Bring remaining 0.2.5.5-alpha entries into changelog

ChangeLog

@@ -1,6 +1,24 @@
-Changes in version 0.2.5.5-alpha - 2014-06-??
+Changes in version 0.2.5.5-alpha - 2014-06-1?
   Write a blurb here.
 
+  o Major features (security, traffic analysis resistance):
+    - Increase the base amount of time that a canonical connection (one
+      that we have made to a known OR) is allowed to stay idle from 3
+      minutes to 15 minutes. This leaks less information about when
+      circuits have closed, and avoids unnecessary overhead from
+      renegotiating connections. Part of a fix for ticket 6799.
+    - Instead of closing connections after they have been idle for a
+      fixed interval, randomly add up to 50% to each connection's
+      maximum timeout. This makes it harder to tell when the last
+      circuit closed by looking at when a connection closes. Part of a
+      fix for ticket 6799.
+    - Base connection idleness tests on the actual time elapsed since
+      the connection last had circuits, not on the time when we last
+      added non-padding. This change also makes it harder for an
+      observer to tell when the last circuit closed by looking at when a
+      connection closes. Part of a fix for ticket 6799. Incidentally
+      fixes bug 12023; bugfix on 0.2.5.1-alpha.
+
   o Major bugfixes (security, OOM, new since 0.2.5.4-alpha, also in 0.2.4.22):
     - Fix a memory leak that could occur if a microdescriptor parse
       fails during the tokenizing step. This bug could enable a memory
@@ -13,6 +31,11 @@ Changes in version 0.2.5.5-alpha - 2014-06-??
       directory object. Previously, relays would used tunnel connections
       under a fairly wide variety of circumstances. Fixes bug 11469;
       bugfix on 0.2.4.3-alpha.
+    - When a circuit accidentally has the same circuit ID for its
+      forward and reverse direction, correctly detect the direction of
+      cells using that circuit. Previously, this would have made roughly
+      one circuit in a million non-functional. Fixes bug 12195; this is
+      a bugfix on every version of Tor.
 
   o Major bugfixes (security, directory authorities):
     - Directory authorities now include a digest of each relay's
@@ -30,6 +53,12 @@ Changes in version 0.2.5.5-alpha - 2014-06-??
       attacker from causing a microdescriptor collision, because the
       router's identity is not forgeable.
 
+  o Major bugfixes (client, pluggable transports):
+    - When managing pluggable transports, use OS notification facilities
+      to learn if they have crashed, and do not attempt to kill any
+      process that has already exited. Fix for bug 8746; bugfix
+      on 0.2.3.6-alpha.
+
   o Minor features (diagnostic):
     - When logging a warning because of bug #7164, additionally check
       the hash table for consistency (as proposed on ticket #11737).
@@ -42,8 +71,13 @@ Changes in version 0.2.5.5-alpha - 2014-06-??
       diagnosing bug 11233.
     - Give more specific warnings when we notice at the client side that
       an onion handshake has failed. Fixes ticket 9635.
+    - Add significant new logging code to attempt to diagnose bug 12184,
+      where relays seem to run out of available circuit IDs.
+    - Improve the diagnostic log message for bug #8387 even further to
+      try to improve our odds of figuring out why one-hop directory
+      circuits sometimes do not get closed.
 
-  o Minor features (security, memory management)):
+  o Minor features (security, memory management):
     - Add configure options controlling allocator tricks like mempools
       and freelists, and turn them off by default; on most platforms
       malloc is reasonable enough for this not to be necessary, and a
@@ -61,12 +95,29 @@ Changes in version 0.2.5.5-alpha - 2014-06-??
       support for libseccomp on systems that have it, in case it (or
       Tor's use of it) is broken. Resolves ticket 11628.
 
+  o Minor features (other):
+    - Update geoip and geoip6 to the June 4 2014 Maxmind GeoLite2
+      Country database.
+
   o Minor bugfixes (configuration, security, new since 0.2.5.4-alpha, also in 0.2.4.22):
     - When running a hidden service, do not allow TunneledDirConns 0;
       this will keep the hidden service from running, and also
       make it publish its descriptors directly over HTTP. Fixes bug 10849;
       bugfix on 0.2.1.1-alpha.
 
+  o Minor bugfixes (performance):
+    - Do not recompute whether we have sufficient information to build
+      circuits every time we make a successful connection. Previously,
+      we would forget our cached value for this flag every time we
+      successfully opened a channel (or marked a router as running or
+      not running for any other reason), regardless of whether we had
+      previously believed the router to be running. This forced us to
+      run a fairly expensive update operation with relatively high
+      frequency. Fixes bug 12170; bugfix on 0.1.2.1-alpha.
+    - Avoid using tor_memeq() for checking relay cell integrity. This
+      removes a possible performance bottleneck. Fixes part of bug
+      12169; bugfix on 0.2.1.31.
+
   o Minor bugfixes (compilation):
     - Fix compilation of test_status.c when building with MVSC. Bugfix
       on 0.2.5.4-alpha. Patch from Gisle Vanem.
@@ -140,6 +191,12 @@ Changes in version 0.2.5.5-alpha - 2014-06-??
     - Handle failures in getpwnam()/getpwuid() when running with the
       User option set and the Linux syscall sandbox enabled. Fixes bug
       11946; bugfix on 0.2.5.1-alpha.
+    - Refactor the getaddrinfo workaround that the seccomp sandbox uses
+      to avoid calling getaddrinfo() after installing the sandbox
+      filters. Previously, it preloaded a cache with the IPv4 address
+      for our hostname, and nothing else. Now, it loads the cache with
+      every address that it used to initialize the Tor process. Fixes
+      bug 11970; bugfix on 0.2.5.1-alpha.
 
   o Minor bugfixes (pluggable transports):
     - Enable the ExtORPortCookieAuthFile option, to allow changing the
@@ -152,6 +209,12 @@ Changes in version 0.2.5.5-alpha - 2014-06-??
       descriptors for our bridges. Fixes bug 11965; bugfix
       on 0.2.3.6-alpha.
 
+  o Minor bugfixes (client):
+    - Avoid "Tried to open a socket with DisableNetwork set" warnings
+      when starting a client with bridges configured and DisableNetwork
+      set. (Tor launcher starts Tor with DisableNetwork set the first
+      time.) Fixes bug 10405; bugfix on 0.2.3.9-alpha.
+
   o Minor bugfixes (testing):
     - The Python parts of the test scripts now work on Python 3 as well
       as Python 2, so systems where '/usr/bin/python' is Python 3 will
@@ -188,9 +251,25 @@ Changes in version 0.2.5.5-alpha - 2014-06-??
       error value, even on success. Fixes bug 11805; bugfix
       on 0.2.5.4-alpha.
 
+  o Minor bugfixes (relay, other):
+    - We now drop CREATE cells for already-existent circuit IDs and for
+      zero-valued circuit IDs, regardless of other factors that might
+      otherwise have called for DESTROY cells. Fixes bug 12191; bugfix
+      on 0.0.8pre1.
+    - Avoid an illegal read from stack when initializing the TLS module
+      using a version of OpenSSL without all of the ciphers used by the
+      v2 link handshake. Fixes bug 12227; bugfix on 0.2.4.8-alpha. Found
+      by "starlight".
+    - When rejecting DATA cells for stream_id zero, still count them
+      against the circuit's deliver window so that we don't get fail to
+      send a SENDME. Fix for bug 11246; bugfix on 0.2.4.10-alpha.
+
   o Minor bugfixes (logging):
     - Fix a misformatted log message about delayed directory fetches.
       Fixes bug 11654; bugfix on 0.2.5.3-alpha.
+    - Squelch a spurious LD_BUG message "No origin circuit for
+      successful SOCKS stream" in certain hidden service failure cases;
+      fixes bug #10616.
 
   o Distribution:
     - Include a tor.service file in contrib/dist for use with systemd.
@@ -204,6 +283,9 @@ Changes in version 0.2.5.5-alpha - 2014-06-??
       directory authority options, remove the documentation for a
       V2-directory fetching option that no longer exists. Resolves
       ticket 11634.
+    - In the manpage, move more authority-only options into the
+      directory authority section so that operators of regular directory
+      caches don't get confused.
 
   o Package cleanup:
     - The contrib directory has been sorted and tidy. Before, it was an

changes/bug10405

@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Avoid "Tried to open a socket with DisableNetwork set" warnings
-      when starting a client with bridges configured and DisableNetwork
-      set. (Tor launcher starts Tor with DisableNetwork set the first
-      time.) Fixes bug 10405; bugfix on 0.2.3.9-alpha.

changes/bug10616

@@ -1,4 +0,0 @@
- o Bugfixes:
-   - Squelch a spurious LD_BUG message "No origin circuit for successful
-     SOCKS stream" in certain hidden service failure cases; fixes bug
-     #10616.

changes/bug11970

@@ -1,7 +0,0 @@
-  o Minor bugfixes (linux seccomp sandbox):
-    - Refactor the getaddrinfo workaround that the seccomp sandbox
-      uses to avoid calling getaddrinfo() after installing the sandbox
-      filters. Previously, it preloaded a cache with the IPv4 address
-      for our hostname, and nothing else. Now, it loads the cache with
-      every address that it used to initialize the Tor process. Fixes
-      bug 11970; bugfix on 0.2.5.1-alpha.

changes/bug12169_simple

@@ -1,5 +0,0 @@
-  o Minor bugfixes (performance):
-    - Avoid using tor_memeq() for checking relay cell integrity.
-      This removes a possible performance bottleneck. Fixes part of bug
-      12169; bugfix on 0.2.1.31.
-

changes/bug12170

@@ -1,11 +0,0 @@
-  o Major bugfixes (performance):
-    - Do not recompute whether we have sufficient information to build
-      circuits every time we make a successful connection. Previously,
-      we would forget our cached value for this flag every time we
-      successfully opened a channel (or marked a router as running or not
-      running for any
-      other reason), regardless of whether we had
-      previously believed the router to be running. This forced us to
-      run a fairly expensive update operation with relatively
-      high frequency.
-      Fixes bug 12170; bugfix on 0.1.2.1-alpha.

changes/bug12184_diagnostic

@@ -1,4 +0,0 @@
-  o Minor features (diagnostic):
-    - Add significant new logging code to attempt to diagnose bug 12184,
-      where relays seem to run out of available circuit IDs.
-

changes/bug12191

@@ -1,7 +0,0 @@
-  o Minor bugfixes:
-
-    - We now drop CREATE cells for already-existent circuit IDs and
-      for zero-valued circuit IDs, regardless of other factors that
-      might otherwise have called for DESTROY cells.  Fixes bug 12191;
-      bugfix on 0.0.8pre1.
-

changes/bug12195

@@ -1,7 +0,0 @@
-  o Major bugfixes:
-    - When a circuit accidentally has the same circuit ID for its
-      forward and reverse direction, correctly detect the direction of
-      cells using that circuit. Previously, this would have made
-      roughly one circuit in a million non-functional. Fixes bug
-      12195; this is a bugfix on every version of Tor.
-

changes/bug12227

@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Avoid an illegal read from stack when initializing the TLS
-      module using a version of OpenSSL without all of the ciphers
-      used by the v2 link handshake. Fixes bug 12227; bugfix on
-      0.2.4.8-alpha.  Found by "starlight".

changes/bug6799

@@ -1,20 +0,0 @@
-  o Major features:
-
-    - Increase the base amount of time that a canonical connection
-      (one that we have made to a known OR) is allowed to stay idle
-      from 3 minutes to 15 minutes.  This leaks less information
-      about when circuits have closed, and avoids unnecessary overhead
-      from renegotiating connections. Part of a fix for ticket 6799.
-
-    - Instead of closing connections after they have been idle for a
-      fixed interval, randomly add up to 50% to each connection's
-      maximum timeout. This makes it harder to tell when the last
-      circuit closed by looking at when a connection closes. Part of a
-      fix for ticket 6799.
-
-    - Base connection idleness tests on the actual time elapsed since
-      the connection last had circuits, not on the time when we last
-      added non-padding. This change also makes it harder for an
-      observer to tell when the last circuit closed by looking at when
-      a connection closes. Part of a fix for ticket 6799.
-      Incidentally fixes bug 12023; bugfix on 0.2.5.1-alpha.

changes/bug8746

@@ -1,4 +0,0 @@
-  o Major bugfixes:
-    - When managing pluggable transports, use OS notification facilities to
-      learn if they have crashed, and do not attempt to kill any process
-      that has already exited. Fix for bug 8746; bugfix on 0.2.3.6-alpha.

changes/geoip6-june2014

@@ -1,2 +0,0 @@
-  o Minor features:
-    - Update geoip and geoip6 to the June 4 2014 Maxmind GeoLite2 Country database.

changes/more_8387_diagnosis

@@ -1,4 +0,0 @@
-  o Minor features (diagnostic):
-    - Improve the diagnostic log message for bug #8387 even further to
-      try to improve our odds of figuring out why one-hop directory
-      circuits sometimes do not get closed.

changes/move-authdir-options

@@ -1,4 +0,0 @@
-   o Documentation:
-     - In the manpage, move more authority-only options into the
-       directory authority section so that operators of regular
-       directory caches don't get confused.

changes/not_bug_8093

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - When rejecting DATA cells for stream_id zero, still count them against
-      the circuit's deliver window so that we don't get fail to send a
-      SENDME.  Fix for bug 11246; bugfix on 0.2.4.10-alpha.

scripts/maint/format_changelog.py

@@ -270,7 +270,16 @@ class ChangeLog(object):
 CL = ChangeLog()
 parser = head_parser
 
-sys.stdin = open('ChangeLog', 'r')
+if len(sys.argv) == 1:
+    fname = 'ChangeLog'
+else:
+    fname = sys.argv[1]
+
+fname_new = fname+".new"
+
+sys.stdin = open(fname, 'r')
+
+nextline = None
 
 for line in sys.stdin:
     line = line.rstrip()
@@ -286,13 +295,14 @@ for line in sys.stdin:
 
 CL.lint()
 
-sys.stdout = open('ChangeLog.new', 'w')
+sys.stdout = open(fname_new, 'w')
 
 CL.dump()
 
-print nextline
+if nextline is not None:
+    print nextline
 
 for line in sys.stdin:
     sys.stdout.write(line)
 
-os.rename('ChangeLog.new', 'ChangeLog')
+os.rename(fname_new, fname)

scripts/maint/sortChanges.py

@@ -1,4 +1,13 @@
 #!/usr/bin/python
+# Copyright (c) 2014, The Tor Project, Inc.
+# See LICENSE for licensing information
+
+"""This script sorts a bunch of changes files listed on its command
+   line into roughly the order in which they should appear in the
+   changelog.
+
+   TODO: collation support.
+"""
 
 import re
 import sys