Merge branch 'maint-0.2.4' into release-0.2.4

To build this changelog, I've gone through the entries in
release-0.2.4's changes subdirectory, and looked up the ChangeLog
entry for each.  I have not sorted them yet.

changes/10777_netunreach

@@ -1,7 +0,0 @@
-  - Minor bugfixes:
-
-    - Treat ENETUNREACH, EACCES, and EPERM at an exit node as a
-      NOROUTE error, not an INTERNAL error, since they can apparently
-      happen when trying to connect to the wrong sort of
-      netblocks. Fixes a part of bug 10777; bugfix on 0.1.0.1-rc.
-

changes/19271

@@ -1,2 +0,0 @@
-  o Directory authority changes:
-    - Urras is no longer a directory authority. Closes ticket 19271.

changes/6783_big_hammer

@@ -1,6 +0,0 @@
-  o Major features (deprecation):
-    - There's now a "DisableV2DirectoryInfo_" option that prevents us
-      from serving any directory requests for v2 directory information.
-      This is for us to test disabling the old deprecated V2 directory
-      format, so that we can see whether doing so has any effect on
-      network load. Part of a fix for bug 6783.

changes/9854

@@ -1,3 +0,0 @@
-  o Documentation fixes:
-    - Clarify the usage and risks of ContactInfo. Resolves ticket 9854.
-

changes/bifroest

@@ -1,3 +0,0 @@
-  o Directory authority changes (also in 0.2.8.7):
-    - The "Tonga" bridge authority has been retired; the new bridge
-      authority is "Bifroest". Closes tickets 19728 and 19690.

changes/bug10124

@@ -1,3 +0,0 @@
-  o Documentation:
-    - Replace remaining references to DirServer in man page and
-      log entries. Resolves ticket 10124.

changes/bug1038-3

@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - Warn and drop the circuit if we receive an inbound 'relay early'
-      cell. Those used to be normal to receive on hidden service circuits
-      due to bug 1038, but the buggy Tor versions are long gone from
-      the network so we can afford to resume watching for them. Resolves
-      the rest of bug 1038; bugfix on 0.2.1.19.

changes/bug10402

@@ -1,11 +0,0 @@
-  o Major bugfixes:
-    - Do not allow OpenSSL engines to replace the PRNG, even when
-      HardwareAccel is set. The only default builtin PRNG engine uses
-      the Intel RDRAND instruction to replace the entire PRNG, and
-      ignores all attempts to seed it with more entropy. That's
-      cryptographically stupid: the right response to a new alleged
-      entropy source is never to discard all previously used entropy
-      sources. Fixes bug 10402; works around behavior introduced in
-      OpenSSL 1.0.0. Diagnosis and investigation thanks to "coderman"
-      and "rl1987".
-

changes/bug10409

@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Avoid a crash bug when starting with a corrupted microdescriptor
-      cache file. Fix for bug 10406; bugfix on 0.2.2.6-alpha.

changes/bug10423

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - If we fail to dump a previously cached microdescriptor to disk, avoid
-      freeing duplicate data later on. Fix for bug 10423; bugfix on
-      0.2.4.13-alpha. Spotted by "bobnomnom".

changes/bug10456

@@ -1,6 +0,0 @@
-  o Major bugfixes:
-    - Avoid launching spurious extra circuits when a stream is pending.
-      This fixes a bug where any circuit that _wasn't_ unusable for new
-      streams would be treated as if it were, causing extra circuits to
-      be launched. Fixes bug 10456; bugfix on 0.2.4.12-alpha.
-

changes/bug10465

@@ -1,3 +0,0 @@
-  o Major bugfixes:
-    - Fix assertion failure when AutomapHostsOnResolve yields an IPv6
-      address. Fixes bug 10465; bugfix on 0.2.4.7-alpha.

changes/bug10470

@@ -1,4 +0,0 @@
-  o Documentation fixes:
-    - Note that all but one DirPort entry must have the NoAdvertise flag
-      set. Fix for #10470.
-

changes/bug10485

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Move message about circuit handshake counts into the heartbeat
-      message where it belongs, instead of logging it once per hour
-      unconditionally. Fixes bug 10485; bugfix on 0.2.4.17-rc.

changes/bug10777_internal_024

@@ -1,4 +0,0 @@
-  o Major bugfixes:
-    - Do not treat END_STREAM_REASON_INTERNAL as indicating a definite
-      circuit failure, since it could also indicate an ENETUNREACH
-      error. Fixes part of bug 10777; bugfix on 0.2.4.8-alpha.

changes/bug10793

@@ -1,4 +0,0 @@
-  o Minor features (security):
-    - Always clear OpenSSL bignums before freeing them--even bignums
-      that don't contain secrets. Resolves ticket 10793. Patch by
-      Florent Daigniere.

changes/bug10835

@@ -1,4 +0,0 @@
-  o Minor bugfixes (testing):
-    - Fix a segmentation fault in our benchmark code when running with
-      Fedora's OpenSSL package, or any other OpenSSL that provides
-      ECDH but not P224. Fixes bug 10835; bugfix on 0.2.4.8-alpha.

changes/bug10849_023

@@ -1,6 +0,0 @@
-  o Major bugfixes:
-    - When running a hidden service, do not allow TunneledDirConns 0;
-      this will keep the hidden service from running, and also
-      make it publish its descriptors directly over HTTP. Fixes bug 10849;
-      bugfix on 0.2.1.1-alpha.
-

changes/bug10870

@@ -1,6 +0,0 @@
-  o Code simplification and refactoring:
-    - Remove data structures which were introduced to implement the
-      CellStatistics option: they are now redundant with the addition
-      of timestamp to the regular packed_cell_t data structure, which
-      we did in 0.2.4.18-rc in order to resolve #9093. Fixes bug
-      10870.

changes/bug10904

@@ -1,5 +0,0 @@
-  o Minor bugfixes (compilation):
-    - Build without warnings under clang 3.4. (We have some macros that
-      define static functions only some of which will get used later in
-      the module. Starting with clang 3.4, these give a warning unless the
-      unused attribute is set on them.)

changes/bug10929

@@ -1,6 +0,0 @@
-  - Minor bugfixes:
-    - Fix build warnings about missing "a2x" comment when building the
-      manpages from scratch on OpenBSD; OpenBSD calls it "a2x.py".
-      Fixes bug 10929; bugfix on tor-0.2.2.9-alpha. Patch from
-      Dana Koch.
-

changes/bug11437

@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Stop leaking memory when we successfully resolve a PTR record.
-      Fixes bug 11437; bugfix on 0.2.4.7-alpha.

changes/bug11464_023

@@ -1,5 +0,0 @@
-  o Major features (security):
-    - Block authority signing keys that were used on an authorities
-      vulnerable to the "heartbleed" bug in openssl (CVE-2014-0160).
-      (We don't have any evidence that these keys _were_ compromised;
-      we're doing this to be prudent.) Resolves ticket 11464.

changes/bug11513

@@ -1,12 +0,0 @@
-  o Major bugfixes:
-    - Generate the server's preference list for ciphersuites
-      automatically based on uniform criteria, and considering all
-      OpenSSL ciphersuites with acceptable strength and forward
-      secrecy. (The sort order is: prefer AES to 3DES; break ties by
-      preferring ECDHE to DHE; break ties by preferring GCM to CBC;
-      break ties by preferring SHA384 to SHA256 to SHA1; and finally,
-      break ties by preferring AES256 to AES128.) This resolves bugs
-      #11513, #11492, #11498, #11499. Bugs reported by 'cypherpunks'.
-      Bugfix on 0.2.4.8-alpha.
-
-

changes/bug11519

@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Avoid sending an garbage value to the controller when a circuit is
-      cannibalized. Fixes bug 11519; bugfix on 0.2.3.11-alpha.

changes/bug11553

@@ -1,5 +0,0 @@
-  o Minor features:
-    - When we run out of usable circuit IDs on a channel, log only one
-      warning for the whole channel, and include a description of
-      how many circuits there were on the channel. Fix for part of ticket
-      #11553.

changes/bug12227

@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Avoid an illegal read from stack when initializing the TLS
-      module using a version of OpenSSL without all of the ciphers
-      used by the v2 link handshake. Fixes bug 12227; bugfix on
-      0.2.4.8-alpha.  Found by "starlight".

changes/bug12718

@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Correct a confusing error message when trying to extend a circuit
-      via the control protocol but we don't know a descriptor or
-      microdescriptor for one of the specified relays. Fixes bug 12718;
-      bugfix on 0.2.3.1-alpha.

changes/bug13100

@@ -1,3 +0,0 @@
-  o Directory authority changes:
-    - Change IP address for gabelmoo (v3 directory authority).
-

changes/bug13151-client

@@ -1,13 +0,0 @@
-  o Major bugfixes:
-    - Clients now send the correct address for their chosen rendezvous
-      point when trying to access a hidden service. They used to send
-      the wrong address, which would still work some of the time because
-      they also sent the identity digest of the rendezvous point, and if
-      the hidden service happened to try connecting to the rendezvous
-      point from a relay that already had a connection open to it,
-      the relay would reuse that connection. Now connections to hidden
-      services should be more robust and faster. Also, this bug meant
-      that clients were leaking to the hidden service whether they were
-      on a little-endian (common) or big-endian (rare) system, which for
-      some users might have reduced their anonymity. Fixes bug 13151;
-      bugfix on 0.2.1.5-alpha.

changes/bug13296

@@ -1,5 +0,0 @@
-  o Directory authority changes:
-    - Remove turtles as a directory authority.
-    - Add longclaw as a new (v3) directory authority. This implements
-      ticket 13296. This keeps the directory authority count at 9.
-

changes/bug13471

@@ -1,5 +0,0 @@
-  o Major bugfixes (openssl bug workaround):
-    - Avoid crashing when using OpenSSL version 0.9.8zc, 1.0.0o, or
-      1.0.1j, built with the 'no-ssl3' configuration option. Fixes
-      bug 13471. This is a workaround for an OpenSSL bug.
-

changes/bug14129

@@ -1,7 +0,0 @@
-  o Major bugfixes (exit node stability):
-
-    - Fix an assertion failure that could occur under high DNS load.  Fixes
-      bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr"; diagnosed and fixed
-      by "cypherpunks".
-
-

changes/bug15083

@@ -1,10 +0,0 @@
-  o Major bugfixes (relay, stability, possible security):
-    - Fix a bug that could lead to a relay crashing with an assertion
-      failure if a buffer of exactly the wrong layout was passed
-      to buf_pullup() at exactly the wrong time. Fixes bug 15083;
-      bugfix on 0.2.0.10-alpha. Patch from 'cypherpunks'.
-
-    - Do not assert if the 'data' pointer on a buffer is advanced to the very
-      end of the buffer; log a BUG message instead.  Only assert if it is
-      past that point. Fixes bug 15083; bugfix on 0.2.0.10-alpha.
-

changes/bug15515

@@ -1,4 +0,0 @@
-  o Minor features (DoS-resistance):
-    - Make it harder for attackers to overwhelm hidden services with
-      introductions, by blocking multiple introduction requests on the
-      same circuit. Resolves ticket #15515.

changes/bug15600

@@ -1,5 +0,0 @@
-  o Major bugfixes (security, hidden service):
-    - Fix an issue that would allow a malicious client to trigger
-      an assertion failure and halt a hidden service. Fixes
-      bug 15600; bugfix on 0.2.1.6-alpha. Reported by "skruffy".
-

changes/bug15601

@@ -1,4 +0,0 @@
-  o Major bugfixes (security, hidden service):
-    - Fix a bug that could cause a client to crash with an assertion
-      failure when parsing a malformed hidden service descriptor.
-      Fixes bug 15601; bugfix on 0.2.1.5-alpha. Found by "DonnCha".

changes/bug15823

@@ -1,4 +0,0 @@
-  o Minor bugfixes (hidden service):
-    - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells
-      on a client authorized hidden service. Fixes bug 15823; bugfix
-      on 0.2.1.6-alpha.

changes/bug16248

@@ -1,8 +0,0 @@
-  o Major bugfixes (dns proxy mode, crash):
-    - Avoid crashing when running as a DNS proxy. Closes bug 16248; bugfix on
-      0.2.0.1-alpha. Patch from 'cypherpunks'.
-
-  o Minor features (bug-resistance):
-    - Make Tor survive errors involving connections without a corresponding
-      event object. Previously we'd fail with an assertion; now we produce a
-      log message. Related to bug 16248.

changes/bug17404

@@ -1,6 +0,0 @@
-  o Major bugfixes (security, correctness):
-    - Fix a programming error that could cause us to read 4 bytes before
-      the beginning of an openssl string. This could be used to provoke
-      a crash on systems with an unusual malloc implementation, or
-      systems with unsual hardening installed. Fixes bug 17404; bugfix
-      on 0.2.3.6-alpha.

changes/bug17772

@@ -1,7 +0,0 @@
-  o Major bugfixes (guard selection):
-    - Actually look at the Guard flag when selecting a new directory
-      guard. When we implemented the directory guard design, we
-      accidentally started treating all relays as if they have the Guard
-      flag during guard selection, leading to weaker anonymity and worse
-      performance. Fixes bug 17222; bugfix on 0.2.4.8-alpha. Discovered
-      by Mohsen Imani.

changes/bug17781

@@ -1,3 +0,0 @@
-  o Compilation fixes:
-    - Fix a compilation warning with Clang 3.6: Do not check the
-      presence of an address which can never be NULL. Fixes bug 17781.

changes/bug17906

@@ -1,4 +0,0 @@
-  o Minor features (authorities):
-    - Update the V3 identity key for dannenberg, it was changed on
-      18 November 2015.
-      Closes task #17906. Patch by "teor".

changes/bug18089

@@ -1,6 +0,0 @@
-  o Minor fixes (security):
-    - Make memwipe() do nothing when passed a NULL pointer
-      or zero size. Check size argument to memwipe() for underflow.
-      Closes bug #18089. Reported by "gk", patch by "teor".
-      Bugfix on 0.2.3.25 and 0.2.4.6-alpha (#7352),
-      commit 49dd5ef3 on 7 Nov 2012.

changes/bug18162

@@ -1,7 +0,0 @@
-  o Major bugfixes (security, pointers):
-
-    - Avoid a difficult-to-trigger heap corruption attack when extending
-      a smartlist to contain over 16GB of pointers. Fixes bug #18162;
-      bugfix on Tor 0.1.1.11-alpha, which fixed a related bug
-      incompletely. Reported by Guido Vranken.
-

changes/bug1992

@@ -1,11 +0,0 @@
-  o Minor bugfixes:
-    - Stop trying to resolve our hostname so often (e.g. every time we
-      think about doing a directory fetch). Now we reuse the cached
-      answer in some cases. Fixes bugs 1992 (bugfix on 0.2.0.20-rc)
-      and 2410 (bugfix on 0.1.2.2-alpha).
-
-  o Minor features:
-    - Make bridge relays check once a minute for whether their IP
-      address has changed, rather than only every 15 minutes. Resolves
-      bugs 1913 and 1992.
-

changes/bug20384

@@ -1,10 +0,0 @@
-  o Major features (security fixes):
-    - Prevent a class of security bugs caused by treating the contents
-      of a buffer chunk as if they were a NUL-terminated string. At
-      least one such bug seems to be present in all currently used
-      versions of Tor, and would allow an attacker to remotely crash
-      most Tor instances, especially those compiled with extra compiler
-      hardening. With this defense in place, such bugs can't crash Tor,
-      though we should still fix them as they occur. Closes ticket
-      20384 (TROVE-2016-10-001).
-

changes/bug21018

@@ -1,11 +0,0 @@
-  o Major bugfixes (parsing, security):
-
-    - Fix a bug in parsing that could cause clients to read a single
-      byte past the end of an allocated region. This bug could be
-      used to cause hardened clients (built with
-      --enable-expensive-hardening) to crash if they tried to visit
-      a hostile hidden service.  Non-hardened clients are only
-      affected depending on the details of their platform's memory
-      allocator. Fixes bug 21018; bugfix on 0.2.0.8-alpha. Found by
-      using libFuzzer. Also tracked as TROVE-2016-12-002 and as
-      CVE-2016-1254.

changes/bug22490

@@ -1,3 +0,0 @@
-  o Minor bugfixes (correctness):
-    - Avoid undefined behavior when parsing IPv6 entries from the geoip6
-      file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.

changes/bug2286

@@ -1,5 +0,0 @@
-  o Major features (directory authority):
-    - Directory authorities now support a new consensus method (17)
-      where they cap the published bandwidth of servers for which
-      insufficient bandwidth measurements exist. Fixes part of bug
-      2286.

changes/bug5595

@@ -1,8 +0,0 @@
-  o Critical bugfixes:
-    - Distinguish downloading an authority certificate by identity digest from
-      downloading one by identity digest/signing key digest pair; formerly we
-      always request them only by identity digest and get the newest one even
-      when we wanted one with a different signing key.  Then we would complain
-      about being given a certificate we already had, and never get the one we
-      really wanted.  Now we use the "fp-sk/" resource as well as the "fp/"
-      resource to request the one we want.  Fixes bug 5595.

changes/bug5650

@@ -1,5 +0,0 @@
-  o Major bugfixes:
-    - Avoid a bug where our response to TLS renegotation under certain
-      network conditions could lead to a busy-loop, with 100% CPU
-      consumption. Fixes bug 5650; bugfix on 0.2.0.16-alpha.
-

changes/bug6026

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Relays now treat a changed IPv6 ORPort as sufficient reason to
-      publish an updated descriptor. Fix for bug 6026; bugfix for
-      0.2.4.1-alpha.

changes/bug6055

@@ -1,6 +0,0 @@
-  o Major enhancements:
-    - Re-enable TLS 1.1 and 1.2 when built with OpenSSL 1.0.1e or later.
-      (OpenSSL before 1.0.1 didn't have TLS 1.1 or 1.2. OpenSSL from 1.0.1
-      through 1.0.1d had bugs that prevented renegotiation from working
-      with TLS 1.1 or 1.2, so we disabled them to solve bug 6033.) Fix for
-      issue #6055.

changes/bug6174

@@ -1,6 +0,0 @@
-  o Major bugfixes:
-    - When we mark a circuit as unusable for new circuits, have it
-      continue to be unusable for new circuits even if MaxCircuitDirtiness
-      is increased too much at the wrong time, or the system clock jumped
-      backwards. Fix for bug 6174; bugfix on 0.0.2pre26.
-     

changes/bug6206

@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - Always check the return values of functions fcntl() and
-      setsockopt(). We don't believe these are ever actually failing in
-      practice, but better safe than sorry. Also, checking these return
-      values should please some analysis tools (like Coverity). Patch
-      from 'flupzor'. Fix for bug 8206; bugfix on all versions of Tor.

changes/bug6304

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Behave correctly when the user disables LearnCircuitBuildTimeout
-      but doesn't tell us what they would like the timeout to be. Fixes
-      bug 6304; bugfix on 0.2.2.14-alpha. 

changes/bug6572

@@ -1,4 +0,0 @@
- o Minor bugfixes (log messages)
-   - Use circuit creation time for network liveness evaluation. This
-     should eliminate warning log messages about liveness caused by
-     changes in timeout evaluation. Fixes bug 6572; bugfix on 0.2.4.8-alpha.

changes/bug6673

@@ -1,4 +0,0 @@
-  o Minor features (build):
-    - Detect and reject attempts to build Tor with threading support
-      when OpenSSL have been compiled with threading support disabled.
-      Fixes bug 6673.

changes/bug6979

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix an assertion failure that would occur when disabling the
-      ORPort setting on a running Tor process while accounting was
-      enabled. Fixes bug 6979; bugfix on 0.2.2.18-alpha.

changes/bug7054

@@ -1,4 +0,0 @@
-  o Minor bugfixes (man page):
-    - Say "KBytes" rather than "KB" in the man page (for various values
-      of K), to further reduce confusion about whether Tor counts in
-      units of memory or fractions of units of memory. Fixes bug 7054.

changes/bug7065

@@ -1,5 +0,0 @@
- o Minor bugfix (log cleanups):
-   - Eliminate several instances where we use Nickname=ID to refer to
-     nodes in logs. Use Nickname (ID) instead. (Elsewhere, we still use
-     $ID=Nickname, which is also acceptable.) Fixes bug #7065. Bugfix
-     on 0.2.3.21-rc, 0.2.4.5-alpha, 0.2.4.8-alpha, and 0.2.4.10-alpha.

changes/bug7143

@@ -1,4 +0,0 @@
-  o Minor bugfixes (build):
-    - Add the old src/or/micro-revision.i filename to CLEANFILES.
-      On the off chance that somebody has one, it will go away as soon
-      as they run "make clean". Fix for bug 7143; bugfix on 0.2.4.1-alpha.

changes/bug7164_diagnostic

@@ -1,4 +0,0 @@
-  o Minor features (bug diagnostic):
-    - If we fail to free a microdescriptor because of bug #7164, log
-      the filename and line number from which we tried to free it.
-      This should help us finally fix #7164.

changes/bug7164_downgrade

@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - Downgrade the warning severity for the the "md was still referenced 1
-      node(s)" warning. Tor 0.2.5.4-alpha has better code for trying to
-      diagnose this bug, and the current warning in earlier versions of
-      tor achieves nothing useful. Addresses warning from bug 7164.
-

changes/bug7280

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix some bugs in tor-fw-helper-natpmp when trying to build and
-      run it on Windows. More bugs likely remain. Patch from Gisle Vanem.
-      Fixes bug 7280; bugfix on 0.2.3.1-alpha.

changes/bug7302

@@ -1,11 +0,0 @@
-  o Minor bugfixes:
-    - Don't log inappropriate heartbeat messages when hibernating: a
-      hibernating node is _expected_ to drop out of the consensus,
-      decide it isn't bootstrapped, and so forth.  Fixes part of bug
-      7302; bugfix on 0.2.3.1-alpha.
-
-    - Don't complain about bootstrapping problems while hibernating.
-      These complaints reflect a general code problems, but not one
-      with any problematic effects. (No connections are actually
-      opened.) Fixes part of bug 7302; bugfix on 0.2.3.2-alpha.
-

changes/bug7350

@@ -1,4 +0,0 @@
-  o Major bugfixes:
-    - Avoid an assertion when we discover that we'd like to write a cell
-      onto a closing connection: just discard the cell. Fixes another
-      case of bug 7350; bugfix on 0.2.4.4-alpha.

changes/bug7582

@@ -1,9 +0,0 @@
-  o Major bugfixes:
-
-    - When an exit node tells us that it is rejecting because of its
-      exit policy a stream we expected it to accept (because of its exit
-      policy), do not mark the node as useless for exiting if our
-      expectation was only based on an exit policy summary.  Instead,
-      mark the circuit as unsuitable for that particular address. Fixes
-      part of bug 7582; bugfix on 0.2.3.2-alpha.
-

changes/bug7707_diagnostic

@@ -1,5 +0,0 @@
-  o Minor features:
-    - Add another diagnostic to the heartbeat message: track and log
-      overhead that TLS is adding to the data we write.  If this is
-      high, we are sending too little data to SSL_write at a time.
-      Diagnostic for bug 7707.

changes/bug7768

@@ -1,3 +0,0 @@
-  o Documentation fixes:
-    - Update tor-fw-helper.1.txt and tor-fw-helper.c to make option
-      names match. Fixes bug 7768.

changes/bug7799

@@ -1,7 +0,0 @@
- o Minor changes (log clarification)
-   - Add more detail to a log message about relaxed timeouts. Hopefully
-     this additional detail will allow us to diagnose the cause of bug 7799.
- o Minor bugfixes
-   - Don't attempt to relax the timeout of already opened 1-hop circuits.
-     They might never timeout. This should eliminate some/all cases of
-     the relaxed timeout log message.

changes/bug7801

@@ -1,13 +0,0 @@
-  o Minor bugfixes:
-    - When choosing which stream on a formerly stalled circuit to wake
-      first, make better use of the platform's weak RNG.  Previously, we
-      had been using the % ("modulo") operator to try to generate a 1/N
-      chance of picking each stream, but this behaves badly with many
-      platforms' choice of weak RNG. Fix for bug 7801; bugfix on
-      0.2.2.20-alpha.
-    - Use our own weak RNG when we need a weak RNG. Windows's rand()
-      and Irix's random() only return 15 bits; Solaris's random()
-      returns more bits but its RAND_MAX says it only returns 15, and
-      so on.  Fixes another aspect of bug 7801; bugfix on
-      0.2.2.20-alpha.
-

changes/bug7816.024

@@ -1,8 +0,0 @@
-  o Minor bugfixes:
-    - Avoid leaking IPv6 policy content if we fail to format it into
-      a router descriptor. Spotted by Coverity. Fixes part of 7816;
-      bugfix on 0.2.4.7-alpha.
-
-    - Avoid leaking memory if we fail to compute a consensus signature
-      or we generated a consensus we couldn't parse. Spotted by Coverity.
-      Fixes part of 7816; bugfix on 0.2.0.5-alpha.

changes/bug7816_023

@@ -1,7 +0,0 @@
-  o Minor bugfixes (memory leak, controller):
-    - Fix a memory leak during safe-cookie controller authentication.
-      Spotted by Coverity. Fixes part of bug 7816; bugfix on 0.2.3.13-alpha.
-
-  o Minor bugfixes (memory leak, HTTPS proxy support):
-    - Fix a memory leak when receiving headers from an HTTPS proxy.
-      Spotted by Coverity. Fixes part of bug 7816; bugfix on 0.2.1.1-alpha.

changes/bug7816_023_small

@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Fix various places where we leak file descriptors or memory on
-      error cases. Spotted by coverity. Fixes parts of bug 7816.

changes/bug7902

@@ -1,7 +0,0 @@
-  o Minor bugfixes:
-    - When we receive a RELAY_END cell with the reason DONE, or with no
-      reason, before receiving a RELAY_CONNECTED cell, report the SOCKS
-      status as "connection refused."  Previously we reporting these
-      cases as success but then immediately closing the connection.
-      Fixes bug 7902; bugfix on 0.1.0.1-rc. Reported by "oftc_must_
-      be_destroyed."

changes/bug7947

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix the handling of a TRUNCATE cell when it arrives while the circuit
-      extension is in progress. Fixes bug 7947; bugfix on 0.0.7.1.
-

changes/bug7950

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - When rejecting a configuration because we were unable to parse a
-      quoted string, log an actual error message. Fix for bug 7950;
-      bugfix on 0.2.0.16-alpha.

changes/bug7982

@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-     - Copy-paste description for PathBias params from man page into or.h
-       comment.  Fixes bug 7982.

changes/bug8002

@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - When autodetecting the number of CPUs, use the number of available
-      CPUs in preferernce to the number of configured CPUs. Inform the
-      user if this reduces the number of avialable CPUs. Fix for bug 8002.
-      Bugfix on 0.2.3.1-alpha.

changes/bug8014

@@ -1,5 +0,0 @@
-  o Minor usability improvements (build):
-    - Clarify that when autconf is checking for nacl, it is checking
-      specifically for nacl with a fast curve25519 implementation.
-      Fixes bug 8014.
-

changes/bug8031

@@ -1,7 +0,0 @@
-  o Minor bugfixes:
-    - Use direct writes rather than stdio when building microdescriptor
-      caches, in an attempt to mitigate bug 8031, or at least make it
-      less common.
-    - Warn more aggressively when flushing microdescriptors to a
-      microdescriptor cache fails, in an attempt to mitegate bug 8031,
-      or at least make it more diagnosable.

changes/bug8037

@@ -1,8 +0,0 @@
-  o Minor bugfixes:
-    - Correctly store microdescriptors and extrainfo descriptors with
-      an internal NUL byte. Fixes bug 8037; bugfix on 0.2.0.1-alpha.
-      Bug reported by "cypherpunks".
-
-  o Minor features:
-    - Reject as invalid most directory objects containing a
-      NUL. Belt-and-suspender fix for bug 8037.

changes/bug8059

@@ -1,6 +0,0 @@
-  o Minor bugfixes (protocol conformance):
-    - Fix a misframing issue when reading the version numbers in a
-      VERSIONS cell. Previously we would recognize [00 01 00 02] as
-      'version 1, version 2, and version 0x100', when it should have
-      only included versions 1 and 2. Fixes bug 8059; bugfix on
-      0.2.0.10-alpha. Reported pseudonymously.

changes/bug8062

@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Increase the width of the field used to remember a connection's
-      link protocol version to two bytes. Harmless for now, since the
-      only currently recognized versions are one byte long.  Reported
-      pseudynmously.  Fixes bug 8062, bugfix on 0.2.0.10-alpha.

changes/bug8065

@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - Downgrade an assertion in connection_ap_expire_beginning to
-      an LD_BUG message. The fix for bug 8024 should prevent this
-      message from displaying, but just in case a warn that we can
-      diagnose is better than more assert crashes. Fix for bug 8065;
-      bugfix on 0.2.4.8-alpha.

changes/bug8093.part1

@@ -1,3 +0,0 @@
-  o Minor features:
-    - Downgrade "unexpected SENDME" warnings to protocol-warn for 0.2.4,
-      for bug 8093.

changes/bug8117

@@ -1,13 +0,0 @@
-  o Major bugfixes:
-
-    - Many SOCKS5 clients, when configured to offer a username/password,
-      offer both username/password authentication and "no authentication".
-      Tor had previously preferred no authentication, but this was
-      problematic when trying to make applications get proper stream
-      isolation with IsolateSOCKSAuth. Now, on any SOCKS port with
-      IsolateSOCKSAuth turned on (which is the default), Tor selects
-      username/password authentication if it's offered. If this confuses your
-      application, you can disable it on a per-SOCKSPort basis via
-      PreferSOCKSNoAuth. Fixes bug 8117; bugfix on 0.2.3.3-alpha.
-
-

changes/bug8121

@@ -1,7 +0,0 @@
-  o Minor features:
-    - Clear the high bit on curve25519 public keys before passing them to
-      our backend, in case we ever wind up using a backend that doesn't do
-      so itself. If we used such a backend, and *didn't* clear the high bit,
-      we could wind up in a situation where users with such backends would
-      be distinguishable from users without. Fix for bug 8121; bugfix on
-      0.2.4.8-alpha.

changes/bug8151

@@ -1,5 +0,0 @@
-  o Minor features (directory authority):
-    - Include inside each vote a statement of the performance
-      thresholds that made the authority vote for its flags. Implements
-      ticket 8151.
- 

changes/bug8158

@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Use less space when formatting identical microdescriptor lines in
-      directory votes. Fixes bug 8158; bugfix on 0.2.4.1-alpha.

changes/bug8161

@@ -1,6 +0,0 @@
- o Minor changes:
-   - Lower path use bias thresholds to .80 for notice and .60 for warn.
-     Fixes bug #8161; bugfix on 0.2.4.10-alpa.
-   - Make the rate limiting flags for the path use bias log messages
-     independent from the original path bias flags. Fixes bug #8161;
-     bugfix on 0.2.4.10-alpha.

changes/bug8180

@@ -1,7 +0,0 @@
-  o Minor bugfixes (security usability):
-    - Elevate the severity of the warning message when setting
-      EntryNodes but disabling UseGuardNodes to an error. The outcome
-      of letting Tor procede with those options enabled (which causes
-      EntryNodes to get ignored) is sufficiently different from what
-      was expected that it's best to just refuse to proceed. Fixes bug
-      8180; bugfix on 0.2.3.11-alpha.

changes/bug8185_diagnostic

@@ -1,3 +0,0 @@
-  o Minor features:
-    - Improve debugging output to attempt to diagnose the underlying
-      cause of bug 8185.

changes/bug8200

@@ -1,5 +0,0 @@
-  o Minor bugfix:
-    - Stop sending a stray "(null)" in some cases for the server status
-      "EXTERNAL_ADDRESS" controller event. Resolves bug 8200; bugfix
-      on 0.1.2.6-alpha.
-

changes/bug8203

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Make the format and order of STREAM events for DNS lookups consistent
-      among the various ways to launch DNS lookups. Fix for bug 8203;
-      bugfix on 0.2.0.24-rc. Patch by "Desoxy."

changes/bug8207

@@ -1,7 +0,0 @@
-  o Major bugfixes (hidden services):
-    - Allow hidden service authentication to succeed again. When we
-      refactored the hidden service introduction code back in 0.2.4.1-alpha,
-      we didn't update the code that checks whether authentication
-      information is present, causing all authentication checks to
-      return "false". Fix for bug 8207; bugfix on 0.2.4.1-alpha. Found by
-      Coverity; this is CID 718615.