February 2017 - tor-commits - lists.torproject.org

[tor/maint-0.3.0] Merge branch 'maint-0.2.7' into release-0.2.7
by nickm＠torproject.org 28 Feb '17

28 Feb '17

commit e0fa07c06fc1a8761b5f4b33028f157a130831a4 Merge: b6024ec 18ee193 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Nov 20 10:27:51 2015 -0500 Merge branch 'maint-0.2.7' into release-0.2.7 configure.ac | 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-)

1 0

[tor/maint-0.3.0] More 0274-rc changelog updating
by nickm＠torproject.org 28 Feb '17

28 Feb '17

commit 89a9d8c8d75dac081dd304442182e29186888c39 Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Oct 21 13:37:06 2015 -0400 More 0274-rc changelog updating --- ChangeLog | 11 +++++++++++ changes/bug17364 | 3 --- changes/bug17403 | 3 --- changes/bug17404 | 6 ------ 4 files changed, 11 insertions(+), 12 deletions(-) diff --git a/ChangeLog b/ChangeLog index 259e4e5..077e8a4 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,13 @@ Changes in version 0.2.7.4-rc - 2015-10-21 on different platforms. If no further significant bounds are found, the next release will the the official stable release. + o Major bugfixes (security, correctness): + - Fix a programming error that could cause us to read 4 bytes before + the beginning of an openssl string. This could be used to provoke + a crash on systems with an unusual malloc implementation, or + systems with unsual hardening installed. Fixes bug 17404; bugfix + on 0.2.3.6-alpha. + o Major bugfixes (correctness): - Fix a use-after-free bug in validate_intro_point_failure(). Fixes bug 17401; bugfix on 0.2.7.3-rc. @@ -13,6 +20,8 @@ Changes in version 0.2.7.4-rc - 2015-10-21 17398; bugfix on 0.2.6.1-alpha. - Fix a memory leak in rend_cache_failure_entry_free(). Fixes bug 17402; bugfix on 0.2.7.3-rc. + - Fix a memory leak when reading an expired signing key from disk. + Fixes bug 17403; bugfix on 0.2.7.2-rc. o Minor features (geoIP): - Update geoip and geoip6 to the October 9 2015 Maxmind GeoLite2 @@ -51,6 +60,8 @@ Changes in version 0.2.7.4-rc - 2015-10-21 o Documentation: - Fix capitalization of SOCKS in sample torrc. Closes ticket 15609. + - Note that HiddenServicePorts can take a unix domain socket. Closes + ticket 17364. Changes in version 0.2.7.3-rc - 2015-09-25 diff --git a/changes/bug17364 b/changes/bug17364 deleted file mode 100644 index dd9ff12..0000000 --- a/changes/bug17364 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation: - - Note that HiddenServicePorts can take a unix domain socket. - Closes ticket 17364. diff --git a/changes/bug17403 b/changes/bug17403 deleted file mode 100644 index e83a4a2..0000000 --- a/changes/bug17403 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (memory leaks): - - Fix a memory leak when reading an expired signing key from disk. - Fixes bug 17403; bugfix on 0.2.7.2-rc. diff --git a/changes/bug17404 b/changes/bug17404 deleted file mode 100644 index d524f66..0000000 --- a/changes/bug17404 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (security, correctness): - - Fix a programming error that could cause us to read 4 bytes before - the beginning of an openssl string. This could be used to provoke - a crash on systems with an unusual malloc implementation, or - systems with unsual hardening installed. Fixes bug 17404; bugfix - on 0.2.3.6-alpha.

1 0

[tor/maint-0.3.0] Merge branch 'maint-0.2.7' into release-0.2.7
by nickm＠torproject.org 28 Feb '17

28 Feb '17

commit cd8a62a60cbafb61bed8b64e988dacf2b1444668 Merge: 3f3a753 7b859fd Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Oct 21 13:35:04 2015 -0400 Merge branch 'maint-0.2.7' into release-0.2.7 changes/bug17364 | 3 +++ changes/bug17403 | 3 +++ changes/bug17404 | 6 ++++++ doc/tor.1.txt | 4 ++-- src/common/tortls.c | 4 ++++ src/or/routerkeys.c | 2 ++ 6 files changed, 20 insertions(+), 2 deletions(-)

1 0

[tor/maint-0.3.0] start trying to write a blurb
by nickm＠torproject.org 28 Feb '17

28 Feb '17

commit 4dd7a55cf22caa56ef53609e2545002733803a56 Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue Nov 10 09:13:58 2015 -0500 start trying to write a blurb --- ReleaseNotes | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/ReleaseNotes b/ReleaseNotes index 029dd61..ef173af 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -3,8 +3,17 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file. -Changes in version 0.2.7.5- 2015-11-?? - XXXX WRITE A BLURB XXXX +Changes in version 0.2.7.5 - 2015-11-1? + Tor 0.2.7.5 is the first stable release in the Tor 0.2.7 series. + + The 0.2.7 series adds a more secure identity key type for relays, + improves cryptography performance, resolves several longstanding + hidden-service performance issues, improves controller support for + hidden services, and includes small bugfixes and performance + improvements throughout the program. This release series also + includes more tests than before, and significant simplifications + to which parts of Tor invoke which others. For a full list of + changes, see below. o New system requirements: - Tor no longer includes workarounds to support Libevent versions

1 0

[tor/maint-0.3.0] Merge branch 'maint-0.2.7' into release-0.2.7
by nickm＠torproject.org 28 Feb '17

28 Feb '17

commit b2a53e8ca910391a10451860a1aaf66b3c207f50 Merge: e0fa07c c6a3375 Author: Roger Dingledine <arma(a)torproject.org> Date: Thu Dec 10 04:12:10 2015 -0500 Merge branch 'maint-0.2.7' into release-0.2.7 changes/bug16056 | 4 + changes/bug16702 | 4 + changes/bug17551 | 4 + changes/bug17722 | 3 + changes/bug17772 | 7 + changes/bug17781 | 3 + changes/geoip-december2015 | 4 + configure.ac | 3 + src/config/geoip | 4547 ++++++++++++++++++++++++++++++++------------ src/config/geoip6 | 2580 +++++++++++++++++++++---- src/or/policies.c | 6 +- src/or/rendservice.c | 3 +- src/or/routerlist.c | 10 +- src/or/torcert.c | 6 +- 14 files changed, 5558 insertions(+), 1626 deletions(-)

1 0

[tor/maint-0.3.0] missing parenthesis
by nickm＠torproject.org 28 Feb '17

28 Feb '17

commit 47649a558de24961c6784f54dcde84debf8c5851 Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue Oct 20 16:41:28 2015 -0400 missing parenthesis --- ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 0a57f7d..ee3bd69 100644 --- a/ChangeLog +++ b/ChangeLog @@ -34,7 +34,7 @@ Changes in version 0.2.7.4-rc - 2015-10-20 - Make the get_ifaddrs_* unit tests more tolerant of different network configurations. (Don't assume every test box has an IPv4 address, and Don't assume every test box has a non-localhost - address. Fixes bug 17255; bugfix on 0.2.7.3-rc. Patch by "teor". + address.) Fixes bug 17255; bugfix on 0.2.7.3-rc. Patch by "teor". - Skip backtrace tests when backtrace support is not compiled in. Fixes part of bug 17151; bugfix on 0.2.7.1-alpha. Patch from Marcin Cieślak.

1 0

[tor/maint-0.3.0] Merge branch 'maint-0.2.5' into maint-0.2.6
by nickm＠torproject.org 28 Feb '17

28 Feb '17

commit ccdf0b319cf83bb7dde3b3c18044ee5ea99a60ac Merge: f7ed4a7 884b371 Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue Feb 28 10:25:51 2017 -0500 Merge branch 'maint-0.2.5' into maint-0.2.6 "ours" merge to avoid version bumps

1 0

[tor/maint-0.3.0] Bump the version to 0.2.7.6-dev again
by nickm＠torproject.org 28 Feb '17

28 Feb '17

commit 5b60bd84f258af4bcf6a993bce76ad382a99ec91 Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue Feb 7 09:59:54 2017 -0500 Bump the version to 0.2.7.6-dev again --- configure.ac | 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 6c72971..d37c34d 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson dnl Copyright (c) 2007-2015, The Tor Project, Inc. dnl See LICENSE for licensing information -AC_INIT([tor],[0.2.7.6]) +AC_INIT([tor],[0.2.7.6-dev]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) AM_INIT_AUTOMAKE diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 07cc315..08cef8d 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.7.6" +!define VERSION "0.2.7.6-dev" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/" !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index 822e261..8b687c8 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -232,7 +232,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.7.6" +#define VERSION "0.2.7.6-dev"

1 0

[tor/maint-0.3.0] tweak 0276 changelog; copy it into the releasenotes
by nickm＠torproject.org 28 Feb '17

28 Feb '17

commit 31b337d2b7825da5472158ea10422d8419b9207e Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Dec 10 10:44:52 2015 -0500 tweak 0276 changelog; copy it into the releasenotes --- ChangeLog | 2 +- ReleaseNotes | 35 +++++++++++++++++++++++++++++++++++ 2 files changed, 36 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 44e9586..64c86ff 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,7 +2,7 @@ Changes in version 0.2.7.6 - 2015-12-10 Tor version 0.2.7.6 fixes a major bug in entry guard selection, as well as a minor bug in hidden service reliability. - o Major bugfixes: + o Major bugfixes (guard selection): - Actually look at the Guard flag when selecting a new directory guard. When we implemented the directory guard design, we accidentally started treating all relays as if they have the Guard diff --git a/ReleaseNotes b/ReleaseNotes index a07b321..a399a21 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -2,6 +2,41 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file. +Changes in version 0.2.7.6 - 2015-12-10 + Tor version 0.2.7.6 fixes a major bug in entry guard selection, as + well as a minor bug in hidden service reliability. + + o Major bugfixes (guard selection): + - Actually look at the Guard flag when selecting a new directory + guard. When we implemented the directory guard design, we + accidentally started treating all relays as if they have the Guard + flag during guard selection, leading to weaker anonymity and worse + performance. Fixes bug 17222; bugfix on 0.2.4.8-alpha. Discovered + by Mohsen Imani. + + o Minor features (geoip): + - Update geoip and geoip6 to the December 1 2015 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation): + - When checking for net/pfvar.h, include netinet/in.h if possible. + This fixes transparent proxy detection on OpenBSD. Fixes bug + 17551; bugfix on 0.1.2.1-alpha. Patch from "rubiate". + - Fix a compilation warning with Clang 3.6: Do not check the + presence of an address which can never be NULL. Fixes bug 17781. + + o Minor bugfixes (correctness): + - When displaying an IPv6 exit policy, include the mask bits + correctly even when the number is greater than 31. Fixes bug + 16056; bugfix on 0.2.4.7-alpha. Patch from "gturner". + - The wrong list was used when looking up expired intro points in a + rend service object, causing what we think could be reachability + issues for hidden services, and triggering a BUG log. Fixes bug + 16702; bugfix on 0.2.7.2-alpha. + - Fix undefined behavior in the tor_cert_checksig function. Fixes + bug 17722; bugfix on 0.2.7.2-alpha. + + Changes in version 0.2.7.5 - 2015-11-20 The Tor 0.2.7 release series is dedicated to the memory of Tor user and privacy advocate Caspar Bowden (1961-2015). Caspar worked

1 0

[tor/maint-0.3.0] Revert "Revert "Add hidserv-stats filname to our sandbox filter""
by nickm＠torproject.org 28 Feb '17

28 Feb '17

commit 3f5a710958bfa2e6d1c2a6d78b0718514f2f7350 Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue Feb 7 10:13:20 2017 -0500 Revert "Revert "Add hidserv-stats filname to our sandbox filter"" This reverts commit 5446cb8d3d536e9bc737de6d9286bd4b4b185661. The underlying revert was done in 0.2.6, since we aren't backporting seccomp2 loosening fixes to 0.2.6. But the fix (for 17354) already went out in 0.2.7.4-rc, so we shouldn't revert it in 0.2.7. --- changes/bug17354 | 4 ++++ src/or/main.c | 1 + 2 files changed, 5 insertions(+) diff --git a/changes/bug17354 b/changes/bug17354 new file mode 100644 index 0000000..53da007 --- /dev/null +++ b/changes/bug17354 @@ -0,0 +1,4 @@ + o Minor bugfixes (sandbox): + - Add the "hidserv-stats" filename to our sandbox filter for the + HiddenServiceStatistics option to work properly. Fixes bug 17354; + bugfix on tor-0.2.6.2-alpha~54^2~1. Patch from David Goulet. diff --git a/src/or/main.c b/src/or/main.c index 693d13c..9b3dbb5 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -3200,6 +3200,7 @@ sandbox_init_filter(void) RENAME_SUFFIX2("stats", "exit-stats", ".tmp"); RENAME_SUFFIX2("stats", "buffer-stats", ".tmp"); RENAME_SUFFIX2("stats", "conn-stats", ".tmp"); + RENAME_SUFFIX2("stats", "hidserv-stats", ".tmp"); RENAME_SUFFIX("hashed-fingerprint", ".tmp"); RENAME_SUFFIX("router-stability", ".tmp");

1 0