fold in changes files

ChangeLog

@@ -1,3 +1,64 @@
+Changes in version 0.2.4.6-alpha - 2012-11-13
+  Tor 0.2.4.6-alpha fixes an assert bug that has been plaguing relays,
+  makes our defense-in-depth memory wiping more reliable, and begins to
+  count IPv6 addresses in bridge statistics,
+
+  o Major bugfixes:
+    - Fix an assertion failure that could occur when closing a connection
+      with a spliced rendezvous circuit. Fix for bug 7212; bugfix on
+      Tor 0.2.4.4-alpha.
+    - Tor tries to wipe potentially sensitive data after using it, so
+      that if some subsequent security failure exposes Tor's memory,
+      the damage will be limited. But we had a bug where the compiler
+      was eliminating these wipe operations when it decided that the
+      memory was no longer visible to a (correctly running) program,
+      hence defeating our attempt at defense in depth. We fix that
+      by using OpenSSL's OPENSSL_cleanse() operation, which a compiler
+      is unlikely to optimize away. Future versions of Tor may use
+      a less ridiculously heavy approach for this. Fixes bug 7352.
+      Reported in an article by Andrey Karpov.
+
+  o Minor features:
+    - Add GeoIP database for IPv6 addresses. The new config option
+      is GeoIPv6File.
+    - Bridge statistics now count bridge clients connecting over IPv6:
+      bridge statistics files now list "bridge-ip-versions" and
+      extra-info documents list "geoip6-db-digest". The control protocol
+      "CLIENTS_SEEN" and "ip-to-country" queries now support IPv6. Initial
+      implementation by "shkoo", addressing ticket 5055.
+
+  o Minor bugfixes:
+    - Warn when we are binding low ports when hibernation is enabled;
+      previously we had warned when we were _advertising_ low ports with
+      hibernation enabled. Fixes bug 7285; bugfix on 0.2.3.9-alpha.
+    - Fix a harmless bug when opting against publishing a relay descriptor
+      because DisableNetwork is set. Fixes bug 7464; bugfix on
+      0.2.3.9-alpha.
+    - Add warning message when a managed proxy dies during configuration.
+      Fixes bug 7195; bugfix on 0.2.4.2-alpha.
+    - Fix a linking error when building tor-fw-helper without miniupnp.
+      Fixes bug 7235; bugfix on 0.2.4.2-alpha. Fix by Anthony G. Basile.
+    - Check for closing an or_connection_t without going through correct
+      channel functions; emit a warning and then call
+      connection_or_close_for_error() so we don't assert as in bugs 7212
+      and 7267.
+    - Compile correctly on compilers without C99 designated initializer
+      support. Fixes bug 7286; bugfix on 0.2.4.4-alpha.
+    - Avoid a possible assert that can occur when channel_send_destroy() is
+      called on a channel in CHANNEL_STATE_CLOSING, CHANNEL_STATE_CLOSED,
+      or CHANNEL_STATE_ERROR when the Tor process is resumed after being
+      blocked for a long interval. Fixes bug 7350; bugfix on 0.2.4.4-alpha.
+    - Fix a memory leak on failing cases of channel_tls_process_certs_cell.
+      Fixes bug 7422; bugfix on 0.2.4.4-alpha.
+
+  o Code simplification and refactoring:
+    - Start using OpenBSD's implementation of queue.h, so that we don't
+      need to hand-roll our own pointer and list structures whenever we
+      need them. (We can't rely on a sys/queue.h, since some operating
+      systems don't have them, and the ones that do have them don't all
+      present the same extensions.)
+
+
 Changes in version 0.2.4.5-alpha - 2012-10-25
   Tor 0.2.4.5-alpha comes hard at the heels of 0.2.4.4-alpha, to fix
   two important security vulnerabilities that could lead to remotely

changes/5053

@@ -1,4 +0,0 @@
-  o Minor features (IPv6):
-    - Bridge clients connecting over IPv6 are now counted in bridge
-      statistics. Implementation by shkoo, addressing ticket 5053.
-      Included in 0.2.3.14-alpha.

changes/5055

@@ -1,9 +0,0 @@
-  o Minor features (IPv6):
-    - Add GeoIP database for IPv6 addresses and use it. The new config
-      option is GeoIPv6File.
-      Bridge clients connecting over IPv6 are now counted in bridge
-      statistics. Bridge statistics files now list "bridge-ip-versions"
-      and extra-info documents list "geoip6-db-digest".
-      The control protocol has been extended to support more IPv6
-      ("CLIENTS_SEEN" and "ip-to-country").
-      Initial implementation by shkoo, addressing ticket 5055.

changes/bsd_queue

@@ -1,7 +0,0 @@
-  o Code simplification and refactoring:
-    - Start using OpenBSD's implementation of queue.h, so that we don't
-      need to hand-roll our own pointer and list structures whenever we
-      need them. (We can't rely on a sys/queue.h, since some operating
-      systems don't have them, and the ones that do have them don't all
-      present the same extensions.)
-

changes/bug7195

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Add warning message when a managed proxy dies during
-      configuration. Fixes bug 7195; bugfix on 0.2.4.2-alpha.
-

changes/bug7212

@@ -1,6 +0,0 @@
-  o Major bugfixes (relay):
-    - Fix an assertion failure that could occur when closing a connection
-      with a spliced rendezvous circuit. Fix for bug 7212; bugfix on
-      Tor 0.2.4.4-alpha.
-
-      

changes/bug7235

@@ -1,3 +0,0 @@
-  o Minor bugfixes (build):
-    - Fix a linking error when building tor-fw-helper without miniupnp.
-      Fixes bug 7235; bugfix on 0.2.4.2-alpha. Fix by Anthony G. Basile.

changes/bug7285

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Warn when we are binding low ports when hibernation is enabled;
-      previously we had warned when we were _advertising_ low ports with
-      hibernation enabled. Fixes bug 7285; bugfix on 0.2.3.9-alpha.

changes/bug7350

@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Avoid a possible assert that can occur when channel_send_destroy() is
-      called on a channel in CHANNEL_STATE_CLOSING, CHANNEL_STATE_CLOSED
-      or CHANNEL_STATE_ERROR when the Tor process is resumed after being
-      blocked for a long interval.  Fixes bug 7350.

changes/bug7352

@@ -1,12 +0,0 @@
-  o Major bugfixes:
-    - Tor tries to wipe potentially sensitive data after using it, so
-      that if some subsequent security failure exposes Tor's memory,
-      the damage will be limited. But we had a bug where the compiler
-      was eliminating these wipe operations when it decided that the
-      memory was no longer visible to a (correctly running) program,
-      hence defeating our attempt at defense in depth. We fix that
-      by using OpenSSL's OPENSSL_cleanse() operation, which a compiler
-      is unlikely to optimize away. Future versions of Tor may use
-      a less ridiculously heavy approach for this. Fixes bug 7352.
-      Reported in an article by Andrey Karpov.
-

changes/bug7422

@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Fix a memory leak on failing cases of channel_tls_process_certs_cell.
-      Fixes bug 7422; bugfix on 0.2.4.4-alpha.

changes/bug7464

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix a harmless bug when opting against publishing a relay descriptor
-      because DisableNetwork is set. Fixes bug 7464; bugfix on
-      0.2.3.9-alpha.

changes/check_for_orconn_on_close

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Check for closing an or_connection_t without going through correct
-      channel functions; emit a warning and then call
-      connection_or_close_for_error() so we don't assert as in 7212 and 7267.

changes/ewma_policy_c99

@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Compile correctly on compilers without C99 designated initializer
-      support. Fixes bug 7286; bugfix on 0.2.4.4-alpha.