mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-19 18:00:33 +01:00
maint-0.2.9: remove changes files that are merged in 0.2.9 releases
Many of these files cause check-changes to fail, which will be a long-term problem as we continue to support 0.2.9.
This commit is contained in:
parent
89a0b77740
commit
dd6c2b0ad7
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (unit tests):
|
||||
- Fix tolerances in unit tests for monotonic time comparisons between
|
||||
nanoseconds and microseconds. Previously, we accepted a 10 us
|
||||
difference only, which is not realistic on every platform's
|
||||
clock_gettime(). Fixes bug 19974; bugfix on 0.2.9.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (testing):
|
||||
- Use ECDHE ciphers instead of ECDH in tortls tests. LibreSSL has
|
||||
removed the ECDH ciphers which caused the tests to fail on
|
||||
platforms which use it. Fixes bug 20460; bugfix on 0.2.8.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfix (build):
|
||||
- The current Git revision when building from a local repository is now
|
||||
detected correctly when using git worktrees. Fixes bug 20492; bugfix on
|
||||
0.2.3.9-alpha.
|
@ -1,8 +0,0 @@
|
||||
|
||||
o Minor features (portability, compilationc)
|
||||
- Support building with recent LibreSSL code that uses opaque
|
||||
structures. Closes ticket 21359.
|
||||
- Autoconf now check to determine if OpenSSL
|
||||
structures are opaque, instead of explicitly checking for
|
||||
OpenSSL version numbers.
|
||||
Part of ticket 21359.
|
@ -1,4 +0,0 @@
|
||||
o Minor features (directory authority):
|
||||
- Add an IPv6 address for the "bastet" directory authority.
|
||||
Closes ticket 24394.
|
||||
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (compilation):
|
||||
- Avoid compiler warnings in the unit tests for running tor_sscanf()
|
||||
with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha.
|
||||
|
@ -1,5 +0,0 @@
|
||||
o Major bugfixes (linux TPROXY support):
|
||||
- Fix a typo that had prevented TPROXY-based transparent proxying from
|
||||
working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha.
|
||||
Patch from "d4fq0fQAgoJ".
|
||||
|
@ -1,6 +0,0 @@
|
||||
o Minor features (bridge):
|
||||
- Bridges now include notice in their descriptors that they are bridges,
|
||||
and notice of their distribution status, based on their publication
|
||||
settings. Implements ticket 18329. For more fine-grained control of
|
||||
how a bridge is distributed, upgrade to 0.3.2.x or later.
|
||||
|
@ -1,4 +0,0 @@
|
||||
o Major bugfixes (DNS):
|
||||
- Fix a bug that prevented exit nodes from caching DNS records for more
|
||||
than 60 seconds.
|
||||
Fixes bug 19025; bugfix on 0.2.4.7-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (DNSPort):
|
||||
- On DNSPort, stop logging a BUG warning on a failed hostname lookup.
|
||||
Fixes bug 19869; bugfix on 0.2.9.1-alpha.
|
||||
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (logging):
|
||||
- Downgrade a harmless log message about the pending_entry_connections
|
||||
list from "warn" to "info". Mitigates bug 19926.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (netbsd, unit tests):
|
||||
- Stop expecting NetBSD unit tests to report success for ipfw;
|
||||
on NetBSD, it's only pf that's supported.
|
||||
Part of a fix for bug 19960; bugfix on 0.2.9.5-alpha.
|
@ -1,11 +0,0 @@
|
||||
o Minor bugfixes (relay):
|
||||
- Do not try to parallelize workers more than 16x without the
|
||||
user explicitly configuring us to do so, even if we do detect more than
|
||||
16 CPU cores. Fixes bug 19968; bugfix on
|
||||
0.2.3.1-alpha.
|
||||
|
||||
|
||||
o Minor bugfixes (testing):
|
||||
- Avoid a unit test failure on systems with over 16 detectable
|
||||
CPU cores. Fixes bug 19968; bugfix on
|
||||
0.2.3.1-alpha.
|
@ -1,10 +0,0 @@
|
||||
o Major bugfixes (client performance):
|
||||
- Clients now respond to new application stream requests when
|
||||
they arrive, rather than waiting up to one second before starting
|
||||
to handle them. Fixes part of bug 19969; bugfix on 0.2.8.1-alpha.
|
||||
|
||||
o Major bugfixes (clients on flaky network connections):
|
||||
- When Tor leaves standby because of a new application request, open
|
||||
circuits as needed to serve that request. Previously, we would
|
||||
potentially wait a very long time. Fixes part of bug 19969; bugfix
|
||||
on 0.2.8.1-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (relay):
|
||||
- Avoid a double-marked-circuit warning that can happen when we receive
|
||||
DESTROY cells under heavy load. Fixes bug 20059; bugfix on 0.1.0.1-rc.
|
@ -1,4 +0,0 @@
|
||||
o Documentation:
|
||||
- Correct the minimum bandwidth value in torrc.sample, and queue a
|
||||
corresponding change for torrc.minimal. Closes ticket 20085.
|
||||
|
@ -1,4 +0,0 @@
|
||||
o Minor features (compatibility):
|
||||
- Work around a bug in the OSX 10.12 SDK that would prevent us
|
||||
from successfully targetting earlier versions of OSX.
|
||||
Resolves ticket 20235.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (linux seccomp2 sandbox):
|
||||
- Avoid a sandbox failure when trying to re-bind to a socket and mark
|
||||
it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha.
|
||||
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (fascistfirewall):
|
||||
- Avoid spurious warnings when ReachableAddresses or FascistFirewall
|
||||
is set. Fixes bug 20306; bugfix on 0.2.8.2-alpha.
|
||||
|
@ -1,7 +0,0 @@
|
||||
o Minor bugfixes (circuit, hidden service)
|
||||
- When closing a circuit, the reason for doing so was assigned from an int
|
||||
value to a uint16_t which is quite a problem for negative values that are
|
||||
our internal reasons (ex: END_CIRC_REASON_IP_NOW_REDUNDANT). On the HS
|
||||
side, this was causing introduction points to be flagged as unusable
|
||||
because the reason wasn't the right one due to the bad conversion.
|
||||
Partially fixes bug 21056 and fixes bug 20307; Bugfix on 0.2.8.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (relay):
|
||||
- Avoid a small memory leak when informing worker threads about rotated
|
||||
onion keys. Fixes bug 20401; bugfix on 0.2.6.3-alpha.
|
||||
|
@ -1,6 +0,0 @@
|
||||
o Major bugfixes:
|
||||
- For relays that don't know their own address, avoid attempting
|
||||
a local hostname resolve for each descriptor we download. Also cut
|
||||
down on the number of "Success: chose address 'x.x.x.x'" log lines.
|
||||
Fixes bugs 20423 and 20610; bugfix on 0.2.8.1-alpha.
|
||||
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (compilation):
|
||||
- When compiling with --enable-openbsd-malloc or --enable-tcmalloc, tell
|
||||
the compiler not to include the system malloc implementation. Fixes bug
|
||||
20424; bugfix on 0.2.0.20-rc.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (circuits):
|
||||
- Remove a BUG warning in circuit_pick_extend_handshake. Instead, assume
|
||||
all nodes support EXTEND2. Use ntor whenever a key is available.
|
||||
Fixes bug 20472; bugfix on 0.2.9.3-alpha.
|
||||
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (single onion services):
|
||||
- Start correctly when creating a single onion service in a
|
||||
directory that did not previously exist. Fixes bug 20484; bugfix on
|
||||
0.2.9.3-alpha.
|
||||
|
@ -1,4 +0,0 @@
|
||||
o Documentation:
|
||||
- Clarify that setting HiddenServiceNonAnonymousMode requires
|
||||
you to also set "SOCKSPort 0". Fixes bug 20487; bugfix on
|
||||
0.2.9.3-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Minor features:
|
||||
- Directory authorities now reject relays running versions
|
||||
0.2.9.1-alpha through 0.2.9.4-alpha, because those relays
|
||||
suffer from bug 20499 and don't keep their consensus cache
|
||||
up-to-date. Resolves ticket 20509.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (hidden services):
|
||||
- When configuring hidden services, check every hidden service directory's
|
||||
permissions. Previously, we only checked the last hidden service.
|
||||
Fixes bug 20529; bugfix on 13942 commit 85bfad1 in 0.2.6.2-alpha.
|
@ -1,7 +0,0 @@
|
||||
o Minor bugfixes (consensus downloads):
|
||||
- If a consensus expires while we are waiting for certificates to download,
|
||||
stop waiting for certificates.
|
||||
- If we stop waiting for certificates less than a minute after we started
|
||||
downloading them, do not consider the certificate download failure a
|
||||
separate failure.
|
||||
Fixes bug 20533; bugfix on commit e0204f21 in 0.2.0.9-alpha.
|
@ -1,8 +0,0 @@
|
||||
o Minor bugfixes (directory download scheduling):
|
||||
- Remove the maximum delay on exponential-backoff scheduling.
|
||||
Since we now allow an infinite number of failures (see ticket
|
||||
20536), we must now allow the time to grow longer on each failure.
|
||||
Fixes part of bug 20534; bugfix on 0.2.9.1-alpha.
|
||||
- Use initial delays and decrements in download scheduling closer to
|
||||
those from 0.2.8. Fixes another part of bug 20534; bugfix on
|
||||
0.2.9.1-alpha.
|
@ -1,6 +0,0 @@
|
||||
o Major bugfixes (download scheduling):
|
||||
- When using an exponential backoff schedule, do not give up on
|
||||
dowloading just because we have failed a bunch of times. Since
|
||||
each delay is longer than the last, retrying indefinitely won't
|
||||
hurt. Fixes bug 20536; bugfix on 0.2.9.1-alpha.
|
||||
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (compilation):
|
||||
- Fix implicit conversion warnings under OpenSSL 1.1.
|
||||
Fixes bug 20551; bugfix on 0.2.1.1-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (memory leak):
|
||||
- Work around a memory leak in OpenSSL 1.1 when encoding public keys.
|
||||
Fixes bug 20553; bugfix on 0.0.2pre8.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (portability):
|
||||
- Run correctly when built on Windows build environments that require
|
||||
_vcsprintf(). Fixes bug 20560; bugfix on 0.2.2.11-alpha.
|
||||
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (download timing):
|
||||
- When determining when to download a directory object, handle times
|
||||
after 2038 if the operating system supports that. (Someday this will be
|
||||
important!) Fixes bug 20587; bugfix on 0.2.8.1-alpha.
|
||||
|
@ -1,3 +0,0 @@
|
||||
o Minor features (portability):
|
||||
- Fix compilation with OpenSSL 1.1 and less commonly-used
|
||||
CPU architectures. Closes ticket 20588.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (relay bootstrap):
|
||||
- Ensure relays don't make multiple connections during bootstrap.
|
||||
Fixes bug 20591; bugfix on 0.2.8.1-alpha.
|
@ -1,6 +0,0 @@
|
||||
o Minor bugfixes (client directory scheduling):
|
||||
- Treat "relay too busy to answer request" as a failed request and a
|
||||
reason to back off on our retry frequency. This is safe now that
|
||||
exponential backups retry indefinitely, and avoids a bug where we would
|
||||
reset our download schedule erroneously.
|
||||
Fixes bug 20593; bugfix on 0.2.9.1-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (test networks, exponential backoff):
|
||||
- When using exponential backoff in test networks, use a lower exponent,
|
||||
so the delays do not vary as much. This helps test networks bootstrap
|
||||
consistently. Fixes bug 20597; bugfix on 20499; not in any released
|
||||
version of tor.
|
@ -1,6 +0,0 @@
|
||||
o Minor bugfixes (single onion services, Tor2web):
|
||||
- Stop logging long-term one-hop circuits deliberately created by single
|
||||
onion services and Tor2web. These log messages are intended to diagnose
|
||||
issue 8387, which relates to circuits hanging around forever for no
|
||||
reason.
|
||||
Fixes bug 20613; bugfix on 0.2.9.1-alpha. Reported by "pastly".
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (unit tests):
|
||||
- Stop spurious failures in the local interface address discovery unit
|
||||
tests. Fixes bug 20634; bugfix on 0.2.8.1-alpha; patch by Neel Chauhan.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (hidden services):
|
||||
- Stop ignoring hidden service key anonymity when first starting tor.
|
||||
Instead, refuse to start tor if any hidden service key has been used in
|
||||
a different hidden service anonymity mode.
|
||||
Fixes bug 20638; bugfix on 17178 in 0.2.9.3-alpha; reported by ahf.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (memory leak, use-after-free, linux seccomp2 sandbox):
|
||||
- Fix a memory leak and use-after-free error when removing entries
|
||||
from the sandbox's getaddrinfo() cache. Fixes bug 20710; bugfix on
|
||||
0.2.5.5-alpha. Patch from "cypherpunks".
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (memory leak)
|
||||
- When moving a signed descriptor object from a source to an existing
|
||||
destination, free the allocated memory inside that destination object.
|
||||
Bugfix on tor-0.2.8.3-alpha; Closes #20715.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (client, memory leak):
|
||||
- Fix a small memory leak when receiving AF_UNIX connections on
|
||||
a SocksPort. Fixes bug 20716; bugfix on 0.2.6.3-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (relay)
|
||||
- When computing old Tor protocol line version in protover, we were
|
||||
looking at 0.2.7.5 twice instead of a specific case for 0.2.9.1-alpha.
|
||||
Bugfix on tor-0.2.9.4-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (unit tests, hidden services):
|
||||
- Remove a double-free in the single onion service unit test. Stop
|
||||
ignoring a return value. Make future changes less error-prone.
|
||||
Fixes bug 20864; bugfix on 0.2.9.6-rc.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (download scheduling)
|
||||
- Resolve a "bug" warning when considering a download schedule whose
|
||||
delay had approached INT_MAX. Fixes 20875; bugfix on 0.2.9.5-alpha.
|
||||
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (portability):
|
||||
- Use the correct spelling of MAC_OS_X_VERSION_10_12 on configure.ac
|
||||
Fixes bug 20935; bugfix on 0.2.9.6-rc.
|
@ -1,11 +0,0 @@
|
||||
o Major bugfixes (parsing, security):
|
||||
|
||||
- Fix a bug in parsing that could cause clients to read a single
|
||||
byte past the end of an allocated region. This bug could be
|
||||
used to cause hardened clients (built with
|
||||
--enable-expensive-hardening) to crash if they tried to visit
|
||||
a hostile hidden service. Non-hardened clients are only
|
||||
affected depending on the details of their platform's memory
|
||||
allocator. Fixes bug 21018; bugfix on 0.2.0.8-alpha. Found by
|
||||
using libFuzzer. Also tracked as TROVE-2016-12-002 and as
|
||||
CVE-2016-1254.
|
@ -1,6 +0,0 @@
|
||||
o Minor bugfixes (portability):
|
||||
- Avoid crashing when Tor is built using headers that contain
|
||||
CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel
|
||||
without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix on
|
||||
0.2.9.1-alpha.
|
||||
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (compilation):
|
||||
- Fix Libevent detection on platforms without Libevent 1 headers
|
||||
installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (portability):
|
||||
- Don't exit the Tor process if setrlimit() fails to change the file
|
||||
limit (which can happen sometimes on some versions of OSX). Fixes
|
||||
bug 21074; bugfix on 0.0.9pre5.
|
@ -1,6 +0,0 @@
|
||||
o Major bugfixes (directory authority):
|
||||
- During voting, when marking a node as a probable sybil, do not
|
||||
clear its BadExit flag: sybils can still be bad in other ways
|
||||
too. (We still clear the other flags.) Fixes bug 21108; bugfix
|
||||
on 0.2.0.13-alpha.
|
||||
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (code correctness):
|
||||
- Repair a couple of (unreachable or harmless) cases of the risky
|
||||
comparison-by-subtraction pattern that caused bug 21278.
|
@ -1,4 +0,0 @@
|
||||
o Minor features (directory authority):
|
||||
- Directory authorities now reject descriptors that claim to be
|
||||
malformed versions of Tor. Helps prevent exploitation of bug 21278.
|
||||
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (tor-resolve):
|
||||
- The tor-resolve command line tool now rejects hostnames over 255
|
||||
characters in length. Previously, it would silently truncate
|
||||
them, which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5.
|
||||
Patch by "junglefowl".
|
@ -1,7 +0,0 @@
|
||||
o Major bugfixes (IPv6 Exits):
|
||||
- Stop rejecting all IPv6 traffic on Exits whose exit policy rejects IPv6
|
||||
addresses. Instead, only reject a port over IPv6 if the exit policy
|
||||
rejects that port on more than an IPv6 /16 of addresses. This bug was
|
||||
made worse by 17027 in 0.2.8.1-alpha, which rejects a relay's own IPv6
|
||||
address by default.
|
||||
Fixes bug 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha.
|
@ -1,9 +0,0 @@
|
||||
o Major bugfixes (Exit nodes):
|
||||
- Fix an issue causing high-bandwidth exit nodes to fail a majority
|
||||
or all of their DNS requests, making them basically unsuitable for
|
||||
regular usage in Tor circuits. The problem is related to
|
||||
libevent's DNS handling, but we can work around it in Tor. Fixes
|
||||
bugs 21394 and 18580; bugfix on 0.1.2.2-alpha which introduced
|
||||
eventdns. Credit goes to Dhalgren for identifying and finding a
|
||||
workaround to this bug and to gamambel, arthuredelstein and
|
||||
arma in helping to track it down and analyze it.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (voting consistency):
|
||||
- Reject version numbers with components that exceed INT32_MAX.
|
||||
Otherwise 32-bit and 64-bit platforms would behave inconsistently.
|
||||
Fixes bug 21450; bugfix on 0.0.8pre1.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (voting consistency):
|
||||
- Reject version numbers with non-numeric prefixes (such as +, -, and
|
||||
whitespace). Disallowing whitespace prevents differential version
|
||||
parsing between POSIX-based and Windows platforms.
|
||||
Fixes bug 21507 and part of 21508; bugfix on 0.0.8pre1.
|
@ -1,4 +0,0 @@
|
||||
o Major bugfixes (crash, directory connections):
|
||||
- Fix a rare crash when sending a begin cell on a circuit whose linked
|
||||
directory connection has already been closed. Fixes bug 21576;
|
||||
bugfix on Tor 0.2.9.3-alpha. Reported by alecmuffett.
|
@ -1,6 +0,0 @@
|
||||
o Minor bugfixes (Linux seccomp2 sandbox):
|
||||
- The getpid() system call is now permitted under the Linux seccomp2
|
||||
sandbox, to avoid crashing with versions of OpenSSL (and other
|
||||
libraries) that attempt to learn the process's PID by using the
|
||||
syscall rather than the VDSO code. Fixes bug 21943; bugfix on
|
||||
0.2.5.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (control port, regression):
|
||||
- The GETINFO extra-info/digest/<digest> command was broken because of a
|
||||
wrong base16 decode return value check. In was introduced in a refactor
|
||||
of that API. Fixex bug #22034; bugfix on tor-0.2.9.1-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (bandwidth accounting):
|
||||
- Roll over monthly accounting at the configured hour and minute,
|
||||
rather than always at 00:00.
|
||||
Fixes bug 22245; bugfix on 0.0.9rc1.
|
||||
Found by Andrey Karpov with PVS-Studio.
|
@ -1,9 +0,0 @@
|
||||
o Minor bugfixes (directory authority):
|
||||
- When a directory authority rejects a descriptor or extrainfo with
|
||||
a given digest, mark that digest as undownloadable, so that we
|
||||
do not attempt to download it again over and over. We previously
|
||||
tried to avoid downloading such descriptors by other means, but
|
||||
we didn't notice if we accidentally downloaded one anyway. This
|
||||
behavior became problematic in 0.2.7.2-alpha, when authorities
|
||||
began pinning Ed25519 keys. Fixes ticket
|
||||
22349; bugfix on 0.2.1.19-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (memory handling):
|
||||
- When directory authorities reject a router descriptor due to keypinning,
|
||||
free the router descriptor rather than leaking the memory.
|
||||
Fixes bug 22370; bugfix on 0.2.7.2-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor features (code style, backport from 0.3.1.3-alpha):
|
||||
- Add "Falls through" comments to our codebase, in order to silence
|
||||
GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas
|
||||
Stieger. Closes ticket 22446.
|
@ -1,8 +0,0 @@
|
||||
o Major bugfixes (relay, link handshake):
|
||||
|
||||
- When performing the v3 link handshake on a TLS connection, report that
|
||||
we have the x509 certificate that we actually used on that connection,
|
||||
even if we have changed certificates since that connection was first
|
||||
opened. Previously, we would claim to have used our most recent x509
|
||||
link certificate, which would sometimes make the link handshake fail.
|
||||
Fixes one case of bug 22460; bugfix on 0.2.3.6-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (correctness):
|
||||
- Avoid undefined behavior when parsing IPv6 entries from the geoip6
|
||||
file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (linux seccomp2 sandbox):
|
||||
- Permit the fchmod system call, to avoid crashing on startup when
|
||||
starting with the seccomp2 sandbox and an unexpected set of permissions
|
||||
on the data directory or its contents. Fixes bug 22516; bugfix on
|
||||
0.2.5.4-alpha.
|
@ -1,8 +0,0 @@
|
||||
o Build features:
|
||||
- Tor's repository now includes a Travis Continuous Integration (CI)
|
||||
configuration file (.travis.yml). This is meant to help new developers and
|
||||
contributors who fork Tor to a Github repository be better able to test
|
||||
their changes, and understand what we expect to pass. To use this new build
|
||||
feature, you must fork Tor to your Github account, then go into the
|
||||
"Integrations" menu in the repository settings for your fork and enable
|
||||
Travis, then push your changes.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (controller):
|
||||
- Do not crash when receiving a POSTDESCRIPTOR command with an
|
||||
empty body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
|
||||
- Do not crash when receiving a HSPOST command with an empty body.
|
||||
Fixes part of bug 22644; bugfix on 0.2.7.1-alpha.
|
@ -1,12 +0,0 @@
|
||||
o Minor bugfixes (defensive programming, undefined behavior):
|
||||
|
||||
- Fix a memset() off the end of an array when packing cells. This
|
||||
bug should be harmless in practice, since the corrupted bytes
|
||||
are still in the same structure, and are always padding bytes,
|
||||
ignored, or immediately overwritten, depending on compiler
|
||||
behavior. Nevertheless, because the memset()'s purpose is to
|
||||
make sure that any other cell-handling bugs can't expose bytes
|
||||
to the network, we need to fix it. Fixes bug 22737; bugfix on
|
||||
0.2.4.11-alpha. Fixes CID 1401591.
|
||||
|
||||
|
@ -1,7 +0,0 @@
|
||||
o Major bugfixes (openbsd, denial-of-service):
|
||||
- Avoid an assertion failure bug affecting our implementation of
|
||||
inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
|
||||
handling of "0xfoo" differs from what we had expected.
|
||||
Fixes bug 22789; bugfix on 0.2.3.8-alpha. Also tracked as
|
||||
TROVE-2017-007.
|
||||
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (file limits):
|
||||
- When setting the maximum number of connections allowed by the OS,
|
||||
always allow some extra file descriptors for other files.
|
||||
Fixes bug 22797; bugfix on 0.2.0.10-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (compilation):
|
||||
- When building with certain versions the mingw C header files, avoid
|
||||
float-conversion warnings when calling the C functions isfinite(),
|
||||
isnan(), and signbit(). Fixes bug 22801; bugfix on 0.2.8.1-alpha.
|
||||
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha):
|
||||
- Backport a fix for an "unused variable" warning that appeared
|
||||
in some versions of mingw. Fixes bug 22838; bugfix on
|
||||
0.2.8.1-alpha.
|
||||
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (compilation warnings):
|
||||
- Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915;
|
||||
bugfix on 0.2.8.1-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (Compilation):
|
||||
- Fix warnings when building with libscrypt and openssl scrypt support
|
||||
on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha.
|
@ -1,7 +0,0 @@
|
||||
o Minor bugfixes (coverity builds):
|
||||
- Avoid Coverity build warnings related to our BUG() macro. By
|
||||
default, Coverity treats BUG() as the Linux kernel does: an
|
||||
instant abort(). We need to override that so our BUG() macro
|
||||
doesn't prevent Coverity from analyzing functions that use it.
|
||||
Fixes bug 23030; bugfix on 0.2.9.1-alpha.
|
||||
|
@ -1,8 +0,0 @@
|
||||
o Minor bugfixes (Windows service):
|
||||
- When running as a Windows service, set the ID of the main thread
|
||||
correctly. Failure to do so made us fail to send log messages
|
||||
to the controller in 0.2.1.16-rc, slowed down controller
|
||||
event delivery in 0.2.7.3-rc and later, and crash with an assertion
|
||||
failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha.
|
||||
Patch and diagnosis from "Vort".
|
||||
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (testing):
|
||||
- Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; bugfix on
|
||||
0.2.7.2-alpha. Found and patched by Ties Stuij.
|
@ -1,11 +0,0 @@
|
||||
o Minor bugfixes (path selection):
|
||||
- When selecting relays by bandwidth, avoid a rounding error that
|
||||
could sometimes cause load to be imbalanced incorrectly. Previously,
|
||||
we would always round upwards; now, we round towards the nearest
|
||||
integer. This had the biggest effect when a relay's weight adjustments
|
||||
should have given it weight 0, but it got weight 1 instead.
|
||||
Fixes bug 23318; bugfix on 0.2.4.3-alpha.
|
||||
- When calculating the fraction of nodes that have descriptors, and all
|
||||
all nodes in the network have zero bandwidths, count the number of nodes
|
||||
instead.
|
||||
Fixes bug 23318; bugfix on 0.2.4.10-alpha.
|
@ -1,6 +0,0 @@
|
||||
o Minor bugfix (relay address resolution):
|
||||
- Avoid unnecessary calls to directory_fetches_from_authorities()
|
||||
on relays. This avoids spurious address resolutions and
|
||||
descriptor rebuilds. This is a mitigation for 21789. The original
|
||||
bug was introduced in commit 35bbf2e as part of prop210.
|
||||
Fixes 23470 in 0.2.8.1-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Major bugfixes (relay, crash, assertion failure):
|
||||
- Fix a timing-based assertion failure that could occur when the
|
||||
circuit out-of-memory handler freed a connection's output buffer.
|
||||
Fixes bug 23690; bugfix on 0.2.6.1-alpha.
|
||||
|
@ -1,6 +0,0 @@
|
||||
o Minor bugfixes (relay, crash):
|
||||
- Avoid a crash when transitioning from client mode to bridge mode.
|
||||
Previously, we would launch the worker threads whenever our "public
|
||||
server" mode changed, but not when our "server" mode changed.
|
||||
Fixes bug 23693; bugfix on 0.2.6.3-alpha.
|
||||
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (memory safety):
|
||||
- Clear the address when node_get_prim_orport() returns early.
|
||||
Fixes bug 23874; bugfix on 0.2.8.2-alpha.
|
@ -1,9 +0,0 @@
|
||||
o Minor bugfixes (bootstrapping):
|
||||
- Fetch descriptors aggressively whenever we lack enough
|
||||
to build circuits, regardless of how many descriptors we are missing.
|
||||
Previously, we would delay launching the fetch when we had fewer than
|
||||
15 missing descriptors, even if some of those descriptors were
|
||||
blocking circuits from building. Fixes bug 23985; bugfix on
|
||||
0.1.1.11-alpha. The effects of this bug became worse in 0.3.0.3-alpha,
|
||||
when we began treating missing descriptors from our primary guards
|
||||
as a reason to delay circuits.
|
@ -1,7 +0,0 @@
|
||||
o Minor bugfixes (network layer):
|
||||
- When closing a connection via close_connection_immediately(), we
|
||||
mark it as "not blocked on bandwidth", to prevent later calls
|
||||
from trying to unblock it, and give it permission to read. This
|
||||
fixes a backtrace warning that can happen on relays under various
|
||||
circumstances. Fixes bug 24167; bugfix on 0.1.0.1-rc.
|
||||
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (path selection):
|
||||
- Actually log the total bandwidth in compute_weighted_bandwidths().
|
||||
Fixes bug 24170; bugfix on 0.2.4.3-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (controller, linux seccomp2 sandbox):
|
||||
- Avoid a crash when attempting to use the seccomp2 sandbox
|
||||
together with the OwningControllerProcess feature.
|
||||
Fixes bug 24198; bugfix on 0.2.5.1-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Major bugfixes (security, hidden service v2):
|
||||
- Fix a use-after-free error that could crash v2 Tor hidden services
|
||||
when it failed to open circuits while expiring introductions
|
||||
points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This
|
||||
issue is also tracked as TROVE-2017-013 and CVE-2017-8823.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (compilation):
|
||||
- Fix a signed/unsigned comparison warning introduced by our
|
||||
fix to TROVE-2017-009. Fixes bug 24480; bugfix on 0.2.5.16.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (portability, msvc):
|
||||
- Fix a bug in the bit-counting parts of our timing-wheel code on
|
||||
MSVC. (Note that MSVC is still not a supported build platform,
|
||||
due to cyptographic timing channel risks.) Fixes bug 24633;
|
||||
bugfix on 0.2.9.1-alpha.
|
@ -1,7 +0,0 @@
|
||||
o Minor bugfixes (memory usage):
|
||||
|
||||
- When queuing DESTROY cells on a channel, only queue the
|
||||
circuit-id and reason fields: not the entire 514-byte
|
||||
cell. This fix should help mitigate any bugs or attacks that
|
||||
fill up these queues, and free more RAM for other uses. Fixes
|
||||
bug 24666; bugfix on 0.2.5.1-alpha.
|
@ -1,6 +0,0 @@
|
||||
o Minor bugfixes (address selection):
|
||||
- When the fascist_firewall_choose_address_ functions don't find a
|
||||
reachable address, set the returned address to the null address and port.
|
||||
This is a precautionary measure, because some callers do not check the
|
||||
return value.
|
||||
Fixes bug 24736; bugfix on 0.2.8.2-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Code simplification and refactoring:
|
||||
- Move the list of default directory authorities to their own file for
|
||||
inclusion using the C preprocessor. Closes ticket 24854. Patch by "beastr0".
|
@ -1,8 +0,0 @@
|
||||
o Major bugfixes (onion services):
|
||||
- Fix an "off by 2" error in counting rendezvous failures on the onion
|
||||
service side. While we thought we would stop the rendezvous attempt
|
||||
after one failed circuit, we were actually making three circuit attempts
|
||||
before giving up. Now switch to a default of 2, and allow the consensus
|
||||
parameter "hs_service_max_rdv_failures" to override. Fixes bug 24895;
|
||||
bugfix on 0.0.6.
|
||||
|
@ -1,6 +0,0 @@
|
||||
o Minor bugfixes (relay):
|
||||
- Make the internal channel_is_client() function look at what sort
|
||||
of connection handshake the other side used, rather than whether
|
||||
the other side ever sent a create_fast cell to us. Backports part
|
||||
of the fixes from bugs 22805 and 24898.
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user