Compare commits
202 Commits
master
...
release-0.
Author | SHA1 | Date |
---|---|---|
Nick Mathewson | 89f40ba97a | |
Nick Mathewson | 2e0c22d58b | |
Nick Mathewson | 5a8e902651 | |
Nick Mathewson | b077ccde4e | |
Nick Mathewson | 3ec72ef52a | |
Nick Mathewson | 235083308a | |
Nick Mathewson | f3c581ee21 | |
Nick Mathewson | 9337988900 | |
Nick Mathewson | 52bbd003fd | |
Nick Mathewson | fb47b90cc1 | |
Nick Mathewson | 6661c0352f | |
Nick Mathewson | 28673a600e | |
Nick Mathewson | b5873fa777 | |
Nick Mathewson | f4e033288e | |
Nick Mathewson | fd59766a9c | |
Nick Mathewson | cff872f515 | |
Nick Mathewson | 2182bb827d | |
Nick Mathewson | 99756033f7 | |
Nick Mathewson | 7db388c221 | |
Nick Mathewson | 237aed037d | |
Nick Mathewson | 2d4983dcd7 | |
Nick Mathewson | 15a7e24dcd | |
Nick Mathewson | 2f9032f1cc | |
Nick Mathewson | bad224df85 | |
Nick Mathewson | adec001c9a | |
Nick Mathewson | 254535a142 | |
Nick Mathewson | 9eaa66db0b | |
Nick Mathewson | e25e980285 | |
Nick Mathewson | 7cab15eabc | |
Nick Mathewson | 8d34a6ea9c | |
Nick Mathewson | e38b0c2eb9 | |
Nick Mathewson | 6e37ba5543 | |
Nick Mathewson | fa22cc6514 | |
Nick Mathewson | 14f3f8e341 | |
Nick Mathewson | 6d3b808198 | |
Nick Mathewson | 1ee8ed4b63 | |
Nick Mathewson | 5c64d56a41 | |
Nick Mathewson | 8f6e89754b | |
Nick Mathewson | 19ed669749 | |
Nick Mathewson | 963324cf2a | |
Nick Mathewson | f7503fb1a5 | |
Nick Mathewson | 153a0b278f | |
Nick Mathewson | 64ac28ef5d | |
Nick Mathewson | 4ab3fe6d26 | |
Nick Mathewson | 3ce02372d6 | |
Nick Mathewson | fe3b7e15b5 | |
Nick Mathewson | 33b500851c | |
Nick Mathewson | df842d84a8 | |
Nick Mathewson | 1e4a5dc9d1 | |
Nick Mathewson | 7758c66b31 | |
Nick Mathewson | d6021989d9 | |
Nick Mathewson | 4e5df73555 | |
Nick Mathewson | 42e925353c | |
Nick Mathewson | f5951b7320 | |
Nick Mathewson | aa9c899724 | |
Nick Mathewson | 02772c94ff | |
Nick Mathewson | 4b8ca2ca71 | |
Nick Mathewson | c159617c0c | |
Nick Mathewson | a33d9f9b2b | |
Nick Mathewson | 383fdeca12 | |
Nick Mathewson | d309d28ca5 | |
Nick Mathewson | 1243c1000c | |
Nick Mathewson | 5f8440981a | |
Nick Mathewson | 9583b34a40 | |
Nick Mathewson | bee3a46c97 | |
Nick Mathewson | c02646b8f0 | |
Nick Mathewson | 0691feda26 | |
Nick Mathewson | 17f20c7b3f | |
Nick Mathewson | 5d63ceb25c | |
Nick Mathewson | c59e04b511 | |
Nick Mathewson | 9b3b49f83e | |
Nick Mathewson | 9b024fb281 | |
Nick Mathewson | fe7a0c34b0 | |
Nick Mathewson | 5d68e5b8fc | |
Nick Mathewson | 592cc50ed4 | |
Nick Mathewson | 6a00e703a2 | |
Nick Mathewson | 9a998e1d0f | |
Nick Mathewson | b58faf1717 | |
Nick Mathewson | 31e7b47fbe | |
Nick Mathewson | ba5f3d51d6 | |
Nick Mathewson | c4a91e0424 | |
Nick Mathewson | 7968baba4f | |
Nick Mathewson | 38daa8f3cc | |
Nick Mathewson | f6614c751b | |
Nick Mathewson | 475fecd909 | |
Nick Mathewson | 212d984dc5 | |
Nick Mathewson | 5b336f2e0b | |
Nick Mathewson | eede3a171a | |
Roger Dingledine | 74d091887c | |
Roger Dingledine | 357d7f172a | |
Nick Mathewson | 081fb70518 | |
Nick Mathewson | fb739ac576 | |
Nick Mathewson | 18ee1d2029 | |
Nick Mathewson | 2cc900e74a | |
Nick Mathewson | 91f06ba280 | |
Nick Mathewson | 5d0237ff23 | |
Nick Mathewson | 2ba047f596 | |
Nick Mathewson | 6520ef5478 | |
Nick Mathewson | badc444f7a | |
Nick Mathewson | 44c5fc6878 | |
Nick Mathewson | 3e920a3468 | |
Nick Mathewson | 4d1e39b21b | |
Nick Mathewson | d579528033 | |
Nick Mathewson | c04339810b | |
Nick Mathewson | da84aec55c | |
Nick Mathewson | 9406e28702 | |
Nick Mathewson | 49e4848641 | |
Nick Mathewson | 89e4126cd9 | |
Nick Mathewson | 53d4c505cd | |
Nick Mathewson | 31df6a7a23 | |
Nick Mathewson | 7df4f23d95 | |
Nick Mathewson | caa16bffc7 | |
Nick Mathewson | a8b607bfdd | |
Nick Mathewson | f527a809b3 | |
Nick Mathewson | 8a163e9579 | |
Nick Mathewson | 06b9f75f3e | |
Roger Dingledine | 263088633a | |
Nick Mathewson | ffa90d8142 | |
Nick Mathewson | 84b8131826 | |
Nick Mathewson | 1cc26c906c | |
Nick Mathewson | 82957bf91a | |
Nick Mathewson | 46e2c15e2f | |
Nick Mathewson | 619507a029 | |
Nick Mathewson | 041947977e | |
Nick Mathewson | 824b160931 | |
Nick Mathewson | fa038ebb7b | |
Nick Mathewson | e085b11d27 | |
Nick Mathewson | 6e181bafff | |
Nick Mathewson | ee47010e60 | |
Nick Mathewson | 4d217548e3 | |
Nick Mathewson | f2517b31c4 | |
Nick Mathewson | 98a9e2fb86 | |
Nick Mathewson | 64591c3e55 | |
Roger Dingledine | af0ba03389 | |
Roger Dingledine | e37ae4fd3c | |
Nick Mathewson | fac0decef2 | |
Nick Mathewson | 176a57fd4c | |
Nick Mathewson | 7ebcc1b5c4 | |
Nick Mathewson | 258988ca51 | |
Nick Mathewson | 845d3fefac | |
Nick Mathewson | babafdd4fb | |
Nick Mathewson | fe53f9c17d | |
Nick Mathewson | 449c61f452 | |
Nick Mathewson | 35a5a1b633 | |
Nick Mathewson | 5a64f42f91 | |
Nick Mathewson | a5b953ae21 | |
Nick Mathewson | 2238e60b92 | |
Nick Mathewson | 9baf4d10b4 | |
Nick Mathewson | 8e633d0643 | |
Nick Mathewson | 3a6cbded53 | |
Nick Mathewson | 79213afd3a | |
Nick Mathewson | 7e47709faa | |
Nick Mathewson | 1992ed6756 | |
Nick Mathewson | c174f060fa | |
Nick Mathewson | d3c624bfd0 | |
Nick Mathewson | aeb95c2091 | |
Nick Mathewson | 6220cd13c5 | |
Nick Mathewson | e512e6ca59 | |
Nick Mathewson | 803fa75f7f | |
Nick Mathewson | 017245074e | |
Nick Mathewson | 34879d0a4b | |
Nick Mathewson | 87ea2b6655 | |
Nick Mathewson | 5b57f88f60 | |
Nick Mathewson | cc6fcbde4e | |
Nick Mathewson | cf13189064 | |
Nick Mathewson | a839ed5cc1 | |
Nick Mathewson | b673f7e174 | |
Nick Mathewson | eb27988a01 | |
Nick Mathewson | 61d795f856 | |
Nick Mathewson | fa6a228ce8 | |
Nick Mathewson | 1cdb839108 | |
Nick Mathewson | 299f892815 | |
Nick Mathewson | b74ce86830 | |
Nick Mathewson | 1dbb5aac89 | |
Nick Mathewson | 8760325550 | |
Nick Mathewson | ef87106583 | |
Nick Mathewson | 2728a12232 | |
Nick Mathewson | 399eebea54 | |
Nick Mathewson | dc624a7db1 | |
Nick Mathewson | d7b843c5ed | |
Nick Mathewson | c90f808ebc | |
Nick Mathewson | fc4a3b30c8 | |
Nick Mathewson | cd12ee6740 | |
Nick Mathewson | b28acba3c3 | |
Nick Mathewson | 3e2d061397 | |
Nick Mathewson | e32281b000 | |
Nick Mathewson | 693e48a5a4 | |
Nick Mathewson | 9d199893fe | |
Nick Mathewson | b5e2b3844a | |
Nick Mathewson | 0f80dd2a26 | |
Nick Mathewson | fd34049f3d | |
Nick Mathewson | f2824887e3 | |
Nick Mathewson | 945aa99311 | |
Nick Mathewson | 2b8ba551d3 | |
Nick Mathewson | 0a05afa96d | |
Nick Mathewson | c4b7b4ad4b | |
Nick Mathewson | 1e97b6afc6 | |
Nick Mathewson | ef03dc0cd3 | |
Nick Mathewson | e75fe8ffa1 | |
Nick Mathewson | 8c88e87662 | |
Nick Mathewson | 647ff9a8d1 | |
Nick Mathewson | 2447ed1419 |
1161
ReleaseNotes
1161
ReleaseNotes
File diff suppressed because it is too large
Load Diff
|
@ -1,2 +0,0 @@
|
|||
o Directory authority changes:
|
||||
- Urras is no longer a directory authority. Closes ticket 19271.
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes (build):
|
||||
- When building manual pages, set the timezone to "UTC", so that the
|
||||
output is reproducible. Fixes bug 19558; bugfix on 0.2.2.9-alpha.
|
||||
Patch from intrigeri.
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features (directory authority):
|
||||
- Add an IPv6 address for the "bastet" directory authority.
|
||||
Closes ticket 24394.
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
o Minor feature (fallback directories):
|
||||
- Remove broken fallbacks from the hard-coded fallback directory list.
|
||||
Closes ticket 20190; patch by teor.
|
|
@ -1,11 +0,0 @@
|
|||
o Major features (security fixes):
|
||||
|
||||
- Prevent a class of security bugs caused by treating the contents
|
||||
of a buffer chunk as if they were a NUL-terminated string. At
|
||||
least one such bug seems to be present in all currently used
|
||||
versions of Tor, and would allow an attacker to remotely crash
|
||||
most Tor instances, especially those compiled with extra compiler
|
||||
hardening. With this defense in place, such bugs can't crash Tor,
|
||||
though we should still fix them as they occur. Closes ticket 20384
|
||||
(TROVE-2016-10-001).
|
||||
|
|
@ -1,7 +0,0 @@
|
|||
o Minor bugfixes (directory warnings):
|
||||
- When fetching extrainfo documents, compare their SHA256 digests
|
||||
and Ed25519 signing key certificates
|
||||
with the routerinfo that led us to fetch them, rather than
|
||||
with the most recent routerinfo. Otherwise we generate many
|
||||
spurious warnings about mismatches. Fixes bug 17150; bugfix
|
||||
on 0.2.7.2-alpha.
|
|
@ -1,5 +0,0 @@
|
|||
o Minor bugfixes (build):
|
||||
- Remove a pair of redundant AM_CONDITIONAL declarations from
|
||||
configure.ac. Fixes one final case of bug 17744; bugfix on
|
||||
0.2.8.2-alpha.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes (logging):
|
||||
- When we can't generate a signing key because OfflineMasterKey is set,
|
||||
do not imply that we should have been able to load it.
|
||||
Fixes bug 18133; bugfix on 0.2.7.2-alpha.
|
|
@ -1,5 +0,0 @@
|
|||
o Minor features (build):
|
||||
- Tor now builds again with the recent OpenSSL 1.1 development branch
|
||||
(tested against 1.1.0-pre4 and 1.1.0-pre5-dev). Closes ticket 18286.
|
||||
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Documentation:
|
||||
- Stop recommending use of nicknames to identify relays in our
|
||||
MapAddress documentation. Closes ticket 18312.
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
o Minor features (bridge):
|
||||
- Bridges now include notice in their descriptors that they are bridges,
|
||||
and notice of their distribution status, based on their publication
|
||||
settings. Implements ticket 18329. For more fine-grained control of
|
||||
how a bridge is distributed, upgrade to 0.3.2.x or later.
|
||||
|
|
@ -1,7 +0,0 @@
|
|||
o Minor bugfixes (Linux seccomp2 sandbox):
|
||||
- Add a few missing syscalls to the seccomp2 sandbox: sysinfo,
|
||||
getsockopt(SO_SNDBUF), and setsockopt(SO_SNDBUFFORCE). On
|
||||
some systems, these are required for Tor to start with
|
||||
"Sandbox 1" enabled.
|
||||
Fixes bug 18397; bugfix on 0.2.5.1-alpha. Patch from
|
||||
Daniel Pinto.
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes (statistics):
|
||||
- We now include consensus downloads via IPv6 in our directory-request statistics.
|
||||
Fixes bug 18460; bugfix on 0.2.3.14-alpha.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
o Minor bugfixes (client):
|
||||
- Turn all TestingClientBootstrap* into non-testing torrc options. This
|
||||
changes simply renames them by removing "Testing" in front of them and
|
||||
they do not require TestingTorNetwork to be enabled anymore. Fixes
|
||||
bug 18481; bugfix on 0.2.8.1-alpha.
|
|
@ -1,14 +0,0 @@
|
|||
o Major bugfixes (directory mirrors):
|
||||
- Decide whether to advertise begindir support the same way we decide
|
||||
whether to advertise our DirPort. These decisions being out of sync
|
||||
led to surprising behavior like advertising begindir support when
|
||||
our hibernation config options made us not advertise a DirPort.
|
||||
Resolves bug 18616; bugfix on 0.2.8.1-alpha. Patch by teor.
|
||||
|
||||
o Minor bugfixes:
|
||||
- Consider more config options when relays decide whether to regenerate
|
||||
their descriptor. Fixes more of bug 12538; bugfix on 0.2.8.1-alpha.
|
||||
- Resolve some edge cases where we might launch an ORPort reachability
|
||||
check even when DisableNetwork is set. Noticed while fixing bug
|
||||
18616; bugfix on 0.2.3.9-alpha.
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
o Minor bugfixes (tests):
|
||||
- Avoid "WSANOTINITIALISED" warnings in the unit tests. Fixes bug 18668;
|
||||
bugfix on 0.2.8.1-alpha.
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes (memory leak):
|
||||
- Fix a small memory leak that would occur when the
|
||||
TestingEnableCellStatsEvent option was turned on. Fixes bug 18673;
|
||||
bugfix on 0.2.5.2-alpha.
|
|
@ -1,5 +0,0 @@
|
|||
o Minor bugfixes (pluggable transports):
|
||||
- Avoid reporting a spurious error when we decide that we don't
|
||||
need to terminate a pluggable transport because it has already
|
||||
exited. Fixes bug 18686; bugfix on 0.2.5.5-alpha.
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
o Major bugfixes (DNS proxy):
|
||||
- Stop a crash that could occur when a client running with DNSPort
|
||||
received a query with multiple address types, where the first
|
||||
address type was not supported. Found and fixed by Scott Dial.
|
||||
Fixes bug 18710; bugfix on 0.2.5.4-alpha.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes (assert, portability):
|
||||
- Fix an assertion failure in memarea.c on systems where "long" is
|
||||
shorter than the size of a pointer.
|
||||
Fixes bug 18716; bugfix on 0.2.1.1-alpha
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes (build):
|
||||
- Resolve warnings when building on systems that are concerned with
|
||||
signed char. Fixes bug 18728; bugfix on 0.2.7.2-alpha and
|
||||
0.2.6.1-alpha.
|
|
@ -1,3 +0,0 @@
|
|||
o Minor features (logging):
|
||||
- Stop blasting twelve lines per second from periodic_event_dispatch()
|
||||
at loglevel debug. Resolves ticket 18729; fix on 0.2.8.1-alpha.
|
|
@ -1,3 +0,0 @@
|
|||
o Minor feature (logging):
|
||||
- When rejecting a misformed INTRODUCE2 cell, only log at PROTOCOL_WARN
|
||||
severity. Closes ticket 18761.
|
|
@ -1,16 +0,0 @@
|
|||
o Major bugfixes (bootstrap):
|
||||
- Check if bootstrap consensus downloads are still needed
|
||||
when the linked connection attaches. This prevents tor
|
||||
making unnecessary begindir-style connections, which are
|
||||
the only directory connections tor clients make since
|
||||
the fix for 18483 was merged.
|
||||
- Fix some edge cases where consensus download connections
|
||||
may not have been closed, even though they were not needed.
|
||||
Related to fix 18809.
|
||||
- Make relays retry consensus downloads the correct number of
|
||||
times, rather than the more aggressive client retry count.
|
||||
Fixes part of ticket 18809.
|
||||
- Stop downloading consensuses when we have a consensus,
|
||||
even if we don't have all the certificates for it yet.
|
||||
Fixes bug 18809; bugfix on 0.2.8.1-alpha.
|
||||
Patches by arma and teor.
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes (bootstrap):
|
||||
- When a fallback changes its fingerprint from the hard-coded
|
||||
fingerprint, log a less severe, more explanatory log message.
|
||||
Fixes bug 18812; bugfix on 0.2.8.1-alpha. Patch by teor.
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfix (bootstrap):
|
||||
- Consistently use the consensus download schedule for
|
||||
authority certificates.
|
||||
Fixes bug 18816; bugfix on 0.2.4.13-alpha.
|
|
@ -1,7 +0,0 @@
|
|||
o Major bugfixes (compilation):
|
||||
- Correctly detect compiler flags on systems where _FORTIFY_SOURCE
|
||||
is predefined. Previously, our use of -D_FORTIFY_SOURCE would
|
||||
cause a compiler warning, thereby making other checks fail.
|
||||
Fixes one case of bug 18841; bugfix on 0.2.3.17-beta. Patch from
|
||||
"trudokal".
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfix (logging):
|
||||
- Reduce excessive logging when directories can't be found.
|
||||
Fixes bug 18849; bugfix on 0.2.8.3-alpha and 0.2.8.1-alpha.
|
||||
Patch by teor.
|
|
@ -1,5 +0,0 @@
|
|||
o Minor bugfixes (controller, microdescriptors):
|
||||
- Make GETINFO dir/status-vote/current/consensus conform to the control
|
||||
specification by returning "551 Could not open cached consensus..."
|
||||
when not caching consensuses.
|
||||
Fixes bug 18920; bugfix on 0.2.2.6-alpha.
|
|
@ -1,4 +0,0 @@
|
|||
o Major bugfixes (IPv6 bridges):
|
||||
- Fix directory address selection for IPv6 bridges.
|
||||
Fixes bug 18921; bugfix on 0.2.8.1-alpha.
|
||||
Patch by "teor".
|
|
@ -1,5 +0,0 @@
|
|||
o Minor bugfixes (IPv6):
|
||||
- Make directory node selection more reliable, mainly for
|
||||
IPv6-only clients and clients with few reachable addresses.
|
||||
Fixes bug 18929; bugfix on 0.2.8.1-alpha.
|
||||
Patch by "teor".
|
|
@ -1,6 +0,0 @@
|
|||
o Major bugfixes (crypto, portability):
|
||||
- The SHA3 and SHAKE routines now produce the correct output on
|
||||
Big Endian systems, unbreaking the unit tests. No code calls
|
||||
either algorithm family yet, so this is primarily a build fix.
|
||||
Fixes bug 18943; bugfix on 0.2.8.1-alpha.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes (time handling):
|
||||
- When correcting a corrupt 'struct tm' value, fill in the tm_wday
|
||||
field. Otherwise, our unit tests crash on Windows.
|
||||
Fixes bug 18977; bugfix on 0.2.2.25-alpha.
|
|
@ -1,5 +0,0 @@
|
|||
o Minor bugfixes (small networks):
|
||||
- Allow directories in small networks to bootstrap by
|
||||
skipping DirPort checks when the consensus has no exits.
|
||||
Fixes bug 19003; bugfix on 0.2.8.1-alpha.
|
||||
Patch by teor.
|
|
@ -1,3 +0,0 @@
|
|||
o Major bugfixes (testing):
|
||||
- Fix a bug that would block 'make test-network-all' on systems
|
||||
where IPv6 packets were lost. Fixes bug 19008; bugfix on tor-0.2.7.3-rc.
|
|
@ -1,4 +0,0 @@
|
|||
o Major bugfixes (security, directory authorities):
|
||||
- Fix a crash and out-of-bounds write during authority voting, when the
|
||||
list of relays includes duplicate ed25519 identity keys. Fixes bug 19032;
|
||||
bugfix on 0.2.8.2-alpha.
|
|
@ -1,3 +0,0 @@
|
|||
o Minor bugfixes (compilation):
|
||||
- When libscrypt.h is found, but no libscrypt library can be linked,
|
||||
treat libscrypt as absent. Fixes bug 19161; bugfix on 0.2.6.1-alpha.
|
|
@ -1,5 +0,0 @@
|
|||
o Minor bugfixes (downloading):
|
||||
- Predict more correctly whether we'll be downloading over HTTP when we
|
||||
determine the maximum length of a URL. This should avoid a "BUG"
|
||||
warning about the Squid HTTP proxy and its URL limits. Fixes bug 19191;
|
||||
bugfix on ?????.
|
|
@ -1,4 +0,0 @@
|
|||
o Major bugfixes (user interface):
|
||||
- Correctly give a warning in the cases where a relay is specified by
|
||||
nickname, and one such relay is found, but it is not officially Named.
|
||||
Fixes bug 19203; bugfix on 0.2.3.1-alpha.
|
|
@ -1,3 +0,0 @@
|
|||
o Minor bugfixes (compilation):
|
||||
- Cause the unit tests to compile correctly on mingw64 versions
|
||||
that lack sscanf. Fixes bug 19213; bugfix on 0.2.7.1-alpha.
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features (build):
|
||||
- Tor now again builds with the recent OpenSSL 1.1 development branch
|
||||
(tested against 1.1.0-pre5 and 1.1.0-pre6-dev).
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
o Minor bugfixes (heartbeat):
|
||||
- Fix regression that crashes Tor when disabling heartbeats. Fixes bug
|
||||
19454; bugfix on tor-0.2.8.1-alpha. Reported by "kubaku".
|
|
@ -1,6 +0,0 @@
|
|||
o Minor bugfixes (user interface):
|
||||
- Remove a warning message "Service [scrubbed] not found after
|
||||
descriptor upload". This message appears when one uses HSPOST control
|
||||
command to upload a service descriptor. Since there is only a descriptor
|
||||
and no service, showing this message is pointless and confusing.
|
||||
Fixes bug 19464; bugfix on 0.2.7.2-alpha.
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features (build):
|
||||
- Tor now again builds with the recent OpenSSL 1.1 development branch
|
||||
(tested against 1.1.0-pre6-dev). Closes ticket 19499.
|
||||
|
|
@ -1,7 +0,0 @@
|
|||
o Minor bugfixes (sandboxing):
|
||||
- When sandboxing is enabled, we could not write any stats to
|
||||
disk. check_or_create_data_subdir("stats"), which prepares the
|
||||
private stats directory, calls check_private_dir(), which also
|
||||
opens and not just stats() the directory. Therefore, we need to
|
||||
also allow open() for the stats dir in our sandboxing setup.
|
||||
Fixes bug 19556; bugfix on 0.2.5.1-alpha.
|
|
@ -1,4 +0,0 @@
|
|||
o Major bugfixes (sandboxing):
|
||||
- Our sandboxing code would not allow us to write to stats/hidserv-stats,
|
||||
causing tor to abort while trying to write stats. This was previously
|
||||
masked by bug 19556. Fixes bug 19557; bugfix on 0.2.6.1-alpha.
|
|
@ -1,6 +0,0 @@
|
|||
o Minor bugfixes (IPv6, microdescriptors):
|
||||
- Don't check node addresses when we only have a routerstatus.
|
||||
This allows IPv6-only clients to bootstrap by fetching
|
||||
microdescriptors from fallback directory mirrors.
|
||||
(The microdescriptor consensus has no IPv6 addresses in it.)
|
||||
Fixes bug 19608; bugfix on c281c036 in 0.2.8.2-alpha.
|
|
@ -1,8 +0,0 @@
|
|||
o Minor bugfixes (sandboxing):
|
||||
- If we did not find a non-private IPaddress by iterating over
|
||||
interfaces, we would try to get one via
|
||||
get_interface_address6_via_udp_socket_hack(). This opens a
|
||||
datagram socket with IPPROTO_UDP. Previously all our datagram
|
||||
sockets (via libevent) used IPPROTO_IP, so we did not have that
|
||||
in the sandboxing whitelist. Add (SOCK_DGRAM, IPPROTO_UDP)
|
||||
sockets to the sandboxing whitelist. Fixes bug 19660.
|
|
@ -1,3 +0,0 @@
|
|||
o Minor bugfixes (compilation):
|
||||
- Fix compilation warning in the unit tests on systems where
|
||||
char is signed. Fixes bug 19682; bugfix on 0.2.8.1-alpha.
|
|
@ -1,3 +0,0 @@
|
|||
o Directory authority changes:
|
||||
- The "Tonga" bridge authority has been retired; the new bridge
|
||||
authority is "Bifroest". Closes tickets 19728 and 19690.
|
|
@ -1,3 +0,0 @@
|
|||
o Minor bugfixes (fallback directories):
|
||||
- Remove a fallback that was on the hardcoded list, then opted-out.
|
||||
Fixes bug 19782; update to fallback list from 0.2.8.2-alpha.
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes (compilation):
|
||||
- Remove an inappropriate "inline" in tortls.c that was causing warnings
|
||||
on older versions of GCC. Fixes bug 19903; 0.2.8.1-alpha.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes (fallback directories):
|
||||
- Avoid logging a NULL string pointer when loading fallback directory information.
|
||||
Fixes bug 19947; bugfix on 0.2.4.7-alpha and 0.2.8.1-alpha.
|
||||
Report and patch by "rubiate".
|
|
@ -1,10 +0,0 @@
|
|||
o Major bugfixes (client performance);
|
||||
- Clients now respond to new application stream requests when
|
||||
they arrive, rather than waiting up to one second before starting
|
||||
to handle them. Fixes part of bug 19969; bugfix on 0.2.8.1-alpha.
|
||||
|
||||
o Major bugfixes (clients on flaky network connections);
|
||||
- When Tor leaves standby because of a new application request, open
|
||||
circuits as needed to serve that request. Previously, we would
|
||||
potentially wait a very long time. Fixes part of bug 19969; bugfix
|
||||
on 0.2.8.1-alpha.
|
|
@ -1,6 +0,0 @@
|
|||
o Major bugfixes (client, security):
|
||||
- Only use the ReachableAddresses option to restrict the first hop
|
||||
in a path. Previously, it would apply to every hop in the path,
|
||||
with a possible degredation in anonymity for anyone using an
|
||||
uncommon ReachableAddress setting. Fixes bug 19973; bugfix on
|
||||
0.2.8.2-alpha.
|
|
@ -1,7 +0,0 @@
|
|||
o Major bugfixes (crash):
|
||||
|
||||
- Fix a complicated crash bug that could affect Tor clients
|
||||
configured to use bridges when replacing a networkstatus consensus
|
||||
in which one of their bridges was mentioned. OpenBSD users saw
|
||||
more crashes here, but all platforms were potentially affected.
|
||||
Fixes bug 20103; bugfix on 0.2.8.2-alpha.
|
|
@ -1,6 +0,0 @@
|
|||
o Major bugfixes (relay, OOM handler):
|
||||
- Fix a timing-dependent assertion failure that could occur when we
|
||||
tried to flush from a circuit after having freed its cells because
|
||||
of an out-of-memory condition. Fixes bug 20203; bugfix on
|
||||
0.2.8.1-alpha. Thanks to "cypherpunks" for help diagnosing this
|
||||
one.
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features (compatibility):
|
||||
- Work around a bug in the OSX 10.12 SDK that would prevent us
|
||||
from successfully targetting earlier versions of OSX.
|
||||
Resolves ticket 20235.
|
|
@ -1,3 +0,0 @@
|
|||
o Minor bugfixes (compilation);
|
||||
- Fix implicit conversion warnings under OpenSSL 1.1.
|
||||
Fixes bug 20551; bugfix on 0.2.1.1-alpha.
|
|
@ -1,3 +0,0 @@
|
|||
o Minor bugfixes (memory leak):
|
||||
- Work around a memory leak in OpenSSL 1.1 when encoding public keys.
|
||||
Fixes bug 20553; bugfix on 0.0.2pre8.
|
|
@ -1,3 +0,0 @@
|
|||
o Minor bugfixes (portability):
|
||||
- Fix compilation with OpenSSL 1.1 and less commonly-used
|
||||
CPU architectures. Closes ticket 20588.
|
|
@ -1,7 +0,0 @@
|
|||
o Minor bugfixes (portability):
|
||||
- Avoid compilation errors when building on OSX Sierra. Sierra began
|
||||
to support the getentropy() API, but created a few problems in
|
||||
doing so. Tor 0.2.9 has a more thorough set of workarounds; in
|
||||
0.2.8, we are just using the /dev/urandom interface. Fixes
|
||||
bug 20865. Bugfix on 0.2.8.1-alpha.
|
||||
|
|
@ -1,11 +0,0 @@
|
|||
o Major bugfixes (parsing, security):
|
||||
|
||||
- Fix a bug in parsing that could cause clients to read a single
|
||||
byte past the end of an allocated region. This bug could be
|
||||
used to cause hardened clients (built with
|
||||
--enable-expensive-hardening) to crash if they tried to visit
|
||||
a hostile hidden service. Non-hardened clients are only
|
||||
affected depending on the details of their platform's memory
|
||||
allocator. Fixes bug 21018; bugfix on 0.2.0.8-alpha. Found by
|
||||
using libFuzzer. Also tracked as TROVE-2016-12-002 and as
|
||||
CVE-2016-1254.
|
|
@ -1,3 +0,0 @@
|
|||
o Minor bugfixes (correctness):
|
||||
- Avoid undefined behavior when parsing IPv6 entries from the geoip6
|
||||
file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
|
|
@ -1,8 +0,0 @@
|
|||
o Build features:
|
||||
- Tor's repository now includes a Travis Continuous Integration (CI)
|
||||
configuration file (.travis.yml). This is meant to help new developers and
|
||||
contributors who fork Tor to a Github repository be better able to test
|
||||
their changes, and understand what we expect to pass. To use this new build
|
||||
feature, you must fork Tor to your Github account, then go into the
|
||||
"Integrations" menu in the repository settings for your fork and enable
|
||||
Travis, then push your changes.
|
|
@ -1,12 +0,0 @@
|
|||
o Minor bugfixes (defensive programming, undefined behavior):
|
||||
|
||||
- Fix a memset() off the end of an array when packing cells. This
|
||||
bug should be harmless in practice, since the corrupted bytes
|
||||
are still in the same structure, and are always padding bytes,
|
||||
ignored, or immediately overwritten, depending on compiler
|
||||
behavior. Nevertheless, because the memset()'s purpose is to
|
||||
make sure that any other cell-handling bugs can't expose bytes
|
||||
to the network, we need to fix it. Fixes bug 22737; bugfix on
|
||||
0.2.4.11-alpha. Fixes CID 1401591.
|
||||
|
||||
|
|
@ -1,7 +0,0 @@
|
|||
o Major bugfixes (openbsd, denial-of-service):
|
||||
- Avoid an assertion failure bug affecting our implementation of
|
||||
inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
|
||||
handling of "0xfoo" differs from what we had expected.
|
||||
Fixes bug 22789; bugfix on 0.2.3.8-alpha. Also tracked as
|
||||
TROVE-2017-007.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha):
|
||||
- Backport a fix for an "unused variable" warning that appeared
|
||||
in some versions of mingw. Fixes bug 22838; bugfix on
|
||||
0.2.8.1-alpha.
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
o Minor bugfixes (testing):
|
||||
- Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; bugfix on
|
||||
0.2.7.2-alpha. Found and patched by Ties Stuij.
|
|
@ -1,5 +0,0 @@
|
|||
o Major bugfixes (relay, crash, assertion failure):
|
||||
- Fix a timing-based assertion failure that could occur when the
|
||||
circuit out-of-memory handler freed a connection's output buffer.
|
||||
Fixes bug 23690; bugfix on 0.2.6.1-alpha.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
o Major bugfixes (security, hidden service v2):
|
||||
- Fix a use-after-free error that could crash v2 Tor hidden services
|
||||
when it failed to open circuits while expiring introductions
|
||||
points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This
|
||||
issue is also tracked as TROVE-2017-013 and CVE-2017-8823.
|
|
@ -1,3 +0,0 @@
|
|||
o Documentation:
|
||||
- Document the contents of the 'datadir/keys' subdirectory in the manual
|
||||
page. Closes ticket 17621.
|
|
@ -1,9 +0,0 @@
|
|||
o Minor features (fallback directory mirrors):
|
||||
- Give each fallback the same weight for client selection;
|
||||
restrict fallbacks to one per operator;
|
||||
report fallback directory detail changes when rebuilding list;
|
||||
add new fallback directory mirrors to the whitelist;
|
||||
update fallback directories based on the latest OnionOO data;
|
||||
and any other minor simplifications and fixes.
|
||||
Closes tasks 17158, 17905, 18749, bug 18689, and fixes part of
|
||||
bug 18812 on 0.2.8.1-alpha; patch by "teor".
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features (clients):
|
||||
- Make clients, onion services, and bridge relays always
|
||||
use an encrypted begindir connection for directory requests.
|
||||
Resolves ticket 18483. Patch by "teor".
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features (geoip):
|
||||
- Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features (geoip):
|
||||
- Update geoip and geoip6 to the April 5 2016 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features:
|
||||
- Update geoip and geoip6 to the April 4 2017 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features:
|
||||
- Update geoip and geoip6 to the August 2 2016 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features:
|
||||
- Update geoip and geoip6 to the August 3 2017 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features:
|
||||
- Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features:
|
||||
- Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features:
|
||||
- Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features:
|
||||
- Update geoip and geoip6 to the July 6 2016 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features:
|
||||
- Update geoip and geoip6 to the July 4 2017 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features (geoip):
|
||||
- Update geoip and geoip6 to the June 7 2016 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features:
|
||||
- Update geoip and geoip6 to the June 8 2017 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features:
|
||||
- Update geoip and geoip6 to the March 7 2017 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features (geoip):
|
||||
- Update geoip and geoip6 to the May 4 2016 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features:
|
||||
- Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features:
|
||||
- Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features:
|
||||
- Update geoip and geoip6 to the October 4 2016 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features (geoip):
|
||||
- Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features (geoip):
|
||||
- Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features:
|
||||
- Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
o Minor features (directory authorities):
|
||||
- Remove longclaw's IPv6 address, as it will soon change.
|
||||
Authority IPv6 addresses were originally added in 0.2.8.1-alpha.
|
||||
This leaves 3/8 directory authorities with IPv6 addresses, but there
|
||||
are also 52 fallback directory mirrors with IPv6 addresses.
|
||||
Resolves 19760.
|
|
@ -1,3 +0,0 @@
|
|||
o Directory authority changes:
|
||||
- The directory authority "Longclaw" has changed its IP address.
|
||||
Closes ticket 23592.
|
|
@ -1,7 +0,0 @@
|
|||
o Minor bugfixes (pointer arithmetic):
|
||||
- Fix a bug in memarea_alloc() that could have resulted in remote heap
|
||||
write access, if Tor had ever passed an unchecked size to
|
||||
memarea_alloc(). Fortunately, all the sizes we pass to memarea_alloc()
|
||||
are pre-checked to be less than 128 kilobytes. Fixes bug 19150; bugfix
|
||||
on 0.2.1.1-alpha. Bug found by Guido Vranken.
|
||||
|
|
@ -1,7 +0,0 @@
|
|||
o Major bugfixes (key management):
|
||||
- If OpenSSL fails to generate an RSA key, do not retain a dangling pointer
|
||||
to the previous (uninitialized) key value. The impact here should be
|
||||
limited to a difficult-to-trigger crash, if OpenSSL is running an
|
||||
engine that makes key generation failures possible, or if OpenSSL runs
|
||||
out of memory. Fixes bug 19152; bugfix on 0.2.1.10-alpha. Found by
|
||||
Yuan Jochen Kang, Suman Jana, and Baishakhi Ray.
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue