commit 85a98b058c06c21b2e9b8dfa2f46671fc29a92e3 Author: Roger Dingledine arma@torproject.org Date: Tue Jun 5 12:05:31 2012 -0400
start folding in the changes files --- ChangeLog | 226 ++++++++++++++++++++++++++++++++++++++++ changes/bug1938 | 4 - changes/bug2297-related | 6 - changes/bug2822.1 | 5 - changes/bug2822.2 | 6 - changes/bug2954_more | 4 - changes/bug2988 | 10 -- changes/bug3196 | 7 -- changes/bug3296 | 5 - changes/bug3894_fmt_doubles | 4 - changes/bug3894_more | 4 - changes/bug3964 | 4 - changes/bug4108 | 4 - changes/bug4369 | 3 - changes/bug4591 | 6 - changes/bug4657 | 4 - changes/bug4710 | 5 - changes/bug4865 | 4 - changes/bug4873 | 3 - changes/bug5070 | 3 - changes/bug5089 | 5 - changes/bug5091 | 4 - changes/bug5095 | 4 - changes/bug5139 | 6 - changes/bug5259 | 3 - changes/bug5283 | 6 - changes/bug5346 | 8 -- changes/bug5355 | 4 - changes/bug5374 | 7 -- changes/bug5380 | 5 - changes/bug5437 | 3 - changes/bug5541 | 8 -- changes/bug5597 | 4 - changes/bug5603 | 9 -- changes/bug5604 | 4 - changes/bug5622 | 4 - changes/bug5645 | 5 - changes/bug5723 | 4 - changes/bug5760 | 3 - changes/bug5762 | 4 - changes/bug5786_nocrash | 7 -- changes/bug5786_nodups | 7 -- changes/bug5786_range | 8 -- changes/bug5796 | 4 - changes/bug5828 | 3 - changes/bug5858 | 4 - changes/bug5859 | 3 - changes/bug5861 | 4 - changes/bug5891 | 5 - changes/bug5910 | 4 - changes/bug5916 | 6 - changes/bug5954 | 5 - changes/bug5969 | 4 - changes/bug5969_022 | 7 -- changes/bug6007 | 5 - changes/bug6033 | 6 - changes/close_file_handle | 4 - changes/geoip-may2012 | 3 - changes/getfilesize_64 | 3 - changes/routerlist_ins_replace | 5 - 60 files changed, 226 insertions(+), 288 deletions(-)
diff --git a/ChangeLog b/ChangeLog index 3909b17..f762581 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,229 @@ +Changes in version 0.2.3.16-alpha - 2012-06-0? + o Major bugfixes (general): + - Work around a bug in OpenSSL that broke renegotiation with TLS + 1.1 and TLS 1.2. Without this workaround, all attempts to speak + the v2 Tor connection protocol when both sides were using OpenSSL + 1.0.1 would fail. Resolves ticket 6033. + - When waiting for a client to renegotiate, don't allow it to add + any bytes to the input buffer. This fixes a potential DoS issue. + Fixes bugs 5934 and 6007; bugfix on 0.2.0.20-rc. + - Pass correct OR address to managed proxies (like obfsproxy), + even when ORListenAddress is used. Fixes bug 4865; bugfix on + 0.2.3.9-alpha. + - The advertised platform of a router now includes only its operating + system's name (e.g., "Linux", "Darwin", "Windows 7"), and not its + service pack level (for Windows) or its CPU architecture (for Unix). + We also no longer include the "git-XYZ" tag in the version. Resolves + part of bug 2988. + + o Major bugfixes (clients): + - If we are unable to find any exit that supports our predicted ports, + stop calling them predicted, so that we don't loop and build + hopeless circuits indefinitely. Fixes bug 3296; bugfix on 0.0.9pre6, + which introduced predicted ports. + - Fix an edge case where if we fetch or publish a hidden service + descriptor, we might build a 4-hop circuit and then use that circuit + for exiting afterwards -- even if the new last hop doesn't obey our + ExitNodes config option. Fixes bug 5283; bugfix on 0.2.0.10-alpha. + - Check at each new consensus whether our entry guards were picked + long enough ago that we should rotate them. Previously, we only + did this check at startup, which could lead to us holding a guard + indefinitely. Fixes bug 5380; bugfix on 0.2.1.14-rc. + - When fetching a bridge descriptor from a bridge authority, + always do so anonymously, whether we have been able to open + circuits or not. Partial fix for bug 1938; bugfix on 2.0.7-alpha. + This behavior makes it *safer* to use UpdateBridgesFromAuthority, + but we'll need to wait for bug 6010 before it's actually usable. + + o Major bugfixes (directory authorities): + - When computing weight parameters, behave more robustly in the + presence of a bad bwweightscale value. Previously, the authorities + would crash if they agreed on a sufficiently broken weight_scale + value: now, they use a reasonable default and carry on. Partial + fix for 5786; bugfix on 0.2.2.17-alpha. + - Check more thoroughly to prevent a rogue authority from + double-voting on any consensus directory parameter. Previously, + authorities would crash in this case if the total number of + votes for any parameter exceeded the number of active voters, + but would let it pass otherwise. Partial fix for bug 5786; bugfix + on 0.2.2.2-alpha. + + o Minor features: + - Rate-limit log messages when asked to connect anonymously to + a private address. When these hit, they tended to hit fast and + often. Also, don't bother trying to connect to addresses that we + are sure will resolve to 127.0.0.1: getting 127.0.0.1 in a directory + reply makes us think we have been lied to, even when the address the + client tried to connect to was "localhost." Resolves ticket 2822. + - Allow packagers to insert an extra string in server descriptor + platform lines by setting the preprocessor variable TOR_BUILD_TAG. + Resolves the rest of ticket 2988. + - Raise the threshold of server descriptors needed (75%) and exit + server descriptors needed (50%) before we will declare ourselves + bootstrapped. This will make clients start building circuits a + little later, but makes the initially constructed circuits less + skewed and less in conflict with further directory fetches. Fixes + ticket 3196. + - Close any connection that sends unrecognized junk before the + handshake. Solves an issue noted in bug 4369. + - Improve log messages about managed transports. Resolves ticket 5070. + - Tag a bridge's descriptor as "never to be sent unencrypted". + This shouldn't matter, since bridges don't open non-anonymous + connections to the bridge authority and don't allow unencrypted + directory connections from clients, but we might as well make + sure. Closes bug 5139. + - Expose our view of whether we have gone dormant to the controller, + via a new "GETINFO dormant" value. Torbutton and other controllers + can use this to avoid doing periodic requests through Tor while + it's dormant (bug 4718). Fixes bug 5954. + - Tell GCC and Clang to check for any errors in format strings passed + to the tor_v*(print|scan)f functions. + - Update to the May 1 2012 Maxmind GeoLite Country database. + + o Minor bugfixes (already included in 0.2.2.36): + - Reject out-of-range times like 23:59:61 in parse_rfc1123_time(). + Fixes bug 5346; bugfix on 0.0.8pre3. + - Correct parsing of certain date types in parse_http_time(). + Without this patch, If-Modified-Since would behave + incorrectly. Fixes bug 5346; bugfix on 0.2.0.2-alpha. Patch from + Esteban Manchado Velázques. + - Make our number-parsing functions always treat too-large values + as an error, even when those values exceed the width of the + underlying type. Previously, if the caller provided these + functions with minima or maxima set to the extreme values of the + underlying integer type, these functions would return those + values on overflow rather than treating overflow as an error. + Fixes part of bug 5786; bugfix on 0.0.9. + - If we hit the error case where routerlist_insert() replaces an + existing (old) server descriptor, make sure to remove that + server descriptor from the old_routers list. Fix related to bug + 1776. Bugfix on 0.2.2.18-alpha. + - Clarify the behavior of MaxCircuitDirtiness with hidden service + circuits. Fixes issue 5259. + + o Minor bugfixes (coding cleanup, on 0.2.2.x and earlier): + - Prevent a null-pointer dereference when receiving a data cell + for a nonexistent stream when the circuit in question has an + empty deliver window. We don't believe this is triggerable, + since we don't currently allow deliver windows to become empty, + but the logic is tricky enough that it's better to make the code + robust. Fixes bug 5541; bugfix on 0.0.2pre14. + - Fix a memory leak when trying to launch a DNS request when the + network is disabled or the nameservers are unconfigurable. Fixes + bug 5916; bugfix on Tor 0.1.2.1-alpha (for the unconfigurable + nameserver case) and on 0.2.3.9-alpha (for the DisableNetwork case). + - Don't hold a windows file handle open for every file mapping; + the file mapping handle is sufficient. Fixes bug 5951; bugfix on + 0.1.2.1-alpha. + - Avoid O(n^2) performance characteristics when parsing a large + extrainfo cache. Fixes bug 5828; bugfix on 0.2.0.1-alpha. + - Format more doubles with %f, not %lf. Patch from grarpamp to make + Tor build correctly on older BSDs again. Fixes bug 3894; bugfix on + Tor 0.2.0.8-alpha. + - Make our replacement implementation of strtok_r() compatible with + the standard behavior of strtok_r(). Patch by nils. Fixes bug 5091; + bugfix on 0.2.2.1-alpha. + - Fix a NULL-pointer dereference on a badly formed + SETCIRCUITPURPOSE command. Found by mikeyc. Fixes bug 5796; + bugfix on 0.2.2.9-alpha. + - Fix a build warning with Clang 3.1 related to our use of vasprint. + Fixes bug 5969. Bugfix on 0.2.2.11-alpha. + - Defensively refactor rend_mid_rendezvous() so that protocol + violations and length checks happen in the beginning. Fixes + bug 5645. + - Set _WIN32_WINNT to 0x0501 consistently throughout the code, so + that IPv6 stuff will compile on MSVC, and compilation issues + will be easier to track down. Fixes bug 5861. + + o Minor bugfixes (correctness, on 0.2.2.x and earlier): + - Exit nodes now correctly report EADDRINUSE and EADDRNOTAVAIL as + resource exhaustion, so that clients can adjust their load to + try other exits. Fixes bug 4710; bugfix on 0.1.0.1-rc, which + started using END_STREAM_REASON_RESOURCELIMIT. + - Don't check for whether the address we're using for outbound + connections has changed until after the outbound connection has + completed. On Windows, getsockname() doesn't succeed until the + connection is finished. Fixes bug 5374; bugfix on 0.1.1.14-alpha. + - If the configuration tries to set MyFamily on a bridge, refuse to + do so, and warn about the security implications. Fixes bug 4657; + bugfix on 0.2.0.3-alpha. + - If the client fails to set a reasonable set of ciphersuites + during its v2 handshake renegotiation, allow the renegotiation to + continue nevertheless (i.e. send all the required certificates). + Fixes bug 4591; bugfix on 0.2.0.20-rc. + - When we receive a SIGHUP and the controller __ReloadTorrcOnSIGHUP + option is set to 0 (which Vidalia version 0.2.16 now does when + a SAVECONF attempt fails), perform other actions that SIGHUP + usually causes (like reopening the logs). Fixes bug 5095; bugfix + on 0.2.1.9-alpha. + - If we fail to write a microdescriptor to the disk cache, do not + continue replacing the old microdescriptor file. Fixes bug 2954; + bugfix on 0.2.2.6-alpha. + - Exit nodes don't need to fetch certificates for authorities that + they don't recognize; only directory authorities, bridges, + and caches need to do that. Fixes part of bug 2297; bugfix on + 0.2.2.11-alpha. + - Correctly handle checking the permissions on the parent + directory of a control socket in the root directory. Bug found + by Esteban Manchado Velázquez. Fixes bug 5089; bugfix on Tor + 0.2.2.26-beta. + - When told to add a bridge with the same digest as a preexisting + bridge but a different addr:port, change the addr:port as + requested. Previously we would not notice the change. Fixes half + of bug 5603; fix on 0.2.2.26-beta. + - End AUTHCHALLENGE error messages (in the control protocol) with + a CRLF. Fixes bug 5760; bugfix on 0.2.2.36 and 0.2.3.13-alpha. + + o Minor bugfixes (on 0.2.3.x): + - Turn an assertion (that the number of handshakes received as a + server is not < 1) into a warning. Fixes bug 4873; bugfix on + 0.2.3.1-alpha. + - Format IPv4 addresses correctly in ADDRMAP events. (Previously, + we had reversed them when the answer was cached.) Fixes bug + 5723; bugfix on 0.2.3.1-alpha. + - Work correctly on Linux systems with accept4 support advertised in + their headers, but without accept4 support in the kernel. Fix + by murb. Fixes bug 5762; bugfix on 0.2.3.1-alpha. + - When told to add a bridge with the same addr:port as a preexisting + bridge but a different transport, change the transport as + requested. Previously we would not notice the change. Fixes half + of bug 5603; fix on 0.2.3.2-alpha. + - Avoid a "double-reply" warning when replying to a SOCKS request + with a parse error. Patch from Fabian Keil. Fixes bug 4108; + bugfix on 0.2.3.4-alpha. + - Fix a bug where a bridge authority crashes if it has seen no + directory requests when it's time to write statistics to disk. + Fixes bug 5891; bugfix on 0.2.3.6-alpha. Also fixes bug 5508 in + a better way. + - Don't try to open non-control listeners when DisableNetwork is set. + Previousy, we'd open all listeners, then immediately close them. + Fixes bug 5604; bugfix on 0.2.3.9-alpha. + - Don't abort the managed proxy protocol if the managed proxy + sends us an unrecognized line; ignore it instead. Fixes bug + 5910; bugfix on 0.2.3.9-alpha. + - Fix a compile warning in crypto.c when compiling with clang 3.1. + Fixes bug 5969, bugfix on 0.2.3.9-alpha. + - Fix a compilation issue on GNU Hurd, which doesn't have PATH_MAX. + Fixes bug 5355; bugfix on 0.2.3.11-alpha. + - Remove bogus definition of "_WIN32" from src/win32/orconfig.h, to + unbreak the MSVC build. Fies bug 5858; bugfix on 0.2.3.12-alpha. + - Resolve numerous small warnings and build issues with MSVC. Resolves + bug 5859. + + o Documentation fixes: + - Improve the manual's documentation for the NT Service command-line + options. Addresses ticket 3964. + - Clarify SessionGroup documentation slightly; resolves ticket 5437. + - Document the changes to the ORPort and DirPort options, and the + fact that {OR/Dir}ListenAddress is now unnecessary (and + therefore deprecated). Resolves ticket 5597. + + o Removed files: + - Remove the torrc.bridge file: we don't use it for anything, and + it had become badly desynchronized from torrc.sample. Resolves + bug 5622. + + Changes in version 0.2.2.36 - 2012-05-24 Tor 0.2.2.36 updates the addresses for two of the eight directory authorities, fixes some potential anonymity and security issues, diff --git a/changes/bug1938 b/changes/bug1938 deleted file mode 100644 index 13d2a37..0000000 --- a/changes/bug1938 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - When fetching a bridge descriptor from a bridge authority, - always do so anonymously, whether we have been able to open - circuits or not. Partial fix for bug 1938; bugfix on 2.0.7-alpha. diff --git a/changes/bug2297-related b/changes/bug2297-related deleted file mode 100644 index 3d9af11..0000000 --- a/changes/bug2297-related +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - Exit nodes don't need to fetch certificates for authorities that - they don't recognize; only directory authorities, bridges, and - caches need to do that. Fix related to bug 2297; bugfix on - 0.2.2.11-alpha. - diff --git a/changes/bug2822.1 b/changes/bug2822.1 deleted file mode 100644 index 9c4016d..0000000 --- a/changes/bug2822.1 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - - Rate-limit log messages when asked to connect anonymously to a private - address. When these hit, they tended to hit fast and often. Partial - fix for bug 2822. diff --git a/changes/bug2822.2 b/changes/bug2822.2 deleted file mode 100644 index 373741c..0000000 --- a/changes/bug2822.2 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features: - - - Don't bother trying to connect to addresses that we are sure will - resolve to 127.0.0.1: Getting 127.0.0.1 in a reply makes us think - we have been lied to, even when the address the client tried to - connect to was "localhost." Partial fix for bug 2822. diff --git a/changes/bug2954_more b/changes/bug2954_more deleted file mode 100644 index 68fdf13..0000000 --- a/changes/bug2954_more +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - If we fail to write a microdescriptor to disk, do not continue - replacing the old microdescriptor file. Fix for bug 2954; bugfix - on 0.2.2.6-alpha. diff --git a/changes/bug2988 b/changes/bug2988 deleted file mode 100644 index aa141e8..0000000 --- a/changes/bug2988 +++ /dev/null @@ -1,10 +0,0 @@ - o Minor features: - - The advertised platform of a router now includes only its - operating system's name (e.g., "Linux", "Darwin", "Windows 7"), - and not its service pack level (for Windows), or its CPU - architecture (for Unix). This is part of ticket 2988. - - Do not include the (git-XYZ) tag in published server descriptor - platform lines. This is part of ticket 2988. - - Allow packagers to insert an extra string in server descriptor - platform lines by setting the preprocessor variable TOR_BUILD_TAG. - This is part of ticket 2988. diff --git a/changes/bug3196 b/changes/bug3196 deleted file mode 100644 index 9321022..0000000 --- a/changes/bug3196 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor features: - - Raise the threshold of server descriptors needed (75%) and exit - server descriptors needed (50%) before we will declare ourselves - bootstrapped. This will make clients declare completion a little - later, but makes the initially constructed circuits less weird - and less in conflict with directory connections. Fixes ticket - #3196. diff --git a/changes/bug3296 b/changes/bug3296 deleted file mode 100644 index 31c9eac..0000000 --- a/changes/bug3296 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - If we are unable to find any exit that supports our predicted - ports, stop calling them predicted, so that we don't loop and - build hopeless circuits indefinitely. Fix for bug 3296; bugfix - on 0.0.9pre6, which introduced predicted ports. diff --git a/changes/bug3894_fmt_doubles b/changes/bug3894_fmt_doubles deleted file mode 100644 index 0cd0aa2..0000000 --- a/changes/bug3894_fmt_doubles +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Format more doubles with %f, not %lf. Patch from grarpamp to make - Tor build correctly on older BSDs again. Fixes bug 3894; bugfix on - Tor 0.2.0.8-alpha. diff --git a/changes/bug3894_more b/changes/bug3894_more deleted file mode 100644 index 4c2220a..0000000 --- a/changes/bug3894_more +++ /dev/null @@ -1,4 +0,0 @@ - o Build fixes: - - Clean up some code issues that prevented Tor from building on older - BSDs. Fixes bug 3894; reported by grarpamp. - diff --git a/changes/bug3964 b/changes/bug3964 deleted file mode 100644 index 34cad50..0000000 --- a/changes/bug3964 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation fixes: - - Improve the manual's documentation for the NT Service command-line - options. Addresses bug 3964. - diff --git a/changes/bug4108 b/changes/bug4108 deleted file mode 100644 index 6ef451a..0000000 --- a/changes/bug4108 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Avoid a "double-reply" warning when replying to a SOCKS request - with a parse error. Patch from Fabian Keil. Fix for bug 4108; - bugfix on 0.2.3.4-alpha. diff --git a/changes/bug4369 b/changes/bug4369 deleted file mode 100644 index c444102..0000000 --- a/changes/bug4369 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Close any connection that sends unrecognized junk before the - handshake. Solves an issue noted in bug 4369. diff --git a/changes/bug4591 b/changes/bug4591 deleted file mode 100644 index 59b25a5..0000000 --- a/changes/bug4591 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - If the client fails to set a reasonable set of ciphersuites - during its v2 handshake renegotiation, allow the renegotiation - to continue nevertheless (i.e., send all the required - certificates). Fix for bug 4591; bugfix on 0.2.0.20-rc. - diff --git a/changes/bug4657 b/changes/bug4657 deleted file mode 100644 index 4d9dd7d..0000000 --- a/changes/bug4657 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - If the configuration tries to set MyFamily on a bridge, refuse to - do so, and warn about the security implications. Fix for bug 4657; - bugfix on 0.2.0.3-alpha. diff --git a/changes/bug4710 b/changes/bug4710 deleted file mode 100644 index 7f94b4d..0000000 --- a/changes/bug4710 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Exit nodes now correcly report EADDRINUSE and EADDRNOTAVAIL as - resource exhaustion, so that clients can adjust their load to - try other exits. Fix for bug 4710; bugfix on 0.1.0.1-rc, which - started using END_STREAM_REASON_RESOURCELIMIT. diff --git a/changes/bug4865 b/changes/bug4865 deleted file mode 100644 index e165c41..0000000 --- a/changes/bug4865 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes: - - Pass correct OR address to managed proxies, even when - ORListenAddress is used. Fixes bug #4865; bugfix on - 0.2.3.9-alpha. diff --git a/changes/bug4873 b/changes/bug4873 deleted file mode 100644 index 6c999cc..0000000 --- a/changes/bug4873 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes: - - Turn an assertion (that the number of handshakes received as a - server is not < 1) into a warning. Bug 4873. diff --git a/changes/bug5070 b/changes/bug5070 deleted file mode 100644 index 0b8d00a..0000000 --- a/changes/bug5070 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Improve log messages about managed transports. Resolves ticket - 5070. diff --git a/changes/bug5089 b/changes/bug5089 deleted file mode 100644 index 2062885..0000000 --- a/changes/bug5089 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Correctly handle checking the permissions on the parent - directory of a control socket in the root directory. Bug found - by Esteban Manchado Velázquez. Fix for bug 5089; bugfix on Tor - 0.2.2.26-beta. diff --git a/changes/bug5091 b/changes/bug5091 deleted file mode 100644 index b9778d7..0000000 --- a/changes/bug5091 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Make our replacement implementation of strtok_r compatible with - the standard behavior of strtok_r. Patch by nils. Fixes bug - 5091; bugfix on 0.2.2.1-alpha. diff --git a/changes/bug5095 b/changes/bug5095 deleted file mode 100644 index 81801ec..0000000 --- a/changes/bug5095 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - When we receive a SIGHUP and the controller-use __ReloadTorrcOnSIGHUP - option is set to 0, perform other actions that SIGHUP usually causes - (like reopening the logs). Fixes bug 5095; bugfix on 0.2.1.9-alpha. diff --git a/changes/bug5139 b/changes/bug5139 deleted file mode 100644 index 5cebc76..0000000 --- a/changes/bug5139 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (bridges): - - Tag a bridge's descriptor as "never to be sent - unencrypted". This shouldn't matter, since bridges don't open - non-anonymous connections to the bridge authority and don't - allow unencrypted directory connections from clients, but we - might as well make sure. Closes bug 5139. diff --git a/changes/bug5259 b/changes/bug5259 deleted file mode 100644 index bdada58..0000000 --- a/changes/bug5259 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation fixes: - - Clarify the behavior of MaxCircuitDirtiness with hidden service - circuits. Fix for issue 5259. diff --git a/changes/bug5283 b/changes/bug5283 deleted file mode 100644 index f0325cf..0000000 --- a/changes/bug5283 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - Fix an edge case where if we fetch or publish a hidden service - descriptor, we might build a 4-hop circuit and then use that circuit - for exiting afterwards -- even if the new last hop doesn't obey our - ExitNodes config option. Fixes bug 5283; bugfix on 0.2.0.10-alpha. - diff --git a/changes/bug5346 b/changes/bug5346 deleted file mode 100644 index 3d21f90..0000000 --- a/changes/bug5346 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes: - - Correct parsing of certain date types in parse_http_time(). - Without this patch, If-Modified-Since would behave - incorrectly. Fix for bug 5346; bugfix on 0.2.0.2-alpha. Patch from - Esteban Manchado Velázques. - - Reject out-of-range times like 23:59:61. Fix for bug 5346; - bugfix on 0.0.8pre3. - diff --git a/changes/bug5355 b/changes/bug5355 deleted file mode 100644 index f850fe1..0000000 --- a/changes/bug5355 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes: - - Fix a compilation issue on GNU Hurd, which doesn't have PATH_MAX. Fixes - bug 5355; bugfix on 0.2.3.11-alpha. - diff --git a/changes/bug5374 b/changes/bug5374 deleted file mode 100644 index 926a074..0000000 --- a/changes/bug5374 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes: - - - Don't check for whether the address we're using for outbound - connections has changed until after the outbound connection has - completed. On Windows, getsockname() doesn't succeed until the - connection is finished. Fix for bug 5374; bugfix on - 0.1.1.14-alpha. diff --git a/changes/bug5380 b/changes/bug5380 deleted file mode 100644 index 4bb17bc..0000000 --- a/changes/bug5380 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Check our entry guards for having been picked too long ago when - we get a new consensus. (Previously, we only did this check at - startup, which could lead to us holding a guard indefinitely, - and give weird results.) Fixes bug 5380; bugfix on 0.2.1.14-rc. diff --git a/changes/bug5437 b/changes/bug5437 deleted file mode 100644 index 3f9e96d..0000000 --- a/changes/bug5437 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation fixes: - - Clarify SessionGroup documentation slightly; resolves bug 5437. - diff --git a/changes/bug5541 b/changes/bug5541 deleted file mode 100644 index 3cf0692..0000000 --- a/changes/bug5541 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes: - - Prevent a null-pointer dereference when receiving a data cell - for a nonexistent stream when the circuit in question has an - empty deliver window. We don't believe this is triggerable, - since we don't currently allow deliver windows to become empty, - but the logic is tricky enough that it's better to make the code - robust. Fixes bug 5541; bugfix on 0.0.2pre14. - diff --git a/changes/bug5597 b/changes/bug5597 deleted file mode 100644 index 90a80a6..0000000 --- a/changes/bug5597 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Document the changes to the ORPort and DirPort options, and the - fact that {OR/Dir}ListenAddress is now unnecessary (and - therefore deprecated). diff --git a/changes/bug5603 b/changes/bug5603 deleted file mode 100644 index 97f8988..0000000 --- a/changes/bug5603 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes: - - When told to add a bridge with the same addr:port as a - preexisting bridge but a different transport, change the - transport as requested. Previously we would not notice the - change. Fix for bug 5603; fix on 0.2.3.2-alpha. - - When told to add a bridge with the same digest as a - preexisting bridge but a different addr:port, change the - addr:port as requested. Previously we would not notice the - change. Fix for bug 5603; fix on 0.2.2.26-beta. diff --git a/changes/bug5604 b/changes/bug5604 deleted file mode 100644 index 4c72f3c..0000000 --- a/changes/bug5604 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Don't try to open non-control listeners when DisableNetwork is set. - Previousy, we'd open all listeners, then immediately close them. - Fixes bug 5604; bugfix on 0.2.3.9-alpha. diff --git a/changes/bug5622 b/changes/bug5622 deleted file mode 100644 index 82b8e76..0000000 --- a/changes/bug5622 +++ /dev/null @@ -1,4 +0,0 @@ - o Removed files: - - Remove the torrc.bridge file: we don't use it for anything, and - it had become badly desynchronized from torrc.sample. Resolves - bug 5622. \ No newline at end of file diff --git a/changes/bug5645 b/changes/bug5645 deleted file mode 100644 index 0abd3b1..0000000 --- a/changes/bug5645 +++ /dev/null @@ -1,5 +0,0 @@ - o Code refactoring: - - Defensively refactor rend_mid_rendezvous() so that protocol - violations and length checks happen in the beginning. Fixes bug - 5645. - diff --git a/changes/bug5723 b/changes/bug5723 deleted file mode 100644 index 7f0dcb8..0000000 --- a/changes/bug5723 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Format IPv4 addresses correctly in ADDRMAP events. (Previously, - we had reversed them when the answer was cached.) Fixes bug - 5723; bugfix on 0.2.3.1-alpha. diff --git a/changes/bug5760 b/changes/bug5760 deleted file mode 100644 index a26407b..0000000 --- a/changes/bug5760 +++ /dev/null @@ -1,3 +0,0 @@ - o Major bugfixes: - - End AUTHCHALLENGE error response messages with a CRLF. Fixes bug 5760; - bugfix on 0.2.3.16-alpha, and backported to maint-0.2.2 diff --git a/changes/bug5762 b/changes/bug5762 deleted file mode 100644 index a91f4df..0000000 --- a/changes/bug5762 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Work correctly on Linux systems with accept4 support advertised in - their headers, but without accept4 support in the kernel. Fix - by murb. Fixes bug 5762; bugfix on 0.2.3.1-alpha. diff --git a/changes/bug5786_nocrash b/changes/bug5786_nocrash deleted file mode 100644 index ec6c5d8..0000000 --- a/changes/bug5786_nocrash +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (directory authorties): - - When computing weight parameters, behave more robustly in the - presence of a bad bwweightscale value. Previously, the - authorities would crash if they agreed on a sufficiently browken - weight_scale value: now, they use a reasonable default and carry - on. Partial fix for 5786; bugfix on 0.2.2.17-alpha. - diff --git a/changes/bug5786_nodups b/changes/bug5786_nodups deleted file mode 100644 index 795b668..0000000 --- a/changes/bug5786_nodups +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (directory authority): - - Check more thoroughly to prevent a rogue authority from - double-voting on any consensus directory parameter. Previously, - authorities would crash in this case if the total number of votes - for any parameter exceeded the number of active voters, but would - let it pass otherwise. Partial fix for bug 5786; bugfix on - 0.2.2.2-alpha. diff --git a/changes/bug5786_range b/changes/bug5786_range deleted file mode 100644 index 40ac4d2..0000000 --- a/changes/bug5786_range +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes: - - Make our number-parsing functions always treat too-large values - as an error, even when those values exceed the width of the - underlying type. Previously, if the caller provided these - functions with minima or maxima set to the extreme values of the - underlying integer type, these functions would return those - values on overflow rather than treating overflow as an error. - Fix for part of bug 5786; bugfix on Tor 0.0.9. \ No newline at end of file diff --git a/changes/bug5796 b/changes/bug5796 deleted file mode 100644 index b92659f..0000000 --- a/changes/bug5796 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (controller): - - Fix a NULL-pointer derefernce on a badly formed - SETCIRCUITPURPOSE command. Found by mikeyc. Fixes bug 5796; - bugfix on 0.2.2.9-alpha. diff --git a/changes/bug5828 b/changes/bug5828 deleted file mode 100644 index 3a1734d..0000000 --- a/changes/bug5828 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (performance): - - Avoid O(n^2) performance characteristics when parsing a large - extrainfo cache. Fixes bug 5828; bugfix on 0.2.0.1-alpha. diff --git a/changes/bug5858 b/changes/bug5858 deleted file mode 100644 index aa1e8bb..0000000 --- a/changes/bug5858 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Remove bogus definition of "_WIN32" from src/win32/orconfig.h, to - unbreak the MSVC build. Fies bug 5858; bugfix on 0.2.3.12-alpha. - diff --git a/changes/bug5859 b/changes/bug5859 deleted file mode 100644 index 1720175..0000000 --- a/changes/bug5859 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes: - - Resolve numerous small warnings and build issues with MSVC. Resolves - bug 5859. diff --git a/changes/bug5861 b/changes/bug5861 deleted file mode 100644 index 74a1dfb..0000000 --- a/changes/bug5861 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Set _WIN32_WINNT to 0x0501 consistently throughout the code, so - that IPv6 stuff will compile on MSVC, and compilation issues - will be easier to track down. Fix for bug 5861. diff --git a/changes/bug5891 b/changes/bug5891 deleted file mode 100644 index 1539df3..0000000 --- a/changes/bug5891 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Fix a bug where a bridge authority crashes if it has seen no - directory requests when it's time to write statistics to disk. - Fixes bug 5891. Also fixes bug 5508 in a better way. - diff --git a/changes/bug5910 b/changes/bug5910 deleted file mode 100644 index 712ed55..0000000 --- a/changes/bug5910 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Don't abort the managed proxy protocol if the managed proxy - sends us an unrecognized line; ignore it instead. Fixes bug - 5910; bugfix on 0.2.3.9-alpha. diff --git a/changes/bug5916 b/changes/bug5916 deleted file mode 100644 index b099c26..0000000 --- a/changes/bug5916 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - Fix a memory leak when trying to launch a DNS request when the - network is disabled or the nameservers are unconfigurable. Fix - for bug 5916; bugfix on Tor 0.1.2.1-alpha (for the - unconfigurable nameserver case) and on 0.2.3.9-alpha (for the - DisableNetwork case). diff --git a/changes/bug5954 b/changes/bug5954 deleted file mode 100644 index 28c5a9c..0000000 --- a/changes/bug5954 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (controller): - - Expose our view of whether we have gone dormant to the - controller, via a new "GETINFO dormant" value. Due to bug 4718, - torbutton needs this to avoid excessive version checking. Fixes - bug 5954. diff --git a/changes/bug5969 b/changes/bug5969 deleted file mode 100644 index 477d3dd..0000000 --- a/changes/bug5969 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Fix a compile warning in crypto.c when compiling with clang 3.1. - Fixes bug 5969, bugfix on 0.2.3.9-alpha. - diff --git a/changes/bug5969_022 b/changes/bug5969_022 deleted file mode 100644 index 57c8744..0000000 --- a/changes/bug5969_022 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes - - Fix a build warning with Clang 3.1 related to our use of vasprint. - Fix for bug 5969. Bugfix on 0.2.2.11-alpha. - - o Compilation improvements: - - Tell GCC and Clang to check for any errors in format strings passed - to the tor_v*(print|scan)f functions. diff --git a/changes/bug6007 b/changes/bug6007 deleted file mode 100644 index 4e81575..0000000 --- a/changes/bug6007 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (security): - - When waiting for a client to renegotiate, don't allow it to add - any bytes to the input buffer. This fixes a DoS issue. Fix for - bugs 6007 and 5934; bugfix on 0.2.0.20-rc. - diff --git a/changes/bug6033 b/changes/bug6033 deleted file mode 100644 index 56cffd6..0000000 --- a/changes/bug6033 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - Work around a bug in OpenSSL that broke renegotiation with - TLS 1.1 and TLS 1.2. Without this workaround, all attempts - to speak the v2 Tor network protocol when both sides were - using OpenSSL 1.0.1 would fail. Fix for bug 6033, which is - not a bug in Tor. diff --git a/changes/close_file_handle b/changes/close_file_handle deleted file mode 100644 index 128ef81..0000000 --- a/changes/close_file_handle +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Don't hold a windows file handle open for every file mapping; - the file mapping handle is sufficient. Fix for bug 5951; bugfix on - 0.1.2.1-alpha. diff --git a/changes/geoip-may2012 b/changes/geoip-may2012 deleted file mode 100644 index 1575ece..0000000 --- a/changes/geoip-may2012 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the May 1 2012 Maxmind GeoLite Country database. - diff --git a/changes/getfilesize_64 b/changes/getfilesize_64 deleted file mode 100644 index abcdab6..0000000 --- a/changes/getfilesize_64 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes: - - On Windows, correctly detect errors and large file sizes from - GetFileSize. Fixes bug 5957; bugfix on Tor 0.1.2.1-alpha. diff --git a/changes/routerlist_ins_replace b/changes/routerlist_ins_replace deleted file mode 100644 index 7b442a2..0000000 --- a/changes/routerlist_ins_replace +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - If we hit the error case where routerlist_insert() replaces an - existing (old) server descriptor, make sure to remove that - server descriptor from the old_routers list. Fix related to bug - 1776. Bugfix on 0.2.2.18-alpha.