commit cbf3699b840e5a6c6f492e6bead9727ddb8bec9d Author: Nick Mathewson nickm@torproject.org Date: Tue Aug 2 11:46:18 2016 -0400

Start work on an 0.2.9.1-alpha changelog

(sort, fold, and reflow.) --- ChangeLog | 282 +++++++++++++++++++++++++++++++++++++++++++++++- changes/19044 | 5 - changes/assert_nonfatal | 4 - changes/bug13239 | 4 - changes/bug14334 | 4 - changes/bug15942 | 3 - changes/bug16943 | 8 -- changes/bug17688 | 4 - changes/bug17983 | 11 -- changes/bug18240 | 5 - changes/bug18300 | 3 - changes/bug18322 | 4 - changes/bug18456 | 6 -- changes/bug18604 | 4 - changes/bug18704 | 5 - changes/bug18815 | 3 - changes/bug18840 | 4 - changes/bug18889 | 2 - changes/bug18895 | 6 -- changes/bug18934 | 3 - changes/bug18934_2 | 5 - changes/bug18956 | 5 - changes/bug18963 | 5 - changes/bug19063 | 4 - changes/bug19066 | 5 - changes/bug19079 | 4 - changes/bug19139 | 3 - changes/bug19153 | 3 - changes/bug19216 | 4 - changes/bug19421 | 4 - changes/bug19428 | 5 - changes/bug19435 | 6 -- changes/bug19449 | 4 - changes/bug19483 | 3 - changes/bug19503 | 3 - changes/bug19504 | 3 - changes/bug19505 | 5 - changes/bug19554 | 4 - changes/bug19578 | 3 - changes/bug19639 | 3 - changes/bug19702 | 3 - changes/feature15588 | 4 - changes/feature18624 | 7 -- changes/feature18685 | 3 - changes/feature18760 | 6 -- changes/feature18998 | 5 - changes/feature19036 | 4 - changes/feature19116 | 4 - changes/lcov_excl | 7 -- changes/monotonic | 6 -- changes/task19035 | 5 - changes/test_zlib_bombs | 3 - changes/ticket16698 | 3 - changes/ticket18462 | 3 - changes/ticket19323 | 3 - changes/timeouts | 7 -- changes/workqueue_tests | 4 - changes/zlib_12 | 4 - 58 files changed, 281 insertions(+), 251 deletions(-)

diff --git a/ChangeLog b/ChangeLog index 592cd47..3160344 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,284 @@ -Changes in version 0.2.9.1-alpha - 2016-??-?? +Changes in version 0.2.9.1-alpha - 2016-08-?? + Tor 0.2.9.1-alpha is the first alpha release in the 0.2.9 + development series. + + o New system requirements: + - Tor requires Libevent version 2.0.10-stable or later now. + Implements ticket 19554. + - We now require zlib version 1.2 or later. (Back when we started, + zlib 1.1 and zlib 1.0 were still found in the wild. 1.2 was + released in 2003. We recommend the latest version.) + + o Major features (dirauths, security, hidden services): + - Directory authorities can now perform the shared randomness + protocol specified by proposal 250. Using this protocol, directory + authorities can generate a global fresh random number every day. + In the future, this global randomness will be used by hidden + services to select their responsible HSDirs. This release only + implements the directory authority feature; the hidden service + side will be implemented in the future as part of proposal 224 . + Resolves ticket 16943; implements proposal 250. + + o Major features (build, hardening): + - Tor now builds with -ftrapv by default on compilers that support + it. This option detects signed integer overflow, and turns it into + a hard-failure. We do not apply this option to code that needs to + run in constant time to avoid side-channels; instead, we use + -fwrapv. Closes ticket 17983. + - When --enable-expensive-hardening is selected, stop applying the + clang/gcc sanitizers to code that needs to run in constant-time to + avoid side channels: although we are aware of no introduced side- + channels, we are not able to prove that this is safe. Related to + ticket 17983. + + o Major bugfixes (exit policies): + - Avoid disclosing exit outbound bind addresses, configured port + bind addresses, and local interface addresses in relay descriptors + by default under ExitPolicyRejectPrivate. Instead, only reject + these (otherwise unlisted) addresses if + ExitPolicyRejectLocalInterfaces is set. Fixes bug 18456; bugfix on + 0.2.7.2-alpha. Patch by teor. + + o Major bugfixes (hidden service client): + - With FetchHidServDescriptors set to 0, there is no descriptor + fetch (which is intended) but also no descriptor cache lookup was + done making any Tor client not working with this option unset. + Fixes bug 18704; bugfix on 0.2.0.20-rc. Patch by "twim". + + o Major bugfixes (user interface): + - Fix an integer overflow in the rate-limiter that caused displaying + of wrong number of suppressed messages (if there are too many of + them). If the number of messages hits the limit of messages per + interval the rate-limiter doesn't count any further. Fixes bug + 19435; bugfix on 0.2.4.11-alpha. + + o Minor features (backend): + - Tor now uses the operating system's monotonic timers (where + available) for internal fine-grained timing. Previously we would + look at the system clock, and then attempt to compensate for the + clock running backwards. Closes ticket 18908. + + o Minor features (build): + - Detect and work around a libclang_rt problem that prevents clang + from finding __mulodi4() on some 32-bit platforms. This clang bug + would keep -ftrapv from linking on those systems. Closes + ticket 19079. + - Use the Autoconf macro AC_USE_SYSTEM_EXTENSIONS to automatically + turn on C and POSIX extensions. Closes ticket 19139. + - When building on a system without runtime support for some of the + runtime hardening options, try to log a useful warning at + configuration time, rather than an incomprehensible warning at + link time. If expensive hardening was requested, this warning + becomes an error. Closes ticket 18895. + + o Minor features (code safety): + - In our integer-parsing functions, check that the maxiumum value + given is no smaller than the minimum value. Closes ticket 19063; + patch from U+039b. + + o Minor features (compilation): + - Our big list of extra GCC warnings is now enabled by default when + building with GCC (or with anything like Clang that claims to be + GCC-compatible). To make all warnings into fatal compilation + errors, pass --enable-fatal-warnings to configure. Closes + ticket 19044. + + o Minor features (control port): + - Implement new GETINFO queries for all downloads using + download_status_t to schedule retries. Closes ticket 19323. + + o Minor features (controller): + - Add support for configuring basic client authorization on hidden + services created with the ADD_ONION control command. Implements + ticket 15588. Patch by "special". + - Fire a `STATUS_SERVER` event whenever the hibernation status + changes between "awake"/"soft"/"hard". Closes ticket 18685. + + o Minor features (debugging): + - When dumping unparseable router descriptors, optionally store them + in separate filenames by hash, up to a configurable limit. Closes + ticket 18322. + + o Minor features (directory authority): + - Directory authorities now only give the Guard flag to a relay if + they are also giving it the Stable flag. This change allows us to + simplify path selection for clients, and it should have minimal + effect in practice since >99% of Guards already have the Stable + flag. Implements ticket 18624. + - Make directory authorities write the v3-status-votes file out to + disk earlier in the consensus process, so we have the votes even + if we abort the consensus process below. Resolves ticket 19036. + + o Minor features (downloading): + - Use random exponential backoffs when retrying downloads from the + dir servers. Closes ticket 15942. + + o Minor features (hidden service): + - Stop being so strict about the payload length of "rendezvous1" + cells. We used to be locked in to the "tap" handshake length, and + now we can handle better handshakes like "ntor". Resolves + ticket 18998. + + o Minor features (infrastructure): + - Tor now includes an improved timer backend, so that we can + efficiently support tens or hundreds of thousands of concurrent + timers, as will be needed for some of our planned anti-traffic- + analysis work. This code is based on William Ahern's "timeout.c" + project, which implements a "tickless hierarchical timing wheel". + Closes ticket 18365. + + o Minor features (logging): + - Provide a more useful warning message when configured with an + invalid Nickname. Closes ticket 18300; patch from "icanhasaccount". + + o Minor features (performance): + - When fetching a consensus for the first time, use optimistic data. + This saves a round-trip during startup. Closes ticket 18815. + + o Minor features (relay, usability): + - When the directory authorities refuse a bad relay's descriptor, + encourage the relay operator to contact us. Many relay operators + won't notice this line in their logs, but it's a win if even a few + learn why we don't like what their relay was doing. Resolves + ticket 18760. + + o Minor features (safety, debugging): + - Add a set of macros to check nonfatal assertions, for internal + use. Migrating more of our checks to these should help us avoid + needless crash bugs. Closes ticket 18613. + + o Minor features (testing): + - Let backtrace tests work correctly under AddressSanitizer. Fixes + part of bug 18934; bugfix on 0.2.5.2-alpha. + - Move the test-network.sh script to chutney, and modify tor's test- + network.sh to call the (newer) chutney version when available. + Resolves ticket 19116. Patch by teor. + - Use the lcov convention for marking lines as unreachable, so that + we don't count them when we're generating test coverage data. + Update our coverage tools to understand this convention. Closes + ticket 16792. + + o Minor bugfixes (bootstrap): + - Remember the directory we fetched the consensus or previous + certificates from, and use it to fetch future authority + certificates. Fixes bug 18963; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (build): + - Make the test-stem and test-network targets depend only on the tor + binary to be tested. Previously, they depended on "make all". + Fixes bug 18240; bugfix on 0.2.8.2-alpha. Based on a patch + from "cypherpunks". + + o Minor bugfixes (circuits): + - Make sure extend_info_from_router is only called on servers. Fixes + bug 19639; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (compilation): + - When building with Clang, include our full array of GCC warnings. + (Previously, we included only a subset, because of the way we + detected them.) Fixes bug 19216; bugfix on 0.2.0.1-alpha. + + o Minor bugfixes (directory authority): + - Authorities now sort the "package" lines in their votes, for ease + of debugging. (They are already sorted in the consensus + documents.) Fixes bug 18840; bugfix on 0.2.6.3-alpha. + - When parsing detached signature, make sure we use the length of + the digest algorithm instead of an hardcoded DIGEST256_LEN in + order to avoid comparing bytes out of bound with a smaller digest + length such as SHA1. Fixes bug 19066; bugfix on 0.2.2.6-alpha. + + o Minor bugfixes (documentation): + - Document the --passphrase-fd option in the tor manpage. Fixes bug + 19504; bugfix on 0.2.7.3-rc. + - Fix the description of the --passphrase-fd option in the + tor-gencert manpage. The option is used to pass the number of a + file descriptor to read the passphrase from, not to read the file + descriptor from. Fixes bug 19505; bugfix on 0.2.0.20-alpha. + + o Minor bugfixes (ephemeral hidden service): + - When deleting an ephemeral hidden service, close its intro points + even if not in the open state. Fixes bug 18604; bugfix + on 0.2.7.1-alpha. + + o Minor bugfixes (guard selection): + - Use a single entry guard even if the NumEntryGuards consensus + parameter is not provided. Fixes bug 17688; bugfix + on 0.2.5.6-alpha. + + o Minor bugfixes (guards): + - Don't mark guards as unreachable if connection_connect() fails. + That function fails for local reasons, so it shouldn't reveal + anything about the status of the guard. Fixes bug 14334; bugfix + on 0.2.3.10-alpha. + + o Minor bugfixes (hidden service client): + - Increase the minimum number of internal circuits we preemptively + build from 2 to 3 so they are available when a client connects to + another onion service. Fixes bug 13239; bugfix on 0.1.0.1-rc. + + o Minor bugfixes (logging): + - When logging a directory ownership mismatch, log the owning + username correctly. Fixes bug 19578; bugfix on 0.2.2.29-beta. + + o Minor bugfixes (memory leaks): + - Fix a small, uncommon memory leak that could occur when reading a + truncated ed25519 key file. Fixes bug 18956; bugfix + on 0.2.6.1-alpha. + + o Minor bugfixes (test networks): + - Allow clients to retry HSDirs much faster in test networks. Fixes + bug 19702; bugfix on 0.2.7.1-alpha. Patch by teor. + + o Minor bugfixes (testing): + - Disable ASAN's detection of segmentation faults while running + test_bt.sh, so that we can make sure that our own backtrace + generation code works. Fixes another aspect of bug 18934; bugfix + on 0.2.5.2-alpha. Patch from "cypherpunks". + - Fix the test-network-all target on out-of-tree builds by using the + correct path to the test driver script. Fixes bug 19421; bugfix + on 0.2.7.3-rc. + + o Minor bugfixes (time): + - Improve overflow checks in tv_udiff and tv_mdiff. Fixes bug 19483; + bugfix on all released tor versions. + + o Minor bugfixes (timing): + - When computing the difference between two times in milliseconds, + we now round to the nearest millisecond correctly. Previously, we + could sometimes round in the wrong direction. Fixes bug 19428; + bugfix on 0.2.2.2-alpha. + + o Minor bugfixes (user interface): + - Fix a typo in the getting passphrase prompt for the ed25519 + identity key. Fixes bug 19503; bugfix on 0.2.7.2-alpha. + + o Code simplification and refactoring: + - Remove redundant declarations of the MIN macro. Closes + ticket 18889. + - Rename tor_dup_addr() to tor_addr_to_str_dup() to avoid confusion. + Closes ticket 18462; patch from "icanhasaccount". + - Split the 600-line directory_handle_command_get function into + separate functions for different URL types. Closes ticket 16698. + + o Documentation: + - Fix spelling of "--enable-tor2web-mode" in the manpage. Closes + ticket 19153. Patch from "U+039b". + + o Removed features: + - Remove support for "GET /tor/bytes.txt" DirPort request, and + "GETINFO dir-usage" controller request, which were only available + via a compile-time option in Tor anyway. Feature was added in + 0.2.2.1-alpha. Resolves ticket 19035. + - There is no longer a compile-time option to disable support for + TransPort. (If you don't want TransPort; just don't use it.) Patch + from "U+039b". Closes ticket 19449. + + o Testing: + - Run more workqueue tests as part of "make check". These had + previously been implemented, but you needed to know special + command-line options to enable them. + - We now have unit tests for our code to reject zlib "compression + bombs". (Fortunately, the code works fine.)

Changes in version 0.2.8.6 - 2016-08-02 diff --git a/changes/19044 b/changes/19044 deleted file mode 100644 index a7f938a..0000000 --- a/changes/19044 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (compilation): - - Our big list of extra GCC warnings is now enabled by default when - building with GCC (or with anything like Clang that claims to be - GCC-compatible). To make all warnings into fatal compilation errors, - pass --enable-fatal-warnings to configure. Closes ticket 19044. diff --git a/changes/assert_nonfatal b/changes/assert_nonfatal deleted file mode 100644 index 9cb7ade..0000000 --- a/changes/assert_nonfatal +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (safety, debugging): - - Add a set of macros to check nonfatal assertions, for internal - use. Migrating more of our checks to these should help us avoid - needless crash bugs. Closes ticket 18613. diff --git a/changes/bug13239 b/changes/bug13239 deleted file mode 100644 index 249e2b7..0000000 --- a/changes/bug13239 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (hidden service client): - - Increase the minimum number of internal circuits we preemptively build - from 2 to 3 so they are available when a client connects to another - onion service. Fixes bug 13239; bugfix on 0.1.0.1-rc. diff --git a/changes/bug14334 b/changes/bug14334 deleted file mode 100644 index 12b1a20..0000000 --- a/changes/bug14334 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (guards): - - Don't mark guards as unreachable if connection_connect() fails. That - function fails for local reasons, so it shouldn't reveal anything about - the status of the guard. Fixes bug 14334; bugfix on 0.2.3.10-alpha. diff --git a/changes/bug15942 b/changes/bug15942 deleted file mode 100644 index 8426025..0000000 --- a/changes/bug15942 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (downloading): - - Use random exponential backoffs when retrying downloads from the dir - servers. Closes ticket 15942. diff --git a/changes/bug16943 b/changes/bug16943 deleted file mode 100644 index 3278d7b..0000000 --- a/changes/bug16943 +++ /dev/null @@ -1,8 +0,0 @@ - o Major features (dirauths, security, hidden services): - - Directory authorities can now perform the shared randomness protocol - specified by proposal 250. Using this protocol, directory authorities can - generate a global fresh random number every day. In the future, this - global randomness will be used by hidden services to select their - responsible HSDirs. This release only implements the directory authority - feature; the hidden service side will be implemented in the future as - part of proposal 224 . Resolves ticket 16943; implements proposal 250. diff --git a/changes/bug17688 b/changes/bug17688 deleted file mode 100644 index bfbf1de..0000000 --- a/changes/bug17688 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (guard selection): - - Use a single entry guard even if the NumEntryGuards consensus parameter - is not provided. Fixes bug 17688; bugfix on 0.2.5.6-alpha. - diff --git a/changes/bug17983 b/changes/bug17983 deleted file mode 100644 index a099e1c..0000000 --- a/changes/bug17983 +++ /dev/null @@ -1,11 +0,0 @@ - o Major features (build, hardening): - - Tor now builds with -ftrapv by default on compilers that support it. - This option detects signed integer overflow, and turns it into a - hard-failure. We do not apply this option to code that needs to run - in constant time to avoid side-channels; instead, we use -fwrapv. - Closes ticket 17983. - - When --enable-expensive-hardening is selected, stop applying the clang/gcc - sanitizers to code that needs to run in constant-time to avoid side - channels: although we are aware of no introduced side-channels, we - are not able to prove that this is safe. Related to ticket 17983. - diff --git a/changes/bug18240 b/changes/bug18240 deleted file mode 100644 index 6be7ba1..0000000 --- a/changes/bug18240 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (build): - - Make the test-stem and test-network targets depend only on the - tor binary to be tested. Previously, they depended on "make all". - Fixes bug 18240; bugfix on 0.2.8.2-alpha. - Based on a patch from "cypherpunks". diff --git a/changes/bug18300 b/changes/bug18300 deleted file mode 100644 index 791752a..0000000 --- a/changes/bug18300 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (logging): - - Provide a more useful warning message when configured with an - invalid Nickname. Closes ticket 18300; patch from "icanhasaccount". diff --git a/changes/bug18322 b/changes/bug18322 deleted file mode 100644 index 8330798..0000000 --- a/changes/bug18322 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (debugging): - - When dumping unparseable router descriptors, optionally store them in - separate filenames by hash, up to a configurable limit. - Closes ticket 18322. diff --git a/changes/bug18456 b/changes/bug18456 deleted file mode 100644 index 843c70a..0000000 --- a/changes/bug18456 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (exit policies): - - Avoid disclosing exit outbound bind addresses, configured port bind - addresses, and local interface addresses in relay descriptors by - default under ExitPolicyRejectPrivate. Instead, only reject these - (otherwise unlisted) addresses if ExitPolicyRejectLocalInterfaces is set. - Fixes bug 18456; bugfix on 0.2.7.2-alpha. Patch by teor. diff --git a/changes/bug18604 b/changes/bug18604 deleted file mode 100644 index 7d1d37f..0000000 --- a/changes/bug18604 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (ephemeral hidden service): - - When deleting an ephemeral hidden service, close its intro points even - if not in the open state. Fixes bug 18604; bugfix on - 0.2.7.1-alpha. diff --git a/changes/bug18704 b/changes/bug18704 deleted file mode 100644 index 4280b74..0000000 --- a/changes/bug18704 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (hidden service client): - - With FetchHidServDescriptors set to 0, there is no descriptor fetch - (which is intended) but also no descriptor cache lookup was done - making any Tor client not working with this option unset. Fixes - bug 18704; bugfix on 0.2.0.20-rc. Patch by "twim". diff --git a/changes/bug18815 b/changes/bug18815 deleted file mode 100644 index cb504b2..0000000 --- a/changes/bug18815 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (performance): - - When fetching a consensus for the first time, use optimistic data. - This saves a round-trip during startup. Closes ticket 18815. diff --git a/changes/bug18840 b/changes/bug18840 deleted file mode 100644 index 653b946..0000000 --- a/changes/bug18840 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (directory authority): - - Authorities now sort the "package" lines in their votes, for ease - of debugging. (They are already sorted in the consensus documents.) - Fixes bug 18840; bugfix on 0.2.6.3-alpha. diff --git a/changes/bug18889 b/changes/bug18889 deleted file mode 100644 index 45b0992..0000000 --- a/changes/bug18889 +++ /dev/null @@ -1,2 +0,0 @@ - o Code simplification and refactoring: - - Remove redundant declarations of the MIN macro. Closes ticket 18889. diff --git a/changes/bug18895 b/changes/bug18895 deleted file mode 100644 index 9ad857c..0000000 --- a/changes/bug18895 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (build): - - When building on a system without runtime support for some of the - runtime hardening options, try to log a useful warning at configuration - time, rather than an incomprehensible warning at link time. - If expensive hardening was requested, this warning becomes an error. - Closes ticket 18895. diff --git a/changes/bug18934 b/changes/bug18934 deleted file mode 100644 index 18eb9ab..0000000 --- a/changes/bug18934 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (testing): - - Let backtrace tests work correctly under AddressSanitizer. - Fixes part of bug 18934; bugfix on 0.2.5.2-alpha. diff --git a/changes/bug18934_2 b/changes/bug18934_2 deleted file mode 100644 index 2027e2b..0000000 --- a/changes/bug18934_2 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (testing): - - Disable ASAN's detection of segmentation faults while running - test_bt.sh, so that we can make sure that our own backtrace generation - code works. Fixes another aspect of bug 18934; bugfix on 0.2.5.2-alpha. - Patch from "cypherpunks". diff --git a/changes/bug18956 b/changes/bug18956 deleted file mode 100644 index 0cf10e9..0000000 --- a/changes/bug18956 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (memory leaks): - - Fix a small, uncommon memory leak that could occur when reading a - truncated ed25519 key file. Fixes bug 18956; bugfix on 0.2.6.1-alpha. - - diff --git a/changes/bug18963 b/changes/bug18963 deleted file mode 100644 index eb68792..0000000 --- a/changes/bug18963 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (bootstrap): - - Remember the directory we fetched the consensus or previous - certificates from, and use it to fetch future authority - certificates. - Fixes bug 18963; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug19063 b/changes/bug19063 deleted file mode 100644 index 1002009..0000000 --- a/changes/bug19063 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (code safety): - - In our integer-parsing functions, check that the maxiumum - value given is no smaller than the minimum value. Closes ticket - 19063; patch from U+039b. diff --git a/changes/bug19066 b/changes/bug19066 deleted file mode 100644 index a0f6ff3..0000000 --- a/changes/bug19066 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (directory authority): - - When parsing detached signature, make sure we use the length of the - digest algorithm instead of an hardcoded DIGEST256_LEN in order to - avoid comparing bytes out of bound with a smaller digest length such - as SHA1. Fixes bug 19066; bugfix on 0.2.2.6-alpha. diff --git a/changes/bug19079 b/changes/bug19079 deleted file mode 100644 index 6cbc6ce..0000000 --- a/changes/bug19079 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (build): - - Detect and work around a libclang_rt problem that prevents clang from - finding __mulodi4() on some 32-bit platforms. This clang bug would keep - -ftrapv from linking on those systems. Closes ticket 19079. diff --git a/changes/bug19139 b/changes/bug19139 deleted file mode 100644 index 2e53d7d..0000000 --- a/changes/bug19139 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (build): - - Use the Autoconf macro AC_USE_SYSTEM_EXTENSIONS to automatically - turn on C and POSIX extensions. Closes ticket 19139. diff --git a/changes/bug19153 b/changes/bug19153 deleted file mode 100644 index e3692e4..0000000 --- a/changes/bug19153 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation: - - Fix spelling of "--enable-tor2web-mode" in the manpage. Closes - ticket 19153. Patch from "U+039b". diff --git a/changes/bug19216 b/changes/bug19216 deleted file mode 100644 index ffdbe6d..0000000 --- a/changes/bug19216 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - When building with Clang, include our full array of GCC warnings. - (Previously, we included only a subset, because of the way we - detected them.) Fixes bug 19216; bugfix on 0.2.0.1-alpha. diff --git a/changes/bug19421 b/changes/bug19421 deleted file mode 100644 index 028a754..0000000 --- a/changes/bug19421 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (testing): - - Fix the test-network-all target on out-of-tree builds by using the - correct path to the test driver script. Fixes bug 19421; bugfix on - 0.2.7.3-rc. diff --git a/changes/bug19428 b/changes/bug19428 deleted file mode 100644 index e966596..0000000 --- a/changes/bug19428 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (timing): - - When computing the difference between two times in milliseconds, - we now round to the nearest millisecond correctly. Previously, - we could sometimes round in the wrong direction. Fixes bug 19428; - bugfix on 0.2.2.2-alpha. diff --git a/changes/bug19435 b/changes/bug19435 deleted file mode 100644 index d0a29d1..0000000 --- a/changes/bug19435 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (user interface): - - Fix an integer overflow in the rate-limiter that caused displaying of - wrong number of suppressed messages (if there are too many of them). - If the number of messages hits the limit of messages per interval the - rate-limiter doesn't count any further. - Fixes bug 19435; bugfix on 0.2.4.11-alpha. diff --git a/changes/bug19449 b/changes/bug19449 deleted file mode 100644 index 4592628..0000000 --- a/changes/bug19449 +++ /dev/null @@ -1,4 +0,0 @@ - o Removed features: - - There is no longer a compile-time option to disable support - for TransPort. (If you don't want TransPort; just don't use it.) - Patch from "U+039b". Closes ticket 19449. diff --git a/changes/bug19483 b/changes/bug19483 deleted file mode 100644 index 0899978..0000000 --- a/changes/bug19483 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (time): - - Improve overflow checks in tv_udiff and tv_mdiff. - Fixes bug 19483; bugfix on all released tor versions. diff --git a/changes/bug19503 b/changes/bug19503 deleted file mode 100644 index 08fc801..0000000 --- a/changes/bug19503 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (user interface): - - Fix a typo in the getting passphrase prompt for the ed25519 - identity key. Fixes bug 19503; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug19504 b/changes/bug19504 deleted file mode 100644 index 2162837..0000000 --- a/changes/bug19504 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (documentation): - - Document the --passphrase-fd option in the tor manpage. - Fixes bug 19504; bugfix on 0.2.7.3-rc. diff --git a/changes/bug19505 b/changes/bug19505 deleted file mode 100644 index 47387b0..0000000 --- a/changes/bug19505 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (documentation): - - Fix the description of the --passphrase-fd option in the tor-gencert - manpage. The option is used to pass the number of a file descriptor to - read the passphrase from, not to read the file descriptor from. Fixes - bug 19505; bugfix on 0.2.0.20-alpha. diff --git a/changes/bug19554 b/changes/bug19554 deleted file mode 100644 index d67a0bd..0000000 --- a/changes/bug19554 +++ /dev/null @@ -1,4 +0,0 @@ - o New system requirements: - - Tor requires Libevent version 2.0.10-stable or later now. - Implements ticket 19554. - diff --git a/changes/bug19578 b/changes/bug19578 deleted file mode 100644 index 8b3355b..0000000 --- a/changes/bug19578 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (logging): - - When logging a directory ownership mismatch, log the owning username - correctly. Fixes bug 19578; bugfix on 0.2.2.29-beta. diff --git a/changes/bug19639 b/changes/bug19639 deleted file mode 100644 index 9dc7e62..0000000 --- a/changes/bug19639 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (circuits): - - Make sure extend_info_from_router is only called on servers. - Fixes bug 19639; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug19702 b/changes/bug19702 deleted file mode 100644 index 093511a..0000000 --- a/changes/bug19702 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (test networks): - - Allow clients to retry HSDirs much faster in test networks. - Fixes bug 19702; bugfix on 0.2.7.1-alpha. Patch by teor. diff --git a/changes/feature15588 b/changes/feature15588 deleted file mode 100644 index b556307..0000000 --- a/changes/feature15588 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (controller): - - Add support for configuring basic client authorization on hidden - services created with the ADD_ONION control command. - Implements ticket 15588. Patch by "special". diff --git a/changes/feature18624 b/changes/feature18624 deleted file mode 100644 index 8b4a608..0000000 --- a/changes/feature18624 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor features (directory authority): - - Directory authorities now only give the Guard flag to a relay if - they are also giving it the Stable flag. This change allows us to - simplify path selection for clients, and it should have minimal - effect in practice since >99% of Guards already have the Stable - flag. Implements ticket 18624. - diff --git a/changes/feature18685 b/changes/feature18685 deleted file mode 100644 index bc0d1be..0000000 --- a/changes/feature18685 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (controller): - - Fire a `STATUS_SERVER` event whenever the hibernation status changes - between "awake"/"soft"/"hard". Closes ticket 18685. diff --git a/changes/feature18760 b/changes/feature18760 deleted file mode 100644 index c0a9103..0000000 --- a/changes/feature18760 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (relay, usability): - - When the directory authorities refuse a bad relay's descriptor, - encourage the relay operator to contact us. Many relay operators - won't notice this line in their logs, but it's a win if even a - few learn why we don't like what their relay was doing. Resolves - ticket 18760. diff --git a/changes/feature18998 b/changes/feature18998 deleted file mode 100644 index bd0a382..0000000 --- a/changes/feature18998 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (hidden service): - - Stop being so strict about the payload length of "rendezvous1" - cells. We used to be locked in to the "tap" handshake length, - and now we can handle better handshakes like "ntor". Resolves - ticket 18998. diff --git a/changes/feature19036 b/changes/feature19036 deleted file mode 100644 index e2379b4..0000000 --- a/changes/feature19036 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (directory authority): - - Make directory authorities write the v3-status-votes file out - to disk earlier in the consensus process, so we have the votes - even if we abort the consensus process below. Resolves ticket 19036. diff --git a/changes/feature19116 b/changes/feature19116 deleted file mode 100644 index ab0c767..0000000 --- a/changes/feature19116 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (testing): - - Move the test-network.sh script to chutney, and modify tor's - test-network.sh to call the (newer) chutney version when available. - Resolves ticket 19116. Patch by teor. diff --git a/changes/lcov_excl b/changes/lcov_excl deleted file mode 100644 index f8a01af..0000000 --- a/changes/lcov_excl +++ /dev/null @@ -1,7 +0,0 @@ - o Minor features (testing): - - Use the lcov convention for marking lines as unreachable, so that - we don't count them when we're generating test coverage data. - Update our coverage tools to understand this convention. - Closes ticket 16792. - - diff --git a/changes/monotonic b/changes/monotonic deleted file mode 100644 index 7143f69..0000000 --- a/changes/monotonic +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (backend): - - Tor now uses the operating system's monotonic timers (where available) - for internal fine-grained timing. Previously we would look at the - system clock, and then attempt to compensate for the clock running - backwards. Closes ticket 18908. - diff --git a/changes/task19035 b/changes/task19035 deleted file mode 100644 index 15c376f..0000000 --- a/changes/task19035 +++ /dev/null @@ -1,5 +0,0 @@ - o Removed features: - - Remove support for "GET /tor/bytes.txt" DirPort request, and - "GETINFO dir-usage" controller request, which were only available - via a compile-time option in Tor anyway. Feature was added in - 0.2.2.1-alpha. Resolves ticket 19035. diff --git a/changes/test_zlib_bombs b/changes/test_zlib_bombs deleted file mode 100644 index 26121ed..0000000 --- a/changes/test_zlib_bombs +++ /dev/null @@ -1,3 +0,0 @@ - o Testing: - - We now have unit tests for our code to reject zlib "compression bombs". - (Fortunately, the code works fine.) diff --git a/changes/ticket16698 b/changes/ticket16698 deleted file mode 100644 index 5057050..0000000 --- a/changes/ticket16698 +++ /dev/null @@ -1,3 +0,0 @@ - o Code simplification and refactoring: - - Split the 600-line directory_handle_command_get function into - separate functions for different URL types. Closes ticket 16698. diff --git a/changes/ticket18462 b/changes/ticket18462 deleted file mode 100644 index 2f7a5f8..0000000 --- a/changes/ticket18462 +++ /dev/null @@ -1,3 +0,0 @@ - o Code simplification and refactoring: - - Rename tor_dup_addr() to tor_addr_to_str_dup() to avoid confusion. - Closes ticket 18462; patch from "icanhasaccount". diff --git a/changes/ticket19323 b/changes/ticket19323 deleted file mode 100644 index 022a280..0000000 --- a/changes/ticket19323 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (control port): - - Implement new GETINFO queries for all downloads using download_status_t - to schedule retries. Closes ticket 19323. diff --git a/changes/timeouts b/changes/timeouts deleted file mode 100644 index a4efb6a..0000000 --- a/changes/timeouts +++ /dev/null @@ -1,7 +0,0 @@ - o Minor features (infrastructure): - - Tor now includes an improved timer backend, so that we can efficiently - support tens or hundreds of thousands of concurrent timers, as will be - needed for some of our planned anti-traffic-analysis work. This code - is based on William Ahern's "timeout.c" project, which implements - a "tickless hierarchical timing wheel". Closes ticket 18365. - diff --git a/changes/workqueue_tests b/changes/workqueue_tests deleted file mode 100644 index 7c5d756..0000000 --- a/changes/workqueue_tests +++ /dev/null @@ -1,4 +0,0 @@ - o Testing: - - Run more workqueue tests as part of "make check". These had previously - been implemented, but you needed to know special command-line options - to enable them. diff --git a/changes/zlib_12 b/changes/zlib_12 deleted file mode 100644 index 3344286..0000000 --- a/changes/zlib_12 +++ /dev/null @@ -1,4 +0,0 @@ - o New system requirements: - - We now require zlib version 1.2 or later. (Back when we started, - zlib 1.1 and zlib 1.0 were still found in the wild. 1.2 was released in - 2003. We recommend the latest version.)