commit 36ca7ea377b22d7164cd8b04ca223db03c997285 Author: Nick Mathewson nickm@torproject.org Date: Thu Apr 9 08:45:04 2020 -0400

Start changelog for 0.4.3.4-rc. --- ChangeLog | 96 +++++++++++++++++++++++++++++++++++++++++++++++ changes/bug31669 | 4 -- changes/bug33032 | 6 --- changes/bug33087 | 7 ---- changes/bug33608 | 5 --- changes/bug33668 | 4 -- changes/bug33673 | 6 --- changes/bug33674 | 4 -- changes/bug33782 | 7 ---- changes/ticket33491 | 6 --- changes/ticket33623 | 2 - changes/ticket33643 | 5 --- changes/ticket33643_part2 | 3 -- changes/ticket33646 | 4 -- changes/ticket33678_043 | 3 -- changes/ticket33804 | 7 ---- 16 files changed, 96 insertions(+), 73 deletions(-)

diff --git a/ChangeLog b/ChangeLog index 0759d065f..9aee9bd02 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,99 @@ +Changes in version 0.4.3.4-rc - 2020-04-1? + Tor 0.4.3.4-rc is the first release candidate in its series. It fixes + several bugs from earlier versions, including one affecting DoS + defenses on bridges using pluggable transports. + + o Major bugfixes (DoS defenses, bridges, pluggable transport): + - DoS subsystem was not given the transport name of the client + connection when tor is a bridge and thus failing to find the GeoIP + cache entry for that client address. This resulted in failing to + apply DoS defenses on bridges with a pluggable transport. Fixes + bug 33491; bugfix on 0.3.3.2-alpha. + + o Minor feature (sendme, flow control): + - Default to sending SENDME version 1 cells. (Clients are already + sending these, because of a consensus parameter telling them to do + so: this change only effects what clients would do if the + consensus didn't contain a recommendation.) Closes ticket 33623. + + o Minor features (testing): + - The unit tests now support a "TOR_SKIP_TESTCASES" environment + variable to specify a list of space-separated test cases that + should not be executed. We will use this to disable certain tests + that are failing on Appveyor because of mismatched OpenSSL + libraries. Part of ticket 33643. + + o Minor bugfixes (--disable-module-relay): + - Fix an assertion failure when Tor is build without the relay + module, and then invoked with the "User" option. Fixes bug 33668; + bugfix on 0.4.3.1-alpha. + + o Minor bugfixes (--disable-module-relay,--disable-module-dirauth): + - Set some output arguments in the relay and dirauth module stubs, + to guard against future stub argument handling bugs like 33668. + Fixes bug 33674; bugfix on 0.4.3.1-alpha. + + o Minor bugfixes (build system): + - Correctly output the enabled module in the configure summary. + Before that, the list shown was just plain wrong. Fixes bug 33646; + bugfix on 0.4.3.2-alpha. + + o Minor bugfixes (client, IPv6): + - Stop forcing all non-SocksPorts to prefer IPv6 exit connections. + Instead, prefer IPv6 connections by default, but allow users to + change their configs using the "NoPreferIPv6" port flag. Fixes bug + 33608; bugfix on 0.4.3.1-alpha. + - Revert PreferIPv6 set by default on the SocksPort because it + brokes the torsocks use case. Tor doesn't have a way for an + application to request the hostname to be resolved for a specific + IP version but torsocks requires that. Up until now, IPv4 was used + by default so it is expecting that, and can't handle a possible + IPv6 being returned. Fixes bug 33804; bugfix on 0.4.3.1-alpha. + + o Minor bugfixes (key portability): + - When reading PEM-encoded key data, tolerate CRLF line-endings even + if we are not running on Windows. Previously, non-Windows hosts + would reject these line-endings in certain positions, making + certain key files hard to move from one host to another. Fixes bug + 33032; bugfix on 0.3.5.1-alpha. + + o Minor bugfixes (logging): + - Flush stderr, stdout, and file logs during shutdown, if supported + by the OS. This change helps make sure that any final logs are + recorded. Fixes bug 33087; bugfix on 0.4.1.6. + - Stop closing stderr and stdout during shutdown. Closing these file + descriptors can hide sanitiser logs. Fixes bug 33087; bugfix + on 0.4.1.6. + + o Minor bugfixes (onion services v3): + - Relax severity of a log message that can appear naturally when + decoding onion service descriptors as a relay. Also add some + diagnostics to debug any future bugs in that area. Fixes bug + 31669; bugfix on 0.3.0.1-alpha. + + o Code simplification and refactoring: + - Disable our coding standards best practices tracker in our git + hooks. (0.4.3 branches only.) Closes ticket 33678. + + o Testing: + - Avoid conflicts between the fake sockets in tor's unit tests, and + real file descriptors. Resolves issues running unit tests with + GitHub Actions, where the process that embeds or launches the + tests has already opened a large number of file descriptors. Fixes + bug 33782; bugfix on 0.2.8.1-alpha. Found and fixed by + Putta Khunchalee. + + o Testing (CI): + - In our Appveyor Windows CI, copy required DLLs to test and app, + before running tor's tests. This ensures that tor.exe and + test*.exe use the correct version of each DLL. This fix is not + required, but we hope it will avoid DLL search issues in future. + Fixes bug 33673; bugfix on 0.3.4.2-alpha. + - On Appveyor, skip the crypto/openssl_version test, which is + failing because of a mismatched library installation. Fix + for 33643. + + Changes in version 0.4.3.3-alpha - 2020-03-18 Tor 0.4.3.3-alpha fixes several bugs in previous releases, including TROVE-2020-002, a major denial-of-service vulnerability that affected diff --git a/changes/bug31669 b/changes/bug31669 deleted file mode 100644 index 8079c98f6..000000000 --- a/changes/bug31669 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (onion services v3): - - Relax severity of a log message that can appear naturally when decoding - onion service descriptors as a relay. Also add some diagnostics to debug - any future bugs in that area. Fixes bug 31669; bugfix on 0.3.0.1-alpha. \ No newline at end of file diff --git a/changes/bug33032 b/changes/bug33032 deleted file mode 100644 index 0c665f25d..000000000 --- a/changes/bug33032 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (key portability): - - When reading PEM-encoded key data, tolerate CRLF line-endings even if - we are not running on Windows. Previously, non-Windows hosts - would reject these line-endings in certain positions, making - certain key files hard to move from one host to another. - Fixes bug 33032; bugfix on 0.3.5.1-alpha. diff --git a/changes/bug33087 b/changes/bug33087 deleted file mode 100644 index ab6df58cc..000000000 --- a/changes/bug33087 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (logging): - - Stop closing stderr and stdout during shutdown. Closing these file - descriptors can hide sanitiser logs. - Fixes bug 33087; bugfix on 0.4.1.6. - - Flush stderr, stdout, and file logs during shutdown, if supported by the - OS. This change helps make sure that any final logs are recorded. - Fixes bug 33087; bugfix on 0.4.1.6. diff --git a/changes/bug33608 b/changes/bug33608 deleted file mode 100644 index 0e82a8eec..000000000 --- a/changes/bug33608 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (client IPv6): - - Stop forcing all non-SOCKSPorts to prefer IPv6 exit connections. Instead, - prefer IPv6 connections by default, but allow users to change their - configs using the "NoPreferIPv6" port flag. - Fixes bug 33608; bugfix on 0.4.3.1-alpha. diff --git a/changes/bug33668 b/changes/bug33668 deleted file mode 100644 index 2b0830d6d..000000000 --- a/changes/bug33668 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (--disable-module-relay): - - Fix an assertion failure when Tor is build without the relay module, - and then invoked with the "User" option. Fixes bug 33668; bugfix on - 0.4.3.1-alpha. diff --git a/changes/bug33673 b/changes/bug33673 deleted file mode 100644 index 37c00f2e6..000000000 --- a/changes/bug33673 +++ /dev/null @@ -1,6 +0,0 @@ - o Testing: - - In our Appveyor Windows CI, copy required DLLs to test and app, before - running tor's tests. This ensures that tor.exe and test*.exe use the - correct version of each DLL. This fix is not required, but we hope it - will avoid DLL search issues in future. - Fixes bug 33673; bugfix on 0.3.4.2-alpha. diff --git a/changes/bug33674 b/changes/bug33674 deleted file mode 100644 index bcc3fcab0..000000000 --- a/changes/bug33674 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (--disable-module-relay,--disable-module-dirauth): - - Set some output arguments in the relay and dirauth module stubs, to - guard against future stub argument handling bugs like 33668. - Fixes bug 33674; bugfix on 0.4.3.1-alpha. diff --git a/changes/bug33782 b/changes/bug33782 deleted file mode 100644 index 9d4a0e7a7..000000000 --- a/changes/bug33782 +++ /dev/null @@ -1,7 +0,0 @@ - o Testing: - - Avoid conflicts between the fake sockets in tor's unit tests, and real - file descriptors. Resolves issues running unit tests with GitHub Actions, - where the process that embeds or launches the tests has already opened a - large number of file descriptors. - Fixes bug 33782; bugfix on 0.2.8.1-alpha. - Found and fixed by Putta Khunchalee. diff --git a/changes/ticket33491 b/changes/ticket33491 deleted file mode 100644 index 595ea863e..000000000 --- a/changes/ticket33491 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (DoS defenses, bridges, pluggable transport): - - DoS subsystem was not given the transport name of the client connection - when tor is a bridge and thus failing to find the GeoIP cache entry for - that client address. This resulted in failing to apply DoS defenses on - bridges with a pluggable transport. Fixes bug 33491; bugfix on - 0.3.3.2-alpha. diff --git a/changes/ticket33623 b/changes/ticket33623 deleted file mode 100644 index 528af3ca0..000000000 --- a/changes/ticket33623 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor feature (sendme, flow control): - - Default on sending SENDME version 1 cells. Closes ticket 33623. diff --git a/changes/ticket33643 b/changes/ticket33643 deleted file mode 100644 index 7fddab74e..000000000 --- a/changes/ticket33643 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (testing): - - The unit tests now support a "TOR_SKIP_TESTCASES" environment variable - to specify a list of space-separated test cases that should not be - executed. We will use this to disable certain tests that are failing on - Appveyor because of mismatched OpenSSL libraries. Part of ticket 33643. diff --git a/changes/ticket33643_part2 b/changes/ticket33643_part2 deleted file mode 100644 index 28193d2af..000000000 --- a/changes/ticket33643_part2 +++ /dev/null @@ -1,3 +0,0 @@ - o Testing (CI): - - On appveyor, skip the crypto/openssl_version test, which is failing - because of a mismatched library installation. Fix for 33643. diff --git a/changes/ticket33646 b/changes/ticket33646 deleted file mode 100644 index 751c5d5bf..000000000 --- a/changes/ticket33646 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (build system): - - Correctly output the enabled module in the configure summary. Before that, - the list shown was just plain wrong. Fixes bug 33646; bugfix on - 0.4.3.2-alpha. diff --git a/changes/ticket33678_043 b/changes/ticket33678_043 deleted file mode 100644 index 12316262f..000000000 --- a/changes/ticket33678_043 +++ /dev/null @@ -1,3 +0,0 @@ - o Code simplification and refactoring: - - Disable our coding standards best practices tracker in our git hooks. - (0.4.3 branches only.) Closes ticket 33678. diff --git a/changes/ticket33804 b/changes/ticket33804 deleted file mode 100644 index 254246dac..000000000 --- a/changes/ticket33804 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (client, SocksPort, IPv6): - - Revert PreferIPv6 set by default on the SocksPort because it brokes the - torsocks use case. Tor doesn't have a way for an application to request - the hostname to be resolved for a specific IP version but torsocks - requires that. Up until now, IPv4 was used by default so it is expecting - that, and can't handle a possible IPv6 being returned. Fixes bug 33804; - bugfix on 0.4.3.1-alpha.