This is an automated email from the git hooks/post-receive script.
dgoulet pushed a commit to branch main in repository tor.
commit 8b46d1c6ca20b8c99b979569c7432a97d8fc20a1 Author: Tor CI Release no-email@torproject.org AuthorDate: Thu Jun 1 13:36:17 2023 +0000
release: ChangeLog for 0.4.8.1-alpha --- ChangeLog | 171 ++++++++++++++++++++++++++++++++++++++++ changes/aarch64_sandbox | 5 -- changes/bsd_libc | 3 - changes/bug40431 | 4 - changes/bug40523 | 4 - changes/bug40563 | 8 -- changes/bug40603 | 5 -- changes/bug40612 | 5 -- changes/bug40619 | 3 - changes/bug40620 | 3 - changes/bug40626 | 6 -- changes/bug40639 | 5 -- changes/bug40642 | 9 --- changes/bug40644 | 8 -- changes/bug40645 | 5 -- changes/bug40673 | 7 -- changes/bug40684 | 6 -- changes/bug40698 | 11 --- changes/bug40732 | 7 -- changes/bug40751 | 3 - changes/fallbackdirs-2022-08-11 | 2 - changes/fallbackdirs-2022-11-10 | 2 - changes/fallbackdirs-2022-12-06 | 2 - changes/fallbackdirs-2023-01-12 | 2 - changes/fallbackdirs-2023-06-01 | 2 - changes/faster_tests | 3 - changes/geoip-2022-08-11 | 3 - changes/geoip-2022-08-12 | 5 -- changes/geoip-2022-11-10 | 3 - changes/geoip-2022-12-06 | 3 - changes/geoip-2023-01-12 | 3 - changes/geoip-2023-06-01 | 3 - changes/ip_bind_address_no_port | 5 -- changes/issue40597 | 4 - changes/issue40613 | 3 - changes/issue40630 | 3 - changes/log-quotes | 3 - changes/prop275 | 12 --- changes/ticket33669 | 3 - changes/ticket40194 | 9 --- changes/ticket40437 | 4 - changes/ticket40546 | 3 - changes/ticket40593 | 16 ---- changes/ticket40596 | 4 - changes/ticket40601 | 4 - changes/ticket40604 | 5 -- changes/ticket40623 | 4 - changes/ticket40634 | 3 - changes/ticket40647 | 4 - changes/ticket40648 | 3 - changes/ticket40649 | 4 - changes/ticket40652 | 10 --- changes/ticket40663 | 3 - changes/ticket40664 | 3 - changes/ticket40674 | 3 - changes/ticket40680 | 6 -- changes/ticket40683 | 6 -- changes/ticket40687 | 2 - changes/ticket40688 | 3 - changes/ticket40691 | 3 - changes/ticket40692 | 3 - changes/ticket40694 | 5 -- changes/ticket40696 | 3 - changes/ticket40703 | 4 - changes/ticket40704 | 6 -- changes/ticket40705 | 7 -- changes/ticket40708 | 3 - changes/ticket40713 | 4 - changes/ticket40719 | 3 - changes/ticket40722 | 5 -- changes/ticket40724 | 3 - changes/ticket40727 | 3 - changes/ticket40729 | 3 - changes/ticket40730 | 5 -- changes/ticket40741 | 2 - changes/ticket40745 | 3 - changes/ticket40753 | 5 -- changes/ticket40755 | 3 - changes/ticket40757 | 8 -- changes/ticket40758 | 3 - changes/ticket40760 | 3 - changes/ticket40785 | 4 - changes/ticket40797 | 4 - changes/ticket40799 | 6 -- 84 files changed, 171 insertions(+), 373 deletions(-)
diff --git a/ChangeLog b/ChangeLog index 840ff931de..43ea76f548 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,174 @@ +Changes in version 0.4.8.1-alpha - 2023-06-01 + This is the first alpha of the 0.4.8.x series. Two major features in this + version which are Conflux and onion service Proof-of-Work (PoW). There are + also many small features in particular, worth noting, the MetricsPort is now + exporting more relay and onion service metrics. Finally, there are + also numerous minor bugfixes included in this version. + + o Major features (onion service, proof-of-work): + - Implement proposal 327 (Proof-Of-Work). This is aimed at thwarting + introduction flooding DoS attacks by introducing a dynamic Proof-Of-Work + protocol that occurs over introduction circuits. This introduces several + torrc options prefixed with "HiddenServicePoW" in order to control this + feature. By default, this is disabled. Closes ticket 40634. + + o Major features (conflux): + - Implement Proposal 329 (conflux traffic splitting). Conflux splits + traffic across two circuits to Exits that support the protocol. + These circuits are pre-built only, which means that if the pre- + built conflux pool runs out, regular circuits will then be used. + When using conflux circuit pairs, clients choose the lower-latency + circuit to send data to the Exit. When the Exit sends data to the + client, it maximizes throughput, by fully utilizing both circuits + in a multiplexed fashion. Alternatively, clients can request that + the Exit optimize for latency when transmitting to them, by + setting the torrc option 'ConfluxClientUX latency'. Onion services + are not currently supported, but will be in arti. Many other + future optimizations will also be possible using this protocol. + Closes ticket 40593. + + o Major features (dirauth): + - Directory authorities and relays now interact properly with + directory authorities if they change addresses. In the past, they + would continue to upload votes, signatures, descriptors, etc to + the hard-coded address in the configuration. Now, if the directory + authority is listed in the consensus at a different address, they + will direct queries to this new address. Implements ticket 40705. + + o Minor feature (CI): + - Update CI to use Debian Bullseye for runners. + + o Minor feature (client, IPv6): + - Make client able to pick IPv6 relays by default now meaning + ClientUseIPv6 option now defaults to 1. Closes ticket 40785. + + o Minor feature (compilation): + - Fix returning something other than "Unknown N/A" as libc version + if we build tor on an O.S. like DragonFlyBSD, FreeBSD, OpenBSD + or NetBSD. + + o Minor feature (cpuworker): + - Always use the number of threads for our CPU worker pool to the + number of core available but cap it to a minimum of 2 in case of a + single core. Fixes bug 40713; bugfix on 0.3.5.1-alpha. + + o Minor feature (lzma): + - Fix compiler warnings for liblzma >= 5.3.1. Closes ticket 40741. + + o Minor feature (MetricsPort, relay): + - Expose time until online keys expires on the MetricsPort. Closes + ticket 40546. + + o Minor feature (MetricsPort, relay, onion service): + - Add metrics for the relay side onion service interactions counting + seen cells. Closes ticket 40797. Patch by "friendly73". + + o Minor features (directory authorities): + - Directory authorities now include their AuthDirMaxServersPerAddr + config option in the consensus parameter section of their vote. + Now external tools can better predict how they will behave. + Implements ticket 40753. + + o Minor features (directory authority): + - Add a new consensus method in which the "published" times on + router entries in a microdesc consensus are all set to a + meaningless fixed date. Doing this will make the download size for + compressed microdesc consensus diffs much smaller. Part of ticket + 40130; implements proposal 275. + + o Minor features (network documents): + - Clients and relays no longer track the "published on" time + declared for relays in any consensus documents. When reporting + this time on the control port, they instead report a fixed date in + the future. Part of ticket 40130. + + o Minor features (fallbackdir): + - Regenerate fallback directories generated on June 01, 2023. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2023/06/01. + + o Minor features (hs, metrics): + - Add tor_hs_rend_circ_build_time and tor_hs_intro_circ_build_time + histograms to measure hidden service rend/intro circuit build time + durations. Part of ticket 40757. + + o Minor features (metrics): + - Add a `reason` label to the HS error metrics. Closes ticket 40758. + - Add service side metrics for REND and introduction request + failures. Closes ticket 40755. + - Add support for histograms. Part of ticket 40757. + + o Minor features (pluggable transports): + - Automatically restart managed Pluggable Transport processes when + their process terminate. Resolves ticket 33669. + + o Minor features (portability, compilation): + - Use OpenSSL 1.1 APIs for LibreSSL, fixing LibreSSL 3.5 + compatibility. Fixes issue 40630; patch by Alex Xu (Hello71). + + o Minor features (relay): + - Do not warn about configuration options that may expose a non- + anonymous onion service. Closes ticket 40691. + + o Minor features (relays): + - Trigger OOS when bind fails with EADDRINUSE. This improves + fairness when a large number of exit connections are requested, + and properly signals exhaustion to the network. Fixes issue 40597; + patch by Alex Xu (Hello71). + + o Minor features (tests): + - Avoid needless key reinitialization with OpenSSL during unit + tests, saving significant time. Patch from Alex Xu. + + o Minor bugfix (relay, logging): + - The wrong max queue cell size was used in a protocol warning + logging statement. Fixes bug 40745; bugfix on 0.4.7.1-alpha. + + o Minor bugfixes (logging): + - Avoid ""double-quoting"" strings in several log messages. Fixes + bug 22723; bugfix on 0.1.2.2-alpha. + - Correct a log message when cleaning microdescriptors. Fixes bug + 40619; bugfix on 0.2.5.4-alpha. + + o Minor bugfixes (metrics): + - Decrement hs_intro_established_count on introduction circuit + close. Fixes bug 40751; bugfix on 0.4.7.12. + + o Minor bugfixes (pluggable transports, windows): + - Remove a warning `BUG()` that could occur when attempting to + execute a non-existing pluggable transport on Windows. Fixes bug + 40596; bugfix on 0.4.0.1-alpha. + + o Minor bugfixes (relay): + - Remove a "BUG" warning for an acceptable race between a circuit + close and considering that circuit active. Fixes bug 40647; bugfix + on 0.3.5.1-alpha. + - Remove a harmless "Bug" log message that can happen in + relay_addr_learn_from_dirauth() on relays during startup. Finishes + fixing bug 40231. Fixes bug 40523; bugfix on 0.4.5.4-rc. + + o Minor bugfixes (sandbox): + - Allow membarrier for the sandbox. And allow rt_sigprocmask when + compiled with LTTng. Fixes bug 40799; bugfix on 0.3.5.1-alpha. + - Fix sandbox support on AArch64 systems. More "*at" variants of + syscalls are now supported. Signed 32 bit syscall parameters are + checked more precisely, which should lead to lower likelihood of + breakages with future compiler and libc releases. Fixes bug 40599; + bugfix on 0.4.4.3-alpha. + + o Minor bugfixes (state file): + - Avoid a segfault if the state file doesn't contains TotalBuildTimes + along CircuitBuildAbandonedCount being above 0. Fixes bug 40437; + bugfix on 0.3.5.1-alpha. + + o Removed features: + - Remove the RendPostPeriod option. This was primarily used in + Version 2 Onion Services and after its deprecation isn't needed + anymore. Closes ticket 40431. Patch by Neel Chauhan. + + Changes in version 0.4.7.13 - 2023-01-12 This version contains three major bugfixes, two for relays and one for client being a security fix, TROVE-2022-002. We have added, for Linux, the diff --git a/changes/aarch64_sandbox b/changes/aarch64_sandbox deleted file mode 100644 index d1d64d6e6c..0000000000 --- a/changes/aarch64_sandbox +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (sandbox): - - Fix sandbox support on AArch64 systems. More "*at" variants of syscalls - are now supported. Signed 32 bit syscall parameters are checked more - precisely, which should lead to lower likelihood of breakages with future - compiler and libc releases. Fixes bug 40599; bugfix on 0.4.4.3-alpha. diff --git a/changes/bsd_libc b/changes/bsd_libc deleted file mode 100644 index 01b09f0da5..0000000000 --- a/changes/bsd_libc +++ /dev/null @@ -1,3 +0,0 @@ - o Minor feature (compilation): - - Fix returning something other than "Unknown N/A" as libc version if we - build tor on an O.S. like DragonFlyBSD, FreeBSD, OpenBSD or NetBSD. diff --git a/changes/bug40431 b/changes/bug40431 deleted file mode 100644 index fbc3bb5ca0..0000000000 --- a/changes/bug40431 +++ /dev/null @@ -1,4 +0,0 @@ - o Removed features: - - Remove the RendPostPeriod option. This was primarily used in Version 2 - Onion Services and after its deprecation isn't needed anymore. Closes - ticket 40431. Patch by Neel Chauhan. diff --git a/changes/bug40523 b/changes/bug40523 deleted file mode 100644 index 880fc469fd..0000000000 --- a/changes/bug40523 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (relay): - - Remove a harmless "Bug" log message that can happen in - relay_addr_learn_from_dirauth() on relays during startup. Finishes - fixing bug 40231. Fixes bug 40523; bugfix on 0.4.5.4-rc. diff --git a/changes/bug40563 b/changes/bug40563 deleted file mode 100644 index e7a3deec6d..0000000000 --- a/changes/bug40563 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (relay): - - When opening a channel because of a circuit request that did not - include an Ed25519 identity, record the Ed25519 identity that we - actually received, so that we can use the channel for other circuit - requests that _do_ list an Ed25519 identity. - (Previously we had code to record this identity, but a logic bug - caused it to be disabled.) Fixes bug 40563; bugfix on 0.3.0.1-alpha. - Patch from "cypherpunks". diff --git a/changes/bug40603 b/changes/bug40603 deleted file mode 100644 index aa00718a48..0000000000 --- a/changes/bug40603 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (logging): - - Demote a harmless warn log message about finding a second hop to from - warn level to info level, if we do not have enough descriptors yet. - Leave it at notice level for other cases. Fixes bug 40603; - bugfix on 0.4.7.1-alpha. diff --git a/changes/bug40612 b/changes/bug40612 deleted file mode 100644 index 526f23bdd6..0000000000 --- a/changes/bug40612 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (logging): - - Demote a notice log message about "Unexpected path length" to info - level. These cases seem to happen arbitrarily, and we likely will - never find all of them before the switch to arti. Fixes bug 40612; - bugfix on 0.4.7.5-alpha. diff --git a/changes/bug40619 b/changes/bug40619 deleted file mode 100644 index e49c2b5260..0000000000 --- a/changes/bug40619 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (logging): - - Correct a log message when cleaning microdescriptors. - Fixes bug 40619; bugfix on 0.2.5.4-alpha. diff --git a/changes/bug40620 b/changes/bug40620 deleted file mode 100644 index 086a71d3f6..0000000000 --- a/changes/bug40620 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (relay, logging): - - Demote a harmless XOFF log message to from notice level to info level. - Fixes bug 40620; bugfix on 0.4.7.5-alpha. diff --git a/changes/bug40626 b/changes/bug40626 deleted file mode 100644 index cda8abe4d7..0000000000 --- a/changes/bug40626 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (congestion control, TROVE-2022-001): - - Fix a scenario where RTT estimation can become wedged, seriously - degrading congestion control performance on all circuits. This impacts - clients, onion services, and relays, and can be triggered remotely by a - malicious endpoint. Tracked as CVE-2022-33903. Fixes bug 40626; bugfix - on 0.4.7.5-alpha. diff --git a/changes/bug40639 b/changes/bug40639 deleted file mode 100644 index d975e9ad22..0000000000 --- a/changes/bug40639 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (vanguards): - - We had omitted some checks for whether our vanguards (second layer - guards from proposal 333) overlapped. Now make sure to pick each - of them to be independent. Also, change the design to allow them to - come from the same family. Fixes bug 40639; bugfix on 0.4.7.1-alpha. diff --git a/changes/bug40642 b/changes/bug40642 deleted file mode 100644 index f50d87e031..0000000000 --- a/changes/bug40642 +++ /dev/null @@ -1,9 +0,0 @@ - o Major bugfixes (congestion control): - - Implement RFC3742 Limited Slow Start. Congestion control was - overshooting the congestion window during slow start, particularly for - onion service activity. With this fix, we now update the congestion - window more often during slow start, as well as dampen the exponential - growth when the congestion window grows above a capping parameter. - This should reduce the memory increases guard relays were seeing, as - well as allow us to set lower queue limits to defend against - ongoing DoS attacks. Fixes bug 40642; bugfix on 0.4.7.5-alpha. diff --git a/changes/bug40644 b/changes/bug40644 deleted file mode 100644 index a27c63ede2..0000000000 --- a/changes/bug40644 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes (congestion control): - - Add a check for an integer underflow condition that might - happen in cases where the system clock is stopped, the - ORconn is blocked, and the endpoint sends more than a - congestion window worth of non-data control cells at once. - This would cause a large congestion window to be calculated - instead of a small one. No security impact. Fixes bug 40644; - bugfix on 0.4.7.5-alpha. diff --git a/changes/bug40645 b/changes/bug40645 deleted file mode 100644 index 044d5b67d2..0000000000 --- a/changes/bug40645 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (defense in depth): - - Change a test in the netflow padding code to make it more - _obviously_ safe against remotely triggered crashes. - (It was safe against these before, but not obviously so.) - Fixes bug 40645; bugfix on 0.3.1.1-alpha. diff --git a/changes/bug40673 b/changes/bug40673 deleted file mode 100644 index 1bbf42649b..0000000000 --- a/changes/bug40673 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (relay overload statistics): - - Count total create cells vs dropped create cells properly, when - assessing if our fraction of dropped cells is too high. We only - count non-client circuits in the denominator, but we would include - client circuits in the numerator, leading to surprising log lines - claiming that we had dropped more than 100% of incoming create - cells. Fixes bug 40673; bugfix on 0.4.7.1-alpha. diff --git a/changes/bug40684 b/changes/bug40684 deleted file mode 100644 index 8c751ede2c..0000000000 --- a/changes/bug40684 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (OSX): - - Fix coarse-time computation on Apple platforms (like Mac M1) where - the Mach absolute time ticks do not correspond directly to - nanoseconds. Previously, we computed our shift value wrong, which - led us to give incorrect timing results. - Fixes bug 40684; bugfix on 0.3.3.1-alpha. diff --git a/changes/bug40698 b/changes/bug40698 deleted file mode 100644 index 98ddd4f968..0000000000 --- a/changes/bug40698 +++ /dev/null @@ -1,11 +0,0 @@ - o Minor bugfixes (dirauth): - - Directory authorities stop voting a consensus "Measured" weight - for relays with the Authority flag. Now these relays will be - considered unmeasured, which should reserve their bandwidth - for their dir auth role and minimize distractions from other - roles. In place of the "Measured" weight, they now include a - "MeasuredButAuthority" weight (not used by anything) so the - bandwidth authority's opinion on this relay can be recorded for - posterity. Lastly, remove the AuthDirDontVoteOnDirAuthBandwidth - torrc option which never worked right. Fixes bugs 40698 and 40700; - bugfix on 0.4.7.2-alpha. diff --git a/changes/bug40732 b/changes/bug40732 deleted file mode 100644 index f2388e7e8d..0000000000 --- a/changes/bug40732 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (congestion control): - - Avoid incrementing the congestion window when the window is not - fully in use. Thia prevents overshoot in cases where long periods - of low activity would allow our congestion window to grow, and - then get followed by a burst, which would cause queue overload. - Also improve the increment checks for RFC3742. Fixes bug 40732; - bugfix on 0.4.7.5-alpha. diff --git a/changes/bug40751 b/changes/bug40751 deleted file mode 100644 index baa5e90397..0000000000 --- a/changes/bug40751 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (metrics): - - Decrement hs_intro_established_count on introduction circuit close. Fixes - bug 40751; bugfix on 0.4.7.12. diff --git a/changes/fallbackdirs-2022-08-11 b/changes/fallbackdirs-2022-08-11 deleted file mode 100644 index 21200700ad..0000000000 --- a/changes/fallbackdirs-2022-08-11 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features (fallbackdir): - - Regenerate fallback directories generated on August 11, 2022. diff --git a/changes/fallbackdirs-2022-11-10 b/changes/fallbackdirs-2022-11-10 deleted file mode 100644 index 64df9c5f10..0000000000 --- a/changes/fallbackdirs-2022-11-10 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features (fallbackdir): - - Regenerate fallback directories generated on November 10, 2022. diff --git a/changes/fallbackdirs-2022-12-06 b/changes/fallbackdirs-2022-12-06 deleted file mode 100644 index 17daf63f53..0000000000 --- a/changes/fallbackdirs-2022-12-06 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features (fallbackdir): - - Regenerate fallback directories generated on December 06, 2022. diff --git a/changes/fallbackdirs-2023-01-12 b/changes/fallbackdirs-2023-01-12 deleted file mode 100644 index e3788a16ae..0000000000 --- a/changes/fallbackdirs-2023-01-12 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features (fallbackdir): - - Regenerate fallback directories generated on January 12, 2023. diff --git a/changes/fallbackdirs-2023-06-01 b/changes/fallbackdirs-2023-06-01 deleted file mode 100644 index 2d40e047b4..0000000000 --- a/changes/fallbackdirs-2023-06-01 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features (fallbackdir): - - Regenerate fallback directories generated on June 01, 2023. diff --git a/changes/faster_tests b/changes/faster_tests deleted file mode 100644 index 150dff968f..0000000000 --- a/changes/faster_tests +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (tests): - - Avoid needless key reinitialization with OpenSSL during unit tests, - saving significant time. Patch from Alex Xu. diff --git a/changes/geoip-2022-08-11 b/changes/geoip-2022-08-11 deleted file mode 100644 index aad2392f1f..0000000000 --- a/changes/geoip-2022-08-11 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, - as retrieved on 2022/08/11. diff --git a/changes/geoip-2022-08-12 b/changes/geoip-2022-08-12 deleted file mode 100644 index e8f282db01..0000000000 --- a/changes/geoip-2022-08-12 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (geoip data): - - IPFire informed us on August 12th that databases generated after - (including) August 10th did not have proper ARIN network allocations. We - are updating the database to use the one generated on August 9th, 2022. - Fixes bug 40658; bugfix on 0.4.5.13. diff --git a/changes/geoip-2022-11-10 b/changes/geoip-2022-11-10 deleted file mode 100644 index dce05f50c4..0000000000 --- a/changes/geoip-2022-11-10 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, - as retrieved on 2022/11/10. diff --git a/changes/geoip-2022-12-06 b/changes/geoip-2022-12-06 deleted file mode 100644 index f96e833e63..0000000000 --- a/changes/geoip-2022-12-06 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, - as retrieved on 2022/12/06. diff --git a/changes/geoip-2023-01-12 b/changes/geoip-2023-01-12 deleted file mode 100644 index 8378d34fbf..0000000000 --- a/changes/geoip-2023-01-12 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, - as retrieved on 2023/01/12. diff --git a/changes/geoip-2023-06-01 b/changes/geoip-2023-06-01 deleted file mode 100644 index 384d83473e..0000000000 --- a/changes/geoip-2023-06-01 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, - as retrieved on 2023/06/01. diff --git a/changes/ip_bind_address_no_port b/changes/ip_bind_address_no_port deleted file mode 100644 index 9c4f712a9e..0000000000 --- a/changes/ip_bind_address_no_port +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (relays): - - Set the Linux-specific IP_BIND_ADDRESS_NO_PORT option on outgoing - sockets, allowing relays using OutboundBindAddress to make more outgoing - connections than ephemeral ports, as long as they are to separate - destinations. Related to issue 40597; patch by Alex Xu (Hello71). diff --git a/changes/issue40597 b/changes/issue40597 deleted file mode 100644 index db2220805e..0000000000 --- a/changes/issue40597 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (relays): - - Trigger OOS when bind fails with EADDRINUSE. This improves fairness when - a large number of exit connections are requested, and properly signals - exhaustion to the network. Fixes issue 40597; patch by Alex Xu (Hello71). diff --git a/changes/issue40613 b/changes/issue40613 deleted file mode 100644 index 76434beba2..0000000000 --- a/changes/issue40613 +++ /dev/null @@ -1,3 +0,0 @@ - o Code simplifications and refactoring: - - Rely on actual error returned by the kernel when choosing what resource - exhaustion to log. Fixes issue 40613; Fix on tor-0.4.6.1-alpha. diff --git a/changes/issue40630 b/changes/issue40630 deleted file mode 100644 index faf04941b6..0000000000 --- a/changes/issue40630 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (portability, compilation): - - Use OpenSSL 1.1 APIs for LibreSSL, fixing LibreSSL 3.5 compatibility. - Fixes issue 40630; patch by Alex Xu (Hello71). diff --git a/changes/log-quotes b/changes/log-quotes deleted file mode 100644 index 7c9308eb44..0000000000 --- a/changes/log-quotes +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (logging): - - Avoid ""double-quoting"" strings in several log messages. - Fixes bug 22723; bugfix on 0.1.2.2-alpha. diff --git a/changes/prop275 b/changes/prop275 deleted file mode 100644 index bbbf38d959..0000000000 --- a/changes/prop275 +++ /dev/null @@ -1,12 +0,0 @@ - o Minor features (directory authority): - - Add a new consensus method in which the "published" times on router - entries in a microdesc consensus are all set to a meaningless fixed - date. Doing this will make the download size for compressed microdesc - consensus diffs much smaller. - Part of ticket 40130; implements proposal 275. - - o Minor features (network documents): - - Clients and relays no longer track the "published on" time declared - for relays in any consensus documents. When reporting this time on - the control port, they instead report a fixed date in the future. - Part of ticket 40130. diff --git a/changes/ticket33669 b/changes/ticket33669 deleted file mode 100644 index d7ec3a5f40..0000000000 --- a/changes/ticket33669 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (pluggable transports): - - Automatically restart managed Pluggable Transport processes when their - process terminate. Resolves ticket 33669. diff --git a/changes/ticket40194 b/changes/ticket40194 deleted file mode 100644 index 9f3a4833cf..0000000000 --- a/changes/ticket40194 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor feature (relay, metrics): - - Add counters to the MetricsPort how many connections, per type, are - currently opened and how many were created. Part of ticket 40194. - - Add total number of streams seen by an Exit to the MetricsPort. - - Add congestion control RTT reset counter to MetricsPort. - - Add DoS defenses counter to MetricsPort. - - Add relay flags from the consensus to the MetricsPort. - - Add total number of opened circuits to MetricsPort. - - Add traffic stats as in number of read/written bytes in total. diff --git a/changes/ticket40437 b/changes/ticket40437 deleted file mode 100644 index 85ba49583c..0000000000 --- a/changes/ticket40437 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (state file): - - Avoid a segfault if the state file doesn't contains TotalBuildTimes along - CircuitBuildAbandonedCount being above 0. Fixes bug 40437; bugfix on - 0.3.5.1-alpha. diff --git a/changes/ticket40546 b/changes/ticket40546 deleted file mode 100644 index 93f19f74c1..0000000000 --- a/changes/ticket40546 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor feature (MetricsPort, relay): - - Expose time until online keys expires on the MetricsPort. Closes ticket - 40546. diff --git a/changes/ticket40593 b/changes/ticket40593 deleted file mode 100644 index 6590ea492c..0000000000 --- a/changes/ticket40593 +++ /dev/null @@ -1,16 +0,0 @@ - o Major features (conflux): - - Implement Proposal 329 (conflux traffic splitting). Conflux splits - traffic across two circuits to Exits that support the protocol. - These circuits are pre-built only, which means that if the pre-built - conflux pool runs out, regular circuits will then be used. - - When using conflux circuit pairs, clients choose the lower-latency - circuit to send data to the Exit. When the Exit sends data to the - client, it maximizes throughput, by fully utilizing both circuits in a - multiplexed fashion. Alternatively, clients can request that the Exit - optimize for latency when transmitting to them, by setting the torrc - option 'ConfluxClientUX latency'. - - Onion services are not currently supported, but will be in arti. Many - other future optimizations will also be possible using this protocol. - Closes ticket 40593. diff --git a/changes/ticket40596 b/changes/ticket40596 deleted file mode 100644 index 13c8e5b34a..0000000000 --- a/changes/ticket40596 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (pluggable transports, windows): - - Remove a warning `BUG()` that could occur when attempting to execute a - non-existing pluggable transport on Windows. Fixes bug 40596; bugfix on - 0.4.0.1-alpha. diff --git a/changes/ticket40601 b/changes/ticket40601 deleted file mode 100644 index 529e3badfe..0000000000 --- a/changes/ticket40601 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (linux seccomp2 sandbox): - - Allow the rseq system call in the sandbox. This solves a crash issue with - glibc 2.35 on Linux. Patch from pmu-ipf. Fixes bug 40601; bugfix on - 0.3.5.11. diff --git a/changes/ticket40604 b/changes/ticket40604 deleted file mode 100644 index ec24a46e66..0000000000 --- a/changes/ticket40604 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (relay): - - Remove OR connections btrack subsystem entries when the connections - closes normally. Before this, we would only close it on error and thus - leaking memory for each normal OR connections. Fixes bug 40604; bugfix - on 0.4.0.1-alpha. diff --git a/changes/ticket40623 b/changes/ticket40623 deleted file mode 100644 index d2a0e7eaad..0000000000 --- a/changes/ticket40623 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (relay): - - Stop sending TRUNCATED cell and instead close the circuits which sends a - DESTROY cell so every relay in the circuit path can stop queuing cells. - Fixes bug 40623; bugfix on 0.1.0.2-rc. diff --git a/changes/ticket40634 b/changes/ticket40634 deleted file mode 100644 index 42baa6509a..0000000000 --- a/changes/ticket40634 +++ /dev/null @@ -1,3 +0,0 @@ - o Major features (onion services): - - Proof-of-work client puzzles for DoS mitigation, from proposal 327. - Closes ticket 40634. \ No newline at end of file diff --git a/changes/ticket40647 b/changes/ticket40647 deleted file mode 100644 index ae20aae3f3..0000000000 --- a/changes/ticket40647 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (relay): - - Remove a "BUG" warning for an acceptable race between a circuit close - and considering that circuit active. Fixes bug 40647; bugfix on - 0.3.5.1-alpha. diff --git a/changes/ticket40648 b/changes/ticket40648 deleted file mode 100644 index a891e30204..0000000000 --- a/changes/ticket40648 +++ /dev/null @@ -1,3 +0,0 @@ - o Code simplification and refactoring (bridges): - - Remove unused code related to ExtPort connection ID. Fixes bug 40648; - bugfix on 0.3.5.1-alpha. diff --git a/changes/ticket40649 b/changes/ticket40649 deleted file mode 100644 index 28df58f106..0000000000 --- a/changes/ticket40649 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (relay): - - Do not propagate either forward or backward a DESTROY remote reason when - closing a circuit so to avoid a possible side channel. Fixes bug 40649; - bugfix on 0.1.2.4-alpha. diff --git a/changes/ticket40652 b/changes/ticket40652 deleted file mode 100644 index ff9f4d0591..0000000000 --- a/changes/ticket40652 +++ /dev/null @@ -1,10 +0,0 @@ - o Minor features (dirauth): - - Add an AuthDirVoteGuard torrc option that can allow authorities to - assign the Guard flag to the given fingerprints/country code/IPs. This - is a needed feature mostly for defense purposes in case a DoS hits the - network and relay start losing the Guard flags too fast. - - Make UPTIME_TO_GUARANTEE_STABLE, MTBF_TO_GUARANTEE_STABLE, - TIME_KNOWN_TO_GUARANTEE_FAMILIAR WFU_TO_GUARANTEE_GUARD tunable from - torrc. - - Add a torrc option to control the Guard flag bandwidth threshold - percentile. Closes ticket 40652. diff --git a/changes/ticket40663 b/changes/ticket40663 deleted file mode 100644 index 3992d8e2b5..0000000000 --- a/changes/ticket40663 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (authorities, sandbox): - - Allow to write file my-consensus-<flavor-name> to disk when sandbox is - activated. Fixes bug 40663; bugfix on 0.3.5.1-alpha. diff --git a/changes/ticket40664 b/changes/ticket40664 deleted file mode 100644 index 729b6ff02a..0000000000 --- a/changes/ticket40664 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor feature (authority): - - Reject 0.4.6.x series at the authority level. Closes ticket 40664. - diff --git a/changes/ticket40674 b/changes/ticket40674 deleted file mode 100644 index b371cafcf0..0000000000 --- a/changes/ticket40674 +++ /dev/null @@ -1,3 +0,0 @@ - o Major bugfixes (relay): - - Improve security of our DNS cache by randomly clipping the TTL value. - TROVE-2021-009. Fixes bug 40674; bugfix on 0.3.5.1-alpha. diff --git a/changes/ticket40680 b/changes/ticket40680 deleted file mode 100644 index 1383844969..0000000000 --- a/changes/ticket40680 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor feature (relay, DoS): - - Apply circuit creation anti-DoS defenses if the outbound circuit max cell - queue size is reached too many times. This introduces two new consensus - parameters to control the queue size limit and number of times allowed to - go over that limit. Close ticket 40680. - diff --git a/changes/ticket40683 b/changes/ticket40683 deleted file mode 100644 index 6df078ebae..0000000000 --- a/changes/ticket40683 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor feature (Mac and iOS build): - - Change how combine_libs works on Darwin like platforms to - make sure we don't include any `__.SYMDEF` and `__.SYMDEF SORTED` - symbols on the archive before we repack and run ${RANLIB} on the - archive. This fixes a build issue with recent Xcode versions on - Mac Silicon and iOS. Closes ticket 40683. diff --git a/changes/ticket40687 b/changes/ticket40687 deleted file mode 100644 index e96119cf49..0000000000 --- a/changes/ticket40687 +++ /dev/null @@ -1,2 +0,0 @@ - o Directory authority changes (dizum): - - Change dizum IP address. Closes ticket 40687. diff --git a/changes/ticket40688 b/changes/ticket40688 deleted file mode 100644 index 79350cb836..0000000000 --- a/changes/ticket40688 +++ /dev/null @@ -1,3 +0,0 @@ - o Directory authority changes (Faravahar): - - Remove Faravahar until its operator, Sina, set it back up online outside - of Team Cymru network. Closes ticket 40688. diff --git a/changes/ticket40691 b/changes/ticket40691 deleted file mode 100644 index f1c518fc18..0000000000 --- a/changes/ticket40691 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (relay): - - Do not warn about configuration options that may expose a non-anonymous - onion service. Closes ticket 40691. diff --git a/changes/ticket40692 b/changes/ticket40692 deleted file mode 100644 index 8405486115..0000000000 --- a/changes/ticket40692 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (onion service client): - - A collapsing onion service circuit should be seen as an "unreachable" - error so it can be retried. Fixes bug 40692; bugfix on 0.3.5.1-alpha. diff --git a/changes/ticket40694 b/changes/ticket40694 deleted file mode 100644 index f17639cc27..0000000000 --- a/changes/ticket40694 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (onion service): - - Set a much higher circuit build timeout for opened client rendezvous - circuit. Before this, tor would time them out very quickly leading to many - unnecessary retries and thus more load on the network. Fixes bug 40694; - bugfix on 0.3.5.1-alpha. diff --git a/changes/ticket40696 b/changes/ticket40696 deleted file mode 100644 index a2c09f6a83..0000000000 --- a/changes/ticket40696 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (onion service): - - Make the service retry a rendezvous if the circuit is being repurposed for - measurements. Fixes bug 40696; bugfix on 0.3.5.1-alpha. diff --git a/changes/ticket40703 b/changes/ticket40703 deleted file mode 100644 index f005f8f851..0000000000 --- a/changes/ticket40703 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor feature (performance): - - Bump the maximum amount of CPU to use from 16 to 128. Note that NumCPUs - torrc option overrides this hardcoded maximum. Fixes bug 40703; bugfix on - 0.3.5.1-alpha. diff --git a/changes/ticket40704 b/changes/ticket40704 deleted file mode 100644 index b1a83488da..0000000000 --- a/changes/ticket40704 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor feature (relay): - - Two new consensus parameters are added to control the wait time in queue - of the onionskins. One of them is the torrc MaxOnionQueueDelay options - which supersedes the consensus parameter. Closes ticket 40704. - - Change a hardcoded value for the maximum of per CPU tasks into a - consensus parameter. diff --git a/changes/ticket40705 b/changes/ticket40705 deleted file mode 100644 index 2de01c76d5..0000000000 --- a/changes/ticket40705 +++ /dev/null @@ -1,7 +0,0 @@ - o Major features (dirauth): - - Directory authorities and relays now interact properly with - directory authorities if they change addresses. In the past, they - would continue to upload votes, signatures, descriptors, etc to - the hard-coded address in the configuration. Now, if the directory - authority is listed in the consensus at a different address, they - will direct queries to this new address. Implements ticket 40705. diff --git a/changes/ticket40708 b/changes/ticket40708 deleted file mode 100644 index 1c4a044a0b..0000000000 --- a/changes/ticket40708 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor feature (metrics): - - Add various congestion control counters to the MetricsPort. Closes ticket - 40708. diff --git a/changes/ticket40713 b/changes/ticket40713 deleted file mode 100644 index eaddfd30d7..0000000000 --- a/changes/ticket40713 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor feature (cpuworker): - - Always use the number of threads for our CPU worker pool to the number of - core available but cap it to a minimum of 2 in case of a single core. - Fixes bug 40713; bugfix on 0.3.5.1-alpha. diff --git a/changes/ticket40719 b/changes/ticket40719 deleted file mode 100644 index eec84dce0f..0000000000 --- a/changes/ticket40719 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (cpuworker, relay): - - Fix an off by one overload calculation on the number of CPUs being used by - our thread pool. Fixes bug 40719; bugfix on 0.3.5.1-alpha. diff --git a/changes/ticket40722 b/changes/ticket40722 deleted file mode 100644 index a9a9f520a9..0000000000 --- a/changes/ticket40722 +++ /dev/null @@ -1,5 +0,0 @@ - o Directory authority changes (moria1): - - Rotate the relay identity key and v3 identity key for moria1. They - have been online for more than a decade and refreshing keys - periodically is good practice. Advertise new ports too, to avoid - confusion. Closes ticket 40722. diff --git a/changes/ticket40724 b/changes/ticket40724 deleted file mode 100644 index aeb6f9ae8b..0000000000 --- a/changes/ticket40724 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor feature (Congestion control metrics): - - Add additional metricsport relay metrics for congestion control. - Closes ticket 40724. diff --git a/changes/ticket40727 b/changes/ticket40727 deleted file mode 100644 index ce462481f4..0000000000 --- a/changes/ticket40727 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (relay, metrics): - - Fix typo in a congestion control label on the MetricsPort. Fixes bug - 40727; bugfix on 0.4.7.12. diff --git a/changes/ticket40729 b/changes/ticket40729 deleted file mode 100644 index 1c2d43d14f..0000000000 --- a/changes/ticket40729 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (sandbox, authority): - - With the sandbox enabled, allow to write "my-consensus-{ns|microdesc}" and - to rename them as well. Fixes bug 40729; bugfix on 0.3.5.1-alpha. diff --git a/changes/ticket40730 b/changes/ticket40730 deleted file mode 100644 index f6d4c9de3b..0000000000 --- a/changes/ticket40730 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (TROVE-2022-002, client): - - The SafeSocks option had its logic inverted for SOCKS4 and SOCKS4a. It - would let the unsafe SOCKS4 pass but not the safe SOCKS4a one. This is - TROVE-2022-002 which was reported on Hackerone by "cojabo". Fixes bug - 40730; bugfix on 0.3.5.1-alpha. diff --git a/changes/ticket40741 b/changes/ticket40741 deleted file mode 100644 index 2a9f72489d..0000000000 --- a/changes/ticket40741 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor feature (lzma): - - Fix compiler warnings for liblzma >= 5.3.1. Closes ticket 40741. diff --git a/changes/ticket40745 b/changes/ticket40745 deleted file mode 100644 index 988dbc5f33..0000000000 --- a/changes/ticket40745 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfix (relay, logging): - - The wrong max queue cell size was used in a protocol warning logging - statement. Fixes bug 40745; bugfix on 0.4.7.1-alpha. diff --git a/changes/ticket40753 b/changes/ticket40753 deleted file mode 100644 index c5dc76b006..0000000000 --- a/changes/ticket40753 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (directory authorities): - - Directory authorities now include their AuthDirMaxServersPerAddr - config option in the consensus parameter section of their vote. Now - external tools can better predict how they will behave. Implements - ticket 40753. diff --git a/changes/ticket40755 b/changes/ticket40755 deleted file mode 100644 index a40bfd9239..0000000000 --- a/changes/ticket40755 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (metrics): - - Add service side metrics for REND and introduction request failures. - Closes ticket 40755. diff --git a/changes/ticket40757 b/changes/ticket40757 deleted file mode 100644 index 68cd5ac19b..0000000000 --- a/changes/ticket40757 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor features (metrics): - - Add support for histograms. - Part of ticket 40757. - o Minor features (hs, metrics): - - Add tor_hs_rend_circ_build_time and tor_hs_intro_circ_build_time - histograms to measure hidden service rend/intro circuit build time - durations. - Part of ticket 40757. diff --git a/changes/ticket40758 b/changes/ticket40758 deleted file mode 100644 index e6981d0e2b..0000000000 --- a/changes/ticket40758 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (metrics): - - Add a `reason` label to the HS error metrics. - Closes ticket 40758. diff --git a/changes/ticket40760 b/changes/ticket40760 deleted file mode 100644 index b5e3df7904..0000000000 --- a/changes/ticket40760 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor feature (authority): - - Reject 0.4.5.x series at the authority level. Closes ticket 40760. - diff --git a/changes/ticket40785 b/changes/ticket40785 deleted file mode 100644 index 998120011d..0000000000 --- a/changes/ticket40785 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor feature (client, IPv6): - - Make client able to pick IPv6 relays by default now meaning ClientUseIPv6 - option now defaults to 1. Closes ticket 40785. - diff --git a/changes/ticket40797 b/changes/ticket40797 deleted file mode 100644 index b5e12be154..0000000000 --- a/changes/ticket40797 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor feature (MetricsPort, relay, onion service): - - Add metrics for the relay side onion service interactions counting - seen cells. Closes ticket 40797. Patch by "friendly73". - diff --git a/changes/ticket40799 b/changes/ticket40799 deleted file mode 100644 index 4e2afe6e4b..0000000000 --- a/changes/ticket40799 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (sandbox): - - Allow membarrier for the sandbox. And allow rt_sigprocmask when compiled - with LTTng. Fixes bug 40799; bugfix on 0.3.5.1-alpha. - - o Minor feature (CI): - - Update CI to use Debian Bullseye for runners.