ReleaseNotes 939 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960296129622963296429652966296729682969297029712972297329742975297629772978297929802981298229832984298529862987298829892990299129922993299429952996299729982999300030013002300330043005300630073008300930103011301230133014301530163017301830193020302130223023302430253026302730283029303030313032303330343035303630373038303930403041304230433044304530463047304830493050305130523053305430553056305730583059306030613062306330643065306630673068306930703071307230733074307530763077307830793080308130823083308430853086308730883089309030913092309330943095309630973098309931003101310231033104310531063107310831093110311131123113311431153116311731183119312031213122312331243125312631273128312931303131313231333134313531363137313831393140314131423143314431453146314731483149315031513152315331543155315631573158315931603161316231633164316531663167316831693170317131723173317431753176317731783179318031813182318331843185318631873188318931903191319231933194319531963197319831993200320132023203320432053206320732083209321032113212321332143215321632173218321932203221322232233224322532263227322832293230323132323233323432353236323732383239324032413242324332443245324632473248324932503251325232533254325532563257325832593260326132623263326432653266326732683269327032713272327332743275327632773278327932803281328232833284328532863287328832893290329132923293329432953296329732983299330033013302330333043305330633073308330933103311331233133314331533163317331833193320332133223323332433253326332733283329333033313332333333343335333633373338333933403341334233433344334533463347334833493350335133523353335433553356335733583359336033613362336333643365336633673368336933703371337233733374337533763377337833793380338133823383338433853386338733883389339033913392339333943395339633973398339934003401340234033404340534063407340834093410341134123413341434153416341734183419342034213422342334243425342634273428342934303431343234333434343534363437343834393440344134423443344434453446344734483449345034513452345334543455345634573458345934603461346234633464346534663467346834693470347134723473347434753476347734783479348034813482348334843485348634873488348934903491349234933494349534963497349834993500350135023503350435053506350735083509351035113512351335143515351635173518351935203521352235233524352535263527352835293530353135323533353435353536353735383539354035413542354335443545354635473548354935503551355235533554355535563557355835593560356135623563356435653566356735683569357035713572357335743575357635773578357935803581358235833584358535863587358835893590359135923593359435953596359735983599360036013602360336043605360636073608360936103611361236133614361536163617361836193620362136223623362436253626362736283629363036313632363336343635363636373638363936403641364236433644364536463647364836493650365136523653365436553656365736583659366036613662366336643665366636673668366936703671367236733674367536763677367836793680368136823683368436853686368736883689369036913692369336943695369636973698369937003701370237033704370537063707370837093710371137123713371437153716371737183719372037213722372337243725372637273728372937303731373237333734373537363737373837393740374137423743374437453746374737483749375037513752375337543755375637573758375937603761376237633764376537663767376837693770377137723773377437753776377737783779378037813782378337843785378637873788378937903791379237933794379537963797379837993800380138023803380438053806380738083809381038113812381338143815381638173818381938203821382238233824382538263827382838293830383138323833383438353836383738383839384038413842384338443845384638473848384938503851385238533854385538563857385838593860386138623863386438653866386738683869387038713872387338743875387638773878387938803881388238833884388538863887388838893890389138923893389438953896389738983899390039013902390339043905390639073908390939103911391239133914391539163917391839193920392139223923392439253926392739283929393039313932393339343935393639373938393939403941394239433944394539463947394839493950395139523953395439553956395739583959396039613962396339643965396639673968396939703971397239733974397539763977397839793980398139823983398439853986398739883989399039913992399339943995399639973998399940004001400240034004400540064007400840094010401140124013401440154016401740184019402040214022402340244025402640274028402940304031403240334034403540364037403840394040404140424043404440454046404740484049405040514052405340544055405640574058405940604061406240634064406540664067406840694070407140724073407440754076407740784079408040814082408340844085408640874088408940904091409240934094409540964097409840994100410141024103410441054106410741084109411041114112411341144115411641174118411941204121412241234124412541264127412841294130413141324133413441354136413741384139414041414142414341444145414641474148414941504151415241534154415541564157415841594160416141624163416441654166416741684169417041714172417341744175417641774178417941804181418241834184418541864187418841894190419141924193419441954196419741984199420042014202420342044205420642074208420942104211421242134214421542164217421842194220422142224223422442254226422742284229423042314232423342344235423642374238423942404241424242434244424542464247424842494250425142524253425442554256425742584259426042614262426342644265426642674268426942704271427242734274427542764277427842794280428142824283428442854286428742884289429042914292429342944295429642974298429943004301430243034304430543064307430843094310431143124313431443154316431743184319432043214322432343244325432643274328432943304331433243334334433543364337433843394340434143424343434443454346434743484349435043514352435343544355435643574358435943604361436243634364436543664367436843694370437143724373437443754376437743784379438043814382438343844385438643874388438943904391439243934394439543964397439843994400440144024403440444054406440744084409441044114412441344144415441644174418441944204421442244234424442544264427442844294430443144324433443444354436443744384439444044414442444344444445444644474448444944504451445244534454445544564457445844594460446144624463446444654466446744684469447044714472447344744475447644774478447944804481448244834484448544864487448844894490449144924493449444954496449744984499450045014502450345044505450645074508450945104511451245134514451545164517451845194520452145224523452445254526452745284529453045314532453345344535453645374538453945404541454245434544454545464547454845494550455145524553455445554556455745584559456045614562456345644565456645674568456945704571457245734574457545764577457845794580458145824583458445854586458745884589459045914592459345944595459645974598459946004601460246034604460546064607460846094610461146124613461446154616461746184619462046214622462346244625462646274628462946304631463246334634463546364637463846394640464146424643464446454646464746484649465046514652465346544655465646574658465946604661466246634664466546664667466846694670467146724673467446754676467746784679468046814682468346844685468646874688468946904691469246934694469546964697469846994700470147024703470447054706470747084709471047114712471347144715471647174718471947204721472247234724472547264727472847294730473147324733473447354736473747384739474047414742474347444745474647474748474947504751475247534754475547564757475847594760476147624763476447654766476747684769477047714772477347744775477647774778477947804781478247834784478547864787478847894790479147924793479447954796479747984799480048014802480348044805480648074808480948104811481248134814481548164817481848194820482148224823482448254826482748284829483048314832483348344835483648374838483948404841484248434844484548464847484848494850485148524853485448554856485748584859486048614862486348644865486648674868486948704871487248734874487548764877487848794880488148824883488448854886488748884889489048914892489348944895489648974898489949004901490249034904490549064907490849094910491149124913491449154916491749184919492049214922492349244925492649274928492949304931493249334934493549364937493849394940494149424943494449454946494749484949495049514952495349544955495649574958495949604961496249634964496549664967496849694970497149724973497449754976497749784979498049814982498349844985498649874988498949904991499249934994499549964997499849995000500150025003500450055006500750085009501050115012501350145015501650175018501950205021502250235024502550265027502850295030503150325033503450355036503750385039504050415042504350445045504650475048504950505051505250535054505550565057505850595060506150625063506450655066506750685069507050715072507350745075507650775078507950805081508250835084508550865087508850895090509150925093509450955096509750985099510051015102510351045105510651075108510951105111511251135114511551165117511851195120512151225123512451255126512751285129513051315132513351345135513651375138513951405141514251435144514551465147514851495150515151525153515451555156515751585159516051615162516351645165516651675168516951705171517251735174517551765177517851795180518151825183518451855186518751885189519051915192519351945195519651975198519952005201520252035204520552065207520852095210521152125213521452155216521752185219522052215222522352245225522652275228522952305231523252335234523552365237523852395240524152425243524452455246524752485249525052515252525352545255525652575258525952605261526252635264526552665267526852695270527152725273527452755276527752785279528052815282528352845285528652875288528952905291529252935294529552965297529852995300530153025303530453055306530753085309531053115312531353145315531653175318531953205321532253235324532553265327532853295330533153325333533453355336533753385339534053415342534353445345534653475348534953505351535253535354535553565357535853595360536153625363536453655366536753685369537053715372537353745375537653775378537953805381538253835384538553865387538853895390539153925393539453955396539753985399540054015402540354045405540654075408540954105411541254135414541554165417541854195420542154225423542454255426542754285429543054315432543354345435543654375438543954405441544254435444544554465447544854495450545154525453545454555456545754585459546054615462546354645465546654675468546954705471547254735474547554765477547854795480548154825483548454855486548754885489549054915492549354945495549654975498549955005501550255035504550555065507550855095510551155125513551455155516551755185519552055215522552355245525552655275528552955305531553255335534553555365537553855395540554155425543554455455546554755485549555055515552555355545555555655575558555955605561556255635564556555665567556855695570557155725573557455755576557755785579558055815582558355845585558655875588558955905591559255935594559555965597559855995600560156025603560456055606560756085609561056115612561356145615561656175618561956205621562256235624562556265627562856295630563156325633563456355636563756385639564056415642564356445645564656475648564956505651565256535654565556565657565856595660566156625663566456655666566756685669567056715672567356745675567656775678567956805681568256835684568556865687568856895690569156925693569456955696569756985699570057015702570357045705570657075708570957105711571257135714571557165717571857195720572157225723572457255726572757285729573057315732573357345735573657375738573957405741574257435744574557465747574857495750575157525753575457555756575757585759576057615762576357645765576657675768576957705771577257735774577557765777577857795780578157825783578457855786578757885789579057915792579357945795579657975798579958005801580258035804580558065807580858095810581158125813581458155816581758185819582058215822582358245825582658275828582958305831583258335834583558365837583858395840584158425843584458455846584758485849585058515852585358545855585658575858585958605861586258635864586558665867586858695870587158725873587458755876587758785879588058815882588358845885588658875888588958905891589258935894589558965897589858995900590159025903590459055906590759085909591059115912591359145915591659175918591959205921592259235924592559265927592859295930593159325933593459355936593759385939594059415942594359445945594659475948594959505951595259535954595559565957595859595960596159625963596459655966596759685969597059715972597359745975597659775978597959805981598259835984598559865987598859895990599159925993599459955996599759985999600060016002600360046005600660076008600960106011601260136014601560166017601860196020602160226023602460256026602760286029603060316032603360346035603660376038603960406041604260436044604560466047604860496050605160526053605460556056605760586059606060616062606360646065606660676068606960706071607260736074607560766077607860796080608160826083608460856086608760886089609060916092609360946095609660976098609961006101610261036104610561066107610861096110611161126113611461156116611761186119612061216122612361246125612661276128612961306131613261336134613561366137613861396140614161426143614461456146614761486149615061516152615361546155615661576158615961606161616261636164616561666167616861696170617161726173617461756176617761786179618061816182618361846185618661876188618961906191619261936194619561966197619861996200620162026203620462056206620762086209621062116212621362146215621662176218621962206221622262236224622562266227622862296230623162326233623462356236623762386239624062416242624362446245624662476248624962506251625262536254625562566257625862596260626162626263626462656266626762686269627062716272627362746275627662776278627962806281628262836284628562866287628862896290629162926293629462956296629762986299630063016302630363046305630663076308630963106311631263136314631563166317631863196320632163226323632463256326632763286329633063316332633363346335633663376338633963406341634263436344634563466347634863496350635163526353635463556356635763586359636063616362636363646365636663676368636963706371637263736374637563766377637863796380638163826383638463856386638763886389639063916392639363946395639663976398639964006401640264036404640564066407640864096410641164126413641464156416641764186419642064216422642364246425642664276428642964306431643264336434643564366437643864396440644164426443644464456446644764486449645064516452645364546455645664576458645964606461646264636464646564666467646864696470647164726473647464756476647764786479648064816482648364846485648664876488648964906491649264936494649564966497649864996500650165026503650465056506650765086509651065116512651365146515651665176518651965206521652265236524652565266527652865296530653165326533653465356536653765386539654065416542654365446545654665476548654965506551655265536554655565566557655865596560656165626563656465656566656765686569657065716572657365746575657665776578657965806581658265836584658565866587658865896590659165926593659465956596659765986599660066016602660366046605660666076608660966106611661266136614661566166617661866196620662166226623662466256626662766286629663066316632663366346635663666376638663966406641664266436644664566466647664866496650665166526653665466556656665766586659666066616662666366646665666666676668666966706671667266736674667566766677667866796680668166826683668466856686668766886689669066916692669366946695669666976698669967006701670267036704670567066707670867096710671167126713671467156716671767186719672067216722672367246725672667276728672967306731673267336734673567366737673867396740674167426743674467456746674767486749675067516752675367546755675667576758675967606761676267636764676567666767676867696770677167726773677467756776677767786779678067816782678367846785678667876788678967906791679267936794679567966797679867996800680168026803680468056806680768086809681068116812681368146815681668176818681968206821682268236824682568266827682868296830683168326833683468356836683768386839684068416842684368446845684668476848684968506851685268536854685568566857685868596860686168626863686468656866686768686869687068716872687368746875687668776878687968806881688268836884688568866887688868896890689168926893689468956896689768986899690069016902690369046905690669076908690969106911691269136914691569166917691869196920692169226923692469256926692769286929693069316932693369346935693669376938693969406941694269436944694569466947694869496950695169526953695469556956695769586959696069616962696369646965696669676968696969706971697269736974697569766977697869796980698169826983698469856986698769886989699069916992699369946995699669976998699970007001700270037004700570067007700870097010701170127013701470157016701770187019702070217022702370247025702670277028702970307031703270337034703570367037703870397040704170427043704470457046704770487049705070517052705370547055705670577058705970607061706270637064706570667067706870697070707170727073707470757076707770787079708070817082708370847085708670877088708970907091709270937094709570967097709870997100710171027103710471057106710771087109711071117112711371147115711671177118711971207121712271237124712571267127712871297130713171327133713471357136713771387139714071417142714371447145714671477148714971507151715271537154715571567157715871597160716171627163716471657166716771687169717071717172717371747175717671777178717971807181718271837184718571867187718871897190719171927193719471957196719771987199720072017202720372047205720672077208720972107211721272137214721572167217721872197220722172227223722472257226722772287229723072317232723372347235723672377238723972407241724272437244724572467247724872497250725172527253725472557256725772587259726072617262726372647265726672677268726972707271727272737274727572767277727872797280728172827283728472857286728772887289729072917292729372947295729672977298729973007301730273037304730573067307730873097310731173127313731473157316731773187319732073217322732373247325732673277328732973307331733273337334733573367337733873397340734173427343734473457346734773487349735073517352735373547355735673577358735973607361736273637364736573667367736873697370737173727373737473757376737773787379738073817382738373847385738673877388738973907391739273937394739573967397739873997400740174027403740474057406740774087409741074117412741374147415741674177418741974207421742274237424742574267427742874297430743174327433743474357436743774387439744074417442744374447445744674477448744974507451745274537454745574567457745874597460746174627463746474657466746774687469747074717472747374747475747674777478747974807481748274837484748574867487748874897490749174927493749474957496749774987499750075017502750375047505750675077508750975107511751275137514751575167517751875197520752175227523752475257526752775287529753075317532753375347535753675377538753975407541754275437544754575467547754875497550755175527553755475557556755775587559756075617562756375647565756675677568756975707571757275737574757575767577757875797580758175827583758475857586758775887589759075917592759375947595759675977598759976007601760276037604760576067607760876097610761176127613761476157616761776187619762076217622762376247625762676277628762976307631763276337634763576367637763876397640764176427643764476457646764776487649765076517652765376547655765676577658765976607661766276637664766576667667766876697670767176727673767476757676767776787679768076817682768376847685768676877688768976907691769276937694769576967697769876997700770177027703770477057706770777087709771077117712771377147715771677177718771977207721772277237724772577267727772877297730773177327733773477357736773777387739774077417742774377447745774677477748774977507751775277537754775577567757775877597760776177627763776477657766776777687769777077717772777377747775777677777778777977807781778277837784778577867787778877897790779177927793779477957796779777987799780078017802780378047805780678077808780978107811781278137814781578167817781878197820782178227823782478257826782778287829783078317832783378347835783678377838783978407841784278437844784578467847784878497850785178527853785478557856785778587859786078617862786378647865786678677868786978707871787278737874787578767877787878797880788178827883788478857886788778887889789078917892789378947895789678977898789979007901790279037904790579067907790879097910791179127913791479157916791779187919792079217922792379247925792679277928792979307931793279337934793579367937793879397940794179427943794479457946794779487949795079517952795379547955795679577958795979607961796279637964796579667967796879697970797179727973797479757976797779787979798079817982798379847985798679877988798979907991799279937994799579967997799879998000800180028003800480058006800780088009801080118012801380148015801680178018801980208021802280238024802580268027802880298030803180328033803480358036803780388039804080418042804380448045804680478048804980508051805280538054805580568057805880598060806180628063806480658066806780688069807080718072807380748075807680778078807980808081808280838084808580868087808880898090809180928093809480958096809780988099810081018102810381048105810681078108810981108111811281138114811581168117811881198120812181228123812481258126812781288129813081318132813381348135813681378138813981408141814281438144814581468147814881498150815181528153815481558156815781588159816081618162816381648165816681678168816981708171817281738174817581768177817881798180818181828183818481858186818781888189819081918192819381948195819681978198819982008201820282038204820582068207820882098210821182128213821482158216821782188219822082218222822382248225822682278228822982308231823282338234823582368237823882398240824182428243824482458246824782488249825082518252825382548255825682578258825982608261826282638264826582668267826882698270827182728273827482758276827782788279828082818282828382848285828682878288828982908291829282938294829582968297829882998300830183028303830483058306830783088309831083118312831383148315831683178318831983208321832283238324832583268327832883298330833183328333833483358336833783388339834083418342834383448345834683478348834983508351835283538354835583568357835883598360836183628363836483658366836783688369837083718372837383748375837683778378837983808381838283838384838583868387838883898390839183928393839483958396839783988399840084018402840384048405840684078408840984108411841284138414841584168417841884198420842184228423842484258426842784288429843084318432843384348435843684378438843984408441844284438444844584468447844884498450845184528453845484558456845784588459846084618462846384648465846684678468846984708471847284738474847584768477847884798480848184828483848484858486848784888489849084918492849384948495849684978498849985008501850285038504850585068507850885098510851185128513851485158516851785188519852085218522852385248525852685278528852985308531853285338534853585368537853885398540854185428543854485458546854785488549855085518552855385548555855685578558855985608561856285638564856585668567856885698570857185728573857485758576857785788579858085818582858385848585858685878588858985908591859285938594859585968597859885998600860186028603860486058606860786088609861086118612861386148615861686178618861986208621862286238624862586268627862886298630863186328633863486358636863786388639864086418642864386448645864686478648864986508651865286538654865586568657865886598660866186628663866486658666866786688669867086718672867386748675867686778678867986808681868286838684868586868687868886898690869186928693869486958696869786988699870087018702870387048705870687078708870987108711871287138714871587168717871887198720872187228723872487258726872787288729873087318732873387348735873687378738873987408741874287438744874587468747874887498750875187528753875487558756875787588759876087618762876387648765876687678768876987708771877287738774877587768777877887798780878187828783878487858786878787888789879087918792879387948795879687978798879988008801880288038804880588068807880888098810881188128813881488158816881788188819882088218822882388248825882688278828882988308831883288338834883588368837883888398840884188428843884488458846884788488849885088518852885388548855885688578858885988608861886288638864886588668867886888698870887188728873887488758876887788788879888088818882888388848885888688878888888988908891889288938894889588968897889888998900890189028903890489058906890789088909891089118912891389148915891689178918891989208921892289238924892589268927892889298930893189328933893489358936893789388939894089418942894389448945894689478948894989508951895289538954895589568957895889598960896189628963896489658966896789688969897089718972897389748975897689778978897989808981898289838984898589868987898889898990899189928993899489958996899789988999900090019002900390049005900690079008900990109011901290139014901590169017901890199020902190229023902490259026902790289029903090319032903390349035903690379038903990409041904290439044904590469047904890499050905190529053905490559056905790589059906090619062906390649065906690679068906990709071907290739074907590769077907890799080908190829083908490859086908790889089909090919092909390949095909690979098909991009101910291039104910591069107910891099110911191129113911491159116911791189119912091219122912391249125912691279128912991309131913291339134913591369137913891399140914191429143914491459146914791489149915091519152915391549155915691579158915991609161916291639164916591669167916891699170917191729173917491759176917791789179918091819182918391849185918691879188918991909191919291939194919591969197919891999200920192029203920492059206920792089209921092119212921392149215921692179218921992209221922292239224922592269227922892299230923192329233923492359236923792389239924092419242924392449245924692479248924992509251925292539254925592569257925892599260926192629263926492659266926792689269927092719272927392749275927692779278927992809281928292839284928592869287928892899290929192929293929492959296929792989299930093019302930393049305930693079308930993109311931293139314931593169317931893199320932193229323932493259326932793289329933093319332933393349335933693379338933993409341934293439344934593469347934893499350935193529353935493559356935793589359936093619362936393649365936693679368936993709371937293739374937593769377937893799380938193829383938493859386938793889389939093919392939393949395939693979398939994009401940294039404940594069407940894099410941194129413941494159416941794189419942094219422942394249425942694279428942994309431943294339434943594369437943894399440944194429443944494459446944794489449945094519452945394549455945694579458945994609461946294639464946594669467946894699470947194729473947494759476947794789479948094819482948394849485948694879488948994909491949294939494949594969497949894999500950195029503950495059506950795089509951095119512951395149515951695179518951995209521952295239524952595269527952895299530953195329533953495359536953795389539954095419542954395449545954695479548954995509551955295539554955595569557955895599560956195629563956495659566956795689569957095719572957395749575957695779578957995809581958295839584958595869587958895899590959195929593959495959596959795989599960096019602960396049605960696079608960996109611961296139614961596169617961896199620962196229623962496259626962796289629963096319632963396349635963696379638963996409641964296439644964596469647964896499650965196529653965496559656965796589659966096619662966396649665966696679668966996709671967296739674967596769677967896799680968196829683968496859686968796889689969096919692969396949695969696979698969997009701970297039704970597069707970897099710971197129713971497159716971797189719972097219722972397249725972697279728972997309731973297339734973597369737973897399740974197429743974497459746974797489749975097519752975397549755975697579758975997609761976297639764976597669767976897699770977197729773977497759776977797789779978097819782978397849785978697879788978997909791979297939794979597969797979897999800980198029803980498059806980798089809981098119812981398149815981698179818981998209821982298239824982598269827982898299830983198329833983498359836983798389839984098419842984398449845984698479848984998509851985298539854985598569857985898599860986198629863986498659866986798689869987098719872987398749875987698779878987998809881988298839884988598869887988898899890989198929893989498959896989798989899990099019902990399049905990699079908990999109911991299139914991599169917991899199920992199229923992499259926992799289929993099319932993399349935993699379938993999409941994299439944994599469947994899499950995199529953995499559956995799589959996099619962996399649965996699679968996999709971997299739974997599769977997899799980998199829983998499859986998799889989999099919992999399949995999699979998999910000100011000210003100041000510006100071000810009100101001110012100131001410015100161001710018100191002010021100221002310024100251002610027100281002910030100311003210033100341003510036100371003810039100401004110042100431004410045100461004710048100491005010051100521005310054100551005610057100581005910060100611006210063100641006510066100671006810069100701007110072100731007410075100761007710078100791008010081100821008310084100851008610087100881008910090100911009210093100941009510096100971009810099101001010110102101031010410105101061010710108101091011010111101121011310114101151011610117101181011910120101211012210123101241012510126101271012810129101301013110132101331013410135101361013710138101391014010141101421014310144101451014610147101481014910150101511015210153101541015510156101571015810159101601016110162101631016410165101661016710168101691017010171101721017310174101751017610177101781017910180101811018210183101841018510186101871018810189101901019110192101931019410195101961019710198101991020010201102021020310204102051020610207102081020910210102111021210213102141021510216102171021810219102201022110222102231022410225102261022710228102291023010231102321023310234102351023610237102381023910240102411024210243102441024510246102471024810249102501025110252102531025410255102561025710258102591026010261102621026310264102651026610267102681026910270102711027210273102741027510276102771027810279102801028110282102831028410285102861028710288102891029010291102921029310294102951029610297102981029910300103011030210303103041030510306103071030810309103101031110312103131031410315103161031710318103191032010321103221032310324103251032610327103281032910330103311033210333103341033510336103371033810339103401034110342103431034410345103461034710348103491035010351103521035310354103551035610357103581035910360103611036210363103641036510366103671036810369103701037110372103731037410375103761037710378103791038010381103821038310384103851038610387103881038910390103911039210393103941039510396103971039810399104001040110402104031040410405104061040710408104091041010411104121041310414104151041610417104181041910420104211042210423104241042510426104271042810429104301043110432104331043410435104361043710438104391044010441104421044310444104451044610447104481044910450104511045210453104541045510456104571045810459104601046110462104631046410465104661046710468104691047010471104721047310474104751047610477104781047910480104811048210483104841048510486104871048810489104901049110492104931049410495104961049710498104991050010501105021050310504105051050610507105081050910510105111051210513105141051510516105171051810519105201052110522105231052410525105261052710528105291053010531105321053310534105351053610537105381053910540105411054210543105441054510546105471054810549105501055110552105531055410555105561055710558105591056010561105621056310564105651056610567105681056910570105711057210573105741057510576105771057810579105801058110582105831058410585105861058710588105891059010591105921059310594105951059610597105981059910600106011060210603106041060510606106071060810609106101061110612106131061410615106161061710618106191062010621106221062310624106251062610627106281062910630106311063210633106341063510636106371063810639106401064110642106431064410645106461064710648106491065010651106521065310654106551065610657106581065910660106611066210663106641066510666106671066810669106701067110672106731067410675106761067710678106791068010681106821068310684106851068610687106881068910690106911069210693106941069510696106971069810699107001070110702107031070410705107061070710708107091071010711107121071310714107151071610717107181071910720107211072210723107241072510726107271072810729107301073110732107331073410735107361073710738107391074010741107421074310744107451074610747107481074910750107511075210753107541075510756107571075810759107601076110762107631076410765107661076710768107691077010771107721077310774107751077610777107781077910780107811078210783107841078510786107871078810789107901079110792107931079410795107961079710798107991080010801108021080310804108051080610807108081080910810108111081210813108141081510816108171081810819108201082110822108231082410825108261082710828108291083010831108321083310834108351083610837108381083910840108411084210843108441084510846108471084810849108501085110852108531085410855108561085710858108591086010861108621086310864108651086610867108681086910870108711087210873108741087510876108771087810879108801088110882108831088410885108861088710888108891089010891108921089310894108951089610897108981089910900109011090210903109041090510906109071090810909109101091110912109131091410915109161091710918109191092010921109221092310924109251092610927109281092910930109311093210933109341093510936109371093810939109401094110942109431094410945109461094710948109491095010951109521095310954109551095610957109581095910960109611096210963109641096510966109671096810969109701097110972109731097410975109761097710978109791098010981109821098310984109851098610987109881098910990109911099210993109941099510996109971099810999110001100111002110031100411005110061100711008110091101011011110121101311014110151101611017110181101911020110211102211023110241102511026110271102811029110301103111032110331103411035110361103711038110391104011041110421104311044110451104611047110481104911050110511105211053110541105511056110571105811059110601106111062110631106411065110661106711068110691107011071110721107311074110751107611077110781107911080110811108211083110841108511086110871108811089110901109111092110931109411095110961109711098110991110011101111021110311104111051110611107111081110911110111111111211113111141111511116111171111811119111201112111122111231112411125111261112711128111291113011131111321113311134111351113611137111381113911140111411114211143111441114511146111471114811149111501115111152111531115411155111561115711158111591116011161111621116311164111651116611167111681116911170111711117211173111741117511176111771117811179111801118111182111831118411185111861118711188111891119011191111921119311194111951119611197111981119911200112011120211203112041120511206112071120811209112101121111212112131121411215112161121711218112191122011221112221122311224112251122611227112281122911230112311123211233112341123511236112371123811239112401124111242112431124411245112461124711248112491125011251112521125311254112551125611257112581125911260112611126211263112641126511266112671126811269112701127111272112731127411275112761127711278112791128011281112821128311284112851128611287112881128911290112911129211293112941129511296112971129811299113001130111302113031130411305113061130711308113091131011311113121131311314113151131611317113181131911320113211132211323113241132511326113271132811329113301133111332113331133411335113361133711338113391134011341113421134311344113451134611347113481134911350113511135211353113541135511356113571135811359113601136111362113631136411365113661136711368113691137011371113721137311374113751137611377113781137911380113811138211383113841138511386113871138811389113901139111392113931139411395113961139711398113991140011401114021140311404114051140611407114081140911410114111141211413114141141511416114171141811419114201142111422114231142411425114261142711428114291143011431114321143311434114351143611437114381143911440114411144211443114441144511446114471144811449114501145111452114531145411455114561145711458114591146011461114621146311464114651146611467114681146911470114711147211473114741147511476114771147811479114801148111482114831148411485114861148711488114891149011491114921149311494114951149611497114981149911500115011150211503115041150511506115071150811509115101151111512115131151411515115161151711518115191152011521115221152311524115251152611527115281152911530115311153211533115341153511536115371153811539115401154111542115431154411545115461154711548115491155011551115521155311554115551155611557115581155911560115611156211563115641156511566115671156811569115701157111572115731157411575115761157711578115791158011581115821158311584115851158611587115881158911590115911159211593115941159511596115971159811599116001160111602116031160411605116061160711608116091161011611116121161311614116151161611617116181161911620116211162211623116241162511626116271162811629116301163111632116331163411635116361163711638116391164011641116421164311644116451164611647116481164911650116511165211653116541165511656116571165811659116601166111662116631166411665116661166711668116691167011671116721167311674116751167611677116781167911680116811168211683116841168511686116871168811689116901169111692116931169411695116961169711698116991170011701117021170311704117051170611707117081170911710117111171211713117141171511716117171171811719117201172111722117231172411725117261172711728117291173011731117321173311734117351173611737117381173911740117411174211743117441174511746117471174811749117501175111752117531175411755117561175711758117591176011761117621176311764117651176611767117681176911770117711177211773117741177511776117771177811779117801178111782117831178411785117861178711788117891179011791117921179311794117951179611797117981179911800118011180211803118041180511806118071180811809118101181111812118131181411815118161181711818118191182011821118221182311824118251182611827118281182911830118311183211833118341183511836118371183811839118401184111842118431184411845118461184711848118491185011851118521185311854118551185611857118581185911860118611186211863118641186511866118671186811869118701187111872118731187411875118761187711878118791188011881118821188311884118851188611887118881188911890118911189211893118941189511896118971189811899119001190111902119031190411905119061190711908119091191011911119121191311914119151191611917119181191911920119211192211923119241192511926119271192811929119301193111932119331193411935119361193711938119391194011941119421194311944119451194611947119481194911950119511195211953119541195511956119571195811959119601196111962119631196411965119661196711968119691197011971119721197311974119751197611977119781197911980119811198211983119841198511986119871198811989119901199111992119931199411995119961199711998119991200012001120021200312004120051200612007120081200912010120111201212013120141201512016120171201812019120201202112022120231202412025120261202712028120291203012031120321203312034120351203612037120381203912040120411204212043120441204512046120471204812049120501205112052120531205412055120561205712058120591206012061120621206312064120651206612067120681206912070120711207212073120741207512076120771207812079120801208112082120831208412085120861208712088120891209012091120921209312094120951209612097120981209912100121011210212103121041210512106121071210812109121101211112112121131211412115121161211712118121191212012121121221212312124121251212612127121281212912130121311213212133121341213512136121371213812139121401214112142121431214412145121461214712148121491215012151121521215312154121551215612157121581215912160121611216212163121641216512166121671216812169121701217112172121731217412175121761217712178121791218012181121821218312184121851218612187121881218912190121911219212193121941219512196121971219812199122001220112202122031220412205122061220712208122091221012211122121221312214122151221612217122181221912220122211222212223122241222512226122271222812229122301223112232122331223412235122361223712238122391224012241122421224312244122451224612247122481224912250122511225212253122541225512256122571225812259122601226112262122631226412265122661226712268122691227012271122721227312274122751227612277122781227912280122811228212283122841228512286122871228812289122901229112292122931229412295122961229712298122991230012301123021230312304123051230612307123081230912310123111231212313123141231512316123171231812319123201232112322123231232412325123261232712328123291233012331123321233312334123351233612337123381233912340123411234212343123441234512346123471234812349123501235112352123531235412355123561235712358123591236012361123621236312364123651236612367123681236912370123711237212373123741237512376123771237812379123801238112382123831238412385123861238712388123891239012391123921239312394123951239612397123981239912400124011240212403124041240512406124071240812409124101241112412124131241412415124161241712418124191242012421124221242312424124251242612427124281242912430124311243212433124341243512436124371243812439124401244112442124431244412445124461244712448124491245012451124521245312454124551245612457124581245912460124611246212463124641246512466124671246812469124701247112472124731247412475124761247712478124791248012481124821248312484124851248612487124881248912490124911249212493124941249512496124971249812499125001250112502125031250412505125061250712508125091251012511125121251312514125151251612517125181251912520125211252212523125241252512526125271252812529125301253112532125331253412535125361253712538125391254012541125421254312544125451254612547125481254912550125511255212553125541255512556125571255812559125601256112562125631256412565125661256712568125691257012571125721257312574125751257612577125781257912580125811258212583125841258512586125871258812589125901259112592125931259412595125961259712598125991260012601126021260312604126051260612607126081260912610126111261212613126141261512616126171261812619126201262112622126231262412625126261262712628126291263012631126321263312634126351263612637126381263912640126411264212643126441264512646126471264812649126501265112652126531265412655126561265712658126591266012661126621266312664126651266612667126681266912670126711267212673126741267512676126771267812679126801268112682126831268412685126861268712688126891269012691126921269312694126951269612697126981269912700127011270212703127041270512706127071270812709127101271112712127131271412715127161271712718127191272012721127221272312724127251272612727127281272912730127311273212733127341273512736127371273812739127401274112742127431274412745127461274712748127491275012751127521275312754127551275612757127581275912760127611276212763127641276512766127671276812769127701277112772127731277412775127761277712778127791278012781127821278312784127851278612787127881278912790127911279212793127941279512796127971279812799128001280112802128031280412805128061280712808128091281012811128121281312814128151281612817128181281912820128211282212823128241282512826128271282812829128301283112832128331283412835128361283712838128391284012841128421284312844128451284612847128481284912850128511285212853128541285512856128571285812859128601286112862128631286412865128661286712868128691287012871128721287312874128751287612877128781287912880128811288212883128841288512886128871288812889128901289112892128931289412895128961289712898128991290012901129021290312904129051290612907129081290912910129111291212913129141291512916129171291812919129201292112922129231292412925129261292712928129291293012931129321293312934129351293612937129381293912940129411294212943129441294512946129471294812949129501295112952129531295412955129561295712958129591296012961129621296312964129651296612967129681296912970129711297212973129741297512976129771297812979129801298112982129831298412985129861298712988129891299012991129921299312994129951299612997129981299913000130011300213003130041300513006130071300813009130101301113012130131301413015130161301713018130191302013021130221302313024130251302613027130281302913030130311303213033130341303513036130371303813039130401304113042130431304413045130461304713048130491305013051130521305313054130551305613057130581305913060130611306213063130641306513066130671306813069130701307113072130731307413075130761307713078130791308013081130821308313084130851308613087130881308913090130911309213093130941309513096130971309813099131001310113102131031310413105131061310713108131091311013111131121311313114131151311613117131181311913120131211312213123131241312513126131271312813129131301313113132131331313413135131361313713138131391314013141131421314313144131451314613147131481314913150131511315213153131541315513156131571315813159131601316113162131631316413165131661316713168131691317013171131721317313174131751317613177131781317913180131811318213183131841318513186131871318813189131901319113192131931319413195131961319713198131991320013201132021320313204132051320613207132081320913210132111321213213132141321513216132171321813219132201322113222132231322413225132261322713228132291323013231132321323313234132351323613237132381323913240132411324213243132441324513246132471324813249132501325113252132531325413255132561325713258132591326013261132621326313264132651326613267132681326913270132711327213273132741327513276132771327813279132801328113282132831328413285132861328713288132891329013291132921329313294132951329613297132981329913300133011330213303133041330513306133071330813309133101331113312133131331413315133161331713318133191332013321133221332313324133251332613327133281332913330133311333213333133341333513336133371333813339133401334113342133431334413345133461334713348133491335013351133521335313354133551335613357133581335913360133611336213363133641336513366133671336813369133701337113372133731337413375133761337713378133791338013381133821338313384133851338613387133881338913390133911339213393133941339513396133971339813399134001340113402134031340413405134061340713408134091341013411134121341313414134151341613417134181341913420134211342213423134241342513426134271342813429134301343113432134331343413435134361343713438134391344013441134421344313444134451344613447134481344913450134511345213453134541345513456134571345813459134601346113462134631346413465134661346713468134691347013471134721347313474134751347613477134781347913480134811348213483134841348513486134871348813489134901349113492134931349413495134961349713498134991350013501135021350313504135051350613507135081350913510135111351213513135141351513516135171351813519135201352113522135231352413525135261352713528135291353013531135321353313534135351353613537135381353913540135411354213543135441354513546135471354813549135501355113552135531355413555135561355713558135591356013561135621356313564135651356613567135681356913570135711357213573135741357513576135771357813579135801358113582135831358413585135861358713588135891359013591135921359313594135951359613597135981359913600136011360213603136041360513606136071360813609136101361113612136131361413615136161361713618136191362013621136221362313624136251362613627136281362913630136311363213633136341363513636136371363813639136401364113642136431364413645136461364713648136491365013651136521365313654136551365613657136581365913660136611366213663136641366513666136671366813669136701367113672136731367413675136761367713678136791368013681136821368313684136851368613687136881368913690136911369213693136941369513696136971369813699137001370113702137031370413705137061370713708137091371013711137121371313714137151371613717137181371913720137211372213723137241372513726137271372813729137301373113732137331373413735137361373713738137391374013741137421374313744137451374613747137481374913750137511375213753137541375513756137571375813759137601376113762137631376413765137661376713768137691377013771137721377313774137751377613777137781377913780137811378213783137841378513786137871378813789137901379113792137931379413795137961379713798137991380013801138021380313804138051380613807138081380913810138111381213813138141381513816138171381813819138201382113822138231382413825138261382713828138291383013831138321383313834138351383613837138381383913840138411384213843138441384513846138471384813849138501385113852138531385413855138561385713858138591386013861138621386313864138651386613867138681386913870138711387213873138741387513876138771387813879138801388113882138831388413885138861388713888138891389013891138921389313894138951389613897138981389913900139011390213903139041390513906139071390813909139101391113912139131391413915139161391713918139191392013921139221392313924139251392613927139281392913930139311393213933139341393513936139371393813939139401394113942139431394413945139461394713948139491395013951139521395313954139551395613957139581395913960139611396213963139641396513966139671396813969139701397113972139731397413975139761397713978139791398013981139821398313984139851398613987139881398913990139911399213993139941399513996139971399813999140001400114002140031400414005140061400714008140091401014011140121401314014140151401614017140181401914020140211402214023140241402514026140271402814029140301403114032140331403414035140361403714038140391404014041140421404314044140451404614047140481404914050140511405214053140541405514056140571405814059140601406114062140631406414065140661406714068140691407014071140721407314074140751407614077140781407914080140811408214083140841408514086140871408814089140901409114092140931409414095140961409714098140991410014101141021410314104141051410614107141081410914110141111411214113141141411514116141171411814119141201412114122141231412414125141261412714128141291413014131141321413314134141351413614137141381413914140141411414214143141441414514146141471414814149141501415114152141531415414155141561415714158141591416014161141621416314164141651416614167141681416914170141711417214173141741417514176141771417814179141801418114182141831418414185141861418714188141891419014191141921419314194141951419614197141981419914200142011420214203142041420514206142071420814209142101421114212142131421414215142161421714218142191422014221142221422314224142251422614227142281422914230142311423214233142341423514236142371423814239142401424114242142431424414245142461424714248142491425014251142521425314254142551425614257142581425914260142611426214263142641426514266142671426814269142701427114272142731427414275142761427714278142791428014281142821428314284142851428614287142881428914290142911429214293142941429514296142971429814299143001430114302143031430414305143061430714308143091431014311143121431314314143151431614317143181431914320143211432214323143241432514326143271432814329143301433114332143331433414335143361433714338143391434014341143421434314344143451434614347143481434914350143511435214353143541435514356143571435814359143601436114362143631436414365143661436714368143691437014371143721437314374143751437614377143781437914380143811438214383143841438514386143871438814389143901439114392143931439414395143961439714398143991440014401144021440314404144051440614407144081440914410144111441214413144141441514416144171441814419144201442114422144231442414425144261442714428144291443014431144321443314434144351443614437144381443914440144411444214443144441444514446144471444814449144501445114452144531445414455144561445714458144591446014461144621446314464144651446614467144681446914470144711447214473144741447514476144771447814479144801448114482144831448414485144861448714488144891449014491144921449314494144951449614497144981449914500145011450214503145041450514506145071450814509145101451114512145131451414515145161451714518145191452014521145221452314524145251452614527145281452914530145311453214533145341453514536145371453814539145401454114542145431454414545145461454714548145491455014551145521455314554145551455614557145581455914560145611456214563145641456514566145671456814569145701457114572145731457414575145761457714578145791458014581145821458314584145851458614587145881458914590145911459214593145941459514596145971459814599146001460114602146031460414605146061460714608146091461014611146121461314614146151461614617146181461914620146211462214623146241462514626146271462814629146301463114632146331463414635146361463714638146391464014641146421464314644146451464614647146481464914650146511465214653146541465514656146571465814659146601466114662146631466414665146661466714668146691467014671146721467314674146751467614677146781467914680146811468214683146841468514686146871468814689146901469114692146931469414695146961469714698146991470014701147021470314704147051470614707147081470914710147111471214713147141471514716147171471814719147201472114722147231472414725147261472714728147291473014731147321473314734147351473614737147381473914740147411474214743147441474514746147471474814749147501475114752147531475414755147561475714758147591476014761147621476314764147651476614767147681476914770147711477214773147741477514776147771477814779147801478114782147831478414785147861478714788147891479014791147921479314794147951479614797147981479914800148011480214803148041480514806148071480814809148101481114812148131481414815148161481714818148191482014821148221482314824148251482614827148281482914830148311483214833148341483514836148371483814839148401484114842148431484414845148461484714848148491485014851148521485314854148551485614857148581485914860148611486214863148641486514866148671486814869148701487114872148731487414875148761487714878148791488014881148821488314884148851488614887148881488914890148911489214893148941489514896148971489814899149001490114902149031490414905149061490714908149091491014911149121491314914149151491614917149181491914920149211492214923149241492514926149271492814929149301493114932149331493414935149361493714938149391494014941149421494314944149451494614947149481494914950149511495214953149541495514956149571495814959149601496114962149631496414965149661496714968149691497014971149721497314974149751497614977149781497914980149811498214983149841498514986149871498814989149901499114992149931499414995149961499714998149991500015001150021500315004150051500615007150081500915010150111501215013150141501515016150171501815019150201502115022150231502415025150261502715028150291503015031150321503315034150351503615037150381503915040150411504215043150441504515046150471504815049150501505115052150531505415055150561505715058150591506015061150621506315064150651506615067150681506915070150711507215073150741507515076150771507815079150801508115082150831508415085150861508715088150891509015091150921509315094150951509615097150981509915100151011510215103151041510515106151071510815109151101511115112151131511415115151161511715118151191512015121151221512315124151251512615127151281512915130151311513215133151341513515136151371513815139151401514115142151431514415145151461514715148151491515015151151521515315154151551515615157151581515915160151611516215163151641516515166151671516815169151701517115172151731517415175151761517715178151791518015181151821518315184151851518615187151881518915190151911519215193151941519515196151971519815199152001520115202152031520415205152061520715208152091521015211152121521315214152151521615217152181521915220152211522215223152241522515226152271522815229152301523115232152331523415235152361523715238152391524015241152421524315244152451524615247152481524915250152511525215253152541525515256152571525815259152601526115262152631526415265152661526715268152691527015271152721527315274152751527615277152781527915280152811528215283152841528515286152871528815289152901529115292152931529415295152961529715298152991530015301153021530315304153051530615307153081530915310153111531215313153141531515316153171531815319153201532115322153231532415325153261532715328153291533015331153321533315334153351533615337153381533915340153411534215343153441534515346153471534815349153501535115352153531535415355153561535715358153591536015361153621536315364153651536615367153681536915370153711537215373153741537515376153771537815379153801538115382153831538415385153861538715388153891539015391153921539315394153951539615397153981539915400154011540215403154041540515406154071540815409154101541115412154131541415415154161541715418154191542015421154221542315424154251542615427154281542915430154311543215433154341543515436154371543815439154401544115442154431544415445154461544715448154491545015451154521545315454154551545615457154581545915460154611546215463154641546515466154671546815469154701547115472154731547415475154761547715478154791548015481154821548315484154851548615487154881548915490154911549215493154941549515496154971549815499155001550115502155031550415505155061550715508155091551015511155121551315514155151551615517155181551915520155211552215523155241552515526155271552815529155301553115532155331553415535155361553715538155391554015541155421554315544155451554615547155481554915550155511555215553155541555515556155571555815559155601556115562155631556415565155661556715568155691557015571155721557315574155751557615577155781557915580155811558215583155841558515586155871558815589155901559115592155931559415595155961559715598155991560015601156021560315604156051560615607156081560915610156111561215613156141561515616156171561815619156201562115622156231562415625156261562715628156291563015631156321563315634156351563615637156381563915640156411564215643156441564515646156471564815649156501565115652156531565415655156561565715658156591566015661156621566315664156651566615667156681566915670156711567215673156741567515676156771567815679156801568115682156831568415685156861568715688156891569015691156921569315694156951569615697156981569915700157011570215703157041570515706157071570815709157101571115712157131571415715157161571715718157191572015721157221572315724157251572615727157281572915730157311573215733157341573515736157371573815739157401574115742157431574415745157461574715748157491575015751157521575315754157551575615757157581575915760157611576215763157641576515766157671576815769157701577115772157731577415775157761577715778157791578015781157821578315784157851578615787157881578915790157911579215793157941579515796157971579815799158001580115802158031580415805158061580715808158091581015811158121581315814158151581615817158181581915820158211582215823158241582515826158271582815829158301583115832158331583415835158361583715838158391584015841158421584315844158451584615847158481584915850158511585215853158541585515856158571585815859158601586115862158631586415865158661586715868158691587015871158721587315874158751587615877158781587915880158811588215883158841588515886158871588815889158901589115892158931589415895158961589715898158991590015901159021590315904159051590615907159081590915910159111591215913159141591515916159171591815919159201592115922159231592415925159261592715928159291593015931159321593315934159351593615937159381593915940159411594215943159441594515946159471594815949159501595115952159531595415955159561595715958159591596015961159621596315964159651596615967159681596915970159711597215973159741597515976159771597815979159801598115982159831598415985159861598715988159891599015991159921599315994159951599615997159981599916000160011600216003160041600516006160071600816009160101601116012160131601416015160161601716018160191602016021160221602316024160251602616027160281602916030160311603216033160341603516036160371603816039160401604116042160431604416045160461604716048160491605016051160521605316054160551605616057160581605916060160611606216063160641606516066160671606816069160701607116072160731607416075160761607716078160791608016081160821608316084160851608616087160881608916090160911609216093160941609516096160971609816099161001610116102161031610416105161061610716108161091611016111161121611316114161151611616117161181611916120161211612216123161241612516126161271612816129161301613116132161331613416135161361613716138161391614016141161421614316144161451614616147161481614916150161511615216153161541615516156161571615816159161601616116162161631616416165161661616716168161691617016171161721617316174161751617616177161781617916180161811618216183161841618516186161871618816189161901619116192161931619416195161961619716198161991620016201162021620316204162051620616207162081620916210162111621216213162141621516216162171621816219162201622116222162231622416225162261622716228162291623016231162321623316234162351623616237162381623916240162411624216243162441624516246162471624816249162501625116252162531625416255162561625716258162591626016261162621626316264162651626616267162681626916270162711627216273162741627516276162771627816279162801628116282162831628416285162861628716288162891629016291162921629316294162951629616297162981629916300163011630216303163041630516306163071630816309163101631116312163131631416315163161631716318163191632016321163221632316324163251632616327163281632916330163311633216333163341633516336163371633816339163401634116342163431634416345163461634716348163491635016351163521635316354163551635616357163581635916360163611636216363163641636516366163671636816369163701637116372163731637416375163761637716378163791638016381163821638316384163851638616387163881638916390163911639216393163941639516396163971639816399164001640116402164031640416405164061640716408164091641016411164121641316414164151641616417164181641916420164211642216423164241642516426164271642816429164301643116432164331643416435164361643716438164391644016441164421644316444164451644616447164481644916450164511645216453164541645516456164571645816459164601646116462164631646416465164661646716468164691647016471164721647316474164751647616477164781647916480164811648216483164841648516486164871648816489164901649116492164931649416495164961649716498164991650016501165021650316504165051650616507165081650916510165111651216513165141651516516165171651816519165201652116522165231652416525165261652716528165291653016531165321653316534165351653616537165381653916540165411654216543165441654516546165471654816549165501655116552165531655416555165561655716558165591656016561165621656316564165651656616567165681656916570165711657216573165741657516576165771657816579165801658116582165831658416585165861658716588165891659016591165921659316594165951659616597165981659916600166011660216603166041660516606166071660816609166101661116612166131661416615166161661716618166191662016621166221662316624166251662616627166281662916630166311663216633166341663516636166371663816639166401664116642166431664416645166461664716648166491665016651166521665316654166551665616657166581665916660166611666216663166641666516666166671666816669166701667116672166731667416675166761667716678166791668016681166821668316684166851668616687166881668916690166911669216693166941669516696166971669816699167001670116702167031670416705167061670716708167091671016711167121671316714167151671616717167181671916720167211672216723167241672516726167271672816729167301673116732167331673416735167361673716738167391674016741167421674316744167451674616747167481674916750167511675216753167541675516756167571675816759167601676116762167631676416765167661676716768167691677016771167721677316774167751677616777167781677916780167811678216783167841678516786167871678816789167901679116792167931679416795167961679716798167991680016801168021680316804168051680616807168081680916810168111681216813168141681516816168171681816819168201682116822168231682416825168261682716828168291683016831168321683316834168351683616837168381683916840168411684216843168441684516846168471684816849168501685116852168531685416855168561685716858168591686016861168621686316864168651686616867168681686916870168711687216873168741687516876168771687816879168801688116882168831688416885168861688716888168891689016891168921689316894168951689616897168981689916900169011690216903169041690516906169071690816909169101691116912169131691416915169161691716918169191692016921169221692316924169251692616927169281692916930169311693216933169341693516936169371693816939169401694116942169431694416945169461694716948169491695016951169521695316954169551695616957169581695916960169611696216963169641696516966169671696816969169701697116972169731697416975169761697716978169791698016981169821698316984169851698616987169881698916990169911699216993169941699516996169971699816999170001700117002170031700417005170061700717008170091701017011170121701317014170151701617017170181701917020170211702217023170241702517026170271702817029170301703117032170331703417035170361703717038170391704017041170421704317044170451704617047170481704917050170511705217053170541705517056170571705817059170601706117062170631706417065170661706717068170691707017071170721707317074170751707617077170781707917080170811708217083170841708517086170871708817089170901709117092170931709417095170961709717098170991710017101171021710317104171051710617107171081710917110171111711217113171141711517116171171711817119171201712117122171231712417125171261712717128171291713017131171321713317134171351713617137171381713917140171411714217143171441714517146171471714817149171501715117152171531715417155171561715717158171591716017161171621716317164171651716617167171681716917170171711717217173171741717517176171771717817179171801718117182171831718417185171861718717188171891719017191171921719317194171951719617197171981719917200172011720217203172041720517206172071720817209172101721117212172131721417215172161721717218172191722017221172221722317224172251722617227172281722917230172311723217233172341723517236172371723817239172401724117242172431724417245172461724717248172491725017251172521725317254172551725617257172581725917260172611726217263172641726517266172671726817269172701727117272172731727417275172761727717278172791728017281172821728317284172851728617287172881728917290172911729217293172941729517296172971729817299173001730117302173031730417305173061730717308173091731017311173121731317314173151731617317173181731917320173211732217323173241732517326173271732817329173301733117332173331733417335173361733717338173391734017341173421734317344173451734617347173481734917350173511735217353173541735517356173571735817359173601736117362173631736417365173661736717368173691737017371173721737317374173751737617377173781737917380173811738217383173841738517386173871738817389173901739117392173931739417395173961739717398173991740017401174021740317404174051740617407174081740917410174111741217413174141741517416174171741817419174201742117422174231742417425174261742717428174291743017431174321743317434174351743617437174381743917440174411744217443174441744517446174471744817449174501745117452174531745417455174561745717458174591746017461174621746317464174651746617467174681746917470174711747217473174741747517476174771747817479174801748117482174831748417485174861748717488174891749017491174921749317494174951749617497174981749917500175011750217503175041750517506175071750817509175101751117512175131751417515175161751717518175191752017521175221752317524175251752617527175281752917530175311753217533175341753517536175371753817539175401754117542175431754417545175461754717548175491755017551175521755317554175551755617557175581755917560175611756217563175641756517566175671756817569175701757117572175731757417575175761757717578175791758017581175821758317584175851758617587175881758917590175911759217593175941759517596175971759817599176001760117602176031760417605176061760717608176091761017611176121761317614176151761617617176181761917620176211762217623176241762517626176271762817629176301763117632176331763417635176361763717638176391764017641176421764317644176451764617647176481764917650176511765217653176541765517656176571765817659176601766117662176631766417665176661766717668176691767017671176721767317674176751767617677176781767917680176811768217683176841768517686176871768817689176901769117692176931769417695176961769717698176991770017701177021770317704177051770617707177081770917710177111771217713177141771517716177171771817719177201772117722177231772417725177261772717728177291773017731177321773317734177351773617737177381773917740177411774217743177441774517746177471774817749177501775117752177531775417755177561775717758177591776017761177621776317764177651776617767177681776917770
  1. This document summarizes new features and bugfixes in each stable release
  2. of Tor. If you want to see more detailed descriptions of the changes in
  3. each development snapshot, see the ChangeLog file.
  4. Changes in version 0.3.2.9 - 2018-01-09
  5. Tor 0.3.2.9 is the first stable release in the 0.3.2 series.
  6. The 0.3.2 series includes our long-anticipated new onion service
  7. design, with numerous security features. (For more information, see
  8. our blog post at https://blog.torproject.org/fall-harvest.) We also
  9. have a new circuit scheduler algorithm for improved performance on
  10. relays everywhere (see https://blog.torproject.org/kist-and-tell),
  11. along with many smaller features and bugfixes.
  12. Per our stable release policy, we plan to support each stable release
  13. series for at least the next nine months, or for three months after
  14. the first stable release of the next series: whichever is longer. If
  15. you need a release with long-term support, we recommend that you stay
  16. with the 0.2.9 series.
  17. Below is a list of the changes since 0.3.1.7. For a list of all
  18. changes since 0.3.2.8-rc, see the ChangeLog file.
  19. o Directory authority changes:
  20. - Add "Bastet" as a ninth directory authority to the default list.
  21. Closes ticket 23910.
  22. - The directory authority "Longclaw" has changed its IP address.
  23. Closes ticket 23592.
  24. - Remove longclaw's IPv6 address, as it will soon change. Authority
  25. IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves
  26. 3/8 directory authorities with IPv6 addresses, but there are also
  27. 52 fallback directory mirrors with IPv6 addresses. Resolves 19760.
  28. - Add an IPv6 address for the "bastet" directory authority. Closes
  29. ticket 24394.
  30. o Major features (next-generation onion services):
  31. - Tor now supports the next-generation onion services protocol for
  32. clients and services! As part of this release, the core of
  33. proposal 224 has been implemented and is available for
  34. experimentation and testing by our users. This newer version of
  35. onion services ("v3") features many improvements over the legacy
  36. system, including:
  37. a) Better crypto (replaced SHA1/DH/RSA1024
  38. with SHA3/ed25519/curve25519)
  39. b) Improved directory protocol, leaking much less information to
  40. directory servers.
  41. c) Improved directory protocol, with smaller surface for
  42. targeted attacks.
  43. d) Better onion address security against impersonation.
  44. e) More extensible introduction/rendezvous protocol.
  45. f) A cleaner and more modular codebase.
  46. You can identify a next-generation onion address by its length:
  47. they are 56 characters long, as in
  48. "4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad.onion".
  49. In the future, we will release more options and features for v3
  50. onion services, but we first need a testing period, so that the
  51. current codebase matures and becomes more robust. Planned features
  52. include: offline keys, advanced client authorization, improved
  53. guard algorithms, and statistics. For full details, see
  54. proposal 224.
  55. Legacy ("v2") onion services will still work for the foreseeable
  56. future, and will remain the default until this new codebase gets
  57. tested and hardened. Service operators who want to experiment with
  58. the new system can use the 'HiddenServiceVersion 3' torrc
  59. directive along with the regular onion service configuration
  60. options. For more information, see our blog post at
  61. "https://blog.torproject.org/fall-harvest". Enjoy!
  62. o Major feature (scheduler, channel):
  63. - Tor now uses new schedulers to decide which circuits should
  64. deliver cells first, in order to improve congestion at relays. The
  65. first type is called "KIST" ("Kernel Informed Socket Transport"),
  66. and is only available on Linux-like systems: it uses feedback from
  67. the kernel to prevent the kernel's TCP buffers from growing too
  68. full. The second new scheduler type is called "KISTLite": it
  69. behaves the same as KIST, but runs on systems without kernel
  70. support for inspecting TCP implementation details. The old
  71. scheduler is still available, under the name "Vanilla". To change
  72. the default scheduler preference order, use the new "Schedulers"
  73. option. (The default preference order is "KIST,KISTLite,Vanilla".)
  74. Matt Traudt implemented KIST, based on research by Rob Jansen,
  75. John Geddes, Christ Wacek, Micah Sherr, and Paul Syverson. For
  76. more information, see the design paper at
  77. http://www.robgjansen.com/publications/kist-sec2014.pdf and the
  78. followup implementation paper at https://arxiv.org/abs/1709.01044.
  79. Closes ticket 12541. For more information, see our blog post at
  80. "https://blog.torproject.org/kist-and-tell".
  81. o Major bugfixes (security, general):
  82. - Fix a denial of service bug where an attacker could use a
  83. malformed directory object to cause a Tor instance to pause while
  84. OpenSSL would try to read a passphrase from the terminal. (Tor
  85. instances run without a terminal, which is the case for most Tor
  86. packages, are not impacted.) Fixes bug 24246; bugfix on every
  87. version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
  88. Found by OSS-Fuzz as testcase 6360145429790720.
  89. o Major bugfixes (security, directory authority):
  90. - Fix a denial of service issue where an attacker could crash a
  91. directory authority using a malformed router descriptor. Fixes bug
  92. 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
  93. and CVE-2017-8820.
  94. o Major bugfixes (security, onion service v2):
  95. - Fix a use-after-free error that could crash v2 Tor onion services
  96. when they failed to open circuits while expiring introduction
  97. points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
  98. also tracked as TROVE-2017-013 and CVE-2017-8823.
  99. - When checking for replays in the INTRODUCE1 cell data for a
  100. (legacy) onion service, correctly detect replays in the RSA-
  101. encrypted part of the cell. We were previously checking for
  102. replays on the entire cell, but those can be circumvented due to
  103. the malleability of Tor's legacy hybrid encryption. This fix helps
  104. prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
  105. 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
  106. and CVE-2017-8819.
  107. o Major bugfixes (security, relay):
  108. - When running as a relay, make sure that we never build a path
  109. through ourselves, even in the case where we have somehow lost the
  110. version of our descriptor appearing in the consensus. Fixes part
  111. of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
  112. as TROVE-2017-012 and CVE-2017-8822.
  113. - When running as a relay, make sure that we never choose ourselves
  114. as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This
  115. issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
  116. o Major bugfixes (bootstrapping):
  117. - Fetch descriptors aggressively whenever we lack enough to build
  118. circuits, regardless of how many descriptors we are missing.
  119. Previously, we would delay launching the fetch when we had fewer
  120. than 15 missing descriptors, even if some of those descriptors
  121. were blocking circuits from building. Fixes bug 23985; bugfix on
  122. 0.1.1.11-alpha. The effects of this bug became worse in
  123. 0.3.0.3-alpha, when we began treating missing descriptors from our
  124. primary guards as a reason to delay circuits.
  125. - Don't try fetching microdescriptors from relays that have failed
  126. to deliver them in the past. Fixes bug 23817; bugfix
  127. on 0.3.0.1-alpha.
  128. o Major bugfixes (circuit prediction):
  129. - Fix circuit prediction logic so that a client doesn't treat a port
  130. as being "handled" by a circuit if that circuit already has
  131. isolation settings on it. This change should make Tor clients more
  132. responsive by improving their chances of having a pre-created
  133. circuit ready for use when a request arrives. Fixes bug 18859;
  134. bugfix on 0.2.3.3-alpha.
  135. o Major bugfixes (exit relays, DNS):
  136. - Fix an issue causing DNS to fail on high-bandwidth exit nodes,
  137. making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on
  138. 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for
  139. identifying and finding a workaround to this bug and to Moritz,
  140. Arthur Edelstein, and Roger for helping to track it down and
  141. analyze it.
  142. o Major bugfixes (relay, crash, assertion failure):
  143. - Fix a timing-based assertion failure that could occur when the
  144. circuit out-of-memory handler freed a connection's output buffer.
  145. Fixes bug 23690; bugfix on 0.2.6.1-alpha.
  146. o Major bugfixes (usability, control port):
  147. - Report trusted clock skew indications as bootstrap errors, so
  148. controllers can more easily alert users when their clocks are
  149. wrong. Fixes bug 23506; bugfix on 0.1.2.6-alpha.
  150. o Minor features (bridge):
  151. - Bridge relays can now set the BridgeDistribution config option to
  152. add a "bridge-distribution-request" line to their bridge
  153. descriptor, which tells BridgeDB how they'd like their bridge
  154. address to be given out. (Note that as of Oct 2017, BridgeDB does
  155. not yet implement this feature.) As a side benefit, this feature
  156. provides a way to distinguish bridge descriptors from non-bridge
  157. descriptors. Implements tickets 18329.
  158. - When handling the USERADDR command on an ExtOrPort, warn when the
  159. transports provides a USERADDR with no port. In a future version,
  160. USERADDR commands of this format may be rejected. Detects problems
  161. related to ticket 23080.
  162. o Minor features (bug detection):
  163. - Log a warning message with a stack trace for any attempt to call
  164. get_options() during option validation. This pattern has caused
  165. subtle bugs in the past. Closes ticket 22281.
  166. o Minor features (build, compilation):
  167. - The "check-changes" feature is now part of the "make check" tests;
  168. we'll use it to try to prevent misformed changes files from
  169. accumulating. Closes ticket 23564.
  170. - Tor builds should now fail if there are any mismatches between the
  171. C type representing a configuration variable and the C type the
  172. data-driven parser uses to store a value there. Previously, we
  173. needed to check these by hand, which sometimes led to mistakes.
  174. Closes ticket 23643.
  175. o Minor features (client):
  176. - You can now use Tor as a tunneled HTTP proxy: use the new
  177. HTTPTunnelPort option to open a port that accepts HTTP CONNECT
  178. requests. Closes ticket 22407.
  179. - Add an extra check to make sure that we always use the newer guard
  180. selection code for picking our guards. Closes ticket 22779.
  181. - When downloading (micro)descriptors, don't split the list into
  182. multiple requests unless we want at least 32 descriptors.
  183. Previously, we split at 4, not 32, which led to significant
  184. overhead in HTTP request size and degradation in compression
  185. performance. Closes ticket 23220.
  186. - Improve log messages when missing descriptors for primary guards.
  187. Resolves ticket 23670.
  188. o Minor features (command line):
  189. - Add a new commandline option, --key-expiration, which prints when
  190. the current signing key is going to expire. Implements ticket
  191. 17639; patch by Isis Lovecruft.
  192. o Minor features (control port):
  193. - If an application tries to use the control port as an HTTP proxy,
  194. respond with a meaningful "This is the Tor control port" message,
  195. and log the event. Closes ticket 1667. Patch from Ravi
  196. Chandra Padmala.
  197. - Provide better error message for GETINFO desc/(id|name) when not
  198. fetching router descriptors. Closes ticket 5847. Patch by
  199. Kevin Butler.
  200. - Add GETINFO "{desc,md}/download-enabled", to inform the controller
  201. whether Tor will try to download router descriptors and
  202. microdescriptors respectively. Closes ticket 22684.
  203. - Added new GETINFO targets "ip-to-country/{ipv4,ipv6}-available",
  204. so controllers can tell whether the geoip databases are loaded.
  205. Closes ticket 23237.
  206. - Adds a timestamp field to the CIRC_BW and STREAM_BW bandwidth
  207. events. Closes ticket 19254. Patch by "DonnchaC".
  208. o Minor features (development support):
  209. - Developers can now generate a call-graph for Tor using the
  210. "calltool" python program, which post-processes object dumps. It
  211. should work okay on many Linux and OSX platforms, and might work
  212. elsewhere too. To run it, install calltool from
  213. https://gitweb.torproject.org/user/nickm/calltool.git and run
  214. "make callgraph". Closes ticket 19307.
  215. o Minor features (directory authority):
  216. - Make the "Exit" flag assignment only depend on whether the exit
  217. policy allows connections to ports 80 and 443. Previously relays
  218. would get the Exit flag if they allowed connections to one of
  219. these ports and also port 6667. Resolves ticket 23637.
  220. o Minor features (ed25519):
  221. - Add validation function to checks for torsion components in
  222. ed25519 public keys, used by prop224 client-side code. Closes
  223. ticket 22006. Math help by Ian Goldberg.
  224. o Minor features (exit relay, DNS):
  225. - Improve the clarity and safety of the log message from evdns when
  226. receiving an apparently spoofed DNS reply. Closes ticket 3056.
  227. o Minor features (fallback directory mirrors):
  228. - The fallback directory list has been re-generated based on the
  229. current status of the network. Tor uses fallback directories to
  230. bootstrap when it doesn't yet have up-to-date directory
  231. information. Closes ticket 24801.
  232. - Make the default DirAuthorityFallbackRate 0.1, so that clients
  233. prefer to bootstrap from fallback directory mirrors. This is a
  234. follow-up to 24679, which removed weights from the default
  235. fallbacks. Implements ticket 24681.
  236. o Minor features (geoip):
  237. - Update geoip and geoip6 to the January 5 2018 Maxmind GeoLite2
  238. Country database.
  239. o Minor features (integration, hardening):
  240. - Add a new NoExec option to prevent Tor from running other
  241. programs. When this option is set to 1, Tor will never try to run
  242. another program, regardless of the settings of
  243. PortForwardingHelper, ClientTransportPlugin, or
  244. ServerTransportPlugin. Once NoExec is set, it cannot be disabled
  245. without restarting Tor. Closes ticket 22976.
  246. o Minor features (linux seccomp2 sandbox):
  247. - Update the sandbox rules so that they should now work correctly
  248. with Glibc 2.26. Closes ticket 24315.
  249. o Minor features (logging):
  250. - Provide better warnings when the getrandom() syscall fails. Closes
  251. ticket 24500.
  252. - Downgrade a pair of log messages that could occur when an exit's
  253. resolver gave us an unusual (but not forbidden) response. Closes
  254. ticket 24097.
  255. - Improve the message we log when re-enabling circuit build timeouts
  256. after having received a consensus. Closes ticket 20963.
  257. - Log more circuit information whenever we are about to try to
  258. package a relay cell on a circuit with a nonexistent n_chan.
  259. Attempt to diagnose ticket 8185.
  260. - Improve info-level log identification of particular circuits, to
  261. help with debugging. Closes ticket 23645.
  262. - Improve the warning message for specifying a relay by nickname.
  263. The previous message implied that nickname registration was still
  264. part of the Tor network design, which it isn't. Closes
  265. ticket 20488.
  266. - If the sandbox filter fails to load, suggest to the user that
  267. their kernel might not support seccomp2. Closes ticket 23090.
  268. o Minor features (onion service, circuit, logging):
  269. - Improve logging of many callsite in the circuit subsystem to print
  270. the circuit identifier(s).
  271. - Log when we cleanup an intro point from a service so we know when
  272. and for what reason it happened. Closes ticket 23604.
  273. o Minor features (portability):
  274. - Tor now compiles correctly on arm64 with libseccomp-dev installed.
  275. (It doesn't yet work with the sandbox enabled.) Closes
  276. ticket 24424.
  277. - Check at configure time whether uint8_t is the same type as
  278. unsigned char. Lots of existing code already makes this
  279. assumption, and there could be strict aliasing issues if the
  280. assumption is violated. Closes ticket 22410.
  281. o Minor features (relay):
  282. - When choosing which circuits can be expired as unused, consider
  283. circuits from clients even if those clients used regular CREATE
  284. cells to make them; and do not consider circuits from relays even
  285. if they were made with CREATE_FAST. Part of ticket 22805.
  286. - Reject attempts to use relative file paths when RunAsDaemon is
  287. set. Previously, Tor would accept these, but the directory-
  288. changing step of RunAsDaemon would give strange and/or confusing
  289. results. Closes ticket 22731.
  290. o Minor features (relay statistics):
  291. - Change relay bandwidth reporting stats interval from 4 hours to 24
  292. hours in order to reduce the efficiency of guard discovery
  293. attacks. Fixes ticket 23856.
  294. o Minor features (reverted deprecations):
  295. - The ClientDNSRejectInternalAddresses flag can once again be set in
  296. non-testing Tor networks, so long as they do not use the default
  297. directory authorities. This change also removes the deprecation of
  298. this flag from 0.2.9.2-alpha. Closes ticket 21031.
  299. o Minor features (robustness):
  300. - Change several fatal assertions when flushing buffers into non-
  301. fatal assertions, to prevent any recurrence of 23690.
  302. o Minor features (startup, safety):
  303. - When configured to write a PID file, Tor now exits if it is unable
  304. to do so. Previously, it would warn and continue. Closes
  305. ticket 20119.
  306. o Minor features (static analysis):
  307. - The BUG() macro has been changed slightly so that Coverity no
  308. longer complains about dead code if the bug is impossible. Closes
  309. ticket 23054.
  310. o Minor features (testing):
  311. - Our fuzzing tests now test the encrypted portions of v3 onion
  312. service descriptors. Implements more of 21509.
  313. - Add a unit test to make sure that our own generated platform
  314. string will be accepted by directory authorities. Closes
  315. ticket 22109.
  316. - The default chutney network tests now include tests for the v3
  317. onion service design. Make sure you have the latest version of
  318. chutney if you want to run these. Closes ticket 22437.
  319. - Add a unit test to verify that we can parse a hardcoded v2 onion
  320. service descriptor. Closes ticket 15554.
  321. o Minor bugfixes (address selection):
  322. - When the fascist_firewall_choose_address_ functions don't find a
  323. reachable address, set the returned address to the null address
  324. and port. This is a precautionary measure, because some callers do
  325. not check the return value. Fixes bug 24736; bugfix
  326. on 0.2.8.2-alpha.
  327. o Minor bugfixes (bootstrapping):
  328. - When warning about state file clock skew, report the correct
  329. direction for the detected skew. Fixes bug 23606; bugfix
  330. on 0.2.8.1-alpha.
  331. o Minor bugfixes (bridge clients, bootstrap):
  332. - Retry directory downloads when we get our first bridge descriptor
  333. during bootstrap or while reconnecting to the network. Keep
  334. retrying every time we get a bridge descriptor, until we have a
  335. reachable bridge. Fixes part of bug 24367; bugfix on 0.2.0.3-alpha.
  336. - Stop delaying bridge descriptor fetches when we have cached bridge
  337. descriptors. Instead, only delay bridge descriptor fetches when we
  338. have at least one reachable bridge. Fixes part of bug 24367;
  339. bugfix on 0.2.0.3-alpha.
  340. - Stop delaying directory fetches when we have cached bridge
  341. descriptors. Instead, only delay bridge descriptor fetches when
  342. all our bridges are definitely unreachable. Fixes part of bug
  343. 24367; bugfix on 0.2.0.3-alpha.
  344. o Minor bugfixes (bridge):
  345. - Overwrite the bridge address earlier in the process of retrieving
  346. its descriptor, to make sure we reach it on the configured
  347. address. Fixes bug 20532; bugfix on 0.2.0.10-alpha.
  348. o Minor bugfixes (build, compilation):
  349. - Fix a compilation warning when building with zstd support on
  350. 32-bit platforms. Fixes bug 23568; bugfix on 0.3.1.1-alpha. Found
  351. and fixed by Andreas Stieger.
  352. - When searching for OpenSSL, don't accept any OpenSSL library that
  353. lacks TLSv1_1_method(): Tor doesn't build with those versions.
  354. Additionally, look in /usr/local/opt/openssl, if it's present.
  355. These changes together repair the default build on OSX systems
  356. with Homebrew installed. Fixes bug 23602; bugfix on 0.2.7.2-alpha.
  357. - Fix a signed/unsigned comparison warning introduced by our fix to
  358. TROVE-2017-009. Fixes bug 24480; bugfix on 0.2.5.16.
  359. - Fix a memory leak warning in one of the libevent-related
  360. configuration tests that could occur when manually specifying
  361. -fsanitize=address. Fixes bug 24279; bugfix on 0.3.0.2-alpha.
  362. Found and patched by Alex Xu.
  363. - Fix unused-variable warnings in donna's Curve25519 SSE2 code.
  364. Fixes bug 22895; bugfix on 0.2.7.2-alpha.
  365. o Minor bugfixes (certificate handling):
  366. - Fix a time handling bug in Tor certificates set to expire after
  367. the year 2106. Fixes bug 23055; bugfix on 0.3.0.1-alpha. Found by
  368. Coverity as CID 1415728.
  369. o Minor bugfixes (client):
  370. - By default, do not enable storage of client-side DNS values. These
  371. values were unused by default previously, but they should not have
  372. been cached at all. Fixes bug 24050; bugfix on 0.2.6.3-alpha.
  373. o Minor bugfixes (client, usability):
  374. - Refrain from needlessly rejecting SOCKS5-with-hostnames and
  375. SOCKS4a requests that contain IP address strings, even when
  376. SafeSocks in enabled, as this prevents user from connecting to
  377. known IP addresses without relying on DNS for resolving. SafeSocks
  378. still rejects SOCKS connections that connect to IP addresses when
  379. those addresses are _not_ encoded as hostnames. Fixes bug 22461;
  380. bugfix on Tor 0.2.6.2-alpha.
  381. o Minor bugfixes (code correctness):
  382. - Call htons() in extend_cell_format() for encoding a 16-bit value.
  383. Previously we used ntohs(), which happens to behave the same on
  384. all the platforms we support, but which isn't really correct.
  385. Fixes bug 23106; bugfix on 0.2.4.8-alpha.
  386. - For defense-in-depth, make the controller's write_escaped_data()
  387. function robust to extremely long inputs. Fixes bug 19281; bugfix
  388. on 0.1.1.1-alpha. Reported by Guido Vranken.
  389. - Fix several places in our codebase where a C compiler would be
  390. likely to eliminate a check, based on assuming that undefined
  391. behavior had not happened elsewhere in the code. These cases are
  392. usually a sign of redundant checking or dubious arithmetic. Found
  393. by Georg Koppen using the "STACK" tool from Wang, Zeldovich,
  394. Kaashoek, and Solar-Lezama. Fixes bug 24423; bugfix on various
  395. Tor versions.
  396. o Minor bugfixes (compression):
  397. - Handle a pathological case when decompressing Zstandard data when
  398. the output buffer size is zero. Fixes bug 23551; bugfix
  399. on 0.3.1.1-alpha.
  400. o Minor bugfixes (consensus expiry):
  401. - Check for adequate directory information correctly. Previously, Tor
  402. would reconsider whether it had sufficient directory information
  403. every 2 minutes. Fixes bug 23091; bugfix on 0.2.0.19-alpha.
  404. o Minor bugfixes (control port, linux seccomp2 sandbox):
  405. - Avoid a crash when attempting to use the seccomp2 sandbox together
  406. with the OwningControllerProcess feature. Fixes bug 24198; bugfix
  407. on 0.2.5.1-alpha.
  408. o Minor bugfixes (control port, onion services):
  409. - Report "FAILED" instead of "UPLOAD_FAILED" "FAILED" for the
  410. HS_DESC event when a service is not able to upload a descriptor.
  411. Fixes bug 24230; bugfix on 0.2.7.1-alpha.
  412. o Minor bugfixes (directory cache):
  413. - Recover better from empty or corrupt files in the consensus cache
  414. directory. Fixes bug 24099; bugfix on 0.3.1.1-alpha.
  415. - When a consensus diff calculation is only partially successful,
  416. only record the successful parts as having succeeded. Partial
  417. success can happen if (for example) one compression method fails
  418. but the others succeed. Previously we misrecorded all the
  419. calculations as having succeeded, which would later cause a
  420. nonfatal assertion failure. Fixes bug 24086; bugfix
  421. on 0.3.1.1-alpha.
  422. o Minor bugfixes (directory client):
  423. - On failure to download directory information, delay retry attempts
  424. by a random amount based on the "decorrelated jitter" algorithm.
  425. Our previous delay algorithm tended to produce extra-long delays
  426. too easily. Fixes bug 23816; bugfix on 0.2.9.1-alpha.
  427. o Minor bugfixes (directory protocol):
  428. - Directory servers now include a "Date:" http header for response
  429. codes other than 200. Clients starting with a skewed clock and a
  430. recent consensus were getting "304 Not modified" responses from
  431. directory authorities, so without the Date header, the client
  432. would never hear about a wrong clock. Fixes bug 23499; bugfix
  433. on 0.0.8rc1.
  434. - Make clients wait for 6 seconds before trying to download a
  435. consensus from an authority. Fixes bug 17750; bugfix
  436. on 0.2.8.1-alpha.
  437. o Minor bugfixes (documentation):
  438. - Document better how to read gcov, and what our gcov postprocessing
  439. scripts do. Fixes bug 23739; bugfix on 0.2.9.1-alpha.
  440. - Fix manpage to not refer to the obsolete (and misspelled)
  441. UseEntryGuardsAsDirectoryGuards parameter in the description of
  442. NumDirectoryGuards. Fixes bug 23611; bugfix on 0.2.4.8-alpha.
  443. o Minor bugfixes (DoS-resistance):
  444. - If future code asks if there are any running bridges, without
  445. checking if bridges are enabled, log a BUG warning rather than
  446. crashing. Fixes bug 23524; bugfix on 0.3.0.1-alpha.
  447. o Minor bugfixes (entry guards):
  448. - Tor now updates its guard state when it reads a consensus
  449. regardless of whether it's missing descriptors. That makes tor use
  450. its primary guards to fetch descriptors in some edge cases where
  451. it would previously have used fallback directories. Fixes bug
  452. 23862; bugfix on 0.3.0.1-alpha.
  453. o Minor bugfixes (format strictness):
  454. - Restrict several data formats to decimal. Previously, the
  455. BuildTimeHistogram entries in the state file, the "bw=" entries in
  456. the bandwidth authority file, and the process IDs passed to the
  457. __OwningControllerProcess option could all be specified in hex or
  458. octal as well as in decimal. This was not an intentional feature.
  459. Fixes bug 22802; bugfixes on 0.2.2.1-alpha, 0.2.2.2-alpha,
  460. and 0.2.2.28-beta.
  461. o Minor bugfixes (heartbeat):
  462. - If we fail to write a heartbeat message, schedule a retry for the
  463. minimum heartbeat interval number of seconds in the future. Fixes
  464. bug 19476; bugfix on 0.2.3.1-alpha.
  465. o Minor bugfixes (logging):
  466. - Suppress a log notice when relay descriptors arrive. We already
  467. have a bootstrap progress for this so no need to log notice
  468. everytime tor receives relay descriptors. Microdescriptors behave
  469. the same. Fixes bug 23861; bugfix on 0.2.8.2-alpha.
  470. - Remove duplicate log messages regarding opening non-local
  471. SocksPorts upon parsing config and opening listeners at startup.
  472. Fixes bug 4019; bugfix on 0.2.3.3-alpha.
  473. - Use a more comprehensible log message when telling the user
  474. they've excluded every running exit node. Fixes bug 7890; bugfix
  475. on 0.2.2.25-alpha.
  476. - When logging the number of descriptors we intend to download per
  477. directory request, do not log a number higher than then the number
  478. of descriptors we're fetching in total. Fixes bug 19648; bugfix
  479. on 0.1.1.8-alpha.
  480. - When warning about a directory owned by the wrong user, log the
  481. actual name of the user owning the directory. Previously, we'd log
  482. the name of the process owner twice. Fixes bug 23487; bugfix
  483. on 0.2.9.1-alpha.
  484. - Fix some messages on unexpected errors from the seccomp2 library.
  485. Fixes bug 22750; bugfix on 0.2.5.1-alpha. Patch from "cypherpunks".
  486. - The tor specification says hop counts are 1-based, so fix two log
  487. messages that mistakenly logged 0-based hop counts. Fixes bug
  488. 18982; bugfix on 0.2.6.2-alpha and 0.2.4.5-alpha. Patch by teor.
  489. Credit to Xiaofan Li for reporting this issue.
  490. o Minor bugfixes (logging, relay shutdown, annoyance):
  491. - When a circuit is marked for close, do not attempt to package any
  492. cells for channels on that circuit. Previously, we would detect
  493. this condition lower in the call stack, when we noticed that the
  494. circuit had no attached channel, and log an annoying message.
  495. Fixes bug 8185; bugfix on 0.2.5.4-alpha.
  496. o Minor bugfixes (memory safety, defensive programming):
  497. - Clear the target address when node_get_prim_orport() returns
  498. early. Fixes bug 23874; bugfix on 0.2.8.2-alpha.
  499. o Minor bugfixes (memory usage):
  500. - When queuing DESTROY cells on a channel, only queue the circuit-id
  501. and reason fields: not the entire 514-byte cell. This fix should
  502. help mitigate any bugs or attacks that fill up these queues, and
  503. free more RAM for other uses. Fixes bug 24666; bugfix
  504. on 0.2.5.1-alpha.
  505. o Minor bugfixes (network layer):
  506. - When closing a connection via close_connection_immediately(), we
  507. mark it as "not blocked on bandwidth", to prevent later calls from
  508. trying to unblock it, and give it permission to read. This fixes a
  509. backtrace warning that can happen on relays under various
  510. circumstances. Fixes bug 24167; bugfix on 0.1.0.1-rc.
  511. o Minor bugfixes (onion services):
  512. - The introduction circuit was being timed out too quickly while
  513. waiting for the rendezvous circuit to complete. Keep the intro
  514. circuit around longer instead of timing out and reopening new ones
  515. constantly. Fixes bug 23681; bugfix on 0.2.4.8-alpha.
  516. - Rename the consensus parameter "hsdir-interval" to "hsdir_interval"
  517. so it matches dir-spec.txt. Fixes bug 24262; bugfix
  518. on 0.3.1.1-alpha.
  519. - When handling multiple SOCKS request for the same .onion address,
  520. only fetch the service descriptor once.
  521. - Avoid a possible double close of a circuit by the intro point on
  522. error of sending the INTRO_ESTABLISHED cell. Fixes bug 23610;
  523. bugfix on 0.3.0.1-alpha.
  524. - When reloading configured onion services, copy all information
  525. from the old service object. Previously, some data was omitted,
  526. causing delays in descriptor upload, and other bugs. Fixes bug
  527. 23790; bugfix on 0.2.1.9-alpha.
  528. o Minor bugfixes (path selection):
  529. - When selecting relays by bandwidth, avoid a rounding error that
  530. could sometimes cause load to be imbalanced incorrectly.
  531. Previously, we would always round upwards; now, we round towards
  532. the nearest integer. This had the biggest effect when a relay's
  533. weight adjustments should have given it weight 0, but it got
  534. weight 1 instead. Fixes bug 23318; bugfix on 0.2.4.3-alpha.
  535. - When calculating the fraction of nodes that have descriptors, and
  536. all nodes in the network have zero bandwidths, count the number of
  537. nodes instead. Fixes bug 23318; bugfix on 0.2.4.10-alpha.
  538. - Actually log the total bandwidth in compute_weighted_bandwidths().
  539. Fixes bug 24170; bugfix on 0.2.4.3-alpha.
  540. o Minor bugfixes (portability):
  541. - Stop using the PATH_MAX variable, which is not defined on GNU
  542. Hurd. Fixes bug 23098; bugfix on 0.3.1.1-alpha.
  543. - Fix a bug in the bit-counting parts of our timing-wheel code on
  544. MSVC. (Note that MSVC is still not a supported build platform, due
  545. to cyptographic timing channel risks.) Fixes bug 24633; bugfix
  546. on 0.2.9.1-alpha.
  547. o Minor bugfixes (relay):
  548. - When uploading our descriptor for the first time after startup,
  549. report the reason for uploading as "Tor just started" rather than
  550. leaving it blank. Fixes bug 22885; bugfix on 0.2.3.4-alpha.
  551. - Avoid unnecessary calls to directory_fetches_from_authorities() on
  552. relays, to prevent spurious address resolutions and descriptor
  553. rebuilds. This is a mitigation for bug 21789. Fixes bug 23470;
  554. bugfix on in 0.2.8.1-alpha.
  555. - Avoid a crash when transitioning from client mode to bridge mode.
  556. Previously, we would launch the worker threads whenever our
  557. "public server" mode changed, but not when our "server" mode
  558. changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha.
  559. o Minor bugfixes (testing):
  560. - Fix a spurious fuzzing-only use of an uninitialized value. Found
  561. by Brian Carpenter. Fixes bug 24082; bugfix on 0.3.0.3-alpha.
  562. - Test that IPv6-only clients can use microdescriptors when running
  563. "make test-network-all". Requires chutney master 61c28b9 or later.
  564. Closes ticket 24109.
  565. - Prevent scripts/test/coverage from attempting to move gcov output
  566. to the root directory. Fixes bug 23741; bugfix on 0.2.5.1-alpha.
  567. - Capture and detect several "Result does not fit" warnings in unit
  568. tests on platforms with 32-bit time_t. Fixes bug 21800; bugfix
  569. on 0.2.9.3-alpha.
  570. - Fix additional channelpadding unit test failures by using mocked
  571. time instead of actual time for all tests. Fixes bug 23608; bugfix
  572. on 0.3.1.1-alpha.
  573. - Fix a bug in our fuzzing mock replacement for crypto_pk_checksig(),
  574. to correctly handle cases where a caller gives it an RSA key of
  575. under 160 bits. (This is not actually a bug in Tor itself, but
  576. rather in our fuzzing code.) Fixes bug 24247; bugfix on
  577. 0.3.0.3-alpha. Found by OSS-Fuzz as issue 4177.
  578. - Fix a broken unit test for the OutboundAddress option: the parsing
  579. function was never returning an error on failure. Fixes bug 23366;
  580. bugfix on 0.3.0.3-alpha.
  581. - Fix a signed-integer overflow in the unit tests for
  582. dir/download_status_random_backoff, which was untriggered until we
  583. fixed bug 17750. Fixes bug 22924; bugfix on 0.2.9.1-alpha.
  584. o Minor bugfixes (usability, control port):
  585. - Stop making an unnecessary routerlist check in NETINFO clock skew
  586. detection; this was preventing clients from reporting NETINFO clock
  587. skew to controllers. Fixes bug 23532; bugfix on 0.2.4.4-alpha.
  588. o Code simplification and refactoring:
  589. - Remove various ways of testing circuits and connections for
  590. "clientness"; instead, favor channel_is_client(). Part of
  591. ticket 22805.
  592. - Extract the code for handling newly-open channels into a separate
  593. function from the general code to handle channel state
  594. transitions. This change simplifies our callgraph, reducing the
  595. size of the largest strongly connected component by roughly a
  596. factor of two. Closes ticket 22608.
  597. - Remove dead code for largely unused statistics on the number of
  598. times we've attempted various public key operations. Fixes bug
  599. 19871; bugfix on 0.1.2.4-alpha. Fix by Isis Lovecruft.
  600. - Remove several now-obsolete functions for asking about old
  601. variants directory authority status. Closes ticket 22311; patch
  602. from "huyvq".
  603. - Remove some of the code that once supported "Named" and "Unnamed"
  604. routers. Authorities no longer vote for these flags. Closes
  605. ticket 22215.
  606. - Rename the obsolete malleable hybrid_encrypt functions used in TAP
  607. and old hidden services, to indicate that they aren't suitable for
  608. new protocols or formats. Closes ticket 23026.
  609. - Replace our STRUCT_OFFSET() macro with offsetof(). Closes ticket
  610. 22521. Patch from Neel Chauhan.
  611. - Split the enormous circuit_send_next_onion_skin() function into
  612. multiple subfunctions. Closes ticket 22804.
  613. - Split the portions of the buffer.c module that handle particular
  614. protocols into separate modules. Part of ticket 23149.
  615. - Use our test macros more consistently, to produce more useful
  616. error messages when our unit tests fail. Add coccinelle patches to
  617. allow us to re-check for test macro uses. Closes ticket 22497.
  618. o Deprecated features:
  619. - The ReachableDirAddresses and ClientPreferIPv6DirPort options are
  620. now deprecated; they do not apply to relays, and they have had no
  621. effect on clients since 0.2.8.x. Closes ticket 19704.
  622. - Deprecate HTTPProxy/HTTPProxyAuthenticator config options. They
  623. only applies to direct unencrypted HTTP connections to your
  624. directory server, which your Tor probably isn't using. Closes
  625. ticket 20575.
  626. o Documentation:
  627. - Add notes in man page regarding OS support for the various
  628. scheduler types. Attempt to use less jargon in the scheduler
  629. section. Closes ticket 24254.
  630. - Clarify that the Address option is entirely about setting an
  631. advertised IPv4 address. Closes ticket 18891.
  632. - Clarify the manpage's use of the term "address" to clarify what
  633. kind of address is intended. Closes ticket 21405.
  634. - Document that onion service subdomains are allowed, and ignored.
  635. Closes ticket 18736.
  636. - Clarify in the manual that "Sandbox 1" is only supported on Linux
  637. kernels. Closes ticket 22677.
  638. - Document all values of PublishServerDescriptor in the manpage.
  639. Closes ticket 15645.
  640. - Improve the documentation for the directory port part of the
  641. DirAuthority line. Closes ticket 20152.
  642. - Restore documentation for the authorities' "approved-routers"
  643. file. Closes ticket 21148.
  644. o Removed features:
  645. - The AllowDotExit option has been removed as unsafe. It has been
  646. deprecated since 0.2.9.2-alpha. Closes ticket 23426.
  647. - The ClientDNSRejectInternalAddresses flag can no longer be set on
  648. non-testing networks. It has been deprecated since 0.2.9.2-alpha.
  649. Closes ticket 21031.
  650. - The controller API no longer includes an AUTHDIR_NEWDESCS event:
  651. nobody was using it any longer. Closes ticket 22377.
  652. Changes in version 0.3.1.9 - 2017-12-01:
  653. Tor 0.3.1.9 backports important security and stability fixes from the
  654. 0.3.2 development series. All Tor users should upgrade to this
  655. release, or to another of the releases coming out today.
  656. o Major bugfixes (security, backport from 0.3.2.6-alpha):
  657. - Fix a denial of service bug where an attacker could use a
  658. malformed directory object to cause a Tor instance to pause while
  659. OpenSSL would try to read a passphrase from the terminal. (Tor
  660. instances run without a terminal, which is the case for most Tor
  661. packages, are not impacted.) Fixes bug 24246; bugfix on every
  662. version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
  663. Found by OSS-Fuzz as testcase 6360145429790720.
  664. - Fix a denial of service issue where an attacker could crash a
  665. directory authority using a malformed router descriptor. Fixes bug
  666. 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
  667. and CVE-2017-8820.
  668. - When checking for replays in the INTRODUCE1 cell data for a
  669. (legacy) onion service, correctly detect replays in the RSA-
  670. encrypted part of the cell. We were previously checking for
  671. replays on the entire cell, but those can be circumvented due to
  672. the malleability of Tor's legacy hybrid encryption. This fix helps
  673. prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
  674. 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
  675. and CVE-2017-8819.
  676. o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha):
  677. - Fix a use-after-free error that could crash v2 Tor onion services
  678. when they failed to open circuits while expiring introduction
  679. points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
  680. also tracked as TROVE-2017-013 and CVE-2017-8823.
  681. o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
  682. - When running as a relay, make sure that we never build a path
  683. through ourselves, even in the case where we have somehow lost the
  684. version of our descriptor appearing in the consensus. Fixes part
  685. of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
  686. as TROVE-2017-012 and CVE-2017-8822.
  687. - When running as a relay, make sure that we never choose ourselves
  688. as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This
  689. issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
  690. o Major bugfixes (exit relays, DNS, backport from 0.3.2.4-alpha):
  691. - Fix an issue causing DNS to fail on high-bandwidth exit nodes,
  692. making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on
  693. 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for
  694. identifying and finding a workaround to this bug and to Moritz,
  695. Arthur Edelstein, and Roger for helping to track it down and
  696. analyze it.
  697. o Minor features (bridge):
  698. - Bridges now include notice in their descriptors that they are
  699. bridges, and notice of their distribution status, based on their
  700. publication settings. Implements ticket 18329. For more fine-
  701. grained control of how a bridge is distributed, upgrade to 0.3.2.x
  702. or later.
  703. o Minor features (directory authority, backport from 0.3.2.6-alpha):
  704. - Add an IPv6 address for the "bastet" directory authority. Closes
  705. ticket 24394.
  706. o Minor features (geoip):
  707. - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
  708. Country database.
  709. o Minor bugfix (relay address resolution, backport from 0.3.2.1-alpha):
  710. - Avoid unnecessary calls to directory_fetches_from_authorities() on
  711. relays, to prevent spurious address resolutions and descriptor
  712. rebuilds. This is a mitigation for bug 21789. Fixes bug 23470;
  713. bugfix on in 0.2.8.1-alpha.
  714. o Minor bugfixes (compilation, backport from 0.3.2.1-alpha):
  715. - Fix unused variable warnings in donna's Curve25519 SSE2 code.
  716. Fixes bug 22895; bugfix on 0.2.7.2-alpha.
  717. o Minor bugfixes (logging, relay shutdown, annoyance, backport from 0.3.2.2-alpha):
  718. - When a circuit is marked for close, do not attempt to package any
  719. cells for channels on that circuit. Previously, we would detect
  720. this condition lower in the call stack, when we noticed that the
  721. circuit had no attached channel, and log an annoying message.
  722. Fixes bug 8185; bugfix on 0.2.5.4-alpha.
  723. o Minor bugfixes (onion service, backport from 0.3.2.5-alpha):
  724. - Rename the consensus parameter "hsdir-interval" to "hsdir_interval"
  725. so it matches dir-spec.txt. Fixes bug 24262; bugfix
  726. on 0.3.1.1-alpha.
  727. o Minor bugfixes (relay, crash, backport from 0.3.2.4-alpha):
  728. - Avoid a crash when transitioning from client mode to bridge mode.
  729. Previously, we would launch the worker threads whenever our
  730. "public server" mode changed, but not when our "server" mode
  731. changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha.
  732. Changes in version 0.3.0.13 - 2017-12-01
  733. Tor 0.3.0.13 backports important security and stability bugfixes from
  734. later Tor releases. All Tor users should upgrade to this release, or
  735. to another of the releases coming out today.
  736. Note: the Tor 0.3.0 series will no longer be supported after 26 Jan
  737. 2018. If you need a release with long-term support, please stick with
  738. the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
  739. o Major bugfixes (security, backport from 0.3.2.6-alpha):
  740. - Fix a denial of service bug where an attacker could use a
  741. malformed directory object to cause a Tor instance to pause while
  742. OpenSSL would try to read a passphrase from the terminal. (Tor
  743. instances run without a terminal, which is the case for most Tor
  744. packages, are not impacted.) Fixes bug 24246; bugfix on every
  745. version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
  746. Found by OSS-Fuzz as testcase 6360145429790720.
  747. - Fix a denial of service issue where an attacker could crash a
  748. directory authority using a malformed router descriptor. Fixes bug
  749. 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
  750. and CVE-2017-8820.
  751. - When checking for replays in the INTRODUCE1 cell data for a
  752. (legacy) onion service, correctly detect replays in the RSA-
  753. encrypted part of the cell. We were previously checking for
  754. replays on the entire cell, but those can be circumvented due to
  755. the malleability of Tor's legacy hybrid encryption. This fix helps
  756. prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
  757. 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
  758. and CVE-2017-8819.
  759. o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha):
  760. - Fix a use-after-free error that could crash v2 Tor onion services
  761. when they failed to open circuits while expiring introduction
  762. points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
  763. also tracked as TROVE-2017-013 and CVE-2017-8823.
  764. o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
  765. - When running as a relay, make sure that we never build a path
  766. through ourselves, even in the case where we have somehow lost the
  767. version of our descriptor appearing in the consensus. Fixes part
  768. of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
  769. as TROVE-2017-012 and CVE-2017-8822.
  770. - When running as a relay, make sure that we never choose ourselves
  771. as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This
  772. issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
  773. o Major bugfixes (exit relays, DNS, backport from 0.3.2.4-alpha):
  774. - Fix an issue causing DNS to fail on high-bandwidth exit nodes,
  775. making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on
  776. 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for
  777. identifying and finding a workaround to this bug and to Moritz,
  778. Arthur Edelstein, and Roger for helping to track it down and
  779. analyze it.
  780. o Minor features (security, windows, backport from 0.3.1.1-alpha):
  781. - Enable a couple of pieces of Windows hardening: one
  782. (HeapEnableTerminationOnCorruption) that has been on-by-default
  783. since Windows 8, and unavailable before Windows 7; and one
  784. (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't
  785. affect us, but shouldn't do any harm. Closes ticket 21953.
  786. o Minor features (bridge, backport from 0.3.1.9):
  787. - Bridges now include notice in their descriptors that they are
  788. bridges, and notice of their distribution status, based on their
  789. publication settings. Implements ticket 18329. For more fine-
  790. grained control of how a bridge is distributed, upgrade to 0.3.2.x
  791. or later.
  792. o Minor features (directory authority, backport from 0.3.2.6-alpha):
  793. - Add an IPv6 address for the "bastet" directory authority. Closes
  794. ticket 24394.
  795. o Minor features (geoip):
  796. - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
  797. Country database.
  798. o Minor bugfix (relay address resolution, backport from 0.3.2.1-alpha):
  799. - Avoid unnecessary calls to directory_fetches_from_authorities() on
  800. relays, to prevent spurious address resolutions and descriptor
  801. rebuilds. This is a mitigation for bug 21789. Fixes bug 23470;
  802. bugfix on in 0.2.8.1-alpha.
  803. o Minor bugfixes (compilation, backport from 0.3.2.1-alpha):
  804. - Fix unused variable warnings in donna's Curve25519 SSE2 code.
  805. Fixes bug 22895; bugfix on 0.2.7.2-alpha.
  806. o Minor bugfixes (logging, relay shutdown, annoyance, backport from 0.3.2.2-alpha):
  807. - When a circuit is marked for close, do not attempt to package any
  808. cells for channels on that circuit. Previously, we would detect
  809. this condition lower in the call stack, when we noticed that the
  810. circuit had no attached channel, and log an annoying message.
  811. Fixes bug 8185; bugfix on 0.2.5.4-alpha.
  812. o Minor bugfixes (relay, crash, backport from 0.3.2.4-alpha):
  813. - Avoid a crash when transitioning from client mode to bridge mode.
  814. Previously, we would launch the worker threads whenever our
  815. "public server" mode changed, but not when our "server" mode
  816. changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha.
  817. o Minor bugfixes (testing, backport from 0.3.1.6-rc):
  818. - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291;
  819. bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij.
  820. Changes in version 0.2.9.14 - 2017-12-01
  821. Tor 0.3.0.13 backports important security and stability bugfixes from
  822. later Tor releases. All Tor users should upgrade to this release, or
  823. to another of the releases coming out today.
  824. o Major bugfixes (exit relays, DNS, backport from 0.3.2.4-alpha):
  825. - Fix an issue causing DNS to fail on high-bandwidth exit nodes,
  826. making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on
  827. 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for
  828. identifying and finding a workaround to this bug and to Moritz,
  829. Arthur Edelstein, and Roger for helping to track it down and
  830. analyze it.
  831. o Major bugfixes (security, backport from 0.3.2.6-alpha):
  832. - Fix a denial of service bug where an attacker could use a
  833. malformed directory object to cause a Tor instance to pause while
  834. OpenSSL would try to read a passphrase from the terminal. (Tor
  835. instances run without a terminal, which is the case for most Tor
  836. packages, are not impacted.) Fixes bug 24246; bugfix on every
  837. version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
  838. Found by OSS-Fuzz as testcase 6360145429790720.
  839. - Fix a denial of service issue where an attacker could crash a
  840. directory authority using a malformed router descriptor. Fixes bug
  841. 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
  842. and CVE-2017-8820.
  843. - When checking for replays in the INTRODUCE1 cell data for a
  844. (legacy) onion service, correctly detect replays in the RSA-
  845. encrypted part of the cell. We were previously checking for
  846. replays on the entire cell, but those can be circumvented due to
  847. the malleability of Tor's legacy hybrid encryption. This fix helps
  848. prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
  849. 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
  850. and CVE-2017-8819.
  851. o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha):
  852. - Fix a use-after-free error that could crash v2 Tor onion services
  853. when they failed to open circuits while expiring introduction
  854. points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
  855. also tracked as TROVE-2017-013 and CVE-2017-8823.
  856. o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
  857. - When running as a relay, make sure that we never build a path
  858. through ourselves, even in the case where we have somehow lost the
  859. version of our descriptor appearing in the consensus. Fixes part
  860. of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
  861. as TROVE-2017-012 and CVE-2017-8822.
  862. o Minor features (bridge, backport from 0.3.1.9):
  863. - Bridges now include notice in their descriptors that they are
  864. bridges, and notice of their distribution status, based on their
  865. publication settings. Implements ticket 18329. For more fine-
  866. grained control of how a bridge is distributed, upgrade to 0.3.2.x
  867. or later.
  868. o Minor features (directory authority, backport from 0.3.2.6-alpha):
  869. - Add an IPv6 address for the "bastet" directory authority. Closes
  870. ticket 24394.
  871. o Minor features (geoip):
  872. - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
  873. Country database.
  874. o Minor features (security, windows, backport from 0.3.1.1-alpha):
  875. - Enable a couple of pieces of Windows hardening: one
  876. (HeapEnableTerminationOnCorruption) that has been on-by-default
  877. since Windows 8, and unavailable before Windows 7; and one
  878. (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't
  879. affect us, but shouldn't do any harm. Closes ticket 21953.
  880. o Minor bugfix (relay address resolution, backport from 0.3.2.1-alpha):
  881. - Avoid unnecessary calls to directory_fetches_from_authorities() on
  882. relays, to prevent spurious address resolutions and descriptor
  883. rebuilds. This is a mitigation for bug 21789. Fixes bug 23470;
  884. bugfix on in 0.2.8.1-alpha.
  885. o Minor bugfixes (compilation, backport from 0.3.2.1-alpha):
  886. - Fix unused variable warnings in donna's Curve25519 SSE2 code.
  887. Fixes bug 22895; bugfix on 0.2.7.2-alpha.
  888. o Minor bugfixes (logging, relay shutdown, annoyance, backport from 0.3.2.2-alpha):
  889. - When a circuit is marked for close, do not attempt to package any
  890. cells for channels on that circuit. Previously, we would detect
  891. this condition lower in the call stack, when we noticed that the
  892. circuit had no attached channel, and log an annoying message.
  893. Fixes bug 8185; bugfix on 0.2.5.4-alpha.
  894. o Minor bugfixes (relay, crash, backport from 0.3.2.4-alpha):
  895. - Avoid a crash when transitioning from client mode to bridge mode.
  896. Previously, we would launch the worker threads whenever our
  897. "public server" mode changed, but not when our "server" mode
  898. changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha.
  899. o Minor bugfixes (testing, backport from 0.3.1.6-rc):
  900. - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291;
  901. bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij.
  902. Changes in version 0.2.8.17 - 2017-12-01
  903. Tor 0.2.8.17 backports important security and stability bugfixes from
  904. later Tor releases. All Tor users should upgrade to this release, or
  905. to another of the releases coming out today.
  906. Note: the Tor 0.2.8 series will no longer be supported after 1 Jan
  907. 2018. If you need a release with long-term support, please upgrade with
  908. the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
  909. o Major bugfixes (security, backport from 0.3.2.6-alpha):
  910. - Fix a denial of service bug where an attacker could use a
  911. malformed directory object to cause a Tor instance to pause while
  912. OpenSSL would try to read a passphrase from the terminal. (Tor
  913. instances run without a terminal, which is the case for most Tor
  914. packages, are not impacted.) Fixes bug 24246; bugfix on every
  915. version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
  916. Found by OSS-Fuzz as testcase 6360145429790720.
  917. - When checking for replays in the INTRODUCE1 cell data for a
  918. (legacy) onion service, correctly detect replays in the RSA-
  919. encrypted part of the cell. We were previously checking for
  920. replays on the entire cell, but those can be circumvented due to
  921. the malleability of Tor's legacy hybrid encryption. This fix helps
  922. prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
  923. 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
  924. and CVE-2017-8819.
  925. o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha):
  926. - Fix a use-after-free error that could crash v2 Tor onion services
  927. when they failed to open circuits while expiring introduction
  928. points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
  929. also tracked as TROVE-2017-013 and CVE-2017-8823.
  930. o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
  931. - When running as a relay, make sure that we never build a path through
  932. ourselves, even in the case where we have somehow lost the version of
  933. our descriptor appearing in the consensus. Fixes part of bug 21534;
  934. bugfix on 0.2.0.1-alpha. This issue is also tracked as TROVE-2017-012
  935. and CVE-2017-8822.
  936. o Minor features (bridge, backport from 0.3.1.9):
  937. - Bridges now include notice in their descriptors that they are
  938. bridges, and notice of their distribution status, based on their
  939. publication settings. Implements ticket 18329. For more fine-
  940. grained control of how a bridge is distributed, upgrade to 0.3.2.x
  941. or later.
  942. o Minor features (directory authority, backport from 0.3.2.6-alpha):
  943. - Add an IPv6 address for the "bastet" directory authority. Closes
  944. ticket 24394.
  945. o Minor features (geoip):
  946. - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
  947. Country database.
  948. o Minor bugfixes (testing, backport from 0.3.1.6-rc):
  949. - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291;
  950. bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij.
  951. Changes in version 0.2.5.16 - 2017-12-01
  952. Tor 0.2.5.13 backports important security and stability bugfixes from
  953. later Tor releases. All Tor users should upgrade to this release, or
  954. to another of the releases coming out today.
  955. Note: the Tor 0.2.5 series will no longer be supported after 1 May
  956. 2018. If you need a release with long-term support, please upgrade to
  957. the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
  958. o Major bugfixes (security, backport from 0.3.2.6-alpha):
  959. - Fix a denial of service bug where an attacker could use a
  960. malformed directory object to cause a Tor instance to pause while
  961. OpenSSL would try to read a passphrase from the terminal. (Tor
  962. instances run without a terminal, which is the case for most Tor
  963. packages, are not impacted.) Fixes bug 24246; bugfix on every
  964. version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
  965. Found by OSS-Fuzz as testcase 6360145429790720.
  966. - When checking for replays in the INTRODUCE1 cell data for a
  967. (legacy) onion service, correctly detect replays in the RSA-
  968. encrypted part of the cell. We were previously checking for
  969. replays on the entire cell, but those can be circumvented due to
  970. the malleability of Tor's legacy hybrid encryption. This fix helps
  971. prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
  972. 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
  973. and CVE-2017-8819.
  974. o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
  975. - When running as a relay, make sure that we never build a path
  976. through ourselves, even in the case where we have somehow lost the
  977. version of our descriptor appearing in the consensus. Fixes part
  978. of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
  979. as TROVE-2017-012 and CVE-2017-8822.
  980. o Minor features (bridge, backport from 0.3.1.9):
  981. - Bridges now include notice in their descriptors that they are
  982. bridges, and notice of their distribution status, based on their
  983. publication settings. Implements ticket 18329. For more fine-
  984. grained control of how a bridge is distributed, upgrade to 0.3.2.x
  985. or later.
  986. o Minor features (geoip):
  987. - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
  988. Country database.
  989. Changes in version 0.2.5.15 - 2017-10-25
  990. Tor 0.2.5.15 backports a collection of bugfixes from later Tor release
  991. series. It also adds a new directory authority, Bastet.
  992. Note: the Tor 0.2.5 series will no longer be supported after 1 May
  993. 2018. If you need a release with long-term support, please upgrade to
  994. the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
  995. o Directory authority changes:
  996. - Add "Bastet" as a ninth directory authority to the default list.
  997. Closes ticket 23910.
  998. - The directory authority "Longclaw" has changed its IP address.
  999. Closes ticket 23592.
  1000. o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha):
  1001. - Avoid an assertion failure bug affecting our implementation of
  1002. inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
  1003. handling of "0xx" differs from what we had expected. Fixes bug
  1004. 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007.
  1005. o Minor features (geoip):
  1006. - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
  1007. Country database.
  1008. o Minor bugfixes (defensive programming, undefined behavior, backport from 0.3.1.4-alpha):
  1009. - Fix a memset() off the end of an array when packing cells. This
  1010. bug should be harmless in practice, since the corrupted bytes are
  1011. still in the same structure, and are always padding bytes,
  1012. ignored, or immediately overwritten, depending on compiler
  1013. behavior. Nevertheless, because the memset()'s purpose is to make
  1014. sure that any other cell-handling bugs can't expose bytes to the
  1015. network, we need to fix it. Fixes bug 22737; bugfix on
  1016. 0.2.4.11-alpha. Fixes CID 1401591.
  1017. o Build features (backport from 0.3.1.5-alpha):
  1018. - Tor's repository now includes a Travis Continuous Integration (CI)
  1019. configuration file (.travis.yml). This is meant to help new
  1020. developers and contributors who fork Tor to a Github repository be
  1021. better able to test their changes, and understand what we expect
  1022. to pass. To use this new build feature, you must fork Tor to your
  1023. Github account, then go into the "Integrations" menu in the
  1024. repository settings for your fork and enable Travis, then push
  1025. your changes. Closes ticket 22636.
  1026. Changes in version 0.2.8.16 - 2017-10-25
  1027. Tor 0.2.8.16 backports a collection of bugfixes from later Tor release
  1028. series, including a bugfix for a crash issue that had affected relays
  1029. under memory pressure. It also adds a new directory authority, Bastet.
  1030. Note: the Tor 0.2.8 series will no longer be supported after 1 Jan
  1031. 2018. If you need a release with long-term support, please stick with
  1032. the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
  1033. o Directory authority changes:
  1034. - Add "Bastet" as a ninth directory authority to the default list.
  1035. Closes ticket 23910.
  1036. - The directory authority "Longclaw" has changed its IP address.
  1037. Closes ticket 23592.
  1038. o Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha):
  1039. - Fix a timing-based assertion failure that could occur when the
  1040. circuit out-of-memory handler freed a connection's output buffer.
  1041. Fixes bug 23690; bugfix on 0.2.6.1-alpha.
  1042. o Minor features (directory authorities, backport from 0.3.2.2-alpha):
  1043. - Remove longclaw's IPv6 address, as it will soon change. Authority
  1044. IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves
  1045. 3/8 directory authorities with IPv6 addresses, but there are also
  1046. 52 fallback directory mirrors with IPv6 addresses. Resolves 19760.
  1047. o Minor features (geoip):
  1048. - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
  1049. Country database.
  1050. Changes in version 0.2.9.13 - 2017-10-25
  1051. Tor 0.2.9.13 backports a collection of bugfixes from later Tor release
  1052. series, including a bugfix for a crash issue that had affected relays
  1053. under memory pressure. It also adds a new directory authority, Bastet.
  1054. o Directory authority changes:
  1055. - Add "Bastet" as a ninth directory authority to the default list.
  1056. Closes ticket 23910.
  1057. - The directory authority "Longclaw" has changed its IP address.
  1058. Closes ticket 23592.
  1059. o Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha):
  1060. - Fix a timing-based assertion failure that could occur when the
  1061. circuit out-of-memory handler freed a connection's output buffer.
  1062. Fixes bug 23690; bugfix on 0.2.6.1-alpha.
  1063. o Minor features (directory authorities, backport from 0.3.2.2-alpha):
  1064. - Remove longclaw's IPv6 address, as it will soon change. Authority
  1065. IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves
  1066. 3/8 directory authorities with IPv6 addresses, but there are also
  1067. 52 fallback directory mirrors with IPv6 addresses. Resolves 19760.
  1068. o Minor features (geoip):
  1069. - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
  1070. Country database.
  1071. o Minor bugfixes (directory authority, backport from 0.3.1.5-alpha):
  1072. - When a directory authority rejects a descriptor or extrainfo with
  1073. a given digest, mark that digest as undownloadable, so that we do
  1074. not attempt to download it again over and over. We previously
  1075. tried to avoid downloading such descriptors by other means, but we
  1076. didn't notice if we accidentally downloaded one anyway. This
  1077. behavior became problematic in 0.2.7.2-alpha, when authorities
  1078. began pinning Ed25519 keys. Fixes bug 22349; bugfix
  1079. on 0.2.1.19-alpha.
  1080. o Minor bugfixes (memory safety, backport from 0.3.2.3-alpha):
  1081. - Clear the address when node_get_prim_orport() returns early.
  1082. Fixes bug 23874; bugfix on 0.2.8.2-alpha.
  1083. o Minor bugfixes (Windows service, backport from 0.3.1.6-rc):
  1084. - When running as a Windows service, set the ID of the main thread
  1085. correctly. Failure to do so made us fail to send log messages to
  1086. the controller in 0.2.1.16-rc, slowed down controller event
  1087. delivery in 0.2.7.3-rc and later, and crash with an assertion
  1088. failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha.
  1089. Patch and diagnosis from "Vort".
  1090. Changes in version 0.3.0.12 - 2017-10-25
  1091. Tor 0.3.0.12 backports a collection of bugfixes from later Tor release
  1092. series, including a bugfix for a crash issue that had affected relays
  1093. under memory pressure. It also adds a new directory authority, Bastet.
  1094. Note: the Tor 0.3.0 series will no longer be supported after 26 Jan
  1095. 2018. If you need a release with long-term support, please stick with
  1096. the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
  1097. o Directory authority changes:
  1098. - Add "Bastet" as a ninth directory authority to the default list.
  1099. Closes ticket 23910.
  1100. - The directory authority "Longclaw" has changed its IP address.
  1101. Closes ticket 23592.
  1102. o Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha):
  1103. - Fix a timing-based assertion failure that could occur when the
  1104. circuit out-of-memory handler freed a connection's output buffer.
  1105. Fixes bug 23690; bugfix on 0.2.6.1-alpha.
  1106. o Minor features (directory authorities, backport from 0.3.2.2-alpha):
  1107. - Remove longclaw's IPv6 address, as it will soon change. Authority
  1108. IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves
  1109. 3/8 directory authorities with IPv6 addresses, but there are also
  1110. 52 fallback directory mirrors with IPv6 addresses. Resolves 19760.
  1111. o Minor features (geoip):
  1112. - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
  1113. Country database.
  1114. o Minor bugfixes (directory authority, backport from 0.3.1.5-alpha):
  1115. - When a directory authority rejects a descriptor or extrainfo with
  1116. a given digest, mark that digest as undownloadable, so that we do
  1117. not attempt to download it again over and over. We previously
  1118. tried to avoid downloading such descriptors by other means, but we
  1119. didn't notice if we accidentally downloaded one anyway. This
  1120. behavior became problematic in 0.2.7.2-alpha, when authorities
  1121. began pinning Ed25519 keys. Fixes bug 22349; bugfix
  1122. on 0.2.1.19-alpha.
  1123. o Minor bugfixes (hidden service, relay, backport from 0.3.2.2-alpha):
  1124. - Avoid a possible double close of a circuit by the intro point on
  1125. error of sending the INTRO_ESTABLISHED cell. Fixes bug 23610;
  1126. bugfix on 0.3.0.1-alpha.
  1127. o Minor bugfixes (memory safety, backport from 0.3.2.3-alpha):
  1128. - Clear the address when node_get_prim_orport() returns early.
  1129. Fixes bug 23874; bugfix on 0.2.8.2-alpha.
  1130. o Minor bugfixes (Windows service, backport from 0.3.1.6-rc):
  1131. - When running as a Windows service, set the ID of the main thread
  1132. correctly. Failure to do so made us fail to send log messages to
  1133. the controller in 0.2.1.16-rc, slowed down controller event
  1134. delivery in 0.2.7.3-rc and later, and crash with an assertion
  1135. failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha.
  1136. Patch and diagnosis from "Vort".
  1137. Changes in version 0.3.1.8 - 2017-10-25
  1138. Tor 0.3.1.8 is the second stable release in the 0.3.1 series.
  1139. It includes several bugfixes, including a bugfix for a crash issue
  1140. that had affected relays under memory pressure. It also adds
  1141. a new directory authority, Bastet.
  1142. o Directory authority changes:
  1143. - Add "Bastet" as a ninth directory authority to the default list.
  1144. Closes ticket 23910.
  1145. - The directory authority "Longclaw" has changed its IP address.
  1146. Closes ticket 23592.
  1147. o Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha):
  1148. - Fix a timing-based assertion failure that could occur when the
  1149. circuit out-of-memory handler freed a connection's output buffer.
  1150. Fixes bug 23690; bugfix on 0.2.6.1-alpha.
  1151. o Minor features (directory authorities, backport from 0.3.2.2-alpha):
  1152. - Remove longclaw's IPv6 address, as it will soon change. Authority
  1153. IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves
  1154. 3/8 directory authorities with IPv6 addresses, but there are also
  1155. 52 fallback directory mirrors with IPv6 addresses. Resolves 19760.
  1156. o Minor features (geoip):
  1157. - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
  1158. Country database.
  1159. o Minor bugfixes (compilation, backport from 0.3.2.2-alpha):
  1160. - Fix a compilation warning when building with zstd support on
  1161. 32-bit platforms. Fixes bug 23568; bugfix on 0.3.1.1-alpha. Found
  1162. and fixed by Andreas Stieger.
  1163. o Minor bugfixes (compression, backport from 0.3.2.2-alpha):
  1164. - Handle a pathological case when decompressing Zstandard data when
  1165. the output buffer size is zero. Fixes bug 23551; bugfix
  1166. on 0.3.1.1-alpha.
  1167. o Minor bugfixes (directory authority, backport from 0.3.2.1-alpha):
  1168. - Remove the length limit on HTTP status lines that authorities can
  1169. send in their replies. Fixes bug 23499; bugfix on 0.3.1.6-rc.
  1170. o Minor bugfixes (hidden service, relay, backport from 0.3.2.2-alpha):
  1171. - Avoid a possible double close of a circuit by the intro point on
  1172. error of sending the INTRO_ESTABLISHED cell. Fixes bug 23610;
  1173. bugfix on 0.3.0.1-alpha.
  1174. o Minor bugfixes (memory safety, backport from 0.3.2.3-alpha):
  1175. - Clear the address when node_get_prim_orport() returns early.
  1176. Fixes bug 23874; bugfix on 0.2.8.2-alpha.
  1177. o Minor bugfixes (unit tests, backport from 0.3.2.2-alpha):
  1178. - Fix additional channelpadding unit test failures by using mocked
  1179. time instead of actual time for all tests. Fixes bug 23608; bugfix
  1180. on 0.3.1.1-alpha.
  1181. Changes in version 0.2.8.15 - 2017-09-18
  1182. Tor 0.2.8.15 backports a collection of bugfixes from later
  1183. Tor series.
  1184. Most significantly, it includes a fix for TROVE-2017-008, a
  1185. security bug that affects hidden services running with the
  1186. SafeLogging option disabled. For more information, see
  1187. https://trac.torproject.org/projects/tor/ticket/23490
  1188. Note that Tor 0.2.8.x will no longer be supported after 1 Jan
  1189. 2018. We suggest that you upgrade to the latest stable release if
  1190. possible. If you can't, we recommend that you upgrade at least to
  1191. 0.2.9, which will be supported until 2020.
  1192. o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha):
  1193. - Avoid an assertion failure bug affecting our implementation of
  1194. inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
  1195. handling of "0xx" differs from what we had expected. Fixes bug
  1196. 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007.
  1197. o Minor features:
  1198. - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
  1199. Country database.
  1200. o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha):
  1201. - Backport a fix for an "unused variable" warning that appeared
  1202. in some versions of mingw. Fixes bug 22838; bugfix on
  1203. 0.2.8.1-alpha.
  1204. o Minor bugfixes (defensive programming, undefined behavior, backport from 0.3.1.4-alpha):
  1205. - Fix a memset() off the end of an array when packing cells. This
  1206. bug should be harmless in practice, since the corrupted bytes are
  1207. still in the same structure, and are always padding bytes,
  1208. ignored, or immediately overwritten, depending on compiler
  1209. behavior. Nevertheless, because the memset()'s purpose is to make
  1210. sure that any other cell-handling bugs can't expose bytes to the
  1211. network, we need to fix it. Fixes bug 22737; bugfix on
  1212. 0.2.4.11-alpha. Fixes CID 1401591.
  1213. o Build features (backport from 0.3.1.5-alpha):
  1214. - Tor's repository now includes a Travis Continuous Integration (CI)
  1215. configuration file (.travis.yml). This is meant to help new
  1216. developers and contributors who fork Tor to a Github repository be
  1217. better able to test their changes, and understand what we expect
  1218. to pass. To use this new build feature, you must fork Tor to your
  1219. Github account, then go into the "Integrations" menu in the
  1220. repository settings for your fork and enable Travis, then push
  1221. your changes. Closes ticket 22636.
  1222. Changes in version 0.2.9.12 - 2017-09-18
  1223. Tor 0.2.9.12 backports a collection of bugfixes from later
  1224. Tor series.
  1225. Most significantly, it includes a fix for TROVE-2017-008, a
  1226. security bug that affects hidden services running with the
  1227. SafeLogging option disabled. For more information, see
  1228. https://trac.torproject.org/projects/tor/ticket/23490
  1229. o Major features (security, backport from 0.3.0.2-alpha):
  1230. - Change the algorithm used to decide DNS TTLs on client and server
  1231. side, to better resist DNS-based correlation attacks like the
  1232. DefecTor attack of Greschbach, Pulls, Roberts, Winter, and
  1233. Feamster. Now relays only return one of two possible DNS TTL
  1234. values, and clients are willing to believe DNS TTL values up to 3
  1235. hours long. Closes ticket 19769.
  1236. o Major bugfixes (crash, directory connections, backport from 0.3.0.5-rc):
  1237. - Fix a rare crash when sending a begin cell on a circuit whose
  1238. linked directory connection had already been closed. Fixes bug
  1239. 21576; bugfix on 0.2.9.3-alpha. Reported by Alec Muffett.
  1240. o Major bugfixes (DNS, backport from 0.3.0.2-alpha):
  1241. - Fix a bug that prevented exit nodes from caching DNS records for
  1242. more than 60 seconds. Fixes bug 19025; bugfix on 0.2.4.7-alpha.
  1243. o Major bugfixes (linux TPROXY support, backport from 0.3.1.1-alpha):
  1244. - Fix a typo that had prevented TPROXY-based transparent proxying
  1245. from working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha.
  1246. Patch from "d4fq0fQAgoJ".
  1247. o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha):
  1248. - Avoid an assertion failure bug affecting our implementation of
  1249. inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
  1250. handling of "0xx" differs from what we had expected. Fixes bug
  1251. 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007.
  1252. o Minor features (code style, backport from 0.3.1.3-alpha):
  1253. - Add "Falls through" comments to our codebase, in order to silence
  1254. GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas
  1255. Stieger. Closes ticket 22446.
  1256. o Minor features (geoip):
  1257. - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
  1258. Country database.
  1259. o Minor bugfixes (bandwidth accounting, backport from 0.3.1.1-alpha):
  1260. - Roll over monthly accounting at the configured hour and minute,
  1261. rather than always at 00:00. Fixes bug 22245; bugfix on 0.0.9rc1.
  1262. Found by Andrey Karpov with PVS-Studio.
  1263. o Minor bugfixes (compilation, backport from 0.3.1.5-alpha):
  1264. - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915;
  1265. bugfix on 0.2.8.1-alpha.
  1266. - Fix warnings when building with libscrypt and openssl scrypt support
  1267. on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha.
  1268. - When building with certain versions the mingw C header files, avoid
  1269. float-conversion warnings when calling the C functions isfinite(),
  1270. isnan(), and signbit(). Fixes bug 22801; bugfix on 0.2.8.1-alpha.
  1271. o Minor bugfixes (compilation, backport from 0.3.1.7):
  1272. - Avoid compiler warnings in the unit tests for running tor_sscanf()
  1273. with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha.
  1274. o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha):
  1275. - Backport a fix for an "unused variable" warning that appeared
  1276. in some versions of mingw. Fixes bug 22838; bugfix on
  1277. 0.2.8.1-alpha.
  1278. o Minor bugfixes (controller, backport from 0.3.1.7):
  1279. - Do not crash when receiving a HSPOST command with an empty body.
  1280. Fixes part of bug 22644; bugfix on 0.2.7.1-alpha.
  1281. - Do not crash when receiving a POSTDESCRIPTOR command with an
  1282. empty body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
  1283. o Minor bugfixes (coverity build support, backport from 0.3.1.5-alpha):
  1284. - Avoid Coverity build warnings related to our BUG() macro. By
  1285. default, Coverity treats BUG() as the Linux kernel does: an
  1286. instant abort(). We need to override that so our BUG() macro
  1287. doesn't prevent Coverity from analyzing functions that use it.
  1288. Fixes bug 23030; bugfix on 0.2.9.1-alpha.
  1289. o Minor bugfixes (defensive programming, undefined behavior, backport from 0.3.1.4-alpha):
  1290. - Fix a memset() off the end of an array when packing cells. This
  1291. bug should be harmless in practice, since the corrupted bytes are
  1292. still in the same structure, and are always padding bytes,
  1293. ignored, or immediately overwritten, depending on compiler
  1294. behavior. Nevertheless, because the memset()'s purpose is to make
  1295. sure that any other cell-handling bugs can't expose bytes to the
  1296. network, we need to fix it. Fixes bug 22737; bugfix on
  1297. 0.2.4.11-alpha. Fixes CID 1401591.
  1298. o Minor bugfixes (file limits, osx, backport from 0.3.1.5-alpha):
  1299. - When setting the maximum number of connections allowed by the OS,
  1300. always allow some extra file descriptors for other files. Fixes
  1301. bug 22797; bugfix on 0.2.0.10-alpha.
  1302. o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.5-alpha):
  1303. - Avoid a sandbox failure when trying to re-bind to a socket and
  1304. mark it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha.
  1305. o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.4-alpha):
  1306. - Permit the fchmod system call, to avoid crashing on startup when
  1307. starting with the seccomp2 sandbox and an unexpected set of
  1308. permissions on the data directory or its contents. Fixes bug
  1309. 22516; bugfix on 0.2.5.4-alpha.
  1310. o Minor bugfixes (relay, backport from 0.3.0.5-rc):
  1311. - Avoid a double-marked-circuit warning that could happen when we
  1312. receive DESTROY cells under heavy load. Fixes bug 20059; bugfix
  1313. on 0.1.0.1-rc.
  1314. o Minor bugfixes (voting consistency, backport from 0.3.1.1-alpha):
  1315. - Reject version numbers with non-numeric prefixes (such as +, -, or
  1316. whitespace). Disallowing whitespace prevents differential version
  1317. parsing between POSIX-based and Windows platforms. Fixes bug 21507
  1318. and part of 21508; bugfix on 0.0.8pre1.
  1319. o Build features (backport from 0.3.1.5-alpha):
  1320. - Tor's repository now includes a Travis Continuous Integration (CI)
  1321. configuration file (.travis.yml). This is meant to help new
  1322. developers and contributors who fork Tor to a Github repository be
  1323. better able to test their changes, and understand what we expect
  1324. to pass. To use this new build feature, you must fork Tor to your
  1325. Github account, then go into the "Integrations" menu in the
  1326. repository settings for your fork and enable Travis, then push
  1327. your changes. Closes ticket 22636.
  1328. Changes in version 0.3.0.11 - 2017-09-18
  1329. Tor 0.3.0.11 backports a collection of bugfixes from Tor the 0.3.1
  1330. series.
  1331. Most significantly, it includes a fix for TROVE-2017-008, a
  1332. security bug that affects hidden services running with the
  1333. SafeLogging option disabled. For more information, see
  1334. https://trac.torproject.org/projects/tor/ticket/23490
  1335. o Minor features (code style, backport from 0.3.1.7):
  1336. - Add "Falls through" comments to our codebase, in order to silence
  1337. GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas
  1338. Stieger. Closes ticket 22446.
  1339. o Minor features:
  1340. - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
  1341. Country database.
  1342. o Minor bugfixes (compilation, backport from 0.3.1.7):
  1343. - Avoid compiler warnings in the unit tests for calling tor_sscanf()
  1344. with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha.
  1345. o Minor bugfixes (controller, backport from 0.3.1.7):
  1346. - Do not crash when receiving a HSPOST command with an empty body.
  1347. Fixes part of bug 22644; bugfix on 0.2.7.1-alpha.
  1348. - Do not crash when receiving a POSTDESCRIPTOR command with an empty
  1349. body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
  1350. o Minor bugfixes (file limits, osx, backport from 0.3.1.5-alpha):
  1351. - When setting the maximum number of connections allowed by the OS,
  1352. always allow some extra file descriptors for other files. Fixes
  1353. bug 22797; bugfix on 0.2.0.10-alpha.
  1354. o Minor bugfixes (logging, relay, backport from 0.3.1.6-rc):
  1355. - Remove a forgotten debugging message when an introduction point
  1356. successfully establishes a hidden service prop224 circuit with
  1357. a client.
  1358. - Change three other log_warn() for an introduction point to
  1359. protocol warnings, because they can be failure from the network
  1360. and are not relevant to the operator. Fixes bug 23078; bugfix on
  1361. 0.3.0.1-alpha and 0.3.0.2-alpha.
  1362. Changes in version 0.3.1.7 - 2017-09-18
  1363. Tor 0.3.1.7 is the first stable release in the 0.3.1 series.
  1364. With the 0.3.1 series, Tor now serves and downloads directory
  1365. information in more compact formats, to save on bandwidth overhead. It
  1366. also contains a new padding system to resist netflow-based traffic
  1367. analysis, and experimental support for building parts of Tor in Rust
  1368. (though no parts of Tor are in Rust yet). There are also numerous
  1369. small features, bugfixes on earlier release series, and groundwork for
  1370. the hidden services revamp of 0.3.2.
  1371. This release also includes a fix for TROVE-2017-008, a security bug
  1372. that affects hidden services running with the SafeLogging option
  1373. disabled. For more information, see
  1374. https://trac.torproject.org/projects/tor/ticket/23490
  1375. Per our stable release policy, we plan to support each stable release
  1376. series for at least the next nine months, or for three months after
  1377. the first stable release of the next series: whichever is longer. If
  1378. you need a release with long-term support, we recommend that you stay
  1379. with the 0.2.9 series.
  1380. Below is a list of the changes since 0.3.0. For a list of all
  1381. changes since 0.3.1.6-rc, see the ChangeLog file.
  1382. o New dependencies:
  1383. - To build with zstd and lzma support, Tor now requires the
  1384. pkg-config tool at build time.
  1385. o Major bugfixes (security, hidden services, loggging):
  1386. - Fix a bug where we could log uninitialized stack when a certain
  1387. hidden service error occurred while SafeLogging was disabled.
  1388. Fixes bug #23490; bugfix on 0.2.7.2-alpha.
  1389. This is also tracked as TROVE-2017-008 and CVE-2017-0380.
  1390. o Major features (build system, continuous integration):
  1391. - Tor's repository now includes a Travis Continuous Integration (CI)
  1392. configuration file (.travis.yml). This is meant to help new
  1393. developers and contributors who fork Tor to a Github repository be
  1394. better able to test their changes, and understand what we expect
  1395. to pass. To use this new build feature, you must fork Tor to your
  1396. Github account, then go into the "Integrations" menu in the
  1397. repository settings for your fork and enable Travis, then push
  1398. your changes. Closes ticket 22636.
  1399. o Major features (directory protocol):
  1400. - Tor relays and authorities can now serve clients an abbreviated
  1401. version of the consensus document, containing only the changes
  1402. since an older consensus document that the client holds. Clients
  1403. now request these documents when available. When both client and
  1404. server use this new protocol, they will use far less bandwidth (up
  1405. to 94% less) to keep the client's consensus up-to-date. Implements
  1406. proposal 140; closes ticket 13339. Based on work by Daniel Martí.
  1407. - Tor can now compress directory traffic with lzma or with zstd
  1408. compression algorithms, which can deliver better bandwidth
  1409. performance. Because lzma is computationally expensive, it's only
  1410. used for documents that can be compressed once and served many
  1411. times. Support for these algorithms requires that tor is built
  1412. with the libzstd and/or liblzma libraries available. Implements
  1413. proposal 278; closes ticket 21662.
  1414. - Relays now perform the more expensive compression operations, and
  1415. consensus diff generation, in worker threads. This separation
  1416. avoids delaying the main thread when a new consensus arrives.
  1417. o Major features (experimental):
  1418. - Tor can now build modules written in Rust. To turn this on, pass
  1419. the "--enable-rust" flag to the configure script. It's not time to
  1420. get excited yet: currently, there is no actual Rust functionality
  1421. beyond some simple glue code, and a notice at startup to tell you
  1422. that Rust is running. Still, we hope that programmers and
  1423. packagers will try building Tor with Rust support, so that we can
  1424. find issues and solve portability problems. Closes ticket 22106.
  1425. o Major features (traffic analysis resistance):
  1426. - Connections between clients and relays now send a padding cell in
  1427. each direction every 1.5 to 9.5 seconds (tunable via consensus
  1428. parameters). This padding will not resist specialized
  1429. eavesdroppers, but it should be enough to make many ISPs' routine
  1430. network flow logging less useful in traffic analysis against
  1431. Tor users.
  1432. Padding is negotiated using Tor's link protocol, so both relays
  1433. and clients must upgrade for this to take effect. Clients may
  1434. still send padding despite the relay's version by setting
  1435. ConnectionPadding 1 in torrc, and may disable padding by setting
  1436. ConnectionPadding 0 in torrc. Padding may be minimized for mobile
  1437. users with the torrc option ReducedConnectionPadding. Implements
  1438. Proposal 251 and Section 2 of Proposal 254; closes ticket 16861.
  1439. - Relays will publish 24 hour totals of padding and non-padding cell
  1440. counts to their extra-info descriptors, unless PaddingStatistics 0
  1441. is set in torrc. These 24 hour totals are also rounded to
  1442. multiples of 10000.
  1443. o Major bugfixes (hidden service, relay, security):
  1444. - Fix a remotely triggerable assertion failure when a hidden service
  1445. handles a malformed BEGIN cell. Fixes bug 22493, tracked as
  1446. TROVE-2017-004 and as CVE-2017-0375; bugfix on 0.3.0.1-alpha.
  1447. - Fix a remotely triggerable assertion failure caused by receiving a
  1448. BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
  1449. 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
  1450. on 0.2.2.1-alpha.
  1451. o Major bugfixes (path selection, security):
  1452. - When choosing which guard to use for a circuit, avoid the exit's
  1453. family along with the exit itself. Previously, the new guard
  1454. selection logic avoided the exit, but did not consider its family.
  1455. Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked as TROVE-2017-
  1456. 006 and CVE-2017-0377.
  1457. o Major bugfixes (connection usage):
  1458. - We use NETINFO cells to try to determine if both relays involved
  1459. in a connection will agree on the canonical status of that
  1460. connection. We prefer the connections where this is the case for
  1461. extend cells, and try to close connections where relays disagree
  1462. on their canonical status early. Also, we now prefer the oldest
  1463. valid connection for extend cells. These two changes should reduce
  1464. the number of long-term connections that are kept open between
  1465. relays. Fixes bug 17604; bugfix on 0.2.5.5-alpha.
  1466. - Relays now log hourly statistics (look for
  1467. "channel_check_for_duplicates" lines) on the total number of
  1468. connections to other relays. If the number of connections per
  1469. relay is unexpectedly large, this log message is at notice level.
  1470. Otherwise it is at info.
  1471. o Major bugfixes (entry guards):
  1472. - When starting with an old consensus, do not add new entry guards
  1473. unless the consensus is "reasonably live" (under 1 day old). Fixes
  1474. one root cause of bug 22400; bugfix on 0.3.0.1-alpha.
  1475. - Don't block bootstrapping when a primary bridge is offline and we
  1476. can't get its descriptor. Fixes bug 22325; fixes one case of bug
  1477. 21969; bugfix on 0.3.0.3-alpha.
  1478. o Major bugfixes (linux TPROXY support):
  1479. - Fix a typo that had prevented TPROXY-based transparent proxying
  1480. from working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha.
  1481. Patch from "d4fq0fQAgoJ".
  1482. o Major bugfixes (openbsd, denial-of-service):
  1483. - Avoid an assertion failure bug affecting our implementation of
  1484. inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
  1485. handling of "0xx" differs from what we had expected. Fixes bug
  1486. 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007.
  1487. o Major bugfixes (relay, link handshake):
  1488. - When performing the v3 link handshake on a TLS connection, report
  1489. that we have the x509 certificate that we actually used on that
  1490. connection, even if we have changed certificates since that
  1491. connection was first opened. Previously, we would claim to have
  1492. used our most recent x509 link certificate, which would sometimes
  1493. make the link handshake fail. Fixes one case of bug 22460; bugfix
  1494. on 0.2.3.6-alpha.
  1495. o Major bugfixes (relays, key management):
  1496. - Regenerate link and authentication certificates whenever the key
  1497. that signs them changes; also, regenerate link certificates
  1498. whenever the signed key changes. Previously, these processes were
  1499. only weakly coupled, and we relays could (for minutes to hours)
  1500. wind up with an inconsistent set of keys and certificates, which
  1501. other relays would not accept. Fixes two cases of bug 22460;
  1502. bugfix on 0.3.0.1-alpha.
  1503. - When sending an Ed25519 signing->link certificate in a CERTS cell,
  1504. send the certificate that matches the x509 certificate that we
  1505. used on the TLS connection. Previously, there was a race condition
  1506. if the TLS context rotated after we began the TLS handshake but
  1507. before we sent the CERTS cell. Fixes a case of bug 22460; bugfix
  1508. on 0.3.0.1-alpha.
  1509. o Minor features (security, windows):
  1510. - Enable a couple of pieces of Windows hardening: one
  1511. (HeapEnableTerminationOnCorruption) that has been on-by-default
  1512. since Windows 8, and unavailable before Windows 7; and one
  1513. (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't
  1514. affect us, but shouldn't do any harm. Closes ticket 21953.
  1515. o Minor features (bridge authority):
  1516. - Add "fingerprint" lines to the networkstatus-bridges file produced
  1517. by bridge authorities. Closes ticket 22207.
  1518. o Minor features (code style):
  1519. - Add "Falls through" comments to our codebase, in order to silence
  1520. GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas
  1521. Stieger. Closes ticket 22446.
  1522. o Minor features (config options):
  1523. - Allow "%include" directives in torrc configuration files. These
  1524. directives import the settings from other files, or from all the
  1525. files in a directory. Closes ticket 1922. Code by Daniel Pinto.
  1526. - Make SAVECONF return an error when overwriting a torrc that has
  1527. includes. Using SAVECONF with the FORCE option will allow it to
  1528. overwrite torrc even if includes are used. Related to ticket 1922.
  1529. - Add "GETINFO config-can-saveconf" to tell controllers if SAVECONF
  1530. will work without the FORCE option. Related to ticket 1922.
  1531. o Minor features (controller):
  1532. - Warn the first time that a controller requests data in the long-
  1533. deprecated 'GETINFO network-status' format. Closes ticket 21703.
  1534. o Minor features (defaults):
  1535. - The default value for UseCreateFast is now 0: clients which
  1536. haven't yet received a consensus document will now use a proper
  1537. ntor handshake to talk to their directory servers whenever they
  1538. can. Closes ticket 21407.
  1539. - Onion key rotation and expiry intervals are now defined as a
  1540. network consensus parameter, per proposal 274. The default
  1541. lifetime of an onion key is increased from 7 to 28 days. Old onion
  1542. keys will expire after 7 days by default. This change will make
  1543. consensus diffs much smaller, and save significant bandwidth.
  1544. Closes ticket 21641.
  1545. o Minor features (defensive programming):
  1546. - Create a pair of consensus parameters, nf_pad_tor2web and
  1547. nf_pad_single_onion, to disable netflow padding in the consensus
  1548. for non-anonymous connections in case the overhead is high. Closes
  1549. ticket 17857.
  1550. o Minor features (diagnostic):
  1551. - Add a stack trace to the bug warnings that can be logged when
  1552. trying to send an outgoing relay cell with n_chan == 0. Diagnostic
  1553. attempt for bug 23105.
  1554. - Add logging messages to try to diagnose a rare bug that seems to
  1555. generate RSA->Ed25519 cross-certificates dated in the 1970s. We
  1556. think this is happening because of incorrect system clocks, but
  1557. we'd like to know for certain. Diagnostic for bug 22466.
  1558. - Avoid an assertion failure, and log a better error message, when
  1559. unable to remove a file from the consensus cache on Windows.
  1560. Attempts to mitigate and diagnose bug 22752.
  1561. o Minor features (directory authority):
  1562. - Improve the message that authorities report to relays that present
  1563. RSA/Ed25519 keypairs that conflict with previously pinned keys.
  1564. Closes ticket 22348.
  1565. o Minor features (directory cache, consensus diff):
  1566. - Add a new MaxConsensusAgeForDiffs option to allow directory cache
  1567. operators with low-resource environments to adjust the number of
  1568. consensuses they'll store and generate diffs from. Most cache
  1569. operators should leave it unchanged. Helps to work around
  1570. bug 22883.
  1571. o Minor features (fallback directory list):
  1572. - Update the fallback directory mirror whitelist and blacklist based
  1573. on operator emails. Closes task 21121.
  1574. - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
  1575. December 2016 (of which ~126 were still functional) with a list of
  1576. 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May
  1577. 2017. Resolves ticket 21564.
  1578. o Minor features (geoip):
  1579. - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
  1580. Country database.
  1581. o Minor features (hidden services, logging):
  1582. - Log a message when a hidden service descriptor has fewer
  1583. introduction points than specified in
  1584. HiddenServiceNumIntroductionPoints. Closes tickets 21598.
  1585. - Log a message when a hidden service reaches its introduction point
  1586. circuit limit, and when that limit is reset. Follow up to ticket
  1587. 21594; closes ticket 21622.
  1588. - Warn user if multiple entries in EntryNodes and at least one
  1589. HiddenService are used together. Pinning EntryNodes along with a
  1590. hidden service can be possibly harmful; for instance see ticket
  1591. 14917 or 21155. Closes ticket 21155.
  1592. o Minor features (linux seccomp2 sandbox):
  1593. - We now have a document storage backend compatible with the Linux
  1594. seccomp2 sandbox. This backend is used for consensus documents and
  1595. diffs between them; in the long term, we'd like to use it for
  1596. unparseable directory material too. Closes ticket 21645
  1597. - Increase the maximum allowed size passed to mprotect(PROT_WRITE)
  1598. from 1MB to 16MB. This was necessary with the glibc allocator in
  1599. order to allow worker threads to allocate more memory -- which in
  1600. turn is necessary because of our new use of worker threads for
  1601. compression. Closes ticket 22096.
  1602. o Minor features (logging):
  1603. - Log files are no longer created world-readable by default.
  1604. (Previously, most distributors would store the logs in a non-
  1605. world-readable location to prevent inappropriate access. This
  1606. change is an extra precaution.) Closes ticket 21729; patch
  1607. from toralf.
  1608. o Minor features (performance):
  1609. - Our Keccak (SHA-3) implementation now accesses memory more
  1610. efficiently, especially on little-endian systems. Closes
  1611. ticket 21737.
  1612. - Add an O(1) implementation of channel_find_by_global_id(), to
  1613. speed some controller functions.
  1614. o Minor features (relay, configuration):
  1615. - The MyFamily option may now be repeated as many times as desired,
  1616. for relays that want to configure large families. Closes ticket
  1617. 4998; patch by Daniel Pinto.
  1618. o Minor features (relay, performance):
  1619. - Always start relays with at least two worker threads, to prevent
  1620. priority inversion on slow tasks. Part of the fix for bug 22883.
  1621. - Allow background work to be queued with different priorities, so
  1622. that a big pile of slow low-priority jobs will not starve out
  1623. higher priority jobs. This lays the groundwork for a fix for
  1624. bug 22883.
  1625. o Minor features (safety):
  1626. - Add an explicit check to extrainfo_parse_entry_from_string() for
  1627. NULL inputs. We don't believe this can actually happen, but it may
  1628. help silence a warning from the Clang analyzer. Closes
  1629. ticket 21496.
  1630. o Minor features (testing):
  1631. - Add more tests for compression backend initialization. Closes
  1632. ticket 22286.
  1633. - Add a "--disable-memory-sentinels" feature to help with fuzzing.
  1634. When Tor is compiled with this option, we disable a number of
  1635. redundant memory-safety failsafes that are intended to stop bugs
  1636. from becoming security issues. This makes it easier to hunt for
  1637. bugs that would be security issues without the failsafes turned
  1638. on. Closes ticket 21439.
  1639. - Add a general event-tracing instrumentation support to Tor. This
  1640. subsystem will enable developers and researchers to add fine-
  1641. grained instrumentation to their Tor instances, for use when
  1642. examining Tor network performance issues. There are no trace
  1643. events yet, and event-tracing is off by default unless enabled at
  1644. compile time. Implements ticket 13802.
  1645. - Improve our version parsing tests: add tests for typical version
  1646. components, add tests for invalid versions, including numeric
  1647. range and non-numeric prefixes. Unit tests 21278, 21450, and
  1648. 21507. Partially implements 21470.
  1649. o Minor bugfixes (bandwidth accounting):
  1650. - Roll over monthly accounting at the configured hour and minute,
  1651. rather than always at 00:00. Fixes bug 22245; bugfix on 0.0.9rc1.
  1652. Found by Andrey Karpov with PVS-Studio.
  1653. o Minor bugfixes (code correctness):
  1654. - Accurately identify client connections by their lack of peer
  1655. authentication. This means that we bail out earlier if asked to
  1656. extend to a client. Follow-up to 21407. Fixes bug 21406; bugfix
  1657. on 0.2.4.23.
  1658. o Minor bugfixes (compilation warnings):
  1659. - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug
  1660. 22915; bugfix on 0.2.8.1-alpha.
  1661. - Fix warnings when building with libscrypt and openssl scrypt
  1662. support on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha.
  1663. - When building with certain versions of the mingw C header files,
  1664. avoid float-conversion warnings when calling the C functions
  1665. isfinite(), isnan(), and signbit(). Fixes bug 22801; bugfix
  1666. on 0.2.8.1-alpha.
  1667. o Minor bugfixes (compilation):
  1668. - Avoid compiler warnings in the unit tests for calling tor_sscanf()
  1669. with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha.
  1670. o Minor bugfixes (compression):
  1671. - When spooling compressed data to an output buffer, don't try to
  1672. spool more data when there is no more data to spool and we are not
  1673. trying to flush the input. Previously, we would sometimes launch
  1674. compression requests with nothing to do, which interferes with our
  1675. 22672 checks. Fixes bug 22719; bugfix on 0.2.0.16-alpha.
  1676. o Minor bugfixes (configuration):
  1677. - Do not crash when starting with LearnCircuitBuildTimeout 0. Fixes
  1678. bug 22252; bugfix on 0.2.9.3-alpha.
  1679. o Minor bugfixes (connection lifespan):
  1680. - Allow more control over how long TLS connections are kept open:
  1681. unify CircuitIdleTimeout and PredictedPortsRelevanceTime into a
  1682. single option called CircuitsAvailableTimeout. Also, allow the
  1683. consensus to control the default values for both this preference
  1684. and the lifespan of relay-to-relay connections. Fixes bug 17592;
  1685. bugfix on 0.2.5.5-alpha.
  1686. - Increase the initial circuit build timeout testing frequency, to
  1687. help ensure that ReducedConnectionPadding clients finish learning
  1688. a timeout before their orconn would expire. The initial testing
  1689. rate was set back in the days of TAP and before the Tor Browser
  1690. updater, when we had to be much more careful about new clients
  1691. making lots of circuits. With this change, a circuit build timeout
  1692. is learned in about 15-20 minutes, instead of 100-120 minutes.
  1693. o Minor bugfixes (controller):
  1694. - Do not crash when receiving a HSPOST command with an empty body.
  1695. Fixes part of bug 22644; bugfix on 0.2.7.1-alpha.
  1696. - Do not crash when receiving a POSTDESCRIPTOR command with an empty
  1697. body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
  1698. - GETINFO onions/current and onions/detached no longer respond with
  1699. 551 on empty lists. Fixes bug 21329; bugfix on 0.2.7.1-alpha.
  1700. - Trigger HS descriptor events on the control port when the client
  1701. fails to pick a hidden service directory for a hidden service.
  1702. This can happen if all the hidden service directories are in
  1703. ExcludeNodes, or they have all been queried within the last 15
  1704. minutes. Fixes bug 22042; bugfix on 0.2.5.2-alpha.
  1705. o Minor bugfixes (correctness):
  1706. - Avoid undefined behavior when parsing IPv6 entries from the geoip6
  1707. file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
  1708. o Minor bugfixes (coverity build support):
  1709. - Avoid Coverity build warnings related to our BUG() macro. By
  1710. default, Coverity treats BUG() as the Linux kernel does: an
  1711. instant abort(). We need to override that so our BUG() macro
  1712. doesn't prevent Coverity from analyzing functions that use it.
  1713. Fixes bug 23030; bugfix on 0.2.9.1-alpha.
  1714. o Minor bugfixes (defensive programming):
  1715. - Detect and break out of infinite loops in our compression code. We
  1716. don't think that any such loops exist now, but it's best to be
  1717. safe. Closes ticket 22672.
  1718. - Fix a memset() off the end of an array when packing cells. This
  1719. bug should be harmless in practice, since the corrupted bytes are
  1720. still in the same structure, and are always padding bytes,
  1721. ignored, or immediately overwritten, depending on compiler
  1722. behavior. Nevertheless, because the memset()'s purpose is to make
  1723. sure that any other cell-handling bugs can't expose bytes to the
  1724. network, we need to fix it. Fixes bug 22737; bugfix on
  1725. 0.2.4.11-alpha. Fixes CID 1401591.
  1726. o Minor bugfixes (directory authority):
  1727. - When a directory authority rejects a descriptor or extrainfo with
  1728. a given digest, mark that digest as undownloadable, so that we do
  1729. not attempt to download it again over and over. We previously
  1730. tried to avoid downloading such descriptors by other means, but we
  1731. didn't notice if we accidentally downloaded one anyway. This
  1732. behavior became problematic in 0.2.7.2-alpha, when authorities
  1733. began pinning Ed25519 keys. Fixes bug 22349; bugfix
  1734. on 0.2.1.19-alpha.
  1735. - When rejecting a router descriptor for running an obsolete version
  1736. of Tor without ntor support, warn about the obsolete tor version,
  1737. not the missing ntor key. Fixes bug 20270; bugfix on 0.2.9.3-alpha.
  1738. - Prevent the shared randomness subsystem from asserting when
  1739. initialized by a bridge authority with an incomplete configuration
  1740. file. Fixes bug 21586; bugfix on 0.2.9.8.
  1741. o Minor bugfixes (error reporting, windows):
  1742. - When formatting Windows error messages, use the English format to
  1743. avoid codepage issues. Fixes bug 22520; bugfix on 0.1.2.8-alpha.
  1744. Patch from "Vort".
  1745. o Minor bugfixes (exit-side DNS):
  1746. - Fix an untriggerable assertion that checked the output of a
  1747. libevent DNS error, so that the assertion actually behaves as
  1748. expected. Fixes bug 22244; bugfix on 0.2.0.20-rc. Found by Andrey
  1749. Karpov using PVS-Studio.
  1750. o Minor bugfixes (fallback directories):
  1751. - Make the usage example in updateFallbackDirs.py actually work, and
  1752. explain what it does. Fixes bug 22270; bugfix on 0.3.0.3-alpha.
  1753. - Decrease the guard flag average required to be a fallback. This
  1754. allows us to keep relays that have their guard flag removed when
  1755. they restart. Fixes bug 20913; bugfix on 0.2.8.1-alpha.
  1756. - Decrease the minimum number of fallbacks to 100. Fixes bug 20913;
  1757. bugfix on 0.2.8.1-alpha.
  1758. - Make sure fallback directory mirrors have the same address, port,
  1759. and relay identity key for at least 30 days before they are
  1760. selected. Fixes bug 20913; bugfix on 0.2.8.1-alpha.
  1761. o Minor bugfixes (file limits, osx):
  1762. - When setting the maximum number of connections allowed by the OS,
  1763. always allow some extra file descriptors for other files. Fixes
  1764. bug 22797; bugfix on 0.2.0.10-alpha.
  1765. o Minor bugfixes (hidden services):
  1766. - Increase the number of circuits that a service is allowed to
  1767. open over a specific period of time. The value was lower than it
  1768. should be (8 vs 12) in the normal case of 3 introduction points.
  1769. Fixes bug 22159; bugfix on 0.3.0.5-rc.
  1770. - Fix a BUG warning during HSv3 descriptor decoding that could be
  1771. cause by a specially crafted descriptor. Fixes bug 23233; bugfix
  1772. on 0.3.0.1-alpha. Bug found by "haxxpop".
  1773. - Stop printing a cryptic warning when a hidden service gets a
  1774. request to connect to a virtual port that it hasn't configured.
  1775. Fixes bug 16706; bugfix on 0.2.6.3-alpha.
  1776. - Simplify hidden service descriptor creation by using an existing
  1777. flag to check if an introduction point is established. Fixes bug
  1778. 21599; bugfix on 0.2.7.2-alpha.
  1779. o Minor bugfixes (link handshake):
  1780. - Lower the lifetime of the RSA->Ed25519 cross-certificate to six
  1781. months, and regenerate it when it is within one month of expiring.
  1782. Previously, we had generated this certificate at startup with a
  1783. ten-year lifetime, but that could lead to weird behavior when Tor
  1784. was started with a grossly inaccurate clock. Mitigates bug 22466;
  1785. mitigation on 0.3.0.1-alpha.
  1786. o Minor bugfixes (linux seccomp2 sandbox):
  1787. - Avoid a sandbox failure when trying to re-bind to a socket and
  1788. mark it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha.
  1789. - Permit the fchmod system call, to avoid crashing on startup when
  1790. starting with the seccomp2 sandbox and an unexpected set of
  1791. permissions on the data directory or its contents. Fixes bug
  1792. 22516; bugfix on 0.2.5.4-alpha.
  1793. o Minor bugfixes (logging):
  1794. - When decompressing, do not warn if we fail to decompress using a
  1795. compression method that we merely guessed. Fixes part of bug
  1796. 22670; bugfix on 0.1.1.14-alpha.
  1797. - When decompressing, treat mismatch between content-encoding and
  1798. actual compression type as a protocol warning. Fixes part of bug
  1799. 22670; bugfix on 0.1.1.9-alpha.
  1800. - Downgrade "assigned_to_cpuworker failed" message to info-level
  1801. severity. In every case that can reach it, either a better warning
  1802. has already been logged, or no warning is warranted. Fixes bug
  1803. 22356; bugfix on 0.2.6.3-alpha.
  1804. - Log a better message when a directory authority replies to an
  1805. upload with an unexpected status code. Fixes bug 11121; bugfix
  1806. on 0.1.0.1-rc.
  1807. - Downgrade a log statement about unexpected relay cells from "bug"
  1808. to "protocol warning", because there is at least one use case
  1809. where it can be triggered by a buggy tor implementation. Fixes bug
  1810. 21293; bugfix on 0.1.1.14-alpha.
  1811. o Minor bugfixes (logging, relay):
  1812. - Remove a forgotten debugging message when an introduction point
  1813. successfully establishes a hidden service prop224 circuit with
  1814. a client.
  1815. - Change three other log_warn() for an introduction point to
  1816. protocol warnings, because they can be failure from the network
  1817. and are not relevant to the operator. Fixes bug 23078; bugfix on
  1818. 0.3.0.1-alpha and 0.3.0.2-alpha.
  1819. o Minor bugfixes (relay):
  1820. - Inform the geoip and rephist modules about all requests, even on
  1821. relays that are only fetching microdescriptors. Fixes a bug
  1822. related to 21585; bugfix on 0.3.0.1-alpha.
  1823. o Minor bugfixes (memory leaks):
  1824. - Fix a small memory leak at exit from the backtrace handler code.
  1825. Fixes bug 21788; bugfix on 0.2.5.2-alpha. Patch from Daniel Pinto.
  1826. - When directory authorities reject a router descriptor due to
  1827. keypinning, free the router descriptor rather than leaking the
  1828. memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha.
  1829. - Fix a small memory leak when validating a configuration that uses
  1830. two or more AF_UNIX sockets for the same port type. Fixes bug
  1831. 23053; bugfix on 0.2.6.3-alpha. This is CID 1415725.
  1832. o Minor bugfixes (process behavior):
  1833. - When exiting because of an error, always exit with a nonzero exit
  1834. status. Previously, we would fail to report an error in our exit
  1835. status in cases related to __OwningControllerProcess failure,
  1836. lockfile contention, and Ed25519 key initialization. Fixes bug
  1837. 22720; bugfix on versions 0.2.1.6-alpha, 0.2.2.28-beta, and
  1838. 0.2.7.2-alpha respectively. Reported by "f55jwk4f"; patch
  1839. from "huyvq".
  1840. o Minor bugfixes (robustness, error handling):
  1841. - Improve our handling of the cases where OpenSSL encounters a
  1842. memory error while encoding keys and certificates. We haven't
  1843. observed these errors in the wild, but if they do happen, we now
  1844. detect and respond better. Fixes bug 19418; bugfix on all versions
  1845. of Tor. Reported by Guido Vranken.
  1846. o Minor bugfixes (testing):
  1847. - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291;
  1848. bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij.
  1849. - Use unbuffered I/O for utility functions around the
  1850. process_handle_t type. This fixes unit test failures reported on
  1851. OpenBSD and FreeBSD. Fixes bug 21654; bugfix on 0.2.3.1-alpha.
  1852. - Make display of captured unit test log messages consistent. Fixes
  1853. bug 21510; bugfix on 0.2.9.3-alpha.
  1854. - Make test-network.sh always call chutney's test-network.sh.
  1855. Previously, this only worked on systems which had bash installed,
  1856. due to some bash-specific code in the script. Fixes bug 19699;
  1857. bugfix on 0.3.0.4-rc. Follow-up to ticket 21581.
  1858. - Fix a memory leak in the link-handshake/certs_ok_ed25519 test.
  1859. Fixes bug 22803; bugfix on 0.3.0.1-alpha.
  1860. - The unit tests now pass on systems where localhost is misconfigured
  1861. to some IPv4 address other than 127.0.0.1. Fixes bug 6298; bugfix
  1862. on 0.0.9pre2.
  1863. o Minor bugfixes (voting consistency):
  1864. - Reject version numbers with non-numeric prefixes (such as +, -, or
  1865. whitespace). Disallowing whitespace prevents differential version
  1866. parsing between POSIX-based and Windows platforms. Fixes bug 21507
  1867. and part of 21508; bugfix on 0.0.8pre1.
  1868. o Minor bugfixes (Windows service):
  1869. - When running as a Windows service, set the ID of the main thread
  1870. correctly. Failure to do so made us fail to send log messages to
  1871. the controller in 0.2.1.16-rc, slowed down controller event
  1872. delivery in 0.2.7.3-rc and later, and crash with an assertion
  1873. failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha.
  1874. Patch and diagnosis from "Vort".
  1875. o Minor bugfixes (windows, relay):
  1876. - Resolve "Failure from drain_fd: No error" warnings on Windows
  1877. relays. Fixes bug 21540; bugfix on 0.2.6.3-alpha.
  1878. o Code simplification and refactoring:
  1879. - Break up the 630-line function connection_dir_client_reached_eof()
  1880. into a dozen smaller functions. This change should help
  1881. maintainability and readability of the client directory code.
  1882. - Isolate our use of the openssl headers so that they are only
  1883. included from our crypto wrapper modules, and from tests that
  1884. examine those modules' internals. Closes ticket 21841.
  1885. - Simplify our API to launch directory requests, making it more
  1886. extensible and less error-prone. Now it's easier to add extra
  1887. headers to directory requests. Closes ticket 21646.
  1888. - Our base64 decoding functions no longer overestimate the output
  1889. space that they need when parsing unpadded inputs. Closes
  1890. ticket 17868.
  1891. - Remove unused "ROUTER_ADDED_NOTIFY_GENERATOR" internal value.
  1892. Resolves ticket 22213.
  1893. - The logic that directory caches use to spool request to clients,
  1894. serving them one part at a time so as not to allocate too much
  1895. memory, has been refactored for consistency. Previously there was
  1896. a separate spooling implementation per type of spoolable data. Now
  1897. there is one common spooling implementation, with extensible data
  1898. types. Closes ticket 21651.
  1899. - Tor's compression module now supports multiple backends. Part of
  1900. the implementation for proposal 278; closes ticket 21663.
  1901. o Documentation:
  1902. - Add a manpage description for the key-pinning-journal file. Closes
  1903. ticket 22347.
  1904. - Correctly note that bandwidth accounting values are stored in the
  1905. state file, and the bw_accounting file is now obsolete. Closes
  1906. ticket 16082.
  1907. - Document more of the files in the Tor data directory, including
  1908. cached-extrainfo, secret_onion_key{,_ntor}.old, hidserv-stats,
  1909. approved-routers, sr-random, and diff-cache. Found while fixing
  1910. ticket 22347.
  1911. - Clarify the manpage for the (deprecated) torify script. Closes
  1912. ticket 6892.
  1913. - Clarify the behavior of the KeepAliveIsolateSOCKSAuth sub-option.
  1914. Closes ticket 21873.
  1915. - Correct documentation about the default DataDirectory value.
  1916. Closes ticket 21151.
  1917. - Document the default behavior of NumEntryGuards and
  1918. NumDirectoryGuards correctly. Fixes bug 21715; bugfix
  1919. on 0.3.0.1-alpha.
  1920. - Document key=value pluggable transport arguments for Bridge lines
  1921. in torrc. Fixes bug 20341; bugfix on 0.2.5.1-alpha.
  1922. - Note that bandwidth-limiting options don't affect TCP headers or
  1923. DNS. Closes ticket 17170.
  1924. o Removed features (configuration options, all in ticket 22060):
  1925. - These configuration options are now marked Obsolete, and no longer
  1926. have any effect: AllowInvalidNodes, AllowSingleHopCircuits,
  1927. AllowSingleHopExits, ExcludeSingleHopRelays, FastFirstHopPK,
  1928. TLSECGroup, WarnUnsafeSocks. They were first marked as deprecated
  1929. in 0.2.9.2-alpha and have now been removed. The previous default
  1930. behavior is now always chosen; the previous (less secure) non-
  1931. default behavior is now unavailable.
  1932. - CloseHSClientCircuitsImmediatelyOnTimeout and
  1933. CloseHSServiceRendCircuitsImmediatelyOnTimeout were deprecated in
  1934. 0.2.9.2-alpha and now have been removed. HS circuits never close
  1935. on circuit build timeout; they have a longer timeout period.
  1936. - {Control,DNS,Dir,Socks,Trans,NATD,OR}ListenAddress were deprecated
  1937. in 0.2.9.2-alpha and now have been removed. Use the ORPort option
  1938. (and others) to configure listen-only and advertise-only addresses.
  1939. o Removed features (tools):
  1940. - We've removed the tor-checkkey tool from src/tools. Long ago, we
  1941. used it to help people detect RSA keys that were generated by
  1942. versions of Debian affected by CVE-2008-0166. But those keys have
  1943. been out of circulation for ages, and this tool is no longer
  1944. required. Closes ticket 21842.
  1945. Changes in version 0.3.0.10 - 2017-08-02
  1946. Tor 0.3.0.10 backports a collection of small-to-medium bugfixes
  1947. from the current Tor alpha series. OpenBSD users and TPROXY users
  1948. should upgrade; others are probably okay sticking with 0.3.0.9.
  1949. o Major features (build system, continuous integration, backport from 0.3.1.5-alpha):
  1950. - Tor's repository now includes a Travis Continuous Integration (CI)
  1951. configuration file (.travis.yml). This is meant to help new
  1952. developers and contributors who fork Tor to a Github repository be
  1953. better able to test their changes, and understand what we expect
  1954. to pass. To use this new build feature, you must fork Tor to your
  1955. Github account, then go into the "Integrations" menu in the
  1956. repository settings for your fork and enable Travis, then push
  1957. your changes. Closes ticket 22636.
  1958. o Major bugfixes (linux TPROXY support, backport from 0.3.1.1-alpha):
  1959. - Fix a typo that had prevented TPROXY-based transparent proxying
  1960. from working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha.
  1961. Patch from "d4fq0fQAgoJ".
  1962. o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha):
  1963. - Avoid an assertion failure bug affecting our implementation of
  1964. inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
  1965. handling of "0xbar" differs from what we had expected. Fixes bug
  1966. 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007.
  1967. o Minor features (backport from 0.3.1.5-alpha):
  1968. - Update geoip and geoip6 to the July 4 2017 Maxmind GeoLite2
  1969. Country database.
  1970. o Minor bugfixes (bandwidth accounting, backport from 0.3.1.2-alpha):
  1971. - Roll over monthly accounting at the configured hour and minute,
  1972. rather than always at 00:00. Fixes bug 22245; bugfix on 0.0.9rc1.
  1973. Found by Andrey Karpov with PVS-Studio.
  1974. o Minor bugfixes (compilation warnings, backport from 0.3.1.5-alpha):
  1975. - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915;
  1976. bugfix on 0.2.8.1-alpha.
  1977. - Fix warnings when building with libscrypt and openssl scrypt
  1978. support on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha.
  1979. - When building with certain versions of the mingw C header files,
  1980. avoid float-conversion warnings when calling the C functions
  1981. isfinite(), isnan(), and signbit(). Fixes bug 22801; bugfix
  1982. on 0.2.8.1-alpha.
  1983. o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha):
  1984. - Backport a fix for an "unused variable" warning that appeared
  1985. in some versions of mingw. Fixes bug 22838; bugfix on
  1986. 0.2.8.1-alpha.
  1987. o Minor bugfixes (coverity build support, backport from 0.3.1.5-alpha):
  1988. - Avoid Coverity build warnings related to our BUG() macro. By
  1989. default, Coverity treats BUG() as the Linux kernel does: an
  1990. instant abort(). We need to override that so our BUG() macro
  1991. doesn't prevent Coverity from analyzing functions that use it.
  1992. Fixes bug 23030; bugfix on 0.2.9.1-alpha.
  1993. o Minor bugfixes (directory authority, backport from 0.3.1.1-alpha):
  1994. - When rejecting a router descriptor for running an obsolete version
  1995. of Tor without ntor support, warn about the obsolete tor version,
  1996. not the missing ntor key. Fixes bug 20270; bugfix on 0.2.9.3-alpha.
  1997. o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.5-alpha):
  1998. - Avoid a sandbox failure when trying to re-bind to a socket and
  1999. mark it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha.
  2000. o Minor bugfixes (unit tests, backport from 0.3.1.5-alpha)
  2001. - Fix a memory leak in the link-handshake/certs_ok_ed25519 test.
  2002. Fixes bug 22803; bugfix on 0.3.0.1-alpha.
  2003. Changes in version 0.3.0.9 - 2017-06-29
  2004. Tor 0.3.0.9 fixes a path selection bug that would allow a client
  2005. to use a guard that was in the same network family as a chosen exit
  2006. relay. This is a security regression; all clients running earlier
  2007. versions of 0.3.0.x or 0.3.1.x should upgrade to 0.3.0.9 or
  2008. 0.3.1.4-alpha.
  2009. This release also backports several other bugfixes from the 0.3.1.x
  2010. series.
  2011. o Major bugfixes (path selection, security, backport from 0.3.1.4-alpha):
  2012. - When choosing which guard to use for a circuit, avoid the exit's
  2013. family along with the exit itself. Previously, the new guard
  2014. selection logic avoided the exit, but did not consider its family.
  2015. Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked as TROVE-2017-
  2016. 006 and CVE-2017-0377.
  2017. o Major bugfixes (entry guards, backport from 0.3.1.1-alpha):
  2018. - Don't block bootstrapping when a primary bridge is offline and we
  2019. can't get its descriptor. Fixes bug 22325; fixes one case of bug
  2020. 21969; bugfix on 0.3.0.3-alpha.
  2021. o Major bugfixes (entry guards, backport from 0.3.1.4-alpha):
  2022. - When starting with an old consensus, do not add new entry guards
  2023. unless the consensus is "reasonably live" (under 1 day old). Fixes
  2024. one root cause of bug 22400; bugfix on 0.3.0.1-alpha.
  2025. o Minor features (geoip):
  2026. - Update geoip and geoip6 to the June 8 2017 Maxmind GeoLite2
  2027. Country database.
  2028. o Minor bugfixes (voting consistency, backport from 0.3.1.1-alpha):
  2029. - Reject version numbers with non-numeric prefixes (such as +, -, or
  2030. whitespace). Disallowing whitespace prevents differential version
  2031. parsing between POSIX-based and Windows platforms. Fixes bug 21507
  2032. and part of 21508; bugfix on 0.0.8pre1.
  2033. o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.4-alpha):
  2034. - Permit the fchmod system call, to avoid crashing on startup when
  2035. starting with the seccomp2 sandbox and an unexpected set of
  2036. permissions on the data directory or its contents. Fixes bug
  2037. 22516; bugfix on 0.2.5.4-alpha.
  2038. o Minor bugfixes (defensive programming, backport from 0.3.1.4-alpha):
  2039. - Fix a memset() off the end of an array when packing cells. This
  2040. bug should be harmless in practice, since the corrupted bytes are
  2041. still in the same structure, and are always padding bytes,
  2042. ignored, or immediately overwritten, depending on compiler
  2043. behavior. Nevertheless, because the memset()'s purpose is to make
  2044. sure that any other cell-handling bugs can't expose bytes to the
  2045. network, we need to fix it. Fixes bug 22737; bugfix on
  2046. 0.2.4.11-alpha. Fixes CID 1401591.
  2047. Changes in version 0.3.0.8 - 2017-06-08
  2048. Tor 0.3.0.8 fixes a pair of bugs that would allow an attacker to
  2049. remotely crash a hidden service with an assertion failure. Anyone
  2050. running a hidden service should upgrade to this version, or to some
  2051. other version with fixes for TROVE-2017-004 and TROVE-2017-005.
  2052. Tor 0.3.0.8 also includes fixes for several key management bugs
  2053. that sometimes made relays unreliable, as well as several other
  2054. bugfixes described below.
  2055. o Major bugfixes (hidden service, relay, security, backport
  2056. from 0.3.1.3-alpha):
  2057. - Fix a remotely triggerable assertion failure when a hidden service
  2058. handles a malformed BEGIN cell. Fixes bug 22493, tracked as
  2059. TROVE-2017-004 and as CVE-2017-0375; bugfix on 0.3.0.1-alpha.
  2060. - Fix a remotely triggerable assertion failure caused by receiving a
  2061. BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
  2062. 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
  2063. on 0.2.2.1-alpha.
  2064. o Major bugfixes (relay, link handshake, backport from 0.3.1.3-alpha):
  2065. - When performing the v3 link handshake on a TLS connection, report
  2066. that we have the x509 certificate that we actually used on that
  2067. connection, even if we have changed certificates since that
  2068. connection was first opened. Previously, we would claim to have
  2069. used our most recent x509 link certificate, which would sometimes
  2070. make the link handshake fail. Fixes one case of bug 22460; bugfix
  2071. on 0.2.3.6-alpha.
  2072. o Major bugfixes (relays, key management, backport from 0.3.1.3-alpha):
  2073. - Regenerate link and authentication certificates whenever the key
  2074. that signs them changes; also, regenerate link certificates
  2075. whenever the signed key changes. Previously, these processes were
  2076. only weakly coupled, and we relays could (for minutes to hours)
  2077. wind up with an inconsistent set of keys and certificates, which
  2078. other relays would not accept. Fixes two cases of bug 22460;
  2079. bugfix on 0.3.0.1-alpha.
  2080. - When sending an Ed25519 signing->link certificate in a CERTS cell,
  2081. send the certificate that matches the x509 certificate that we
  2082. used on the TLS connection. Previously, there was a race condition
  2083. if the TLS context rotated after we began the TLS handshake but
  2084. before we sent the CERTS cell. Fixes a case of bug 22460; bugfix
  2085. on 0.3.0.1-alpha.
  2086. o Major bugfixes (hidden service v3, backport from 0.3.1.1-alpha):
  2087. - Stop rejecting v3 hidden service descriptors because their size
  2088. did not match an old padding rule. Fixes bug 22447; bugfix on
  2089. tor-0.3.0.1-alpha.
  2090. o Minor features (fallback directory list, backport from 0.3.1.3-alpha):
  2091. - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
  2092. December 2016 (of which ~126 were still functional) with a list of
  2093. 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May
  2094. 2017. Resolves ticket 21564.
  2095. o Minor bugfixes (configuration, backport from 0.3.1.1-alpha):
  2096. - Do not crash when starting with LearnCircuitBuildTimeout 0. Fixes
  2097. bug 22252; bugfix on 0.2.9.3-alpha.
  2098. o Minor bugfixes (correctness, backport from 0.3.1.3-alpha):
  2099. - Avoid undefined behavior when parsing IPv6 entries from the geoip6
  2100. file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
  2101. o Minor bugfixes (link handshake, backport from 0.3.1.3-alpha):
  2102. - Lower the lifetime of the RSA->Ed25519 cross-certificate to six
  2103. months, and regenerate it when it is within one month of expiring.
  2104. Previously, we had generated this certificate at startup with a
  2105. ten-year lifetime, but that could lead to weird behavior when Tor
  2106. was started with a grossly inaccurate clock. Mitigates bug 22466;
  2107. mitigation on 0.3.0.1-alpha.
  2108. o Minor bugfixes (memory leak, directory authority, backport from
  2109. 0.3.1.2-alpha):
  2110. - When directory authorities reject a router descriptor due to
  2111. keypinning, free the router descriptor rather than leaking the
  2112. memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha.
  2113. Changes in version 0.2.9.11 - 2017-06-08
  2114. Tor 0.2.9.11 backports a fix for a bug that would allow an attacker to
  2115. remotely crash a hidden service with an assertion failure. Anyone
  2116. running a hidden service should upgrade to this version, or to some
  2117. other version with fixes for TROVE-2017-005. (Versions before 0.3.0
  2118. are not affected by TROVE-2017-004.)
  2119. Tor 0.2.9.11 also backports fixes for several key management bugs
  2120. that sometimes made relays unreliable, as well as several other
  2121. bugfixes described below.
  2122. o Major bugfixes (hidden service, relay, security, backport
  2123. from 0.3.1.3-alpha):
  2124. - Fix a remotely triggerable assertion failure caused by receiving a
  2125. BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
  2126. 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
  2127. on 0.2.2.1-alpha.
  2128. o Major bugfixes (relay, link handshake, backport from 0.3.1.3-alpha):
  2129. - When performing the v3 link handshake on a TLS connection, report
  2130. that we have the x509 certificate that we actually used on that
  2131. connection, even if we have changed certificates since that
  2132. connection was first opened. Previously, we would claim to have
  2133. used our most recent x509 link certificate, which would sometimes
  2134. make the link handshake fail. Fixes one case of bug 22460; bugfix
  2135. on 0.2.3.6-alpha.
  2136. o Minor features (fallback directory list, backport from 0.3.1.3-alpha):
  2137. - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
  2138. December 2016 (of which ~126 were still functional) with a list of
  2139. 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May
  2140. 2017. Resolves ticket 21564.
  2141. o Minor features (future-proofing, backport from 0.3.0.7):
  2142. - Tor no longer refuses to download microdescriptors or descriptors if
  2143. they are listed as "published in the future". This change will
  2144. eventually allow us to stop listing meaningful "published" dates
  2145. in microdescriptor consensuses, and thereby allow us to reduce the
  2146. resources required to download consensus diffs by over 50%.
  2147. Implements part of ticket 21642; implements part of proposal 275.
  2148. o Minor features (directory authorities, backport from 0.3.0.4-rc)
  2149. - Directory authorities now reject relays running versions
  2150. 0.2.9.1-alpha through 0.2.9.4-alpha, because those relays
  2151. suffer from bug 20499 and don't keep their consensus cache
  2152. up-to-date. Resolves ticket 20509.
  2153. o Minor features (geoip):
  2154. - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
  2155. Country database.
  2156. o Minor bugfixes (control port, backport from 0.3.0.6):
  2157. - The GETINFO extra-info/digest/<digest> command was broken because
  2158. of a wrong base16 decode return value check, introduced when
  2159. refactoring that API. Fixes bug 22034; bugfix on 0.2.9.1-alpha.
  2160. o Minor bugfixes (correctness, backport from 0.3.1.3-alpha):
  2161. - Avoid undefined behavior when parsing IPv6 entries from the geoip6
  2162. file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
  2163. o Minor bugfixes (Linux seccomp2 sandbox, backport from 0.3.0.7):
  2164. - The getpid() system call is now permitted under the Linux seccomp2
  2165. sandbox, to avoid crashing with versions of OpenSSL (and other
  2166. libraries) that attempt to learn the process's PID by using the
  2167. syscall rather than the VDSO code. Fixes bug 21943; bugfix
  2168. on 0.2.5.1-alpha.
  2169. o Minor bugfixes (memory leak, directory authority, backport
  2170. from 0.3.1.2-alpha):
  2171. - When directory authorities reject a router descriptor due to
  2172. keypinning, free the router descriptor rather than leaking the
  2173. memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha.
  2174. Changes in version 0.2.8.14 - 2017-06-08
  2175. Tor 0.2.7.8 backports a fix for a bug that would allow an attacker to
  2176. remotely crash a hidden service with an assertion failure. Anyone
  2177. running a hidden service should upgrade to this version, or to some
  2178. other version with fixes for TROVE-2017-005. (Versions before 0.3.0
  2179. are not affected by TROVE-2017-004.)
  2180. o Major bugfixes (hidden service, relay, security):
  2181. - Fix a remotely triggerable assertion failure caused by receiving a
  2182. BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
  2183. 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
  2184. on 0.2.2.1-alpha.
  2185. o Minor features (geoip):
  2186. - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
  2187. Country database.
  2188. o Minor features (fallback directory list, backport from 0.3.1.3-alpha):
  2189. - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
  2190. December 2016 (of which ~126 were still functional) with a list of
  2191. 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May
  2192. 2017. Resolves ticket 21564.
  2193. o Minor bugfixes (correctness):
  2194. - Avoid undefined behavior when parsing IPv6 entries from the geoip6
  2195. file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
  2196. Changes in version 0.2.7.8 - 2017-06-08
  2197. Tor 0.2.7.8 backports a fix for a bug that would allow an attacker to
  2198. remotely crash a hidden service with an assertion failure. Anyone
  2199. running a hidden service should upgrade to this version, or to some
  2200. other version with fixes for TROVE-2017-005. (Versions before 0.3.0
  2201. are not affected by TROVE-2017-004.)
  2202. o Major bugfixes (hidden service, relay, security):
  2203. - Fix a remotely triggerable assertion failure caused by receiving a
  2204. BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
  2205. 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
  2206. on 0.2.2.1-alpha.
  2207. o Minor features (geoip):
  2208. - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
  2209. Country database.
  2210. o Minor bugfixes (correctness):
  2211. - Avoid undefined behavior when parsing IPv6 entries from the geoip6
  2212. file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
  2213. Changes in version 0.2.6.12 - 2017-06-08
  2214. Tor 0.2.6.12 backports a fix for a bug that would allow an attacker to
  2215. remotely crash a hidden service with an assertion failure. Anyone
  2216. running a hidden service should upgrade to this version, or to some
  2217. other version with fixes for TROVE-2017-005. (Versions before 0.3.0
  2218. are not affected by TROVE-2017-004.)
  2219. o Major bugfixes (hidden service, relay, security):
  2220. - Fix a remotely triggerable assertion failure caused by receiving a
  2221. BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
  2222. 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
  2223. on 0.2.2.1-alpha.
  2224. o Minor features (geoip):
  2225. - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
  2226. Country database.
  2227. o Minor bugfixes (correctness):
  2228. - Avoid undefined behavior when parsing IPv6 entries from the geoip6
  2229. file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
  2230. Changes in version 0.2.5.14 - 2017-06-08
  2231. Tor 0.2.5.14 backports a fix for a bug that would allow an attacker to
  2232. remotely crash a hidden service with an assertion failure. Anyone
  2233. running a hidden service should upgrade to this version, or to some
  2234. other version with fixes for TROVE-2017-005. (Versions before 0.3.0
  2235. are not affected by TROVE-2017-004.)
  2236. o Major bugfixes (hidden service, relay, security):
  2237. - Fix a remotely triggerable assertion failure caused by receiving a
  2238. BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
  2239. 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
  2240. on 0.2.2.1-alpha.
  2241. o Minor features (geoip):
  2242. - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
  2243. Country database.
  2244. o Minor bugfixes (correctness):
  2245. - Avoid undefined behavior when parsing IPv6 entries from the geoip6
  2246. file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
  2247. Changes in version 0.2.4.29 - 2017-06-08
  2248. Tor 0.2.4.29 backports a fix for a bug that would allow an attacker to
  2249. remotely crash a hidden service with an assertion failure. Anyone
  2250. running a hidden service should upgrade to this version, or to some
  2251. other version with fixes for TROVE-2017-005. (Versions before 0.3.0
  2252. are not affected by TROVE-2017-004.)
  2253. o Major bugfixes (hidden service, relay, security):
  2254. - Fix a remotely triggerable assertion failure caused by receiving a
  2255. BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
  2256. 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
  2257. on 0.2.2.1-alpha.
  2258. o Minor features (geoip):
  2259. - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
  2260. Country database.
  2261. o Minor bugfixes (correctness):
  2262. - Avoid undefined behavior when parsing IPv6 entries from the geoip6
  2263. file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
  2264. Changes in version 0.3.0.7 - 2017-05-15
  2265. Tor 0.3.0.7 fixes a medium-severity security bug in earlier versions
  2266. of Tor 0.3.0.x, where an attacker could cause a Tor relay process
  2267. to exit. Relays running earlier versions of Tor 0.3.0.x should upgrade;
  2268. clients are not affected.
  2269. o Major bugfixes (hidden service directory, security):
  2270. - Fix an assertion failure in the hidden service directory code, which
  2271. could be used by an attacker to remotely cause a Tor relay process to
  2272. exit. Relays running earlier versions of Tor 0.3.0.x should upgrade.
  2273. should upgrade. This security issue is tracked as TROVE-2017-002.
  2274. Fixes bug 22246; bugfix on 0.3.0.1-alpha.
  2275. o Minor features:
  2276. - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
  2277. Country database.
  2278. o Minor features (future-proofing):
  2279. - Tor no longer refuses to download microdescriptors or descriptors
  2280. if they are listed as "published in the future". This change will
  2281. eventually allow us to stop listing meaningful "published" dates
  2282. in microdescriptor consensuses, and thereby allow us to reduce the
  2283. resources required to download consensus diffs by over 50%.
  2284. Implements part of ticket 21642; implements part of proposal 275.
  2285. o Minor bugfixes (Linux seccomp2 sandbox):
  2286. - The getpid() system call is now permitted under the Linux seccomp2
  2287. sandbox, to avoid crashing with versions of OpenSSL (and other
  2288. libraries) that attempt to learn the process's PID by using the
  2289. syscall rather than the VDSO code. Fixes bug 21943; bugfix
  2290. on 0.2.5.1-alpha.
  2291. Changes in version 0.3.0.6 - 2017-04-26
  2292. Tor 0.3.0.6 is the first stable release of the Tor 0.3.0 series.
  2293. With the 0.3.0 series, clients and relays now use Ed25519 keys to
  2294. authenticate their link connections to relays, rather than the old
  2295. RSA1024 keys that they used before. (Circuit crypto has been
  2296. Curve25519-authenticated since 0.2.4.8-alpha.) We have also replaced
  2297. the guard selection and replacement algorithm to behave more robustly
  2298. in the presence of unreliable networks, and to resist guard-
  2299. capture attacks.
  2300. This series also includes numerous other small features and bugfixes,
  2301. along with more groundwork for the upcoming hidden-services revamp.
  2302. Per our stable release policy, we plan to support the Tor 0.3.0
  2303. release series for at least the next nine months, or for three months
  2304. after the first stable release of the 0.3.1 series: whichever is
  2305. longer. If you need a release with long-term support, we recommend
  2306. that you stay with the 0.2.9 series.
  2307. Below are the changes since 0.2.9.10. For a list of only the changes
  2308. since 0.3.0.5-rc, see the ChangeLog file.
  2309. o Major features (directory authority, security):
  2310. - The default for AuthDirPinKeys is now 1: directory authorities
  2311. will reject relays where the RSA identity key matches a previously
  2312. seen value, but the Ed25519 key has changed. Closes ticket 18319.
  2313. o Major features (guard selection algorithm):
  2314. - Tor's guard selection algorithm has been redesigned from the
  2315. ground up, to better support unreliable networks and restrictive
  2316. sets of entry nodes, and to better resist guard-capture attacks by
  2317. hostile local networks. Implements proposal 271; closes
  2318. ticket 19877.
  2319. o Major features (next-generation hidden services):
  2320. - Relays can now handle v3 ESTABLISH_INTRO cells as specified by
  2321. prop224 aka "Next Generation Hidden Services". Service and clients
  2322. don't use this functionality yet. Closes ticket 19043. Based on
  2323. initial code by Alec Heifetz.
  2324. - Relays now support the HSDir version 3 protocol, so that they can
  2325. can store and serve v3 descriptors. This is part of the next-
  2326. generation onion service work detailed in proposal 224. Closes
  2327. ticket 17238.
  2328. o Major features (protocol, ed25519 identity keys):
  2329. - Clients now support including Ed25519 identity keys in the EXTEND2
  2330. cells they generate. By default, this is controlled by a consensus
  2331. parameter, currently disabled. You can turn this feature on for
  2332. testing by setting ExtendByEd25519ID in your configuration. This
  2333. might make your traffic appear different than the traffic
  2334. generated by other users, however. Implements part of ticket
  2335. 15056; part of proposal 220.
  2336. - Relays now understand requests to extend to other relays by their
  2337. Ed25519 identity keys. When an Ed25519 identity key is included in
  2338. an EXTEND2 cell, the relay will only extend the circuit if the
  2339. other relay can prove ownership of that identity. Implements part
  2340. of ticket 15056; part of proposal 220.
  2341. - Relays now use Ed25519 to prove their Ed25519 identities and to
  2342. one another, and to clients. This algorithm is faster and more
  2343. secure than the RSA-based handshake we've been doing until now.
  2344. Implements the second big part of proposal 220; Closes
  2345. ticket 15055.
  2346. o Major features (security):
  2347. - Change the algorithm used to decide DNS TTLs on client and server
  2348. side, to better resist DNS-based correlation attacks like the
  2349. DefecTor attack of Greschbach, Pulls, Roberts, Winter, and
  2350. Feamster. Now relays only return one of two possible DNS TTL
  2351. values, and clients are willing to believe DNS TTL values up to 3
  2352. hours long. Closes ticket 19769.
  2353. o Major bugfixes (client, onion service, also in 0.2.9.9):
  2354. - Fix a client-side onion service reachability bug, where multiple
  2355. socks requests to an onion service (or a single slow request)
  2356. could cause us to mistakenly mark some of the service's
  2357. introduction points as failed, and we cache that failure so
  2358. eventually we run out and can't reach the service. Also resolves a
  2359. mysterious "Remote server sent bogus reason code 65021" log
  2360. warning. The bug was introduced in ticket 17218, where we tried to
  2361. remember the circuit end reason as a uint16_t, which mangled
  2362. negative values. Partially fixes bug 21056 and fixes bug 20307;
  2363. bugfix on 0.2.8.1-alpha.
  2364. o Major bugfixes (crash, directory connections):
  2365. - Fix a rare crash when sending a begin cell on a circuit whose
  2366. linked directory connection had already been closed. Fixes bug
  2367. 21576; bugfix on 0.2.9.3-alpha. Reported by Alec Muffett.
  2368. o Major bugfixes (directory authority):
  2369. - During voting, when marking a relay as a probable sybil, do not
  2370. clear its BadExit flag: sybils can still be bad in other ways
  2371. too. (We still clear the other flags.) Fixes bug 21108; bugfix
  2372. on 0.2.0.13-alpha.
  2373. o Major bugfixes (DNS):
  2374. - Fix a bug that prevented exit nodes from caching DNS records for
  2375. more than 60 seconds. Fixes bug 19025; bugfix on 0.2.4.7-alpha.
  2376. o Major bugfixes (IPv6 Exits):
  2377. - Stop rejecting all IPv6 traffic on Exits whose exit policy rejects
  2378. any IPv6 addresses. Instead, only reject a port over IPv6 if the
  2379. exit policy rejects that port on more than an IPv6 /16 of
  2380. addresses. This bug was made worse by 17027 in 0.2.8.1-alpha,
  2381. which rejected a relay's own IPv6 address by default. Fixes bug
  2382. 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha.
  2383. o Major bugfixes (parsing):
  2384. - Fix an integer underflow bug when comparing malformed Tor
  2385. versions. This bug could crash Tor when built with
  2386. --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
  2387. 0.2.9.8, which were built with -ftrapv by default. In other cases
  2388. it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
  2389. on 0.0.8pre1. Found by OSS-Fuzz.
  2390. - When parsing a malformed content-length field from an HTTP
  2391. message, do not read off the end of the buffer. This bug was a
  2392. potential remote denial-of-service attack against Tor clients and
  2393. relays. A workaround was released in October 2016, to prevent this
  2394. bug from crashing Tor. This is a fix for the underlying issue,
  2395. which should no longer matter (if you applied the earlier patch).
  2396. Fixes bug 20894; bugfix on 0.2.0.16-alpha. Bug found by fuzzing
  2397. using AFL (http://lcamtuf.coredump.cx/afl/).
  2398. o Major bugfixes (scheduler):
  2399. - Actually compare circuit policies in ewma_cmp_cmux(). This bug
  2400. caused the channel scheduler to behave more or less randomly,
  2401. rather than preferring channels with higher-priority circuits.
  2402. Fixes bug 20459; bugfix on 0.2.6.2-alpha.
  2403. o Major bugfixes (security, also in 0.2.9.9):
  2404. - Downgrade the "-ftrapv" option from "always on" to "only on when
  2405. --enable-expensive-hardening is provided." This hardening option,
  2406. like others, can turn survivable bugs into crashes--and having it
  2407. on by default made a (relatively harmless) integer overflow bug
  2408. into a denial-of-service bug. Fixes bug 21278 (TROVE-2017-001);
  2409. bugfix on 0.2.9.1-alpha.
  2410. o Minor feature (client):
  2411. - Enable IPv6 traffic on the SocksPort by default. To disable this,
  2412. a user will have to specify "NoIPv6Traffic". Closes ticket 21269.
  2413. o Minor feature (fallback scripts):
  2414. - Add a check_existing mode to updateFallbackDirs.py, which checks
  2415. if fallbacks in the hard-coded list are working. Closes ticket
  2416. 20174. Patch by haxxpop.
  2417. o Minor feature (protocol versioning):
  2418. - Add new protocol version for proposal 224. HSIntro now advertises
  2419. version "3-4" and HSDir version "1-2". Fixes ticket 20656.
  2420. o Minor features (ciphersuite selection):
  2421. - Allow relays to accept a wider range of ciphersuites, including
  2422. chacha20-poly1305 and AES-CCM. Closes the other part of 15426.
  2423. - Clients now advertise a list of ciphersuites closer to the ones
  2424. preferred by Firefox. Closes part of ticket 15426.
  2425. o Minor features (controller):
  2426. - Add "GETINFO sr/current" and "GETINFO sr/previous" keys, to expose
  2427. shared-random values to the controller. Closes ticket 19925.
  2428. - When HSFETCH arguments cannot be parsed, say "Invalid argument"
  2429. rather than "unrecognized." Closes ticket 20389; patch from
  2430. Ivan Markin.
  2431. o Minor features (controller, configuration):
  2432. - Each of the *Port options, such as SocksPort, ORPort, ControlPort,
  2433. and so on, now comes with a __*Port variant that will not be saved
  2434. to the torrc file by the controller's SAVECONF command. This
  2435. change allows TorBrowser to set up a single-use domain socket for
  2436. each time it launches Tor. Closes ticket 20956.
  2437. - The GETCONF command can now query options that may only be
  2438. meaningful in context-sensitive lists. This allows the controller
  2439. to query the mixed SocksPort/__SocksPort style options introduced
  2440. in feature 20956. Implements ticket 21300.
  2441. o Minor features (diagnostic, directory client):
  2442. - Warn when we find an unexpected inconsistency in directory
  2443. download status objects. Prevents some negative consequences of
  2444. bug 20593.
  2445. o Minor features (directory authorities):
  2446. - Directory authorities now reject descriptors that claim to be
  2447. malformed versions of Tor. Helps prevent exploitation of
  2448. bug 21278.
  2449. - Reject version numbers with components that exceed INT32_MAX.
  2450. Otherwise 32-bit and 64-bit platforms would behave inconsistently.
  2451. Fixes bug 21450; bugfix on 0.0.8pre1.
  2452. o Minor features (directory authority):
  2453. - Add a new authority-only AuthDirTestEd25519LinkKeys option (on by
  2454. default) to control whether authorities should try to probe relays
  2455. by their Ed25519 link keys. This option will go away in a few
  2456. releases--unless we encounter major trouble in our ed25519 link
  2457. protocol rollout, in which case it will serve as a safety option.
  2458. o Minor features (directory cache):
  2459. - Relays and bridges will now refuse to serve the consensus they
  2460. have if they know it is too old for a client to use. Closes
  2461. ticket 20511.
  2462. o Minor features (ed25519 link handshake):
  2463. - Advertise support for the ed25519 link handshake using the
  2464. subprotocol-versions mechanism, so that clients can tell which
  2465. relays can identity themselves by Ed25519 ID. Closes ticket 20552.
  2466. o Minor features (entry guards):
  2467. - Add UseEntryGuards to TEST_OPTIONS_DEFAULT_VALUES in order to not
  2468. break regression tests.
  2469. - Require UseEntryGuards when UseBridges is set, in order to make
  2470. sure bridges aren't bypassed. Resolves ticket 20502.
  2471. o Minor features (fallback directories):
  2472. - Allow 3 fallback relays per operator, which is safe now that we
  2473. are choosing 200 fallback relays. Closes ticket 20912.
  2474. - Annotate updateFallbackDirs.py with the bandwidth and consensus
  2475. weight for each candidate fallback. Closes ticket 20878.
  2476. - Display the relay fingerprint when downloading consensuses from
  2477. fallbacks. Closes ticket 20908.
  2478. - Exclude relays affected by bug 20499 from the fallback list.
  2479. Exclude relays from the fallback list if they are running versions
  2480. known to be affected by bug 20499, or if in our tests they deliver
  2481. a stale consensus (i.e. one that expired more than 24 hours ago).
  2482. Closes ticket 20539.
  2483. - Make it easier to change the output sort order of fallbacks.
  2484. Closes ticket 20822.
  2485. - Reduce the minimum fallback bandwidth to 1 MByte/s. Part of
  2486. ticket 18828.
  2487. - Require fallback directories to have the same address and port for
  2488. 7 days (now that we have enough relays with this stability).
  2489. Relays whose OnionOO stability timer is reset on restart by bug
  2490. 18050 should upgrade to Tor 0.2.8.7 or later, which has a fix for
  2491. this issue. Closes ticket 20880; maintains short-term fix
  2492. in 0.2.8.2-alpha.
  2493. - Require fallbacks to have flags for 90% of the time (weighted
  2494. decaying average), rather than 95%. This allows at least 73% of
  2495. clients to bootstrap in the first 5 seconds without contacting an
  2496. authority. Part of ticket 18828.
  2497. - Select 200 fallback directories for each release. Closes
  2498. ticket 20881.
  2499. o Minor features (fingerprinting resistance, authentication):
  2500. - Extend the length of RSA keys used for TLS link authentication to
  2501. 2048 bits. (These weren't used for forward secrecy; for forward
  2502. secrecy, we used P256.) Closes ticket 13752.
  2503. o Minor features (geoip):
  2504. - Update geoip and geoip6 to the April 4 2017 Maxmind GeoLite2
  2505. Country database.
  2506. o Minor features (geoip, also in 0.2.9.9):
  2507. - Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2
  2508. Country database.
  2509. o Minor features (infrastructure):
  2510. - Implement smartlist_add_strdup() function. Replaces the use of
  2511. smartlist_add(sl, tor_strdup(str)). Closes ticket 20048.
  2512. o Minor features (linting):
  2513. - Enhance the changes file linter to warn on Tor versions that are
  2514. prefixed with "tor-". Closes ticket 21096.
  2515. o Minor features (logging):
  2516. - In several places, describe unset ed25519 keys as "<unset>",
  2517. rather than the scary "AAAAAAAA...AAA". Closes ticket 21037.
  2518. o Minor features (portability, compilation):
  2519. - Autoconf now checks to determine if OpenSSL structures are opaque,
  2520. instead of explicitly checking for OpenSSL version numbers. Part
  2521. of ticket 21359.
  2522. - Support building with recent LibreSSL code that uses opaque
  2523. structures. Closes ticket 21359.
  2524. o Minor features (relay):
  2525. - We now allow separation of exit and relay traffic to different
  2526. source IP addresses, using the OutboundBindAddressExit and
  2527. OutboundBindAddressOR options respectively. Closes ticket 17975.
  2528. Written by Michael Sonntag.
  2529. o Minor features (reliability, crash):
  2530. - Try better to detect problems in buffers where they might grow (or
  2531. think they have grown) over 2 GB in size. Diagnostic for
  2532. bug 21369.
  2533. o Minor features (testing):
  2534. - During 'make test-network-all', if tor logs any warnings, ask
  2535. chutney to output them. Requires a recent version of chutney with
  2536. the 21572 patch. Implements 21570.
  2537. o Minor bugfix (control protocol):
  2538. - The reply to a "GETINFO config/names" request via the control
  2539. protocol now spells the type "Dependent" correctly. This is a
  2540. breaking change in the control protocol. (The field seems to be
  2541. ignored by the most common known controllers.) Fixes bug 18146;
  2542. bugfix on 0.1.1.4-alpha.
  2543. - The GETINFO extra-info/digest/<digest> command was broken because
  2544. of a wrong base16 decode return value check, introduced when
  2545. refactoring that API. Fixes bug 22034; bugfix on 0.2.9.1-alpha.
  2546. o Minor bugfix (logging):
  2547. - Don't recommend the use of Tor2web in non-anonymous mode.
  2548. Recommending Tor2web is a bad idea because the client loses all
  2549. anonymity. Tor2web should only be used in specific cases by users
  2550. who *know* and understand the issues. Fixes bug 21294; bugfix
  2551. on 0.2.9.3-alpha.
  2552. o Minor bugfixes (bug resilience):
  2553. - Fix an unreachable size_t overflow in base64_decode(). Fixes bug
  2554. 19222; bugfix on 0.2.0.9-alpha. Found by Guido Vranken; fixed by
  2555. Hans Jerry Illikainen.
  2556. o Minor bugfixes (build):
  2557. - Replace obsolete Autoconf macros with their modern equivalent and
  2558. prevent similar issues in the future. Fixes bug 20990; bugfix
  2559. on 0.1.0.1-rc.
  2560. o Minor bugfixes (certificate expiration time):
  2561. - Avoid using link certificates that don't become valid till some
  2562. time in the future. Fixes bug 21420; bugfix on 0.2.4.11-alpha
  2563. o Minor bugfixes (client):
  2564. - Always recover from failures in extend_info_from_node(), in an
  2565. attempt to prevent any recurrence of bug 21242. Fixes bug 21372;
  2566. bugfix on 0.2.3.1-alpha.
  2567. - When clients that use bridges start up with a cached consensus on
  2568. disk, they were ignoring it and downloading a new one. Now they
  2569. use the cached one. Fixes bug 20269; bugfix on 0.2.3.12-alpha.
  2570. o Minor bugfixes (code correctness):
  2571. - Repair a couple of (unreachable or harmless) cases of the risky
  2572. comparison-by-subtraction pattern that caused bug 21278.
  2573. o Minor bugfixes (config):
  2574. - Don't assert on startup when trying to get the options list and
  2575. LearnCircuitBuildTimeout is set to 0: we are currently parsing the
  2576. options so of course they aren't ready yet. Fixes bug 21062;
  2577. bugfix on 0.2.9.3-alpha.
  2578. o Minor bugfixes (configuration):
  2579. - Accept non-space whitespace characters after the severity level in
  2580. the `Log` option. Fixes bug 19965; bugfix on 0.2.1.1-alpha.
  2581. - Support "TByte" and "TBytes" units in options given in bytes.
  2582. "TB", "terabyte(s)", "TBit(s)" and "terabit(s)" were already
  2583. supported. Fixes bug 20622; bugfix on 0.2.0.14-alpha.
  2584. o Minor bugfixes (configure, autoconf):
  2585. - Rename the configure option --enable-expensive-hardening to
  2586. --enable-fragile-hardening. Expensive hardening makes the tor
  2587. daemon abort when some kinds of issues are detected. Thus, it
  2588. makes tor more at risk of remote crashes but safer against RCE or
  2589. heartbleed bug category. We now try to explain this issue in a
  2590. message from the configure script. Fixes bug 21290; bugfix
  2591. on 0.2.5.4-alpha.
  2592. o Minor bugfixes (consensus weight):
  2593. - Add new consensus method that initializes bw weights to 1 instead
  2594. of 0. This prevents a zero weight from making it all the way to
  2595. the end (happens in small testing networks) and causing an error.
  2596. Fixes bug 14881; bugfix on 0.2.2.17-alpha.
  2597. o Minor bugfixes (crash prevention):
  2598. - Fix an (currently untriggerable, but potentially dangerous) crash
  2599. bug when base32-encoding inputs whose sizes are not a multiple of
  2600. 5. Fixes bug 21894; bugfix on 0.2.9.1-alpha.
  2601. o Minor bugfixes (dead code):
  2602. - Remove a redundant check for PidFile changes at runtime in
  2603. options_transition_allowed(): this check is already performed
  2604. regardless of whether the sandbox is active. Fixes bug 21123;
  2605. bugfix on 0.2.5.4-alpha.
  2606. o Minor bugfixes (descriptors):
  2607. - Correctly recognise downloaded full descriptors as valid, even
  2608. when using microdescriptors as circuits. This affects clients with
  2609. FetchUselessDescriptors set, and may affect directory authorities.
  2610. Fixes bug 20839; bugfix on 0.2.3.2-alpha.
  2611. o Minor bugfixes (directory mirrors):
  2612. - Allow relays to use directory mirrors without a DirPort: these
  2613. relays need to be contacted over their ORPorts using a begindir
  2614. connection. Fixes one case of bug 20711; bugfix on 0.2.8.2-alpha.
  2615. - Clarify the message logged when a remote relay is unexpectedly
  2616. missing an ORPort or DirPort: users were confusing this with a
  2617. local port. Fixes another case of bug 20711; bugfix
  2618. on 0.2.8.2-alpha.
  2619. o Minor bugfixes (directory system):
  2620. - Bridges and relays now use microdescriptors (like clients do)
  2621. rather than old-style router descriptors. Now bridges will blend
  2622. in with clients in terms of the circuits they build. Fixes bug
  2623. 6769; bugfix on 0.2.3.2-alpha.
  2624. - Download all consensus flavors, descriptors, and authority
  2625. certificates when FetchUselessDescriptors is set, regardless of
  2626. whether tor is a directory cache or not. Fixes bug 20667; bugfix
  2627. on all recent tor versions.
  2628. o Minor bugfixes (documentation):
  2629. - Update the tor manual page to document every option that can not
  2630. be changed while tor is running. Fixes bug 21122.
  2631. o Minor bugfixes (ed25519 certificates):
  2632. - Correctly interpret ed25519 certificates that would expire some
  2633. time after 19 Jan 2038. Fixes bug 20027; bugfix on 0.2.7.2-alpha.
  2634. o Minor bugfixes (fallback directories):
  2635. - Avoid checking fallback candidates' DirPorts if they are down in
  2636. OnionOO. When a relay operator has multiple relays, this
  2637. prioritizes relays that are up over relays that are down. Fixes
  2638. bug 20926; bugfix on 0.2.8.3-alpha.
  2639. - Stop failing when OUTPUT_COMMENTS is True in updateFallbackDirs.py.
  2640. Fixes bug 20877; bugfix on 0.2.8.3-alpha.
  2641. - Stop failing when a relay has no uptime data in
  2642. updateFallbackDirs.py. Fixes bug 20945; bugfix on 0.2.8.1-alpha.
  2643. o Minor bugfixes (hidden service):
  2644. - Clean up the code for expiring intro points with no associated
  2645. circuits. It was causing, rarely, a service with some expiring
  2646. introduction points to not open enough additional introduction
  2647. points. Fixes part of bug 21302; bugfix on 0.2.7.2-alpha.
  2648. - Resolve two possible underflows which could lead to creating and
  2649. closing a lot of introduction point circuits in a non-stop loop.
  2650. Fixes bug 21302; bugfix on 0.2.7.2-alpha.
  2651. - Stop setting the torrc option HiddenServiceStatistics to "0" just
  2652. because we're not a bridge or relay. Instead, we preserve whatever
  2653. value the user set (or didn't set). Fixes bug 21150; bugfix
  2654. on 0.2.6.2-alpha.
  2655. o Minor bugfixes (hidden services):
  2656. - Make hidden services check for failed intro point connections,
  2657. even when they have exceeded their intro point creation limit.
  2658. Fixes bug 21596; bugfix on 0.2.7.2-alpha. Reported by Alec Muffett.
  2659. - Make hidden services with 8 to 10 introduction points check for
  2660. failed circuits immediately after startup. Previously, they would
  2661. wait for 5 minutes before performing their first checks. Fixes bug
  2662. 21594; bugfix on 0.2.3.9-alpha. Reported by Alec Muffett.
  2663. - Stop ignoring misconfigured hidden services. Instead, refuse to
  2664. start tor until the misconfigurations have been corrected. Fixes
  2665. bug 20559; bugfix on multiple commits in 0.2.7.1-alpha
  2666. and earlier.
  2667. o Minor bugfixes (IPv6):
  2668. - Make IPv6-using clients try harder to find an IPv6 directory
  2669. server. Fixes bug 20999; bugfix on 0.2.8.2-alpha.
  2670. - When IPv6 addresses have not been downloaded yet (microdesc
  2671. consensus documents don't list relay IPv6 addresses), use hard-
  2672. coded addresses for authorities, fallbacks, and configured
  2673. bridges. Now IPv6-only clients can use microdescriptors. Fixes bug
  2674. 20996; bugfix on b167e82 from 19608 in 0.2.8.5-alpha.
  2675. o Minor bugfixes (memory leak at exit):
  2676. - Fix a small harmless memory leak at exit of the previously unused
  2677. RSA->Ed identity cross-certificate. Fixes bug 17779; bugfix
  2678. on 0.2.7.2-alpha.
  2679. o Minor bugfixes (onion services):
  2680. - Allow the number of introduction points to be as low as 0, rather
  2681. than as low as 3. Fixes bug 21033; bugfix on 0.2.7.2-alpha.
  2682. o Minor bugfixes (portability):
  2683. - Use "OpenBSD" compiler macro instead of "OPENBSD" or "__OpenBSD__".
  2684. It is supported by OpenBSD itself, and also by most OpenBSD
  2685. variants (such as Bitrig). Fixes bug 20980; bugfix
  2686. on 0.1.2.1-alpha.
  2687. o Minor bugfixes (portability, also in 0.2.9.9):
  2688. - Avoid crashing when Tor is built using headers that contain
  2689. CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel
  2690. without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix
  2691. on 0.2.9.1-alpha.
  2692. - Fix Libevent detection on platforms without Libevent 1 headers
  2693. installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha.
  2694. o Minor bugfixes (relay):
  2695. - Avoid a double-marked-circuit warning that could happen when we
  2696. receive DESTROY cells under heavy load. Fixes bug 20059; bugfix
  2697. on 0.1.0.1-rc.
  2698. - Honor DataDirectoryGroupReadable when tor is a relay. Previously,
  2699. initializing the keys would reset the DataDirectory to 0700
  2700. instead of 0750 even if DataDirectoryGroupReadable was set to 1.
  2701. Fixes bug 19953; bugfix on 0.0.2pre16. Patch by "redfish".
  2702. o Minor bugfixes (testing):
  2703. - Fix Raspbian build issues related to missing socket errno in
  2704. test_util.c. Fixes bug 21116; bugfix on 0.2.8.2. Patch by "hein".
  2705. - Remove undefined behavior from the backtrace generator by removing
  2706. its signal handler. Fixes bug 21026; bugfix on 0.2.5.2-alpha.
  2707. - Use bash in src/test/test-network.sh. This ensures we reliably
  2708. call chutney's newer tools/test-network.sh when available. Fixes
  2709. bug 21562; bugfix on 0.2.9.1-alpha.
  2710. o Minor bugfixes (tor-resolve):
  2711. - The tor-resolve command line tool now rejects hostnames over 255
  2712. characters in length. Previously, it would silently truncate them,
  2713. which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5.
  2714. Patch by "junglefowl".
  2715. o Minor bugfixes (unit tests):
  2716. - Allow the unit tests to pass even when DNS lookups of bogus
  2717. addresses do not fail as expected. Fixes bug 20862 and 20863;
  2718. bugfix on unit tests introduced in 0.2.8.1-alpha
  2719. through 0.2.9.4-alpha.
  2720. o Minor bugfixes (util):
  2721. - When finishing writing a file to disk, if we were about to replace
  2722. the file with the temporary file created before and we fail to
  2723. replace it, remove the temporary file so it doesn't stay on disk.
  2724. Fixes bug 20646; bugfix on 0.2.0.7-alpha. Patch by fk.
  2725. o Minor bugfixes (Windows services):
  2726. - Be sure to initialize the monotonic time subsystem before using
  2727. it, even when running as an NT service. Fixes bug 21356; bugfix
  2728. on 0.2.9.1-alpha.
  2729. o Minor bugfixes (Windows):
  2730. - Check for getpagesize before using it to mmap files. This fixes
  2731. compilation in some MinGW environments. Fixes bug 20530; bugfix on
  2732. 0.1.2.1-alpha. Reported by "ice".
  2733. o Code simplification and refactoring:
  2734. - Abolish all global guard context in entrynodes.c; replace with new
  2735. guard_selection_t structure as preparation for proposal 271.
  2736. Closes ticket 19858.
  2737. - Extract magic numbers in circuituse.c into defined variables.
  2738. - Introduce rend_service_is_ephemeral() that tells if given onion
  2739. service is ephemeral. Replace unclear NULL-checkings for service
  2740. directory with this function. Closes ticket 20526.
  2741. - Refactor circuit_is_available_for_use to remove unnecessary check.
  2742. - Refactor circuit_predict_and_launch_new for readability and
  2743. testability. Closes ticket 18873.
  2744. - Refactor code to manipulate global_origin_circuit_list into
  2745. separate functions. Closes ticket 20921.
  2746. - Refactor large if statement in purpose_needs_anonymity to use
  2747. switch statement instead. Closes part of ticket 20077.
  2748. - Refactor the hashing API to return negative values for errors, as
  2749. is done as throughout the codebase. Closes ticket 20717.
  2750. - Remove data structures that were used to index or_connection
  2751. objects by their RSA identity digests. These structures are fully
  2752. redundant with the similar structures used in the
  2753. channel abstraction.
  2754. - Remove duplicate code in the channel_write_*cell() functions.
  2755. Closes ticket 13827; patch from Pingl.
  2756. - Remove redundant behavior of is_sensitive_dir_purpose, refactor to
  2757. use only purpose_needs_anonymity. Closes part of ticket 20077.
  2758. - The code to generate and parse EXTEND and EXTEND2 cells has been
  2759. replaced with code automatically generated by the
  2760. "trunnel" utility.
  2761. o Documentation (formatting):
  2762. - Clean up formatting of tor.1 man page and HTML doc, where <pre>
  2763. blocks were incorrectly appearing. Closes ticket 20885.
  2764. o Documentation (man page):
  2765. - Clarify many options in tor.1 and add some min/max values for
  2766. HiddenService options. Closes ticket 21058.
  2767. o Documentation:
  2768. - Change '1' to 'weight_scale' in consensus bw weights calculation
  2769. comments, as that is reality. Closes ticket 20273. Patch
  2770. from pastly.
  2771. - Clarify that when ClientRejectInternalAddresses is enabled (which
  2772. is the default), multicast DNS hostnames for machines on the local
  2773. network (of the form *.local) are also rejected. Closes
  2774. ticket 17070.
  2775. - Correct the value for AuthDirGuardBWGuarantee in the manpage, from
  2776. 250 KBytes to 2 MBytes. Fixes bug 20435; bugfix on 0.2.5.6-alpha.
  2777. - Include the "TBits" unit in Tor's man page. Fixes part of bug
  2778. 20622; bugfix on 0.2.5.1-alpha.
  2779. - Small fixes to the fuzzing documentation. Closes ticket 21472.
  2780. - Stop the man page from incorrectly stating that HiddenServiceDir
  2781. must already exist. Fixes 20486.
  2782. - Update the description of the directory server options in the
  2783. manual page, to clarify that a relay no longer needs to set
  2784. DirPort in order to be a directory cache. Closes ticket 21720.
  2785. o Removed features:
  2786. - The AuthDirMaxServersPerAuthAddr option no longer exists: The same
  2787. limit for relays running on a single IP applies to authority IP
  2788. addresses as well as to non-authority IP addresses. Closes
  2789. ticket 20960.
  2790. - The UseDirectoryGuards torrc option no longer exists: all users
  2791. that use entry guards will also use directory guards. Related to
  2792. proposal 271; implements part of ticket 20831.
  2793. o Testing:
  2794. - Add tests for networkstatus_compute_bw_weights_v10.
  2795. - Add unit tests circuit_predict_and_launch_new.
  2796. - Extract dummy_origin_circuit_new so it can be used by other
  2797. test functions.
  2798. - New unit tests for tor_htonll(). Closes ticket 19563. Patch
  2799. from "overcaffeinated".
  2800. - Perform the coding style checks when running the tests and fail
  2801. when coding style violations are found. Closes ticket 5500.
  2802. Changes in version 0.2.8.13 - 2017-03-03
  2803. Tor 0.2.8.13 backports a security fix from later Tor
  2804. releases. Anybody running Tor 0.2.8.12 or earlier should upgrade to this
  2805. this release, if for some reason they cannot upgrade to a later
  2806. release series, and if they build Tor with the --enable-expensive-hardening
  2807. option.
  2808. Note that support for Tor 0.2.8.x is ending next year: we will not issue
  2809. any fixes for the Tor 0.2.8.x series after 1 Jan 2018. If you need
  2810. a Tor release series with longer-term support, we recommend Tor 0.2.9.x.
  2811. o Major bugfixes (parsing, backported from 0.3.0.4-rc):
  2812. - Fix an integer underflow bug when comparing malformed Tor
  2813. versions. This bug could crash Tor when built with
  2814. --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
  2815. 0.2.9.8, which were built with -ftrapv by default. In other cases
  2816. it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
  2817. on 0.0.8pre1. Found by OSS-Fuzz.
  2818. o Minor features (geoip):
  2819. - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
  2820. Country database.
  2821. Changes in version 0.2.7.7 - 2017-03-03
  2822. Tor 0.2.7.7 backports a number of security fixes from later Tor
  2823. releases. Anybody running Tor 0.2.7.6 or earlier should upgrade to
  2824. this release, if for some reason they cannot upgrade to a later
  2825. release series.
  2826. Note that support for Tor 0.2.7.x is ending this year: we will not issue
  2827. any fixes for the Tor 0.2.7.x series after 1 August 2017. If you need
  2828. a Tor release series with longer-term support, we recommend Tor 0.2.9.x.
  2829. o Directory authority changes (backport from 0.2.8.5-rc):
  2830. - Urras is no longer a directory authority. Closes ticket 19271.
  2831. o Directory authority changes (backport from 0.2.9.2-alpha):
  2832. - The "Tonga" bridge authority has been retired; the new bridge
  2833. authority is "Bifroest". Closes tickets 19728 and 19690.
  2834. o Directory authority key updates (backport from 0.2.8.1-alpha):
  2835. - Update the V3 identity key for the dannenberg directory authority:
  2836. it was changed on 18 November 2015. Closes task 17906. Patch
  2837. by "teor".
  2838. o Major bugfixes (parsing, security, backport from 0.2.9.8):
  2839. - Fix a bug in parsing that could cause clients to read a single
  2840. byte past the end of an allocated region. This bug could be used
  2841. to cause hardened clients (built with --enable-expensive-hardening)
  2842. to crash if they tried to visit a hostile hidden service. Non-
  2843. hardened clients are only affected depending on the details of
  2844. their platform's memory allocator. Fixes bug 21018; bugfix on
  2845. 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
  2846. 2016-12-002 and as CVE-2016-1254.
  2847. o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha):
  2848. - Stop a crash that could occur when a client running with DNSPort
  2849. received a query with multiple address types, and the first
  2850. address type was not supported. Found and fixed by Scott Dial.
  2851. Fixes bug 18710; bugfix on 0.2.5.4-alpha.
  2852. - Prevent a class of security bugs caused by treating the contents
  2853. of a buffer chunk as if they were a NUL-terminated string. At
  2854. least one such bug seems to be present in all currently used
  2855. versions of Tor, and would allow an attacker to remotely crash
  2856. most Tor instances, especially those compiled with extra compiler
  2857. hardening. With this defense in place, such bugs can't crash Tor,
  2858. though we should still fix them as they occur. Closes ticket
  2859. 20384 (TROVE-2016-10-001).
  2860. o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha):
  2861. - Avoid a difficult-to-trigger heap corruption attack when extending
  2862. a smartlist to contain over 16GB of pointers. Fixes bug 18162;
  2863. bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely.
  2864. Reported by Guido Vranken.
  2865. o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha):
  2866. - Avoid crashing when running as a DNS proxy. Fixes bug 16248;
  2867. bugfix on 0.2.0.1-alpha. Patch from "cypherpunks".
  2868. o Major bugfixes (key management, backport from 0.2.8.3-alpha):
  2869. - If OpenSSL fails to generate an RSA key, do not retain a dangling
  2870. pointer to the previous (uninitialized) key value. The impact here
  2871. should be limited to a difficult-to-trigger crash, if OpenSSL is
  2872. running an engine that makes key generation failures possible, or
  2873. if OpenSSL runs out of memory. Fixes bug 19152; bugfix on
  2874. 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and
  2875. Baishakhi Ray.
  2876. o Major bugfixes (parsing, backported from 0.3.0.4-rc):
  2877. - Fix an integer underflow bug when comparing malformed Tor
  2878. versions. This bug could crash Tor when built with
  2879. --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
  2880. 0.2.9.8, which were built with -ftrapv by default. In other cases
  2881. it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
  2882. on 0.0.8pre1. Found by OSS-Fuzz.
  2883. o Minor features (security, memory erasure, backport from 0.2.8.1-alpha):
  2884. - Make memwipe() do nothing when passed a NULL pointer or buffer of
  2885. zero size. Check size argument to memwipe() for underflow. Fixes
  2886. bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk",
  2887. patch by "teor".
  2888. o Minor features (bug-resistance, backport from 0.2.8.2-alpha):
  2889. - Make Tor survive errors involving connections without a
  2890. corresponding event object. Previously we'd fail with an
  2891. assertion; now we produce a log message. Related to bug 16248.
  2892. o Minor features (geoip):
  2893. - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
  2894. Country database.
  2895. Changes in version 0.2.6.11 - 2017-03-03
  2896. Tor 0.2.6.11 backports a number of security fixes from later Tor
  2897. releases. Anybody running Tor 0.2.6.10 or earlier should upgrade to
  2898. this release, if for some reason they cannot upgrade to a later
  2899. release series.
  2900. Note that support for Tor 0.2.6.x is ending this year: we will not issue
  2901. any fixes for the Tor 0.2.6.x series after 1 August 2017. If you need
  2902. a Tor release series with longer-term support, we recommend Tor 0.2.9.x.
  2903. o Directory authority changes (backport from 0.2.8.5-rc):
  2904. - Urras is no longer a directory authority. Closes ticket 19271.
  2905. o Directory authority changes (backport from 0.2.9.2-alpha):
  2906. - The "Tonga" bridge authority has been retired; the new bridge
  2907. authority is "Bifroest". Closes tickets 19728 and 19690.
  2908. o Directory authority key updates (backport from 0.2.8.1-alpha):
  2909. - Update the V3 identity key for the dannenberg directory authority:
  2910. it was changed on 18 November 2015. Closes task 17906. Patch
  2911. by "teor".
  2912. o Major features (security fixes, backport from 0.2.9.4-alpha):
  2913. - Prevent a class of security bugs caused by treating the contents
  2914. of a buffer chunk as if they were a NUL-terminated string. At
  2915. least one such bug seems to be present in all currently used
  2916. versions of Tor, and would allow an attacker to remotely crash
  2917. most Tor instances, especially those compiled with extra compiler
  2918. hardening. With this defense in place, such bugs can't crash Tor,
  2919. though we should still fix them as they occur. Closes ticket
  2920. 20384 (TROVE-2016-10-001).
  2921. o Major bugfixes (parsing, security, backport from 0.2.9.8):
  2922. - Fix a bug in parsing that could cause clients to read a single
  2923. byte past the end of an allocated region. This bug could be used
  2924. to cause hardened clients (built with --enable-expensive-hardening)
  2925. to crash if they tried to visit a hostile hidden service. Non-
  2926. hardened clients are only affected depending on the details of
  2927. their platform's memory allocator. Fixes bug 21018; bugfix on
  2928. 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
  2929. 2016-12-002 and as CVE-2016-1254.
  2930. o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha):
  2931. - Stop a crash that could occur when a client running with DNSPort
  2932. received a query with multiple address types, and the first
  2933. address type was not supported. Found and fixed by Scott Dial.
  2934. Fixes bug 18710; bugfix on 0.2.5.4-alpha.
  2935. o Major bugfixes (security, correctness, backport from 0.2.7.4-rc):
  2936. - Fix an error that could cause us to read 4 bytes before the
  2937. beginning of an openssl string. This bug could be used to cause
  2938. Tor to crash on systems with unusual malloc implementations, or
  2939. systems with unusual hardening installed. Fixes bug 17404; bugfix
  2940. on 0.2.3.6-alpha.
  2941. o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha):
  2942. - Avoid a difficult-to-trigger heap corruption attack when extending
  2943. a smartlist to contain over 16GB of pointers. Fixes bug 18162;
  2944. bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely.
  2945. Reported by Guido Vranken.
  2946. o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha):
  2947. - Avoid crashing when running as a DNS proxy. Fixes bug 16248;
  2948. bugfix on 0.2.0.1-alpha. Patch from "cypherpunks".
  2949. o Major bugfixes (guard selection, backport from 0.2.7.6):
  2950. - Actually look at the Guard flag when selecting a new directory
  2951. guard. When we implemented the directory guard design, we
  2952. accidentally started treating all relays as if they have the Guard
  2953. flag during guard selection, leading to weaker anonymity and worse
  2954. performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered
  2955. by Mohsen Imani.
  2956. o Major bugfixes (key management, backport from 0.2.8.3-alpha):
  2957. - If OpenSSL fails to generate an RSA key, do not retain a dangling
  2958. pointer to the previous (uninitialized) key value. The impact here
  2959. should be limited to a difficult-to-trigger crash, if OpenSSL is
  2960. running an engine that makes key generation failures possible, or
  2961. if OpenSSL runs out of memory. Fixes bug 19152; bugfix on
  2962. 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and
  2963. Baishakhi Ray.
  2964. o Major bugfixes (parsing, backported from 0.3.0.4-rc):
  2965. - Fix an integer underflow bug when comparing malformed Tor
  2966. versions. This bug could crash Tor when built with
  2967. --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
  2968. 0.2.9.8, which were built with -ftrapv by default. In other cases
  2969. it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
  2970. on 0.0.8pre1. Found by OSS-Fuzz.
  2971. o Minor features (security, memory erasure, backport from 0.2.8.1-alpha):
  2972. - Make memwipe() do nothing when passed a NULL pointer or buffer of
  2973. zero size. Check size argument to memwipe() for underflow. Fixes
  2974. bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk",
  2975. patch by "teor".
  2976. o Minor features (bug-resistance, backport from 0.2.8.2-alpha):
  2977. - Make Tor survive errors involving connections without a
  2978. corresponding event object. Previously we'd fail with an
  2979. assertion; now we produce a log message. Related to bug 16248.
  2980. o Minor features (geoip):
  2981. - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
  2982. Country database.
  2983. o Minor bugfixes (compilation, backport from 0.2.7.6):
  2984. - Fix a compilation warning with Clang 3.6: Do not check the
  2985. presence of an address which can never be NULL. Fixes bug 17781.
  2986. Changes in version 0.2.5.13 - 2017-03-03
  2987. Tor 0.2.5.13 backports a number of security fixes from later Tor
  2988. releases. Anybody running Tor 0.2.5.13 or earlier should upgrade to
  2989. this release, if for some reason they cannot upgrade to a later
  2990. release series.
  2991. Note that support for Tor 0.2.5.x is ending next year: we will not issue
  2992. any fixes for the Tor 0.2.5.x series after 1 May 2018. If you need
  2993. a Tor release series with longer-term support, we recommend Tor 0.2.9.x.
  2994. o Directory authority changes (backport from 0.2.8.5-rc):
  2995. - Urras is no longer a directory authority. Closes ticket 19271.
  2996. o Directory authority changes (backport from 0.2.9.2-alpha):
  2997. - The "Tonga" bridge authority has been retired; the new bridge
  2998. authority is "Bifroest". Closes tickets 19728 and 19690.
  2999. o Directory authority key updates (backport from 0.2.8.1-alpha):
  3000. - Update the V3 identity key for the dannenberg directory authority:
  3001. it was changed on 18 November 2015. Closes task 17906. Patch
  3002. by "teor".
  3003. o Major features (security fixes, backport from 0.2.9.4-alpha):
  3004. - Prevent a class of security bugs caused by treating the contents
  3005. of a buffer chunk as if they were a NUL-terminated string. At
  3006. least one such bug seems to be present in all currently used
  3007. versions of Tor, and would allow an attacker to remotely crash
  3008. most Tor instances, especially those compiled with extra compiler
  3009. hardening. With this defense in place, such bugs can't crash Tor,
  3010. though we should still fix them as they occur. Closes ticket
  3011. 20384 (TROVE-2016-10-001).
  3012. o Major bugfixes (parsing, security, backport from 0.2.9.8):
  3013. - Fix a bug in parsing that could cause clients to read a single
  3014. byte past the end of an allocated region. This bug could be used
  3015. to cause hardened clients (built with --enable-expensive-hardening)
  3016. to crash if they tried to visit a hostile hidden service. Non-
  3017. hardened clients are only affected depending on the details of
  3018. their platform's memory allocator. Fixes bug 21018; bugfix on
  3019. 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
  3020. 2016-12-002 and as CVE-2016-1254.
  3021. o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha):
  3022. - Stop a crash that could occur when a client running with DNSPort
  3023. received a query with multiple address types, and the first
  3024. address type was not supported. Found and fixed by Scott Dial.
  3025. Fixes bug 18710; bugfix on 0.2.5.4-alpha.
  3026. o Major bugfixes (security, correctness, backport from 0.2.7.4-rc):
  3027. - Fix an error that could cause us to read 4 bytes before the
  3028. beginning of an openssl string. This bug could be used to cause
  3029. Tor to crash on systems with unusual malloc implementations, or
  3030. systems with unusual hardening installed. Fixes bug 17404; bugfix
  3031. on 0.2.3.6-alpha.
  3032. o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha):
  3033. - Avoid a difficult-to-trigger heap corruption attack when extending
  3034. a smartlist to contain over 16GB of pointers. Fixes bug 18162;
  3035. bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely.
  3036. Reported by Guido Vranken.
  3037. o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha):
  3038. - Avoid crashing when running as a DNS proxy. Fixes bug 16248;
  3039. bugfix on 0.2.0.1-alpha. Patch from "cypherpunks".
  3040. o Major bugfixes (guard selection, backport from 0.2.7.6):
  3041. - Actually look at the Guard flag when selecting a new directory
  3042. guard. When we implemented the directory guard design, we
  3043. accidentally started treating all relays as if they have the Guard
  3044. flag during guard selection, leading to weaker anonymity and worse
  3045. performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered
  3046. by Mohsen Imani.
  3047. o Major bugfixes (key management, backport from 0.2.8.3-alpha):
  3048. - If OpenSSL fails to generate an RSA key, do not retain a dangling
  3049. pointer to the previous (uninitialized) key value. The impact here
  3050. should be limited to a difficult-to-trigger crash, if OpenSSL is
  3051. running an engine that makes key generation failures possible, or
  3052. if OpenSSL runs out of memory. Fixes bug 19152; bugfix on
  3053. 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and
  3054. Baishakhi Ray.
  3055. o Major bugfixes (parsing, backported from 0.3.0.4-rc):
  3056. - Fix an integer underflow bug when comparing malformed Tor
  3057. versions. This bug could crash Tor when built with
  3058. --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
  3059. 0.2.9.8, which were built with -ftrapv by default. In other cases
  3060. it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
  3061. on 0.0.8pre1. Found by OSS-Fuzz.
  3062. o Minor features (security, memory erasure, backport from 0.2.8.1-alpha):
  3063. - Make memwipe() do nothing when passed a NULL pointer or buffer of
  3064. zero size. Check size argument to memwipe() for underflow. Fixes
  3065. bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk",
  3066. patch by "teor".
  3067. o Minor features (bug-resistance, backport from 0.2.8.2-alpha):
  3068. - Make Tor survive errors involving connections without a
  3069. corresponding event object. Previously we'd fail with an
  3070. assertion; now we produce a log message. Related to bug 16248.
  3071. o Minor features (geoip):
  3072. - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
  3073. Country database.
  3074. o Minor bugfixes (compilation, backport from 0.2.7.6):
  3075. - Fix a compilation warning with Clang 3.6: Do not check the
  3076. presence of an address which can never be NULL. Fixes bug 17781.
  3077. o Minor bugfixes (crypto error-handling, backport from 0.2.7.2-alpha):
  3078. - Check for failures from crypto_early_init, and refuse to continue.
  3079. A previous typo meant that we could keep going with an
  3080. uninitialized crypto library, and would have OpenSSL initialize
  3081. its own PRNG. Fixes bug 16360; bugfix on 0.2.5.2-alpha, introduced
  3082. when implementing ticket 4900. Patch by "teor".
  3083. o Minor bugfixes (hidden service, backport from 0.2.7.1-alpha):
  3084. - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on
  3085. a client authorized hidden service. Fixes bug 15823; bugfix
  3086. on 0.2.1.6-alpha.
  3087. Changes in version 0.2.4.28 - 2017-03-03
  3088. Tor 0.2.4.28 backports a number of security fixes from later Tor
  3089. releases. Anybody running Tor 0.2.4.27 or earlier should upgrade to
  3090. this release, if for some reason they cannot upgrade to a later
  3091. release series.
  3092. Note that support for Tor 0.2.4.x is ending soon: we will not issue
  3093. any fixes for the Tor 0.2.4.x series after 1 August 2017. If you need
  3094. a Tor release series with long-term support, we recommend Tor 0.2.9.x.
  3095. o Directory authority changes (backport from 0.2.8.5-rc):
  3096. - Urras is no longer a directory authority. Closes ticket 19271.
  3097. o Directory authority changes (backport from 0.2.9.2-alpha):
  3098. - The "Tonga" bridge authority has been retired; the new bridge
  3099. authority is "Bifroest". Closes tickets 19728 and 19690.
  3100. o Directory authority key updates (backport from 0.2.8.1-alpha):
  3101. - Update the V3 identity key for the dannenberg directory authority:
  3102. it was changed on 18 November 2015. Closes task 17906. Patch
  3103. by "teor".
  3104. o Major features (security fixes, backport from 0.2.9.4-alpha):
  3105. - Prevent a class of security bugs caused by treating the contents
  3106. of a buffer chunk as if they were a NUL-terminated string. At
  3107. least one such bug seems to be present in all currently used
  3108. versions of Tor, and would allow an attacker to remotely crash
  3109. most Tor instances, especially those compiled with extra compiler
  3110. hardening. With this defense in place, such bugs can't crash Tor,
  3111. though we should still fix them as they occur. Closes ticket
  3112. 20384 (TROVE-2016-10-001).
  3113. o Major bugfixes (parsing, security, backport from 0.2.9.8):
  3114. - Fix a bug in parsing that could cause clients to read a single
  3115. byte past the end of an allocated region. This bug could be used
  3116. to cause hardened clients (built with --enable-expensive-hardening)
  3117. to crash if they tried to visit a hostile hidden service. Non-
  3118. hardened clients are only affected depending on the details of
  3119. their platform's memory allocator. Fixes bug 21018; bugfix on
  3120. 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
  3121. 2016-12-002 and as CVE-2016-1254.
  3122. o Major bugfixes (security, correctness, backport from 0.2.7.4-rc):
  3123. - Fix an error that could cause us to read 4 bytes before the
  3124. beginning of an openssl string. This bug could be used to cause
  3125. Tor to crash on systems with unusual malloc implementations, or
  3126. systems with unusual hardening installed. Fixes bug 17404; bugfix
  3127. on 0.2.3.6-alpha.
  3128. o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha):
  3129. - Avoid a difficult-to-trigger heap corruption attack when extending
  3130. a smartlist to contain over 16GB of pointers. Fixes bug 18162;
  3131. bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely.
  3132. Reported by Guido Vranken.
  3133. o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha):
  3134. - Avoid crashing when running as a DNS proxy. Fixes bug 16248;
  3135. bugfix on 0.2.0.1-alpha. Patch from "cypherpunks".
  3136. o Major bugfixes (guard selection, backport from 0.2.7.6):
  3137. - Actually look at the Guard flag when selecting a new directory
  3138. guard. When we implemented the directory guard design, we
  3139. accidentally started treating all relays as if they have the Guard
  3140. flag during guard selection, leading to weaker anonymity and worse
  3141. performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered
  3142. by Mohsen Imani.
  3143. o Major bugfixes (key management, backport from 0.2.8.3-alpha):
  3144. - If OpenSSL fails to generate an RSA key, do not retain a dangling
  3145. pointer to the previous (uninitialized) key value. The impact here
  3146. should be limited to a difficult-to-trigger crash, if OpenSSL is
  3147. running an engine that makes key generation failures possible, or
  3148. if OpenSSL runs out of memory. Fixes bug 19152; bugfix on
  3149. 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and
  3150. Baishakhi Ray.
  3151. o Major bugfixes (parsing, backported from 0.3.0.4-rc):
  3152. - Fix an integer underflow bug when comparing malformed Tor
  3153. versions. This bug could crash Tor when built with
  3154. --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
  3155. 0.2.9.8, which were built with -ftrapv by default. In other cases
  3156. it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
  3157. on 0.0.8pre1. Found by OSS-Fuzz.
  3158. o Minor features (security, memory erasure, backport from 0.2.8.1-alpha):
  3159. - Make memwipe() do nothing when passed a NULL pointer or buffer of
  3160. zero size. Check size argument to memwipe() for underflow. Fixes
  3161. bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk",
  3162. patch by "teor".
  3163. o Minor features (bug-resistance, backport from 0.2.8.2-alpha):
  3164. - Make Tor survive errors involving connections without a
  3165. corresponding event object. Previously we'd fail with an
  3166. assertion; now we produce a log message. Related to bug 16248.
  3167. o Minor features (DoS-resistance, backport from 0.2.7.1-alpha):
  3168. - Make it harder for attackers to overload hidden services with
  3169. introductions, by blocking multiple introduction requests on the
  3170. same circuit. Resolves ticket 15515.
  3171. o Minor features (geoip):
  3172. - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
  3173. Country database.
  3174. o Minor bugfixes (compilation, backport from 0.2.7.6):
  3175. - Fix a compilation warning with Clang 3.6: Do not check the
  3176. presence of an address which can never be NULL. Fixes bug 17781.
  3177. o Minor bugfixes (hidden service, backport from 0.2.7.1-alpha):
  3178. - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on
  3179. a client authorized hidden service. Fixes bug 15823; bugfix
  3180. on 0.2.1.6-alpha.
  3181. Changes in version 0.2.9.10 - 2017-03-01
  3182. Tor 0.2.9.10 backports a security fix from later Tor release. It also
  3183. includes fixes for some major issues affecting directory authorities,
  3184. LibreSSL compatibility, and IPv6 correctness.
  3185. The Tor 0.2.9.x release series is now marked as a long-term-support
  3186. series. We intend to backport security fixes to 0.2.9.x until at
  3187. least January of 2020.
  3188. o Major bugfixes (directory authority, 0.3.0.3-alpha):
  3189. - During voting, when marking a relay as a probable sybil, do not
  3190. clear its BadExit flag: sybils can still be bad in other ways
  3191. too. (We still clear the other flags.) Fixes bug 21108; bugfix
  3192. on 0.2.0.13-alpha.
  3193. o Major bugfixes (IPv6 Exits, backport from 0.3.0.3-alpha):
  3194. - Stop rejecting all IPv6 traffic on Exits whose exit policy rejects
  3195. any IPv6 addresses. Instead, only reject a port over IPv6 if the
  3196. exit policy rejects that port on more than an IPv6 /16 of
  3197. addresses. This bug was made worse by 17027 in 0.2.8.1-alpha,
  3198. which rejected a relay's own IPv6 address by default. Fixes bug
  3199. 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha.
  3200. o Major bugfixes (parsing, also in 0.3.0.4-rc):
  3201. - Fix an integer underflow bug when comparing malformed Tor
  3202. versions. This bug could crash Tor when built with
  3203. --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
  3204. 0.2.9.8, which were built with -ftrapv by default. In other cases
  3205. it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
  3206. on 0.0.8pre1. Found by OSS-Fuzz.
  3207. o Minor features (directory authorities, also in 0.3.0.4-rc):
  3208. - Directory authorities now reject descriptors that claim to be
  3209. malformed versions of Tor. Helps prevent exploitation of
  3210. bug 21278.
  3211. - Reject version numbers with components that exceed INT32_MAX.
  3212. Otherwise 32-bit and 64-bit platforms would behave inconsistently.
  3213. Fixes bug 21450; bugfix on 0.0.8pre1.
  3214. o Minor features (geoip):
  3215. - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
  3216. Country database.
  3217. o Minor features (portability, compilation, backport from 0.3.0.3-alpha):
  3218. - Autoconf now checks to determine if OpenSSL structures are opaque,
  3219. instead of explicitly checking for OpenSSL version numbers. Part
  3220. of ticket 21359.
  3221. - Support building with recent LibreSSL code that uses opaque
  3222. structures. Closes ticket 21359.
  3223. o Minor bugfixes (code correctness, also in 0.3.0.4-rc):
  3224. - Repair a couple of (unreachable or harmless) cases of the risky
  3225. comparison-by-subtraction pattern that caused bug 21278.
  3226. o Minor bugfixes (tor-resolve, backport from 0.3.0.3-alpha):
  3227. - The tor-resolve command line tool now rejects hostnames over 255
  3228. characters in length. Previously, it would silently truncate them,
  3229. which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5.
  3230. Patch by "junglefowl".
  3231. Changes in version 0.2.9.9 - 2017-01-23
  3232. Tor 0.2.9.9 fixes a denial-of-service bug where an attacker could
  3233. cause relays and clients to crash, even if they were not built with
  3234. the --enable-expensive-hardening option. This bug affects all 0.2.9.x
  3235. versions, and also affects 0.3.0.1-alpha: all relays running an affected
  3236. version should upgrade.
  3237. This release also resolves a client-side onion service reachability
  3238. bug, and resolves a pair of small portability issues.
  3239. o Major bugfixes (security):
  3240. - Downgrade the "-ftrapv" option from "always on" to "only on when
  3241. --enable-expensive-hardening is provided." This hardening option,
  3242. like others, can turn survivable bugs into crashes -- and having
  3243. it on by default made a (relatively harmless) integer overflow bug
  3244. into a denial-of-service bug. Fixes bug 21278 (TROVE-2017-001);
  3245. bugfix on 0.2.9.1-alpha.
  3246. o Major bugfixes (client, onion service):
  3247. - Fix a client-side onion service reachability bug, where multiple
  3248. socks requests to an onion service (or a single slow request)
  3249. could cause us to mistakenly mark some of the service's
  3250. introduction points as failed, and we cache that failure so
  3251. eventually we run out and can't reach the service. Also resolves a
  3252. mysterious "Remote server sent bogus reason code 65021" log
  3253. warning. The bug was introduced in ticket 17218, where we tried to
  3254. remember the circuit end reason as a uint16_t, which mangled
  3255. negative values. Partially fixes bug 21056 and fixes bug 20307;
  3256. bugfix on 0.2.8.1-alpha.
  3257. o Minor features (geoip):
  3258. - Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2
  3259. Country database.
  3260. o Minor bugfixes (portability):
  3261. - Avoid crashing when Tor is built using headers that contain
  3262. CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel
  3263. without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix
  3264. on 0.2.9.1-alpha.
  3265. - Fix Libevent detection on platforms without Libevent 1 headers
  3266. installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha.
  3267. Changes in version 0.2.8.12 - 2016-12-19
  3268. Tor 0.2.8.12 backports a fix for a medium-severity issue (bug 21018
  3269. below) where Tor clients could crash when attempting to visit a
  3270. hostile hidden service. Clients are recommended to upgrade as packages
  3271. become available for their systems.
  3272. It also includes an updated list of fallback directories, backported
  3273. from 0.2.9.
  3274. Now that the Tor 0.2.9 series is stable, only major bugfixes will be
  3275. backported to 0.2.8 in the future.
  3276. o Major bugfixes (parsing, security, backported from 0.2.9.8):
  3277. - Fix a bug in parsing that could cause clients to read a single
  3278. byte past the end of an allocated region. This bug could be used
  3279. to cause hardened clients (built with --enable-expensive-hardening)
  3280. to crash if they tried to visit a hostile hidden service. Non-
  3281. hardened clients are only affected depending on the details of
  3282. their platform's memory allocator. Fixes bug 21018; bugfix on
  3283. 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
  3284. 2016-12-002 and as CVE-2016-1254.
  3285. o Minor features (fallback directory list, backported from 0.2.9.8):
  3286. - Replace the 81 remaining fallbacks of the 100 originally
  3287. introduced in Tor 0.2.8.3-alpha in March 2016, with a list of 177
  3288. fallbacks (123 new, 54 existing, 27 removed) generated in December
  3289. 2016. Resolves ticket 20170.
  3290. o Minor features (geoip, backported from 0.2.9.7-rc):
  3291. - Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2
  3292. Country database.
  3293. Changes in version 0.2.9.8 - 2016-12-19
  3294. Tor 0.2.9.8 is the first stable release of the Tor 0.2.9 series.
  3295. The Tor 0.2.9 series makes mandatory a number of security features
  3296. that were formerly optional. It includes support for a new shared-
  3297. randomness protocol that will form the basis for next generation
  3298. hidden services, includes a single-hop hidden service mode for
  3299. optimizing .onion services that don't actually want to be hidden,
  3300. tries harder not to overload the directory authorities with excessive
  3301. downloads, and supports a better protocol versioning scheme for
  3302. improved compatibility with other implementations of the Tor protocol.
  3303. And of course, there are numerous other bugfixes and improvements.
  3304. This release also includes a fix for a medium-severity issue (bug
  3305. 21018 below) where Tor clients could crash when attempting to visit a
  3306. hostile hidden service. Clients are recommended to upgrade as packages
  3307. become available for their systems.
  3308. Below are listed the changes since Tor 0.2.8.11. For a list of
  3309. changes since 0.2.9.7-rc, see the ChangeLog file.
  3310. o New system requirements:
  3311. - When building with OpenSSL, Tor now requires version 1.0.1 or
  3312. later. OpenSSL 1.0.0 and earlier are no longer supported by the
  3313. OpenSSL team, and should not be used. Closes ticket 20303.
  3314. - Tor now requires Libevent version 2.0.10-stable or later. Older
  3315. versions of Libevent have less efficient backends for several
  3316. platforms, and lack the DNS code that we use for our server-side
  3317. DNS support. This implements ticket 19554.
  3318. - Tor now requires zlib version 1.2 or later, for security,
  3319. efficiency, and (eventually) gzip support. (Back when we started,
  3320. zlib 1.1 and zlib 1.0 were still found in the wild. 1.2 was
  3321. released in 2003. We recommend the latest version.)
  3322. o Deprecated features:
  3323. - A number of DNS-cache-related sub-options for client ports are now
  3324. deprecated for security reasons, and may be removed in a future
  3325. version of Tor. (We believe that client-side DNS caching is a bad
  3326. idea for anonymity, and you should not turn it on.) The options
  3327. are: CacheDNS, CacheIPv4DNS, CacheIPv6DNS, UseDNSCache,
  3328. UseIPv4Cache, and UseIPv6Cache.
  3329. - A number of options are deprecated for security reasons, and may
  3330. be removed in a future version of Tor. The options are:
  3331. AllowDotExit, AllowInvalidNodes, AllowSingleHopCircuits,
  3332. AllowSingleHopExits, ClientDNSRejectInternalAddresses,
  3333. CloseHSClientCircuitsImmediatelyOnTimeout,
  3334. CloseHSServiceRendCircuitsImmediatelyOnTimeout,
  3335. ExcludeSingleHopRelays, FastFirstHopPK, TLSECGroup,
  3336. UseNTorHandshake, and WarnUnsafeSocks.
  3337. - The *ListenAddress options are now deprecated as unnecessary: the
  3338. corresponding *Port options should be used instead. These options
  3339. may someday be removed. The affected options are:
  3340. ControlListenAddress, DNSListenAddress, DirListenAddress,
  3341. NATDListenAddress, ORListenAddress, SocksListenAddress,
  3342. and TransListenAddress.
  3343. o Major bugfixes (parsing, security, new since 0.2.9.7-rc):
  3344. - Fix a bug in parsing that could cause clients to read a single
  3345. byte past the end of an allocated region. This bug could be used
  3346. to cause hardened clients (built with --enable-expensive-hardening)
  3347. to crash if they tried to visit a hostile hidden service. Non-
  3348. hardened clients are only affected depending on the details of
  3349. their platform's memory allocator. Fixes bug 21018; bugfix on
  3350. 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
  3351. 2016-12-002 and as CVE-2016-1254.
  3352. o Major features (build, hardening):
  3353. - Tor now builds with -ftrapv by default on compilers that support
  3354. it. This option detects signed integer overflow (which C forbids),
  3355. and turns it into a hard-failure. We do not apply this option to
  3356. code that needs to run in constant time to avoid side-channels;
  3357. instead, we use -fwrapv in that code. Closes ticket 17983.
  3358. - When --enable-expensive-hardening is selected, stop applying the
  3359. clang/gcc sanitizers to code that needs to run in constant time.
  3360. Although we are aware of no introduced side-channels, we are not
  3361. able to prove that there are none. Related to ticket 17983.
  3362. o Major features (circuit building, security):
  3363. - Authorities, relays, and clients now require ntor keys in all
  3364. descriptors, for all hops (except for rare hidden service protocol
  3365. cases), for all circuits, and for all other roles. Part of
  3366. ticket 19163.
  3367. - Authorities, relays, and clients only use ntor, except for
  3368. rare cases in the hidden service protocol. Part of ticket 19163.
  3369. o Major features (compilation):
  3370. - Our big list of extra GCC warnings is now enabled by default when
  3371. building with GCC (or with anything like Clang that claims to be
  3372. GCC-compatible). To make all warnings into fatal compilation
  3373. errors, pass --enable-fatal-warnings to configure. Closes
  3374. ticket 19044.
  3375. - Use the Autoconf macro AC_USE_SYSTEM_EXTENSIONS to automatically
  3376. turn on C and POSIX extensions. (Previously, we attempted to do
  3377. this on an ad hoc basis.) Closes ticket 19139.
  3378. o Major features (directory authorities, hidden services):
  3379. - Directory authorities can now perform the shared randomness
  3380. protocol specified by proposal 250. Using this protocol, directory
  3381. authorities generate a global fresh random value every day. In the
  3382. future, this value will be used by hidden services to select
  3383. HSDirs. This release implements the directory authority feature;
  3384. the hidden service side will be implemented in the future as part
  3385. of proposal 224. Resolves ticket 16943; implements proposal 250.
  3386. o Major features (downloading, random exponential backoff):
  3387. - When we fail to download an object from a directory service, wait
  3388. for an (exponentially increasing) randomized amount of time before
  3389. retrying, rather than a fixed interval as we did before. This
  3390. prevents a group of Tor instances from becoming too synchronized,
  3391. or a single Tor instance from becoming too predictable, in its
  3392. download schedule. Closes ticket 15942.
  3393. o Major features (resource management):
  3394. - Tor can now notice it is about to run out of sockets, and
  3395. preemptively close connections of lower priority. (This feature is
  3396. off by default for now, since the current prioritizing method is
  3397. yet not mature enough. You can enable it by setting
  3398. "DisableOOSCheck 0", but watch out: it might close some sockets
  3399. you would rather have it keep.) Closes ticket 18640.
  3400. o Major features (single-hop "hidden" services):
  3401. - Add experimental HiddenServiceSingleHopMode and
  3402. HiddenServiceNonAnonymousMode options. When both are set to 1,
  3403. every hidden service on that Tor instance becomes a non-anonymous
  3404. Single Onion Service. Single Onions make one-hop (direct)
  3405. connections to their introduction and rendezvous points. One-hop
  3406. circuits make Single Onion servers easily locatable, but clients
  3407. remain location-anonymous. This is compatible with the existing
  3408. hidden service implementation, and works on the current Tor
  3409. network without any changes to older relays or clients. Implements
  3410. proposal 260, completes ticket 17178. Patch by teor and asn.
  3411. o Major features (subprotocol versions):
  3412. - Tor directory authorities now vote on a set of recommended
  3413. "subprotocol versions", and on a set of required subprotocol
  3414. versions. Clients and relays that lack support for a _required_
  3415. subprotocol version will not start; those that lack support for a
  3416. _recommended_ subprotocol version will warn the user to upgrade.
  3417. This change allows compatible implementations of the Tor protocol(s)
  3418. to exist without pretending to be 100% bug-compatible with
  3419. particular releases of Tor itself. Closes ticket 19958; implements
  3420. part of proposal 264.
  3421. o Major bugfixes (circuit building):
  3422. - Hidden service client-to-intro-point and service-to-rendezvous-
  3423. point circuits use the TAP key supplied by the protocol, to avoid
  3424. epistemic attacks. Fixes bug 19163; bugfix on 0.2.4.18-rc.
  3425. o Major bugfixes (download scheduling):
  3426. - Avoid resetting download status for consensuses hourly, since we
  3427. already have another, smarter retry mechanism. Fixes bug 8625;
  3428. bugfix on 0.2.0.9-alpha.
  3429. - If a consensus expires while we are waiting for certificates to
  3430. download, stop waiting for certificates.
  3431. - If we stop waiting for certificates less than a minute after we
  3432. started downloading them, do not consider the certificate download
  3433. failure a separate failure. Fixes bug 20533; bugfix
  3434. on 0.2.0.9-alpha.
  3435. - When using exponential backoff in test networks, use a lower
  3436. exponent, so the delays do not vary as much. This helps test
  3437. networks bootstrap consistently. Fixes bug 20597; bugfix on 20499.
  3438. o Major bugfixes (exit policies):
  3439. - Avoid disclosing exit outbound bind addresses, configured port
  3440. bind addresses, and local interface addresses in relay descriptors
  3441. by default under ExitPolicyRejectPrivate. Instead, only reject
  3442. these (otherwise unlisted) addresses if
  3443. ExitPolicyRejectLocalInterfaces is set. Fixes bug 18456; bugfix on
  3444. 0.2.7.2-alpha. Patch by teor.
  3445. o Major bugfixes (hidden services):
  3446. - Allow Tor clients with appropriate controllers to work with
  3447. FetchHidServDescriptors set to 0. Previously, this option also
  3448. disabled descriptor cache lookup, thus breaking hidden services
  3449. entirely. Fixes bug 18704; bugfix on 0.2.0.20-rc. Patch by "twim".
  3450. - Clients now require hidden services to include the TAP keys for
  3451. their intro points in the hidden service descriptor. This prevents
  3452. an inadvertent upgrade to ntor, which a malicious hidden service
  3453. could use to distinguish clients by consensus version. Fixes bug
  3454. 20012; bugfix on 0.2.4.8-alpha. Patch by teor.
  3455. o Major bugfixes (relay, resolver, logging):
  3456. - For relays that don't know their own address, avoid attempting a
  3457. local hostname resolve for each descriptor we download. This
  3458. will cut down on the number of "Success: chose address 'x.x.x.x'"
  3459. log lines, and also avoid confusing clock jumps if the resolver
  3460. is slow. Fixes bugs 20423 and 20610; bugfix on 0.2.8.1-alpha.
  3461. o Minor features (port flags):
  3462. - Add new flags to the *Port options to give finer control over which
  3463. requests are allowed. The flags are NoDNSRequest, NoOnionTraffic,
  3464. and the synthetic flag OnionTrafficOnly, which is equivalent to
  3465. NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. Closes enhancement
  3466. 18693; patch by "teor".
  3467. o Minor features (build, hardening):
  3468. - Detect and work around a libclang_rt problem that would prevent
  3469. clang from finding __mulodi4() on some 32-bit platforms, and thus
  3470. keep -ftrapv from linking on those systems. Closes ticket 19079.
  3471. - When building on a system without runtime support for the runtime
  3472. hardening options, try to log a useful warning at configuration
  3473. time, rather than an incomprehensible warning at link time. If
  3474. expensive hardening was requested, this warning becomes an error.
  3475. Closes ticket 18895.
  3476. o Minor features (client, directory):
  3477. - Since authorities now omit all routers that lack the Running and
  3478. Valid flags, we assume that any relay listed in the consensus must
  3479. have those flags. Closes ticket 20001; implements part of
  3480. proposal 272.
  3481. o Minor features (code safety):
  3482. - In our integer-parsing functions, ensure that the maximum value we
  3483. allow is no smaller than the minimum value. Closes ticket 19063;
  3484. patch from "U+039b".
  3485. o Minor features (compilation, portability):
  3486. - Compile correctly on MacOS 10.12 (aka "Sierra"). Closes
  3487. ticket 20241.
  3488. o Minor features (config):
  3489. - Warn users when descriptor and port addresses are inconsistent.
  3490. Mitigates bug 13953; patch by teor.
  3491. o Minor features (controller):
  3492. - Allow controllers to configure basic client authorization on
  3493. hidden services when they create them with the ADD_ONION controller
  3494. command. Implements ticket 15588. Patch by "special".
  3495. - Fire a STATUS_SERVER controller event whenever the hibernation
  3496. status changes between "awake"/"soft"/"hard". Closes ticket 18685.
  3497. - Implement new GETINFO queries for all downloads that use
  3498. download_status_t to schedule retries. This allows controllers to
  3499. examine the schedule for pending downloads. Closes ticket 19323.
  3500. o Minor features (development tools, etags):
  3501. - Teach the "make tags" Makefile target how to correctly find
  3502. "MOCK_IMPL" function definitions. Patch from nherring; closes
  3503. ticket 16869.
  3504. o Minor features (directory authority):
  3505. - After voting, if the authorities decide that a relay is not
  3506. "Valid", they no longer include it in the consensus at all. Closes
  3507. ticket 20002; implements part of proposal 272.
  3508. - Directory authorities now only give the Guard flag to a relay if
  3509. they are also giving it the Stable flag. This change allows us to
  3510. simplify path selection for clients. It should have minimal effect
  3511. in practice, since >99% of Guards already have the Stable flag.
  3512. Implements ticket 18624.
  3513. - Directory authorities now write their v3-status-votes file out to
  3514. disk earlier in the consensus process, so we have a record of the
  3515. votes even if we abort the consensus process. Resolves
  3516. ticket 19036.
  3517. o Minor features (fallback directory list, new since 0.2.9.7-rc):
  3518. - Replace the 81 remaining fallbacks of the 100 originally
  3519. introduced in Tor 0.2.8.3-alpha in March 2016, with a list of 177
  3520. fallbacks (123 new, 54 existing, 27 removed) generated in December
  3521. 2016. Resolves ticket 20170.
  3522. o Minor features (hidden service):
  3523. - Stop being so strict about the payload length of "rendezvous1"
  3524. cells. We used to be locked in to the "TAP" handshake length, and
  3525. now we can handle better handshakes like "ntor". Resolves
  3526. ticket 18998.
  3527. o Minor features (infrastructure, time):
  3528. - Tor now includes an improved timer backend, so that we can
  3529. efficiently support tens or hundreds of thousands of concurrent
  3530. timers, as will be needed for some of our planned anti-traffic-
  3531. analysis work. This code is based on William Ahern's "timeout.c"
  3532. project, which implements a "tickless hierarchical timing wheel".
  3533. Closes ticket 18365.
  3534. - Tor now uses the operating system's monotonic timers (where
  3535. available) for internal fine-grained timing. Previously we would
  3536. look at the system clock, and then attempt to compensate for the
  3537. clock running backwards. Closes ticket 18908.
  3538. o Minor features (logging):
  3539. - Add a set of macros to check nonfatal assertions, for internal
  3540. use. Migrating more of our checks to these should help us avoid
  3541. needless crash bugs. Closes ticket 18613.
  3542. - Provide a more useful warning message when configured with an
  3543. invalid Nickname. Closes ticket 18300; patch from "icanhasaccount".
  3544. - When dumping unparseable router descriptors, optionally store them
  3545. in separate files, named by digest, up to a configurable size
  3546. limit. You can change the size limit by setting the
  3547. MaxUnparseableDescSizeToLog option, and disable this feature by
  3548. setting that option to 0. Closes ticket 18322.
  3549. o Minor features (performance):
  3550. - Change the "optimistic data" extension from "off by default" to
  3551. "on by default". The default was ordinarily overridden by a
  3552. consensus option, but when clients were bootstrapping for the
  3553. first time, they would not have a consensus to get the option
  3554. from. Changing this default saves a round-trip during startup.
  3555. Closes ticket 18815.
  3556. o Minor features (relay, usability):
  3557. - When the directory authorities refuse a bad relay's descriptor,
  3558. encourage the relay operator to contact us. Many relay operators
  3559. won't notice this line in their logs, but it's a win if even a few
  3560. learn why we don't like what their relay was doing. Resolves
  3561. ticket 18760.
  3562. o Minor features (security, TLS):
  3563. - Servers no longer support clients that lack AES ciphersuites.
  3564. (3DES is no longer considered an acceptable cipher.) We believe
  3565. that no such Tor clients currently exist, since Tor has required
  3566. OpenSSL 0.9.7 or later since 2009. Closes ticket 19998.
  3567. o Minor features (testing):
  3568. - Disable memory protections on OpenBSD when performing our unit
  3569. tests for memwipe(). The test deliberately invokes undefined
  3570. behavior, and the OpenBSD protections interfere with this. Patch
  3571. from "rubiate". Closes ticket 20066.
  3572. - Move the test-network.sh script to chutney, and modify tor's test-
  3573. network.sh to call the (newer) chutney version when available.
  3574. Resolves ticket 19116. Patch by teor.
  3575. - Use the lcov convention for marking lines as unreachable, so that
  3576. we don't count them when we're generating test coverage data.
  3577. Update our coverage tools to understand this convention. Closes
  3578. ticket 16792.
  3579. - Our link-handshake unit tests now check that when invalid
  3580. handshakes fail, they fail with the error messages we expected.
  3581. - Our unit testing code that captures log messages no longer
  3582. prevents them from being written out if the user asked for them
  3583. (by passing --debug or --info or --notice or --warn to the "test"
  3584. binary). This change prevents us from missing unexpected log
  3585. messages simply because we were looking for others. Related to
  3586. ticket 19999.
  3587. - The unit tests now log all warning messages with the "BUG" flag.
  3588. Previously, they only logged errors by default. This change will
  3589. help us make our testing code more correct, and make sure that we
  3590. only hit this code when we mean to. In the meantime, however,
  3591. there will be more warnings in the unit test logs than before.
  3592. This is preparatory work for ticket 19999.
  3593. - The unit tests now treat any failure of a "tor_assert_nonfatal()"
  3594. assertion as a test failure.
  3595. - We've done significant work to make the unit tests run faster.
  3596. o Minor features (testing, ipv6):
  3597. - Add the hs-ipv6 chutney target to make test-network-all's IPv6
  3598. tests. Remove bridges+hs, as it's somewhat redundant. This
  3599. requires a recent chutney version that supports IPv6 clients,
  3600. relays, and authorities. Closes ticket 20069; patch by teor.
  3601. - Add the single-onion and single-onion-ipv6 chutney targets to
  3602. "make test-network-all". This requires a recent chutney version
  3603. with the single onion network flavors (git c72a652 or later).
  3604. Closes ticket 20072; patch by teor.
  3605. o Minor features (Tor2web):
  3606. - Make Tor2web clients respect ReachableAddresses. This feature was
  3607. inadvertently enabled in 0.2.8.6, then removed by bugfix 19973 on
  3608. 0.2.8.7. Implements feature 20034. Patch by teor.
  3609. o Minor features (unix domain sockets):
  3610. - When configuring a unix domain socket for a SocksPort,
  3611. ControlPort, or Hidden service, you can now wrap the address in
  3612. quotes, using C-style escapes inside the quotes. This allows unix
  3613. domain socket paths to contain spaces. Resolves ticket 18753.
  3614. o Minor features (user interface):
  3615. - Tor now supports the ability to declare options deprecated, so
  3616. that we can recommend that people stop using them. Previously, this
  3617. was done in an ad-hoc way. There is a new --list-deprecated-options
  3618. command-line option to list all of the deprecated options. Closes
  3619. ticket 19820.
  3620. o Minor features (virtual addresses):
  3621. - Increase the maximum number of bits for the IPv6 virtual network
  3622. prefix from 16 to 104. In this way, the condition for address
  3623. allocation is less restrictive. Closes ticket 20151; feature
  3624. on 0.2.4.7-alpha.
  3625. o Minor bug fixes (circuits):
  3626. - Use the CircuitBuildTimeout option whenever
  3627. LearnCircuitBuildTimeout is disabled. Previously, we would respect
  3628. the option when a user disabled it, but not when it was disabled
  3629. because some other option was set. Fixes bug 20073; bugfix on
  3630. 0.2.4.12-alpha. Patch by teor.
  3631. o Minor bugfixes (build):
  3632. - The current Git revision when building from a local repository is
  3633. now detected correctly when using git worktrees. Fixes bug 20492;
  3634. bugfix on 0.2.3.9-alpha.
  3635. o Minor bugfixes (relay address discovery):
  3636. - Stop reordering IP addresses returned by the OS. This makes it
  3637. more likely that Tor will guess the same relay IP address every
  3638. time. Fixes issue 20163; bugfix on 0.2.7.1-alpha, ticket 17027.
  3639. Reported by René Mayrhofer, patch by "cypherpunks".
  3640. o Minor bugfixes (memory allocation):
  3641. - Change how we allocate memory for large chunks on buffers, to
  3642. avoid a (currently impossible) integer overflow, and to waste less
  3643. space when allocating unusually large chunks. Fixes bug 20081;
  3644. bugfix on 0.2.0.16-alpha. Issue identified by Guido Vranken.
  3645. o Minor bugfixes (bootstrap):
  3646. - Remember the directory server we fetched the consensus or previous
  3647. certificates from, and use it to fetch future authority
  3648. certificates. This change improves bootstrapping performance.
  3649. Fixes bug 18963; bugfix on 0.2.8.1-alpha.
  3650. o Minor bugfixes (circuits):
  3651. - Make sure extend_info_from_router() is only called on servers.
  3652. Fixes bug 19639; bugfix on 0.2.8.1-alpha.
  3653. o Minor bugfixes (client, fascistfirewall):
  3654. - Avoid spurious warnings when ReachableAddresses or FascistFirewall
  3655. is set. Fixes bug 20306; bugfix on 0.2.8.2-alpha.
  3656. o Minor bugfixes (client, unix domain sockets):
  3657. - Disable IsolateClientAddr when using AF_UNIX backed SocksPorts as
  3658. the client address is meaningless. Fixes bug 20261; bugfix
  3659. on 0.2.6.3-alpha.
  3660. o Minor bugfixes (code style):
  3661. - Fix an integer signedness conversion issue in the case conversion
  3662. tables. Fixes bug 19168; bugfix on 0.2.1.11-alpha.
  3663. o Minor bugfixes (compilation):
  3664. - Build correctly on versions of libevent2 without support for
  3665. evutil_secure_rng_add_bytes(). Fixes bug 19904; bugfix
  3666. on 0.2.5.4-alpha.
  3667. - When building with Clang, use a full set of GCC warnings.
  3668. (Previously, we included only a subset, because of the way we
  3669. detected them.) Fixes bug 19216; bugfix on 0.2.0.1-alpha.
  3670. - Detect Libevent2 functions correctly on systems that provide
  3671. libevent2, but where libevent1 is linked with -levent. Fixes bug
  3672. 19904; bugfix on 0.2.2.24-alpha. Patch from Rubiate.
  3673. - Run correctly when built on Windows build environments that
  3674. require _vcsprintf(). Fixes bug 20560; bugfix on 0.2.2.11-alpha.
  3675. o Minor bugfixes (configuration):
  3676. - When parsing quoted configuration values from the torrc file,
  3677. handle Windows line endings correctly. Fixes bug 19167; bugfix on
  3678. 0.2.0.16-alpha. Patch from "Pingl".
  3679. o Minor bugfixes (directory authority):
  3680. - Authorities now sort the "package" lines in their votes, for ease
  3681. of debugging. (They are already sorted in consensus documents.)
  3682. Fixes bug 18840; bugfix on 0.2.6.3-alpha.
  3683. - Die with a more useful error when the operator forgets to place
  3684. the authority_signing_key file into the keys directory. This
  3685. avoids an uninformative assert & traceback about having an invalid
  3686. key. Fixes bug 20065; bugfix on 0.2.0.1-alpha.
  3687. - When allowing private addresses, mark Exits that only exit to
  3688. private locations as such. Fixes bug 20064; bugfix
  3689. on 0.2.2.9-alpha.
  3690. - When parsing a detached signature, make sure we use the length of
  3691. the digest algorithm instead of a hardcoded DIGEST256_LEN in
  3692. order to avoid comparing bytes out-of-bounds with a smaller digest
  3693. length such as SHA1. Fixes bug 19066; bugfix on 0.2.2.6-alpha.
  3694. o Minor bugfixes (getpass):
  3695. - Defensively fix a non-triggerable heap corruption at do_getpass()
  3696. to protect ourselves from mistakes in the future. Fixes bug
  3697. 19223; bugfix on 0.2.7.3-rc. Bug found by Guido Vranken, patch
  3698. by nherring.
  3699. o Minor bugfixes (guard selection):
  3700. - Don't mark guards as unreachable if connection_connect() fails.
  3701. That function fails for local reasons, so it shouldn't reveal
  3702. anything about the status of the guard. Fixes bug 14334; bugfix
  3703. on 0.2.3.10-alpha.
  3704. - Use a single entry guard even if the NumEntryGuards consensus
  3705. parameter is not provided. Fixes bug 17688; bugfix
  3706. on 0.2.5.6-alpha.
  3707. o Minor bugfixes (hidden services):
  3708. - Increase the minimum number of internal circuits we preemptively
  3709. build from 2 to 3, so a circuit is available when a client
  3710. connects to another onion service. Fixes bug 13239; bugfix
  3711. on 0.1.0.1-rc.
  3712. - Allow hidden services to run on IPv6 addresses even when the
  3713. IPv6Exit option is not set. Fixes bug 18357; bugfix
  3714. on 0.2.4.7-alpha.
  3715. - Stop logging intro point details to the client log on certain
  3716. error conditions. Fixed as part of bug 20012; bugfix on
  3717. 0.2.4.8-alpha. Patch by teor.
  3718. - When deleting an ephemeral hidden service, close its intro points
  3719. even if they are not completely open. Fixes bug 18604; bugfix
  3720. on 0.2.7.1-alpha.
  3721. - When configuring hidden services, check every hidden service
  3722. directory's permissions. Previously, we only checked the last
  3723. hidden service. Fixes bug 20529; bugfix on 0.2.6.2-alpha.
  3724. o Minor bugfixes (IPv6, testing):
  3725. - Check for IPv6 correctly on Linux when running test networks.
  3726. Fixes bug 19905; bugfix on 0.2.7.3-rc; patch by teor.
  3727. o Minor bugfixes (Linux seccomp2 sandbox):
  3728. - Add permission to run the sched_yield() and sigaltstack() system
  3729. calls, in order to support versions of Tor compiled with asan or
  3730. ubsan code that use these calls. Now "sandbox 1" and
  3731. "--enable-expensive-hardening" should be compatible on more
  3732. systems. Fixes bug 20063; bugfix on 0.2.5.1-alpha.
  3733. o Minor bugfixes (logging):
  3734. - Downgrade a harmless log message about the
  3735. pending_entry_connections list from "warn" to "info". Mitigates
  3736. bug 19926.
  3737. - Log a more accurate message when we fail to dump a microdescriptor.
  3738. Fixes bug 17758; bugfix on 0.2.2.8-alpha. Patch from Daniel Pinto.
  3739. - When logging a directory ownership mismatch, log the owning
  3740. username correctly. Fixes bug 19578; bugfix on 0.2.2.29-beta.
  3741. - When we are unable to remove the bw_accounting file, do not warn
  3742. if the reason we couldn't remove it was that it didn't exist.
  3743. Fixes bug 19964; bugfix on 0.2.5.4-alpha. Patch from pastly.
  3744. o Minor bugfixes (memory leak):
  3745. - Fix a series of slow memory leaks related to parsing torrc files
  3746. and options. Fixes bug 19466; bugfix on 0.2.1.6-alpha.
  3747. - Avoid a small memory leak when informing worker threads about
  3748. rotated onion keys. Fixes bug 20401; bugfix on 0.2.6.3-alpha.
  3749. - Fix a small memory leak when receiving AF_UNIX connections on a
  3750. SocksPort. Fixes bug 20716; bugfix on 0.2.6.3-alpha.
  3751. - When moving a signed descriptor object from a source to an
  3752. existing destination, free the allocated memory inside that
  3753. destination object. Fixes bug 20715; bugfix on 0.2.8.3-alpha.
  3754. - Fix a memory leak and use-after-free error when removing entries
  3755. from the sandbox's getaddrinfo() cache. Fixes bug 20710; bugfix on
  3756. 0.2.5.5-alpha. Patch from "cypherpunks".
  3757. - Fix a small, uncommon memory leak that could occur when reading a
  3758. truncated ed25519 key file. Fixes bug 18956; bugfix
  3759. on 0.2.6.1-alpha.
  3760. o Minor bugfixes (option parsing):
  3761. - Count unix sockets when counting client listeners (SOCKS, Trans,
  3762. NATD, and DNS). This has no user-visible behavior changes: these
  3763. options are set once, and never read. Required for correct
  3764. behavior in ticket 17178. Fixes bug 19677; bugfix on
  3765. 0.2.6.3-alpha. Patch by teor.
  3766. o Minor bugfixes (options):
  3767. - Check the consistency of UseEntryGuards and EntryNodes more
  3768. reliably. Fixes bug 20074; bugfix on 0.2.4.12-alpha. Patch
  3769. by teor.
  3770. - Stop changing the configured value of UseEntryGuards on
  3771. authorities and Tor2web clients. Fixes bug 20074; bugfix on
  3772. commits 51fc6799 in 0.1.1.16-rc and acda1735 in 0.2.4.3-alpha.
  3773. Patch by teor.
  3774. o Minor bugfixes (relay):
  3775. - Ensure relays don't make multiple connections during bootstrap.
  3776. Fixes bug 20591; bugfix on 0.2.8.1-alpha.
  3777. - Do not try to parallelize workers more than 16x without the user
  3778. explicitly configuring us to do so, even if we do detect more than
  3779. 16 CPU cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha.
  3780. o Minor bugfixes (testing):
  3781. - The test-stem and test-network makefile targets now depend only on
  3782. the tor binary that they are testing. Previously, they depended on
  3783. "make all". Fixes bug 18240; bugfix on 0.2.8.2-alpha. Based on a
  3784. patch from "cypherpunks".
  3785. - Allow clients to retry HSDirs much faster in test networks. Fixes
  3786. bug 19702; bugfix on 0.2.7.1-alpha. Patch by teor.
  3787. - Avoid a unit test failure on systems with over 16 detectable CPU
  3788. cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha.
  3789. - Let backtrace tests work correctly under AddressSanitizer:
  3790. disable ASAN's detection of segmentation faults while running
  3791. test_bt.sh, so that we can make sure that our own backtrace
  3792. generation code works. Fixes bug 18934; bugfix
  3793. on 0.2.5.2-alpha. Patch from "cypherpunks".
  3794. - Fix the test-network-all target on out-of-tree builds by using the
  3795. correct path to the test driver script. Fixes bug 19421; bugfix
  3796. on 0.2.7.3-rc.
  3797. - Stop spurious failures in the local interface address discovery
  3798. unit tests. Fixes bug 20634; bugfix on 0.2.8.1-alpha; patch by
  3799. Neel Chauhan.
  3800. - Use ECDHE ciphers instead of ECDH in tortls tests. LibreSSL has
  3801. removed the ECDH ciphers which caused the tests to fail on
  3802. platforms which use it. Fixes bug 20460; bugfix on 0.2.8.1-alpha.
  3803. - The tor_tls_server_info_callback unit test no longer crashes when
  3804. debug-level logging is turned on. Fixes bug 20041; bugfix
  3805. on 0.2.8.1-alpha.
  3806. o Minor bugfixes (time):
  3807. - Improve overflow checks in tv_udiff and tv_mdiff. Fixes bug 19483;
  3808. bugfix on all released tor versions.
  3809. - When computing the difference between two times in milliseconds,
  3810. we now round to the nearest millisecond correctly. Previously, we
  3811. could sometimes round in the wrong direction. Fixes bug 19428;
  3812. bugfix on 0.2.2.2-alpha.
  3813. o Minor bugfixes (Tor2web):
  3814. - Prevent Tor2web clients from running hidden services: these services
  3815. are not anonymous due to the one-hop client paths. Fixes bug
  3816. 19678. Patch by teor.
  3817. o Minor bugfixes (user interface):
  3818. - Display a more accurate number of suppressed messages in the log
  3819. rate-limiter. Previously, there was a potential integer overflow
  3820. in the counter. Now, if the number of messages hits a maximum, the
  3821. rate-limiter doesn't count any further. Fixes bug 19435; bugfix
  3822. on 0.2.4.11-alpha.
  3823. - Fix a typo in the passphrase prompt for the ed25519 identity key.
  3824. Fixes bug 19503; bugfix on 0.2.7.2-alpha.
  3825. o Code simplification and refactoring:
  3826. - Remove redundant declarations of the MIN macro. Closes
  3827. ticket 18889.
  3828. - Rename tor_dup_addr() to tor_addr_to_str_dup() to avoid confusion.
  3829. Closes ticket 18462; patch from "icanhasaccount".
  3830. - Split the 600-line directory_handle_command_get function into
  3831. separate functions for different URL types. Closes ticket 16698.
  3832. o Documentation:
  3833. - Add module-level internal documentation for 36 C files that
  3834. previously didn't have a high-level overview. Closes ticket 20385.
  3835. - Correct the IPv6 syntax in our documentation for the
  3836. VirtualAddrNetworkIPv6 torrc option. Closes ticket 19743.
  3837. - Correct the minimum bandwidth value in torrc.sample, and queue a
  3838. corresponding change for torrc.minimal. Closes ticket 20085.
  3839. - Fix spelling of "--enable-tor2web-mode" in the manpage. Closes
  3840. ticket 19153. Patch from "U+039b".
  3841. - Module-level documentation for several more modules. Closes
  3842. tickets 19287 and 19290.
  3843. - Document the --passphrase-fd option in the tor manpage. Fixes bug
  3844. 19504; bugfix on 0.2.7.3-rc.
  3845. - Document the default PathsNeededToBuildCircuits value that's used
  3846. by clients when the directory authorities don't set
  3847. min_paths_for_circs_pct. Fixes bug 20117; bugfix on 0.2.4.10-alpha.
  3848. Patch by teor, reported by Jesse V.
  3849. - Fix manual for the User option: it takes a username, not a UID.
  3850. Fixes bug 19122; bugfix on 0.0.2pre16 (the first version to have
  3851. a manpage!).
  3852. - Fix the description of the --passphrase-fd option in the
  3853. tor-gencert manpage. The option is used to pass the number of a
  3854. file descriptor to read the passphrase from, not to read the file
  3855. descriptor from. Fixes bug 19505; bugfix on 0.2.0.20-alpha.
  3856. o Removed code:
  3857. - We no longer include the (dead, deprecated) bufferevent code in
  3858. Tor. Closes ticket 19450. Based on a patch from "U+039b".
  3859. o Removed features:
  3860. - Remove support for "GET /tor/bytes.txt" DirPort request, and
  3861. "GETINFO dir-usage" controller request, which were only available
  3862. via a compile-time option in Tor anyway. Feature was added in
  3863. 0.2.2.1-alpha. Resolves ticket 19035.
  3864. - There is no longer a compile-time option to disable support for
  3865. TransPort. (If you don't want TransPort, just don't use it.) Patch
  3866. from "U+039b". Closes ticket 19449.
  3867. o Testing:
  3868. - Run more workqueue tests as part of "make check". These had
  3869. previously been implemented, but you needed to know special
  3870. command-line options to enable them.
  3871. - We now have unit tests for our code to reject zlib "compression
  3872. bombs". (Fortunately, the code works fine.)
  3873. Changes in version 0.2.8.11 - 2016-12-08
  3874. Tor 0.2.8.11 backports fixes for additional portability issues that
  3875. could prevent Tor from building correctly on OSX Sierra, or with
  3876. OpenSSL 1.1. Affected users should upgrade; others can safely stay
  3877. with 0.2.8.10.
  3878. o Minor bugfixes (portability):
  3879. - Avoid compilation errors when building on OSX Sierra. Sierra began
  3880. to support the getentropy() and clock_gettime() APIs, but created
  3881. a few problems in doing so. Tor 0.2.9 has a more thorough set of
  3882. workarounds; in 0.2.8, we are just using the /dev/urandom and mach
  3883. monotonic time interfaces. Fixes bug 20865. Bugfix
  3884. on 0.2.8.1-alpha.
  3885. o Minor bugfixes (portability, backport from 0.2.9.5-alpha):
  3886. - Fix compilation with OpenSSL 1.1 and less commonly-used CPU
  3887. architectures. Closes ticket 20588.
  3888. Changes in version 0.2.8.10 - 2016-12-02
  3889. Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients
  3890. unusable after they left standby mode. It also backports fixes for
  3891. a few portability issues and a small but problematic memory leak.
  3892. o Major bugfixes (client reliability, backport from 0.2.9.5-alpha):
  3893. - When Tor leaves standby because of a new application request, open
  3894. circuits as needed to serve that request. Previously, we would
  3895. potentially wait a very long time. Fixes part of bug 19969; bugfix
  3896. on 0.2.8.1-alpha.
  3897. o Major bugfixes (client performance, backport from 0.2.9.5-alpha):
  3898. - Clients now respond to new application stream requests immediately
  3899. when they arrive, rather than waiting up to one second before
  3900. starting to handle them. Fixes part of bug 19969; bugfix
  3901. on 0.2.8.1-alpha.
  3902. o Minor bugfixes (portability, backport from 0.2.9.6-rc):
  3903. - Work around a bug in the OSX 10.12 SDK that would prevent us from
  3904. successfully targeting earlier versions of OSX. Resolves
  3905. ticket 20235.
  3906. o Minor bugfixes (portability, backport from 0.2.9.5-alpha):
  3907. - Fix implicit conversion warnings under OpenSSL 1.1. Fixes bug
  3908. 20551; bugfix on 0.2.1.1-alpha.
  3909. o Minor bugfixes (relay, backport from 0.2.9.5-alpha):
  3910. - Work around a memory leak in OpenSSL 1.1 when encoding public
  3911. keys. Fixes bug 20553; bugfix on 0.0.2pre8.
  3912. o Minor features (geoip):
  3913. - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2
  3914. Country database.
  3915. Changes in version 0.2.8.9 - 2016-10-17
  3916. Tor 0.2.8.9 backports a fix for a security hole in previous versions
  3917. of Tor that would allow a remote attacker to crash a Tor client,
  3918. hidden service, relay, or authority. All Tor users should upgrade to
  3919. this version, or to 0.2.9.4-alpha. Patches will be released for older
  3920. versions of Tor.
  3921. o Major features (security fixes, also in 0.2.9.4-alpha):
  3922. - Prevent a class of security bugs caused by treating the contents
  3923. of a buffer chunk as if they were a NUL-terminated string. At
  3924. least one such bug seems to be present in all currently used
  3925. versions of Tor, and would allow an attacker to remotely crash
  3926. most Tor instances, especially those compiled with extra compiler
  3927. hardening. With this defense in place, such bugs can't crash Tor,
  3928. though we should still fix them as they occur. Closes ticket
  3929. 20384 (TROVE-2016-10-001).
  3930. o Minor features (geoip):
  3931. - Update geoip and geoip6 to the October 4 2016 Maxmind GeoLite2
  3932. Country database.
  3933. Changes in version 0.2.8.8 - 2016-09-23
  3934. Tor 0.2.8.8 fixes two crash bugs present in previous versions of the
  3935. 0.2.8.x series. Relays running 0.2.8.x should upgrade, as should users
  3936. who select public relays as their bridges.
  3937. o Major bugfixes (crash):
  3938. - Fix a complicated crash bug that could affect Tor clients
  3939. configured to use bridges when replacing a networkstatus consensus
  3940. in which one of their bridges was mentioned. OpenBSD users saw
  3941. more crashes here, but all platforms were potentially affected.
  3942. Fixes bug 20103; bugfix on 0.2.8.2-alpha.
  3943. o Major bugfixes (relay, OOM handler):
  3944. - Fix a timing-dependent assertion failure that could occur when we
  3945. tried to flush from a circuit after having freed its cells because
  3946. of an out-of-memory condition. Fixes bug 20203; bugfix on
  3947. 0.2.8.1-alpha. Thanks to "cypherpunks" for help diagnosing
  3948. this one.
  3949. o Minor feature (fallback directories):
  3950. - Remove broken fallbacks from the hard-coded fallback directory
  3951. list. Closes ticket 20190; patch by teor.
  3952. o Minor features (geoip):
  3953. - Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2
  3954. Country database.
  3955. Changes in version 0.2.8.7 - 2016-08-24
  3956. Tor 0.2.8.7 fixes an important bug related to the ReachableAddresses
  3957. option in 0.2.8.6, and replaces a retiring bridge authority. Everyone
  3958. who sets the ReachableAddresses option, and all bridges, are strongly
  3959. encouraged to upgrade.
  3960. o Directory authority changes:
  3961. - The "Tonga" bridge authority has been retired; the new bridge
  3962. authority is "Bifroest". Closes tickets 19728 and 19690.
  3963. o Major bugfixes (client, security):
  3964. - Only use the ReachableAddresses option to restrict the first hop
  3965. in a path. In earlier versions of 0.2.8.x, it would apply to
  3966. every hop in the path, with a possible degradation in anonymity
  3967. for anyone using an uncommon ReachableAddress setting. Fixes bug
  3968. 19973; bugfix on 0.2.8.2-alpha.
  3969. o Minor features (geoip):
  3970. - Update geoip and geoip6 to the August 2 2016 Maxmind GeoLite2
  3971. Country database.
  3972. o Minor bugfixes (compilation):
  3973. - Remove an inappropriate "inline" in tortls.c that was causing
  3974. warnings on older versions of GCC. Fixes bug 19903; bugfix
  3975. on 0.2.8.1-alpha.
  3976. o Minor bugfixes (fallback directories):
  3977. - Avoid logging a NULL string pointer when loading fallback
  3978. directory information. Fixes bug 19947; bugfix on 0.2.4.7-alpha
  3979. and 0.2.8.1-alpha. Report and patch by "rubiate".
  3980. Changes in version 0.2.8.6 - 2016-08-02
  3981. Tor 0.2.8.6 is the first stable version of the Tor 0.2.8 series.
  3982. The Tor 0.2.8 series improves client bootstrapping performance,
  3983. completes the authority-side implementation of improved identity
  3984. keys for relays, and includes numerous bugfixes and performance
  3985. improvements throughout the program. This release continues to
  3986. improve the coverage of Tor's test suite. For a full list of
  3987. changes since Tor 0.2.7, see the ReleaseNotes file.
  3988. Below is a list of the changes since Tor 0.2.7.
  3989. o New system requirements:
  3990. - Tor no longer attempts to support platforms where the "time_t"
  3991. type is unsigned. (To the best of our knowledge, only OpenVMS does
  3992. this, and Tor has never actually built on OpenVMS.) Closes
  3993. ticket 18184.
  3994. - Tor no longer supports versions of OpenSSL with a broken
  3995. implementation of counter mode. (This bug was present in OpenSSL
  3996. 1.0.0, and was fixed in OpenSSL 1.0.0a.) Tor still detects, but no
  3997. longer runs with, these versions.
  3998. - Tor now uses Autoconf version 2.63 or later, and Automake 1.11 or
  3999. later (released in 2008 and 2009 respectively). If you are
  4000. building Tor from the git repository instead of from the source
  4001. distribution, and your tools are older than this, you will need to
  4002. upgrade. Closes ticket 17732.
  4003. o Directory authority changes:
  4004. - Update the V3 identity key for the dannenberg directory authority:
  4005. it was changed on 18 November 2015. Closes task 17906. Patch
  4006. by teor.
  4007. - Urras is no longer a directory authority. Closes ticket 19271.
  4008. o Major features (directory system):
  4009. - Include a trial list of default fallback directories, based on an
  4010. opt-in survey of suitable relays. Doing this should make clients
  4011. bootstrap more quickly and reliably, and reduce the load on the
  4012. directory authorities. Closes ticket 15775. Patch by teor.
  4013. Candidates identified using an OnionOO script by weasel, teor,
  4014. gsathya, and karsten.
  4015. - Previously only relays that explicitly opened a directory port
  4016. (DirPort) accepted directory requests from clients. Now all
  4017. relays, with and without a DirPort, accept and serve tunneled
  4018. directory requests that they receive through their ORPort. You can
  4019. disable this behavior using the new DirCache option. Closes
  4020. ticket 12538.
  4021. - When bootstrapping multiple consensus downloads at a time, use the
  4022. first one that starts downloading, and close the rest. This
  4023. reduces failures when authorities or fallback directories are slow
  4024. or down. Together with the code for feature 15775, this feature
  4025. should reduces failures due to fallback churn. Implements ticket
  4026. 4483. Patch by teor. Implements IPv4 portions of proposal 210 by
  4027. mikeperry and teor.
  4028. o Major features (security, Linux):
  4029. - When Tor starts as root on Linux and is told to switch user ID, it
  4030. can now retain the capability to bind to low ports. By default,
  4031. Tor will do this only when it's switching user ID and some low
  4032. ports have been configured. You can change this behavior with the
  4033. new option KeepBindCapabilities. Closes ticket 8195.
  4034. o Major bugfixes (client, bootstrapping):
  4035. - Check if bootstrap consensus downloads are still needed when the
  4036. linked connection attaches. This prevents tor making unnecessary
  4037. begindir-style connections, which are the only directory
  4038. connections tor clients make since the fix for 18483 was merged.
  4039. - Fix some edge cases where consensus download connections may not
  4040. have been closed, even though they were not needed. Related to fix
  4041. for 18809.
  4042. - Make relays retry consensus downloads the correct number of times,
  4043. rather than the more aggressive client retry count. Fixes part of
  4044. ticket 18809.
  4045. o Major bugfixes (dns proxy mode, crash):
  4046. - Avoid crashing when running as a DNS proxy. Fixes bug 16248;
  4047. bugfix on 0.2.0.1-alpha. Patch from "cypherpunks".
  4048. o Major bugfixes (ed25519, voting):
  4049. - Actually enable support for authorities to match routers by their
  4050. Ed25519 identities. Previously, the code had been written, but
  4051. some debugging code that had accidentally been left in the
  4052. codebase made it stay turned off. Fixes bug 17702; bugfix
  4053. on 0.2.7.2-alpha.
  4054. - When collating votes by Ed25519 identities, authorities now
  4055. include a "NoEdConsensus" flag if the ed25519 value (or lack
  4056. thereof) for a server does not reflect the majority consensus.
  4057. Related to bug 17668; bugfix on 0.2.7.2-alpha.
  4058. - When generating a vote with keypinning disabled, never include two
  4059. entries for the same ed25519 identity. This bug was causing
  4060. authorities to generate votes that they could not parse when a
  4061. router violated key pinning by changing its RSA identity but
  4062. keeping its Ed25519 identity. Fixes bug 17668; fixes part of bug
  4063. 18318. Bugfix on 0.2.7.2-alpha.
  4064. o Major bugfixes (key management):
  4065. - If OpenSSL fails to generate an RSA key, do not retain a dangling
  4066. pointer to the previous (uninitialized) key value. The impact here
  4067. should be limited to a difficult-to-trigger crash, if OpenSSL is
  4068. running an engine that makes key generation failures possible, or
  4069. if OpenSSL runs out of memory. Fixes bug 19152; bugfix on
  4070. 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and
  4071. Baishakhi Ray.
  4072. o Major bugfixes (security, client, DNS proxy):
  4073. - Stop a crash that could occur when a client running with DNSPort
  4074. received a query with multiple address types, and the first
  4075. address type was not supported. Found and fixed by Scott Dial.
  4076. Fixes bug 18710; bugfix on 0.2.5.4-alpha.
  4077. o Major bugfixes (security, compilation):
  4078. - Correctly detect compiler flags on systems where _FORTIFY_SOURCE
  4079. is predefined. Previously, our use of -D_FORTIFY_SOURCE would
  4080. cause a compiler warning, thereby making other checks fail, and
  4081. needlessly disabling compiler-hardening support. Fixes one case of
  4082. bug 18841; bugfix on 0.2.3.17-beta. Patch from "trudokal".
  4083. - Repair hardened builds under the clang compiler. Previously, our
  4084. use of _FORTIFY_SOURCE would conflict with clang's address
  4085. sanitizer. Fixes bug 14821; bugfix on 0.2.5.4-alpha.
  4086. o Major bugfixes (security, pointers):
  4087. - Avoid a difficult-to-trigger heap corruption attack when extending
  4088. a smartlist to contain over 16GB of pointers. Fixes bug 18162;
  4089. bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely.
  4090. Reported by Guido Vranken.
  4091. o Major bugfixes (testing):
  4092. - Fix a bug that would block 'make test-network-all' on systems where
  4093. IPv6 packets were lost. Fixes bug 19008; bugfix on 0.2.7.3-rc.
  4094. o Major bugfixes (user interface):
  4095. - Correctly give a warning in the cases where a relay is specified
  4096. by nickname, and one such relay is found, but it is not officially
  4097. Named. Fixes bug 19203; bugfix on 0.2.3.1-alpha.
  4098. o Minor features (accounting):
  4099. - Added two modes to the AccountingRule option: One for limiting
  4100. only the number of bytes sent ("AccountingRule out"), and one for
  4101. limiting only the number of bytes received ("AccountingRule in").
  4102. Closes ticket 15989; patch from "unixninja92".
  4103. o Minor features (bug-resistance):
  4104. - Make Tor survive errors involving connections without a
  4105. corresponding event object. Previously we'd fail with an
  4106. assertion; now we produce a log message. Related to bug 16248.
  4107. - Use tor_snprintf() and tor_vsnprintf() even in external and low-
  4108. level code, to harden against accidental failures to NUL-
  4109. terminate. Part of ticket 17852. Patch from jsturgix. Found
  4110. with Flawfinder.
  4111. o Minor features (build):
  4112. - Detect systems with FreeBSD-derived kernels (such as GNU/kFreeBSD)
  4113. as having possible IPFW support. Closes ticket 18448. Patch from
  4114. Steven Chamberlain.
  4115. - Since our build process now uses "make distcheck", we no longer
  4116. force "make dist" to depend on "make check". Closes ticket 17893;
  4117. patch from "cypherpunks".
  4118. - Tor now builds once again with the recent OpenSSL 1.1 development
  4119. branch (tested against 1.1.0-pre5 and 1.1.0-pre6-dev). We have been
  4120. tracking OpenSSL 1.1 development as it has progressed, and fixing
  4121. numerous compatibility issues as they arose. See tickets
  4122. 17549, 17921, 17984, 19499, and 18286.
  4123. - When building manual pages, set the timezone to "UTC", so that the
  4124. output is reproducible. Fixes bug 19558; bugfix on 0.2.2.9-alpha.
  4125. Patch from intrigeri.
  4126. o Minor features (clients):
  4127. - Make clients, onion services, and bridge relays always use an
  4128. encrypted begindir connection for directory requests. Resolves
  4129. ticket 18483. Patch by teor.
  4130. o Minor features (controller):
  4131. - Add 'GETINFO exit-policy/reject-private/[default,relay]', so
  4132. controllers can examine the the reject rules added by
  4133. ExitPolicyRejectPrivate. This makes it easier for stem to display
  4134. exit policies.
  4135. - Adds the FallbackDir entries to 'GETINFO config/defaults'. Closes
  4136. tickets 16774 and 17817. Patch by George Tankersley.
  4137. - New 'GETINFO hs/service/desc/id/' command to retrieve a hidden
  4138. service descriptor from a service's local hidden service
  4139. descriptor cache. Closes ticket 14846.
  4140. o Minor features (crypto):
  4141. - Add SHA3 and SHAKE support to crypto.c. Closes ticket 17783.
  4142. - Add SHA512 support to crypto.c. Closes ticket 17663; patch from
  4143. George Tankersley.
  4144. - Improve performance when hashing non-multiple of 8 sized buffers,
  4145. based on Andrew Moon's public domain SipHash-2-4 implementation.
  4146. Fixes bug 17544; bugfix on 0.2.5.3-alpha.
  4147. - Validate the hard-coded Diffie-Hellman parameters and ensure that
  4148. p is a safe prime, and g is a suitable generator. Closes
  4149. ticket 18221.
  4150. - When allocating a digest state object, allocate no more space than
  4151. we actually need. Previously, we would allocate as much space as
  4152. the state for the largest algorithm would need. This change saves
  4153. up to 672 bytes per circuit. Closes ticket 17796.
  4154. o Minor features (directory downloads):
  4155. - Add UseDefaultFallbackDirs, which enables any hard-coded fallback
  4156. directory mirrors. The default is 1; set it to 0 to disable
  4157. fallbacks. Implements ticket 17576. Patch by teor.
  4158. - Wait for busy authorities and fallback directories to become non-
  4159. busy when bootstrapping. (A similar change was made in 6c443e987d
  4160. for directory caches chosen from the consensus.) Closes ticket
  4161. 17864; patch by teor.
  4162. o Minor features (geoip):
  4163. - Update geoip and geoip6 to the July 6 2016 Maxmind GeoLite2
  4164. Country database.
  4165. o Minor features (hidden service directory):
  4166. - Streamline relay-side hsdir handling: when relays consider whether
  4167. to accept an uploaded hidden service descriptor, they no longer
  4168. check whether they are one of the relays in the network that is
  4169. "supposed" to handle that descriptor. Implements ticket 18332.
  4170. o Minor features (IPv6):
  4171. - Add ClientPreferIPv6DirPort, which is set to 0 by default. If set
  4172. to 1, tor prefers IPv6 directory addresses.
  4173. - Add ClientUseIPv4, which is set to 1 by default. If set to 0, tor
  4174. avoids using IPv4 for client OR and directory connections.
  4175. - Add address policy assume_action support for IPv6 addresses.
  4176. - Add an argument 'ipv6=address:orport' to the DirAuthority and
  4177. FallbackDir torrc options, to specify an IPv6 address for an
  4178. authority or fallback directory. Add hard-coded ipv6 addresses for
  4179. directory authorities that have them. Closes ticket 17327; patch
  4180. from Nick Mathewson and teor.
  4181. - Allow users to configure directory authorities and fallback
  4182. directory servers with IPv6 addresses and ORPorts. Resolves
  4183. ticket 6027.
  4184. - Limit IPv6 mask bits to 128.
  4185. - Make tor_ersatz_socketpair work on IPv6-only systems. Fixes bug
  4186. 17638; bugfix on 0.0.2pre8. Patch by teor.
  4187. - Try harder to obey the IP version restrictions "ClientUseIPv4 0",
  4188. "ClientUseIPv6 0", "ClientPreferIPv6ORPort", and
  4189. "ClientPreferIPv6DirPort". Closes ticket 17840; patch by teor.
  4190. - Warn when comparing against an AF_UNSPEC address in a policy, it's
  4191. almost always a bug. Closes ticket 17863; patch by teor.
  4192. - routerset_parse now accepts IPv6 literal addresses. Fixes bug
  4193. 17060; bugfix on 0.2.1.3-alpha. Patch by teor.
  4194. o Minor features (Linux seccomp2 sandbox):
  4195. - Reject attempts to change our Address with "Sandbox 1" enabled.
  4196. Changing Address with Sandbox turned on would never actually work,
  4197. but previously it would fail in strange and confusing ways. Found
  4198. while fixing 18548.
  4199. o Minor features (logging):
  4200. - When logging to syslog, allow a tag to be added to the syslog
  4201. identity (the string prepended to every log message). The tag can
  4202. be configured with SyslogIdentityTag and defaults to none. Setting
  4203. it to "foo" will cause logs to be tagged as "Tor-foo". Closes
  4204. ticket 17194.
  4205. o Minor features (portability):
  4206. - Use timingsafe_memcmp() where available. Closes ticket 17944;
  4207. patch from <logan@hackers.mu>.
  4208. o Minor features (relay, address discovery):
  4209. - Add a family argument to get_interface_addresses_raw() and
  4210. subfunctions to make network interface address interogation more
  4211. efficient. Now Tor can specifically ask for IPv4, IPv6 or both
  4212. types of interfaces from the operating system. Resolves
  4213. ticket 17950.
  4214. - When get_interface_address6_list(.,AF_UNSPEC,.) is called and
  4215. fails to enumerate interface addresses using the platform-specific
  4216. API, have it rely on the UDP socket fallback technique to try and
  4217. find out what IP addresses (both IPv4 and IPv6) our machine has.
  4218. Resolves ticket 17951.
  4219. o Minor features (replay cache):
  4220. - The replay cache now uses SHA256 instead of SHA1. Implements
  4221. feature 8961. Patch by teor, issue reported by rransom.
  4222. o Minor features (robustness):
  4223. - Exit immediately with an error message if the code attempts to use
  4224. Libevent without having initialized it. This should resolve some
  4225. frequently-made mistakes in our unit tests. Closes ticket 18241.
  4226. o Minor features (security, clock):
  4227. - Warn when the system clock appears to move back in time (when the
  4228. state file was last written in the future). Tor doesn't know that
  4229. consensuses have expired if the clock is in the past. Patch by
  4230. teor. Implements ticket 17188.
  4231. o Minor features (security, exit policies):
  4232. - ExitPolicyRejectPrivate now rejects more private addresses by
  4233. default. Specifically, it now rejects the relay's outbound bind
  4234. addresses (if configured), and the relay's configured port
  4235. addresses (such as ORPort and DirPort). Fixes bug 17027; bugfix on
  4236. 0.2.0.11-alpha. Patch by teor.
  4237. o Minor features (security, memory erasure):
  4238. - Make memwipe() do nothing when passed a NULL pointer or buffer of
  4239. zero size. Check size argument to memwipe() for underflow. Fixes
  4240. bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk",
  4241. patch by teor.
  4242. - Set the unused entries in a smartlist to NULL. This helped catch
  4243. a (harmless) bug, and shouldn't affect performance too much.
  4244. Implements ticket 17026.
  4245. - Use SecureMemoryWipe() function to securely clean memory on
  4246. Windows. Previously we'd use OpenSSL's OPENSSL_cleanse() function.
  4247. Implements feature 17986.
  4248. - Use explicit_bzero or memset_s when present. Previously, we'd use
  4249. OpenSSL's OPENSSL_cleanse() function. Closes ticket 7419; patches
  4250. from <logan@hackers.mu> and <selven@hackers.mu>.
  4251. o Minor features (security, RNG):
  4252. - Adjust Tor's use of OpenSSL's RNG APIs so that they absolutely,
  4253. positively are not allowed to fail. Previously we depended on
  4254. internal details of OpenSSL's behavior. Closes ticket 17686.
  4255. - Never use the system entropy output directly for anything besides
  4256. seeding the PRNG. When we want to generate important keys, instead
  4257. of using system entropy directly, we now hash it with the PRNG
  4258. stream. This may help resist certain attacks based on broken OS
  4259. entropy implementations. Closes part of ticket 17694.
  4260. - Use modern system calls (like getentropy() or getrandom()) to
  4261. generate strong entropy on platforms that have them. Closes
  4262. ticket 13696.
  4263. o Minor features (security, win32):
  4264. - Set SO_EXCLUSIVEADDRUSE on Win32 to avoid a local port-stealing
  4265. attack. Fixes bug 18123; bugfix on all tor versions. Patch
  4266. by teor.
  4267. o Minor features (unix domain sockets):
  4268. - Add a new per-socket option, RelaxDirModeCheck, to allow creating
  4269. Unix domain sockets without checking the permissions on the parent
  4270. directory. (Tor checks permissions by default because some
  4271. operating systems only check permissions on the parent directory.
  4272. However, some operating systems do look at permissions on the
  4273. socket, and tor's default check is unneeded.) Closes ticket 18458.
  4274. Patch by weasel.
  4275. o Minor features (unix file permissions):
  4276. - Defer creation of Unix sockets until after setuid. This avoids
  4277. needing CAP_CHOWN and CAP_FOWNER when using systemd's
  4278. CapabilityBoundingSet, or chown and fowner when using SELinux.
  4279. Implements part of ticket 17562. Patch from Jamie Nguyen.
  4280. - If any directory created by Tor is marked as group readable, the
  4281. filesystem group is allowed to be either the default GID or the
  4282. root user. Allowing root to read the DataDirectory prevents the
  4283. need for CAP_READ_SEARCH when using systemd's
  4284. CapabilityBoundingSet, or dac_read_search when using SELinux.
  4285. Implements part of ticket 17562. Patch from Jamie Nguyen.
  4286. - Introduce a new DataDirectoryGroupReadable option. If it is set to
  4287. 1, the DataDirectory will be made readable by the default GID.
  4288. Implements part of ticket 17562. Patch from Jamie Nguyen.
  4289. o Minor bugfixes (accounting):
  4290. - The max bandwidth when using 'AccountRule sum' is now correctly
  4291. logged. Fixes bug 18024; bugfix on 0.2.6.1-alpha. Patch
  4292. from "unixninja92".
  4293. o Minor bugfixes (assert, portability):
  4294. - Fix an assertion failure in memarea.c on systems where "long" is
  4295. shorter than the size of a pointer. Fixes bug 18716; bugfix
  4296. on 0.2.1.1-alpha.
  4297. o Minor bugfixes (bootstrap):
  4298. - Consistently use the consensus download schedule for authority
  4299. certificates. Fixes bug 18816; bugfix on 0.2.4.13-alpha.
  4300. o Minor bugfixes (build):
  4301. - Avoid spurious failures from configure files related to calling
  4302. exit(0) in TOR_SEARCH_LIBRARY. Fixes bug 18626; bugfix on
  4303. 0.2.0.1-alpha. Patch from "cypherpunks".
  4304. - Do not link the unit tests against both the testing and non-
  4305. testing versions of the static libraries. Fixes bug 18490; bugfix
  4306. on 0.2.7.1-alpha.
  4307. - Resolve warnings when building on systems that are concerned with
  4308. signed char. Fixes bug 18728; bugfix on 0.2.7.2-alpha
  4309. and 0.2.6.1-alpha.
  4310. - Silence spurious clang-scan warnings in the ed25519_donna code by
  4311. explicitly initializing some objects. Fixes bug 18384; bugfix on
  4312. 0.2.7.2-alpha. Patch by teor.
  4313. - When libscrypt.h is found, but no libscrypt library can be linked,
  4314. treat libscrypt as absent. Fixes bug 19161; bugfix
  4315. on 0.2.6.1-alpha.
  4316. - Cause the unit tests to compile correctly on mingw64 versions that
  4317. lack sscanf. Fixes bug 19213; bugfix on 0.2.7.1-alpha.
  4318. - Don't try to use the pthread_condattr_setclock() function unless
  4319. it actually exists. Fixes compilation on NetBSD-6.x. Fixes bug
  4320. 17819; bugfix on 0.2.6.3-alpha.
  4321. - Fix backtrace compilation on FreeBSD. Fixes bug 17827; bugfix
  4322. on 0.2.5.2-alpha.
  4323. - Fix search for libevent libraries on OpenBSD (and other systems
  4324. that install libevent 1 and libevent 2 in parallel). Fixes bug
  4325. 16651; bugfix on 0.1.0.7-rc. Patch from "rubiate".
  4326. - Isolate environment variables meant for tests from the rest of the
  4327. build system. Fixes bug 17818; bugfix on 0.2.7.3-rc.
  4328. - Mark all object files that include micro-revision.i as depending
  4329. on it, so as to make parallel builds more reliable. Fixes bug
  4330. 17826; bugfix on 0.2.5.1-alpha.
  4331. - Remove config.log only from make distclean, not from make clean.
  4332. Fixes bug 17924; bugfix on 0.2.4.1-alpha.
  4333. - Replace usage of 'INLINE' with 'inline'. Fixes bug 17804; bugfix
  4334. on 0.0.2pre8.
  4335. - Remove an #endif from configure.ac so that we correctly detect the
  4336. presence of in6_addr.s6_addr32. Fixes bug 17923; bugfix
  4337. on 0.2.0.13-alpha.
  4338. o Minor bugfixes (client, bootstrap):
  4339. - Count receipt of new microdescriptors as progress towards
  4340. bootstrapping. Previously, with EntryNodes set, Tor might not
  4341. successfully repopulate the guard set on bootstrapping. Fixes bug
  4342. 16825; bugfix on 0.2.3.1-alpha.
  4343. o Minor bugfixes (code correctness):
  4344. - Fix a bad memory handling bug that would occur if we had queued a
  4345. cell on a channel's incoming queue. Fortunately, we can't actually
  4346. queue a cell like that as our code is constructed today, but it's
  4347. best to avoid this kind of error, even if there isn't any code
  4348. that triggers it today. Fixes bug 18570; bugfix on 0.2.4.4-alpha.
  4349. - Assert that allocated memory held by the reputation code is freed
  4350. according to its internal counters. Fixes bug 17753; bugfix
  4351. on 0.1.1.1-alpha.
  4352. - Assert when the TLS contexts fail to initialize. Fixes bug 17683;
  4353. bugfix on 0.0.6.
  4354. - Update to the latest version of Trunnel, which tries harder to
  4355. avoid generating code that can invoke memcpy(p,NULL,0). Bug found
  4356. by clang address sanitizer. Fixes bug 18373; bugfix
  4357. on 0.2.7.2-alpha.
  4358. - When closing an entry connection, generate a warning if we should
  4359. have sent an end cell for it but we haven't. Fixes bug 17876;
  4360. bugfix on 0.2.3.2-alpha.
  4361. o Minor bugfixes (configuration):
  4362. - Fix a tiny memory leak when parsing a port configuration ending in
  4363. ":auto". Fixes bug 18374; bugfix on 0.2.3.3-alpha.
  4364. o Minor bugfixes (containers):
  4365. - If we somehow attempt to construct a heap with more than
  4366. 1073741822 elements, avoid an integer overflow when maintaining
  4367. the heap property. Fixes bug 18296; bugfix on 0.1.2.1-alpha.
  4368. o Minor bugfixes (controller, microdescriptors):
  4369. - Make GETINFO dir/status-vote/current/consensus conform to the
  4370. control specification by returning "551 Could not open cached
  4371. consensus..." when not caching consensuses. Fixes bug 18920;
  4372. bugfix on 0.2.2.6-alpha.
  4373. o Minor bugfixes (crypto):
  4374. - Check the return value of HMAC() and assert on failure. Fixes bug
  4375. 17658; bugfix on 0.2.3.6-alpha. Patch by teor.
  4376. o Minor bugfixes (directories):
  4377. - When fetching extrainfo documents, compare their SHA256 digests
  4378. and Ed25519 signing key certificates with the routerinfo that led
  4379. us to fetch them, rather than with the most recent routerinfo.
  4380. Otherwise we generate many spurious warnings about mismatches.
  4381. Fixes bug 17150; bugfix on 0.2.7.2-alpha.
  4382. - When generating a URL for a directory server on an IPv6 address,
  4383. wrap the IPv6 address in square brackets. Fixes bug 18051; bugfix
  4384. on 0.2.3.9-alpha. Patch from Malek.
  4385. o Minor bugfixes (downloading):
  4386. - Predict more correctly whether we'll be downloading over HTTP when
  4387. we determine the maximum length of a URL. This should avoid a
  4388. "BUG" warning about the Squid HTTP proxy and its URL limits. Fixes
  4389. bug 19191.
  4390. o Minor bugfixes (exit policies, security):
  4391. - Refresh an exit relay's exit policy when interface addresses
  4392. change. Previously, tor only refreshed the exit policy when the
  4393. configured external address changed. Fixes bug 18208; bugfix on
  4394. 0.2.7.3-rc. Patch by teor.
  4395. o Minor bugfixes (fallback directories):
  4396. - Mark fallbacks as "too busy" when they return a 503 response,
  4397. rather than just marking authorities. Fixes bug 17572; bugfix on
  4398. 0.2.4.7-alpha. Patch by teor.
  4399. - When requesting extrainfo descriptors from a trusted directory
  4400. server, check whether it is an authority or a fallback directory
  4401. which supports extrainfo descriptors. Fixes bug 18489; bugfix on
  4402. 0.2.4.7-alpha. Reported by atagar, patch by teor.
  4403. o Minor bugfixes (hidden service, client):
  4404. - Handle the case where the user makes several fast consecutive
  4405. requests to the same .onion address. Previously, the first six
  4406. requests would each trigger a descriptor fetch, each picking a
  4407. directory (there are 6 overall) and the seventh one would fail
  4408. because no directories were left, thereby triggering a close on
  4409. all current directory connections asking for the hidden service.
  4410. The solution here is to not close the connections if we have
  4411. pending directory fetches. Fixes bug 15937; bugfix
  4412. on 0.2.7.1-alpha.
  4413. o Minor bugfixes (hidden service, control port):
  4414. - Add the onion address to the HS_DESC event for the UPLOADED action
  4415. both on success or failure. It was previously hardcoded with
  4416. UNKNOWN. Fixes bug 16023; bugfix on 0.2.7.2-alpha.
  4417. o Minor bugfixes (hidden service, directory):
  4418. - Bridges now refuse "rendezvous2" (hidden service descriptor)
  4419. publish attempts. Suggested by ticket 18332.
  4420. o Minor bugfixes (IPv6):
  4421. - Update the limits in max_dl_per_request for IPv6 address length.
  4422. Fixes bug 17573; bugfix on 0.2.1.5-alpha.
  4423. o Minor bugfixes (Linux seccomp2 sandbox):
  4424. - Allow more syscalls when running with "Sandbox 1" enabled:
  4425. sysinfo, getsockopt(SO_SNDBUF), and setsockopt(SO_SNDBUFFORCE). On
  4426. some systems, these are required for Tor to start. Fixes bug
  4427. 18397; bugfix on 0.2.5.1-alpha. Patch from Daniel Pinto.
  4428. - Allow IPPROTO_UDP datagram sockets when running with "Sandbox 1",
  4429. so that get_interface_address6_via_udp_socket_hack() can work.
  4430. Fixes bug 19660; bugfix on 0.2.5.1-alpha.
  4431. - Allow the setrlimit syscall, and the prlimit and prlimit64
  4432. syscalls, which some libc implementations use under the hood.
  4433. Fixes bug 15221; bugfix on 0.2.5.1-alpha.
  4434. - Avoid a 10-second delay when starting as a client with "Sandbox 1"
  4435. enabled and no DNS resolvers configured. This should help TAILS
  4436. start up faster. Fixes bug 18548; bugfix on 0.2.5.1-alpha.
  4437. - Fix a crash when using offline master ed25519 keys with the Linux
  4438. seccomp2 sandbox enabled. Fixes bug 17675; bugfix on 0.2.7.3-rc.
  4439. - Allow statistics to be written to disk when "Sandbox 1" is
  4440. enabled. Fixes bugs 19556 and 19957; bugfix on 0.2.5.1-alpha and
  4441. 0.2.6.1-alpha respectively.
  4442. o Minor bugfixes (logging):
  4443. - In log messages that include a function name, use __FUNCTION__
  4444. instead of __PRETTY_FUNCTION__. In GCC, these are synonymous, but
  4445. with clang __PRETTY_FUNCTION__ has extra information we don't
  4446. need. Fixes bug 16563; bugfix on 0.0.2pre8. Fix by Tom van
  4447. der Woerdt.
  4448. - Remove needless quotes from a log message about unparseable
  4449. addresses. Fixes bug 17843; bugfix on 0.2.3.3-alpha.
  4450. - Scrub service name in "unrecognized service ID" log messages.
  4451. Fixes bug 18600; bugfix on 0.2.4.11-alpha.
  4452. - When logging information about an unparsable networkstatus vote or
  4453. consensus, do not say "vote" when we mean consensus. Fixes bug
  4454. 18368; bugfix on 0.2.0.8-alpha.
  4455. - When we can't generate a signing key because OfflineMasterKey is
  4456. set, do not imply that we should have been able to load it. Fixes
  4457. bug 18133; bugfix on 0.2.7.2-alpha.
  4458. - When logging a malformed hostname received through socks4, scrub
  4459. it if SafeLogging says we should. Fixes bug 17419; bugfix
  4460. on 0.1.1.16-rc.
  4461. o Minor bugfixes (memory safety):
  4462. - Avoid freeing an uninitialized pointer when opening a socket fails
  4463. in get_interface_addresses_ioctl(). Fixes bug 18454; bugfix on
  4464. 0.2.3.11-alpha. Reported by toralf and "cypherpunks", patch
  4465. by teor.
  4466. - Fix a memory leak in "tor --list-fingerprint". Fixes part of bug
  4467. 18672; bugfix on 0.2.5.1-alpha.
  4468. - Fix a memory leak in tor-gencert. Fixes part of bug 18672; bugfix
  4469. on 0.2.0.1-alpha.
  4470. o Minor bugfixes (pluggable transports):
  4471. - Avoid reporting a spurious error when we decide that we don't need
  4472. to terminate a pluggable transport because it has already exited.
  4473. Fixes bug 18686; bugfix on 0.2.5.5-alpha.
  4474. o Minor bugfixes (pointer arithmetic):
  4475. - Fix a bug in memarea_alloc() that could have resulted in remote
  4476. heap write access, if Tor had ever passed an unchecked size to
  4477. memarea_alloc(). Fortunately, all the sizes we pass to
  4478. memarea_alloc() are pre-checked to be less than 128 kilobytes.
  4479. Fixes bug 19150; bugfix on 0.2.1.1-alpha. Bug found by
  4480. Guido Vranken.
  4481. o Minor bugfixes (private directory):
  4482. - Prevent a race condition when creating private directories. Fixes
  4483. part of bug 17852; bugfix on 0.0.2pre13. Part of ticket 17852.
  4484. Patch from jsturgix. Found with Flawfinder.
  4485. o Minor bugfixes (relays):
  4486. - Check that both the ORPort and DirPort (if present) are reachable
  4487. before publishing a relay descriptor. Otherwise, relays publish a
  4488. descriptor with DirPort 0 when the DirPort reachability test takes
  4489. longer than the ORPort reachability test. Fixes bug 18050; bugfix
  4490. on 0.1.0.1-rc. Reported by "starlight", patch by teor.
  4491. - Resolve some edge cases where we might launch an ORPort
  4492. reachability check even when DisableNetwork is set. Noticed while
  4493. fixing bug 18616; bugfix on 0.2.3.9-alpha.
  4494. o Minor bugfixes (relays, hidden services):
  4495. - Refuse connection requests to private OR addresses unless
  4496. ExtendAllowPrivateAddresses is set. Previously, tor would connect,
  4497. then refuse to send any cells to a private address. Fixes bugs
  4498. 17674 and 8976; bugfix on 0.2.3.21-rc. Patch by teor.
  4499. o Minor bugfixes (security, hidden services):
  4500. - Prevent hidden services connecting to client-supplied rendezvous
  4501. addresses that are reserved as internal or multicast. Fixes bug
  4502. 8976; bugfix on 0.2.3.21-rc. Patch by dgoulet and teor.
  4503. o Minor bugfixes (statistics):
  4504. - Consistently check for overflow in round_*_to_next_multiple_of
  4505. functions, and add unit tests with additional and maximal values.
  4506. Fixes part of bug 13192; bugfix on 0.2.2.1-alpha.
  4507. - Handle edge cases in the laplace functions: avoid division by
  4508. zero, avoid taking the log of zero, and silence clang type
  4509. conversion warnings using round and trunc. Add unit tests for edge
  4510. cases with maximal values. Fixes part of bug 13192; bugfix
  4511. on 0.2.6.2-alpha.
  4512. - We now include consensus downloads via IPv6 in our directory-
  4513. request statistics. Fixes bug 18460; bugfix on 0.2.3.14-alpha.
  4514. o Minor bugfixes (test networks, IPv6):
  4515. - Allow internal IPv6 addresses in descriptors in test networks.
  4516. Fixes bug 17153; bugfix on 0.2.3.16-alpha. Patch by teor, reported
  4517. by karsten.
  4518. o Minor bugfixes (testing):
  4519. - Check the full results of SHA256 and SHA512 digests in the unit
  4520. tests. Bugfix on 0.2.2.4-alpha. Patch by teor.
  4521. - Fix a memory leak in the ntor test. Fixes bug 17778; bugfix
  4522. on 0.2.4.8-alpha.
  4523. - Fix a small memory leak that would occur when the
  4524. TestingEnableCellStatsEvent option was turned on. Fixes bug 18673;
  4525. bugfix on 0.2.5.2-alpha.
  4526. - Make unit tests pass on IPv6-only systems, and systems without
  4527. localhost addresses (like some FreeBSD jails). Fixes bug 17632;
  4528. bugfix on 0.2.7.3-rc. Patch by teor.
  4529. - The test for log_heartbeat was incorrectly failing in timezones
  4530. with non-integer offsets. Instead of comparing the end of the time
  4531. string against a constant, compare it to the output of
  4532. format_local_iso_time when given the correct input. Fixes bug
  4533. 18039; bugfix on 0.2.5.4-alpha.
  4534. - We no longer disable assertions in the unit tests when coverage is
  4535. enabled. Instead, we require you to say --disable-asserts-in-tests
  4536. to the configure script if you need assertions disabled in the
  4537. unit tests (for example, if you want to perform branch coverage).
  4538. Fixes bug 18242; bugfix on 0.2.7.1-alpha.
  4539. o Minor bugfixes (time handling):
  4540. - When correcting a corrupt 'struct tm' value, fill in the tm_wday
  4541. field. Otherwise, our unit tests crash on Windows. Fixes bug
  4542. 18977; bugfix on 0.2.2.25-alpha.
  4543. - Avoid overflow in tor_timegm when parsing dates in and after 2038
  4544. on platforms with 32-bit time_t. Fixes bug 18479; bugfix on
  4545. 0.0.2pre14. Patch by teor.
  4546. o Minor bugfixes (tor-gencert):
  4547. - Correctly handle the case where an authority operator enters a
  4548. passphrase but sends an EOF before sending a newline. Fixes bug
  4549. 17443; bugfix on 0.2.0.20-rc. Found by junglefowl.
  4550. o Code simplification and refactoring:
  4551. - Clean up a little duplicated code in
  4552. crypto_expand_key_material_TAP(). Closes ticket 17587; patch
  4553. from "pfrankw".
  4554. - Decouple the list of streams waiting to be attached to circuits
  4555. from the overall connection list. This change makes it possible to
  4556. attach streams quickly while simplifying Tor's callgraph and
  4557. avoiding O(N) scans of the entire connection list. Closes
  4558. ticket 17590.
  4559. - Extract the more complicated parts of circuit_mark_for_close()
  4560. into a new function that we run periodically before circuits are
  4561. freed. This change removes more than half of the functions
  4562. currently in the "blob". Closes ticket 17218.
  4563. - Move logging of redundant policy entries in
  4564. policies_parse_exit_policy_internal into its own function. Closes
  4565. ticket 17608; patch from "juce".
  4566. - Quote all the string interpolations in configure.ac -- even those
  4567. which we are pretty sure can't contain spaces. Closes ticket
  4568. 17744. Patch from zerosion.
  4569. - Remove code for configuring OpenSSL dynamic locks; OpenSSL doesn't
  4570. use them. Closes ticket 17926.
  4571. - Remove specialized code for non-inplace AES_CTR. 99% of our AES is
  4572. inplace, so there's no need to have a separate implementation for
  4573. the non-inplace code. Closes ticket 18258. Patch from Malek.
  4574. - Simplify return types for some crypto functions that can't
  4575. actually fail. Patch from Hassan Alsibyani. Closes ticket 18259.
  4576. - When a direct directory request fails immediately on launch,
  4577. instead of relaunching that request from inside the code that
  4578. launches it, instead mark the connection for teardown. This change
  4579. simplifies Tor's callback and prevents the directory-request
  4580. launching code from invoking itself recursively. Closes
  4581. ticket 17589.
  4582. o Documentation:
  4583. - Add a description of the correct use of the '--keygen' command-
  4584. line option. Closes ticket 17583; based on text by 's7r'.
  4585. - Change build messages to refer to "Fedora" instead of "Fedora
  4586. Core", and "dnf" instead of "yum". Closes tickets 18459 and 18426.
  4587. Patches from "icanhasaccount" and "cypherpunks".
  4588. - Document the contents of the 'datadir/keys' subdirectory in the
  4589. manual page. Closes ticket 17621.
  4590. - Document the minimum HeartbeatPeriod value. Closes ticket 15638.
  4591. - Explain actual minima for BandwidthRate. Closes ticket 16382.
  4592. - Fix a minor formatting typo in the manpage. Closes ticket 17791.
  4593. - Mention torspec URL in the manpage and point the reader to it
  4594. whenever we mention a document that belongs in torspce. Fixes
  4595. issue 17392.
  4596. - Stop recommending use of nicknames to identify relays in our
  4597. MapAddress documentation. Closes ticket 18312.
  4598. o Removed features:
  4599. - Remove client-side support for connecting to Tor relays running
  4600. versions of Tor before 0.2.3.6-alpha. These relays didn't support
  4601. the v3 TLS handshake protocol, and are no longer allowed on the
  4602. Tor network. Implements the client side of ticket 11150. Based on
  4603. patches by Tom van der Woerdt.
  4604. - We no longer maintain an internal freelist in memarea.c.
  4605. Allocators should be good enough to make this code unnecessary,
  4606. and it's doubtful that it ever had any performance benefit.
  4607. o Testing:
  4608. - Add unit tests to check for common RNG failure modes, such as
  4609. returning all zeroes, identical values, or incrementing values
  4610. (OpenSSL's rand_predictable feature). Patch by teor.
  4611. - Always test both ed25519 backends, so that we can be sure that our
  4612. batch-open replacement code works. Part of ticket 16794.
  4613. - Cover dns_resolve_impl() in dns.c with unit tests. Implements a
  4614. portion of ticket 16831.
  4615. - Fix several warnings from clang's address sanitizer produced in
  4616. the unit tests.
  4617. - Log more information when the backtrace tests fail. Closes ticket
  4618. 17892. Patch from "cypherpunks."
  4619. - More unit tests for compat_libevent.c, procmon.c, tortls.c,
  4620. util_format.c, directory.c, and options_validate.c. Closes tickets
  4621. 17075, 17082, 17084, 17003, and 17076 respectively. Patches from
  4622. Ola Bini.
  4623. - Treat backtrace test failures as expected on FreeBSD until we
  4624. solve bug 17808. Closes ticket 18204.
  4625. - Unit tests for directory_handle_command_get. Closes ticket 17004.
  4626. Patch from Reinaldo de Souza Jr.
  4627. Changes in version 0.2.7.6 - 2015-12-10
  4628. Tor version 0.2.7.6 fixes a major bug in entry guard selection, as
  4629. well as a minor bug in hidden service reliability.
  4630. o Major bugfixes (guard selection):
  4631. - Actually look at the Guard flag when selecting a new directory
  4632. guard. When we implemented the directory guard design, we
  4633. accidentally started treating all relays as if they have the Guard
  4634. flag during guard selection, leading to weaker anonymity and worse
  4635. performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered
  4636. by Mohsen Imani.
  4637. o Minor features (geoip):
  4638. - Update geoip and geoip6 to the December 1 2015 Maxmind GeoLite2
  4639. Country database.
  4640. o Minor bugfixes (compilation):
  4641. - When checking for net/pfvar.h, include netinet/in.h if possible.
  4642. This fixes transparent proxy detection on OpenBSD. Fixes bug
  4643. 17551; bugfix on 0.1.2.1-alpha. Patch from "rubiate".
  4644. - Fix a compilation warning with Clang 3.6: Do not check the
  4645. presence of an address which can never be NULL. Fixes bug 17781.
  4646. o Minor bugfixes (correctness):
  4647. - When displaying an IPv6 exit policy, include the mask bits
  4648. correctly even when the number is greater than 31. Fixes bug
  4649. 16056; bugfix on 0.2.4.7-alpha. Patch from "gturner".
  4650. - The wrong list was used when looking up expired intro points in a
  4651. rend service object, causing what we think could be reachability
  4652. issues for hidden services, and triggering a BUG log. Fixes bug
  4653. 16702; bugfix on 0.2.7.2-alpha.
  4654. - Fix undefined behavior in the tor_cert_checksig function. Fixes
  4655. bug 17722; bugfix on 0.2.7.2-alpha.
  4656. Changes in version 0.2.7.5 - 2015-11-20
  4657. The Tor 0.2.7 release series is dedicated to the memory of Tor user
  4658. and privacy advocate Caspar Bowden (1961-2015). Caspar worked
  4659. tirelessly to advocate human rights regardless of national borders,
  4660. and oppose the encroachments of mass surveillance. He opposed national
  4661. exceptionalism, he brought clarity to legal and policy debates, he
  4662. understood and predicted the impact of mass surveillance on the world,
  4663. and he laid the groundwork for resisting it. While serving on the Tor
  4664. Project's board of directors, he brought us his uncompromising focus
  4665. on technical excellence in the service of humankind. Caspar was an
  4666. inimitable force for good and a wonderful friend. He was kind,
  4667. humorous, generous, gallant, and believed we should protect one
  4668. another without exception. We honor him here for his ideals, his
  4669. efforts, and his accomplishments. Please honor his memory with works
  4670. that would make him proud.
  4671. Tor 0.2.7.5 is the first stable release in the Tor 0.2.7 series.
  4672. The 0.2.7 series adds a more secure identity key type for relays,
  4673. improves cryptography performance, resolves several longstanding
  4674. hidden-service performance issues, improves controller support for
  4675. hidden services, and includes small bugfixes and performance
  4676. improvements throughout the program. This release series also includes
  4677. more tests than before, and significant simplifications to which parts
  4678. of Tor invoke which others. For a full list of changes, see below.
  4679. o New system requirements:
  4680. - Tor no longer includes workarounds to support Libevent versions
  4681. before 1.3e. Libevent 2.0 or later is recommended. Closes
  4682. ticket 15248.
  4683. - Tor no longer supports copies of OpenSSL that are missing support
  4684. for Elliptic Curve Cryptography. (We began using ECC when
  4685. available in 0.2.4.8-alpha, for more safe and efficient key
  4686. negotiation.) In particular, support for at least one of P256 or
  4687. P224 is now required, with manual configuration needed if only
  4688. P224 is available. Resolves ticket 16140.
  4689. - Tor no longer supports versions of OpenSSL before 1.0. (If you are
  4690. on an operating system that has not upgraded to OpenSSL 1.0 or
  4691. later, and you compile Tor from source, you will need to install a
  4692. more recent OpenSSL to link Tor against.) These versions of
  4693. OpenSSL are still supported by the OpenSSL, but the numerous
  4694. cryptographic improvements in later OpenSSL releases makes them a
  4695. clear choice. Resolves ticket 16034.
  4696. o Major features (controller):
  4697. - Add the ADD_ONION and DEL_ONION commands that allow the creation
  4698. and management of hidden services via the controller. Closes
  4699. ticket 6411.
  4700. - New "GETINFO onions/current" and "GETINFO onions/detached"
  4701. commands to get information about hidden services created via the
  4702. controller. Part of ticket 6411.
  4703. - New HSFETCH command to launch a request for a hidden service
  4704. descriptor. Closes ticket 14847.
  4705. - New HSPOST command to upload a hidden service descriptor. Closes
  4706. ticket 3523. Patch by "DonnchaC".
  4707. o Major features (Ed25519 identity keys, Proposal 220):
  4708. - Add support for offline encrypted Ed25519 master keys. To use this
  4709. feature on your tor relay, run "tor --keygen" to make a new master
  4710. key (or to make a new signing key if you already have a master
  4711. key). Closes ticket 13642.
  4712. - All relays now maintain a stronger identity key, using the Ed25519
  4713. elliptic curve signature format. This master key is designed so
  4714. that it can be kept offline. Relays also generate an online
  4715. signing key, and a set of other Ed25519 keys and certificates.
  4716. These are all automatically regenerated and rotated as needed.
  4717. Implements part of ticket 12498.
  4718. - Directory authorities now vote on Ed25519 identity keys along with
  4719. RSA1024 keys. Implements part of ticket 12498.
  4720. - Directory authorities track which Ed25519 identity keys have been
  4721. used with which RSA1024 identity keys, and do not allow them to
  4722. vary freely. Implements part of ticket 12498.
  4723. - Microdescriptors now include Ed25519 identity keys. Implements
  4724. part of ticket 12498.
  4725. - Add a --newpass option to allow changing or removing the
  4726. passphrase of an encrypted key with tor --keygen. Implements part
  4727. of ticket 16769.
  4728. - Add a new OfflineMasterKey option to tell Tor never to try loading
  4729. or generating a secret Ed25519 identity key. You can use this in
  4730. combination with tor --keygen to manage offline and/or encrypted
  4731. Ed25519 keys. Implements ticket 16944.
  4732. - On receiving a HUP signal, check to see whether the Ed25519
  4733. signing key has changed, and reload it if so. Closes ticket 16790.
  4734. - Significant usability improvements for Ed25519 key management. Log
  4735. messages are better, and the code can recover from far more
  4736. failure conditions. Thanks to "s7r" for reporting and diagnosing
  4737. so many of these!
  4738. o Major features (ECC performance):
  4739. - Improve the runtime speed of Ed25519 signature verification by
  4740. using Ed25519-donna's batch verification support. Implements
  4741. ticket 16533.
  4742. - Improve the speed of Ed25519 operations and Curve25519 keypair
  4743. generation when built targeting 32 bit x86 platforms with SSE2
  4744. available. Implements ticket 16535.
  4745. - Improve the runtime speed of Ed25519 operations by using the
  4746. public-domain Ed25519-donna by Andrew M. ("floodyberry").
  4747. Implements ticket 16467.
  4748. - Improve the runtime speed of the ntor handshake by using an
  4749. optimized curve25519 basepoint scalarmult implementation from the
  4750. public-domain Ed25519-donna by Andrew M. ("floodyberry"), based on
  4751. ideas by Adam Langley. Implements ticket 9663.
  4752. o Major features (Hidden services):
  4753. - Hidden services, if using the EntryNodes option, are required to
  4754. use more than one EntryNode, in order to avoid a guard discovery
  4755. attack. (This would only affect people who had configured hidden
  4756. services and manually specified the EntryNodes option with a
  4757. single entry-node. The impact was that it would be easy to
  4758. remotely identify the guard node used by such a hidden service.
  4759. See ticket for more information.) Fixes ticket 14917.
  4760. - Add the torrc option HiddenServiceNumIntroductionPoints, to
  4761. specify a fixed number of introduction points. Its maximum value
  4762. is 10 and default is 3. Using this option can increase a hidden
  4763. service's reliability under load, at the cost of making it more
  4764. visible that the hidden service is facing extra load. Closes
  4765. ticket 4862.
  4766. - Remove the adaptive algorithm for choosing the number of
  4767. introduction points, which used to change the number of
  4768. introduction points (poorly) depending on the number of
  4769. connections the HS sees. Closes ticket 4862.
  4770. o Major features (onion key cross-certification):
  4771. - Relay descriptors now include signatures of their own identity
  4772. keys, made using the TAP and ntor onion keys. These signatures
  4773. allow relays to prove ownership of their own onion keys. Because
  4774. of this change, microdescriptors will no longer need to include
  4775. RSA identity keys. Implements proposal 228; closes ticket 12499.
  4776. o Major bugfixes (client-side privacy, also in 0.2.6.9):
  4777. - Properly separate out each SOCKSPort when applying stream
  4778. isolation. The error occurred because each port's session group
  4779. was being overwritten by a default value when the listener
  4780. connection was initialized. Fixes bug 16247; bugfix on
  4781. 0.2.6.3-alpha. Patch by "jojelino".
  4782. o Major bugfixes (hidden service clients, stability, also in 0.2.6.10):
  4783. - Stop refusing to store updated hidden service descriptors on a
  4784. client. This reverts commit 9407040c59218 (which indeed fixed bug
  4785. 14219, but introduced a major hidden service reachability
  4786. regression detailed in bug 16381). This is a temporary fix since
  4787. we can live with the minor issue in bug 14219 (it just results in
  4788. some load on the network) but the regression of 16381 is too much
  4789. of a setback. First-round fix for bug 16381; bugfix
  4790. on 0.2.6.3-alpha.
  4791. o Major bugfixes (hidden services):
  4792. - Revert commit that made directory authorities assign the HSDir
  4793. flag to relays without a DirPort; this was bad because such relays
  4794. can't handle BEGIN_DIR cells. Fixes bug 15850; bugfix
  4795. on 0.2.6.3-alpha.
  4796. - When cannibalizing a circuit for an introduction point, always
  4797. extend to the chosen exit node (creating a 4 hop circuit).
  4798. Previously Tor would use the current circuit exit node, which
  4799. changed the original choice of introduction point, and could cause
  4800. the hidden service to skip excluded introduction points or
  4801. reconnect to a skipped introduction point. Fixes bug 16260; bugfix
  4802. on 0.1.0.1-rc.
  4803. o Major bugfixes (memory leaks):
  4804. - Fix a memory leak in ed25519 batch signature checking. Fixes bug
  4805. 17398; bugfix on 0.2.6.1-alpha.
  4806. o Major bugfixes (open file limit):
  4807. - The open file limit wasn't checked before calling
  4808. tor_accept_socket_nonblocking(), which would make Tor exceed the
  4809. limit. Now, before opening a new socket, Tor validates the open
  4810. file limit just before, and if the max has been reached, return an
  4811. error. Fixes bug 16288; bugfix on 0.1.1.1-alpha.
  4812. o Major bugfixes (security, correctness):
  4813. - Fix an error that could cause us to read 4 bytes before the
  4814. beginning of an openssl string. This bug could be used to cause
  4815. Tor to crash on systems with unusual malloc implementations, or
  4816. systems with unusual hardening installed. Fixes bug 17404; bugfix
  4817. on 0.2.3.6-alpha.
  4818. o Major bugfixes (stability, also in 0.2.6.10):
  4819. - Stop crashing with an assertion failure when parsing certain kinds
  4820. of malformed or truncated microdescriptors. Fixes bug 16400;
  4821. bugfix on 0.2.6.1-alpha. Found by "torkeln"; fix based on a patch
  4822. by "cypherpunks_backup".
  4823. - Stop random client-side assertion failures that could occur when
  4824. connecting to a busy hidden service, or connecting to a hidden
  4825. service while a NEWNYM is in progress. Fixes bug 16013; bugfix
  4826. on 0.1.0.1-rc.
  4827. o Minor features (client, SOCKS):
  4828. - Add GroupWritable and WorldWritable options to unix-socket based
  4829. SocksPort and ControlPort options. These options apply to a single
  4830. socket, and override {Control,Socks}SocketsGroupWritable. Closes
  4831. ticket 15220.
  4832. - Relax the validation done to hostnames in SOCKS5 requests, and
  4833. allow a single trailing '.' to cope with clients that pass FQDNs
  4834. using that syntax to explicitly indicate that the domain name is
  4835. fully-qualified. Fixes bug 16674; bugfix on 0.2.6.2-alpha.
  4836. - Relax the validation of hostnames in SOCKS5 requests, allowing the
  4837. character '_' to appear, in order to cope with domains observed in
  4838. the wild that are serving non-RFC compliant records. Resolves
  4839. ticket 16430.
  4840. o Minor features (client-side privacy):
  4841. - New KeepAliveIsolateSOCKSAuth option to indefinitely extend circuit
  4842. lifespan when IsolateSOCKSAuth and streams with SOCKS
  4843. authentication are attached to the circuit. This allows
  4844. applications like TorBrowser to manage circuit lifetime on their
  4845. own. Implements feature 15482.
  4846. - When logging malformed hostnames from SOCKS5 requests, respect
  4847. SafeLogging configuration. Fixes bug 16891; bugfix on 0.1.1.16-rc.
  4848. o Minor features (clock-jump tolerance):
  4849. - Recover better when our clock jumps back many hours, like might
  4850. happen for Tails or Whonix users who start with a very wrong
  4851. hardware clock, use Tor to discover a more accurate time, and then
  4852. fix their clock. Resolves part of ticket 8766.
  4853. o Minor features (command-line interface):
  4854. - Make --hash-password imply --hush to prevent unnecessary noise.
  4855. Closes ticket 15542. Patch from "cypherpunks".
  4856. - Print a warning whenever we find a relative file path being used
  4857. as torrc option. Resolves issue 14018.
  4858. o Minor features (compilation):
  4859. - Give a warning as early as possible when trying to build with an
  4860. unsupported OpenSSL version. Closes ticket 16901.
  4861. - Use C99 variadic macros when the compiler is not GCC. This avoids
  4862. failing compilations on MSVC, and fixes a log-file-based race
  4863. condition in our old workarounds. Original patch from Gisle Vanem.
  4864. o Minor features (control protocol):
  4865. - Support network-liveness GETINFO key and NETWORK_LIVENESS event in
  4866. the control protocol. Resolves ticket 15358.
  4867. o Minor features (controller):
  4868. - Add DirAuthority lines for default directory authorities to the
  4869. output of the "GETINFO config/defaults" command if not already
  4870. present. Implements ticket 14840.
  4871. - Controllers can now use "GETINFO hs/client/desc/id/..." to
  4872. retrieve items from the client's hidden service descriptor cache.
  4873. Closes ticket 14845.
  4874. - Implement a new controller command "GETINFO status/fresh-relay-
  4875. descs" to fetch a descriptor/extrainfo pair that was generated on
  4876. demand just for the controller's use. Implements ticket 14784.
  4877. o Minor features (directory authorities):
  4878. - Directory authorities no longer vote against the "Fast", "Stable",
  4879. and "HSDir" flags just because they were going to vote against
  4880. "Running": if the consensus turns out to be that the router was
  4881. running, then the authority's vote should count. Patch from Peter
  4882. Retzlaff; closes issue 8712.
  4883. o Minor features (directory authorities, security, also in 0.2.6.9):
  4884. - The HSDir flag given by authorities now requires the Stable flag.
  4885. For the current network, this results in going from 2887 to 2806
  4886. HSDirs. Also, it makes it harder for an attacker to launch a sybil
  4887. attack by raising the effort for a relay to become Stable to
  4888. require at the very least 7 days, while maintaining the 96 hours
  4889. uptime requirement for HSDir. Implements ticket 8243.
  4890. o Minor features (DoS-resistance):
  4891. - Make it harder for attackers to overload hidden services with
  4892. introductions, by blocking multiple introduction requests on the
  4893. same circuit. Resolves ticket 15515.
  4894. o Minor features (geoip):
  4895. - Update geoip and geoip6 to the October 9 2015 Maxmind GeoLite2
  4896. Country database.
  4897. o Minor features (hidden services):
  4898. - Add the new options "HiddenServiceMaxStreams" and
  4899. "HiddenServiceMaxStreamsCloseCircuit" to allow hidden services to
  4900. limit the maximum number of simultaneous streams per circuit, and
  4901. optionally tear down the circuit when the limit is exceeded. Part
  4902. of ticket 16052.
  4903. - Client now uses an introduction point failure cache to know when
  4904. to fetch or keep a descriptor in their cache. Previously, failures
  4905. were recorded implicitly, but not explicitly remembered. Closes
  4906. ticket 16389.
  4907. - Relays need to have the Fast flag to get the HSDir flag. As this
  4908. is being written, we'll go from 2745 HSDirs down to 2342, a ~14%
  4909. drop. This change should make some attacks against the hidden
  4910. service directory system harder. Fixes ticket 15963.
  4911. - Turn on hidden service statistics collection by setting the torrc
  4912. option HiddenServiceStatistics to "1" by default. (This keeps
  4913. track only of the fraction of traffic used by hidden services, and
  4914. the total number of hidden services in existence.) Closes
  4915. ticket 15254.
  4916. - To avoid leaking HS popularity, don't cycle the introduction point
  4917. when we've handled a fixed number of INTRODUCE2 cells but instead
  4918. cycle it when a random number of introductions is reached, thus
  4919. making it more difficult for an attacker to find out the amount of
  4920. clients that have used the introduction point for a specific HS.
  4921. Closes ticket 15745.
  4922. o Minor features (logging):
  4923. - Include the Tor version in all LD_BUG log messages, since people
  4924. tend to cut and paste those into the bugtracker. Implements
  4925. ticket 15026.
  4926. o Minor features (pluggable transports):
  4927. - When launching managed pluggable transports on Linux systems,
  4928. attempt to have the kernel deliver a SIGTERM on tor exit if the
  4929. pluggable transport process is still running. Resolves
  4930. ticket 15471.
  4931. - When launching managed pluggable transports, setup a valid open
  4932. stdin in the child process that can be used to detect if tor has
  4933. terminated. The "TOR_PT_EXIT_ON_STDIN_CLOSE" environment variable
  4934. can be used by implementations to detect this new behavior.
  4935. Resolves ticket 15435.
  4936. o Minor bugfixes (torrc exit policies):
  4937. - In each instance above, usage advice is provided to avoid the
  4938. message. Resolves ticket 16069. Patch by "teor". Fixes part of bug
  4939. 16069; bugfix on 0.2.4.7-alpha.
  4940. - In torrc, "accept6 *" and "reject6 *" ExitPolicy lines now only
  4941. produce IPv6 wildcard addresses. Previously they would produce
  4942. both IPv4 and IPv6 wildcard addresses. Patch by "teor". Fixes part
  4943. of bug 16069; bugfix on 0.2.4.7-alpha.
  4944. - When parsing torrc ExitPolicies, we now issue an info-level
  4945. message when expanding an "accept/reject *" line to include both
  4946. IPv4 and IPv6 wildcard addresses. Related to ticket 16069.
  4947. - When parsing torrc ExitPolicies, we now warn for a number of cases
  4948. where the user's intent is likely to differ from Tor's actual
  4949. behavior. These include: using an IPv4 address with an accept6 or
  4950. reject6 line; using "private" on an accept6 or reject6 line; and
  4951. including any ExitPolicy lines after accept *:* or reject *:*.
  4952. Related to ticket 16069.
  4953. o Minor bugfixes (command-line interface):
  4954. - When "--quiet" is provided along with "--validate-config", do not
  4955. write anything to stdout on success. Fixes bug 14994; bugfix
  4956. on 0.2.3.3-alpha.
  4957. - When complaining about bad arguments to "--dump-config", use
  4958. stderr, not stdout.
  4959. - Print usage information for --dump-config when it is used without
  4960. an argument. Also, fix the error message to use different wording
  4961. and add newline at the end. Fixes bug 15541; bugfix
  4962. on 0.2.5.1-alpha.
  4963. o Minor bugfixes (compilation):
  4964. - Fix compilation of sandbox.c with musl-libc. Fixes bug 17347;
  4965. bugfix on 0.2.5.1-alpha. Patch from 'jamestk'.
  4966. - Repair compilation with the most recent (unreleased, alpha)
  4967. vesions of OpenSSL 1.1. Fixes part of ticket 17237.
  4968. o Minor bugfixes (compilation, also in 0.2.6.9):
  4969. - Build with --enable-systemd correctly when libsystemd is
  4970. installed, but systemd is not. Fixes bug 16164; bugfix on
  4971. 0.2.6.3-alpha. Patch from Peter Palfrader.
  4972. o Minor bugfixes (configuration, unit tests):
  4973. - Only add the default fallback directories when the DirAuthorities,
  4974. AlternateDirAuthority, and FallbackDir directory config options
  4975. are set to their defaults. The default fallback directory list is
  4976. currently empty, this fix will only change tor's behavior when it
  4977. has default fallback directories. Includes unit tests for
  4978. consider_adding_dir_servers(). Fixes bug 15642; bugfix on
  4979. 90f6071d8dc0 in 0.2.4.7-alpha. Patch by "teor".
  4980. o Minor bugfixes (controller):
  4981. - Add the descriptor ID in each HS_DESC control event. It was
  4982. missing, but specified in control-spec.txt. Fixes bug 15881;
  4983. bugfix on 0.2.5.2-alpha.
  4984. o Minor bugfixes (correctness):
  4985. - For correctness, avoid modifying a constant string in
  4986. handle_control_postdescriptor. Fixes bug 15546; bugfix
  4987. on 0.1.1.16-rc.
  4988. - Remove side-effects from tor_assert() calls. This was harmless,
  4989. because we never disable assertions, but it is bad style and
  4990. unnecessary. Fixes bug 15211; bugfix on 0.2.5.5, 0.2.2.36,
  4991. and 0.2.0.10.
  4992. - When calling channel_free_list(), avoid calling smartlist_remove()
  4993. while inside a FOREACH loop. This partially reverts commit
  4994. 17356fe7fd96af where the correct SMARTLIST_DEL_CURRENT was
  4995. incorrectly removed. Fixes bug 16924; bugfix on 0.2.4.4-alpha.
  4996. o Minor bugfixes (crypto error-handling, also in 0.2.6.10):
  4997. - Check for failures from crypto_early_init, and refuse to continue.
  4998. A previous typo meant that we could keep going with an
  4999. uninitialized crypto library, and would have OpenSSL initialize
  5000. its own PRNG. Fixes bug 16360; bugfix on 0.2.5.2-alpha, introduced
  5001. when implementing ticket 4900. Patch by "teor".
  5002. o Minor bugfixes (hidden service):
  5003. - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on
  5004. a client authorized hidden service. Fixes bug 15823; bugfix
  5005. on 0.2.1.6-alpha.
  5006. - Remove an extraneous newline character from the end of hidden
  5007. service descriptors. Fixes bug 15296; bugfix on 0.2.0.10-alpha.
  5008. o Minor bugfixes (Linux seccomp2 sandbox):
  5009. - Use the sandbox in tor_open_cloexec whether or not O_CLOEXEC is
  5010. defined. Patch by "teor". Fixes bug 16515; bugfix on 0.2.3.1-alpha.
  5011. - Allow bridge authorities to run correctly under the seccomp2
  5012. sandbox. Fixes bug 16964; bugfix on 0.2.5.1-alpha.
  5013. - Add the "hidserv-stats" filename to our sandbox filter for the
  5014. HiddenServiceStatistics option to work properly. Fixes bug 17354;
  5015. bugfix on 0.2.6.2-alpha. Patch from David Goulet.
  5016. o Minor bugfixes (Linux seccomp2 sandbox, also in 0.2.6.10):
  5017. - Allow pipe() and pipe2() syscalls in the seccomp2 sandbox: we need
  5018. these when eventfd2() support is missing. Fixes bug 16363; bugfix
  5019. on 0.2.6.3-alpha. Patch from "teor".
  5020. o Minor bugfixes (Linux seccomp2 sandbox, also in 0.2.6.9):
  5021. - Allow systemd connections to work with the Linux seccomp2 sandbox
  5022. code. Fixes bug 16212; bugfix on 0.2.6.2-alpha. Patch by
  5023. Peter Palfrader.
  5024. - Fix sandboxing to work when running as a relay, by allowing the
  5025. renaming of secret_id_key, and allowing the eventfd2 and futex
  5026. syscalls. Fixes bug 16244; bugfix on 0.2.6.1-alpha. Patch by
  5027. Peter Palfrader.
  5028. o Minor bugfixes (logging):
  5029. - When building Tor under Clang, do not include an extra set of
  5030. parentheses in log messages that include function names. Fixes bug
  5031. 15269; bugfix on every released version of Tor when compiled with
  5032. recent enough Clang.
  5033. o Minor bugfixes (network):
  5034. - When attempting to use fallback technique for network interface
  5035. lookup, disregard loopback and multicast addresses since they are
  5036. unsuitable for public communications.
  5037. o Minor bugfixes (open file limit):
  5038. - Fix set_max_file_descriptors() to set by default the max open file
  5039. limit to the current limit when setrlimit() fails. Fixes bug
  5040. 16274; bugfix on tor- 0.2.0.10-alpha. Patch by dgoulet.
  5041. o Minor bugfixes (portability):
  5042. - Check correctly for Windows socket errors in the workqueue
  5043. backend. Fixes bug 16741; bugfix on 0.2.6.3-alpha.
  5044. - Try harder to normalize the exit status of the Tor process to the
  5045. standard-provided range. Fixes bug 16975; bugfix on every version
  5046. of Tor ever.
  5047. - Use libexecinfo on FreeBSD to enable backtrace support. Fixes part
  5048. of bug 17151; bugfix on 0.2.5.2-alpha. Patch from Marcin Cieślak.
  5049. o Minor bugfixes (relay):
  5050. - Ensure that worker threads actually exit when a fatal error or
  5051. shutdown is indicated. This fix doesn't currently affect the
  5052. behavior of Tor, because Tor workers never indicates fatal error
  5053. or shutdown except in the unit tests. Fixes bug 16868; bugfix
  5054. on 0.2.6.3-alpha.
  5055. - Fix a rarely-encountered memory leak when failing to initialize
  5056. the thread pool. Fixes bug 16631; bugfix on 0.2.6.3-alpha. Patch
  5057. from "cypherpunks".
  5058. - Unblock threads before releasing the work queue mutex to ensure
  5059. predictable scheduling behavior. Fixes bug 16644; bugfix
  5060. on 0.2.6.3-alpha.
  5061. o Minor bugfixes (security, exit policies):
  5062. - ExitPolicyRejectPrivate now also rejects the relay's published
  5063. IPv6 address (if any), and any publicly routable IPv4 or IPv6
  5064. addresses on any local interfaces. ticket 17027. Patch by "teor".
  5065. Fixes bug 17027; bugfix on 0.2.0.11-alpha.
  5066. o Minor bugfixes (statistics):
  5067. - Disregard the ConnDirectionStatistics torrc options when Tor is
  5068. not a relay since in that mode of operation no sensible data is
  5069. being collected and because Tor might run into measurement hiccups
  5070. when running as a client for some time, then becoming a relay.
  5071. Fixes bug 15604; bugfix on 0.2.2.35.
  5072. o Minor bugfixes (systemd):
  5073. - Tor's systemd unit file no longer contains extraneous spaces.
  5074. These spaces would sometimes confuse tools like deb-systemd-
  5075. helper. Fixes bug 16162; bugfix on 0.2.5.5-alpha.
  5076. o Minor bugfixes (test networks):
  5077. - When self-testing reachability, use ExtendAllowPrivateAddresses to
  5078. determine if local/private addresses imply reachability. The
  5079. previous fix used TestingTorNetwork, which implies
  5080. ExtendAllowPrivateAddresses, but this excluded rare configurations
  5081. where ExtendAllowPrivateAddresses is set but TestingTorNetwork is
  5082. not. Fixes bug 15771; bugfix on 0.2.6.1-alpha. Patch by "teor",
  5083. issue discovered by CJ Ess.
  5084. o Minor bugfixes (tests, also in 0.2.6.9):
  5085. - Fix a crash in the unit tests when built with MSVC2013. Fixes bug
  5086. 16030; bugfix on 0.2.6.2-alpha. Patch from "NewEraCracker".
  5087. o Code simplification and refactoring:
  5088. - Change the function that's called when we need to retry all
  5089. downloads so that it only reschedules the downloads to happen
  5090. immediately, rather than launching them all at once itself. This
  5091. further simplifies Tor's callgraph.
  5092. - Define WINVER and _WIN32_WINNT centrally, in orconfig.h, in order
  5093. to ensure they remain consistent and visible everywhere.
  5094. - Move some format-parsing functions out of crypto.c and
  5095. crypto_curve25519.c into crypto_format.c and/or util_format.c.
  5096. - Move the client-only parts of init_keys() into a separate
  5097. function. Closes ticket 16763.
  5098. - Move the hacky fallback code out of get_interface_address6() into
  5099. separate function and get it covered with unit-tests. Resolves
  5100. ticket 14710.
  5101. - Refactor hidden service client-side cache lookup to intelligently
  5102. report its various failure cases, and disentangle failure cases
  5103. involving a lack of introduction points. Closes ticket 14391.
  5104. - Remove some vestigial workarounds for the MSVC6 compiler. We
  5105. haven't supported that in ages.
  5106. - Remove the unused "nulterminate" argument from buf_pullup().
  5107. - Simplify the microdesc_free() implementation so that it no longer
  5108. appears (to code analysis tools) to potentially invoke a huge
  5109. suite of other microdesc functions.
  5110. - Simply the control graph further by deferring the inner body of
  5111. directory_all_unreachable() into a callback. Closes ticket 16762.
  5112. - The link authentication code has been refactored for better
  5113. testability and reliability. It now uses code generated with the
  5114. "trunnel" binary encoding generator, to reduce the risk of bugs
  5115. due to programmer error. Done as part of ticket 12498.
  5116. - Treat the loss of an owning controller as equivalent to a SIGTERM
  5117. signal. This removes a tiny amount of duplicated code, and
  5118. simplifies our callgraph. Closes ticket 16788.
  5119. - Use our own Base64 encoder instead of OpenSSL's, to allow more
  5120. control over the output. Part of ticket 15652.
  5121. - When generating an event to send to the controller, we no longer
  5122. put the event over the network immediately. Instead, we queue
  5123. these events, and use a Libevent callback to deliver them. This
  5124. change simplifies Tor's callgraph by reducing the number of
  5125. functions from which all other Tor functions are reachable. Closes
  5126. ticket 16695.
  5127. - Wrap Windows-only C files inside '#ifdef _WIN32' so that tools
  5128. that try to scan or compile every file on Unix won't decide that
  5129. they are broken.
  5130. o Documentation:
  5131. - Fix capitalization of SOCKS in sample torrc. Closes ticket 15609.
  5132. - Improve the descriptions of statistics-related torrc options in
  5133. the manpage to describe rationale and possible uses cases. Fixes
  5134. issue 15550.
  5135. - Improve the layout and formatting of ./configure --help messages.
  5136. Closes ticket 15024. Patch from "cypherpunks".
  5137. - Include a specific and (hopefully) accurate documentation of the
  5138. torrc file's meta-format in doc/torrc_format.txt. This is mainly
  5139. of interest to people writing programs to parse or generate torrc
  5140. files. This document is not a commitment to long-term
  5141. compatibility; some aspects of the current format are a bit
  5142. ridiculous. Closes ticket 2325.
  5143. - Include the TUNING document in our source tarball. It is referred
  5144. to in the ChangeLog and an error message. Fixes bug 16929; bugfix
  5145. on 0.2.6.1-alpha.
  5146. - Note that HiddenServicePorts can take a unix domain socket. Closes
  5147. ticket 17364.
  5148. - Recommend a 40 GB example AccountingMax in torrc.sample rather
  5149. than a 4 GB max. Closes ticket 16742.
  5150. - Standardize on the term "server descriptor" in the manual page.
  5151. Previously, we had used "router descriptor", "server descriptor",
  5152. and "relay descriptor" interchangeably. Part of ticket 14987.
  5153. - Advise users on how to configure separate IPv4 and IPv6 exit
  5154. policies in the manpage and sample torrcs. Related to ticket 16069.
  5155. - Fix an error in the manual page and comments for
  5156. TestingDirAuthVoteHSDir[IsStrict], which suggested that a HSDir
  5157. required "ORPort connectivity". While this is true, it is in no
  5158. way unique to the HSDir flag. Of all the flags, only HSDirs need a
  5159. DirPort configured in order for the authorities to assign that
  5160. particular flag. Patch by "teor". Fixed as part of 14882; bugfix
  5161. on 0.2.6.3-alpha.
  5162. - Fix the usage message of tor-resolve(1) so that it no longer lists
  5163. the removed -F option. Fixes bug 16913; bugfix on 0.2.2.28-beta.
  5164. o Removed code:
  5165. - Remove `USE_OPENSSL_BASE64` and the corresponding fallback code
  5166. and always use the internal Base64 decoder. The internal decoder
  5167. has been part of tor since 0.2.0.10-alpha, and no one should
  5168. be using the OpenSSL one. Part of ticket 15652.
  5169. - Remove the 'tor_strclear()' function; use memwipe() instead.
  5170. Closes ticket 14922.
  5171. - Remove the code that would try to aggressively flush controller
  5172. connections while writing to them. This code was introduced in
  5173. 0.1.2.7-alpha, in order to keep output buffers from exceeding
  5174. their limits. But there is no longer a maximum output buffer size,
  5175. and flushing data in this way caused some undesirable recursions
  5176. in our call graph. Closes ticket 16480.
  5177. - The internal pure-C tor-fw-helper tool is now removed from the Tor
  5178. distribution, in favor of the pure-Go clone available from
  5179. https://gitweb.torproject.org/tor-fw-helper.git/ . The libraries
  5180. used by the C tor-fw-helper are not, in our opinion, very
  5181. confidence- inspiring in their secure-programming techniques.
  5182. Closes ticket 13338.
  5183. o Removed features:
  5184. - Remove the (seldom-used) DynamicDHGroups feature. For anti-
  5185. fingerprinting we now recommend pluggable transports; for forward-
  5186. secrecy in TLS, we now use the P-256 group. Closes ticket 13736.
  5187. - Remove the HidServDirectoryV2 option. Now all relays offer to
  5188. store hidden service descriptors. Related to 16543.
  5189. - Remove the VoteOnHidServDirectoriesV2 option, since all
  5190. authorities have long set it to 1. Closes ticket 16543.
  5191. - Remove the undocumented "--digests" command-line option. It
  5192. complicated our build process, caused subtle build issues on
  5193. multiple platforms, and is now redundant since we started
  5194. including git version identifiers. Closes ticket 14742.
  5195. - Tor no longer contains checks for ancient directory cache versions
  5196. that didn't know about microdescriptors.
  5197. - Tor no longer contains workarounds for stat files generated by
  5198. super-old versions of Tor that didn't choose guards sensibly.
  5199. o Testing:
  5200. - The test-network.sh script now supports performance testing.
  5201. Requires corresponding chutney performance testing changes. Patch
  5202. by "teor". Closes ticket 14175.
  5203. - Add a new set of callgraph analysis scripts that use clang to
  5204. produce a list of which Tor functions are reachable from which
  5205. other Tor functions. We're planning to use these to help simplify
  5206. our code structure by identifying illogical dependencies.
  5207. - Add new 'test-full' and 'test-full-online' targets to run all
  5208. tests, including integration tests with stem and chutney.
  5209. - Autodetect CHUTNEY_PATH if the chutney and Tor sources are side-
  5210. by-side in the same parent directory. Closes ticket 16903. Patch
  5211. by "teor".
  5212. - Document use of coverity, clang static analyzer, and clang dynamic
  5213. undefined behavior and address sanitizers in doc/HACKING. Include
  5214. detailed usage instructions in the blacklist. Patch by "teor".
  5215. Closes ticket 15817.
  5216. - Make "bridges+hs" the default test network. This tests almost all
  5217. tor functionality during make test-network, while allowing tests
  5218. to succeed on non-IPv6 systems. Requires chutney commit 396da92 in
  5219. test-network-bridges-hs. Closes tickets 16945 (tor) and 16946
  5220. (chutney). Patches by "teor".
  5221. - Make the test-workqueue test work on Windows by initializing the
  5222. network before we begin.
  5223. - New make target (make test-network-all) to run multiple applicable
  5224. chutney test cases. Patch from Teor; closes 16953.
  5225. - Now that OpenSSL has its own scrypt implementation, add an unit
  5226. test that checks for interoperability between libscrypt_scrypt()
  5227. and OpenSSL's EVP_PBE_scrypt() so that we could not use libscrypt
  5228. and rely on EVP_PBE_scrypt() whenever possible. Resolves
  5229. ticket 16189.
  5230. - The link authentication protocol code now has extensive tests.
  5231. - The relay descriptor signature testing code now has
  5232. extensive tests.
  5233. - The test_workqueue program now runs faster, and is enabled by
  5234. default as a part of "make check".
  5235. - Unit test dns_resolve(), dns_clip_ttl() and dns_get_expiry_ttl()
  5236. functions in dns.c. Implements a portion of ticket 16831.
  5237. - Use environment variables rather than autoconf substitutions to
  5238. send variables from the build system to the test scripts. This
  5239. change should be easier to maintain, and cause 'make distcheck' to
  5240. work better than before. Fixes bug 17148.
  5241. - When building Tor with testing coverage enabled, run Chutney tests
  5242. (if any) using the 'tor-cov' coverage binary.
  5243. - When running test-network or test-stem, check for the absence of
  5244. stem/chutney before doing any build operations.
  5245. - Add a test to verify that the compiler does not eliminate our
  5246. memwipe() implementation. Closes ticket 15377.
  5247. - Add make rule `check-changes` to verify the format of changes
  5248. files. Closes ticket 15180.
  5249. - Add unit tests for control_event_is_interesting(). Add a compile-
  5250. time check that the number of events doesn't exceed the capacity
  5251. of control_event_t.event_mask. Closes ticket 15431, checks for
  5252. bugs similar to 13085. Patch by "teor".
  5253. - Command-line argument tests moved to Stem. Resolves ticket 14806.
  5254. - Integrate the ntor, backtrace, and zero-length keys tests into the
  5255. automake test suite. Closes ticket 15344.
  5256. - Remove assertions during builds to determine Tor's test coverage.
  5257. We don't want to trigger these even in assertions, so including
  5258. them artificially makes our branch coverage look worse than it is.
  5259. This patch provides the new test-stem-full and coverage-html-full
  5260. configure options. Implements ticket 15400.
  5261. - New TestingDirAuthVote{Exit,Guard,HSDir}IsStrict flags to
  5262. explicitly manage con