Compare commits
No commits in common. "master" and "maint-0.3.1" have entirely different histories.
master
...
maint-0.3.
|
@ -1,62 +0,0 @@
|
|||
version: 1.0.{build}
|
||||
|
||||
clone_depth: 50
|
||||
|
||||
environment:
|
||||
compiler: mingw
|
||||
|
||||
matrix:
|
||||
- target: i686-w64-mingw32
|
||||
compiler_path: mingw32
|
||||
openssl_path: /c/OpenSSL-Win32
|
||||
- target: x86_64-w64-mingw32
|
||||
compiler_path: mingw64
|
||||
openssl_path: /c/OpenSSL-Win64
|
||||
|
||||
install:
|
||||
- ps: >-
|
||||
Function Execute-Command ($commandPath)
|
||||
{
|
||||
& $commandPath $args 2>&1
|
||||
if ( $LastExitCode -ne 0 ) {
|
||||
$host.SetShouldExit( $LastExitCode )
|
||||
}
|
||||
}
|
||||
Function Execute-Bash ()
|
||||
{
|
||||
Execute-Command 'c:\msys64\usr\bin\bash' '-e' '-c' $args
|
||||
}
|
||||
Execute-Command "C:\msys64\usr\bin\pacman" -Sy --noconfirm openssl-devel openssl libevent-devel libevent mingw-w64-i686-libevent mingw-w64-x86_64-libevent mingw-w64-i686-openssl mingw-w64-x86_64-openssl mingw-w64-i686-zstd mingw-w64-x86_64-zstd
|
||||
|
||||
build_script:
|
||||
- ps: >-
|
||||
if ($env:compiler -eq "mingw") {
|
||||
$oldpath = ${env:Path} -split ';'
|
||||
$buildpath = @("C:\msys64\${env:compiler_path}\bin", "C:\msys64\usr\bin") + $oldpath
|
||||
$env:Path = @($buildpath) -join ';'
|
||||
$env:build = @("${env:APPVEYOR_BUILD_FOLDER}", $env:target) -join '\'
|
||||
Set-Location "${env:APPVEYOR_BUILD_FOLDER}"
|
||||
Execute-Bash 'autoreconf -i'
|
||||
mkdir "${env:build}"
|
||||
Set-Location "${env:build}"
|
||||
Execute-Bash "../configure --prefix=/${env:compiler_path} --build=${env:target} --host=${env:target} --disable-asciidoc --enable-fatal-warnings --with-openssl-dir=${env:openssl_path}"
|
||||
Execute-Bash "V=1 make -j2"
|
||||
Execute-Bash "V=1 make -j2 install"
|
||||
}
|
||||
|
||||
test_script:
|
||||
- ps: >-
|
||||
if ($env:compiler -eq "mingw") {
|
||||
$oldpath = ${env:Path} -split ';'
|
||||
$buildpath = @("C:\msys64\${env:compiler_path}\bin") + $oldpath
|
||||
$env:Path = $buildpath -join ';'
|
||||
Set-Location "${env:build}"
|
||||
Execute-Bash "VERBOSE=1 make -j2 check"
|
||||
}
|
||||
|
||||
on_success:
|
||||
- cmd: C:\Python27\python.exe %APPVEYOR_BUILD_FOLDER%\scripts\test\appveyor-irc-notify.py irc.oftc.net:6697 tor-ci success
|
||||
|
||||
on_failure:
|
||||
- cmd: C:\Python27\python.exe %APPVEYOR_BUILD_FOLDER%\scripts\test\appveyor-irc-notify.py irc.oftc.net:6697 tor-ci failure
|
||||
|
|
@ -3,7 +3,6 @@
|
|||
.#*
|
||||
*~
|
||||
*.swp
|
||||
*.swo
|
||||
# C stuff
|
||||
*.o
|
||||
*.obj
|
||||
|
@ -71,7 +70,6 @@ uptime-*.json
|
|||
/Tor*Bundle.dmg
|
||||
/tor-*-win32.exe
|
||||
/coverage_html/
|
||||
/callgraph/
|
||||
|
||||
# /contrib/
|
||||
/contrib/dist/tor.sh
|
||||
|
@ -212,7 +210,6 @@ uptime-*.json
|
|||
/src/test/fuzz/lf-fuzz-*
|
||||
|
||||
# /src/tools/
|
||||
/src/tools/libtorrunner.a
|
||||
/src/tools/tor-checkkey
|
||||
/src/tools/tor-resolve
|
||||
/src/tools/tor-cov-resolve
|
||||
|
|
|
@ -1,45 +0,0 @@
|
|||
before_script:
|
||||
- apt-get update -qq
|
||||
- apt-get upgrade -qy
|
||||
|
||||
build:
|
||||
script:
|
||||
- apt-get install -qy --fix-missing automake build-essential
|
||||
libevent-dev libssl-dev zlib1g-dev
|
||||
libseccomp-dev liblzma-dev libscrypt-dev
|
||||
- ./autogen.sh
|
||||
- ./configure --disable-asciidoc --enable-fatal-warnings
|
||||
--disable-silent-rules
|
||||
- make check || (e=$?; cat test-suite.log; exit $e)
|
||||
- make install
|
||||
|
||||
update:
|
||||
only:
|
||||
- schedules
|
||||
script:
|
||||
- "apt-get install -y --fix-missing git openssh-client"
|
||||
|
||||
# Run ssh-agent (inside the build environment)
|
||||
- eval $(ssh-agent -s)
|
||||
|
||||
# Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
|
||||
- ssh-add <(echo "$DEPLOY_KEY")
|
||||
|
||||
# For Docker builds disable host key checking. Be aware that by adding that
|
||||
# you are susceptible to man-in-the-middle attacks.
|
||||
# WARNING: Use this only with the Docker executor, if you use it with shell
|
||||
# you will overwrite your user's SSH config.
|
||||
- mkdir -p ~/.ssh
|
||||
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
|
||||
# In order to properly check the server's host key, assuming you created the
|
||||
# SSH_SERVER_HOSTKEYS variable previously, uncomment the following two lines
|
||||
# instead.
|
||||
- mkdir -p ~/.ssh
|
||||
- '[[ -f /.dockerenv ]] && echo "$SSH_SERVER_HOSTKEYS" > ~/.ssh/known_hosts'
|
||||
- echo "merging from torgit"
|
||||
- git config --global user.email "labadmin@oniongit.eu"
|
||||
- git config --global user.name "gitadmin"
|
||||
- "mkdir tor"
|
||||
- "cd tor"
|
||||
- git clone --bare https://git.torproject.org/tor.git
|
||||
- git push --mirror git@oniongit.eu:network/tor.git
|
19
.travis.yml
19
.travis.yml
|
@ -66,7 +66,6 @@ env:
|
|||
## more than one entry causes unwanted matrix entries with
|
||||
## unspecified compilers.
|
||||
- RUST_OPTIONS="--enable-rust --enable-cargo-online-mode"
|
||||
# - RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
|
||||
# - RUST_OPTIONS=""
|
||||
|
||||
matrix:
|
||||
|
@ -96,33 +95,21 @@ matrix:
|
|||
## entry under that key outside the "include" clause.
|
||||
include:
|
||||
- compiler: gcc
|
||||
- compiler: gcc
|
||||
env: RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
|
||||
- compiler: gcc
|
||||
env: RUST_OPTIONS=""
|
||||
- compiler: gcc
|
||||
env: COVERAGE_OPTIONS="--enable-coverage"
|
||||
- compiler: gcc
|
||||
env: DISTCHECK="yes" RUST_OPTIONS=""
|
||||
- compiler: gcc
|
||||
env: DISTCHECK="yes" RUST_OPTIONS="--enable-rust --enable-cargo-online-mode"
|
||||
- compiler: gcc
|
||||
env: MODULES_OPTIONS="--disable-module-dirauth"
|
||||
env: DISTCHECK="yes"
|
||||
## The "sudo: required" forces non-containerized builds, working
|
||||
## around a Travis CI environment issue: clang LeakAnalyzer fails
|
||||
## because it requires ptrace and the containerized environment no
|
||||
## longer allows ptrace.
|
||||
- compiler: clang
|
||||
sudo: required
|
||||
- compiler: clang
|
||||
sudo: required
|
||||
env: RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
|
||||
- compiler: clang
|
||||
sudo: required
|
||||
env: RUST_OPTIONS=""
|
||||
- compiler: clang
|
||||
sudo: required
|
||||
env: MODULES_OPTIONS="--disable-module-dirauth"
|
||||
|
||||
before_install:
|
||||
## If we're on OSX, homebrew usually needs to updated first
|
||||
|
@ -148,12 +135,10 @@ install:
|
|||
- if [[ "$RUST_OPTIONS" != "" ]]; then which cargo; fi
|
||||
- if [[ "$RUST_OPTIONS" != "" ]]; then rustc --version; fi
|
||||
- if [[ "$RUST_OPTIONS" != "" ]]; then cargo --version; fi
|
||||
## If we're testing rust builds in offline-mode, then set up our vendored dependencies
|
||||
- if [[ "$TOR_RUST_DEPENDENCIES" == "true" ]]; then export TOR_RUST_DEPENDENCIES=$PWD/src/ext/rust/crates; fi
|
||||
|
||||
script:
|
||||
- ./autogen.sh
|
||||
- ./configure $RUST_OPTIONS $COVERAGE_OPTIONS $MODULES_OPTIONS --disable-asciidoc --enable-fatal-warnings --disable-silent-rules --enable-fragile-hardening
|
||||
- ./configure $RUST_OPTIONS $COVERAGE_OPTIONS --disable-asciidoc --enable-fatal-warnings --disable-silent-rules --enable-fragile-hardening
|
||||
## We run `make check` because that's what https://jenkins.torproject.org does.
|
||||
- if [[ "$DISTCHECK" == "" ]]; then make check; fi
|
||||
- if [[ "$DISTCHECK" != "" ]]; then make distcheck DISTCHECK_CONFIGURE_FLAGS="$RUST_OPTIONS $COVERAGE_OPTIONS --disable-asciidoc --enable-fatal-warnings --disable-silent-rules --enable-fragile-hardening"; fi
|
||||
|
|
39
CONTRIBUTING
39
CONTRIBUTING
|
@ -1,39 +0,0 @@
|
|||
Contributing to Tor
|
||||
-------------------
|
||||
|
||||
### Getting started
|
||||
|
||||
Welcome!
|
||||
|
||||
We have a bunch of documentation about how to develop Tor in the
|
||||
doc/HACKING/ directory. We recommend that you start with
|
||||
doc/HACKING/README.1st.md , and then go from there. It will tell
|
||||
you how to find your way around the source code, how to get
|
||||
involved with the Tor community, how to write patches, and much
|
||||
more!
|
||||
|
||||
You don't have to be a C developer to help with Tor: have a look
|
||||
at https://www.torproject.org/getinvolved/volunteer !
|
||||
|
||||
The Tor Project is committed to fostering a inclusive community
|
||||
where people feel safe to engage, share their points of view, and
|
||||
participate. For the latest version of our Code of Conduct, please
|
||||
see
|
||||
|
||||
https://gitweb.torproject.org/community/policies.git/plain/code_of_conduct.txt
|
||||
|
||||
|
||||
|
||||
### License issues
|
||||
|
||||
Tor is distributed under the license terms in the LICENSE -- in
|
||||
brief, the "3-clause BSD license". If you send us code to
|
||||
distribute with Tor, it needs to be code that we can distribute
|
||||
under those terms. Please don't send us patches unless you agree
|
||||
to allow this.
|
||||
|
||||
Some compatible licenses include:
|
||||
|
||||
- 3-clause BSD
|
||||
- 2-clause BSD
|
||||
- CC0 Public Domain Dedication
|
54
Makefile.am
54
Makefile.am
|
@ -26,8 +26,7 @@ TESTING_TOR_BINARY=$(top_builddir)/src/or/tor$(EXEEXT)
|
|||
endif
|
||||
|
||||
if USE_RUST
|
||||
rust_ldadd=$(top_builddir)/src/rust/target/release/@TOR_RUST_STATIC_NAME@ \
|
||||
@TOR_RUST_EXTRA_LIBS@
|
||||
rust_ldadd=$(top_builddir)/src/rust/target/release/libtor_util.a
|
||||
else
|
||||
rust_ldadd=
|
||||
endif
|
||||
|
@ -38,7 +37,6 @@ include contrib/include.am
|
|||
|
||||
EXTRA_DIST+= \
|
||||
ChangeLog \
|
||||
CONTRIBUTING \
|
||||
INSTALL \
|
||||
LICENSE \
|
||||
Makefile.nmake \
|
||||
|
@ -52,14 +50,14 @@ AM_ETAGSFLAGS=--regex='{c}/MOCK_IMPL([^,]+,\W*\([a-zA-Z0-9_]+\)\W*,/\1/s'
|
|||
if COVERAGE_ENABLED
|
||||
TEST_CFLAGS=-fno-inline -fprofile-arcs -ftest-coverage
|
||||
if DISABLE_ASSERTS_IN_UNIT_TESTS
|
||||
TEST_CPPFLAGS=-DTOR_UNIT_TESTS -DTOR_COVERAGE -DDISABLE_ASSERTS_IN_UNIT_TESTS @TOR_MODULES_ALL_ENABLED@
|
||||
TEST_CPPFLAGS=-DTOR_UNIT_TESTS -DTOR_COVERAGE -DDISABLE_ASSERTS_IN_UNIT_TESTS
|
||||
else
|
||||
TEST_CPPFLAGS=-DTOR_UNIT_TESTS -DTOR_COVERAGE @TOR_MODULES_ALL_ENABLED@
|
||||
TEST_CPPFLAGS=-DTOR_UNIT_TESTS -DTOR_COVERAGE
|
||||
endif
|
||||
TEST_NETWORK_FLAGS=--coverage --hs-multi-client 1
|
||||
else
|
||||
TEST_CFLAGS=
|
||||
TEST_CPPFLAGS=-DTOR_UNIT_TESTS @TOR_MODULES_ALL_ENABLED@
|
||||
TEST_CPPFLAGS=-DTOR_UNIT_TESTS
|
||||
TEST_NETWORK_FLAGS=--hs-multi-client 1
|
||||
endif
|
||||
TEST_NETWORK_WARNING_FLAGS=--quiet --only-warnings
|
||||
|
@ -98,7 +96,7 @@ doxygen:
|
|||
test: all
|
||||
$(top_builddir)/src/test/test
|
||||
|
||||
check-local: check-spaces check-changes
|
||||
check-local: check-spaces
|
||||
|
||||
need-chutney-path:
|
||||
@if test ! -d "$$CHUTNEY_PATH"; then \
|
||||
|
@ -119,19 +117,17 @@ test-network: need-chutney-path $(TESTING_TOR_BINARY) src/tools/tor-gencert
|
|||
|
||||
# Run all available tests using automake's test-driver
|
||||
# only run IPv6 tests if we can ping6 ::1 (localhost)
|
||||
# only run IPv6 tests if we can ping ::1 (localhost)
|
||||
# some IPv6 tests will fail without an IPv6 DNS server (see #16971 and #17011)
|
||||
# only run mixed tests if we have a tor-stable binary
|
||||
# Try the syntax for BSD ping6, Linux ping6, and Linux ping -6,
|
||||
# because they're incompatible
|
||||
# Try both the BSD and the Linux ping6 syntax, because they're incompatible
|
||||
test-network-all: need-chutney-path test-driver $(TESTING_TOR_BINARY) src/tools/tor-gencert
|
||||
mkdir -p $(TEST_NETWORK_ALL_LOG_DIR)
|
||||
@flavors="$(TEST_CHUTNEY_FLAVORS)"; \
|
||||
if ping6 -q -c 1 -o ::1 >/dev/null 2>&1 || ping6 -q -c 1 -W 1 ::1 >/dev/null 2>&1 || ping -6 -c 1 -W 1 ::1 >/dev/null 2>&1; then \
|
||||
echo "ping6 ::1 or ping ::1 succeeded, running IPv6 flavors: $(TEST_CHUTNEY_FLAVORS_IPV6)."; \
|
||||
if ping6 -q -c 1 -o ::1 >/dev/null 2>&1 || ping6 -q -c 1 -W 1 ::1 >/dev/null 2>&1; then \
|
||||
echo "ping6 ::1 succeeded, running IPv6 flavors: $(TEST_CHUTNEY_FLAVORS_IPV6)."; \
|
||||
flavors="$$flavors $(TEST_CHUTNEY_FLAVORS_IPV6)"; \
|
||||
else \
|
||||
echo "ping6 ::1 and ping ::1 failed, skipping IPv6 flavors: $(TEST_CHUTNEY_FLAVORS_IPV6)."; \
|
||||
echo "ping6 ::1 failed, skipping IPv6 flavors: $(TEST_CHUTNEY_FLAVORS_IPV6)."; \
|
||||
skip_flavors="$$skip_flavors $(TEST_CHUTNEY_FLAVORS_IPV6)"; \
|
||||
fi; \
|
||||
if command -v tor-stable >/dev/null 2>&1; then \
|
||||
|
@ -218,42 +214,16 @@ check-logs:
|
|||
$(top_srcdir)/scripts/maint/checkLogs.pl \
|
||||
$(top_srcdir)/src/*/*.[ch] | sort -n
|
||||
|
||||
.PHONY: check-typos
|
||||
check-typos:
|
||||
@if test -x "`which misspell 2>&1;true`"; then \
|
||||
echo "Checking for Typos ..."; \
|
||||
(misspell \
|
||||
$(top_srcdir)/src/[^e]*/*.[ch] \
|
||||
$(top_srcdir)/doc \
|
||||
$(top_srcdir)/contrib \
|
||||
$(top_srcdir)/scripts \
|
||||
$(top_srcdir)/README \
|
||||
$(top_srcdir)/ChangeLog \
|
||||
$(top_srcdir)/INSTALL \
|
||||
$(top_srcdir)/ReleaseNotes \
|
||||
$(top_srcdir)/LICENSE); \
|
||||
else \
|
||||
echo "Tor can use misspell to check for typos."; \
|
||||
echo "It seems that you don't have misspell installed."; \
|
||||
echo "You can install the latest version of misspell here: https://github.com/client9/misspell#install"; \
|
||||
fi
|
||||
|
||||
.PHONY: check-changes
|
||||
check-changes:
|
||||
if USEPYTHON
|
||||
@if test -d "$(top_srcdir)/changes"; then \
|
||||
$(PYTHON) $(top_srcdir)/scripts/maint/lintChanges.py $(top_srcdir)/changes; \
|
||||
$(PYTHON) $(top_srcdir)/scripts/maint/lintChanges.py $(top_srcdir)/changes/*; \
|
||||
fi
|
||||
endif
|
||||
|
||||
.PHONY: update-versions
|
||||
update-versions:
|
||||
$(PERL) $(top_builddir)/scripts/maint/updateVersions.pl
|
||||
|
||||
.PHONY: callgraph
|
||||
callgraph:
|
||||
$(top_builddir)/scripts/maint/run_calltool.sh
|
||||
|
||||
version:
|
||||
@echo "Tor @VERSION@"
|
||||
@if test -d "$(top_srcdir)/.git" && test -x "`which git 2>&1;true`"; then \
|
||||
|
@ -271,10 +241,6 @@ clean-local:
|
|||
rm -rf $(top_builddir)/src/rust/target
|
||||
rm -rf $(top_builddir)/src/rust/.cargo/registry
|
||||
|
||||
if USE_RUST
|
||||
distclean-local: distclean-rust
|
||||
endif
|
||||
|
||||
# This relies on some internal details of how automake implements
|
||||
# distcheck. We check two directories because automake-1.15 changed
|
||||
# from $(distdir)/_build to $(distdir)/_build/sub.
|
||||
|
|
3
README
3
README
|
@ -27,6 +27,3 @@ Frequently Asked Questions:
|
|||
|
||||
To get started working on Tor development:
|
||||
See the doc/HACKING directory.
|
||||
|
||||
Release timeline:
|
||||
https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTorReleases
|
||||
|
|
3623
ReleaseNotes
3623
ReleaseNotes
File diff suppressed because it is too large
Load Diff
|
@ -1,6 +0,0 @@
|
|||
o Major bugfixes (security, directory authority, denial-of-service):
|
||||
- Fix a bug that could have allowed an attacker to force a
|
||||
directory authority to use up all its RAM by passing it a
|
||||
maliciously crafted protocol versions string. Fixes bug 25517;
|
||||
bugfix on 0.2.9.4-alpha. This issue is also tracked as
|
||||
TROVE-2018-005.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor features (directory authority):
|
||||
- Add an IPv6 address for the "bastet" directory authority.
|
||||
Closes ticket 24394.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (compilation):
|
||||
- Avoid compiler warnings in the unit tests for running tor_sscanf()
|
||||
with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Documentation:
|
||||
- Correctly note that bandwidth accounting values are stored in the
|
||||
state file, and the bw_accounting file is now obsolete. Closes
|
||||
ticket 16082.
|
|
@ -0,0 +1,6 @@
|
|||
o Minor features (defensive programming):
|
||||
- Create a pair of consensus parameters nf_pad_tor2web and
|
||||
nf_pad_single_onion that allow us to disable netflow padding in the
|
||||
consensus for non-anonymous connections, in case the overhead is high.
|
||||
Closes #17857.
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
o Minor features (bridge):
|
||||
- Bridges now include notice in their descriptors that they are bridges,
|
||||
and notice of their distribution status, based on their publication
|
||||
settings. Implements ticket 18329. For more fine-grained control of
|
||||
how a bridge is distributed, upgrade to 0.3.2.x or later.
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
o Minor bugfixes (robustness, error handling):
|
||||
- Improve our handling of the cases where OpenSSL encounters a
|
||||
memory error while encoding keys and certificates. We haven't
|
||||
observed these happening in the wild, but if they do happen,
|
||||
we now detect and respond better. Fixes bug 19418; bugfix
|
||||
on all versions of Tor. Reported by Guido Vranken.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (linux seccomp2 sandbox):
|
||||
- Avoid a sandbox failure when trying to re-bind to a socket and mark
|
||||
it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (portability):
|
||||
- Don't exit the Tor process if setrlimit() fails to change the file
|
||||
limit (which can happen sometimes on some versions of OSX). Fixes
|
||||
bug 21074; bugfix on 0.0.9pre5.
|
|
@ -0,0 +1,9 @@
|
|||
o Major bugfixes (Exit nodes):
|
||||
- Fix an issue causing high-bandwidth exit nodes to fail a majority
|
||||
or all of their DNS requests, making them basically unsuitable for
|
||||
regular usage in Tor circuits. The problem is related to
|
||||
libevent's DNS handling, but we can work around it in Tor. Fixes
|
||||
bugs 21394 and 18580; bugfix on 0.1.2.2-alpha which introduced
|
||||
eventdns. Credit goes to Dhalgren for identifying and finding a
|
||||
workaround to this bug and to gamambel, arthuredelstein and
|
||||
arma in helping to track it down and analyze it.
|
|
@ -0,0 +1,7 @@
|
|||
o Minor bugfixes (hidden service):
|
||||
- A service is allowed to open a maximum number of circuits for a specific
|
||||
period of time. That value was lower than it should be (8 vs 12) in the
|
||||
normal case of 3 introduction points. Fixes bug 22159.; bugfix on
|
||||
tor-0.3.0.5-rc.
|
||||
- Rate limit the log if we ever go above the maximum number of allowed
|
||||
intro circuits. Fixes bug 22159.; bugfix on tor-0.3.1.1-alpha.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (netflow padding logging):
|
||||
- Demote a warn that was caused by libevent delays to info if
|
||||
the padding is less than 4.5 seconds late, or notice if it is more
|
||||
(4.5 seconds is the amount of time that a netflow record might
|
||||
be emitted after, if we chose the maximum timeout). Fixes bug #22212.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor features (tests):
|
||||
- Add a couple more tests for compression backend initialization.
|
||||
Closes ticket 22286.
|
|
@ -0,0 +1,2 @@
|
|||
o Documentation:
|
||||
- Add a manpage description for the key-pinning-journal file.
|
|
@ -0,0 +1,9 @@
|
|||
o Minor bugfixes (directory authority):
|
||||
- When a directory authority rejects a descriptor or extrainfo with
|
||||
a given digest, mark that digest as undownloadable, so that we
|
||||
do not attempt to download it again over and over. We previously
|
||||
tried to avoid downloading such descriptors by other means, but
|
||||
we didn't notice if we accidentally downloaded one anyway. This
|
||||
behavior became problematic in 0.2.7.2-alpha, when authorities
|
||||
began pinning Ed25519 keys. Fixes ticket
|
||||
22349; bugfix on 0.2.1.19-alpha.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (logging, relay):
|
||||
- Downgrade "assigned_to_cpuworker failed" message to INFO-level
|
||||
severity. In every case that can reach it, either a better warning
|
||||
has already been logged, or no warning is warranted. Fixes bug 22356;
|
||||
bugfix on 0.2.6.3-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Major bugfixes (entry guards):
|
||||
- When starting with an old consensus, do not add new entry guards
|
||||
unless the consensus is "reasonably live" (under 1 day old). Fixes
|
||||
one root cause of bug 22400; bugfix on 0.3.0.1-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor features (code style, backport from 0.3.1.3-alpha):
|
||||
- Add "Falls through" comments to our codebase, in order to silence
|
||||
GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas
|
||||
Stieger. Closes ticket 22446.
|
|
@ -0,0 +1,12 @@
|
|||
o Major bugfixes (compression, zstd):
|
||||
- Correctly detect a full buffer when decompessing a large
|
||||
zstd-compressed input. Fixes bug 22628; bugfix on 0.3.1.1-alpha.
|
||||
|
||||
o Minor bugfixes (compression):
|
||||
- When compressing or decompressing a buffer, check for a failure to
|
||||
create a compression object. Fixes bug 22626; bugfix on
|
||||
0.3.1.1-alpha.
|
||||
|
||||
- When decompressing a buffer, check for extra data after the end of
|
||||
the compressed data. Fixes bug 22629; bugfix on 0.3.1.1-alpha.
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (linux seccomp2 sandbox):
|
||||
- Permit the fchmod system call, to avoid crashing on startup when
|
||||
starting with the seccomp2 sandbox and an unexpected set of permissions
|
||||
on the data directory or its contents. Fixes bug 22516; bugfix on
|
||||
0.2.5.4-alpha.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (error reporting, windows):
|
||||
- When formatting Windows error messages, use the English format
|
||||
to avoid codepage issues. Fixes bug 22520; bugfix on
|
||||
0.1.2.8-alpha. Patch from "Vort".
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
o Build features:
|
||||
- Tor's repository now includes a Travis Continuous Integration (CI)
|
||||
configuration file (.travis.yml). This is meant to help new developers and
|
||||
contributors who fork Tor to a Github repository be better able to test
|
||||
their changes, and understand what we expect to pass. To use this new build
|
||||
feature, you must fork Tor to your Github account, then go into the
|
||||
"Integrations" menu in the repository settings for your fork and enable
|
||||
Travis, then push your changes.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (controller):
|
||||
- Do not crash when receiving a POSTDESCRIPTOR command with an
|
||||
empty body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
|
||||
- Do not crash when receiving a HSPOST command with an empty body.
|
||||
Fixes part of bug 22644; bugfix on 0.2.7.1-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (compression):
|
||||
- When serving directory votes compressed with zlib,
|
||||
do not claim to have compressed them with zstd. Fixes bug 22669;
|
||||
bugfix on 0.3.1.1-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (logging, compression):
|
||||
- When decompressing, do not warn if we fail to decompress using a
|
||||
compression method that we merely guessed. Fixes part of
|
||||
bug 22670; bugfix on 0.1.1.14-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (logging, compression):
|
||||
- When decompressing, treat mismatch between content-encoding and
|
||||
actual compression type as a protocol warning. Fixes part of bug
|
||||
22670; bugfix on 0.1.1.9-alpha.
|
|
@ -0,0 +1,6 @@
|
|||
o Minor bugfixes (compression):
|
||||
- When decompressing an object received over an anonymous directory
|
||||
connection, if we have already successfully decompressed it using an
|
||||
acceptable compression method, do not reject it for looking like an
|
||||
unacceptable compression method. Fixes part of bug 22670; bugfix on
|
||||
0.3.1.1-alpha.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor features (compression, defensive programming):
|
||||
- Detect and break out of infinite loops in our compression code.
|
||||
We don't think that any such loops exist now, but it's best to be
|
||||
safe. Closes ticket 22672.
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
o Major bugfixes (directory protocol):
|
||||
- Ensure that we sent "304 Not modified" as HTTP status code when a
|
||||
client is attempting to fetch a consensus or consensus diff that
|
||||
matches the latest consensus we have available. Fixes bug 22702;
|
||||
bugfix on 0.3.1.1-alpha.
|
|
@ -0,0 +1,7 @@
|
|||
o Minor bugfixes (compression):
|
||||
- When spooling compressed data to an output buffer, don't try to
|
||||
spool more data when there is no more data to spool and we are
|
||||
not trying to flush the input. Previously, we would sometimes
|
||||
launch compression requests with nothing to do, which interferes
|
||||
with our 22672 checks. Fixes bug 22719; bugfix on 0.2.0.16-alpha.
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
o Minor bugfixes (process behavior):
|
||||
- When exiting because of an error, always exit with a nonzero
|
||||
exit status. Previously, we would fail to report an error in
|
||||
our exit status in cases related to lockfile contention,
|
||||
__OwningControllerProcess failure, and Ed25519 key
|
||||
initialization. Fixes bug 22720; bugfix on versions
|
||||
0.2.1.6-alpha, 0.2.2.28-beta, and 0.2.7.2-alpha
|
||||
respectively. Reported by "f55jwk4f"; patch from "huyvq".
|
||||
|
|
@ -0,0 +1,12 @@
|
|||
o Minor bugfixes (defensive programming, undefined behavior):
|
||||
|
||||
- Fix a memset() off the end of an array when packing cells. This
|
||||
bug should be harmless in practice, since the corrupted bytes
|
||||
are still in the same structure, and are always padding bytes,
|
||||
ignored, or immediately overwritten, depending on compiler
|
||||
behavior. Nevertheless, because the memset()'s purpose is to
|
||||
make sure that any other cell-handling bugs can't expose bytes
|
||||
to the network, we need to fix it. Fixes bug 22737; bugfix on
|
||||
0.2.4.11-alpha. Fixes CID 1401591.
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
o Major bugfixes (compression):
|
||||
- Fix crash in LZMA module, when the Sandbox is enabled, where
|
||||
liblzma would allocate more than 16 MB of memory. We solve this
|
||||
by bumping the mprotect() limit in the Sandbox module from 16 MB
|
||||
to 20 MB. Fixes bug 22751; bugfix on 0.3.1.1-alpha.
|
|
@ -0,0 +1,6 @@
|
|||
o Major bugfixes (windows, directory cache):
|
||||
- On windows, do not try to delete cached consensus documents and
|
||||
diffs, until they unmapped from memory. Allow the diff storage
|
||||
directory to grow larger in order to handle files that might
|
||||
need to stay around longer. Fixes bug 22752; bugfix on
|
||||
0.3.1.1-alpha.
|
|
@ -0,0 +1,7 @@
|
|||
o Major bugfixes (path selection, security):
|
||||
- When choosing which guard to use for a circuit, avoid the
|
||||
exit's family along with the exit itself. Previously, the new
|
||||
guard selection logic avoided the exit, but did not consider
|
||||
its family. Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked
|
||||
as TROVE-2016-006 and CVE-2017-0377.
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
o Major bugfixes (openbsd, denial-of-service):
|
||||
- Avoid an assertion failure bug affecting our implementation of
|
||||
inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
|
||||
handling of "0xfoo" differs from what we had expected.
|
||||
Fixes bug 22789; bugfix on 0.2.3.8-alpha. Also tracked as
|
||||
TROVE-2017-007.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (file limits):
|
||||
- When setting the maximum number of connections allowed by the OS,
|
||||
always allow some extra file descriptors for other files.
|
||||
Fixes bug 22797; bugfix on 0.2.0.10-alpha.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (compilation):
|
||||
- When building with certain versions the mingw C header files, avoid
|
||||
float-conversion warnings when calling the C functions isfinite(),
|
||||
isnan(), and signbit(). Fixes bug 22801; bugfix on 0.2.8.1-alpha.
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (unit tests):
|
||||
- Fix a memory leak in the link-handshake/certs_ok_ed25519 test.
|
||||
Fixes bug 22803; bugfix on 0.3.0.1-alpha.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes:
|
||||
- Fix a problem with Rust toolchains not being found when building
|
||||
without --enable-cargo-online-mode, due to setting the $HOME
|
||||
environment variable instead of $CARGO_HOME. Fixes bug 22830;
|
||||
fix by Chelsea Komlo. Bugfix on 0.3.1.1-alpha.
|
|
@ -0,0 +1,7 @@
|
|||
o Minor features (directory cache, consensus diff):
|
||||
- Add a new MaxConsensusAgeForDiffs option to allow directory cache
|
||||
operators with low-resource environments to adjust the number of
|
||||
consensuses they'll store and generate diffs from. Most cache operators
|
||||
should leave it unchanged. Helps to work around bug 22883.
|
||||
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
o Major bugfixes (relay, performance):
|
||||
|
||||
- Perform circuit handshake operations at a higher priority than we use
|
||||
for consensus diff creation and compression. This should prevent
|
||||
circuits from starving when a relay or bridge receive a new consensus,
|
||||
especially on lower-powered machines. Fixes bug 22883; bugfix on
|
||||
0.3.1.1-alpha.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (compilation):
|
||||
- Compile correctly when both openssl 1.1.0 and libscrypt are detected.
|
||||
Previously this would cause an error. Fixes bug 22892; bugfix on
|
||||
0.3.1.1-alpha.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (compilation warnings):
|
||||
- Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915;
|
||||
bugfix on 0.2.8.1-alpha.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (Compilation):
|
||||
- Fix warnings when building with libscrypt and openssl scrypt support
|
||||
on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha.
|
|
@ -0,0 +1,6 @@
|
|||
o Minor bugfixes (compatibility, zstd):
|
||||
- Write zstd epilogues correctly when the epilogue requires reallocation
|
||||
of the output buffer, even with zstd 1.3.0. (Previously,
|
||||
we worked on 1.2.0 and failed with 1.3.0). Fixes bug 22927; bugfix on
|
||||
0.3.1.1-alpha.
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
o Minor bugfixes (coverity builds):
|
||||
- Avoid Coverity build warnings related to our BUG() macro. By
|
||||
default, Coverity treats BUG() as the Linux kernel does: an
|
||||
instant abort(). We need to override that so our BUG() macro
|
||||
doesn't prevent Coverity from analyzing functions that use it.
|
||||
Fixes bug 23030; bugfix on 0.2.9.1-alpha.
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (memory leak):
|
||||
- Fix a small memory leak when validating a configuration that
|
||||
uses two or more AF_UNIX sockets for the same port type.
|
||||
Fixes bug 23053; bugfix on 0.2.6.3-alpha. This is CID
|
||||
1415725.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (tests):
|
||||
- Port the hs_ntor handshake test to work correctly with recent
|
||||
versions of the pysha3 module. Fixes bug 23071; bugfix on
|
||||
0.3.1.1-alpha.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (unit tests):
|
||||
- Fix a channelpadding unit test failure on extremely slow systems
|
||||
by using mocked time instead of actual time. Fixes bug 23077; bugfix on
|
||||
0.3.1.1-alpha.
|
|
@ -0,0 +1,7 @@
|
|||
o Minor bugfixes (logging, relay):
|
||||
- Remove a log_warn() that has been forgotten when an introduction point
|
||||
successfully established a hidden service prop224 circuit with a client.
|
||||
- Three other log_warn() for an introduction point have been changed to
|
||||
protocol warning because they can be failure from the network and are
|
||||
not relevant to the operator. Fixes bug 23078; bugfix on
|
||||
tor-0.3.0.1-alpha and tor-0.3.0.2-alpha.
|
|
@ -0,0 +1,8 @@
|
|||
o Minor bugfixes (Windows service):
|
||||
- When running as a Windows service, set the ID of the main thread
|
||||
correctly. Failure to do so made us fail to send log messages
|
||||
to the controller in 0.2.1.16-rc, slowed down controller
|
||||
event delivery in 0.2.7.3-rc and later, and crash with an assertion
|
||||
failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha.
|
||||
Patch and diagnosis from "Vort".
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Minor features (diagnostic):
|
||||
- Add a stack trace to the bug warnings that can be logged when
|
||||
trying to send an outgoing relay cell with n_chan == 0.
|
||||
Diagnostic attempt for bug 23105.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (directory cache):
|
||||
- Fix a memory leak in the code that recovers space in the consensus
|
||||
directory cache. Fixes bug 23139; bugfix on 0.3.1.1-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (stability):
|
||||
- Avoid crashing on double-free when unable to load or process
|
||||
an included file. Fixes bug 23155; bugfix on 0.3.1.1-alpha.
|
||||
Found with the clang static analyzer.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (hidden service):
|
||||
- Fix a BUG alert during HSv3 descriptor decoding that could trigger with a
|
||||
specially crafted descriptor. Fixes bug #23233; bugfix on 0.3.0.1-alpha.
|
||||
Bug found by "haxxpop".
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (relay):
|
||||
- When a relay is not running as a directory cache, it will no longer
|
||||
generate compressed consensuses and consensus diff information.
|
||||
Previously, this was a waste of disk and CPU. Fixes bug 23275;
|
||||
bugfix on 0.3.1.1-alpha.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (testing):
|
||||
- Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; bugfix on
|
||||
0.2.7.2-alpha. Found and patched by Ties Stuij.
|
|
@ -0,0 +1,11 @@
|
|||
o Minor bugfixes (path selection):
|
||||
- When selecting relays by bandwidth, avoid a rounding error that
|
||||
could sometimes cause load to be imbalanced incorrectly. Previously,
|
||||
we would always round upwards; now, we round towards the nearest
|
||||
integer. This had the biggest effect when a relay's weight adjustments
|
||||
should have given it weight 0, but it got weight 1 instead.
|
||||
Fixes bug 23318; bugfix on 0.2.4.3-alpha.
|
||||
- When calculating the fraction of nodes that have descriptors, and all
|
||||
all nodes in the network have zero bandwidths, count the number of nodes
|
||||
instead.
|
||||
Fixes bug 23318; bugfix on 0.2.4.10-alpha.
|
|
@ -0,0 +1,6 @@
|
|||
o Minor bugfix (relay address resolution):
|
||||
- Avoid unnecessary calls to directory_fetches_from_authorities()
|
||||
on relays. This avoids spurious address resolutions and
|
||||
descriptor rebuilds. This is a mitigation for 21789. The original
|
||||
bug was introduced in commit 35bbf2e as part of prop210.
|
||||
Fixes 23470 in 0.2.8.1-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (relay):
|
||||
- Inform the geoip and rephist modules about all requests, even
|
||||
on relays that are only fetching microdescriptors. Fixes a bug related
|
||||
to 21585; bugfix on 0.3.0.1-alpha.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (compression):
|
||||
- Handle a pathological case when decompressing Zstandard data when the
|
||||
output buffer size is zero. Fixes bug 23551; bugfix on 0.3.1.1-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (compilation):
|
||||
- Fix a compilation warning when building with zstd support
|
||||
on 32-bit platforms. Fixes bug 23568; bugfix on 0.3.1.1-alpha.
|
||||
Found and fixed by Andreas Stieger.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (unit tests):
|
||||
- Fix additional channelpadding unit test failures by using mocked time
|
||||
instead of actual time for all tests. Fixes bug 23608;
|
||||
bugfix on 0.3.1.1-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (hidden service, relay):
|
||||
- Avoid a possible double close of a circuit by the intro point on error
|
||||
of sending the INTRO_ESTABLISHED cell. Fixes ticket 23610; bugfix on
|
||||
0.3.0.1-alpha.
|
|
@ -0,0 +1,5 @@
|
|||
o Major bugfixes (relay, crash, assertion failure):
|
||||
- Fix a timing-based assertion failure that could occur when the
|
||||
circuit out-of-memory handler freed a connection's output buffer.
|
||||
Fixes bug 23690; bugfix on 0.2.6.1-alpha.
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
o Minor bugfixes (relay, crash):
|
||||
- Avoid a crash when transitioning from client mode to bridge mode.
|
||||
Previously, we would launch the worker threads whenever our "public
|
||||
server" mode changed, but not when our "server" mode changed.
|
||||
Fixes bug 23693; bugfix on 0.2.6.3-alpha.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (relay, crash):
|
||||
- Avoid a crash when running with DirPort set but ORPort tuned off.
|
||||
Fixes a case of bug 23693; bugfix on 0.3.1.1-alpha.
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (descriptors):
|
||||
- Don't try fetching microdescriptors from relays that have failed to
|
||||
deliver them in the past. Fixes bug 23817; bugfix on 0.3.0.1-alpha.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (entry guards):
|
||||
- Tor now updates its guard state when it reads a consensus regardless of
|
||||
whether it's missing descriptors. That makes tor use its primary guards
|
||||
to fetch descriptors in some edge cases where it would have used fallback
|
||||
directories in the past. Fixes bug 23862; bugfix on 0.3.0.1-alpha.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (memory safety):
|
||||
- Clear the address when node_get_prim_orport() returns early.
|
||||
Fixes bug 23874; bugfix on 0.2.8.2-alpha.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (directory authority, backport from 0.3.2.1-alpha):
|
||||
- Remove the length limit on HTTP status lines that authorities can send
|
||||
in their replies. Fixes bug 23499; bugfix on 0.3.1.6-rc.
|
|
@ -0,0 +1,9 @@
|
|||
o Minor bugfixes (bootstrapping):
|
||||
- Fetch descriptors aggressively whenever we lack enough
|
||||
to build circuits, regardless of how many descriptors we are missing.
|
||||
Previously, we would delay launching the fetch when we had fewer than
|
||||
15 missing descriptors, even if some of those descriptors were
|
||||
blocking circuits from building. Fixes bug 23985; bugfix on
|
||||
0.1.1.11-alpha. The effects of this bug became worse in 0.3.0.3-alpha,
|
||||
when we began treating missing descriptors from our primary guards
|
||||
as a reason to delay circuits.
|
|
@ -0,0 +1,7 @@
|
|||
o Minor bugfixes (directory cache):
|
||||
- When a consensus diff calculation is only partially successful, only
|
||||
record the successful parts as having succeeded. Partial success
|
||||
can happen if (for example) one compression method fails but
|
||||
the others succeed. Previously we misrecorded all the calculations as
|
||||
having succeeded, which would later cause a nonfatal assertion failure.
|
||||
Fixes bug 24086; bugfix on 0.3.1.1-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (directory cache):
|
||||
- Recover better from empty or corrupt files in the consensus cache
|
||||
directory. Fixes bug 24099; bugfix on 0.3.1.1-alpha.
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
o Minor bugfixes (network layer):
|
||||
- When closing a connection via close_connection_immediately(), we
|
||||
mark it as "not blocked on bandwidth", to prevent later calls
|
||||
from trying to unblock it, and give it permission to read. This
|
||||
fixes a backtrace warning that can happen on relays under various
|
||||
circumstances. Fixes bug 24167; bugfix on 0.1.0.1-rc.
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (path selection):
|
||||
- Actually log the total bandwidth in compute_weighted_bandwidths().
|
||||
Fixes bug 24170; bugfix on 0.2.4.3-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (controller, linux seccomp2 sandbox):
|
||||
- Avoid a crash when attempting to use the seccomp2 sandbox
|
||||
together with the OwningControllerProcess feature.
|
||||
Fixes bug 24198; bugfix on 0.2.5.1-alpha.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (hidden service):
|
||||
- Fix the consensus parameter "hsdir-interval" to "hsdir_interval" so it
|
||||
matches the dir-spec.txt. Fixes bug 24262; bugfix on 0.3.1.1-alpha.
|
|
@ -0,0 +1,5 @@
|
|||
o Major bugfixes (security, hidden service v2):
|
||||
- Fix a use-after-free error that could crash v2 Tor hidden services
|
||||
when it failed to open circuits while expiring introductions
|
||||
points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This
|
||||
issue is also tracked as TROVE-2017-013 and CVE-2017-8823.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (compilation):
|
||||
- Fix a signed/unsigned comparison warning introduced by our
|
||||
fix to TROVE-2017-009. Fixes bug 24480; bugfix on 0.2.5.16.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (portability, msvc):
|
||||
- Fix a bug in the bit-counting parts of our timing-wheel code on
|
||||
MSVC. (Note that MSVC is still not a supported build platform,
|
||||
due to cyptographic timing channel risks.) Fixes bug 24633;
|
||||
bugfix on 0.2.9.1-alpha.
|
|
@ -0,0 +1,7 @@
|
|||
o Minor bugfixes (memory usage):
|
||||
|
||||
- When queuing DESTROY cells on a channel, only queue the
|
||||
circuit-id and reason fields: not the entire 514-byte
|
||||
cell. This fix should help mitigate any bugs or attacks that
|
||||
fill up these queues, and free more RAM for other uses. Fixes
|
||||
bug 24666; bugfix on 0.2.5.1-alpha.
|
|
@ -0,0 +1,6 @@
|
|||
o Minor bugfixes (address selection):
|
||||
- When the fascist_firewall_choose_address_ functions don't find a
|
||||
reachable address, set the returned address to the null address and port.
|
||||
This is a precautionary measure, because some callers do not check the
|
||||
return value.
|
||||
Fixes bug 24736; bugfix on 0.2.8.2-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (performance, fragile-hardening):
|
||||
- Improve the performance of our consensus-diff application code when Tor
|
||||
is built with the --enable-fragile-hardening option set. Fixes bug
|
||||
24826; bugfix on 0.3.1.1-alpha.
|
|
@ -0,0 +1,3 @@
|
|||
o Code simplification and refactoring:
|
||||
- Move the list of default directory authorities to their own file for
|
||||
inclusion using the C preprocessor. Closes ticket 24854. Patch by "beastr0".
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (logging):
|
||||
- Don't treat inability to store a cached consensus object as a
|
||||
bug: it can happen normally when we are out of disk space.
|
||||
Fixes bug 24859; bugfix on 0.3.1.1-alpha.
|
|
@ -0,0 +1,8 @@
|
|||
o Major bugfixes (onion services):
|
||||
- Fix an "off by 2" error in counting rendezvous failures on the onion
|
||||
service side. While we thought we would stop the rendezvous attempt
|
||||
after one failed circuit, we were actually making three circuit attempts
|
||||
before giving up. Now switch to a default of 2, and allow the consensus
|
||||
parameter "hs_service_max_rdv_failures" to override. Fixes bug 24895;
|
||||
bugfix on 0.0.6.
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
o Major bugfixes (relays):
|
||||
- Fix a set of false positives where relays would consider connections
|
||||
to other relays as being client-only connections (and thus e.g.
|
||||
deserving different link padding schemes) if those relays fell out
|
||||
of the consensus briefly. Now we look only at the initial handshake
|
||||
and whether the connection authenticated as a relay. Fixes bug
|
||||
24898; bugfix on 0.3.1.1-alpha.
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
o Minor bugfixes (relay):
|
||||
- Make the internal channel_is_client() function look at what sort
|
||||
of connection handshake the other side used, rather than whether
|
||||
the other side ever sent a create_fast cell to us. Backports part
|
||||
of the fixes from bugs 22805 and 24898.
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfix (channel connection):
|
||||
- The accurate address of a connection is real_addr, not the addr member.
|
||||
TLS Channel remote address is now real_addr content instead of addr
|
||||
member. Fixes bug 24952; bugfix on 707c1e2e26 in 0.2.4.11-alpha.
|
||||
Patch by "ffmancera".
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue