commit e811bac8377445dff00972599178608410cbb6e2 Author: Nick Mathewson <nickm@torproject.org> Date: Tue May 15 12:31:16 2018 -0400 use sortChanges to begin an 0.3.4.1-alpha changelog --- ChangeLog | 498 ++++++++++++++++++++++++++++++++++++++++++++++ changes/18105 | 4 - changes/24378 | 8 - changes/25857 | 3 - changes/bug18918 | 6 - changes/bug20887 | 4 - changes/bug23094 | 4 - changes/bug23107 | 6 - changes/bug23693.1 | 4 - changes/bug23909 | 4 - changes/bug24031 | 13 -- changes/bug24484 | 4 - changes/bug24688 | 3 - changes/bug24910 | 7 - changes/bug24914 | 3 - changes/bug24969 | 3 - changes/bug25226 | 4 - changes/bug25373 | 7 - changes/bug25398 | 5 - changes/bug25399 | 5 - changes/bug25400 | 5 - changes/bug25409 | 12 -- changes/bug25415 | 4 - changes/bug25425 | 4 - changes/bug25512 | 5 - changes/bug25675 | 4 - changes/bug25691_again | 6 - changes/bug25705 | 5 - changes/bug25733 | 4 - changes/bug25756 | 7 - changes/bug25761 | 3 - changes/bug25828 | 7 - changes/bug25843 | 3 - changes/bug25852 | 5 - changes/bug25870 | 6 - changes/bug25901 | 3 - changes/bug25943 | 7 - changes/bug26007 | 5 - changes/bug26052 | 6 - changes/bug26069 | 5 - changes/coveralls | 3 - changes/feature19429 | 5 - changes/feature25150 | 4 - changes/geoip-2018-05-01 | 4 - changes/isolate_libevent | 5 - changes/ticket20522 | 6 - changes/ticket23354 | 6 - changes/ticket23873 | 6 - changes/ticket24714 | 6 - changes/ticket24734 | 6 - changes/ticket24740 | 5 - changes/ticket25024 | 4 - changes/ticket25081 | 5 - changes/ticket25162 | 6 - changes/ticket25261 | 3 - changes/ticket25268 | 7 - changes/ticket25290 | 5 - changes/ticket25374 | 6 - changes/ticket25376_25762 | 10 - changes/ticket25409 | 6 - changes/ticket25432 | 6 - changes/ticket25511 | 5 - changes/ticket25610 | 5 - changes/ticket25645 | 4 - changes/ticket25760 | 5 - changes/ticket25766 | 3 - changes/ticket25903 | 6 - changes/ticket25927.1 | 6 - changes/ticket25927.2 | 5 - changes/ticket25931 | 9 - changes/ticket25932 | 9 - changes/ticket25937 | 9 - changes/ticket25948 | 9 - changes/ticket25949 | 9 - changes/ticket25951 | 9 - changes/ticket25952 | 9 - changes/ticket25993 | 4 - changes/ticket25994 | 5 - changes/ticket25995 | 5 - changes/ticket25996 | 5 - changes/ticket25997 | 5 - changes/ticket26004 | 5 - changes/ticket26006 | 4 - changes/ticket26008 | 7 - changes/ticket26009 | 9 - changes/ticket26014 | 4 - changes/ticket26016 | 4 - changes/ticket26062 | 4 - changes/ticket26063 | 5 - changes/ticket26064 | 5 - changes/ticket4187 | 3 - changes/ticket6236 | 4 - changes/travis_distcheck | 4 - 93 files changed, 498 insertions(+), 501 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8789b215d..91efcea98 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,501 @@ +Changes in version 0.3.4.1-alpha - 2018-05-1? + XXX BLURB + + + o Major feature (directory authority, modularization): + - The directory authority subsystem has been modularized. The code is now + located in src/or/dirauth/ which is compiled in by default. To disable the + module, the configure option --disable-module-dirauth has been added. + Closes ticket 25610; + + o Major feature (main loop, CPU usage): + - Previously, tor would enable at startup all possible main loop event + regardless if it needed them. For instance, directory authorities + callbacks were fired up even for client only. We have now refactored this + whole interface to only enable the appropriate callbacks depending on what + are tor roles (client only, relay, hidden service, etc.). Furthermore, + these events now depend on DisableNetwork or the hibernation state in + order to enable them. This is a big step towards reducing client CPU usage + by reducing the amount of wake ups the daemon does. Closes ticket 25376 + and 25762. + + o Major features (CPU usage, mobile): + - When Tor is disabled (via DisableNetwork or via hibernation), it + no longer needs to run any per-second events. This change should + make it easier for mobile applications to disable Tor while the + device is sleeping, or Tor is not running. Closes ticket 26063. + + o Major features (main loop, CPU wakeup): + - The bandwidth-limitation logic has been refactored so that + bandwidth calculations are performed on-demand, rather than + every TokenBucketRefillInterval milliseconds. + This change should improve the granularity of our bandwidth + calculations, and limit the number of times that the Tor process needs + to wake up when it is idle. Closes ticket 25373. + + o Major bugfixes (directory authorities, security): + - When directory authorities read a zero-byte bandwidth file, they log + a warning with the contents of an uninitialised buffer. Log a warning + about the empty file instead. + Fixes bug 26007; bugfix on 0.2.2.1-alpha. + + o Major bugfixes (directory authority): + - Avoid a crash when testing router reachability on a router that could + have an ed25519 ID, but which does not. Fixes bug 25415; bugfix on + 0.3.3.2-alpha. + + o Major bugfixes (onion service): + - Correctly detect when onion services get disabled after HUP. + Fixes bug 25761; bugfix on 0.3.2.1. + + o Major bugfixes (protover, voting): + - Revise Rust implementation of protover to use a more memory-efficient + voting algorithm and corresponding data structures, thus avoiding a + potential (but small impact) DoS attack where specially crafted protocol + strings would expand to several potential megabytes in memory. In the + process, several portions of code were revised to be methods on new, + custom types, rather than functions taking interchangeable types, thus + increasing type safety of the module. Custom error types and handling + were added as well, in order to facilitate better error dismissal/handling + in outside crates and avoid mistakenly passing an internal error string to + C over the FFI boundary. Many tests were added, and some previous + differences between the C and Rust implementations have been + remedied. Fixes bug 24031; bugfix on 0.3.3.1-alpha. + + o Major bugfixes (relay, denial of service): + - Impose a limit on circuit cell queue size. The limit can be controlled by + a consensus parameter. Fixes bug 25226; bugfix on 0.2.4.14-alpha. + + o Minor feature (entry guards): + - Introduce torrc option NumPrimaryGuards for controlling the number of + primary guards. Closes ticket 25843. + + o Minor features (accounting): + - When we become dormant, use a scheduled event to wake up at the right + time. Previously, we would use the per-second timer to check whether + to wake up, but we no longer have any per-second timers enabled when + the network is disabled. Closes ticket 26064. + + o Minor features (code quality): + - Add optional spell-checking for the Tor codebase, using the "misspell" + program. To use this feature, run "make check-typos". + Closes ticket 25024. + + o Minor features (compatibility): + - Tor now detects versions of OpenSSL 1.1.0 and later compiled with the + no-deprecated option, and builds correctly with them. Closes + tickets 19429, 19981, and 25353. + + o Minor features (compilation, portability): + - Avoid some compilation warnings with recent versions + of LibreSSL. Closes ticket 26006. + + o Minor features (compression, zstd): + - When running with zstd, Tor now considers using advanced functions that + the zstd maintainers have labeled as potentially unstable. To + prevent breakage, Tor will only use this functionality when + the runtime version of the zstd library matches the version + with which it were compiled. Closes ticket 25162. + + o Minor features (configuration): + - The "DownloadSchedule" options have been renamed to end with + "DownloadInitialDelay". The old names are still allowed, but will + produce a warning. Comma-separated lists are still permitted for + these options, but all values after the first are ignored (as they have + been since 0.2.9). Closes ticket 23354. + + o Minor features (continuous integration): + - Our .travis.yml configuration now includes support for testing + the results of "make distcheck". (It's not uncommon for "make check" to + pass but "make distcheck" to fail.) Closes ticket 25814. + - Our Travis CI configuration now integrates with the Coveralls coverage + analysis tool. Closes ticket 25818. + + o Minor features (control port): + - Introduce GETINFO "current-time/{local,utc}" to return the local + and UTC times respectively in ISO format. This helps a controller + like Tor Browser detect a time-related error. Closes ticket 25511. + Patch by Neel Chauhan. + - Introduce new fields to the CIRC_BW event. There are two new fields in + each of the read and written directions. The DELIVERED fields report the + total valid data on the circuit, as measured by the payload sizes of + verified and error-checked relay command cells. The OVERHEAD fields + report the total unused bytes in each of these cells. Closes ticket 25903. + + o Minor features (directory authority): + - Directory authorities now open their key-pinning files as O_SYNC, + to prevent themselves from accidentally writing partial lines. + Closes ticket 23909. + + o Minor features (directory authority, forward compatibility): + - Make the lines of the measured bandwidth file able to contain their + entries in any order. Previously, the node_id entry needed to come + first. Closes ticket 26004. + + o Minor features (geoip): + - Update geoip and geoip6 to the May 1 2018 Maxmind GeoLite2 + Country database. Closes ticket 26104. + + o Minor features (mainloop): + - Move responsibility for + closing connections, circuits, and channels + from a once-per-second callback to a callback that is only scheduled as + needed. Once enough items are removed from our once-per-second + callback, we can eliminate it entirely to conserve CPU when idle. + Closes ticket + 25932. + - Move responsibility for + consensus voting + from a once-per-second callback to a callback that is only scheduled as + needed. Once enough items are removed from our once-per-second + callback, we can eliminate it entirely to conserve CPU when idle. + Closes ticket + 25937. + - Move responsibility for + flushing log callbacks + from a once-per-second callback to a callback that is only scheduled as + needed. Once enough items are removed from our once-per-second + callback, we can eliminate it entirely to conserve CPU when idle. + Closes ticket + 25951. + - Move responsibility for + honoring delayed SIGNEWNYM requests + from a once-per-second callback to a callback that is only scheduled as + needed. Once enough items are removed from our once-per-second + callback, we can eliminate it entirely to conserve CPU when idle. + Closes ticket + 25949. + - Move responsibility for + rescanning the consensus cache + from a once-per-second callback to a callback that is only scheduled as + needed. Once enough items are removed from our once-per-second + callback, we can eliminate it entirely to conserve CPU when idle. + Closes ticket: + 25931. + - Move responsibility for + saving the state file to disk + from a once-per-second callback to a callback that is only scheduled as + needed. Once enough items are removed from our once-per-second + callback, we can eliminate it entirely to conserve CPU when idle. + Closes ticket + 25948. + - Move responsibility for + warning relay operators about unreachable ports + from a once-per-second callback to a callback that is only scheduled as + needed. Once enough items are removed from our once-per-second + callback, we can eliminate it entirely to conserve CPU when idle. + Closes ticket + 25952. + - Move responsibility for + keeping track of Tor's uptime + from a nce-per-second callback to a callback that is only scheduled as + needed. Once enough items are removed from our once-per-second + callback, we can eliminate it entirely to conserve CPU when idle. + Closes ticket + 26009. + + o Minor features (performance): + - Avoid a needless call to malloc() when processing an incoming + relay cell. Closes ticket 24914. + + o Minor features (performance, 32-bit): + - Make our timing-wheel code run a tiny bit faster on 32-bit platforms, + by preferring 32-bit math to 64-bit. Closes ticket 24688. + + o Minor features (performance, allocation): + - Avoid a needless malloc()/free() pair every time we handle an ntor + handshake. Closes ticket 25150. + + o Minor features (Testing): + - Add a unit test for voting_schedule_get_start_of_next_interval(). + Closes ticket 26014, and helps make unit test coverage more + deterministic. + - A new unittests module specifically for testing the functions in the + (new-ish) bridges.c module has been created with new unittests, raising + the code coverage percentages. Closes 25425. + - We now have improved testing for addressmap_get_virtual_address() + function. This should improve our test coverage, and make our test + coverage more deterministic. Closes ticket 25993. + + o Minor features (timekeeping, circuit scheduling): + - When keeping track of how busy each circuit have been recently on + a given connection, use coarse-grained monotonic timers rather than + gettimeofday(). This change should marginally increase accuracy + and performance. Implements part of ticket 25927. + + o Minor bugfix (controler): + - Make CIRC_BW event reflect the total of all data sent on a circuit, + including padding and dropped cells. Also fix a mis-counting bug + when STREAM_BW events were enabled. Fixes bug 25400; bugfix on + 0.2.5.2-alpha. + + o Minor bugfix (Multiple includes): + - Fixed multiple includes of trasports.h in src/or/connection.c + Fixes bug 25261; bugfix on 0.2.5.1-alpha. + + o Minor bugfixes (Assert crash): + - Avoid an assert in the circuit build timeout code if we fail to + allow any circuits to actually complete. Fixes bug 25733; + bugfix on 0.2.2.2-alpha. + + o Minor bugfixes (bandwidth management): + - Consider ourselves "low on write bandwidth" if we have exhausted our + write bandwidth some time in the last second. This was the + documented behavior before, but the actual behavior was to change + this value every TokenBucketRefillInterval. Fixes bug 25828; bugfix on + 0.2.3.5-alpha. + + o Minor bugfixes (C correctness): + - Add a missing lock acquisition in the shutdown code of the + control subsystem. Fixes bug 25675; bugfix on 0.2.7.3-rc. Found + by Coverity; this is CID 1433643. + + o Minor bugfixes (channel_get_for_extend()): + - Remove the unused variable n_possible from the function + Fixes bug 25645; bugfix on 0.2.4.4-alpha + + o Minor bugfixes (circuit path selection): + - Don't count path selection failures as circuit build failures. This + should eliminate cases where Tor blames its guard or the network + for situations like insufficient microdescriptors and/or overly + restrictive torrc settings. Fixes bug 25705; bugfix on 0.3.3.1-alpha. + + o Minor bugfixes (client): + - Don't consider Tor running as a client if the ControlPort is open. Fixes + bug 26062; bugfix on 0.2.9.4-alpha. + + o Minor bugfixes (control interface): + - Respond with more human readable error messages to GETINFO + exit-policy/* requests. Also, let controller know if error + is transient (response code 551) or not (response code 552). + Fixes bug 25852; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (directory client): + - When unverified-consensus is verified, rename it to cached-consenus. + Fixes bug 4187; bugfix on 0.2.0.3-alpha. + + o Minor bugfixes (directory server cert fetch): + - Fixed launching a certificate fetch always during the scheduled + periodic consensus fetch by fetching only in those cases when + consensus are waiting for certs. + Fixes bug 24740; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (documentation): + - Stop saying in the manual that clients cache ipv4 dns answers + from exit relays. We haven't used them since 0.2.6.3-alpha, and + in ticket 24050 we stopped even caching them as of 0.3.2.6-alpha, + but we forgot to say so in the man page. Fixes bug 26052; bugfix + on 0.3.2.6-alpha. + + o Minor bugfixes (Duplicate code): + - Remove duplicate code in parse_{c,s}method_line and bootstrap + their functionalities into a single function. Fixes + bug 6236; bugfix on 0.2.3.6-alpha. + + o Minor bugfixes (error reporting): + - Improve tolerance for directory authorities with skewed clocks. + Previously, an authority with a clock more than 60 seconds ahead + could cause a client with a correct clock to warn that the + client's clock was behind. Now the clocks of a majority of + directory authorities have to be ahead of the client before this + warning will occur. Fixes bug 25756; bugfix on 0.2.2.25-alpha. + + o Minor bugfixes (freebsd): + - In have_enough_mem_for_dircache(), the variable DIRCACHE_MIN_MEM_MB + does not stringify on FreeBSD, so we switch to tor_asprintf(). Fixes + bug 20887; bugfix on 0.2.8.1-alpha. Patch by Neel Chauhan. + + o Minor bugfixes (hidden service v3): + - Fix a memory leak when an hidden service v3 is configured and gets a + SIGHUP signal. Fixes bug 25901; bugfix on 0.3.2.1-alpha. + - When parsing the descriptor signature, look for the token plus an extra + white-space at the end. This is more correct but also will allow us to + support new fields that might start with "signature". Fixes bug 26069; + bugfix on 0.3.0.1-alpha. + + o Minor bugfixes (Linux seccomp2 sandbox): + - Allow the nanosleep() system call, which glibc uses to implement + sleep() and usleep(). Fixes bug 24969; bugfix on 0.2.5.1-alpha. + + o Minor bugfixes (path selection): + - Only select relays when they have the descriptors we prefer to + use for them. This change fixes a bug where we could select + a relay because it had _some_ descriptor, but reject it later with + a nonfatal assertion error because it didn't have the exact one we + wanted. Fixes bugs 25691 and 25692; bugfix on 0.3.3.4-alpha. + + o Minor bugfixes (portability): + - Do not align mmap length, as it is not required by POSIX, and the + getpagesize function is deprecated. Fixes bug 25399; bugfix on + 0.1.1.23. + + o Minor bugfixes (relay statistics): + - When a relay is collecting internal statistics about how many + create cell requests it has seen of each type, accurately count the + requests from relays that temporarily fall out of the consensus. (To + be extra conservative, we were already ignoring requests from + clients in our counts, and we continue ignoring them here.) Fixes + bug 24910; bugfix on 0.2.4.17-rc. + + o Minor bugfixes (relay, crash): + - Avoid a crash when running with DirPort set but ORPort tuned off. + Fixes a case of bug 23693; bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (restart-in-process): + - When shutting down, Tor now clears all the flags in the control.c + module. This should prevent a bug where authentication cookies + are not generated on restart. Fixes bug 25512; bugfix on 0.3.3.1-alpha. + + o Minor bugfixes (test): + - When testing workqueue event-cancellation, make sure that we actually + cancel an event, and that cancel each event with equal probability. + (It was previously possible, though extremely unlikely, for our + event-canceling test not to cancel any events.) Fixes bug 26008; + bugfix on 0.2.6.3-alpha. + + o Minor bugfixes (testing): + - Repeat part of the test in test_client_pick_intro() a number of times, + to give it consistent coverage. Fixes bug 25996; bugfix on + 0.3.2.1-alpha. + + o Minor bugfixes (testing, coverage): + - Remove randomness from the hs_common/responsible_hsdirs test, + so that it always takes the same path through the function it tests. + Fixes bug 25997; bugfix on 0.3.2.1-alpha. + + o Minor bugfixes (tests): + - Change the behavior of the "channel/outbound" test so that it never + causes a 10-second rollover for the EWMA circuitmux code. Previously, + this behavior would happen randomly, and result in fluctuating test + coverage. Fixes bug 25994; bugfix on 0.3.3.1-alpha. + - Use X509_new() to allocate certificates that will be freed later + with X509_free(). Previously, some parts of the unit tests had + used tor_malloc_zero(), which is incorrect, and which caused + test failures on Windows when they were built with extra hardening. + Fixes bugs 25943 and 25944; bugfix on 0.2.8.1-alpha. + Patch by Marcin Cieślak. + - While running the circuit_timeout test, fix the PRNG to a deterministic + AES stream, so that the test coverage from this test will itself be + deterministic. Fixes bug 25995; bugfix on 0.2.2.2-alpha. + + o Minor bugfixes (vanguards): + - Allow the last hop in a vanguard circuit to be the same as our first, + to prevent the adversary from influencing guard node choice by choice + of last hop. Also prevent the creation of A - B - A paths, or A - A + paths, which are forbidden by relays. Fixes bug 25870; bugfix on + 0.3.3.1-alpha. + + o Code simplification and refactoring: + We remove the PortForwsrding and PortForwardingHelper options, related + functions, and the port_forwarding tests. These options were used by + the now-deprecated Vidalia to help ordinary users become Tor relays or + bridges. Closes ticket 25409. Patch by Neel Chauhan. + - In order to make the OR and dir checking function in router.c less + confusing we renamed some functions and consider_testing_reachability() + has been splitted into router_should_check_reachability() and + router_do_reachability_checks(). Also we improved the documentation in + some functions. Closes ticket 18918. + - Initial work to isolate Libevent usage to a handful of modules in our + codebase, to simplify our call structure, and so that we can more + easily change event loops in the future if needed. Closes ticket + 23750. + - Introduce a function to call getsockname() and return + tor_addr_t, to save a little complexity throughout the codebase. + Closes ticket 18105. + - Make hsdir_index in node_t a hsdir_index_t rather than a pointer + as hsdir_index is always present. Also, we move hsdir_index_t into + or.h. Closes ticket 23094. Patch by Neel Chauhan. + - Merge functions used for describing nodes and suppress the functions + that do not allocate memory for the output buffer string. + NODE_DESC_BUF_LEN constant and format_node_description() function + cannot be used externally from router.c module anymore. + Closes ticket 25432. Patch by valentecaio. + - Our main loop has been simplified so that all important operations + happen inside events. Previously, some operations had to happen + outside the event loop, to prevent infinite sequences of event + activations. Closes ticket 25374. + - Put a SHA1 public key digest in hs_service_intro_point_t, and use it in + register_intro_circ() and service_intro_point_new(). This prevents the + digest from being re-calculated each time. Closes ticket 23107. Patch by + Neel Chauhan. + - Refactor token-bucket implementations to use a common backend. + Closes ticket 25766. + - Remove extern declaration of stats_n_seconds_working variable from main, + protecting its accesses with get_uptime() and reset_uptime() functions. + Closes ticket 25081, patch by “valentecaio”. + - Remove our previous logic for "cached gettimeofday()" -- our coarse + monotonic timers are fast enough for this purpose, and far less + error-prone. Implements part of ticket 25927. + - Remove the return value for fascist_firewall_choose_address_base(), + and sister functions such as fascist_firewall_choose_address_node() + and fascist_firewall_choose_address_rs(). Also, while we're here, + initialize the ap argument as leaving it uninitialized can pose a + security hazard. Closes ticket 24734. Patch by Neel Chauhan. + - Rename two fields of connection_t struct. + timestamp_lastwritten is renamed to timestamp_last_write_allowed and + timestamp_lastread is renamed to timestamp_last_read_allowed. + Closes ticket 24714, patch by "valentecaio". + - Since Tor requires C99, remove our old workaround code for libc + implementations where free(NULL) doesn't work. Closes ticket 24484. + - Use our standard rate-limiting code to deal with excessive libevent + failures, rather than the hand-rolled logic we had before. + Closes ticket 26016. + - We remove the return value of node_get_prim_orport() and + node_get_prim_dirport(), and introduce node_get_prim_orport() + in node_ipv6_or_preferred() and node_ipv6_dir_preferred() in + order to check for a null address. Closes ticket 23873. Patch + by Neel Chauhan. + - We switch to should_record_bridge_info() in geoip_note_client_seen() and + options_need_geoip_info() instead of accessing the configuration values + directly. Fixes bug 25290; bugfix on 0.2.1.6-alpha. Patch by Neel + Chauhan. + + o Deprecated features: + - As we are not recommending 0.2.5 anymore we require relays that once had + an ed25519 key associated with their RSA key to always have that key + instead of allowing them to drop back to a version that didn't support + ed25519. This means they need to use a new RSA key if the want to + downgrade to an older version of tor without ed25519. Closes ticket 20522. + + o Documentation: + - Correct an IPv6 error in the documentation for ExitPolicy. + Closes ticket 25857. Patch from "CTassisF". + + o New system requirements: + - Tor no longer tries to support systems without mmap() or some local + equivalent. Apparently, compilation on such systems has been broken for + some time, without anybody noticing or complaining. Closes ticket + 25398. + + o Removed features: + - Directory authorities will no longer support voting according to any + consensus method before consensus method 25. This keeps authorities + compatible with all authorities running 0.2.9.8 and later, and does + not break any clients or relays. Implements ticket 24378 and + proposal 290. + - The PortForwarding and PortForwardingHelper features have been + removed. The reasoning is, given that implementations of NAT traversal + protocols within common consumer grade routers are frequently buggy, and + that the target audience for a NAT punching feature is a perhaps + less-technically-inclined relay operator, when the helper fails to setup + traversal the problems are usually deep, ugly, and very router specific, + making them horrendously impossible for technical support to reliable + assist with, and thus resulting in frustration all around. Unfortunately, + relay operators who would like to run relays behind NATs will need to + become more familiar with the port forwarding configurations on their + local router. Closes 25409. + - The TestingEnableTbEmptyEvent option has been removed. It was used + in testing simulations to measure how often connection buckets were + emptied, in order to improve our scheduling, but it has not + been actively used in years. Closes ticket 25760. + - The old "round-robin" circuit multiplexer (circuitmux) + implementation has been removed, along with a fairly large set of + code that existed to support it. It has not been the default + circuitmux since we introduced the "EWMA" circuitmux in 0.2.4.x, + but it still required an unreasonable amount of memory and CPU. + Closes ticket 25268. + + Changes in version 0.3.3.5-rc - 2018-04-15 Tor 0.3.3.5-rc fixes various bugs in earlier versions of Tor, including some that could affect reliability or correctness. diff --git a/changes/18105 b/changes/18105 deleted file mode 100644 index 87e6e61d2..000000000 --- a/changes/18105 +++ /dev/null @@ -1,4 +0,0 @@ - o Code simplification and refactoring: - - Introduce a function to call getsockname() and return - tor_addr_t, to save a little complexity throughout the codebase. - Closes ticket 18105. diff --git a/changes/24378 b/changes/24378 deleted file mode 100644 index 663d27e96..000000000 --- a/changes/24378 +++ /dev/null @@ -1,8 +0,0 @@ - o Removed features: - - - Directory authorities will no longer support voting according to any - consensus method before consensus method 25. This keeps authorities - compatible with all authorities running 0.2.9.8 and later, and does - not break any clients or relays. Implements ticket 24378 and - proposal 290. - diff --git a/changes/25857 b/changes/25857 deleted file mode 100644 index e457af2f8..000000000 --- a/changes/25857 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation: - - Correct an IPv6 error in the documentation for ExitPolicy. - Closes ticket 25857. Patch from "CTassisF". diff --git a/changes/bug18918 b/changes/bug18918 deleted file mode 100644 index c939168f4..000000000 --- a/changes/bug18918 +++ /dev/null @@ -1,6 +0,0 @@ - o Code simplification and refactoring: - - In order to make the OR and dir checking function in router.c less - confusing we renamed some functions and consider_testing_reachability() - has been splitted into router_should_check_reachability() and - router_do_reachability_checks(). Also we improved the documentation in - some functions. Closes ticket 18918. diff --git a/changes/bug20887 b/changes/bug20887 deleted file mode 100644 index 5d4e4ed23..000000000 --- a/changes/bug20887 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (freebsd): - - In have_enough_mem_for_dircache(), the variable DIRCACHE_MIN_MEM_MB - does not stringify on FreeBSD, so we switch to tor_asprintf(). Fixes - bug 20887; bugfix on 0.2.8.1-alpha. Patch by Neel Chauhan. diff --git a/changes/bug23094 b/changes/bug23094 deleted file mode 100644 index 5040ab4e7..000000000 --- a/changes/bug23094 +++ /dev/null @@ -1,4 +0,0 @@ - o Code simplification and refactoring: - - Make hsdir_index in node_t a hsdir_index_t rather than a pointer - as hsdir_index is always present. Also, we move hsdir_index_t into - or.h. Closes ticket 23094. Patch by Neel Chauhan. diff --git a/changes/bug23107 b/changes/bug23107 deleted file mode 100644 index 55885e10f..000000000 --- a/changes/bug23107 +++ /dev/null @@ -1,6 +0,0 @@ - o Code simplification and refactoring: - - Put a SHA1 public key digest in hs_service_intro_point_t, and use it in - register_intro_circ() and service_intro_point_new(). This prevents the - digest from being re-calculated each time. Closes ticket 23107. Patch by - Neel Chauhan. - diff --git a/changes/bug23693.1 b/changes/bug23693.1 deleted file mode 100644 index 4b1678881..000000000 --- a/changes/bug23693.1 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (relay, crash): - - Avoid a crash when running with DirPort set but ORPort tuned off. - Fixes a case of bug 23693; bugfix on 0.3.1.1-alpha. - diff --git a/changes/bug23909 b/changes/bug23909 deleted file mode 100644 index 6b84e711e..000000000 --- a/changes/bug23909 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (directory authority): - - Directory authorities now open their key-pinning files as O_SYNC, - to prevent themselves from accidentally writing partial lines. - Closes ticket 23909. diff --git a/changes/bug24031 b/changes/bug24031 deleted file mode 100644 index 2bb0e8309..000000000 --- a/changes/bug24031 +++ /dev/null @@ -1,13 +0,0 @@ - o Major bugfixes (protover, voting): - - Revise Rust implementation of protover to use a more memory-efficient - voting algorithm and corresponding data structures, thus avoiding a - potential (but small impact) DoS attack where specially crafted protocol - strings would expand to several potential megabytes in memory. In the - process, several portions of code were revised to be methods on new, - custom types, rather than functions taking interchangeable types, thus - increasing type safety of the module. Custom error types and handling - were added as well, in order to facilitate better error dismissal/handling - in outside crates and avoid mistakenly passing an internal error string to - C over the FFI boundary. Many tests were added, and some previous - differences between the C and Rust implementations have been - remedied. Fixes bug 24031; bugfix on 0.3.3.1-alpha. diff --git a/changes/bug24484 b/changes/bug24484 deleted file mode 100644 index 35a204492..000000000 --- a/changes/bug24484 +++ /dev/null @@ -1,4 +0,0 @@ - o Code simplification and refactoring: - - Since Tor requires C99, remove our old workaround code for libc - implementations where free(NULL) doesn't work. Closes ticket 24484. - diff --git a/changes/bug24688 b/changes/bug24688 deleted file mode 100644 index c376fe6a0..000000000 --- a/changes/bug24688 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (performance, 32-bit): - - Make our timing-wheel code run a tiny bit faster on 32-bit platforms, - by preferring 32-bit math to 64-bit. Closes ticket 24688. diff --git a/changes/bug24910 b/changes/bug24910 deleted file mode 100644 index 58574c006..000000000 --- a/changes/bug24910 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (relay statistics): - - When a relay is collecting internal statistics about how many - create cell requests it has seen of each type, accurately count the - requests from relays that temporarily fall out of the consensus. (To - be extra conservative, we were already ignoring requests from - clients in our counts, and we continue ignoring them here.) Fixes - bug 24910; bugfix on 0.2.4.17-rc. diff --git a/changes/bug24914 b/changes/bug24914 deleted file mode 100644 index ea441fd38..000000000 --- a/changes/bug24914 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (performance): - - Avoid a needless call to malloc() when processing an incoming - relay cell. Closes ticket 24914. diff --git a/changes/bug24969 b/changes/bug24969 deleted file mode 100644 index 46b2bae6f..000000000 --- a/changes/bug24969 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (Linux seccomp2 sandbox): - - Allow the nanosleep() system call, which glibc uses to implement - sleep() and usleep(). Fixes bug 24969; bugfix on 0.2.5.1-alpha. diff --git a/changes/bug25226 b/changes/bug25226 deleted file mode 100644 index b594a7a42..000000000 --- a/changes/bug25226 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (relay, denial of service): - - Impose a limit on circuit cell queue size. The limit can be controlled by - a consensus parameter. Fixes bug 25226; bugfix on 0.2.4.14-alpha. - diff --git a/changes/bug25373 b/changes/bug25373 deleted file mode 100644 index 03e870e69..000000000 --- a/changes/bug25373 +++ /dev/null @@ -1,7 +0,0 @@ - o Major features (main loop, CPU wakeup): - - The bandwidth-limitation logic has been refactored so that - bandwidth calculations are performed on-demand, rather than - every TokenBucketRefillInterval milliseconds. - This change should improve the granularity of our bandwidth - calculations, and limit the number of times that the Tor process needs - to wake up when it is idle. Closes ticket 25373. diff --git a/changes/bug25398 b/changes/bug25398 deleted file mode 100644 index 227a95d21..000000000 --- a/changes/bug25398 +++ /dev/null @@ -1,5 +0,0 @@ - o New system requirements: - - Tor no longer tries to support systems without mmap() or some local - equivalent. Apparently, compilation on such systems has been broken for - some time, without anybody noticing or complaining. Closes ticket - 25398. diff --git a/changes/bug25399 b/changes/bug25399 deleted file mode 100644 index 455457493..000000000 --- a/changes/bug25399 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (portability): - - Do not align mmap length, as it is not required by POSIX, and the - getpagesize function is deprecated. Fixes bug 25399; bugfix on - 0.1.1.23. - diff --git a/changes/bug25400 b/changes/bug25400 deleted file mode 100644 index cee7ea83b..000000000 --- a/changes/bug25400 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfix (controler): - - Make CIRC_BW event reflect the total of all data sent on a circuit, - including padding and dropped cells. Also fix a mis-counting bug - when STREAM_BW events were enabled. Fixes bug 25400; bugfix on - 0.2.5.2-alpha. diff --git a/changes/bug25409 b/changes/bug25409 deleted file mode 100644 index 093d8f58b..000000000 --- a/changes/bug25409 +++ /dev/null @@ -1,12 +0,0 @@ - o Removed features: - - The PortForwarding and PortForwardingHelper features have been - removed. The reasoning is, given that implementations of NAT traversal - protocols within common consumer grade routers are frequently buggy, and - that the target audience for a NAT punching feature is a perhaps - less-technically-inclined relay operator, when the helper fails to setup - traversal the problems are usually deep, ugly, and very router specific, - making them horrendously impossible for technical support to reliable - assist with, and thus resulting in frustration all around. Unfortunately, - relay operators who would like to run relays behind NATs will need to - become more familiar with the port forwarding configurations on their - local router. Closes 25409. diff --git a/changes/bug25415 b/changes/bug25415 deleted file mode 100644 index ec851aee8..000000000 --- a/changes/bug25415 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (directory authority): - - Avoid a crash when testing router reachability on a router that could - have an ed25519 ID, but which does not. Fixes bug 25415; bugfix on - 0.3.3.2-alpha. diff --git a/changes/bug25425 b/changes/bug25425 deleted file mode 100644 index 41f1a47b1..000000000 --- a/changes/bug25425 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (testing): - - A new unittests module specifically for testing the functions in the - (new-ish) bridges.c module has been created with new unittests, raising - the code coverage percentages. Closes 25425. diff --git a/changes/bug25512 b/changes/bug25512 deleted file mode 100644 index 4b6491867..000000000 --- a/changes/bug25512 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (restart-in-process): - - When shutting down, Tor now clears all the flags in the control.c - module. This should prevent a bug where authentication cookies - are not generated on restart. Fixes bug 25512; bugfix on 0.3.3.1-alpha. - diff --git a/changes/bug25675 b/changes/bug25675 deleted file mode 100644 index d0f0287b5..000000000 --- a/changes/bug25675 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (C correctness): - - Add a missing lock acquisition in the shutdown code of the - control subsystem. Fixes bug 25675; bugfix on 0.2.7.3-rc. Found - by Coverity; this is CID 1433643. diff --git a/changes/bug25691_again b/changes/bug25691_again deleted file mode 100644 index 3d0d91bfd..000000000 --- a/changes/bug25691_again +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (path selection): - - Only select relays when they have the descriptors we prefer to - use for them. This change fixes a bug where we could select - a relay because it had _some_ descriptor, but reject it later with - a nonfatal assertion error because it didn't have the exact one we - wanted. Fixes bugs 25691 and 25692; bugfix on 0.3.3.4-alpha. diff --git a/changes/bug25705 b/changes/bug25705 deleted file mode 100644 index 360d96d4c..000000000 --- a/changes/bug25705 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (circuit path selection): - - Don't count path selection failures as circuit build failures. This - should eliminate cases where Tor blames its guard or the network - for situations like insufficient microdescriptors and/or overly - restrictive torrc settings. Fixes bug 25705; bugfix on 0.3.3.1-alpha. diff --git a/changes/bug25733 b/changes/bug25733 deleted file mode 100644 index 775c1ae00..000000000 --- a/changes/bug25733 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (Assert crash): - - Avoid an assert in the circuit build timeout code if we fail to - allow any circuits to actually complete. Fixes bug 25733; - bugfix on 0.2.2.2-alpha. diff --git a/changes/bug25756 b/changes/bug25756 deleted file mode 100644 index ff5ac0391..000000000 --- a/changes/bug25756 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (error reporting): - - Improve tolerance for directory authorities with skewed clocks. - Previously, an authority with a clock more than 60 seconds ahead - could cause a client with a correct clock to warn that the - client's clock was behind. Now the clocks of a majority of - directory authorities have to be ahead of the client before this - warning will occur. Fixes bug 25756; bugfix on 0.2.2.25-alpha. diff --git a/changes/bug25761 b/changes/bug25761 deleted file mode 100644 index 096fadcf0..000000000 --- a/changes/bug25761 +++ /dev/null @@ -1,3 +0,0 @@ - o Major bugfixes (onion service): - - Correctly detect when onion services get disabled after HUP. - Fixes bug 25761; bugfix on 0.3.2.1. diff --git a/changes/bug25828 b/changes/bug25828 deleted file mode 100644 index 45cd1f4ae..000000000 --- a/changes/bug25828 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (bandwidth management): - - Consider ourselves "low on write bandwidth" if we have exhausted our - write bandwidth some time in the last second. This was the - documented behavior before, but the actual behavior was to change - this value every TokenBucketRefillInterval. Fixes bug 25828; bugfix on - 0.2.3.5-alpha. - diff --git a/changes/bug25843 b/changes/bug25843 deleted file mode 100644 index ddbbbef78..000000000 --- a/changes/bug25843 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor feature (entry guards): - - Introduce torrc option NumPrimaryGuards for controlling the number of - primary guards. Closes ticket 25843. \ No newline at end of file diff --git a/changes/bug25852 b/changes/bug25852 deleted file mode 100644 index 8b1563841..000000000 --- a/changes/bug25852 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (control interface): - - Respond with more human readable error messages to GETINFO - exit-policy/* requests. Also, let controller know if error - is transient (response code 551) or not (response code 552). - Fixes bug 25852; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug25870 b/changes/bug25870 deleted file mode 100644 index aea5a1e30..000000000 --- a/changes/bug25870 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (vanguards): - - Allow the last hop in a vanguard circuit to be the same as our first, - to prevent the adversary from influencing guard node choice by choice - of last hop. Also prevent the creation of A - B - A paths, or A - A - paths, which are forbidden by relays. Fixes bug 25870; bugfix on - 0.3.3.1-alpha. diff --git a/changes/bug25901 b/changes/bug25901 deleted file mode 100644 index 3ad30c767..000000000 --- a/changes/bug25901 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (hidden service v3): - - Fix a memory leak when an hidden service v3 is configured and gets a - SIGHUP signal. Fixes bug 25901; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug25943 b/changes/bug25943 deleted file mode 100644 index 187f9a287..000000000 --- a/changes/bug25943 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (tests): - - Use X509_new() to allocate certificates that will be freed later - with X509_free(). Previously, some parts of the unit tests had - used tor_malloc_zero(), which is incorrect, and which caused - test failures on Windows when they were built with extra hardening. - Fixes bugs 25943 and 25944; bugfix on 0.2.8.1-alpha. - Patch by Marcin Cieślak. diff --git a/changes/bug26007 b/changes/bug26007 deleted file mode 100644 index efcd15084..000000000 --- a/changes/bug26007 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (directory authorities, security): - - When directory authorities read a zero-byte bandwidth file, they log - a warning with the contents of an uninitialised buffer. Log a warning - about the empty file instead. - Fixes bug 26007; bugfix on 0.2.2.1-alpha. diff --git a/changes/bug26052 b/changes/bug26052 deleted file mode 100644 index 4721933fa..000000000 --- a/changes/bug26052 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (documentation): - - Stop saying in the manual that clients cache ipv4 dns answers - from exit relays. We haven't used them since 0.2.6.3-alpha, and - in ticket 24050 we stopped even caching them as of 0.3.2.6-alpha, - but we forgot to say so in the man page. Fixes bug 26052; bugfix - on 0.3.2.6-alpha. diff --git a/changes/bug26069 b/changes/bug26069 deleted file mode 100644 index 192e97d78..000000000 --- a/changes/bug26069 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (hidden service v3): - - When parsing the descriptor signature, look for the token plus an extra - white-space at the end. This is more correct but also will allow us to - support new fields that might start with "signature". Fixes bug 26069; - bugfix on 0.3.0.1-alpha. diff --git a/changes/coveralls b/changes/coveralls deleted file mode 100644 index 7fa69bb2b..000000000 --- a/changes/coveralls +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (continuous integration): - - Our Travis CI configuration now integrates with the Coveralls coverage - analysis tool. Closes ticket 25818. diff --git a/changes/feature19429 b/changes/feature19429 deleted file mode 100644 index 0faa6e84e..000000000 --- a/changes/feature19429 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (compatibility): - - Tor now detects versions of OpenSSL 1.1.0 and later compiled with the - no-deprecated option, and builds correctly with them. Closes - tickets 19429, 19981, and 25353. - diff --git a/changes/feature25150 b/changes/feature25150 deleted file mode 100644 index eb65327a8..000000000 --- a/changes/feature25150 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (performance, allocation): - - Avoid a needless malloc()/free() pair every time we handle an ntor - handshake. Closes ticket 25150. - diff --git a/changes/geoip-2018-05-01 b/changes/geoip-2018-05-01 deleted file mode 100644 index 1528bb0c3..000000000 --- a/changes/geoip-2018-05-01 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the May 1 2018 Maxmind GeoLite2 - Country database. Closes ticket 26104. - diff --git a/changes/isolate_libevent b/changes/isolate_libevent deleted file mode 100644 index 852e533fd..000000000 --- a/changes/isolate_libevent +++ /dev/null @@ -1,5 +0,0 @@ - o Code simplification and refactoring: - - Initial work to isolate Libevent usage to a handful of modules in our - codebase, to simplify our call structure, and so that we can more - easily change event loops in the future if needed. Closes ticket - 23750. diff --git a/changes/ticket20522 b/changes/ticket20522 deleted file mode 100644 index a5e6718e1..000000000 --- a/changes/ticket20522 +++ /dev/null @@ -1,6 +0,0 @@ - o Deprecated features: - - As we are not recommending 0.2.5 anymore we require relays that once had - an ed25519 key associated with their RSA key to always have that key - instead of allowing them to drop back to a version that didn't support - ed25519. This means they need to use a new RSA key if the want to - downgrade to an older version of tor without ed25519. Closes ticket 20522. diff --git a/changes/ticket23354 b/changes/ticket23354 deleted file mode 100644 index f79dfd96a..000000000 --- a/changes/ticket23354 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (configuration): - - The "DownloadSchedule" options have been renamed to end with - "DownloadInitialDelay". The old names are still allowed, but will - produce a warning. Comma-separated lists are still permitted for - these options, but all values after the first are ignored (as they have - been since 0.2.9). Closes ticket 23354. diff --git a/changes/ticket23873 b/changes/ticket23873 deleted file mode 100644 index ffe65e5ed..000000000 --- a/changes/ticket23873 +++ /dev/null @@ -1,6 +0,0 @@ - o Code simplification and refactoring: - - We remove the return value of node_get_prim_orport() and - node_get_prim_dirport(), and introduce node_get_prim_orport() - in node_ipv6_or_preferred() and node_ipv6_dir_preferred() in - order to check for a null address. Closes ticket 23873. Patch - by Neel Chauhan. diff --git a/changes/ticket24714 b/changes/ticket24714 deleted file mode 100644 index 60353abec..000000000 --- a/changes/ticket24714 +++ /dev/null @@ -1,6 +0,0 @@ - o Code simplification and refactoring: - - Rename two fields of connection_t struct. - timestamp_lastwritten is renamed to timestamp_last_write_allowed and - timestamp_lastread is renamed to timestamp_last_read_allowed. - Closes ticket 24714, patch by "valentecaio". - diff --git a/changes/ticket24734 b/changes/ticket24734 deleted file mode 100644 index 00029ce57..000000000 --- a/changes/ticket24734 +++ /dev/null @@ -1,6 +0,0 @@ - o Code simplification and refactoring: - - Remove the return value for fascist_firewall_choose_address_base(), - and sister functions such as fascist_firewall_choose_address_node() - and fascist_firewall_choose_address_rs(). Also, while we're here, - initialize the ap argument as leaving it uninitialized can pose a - security hazard. Closes ticket 24734. Patch by Neel Chauhan. diff --git a/changes/ticket24740 b/changes/ticket24740 deleted file mode 100644 index 253cdb65e..000000000 --- a/changes/ticket24740 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (directory server cert fetch): - - Fixed launching a certificate fetch always during the scheduled - periodic consensus fetch by fetching only in those cases when - consensus are waiting for certs. - Fixes bug 24740; bugfix on 0.2.9.1-alpha. diff --git a/changes/ticket25024 b/changes/ticket25024 deleted file mode 100644 index 0e5069cf8..000000000 --- a/changes/ticket25024 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (code quality): - - Add optional spell-checking for the Tor codebase, using the "misspell" - program. To use this feature, run "make check-typos". - Closes ticket 25024. diff --git a/changes/ticket25081 b/changes/ticket25081 deleted file mode 100644 index b6e6c2a5a..000000000 --- a/changes/ticket25081 +++ /dev/null @@ -1,5 +0,0 @@ - o Code simplification and refactoring: - - Remove extern declaration of stats_n_seconds_working variable from main, - protecting its accesses with get_uptime() and reset_uptime() functions. - Closes ticket 25081, patch by “valentecaio”. - diff --git a/changes/ticket25162 b/changes/ticket25162 deleted file mode 100644 index 37019a7f8..000000000 --- a/changes/ticket25162 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (compression, zstd): - - When running with zstd, Tor now considers using advanced functions that - the zstd maintainers have labeled as potentially unstable. To - prevent breakage, Tor will only use this functionality when - the runtime version of the zstd library matches the version - with which it were compiled. Closes ticket 25162. diff --git a/changes/ticket25261 b/changes/ticket25261 deleted file mode 100644 index 604a09d97..000000000 --- a/changes/ticket25261 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfix (Multiple includes): - - Fixed multiple includes of trasports.h in src/or/connection.c - Fixes bug 25261; bugfix on 0.2.5.1-alpha. diff --git a/changes/ticket25268 b/changes/ticket25268 deleted file mode 100644 index e444984dc..000000000 --- a/changes/ticket25268 +++ /dev/null @@ -1,7 +0,0 @@ - o Removed features: - - The old "round-robin" circuit multiplexer (circuitmux) - implementation has been removed, along with a fairly large set of - code that existed to support it. It has not been the default - circuitmux since we introduced the "EWMA" circuitmux in 0.2.4.x, - but it still required an unreasonable amount of memory and CPU. - Closes ticket 25268. diff --git a/changes/ticket25290 b/changes/ticket25290 deleted file mode 100644 index 5e44f5e05..000000000 --- a/changes/ticket25290 +++ /dev/null @@ -1,5 +0,0 @@ - o Code simplification and refactoring: - - We switch to should_record_bridge_info() in geoip_note_client_seen() and - options_need_geoip_info() instead of accessing the configuration values - directly. Fixes bug 25290; bugfix on 0.2.1.6-alpha. Patch by Neel - Chauhan. diff --git a/changes/ticket25374 b/changes/ticket25374 deleted file mode 100644 index 5fc59d158..000000000 --- a/changes/ticket25374 +++ /dev/null @@ -1,6 +0,0 @@ - o Code simplification and refactoring: - - Our main loop has been simplified so that all important operations - happen inside events. Previously, some operations had to happen - outside the event loop, to prevent infinite sequences of event - activations. Closes ticket 25374. - diff --git a/changes/ticket25376_25762 b/changes/ticket25376_25762 deleted file mode 100644 index b3ebf56d3..000000000 --- a/changes/ticket25376_25762 +++ /dev/null @@ -1,10 +0,0 @@ - o Major feature (main loop, CPU usage): - - Previously, tor would enable at startup all possible main loop event - regardless if it needed them. For instance, directory authorities - callbacks were fired up even for client only. We have now refactored this - whole interface to only enable the appropriate callbacks depending on what - are tor roles (client only, relay, hidden service, etc.). Furthermore, - these events now depend on DisableNetwork or the hibernation state in - order to enable them. This is a big step towards reducing client CPU usage - by reducing the amount of wake ups the daemon does. Closes ticket 25376 - and 25762. diff --git a/changes/ticket25409 b/changes/ticket25409 deleted file mode 100644 index f0006fbc5..000000000 --- a/changes/ticket25409 +++ /dev/null @@ -1,6 +0,0 @@ - o Code simplification and refactoring: - We remove the PortForwsrding and PortForwardingHelper options, related - functions, and the port_forwarding tests. These options were used by - the now-deprecated Vidalia to help ordinary users become Tor relays or - bridges. Closes ticket 25409. Patch by Neel Chauhan. - diff --git a/changes/ticket25432 b/changes/ticket25432 deleted file mode 100644 index 21ca20134..000000000 --- a/changes/ticket25432 +++ /dev/null @@ -1,6 +0,0 @@ - o Code simplification and refactoring: - - Merge functions used for describing nodes and suppress the functions - that do not allocate memory for the output buffer string. - NODE_DESC_BUF_LEN constant and format_node_description() function - cannot be used externally from router.c module anymore. - Closes ticket 25432. Patch by valentecaio. diff --git a/changes/ticket25511 b/changes/ticket25511 deleted file mode 100644 index 0a24e265c..000000000 --- a/changes/ticket25511 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (control port): - - Introduce GETINFO "current-time/{local,utc}" to return the local - and UTC times respectively in ISO format. This helps a controller - like Tor Browser detect a time-related error. Closes ticket 25511. - Patch by Neel Chauhan. diff --git a/changes/ticket25610 b/changes/ticket25610 deleted file mode 100644 index 887770e6a..000000000 --- a/changes/ticket25610 +++ /dev/null @@ -1,5 +0,0 @@ - o Major feature (directory authority, modularization): - - The directory authority subsystem has been modularized. The code is now - located in src/or/dirauth/ which is compiled in by default. To disable the - module, the configure option --disable-module-dirauth has been added. - Closes ticket 25610; diff --git a/changes/ticket25645 b/changes/ticket25645 deleted file mode 100644 index ab20a5ca4..000000000 --- a/changes/ticket25645 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (channel_get_for_extend()): - - Remove the unused variable n_possible from the function - Fixes bug 25645; bugfix on 0.2.4.4-alpha - diff --git a/changes/ticket25760 b/changes/ticket25760 deleted file mode 100644 index 504fd60de..000000000 --- a/changes/ticket25760 +++ /dev/null @@ -1,5 +0,0 @@ - o Removed features: - - The TestingEnableTbEmptyEvent option has been removed. It was used - in testing simulations to measure how often connection buckets were - emptied, in order to improve our scheduling, but it has not - been actively used in years. Closes ticket 25760. diff --git a/changes/ticket25766 b/changes/ticket25766 deleted file mode 100644 index 6382b6215..000000000 --- a/changes/ticket25766 +++ /dev/null @@ -1,3 +0,0 @@ - o Code simplification and refactoring: - - Refactor token-bucket implementations to use a common backend. - Closes ticket 25766. diff --git a/changes/ticket25903 b/changes/ticket25903 deleted file mode 100644 index 8d358c8a8..000000000 --- a/changes/ticket25903 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (control port): - - Introduce new fields to the CIRC_BW event. There are two new fields in - each of the read and written directions. The DELIVERED fields report the - total valid data on the circuit, as measured by the payload sizes of - verified and error-checked relay command cells. The OVERHEAD fields - report the total unused bytes in each of these cells. Closes ticket 25903. diff --git a/changes/ticket25927.1 b/changes/ticket25927.1 deleted file mode 100644 index 84ac86e18..000000000 --- a/changes/ticket25927.1 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (timekeeping, circuit scheduling): - - When keeping track of how busy each circuit have been recently on - a given connection, use coarse-grained monotonic timers rather than - gettimeofday(). This change should marginally increase accuracy - and performance. Implements part of ticket 25927. - diff --git a/changes/ticket25927.2 b/changes/ticket25927.2 deleted file mode 100644 index 9acb4aaf6..000000000 --- a/changes/ticket25927.2 +++ /dev/null @@ -1,5 +0,0 @@ - o Code simplification and refactoring: - - Remove our previous logic for "cached gettimeofday()" -- our coarse - monotonic timers are fast enough for this purpose, and far less - error-prone. Implements part of ticket 25927. - diff --git a/changes/ticket25931 b/changes/ticket25931 deleted file mode 100644 index 20ce76188..000000000 --- a/changes/ticket25931 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (mainloop): - - Move responsibility for - rescanning the consensus cache - from a once-per-second callback to a callback that is only scheduled as - needed. Once enough items are removed from our once-per-second - callback, we can eliminate it entirely to conserve CPU when idle. - Closes ticket: - 25931. - diff --git a/changes/ticket25932 b/changes/ticket25932 deleted file mode 100644 index 67f56f7cc..000000000 --- a/changes/ticket25932 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (mainloop): - - Move responsibility for - closing connections, circuits, and channels - from a once-per-second callback to a callback that is only scheduled as - needed. Once enough items are removed from our once-per-second - callback, we can eliminate it entirely to conserve CPU when idle. - Closes ticket - 25932. - diff --git a/changes/ticket25937 b/changes/ticket25937 deleted file mode 100644 index 7c49fac70..000000000 --- a/changes/ticket25937 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (mainloop): - - Move responsibility for - consensus voting - from a once-per-second callback to a callback that is only scheduled as - needed. Once enough items are removed from our once-per-second - callback, we can eliminate it entirely to conserve CPU when idle. - Closes ticket - 25937. - diff --git a/changes/ticket25948 b/changes/ticket25948 deleted file mode 100644 index 7851d0b65..000000000 --- a/changes/ticket25948 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (mainloop): - - Move responsibility for - saving the state file to disk - from a once-per-second callback to a callback that is only scheduled as - needed. Once enough items are removed from our once-per-second - callback, we can eliminate it entirely to conserve CPU when idle. - Closes ticket - 25948. - diff --git a/changes/ticket25949 b/changes/ticket25949 deleted file mode 100644 index fd8737341..000000000 --- a/changes/ticket25949 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (mainloop): - - Move responsibility for - honoring delayed SIGNEWNYM requests - from a once-per-second callback to a callback that is only scheduled as - needed. Once enough items are removed from our once-per-second - callback, we can eliminate it entirely to conserve CPU when idle. - Closes ticket - 25949. - diff --git a/changes/ticket25951 b/changes/ticket25951 deleted file mode 100644 index b6cfc2091..000000000 --- a/changes/ticket25951 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (mainloop): - - Move responsibility for - flushing log callbacks - from a once-per-second callback to a callback that is only scheduled as - needed. Once enough items are removed from our once-per-second - callback, we can eliminate it entirely to conserve CPU when idle. - Closes ticket - 25951. - diff --git a/changes/ticket25952 b/changes/ticket25952 deleted file mode 100644 index e4dd56df0..000000000 --- a/changes/ticket25952 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (mainloop): - - Move responsibility for - warning relay operators about unreachable ports - from a once-per-second callback to a callback that is only scheduled as - needed. Once enough items are removed from our once-per-second - callback, we can eliminate it entirely to conserve CPU when idle. - Closes ticket - 25952. - diff --git a/changes/ticket25993 b/changes/ticket25993 deleted file mode 100644 index 8eafcd181..000000000 --- a/changes/ticket25993 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (testing): - - We now have improved testing for addressmap_get_virtual_address() - function. This should improve our test coverage, and make our test - coverage more deterministic. Closes ticket 25993. diff --git a/changes/ticket25994 b/changes/ticket25994 deleted file mode 100644 index 135417401..000000000 --- a/changes/ticket25994 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (tests): - - Change the behavior of the "channel/outbound" test so that it never - causes a 10-second rollover for the EWMA circuitmux code. Previously, - this behavior would happen randomly, and result in fluctuating test - coverage. Fixes bug 25994; bugfix on 0.3.3.1-alpha. diff --git a/changes/ticket25995 b/changes/ticket25995 deleted file mode 100644 index 855020bd3..000000000 --- a/changes/ticket25995 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (tests): - - While running the circuit_timeout test, fix the PRNG to a deterministic - AES stream, so that the test coverage from this test will itself be - deterministic. Fixes bug 25995; bugfix on 0.2.2.2-alpha. - diff --git a/changes/ticket25996 b/changes/ticket25996 deleted file mode 100644 index f523bc630..000000000 --- a/changes/ticket25996 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (testing): - - Repeat part of the test in test_client_pick_intro() a number of times, - to give it consistent coverage. Fixes bug 25996; bugfix on - 0.3.2.1-alpha. - diff --git a/changes/ticket25997 b/changes/ticket25997 deleted file mode 100644 index 2c802c856..000000000 --- a/changes/ticket25997 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (testing, coverage): - - Remove randomness from the hs_common/responsible_hsdirs test, - so that it always takes the same path through the function it tests. - Fixes bug 25997; bugfix on 0.3.2.1-alpha. - diff --git a/changes/ticket26004 b/changes/ticket26004 deleted file mode 100644 index 6b082f145..000000000 --- a/changes/ticket26004 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (directory authority, forward compatibility): - - Make the lines of the measured bandwidth file able to contain their - entries in any order. Previously, the node_id entry needed to come - first. Closes ticket 26004. - diff --git a/changes/ticket26006 b/changes/ticket26006 deleted file mode 100644 index e33e3f1cd..000000000 --- a/changes/ticket26006 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (compilation, portability): - - Avoid some compilation warnings with recent versions - of LibreSSL. Closes ticket 26006. - diff --git a/changes/ticket26008 b/changes/ticket26008 deleted file mode 100644 index 7550c959e..000000000 --- a/changes/ticket26008 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (test): - - When testing workqueue event-cancellation, make sure that we actually - cancel an event, and that cancel each event with equal probability. - (It was previously possible, though extremely unlikely, for our - event-canceling test not to cancel any events.) Fixes bug 26008; - bugfix on 0.2.6.3-alpha. - diff --git a/changes/ticket26009 b/changes/ticket26009 deleted file mode 100644 index 51ada1572..000000000 --- a/changes/ticket26009 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (mainloop): - - Move responsibility for - keeping track of Tor's uptime - from a nce-per-second callback to a callback that is only scheduled as - needed. Once enough items are removed from our once-per-second - callback, we can eliminate it entirely to conserve CPU when idle. - Closes ticket - 26009. - diff --git a/changes/ticket26014 b/changes/ticket26014 deleted file mode 100644 index 9d62ddbba..000000000 --- a/changes/ticket26014 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (Testing): - - Add a unit test for voting_schedule_get_start_of_next_interval(). - Closes ticket 26014, and helps make unit test coverage more - deterministic. diff --git a/changes/ticket26016 b/changes/ticket26016 deleted file mode 100644 index f0eb56d32..000000000 --- a/changes/ticket26016 +++ /dev/null @@ -1,4 +0,0 @@ - o Code simplification and refactoring: - - Use our standard rate-limiting code to deal with excessive libevent - failures, rather than the hand-rolled logic we had before. - Closes ticket 26016. diff --git a/changes/ticket26062 b/changes/ticket26062 deleted file mode 100644 index cd1fe3df4..000000000 --- a/changes/ticket26062 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (client): - - Don't consider Tor running as a client if the ControlPort is open. Fixes - bug 26062; bugfix on 0.2.9.4-alpha. - diff --git a/changes/ticket26063 b/changes/ticket26063 deleted file mode 100644 index c11eb2d15..000000000 --- a/changes/ticket26063 +++ /dev/null @@ -1,5 +0,0 @@ - o Major features (CPU usage, mobile): - - When Tor is disabled (via DisableNetwork or via hibernation), it - no longer needs to run any per-second events. This change should - make it easier for mobile applications to disable Tor while the - device is sleeping, or Tor is not running. Closes ticket 26063. diff --git a/changes/ticket26064 b/changes/ticket26064 deleted file mode 100644 index 6efb8a483..000000000 --- a/changes/ticket26064 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (accounting): - - When we become dormant, use a scheduled event to wake up at the right - time. Previously, we would use the per-second timer to check whether - to wake up, but we no longer have any per-second timers enabled when - the network is disabled. Closes ticket 26064. diff --git a/changes/ticket4187 b/changes/ticket4187 deleted file mode 100644 index c5f795b1a..000000000 --- a/changes/ticket4187 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (directory client): - - When unverified-consensus is verified, rename it to cached-consenus. - Fixes bug 4187; bugfix on 0.2.0.3-alpha. diff --git a/changes/ticket6236 b/changes/ticket6236 deleted file mode 100644 index 9dea07e69..000000000 --- a/changes/ticket6236 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (Duplicate code): - - Remove duplicate code in parse_{c,s}method_line and bootstrap - their functionalities into a single function. Fixes - bug 6236; bugfix on 0.2.3.6-alpha. diff --git a/changes/travis_distcheck b/changes/travis_distcheck deleted file mode 100644 index 0f278fe7e..000000000 --- a/changes/travis_distcheck +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (continuous integration): - - Our .travis.yml configuration now includes support for testing - the results of "make distcheck". (It's not uncommon for "make check" to - pass but "make distcheck" to fail.) Closes ticket 25814.