - - Stop generating a fresh .old RSA key file when the .old file is - missing. Fixes part of 13111; bugfix on 0.0.6rc1. - - Avoid overwriting .old key files with empty key files. - - o Minor enhancements (file handling): - - Skip loading zero-length extra info store, router store, stats, state, - and key files. - - o Minor enhancements (testing): - - Test that tor does not fail when key files are zero-length. - Check that tor generates new keys, and overwrites the empty key files. - - Test that tor generates new keys when keys are missing (existing - behaviour). - - Test that tor does not overwrite key files that already contain data - (existing behaviour). - Tests bug 13111. Patch by "teor". diff --git a/changes/bug13319 b/changes/bug13319 deleted file mode 100644 index eee95c8..0000000 --- a/changes/bug13319 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Check more thoroughly throughout the TLS code for possible unlogged - TLS errors. Possible diagnostic or fix for bug 13319. - diff --git a/changes/bug13397 b/changes/bug13397 deleted file mode 100644 index 5020928..0000000 --- a/changes/bug13397 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Avoid crashing when trying to reload a torrc specified as a relative - path with RunAsDaemon turned on. Fixes bug 13397; bugfix on - 0.2.3.11-alpha. diff --git a/changes/bug13401 b/changes/bug13401 deleted file mode 100644 index e2834a0..0000000 --- a/changes/bug13401 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor features (testing networks): - - Drop the minimum RendPostPeriod on a testing network to 5 seconds, - and the default to 2 minutes. Closes ticket 13401. Patch by "nickm". - - Drop the MIN_REND_INITIAL_POST_DELAY on a testing network to 5 seconds, - but keep the default at 30 seconds. This reduces HS bootstrap time to - around 25 seconds. Change src/test/test-network.sh default time to match. - Closes ticket 13401. Patch by "teor". diff --git a/changes/bug13661 b/changes/bug13661 deleted file mode 100644 index 7f0cb5e..0000000 --- a/changes/bug13661 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - - Support two-number and three-number version numbers correctly, in - case we change the Tor versioning system in the future. Fixes bug - 13661; bugfix on 0.0.8pre1. - diff --git a/changes/bug13805 b/changes/bug13805 deleted file mode 100644 index 321cd58..0000000 --- a/changes/bug13805 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (systemd): - - Various improvements and modernizations in systemd hardening support. - Closes ticket 13805. Patch from Craig Andrews. diff --git a/changes/bug13806 b/changes/bug13806 deleted file mode 100644 index 0a6b268..0000000 --- a/changes/bug13806 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor features (DOS resistance): - - Count the total number of bytes used storing hidden service descriptors - against the value of MaxMemInQueues. If we're low on memory, and more - than 20% of our memory is used holding hidden service descriptors, free - them until no more than 10% of our memory holds hidden service - descriptors. Free the least recently fetched descriptors first. - Resolves ticket 13806. - diff --git a/changes/bug13988 b/changes/bug13988 deleted file mode 100644 index e816335..0000000 --- a/changes/bug13988 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (statistics): - - Increase period over which bandwidth observations are aggregated - from 15 minutes to 4 hours. Fixes bug 13988; bugfix on 0.0.8pre1. diff --git a/changes/bug14001-clang-warning b/changes/bug14001-clang-warning deleted file mode 100644 index 5f8deb7..0000000 --- a/changes/bug14001-clang-warning +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes: - - The address of an array in the middle of a structure will - always be non-NULL. clang recognises this and complains. - Disable the tautologous and redundant check to silence - this warning. - Fixes bug 14001; bugfix on 0.2.1.2-alpha. - diff --git a/changes/bug14067-TestingDirAuthVoteHSDir b/changes/bug14067-TestingDirAuthVoteHSDir deleted file mode 100644 index c276e22..0000000 --- a/changes/bug14067-TestingDirAuthVoteHSDir +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (authorities, testing): - - Create TestingDirAuthVoteHSDir like TestingDirAuthVoteExit/Guard. - Ensures that authorities vote the HSDir flag for the listed - relays regardless of uptime or ORPort connectivity. - Respects the value of VoteOnHidServDirectoriesV2. - Partial implementation for ticket 14067. Patch by "teor". diff --git a/changes/bug14072 b/changes/bug14072 deleted file mode 100644 index c810616..0000000 --- a/changes/bug14072 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (build): - - Avoid warnings when building with systemd 209 or later. - Fixes bug 14072; bugfix on 0.2.6.2-alpha. Patch from "h.venev". diff --git a/changes/bug14084 b/changes/bug14084 deleted file mode 100644 index c7f053e..0000000 --- a/changes/bug14084 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features: - - New option "HiddenServiceAllowUnknownPorts" to allow hidden - services to disable the anti-scanning feature introduced in - 0.2.6.2-alpha. With this option not set, a connection to an - unlisted port closes the circuit. With this option set, only a - RELAY_DONE cell is sent. Closes ticket #14084. \ No newline at end of file diff --git a/changes/bug14090 b/changes/bug14090 deleted file mode 100644 index d6a6df4..0000000 --- a/changes/bug14090 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Avoid undefined behavior when sampling huge values from the - Laplace distribution. This made unittests fail on Raspberry Pi. - Bug found by Device. Fixes bug 14090; bugfix on 0.2.6.2-alpha. diff --git a/changes/bug14106 b/changes/bug14106 deleted file mode 100644 index cf6e568..0000000 --- a/changes/bug14106 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (hidden services): - - Successfully launch Tor with a nonexistent hidden service directory. - Our fix for bug 13942 didn't catch this case. Fixes bug 14106; - bugfix on 0.2.6.2-alpha. diff --git a/changes/bug14116_025 b/changes/bug14116_025 deleted file mode 100644 index 0859f62..0000000 --- a/changes/bug14116_025 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (controller): - - Avoid crashing on a malformed EXTENDCIRCUIT command. Fixes bug 14116; - bugfix on 0.2.2.9-alpha. diff --git a/changes/bug14123 b/changes/bug14123 deleted file mode 100644 index 1220a04..0000000 --- a/changes/bug14123 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (small memory leaks): - - Avoid leaking memory when using IPv6 virtual address mappings. - Fixes bug 14123; bugfix on 0.2.4.7-alpha. Patch by Tom van der - Woerdt. \ No newline at end of file diff --git a/changes/bug14125 b/changes/bug14125 deleted file mode 100644 index d8df37d..0000000 --- a/changes/bug14125 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (dirauth): - - Enlarge the buffer to read bw-auth generated files to avoid an - issue when parsing the file in dirserv_read_measured_bandwidths(). - Fixes bug 14125; bugfix on 0.2.2.1-alpha. - diff --git a/changes/bug14129 b/changes/bug14129 deleted file mode 100644 index 6153cd8..0000000 --- a/changes/bug14129 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (exit node stability): - - - Fix an assertion failure that could occur under high DNS load. Fixes - bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr"; diagnosed and fixed - by "cypherpunks". - - diff --git a/changes/bug14141 b/changes/bug14141 deleted file mode 100644 index 75cdcd5..0000000 --- a/changes/bug14141 +++ /dev/null @@ -1,11 +0,0 @@ - o Minor bugfixes (systemd support): - - Fix detection and operation of systemd watchdog. Fixes part of - bug 14141; bugfix on 0.2.6.2-alpha. Patch from Tomasz Torcz. - - - Run correctly under systemd with the RunAsDaemon option set. - Fixes part of bug 14141; bugfix on 0.2.5.7-rc. Patch from Tomasz - Torcz. - - o Minor featurs (systemd support): - - Inform the systemd supervisor about more changes in the Tor process - status. Implements part of ticket 14141. Patch from Tomasz Torcz. \ No newline at end of file diff --git a/changes/bug14142-parse-virtual-addr b/changes/bug14142-parse-virtual-addr deleted file mode 100644 index ee63545..0000000 --- a/changes/bug14142-parse-virtual-addr +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (client): - - Check for a missing option value in parse_virtual_addr_network - before asserting on the NULL in tor_addr_parse_mask_ports. - This avoids crashing on torrc lines like - Vi[rtualAddrNetworkIPv[4|6]] when no value follows the option. - Fixes bug 14142; bugfix on 0.2.4.7-alpha. - Patch by "teor". diff --git a/changes/bug14149 b/changes/bug14149 deleted file mode 100644 index d655a14..0000000 --- a/changes/bug14149 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (hidden service parameters): - - Make hidden service Sybil attacks harder by changing the minimum - time required to become an HSDir from 25 hours up to 96 hours. - Addresses ticket #14149. \ No newline at end of file diff --git a/changes/bug14193 b/changes/bug14193 deleted file mode 100644 index a700668..0000000 --- a/changes/bug14193 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (client DNS): - - Report the correct cached DNS expiration times. Previously, we - would report everything as "never expires." Fixes bug 14193; - bugfix on 0.2.3.17-beta. diff --git a/changes/bug14195 b/changes/bug14195 deleted file mode 100644 index d2b82f3..0000000 --- a/changes/bug14195 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (client): - - Fix a memory leak when using AutomapHostsOnResolve. - Fixes bug 14195; bugfix on 0.1.0.1-rc. diff --git a/changes/bug14202 b/changes/bug14202 deleted file mode 100644 index 79f7537..0000000 --- a/changes/bug14202 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor cleanup: - - Remove workaround in dirserv_thinks_router_is_hs_dir() that was only - for version <= 0.2.2.24 which is now deprecated. Closes ticket 14202. diff --git a/changes/bug14207 b/changes/bug14207 deleted file mode 100644 index b382f82..0000000 --- a/changes/bug14207 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (controller): - - Add a code for the END_CIRC_REASON_IP_NOW_REDUNDANT circuit close - reason. Fixes bug 14207; bugfix on 0.2.6.2-alpha. diff --git a/changes/bug14215 b/changes/bug14215 deleted file mode 100644 index 70bcdaa..0000000 --- a/changes/bug14215 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (tests): - - Make the checkdir/perms test complete successfully even if the - global umask is not 022. Fixes bug 14215; bugfix on 0.2.6.2-alpha. - - diff --git a/changes/bug14216 b/changes/bug14216 deleted file mode 100644 index 47893ce..0000000 --- a/changes/bug14216 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - When we are using bridges and we had a network connectivity problem, only - retry connecting to our currently configured bridges, not all bridges we - know about and remember using. - Fixes bug 14216; bugfix on tor-0.2.2.17-alpha. Patch from arma. diff --git a/changes/bug14219 b/changes/bug14219 deleted file mode 100644 index 9d845db..0000000 --- a/changes/bug14219 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (hidden services): - - - When fetching a hidden service descriptor for a down service that we - recently up, do not keep refetching until we try the same replica twice - in a row. Fixes bug 14219; bugfix on 0.2.0.10-alpha. - diff --git a/changes/bug14220 b/changes/bug14220 deleted file mode 100644 index 51cfa50..0000000 --- a/changes/bug14220 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Build without warnings with the stock OpenSSL srtp.h header, - which has a duplicate declaration of SSL_get_selected_srtp_profile(). - Fixes bug 14220; this is OpenSSL's bug, not ours. diff --git a/changes/bug14224 b/changes/bug14224 deleted file mode 100644 index 031b000..0000000 --- a/changes/bug14224 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor Bugfix - - Close the intro circuit once we don't have any more usable intro - points instead of making it timeout at some point. This also make sure - no extra HS descriptor fetch is triggered. - Fixes bug 14224; bugfix on 0.0.6. - - diff --git a/changes/bug14259 b/changes/bug14259 deleted file mode 100644 index 1b5b9b8..0000000 --- a/changes/bug14259 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (client): - - Avoid a small memory leak when we find a cached answer for a reverse - DNS lookup in a client-side DNS cache. (Remember, client-side DNS - caching is off by default, and is not recommended.) Fixes bug 14259; - bugfix on 0.2.0.1-alpha. - diff --git a/changes/bug14261 b/changes/bug14261 deleted file mode 100644 index 8ab556c..0000000 --- a/changes/bug14261 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (directory authority): - - Allow directory authorities to fetch more data from one - another if they find themselves missing lots of votes. - Previously, they had been bumping against the 10 MB queued - data limit. Fixes bug 14261; bugfix on 0.1.2.5-alpha. diff --git a/changes/bug14280 b/changes/bug14280 deleted file mode 100644 index 917d40c..0000000 --- a/changes/bug14280 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Reject socks requests to literal IPv6 addresses when IPv6Traffic - flag is not set; and not because the NoIPv4Traffic flag was set. - Previously we'd looked at the NoIPv4Traffic flag for both types - of literal addresses. Fixes bug 14280; bugfix on 0.2.4.7-alpha. diff --git a/changes/bug14350 b/changes/bug14350 deleted file mode 100644 index 8b85798..0000000 --- a/changes/bug14350 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Cause the "--disable-systemd" option to actually disable systemd - support. Fixes bug 14350; bugfix on 0.2.6.2-alpha. Patch from - "blueness". \ No newline at end of file diff --git a/changes/bug14451 b/changes/bug14451 deleted file mode 100644 index 197cd59..0000000 --- a/changes/bug14451 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - ControlPort now supports the unix:/path/to/dir syntax as an alternative - to the ControlSocket option, for consistency with SocksPort and - hidden services. Closes ticket 14451. - diff --git a/changes/bug14740 b/changes/bug14740 deleted file mode 100644 index 5cac620..0000000 --- a/changes/bug14740 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Avoid crashing when there are more log domains than entries in - domain_list. Bugfix on 0.2.3.1-alpha. - - Add a string representation for LD_SCHED. Fixes bug 14740; - bugfix on 0.2.6.1-alpha. diff --git a/changes/bug6852 b/changes/bug6852 deleted file mode 100644 index 9bafef8..0000000 --- a/changes/bug6852 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Add a unique client counter to the heartbeat message. Resolves - ticket 6852. diff --git a/changes/bug7555 b/changes/bug7555 deleted file mode 100644 index a43ff73..0000000 --- a/changes/bug7555 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (client): - - Allow MapAddress and AutomapHostsOnResolve to work together when an - address is mapped into another address type that must be - automapped at resolve time. Fixes bug 7555; bugfix on - 0.2.0.1-alpha. diff --git a/changes/bug8546 b/changes/bug8546 deleted file mode 100644 index 9e79b4f..0000000 --- a/changes/bug8546 +++ /dev/null @@ -1,6 +0,0 @@ - o Code simplification and refactoring: - - Move fields related to isolating and configuring client ports - into a shared structure. Previously, they were duplicated across - port_cfg_t, listener_connection_t, and edge_connection_t. - Failure to copy one of them correctly had been the cause of at - least one bug in the past. Closes ticket 8546. diff --git a/changes/bug9286 b/changes/bug9286 deleted file mode 100644 index 062a7a0..0000000 --- a/changes/bug9286 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (parsing): - - Stop accepting milliseconds (or other junk) at the end of - descriptor publication times. Fixes bug 9286; bugfix on - 0.0.2pre25. \ No newline at end of file diff --git a/changes/bug9635 b/changes/bug9635 deleted file mode 100644 index 17a2ea5..0000000 --- a/changes/bug9635 +++ /dev/null @@ -1,3 +0,0 @@ - o Downgraded warnings: - - Don't warn when we've attempted to contact a relay using the wrong - ntor onion key. Closes ticket 9635. diff --git a/changes/bug9819 b/changes/bug9819 deleted file mode 100644 index 7220d2a..0000000 --- a/changes/bug9819 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (mixed relay-client operation): - - - When running as a relay and a client at the same time (not - recommended), if we decide not to use a new guard because we - want to retry older guards, only close the locally-originating - circuits passing through that guard. Previously we would close - all the circuits. Fixes bug 9819; bugfix on - 0.2.1.1-alpha. Reported by "skruffy". diff --git a/changes/doc13702 b/changes/doc13702 deleted file mode 100644 index 917dca3..0000000 --- a/changes/doc13702 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Adding section on OpenBSD to our TUNING document. Thanks to - mmcc for writing the OpenBSD-specific tips. Resolves ticket - 13702. diff --git a/changes/feature10067 b/changes/feature10067 deleted file mode 100644 index 3a387d0..0000000 --- a/changes/feature10067 +++ /dev/null @@ -1,12 +0,0 @@ - o Major features (changed defaults): - - Prevent relay operators from unintentionally running exits: When - a relay is configured as an exit node, we now warn the user - unless the 'ExitRelay' option is set to 1. We warn even more - loudly if the relay is configured with the default exit policy, - since this tends to indicate accidental misconfiguration. - Setting 'ExitRelay' to 0 stops Tor from running as an exit relay. - Closes ticket 10067. - - o Removed features: - - To avoid confusion with the 'ExitRelay' option, 'ExitNode' is no - longer silently accepted as an alias for 'ExitNodes'. diff --git a/changes/feature13865 b/changes/feature13865 deleted file mode 100644 index 48291b4..0000000 --- a/changes/feature13865 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - Implement '-f -' CLI suboption to allow torrc to be read - from standard input, thus not requiring to store torrc in file - system. Implements feature 13865. - diff --git a/changes/feature14015 b/changes/feature14015 deleted file mode 100644 index bd09b49..0000000 --- a/changes/feature14015 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (logging, hidden services): - - Elevate authorized-client message from DEBUG to INFO. Closes - ticket 14015. diff --git a/changes/feature8405 b/changes/feature8405 deleted file mode 100644 index ac4a361..0000000 --- a/changes/feature8405 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (controller): - - Include SOCKS_USERNAME and SOCKS_PASSWORD values in controller - events to let controllers observe circuit isolation inputs. - Closes ticket 8405. diff --git a/changes/fix-test-cmdline-args b/changes/fix-test-cmdline-args deleted file mode 100644 index 6902d19..0000000 --- a/changes/fix-test-cmdline-args +++ /dev/null @@ -1,4 +0,0 @@ - o Testing: - - Make the test_cmdline_args.py script work correctly on Windows. - Patch from Gisle Vanem. - \ No newline at end of file diff --git a/changes/geoip-january2015 b/changes/geoip-january2015 deleted file mode 100644 index 67324f2..0000000 --- a/changes/geoip-january2015 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip to the January 7 2015 Maxmind GeoLite2 Country database. - diff --git a/changes/geoip6-january2015 b/changes/geoip6-january2015 deleted file mode 100644 index b86fe2b..0000000 --- a/changes/geoip6-january2015 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features: - - Update geoip6 to the January 7 2015 Maxmind GeoLite2 Country database. diff --git a/changes/prop227 b/changes/prop227 deleted file mode 100644 index cd47fe2..0000000 --- a/changes/prop227 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (directory system): - - Authorities can now vote on the correct digests and latest versions for - different software packages. This allows packages that include Tor to use - the Tor authority system as a way to get notified of updates and their - correct digests. Implements proposal 227. Closes ticket 10395. diff --git a/changes/remove-bad-fp b/changes/remove-bad-fp deleted file mode 100644 index 190013d..0000000 --- a/changes/remove-bad-fp +++ /dev/null @@ -1,3 +0,0 @@ - o Removed features: - - Remove a test for a long-defunct broken version-one directory server. - diff --git a/changes/ticket11485 b/changes/ticket11485 deleted file mode 100644 index 9d341c5..0000000 --- a/changes/ticket11485 +++ /dev/null @@ -1,3 +0,0 @@ - o Features (hidden services): - - Support mapping hidden service virtual ports to AF_UNIX sockets on - suitable platforms. Resolves ticket #11485. diff --git a/changes/ticket11737 b/changes/ticket11737 deleted file mode 100644 index 5c5f9dc..0000000 --- a/changes/ticket11737 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Prevent bugs from causing infinite loops in our hash-table - iteration code by adding assertions that cached hash values have - not been corrupted. Closes ticket 11737. diff --git a/changes/ticket12376_part2 b/changes/ticket12376_part2 deleted file mode 100644 index 13f9bb5..0000000 --- a/changes/ticket12376_part2 +++ /dev/null @@ -1,11 +0,0 @@ - o Major refactoring: - - Refactor the get_interface_addresses_raw() Doom-function into - multiple smaller and easier to understand subfunctions. Cover the - resulting subfunctions with unit-tests. Fixes a significant portion - of issue 12376. - - o Minor bugfixes: - - Fix the ioctl()-based network interface lookup code so that it will - work on systems that have variable-length struct ifreq, for example - Mac OS X. - diff --git a/changes/ticket13037 b/changes/ticket13037 deleted file mode 100644 index 24c4100..0000000 --- a/changes/ticket13037 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (build): - - New --disable-system-torrc compile-time option to prevent Tor from - looking for a system-wide torrc or torrc-defaults tile. Resolves - ticket 13037. diff --git a/changes/ticket13243 b/changes/ticket13243 deleted file mode 100644 index ad6e4de..0000000 --- a/changes/ticket13243 +++ /dev/null @@ -1,3 +0,0 @@ - o Testing: - - Move the slower unit tests into a new "./src/test/test-slow" binary - that can be run independently of the other tests. Closes ticket 13243. diff --git a/changes/ticket13762 b/changes/ticket13762 deleted file mode 100644 index 0c1a568..0000000 --- a/changes/ticket13762 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - Suppress "router info incompatible with extra info" message when - reading extrainfo documents from cache. (This message got loud - around when we closed bug 9812 in 0.2.6.2-alpha.) Closes ticket - 13762. diff --git a/changes/ticket14107 b/changes/ticket14107 deleted file mode 100644 index e4ba6be..0000000 --- a/changes/ticket14107 +++ /dev/null @@ -1,6 +0,0 @@ - o Testing: - - - New "make test-stem" target to run stem integration tests. - Requires that the "STEM_SOURCE_DIR" environment variable be set. - Closes ticket 14107. - diff --git a/changes/ticket14128 b/changes/ticket14128 deleted file mode 100644 index 38b25fa..0000000 --- a/changes/ticket14128 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (controller): - - New "GETINFO bw-event-cache" to get information about recent bandwidth - events. Closes ticket 14128. Useful for controllers to get recent - bandwidth history after the fix for 13988. - diff --git a/changes/ticket14188_part1 b/changes/ticket14188_part1 deleted file mode 100644 index 6e71da8..0000000 --- a/changes/ticket14188_part1 +++ /dev/null @@ -1,4 +0,0 @@ - o Compilation fixes: - - Compile correctly with (unreleased) OpenSSL 1.1.0 headers. - Addresses ticket 14188. - diff --git a/changes/ticket14325 b/changes/ticket14325 deleted file mode 100644 index 27c27f5..0000000 --- a/changes/ticket14325 +++ /dev/null @@ -1,5 +0,0 @@ - o Documentation: - - Make the tor-resolve documentation match its help string and its - options. Resolves part of ticket 14325. - - Log a more useful error message from tor-resolve when failing to - look up a hidden service address. Resolves part of ticket 14325. diff --git a/changes/ticket9969 b/changes/ticket9969 deleted file mode 100644 index c208e26..0000000 --- a/changes/ticket9969 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor features (directory client): - - When downloading server- or microdescriptors from a directory server, - we no longer launch multiple simultaneous requests to the same server. - This reduces load on the directory servers, especially when directory - guards are in use. Closes ticket 9969. - - When downloading server- or microdescriptors over a tunneled - connection, do not limit the length of our request to what the Squid - proxy is willing to handle. Part of ticket 9969.

1 0

[tor/master] Fix a work-counting bug introduced by the workqueue merge
by nickm＠torproject.org 05 Feb '15

05 Feb '15

commit 227422155721597d7ad528749f7295e92f1ce9fc Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Feb 5 12:17:08 2015 -0500 Fix a work-counting bug introduced by the workqueue merge David Goulet finds that when he runs a busy relay for a while with the latest version of the git code, the number of onionskins handled slowly dwindles to zero, with total_pending_tasks wedged at its maximum value. I conjecture this is because the total_pending_tasks variable isn't decremented when we successfully cancel a job. Fixed that. Fixes bug 14741; bugfix not on any released version of tor. --- src/or/cpuworker.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/or/cpuworker.c b/src/or/cpuworker.c index 3ddb37a..5e8b32d 100644 --- a/src/or/cpuworker.c +++ b/src/or/cpuworker.c @@ -298,6 +298,7 @@ cpuworker_onion_handshake_replyfn(void *work_) cpuworker_reply_t rpl; or_circuit_t *circ = NULL; + tor_assert(total_pending_tasks > 0); --total_pending_tasks; /* Could avoid this, but doesn't matter. */ @@ -553,6 +554,8 @@ cpuworker_cancel_circ_handshake(or_circuit_t *circ) /* It successfully cancelled. */ memwipe(job, 0xe0, sizeof(*job)); tor_free(job); + tor_assert(total_pending_tasks > 0); + --total_pending_tasks; } circ->workqueue_entry = NULL;

1 0

[tor/master] use ARRAY_LENGTH macro in domain_to_string
by nickm＠torproject.org 05 Feb '15

05 Feb '15

commit 3f993dacc141a105d3e520cf1901dbb635c29ea2 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Feb 5 11:01:13 2015 -0500 use ARRAY_LENGTH macro in domain_to_string --- src/common/log.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/common/log.c b/src/common/log.c index b533814..bbad7f1 100644 --- a/src/common/log.c +++ b/src/common/log.c @@ -1246,7 +1246,7 @@ domain_to_string(log_domain_mask_t domain, char *buf, size_t buflen) const char *d; int bit = tor_log2(domain); size_t n; - if ((unsigned)bit >= sizeof(domain_list)/sizeof(*domain_list) - 1 || + if ((unsigned)bit >= ARRAY_LENGTH(domain_list)-1 || bit >= N_LOGGING_DOMAINS) { tor_snprintf(buf, buflen, "<BUG:Unknown domain %lx>", (long)domain); return buf+strlen(buf);

1 0

[tor/master] Add a string representation for LD_SCHED, and a extra sanity check.
by nickm＠torproject.org 05 Feb '15

05 Feb '15

commit b330bdec8e628d34641a5e6942fa4d1a5357639a Author: Yawning Angel <yawning(a)schwanenlied.me> Date: Thu Feb 5 15:46:27 2015 +0000 Add a string representation for LD_SCHED, and a extra sanity check. This both fixes the problem, and ensures that forgetting to update domain_list in the future will trigger the bug codepath instead of a NULL pointer deref. --- changes/bug14740 | 5 +++++ src/common/log.c | 6 ++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/changes/bug14740 b/changes/bug14740 new file mode 100644 index 0000000..5cac620 --- /dev/null +++ b/changes/bug14740 @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Avoid crashing when there are more log domains than entries in + domain_list. Bugfix on 0.2.3.1-alpha. + - Add a string representation for LD_SCHED. Fixes bug 14740; + bugfix on 0.2.6.1-alpha. diff --git a/src/common/log.c b/src/common/log.c index 2e7c711..b533814 100644 --- a/src/common/log.c +++ b/src/common/log.c @@ -1215,7 +1215,8 @@ log_level_to_string(int level) static const char *domain_list[] = { "GENERAL", "CRYPTO", "NET", "CONFIG", "FS", "PROTOCOL", "MM", "HTTP", "APP", "CONTROL", "CIRC", "REND", "BUG", "DIR", "DIRSERV", - "OR", "EDGE", "ACCT", "HIST", "HANDSHAKE", "HEARTBEAT", "CHANNEL", NULL + "OR", "EDGE", "ACCT", "HIST", "HANDSHAKE", "HEARTBEAT", "CHANNEL", + "SCHED", NULL }; /** Return a bitmask for the log domain for which domain is the name, @@ -1245,7 +1246,8 @@ domain_to_string(log_domain_mask_t domain, char *buf, size_t buflen) const char *d; int bit = tor_log2(domain); size_t n; - if (bit >= N_LOGGING_DOMAINS) { + if ((unsigned)bit >= sizeof(domain_list)/sizeof(*domain_list) - 1 || + bit >= N_LOGGING_DOMAINS) { tor_snprintf(buf, buflen, "<BUG:Unknown domain %lx>", (long)domain); return buf+strlen(buf); }

1 0

[tor/master] Merge remote-tracking branch 'yawning/bug14740'
by nickm＠torproject.org 05 Feb '15

05 Feb '15

commit 377584abbd56ab6d585ccde893398068ada8fdaa Merge: 5a0c94f b330bde Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Feb 5 10:59:44 2015 -0500 Merge remote-tracking branch 'yawning/bug14740' changes/bug14740 | 5 +++++ src/common/log.c | 6 ++++-- 2 files changed, 9 insertions(+), 2 deletions(-)

1 0

[tor/master] improve changes files more
by nickm＠torproject.org 05 Feb '15

05 Feb '15

commit 5a0c94f0a9a1975cf2226c312dc29f25c4a0e210 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Feb 5 10:06:16 2015 -0500 improve changes files more --- changes/bug14202 | 4 ++-- changes/bug14451 | 2 -- changes/ticket14188_part1 | 2 ++ changes/ticket14325 | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/changes/bug14202 b/changes/bug14202 index 2bb4ba1..79f7537 100644 --- a/changes/bug14202 +++ b/changes/bug14202 @@ -1,3 +1,3 @@ - o Minor cleanup + o Minor cleanup: - Remove workaround in dirserv_thinks_router_is_hs_dir() that was only - for version <= 0.2.2.24 which is now deprecated. + for version <= 0.2.2.24 which is now deprecated. Closes ticket 14202. diff --git a/changes/bug14451 b/changes/bug14451 index 7949a78..197cd59 100644 --- a/changes/bug14451 +++ b/changes/bug14451 @@ -1,5 +1,3 @@ - - o Minor features: - ControlPort now supports the unix:/path/to/dir syntax as an alternative to the ControlSocket option, for consistency with SocksPort and diff --git a/changes/ticket14188_part1 b/changes/ticket14188_part1 index 9d66bba..6e71da8 100644 --- a/changes/ticket14188_part1 +++ b/changes/ticket14188_part1 @@ -1,2 +1,4 @@ o Compilation fixes: - Compile correctly with (unreleased) OpenSSL 1.1.0 headers. + Addresses ticket 14188. + diff --git a/changes/ticket14325 b/changes/ticket14325 index 38daa05..27c27f5 100644 --- a/changes/ticket14325 +++ b/changes/ticket14325 @@ -1,4 +1,4 @@ - o Documentation fixes: + o Documentation: - Make the tor-resolve documentation match its help string and its options. Resolves part of ticket 14325. - Log a more useful error message from tor-resolve when failing to

1 0

[tor/master] 14554 doesn't need a changes file: the bug wasn't in a release
by nickm＠torproject.org 05 Feb '15

05 Feb '15

commit ea0881029f4671169b2dc9e436a4be4a15f5a991 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Feb 5 10:04:41 2015 -0500 14554 doesn't need a changes file: the bug wasn't in a release --- changes/bug14554 | 4 ---- 1 file changed, 4 deletions(-) diff --git a/changes/bug14554 b/changes/bug14554 deleted file mode 100644 index ff2566f..0000000 --- a/changes/bug14554 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfix - - Possibility of an infinite loop if the returned value of the read/recv - was 0. A returned value of 0 means that we've reached the EOF thus the - pipe/sock is drained so return success not an error.

1 0