ChangeLog 1.3 MB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973297429752976297729782979298029812982298329842985298629872988298929902991299229932994299529962997299829993000300130023003300430053006300730083009301030113012301330143015301630173018301930203021302230233024302530263027302830293030303130323033303430353036303730383039304030413042304330443045304630473048304930503051305230533054305530563057305830593060306130623063306430653066306730683069307030713072307330743075307630773078307930803081308230833084308530863087308830893090309130923093309430953096309730983099310031013102310331043105310631073108310931103111311231133114311531163117311831193120312131223123312431253126312731283129313031313132313331343135313631373138313931403141314231433144314531463147314831493150315131523153315431553156315731583159316031613162316331643165316631673168316931703171317231733174317531763177317831793180318131823183318431853186318731883189319031913192319331943195319631973198319932003201320232033204320532063207320832093210321132123213321432153216321732183219322032213222322332243225322632273228322932303231323232333234323532363237323832393240324132423243324432453246324732483249325032513252325332543255325632573258325932603261326232633264326532663267326832693270327132723273327432753276327732783279328032813282328332843285328632873288328932903291329232933294329532963297329832993300330133023303330433053306330733083309331033113312331333143315331633173318331933203321332233233324332533263327332833293330333133323333333433353336333733383339334033413342334333443345334633473348334933503351335233533354335533563357335833593360336133623363336433653366336733683369337033713372337333743375337633773378337933803381338233833384338533863387338833893390339133923393339433953396339733983399340034013402340334043405340634073408340934103411341234133414341534163417341834193420342134223423342434253426342734283429343034313432343334343435343634373438343934403441344234433444344534463447344834493450345134523453345434553456345734583459346034613462346334643465346634673468346934703471347234733474347534763477347834793480348134823483348434853486348734883489349034913492349334943495349634973498349935003501350235033504350535063507350835093510351135123513351435153516351735183519352035213522352335243525352635273528352935303531353235333534353535363537353835393540354135423543354435453546354735483549355035513552355335543555355635573558355935603561356235633564356535663567356835693570357135723573357435753576357735783579358035813582358335843585358635873588358935903591359235933594359535963597359835993600360136023603360436053606360736083609361036113612361336143615361636173618361936203621362236233624362536263627362836293630363136323633363436353636363736383639364036413642364336443645364636473648364936503651365236533654365536563657365836593660366136623663366436653666366736683669367036713672367336743675367636773678367936803681368236833684368536863687368836893690369136923693369436953696369736983699370037013702370337043705370637073708370937103711371237133714371537163717371837193720372137223723372437253726372737283729373037313732373337343735373637373738373937403741374237433744374537463747374837493750375137523753375437553756375737583759376037613762376337643765376637673768376937703771377237733774377537763777377837793780378137823783378437853786378737883789379037913792379337943795379637973798379938003801380238033804380538063807380838093810381138123813381438153816381738183819382038213822382338243825382638273828382938303831383238333834383538363837383838393840384138423843384438453846384738483849385038513852385338543855385638573858385938603861386238633864386538663867386838693870387138723873387438753876387738783879388038813882388338843885388638873888388938903891389238933894389538963897389838993900390139023903390439053906390739083909391039113912391339143915391639173918391939203921392239233924392539263927392839293930393139323933393439353936393739383939394039413942394339443945394639473948394939503951395239533954395539563957395839593960396139623963396439653966396739683969397039713972397339743975397639773978397939803981398239833984398539863987398839893990399139923993399439953996399739983999400040014002400340044005400640074008400940104011401240134014401540164017401840194020402140224023402440254026402740284029403040314032403340344035403640374038403940404041404240434044404540464047404840494050405140524053405440554056405740584059406040614062406340644065406640674068406940704071407240734074407540764077407840794080408140824083408440854086408740884089409040914092409340944095409640974098409941004101410241034104410541064107410841094110411141124113411441154116411741184119412041214122412341244125412641274128412941304131413241334134413541364137413841394140414141424143414441454146414741484149415041514152415341544155415641574158415941604161416241634164416541664167416841694170417141724173417441754176417741784179418041814182418341844185418641874188418941904191419241934194419541964197419841994200420142024203420442054206420742084209421042114212421342144215421642174218421942204221422242234224422542264227422842294230423142324233423442354236423742384239424042414242424342444245424642474248424942504251425242534254425542564257425842594260426142624263426442654266426742684269427042714272427342744275427642774278427942804281428242834284428542864287428842894290429142924293429442954296429742984299430043014302430343044305430643074308430943104311431243134314431543164317431843194320432143224323432443254326432743284329433043314332433343344335433643374338433943404341434243434344434543464347434843494350435143524353435443554356435743584359436043614362436343644365436643674368436943704371437243734374437543764377437843794380438143824383438443854386438743884389439043914392439343944395439643974398439944004401440244034404440544064407440844094410441144124413441444154416441744184419442044214422442344244425442644274428442944304431443244334434443544364437443844394440444144424443444444454446444744484449445044514452445344544455445644574458445944604461446244634464446544664467446844694470447144724473447444754476447744784479448044814482448344844485448644874488448944904491449244934494449544964497449844994500450145024503450445054506450745084509451045114512451345144515451645174518451945204521452245234524452545264527452845294530453145324533453445354536453745384539454045414542454345444545454645474548454945504551455245534554455545564557455845594560456145624563456445654566456745684569457045714572457345744575457645774578457945804581458245834584458545864587458845894590459145924593459445954596459745984599460046014602460346044605460646074608460946104611461246134614461546164617461846194620462146224623462446254626462746284629463046314632463346344635463646374638463946404641464246434644464546464647464846494650465146524653465446554656465746584659466046614662466346644665466646674668466946704671467246734674467546764677467846794680468146824683468446854686468746884689469046914692469346944695469646974698469947004701470247034704470547064707470847094710471147124713471447154716471747184719472047214722472347244725472647274728472947304731473247334734473547364737473847394740474147424743474447454746474747484749475047514752475347544755475647574758475947604761476247634764476547664767476847694770477147724773477447754776477747784779478047814782478347844785478647874788478947904791479247934794479547964797479847994800480148024803480448054806480748084809481048114812481348144815481648174818481948204821482248234824482548264827482848294830483148324833483448354836483748384839484048414842484348444845484648474848484948504851485248534854485548564857485848594860486148624863486448654866486748684869487048714872487348744875487648774878487948804881488248834884488548864887488848894890489148924893489448954896489748984899490049014902490349044905490649074908490949104911491249134914491549164917491849194920492149224923492449254926492749284929493049314932493349344935493649374938493949404941494249434944494549464947494849494950495149524953495449554956495749584959496049614962496349644965496649674968496949704971497249734974497549764977497849794980498149824983498449854986498749884989499049914992499349944995499649974998499950005001500250035004500550065007500850095010501150125013501450155016501750185019502050215022502350245025502650275028502950305031503250335034503550365037503850395040504150425043504450455046504750485049505050515052505350545055505650575058505950605061506250635064506550665067506850695070507150725073507450755076507750785079508050815082508350845085508650875088508950905091509250935094509550965097509850995100510151025103510451055106510751085109511051115112511351145115511651175118511951205121512251235124512551265127512851295130513151325133513451355136513751385139514051415142514351445145514651475148514951505151515251535154515551565157515851595160516151625163516451655166516751685169517051715172517351745175517651775178517951805181518251835184518551865187518851895190519151925193519451955196519751985199520052015202520352045205520652075208520952105211521252135214521552165217521852195220522152225223522452255226522752285229523052315232523352345235523652375238523952405241524252435244524552465247524852495250525152525253525452555256525752585259526052615262526352645265526652675268526952705271527252735274527552765277527852795280528152825283528452855286528752885289529052915292529352945295529652975298529953005301530253035304530553065307530853095310531153125313531453155316531753185319532053215322532353245325532653275328532953305331533253335334533553365337533853395340534153425343534453455346534753485349535053515352535353545355535653575358535953605361536253635364536553665367536853695370537153725373537453755376537753785379538053815382538353845385538653875388538953905391539253935394539553965397539853995400540154025403540454055406540754085409541054115412541354145415541654175418541954205421542254235424542554265427542854295430543154325433543454355436543754385439544054415442544354445445544654475448544954505451545254535454545554565457545854595460546154625463546454655466546754685469547054715472547354745475547654775478547954805481548254835484548554865487548854895490549154925493549454955496549754985499550055015502550355045505550655075508550955105511551255135514551555165517551855195520552155225523552455255526552755285529553055315532553355345535553655375538553955405541554255435544554555465547554855495550555155525553555455555556555755585559556055615562556355645565556655675568556955705571557255735574557555765577557855795580558155825583558455855586558755885589559055915592559355945595559655975598559956005601560256035604560556065607560856095610561156125613561456155616561756185619562056215622562356245625562656275628562956305631563256335634563556365637563856395640564156425643564456455646564756485649565056515652565356545655565656575658565956605661566256635664566556665667566856695670567156725673567456755676567756785679568056815682568356845685568656875688568956905691569256935694569556965697569856995700570157025703570457055706570757085709571057115712571357145715571657175718571957205721572257235724572557265727572857295730573157325733573457355736573757385739574057415742574357445745574657475748574957505751575257535754575557565757575857595760576157625763576457655766576757685769577057715772577357745775577657775778577957805781578257835784578557865787578857895790579157925793579457955796579757985799580058015802580358045805580658075808580958105811581258135814581558165817581858195820582158225823582458255826582758285829583058315832583358345835583658375838583958405841584258435844584558465847584858495850585158525853585458555856585758585859586058615862586358645865586658675868586958705871587258735874587558765877587858795880588158825883588458855886588758885889589058915892589358945895589658975898589959005901590259035904590559065907590859095910591159125913591459155916591759185919592059215922592359245925592659275928592959305931593259335934593559365937593859395940594159425943594459455946594759485949595059515952595359545955595659575958595959605961596259635964596559665967596859695970597159725973597459755976597759785979598059815982598359845985598659875988598959905991599259935994599559965997599859996000600160026003600460056006600760086009601060116012601360146015601660176018601960206021602260236024602560266027602860296030603160326033603460356036603760386039604060416042604360446045604660476048604960506051605260536054605560566057605860596060606160626063606460656066606760686069607060716072607360746075607660776078607960806081608260836084608560866087608860896090609160926093609460956096609760986099610061016102610361046105610661076108610961106111611261136114611561166117611861196120612161226123612461256126612761286129613061316132613361346135613661376138613961406141614261436144614561466147614861496150615161526153615461556156615761586159616061616162616361646165616661676168616961706171617261736174617561766177617861796180618161826183618461856186618761886189619061916192619361946195619661976198619962006201620262036204620562066207620862096210621162126213621462156216621762186219622062216222622362246225622662276228622962306231623262336234623562366237623862396240624162426243624462456246624762486249625062516252625362546255625662576258625962606261626262636264626562666267626862696270627162726273627462756276627762786279628062816282628362846285628662876288628962906291629262936294629562966297629862996300630163026303630463056306630763086309631063116312631363146315631663176318631963206321632263236324632563266327632863296330633163326333633463356336633763386339634063416342634363446345634663476348634963506351635263536354635563566357635863596360636163626363636463656366636763686369637063716372637363746375637663776378637963806381638263836384638563866387638863896390639163926393639463956396639763986399640064016402640364046405640664076408640964106411641264136414641564166417641864196420642164226423642464256426642764286429643064316432643364346435643664376438643964406441644264436444644564466447644864496450645164526453645464556456645764586459646064616462646364646465646664676468646964706471647264736474647564766477647864796480648164826483648464856486648764886489649064916492649364946495649664976498649965006501650265036504650565066507650865096510651165126513651465156516651765186519652065216522652365246525652665276528652965306531653265336534653565366537653865396540654165426543654465456546654765486549655065516552655365546555655665576558655965606561656265636564656565666567656865696570657165726573657465756576657765786579658065816582658365846585658665876588658965906591659265936594659565966597659865996600660166026603660466056606660766086609661066116612661366146615661666176618661966206621662266236624662566266627662866296630663166326633663466356636663766386639664066416642664366446645664666476648664966506651665266536654665566566657665866596660666166626663666466656666666766686669667066716672667366746675667666776678667966806681668266836684668566866687668866896690669166926693669466956696669766986699670067016702670367046705670667076708670967106711671267136714671567166717671867196720672167226723672467256726672767286729673067316732673367346735673667376738673967406741674267436744674567466747674867496750675167526753675467556756675767586759676067616762676367646765676667676768676967706771677267736774677567766777677867796780678167826783678467856786678767886789679067916792679367946795679667976798679968006801680268036804680568066807680868096810681168126813681468156816681768186819682068216822682368246825682668276828682968306831683268336834683568366837683868396840684168426843684468456846684768486849685068516852685368546855685668576858685968606861686268636864686568666867686868696870687168726873687468756876687768786879688068816882688368846885688668876888688968906891689268936894689568966897689868996900690169026903690469056906690769086909691069116912691369146915691669176918691969206921692269236924692569266927692869296930693169326933693469356936693769386939694069416942694369446945694669476948694969506951695269536954695569566957695869596960696169626963696469656966696769686969697069716972697369746975697669776978697969806981698269836984698569866987698869896990699169926993699469956996699769986999700070017002700370047005700670077008700970107011701270137014701570167017701870197020702170227023702470257026702770287029703070317032703370347035703670377038703970407041704270437044704570467047704870497050705170527053705470557056705770587059706070617062706370647065706670677068706970707071707270737074707570767077707870797080708170827083708470857086708770887089709070917092709370947095709670977098709971007101710271037104710571067107710871097110711171127113711471157116711771187119712071217122712371247125712671277128712971307131713271337134713571367137713871397140714171427143714471457146714771487149715071517152715371547155715671577158715971607161716271637164716571667167716871697170717171727173717471757176717771787179718071817182718371847185718671877188718971907191719271937194719571967197719871997200720172027203720472057206720772087209721072117212721372147215721672177218721972207221722272237224722572267227722872297230723172327233723472357236723772387239724072417242724372447245724672477248724972507251725272537254725572567257725872597260726172627263726472657266726772687269727072717272727372747275727672777278727972807281728272837284728572867287728872897290729172927293729472957296729772987299730073017302730373047305730673077308730973107311731273137314731573167317731873197320732173227323732473257326732773287329733073317332733373347335733673377338733973407341734273437344734573467347734873497350735173527353735473557356735773587359736073617362736373647365736673677368736973707371737273737374737573767377737873797380738173827383738473857386738773887389739073917392739373947395739673977398739974007401740274037404740574067407740874097410741174127413741474157416741774187419742074217422742374247425742674277428742974307431743274337434743574367437743874397440744174427443744474457446744774487449745074517452745374547455745674577458745974607461746274637464746574667467746874697470747174727473747474757476747774787479748074817482748374847485748674877488748974907491749274937494749574967497749874997500750175027503750475057506750775087509751075117512751375147515751675177518751975207521752275237524752575267527752875297530753175327533753475357536753775387539754075417542754375447545754675477548754975507551755275537554755575567557755875597560756175627563756475657566756775687569757075717572757375747575757675777578757975807581758275837584758575867587758875897590759175927593759475957596759775987599760076017602760376047605760676077608760976107611761276137614761576167617761876197620762176227623762476257626762776287629763076317632763376347635763676377638763976407641764276437644764576467647764876497650765176527653765476557656765776587659766076617662766376647665766676677668766976707671767276737674767576767677767876797680768176827683768476857686768776887689769076917692769376947695769676977698769977007701770277037704770577067707770877097710771177127713771477157716771777187719772077217722772377247725772677277728772977307731773277337734773577367737773877397740774177427743774477457746774777487749775077517752775377547755775677577758775977607761776277637764776577667767776877697770777177727773777477757776777777787779778077817782778377847785778677877788778977907791779277937794779577967797779877997800780178027803780478057806780778087809781078117812781378147815781678177818781978207821782278237824782578267827782878297830783178327833783478357836783778387839784078417842784378447845784678477848784978507851785278537854785578567857785878597860786178627863786478657866786778687869787078717872787378747875787678777878787978807881788278837884788578867887788878897890789178927893789478957896789778987899790079017902790379047905790679077908790979107911791279137914791579167917791879197920792179227923792479257926792779287929793079317932793379347935793679377938793979407941794279437944794579467947794879497950795179527953795479557956795779587959796079617962796379647965796679677968796979707971797279737974797579767977797879797980798179827983798479857986798779887989799079917992799379947995799679977998799980008001800280038004800580068007800880098010801180128013801480158016801780188019802080218022802380248025802680278028802980308031803280338034803580368037803880398040804180428043804480458046804780488049805080518052805380548055805680578058805980608061806280638064806580668067806880698070807180728073807480758076807780788079808080818082808380848085808680878088808980908091809280938094809580968097809880998100810181028103810481058106810781088109811081118112811381148115811681178118811981208121812281238124812581268127812881298130813181328133813481358136813781388139814081418142814381448145814681478148814981508151815281538154815581568157815881598160816181628163816481658166816781688169817081718172817381748175817681778178817981808181818281838184818581868187818881898190819181928193819481958196819781988199820082018202820382048205820682078208820982108211821282138214821582168217821882198220822182228223822482258226822782288229823082318232823382348235823682378238823982408241824282438244824582468247824882498250825182528253825482558256825782588259826082618262826382648265826682678268826982708271827282738274827582768277827882798280828182828283828482858286828782888289829082918292829382948295829682978298829983008301830283038304830583068307830883098310831183128313831483158316831783188319832083218322832383248325832683278328832983308331833283338334833583368337833883398340834183428343834483458346834783488349835083518352835383548355835683578358835983608361836283638364836583668367836883698370837183728373837483758376837783788379838083818382838383848385838683878388838983908391839283938394839583968397839883998400840184028403840484058406840784088409841084118412841384148415841684178418841984208421842284238424842584268427842884298430843184328433843484358436843784388439844084418442844384448445844684478448844984508451845284538454845584568457845884598460846184628463846484658466846784688469847084718472847384748475847684778478847984808481848284838484848584868487848884898490849184928493849484958496849784988499850085018502850385048505850685078508850985108511851285138514851585168517851885198520852185228523852485258526852785288529853085318532853385348535853685378538853985408541854285438544854585468547854885498550855185528553855485558556855785588559856085618562856385648565856685678568856985708571857285738574857585768577857885798580858185828583858485858586858785888589859085918592859385948595859685978598859986008601860286038604860586068607860886098610861186128613861486158616861786188619862086218622862386248625862686278628862986308631863286338634863586368637863886398640864186428643864486458646864786488649865086518652865386548655865686578658865986608661866286638664866586668667866886698670867186728673867486758676867786788679868086818682868386848685868686878688868986908691869286938694869586968697869886998700870187028703870487058706870787088709871087118712871387148715871687178718871987208721872287238724872587268727872887298730873187328733873487358736873787388739874087418742874387448745874687478748874987508751875287538754875587568757875887598760876187628763876487658766876787688769877087718772877387748775877687778778877987808781878287838784878587868787878887898790879187928793879487958796879787988799880088018802880388048805880688078808880988108811881288138814881588168817881888198820882188228823882488258826882788288829883088318832883388348835883688378838883988408841884288438844884588468847884888498850885188528853885488558856885788588859886088618862886388648865886688678868886988708871887288738874887588768877887888798880888188828883888488858886888788888889889088918892889388948895889688978898889989008901890289038904890589068907890889098910891189128913891489158916891789188919892089218922892389248925892689278928892989308931893289338934893589368937893889398940894189428943894489458946894789488949895089518952895389548955895689578958895989608961896289638964896589668967896889698970897189728973897489758976897789788979898089818982898389848985898689878988898989908991899289938994899589968997899889999000900190029003900490059006900790089009901090119012901390149015901690179018901990209021902290239024902590269027902890299030903190329033903490359036903790389039904090419042904390449045904690479048904990509051905290539054905590569057905890599060906190629063906490659066906790689069907090719072907390749075907690779078907990809081908290839084908590869087908890899090909190929093909490959096909790989099910091019102910391049105910691079108910991109111911291139114911591169117911891199120912191229123912491259126912791289129913091319132913391349135913691379138913991409141914291439144914591469147914891499150915191529153915491559156915791589159916091619162916391649165916691679168916991709171917291739174917591769177917891799180918191829183918491859186918791889189919091919192919391949195919691979198919992009201920292039204920592069207920892099210921192129213921492159216921792189219922092219222922392249225922692279228922992309231923292339234923592369237923892399240924192429243924492459246924792489249925092519252925392549255925692579258925992609261926292639264926592669267926892699270927192729273927492759276927792789279928092819282928392849285928692879288928992909291929292939294929592969297929892999300930193029303930493059306930793089309931093119312931393149315931693179318931993209321932293239324932593269327932893299330933193329333933493359336933793389339934093419342934393449345934693479348934993509351935293539354935593569357935893599360936193629363936493659366936793689369937093719372937393749375937693779378937993809381938293839384938593869387938893899390939193929393939493959396939793989399940094019402940394049405940694079408940994109411941294139414941594169417941894199420942194229423942494259426942794289429943094319432943394349435943694379438943994409441944294439444944594469447944894499450945194529453945494559456945794589459946094619462946394649465946694679468946994709471947294739474947594769477947894799480948194829483948494859486948794889489949094919492949394949495949694979498949995009501950295039504950595069507950895099510951195129513951495159516951795189519952095219522952395249525952695279528952995309531953295339534953595369537953895399540954195429543954495459546954795489549955095519552955395549555955695579558955995609561956295639564956595669567956895699570957195729573957495759576957795789579958095819582958395849585958695879588958995909591959295939594959595969597959895999600960196029603960496059606960796089609961096119612961396149615961696179618961996209621962296239624962596269627962896299630963196329633963496359636963796389639964096419642964396449645964696479648964996509651965296539654965596569657965896599660966196629663966496659666966796689669967096719672967396749675967696779678967996809681968296839684968596869687968896899690969196929693969496959696969796989699970097019702970397049705970697079708970997109711971297139714971597169717971897199720972197229723972497259726972797289729973097319732973397349735973697379738973997409741974297439744974597469747974897499750975197529753975497559756975797589759976097619762976397649765976697679768976997709771977297739774977597769777977897799780978197829783978497859786978797889789979097919792979397949795979697979798979998009801980298039804980598069807980898099810981198129813981498159816981798189819982098219822982398249825982698279828982998309831983298339834983598369837983898399840984198429843984498459846984798489849985098519852985398549855985698579858985998609861986298639864986598669867986898699870987198729873987498759876987798789879988098819882988398849885988698879888988998909891989298939894989598969897989898999900990199029903990499059906990799089909991099119912991399149915991699179918991999209921992299239924992599269927992899299930993199329933993499359936993799389939994099419942994399449945994699479948994999509951995299539954995599569957995899599960996199629963996499659966996799689969997099719972997399749975997699779978997999809981998299839984998599869987998899899990999199929993999499959996999799989999100001000110002100031000410005100061000710008100091001010011100121001310014100151001610017100181001910020100211002210023100241002510026100271002810029100301003110032100331003410035100361003710038100391004010041100421004310044100451004610047100481004910050100511005210053100541005510056100571005810059100601006110062100631006410065100661006710068100691007010071100721007310074100751007610077100781007910080100811008210083100841008510086100871008810089100901009110092100931009410095100961009710098100991010010101101021010310104101051010610107101081010910110101111011210113101141011510116101171011810119101201012110122101231012410125101261012710128101291013010131101321013310134101351013610137101381013910140101411014210143101441014510146101471014810149101501015110152101531015410155101561015710158101591016010161101621016310164101651016610167101681016910170101711017210173101741017510176101771017810179101801018110182101831018410185101861018710188101891019010191101921019310194101951019610197101981019910200102011020210203102041020510206102071020810209102101021110212102131021410215102161021710218102191022010221102221022310224102251022610227102281022910230102311023210233102341023510236102371023810239102401024110242102431024410245102461024710248102491025010251102521025310254102551025610257102581025910260102611026210263102641026510266102671026810269102701027110272102731027410275102761027710278102791028010281102821028310284102851028610287102881028910290102911029210293102941029510296102971029810299103001030110302103031030410305103061030710308103091031010311103121031310314103151031610317103181031910320103211032210323103241032510326103271032810329103301033110332103331033410335103361033710338103391034010341103421034310344103451034610347103481034910350103511035210353103541035510356103571035810359103601036110362103631036410365103661036710368103691037010371103721037310374103751037610377103781037910380103811038210383103841038510386103871038810389103901039110392103931039410395103961039710398103991040010401104021040310404104051040610407104081040910410104111041210413104141041510416104171041810419104201042110422104231042410425104261042710428104291043010431104321043310434104351043610437104381043910440104411044210443104441044510446104471044810449104501045110452104531045410455104561045710458104591046010461104621046310464104651046610467104681046910470104711047210473104741047510476104771047810479104801048110482104831048410485104861048710488104891049010491104921049310494104951049610497104981049910500105011050210503105041050510506105071050810509105101051110512105131051410515105161051710518105191052010521105221052310524105251052610527105281052910530105311053210533105341053510536105371053810539105401054110542105431054410545105461054710548105491055010551105521055310554105551055610557105581055910560105611056210563105641056510566105671056810569105701057110572105731057410575105761057710578105791058010581105821058310584105851058610587105881058910590105911059210593105941059510596105971059810599106001060110602106031060410605106061060710608106091061010611106121061310614106151061610617106181061910620106211062210623106241062510626106271062810629106301063110632106331063410635106361063710638106391064010641106421064310644106451064610647106481064910650106511065210653106541065510656106571065810659106601066110662106631066410665106661066710668106691067010671106721067310674106751067610677106781067910680106811068210683106841068510686106871068810689106901069110692106931069410695106961069710698106991070010701107021070310704107051070610707107081070910710107111071210713107141071510716107171071810719107201072110722107231072410725107261072710728107291073010731107321073310734107351073610737107381073910740107411074210743107441074510746107471074810749107501075110752107531075410755107561075710758107591076010761107621076310764107651076610767107681076910770107711077210773107741077510776107771077810779107801078110782107831078410785107861078710788107891079010791107921079310794107951079610797107981079910800108011080210803108041080510806108071080810809108101081110812108131081410815108161081710818108191082010821108221082310824108251082610827108281082910830108311083210833108341083510836108371083810839108401084110842108431084410845108461084710848108491085010851108521085310854108551085610857108581085910860108611086210863108641086510866108671086810869108701087110872108731087410875108761087710878108791088010881108821088310884108851088610887108881088910890108911089210893108941089510896108971089810899109001090110902109031090410905109061090710908109091091010911109121091310914109151091610917109181091910920109211092210923109241092510926109271092810929109301093110932109331093410935109361093710938109391094010941109421094310944109451094610947109481094910950109511095210953109541095510956109571095810959109601096110962109631096410965109661096710968109691097010971109721097310974109751097610977109781097910980109811098210983109841098510986109871098810989109901099110992109931099410995109961099710998109991100011001110021100311004110051100611007110081100911010110111101211013110141101511016110171101811019110201102111022110231102411025110261102711028110291103011031110321103311034110351103611037110381103911040110411104211043110441104511046110471104811049110501105111052110531105411055110561105711058110591106011061110621106311064110651106611067110681106911070110711107211073110741107511076110771107811079110801108111082110831108411085110861108711088110891109011091110921109311094110951109611097110981109911100111011110211103111041110511106111071110811109111101111111112111131111411115111161111711118111191112011121111221112311124111251112611127111281112911130111311113211133111341113511136111371113811139111401114111142111431114411145111461114711148111491115011151111521115311154111551115611157111581115911160111611116211163111641116511166111671116811169111701117111172111731117411175111761117711178111791118011181111821118311184111851118611187111881118911190111911119211193111941119511196111971119811199112001120111202112031120411205112061120711208112091121011211112121121311214112151121611217112181121911220112211122211223112241122511226112271122811229112301123111232112331123411235112361123711238112391124011241112421124311244112451124611247112481124911250112511125211253112541125511256112571125811259112601126111262112631126411265112661126711268112691127011271112721127311274112751127611277112781127911280112811128211283112841128511286112871128811289112901129111292112931129411295112961129711298112991130011301113021130311304113051130611307113081130911310113111131211313113141131511316113171131811319113201132111322113231132411325113261132711328113291133011331113321133311334113351133611337113381133911340113411134211343113441134511346113471134811349113501135111352113531135411355113561135711358113591136011361113621136311364113651136611367113681136911370113711137211373113741137511376113771137811379113801138111382113831138411385113861138711388113891139011391113921139311394113951139611397113981139911400114011140211403114041140511406114071140811409114101141111412114131141411415114161141711418114191142011421114221142311424114251142611427114281142911430114311143211433114341143511436114371143811439114401144111442114431144411445114461144711448114491145011451114521145311454114551145611457114581145911460114611146211463114641146511466114671146811469114701147111472114731147411475114761147711478114791148011481114821148311484114851148611487114881148911490114911149211493114941149511496114971149811499115001150111502115031150411505115061150711508115091151011511115121151311514115151151611517115181151911520115211152211523115241152511526115271152811529115301153111532115331153411535115361153711538115391154011541115421154311544115451154611547115481154911550115511155211553115541155511556115571155811559115601156111562115631156411565115661156711568115691157011571115721157311574115751157611577115781157911580115811158211583115841158511586115871158811589115901159111592115931159411595115961159711598115991160011601116021160311604116051160611607116081160911610116111161211613116141161511616116171161811619116201162111622116231162411625116261162711628116291163011631116321163311634116351163611637116381163911640116411164211643116441164511646116471164811649116501165111652116531165411655116561165711658116591166011661116621166311664116651166611667116681166911670116711167211673116741167511676116771167811679116801168111682116831168411685116861168711688116891169011691116921169311694116951169611697116981169911700117011170211703117041170511706117071170811709117101171111712117131171411715117161171711718117191172011721117221172311724117251172611727117281172911730117311173211733117341173511736117371173811739117401174111742117431174411745117461174711748117491175011751117521175311754117551175611757117581175911760117611176211763117641176511766117671176811769117701177111772117731177411775117761177711778117791178011781117821178311784117851178611787117881178911790117911179211793117941179511796117971179811799118001180111802118031180411805118061180711808118091181011811118121181311814118151181611817118181181911820118211182211823118241182511826118271182811829118301183111832118331183411835118361183711838118391184011841118421184311844118451184611847118481184911850118511185211853118541185511856118571185811859118601186111862118631186411865118661186711868118691187011871118721187311874118751187611877118781187911880118811188211883118841188511886118871188811889118901189111892118931189411895118961189711898118991190011901119021190311904119051190611907119081190911910119111191211913119141191511916119171191811919119201192111922119231192411925119261192711928119291193011931119321193311934119351193611937119381193911940119411194211943119441194511946119471194811949119501195111952119531195411955119561195711958119591196011961119621196311964119651196611967119681196911970119711197211973119741197511976119771197811979119801198111982119831198411985119861198711988119891199011991119921199311994119951199611997119981199912000120011200212003120041200512006120071200812009120101201112012120131201412015120161201712018120191202012021120221202312024120251202612027120281202912030120311203212033120341203512036120371203812039120401204112042120431204412045120461204712048120491205012051120521205312054120551205612057120581205912060120611206212063120641206512066120671206812069120701207112072120731207412075120761207712078120791208012081120821208312084120851208612087120881208912090120911209212093120941209512096120971209812099121001210112102121031210412105121061210712108121091211012111121121211312114121151211612117121181211912120121211212212123121241212512126121271212812129121301213112132121331213412135121361213712138121391214012141121421214312144121451214612147121481214912150121511215212153121541215512156121571215812159121601216112162121631216412165121661216712168121691217012171121721217312174121751217612177121781217912180121811218212183121841218512186121871218812189121901219112192121931219412195121961219712198121991220012201122021220312204122051220612207122081220912210122111221212213122141221512216122171221812219122201222112222122231222412225122261222712228122291223012231122321223312234122351223612237122381223912240122411224212243122441224512246122471224812249122501225112252122531225412255122561225712258122591226012261122621226312264122651226612267122681226912270122711227212273122741227512276122771227812279122801228112282122831228412285122861228712288122891229012291122921229312294122951229612297122981229912300123011230212303123041230512306123071230812309123101231112312123131231412315123161231712318123191232012321123221232312324123251232612327123281232912330123311233212333123341233512336123371233812339123401234112342123431234412345123461234712348123491235012351123521235312354123551235612357123581235912360123611236212363123641236512366123671236812369123701237112372123731237412375123761237712378123791238012381123821238312384123851238612387123881238912390123911239212393123941239512396123971239812399124001240112402124031240412405124061240712408124091241012411124121241312414124151241612417124181241912420124211242212423124241242512426124271242812429124301243112432124331243412435124361243712438124391244012441124421244312444124451244612447124481244912450124511245212453124541245512456124571245812459124601246112462124631246412465124661246712468124691247012471124721247312474124751247612477124781247912480124811248212483124841248512486124871248812489124901249112492124931249412495124961249712498124991250012501125021250312504125051250612507125081250912510125111251212513125141251512516125171251812519125201252112522125231252412525125261252712528125291253012531125321253312534125351253612537125381253912540125411254212543125441254512546125471254812549125501255112552125531255412555125561255712558125591256012561125621256312564125651256612567125681256912570125711257212573125741257512576125771257812579125801258112582125831258412585125861258712588125891259012591125921259312594125951259612597125981259912600126011260212603126041260512606126071260812609126101261112612126131261412615126161261712618126191262012621126221262312624126251262612627126281262912630126311263212633126341263512636126371263812639126401264112642126431264412645126461264712648126491265012651126521265312654126551265612657126581265912660126611266212663126641266512666126671266812669126701267112672126731267412675126761267712678126791268012681126821268312684126851268612687126881268912690126911269212693126941269512696126971269812699127001270112702127031270412705127061270712708127091271012711127121271312714127151271612717127181271912720127211272212723127241272512726127271272812729127301273112732127331273412735127361273712738127391274012741127421274312744127451274612747127481274912750127511275212753127541275512756127571275812759127601276112762127631276412765127661276712768127691277012771127721277312774127751277612777127781277912780127811278212783127841278512786127871278812789127901279112792127931279412795127961279712798127991280012801128021280312804128051280612807128081280912810128111281212813128141281512816128171281812819128201282112822128231282412825128261282712828128291283012831128321283312834128351283612837128381283912840128411284212843128441284512846128471284812849128501285112852128531285412855128561285712858128591286012861128621286312864128651286612867128681286912870128711287212873128741287512876128771287812879128801288112882128831288412885128861288712888128891289012891128921289312894128951289612897128981289912900129011290212903129041290512906129071290812909129101291112912129131291412915129161291712918129191292012921129221292312924129251292612927129281292912930129311293212933129341293512936129371293812939129401294112942129431294412945129461294712948129491295012951129521295312954129551295612957129581295912960129611296212963129641296512966129671296812969129701297112972129731297412975129761297712978129791298012981129821298312984129851298612987129881298912990129911299212993129941299512996129971299812999130001300113002130031300413005130061300713008130091301013011130121301313014130151301613017130181301913020130211302213023130241302513026130271302813029130301303113032130331303413035130361303713038130391304013041130421304313044130451304613047130481304913050130511305213053130541305513056130571305813059130601306113062130631306413065130661306713068130691307013071130721307313074130751307613077130781307913080130811308213083130841308513086130871308813089130901309113092130931309413095130961309713098130991310013101131021310313104131051310613107131081310913110131111311213113131141311513116131171311813119131201312113122131231312413125131261312713128131291313013131131321313313134131351313613137131381313913140131411314213143131441314513146131471314813149131501315113152131531315413155131561315713158131591316013161131621316313164131651316613167131681316913170131711317213173131741317513176131771317813179131801318113182131831318413185131861318713188131891319013191131921319313194131951319613197131981319913200132011320213203132041320513206132071320813209132101321113212132131321413215132161321713218132191322013221132221322313224132251322613227132281322913230132311323213233132341323513236132371323813239132401324113242132431324413245132461324713248132491325013251132521325313254132551325613257132581325913260132611326213263132641326513266132671326813269132701327113272132731327413275132761327713278132791328013281132821328313284132851328613287132881328913290132911329213293132941329513296132971329813299133001330113302133031330413305133061330713308133091331013311133121331313314133151331613317133181331913320133211332213323133241332513326133271332813329133301333113332133331333413335133361333713338133391334013341133421334313344133451334613347133481334913350133511335213353133541335513356133571335813359133601336113362133631336413365133661336713368133691337013371133721337313374133751337613377133781337913380133811338213383133841338513386133871338813389133901339113392133931339413395133961339713398133991340013401134021340313404134051340613407134081340913410134111341213413134141341513416134171341813419134201342113422134231342413425134261342713428134291343013431134321343313434134351343613437134381343913440134411344213443134441344513446134471344813449134501345113452134531345413455134561345713458134591346013461134621346313464134651346613467134681346913470134711347213473134741347513476134771347813479134801348113482134831348413485134861348713488134891349013491134921349313494134951349613497134981349913500135011350213503135041350513506135071350813509135101351113512135131351413515135161351713518135191352013521135221352313524135251352613527135281352913530135311353213533135341353513536135371353813539135401354113542135431354413545135461354713548135491355013551135521355313554135551355613557135581355913560135611356213563135641356513566135671356813569135701357113572135731357413575135761357713578135791358013581135821358313584135851358613587135881358913590135911359213593135941359513596135971359813599136001360113602136031360413605136061360713608136091361013611136121361313614136151361613617136181361913620136211362213623136241362513626136271362813629136301363113632136331363413635136361363713638136391364013641136421364313644136451364613647136481364913650136511365213653136541365513656136571365813659136601366113662136631366413665136661366713668136691367013671136721367313674136751367613677136781367913680136811368213683136841368513686136871368813689136901369113692136931369413695136961369713698136991370013701137021370313704137051370613707137081370913710137111371213713137141371513716137171371813719137201372113722137231372413725137261372713728137291373013731137321373313734137351373613737137381373913740137411374213743137441374513746137471374813749137501375113752137531375413755137561375713758137591376013761137621376313764137651376613767137681376913770137711377213773137741377513776137771377813779137801378113782137831378413785137861378713788137891379013791137921379313794137951379613797137981379913800138011380213803138041380513806138071380813809138101381113812138131381413815138161381713818138191382013821138221382313824138251382613827138281382913830138311383213833138341383513836138371383813839138401384113842138431384413845138461384713848138491385013851138521385313854138551385613857138581385913860138611386213863138641386513866138671386813869138701387113872138731387413875138761387713878138791388013881138821388313884138851388613887138881388913890138911389213893138941389513896138971389813899139001390113902139031390413905139061390713908139091391013911139121391313914139151391613917139181391913920139211392213923139241392513926139271392813929139301393113932139331393413935139361393713938139391394013941139421394313944139451394613947139481394913950139511395213953139541395513956139571395813959139601396113962139631396413965139661396713968139691397013971139721397313974139751397613977139781397913980139811398213983139841398513986139871398813989139901399113992139931399413995139961399713998139991400014001140021400314004140051400614007140081400914010140111401214013140141401514016140171401814019140201402114022140231402414025140261402714028140291403014031140321403314034140351403614037140381403914040140411404214043140441404514046140471404814049140501405114052140531405414055140561405714058140591406014061140621406314064140651406614067140681406914070140711407214073140741407514076140771407814079140801408114082140831408414085140861408714088140891409014091140921409314094140951409614097140981409914100141011410214103141041410514106141071410814109141101411114112141131411414115141161411714118141191412014121141221412314124141251412614127141281412914130141311413214133141341413514136141371413814139141401414114142141431414414145141461414714148141491415014151141521415314154141551415614157141581415914160141611416214163141641416514166141671416814169141701417114172141731417414175141761417714178141791418014181141821418314184141851418614187141881418914190141911419214193141941419514196141971419814199142001420114202142031420414205142061420714208142091421014211142121421314214142151421614217142181421914220142211422214223142241422514226142271422814229142301423114232142331423414235142361423714238142391424014241142421424314244142451424614247142481424914250142511425214253142541425514256142571425814259142601426114262142631426414265142661426714268142691427014271142721427314274142751427614277142781427914280142811428214283142841428514286142871428814289142901429114292142931429414295142961429714298142991430014301143021430314304143051430614307143081430914310143111431214313143141431514316143171431814319143201432114322143231432414325143261432714328143291433014331143321433314334143351433614337143381433914340143411434214343143441434514346143471434814349143501435114352143531435414355143561435714358143591436014361143621436314364143651436614367143681436914370143711437214373143741437514376143771437814379143801438114382143831438414385143861438714388143891439014391143921439314394143951439614397143981439914400144011440214403144041440514406144071440814409144101441114412144131441414415144161441714418144191442014421144221442314424144251442614427144281442914430144311443214433144341443514436144371443814439144401444114442144431444414445144461444714448144491445014451144521445314454144551445614457144581445914460144611446214463144641446514466144671446814469144701447114472144731447414475144761447714478144791448014481144821448314484144851448614487144881448914490144911449214493144941449514496144971449814499145001450114502145031450414505145061450714508145091451014511145121451314514145151451614517145181451914520145211452214523145241452514526145271452814529145301453114532145331453414535145361453714538145391454014541145421454314544145451454614547145481454914550145511455214553145541455514556145571455814559145601456114562145631456414565145661456714568145691457014571145721457314574145751457614577145781457914580145811458214583145841458514586145871458814589145901459114592145931459414595145961459714598145991460014601146021460314604146051460614607146081460914610146111461214613146141461514616146171461814619146201462114622146231462414625146261462714628146291463014631146321463314634146351463614637146381463914640146411464214643146441464514646146471464814649146501465114652146531465414655146561465714658146591466014661146621466314664146651466614667146681466914670146711467214673146741467514676146771467814679146801468114682146831468414685146861468714688146891469014691146921469314694146951469614697146981469914700147011470214703147041470514706147071470814709147101471114712147131471414715147161471714718147191472014721147221472314724147251472614727147281472914730147311473214733147341473514736147371473814739147401474114742147431474414745147461474714748147491475014751147521475314754147551475614757147581475914760147611476214763147641476514766147671476814769147701477114772147731477414775147761477714778147791478014781147821478314784147851478614787147881478914790147911479214793147941479514796147971479814799148001480114802148031480414805148061480714808148091481014811148121481314814148151481614817148181481914820148211482214823148241482514826148271482814829148301483114832148331483414835148361483714838148391484014841148421484314844148451484614847148481484914850148511485214853148541485514856148571485814859148601486114862148631486414865148661486714868148691487014871148721487314874148751487614877148781487914880148811488214883148841488514886148871488814889148901489114892148931489414895148961489714898148991490014901149021490314904149051490614907149081490914910149111491214913149141491514916149171491814919149201492114922149231492414925149261492714928149291493014931149321493314934149351493614937149381493914940149411494214943149441494514946149471494814949149501495114952149531495414955149561495714958149591496014961149621496314964149651496614967149681496914970149711497214973149741497514976149771497814979149801498114982149831498414985149861498714988149891499014991149921499314994149951499614997149981499915000150011500215003150041500515006150071500815009150101501115012150131501415015150161501715018150191502015021150221502315024150251502615027150281502915030150311503215033150341503515036150371503815039150401504115042150431504415045150461504715048150491505015051150521505315054150551505615057150581505915060150611506215063150641506515066150671506815069150701507115072150731507415075150761507715078150791508015081150821508315084150851508615087150881508915090150911509215093150941509515096150971509815099151001510115102151031510415105151061510715108151091511015111151121511315114151151511615117151181511915120151211512215123151241512515126151271512815129151301513115132151331513415135151361513715138151391514015141151421514315144151451514615147151481514915150151511515215153151541515515156151571515815159151601516115162151631516415165151661516715168151691517015171151721517315174151751517615177151781517915180151811518215183151841518515186151871518815189151901519115192151931519415195151961519715198151991520015201152021520315204152051520615207152081520915210152111521215213152141521515216152171521815219152201522115222152231522415225152261522715228152291523015231152321523315234152351523615237152381523915240152411524215243152441524515246152471524815249152501525115252152531525415255152561525715258152591526015261152621526315264152651526615267152681526915270152711527215273152741527515276152771527815279152801528115282152831528415285152861528715288152891529015291152921529315294152951529615297152981529915300153011530215303153041530515306153071530815309153101531115312153131531415315153161531715318153191532015321153221532315324153251532615327153281532915330153311533215333153341533515336153371533815339153401534115342153431534415345153461534715348153491535015351153521535315354153551535615357153581535915360153611536215363153641536515366153671536815369153701537115372153731537415375153761537715378153791538015381153821538315384153851538615387153881538915390153911539215393153941539515396153971539815399154001540115402154031540415405154061540715408154091541015411154121541315414154151541615417154181541915420154211542215423154241542515426154271542815429154301543115432154331543415435154361543715438154391544015441154421544315444154451544615447154481544915450154511545215453154541545515456154571545815459154601546115462154631546415465154661546715468154691547015471154721547315474154751547615477154781547915480154811548215483154841548515486154871548815489154901549115492154931549415495154961549715498154991550015501155021550315504155051550615507155081550915510155111551215513155141551515516155171551815519155201552115522155231552415525155261552715528155291553015531155321553315534155351553615537155381553915540155411554215543155441554515546155471554815549155501555115552155531555415555155561555715558155591556015561155621556315564155651556615567155681556915570155711557215573155741557515576155771557815579155801558115582155831558415585155861558715588155891559015591155921559315594155951559615597155981559915600156011560215603156041560515606156071560815609156101561115612156131561415615156161561715618156191562015621156221562315624156251562615627156281562915630156311563215633156341563515636156371563815639156401564115642156431564415645156461564715648156491565015651156521565315654156551565615657156581565915660156611566215663156641566515666156671566815669156701567115672156731567415675156761567715678156791568015681156821568315684156851568615687156881568915690156911569215693156941569515696156971569815699157001570115702157031570415705157061570715708157091571015711157121571315714157151571615717157181571915720157211572215723157241572515726157271572815729157301573115732157331573415735157361573715738157391574015741157421574315744157451574615747157481574915750157511575215753157541575515756157571575815759157601576115762157631576415765157661576715768157691577015771157721577315774157751577615777157781577915780157811578215783157841578515786157871578815789157901579115792157931579415795157961579715798157991580015801158021580315804158051580615807158081580915810158111581215813158141581515816158171581815819158201582115822158231582415825158261582715828158291583015831158321583315834158351583615837158381583915840158411584215843158441584515846158471584815849158501585115852158531585415855158561585715858158591586015861158621586315864158651586615867158681586915870158711587215873158741587515876158771587815879158801588115882158831588415885158861588715888158891589015891158921589315894158951589615897158981589915900159011590215903159041590515906159071590815909159101591115912159131591415915159161591715918159191592015921159221592315924159251592615927159281592915930159311593215933159341593515936159371593815939159401594115942159431594415945159461594715948159491595015951159521595315954159551595615957159581595915960159611596215963159641596515966159671596815969159701597115972159731597415975159761597715978159791598015981159821598315984159851598615987159881598915990159911599215993159941599515996159971599815999160001600116002160031600416005160061600716008160091601016011160121601316014160151601616017160181601916020160211602216023160241602516026160271602816029160301603116032160331603416035160361603716038160391604016041160421604316044160451604616047160481604916050160511605216053160541605516056160571605816059160601606116062160631606416065160661606716068160691607016071160721607316074160751607616077160781607916080160811608216083160841608516086160871608816089160901609116092160931609416095160961609716098160991610016101161021610316104161051610616107161081610916110161111611216113161141611516116161171611816119161201612116122161231612416125161261612716128161291613016131161321613316134161351613616137161381613916140161411614216143161441614516146161471614816149161501615116152161531615416155161561615716158161591616016161161621616316164161651616616167161681616916170161711617216173161741617516176161771617816179161801618116182161831618416185161861618716188161891619016191161921619316194161951619616197161981619916200162011620216203162041620516206162071620816209162101621116212162131621416215162161621716218162191622016221162221622316224162251622616227162281622916230162311623216233162341623516236162371623816239162401624116242162431624416245162461624716248162491625016251162521625316254162551625616257162581625916260162611626216263162641626516266162671626816269162701627116272162731627416275162761627716278162791628016281162821628316284162851628616287162881628916290162911629216293162941629516296162971629816299163001630116302163031630416305163061630716308163091631016311163121631316314163151631616317163181631916320163211632216323163241632516326163271632816329163301633116332163331633416335163361633716338163391634016341163421634316344163451634616347163481634916350163511635216353163541635516356163571635816359163601636116362163631636416365163661636716368163691637016371163721637316374163751637616377163781637916380163811638216383163841638516386163871638816389163901639116392163931639416395163961639716398163991640016401164021640316404164051640616407164081640916410164111641216413164141641516416164171641816419164201642116422164231642416425164261642716428164291643016431164321643316434164351643616437164381643916440164411644216443164441644516446164471644816449164501645116452164531645416455164561645716458164591646016461164621646316464164651646616467164681646916470164711647216473164741647516476164771647816479164801648116482164831648416485164861648716488164891649016491164921649316494164951649616497164981649916500165011650216503165041650516506165071650816509165101651116512165131651416515165161651716518165191652016521165221652316524165251652616527165281652916530165311653216533165341653516536165371653816539165401654116542165431654416545165461654716548165491655016551165521655316554165551655616557165581655916560165611656216563165641656516566165671656816569165701657116572165731657416575165761657716578165791658016581165821658316584165851658616587165881658916590165911659216593165941659516596165971659816599166001660116602166031660416605166061660716608166091661016611166121661316614166151661616617166181661916620166211662216623166241662516626166271662816629166301663116632166331663416635166361663716638166391664016641166421664316644166451664616647166481664916650166511665216653166541665516656166571665816659166601666116662166631666416665166661666716668166691667016671166721667316674166751667616677166781667916680166811668216683166841668516686166871668816689166901669116692166931669416695166961669716698166991670016701167021670316704167051670616707167081670916710167111671216713167141671516716167171671816719167201672116722167231672416725167261672716728167291673016731167321673316734167351673616737167381673916740167411674216743167441674516746167471674816749167501675116752167531675416755167561675716758167591676016761167621676316764167651676616767167681676916770167711677216773167741677516776167771677816779167801678116782167831678416785167861678716788167891679016791167921679316794167951679616797167981679916800168011680216803168041680516806168071680816809168101681116812168131681416815168161681716818168191682016821168221682316824168251682616827168281682916830168311683216833168341683516836168371683816839168401684116842168431684416845168461684716848168491685016851168521685316854168551685616857168581685916860168611686216863168641686516866168671686816869168701687116872168731687416875168761687716878168791688016881168821688316884168851688616887168881688916890168911689216893168941689516896168971689816899169001690116902169031690416905169061690716908169091691016911169121691316914169151691616917169181691916920169211692216923169241692516926169271692816929169301693116932169331693416935169361693716938169391694016941169421694316944169451694616947169481694916950169511695216953169541695516956169571695816959169601696116962169631696416965169661696716968169691697016971169721697316974169751697616977169781697916980169811698216983169841698516986169871698816989169901699116992169931699416995169961699716998169991700017001170021700317004170051700617007170081700917010170111701217013170141701517016170171701817019170201702117022170231702417025170261702717028170291703017031170321703317034170351703617037170381703917040170411704217043170441704517046170471704817049170501705117052170531705417055170561705717058170591706017061170621706317064170651706617067170681706917070170711707217073170741707517076170771707817079170801708117082170831708417085170861708717088170891709017091170921709317094170951709617097170981709917100171011710217103171041710517106171071710817109171101711117112171131711417115171161711717118171191712017121171221712317124171251712617127171281712917130171311713217133171341713517136171371713817139171401714117142171431714417145171461714717148171491715017151171521715317154171551715617157171581715917160171611716217163171641716517166171671716817169171701717117172171731717417175171761717717178171791718017181171821718317184171851718617187171881718917190171911719217193171941719517196171971719817199172001720117202172031720417205172061720717208172091721017211172121721317214172151721617217172181721917220172211722217223172241722517226172271722817229172301723117232172331723417235172361723717238172391724017241172421724317244172451724617247172481724917250172511725217253172541725517256172571725817259172601726117262172631726417265172661726717268172691727017271172721727317274172751727617277172781727917280172811728217283172841728517286172871728817289172901729117292172931729417295172961729717298172991730017301173021730317304173051730617307173081730917310173111731217313173141731517316173171731817319173201732117322173231732417325173261732717328173291733017331173321733317334173351733617337173381733917340173411734217343173441734517346173471734817349173501735117352173531735417355173561735717358173591736017361173621736317364173651736617367173681736917370173711737217373173741737517376173771737817379173801738117382173831738417385173861738717388173891739017391173921739317394173951739617397173981739917400174011740217403174041740517406174071740817409174101741117412174131741417415174161741717418174191742017421174221742317424174251742617427174281742917430174311743217433174341743517436174371743817439174401744117442174431744417445174461744717448174491745017451174521745317454174551745617457174581745917460174611746217463174641746517466174671746817469174701747117472174731747417475174761747717478174791748017481174821748317484174851748617487174881748917490174911749217493174941749517496174971749817499175001750117502175031750417505175061750717508175091751017511175121751317514175151751617517175181751917520175211752217523175241752517526175271752817529175301753117532175331753417535175361753717538175391754017541175421754317544175451754617547175481754917550175511755217553175541755517556175571755817559175601756117562175631756417565175661756717568175691757017571175721757317574175751757617577175781757917580175811758217583175841758517586175871758817589175901759117592175931759417595175961759717598175991760017601176021760317604176051760617607176081760917610176111761217613176141761517616176171761817619176201762117622176231762417625176261762717628176291763017631176321763317634176351763617637176381763917640176411764217643176441764517646176471764817649176501765117652176531765417655176561765717658176591766017661176621766317664176651766617667176681766917670176711767217673176741767517676176771767817679176801768117682176831768417685176861768717688176891769017691176921769317694176951769617697176981769917700177011770217703177041770517706177071770817709177101771117712177131771417715177161771717718177191772017721177221772317724177251772617727177281772917730177311773217733177341773517736177371773817739177401774117742177431774417745177461774717748177491775017751177521775317754177551775617757177581775917760177611776217763177641776517766177671776817769177701777117772177731777417775177761777717778177791778017781177821778317784177851778617787177881778917790177911779217793177941779517796177971779817799178001780117802178031780417805178061780717808178091781017811178121781317814178151781617817178181781917820178211782217823178241782517826178271782817829178301783117832178331783417835178361783717838178391784017841178421784317844178451784617847178481784917850178511785217853178541785517856178571785817859178601786117862178631786417865178661786717868178691787017871178721787317874178751787617877178781787917880178811788217883178841788517886178871788817889178901789117892178931789417895178961789717898178991790017901179021790317904179051790617907179081790917910179111791217913179141791517916179171791817919179201792117922179231792417925179261792717928179291793017931179321793317934179351793617937179381793917940179411794217943179441794517946179471794817949179501795117952179531795417955179561795717958179591796017961179621796317964179651796617967179681796917970179711797217973179741797517976179771797817979179801798117982179831798417985179861798717988179891799017991179921799317994179951799617997179981799918000180011800218003180041800518006180071800818009180101801118012180131801418015180161801718018180191802018021180221802318024180251802618027180281802918030180311803218033180341803518036180371803818039180401804118042180431804418045180461804718048180491805018051180521805318054180551805618057180581805918060180611806218063180641806518066180671806818069180701807118072180731807418075180761807718078180791808018081180821808318084180851808618087180881808918090180911809218093180941809518096180971809818099181001810118102181031810418105181061810718108181091811018111181121811318114181151811618117181181811918120181211812218123181241812518126181271812818129181301813118132181331813418135181361813718138181391814018141181421814318144181451814618147181481814918150181511815218153181541815518156181571815818159181601816118162181631816418165181661816718168181691817018171181721817318174181751817618177181781817918180181811818218183181841818518186181871818818189181901819118192181931819418195181961819718198181991820018201182021820318204182051820618207182081820918210182111821218213182141821518216182171821818219182201822118222182231822418225182261822718228182291823018231182321823318234182351823618237182381823918240182411824218243182441824518246182471824818249182501825118252182531825418255182561825718258182591826018261182621826318264182651826618267182681826918270182711827218273182741827518276182771827818279182801828118282182831828418285182861828718288182891829018291182921829318294182951829618297182981829918300183011830218303183041830518306183071830818309183101831118312183131831418315183161831718318183191832018321183221832318324183251832618327183281832918330183311833218333183341833518336183371833818339183401834118342183431834418345183461834718348183491835018351183521835318354183551835618357183581835918360183611836218363183641836518366183671836818369183701837118372183731837418375183761837718378183791838018381183821838318384183851838618387183881838918390183911839218393183941839518396183971839818399184001840118402184031840418405184061840718408184091841018411184121841318414184151841618417184181841918420184211842218423184241842518426184271842818429184301843118432184331843418435184361843718438184391844018441184421844318444184451844618447184481844918450184511845218453184541845518456184571845818459184601846118462184631846418465184661846718468184691847018471184721847318474184751847618477184781847918480184811848218483184841848518486184871848818489184901849118492184931849418495184961849718498184991850018501185021850318504185051850618507185081850918510185111851218513185141851518516185171851818519185201852118522185231852418525185261852718528185291853018531185321853318534185351853618537185381853918540185411854218543185441854518546185471854818549185501855118552185531855418555185561855718558185591856018561185621856318564185651856618567185681856918570185711857218573185741857518576185771857818579185801858118582185831858418585185861858718588185891859018591185921859318594185951859618597185981859918600186011860218603186041860518606186071860818609186101861118612186131861418615186161861718618186191862018621186221862318624186251862618627186281862918630186311863218633186341863518636186371863818639186401864118642186431864418645186461864718648186491865018651186521865318654186551865618657186581865918660186611866218663186641866518666186671866818669186701867118672186731867418675186761867718678186791868018681186821868318684186851868618687186881868918690186911869218693186941869518696186971869818699187001870118702187031870418705187061870718708187091871018711187121871318714187151871618717187181871918720187211872218723187241872518726187271872818729187301873118732187331873418735187361873718738187391874018741187421874318744187451874618747187481874918750187511875218753187541875518756187571875818759187601876118762187631876418765187661876718768187691877018771187721877318774187751877618777187781877918780187811878218783187841878518786187871878818789187901879118792187931879418795187961879718798187991880018801188021880318804188051880618807188081880918810188111881218813188141881518816188171881818819188201882118822188231882418825188261882718828188291883018831188321883318834188351883618837188381883918840188411884218843188441884518846188471884818849188501885118852188531885418855188561885718858188591886018861188621886318864188651886618867188681886918870188711887218873188741887518876188771887818879188801888118882188831888418885188861888718888188891889018891188921889318894188951889618897188981889918900189011890218903189041890518906189071890818909189101891118912189131891418915189161891718918189191892018921189221892318924189251892618927189281892918930189311893218933189341893518936189371893818939189401894118942189431894418945189461894718948189491895018951189521895318954189551895618957189581895918960189611896218963189641896518966189671896818969189701897118972189731897418975189761897718978189791898018981189821898318984189851898618987189881898918990189911899218993189941899518996189971899818999190001900119002190031900419005190061900719008190091901019011190121901319014190151901619017190181901919020190211902219023190241902519026190271902819029190301903119032190331903419035190361903719038190391904019041190421904319044190451904619047190481904919050190511905219053190541905519056190571905819059190601906119062190631906419065190661906719068190691907019071190721907319074190751907619077190781907919080190811908219083190841908519086190871908819089190901909119092190931909419095190961909719098190991910019101191021910319104191051910619107191081910919110191111911219113191141911519116191171911819119191201912119122191231912419125191261912719128191291913019131191321913319134191351913619137191381913919140191411914219143191441914519146191471914819149191501915119152191531915419155191561915719158191591916019161191621916319164191651916619167191681916919170191711917219173191741917519176191771917819179191801918119182191831918419185191861918719188191891919019191191921919319194191951919619197191981919919200192011920219203192041920519206192071920819209192101921119212192131921419215192161921719218192191922019221192221922319224192251922619227192281922919230192311923219233192341923519236192371923819239192401924119242192431924419245192461924719248192491925019251192521925319254192551925619257192581925919260192611926219263192641926519266192671926819269192701927119272192731927419275192761927719278192791928019281192821928319284192851928619287192881928919290192911929219293192941929519296192971929819299193001930119302193031930419305193061930719308193091931019311193121931319314193151931619317193181931919320193211932219323193241932519326193271932819329193301933119332193331933419335193361933719338193391934019341193421934319344193451934619347193481934919350193511935219353193541935519356193571935819359193601936119362193631936419365193661936719368193691937019371193721937319374193751937619377193781937919380193811938219383193841938519386193871938819389193901939119392193931939419395193961939719398193991940019401194021940319404194051940619407194081940919410194111941219413194141941519416194171941819419194201942119422194231942419425194261942719428194291943019431194321943319434194351943619437194381943919440194411944219443194441944519446194471944819449194501945119452194531945419455194561945719458194591946019461194621946319464194651946619467194681946919470194711947219473194741947519476194771947819479194801948119482194831948419485194861948719488194891949019491194921949319494194951949619497194981949919500195011950219503195041950519506195071950819509195101951119512195131951419515195161951719518195191952019521195221952319524195251952619527195281952919530195311953219533195341953519536195371953819539195401954119542195431954419545195461954719548195491955019551195521955319554195551955619557195581955919560195611956219563195641956519566195671956819569195701957119572195731957419575195761957719578195791958019581195821958319584195851958619587195881958919590195911959219593195941959519596195971959819599196001960119602196031960419605196061960719608196091961019611196121961319614196151961619617196181961919620196211962219623196241962519626196271962819629196301963119632196331963419635196361963719638196391964019641196421964319644196451964619647196481964919650196511965219653196541965519656196571965819659196601966119662196631966419665196661966719668196691967019671196721967319674196751967619677196781967919680196811968219683196841968519686196871968819689196901969119692196931969419695196961969719698196991970019701197021970319704197051970619707197081970919710197111971219713197141971519716197171971819719197201972119722197231972419725197261972719728197291973019731197321973319734197351973619737197381973919740197411974219743197441974519746197471974819749197501975119752197531975419755197561975719758197591976019761197621976319764197651976619767197681976919770197711977219773197741977519776197771977819779197801978119782197831978419785197861978719788197891979019791197921979319794197951979619797197981979919800198011980219803198041980519806198071980819809198101981119812198131981419815198161981719818198191982019821198221982319824198251982619827198281982919830198311983219833198341983519836198371983819839198401984119842198431984419845198461984719848198491985019851198521985319854198551985619857198581985919860198611986219863198641986519866198671986819869198701987119872198731987419875198761987719878198791988019881198821988319884198851988619887198881988919890198911989219893198941989519896198971989819899199001990119902199031990419905199061990719908199091991019911199121991319914199151991619917199181991919920199211992219923199241992519926199271992819929199301993119932199331993419935199361993719938199391994019941199421994319944199451994619947199481994919950199511995219953199541995519956199571995819959199601996119962199631996419965199661996719968199691997019971199721997319974199751997619977199781997919980199811998219983199841998519986199871998819989199901999119992199931999419995199961999719998199992000020001200022000320004200052000620007200082000920010200112001220013200142001520016200172001820019200202002120022200232002420025200262002720028200292003020031200322003320034200352003620037200382003920040200412004220043200442004520046200472004820049200502005120052200532005420055200562005720058200592006020061200622006320064200652006620067200682006920070200712007220073200742007520076200772007820079200802008120082200832008420085200862008720088200892009020091200922009320094200952009620097200982009920100201012010220103201042010520106201072010820109201102011120112201132011420115201162011720118201192012020121201222012320124201252012620127201282012920130201312013220133201342013520136201372013820139201402014120142201432014420145201462014720148201492015020151201522015320154201552015620157201582015920160201612016220163201642016520166201672016820169201702017120172201732017420175201762017720178201792018020181201822018320184201852018620187201882018920190201912019220193201942019520196201972019820199202002020120202202032020420205202062020720208202092021020211202122021320214202152021620217202182021920220202212022220223202242022520226202272022820229202302023120232202332023420235202362023720238202392024020241202422024320244202452024620247202482024920250202512025220253202542025520256202572025820259202602026120262202632026420265202662026720268202692027020271202722027320274202752027620277202782027920280202812028220283202842028520286202872028820289202902029120292202932029420295202962029720298202992030020301203022030320304203052030620307203082030920310203112031220313203142031520316203172031820319203202032120322203232032420325203262032720328203292033020331203322033320334203352033620337203382033920340203412034220343203442034520346203472034820349203502035120352203532035420355203562035720358203592036020361203622036320364203652036620367203682036920370203712037220373203742037520376203772037820379203802038120382203832038420385203862038720388203892039020391203922039320394203952039620397203982039920400204012040220403204042040520406204072040820409204102041120412204132041420415204162041720418204192042020421204222042320424204252042620427204282042920430204312043220433204342043520436204372043820439204402044120442204432044420445204462044720448204492045020451204522045320454204552045620457204582045920460204612046220463204642046520466204672046820469204702047120472204732047420475204762047720478204792048020481204822048320484204852048620487204882048920490204912049220493204942049520496204972049820499205002050120502205032050420505205062050720508205092051020511205122051320514205152051620517205182051920520205212052220523205242052520526205272052820529205302053120532205332053420535205362053720538205392054020541205422054320544205452054620547205482054920550205512055220553205542055520556205572055820559205602056120562205632056420565205662056720568205692057020571205722057320574205752057620577205782057920580205812058220583205842058520586205872058820589205902059120592205932059420595205962059720598205992060020601206022060320604206052060620607206082060920610206112061220613206142061520616206172061820619206202062120622206232062420625206262062720628206292063020631206322063320634206352063620637206382063920640206412064220643206442064520646206472064820649206502065120652206532065420655206562065720658206592066020661206622066320664206652066620667206682066920670206712067220673206742067520676206772067820679206802068120682206832068420685206862068720688206892069020691206922069320694206952069620697206982069920700207012070220703207042070520706207072070820709207102071120712207132071420715207162071720718207192072020721207222072320724207252072620727207282072920730207312073220733207342073520736207372073820739207402074120742207432074420745207462074720748207492075020751207522075320754207552075620757207582075920760207612076220763207642076520766207672076820769207702077120772207732077420775207762077720778207792078020781207822078320784207852078620787207882078920790207912079220793207942079520796207972079820799208002080120802208032080420805208062080720808208092081020811208122081320814208152081620817208182081920820208212082220823208242082520826208272082820829208302083120832208332083420835208362083720838208392084020841208422084320844208452084620847208482084920850208512085220853208542085520856208572085820859208602086120862208632086420865208662086720868208692087020871208722087320874208752087620877208782087920880208812088220883208842088520886208872088820889208902089120892208932089420895208962089720898208992090020901209022090320904209052090620907209082090920910209112091220913209142091520916209172091820919209202092120922209232092420925209262092720928209292093020931209322093320934209352093620937209382093920940209412094220943209442094520946209472094820949209502095120952209532095420955209562095720958209592096020961209622096320964209652096620967209682096920970209712097220973209742097520976209772097820979209802098120982209832098420985209862098720988209892099020991209922099320994209952099620997209982099921000210012100221003210042100521006210072100821009210102101121012210132101421015210162101721018210192102021021210222102321024210252102621027210282102921030210312103221033210342103521036210372103821039210402104121042210432104421045210462104721048210492105021051210522105321054210552105621057210582105921060210612106221063210642106521066210672106821069210702107121072210732107421075210762107721078210792108021081210822108321084210852108621087210882108921090210912109221093210942109521096210972109821099211002110121102211032110421105211062110721108211092111021111211122111321114211152111621117211182111921120211212112221123211242112521126211272112821129211302113121132211332113421135211362113721138211392114021141211422114321144211452114621147211482114921150211512115221153211542115521156211572115821159211602116121162211632116421165211662116721168211692117021171211722117321174211752117621177211782117921180211812118221183211842118521186211872118821189211902119121192211932119421195211962119721198211992120021201212022120321204212052120621207212082120921210212112121221213212142121521216212172121821219212202122121222212232122421225212262122721228212292123021231212322123321234212352123621237212382123921240212412124221243212442124521246212472124821249212502125121252212532125421255212562125721258212592126021261212622126321264212652126621267212682126921270212712127221273212742127521276212772127821279212802128121282212832128421285212862128721288212892129021291212922129321294212952129621297212982129921300213012130221303213042130521306213072130821309213102131121312213132131421315213162131721318213192132021321213222132321324213252132621327213282132921330213312133221333213342133521336213372133821339213402134121342213432134421345213462134721348213492135021351213522135321354213552135621357213582135921360213612136221363213642136521366213672136821369213702137121372213732137421375213762137721378213792138021381213822138321384213852138621387213882138921390213912139221393213942139521396213972139821399214002140121402214032140421405214062140721408214092141021411214122141321414214152141621417214182141921420214212142221423214242142521426214272142821429214302143121432214332143421435214362143721438214392144021441214422144321444214452144621447214482144921450214512145221453214542145521456214572145821459214602146121462214632146421465214662146721468214692147021471214722147321474214752147621477214782147921480214812148221483214842148521486214872148821489214902149121492214932149421495214962149721498214992150021501215022150321504215052150621507215082150921510215112151221513215142151521516215172151821519215202152121522215232152421525215262152721528215292153021531215322153321534215352153621537215382153921540215412154221543215442154521546215472154821549215502155121552215532155421555215562155721558215592156021561215622156321564215652156621567215682156921570215712157221573215742157521576215772157821579215802158121582215832158421585215862158721588215892159021591215922159321594215952159621597215982159921600216012160221603216042160521606216072160821609216102161121612216132161421615216162161721618216192162021621216222162321624216252162621627216282162921630216312163221633216342163521636216372163821639216402164121642216432164421645216462164721648216492165021651216522165321654216552165621657216582165921660216612166221663216642166521666216672166821669216702167121672216732167421675216762167721678216792168021681216822168321684216852168621687216882168921690216912169221693216942169521696216972169821699217002170121702217032170421705217062170721708217092171021711217122171321714217152171621717217182171921720217212172221723217242172521726217272172821729217302173121732217332173421735217362173721738217392174021741217422174321744217452174621747217482174921750217512175221753217542175521756217572175821759217602176121762217632176421765217662176721768217692177021771217722177321774217752177621777217782177921780217812178221783217842178521786217872178821789217902179121792217932179421795217962179721798217992180021801218022180321804218052180621807218082180921810218112181221813218142181521816218172181821819218202182121822218232182421825218262182721828218292183021831218322183321834218352183621837218382183921840218412184221843218442184521846218472184821849218502185121852218532185421855218562185721858218592186021861218622186321864218652186621867218682186921870218712187221873218742187521876218772187821879218802188121882218832188421885218862188721888218892189021891218922189321894218952189621897218982189921900219012190221903219042190521906219072190821909219102191121912219132191421915219162191721918219192192021921219222192321924219252192621927219282192921930219312193221933219342193521936219372193821939219402194121942219432194421945219462194721948219492195021951219522195321954219552195621957219582195921960219612196221963219642196521966219672196821969219702197121972219732197421975219762197721978219792198021981219822198321984219852198621987219882198921990219912199221993219942199521996219972199821999220002200122002220032200422005220062200722008220092201022011220122201322014220152201622017220182201922020220212202222023220242202522026220272202822029220302203122032220332203422035220362203722038220392204022041220422204322044220452204622047220482204922050220512205222053220542205522056220572205822059220602206122062220632206422065220662206722068220692207022071220722207322074220752207622077220782207922080220812208222083220842208522086220872208822089220902209122092220932209422095220962209722098220992210022101221022210322104221052210622107221082210922110221112211222113221142211522116221172211822119221202212122122221232212422125221262212722128221292213022131221322213322134221352213622137221382213922140221412214222143221442214522146221472214822149221502215122152221532215422155221562215722158221592216022161221622216322164221652216622167221682216922170221712217222173221742217522176221772217822179221802218122182221832218422185221862218722188221892219022191221922219322194221952219622197221982219922200222012220222203222042220522206222072220822209222102221122212222132221422215222162221722218222192222022221222222222322224222252222622227222282222922230222312223222233222342223522236222372223822239222402224122242222432224422245222462224722248222492225022251222522225322254222552225622257222582225922260222612226222263222642226522266222672226822269222702227122272222732227422275222762227722278222792228022281222822228322284222852228622287222882228922290222912229222293222942229522296222972229822299223002230122302223032230422305223062230722308223092231022311223122231322314223152231622317223182231922320223212232222323223242232522326223272232822329223302233122332223332233422335223362233722338223392234022341223422234322344223452234622347223482234922350223512235222353223542235522356223572235822359223602236122362223632236422365223662236722368223692237022371223722237322374223752237622377223782237922380223812238222383223842238522386223872238822389223902239122392223932239422395223962239722398223992240022401224022240322404224052240622407224082240922410224112241222413224142241522416224172241822419224202242122422224232242422425224262242722428224292243022431224322243322434224352243622437224382243922440224412244222443224442244522446224472244822449224502245122452224532245422455224562245722458224592246022461224622246322464224652246622467224682246922470224712247222473224742247522476224772247822479224802248122482224832248422485224862248722488224892249022491224922249322494224952249622497224982249922500225012250222503225042250522506225072250822509225102251122512225132251422515225162251722518225192252022521225222252322524225252252622527225282252922530225312253222533225342253522536225372253822539225402254122542225432254422545225462254722548225492255022551225522255322554225552255622557225582255922560225612256222563225642256522566225672256822569225702257122572225732257422575225762257722578225792258022581225822258322584225852258622587225882258922590225912259222593225942259522596225972259822599226002260122602226032260422605226062260722608226092261022611226122261322614226152261622617226182261922620226212262222623226242262522626226272262822629226302263122632226332263422635226362263722638226392264022641226422264322644226452264622647226482264922650226512265222653226542265522656226572265822659226602266122662226632266422665226662266722668226692267022671226722267322674226752267622677226782267922680226812268222683226842268522686226872268822689226902269122692226932269422695226962269722698226992270022701227022270322704227052270622707227082270922710227112271222713227142271522716227172271822719227202272122722227232272422725227262272722728227292273022731227322273322734227352273622737227382273922740227412274222743227442274522746227472274822749227502275122752227532275422755227562275722758227592276022761227622276322764227652276622767227682276922770227712277222773227742277522776227772277822779227802278122782227832278422785227862278722788227892279022791227922279322794227952279622797227982279922800228012280222803228042280522806228072280822809228102281122812228132281422815228162281722818228192282022821228222282322824228252282622827228282282922830228312283222833228342283522836228372283822839228402284122842228432284422845228462284722848228492285022851228522285322854228552285622857228582285922860228612286222863228642286522866228672286822869228702287122872228732287422875228762287722878228792288022881228822288322884228852288622887228882288922890228912289222893228942289522896228972289822899229002290122902229032290422905229062290722908229092291022911229122291322914229152291622917229182291922920229212292222923229242292522926229272292822929229302293122932229332293422935229362293722938229392294022941229422294322944229452294622947229482294922950229512295222953229542295522956229572295822959229602296122962229632296422965229662296722968229692297022971229722297322974229752297622977229782297922980229812298222983229842298522986229872298822989229902299122992229932299422995229962299722998229992300023001230022300323004230052300623007230082300923010230112301223013230142301523016230172301823019230202302123022230232302423025230262302723028230292303023031230322303323034230352303623037230382303923040230412304223043230442304523046230472304823049230502305123052230532305423055230562305723058230592306023061230622306323064230652306623067230682306923070230712307223073230742307523076230772307823079230802308123082230832308423085230862308723088230892309023091230922309323094230952309623097230982309923100231012310223103231042310523106231072310823109231102311123112231132311423115231162311723118231192312023121231222312323124231252312623127231282312923130231312313223133231342313523136231372313823139231402314123142231432314423145231462314723148231492315023151231522315323154231552315623157231582315923160231612316223163231642316523166231672316823169231702317123172231732317423175231762317723178231792318023181231822318323184231852318623187231882318923190231912319223193231942319523196231972319823199232002320123202232032320423205232062320723208232092321023211232122321323214232152321623217232182321923220232212322223223232242322523226232272322823229232302323123232232332323423235232362323723238232392324023241232422324323244232452324623247232482324923250232512325223253232542325523256232572325823259232602326123262232632326423265232662326723268232692327023271232722327323274232752327623277232782327923280232812328223283232842328523286232872328823289232902329123292232932329423295232962329723298232992330023301233022330323304233052330623307233082330923310233112331223313233142331523316233172331823319233202332123322233232332423325233262332723328233292333023331233322333323334233352333623337233382333923340233412334223343233442334523346233472334823349233502335123352233532335423355233562335723358233592336023361233622336323364233652336623367233682336923370233712337223373233742337523376233772337823379233802338123382233832338423385233862338723388233892339023391233922339323394233952339623397233982339923400234012340223403234042340523406234072340823409234102341123412234132341423415234162341723418234192342023421234222342323424234252342623427234282342923430234312343223433234342343523436234372343823439234402344123442234432344423445234462344723448234492345023451234522345323454234552345623457234582345923460234612346223463234642346523466234672346823469234702347123472234732347423475234762347723478234792348023481234822348323484234852348623487234882348923490234912349223493234942349523496234972349823499235002350123502235032350423505235062350723508235092351023511235122351323514235152351623517235182351923520235212352223523235242352523526235272352823529235302353123532235332353423535235362353723538235392354023541235422354323544235452354623547235482354923550235512355223553235542355523556235572355823559235602356123562235632356423565235662356723568235692357023571235722357323574235752357623577235782357923580235812358223583235842358523586235872358823589235902359123592235932359423595235962359723598235992360023601236022360323604236052360623607236082360923610236112361223613236142361523616236172361823619236202362123622236232362423625236262362723628236292363023631236322363323634236352363623637236382363923640236412364223643236442364523646236472364823649236502365123652236532365423655236562365723658236592366023661236622366323664236652366623667236682366923670236712367223673236742367523676236772367823679236802368123682236832368423685236862368723688236892369023691236922369323694236952369623697236982369923700237012370223703237042370523706237072370823709237102371123712237132371423715237162371723718237192372023721237222372323724237252372623727237282372923730237312373223733237342373523736237372373823739237402374123742237432374423745237462374723748237492375023751237522375323754237552375623757237582375923760237612376223763237642376523766237672376823769237702377123772237732377423775237762377723778237792378023781237822378323784237852378623787237882378923790237912379223793237942379523796237972379823799238002380123802238032380423805238062380723808238092381023811238122381323814238152381623817238182381923820238212382223823238242382523826238272382823829238302383123832238332383423835238362383723838238392384023841238422384323844238452384623847238482384923850238512385223853238542385523856238572385823859238602386123862238632386423865238662386723868238692387023871238722387323874238752387623877238782387923880238812388223883238842388523886238872388823889238902389123892238932389423895238962389723898238992390023901239022390323904239052390623907239082390923910239112391223913239142391523916239172391823919239202392123922239232392423925239262392723928239292393023931239322393323934239352393623937239382393923940239412394223943239442394523946239472394823949239502395123952239532395423955239562395723958239592396023961239622396323964239652396623967239682396923970239712397223973239742397523976239772397823979239802398123982239832398423985239862398723988239892399023991239922399323994239952399623997239982399924000240012400224003240042400524006240072400824009240102401124012240132401424015240162401724018240192402024021240222402324024240252402624027240282402924030240312403224033240342403524036240372403824039240402404124042240432404424045240462404724048240492405024051240522405324054240552405624057240582405924060240612406224063240642406524066240672406824069240702407124072240732407424075240762407724078240792408024081240822408324084240852408624087240882408924090240912409224093240942409524096240972409824099241002410124102241032410424105241062410724108241092411024111241122411324114241152411624117241182411924120241212412224123241242412524126241272412824129241302413124132241332413424135241362413724138241392414024141241422414324144241452414624147241482414924150241512415224153241542415524156241572415824159241602416124162241632416424165241662416724168241692417024171241722417324174241752417624177241782417924180241812418224183241842418524186241872418824189241902419124192241932419424195241962419724198241992420024201242022420324204242052420624207242082420924210242112421224213242142421524216242172421824219242202422124222242232422424225242262422724228242292423024231242322423324234242352423624237242382423924240242412424224243242442424524246242472424824249242502425124252242532425424255242562425724258242592426024261242622426324264242652426624267242682426924270242712427224273242742427524276242772427824279242802428124282242832428424285242862428724288242892429024291242922429324294242952429624297242982429924300243012430224303243042430524306243072430824309243102431124312243132431424315243162431724318243192432024321243222432324324243252432624327243282432924330243312433224333243342433524336243372433824339243402434124342243432434424345243462434724348243492435024351243522435324354243552435624357243582435924360243612436224363243642436524366243672436824369243702437124372243732437424375243762437724378243792438024381243822438324384243852438624387243882438924390243912439224393243942439524396243972439824399244002440124402244032440424405244062440724408244092441024411244122441324414244152441624417244182441924420244212442224423244242442524426244272442824429244302443124432244332443424435244362443724438244392444024441244422444324444244452444624447244482444924450244512445224453244542445524456244572445824459244602446124462244632446424465244662446724468244692447024471244722447324474244752447624477244782447924480244812448224483244842448524486244872448824489244902449124492244932449424495244962449724498244992450024501245022450324504245052450624507245082450924510245112451224513245142451524516245172451824519245202452124522245232452424525245262452724528245292453024531245322453324534245352453624537245382453924540245412454224543245442454524546245472454824549245502455124552245532455424555245562455724558245592456024561245622456324564245652456624567245682456924570245712457224573245742457524576245772457824579245802458124582245832458424585245862458724588245892459024591245922459324594245952459624597245982459924600246012460224603246042460524606246072460824609246102461124612246132461424615246162461724618246192462024621246222462324624246252462624627246282462924630246312463224633246342463524636246372463824639246402464124642246432464424645246462464724648246492465024651246522465324654246552465624657246582465924660246612466224663246642466524666246672466824669246702467124672246732467424675246762467724678246792468024681246822468324684246852468624687246882468924690246912469224693246942469524696246972469824699247002470124702247032470424705247062470724708247092471024711247122471324714247152471624717247182471924720247212472224723247242472524726247272472824729247302473124732247332473424735247362473724738247392474024741247422474324744247452474624747247482474924750247512475224753247542475524756247572475824759247602476124762247632476424765247662476724768247692477024771247722477324774247752477624777247782477924780247812478224783247842478524786247872478824789247902479124792247932479424795247962479724798247992480024801248022480324804248052480624807248082480924810248112481224813248142481524816248172481824819248202482124822248232482424825248262482724828248292483024831248322483324834248352483624837248382483924840248412484224843248442484524846248472484824849248502485124852248532485424855248562485724858248592486024861248622486324864248652486624867248682486924870248712487224873248742487524876248772487824879248802488124882248832488424885248862488724888248892489024891248922489324894248952489624897248982489924900249012490224903249042490524906249072490824909249102491124912249132491424915249162491724918249192492024921249222492324924249252492624927249282492924930249312493224933249342493524936249372493824939249402494124942249432494424945249462494724948249492495024951249522495324954249552495624957249582495924960249612496224963249642496524966249672496824969249702497124972249732497424975249762497724978249792498024981249822498324984249852498624987249882498924990249912499224993249942499524996249972499824999250002500125002250032500425005250062500725008250092501025011250122501325014250152501625017250182501925020250212502225023250242502525026250272502825029250302503125032250332503425035250362503725038250392504025041250422504325044250452504625047250482504925050250512505225053250542505525056250572505825059250602506125062250632506425065250662506725068250692507025071250722507325074250752507625077250782507925080250812508225083250842508525086250872508825089250902509125092250932509425095250962509725098250992510025101251022510325104251052510625107251082510925110251112511225113251142511525116251172511825119251202512125122251232512425125251262512725128251292513025131251322513325134251352513625137251382513925140251412514225143251442514525146251472514825149251502515125152251532515425155251562515725158251592516025161251622516325164251652516625167251682516925170251712517225173251742517525176251772517825179251802518125182251832518425185251862518725188251892519025191251922519325194251952519625197251982519925200252012520225203252042520525206252072520825209252102521125212252132521425215252162521725218252192522025221252222522325224252252522625227252282522925230252312523225233252342523525236252372523825239252402524125242252432524425245252462524725248252492525025251252522525325254252552525625257252582525925260252612526225263252642526525266252672526825269252702527125272252732527425275252762527725278252792528025281252822528325284252852528625287252882528925290252912529225293252942529525296252972529825299253002530125302253032530425305253062530725308253092531025311253122531325314253152531625317253182531925320253212532225323253242532525326253272532825329253302533125332253332533425335253362533725338253392534025341253422534325344253452534625347253482534925350253512535225353253542535525356253572535825359253602536125362253632536425365253662536725368253692537025371253722537325374253752537625377253782537925380253812538225383253842538525386253872538825389253902539125392253932539425395253962539725398253992540025401254022540325404254052540625407254082540925410254112541225413254142541525416254172541825419254202542125422254232542425425254262542725428254292543025431254322543325434254352543625437254382543925440254412544225443254442544525446254472544825449254502545125452254532545425455254562545725458254592546025461254622546325464254652546625467254682546925470254712547225473254742547525476254772547825479254802548125482254832548425485254862548725488254892549025491254922549325494254952549625497254982549925500255012550225503255042550525506255072550825509255102551125512255132551425515255162551725518255192552025521255222552325524255252552625527255282552925530255312553225533255342553525536255372553825539255402554125542255432554425545255462554725548255492555025551255522555325554255552555625557255582555925560255612556225563255642556525566255672556825569255702557125572255732557425575255762557725578255792558025581255822558325584255852558625587255882558925590255912559225593255942559525596255972559825599256002560125602256032560425605256062560725608256092561025611256122561325614256152561625617256182561925620256212562225623256242562525626256272562825629256302563125632256332563425635256362563725638256392564025641256422564325644256452564625647256482564925650256512565225653256542565525656256572565825659256602566125662256632566425665256662566725668256692567025671256722567325674256752567625677256782567925680256812568225683256842568525686256872568825689256902569125692256932569425695256962569725698256992570025701257022570325704257052570625707257082570925710257112571225713257142571525716257172571825719257202572125722257232572425725257262572725728257292573025731257322573325734257352573625737257382573925740257412574225743257442574525746257472574825749257502575125752257532575425755257562575725758257592576025761257622576325764257652576625767257682576925770257712577225773257742577525776257772577825779257802578125782257832578425785257862578725788257892579025791257922579325794257952579625797257982579925800258012580225803258042580525806258072580825809258102581125812258132581425815258162581725818258192582025821258222582325824258252582625827258282582925830258312583225833258342583525836258372583825839258402584125842258432584425845258462584725848258492585025851258522585325854258552585625857258582585925860258612586225863258642586525866258672586825869258702587125872258732587425875258762587725878258792588025881258822588325884258852588625887258882588925890258912589225893258942589525896258972589825899259002590125902259032590425905259062590725908259092591025911259122591325914259152591625917259182591925920259212592225923259242592525926259272592825929259302593125932259332593425935259362593725938259392594025941259422594325944259452594625947259482594925950259512595225953259542595525956259572595825959259602596125962259632596425965259662596725968259692597025971259722597325974259752597625977259782597925980259812598225983259842598525986259872598825989259902599125992259932599425995259962599725998259992600026001260022600326004260052600626007260082600926010260112601226013260142601526016260172601826019260202602126022260232602426025260262602726028260292603026031260322603326034260352603626037260382603926040260412604226043260442604526046260472604826049260502605126052260532605426055260562605726058260592606026061260622606326064260652606626067260682606926070260712607226073260742607526076260772607826079260802608126082260832608426085260862608726088260892609026091260922609326094260952609626097260982609926100261012610226103261042610526106261072610826109261102611126112261132611426115261162611726118261192612026121261222612326124261252612626127261282612926130261312613226133261342613526136261372613826139261402614126142261432614426145261462614726148261492615026151261522615326154261552615626157261582615926160261612616226163261642616526166261672616826169261702617126172261732617426175261762617726178261792618026181261822618326184261852618626187261882618926190261912619226193261942619526196261972619826199262002620126202262032620426205262062620726208262092621026211262122621326214262152621626217262182621926220262212622226223262242622526226262272622826229262302623126232262332623426235262362623726238262392624026241262422624326244262452624626247262482624926250262512625226253262542625526256262572625826259262602626126262262632626426265262662626726268262692627026271262722627326274262752627626277262782627926280262812628226283262842628526286262872628826289262902629126292262932629426295262962629726298262992630026301263022630326304263052630626307263082630926310263112631226313263142631526316263172631826319263202632126322263232632426325263262632726328263292633026331263322633326334263352633626337263382633926340263412634226343263442634526346263472634826349263502635126352263532635426355263562635726358263592636026361263622636326364263652636626367263682636926370263712637226373263742637526376263772637826379263802638126382263832638426385263862638726388263892639026391263922639326394263952639626397263982639926400264012640226403264042640526406264072640826409264102641126412264132641426415264162641726418264192642026421264222642326424264252642626427264282642926430264312643226433264342643526436264372643826439264402644126442264432644426445264462644726448264492645026451264522645326454264552645626457264582645926460264612646226463264642646526466264672646826469264702647126472264732647426475264762647726478264792648026481264822648326484264852648626487264882648926490264912649226493264942649526496264972649826499265002650126502265032650426505265062650726508265092651026511265122651326514265152651626517265182651926520265212652226523265242652526526265272652826529265302653126532265332653426535265362653726538265392654026541265422654326544265452654626547265482654926550265512655226553265542655526556265572655826559265602656126562265632656426565265662656726568265692657026571265722657326574265752657626577265782657926580265812658226583265842658526586265872658826589265902659126592265932659426595265962659726598265992660026601266022660326604266052660626607266082660926610266112661226613266142661526616266172661826619266202662126622266232662426625266262662726628266292663026631266322663326634266352663626637266382663926640266412664226643266442664526646266472664826649266502665126652266532665426655266562665726658266592666026661266622666326664266652666626667266682666926670266712667226673266742667526676266772667826679266802668126682266832668426685266862668726688266892669026691266922669326694266952669626697266982669926700267012670226703267042670526706267072670826709267102671126712267132671426715267162671726718267192672026721267222672326724267252672626727267282672926730267312673226733267342673526736267372673826739267402674126742267432674426745267462674726748267492675026751267522675326754267552675626757267582675926760267612676226763267642676526766267672676826769267702677126772267732677426775267762677726778267792678026781267822678326784267852678626787267882678926790267912679226793267942679526796267972679826799268002680126802268032680426805268062680726808268092681026811268122681326814268152681626817268182681926820268212682226823268242682526826268272682826829268302683126832268332683426835268362683726838268392684026841268422684326844268452684626847268482684926850268512685226853268542685526856268572685826859268602686126862268632686426865268662686726868268692687026871268722687326874268752687626877268782687926880268812688226883268842688526886268872688826889268902689126892268932689426895268962689726898268992690026901269022690326904269052690626907269082690926910269112691226913269142691526916269172691826919269202692126922269232692426925269262692726928269292693026931269322693326934269352693626937269382693926940269412694226943269442694526946269472694826949269502695126952269532695426955269562695726958269592696026961269622696326964269652696626967269682696926970269712697226973269742697526976
  1. Changes in version 0.3.3.2-alpha - 2018-02-10
  2. Tor 0.3.3.2-alpha is the second alpha in the 0.3.3.x series. It
  3. introduces a mechanism to handle the high loads that many relay
  4. operators have been reporting recently. It also fixes several bugs in
  5. older releases. If this new code proves reliable, we plan to backport
  6. it to older supported release series.
  7. o Major features (denial-of-service mitigation):
  8. - Give relays some defenses against the recent network overload. We
  9. start with three defenses (default parameters in parentheses).
  10. First: if a single client address makes too many concurrent
  11. connections (>100), hang up on further connections. Second: if a
  12. single client address makes circuits too quickly (more than 3 per
  13. second, with an allowed burst of 90) while also having too many
  14. connections open (3), refuse new create cells for the next while
  15. (1-2 hours). Third: if a client asks to establish a rendezvous
  16. point to you directly, ignore the request. These defenses can be
  17. manually controlled by new torrc options, but relays will also
  18. take guidance from consensus parameters, so there's no need to
  19. configure anything manually. Implements ticket 24902.
  20. o Major bugfixes (netflow padding):
  21. - Stop adding unneeded channel padding right after we finish
  22. flushing to a connection that has been trying to flush for many
  23. seconds. Instead, treat all partial or complete flushes as
  24. activity on the channel, which will defer the time until we need
  25. to add padding. This fix should resolve confusing and scary log
  26. messages like "Channel padding timeout scheduled 221453ms in the
  27. past." Fixes bug 22212; bugfix on 0.3.1.1-alpha.
  28. o Major bugfixes (protocol versions):
  29. - Add Link protocol version 5 to the supported protocols list. Fixes
  30. bug 25070; bugfix on 0.3.1.1-alpha.
  31. o Major bugfixes (scheduler, consensus):
  32. - The scheduler subsystem was failing to promptly notice changes in
  33. consensus parameters, making it harder to switch schedulers
  34. network-wide. Fixes bug 24975; bugfix on 0.3.2.1-alpha.
  35. o Minor features (denial-of-service avoidance):
  36. - Make our OOM handler aware of the geoip client history cache so it
  37. doesn't fill up the memory. This check is important for IPv6 and
  38. our DoS mitigation subsystem. Closes ticket 25122.
  39. o Minor features (directory authority):
  40. - When directory authorities are unable to add signatures to a
  41. pending consensus, log the reason why. Closes ticket 24849.
  42. o Minor features (geoip):
  43. - Update geoip and geoip6 to the February 7 2018 Maxmind GeoLite2
  44. Country database.
  45. o Minor features (logging, diagnostic):
  46. - When logging a failure to create an onion service's descriptor,
  47. also log what the problem with the descriptor was. Diagnostic for
  48. ticket 24972.
  49. o Minor bugfix (channel connection):
  50. - Use the actual observed address of an incoming relay connection,
  51. not the canonical address of the relay from its descriptor, when
  52. making decisions about how to handle the incoming connection.
  53. Fixes bug 24952; bugfix on 0.2.4.11-alpha. Patch by "ffmancera".
  54. o Minor bugfix (directory authority):
  55. - Directory authorities, when refusing a descriptor from a rejected
  56. relay, now explicitly tell the relay (in its logs) to set a valid
  57. ContactInfo address and contact the bad-relays@ mailing list.
  58. Fixes bug 25170; bugfix on 0.2.9.1.
  59. o Minor bugfixes (all versions of Tor):
  60. - Use the "misspell" tool to detect and fix typos throughout the
  61. source code. Fixes bug 23650; bugfix on various versions of Tor.
  62. Patch from Deepesh Pathak.
  63. o Minor bugfixes (circuit, cannibalization):
  64. - Don't cannibalize preemptively-built circuits if we no longer
  65. recognize their first hop. This situation can happen if our Guard
  66. relay went off the consensus after the circuit was created. Fixes
  67. bug 24469; bugfix on 0.0.6.
  68. o Minor bugfixes (correctness):
  69. - Remove a nonworking, unnecessary check to see whether a circuit
  70. hop's identity digest was set when the circuit failed. Fixes bug
  71. 24927; bugfix on 0.2.4.4-alpha.
  72. o Minor bugfixes (logging):
  73. - Don't treat inability to store a cached consensus object as a bug:
  74. it can happen normally when we are out of disk space. Fixes bug
  75. 24859; bugfix on 0.3.1.1-alpha.
  76. - Fix a (mostly harmless) race condition when invoking
  77. LOG_PROTOCOL_WARN message from a subthread while the torrc options
  78. are changing. Fixes bug 23954; bugfix on 0.1.1.9-alpha.
  79. o Minor bugfixes (onion services):
  80. - Remove a BUG() statement when a client fetches an onion descriptor
  81. that has a lower revision counter than the one in its cache. This
  82. can happen in normal circumstances due to HSDir desync. Fixes bug
  83. 24976; bugfix on 0.3.2.1-alpha.
  84. - If we are configured to offer a single onion service, don't log
  85. long-term established one hop rendezvous points in the heartbeat.
  86. Fixes bug 25116; bugfix on 0.2.9.6-rc.
  87. o Minor bugfixes (performance):
  88. - Avoid calling protocol_list_supports_protocol() from inside tight
  89. loops when running with cached routerinfo_t objects. Instead,
  90. summarize the relevant protocols as flags in the routerinfo_t, as
  91. we do for routerstatus_t objects. This change simplifies our code
  92. a little, and saves a large amount of short-term memory allocation
  93. operations. Fixes bug 25008; bugfix on 0.2.9.4-alpha.
  94. o Minor bugfixes (Rust FFI):
  95. - Fix a minor memory leak which would happen whenever the C code
  96. would call the Rust implementation of
  97. protover_get_supported_protocols(). This was due to the C version
  98. returning a static string, whereas the Rust version newly allocated
  99. a CString to pass accross the FFI boundary. Consequently, the C
  100. code was not expecting to need to free() what it was given. Fixes
  101. bug 25127; bugfix on 0.3.2.1-alpha.
  102. o Minor bugfixes (scheduler, KIST):
  103. - Avoid adding the same channel twice in the KIST scheduler pending
  104. list, which would waste CPU cycles. Fixes bug 24700; bugfix
  105. on 0.3.2.1-alpha.
  106. o Minor bugfixes (unit test, monotonic time):
  107. - Increase a constant (1msec to 10msec) in the monotonic time test
  108. that makes sure the nsec/usec/msec times read are synchronized.
  109. This change was needed to accommodate slow systems like armel or
  110. when the clock_gettime() is not a VDSO on the running kernel.
  111. Fixes bug 25113; bugfix on 0.2.9.1.
  112. o Minor bugfixes (v3 onion services):
  113. - Look at the "HSRend" protocol version, not the "HSDir" protocol
  114. version, when deciding whether a consensus entry can support the
  115. v3 onion service protocol as a rendezvous point. Fixes bug 25105;
  116. bugfix on 0.3.2.1-alpha.
  117. o Code simplification and refactoring:
  118. - Remove the unused nodelist_recompute_all_hsdir_indices(). Closes
  119. ticket 25108.
  120. - Remove a series of counters used to track circuit extend attempts
  121. and connection status but that in reality we aren't using for
  122. anything other than stats logged by a SIGUSR1 signal. Closes
  123. ticket 25163.
  124. o Documentation (man page):
  125. - The HiddenServiceVersion torrc option accepts only one number:
  126. either version 2 or 3. Closes ticket 25026; bugfix
  127. on 0.3.2.2-alpha.
  128. Changes in version 0.3.3.1-alpha - 2018-01-25
  129. Tor 0.3.3.1-alpha is the first release in the 0.3.3.x series. It adds
  130. several new features to Tor, including several improvements to
  131. bootstrapping, and support for an experimental "vanguards" feature to
  132. resist guard discovery attacks. This series also includes better
  133. support for applications that need to embed Tor or manage v3
  134. onion services.
  135. o Major features (embedding):
  136. - There is now a documented stable API for programs that need to
  137. embed Tor. See tor_api.h for full documentation and known bugs.
  138. Closes ticket 23684.
  139. - Tor now has support for restarting in the same process.
  140. Controllers that run Tor using the "tor_api.h" interface can now
  141. restart Tor after Tor has exited. This support is incomplete,
  142. however: we fixed crash bugs that prevented it from working at
  143. all, but many bugs probably remain, including a possibility of
  144. security issues. Implements ticket 24581.
  145. o Major features (IPv6, directory documents):
  146. - Add consensus method 27, which adds IPv6 ORPorts to the microdesc
  147. consensus. This information makes it easier for IPv6 clients to
  148. bootstrap and choose reachable entry guards. Implements 23826.
  149. - Add consensus method 28, which removes IPv6 ORPorts from
  150. microdescriptors. Now that the consensus contains IPv6 ORPorts,
  151. they are redundant in microdescs. This change will be used by Tor
  152. clients on 0.2.8.x and later. (That is to say, with all Tor
  153. clients having IPv6 bootstrap and guard support.) Implements 23828.
  154. - Expand the documentation for AuthDirHasIPv6Connectivity when it is
  155. set by different numbers of authorities. Fixes 23870
  156. on 0.2.4.1-alpha.
  157. o Major features (onion service v3, control port):
  158. - The control port now supports commands and events for v3 onion
  159. services. It is now possible to create ephemeral v3 services using
  160. ADD_ONION. Additionally, several events (HS_DESC, HS_DESC_CONTENT,
  161. CIRC and CIRC_MINOR) and commands (GETINFO, HSPOST, ADD_ONION and
  162. DEL_ONION) have been extended to support v3 onion services. Closes
  163. ticket 20699; implements proposal 284.
  164. o Major features (onion services):
  165. - Provide torrc options to pin the second and third hops of onion
  166. service circuits to a list of nodes. The option HSLayer2Guards
  167. pins the second hop, and the option HSLayer3Guards pins the third
  168. hop. These options are for use in conjunction with experiments
  169. with "vanguards" for preventing guard enumeration attacks. Closes
  170. ticket 13837.
  171. o Major features (rust, portability, experimental):
  172. - Tor now ships with an optional implementation of one of its
  173. smaller modules (protover.c) in the Rust programming language. To
  174. try it out, install a Rust build environment, and configure Tor
  175. with "--enable-rust --enable-cargo-online-mode". This should not
  176. cause any user-visible changes, but should help us gain more
  177. experience with Rust, and plan future Rust integration work.
  178. Implementation by Chelsea Komlo. Closes ticket 22840.
  179. o Major features (storage, configuration):
  180. - Users can store cached directory documents somewhere other than
  181. the DataDirectory by using the CacheDirectory option. Similarly,
  182. the storage location for relay's keys can be overridden with the
  183. KeyDirectory option. Closes ticket 22703.
  184. o Major features (v3 onion services, ipv6):
  185. - When v3 onion service clients send introduce cells, they now
  186. include the IPv6 address of the rendezvous point, if it has one.
  187. Current v3 onion services running 0.3.2 ignore IPv6 addresses, but
  188. in future Tor versions, IPv6-only v3 single onion services will be
  189. able to use IPv6 addresses to connect directly to the rendezvous
  190. point. Closes ticket 23577. Patch by Neel Chauhan.
  191. o Major bugfixes (onion services, retry behavior):
  192. - Fix an "off by 2" error in counting rendezvous failures on the
  193. onion service side. While we thought we would stop the rendezvous
  194. attempt after one failed circuit, we were actually making three
  195. circuit attempts before giving up. Now switch to a default of 2,
  196. and allow the consensus parameter "hs_service_max_rdv_failures" to
  197. override. Fixes bug 24895; bugfix on 0.0.6.
  198. - New-style (v3) onion services now obey the "max rendezvous circuit
  199. attempts" logic. Previously they would make as many rendezvous
  200. circuit attempts as they could fit in the MAX_REND_TIMEOUT second
  201. window before giving up. Fixes bug 24894; bugfix on 0.3.2.1-alpha.
  202. o Major bugfixes (relays):
  203. - Fix a set of false positives where relays would consider
  204. connections to other relays as being client-only connections (and
  205. thus e.g. deserving different link padding schemes) if those
  206. relays fell out of the consensus briefly. Now we look only at the
  207. initial handshake and whether the connection authenticated as a
  208. relay. Fixes bug 24898; bugfix on 0.3.1.1-alpha.
  209. o Minor feature (IPv6):
  210. - Make IPv6-only clients wait for microdescs for relays, even if we
  211. were previously using descriptors (or were using them as a bridge)
  212. and have a cached descriptor for them. Implements 23827.
  213. - When a consensus has IPv6 ORPorts, make IPv6-only clients use
  214. them, rather than waiting to download microdescriptors.
  215. Implements 23827.
  216. o Minor features (cleanup):
  217. - Tor now deletes the CookieAuthFile and ExtORPortCookieAuthFile
  218. when it stops. Closes ticket 23271.
  219. o Minor features (defensive programming):
  220. - Most of the functions in Tor that free objects have been replaced
  221. with macros that free the objects and set the corresponding
  222. pointers to NULL. This change should help prevent a large class of
  223. dangling pointer bugs. Closes ticket 24337.
  224. - Where possible, the tor_free() macro now only evaluates its input
  225. once. Part of ticket 24337.
  226. - Check that microdesc ed25519 ids are non-zero in
  227. node_get_ed25519_id() before returning them. Implements 24001,
  228. patch by "aruna1234".
  229. o Minor features (directory authority):
  230. - Make the "Exit" flag assignment only depend on whether the exit
  231. policy allows connections to ports 80 and 443. Previously relays
  232. would get the Exit flag if they allowed connections to one of
  233. these ports and also port 6667. Resolves ticket 23637.
  234. o Minor features (embedding):
  235. - Tor can now start with a preauthenticated control connection
  236. created by the process that launched it. This feature is meant for
  237. use by programs that want to launch and manage a Tor process
  238. without allowing other programs to manage it as well. For more
  239. information, see the __OwningControllerFD option documented in
  240. control-spec.txt. Closes ticket 23900.
  241. - On most errors that would cause Tor to exit, it now tries to
  242. return from the tor_main() function, rather than calling the
  243. system exit() function. Most users won't notice a difference here,
  244. but it should make a significant for programs that run Tor inside
  245. a separate thread: they should now be able to survive Tor's exit
  246. conditions rather than having Tor shut down the entire process.
  247. Closes ticket 23848.
  248. - Applications that want to embed Tor can now tell Tor not to
  249. register any of its own POSIX signal handlers, using the
  250. __DisableSignalHandlers option. Closes ticket 24588.
  251. o Minor features (fallback directory list):
  252. - Avoid selecting fallbacks that change their IP addresses too
  253. often. Select more fallbacks by ignoring the Guard flag, and
  254. allowing lower cutoffs for the Running and V2Dir flags. Also allow
  255. a lower bandwidth, and a higher number of fallbacks per operator
  256. (5% of the list). Implements ticket 24785.
  257. - Update the fallback whitelist and blacklist based on opt-ins and
  258. relay changes. Closes tickets 22321, 24678, 22527, 24135,
  259. and 24695.
  260. o Minor features (fallback directory mirror configuration):
  261. - Add a nickname to each fallback in a C comment. This makes it
  262. easier for operators to find their relays, and allows stem to use
  263. nicknames to identify fallbacks. Implements ticket 24600.
  264. - Add a type and version header to the fallback directory mirror
  265. file. Also add a delimiter to the end of each fallback entry. This
  266. helps external parsers like stem and Relay Search. Implements
  267. ticket 24725.
  268. - Add an extrainfo cache flag for each fallback in a C comment. This
  269. allows stem to use fallbacks to fetch extra-info documents, rather
  270. than using authorities. Implements ticket 22759.
  271. - Add the generateFallbackDirLine.py script for automatically
  272. generating fallback directory mirror lines from relay fingerprints.
  273. No more typos! Add the lookupFallbackDirContact.py script for
  274. automatically looking up operator contact info from relay
  275. fingerprints. Implements ticket 24706, patch by teor and atagar.
  276. - Reject any fallback directory mirror that serves an expired
  277. consensus. Implements ticket 20942, patch by "minik".
  278. - Remove commas and equals signs from external string inputs to the
  279. fallback list. This avoids format confusion attacks. Implements
  280. ticket 24726.
  281. - Remove the "weight=10" line from fallback directory mirror
  282. entries. Ticket 24681 will maintain the current fallback weights
  283. by changing Tor's default fallback weight to 10. Implements
  284. ticket 24679.
  285. - Stop logging excessive information about fallback netblocks.
  286. Implements ticket 24791.
  287. o Minor features (forward-compatibility):
  288. - If a relay supports some link authentication protocol that we do
  289. not recognize, then include that relay's ed25519 key when telling
  290. other relays to extend to it. Previously, we treated future
  291. versions as if they were too old to support ed25519 link
  292. authentication. Closes ticket 20895.
  293. o Minor features (heartbeat):
  294. - Add onion service information to our heartbeat logs, displaying
  295. stats about the activity of configured onion services. Closes
  296. ticket 24896.
  297. o Minor features (instrumentation, development):
  298. - Add the MainloopStats option to allow developers to get
  299. instrumentation information from the main event loop via the
  300. heartbeat messages. We hope to use this to improve Tor's behavior
  301. when it's trying to sleep. Closes ticket 24605.
  302. o Minor features (log messages):
  303. - Improve a warning message that happens when we fail to re-parse an
  304. old router because of an expired certificate. Closes ticket 20020.
  305. - Make the log more quantitative when we hit MaxMemInQueues
  306. threshold exposing some values. Closes ticket 24501.
  307. o Minor features (logging, android):
  308. - Added support for the Android logging subsystem. Closes
  309. ticket 24362.
  310. o Minor features (performance):
  311. - Support predictive circuit building for onion service circuits
  312. with multiple layers of guards. Closes ticket 23101.
  313. - Use stdatomic.h where available, rather than mutexes, to implement
  314. atomic_counter_t. Closes ticket 23953.
  315. o Minor features (performance, 32-bit):
  316. - Improve performance on 32-bit systems by avoiding 64-bit division
  317. when calculating the timestamp in milliseconds for channel padding
  318. computations. Implements ticket 24613.
  319. - Improve performance on 32-bit systems by avoiding 64-bit division
  320. when timestamping cells and buffer chunks for OOM calculations.
  321. Implements ticket 24374.
  322. o Minor features (performance, OSX, iOS):
  323. - Use the mach_approximate_time() function (when available) to
  324. implement coarse monotonic time. Having a coarse time function
  325. should avoid a large number of system calls, and improve
  326. performance slightly, especially under load. Closes ticket 24427.
  327. o Minor features (performance, windows):
  328. - Improve performance on Windows Vista and Windows 7 by adjusting
  329. TCP send window size according to the recommendation from
  330. SIO_IDEAL_SEND_BACKLOG_QUERY. Closes ticket 22798. Patch
  331. from Vort.
  332. o Minor features (relay):
  333. - Implement an option, ReducedExitPolicy, to allow an Tor exit relay
  334. operator to use a more reasonable ("reduced") exit policy, rather
  335. than the default one. If you want to run an exit node without
  336. thinking too hard about which ports to allow, this one is for you.
  337. Closes ticket 13605. Patch from Neel Chauhan.
  338. o Minor features (testing, debugging, embedding):
  339. - For development purposes, Tor now has a mode in which it runs for
  340. a few seconds, then stops, and starts again without exiting the
  341. process. This mode is meant to help us debug various issues with
  342. ticket 23847. To use this feature, compile with
  343. --enable-restart-debugging, and set the TOR_DEBUG_RESTART
  344. environment variable. This is expected to crash a lot, and is
  345. really meant for developers only. It will likely be removed in a
  346. future release. Implements ticket 24583.
  347. o Minor bugfix (network IPv6 test):
  348. - Tor's test scripts now check if "ping -6 ::1" works when the user
  349. runs "make test-network-all". Fixes bug 24677; bugfix on
  350. 0.2.9.3-alpha. Patch by "ffmancera".
  351. o Minor bugfixes (build, rust):
  352. - Fix output of autoconf checks to display success messages for Rust
  353. dependencies and a suitable rustc compiler version. Fixes bug
  354. 24612; bugfix on 0.3.1.3-alpha.
  355. - When building with Rust on OSX, link against libresolv, to work
  356. around the issue at https://github.com/rust-lang/rust/issues/46797.
  357. Fixes bug 24652; bugfix on 0.3.1.1-alpha.
  358. - Don't pass the --quiet option to cargo: it seems to suppress some
  359. errors, which is not what we want to do when building. Fixes bug
  360. 24518; bugfix on 0.3.1.7.
  361. - Build correctly when building from outside Tor's source tree with
  362. the TOR_RUST_DEPENDENCIES option set. Fixes bug 22768; bugfix
  363. on 0.3.1.7.
  364. o Minor bugfixes (directory authorities, IPv6):
  365. - When creating a routerstatus (vote) from a routerinfo (descriptor),
  366. set the IPv6 address to the unspecified IPv6 address, and
  367. explicitly initialize the port to zero. Fixes bug 24488; bugfix
  368. on 0.2.4.1-alpha.
  369. o Minor bugfixes (fallback directory mirrors):
  370. - Make updateFallbackDirs.py search harder for python. (Some OSs
  371. don't put it in /usr/bin.) Fixes bug 24708; bugfix
  372. on 0.2.8.1-alpha.
  373. o Minor bugfixes (hibernation, bandwidth accounting, shutdown):
  374. - When hibernating, close connections normally and allow them to
  375. flush. Fixes bug 23571; bugfix on 0.2.4.7-alpha. Also fixes
  376. bug 7267.
  377. - Do not attempt to launch self-reachability tests when entering
  378. hibernation. Fixes a case of bug 12062; bugfix on 0.0.9pre5.
  379. - Resolve several bugs related to descriptor fetching on bridge
  380. clients with bandwidth accounting enabled. (This combination is
  381. not recommended!) Fixes a case of bug 12062; bugfix
  382. on 0.2.0.3-alpha.
  383. - When hibernating, do not attempt to launch DNS checks. Fixes a
  384. case of bug 12062; bugfix on 0.1.2.2-alpha.
  385. - When hibernating, do not try to upload or download descriptors.
  386. Fixes a case of bug 12062; bugfix on 0.0.9pre5.
  387. o Minor bugfixes (IPv6, bridges):
  388. - Tor now always sets IPv6 preferences for bridges. Fixes bug 24573;
  389. bugfix on 0.2.8.2-alpha.
  390. - Tor now sets IPv6 address in the routerstatus as well as in the
  391. router descriptors when updating addresses for a bridge. Closes
  392. ticket 24572; bugfix on 0.2.4.5-alpha. Patch by "ffmancera".
  393. o Minor bugfixes (linux seccomp2 sandbox):
  394. - When running with the sandbox enabled, reload configuration files
  395. correctly even when %include was used. Previously we would crash.
  396. Fixes bug 22605; bugfix on 0.3.1. Patch from Daniel Pinto.
  397. o Minor bugfixes (memory leaks):
  398. - Avoid possible at-exit memory leaks related to use of Libevent's
  399. event_base_once() function. (This function tends to leak memory if
  400. the event_base is closed before the event fires.) Fixes bug 24584;
  401. bugfix on 0.2.8.1-alpha.
  402. - Fix a harmless memory leak in tor-resolve. Fixes bug 24582; bugfix
  403. on 0.2.1.1-alpha.
  404. o Minor bugfixes (OSX):
  405. - Don't exit the Tor process if setrlimit() fails to change the file
  406. limit (which can happen sometimes on some versions of OSX). Fixes
  407. bug 21074; bugfix on 0.0.9pre5.
  408. o Minor bugfixes (performance, fragile-hardening):
  409. - Improve the performance of our consensus-diff application code
  410. when Tor is built with the --enable-fragile-hardening option set.
  411. Fixes bug 24826; bugfix on 0.3.1.1-alpha.
  412. o Minor bugfixes (performance, timeouts):
  413. - Consider circuits for timeout as soon as they complete a hop. This
  414. is more accurate than applying the timeout in
  415. circuit_expire_building() because that function is only called
  416. once per second, which is now too slow for typical timeouts on the
  417. current network. Fixes bug 23114; bugfix on 0.2.2.2-alpha.
  418. - Use onion service circuits (and other circuits longer than 3 hops)
  419. to calculate a circuit build timeout. Previously, Tor only
  420. calculated its build timeout based on circuits that planned to be
  421. exactly 3 hops long. With this change, we include measurements
  422. from all circuits at the point where they complete their third
  423. hop. Fixes bug 23100; bugfix on 0.2.2.2-alpha.
  424. o Minor bugfixes (testing):
  425. - Give out Exit flags in bootstrapping networks. Fixes bug 24137;
  426. bugfix on 0.2.3.1-alpha.
  427. - Fix a memory leak in the scheduler/loop_kist unit test. Fixes bug
  428. 25005; bugfix on 0.3.2.7-rc.
  429. o Code simplification and refactoring:
  430. - Remove /usr/athena from search path in configure.ac. Closes
  431. ticket 24363.
  432. - Remove duplicate code in node_has_curve25519_onion_key() and
  433. node_get_curve25519_onion_key(), and add a check for a zero
  434. microdesc curve25519 onion key. Closes ticket 23966, patch by
  435. "aruna1234" and teor.
  436. - Rewrite channel_rsa_id_group_set_badness to reduce temporary
  437. memory allocations with large numbers of OR connections (e.g.
  438. relays). Closes ticket 24119.
  439. - Separate the function that deletes ephemeral files when Tor
  440. stops gracefully.
  441. - Small changes to Tor's buf_t API to make it suitable for use as a
  442. general-purpose safe string constructor. Closes ticket 22342.
  443. - Switch -Wnormalized=id to -Wnormalized=nfkc in configure.ac to
  444. avoid source code identifier confusion. Closes ticket 24467.
  445. - The tor_git_revision[] constant no longer needs to be redeclared
  446. by everything that links against the rest of Tor. Done as part of
  447. ticket 23845, to simplify our external API.
  448. - We make extend_info_from_node() use node_get_curve25519_onion_key()
  449. introduced in ticket 23577 to access the curve25519 public keys
  450. rather than accessing it directly. Closes ticket 23760. Patch by
  451. Neel Chauhan.
  452. - Add a function to log channels' scheduler state changes to aid
  453. debugging efforts. Closes ticket 24531.
  454. o Documentation:
  455. - Add documentation on how to build tor with Rust dependencies
  456. without having to be online. Closes ticket 22907; bugfix
  457. on 0.3.0.3-alpha.
  458. - Clarify the behavior of RelayBandwidth{Rate,Burst} with client
  459. traffic. Closes ticket 24318.
  460. - Document that OutboundBindAddress doesn't apply to DNS requests.
  461. Closes ticket 22145. Patch from Aruna Maurya.
  462. - Document that operators who run more than one relay or bridge are
  463. expected to set MyFamily and ContactInfo correctly. Closes
  464. ticket 24526.
  465. o Code simplification and refactoring (channels):
  466. - Remove the incoming and outgoing channel queues. These were never
  467. used, but still took up a step in our fast path.
  468. - The majority of the channel unit tests have been rewritten and the
  469. code coverage has now been raised to 83.6% for channel.c. Closes
  470. ticket 23709.
  471. - Remove other dead code from the channel subsystem: All together,
  472. this cleanup has removed more than 1500 lines of code overall and
  473. adding very little except for unit test.
  474. o Code simplification and refactoring (circuit rendezvous):
  475. - Split the client-size rendezvous circuit lookup into two
  476. functions: one that returns only established circuits and another
  477. that returns all kinds of circuits. Closes ticket 23459.
  478. o Code simplification and refactoring (controller):
  479. - Make most of the variables in networkstatus_getinfo_by_purpose()
  480. const. Implements ticket 24489.
  481. Changes in version 0.3.2.9 - 2018-01-09
  482. Tor 0.3.2.9 is the first stable release in the 0.3.2 series.
  483. The 0.3.2 series includes our long-anticipated new onion service
  484. design, with numerous security features. (For more information, see
  485. our blog post at https://blog.torproject.org/fall-harvest.) We also
  486. have a new circuit scheduler algorithm for improved performance on
  487. relays everywhere (see https://blog.torproject.org/kist-and-tell),
  488. along with many smaller features and bugfixes.
  489. Per our stable release policy, we plan to support each stable release
  490. series for at least the next nine months, or for three months after
  491. the first stable release of the next series: whichever is longer. If
  492. you need a release with long-term support, we recommend that you stay
  493. with the 0.2.9 series.
  494. Below is a list of the changes since 0.3.2.8-rc. For a list of all
  495. changes since 0.3.1, see the ReleaseNotes file.
  496. o Minor features (fallback directory mirrors):
  497. - The fallback directory list has been re-generated based on the
  498. current status of the network. Tor uses fallback directories to
  499. bootstrap when it doesn't yet have up-to-date directory
  500. information. Closes ticket 24801.
  501. - Make the default DirAuthorityFallbackRate 0.1, so that clients
  502. prefer to bootstrap from fallback directory mirrors. This is a
  503. follow-up to 24679, which removed weights from the default
  504. fallbacks. Implements ticket 24681.
  505. o Minor features (geoip):
  506. - Update geoip and geoip6 to the January 5 2018 Maxmind GeoLite2
  507. Country database.
  508. o Minor bugfixes (address selection):
  509. - When the fascist_firewall_choose_address_ functions don't find a
  510. reachable address, set the returned address to the null address
  511. and port. This is a precautionary measure, because some callers do
  512. not check the return value. Fixes bug 24736; bugfix
  513. on 0.2.8.2-alpha.
  514. o Minor bugfixes (compilation):
  515. - Resolve a few shadowed-variable warnings in the onion service
  516. code. Fixes bug 24634; bugfix on 0.3.2.1-alpha.
  517. o Minor bugfixes (portability, msvc):
  518. - Fix a bug in the bit-counting parts of our timing-wheel code on
  519. MSVC. (Note that MSVC is still not a supported build platform, due
  520. to cryptographic timing channel risks.) Fixes bug 24633; bugfix
  521. on 0.2.9.1-alpha.
  522. Changes in version 0.3.2.8-rc - 2017-12-21
  523. Tor 0.3.2.8-rc fixes a pair of bugs in the KIST and KISTLite
  524. schedulers that had led servers under heavy load to overload their
  525. outgoing connections. All relay operators running earlier 0.3.2.x
  526. versions should upgrade. This version also includes a mitigation for
  527. over-full DESTROY queues leading to out-of-memory conditions: if it
  528. works, we will soon backport it to earlier release series.
  529. This is the second release candidate in the 0.3.2 series. If we find
  530. no new bugs or regression here, then the first stable 0.3.2 release
  531. will be nearly identical to this.
  532. o Major bugfixes (KIST, scheduler):
  533. - The KIST scheduler did not correctly account for data already
  534. enqueued in each connection's send socket buffer, particularly in
  535. cases when the TCP/IP congestion window was reduced between
  536. scheduler calls. This situation lead to excessive per-connection
  537. buffering in the kernel, and a potential memory DoS. Fixes bug
  538. 24665; bugfix on 0.3.2.1-alpha.
  539. o Minor features (geoip):
  540. - Update geoip and geoip6 to the December 6 2017 Maxmind GeoLite2
  541. Country database.
  542. o Minor bugfixes (hidden service v3):
  543. - Bump hsdir_spread_store parameter from 3 to 4 in order to increase
  544. the probability of reaching a service for a client missing
  545. microdescriptors. Fixes bug 24425; bugfix on 0.3.2.1-alpha.
  546. o Minor bugfixes (memory usage):
  547. - When queuing DESTROY cells on a channel, only queue the circuit-id
  548. and reason fields: not the entire 514-byte cell. This fix should
  549. help mitigate any bugs or attacks that fill up these queues, and
  550. free more RAM for other uses. Fixes bug 24666; bugfix
  551. on 0.2.5.1-alpha.
  552. o Minor bugfixes (scheduler, KIST):
  553. - Use a sane write limit for KISTLite when writing onto a connection
  554. buffer instead of using INT_MAX and shoving as much as it can.
  555. Because the OOM handler cleans up circuit queues, we are better
  556. off at keeping them in that queue instead of the connection's
  557. buffer. Fixes bug 24671; bugfix on 0.3.2.1-alpha.
  558. Changes in version 0.3.2.7-rc - 2017-12-14
  559. Tor 0.3.2.7-rc fixes various bugs in earlier versions of Tor,
  560. including some that could affect reliability or correctness.
  561. This is the first release candidate in the 0.3.2 series. If we find no
  562. new bugs or regression here, then the first stable 0.3.2. release will
  563. be nearly identical to this.
  564. o Major bugfixes (circuit prediction):
  565. - Fix circuit prediction logic so that a client doesn't treat a port
  566. as being "handled" by a circuit if that circuit already has
  567. isolation settings on it. This change should make Tor clients more
  568. responsive by improving their chances of having a pre-created
  569. circuit ready for use when a request arrives. Fixes bug 18859;
  570. bugfix on 0.2.3.3-alpha.
  571. o Minor features (logging):
  572. - Provide better warnings when the getrandom() syscall fails. Closes
  573. ticket 24500.
  574. o Minor features (portability):
  575. - Tor now compiles correctly on arm64 with libseccomp-dev installed.
  576. (It doesn't yet work with the sandbox enabled.) Closes
  577. ticket 24424.
  578. o Minor bugfixes (bridge clients, bootstrap):
  579. - Retry directory downloads when we get our first bridge descriptor
  580. during bootstrap or while reconnecting to the network. Keep
  581. retrying every time we get a bridge descriptor, until we have a
  582. reachable bridge. Fixes part of bug 24367; bugfix on 0.2.0.3-alpha.
  583. - Stop delaying bridge descriptor fetches when we have cached bridge
  584. descriptors. Instead, only delay bridge descriptor fetches when we
  585. have at least one reachable bridge. Fixes part of bug 24367;
  586. bugfix on 0.2.0.3-alpha.
  587. - Stop delaying directory fetches when we have cached bridge
  588. descriptors. Instead, only delay bridge descriptor fetches when
  589. all our bridges are definitely unreachable. Fixes part of bug
  590. 24367; bugfix on 0.2.0.3-alpha.
  591. o Minor bugfixes (compilation):
  592. - Fix a signed/unsigned comparison warning introduced by our fix to
  593. TROVE-2017-009. Fixes bug 24480; bugfix on 0.2.5.16.
  594. o Minor bugfixes (correctness):
  595. - Fix several places in our codebase where a C compiler would be
  596. likely to eliminate a check, based on assuming that undefined
  597. behavior had not happened elsewhere in the code. These cases are
  598. usually a sign of redundant checking or dubious arithmetic. Found
  599. by Georg Koppen using the "STACK" tool from Wang, Zeldovich,
  600. Kaashoek, and Solar-Lezama. Fixes bug 24423; bugfix on various
  601. Tor versions.
  602. o Minor bugfixes (onion service v3):
  603. - Fix a race where an onion service would launch a new intro circuit
  604. after closing an old one, but fail to register it before freeing
  605. the previously closed circuit. This bug was making the service
  606. unable to find the established intro circuit and thus not upload
  607. its descriptor, thus making a service unavailable for up to 24
  608. hours. Fixes bug 23603; bugfix on 0.3.2.1-alpha.
  609. o Minor bugfixes (scheduler, KIST):
  610. - Properly set the scheduler state of an unopened channel in the
  611. KIST scheduler main loop. This prevents a harmless but annoying
  612. log warning. Fixes bug 24502; bugfix on 0.3.2.4-alpha.
  613. - Avoid a possible integer overflow when computing the available
  614. space on the TCP buffer of a channel. This had no security
  615. implications; but could make KIST allow too many cells on a
  616. saturated connection. Fixes bug 24590; bugfix on 0.3.2.1-alpha.
  617. - Downgrade to "info" a harmless warning about the monotonic time
  618. moving backwards: This can happen on platform not supporting
  619. monotonic time. Fixes bug 23696; bugfix on 0.3.2.1-alpha.
  620. Changes in version 0.3.2.6-alpha - 2017-12-01
  621. This version of Tor is the latest in the 0.3.2 alpha series. It
  622. includes fixes for several important security issues. All Tor users
  623. should upgrade to this release, or to one of the other releases coming
  624. out today.
  625. o Major bugfixes (security):
  626. - Fix a denial of service bug where an attacker could use a
  627. malformed directory object to cause a Tor instance to pause while
  628. OpenSSL would try to read a passphrase from the terminal. (Tor
  629. instances run without a terminal, which is the case for most Tor
  630. packages, are not impacted.) Fixes bug 24246; bugfix on every
  631. version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
  632. Found by OSS-Fuzz as testcase 6360145429790720.
  633. - Fix a denial of service issue where an attacker could crash a
  634. directory authority using a malformed router descriptor. Fixes bug
  635. 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
  636. and CVE-2017-8820.
  637. - When checking for replays in the INTRODUCE1 cell data for a
  638. (legacy) onion service, correctly detect replays in the RSA-
  639. encrypted part of the cell. We were previously checking for
  640. replays on the entire cell, but those can be circumvented due to
  641. the malleability of Tor's legacy hybrid encryption. This fix helps
  642. prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
  643. 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
  644. and CVE-2017-8819.
  645. o Major bugfixes (security, onion service v2):
  646. - Fix a use-after-free error that could crash v2 Tor onion services
  647. when they failed to open circuits while expiring introduction
  648. points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
  649. also tracked as TROVE-2017-013 and CVE-2017-8823.
  650. o Major bugfixes (security, relay):
  651. - When running as a relay, make sure that we never build a path
  652. through ourselves, even in the case where we have somehow lost the
  653. version of our descriptor appearing in the consensus. Fixes part
  654. of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
  655. as TROVE-2017-012 and CVE-2017-8822.
  656. - When running as a relay, make sure that we never choose ourselves
  657. as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This
  658. issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
  659. o Minor feature (relay statistics):
  660. - Change relay bandwidth reporting stats interval from 4 hours to 24
  661. hours in order to reduce the efficiency of guard discovery
  662. attacks. Fixes ticket 23856.
  663. o Minor features (directory authority):
  664. - Add an IPv6 address for the "bastet" directory authority. Closes
  665. ticket 24394.
  666. o Minor bugfixes (client):
  667. - By default, do not enable storage of client-side DNS values. These
  668. values were unused by default previously, but they should not have
  669. been cached at all. Fixes bug 24050; bugfix on 0.2.6.3-alpha.
  670. Changes in version 0.3.1.9 - 2017-12-01:
  671. Tor 0.3.1.9 backports important security and stability fixes from the
  672. 0.3.2 development series. All Tor users should upgrade to this
  673. release, or to another of the releases coming out today.
  674. o Major bugfixes (security, backport from 0.3.2.6-alpha):
  675. - Fix a denial of service bug where an attacker could use a
  676. malformed directory object to cause a Tor instance to pause while
  677. OpenSSL would try to read a passphrase from the terminal. (Tor
  678. instances run without a terminal, which is the case for most Tor
  679. packages, are not impacted.) Fixes bug 24246; bugfix on every
  680. version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
  681. Found by OSS-Fuzz as testcase 6360145429790720.
  682. - Fix a denial of service issue where an attacker could crash a
  683. directory authority using a malformed router descriptor. Fixes bug
  684. 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
  685. and CVE-2017-8820.
  686. - When checking for replays in the INTRODUCE1 cell data for a
  687. (legacy) onion service, correctly detect replays in the RSA-
  688. encrypted part of the cell. We were previously checking for
  689. replays on the entire cell, but those can be circumvented due to
  690. the malleability of Tor's legacy hybrid encryption. This fix helps
  691. prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
  692. 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
  693. and CVE-2017-8819.
  694. o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha):
  695. - Fix a use-after-free error that could crash v2 Tor onion services
  696. when they failed to open circuits while expiring introduction
  697. points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
  698. also tracked as TROVE-2017-013 and CVE-2017-8823.
  699. o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
  700. - When running as a relay, make sure that we never build a path
  701. through ourselves, even in the case where we have somehow lost the
  702. version of our descriptor appearing in the consensus. Fixes part
  703. of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
  704. as TROVE-2017-012 and CVE-2017-8822.
  705. - When running as a relay, make sure that we never choose ourselves
  706. as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This
  707. issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
  708. o Major bugfixes (exit relays, DNS, backport from 0.3.2.4-alpha):
  709. - Fix an issue causing DNS to fail on high-bandwidth exit nodes,
  710. making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on
  711. 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for
  712. identifying and finding a workaround to this bug and to Moritz,
  713. Arthur Edelstein, and Roger for helping to track it down and
  714. analyze it.
  715. o Minor features (bridge):
  716. - Bridges now include notice in their descriptors that they are
  717. bridges, and notice of their distribution status, based on their
  718. publication settings. Implements ticket 18329. For more fine-
  719. grained control of how a bridge is distributed, upgrade to 0.3.2.x
  720. or later.
  721. o Minor features (directory authority, backport from 0.3.2.6-alpha):
  722. - Add an IPv6 address for the "bastet" directory authority. Closes
  723. ticket 24394.
  724. o Minor features (geoip):
  725. - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
  726. Country database.
  727. o Minor bugfix (relay address resolution, backport from 0.3.2.1-alpha):
  728. - Avoid unnecessary calls to directory_fetches_from_authorities() on
  729. relays, to prevent spurious address resolutions and descriptor
  730. rebuilds. This is a mitigation for bug 21789. Fixes bug 23470;
  731. bugfix on in 0.2.8.1-alpha.
  732. o Minor bugfixes (compilation, backport from 0.3.2.1-alpha):
  733. - Fix unused variable warnings in donna's Curve25519 SSE2 code.
  734. Fixes bug 22895; bugfix on 0.2.7.2-alpha.
  735. o Minor bugfixes (logging, relay shutdown, annoyance, backport from 0.3.2.2-alpha):
  736. - When a circuit is marked for close, do not attempt to package any
  737. cells for channels on that circuit. Previously, we would detect
  738. this condition lower in the call stack, when we noticed that the
  739. circuit had no attached channel, and log an annoying message.
  740. Fixes bug 8185; bugfix on 0.2.5.4-alpha.
  741. o Minor bugfixes (onion service, backport from 0.3.2.5-alpha):
  742. - Rename the consensus parameter "hsdir-interval" to "hsdir_interval"
  743. so it matches dir-spec.txt. Fixes bug 24262; bugfix
  744. on 0.3.1.1-alpha.
  745. o Minor bugfixes (relay, crash, backport from 0.3.2.4-alpha):
  746. - Avoid a crash when transitioning from client mode to bridge mode.
  747. Previously, we would launch the worker threads whenever our
  748. "public server" mode changed, but not when our "server" mode
  749. changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha.
  750. Changes in version 0.3.0.13 - 2017-12-01
  751. Tor 0.3.0.13 backports important security and stability bugfixes from
  752. later Tor releases. All Tor users should upgrade to this release, or
  753. to another of the releases coming out today.
  754. Note: the Tor 0.3.0 series will no longer be supported after 26 Jan
  755. 2018. If you need a release with long-term support, please stick with
  756. the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
  757. o Major bugfixes (security, backport from 0.3.2.6-alpha):
  758. - Fix a denial of service bug where an attacker could use a
  759. malformed directory object to cause a Tor instance to pause while
  760. OpenSSL would try to read a passphrase from the terminal. (Tor
  761. instances run without a terminal, which is the case for most Tor
  762. packages, are not impacted.) Fixes bug 24246; bugfix on every
  763. version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
  764. Found by OSS-Fuzz as testcase 6360145429790720.
  765. - Fix a denial of service issue where an attacker could crash a
  766. directory authority using a malformed router descriptor. Fixes bug
  767. 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
  768. and CVE-2017-8820.
  769. - When checking for replays in the INTRODUCE1 cell data for a
  770. (legacy) onion service, correctly detect replays in the RSA-
  771. encrypted part of the cell. We were previously checking for
  772. replays on the entire cell, but those can be circumvented due to
  773. the malleability of Tor's legacy hybrid encryption. This fix helps
  774. prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
  775. 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
  776. and CVE-2017-8819.
  777. o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha):
  778. - Fix a use-after-free error that could crash v2 Tor onion services
  779. when they failed to open circuits while expiring introduction
  780. points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
  781. also tracked as TROVE-2017-013 and CVE-2017-8823.
  782. o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
  783. - When running as a relay, make sure that we never build a path
  784. through ourselves, even in the case where we have somehow lost the
  785. version of our descriptor appearing in the consensus. Fixes part
  786. of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
  787. as TROVE-2017-012 and CVE-2017-8822.
  788. - When running as a relay, make sure that we never choose ourselves
  789. as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This
  790. issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
  791. o Major bugfixes (exit relays, DNS, backport from 0.3.2.4-alpha):
  792. - Fix an issue causing DNS to fail on high-bandwidth exit nodes,
  793. making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on
  794. 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for
  795. identifying and finding a workaround to this bug and to Moritz,
  796. Arthur Edelstein, and Roger for helping to track it down and
  797. analyze it.
  798. o Minor features (security, windows, backport from 0.3.1.1-alpha):
  799. - Enable a couple of pieces of Windows hardening: one
  800. (HeapEnableTerminationOnCorruption) that has been on-by-default
  801. since Windows 8, and unavailable before Windows 7; and one
  802. (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't
  803. affect us, but shouldn't do any harm. Closes ticket 21953.
  804. o Minor features (bridge, backport from 0.3.1.9):
  805. - Bridges now include notice in their descriptors that they are
  806. bridges, and notice of their distribution status, based on their
  807. publication settings. Implements ticket 18329. For more fine-
  808. grained control of how a bridge is distributed, upgrade to 0.3.2.x
  809. or later.
  810. o Minor features (directory authority, backport from 0.3.2.6-alpha):
  811. - Add an IPv6 address for the "bastet" directory authority. Closes
  812. ticket 24394.
  813. o Minor features (geoip):
  814. - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
  815. Country database.
  816. o Minor bugfix (relay address resolution, backport from 0.3.2.1-alpha):
  817. - Avoid unnecessary calls to directory_fetches_from_authorities() on
  818. relays, to prevent spurious address resolutions and descriptor
  819. rebuilds. This is a mitigation for bug 21789. Fixes bug 23470;
  820. bugfix on in 0.2.8.1-alpha.
  821. o Minor bugfixes (compilation, backport from 0.3.2.1-alpha):
  822. - Fix unused variable warnings in donna's Curve25519 SSE2 code.
  823. Fixes bug 22895; bugfix on 0.2.7.2-alpha.
  824. o Minor bugfixes (logging, relay shutdown, annoyance, backport from 0.3.2.2-alpha):
  825. - When a circuit is marked for close, do not attempt to package any
  826. cells for channels on that circuit. Previously, we would detect
  827. this condition lower in the call stack, when we noticed that the
  828. circuit had no attached channel, and log an annoying message.
  829. Fixes bug 8185; bugfix on 0.2.5.4-alpha.
  830. o Minor bugfixes (relay, crash, backport from 0.3.2.4-alpha):
  831. - Avoid a crash when transitioning from client mode to bridge mode.
  832. Previously, we would launch the worker threads whenever our
  833. "public server" mode changed, but not when our "server" mode
  834. changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha.
  835. o Minor bugfixes (testing, backport from 0.3.1.6-rc):
  836. - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291;
  837. bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij.
  838. Changes in version 0.2.9.14 - 2017-12-01
  839. Tor 0.3.0.13 backports important security and stability bugfixes from
  840. later Tor releases. All Tor users should upgrade to this release, or
  841. to another of the releases coming out today.
  842. o Major bugfixes (exit relays, DNS, backport from 0.3.2.4-alpha):
  843. - Fix an issue causing DNS to fail on high-bandwidth exit nodes,
  844. making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on
  845. 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for
  846. identifying and finding a workaround to this bug and to Moritz,
  847. Arthur Edelstein, and Roger for helping to track it down and
  848. analyze it.
  849. o Major bugfixes (security, backport from 0.3.2.6-alpha):
  850. - Fix a denial of service bug where an attacker could use a
  851. malformed directory object to cause a Tor instance to pause while
  852. OpenSSL would try to read a passphrase from the terminal. (Tor
  853. instances run without a terminal, which is the case for most Tor
  854. packages, are not impacted.) Fixes bug 24246; bugfix on every
  855. version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
  856. Found by OSS-Fuzz as testcase 6360145429790720.
  857. - Fix a denial of service issue where an attacker could crash a
  858. directory authority using a malformed router descriptor. Fixes bug
  859. 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
  860. and CVE-2017-8820.
  861. - When checking for replays in the INTRODUCE1 cell data for a
  862. (legacy) onion service, correctly detect replays in the RSA-
  863. encrypted part of the cell. We were previously checking for
  864. replays on the entire cell, but those can be circumvented due to
  865. the malleability of Tor's legacy hybrid encryption. This fix helps
  866. prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
  867. 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
  868. and CVE-2017-8819.
  869. o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha):
  870. - Fix a use-after-free error that could crash v2 Tor onion services
  871. when they failed to open circuits while expiring introduction
  872. points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
  873. also tracked as TROVE-2017-013 and CVE-2017-8823.
  874. o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
  875. - When running as a relay, make sure that we never build a path
  876. through ourselves, even in the case where we have somehow lost the
  877. version of our descriptor appearing in the consensus. Fixes part
  878. of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
  879. as TROVE-2017-012 and CVE-2017-8822.
  880. o Minor features (bridge, backport from 0.3.1.9):
  881. - Bridges now include notice in their descriptors that they are
  882. bridges, and notice of their distribution status, based on their
  883. publication settings. Implements ticket 18329. For more fine-
  884. grained control of how a bridge is distributed, upgrade to 0.3.2.x
  885. or later.
  886. o Minor features (directory authority, backport from 0.3.2.6-alpha):
  887. - Add an IPv6 address for the "bastet" directory authority. Closes
  888. ticket 24394.
  889. o Minor features (geoip):
  890. - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
  891. Country database.
  892. o Minor features (security, windows, backport from 0.3.1.1-alpha):
  893. - Enable a couple of pieces of Windows hardening: one
  894. (HeapEnableTerminationOnCorruption) that has been on-by-default
  895. since Windows 8, and unavailable before Windows 7; and one
  896. (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't
  897. affect us, but shouldn't do any harm. Closes ticket 21953.
  898. o Minor bugfix (relay address resolution, backport from 0.3.2.1-alpha):
  899. - Avoid unnecessary calls to directory_fetches_from_authorities() on
  900. relays, to prevent spurious address resolutions and descriptor
  901. rebuilds. This is a mitigation for bug 21789. Fixes bug 23470;
  902. bugfix on in 0.2.8.1-alpha.
  903. o Minor bugfixes (compilation, backport from 0.3.2.1-alpha):
  904. - Fix unused variable warnings in donna's Curve25519 SSE2 code.
  905. Fixes bug 22895; bugfix on 0.2.7.2-alpha.
  906. o Minor bugfixes (logging, relay shutdown, annoyance, backport from 0.3.2.2-alpha):
  907. - When a circuit is marked for close, do not attempt to package any
  908. cells for channels on that circuit. Previously, we would detect
  909. this condition lower in the call stack, when we noticed that the
  910. circuit had no attached channel, and log an annoying message.
  911. Fixes bug 8185; bugfix on 0.2.5.4-alpha.
  912. o Minor bugfixes (relay, crash, backport from 0.3.2.4-alpha):
  913. - Avoid a crash when transitioning from client mode to bridge mode.
  914. Previously, we would launch the worker threads whenever our
  915. "public server" mode changed, but not when our "server" mode
  916. changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha.
  917. o Minor bugfixes (testing, backport from 0.3.1.6-rc):
  918. - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291;
  919. bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij.
  920. Changes in version 0.2.8.17 - 2017-12-01
  921. Tor 0.2.8.17 backports important security and stability bugfixes from
  922. later Tor releases. All Tor users should upgrade to this release, or
  923. to another of the releases coming out today.
  924. Note: the Tor 0.2.8 series will no longer be supported after 1 Jan
  925. 2018. If you need a release with long-term support, please upgrade with
  926. the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
  927. o Major bugfixes (security, backport from 0.3.2.6-alpha):
  928. - Fix a denial of service bug where an attacker could use a
  929. malformed directory object to cause a Tor instance to pause while
  930. OpenSSL would try to read a passphrase from the terminal. (Tor
  931. instances run without a terminal, which is the case for most Tor
  932. packages, are not impacted.) Fixes bug 24246; bugfix on every
  933. version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
  934. Found by OSS-Fuzz as testcase 6360145429790720.
  935. - When checking for replays in the INTRODUCE1 cell data for a
  936. (legacy) onion service, correctly detect replays in the RSA-
  937. encrypted part of the cell. We were previously checking for
  938. replays on the entire cell, but those can be circumvented due to
  939. the malleability of Tor's legacy hybrid encryption. This fix helps
  940. prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
  941. 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
  942. and CVE-2017-8819.
  943. o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha):
  944. - Fix a use-after-free error that could crash v2 Tor onion services
  945. when they failed to open circuits while expiring introduction
  946. points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
  947. also tracked as TROVE-2017-013 and CVE-2017-8823.
  948. o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
  949. - When running as a relay, make sure that we never build a path through
  950. ourselves, even in the case where we have somehow lost the version of
  951. our descriptor appearing in the consensus. Fixes part of bug 21534;
  952. bugfix on 0.2.0.1-alpha. This issue is also tracked as TROVE-2017-012
  953. and CVE-2017-8822.
  954. o Minor features (bridge, backport from 0.3.1.9):
  955. - Bridges now include notice in their descriptors that they are
  956. bridges, and notice of their distribution status, based on their
  957. publication settings. Implements ticket 18329. For more fine-
  958. grained control of how a bridge is distributed, upgrade to 0.3.2.x
  959. or later.
  960. o Minor features (directory authority, backport from 0.3.2.6-alpha):
  961. - Add an IPv6 address for the "bastet" directory authority. Closes
  962. ticket 24394.
  963. o Minor features (geoip):
  964. - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
  965. Country database.
  966. o Minor bugfixes (testing, backport from 0.3.1.6-rc):
  967. - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291;
  968. bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij.
  969. Changes in version 0.2.5.16 - 2017-12-01
  970. Tor 0.2.5.13 backports important security and stability bugfixes from
  971. later Tor releases. All Tor users should upgrade to this release, or
  972. to another of the releases coming out today.
  973. Note: the Tor 0.2.5 series will no longer be supported after 1 May
  974. 2018. If you need a release with long-term support, please upgrade to
  975. the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
  976. o Major bugfixes (security, backport from 0.3.2.6-alpha):
  977. - Fix a denial of service bug where an attacker could use a
  978. malformed directory object to cause a Tor instance to pause while
  979. OpenSSL would try to read a passphrase from the terminal. (Tor
  980. instances run without a terminal, which is the case for most Tor
  981. packages, are not impacted.) Fixes bug 24246; bugfix on every
  982. version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
  983. Found by OSS-Fuzz as testcase 6360145429790720.
  984. - When checking for replays in the INTRODUCE1 cell data for a
  985. (legacy) onion service, correctly detect replays in the RSA-
  986. encrypted part of the cell. We were previously checking for
  987. replays on the entire cell, but those can be circumvented due to
  988. the malleability of Tor's legacy hybrid encryption. This fix helps
  989. prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
  990. 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
  991. and CVE-2017-8819.
  992. o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
  993. - When running as a relay, make sure that we never build a path
  994. through ourselves, even in the case where we have somehow lost the
  995. version of our descriptor appearing in the consensus. Fixes part
  996. of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
  997. as TROVE-2017-012 and CVE-2017-8822.
  998. o Minor features (bridge, backport from 0.3.1.9):
  999. - Bridges now include notice in their descriptors that they are
  1000. bridges, and notice of their distribution status, based on their
  1001. publication settings. Implements ticket 18329. For more fine-
  1002. grained control of how a bridge is distributed, upgrade to 0.3.2.x
  1003. or later.
  1004. o Minor features (geoip):
  1005. - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
  1006. Country database.
  1007. Changes in version 0.3.2.5-alpha - 2017-11-22
  1008. Tor 0.3.2.5-alpha is the fifth alpha release in the 0.3.2.x series. It
  1009. fixes several stability and reliability bugs, including a fix for
  1010. intermittent bootstrapping failures that some people have been seeing
  1011. since the 0.3.0.x series.
  1012. Please test this alpha out -- many of these fixes will soon be
  1013. backported to stable Tor versions if no additional bugs are found
  1014. in them.
  1015. o Major bugfixes (bootstrapping):
  1016. - Fetch descriptors aggressively whenever we lack enough to build
  1017. circuits, regardless of how many descriptors we are missing.
  1018. Previously, we would delay launching the fetch when we had fewer
  1019. than 15 missing descriptors, even if some of those descriptors
  1020. were blocking circuits from building. Fixes bug 23985; bugfix on
  1021. 0.1.1.11-alpha. The effects of this bug became worse in
  1022. 0.3.0.3-alpha, when we began treating missing descriptors from our
  1023. primary guards as a reason to delay circuits.
  1024. - Don't try fetching microdescriptors from relays that have failed
  1025. to deliver them in the past. Fixes bug 23817; bugfix
  1026. on 0.3.0.1-alpha.
  1027. o Minor features (directory authority):
  1028. - Make the "Exit" flag assignment only depend on whether the exit
  1029. policy allows connections to ports 80 and 443. Previously relays
  1030. would get the Exit flag if they allowed connections to one of
  1031. these ports and also port 6667. Resolves ticket 23637.
  1032. o Minor features (geoip):
  1033. - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
  1034. Country database.
  1035. o Minor features (linux seccomp2 sandbox):
  1036. - Update the sandbox rules so that they should now work correctly
  1037. with Glibc 2.26. Closes ticket 24315.
  1038. o Minor features (logging):
  1039. - Downgrade a pair of log messages that could occur when an exit's
  1040. resolver gave us an unusual (but not forbidden) response. Closes
  1041. ticket 24097.
  1042. - Improve the message we log when re-enabling circuit build timeouts
  1043. after having received a consensus. Closes ticket 20963.
  1044. o Minor bugfixes (compilation):
  1045. - Fix a memory leak warning in one of the libevent-related
  1046. configuration tests that could occur when manually specifying
  1047. -fsanitize=address. Fixes bug 24279; bugfix on 0.3.0.2-alpha.
  1048. Found and patched by Alex Xu.
  1049. - When detecting OpenSSL on Windows from our configure script, make
  1050. sure to try linking with the ws2_32 library. Fixes bug 23783;
  1051. bugfix on 0.3.2.2-alpha.
  1052. o Minor bugfixes (control port, linux seccomp2 sandbox):
  1053. - Avoid a crash when attempting to use the seccomp2 sandbox together
  1054. with the OwningControllerProcess feature. Fixes bug 24198; bugfix
  1055. on 0.2.5.1-alpha.
  1056. o Minor bugfixes (control port, onion services):
  1057. - Report "FAILED" instead of "UPLOAD_FAILED" "FAILED" for the
  1058. HS_DESC event when a service is not able to upload a descriptor.
  1059. Fixes bug 24230; bugfix on 0.2.7.1-alpha.
  1060. o Minor bugfixes (directory cache):
  1061. - Recover better from empty or corrupt files in the consensus cache
  1062. directory. Fixes bug 24099; bugfix on 0.3.1.1-alpha.
  1063. - When a consensus diff calculation is only partially successful,
  1064. only record the successful parts as having succeeded. Partial
  1065. success can happen if (for example) one compression method fails
  1066. but the others succeed. Previously we misrecorded all the
  1067. calculations as having succeeded, which would later cause a
  1068. nonfatal assertion failure. Fixes bug 24086; bugfix
  1069. on 0.3.1.1-alpha.
  1070. o Minor bugfixes (logging):
  1071. - Only log once if we notice that KIST support is gone. Fixes bug
  1072. 24158; bugfix on 0.3.2.1-alpha.
  1073. - Suppress a log notice when relay descriptors arrive. We already
  1074. have a bootstrap progress for this so no need to log notice
  1075. everytime tor receives relay descriptors. Microdescriptors behave
  1076. the same. Fixes bug 23861; bugfix on 0.2.8.2-alpha.
  1077. o Minor bugfixes (network layer):
  1078. - When closing a connection via close_connection_immediately(), we
  1079. mark it as "not blocked on bandwidth", to prevent later calls from
  1080. trying to unblock it, and give it permission to read. This fixes a
  1081. backtrace warning that can happen on relays under various
  1082. circumstances. Fixes bug 24167; bugfix on 0.1.0.1-rc.
  1083. o Minor bugfixes (onion services):
  1084. - The introduction circuit was being timed out too quickly while
  1085. waiting for the rendezvous circuit to complete. Keep the intro
  1086. circuit around longer instead of timing out and reopening new ones
  1087. constantly. Fixes bug 23681; bugfix on 0.2.4.8-alpha.
  1088. - Rename the consensus parameter "hsdir-interval" to "hsdir_interval"
  1089. so it matches dir-spec.txt. Fixes bug 24262; bugfix
  1090. on 0.3.1.1-alpha.
  1091. - Silence a warning about failed v3 onion descriptor uploads that
  1092. can happen naturally under certain edge cases. Fixes part of bug
  1093. 23662; bugfix on 0.3.2.1-alpha.
  1094. o Minor bugfixes (tests):
  1095. - Fix a memory leak in one of the bridge-distribution test cases.
  1096. Fixes bug 24345; bugfix on 0.3.2.3-alpha.
  1097. - Fix a bug in our fuzzing mock replacement for crypto_pk_checksig(),
  1098. to correctly handle cases where a caller gives it an RSA key of
  1099. under 160 bits. (This is not actually a bug in Tor itself, but
  1100. rather in our fuzzing code.) Fixes bug 24247; bugfix on
  1101. 0.3.0.3-alpha. Found by OSS-Fuzz as issue 4177.
  1102. o Documentation:
  1103. - Add notes in man page regarding OS support for the various
  1104. scheduler types. Attempt to use less jargon in the scheduler
  1105. section. Closes ticket 24254.
  1106. Changes in version 0.3.2.4-alpha - 2017-11-08
  1107. Tor 0.3.2.4-alpha is the fourth alpha release in the 0.3.2.x series.
  1108. It fixes several stability and reliability bugs, especially including
  1109. a major reliability issue that has been plaguing fast exit relays in
  1110. recent months.
  1111. o Major bugfixes (exit relays, DNS):
  1112. - Fix an issue causing DNS to fail on high-bandwidth exit nodes,
  1113. making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on
  1114. 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for
  1115. identifying and finding a workaround to this bug and to Moritz,
  1116. Arthur Edelstein, and Roger for helping to track it down and
  1117. analyze it.
  1118. o Major bugfixes (scheduler, channel):
  1119. - Stop processing scheduled channels if they closed while flushing
  1120. cells. This can happen if the write on the connection fails
  1121. leading to the channel being closed while in the scheduler loop.
  1122. Fixes bug 23751; bugfix on 0.3.2.1-alpha.
  1123. o Minor features (logging, scheduler):
  1124. - Introduce a SCHED_BUG() function to log extra information about
  1125. the scheduler state if we ever catch a bug in the scheduler.
  1126. Closes ticket 23753.
  1127. o Minor features (removed deprecations):
  1128. - The ClientDNSRejectInternalAddresses flag can once again be set in
  1129. non-testing Tor networks, so long as they do not use the default
  1130. directory authorities. This change also removes the deprecation of
  1131. this flag from 0.2.9.2-alpha. Closes ticket 21031.
  1132. o Minor features (testing):
  1133. - Our fuzzing tests now test the encrypted portions of v3 onion
  1134. service descriptors. Implements more of 21509.
  1135. o Minor bugfixes (directory client):
  1136. - On failure to download directory information, delay retry attempts
  1137. by a random amount based on the "decorrelated jitter" algorithm.
  1138. Our previous delay algorithm tended to produce extra-long delays
  1139. too easily. Fixes bug 23816; bugfix on 0.2.9.1-alpha.
  1140. o Minor bugfixes (IPv6, v3 single onion services):
  1141. - Remove buggy code for IPv6-only v3 single onion services, and
  1142. reject attempts to configure them. This release supports IPv4,
  1143. dual-stack, and IPv6-only v3 onion services; and IPv4 and dual-
  1144. stack v3 single onion services. Fixes bug 23820; bugfix
  1145. on 0.3.2.1-alpha.
  1146. o Minor bugfixes (logging, relay):
  1147. - Give only a protocol warning when the ed25519 key is not
  1148. consistent between the descriptor and microdescriptor of a relay.
  1149. This can happen, for instance, if the relay has been flagged
  1150. NoEdConsensus. Fixes bug 24025; bugfix on 0.3.2.1-alpha.
  1151. o Minor bugfixes (manpage, onion service):
  1152. - Document that the HiddenServiceNumIntroductionPoints option is
  1153. 0-10 for v2 services and 0-20 for v3 services. Fixes bug 24115;
  1154. bugfix on 0.3.2.1-alpha.
  1155. o Minor bugfixes (memory leaks):
  1156. - Fix a minor memory leak at exit in the KIST scheduler. This bug
  1157. should have no user-visible impact. Fixes bug 23774; bugfix
  1158. on 0.3.2.1-alpha.
  1159. - Fix a memory leak when decrypting a badly formatted v3 onion
  1160. service descriptor. Fixes bug 24150; bugfix on 0.3.2.1-alpha.
  1161. Found by OSS-Fuzz; this is OSS-Fuzz issue 3994.
  1162. o Minor bugfixes (onion services):
  1163. - Cache some needed onion service client information instead of
  1164. constantly computing it over and over again. Fixes bug 23623;
  1165. bugfix on 0.3.2.1-alpha.
  1166. - Properly retry HSv3 descriptor fetches when missing required
  1167. directory information. Fixes bug 23762; bugfix on 0.3.2.1-alpha.
  1168. o Minor bugfixes (path selection):
  1169. - When selecting relays by bandwidth, avoid a rounding error that
  1170. could sometimes cause load to be imbalanced incorrectly.
  1171. Previously, we would always round upwards; now, we round towards
  1172. the nearest integer. This had the biggest effect when a relay's
  1173. weight adjustments should have given it weight 0, but it got
  1174. weight 1 instead. Fixes bug 23318; bugfix on 0.2.4.3-alpha.
  1175. - When calculating the fraction of nodes that have descriptors, and
  1176. all nodes in the network have zero bandwidths, count the number of
  1177. nodes instead. Fixes bug 23318; bugfix on 0.2.4.10-alpha.
  1178. - Actually log the total bandwidth in compute_weighted_bandwidths().
  1179. Fixes bug 24170; bugfix on 0.2.4.3-alpha.
  1180. o Minor bugfixes (relay, crash):
  1181. - Avoid a crash when transitioning from client mode to bridge mode.
  1182. Previously, we would launch the worker threads whenever our
  1183. "public server" mode changed, but not when our "server" mode
  1184. changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha.
  1185. o Minor bugfixes (testing):
  1186. - Fix a spurious fuzzing-only use of an uninitialized value. Found
  1187. by Brian Carpenter. Fixes bug 24082; bugfix on 0.3.0.3-alpha.
  1188. - Test that IPv6-only clients can use microdescriptors when running
  1189. "make test-network-all". Requires chutney master 61c28b9 or later.
  1190. Closes ticket 24109.
  1191. Changes in version 0.3.2.3-alpha - 2017-10-27
  1192. Tor 0.3.2.3-alpha is the third release in the 0.3.2 series. It fixes
  1193. numerous small bugs in earlier versions of 0.3.2.x, and adds a new
  1194. directory authority, Bastet.
  1195. o Directory authority changes:
  1196. - Add "Bastet" as a ninth directory authority to the default list.
  1197. Closes ticket 23910.
  1198. - The directory authority "Longclaw" has changed its IP address.
  1199. Closes ticket 23592.
  1200. o Minor features (bridge):
  1201. - Bridge relays can now set the BridgeDistribution config option to
  1202. add a "bridge-distribution-request" line to their bridge
  1203. descriptor, which tells BridgeDB how they'd like their bridge
  1204. address to be given out. (Note that as of Oct 2017, BridgeDB does
  1205. not yet implement this feature.) As a side benefit, this feature
  1206. provides a way to distinguish bridge descriptors from non-bridge
  1207. descriptors. Implements tickets 18329.
  1208. o Minor features (client, entry guards):
  1209. - Improve log messages when missing descriptors for primary guards.
  1210. Resolves ticket 23670.
  1211. o Minor features (geoip):
  1212. - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
  1213. Country database.
  1214. o Minor bugfixes (bridge):
  1215. - Overwrite the bridge address earlier in the process of retrieving
  1216. its descriptor, to make sure we reach it on the configured
  1217. address. Fixes bug 20532; bugfix on 0.2.0.10-alpha.
  1218. o Minor bugfixes (documentation):
  1219. - Document better how to read gcov, and what our gcov postprocessing
  1220. scripts do. Fixes bug 23739; bugfix on 0.2.9.1-alpha.
  1221. o Minor bugfixes (entry guards):
  1222. - Tor now updates its guard state when it reads a consensus
  1223. regardless of whether it's missing descriptors. That makes tor use
  1224. its primary guards to fetch descriptors in some edge cases where
  1225. it would previously have used fallback directories. Fixes bug
  1226. 23862; bugfix on 0.3.0.1-alpha.
  1227. o Minor bugfixes (hidden service client):
  1228. - When handling multiple SOCKS request for the same .onion address,
  1229. only fetch the service descriptor once.
  1230. - When a descriptor fetch fails with a non-recoverable error, close
  1231. all pending SOCKS requests for that .onion. Fixes bug 23653;
  1232. bugfix on 0.3.2.1-alpha.
  1233. o Minor bugfixes (hidden service):
  1234. - Always regenerate missing hidden service public key files. Prior
  1235. to this, if the public key was deleted from disk, it wouldn't get
  1236. recreated. Fixes bug 23748; bugfix on 0.3.2.2-alpha. Patch
  1237. from "cathugger".
  1238. - Make sure that we have a usable ed25519 key when the intro point
  1239. relay supports ed25519 link authentication. Fixes bug 24002;
  1240. bugfix on 0.3.2.1-alpha.
  1241. o Minor bugfixes (hidden service, v2):
  1242. - When reloading configured hidden services, copy all information
  1243. from the old service object. Previously, some data was omitted,
  1244. causing delays in descriptor upload, and other bugs. Fixes bug
  1245. 23790; bugfix on 0.2.1.9-alpha.
  1246. o Minor bugfixes (memory safety, defensive programming):
  1247. - Clear the target address when node_get_prim_orport() returns
  1248. early. Fixes bug 23874; bugfix on 0.2.8.2-alpha.
  1249. o Minor bugfixes (relay):
  1250. - Avoid a BUG warning when receiving a dubious CREATE cell while an
  1251. option transition is in progress. Fixes bug 23952; bugfix
  1252. on 0.3.2.1-alpha.
  1253. o Minor bugfixes (testing):
  1254. - Adjust the GitLab CI configuration to more closely match that of
  1255. Travis CI. Fixes bug 23757; bugfix on 0.3.2.2-alpha.
  1256. - Prevent scripts/test/coverage from attempting to move gcov output
  1257. to the root directory. Fixes bug 23741; bugfix on 0.2.5.1-alpha.
  1258. - When running unit tests as root, skip a test that would fail
  1259. because it expects a permissions error. This affects some
  1260. continuous integration setups. Fixes bug 23758; bugfix
  1261. on 0.3.2.2-alpha.
  1262. - Stop unconditionally mirroring the tor repository in GitLab CI.
  1263. This prevented developers from enabling GitLab CI on master. Fixes
  1264. bug 23755; bugfix on 0.3.2.2-alpha.
  1265. - Fix the hidden service v3 descriptor decoding fuzzing to use the
  1266. latest decoding API correctly. Fixes bug 21509; bugfix
  1267. on 0.3.2.1-alpha.
  1268. o Minor bugfixes (warnings):
  1269. - When we get an HTTP request on a SOCKS port, tell the user about
  1270. the new HTTPTunnelPort option. Previously, we would give a "Tor is
  1271. not an HTTP Proxy" message, which stopped being true when
  1272. HTTPTunnelPort was introduced. Fixes bug 23678; bugfix
  1273. on 0.3.2.1-alpha.
  1274. Changes in version 0.2.5.15 - 2017-10-25
  1275. Tor 0.2.5.15 backports a collection of bugfixes from later Tor release
  1276. series. It also adds a new directory authority, Bastet.
  1277. Note: the Tor 0.2.5 series will no longer be supported after 1 May
  1278. 2018. If you need a release with long-term support, please upgrade to
  1279. the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
  1280. o Directory authority changes:
  1281. - Add "Bastet" as a ninth directory authority to the default list.
  1282. Closes ticket 23910.
  1283. - The directory authority "Longclaw" has changed its IP address.
  1284. Closes ticket 23592.
  1285. o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha):
  1286. - Avoid an assertion failure bug affecting our implementation of
  1287. inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
  1288. handling of "0xx" differs from what we had expected. Fixes bug
  1289. 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007.
  1290. o Minor features (geoip):
  1291. - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
  1292. Country database.
  1293. o Minor bugfixes (defensive programming, undefined behavior, backport from 0.3.1.4-alpha):
  1294. - Fix a memset() off the end of an array when packing cells. This
  1295. bug should be harmless in practice, since the corrupted bytes are
  1296. still in the same structure, and are always padding bytes,
  1297. ignored, or immediately overwritten, depending on compiler
  1298. behavior. Nevertheless, because the memset()'s purpose is to make
  1299. sure that any other cell-handling bugs can't expose bytes to the
  1300. network, we need to fix it. Fixes bug 22737; bugfix on
  1301. 0.2.4.11-alpha. Fixes CID 1401591.
  1302. o Build features (backport from 0.3.1.5-alpha):
  1303. - Tor's repository now includes a Travis Continuous Integration (CI)
  1304. configuration file (.travis.yml). This is meant to help new
  1305. developers and contributors who fork Tor to a Github repository be
  1306. better able to test their changes, and understand what we expect
  1307. to pass. To use this new build feature, you must fork Tor to your
  1308. Github account, then go into the "Integrations" menu in the
  1309. repository settings for your fork and enable Travis, then push
  1310. your changes. Closes ticket 22636.
  1311. Changes in version 0.2.8.16 - 2017-10-25
  1312. Tor 0.2.8.16 backports a collection of bugfixes from later Tor release
  1313. series, including a bugfix for a crash issue that had affected relays
  1314. under memory pressure. It also adds a new directory authority, Bastet.
  1315. Note: the Tor 0.2.8 series will no longer be supported after 1 Jan
  1316. 2018. If you need a release with long-term support, please stick with
  1317. the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
  1318. o Directory authority changes:
  1319. - Add "Bastet" as a ninth directory authority to the default list.
  1320. Closes ticket 23910.
  1321. - The directory authority "Longclaw" has changed its IP address.
  1322. Closes ticket 23592.
  1323. o Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha):
  1324. - Fix a timing-based assertion failure that could occur when the
  1325. circuit out-of-memory handler freed a connection's output buffer.
  1326. Fixes bug 23690; bugfix on 0.2.6.1-alpha.
  1327. o Minor features (directory authorities, backport from 0.3.2.2-alpha):
  1328. - Remove longclaw's IPv6 address, as it will soon change. Authority
  1329. IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves
  1330. 3/8 directory authorities with IPv6 addresses, but there are also
  1331. 52 fallback directory mirrors with IPv6 addresses. Resolves 19760.
  1332. o Minor features (geoip):
  1333. - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
  1334. Country database.
  1335. Changes in version 0.2.9.13 - 2017-10-25
  1336. Tor 0.2.9.13 backports a collection of bugfixes from later Tor release
  1337. series, including a bugfix for a crash issue that had affected relays
  1338. under memory pressure. It also adds a new directory authority, Bastet.
  1339. o Directory authority changes:
  1340. - Add "Bastet" as a ninth directory authority to the default list.
  1341. Closes ticket 23910.
  1342. - The directory authority "Longclaw" has changed its IP address.
  1343. Closes ticket 23592.
  1344. o Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha):
  1345. - Fix a timing-based assertion failure that could occur when the
  1346. circuit out-of-memory handler freed a connection's output buffer.
  1347. Fixes bug 23690; bugfix on 0.2.6.1-alpha.
  1348. o Minor features (directory authorities, backport from 0.3.2.2-alpha):
  1349. - Remove longclaw's IPv6 address, as it will soon change. Authority
  1350. IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves
  1351. 3/8 directory authorities with IPv6 addresses, but there are also
  1352. 52 fallback directory mirrors with IPv6 addresses. Resolves 19760.
  1353. o Minor features (geoip):
  1354. - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
  1355. Country database.
  1356. o Minor bugfixes (directory authority, backport from 0.3.1.5-alpha):
  1357. - When a directory authority rejects a descriptor or extrainfo with
  1358. a given digest, mark that digest as undownloadable, so that we do
  1359. not attempt to download it again over and over. We previously
  1360. tried to avoid downloading such descriptors by other means, but we
  1361. didn't notice if we accidentally downloaded one anyway. This
  1362. behavior became problematic in 0.2.7.2-alpha, when authorities
  1363. began pinning Ed25519 keys. Fixes bug 22349; bugfix
  1364. on 0.2.1.19-alpha.
  1365. o Minor bugfixes (memory safety, backport from 0.3.2.3-alpha):
  1366. - Clear the address when node_get_prim_orport() returns early.
  1367. Fixes bug 23874; bugfix on 0.2.8.2-alpha.
  1368. o Minor bugfixes (Windows service, backport from 0.3.1.6-rc):
  1369. - When running as a Windows service, set the ID of the main thread
  1370. correctly. Failure to do so made us fail to send log messages to
  1371. the controller in 0.2.1.16-rc, slowed down controller event
  1372. delivery in 0.2.7.3-rc and later, and crash with an assertion
  1373. failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha.
  1374. Patch and diagnosis from "Vort".
  1375. Changes in version 0.3.0.12 - 2017-10-25
  1376. Tor 0.3.0.12 backports a collection of bugfixes from later Tor release
  1377. series, including a bugfix for a crash issue that had affected relays
  1378. under memory pressure. It also adds a new directory authority, Bastet.
  1379. Note: the Tor 0.3.0 series will no longer be supported after 26 Jan
  1380. 2018. If you need a release with long-term support, please stick with
  1381. the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
  1382. o Directory authority changes:
  1383. - Add "Bastet" as a ninth directory authority to the default list.
  1384. Closes ticket 23910.
  1385. - The directory authority "Longclaw" has changed its IP address.
  1386. Closes ticket 23592.
  1387. o Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha):
  1388. - Fix a timing-based assertion failure that could occur when the
  1389. circuit out-of-memory handler freed a connection's output buffer.
  1390. Fixes bug 23690; bugfix on 0.2.6.1-alpha.
  1391. o Minor features (directory authorities, backport from 0.3.2.2-alpha):
  1392. - Remove longclaw's IPv6 address, as it will soon change. Authority
  1393. IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves
  1394. 3/8 directory authorities with IPv6 addresses, but there are also
  1395. 52 fallback directory mirrors with IPv6 addresses. Resolves 19760.
  1396. o Minor features (geoip):
  1397. - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
  1398. Country database.
  1399. o Minor bugfixes (directory authority, backport from 0.3.1.5-alpha):
  1400. - When a directory authority rejects a descriptor or extrainfo with
  1401. a given digest, mark that digest as undownloadable, so that we do
  1402. not attempt to download it again over and over. We previously
  1403. tried to avoid downloading such descriptors by other means, but we
  1404. didn't notice if we accidentally downloaded one anyway. This
  1405. behavior became problematic in 0.2.7.2-alpha, when authorities
  1406. began pinning Ed25519 keys. Fixes bug 22349; bugfix
  1407. on 0.2.1.19-alpha.
  1408. o Minor bugfixes (hidden service, relay, backport from 0.3.2.2-alpha):
  1409. - Avoid a possible double close of a circuit by the intro point on
  1410. error of sending the INTRO_ESTABLISHED cell. Fixes bug 23610;
  1411. bugfix on 0.3.0.1-alpha.
  1412. o Minor bugfixes (memory safety, backport from 0.3.2.3-alpha):
  1413. - Clear the address when node_get_prim_orport() returns early.
  1414. Fixes bug 23874; bugfix on 0.2.8.2-alpha.
  1415. o Minor bugfixes (Windows service, backport from 0.3.1.6-rc):
  1416. - When running as a Windows service, set the ID of the main thread
  1417. correctly. Failure to do so made us fail to send log messages to
  1418. the controller in 0.2.1.16-rc, slowed down controller event
  1419. delivery in 0.2.7.3-rc and later, and crash with an assertion
  1420. failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha.
  1421. Patch and diagnosis from "Vort".
  1422. Changes in version 0.3.1.8 - 2017-10-25
  1423. Tor 0.3.1.8 is the second stable release in the 0.3.1 series.
  1424. It includes several bugfixes, including a bugfix for a crash issue
  1425. that had affected relays under memory pressure. It also adds
  1426. a new directory authority, Bastet.
  1427. o Directory authority changes:
  1428. - Add "Bastet" as a ninth directory authority to the default list.
  1429. Closes ticket 23910.
  1430. - The directory authority "Longclaw" has changed its IP address.
  1431. Closes ticket 23592.
  1432. o Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha):
  1433. - Fix a timing-based assertion failure that could occur when the
  1434. circuit out-of-memory handler freed a connection's output buffer.
  1435. Fixes bug 23690; bugfix on 0.2.6.1-alpha.
  1436. o Minor features (directory authorities, backport from 0.3.2.2-alpha):
  1437. - Remove longclaw's IPv6 address, as it will soon change. Authority
  1438. IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves
  1439. 3/8 directory authorities with IPv6 addresses, but there are also
  1440. 52 fallback directory mirrors with IPv6 addresses. Resolves 19760.
  1441. o Minor features (geoip):
  1442. - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
  1443. Country database.
  1444. o Minor bugfixes (compilation, backport from 0.3.2.2-alpha):
  1445. - Fix a compilation warning when building with zstd support on
  1446. 32-bit platforms. Fixes bug 23568; bugfix on 0.3.1.1-alpha. Found
  1447. and fixed by Andreas Stieger.
  1448. o Minor bugfixes (compression, backport from 0.3.2.2-alpha):
  1449. - Handle a pathological case when decompressing Zstandard data when
  1450. the output buffer size is zero. Fixes bug 23551; bugfix
  1451. on 0.3.1.1-alpha.
  1452. o Minor bugfixes (directory authority, backport from 0.3.2.1-alpha):
  1453. - Remove the length limit on HTTP status lines that authorities can
  1454. send in their replies. Fixes bug 23499; bugfix on 0.3.1.6-rc.
  1455. o Minor bugfixes (hidden service, relay, backport from 0.3.2.2-alpha):
  1456. - Avoid a possible double close of a circuit by the intro point on
  1457. error of sending the INTRO_ESTABLISHED cell. Fixes bug 23610;
  1458. bugfix on 0.3.0.1-alpha.
  1459. o Minor bugfixes (memory safety, backport from 0.3.2.3-alpha):
  1460. - Clear the address when node_get_prim_orport() returns early.
  1461. Fixes bug 23874; bugfix on 0.2.8.2-alpha.
  1462. o Minor bugfixes (unit tests, backport from 0.3.2.2-alpha):
  1463. - Fix additional channelpadding unit test failures by using mocked
  1464. time instead of actual time for all tests. Fixes bug 23608; bugfix
  1465. on 0.3.1.1-alpha.
  1466. Changes in version 0.3.2.2-alpha - 2017-09-29
  1467. Tor 0.3.2.2-alpha is the second release in the 0.3.2 series. This
  1468. release fixes several minor bugs in the new scheduler and next-
  1469. generation onion services; both features were newly added in the 0.3.2
  1470. series. Other fixes in this alpha include several fixes for non-fatal
  1471. tracebacks which would appear in logs.
  1472. With the aim to stabilise the 0.3.2 series by 15 December 2017, this
  1473. alpha does not contain any substantial new features. Minor features
  1474. include better testing and logging.
  1475. The following comprises the complete list of changes included
  1476. in tor-0.3.2.2-alpha:
  1477. o Major bugfixes (relay, crash, assertion failure):
  1478. - Fix a timing-based assertion failure that could occur when the
  1479. circuit out-of-memory handler freed a connection's output buffer.
  1480. Fixes bug 23690; bugfix on 0.2.6.1-alpha.
  1481. o Major bugfixes (scheduler):
  1482. - If a channel is put into the scheduler's pending list, then it
  1483. starts closing, and then if the scheduler runs before it finishes
  1484. closing, the scheduler will get stuck trying to flush its cells
  1485. while the lower layers refuse to cooperate. Fix that race
  1486. condition by giving the scheduler an escape method. Fixes bug
  1487. 23676; bugfix on 0.3.2.1-alpha.
  1488. o Minor features (build, compilation):
  1489. - The "check-changes" feature is now part of the "make check" tests;
  1490. we'll use it to try to prevent misformed changes files from
  1491. accumulating. Closes ticket 23564.
  1492. - Tor builds should now fail if there are any mismatches between the
  1493. C type representing a configuration variable and the C type the
  1494. data-driven parser uses to store a value there. Previously, we
  1495. needed to check these by hand, which sometimes led to mistakes.
  1496. Closes ticket 23643.
  1497. o Minor features (directory authorities):
  1498. - Remove longclaw's IPv6 address, as it will soon change. Authority
  1499. IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves
  1500. 3/8 directory authorities with IPv6 addresses, but there are also
  1501. 52 fallback directory mirrors with IPv6 addresses. Resolves 19760.
  1502. o Minor features (hidden service, circuit, logging):
  1503. - Improve logging of many callsite in the circuit subsystem to print
  1504. the circuit identifier(s).
  1505. - Log when we cleanup an intro point from a service so we know when
  1506. and for what reason it happened. Closes ticket 23604.
  1507. o Minor features (logging):
  1508. - Log more circuit information whenever we are about to try to
  1509. package a relay cell on a circuit with a nonexistent n_chan.
  1510. Attempt to diagnose ticket 8185.
  1511. - Improve info-level log identification of particular circuits, to
  1512. help with debugging. Closes ticket 23645.
  1513. o Minor features (relay):
  1514. - When choosing which circuits can be expired as unused, consider
  1515. circuits from clients even if those clients used regular CREATE
  1516. cells to make them; and do not consider circuits from relays even
  1517. if they were made with CREATE_FAST. Part of ticket 22805.
  1518. o Minor features (robustness):
  1519. - Change several fatal assertions when flushing buffers into non-
  1520. fatal assertions, to prevent any recurrence of 23690.
  1521. o Minor features (spec conformance, bridge, diagnostic):
  1522. - When handling the USERADDR command on an ExtOrPort, warn when the
  1523. transports provides a USERADDR with no port. In a future version,
  1524. USERADDR commands of this format may be rejected. Detects problems
  1525. related to ticket 23080.
  1526. o Minor features (testing):
  1527. - Add a unit test to make sure that our own generated platform
  1528. string will be accepted by directory authorities. Closes
  1529. ticket 22109.
  1530. o Minor bugfixes (bootstrapping):
  1531. - When warning about state file clock skew, report the correct
  1532. direction for the detected skew. Fixes bug 23606; bugfix
  1533. on 0.2.8.1-alpha.
  1534. - Avoid an assertion failure when logging a state file clock skew
  1535. very early in bootstrapping. Fixes bug 23607; bugfix
  1536. on 0.3.2.1-alpha.
  1537. o Minor bugfixes (build, compilation):
  1538. - Fix a compilation warning when building with zstd support on
  1539. 32-bit platforms. Fixes bug 23568; bugfix on 0.3.1.1-alpha. Found
  1540. and fixed by Andreas Stieger.
  1541. - When searching for OpenSSL, don't accept any OpenSSL library that
  1542. lacks TLSv1_1_method(): Tor doesn't build with those versions.
  1543. Additionally, look in /usr/local/opt/openssl, if it's present.
  1544. These changes together repair the default build on OSX systems
  1545. with Homebrew installed. Fixes bug 23602; bugfix on 0.2.7.2-alpha.
  1546. o Minor bugfixes (compression):
  1547. - Handle a pathological case when decompressing Zstandard data when
  1548. the output buffer size is zero. Fixes bug 23551; bugfix
  1549. on 0.3.1.1-alpha.
  1550. o Minor bugfixes (documentation):
  1551. - Fix manpage to not refer to the obsolete (and misspelled)
  1552. UseEntryGuardsAsDirectoryGuards parameter in the description of
  1553. NumDirectoryGuards. Fixes bug 23611; bugfix on 0.2.4.8-alpha.
  1554. o Minor bugfixes (hidden service v3):
  1555. - Don't log an assertion failure when we can't find the right
  1556. information to extend to an introduction point. In rare cases,
  1557. this could happen, causing a warning, even though tor would
  1558. recover gracefully. Fixes bug 23159; bugfix on 0.3.2.1-alpha.
  1559. - Pad RENDEZVOUS cell up to the size of the legacy cell which is
  1560. much bigger so the rendezvous point can't distinguish which hidden
  1561. service protocol is being used. Fixes bug 23420; bugfix
  1562. on 0.3.2.1-alpha.
  1563. o Minor bugfixes (hidden service, relay):
  1564. - Avoid a possible double close of a circuit by the intro point on
  1565. error of sending the INTRO_ESTABLISHED cell. Fixes bug 23610;
  1566. bugfix on 0.3.0.1-alpha.
  1567. o Minor bugfixes (logging, relay shutdown, annoyance):
  1568. - When a circuit is marked for close, do not attempt to package any
  1569. cells for channels on that circuit. Previously, we would detect
  1570. this condition lower in the call stack, when we noticed that the
  1571. circuit had no attached channel, and log an annoying message.
  1572. Fixes bug 8185; bugfix on 0.2.5.4-alpha.
  1573. o Minor bugfixes (scheduler):
  1574. - When switching schedulers due to a consensus change, we didn't
  1575. give the new scheduler a chance to react to the consensus. Fix
  1576. that. Fixes bug 23537; bugfix on 0.3.2.1-alpha.
  1577. - Make the KISTSchedRunInterval option a non negative value. With
  1578. this, the way to disable KIST through the consensus is to set it
  1579. to 0. Fixes bug 23539; bugfix on 0.3.2.1-alpha.
  1580. - Only notice log the selected scheduler when we switch scheduler
  1581. types. Fixes bug 23552; bugfix on 0.3.2.1-alpha.
  1582. - Avoid a compilation warning on macOS in scheduler_ev_add() caused
  1583. by a different tv_usec data type. Fixes bug 23575; bugfix
  1584. on 0.3.2.1-alpha.
  1585. - Make a hard exit if tor is unable to pick a scheduler which can
  1586. happen if the user specifies a scheduler type that is not
  1587. supported and not other types in Schedulers. Fixes bug 23581;
  1588. bugfix on 0.3.2.1-alpha.
  1589. - Properly initialize the scheduler last run time counter so it is
  1590. not 0 at the first tick. Fixes bug 23696; bugfix on 0.3.2.1-alpha.
  1591. o Minor bugfixes (testing):
  1592. - Capture and detect several "Result does not fit" warnings in unit
  1593. tests on platforms with 32-bit time_t. Fixes bug 21800; bugfix
  1594. on 0.2.9.3-alpha.
  1595. - Fix additional channelpadding unit test failures by using mocked
  1596. time instead of actual time for all tests. Fixes bug 23608; bugfix
  1597. on 0.3.1.1-alpha.
  1598. - The removal of some old scheduler options caused some tests to
  1599. fail on BSD systems. Assume current behavior is correct and make
  1600. the tests pass again. Fixes bug 23566; bugfix on 0.3.2.1-alpha.
  1601. o Code simplification and refactoring:
  1602. - Remove various ways of testing circuits and connections for
  1603. "clientness"; instead, favor channel_is_client(). Part of
  1604. ticket 22805.
  1605. o Deprecated features:
  1606. - The ReachableDirAddresses and ClientPreferIPv6DirPort options are
  1607. now deprecated; they do not apply to relays, and they have had no
  1608. effect on clients since 0.2.8.x. Closes ticket 19704.
  1609. o Documentation:
  1610. - HiddenServiceVersion man page entry wasn't mentioning the now
  1611. supported version 3. Fixes ticket 23580; bugfix on 0.3.2.1-alpha.
  1612. - Clarify that the Address option is entirely about setting an
  1613. advertised IPv4 address. Closes ticket 18891.
  1614. - Clarify the manpage's use of the term "address" to clarify what
  1615. kind of address is intended. Closes ticket 21405.
  1616. - Document that onion service subdomains are allowed, and ignored.
  1617. Closes ticket 18736.
  1618. Changes in version 0.3.2.1-alpha - 2017-09-18
  1619. Tor 0.3.2.1-alpha is the first release in the 0.3.2.x series. It
  1620. includes support for our next-generation ("v3") onion service
  1621. protocol, and adds a new circuit scheduler for more responsive
  1622. forwarding decisions from relays. There are also numerous other small
  1623. features and bugfixes here.
  1624. Below are the changes since Tor 0.3.1.7.
  1625. o Major feature (scheduler, channel):
  1626. - Tor now uses new schedulers to decide which circuits should
  1627. deliver cells first, in order to improve congestion at relays. The
  1628. first type is called "KIST" ("Kernel Informed Socket Transport"),
  1629. and is only available on Linux-like systems: it uses feedback from
  1630. the kernel to prevent the kernel's TCP buffers from growing too
  1631. full. The second new scheduler type is called "KISTLite": it
  1632. behaves the same as KIST, but runs on systems without kernel
  1633. support for inspecting TCP implementation details. The old
  1634. scheduler is still available, under the name "Vanilla". To change
  1635. the default scheduler preference order, use the new "Schedulers"
  1636. option. (The default preference order is "KIST,KISTLite,Vanilla".)
  1637. Matt Traudt implemented KIST, based on research by Rob Jansen,
  1638. John Geddes, Christ Wacek, Micah Sherr, and Paul Syverson. For
  1639. more information, see the design paper at
  1640. http://www.robgjansen.com/publications/kist-sec2014.pdf and the
  1641. followup implementation paper at https://arxiv.org/abs/1709.01044.
  1642. Closes ticket 12541.
  1643. o Major features (next-generation onion services):
  1644. - Tor now supports the next-generation onion services protocol for
  1645. clients and services! As part of this release, the core of
  1646. proposal 224 has been implemented and is available for
  1647. experimentation and testing by our users. This newer version of
  1648. onion services ("v3") features many improvements over the legacy
  1649. system, including:
  1650. a) Better crypto (replaced SHA1/DH/RSA1024
  1651. with SHA3/ed25519/curve25519)
  1652. b) Improved directory protocol, leaking much less information to
  1653. directory servers.
  1654. c) Improved directory protocol, with smaller surface for
  1655. targeted attacks.
  1656. d) Better onion address security against impersonation.
  1657. e) More extensible introduction/rendezvous protocol.
  1658. f) A cleaner and more modular codebase.
  1659. You can identify a next-generation onion address by its length:
  1660. they are 56 characters long, as in
  1661. "4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad.onion".
  1662. In the future, we will release more options and features for v3
  1663. onion services, but we first need a testing period, so that the
  1664. current codebase matures and becomes more robust. Planned features
  1665. include: offline keys, advanced client authorization, improved
  1666. guard algorithms, and statistics. For full details, see
  1667. proposal 224.
  1668. Legacy ("v2") onion services will still work for the foreseeable
  1669. future, and will remain the default until this new codebase gets
  1670. tested and hardened. Service operators who want to experiment with
  1671. the new system can use the 'HiddenServiceVersion 3' torrc
  1672. directive along with the regular onion service configuration
  1673. options. We will publish a blog post about this new feature
  1674. soon! Enjoy!
  1675. o Major bugfixes (usability, control port):
  1676. - Report trusted clock skew indications as bootstrap errors, so
  1677. controllers can more easily alert users when their clocks are
  1678. wrong. Fixes bug 23506; bugfix on 0.1.2.6-alpha.
  1679. o Minor features (bug detection):
  1680. - Log a warning message with a stack trace for any attempt to call
  1681. get_options() during option validation. This pattern has caused
  1682. subtle bugs in the past. Closes ticket 22281.
  1683. o Minor features (client):
  1684. - You can now use Tor as a tunneled HTTP proxy: use the new
  1685. HTTPTunnelPort option to open a port that accepts HTTP CONNECT
  1686. requests. Closes ticket 22407.
  1687. - Add an extra check to make sure that we always use the newer guard
  1688. selection code for picking our guards. Closes ticket 22779.
  1689. - When downloading (micro)descriptors, don't split the list into
  1690. multiple requests unless we want at least 32 descriptors.
  1691. Previously, we split at 4, not 32, which led to significant
  1692. overhead in HTTP request size and degradation in compression
  1693. performance. Closes ticket 23220.
  1694. o Minor features (command line):
  1695. - Add a new commandline option, --key-expiration, which prints when
  1696. the current signing key is going to expire. Implements ticket
  1697. 17639; patch by Isis Lovecruft.
  1698. o Minor features (control port):
  1699. - If an application tries to use the control port as an HTTP proxy,
  1700. respond with a meaningful "This is the Tor control port" message,
  1701. and log the event. Closes ticket 1667. Patch from Ravi
  1702. Chandra Padmala.
  1703. - Provide better error message for GETINFO desc/(id|name) when not
  1704. fetching router descriptors. Closes ticket 5847. Patch by
  1705. Kevin Butler.
  1706. - Add GETINFO "{desc,md}/download-enabled", to inform the controller
  1707. whether Tor will try to download router descriptors and
  1708. microdescriptors respectively. Closes ticket 22684.
  1709. - Added new GETINFO targets "ip-to-country/{ipv4,ipv6}-available",
  1710. so controllers can tell whether the geoip databases are loaded.
  1711. Closes ticket 23237.
  1712. - Adds a timestamp field to the CIRC_BW and STREAM_BW bandwidth
  1713. events. Closes ticket 19254. Patch by "DonnchaC".
  1714. o Minor features (development support):
  1715. - Developers can now generate a call-graph for Tor using the
  1716. "calltool" python program, which post-processes object dumps. It
  1717. should work okay on many Linux and OSX platforms, and might work
  1718. elsewhere too. To run it, install calltool from
  1719. https://gitweb.torproject.org/user/nickm/calltool.git and run
  1720. "make callgraph". Closes ticket 19307.
  1721. o Minor features (ed25519):
  1722. - Add validation function to checks for torsion components in
  1723. ed25519 public keys, used by prop224 client-side code. Closes
  1724. ticket 22006. Math help by Ian Goldberg.
  1725. o Minor features (exit relay, DNS):
  1726. - Improve the clarity and safety of the log message from evdns when
  1727. receiving an apparently spoofed DNS reply. Closes ticket 3056.
  1728. o Minor features (integration, hardening):
  1729. - Add a new NoExec option to prevent Tor from running other
  1730. programs. When this option is set to 1, Tor will never try to run
  1731. another program, regardless of the settings of
  1732. PortForwardingHelper, ClientTransportPlugin, or
  1733. ServerTransportPlugin. Once NoExec is set, it cannot be disabled
  1734. without restarting Tor. Closes ticket 22976.
  1735. o Minor features (logging):
  1736. - Improve the warning message for specifying a relay by nickname.
  1737. The previous message implied that nickname registration was still
  1738. part of the Tor network design, which it isn't. Closes
  1739. ticket 20488.
  1740. - If the sandbox filter fails to load, suggest to the user that
  1741. their kernel might not support seccomp2. Closes ticket 23090.
  1742. o Minor features (portability):
  1743. - Check at configure time whether uint8_t is the same type as
  1744. unsigned char. Lots of existing code already makes this
  1745. assumption, and there could be strict aliasing issues if the
  1746. assumption is violated. Closes ticket 22410.
  1747. o Minor features (relay, configuration):
  1748. - Reject attempts to use relative file paths when RunAsDaemon is
  1749. set. Previously, Tor would accept these, but the directory-
  1750. changing step of RunAsDaemon would give strange and/or confusing
  1751. results. Closes ticket 22731.
  1752. o Minor features (startup, safety):
  1753. - When configured to write a PID file, Tor now exits if it is unable
  1754. to do so. Previously, it would warn and continue. Closes
  1755. ticket 20119.
  1756. o Minor features (static analysis):
  1757. - The BUG() macro has been changed slightly so that Coverity no
  1758. longer complains about dead code if the bug is impossible. Closes
  1759. ticket 23054.
  1760. o Minor features (testing):
  1761. - The default chutney network tests now include tests for the v3
  1762. hidden service design. Make sure you have the latest version of
  1763. chutney if you want to run these. Closes ticket 22437.
  1764. - Add a unit test to verify that we can parse a hardcoded v2 hidden
  1765. service descriptor. Closes ticket 15554.
  1766. o Minor bugfixes (certificate handling):
  1767. - Fix a time handling bug in Tor certificates set to expire after
  1768. the year 2106. Fixes bug 23055; bugfix on 0.3.0.1-alpha. Found by
  1769. Coverity as CID 1415728.
  1770. o Minor bugfixes (client, usability):
  1771. - Refrain from needlessly rejecting SOCKS5-with-hostnames and
  1772. SOCKS4a requests that contain IP address strings, even when
  1773. SafeSocks in enabled, as this prevents user from connecting to
  1774. known IP addresses without relying on DNS for resolving. SafeSocks
  1775. still rejects SOCKS connections that connect to IP addresses when
  1776. those addresses are _not_ encoded as hostnames. Fixes bug 22461;
  1777. bugfix on Tor 0.2.6.2-alpha.
  1778. o Minor bugfixes (code correctness):
  1779. - Call htons() in extend_cell_format() for encoding a 16-bit value.
  1780. Previously we used ntohs(), which happens to behave the same on
  1781. all the platforms we support, but which isn't really correct.
  1782. Fixes bug 23106; bugfix on 0.2.4.8-alpha.
  1783. - For defense-in-depth, make the controller's write_escaped_data()
  1784. function robust to extremely long inputs. Fixes bug 19281; bugfix
  1785. on 0.1.1.1-alpha. Reported by Guido Vranken.
  1786. o Minor bugfixes (compilation):
  1787. - Fix unused-variable warnings in donna's Curve25519 SSE2 code.
  1788. Fixes bug 22895; bugfix on 0.2.7.2-alpha.
  1789. o Minor bugfixes (consensus expiry):
  1790. - Check for adequate directory information correctly. Previously, Tor
  1791. would reconsider whether it had sufficient directory information
  1792. every 2 minutes. Fixes bug 23091; bugfix on 0.2.0.19-alpha.
  1793. o Minor bugfixes (directory protocol):
  1794. - Directory servers now include a "Date:" http header for response
  1795. codes other than 200. Clients starting with a skewed clock and a
  1796. recent consensus were getting "304 Not modified" responses from
  1797. directory authorities, so without the Date header, the client
  1798. would never hear about a wrong clock. Fixes bug 23499; bugfix
  1799. on 0.0.8rc1.
  1800. - Make clients wait for 6 seconds before trying to download a
  1801. consensus from an authority. Fixes bug 17750; bugfix
  1802. on 0.2.8.1-alpha.
  1803. o Minor bugfixes (DoS-resistance):
  1804. - If future code asks if there are any running bridges, without
  1805. checking if bridges are enabled, log a BUG warning rather than
  1806. crashing. Fixes bug 23524; bugfix on 0.3.0.1-alpha.
  1807. o Minor bugfixes (format strictness):
  1808. - Restrict several data formats to decimal. Previously, the
  1809. BuildTimeHistogram entries in the state file, the "bw=" entries in
  1810. the bandwidth authority file, and the process IDs passed to the
  1811. __OwningControllerProcess option could all be specified in hex or
  1812. octal as well as in decimal. This was not an intentional feature.
  1813. Fixes bug 22802; bugfixes on 0.2.2.1-alpha, 0.2.2.2-alpha,
  1814. and 0.2.2.28-beta.
  1815. o Minor bugfixes (heartbeat):
  1816. - If we fail to write a heartbeat message, schedule a retry for the
  1817. minimum heartbeat interval number of seconds in the future. Fixes
  1818. bug 19476; bugfix on 0.2.3.1-alpha.
  1819. o Minor bugfixes (linux seccomp2 sandbox, logging):
  1820. - Fix some messages on unexpected errors from the seccomp2 library.
  1821. Fixes bug 22750; bugfix on 0.2.5.1-alpha. Patch from "cypherpunks".
  1822. o Minor bugfixes (logging):
  1823. - Remove duplicate log messages regarding opening non-local
  1824. SocksPorts upon parsing config and opening listeners at startup.
  1825. Fixes bug 4019; bugfix on 0.2.3.3-alpha.
  1826. - Use a more comprehensible log message when telling the user
  1827. they've excluded every running exit node. Fixes bug 7890; bugfix
  1828. on 0.2.2.25-alpha.
  1829. - When logging the number of descriptors we intend to download per
  1830. directory request, do not log a number higher than then the number
  1831. of descriptors we're fetching in total. Fixes bug 19648; bugfix
  1832. on 0.1.1.8-alpha.
  1833. - When warning about a directory owned by the wrong user, log the
  1834. actual name of the user owning the directory. Previously, we'd log
  1835. the name of the process owner twice. Fixes bug 23487; bugfix
  1836. on 0.2.9.1-alpha.
  1837. - The tor specification says hop counts are 1-based, so fix two log
  1838. messages that mistakenly logged 0-based hop counts. Fixes bug
  1839. 18982; bugfix on 0.2.6.2-alpha and 0.2.4.5-alpha. Patch by teor.
  1840. Credit to Xiaofan Li for reporting this issue.
  1841. o Minor bugfixes (portability):
  1842. - Stop using the PATH_MAX variable, which is not defined on GNU
  1843. Hurd. Fixes bug 23098; bugfix on 0.3.1.1-alpha.
  1844. o Minor bugfixes (relay):
  1845. - When uploading our descriptor for the first time after startup,
  1846. report the reason for uploading as "Tor just started" rather than
  1847. leaving it blank. Fixes bug 22885; bugfix on 0.2.3.4-alpha.
  1848. - Avoid unnecessary calls to directory_fetches_from_authorities() on
  1849. relays, to prevent spurious address resolutions and descriptor
  1850. rebuilds. This is a mitigation for bug 21789. Fixes bug 23470;
  1851. bugfix on in 0.2.8.1-alpha.
  1852. o Minor bugfixes (tests):
  1853. - Fix a broken unit test for the OutboundAddress option: the parsing
  1854. function was never returning an error on failure. Fixes bug 23366;
  1855. bugfix on 0.3.0.3-alpha.
  1856. - Fix a signed-integer overflow in the unit tests for
  1857. dir/download_status_random_backoff, which was untriggered until we
  1858. fixed bug 17750. Fixes bug 22924; bugfix on 0.2.9.1-alpha.
  1859. o Minor bugfixes (usability, control port):
  1860. - Stop making an unnecessary routerlist check in NETINFO clock skew
  1861. detection; this was preventing clients from reporting NETINFO clock
  1862. skew to controllers. Fixes bug 23532; bugfix on 0.2.4.4-alpha.
  1863. o Code simplification and refactoring:
  1864. - Extract the code for handling newly-open channels into a separate
  1865. function from the general code to handle channel state
  1866. transitions. This change simplifies our callgraph, reducing the
  1867. size of the largest strongly connected component by roughly a
  1868. factor of two. Closes ticket 22608.
  1869. - Remove dead code for largely unused statistics on the number of
  1870. times we've attempted various public key operations. Fixes bug
  1871. 19871; bugfix on 0.1.2.4-alpha. Fix by Isis Lovecruft.
  1872. - Remove several now-obsolete functions for asking about old
  1873. variants directory authority status. Closes ticket 22311; patch
  1874. from "huyvq".
  1875. - Remove some of the code that once supported "Named" and "Unnamed"
  1876. routers. Authorities no longer vote for these flags. Closes
  1877. ticket 22215.
  1878. - Rename the obsolete malleable hybrid_encrypt functions used in TAP
  1879. and old hidden services, to indicate that they aren't suitable for
  1880. new protocols or formats. Closes ticket 23026.
  1881. - Replace our STRUCT_OFFSET() macro with offsetof(). Closes ticket
  1882. 22521. Patch from Neel Chauhan.
  1883. - Split the enormous circuit_send_next_onion_skin() function into
  1884. multiple subfunctions. Closes ticket 22804.
  1885. - Split the portions of the buffer.c module that handle particular
  1886. protocols into separate modules. Part of ticket 23149.
  1887. - Use our test macros more consistently, to produce more useful
  1888. error messages when our unit tests fail. Add coccinelle patches to
  1889. allow us to re-check for test macro uses. Closes ticket 22497.
  1890. o Deprecated features:
  1891. - Deprecate HTTPProxy/HTTPProxyAuthenticator config options. They
  1892. only applies to direct unencrypted HTTP connections to your
  1893. directory server, which your Tor probably isn't using. Closes
  1894. ticket 20575.
  1895. o Documentation:
  1896. - Clarify in the manual that "Sandbox 1" is only supported on Linux
  1897. kernels. Closes ticket 22677.
  1898. - Document all values of PublishServerDescriptor in the manpage.
  1899. Closes ticket 15645.
  1900. - Improve the documentation for the directory port part of the
  1901. DirAuthority line. Closes ticket 20152.
  1902. - Restore documentation for the authorities' "approved-routers"
  1903. file. Closes ticket 21148.
  1904. o Removed features:
  1905. - The AllowDotExit option has been removed as unsafe. It has been
  1906. deprecated since 0.2.9.2-alpha. Closes ticket 23426.
  1907. - The ClientDNSRejectInternalAddresses flag can no longer be set on
  1908. non-testing networks. It has been deprecated since 0.2.9.2-alpha.
  1909. Closes ticket 21031.
  1910. - The controller API no longer includes an AUTHDIR_NEWDESCS event:
  1911. nobody was using it any longer. Closes ticket 22377.
  1912. Changes in version 0.2.8.15 - 2017-09-18
  1913. Tor 0.2.8.15 backports a collection of bugfixes from later
  1914. Tor series.
  1915. Most significantly, it includes a fix for TROVE-2017-008, a
  1916. security bug that affects hidden services running with the
  1917. SafeLogging option disabled. For more information, see
  1918. https://trac.torproject.org/projects/tor/ticket/23490
  1919. Note that Tor 0.2.8.x will no longer be supported after 1 Jan
  1920. 2018. We suggest that you upgrade to the latest stable release if
  1921. possible. If you can't, we recommend that you upgrade at least to
  1922. 0.2.9, which will be supported until 2020.
  1923. o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha):
  1924. - Avoid an assertion failure bug affecting our implementation of
  1925. inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
  1926. handling of "0xx" differs from what we had expected. Fixes bug
  1927. 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007.
  1928. o Minor features:
  1929. - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
  1930. Country database.
  1931. o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha):
  1932. - Backport a fix for an "unused variable" warning that appeared
  1933. in some versions of mingw. Fixes bug 22838; bugfix on
  1934. 0.2.8.1-alpha.
  1935. o Minor bugfixes (defensive programming, undefined behavior, backport from 0.3.1.4-alpha):
  1936. - Fix a memset() off the end of an array when packing cells. This
  1937. bug should be harmless in practice, since the corrupted bytes are
  1938. still in the same structure, and are always padding bytes,
  1939. ignored, or immediately overwritten, depending on compiler
  1940. behavior. Nevertheless, because the memset()'s purpose is to make
  1941. sure that any other cell-handling bugs can't expose bytes to the
  1942. network, we need to fix it. Fixes bug 22737; bugfix on
  1943. 0.2.4.11-alpha. Fixes CID 1401591.
  1944. o Build features (backport from 0.3.1.5-alpha):
  1945. - Tor's repository now includes a Travis Continuous Integration (CI)
  1946. configuration file (.travis.yml). This is meant to help new
  1947. developers and contributors who fork Tor to a Github repository be
  1948. better able to test their changes, and understand what we expect
  1949. to pass. To use this new build feature, you must fork Tor to your
  1950. Github account, then go into the "Integrations" menu in the
  1951. repository settings for your fork and enable Travis, then push
  1952. your changes. Closes ticket 22636.
  1953. Changes in version 0.2.9.12 - 2017-09-18
  1954. Tor 0.2.9.12 backports a collection of bugfixes from later
  1955. Tor series.
  1956. Most significantly, it includes a fix for TROVE-2017-008, a
  1957. security bug that affects hidden services running with the
  1958. SafeLogging option disabled. For more information, see
  1959. https://trac.torproject.org/projects/tor/ticket/23490
  1960. o Major features (security, backport from 0.3.0.2-alpha):
  1961. - Change the algorithm used to decide DNS TTLs on client and server
  1962. side, to better resist DNS-based correlation attacks like the
  1963. DefecTor attack of Greschbach, Pulls, Roberts, Winter, and
  1964. Feamster. Now relays only return one of two possible DNS TTL
  1965. values, and clients are willing to believe DNS TTL values up to 3
  1966. hours long. Closes ticket 19769.
  1967. o Major bugfixes (crash, directory connections, backport from 0.3.0.5-rc):
  1968. - Fix a rare crash when sending a begin cell on a circuit whose
  1969. linked directory connection had already been closed. Fixes bug
  1970. 21576; bugfix on 0.2.9.3-alpha. Reported by Alec Muffett.
  1971. o Major bugfixes (DNS, backport from 0.3.0.2-alpha):
  1972. - Fix a bug that prevented exit nodes from caching DNS records for
  1973. more than 60 seconds. Fixes bug 19025; bugfix on 0.2.4.7-alpha.
  1974. o Major bugfixes (linux TPROXY support, backport from 0.3.1.1-alpha):
  1975. - Fix a typo that had prevented TPROXY-based transparent proxying
  1976. from working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha.
  1977. Patch from "d4fq0fQAgoJ".
  1978. o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha):
  1979. - Avoid an assertion failure bug affecting our implementation of
  1980. inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
  1981. handling of "0xx" differs from what we had expected. Fixes bug
  1982. 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007.
  1983. o Minor features (code style, backport from 0.3.1.3-alpha):
  1984. - Add "Falls through" comments to our codebase, in order to silence
  1985. GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas
  1986. Stieger. Closes ticket 22446.
  1987. o Minor features (geoip):
  1988. - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
  1989. Country database.
  1990. o Minor bugfixes (bandwidth accounting, backport from 0.3.1.1-alpha):
  1991. - Roll over monthly accounting at the configured hour and minute,
  1992. rather than always at 00:00. Fixes bug 22245; bugfix on 0.0.9rc1.
  1993. Found by Andrey Karpov with PVS-Studio.
  1994. o Minor bugfixes (compilation, backport from 0.3.1.5-alpha):
  1995. - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915;
  1996. bugfix on 0.2.8.1-alpha.
  1997. - Fix warnings when building with libscrypt and openssl scrypt support
  1998. on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha.
  1999. - When building with certain versions the mingw C header files, avoid
  2000. float-conversion warnings when calling the C functions isfinite(),
  2001. isnan(), and signbit(). Fixes bug 22801; bugfix on 0.2.8.1-alpha.
  2002. o Minor bugfixes (compilation, backport from 0.3.1.7):
  2003. - Avoid compiler warnings in the unit tests for running tor_sscanf()
  2004. with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha.
  2005. o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha):
  2006. - Backport a fix for an "unused variable" warning that appeared
  2007. in some versions of mingw. Fixes bug 22838; bugfix on
  2008. 0.2.8.1-alpha.
  2009. o Minor bugfixes (controller, backport from 0.3.1.7):
  2010. - Do not crash when receiving a HSPOST command with an empty body.
  2011. Fixes part of bug 22644; bugfix on 0.2.7.1-alpha.
  2012. - Do not crash when receiving a POSTDESCRIPTOR command with an
  2013. empty body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
  2014. o Minor bugfixes (coverity build support, backport from 0.3.1.5-alpha):
  2015. - Avoid Coverity build warnings related to our BUG() macro. By
  2016. default, Coverity treats BUG() as the Linux kernel does: an
  2017. instant abort(). We need to override that so our BUG() macro
  2018. doesn't prevent Coverity from analyzing functions that use it.
  2019. Fixes bug 23030; bugfix on 0.2.9.1-alpha.
  2020. o Minor bugfixes (defensive programming, undefined behavior, backport from 0.3.1.4-alpha):
  2021. - Fix a memset() off the end of an array when packing cells. This
  2022. bug should be harmless in practice, since the corrupted bytes are
  2023. still in the same structure, and are always padding bytes,
  2024. ignored, or immediately overwritten, depending on compiler
  2025. behavior. Nevertheless, because the memset()'s purpose is to make
  2026. sure that any other cell-handling bugs can't expose bytes to the
  2027. network, we need to fix it. Fixes bug 22737; bugfix on
  2028. 0.2.4.11-alpha. Fixes CID 1401591.
  2029. o Minor bugfixes (file limits, osx, backport from 0.3.1.5-alpha):
  2030. - When setting the maximum number of connections allowed by the OS,
  2031. always allow some extra file descriptors for other files. Fixes
  2032. bug 22797; bugfix on 0.2.0.10-alpha.
  2033. o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.5-alpha):
  2034. - Avoid a sandbox failure when trying to re-bind to a socket and
  2035. mark it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha.
  2036. o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.4-alpha):
  2037. - Permit the fchmod system call, to avoid crashing on startup when
  2038. starting with the seccomp2 sandbox and an unexpected set of
  2039. permissions on the data directory or its contents. Fixes bug
  2040. 22516; bugfix on 0.2.5.4-alpha.
  2041. o Minor bugfixes (relay, backport from 0.3.0.5-rc):
  2042. - Avoid a double-marked-circuit warning that could happen when we
  2043. receive DESTROY cells under heavy load. Fixes bug 20059; bugfix
  2044. on 0.1.0.1-rc.
  2045. o Minor bugfixes (voting consistency, backport from 0.3.1.1-alpha):
  2046. - Reject version numbers with non-numeric prefixes (such as +, -, or
  2047. whitespace). Disallowing whitespace prevents differential version
  2048. parsing between POSIX-based and Windows platforms. Fixes bug 21507
  2049. and part of 21508; bugfix on 0.0.8pre1.
  2050. o Build features (backport from 0.3.1.5-alpha):
  2051. - Tor's repository now includes a Travis Continuous Integration (CI)
  2052. configuration file (.travis.yml). This is meant to help new
  2053. developers and contributors who fork Tor to a Github repository be
  2054. better able to test their changes, and understand what we expect
  2055. to pass. To use this new build feature, you must fork Tor to your
  2056. Github account, then go into the "Integrations" menu in the
  2057. repository settings for your fork and enable Travis, then push
  2058. your changes. Closes ticket 22636.
  2059. Changes in version 0.3.0.11 - 2017-09-18
  2060. Tor 0.3.0.11 backports a collection of bugfixes from Tor the 0.3.1
  2061. series.
  2062. Most significantly, it includes a fix for TROVE-2017-008, a
  2063. security bug that affects hidden services running with the
  2064. SafeLogging option disabled. For more information, see
  2065. https://trac.torproject.org/projects/tor/ticket/23490
  2066. o Minor features (code style, backport from 0.3.1.7):
  2067. - Add "Falls through" comments to our codebase, in order to silence
  2068. GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas
  2069. Stieger. Closes ticket 22446.
  2070. o Minor features:
  2071. - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
  2072. Country database.
  2073. o Minor bugfixes (compilation, backport from 0.3.1.7):
  2074. - Avoid compiler warnings in the unit tests for calling tor_sscanf()
  2075. with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha.
  2076. o Minor bugfixes (controller, backport from 0.3.1.7):
  2077. - Do not crash when receiving a HSPOST command with an empty body.
  2078. Fixes part of bug 22644; bugfix on 0.2.7.1-alpha.
  2079. - Do not crash when receiving a POSTDESCRIPTOR command with an empty
  2080. body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
  2081. o Minor bugfixes (file limits, osx, backport from 0.3.1.5-alpha):
  2082. - When setting the maximum number of connections allowed by the OS,
  2083. always allow some extra file descriptors for other files. Fixes
  2084. bug 22797; bugfix on 0.2.0.10-alpha.
  2085. o Minor bugfixes (logging, relay, backport from 0.3.1.6-rc):
  2086. - Remove a forgotten debugging message when an introduction point
  2087. successfully establishes a hidden service prop224 circuit with
  2088. a client.
  2089. - Change three other log_warn() for an introduction point to
  2090. protocol warnings, because they can be failure from the network
  2091. and are not relevant to the operator. Fixes bug 23078; bugfix on
  2092. 0.3.0.1-alpha and 0.3.0.2-alpha.
  2093. Changes in version 0.3.1.7 - 2017-09-18
  2094. Tor 0.3.1.7 is the first stable release in the 0.3.1 series.
  2095. With the 0.3.1 series, Tor now serves and downloads directory
  2096. information in more compact formats, to save on bandwidth overhead. It
  2097. also contains a new padding system to resist netflow-based traffic
  2098. analysis, and experimental support for building parts of Tor in Rust
  2099. (though no parts of Tor are in Rust yet). There are also numerous
  2100. small features, bugfixes on earlier release series, and groundwork for
  2101. the hidden services revamp of 0.3.2.
  2102. This release also includes a fix for TROVE-2017-008, a security bug
  2103. that affects hidden services running with the SafeLogging option
  2104. disabled. For more information, see
  2105. https://trac.torproject.org/projects/tor/ticket/23490
  2106. Per our stable release policy, we plan to support each stable release
  2107. series for at least the next nine months, or for three months after
  2108. the first stable release of the next series: whichever is longer. If
  2109. you need a release with long-term support, we recommend that you stay
  2110. with the 0.2.9 series.
  2111. Below is a list of the changes since 0.3.1.6-rc. For a list of all
  2112. changes since 0.3.0, see the ReleaseNotes file.
  2113. o Major bugfixes (security, hidden services, loggging):
  2114. - Fix a bug where we could log uninitialized stack when a certain
  2115. hidden service error occurred while SafeLogging was disabled.
  2116. Fixes bug #23490; bugfix on 0.2.7.2-alpha. This is also tracked as
  2117. TROVE-2017-008 and CVE-2017-0380.
  2118. o Minor features (defensive programming):
  2119. - Create a pair of consensus parameters, nf_pad_tor2web and
  2120. nf_pad_single_onion, to disable netflow padding in the consensus
  2121. for non-anonymous connections in case the overhead is high. Closes
  2122. ticket 17857.
  2123. o Minor features (diagnostic):
  2124. - Add a stack trace to the bug warnings that can be logged when
  2125. trying to send an outgoing relay cell with n_chan == 0. Diagnostic
  2126. attempt for bug 23105.
  2127. o Minor features (geoip):
  2128. - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
  2129. Country database.
  2130. o Minor bugfixes (compilation):
  2131. - Avoid compiler warnings in the unit tests for calling tor_sscanf()
  2132. with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha.
  2133. o Minor bugfixes (controller):
  2134. - Do not crash when receiving a HSPOST command with an empty body.
  2135. Fixes part of bug 22644; bugfix on 0.2.7.1-alpha.
  2136. - Do not crash when receiving a POSTDESCRIPTOR command with an empty
  2137. body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
  2138. o Minor bugfixes (relay):
  2139. - Inform the geoip and rephist modules about all requests, even on
  2140. relays that are only fetching microdescriptors. Fixes a bug
  2141. related to 21585; bugfix on 0.3.0.1-alpha.
  2142. o Minor bugfixes (unit tests):
  2143. - Fix a channelpadding unit test failure on slow systems by using
  2144. mocked time instead of actual time. Fixes bug 23077; bugfix
  2145. on 0.3.1.1-alpha.
  2146. Changes in version 0.3.1.6-rc - 2017-09-05
  2147. Tor 0.3.1.6-rc fixes a few small bugs and annoyances in the 0.3.1
  2148. release series, including a bug that produced weird behavior on
  2149. Windows directory caches.
  2150. This is the first release candidate in the Tor 0.3.1 series. If we
  2151. find no new bugs or regressions here, the first stable 0.3.1 release
  2152. will be nearly identical to it.
  2153. o Major bugfixes (windows, directory cache):
  2154. - On Windows, do not try to delete cached consensus documents and
  2155. diffs before they are unmapped from memory--Windows won't allow
  2156. that. Instead, allow the consensus cache directory to grow larger,
  2157. to hold files that might need to stay around longer. Fixes bug
  2158. 22752; bugfix on 0.3.1.1-alpha.
  2159. o Minor features (directory authority):
  2160. - Improve the message that authorities report to relays that present
  2161. RSA/Ed25519 keypairs that conflict with previously pinned keys.
  2162. Closes ticket 22348.
  2163. o Minor features (geoip):
  2164. - Update geoip and geoip6 to the August 3 2017 Maxmind GeoLite2
  2165. Country database.
  2166. o Minor features (testing):
  2167. - Add more tests for compression backend initialization. Closes
  2168. ticket 22286.
  2169. o Minor bugfixes (directory cache):
  2170. - Fix a memory leak when recovering space in the consensus cache.
  2171. Fixes bug 23139; bugfix on 0.3.1.1-alpha.
  2172. o Minor bugfixes (hidden service):
  2173. - Increase the number of circuits that a service is allowed to
  2174. open over a specific period of time. The value was lower than it
  2175. should be (8 vs 12) in the normal case of 3 introduction points.
  2176. Fixes bug 22159; bugfix on 0.3.0.5-rc.
  2177. - Fix a BUG warning during HSv3 descriptor decoding that could be
  2178. cause by a specially crafted descriptor. Fixes bug 23233; bugfix
  2179. on 0.3.0.1-alpha. Bug found by "haxxpop".
  2180. - Rate-limit the log messages if we exceed the maximum number of
  2181. allowed intro circuits. Fixes bug 22159; bugfix on 0.3.1.1-alpha.
  2182. o Minor bugfixes (logging, relay):
  2183. - Remove a forgotten debugging message when an introduction point
  2184. successfully establishes a hidden service prop224 circuit with
  2185. a client.
  2186. - Change three other log_warn() for an introduction point to
  2187. protocol warnings, because they can be failure from the network
  2188. and are not relevant to the operator. Fixes bug 23078; bugfix on
  2189. 0.3.0.1-alpha and 0.3.0.2-alpha.
  2190. o Minor bugfixes (relay):
  2191. - When a relay is not running as a directory cache, it will no
  2192. longer generate compressed consensuses and consensus diff
  2193. information. Previously, this was a waste of disk and CPU. Fixes
  2194. bug 23275; bugfix on 0.3.1.1-alpha.
  2195. o Minor bugfixes (robustness, error handling):
  2196. - Improve our handling of the cases where OpenSSL encounters a
  2197. memory error while encoding keys and certificates. We haven't
  2198. observed these errors in the wild, but if they do happen, we now
  2199. detect and respond better. Fixes bug 19418; bugfix on all versions
  2200. of Tor. Reported by Guido Vranken.
  2201. o Minor bugfixes (stability):
  2202. - Avoid crashing on a double-free when unable to load or process an
  2203. included file. Fixes bug 23155; bugfix on 0.3.1.1-alpha. Found
  2204. with the clang static analyzer.
  2205. o Minor bugfixes (testing):
  2206. - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291;
  2207. bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij.
  2208. - Port the hs_ntor handshake test to work correctly with recent
  2209. versions of the pysha3 module. Fixes bug 23071; bugfix
  2210. on 0.3.1.1-alpha.
  2211. o Minor bugfixes (Windows service):
  2212. - When running as a Windows service, set the ID of the main thread
  2213. correctly. Failure to do so made us fail to send log messages to
  2214. the controller in 0.2.1.16-rc, slowed down controller event
  2215. delivery in 0.2.7.3-rc and later, and crash with an assertion
  2216. failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha.
  2217. Patch and diagnosis from "Vort".
  2218. Changes in version 0.3.0.10 - 2017-08-02
  2219. Tor 0.3.0.10 backports a collection of small-to-medium bugfixes
  2220. from the current Tor alpha series. OpenBSD users and TPROXY users
  2221. should upgrade; others are probably okay sticking with 0.3.0.9.
  2222. o Major features (build system, continuous integration, backport from 0.3.1.5-alpha):
  2223. - Tor's repository now includes a Travis Continuous Integration (CI)
  2224. configuration file (.travis.yml). This is meant to help new
  2225. developers and contributors who fork Tor to a Github repository be
  2226. better able to test their changes, and understand what we expect
  2227. to pass. To use this new build feature, you must fork Tor to your
  2228. Github account, then go into the "Integrations" menu in the
  2229. repository settings for your fork and enable Travis, then push
  2230. your changes. Closes ticket 22636.
  2231. o Major bugfixes (linux TPROXY support, backport from 0.3.1.1-alpha):
  2232. - Fix a typo that had prevented TPROXY-based transparent proxying
  2233. from working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha.
  2234. Patch from "d4fq0fQAgoJ".
  2235. o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha):
  2236. - Avoid an assertion failure bug affecting our implementation of
  2237. inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
  2238. handling of "0xbar" differs from what we had expected. Fixes bug
  2239. 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007.
  2240. o Minor features (backport from 0.3.1.5-alpha):
  2241. - Update geoip and geoip6 to the July 4 2017 Maxmind GeoLite2
  2242. Country database.
  2243. o Minor bugfixes (bandwidth accounting, backport from 0.3.1.2-alpha):
  2244. - Roll over monthly accounting at the configured hour and minute,
  2245. rather than always at 00:00. Fixes bug 22245; bugfix on 0.0.9rc1.
  2246. Found by Andrey Karpov with PVS-Studio.
  2247. o Minor bugfixes (compilation warnings, backport from 0.3.1.5-alpha):
  2248. - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915;
  2249. bugfix on 0.2.8.1-alpha.
  2250. - Fix warnings when building with libscrypt and openssl scrypt
  2251. support on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha.
  2252. - When building with certain versions of the mingw C header files,
  2253. avoid float-conversion warnings when calling the C functions
  2254. isfinite(), isnan(), and signbit(). Fixes bug 22801; bugfix
  2255. on 0.2.8.1-alpha.
  2256. o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha):
  2257. - Backport a fix for an "unused variable" warning that appeared
  2258. in some versions of mingw. Fixes bug 22838; bugfix on
  2259. 0.2.8.1-alpha.
  2260. o Minor bugfixes (coverity build support, backport from 0.3.1.5-alpha):
  2261. - Avoid Coverity build warnings related to our BUG() macro. By
  2262. default, Coverity treats BUG() as the Linux kernel does: an
  2263. instant abort(). We need to override that so our BUG() macro
  2264. doesn't prevent Coverity from analyzing functions that use it.
  2265. Fixes bug 23030; bugfix on 0.2.9.1-alpha.
  2266. o Minor bugfixes (directory authority, backport from 0.3.1.1-alpha):
  2267. - When rejecting a router descriptor for running an obsolete version
  2268. of Tor without ntor support, warn about the obsolete tor version,
  2269. not the missing ntor key. Fixes bug 20270; bugfix on 0.2.9.3-alpha.
  2270. o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.5-alpha):
  2271. - Avoid a sandbox failure when trying to re-bind to a socket and
  2272. mark it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha.
  2273. o Minor bugfixes (unit tests, backport from 0.3.1.5-alpha)
  2274. - Fix a memory leak in the link-handshake/certs_ok_ed25519 test.
  2275. Fixes bug 22803; bugfix on 0.3.0.1-alpha.
  2276. Changes in version 0.3.1.5-alpha - 2017-08-01
  2277. Tor 0.3.1.5-alpha improves the performance of consensus diff
  2278. calculation, fixes a crash bug on older versions of OpenBSD, and fixes
  2279. several other bugs. If no serious bugs are found in this version, the
  2280. next version will be a release candidate.
  2281. This release also marks the end of support for the Tor 0.2.4.x,
  2282. 0.2.6.x, and 0.2.7.x release series. Those releases will receive no
  2283. further bug or security fixes. Anyone still running or distributing
  2284. one of those versions should upgrade.
  2285. o Major features (build system, continuous integration):
  2286. - Tor's repository now includes a Travis Continuous Integration (CI)
  2287. configuration file (.travis.yml). This is meant to help new
  2288. developers and contributors who fork Tor to a Github repository be
  2289. better able to test their changes, and understand what we expect
  2290. to pass. To use this new build feature, you must fork Tor to your
  2291. Github account, then go into the "Integrations" menu in the
  2292. repository settings for your fork and enable Travis, then push
  2293. your changes. Closes ticket 22636.
  2294. o Major bugfixes (openbsd, denial-of-service):
  2295. - Avoid an assertion failure bug affecting our implementation of
  2296. inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
  2297. handling of "0xbar" differs from what we had expected. Fixes bug
  2298. 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007.
  2299. o Major bugfixes (relay, performance):
  2300. - Perform circuit handshake operations at a higher priority than we
  2301. use for consensus diff creation and compression. This should
  2302. prevent circuits from starving when a relay or bridge receives a
  2303. new consensus, especially on lower-powered machines. Fixes bug
  2304. 22883; bugfix on 0.3.1.1-alpha.
  2305. o Minor features (bridge authority):
  2306. - Add "fingerprint" lines to the networkstatus-bridges file produced
  2307. by bridge authorities. Closes ticket 22207.
  2308. o Minor features (directory cache, consensus diff):
  2309. - Add a new MaxConsensusAgeForDiffs option to allow directory cache
  2310. operators with low-resource environments to adjust the number of
  2311. consensuses they'll store and generate diffs from. Most cache
  2312. operators should leave it unchanged. Helps to work around
  2313. bug 22883.
  2314. o Minor features (geoip):
  2315. - Update geoip and geoip6 to the July 4 2017 Maxmind GeoLite2
  2316. Country database.
  2317. o Minor features (relay, performance):
  2318. - Always start relays with at least two worker threads, to prevent
  2319. priority inversion on slow tasks. Part of the fix for bug 22883.
  2320. - Allow background work to be queued with different priorities, so
  2321. that a big pile of slow low-priority jobs will not starve out
  2322. higher priority jobs. This lays the groundwork for a fix for
  2323. bug 22883.
  2324. o Minor bugfixes (build system, rust):
  2325. - Fix a problem where Rust toolchains were not being found when
  2326. building without --enable-cargo-online-mode, due to setting the
  2327. $HOME environment variable instead of $CARGO_HOME. Fixes bug
  2328. 22830; bugfix on 0.3.1.1-alpha. Fix by Chelsea Komlo.
  2329. o Minor bugfixes (compatibility, zstd):
  2330. - Write zstd epilogues correctly when the epilogue requires
  2331. reallocation of the output buffer, even with zstd 1.3.0.
  2332. (Previously, we worked on 1.2.0 and failed with 1.3.0). Fixes bug
  2333. 22927; bugfix on 0.3.1.1-alpha.
  2334. o Minor bugfixes (compilation warnings):
  2335. - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug
  2336. 22915; bugfix on 0.2.8.1-alpha.
  2337. - Fix warnings when building with libscrypt and openssl scrypt
  2338. support on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha.
  2339. - Compile correctly when both openssl 1.1.0 and libscrypt are
  2340. detected. Previously this would cause an error. Fixes bug 22892;
  2341. bugfix on 0.3.1.1-alpha.
  2342. - When building with certain versions of the mingw C header files,
  2343. avoid float-conversion warnings when calling the C functions
  2344. isfinite(), isnan(), and signbit(). Fixes bug 22801; bugfix
  2345. on 0.2.8.1-alpha.
  2346. o Minor bugfixes (coverity build support):
  2347. - Avoid Coverity build warnings related to our BUG() macro. By
  2348. default, Coverity treats BUG() as the Linux kernel does: an
  2349. instant abort(). We need to override that so our BUG() macro
  2350. doesn't prevent Coverity from analyzing functions that use it.
  2351. Fixes bug 23030; bugfix on 0.2.9.1-alpha.
  2352. o Minor bugfixes (directory authority):
  2353. - When a directory authority rejects a descriptor or extrainfo with
  2354. a given digest, mark that digest as undownloadable, so that we do
  2355. not attempt to download it again over and over. We previously
  2356. tried to avoid downloading such descriptors by other means, but we
  2357. didn't notice if we accidentally downloaded one anyway. This
  2358. behavior became problematic in 0.2.7.2-alpha, when authorities
  2359. began pinning Ed25519 keys. Fixes bug 22349; bugfix
  2360. on 0.2.1.19-alpha.
  2361. o Minor bugfixes (error reporting, windows):
  2362. - When formatting Windows error messages, use the English format to
  2363. avoid codepage issues. Fixes bug 22520; bugfix on 0.1.2.8-alpha.
  2364. Patch from "Vort".
  2365. o Minor bugfixes (file limits, osx):
  2366. - When setting the maximum number of connections allowed by the OS,
  2367. always allow some extra file descriptors for other files. Fixes
  2368. bug 22797; bugfix on 0.2.0.10-alpha.
  2369. o Minor bugfixes (linux seccomp2 sandbox):
  2370. - Avoid a sandbox failure when trying to re-bind to a socket and
  2371. mark it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha.
  2372. o Minor bugfixes (memory leaks):
  2373. - Fix a small memory leak when validating a configuration that uses
  2374. two or more AF_UNIX sockets for the same port type. Fixes bug
  2375. 23053; bugfix on 0.2.6.3-alpha. This is CID 1415725.
  2376. o Minor bugfixes (unit tests):
  2377. - test_consdiff_base64cmp would fail on OS X because while OS X
  2378. follows the standard of (less than zero/zero/greater than zero),
  2379. it doesn't follow the convention of (-1/0/+1). Make the test
  2380. comply with the standard. Fixes bug 22870; bugfix on 0.3.1.1-alpha.
  2381. - Fix a memory leak in the link-handshake/certs_ok_ed25519 test.
  2382. Fixes bug 22803; bugfix on 0.3.0.1-alpha.
  2383. Changes in version 0.3.1.4-alpha - 2017-06-29
  2384. Tor 0.3.1.4-alpha fixes a path selection bug that would allow a client
  2385. to use a guard that was in the same network family as a chosen exit
  2386. relay. This is a security regression; all clients running earlier
  2387. versions of 0.3.0.x or 0.3.1.x should upgrade to 0.3.0.9
  2388. or 0.3.1.4-alpha.
  2389. This release also fixes several other bugs introduced in 0.3.0.x
  2390. and 0.3.1.x, including others that can affect bandwidth usage
  2391. and correctness.
  2392. o New dependencies:
  2393. - To build with zstd and lzma support, Tor now requires the
  2394. pkg-config tool at build time. (This requirement was new in
  2395. 0.3.1.1-alpha, but was not noted at the time. Noting it here to
  2396. close ticket 22623.)
  2397. o Major bugfixes (path selection, security):
  2398. - When choosing which guard to use for a circuit, avoid the exit's
  2399. family along with the exit itself. Previously, the new guard
  2400. selection logic avoided the exit, but did not consider its family.
  2401. Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked as TROVE-2017-
  2402. 006 and CVE-2017-0377.
  2403. o Major bugfixes (compression, zstd):
  2404. - Correctly detect a full buffer when decompressing a large zstd-
  2405. compressed input. Previously, we would sometimes treat a full
  2406. buffer as an error. Fixes bug 22628; bugfix on 0.3.1.1-alpha.
  2407. o Major bugfixes (directory protocol):
  2408. - Ensure that we send "304 Not modified" as HTTP status code when a
  2409. client is attempting to fetch a consensus or consensus diff, and
  2410. the best one we can send them is one they already have. Fixes bug
  2411. 22702; bugfix on 0.3.1.1-alpha.
  2412. o Major bugfixes (entry guards):
  2413. - When starting with an old consensus, do not add new entry guards
  2414. unless the consensus is "reasonably live" (under 1 day old). Fixes
  2415. one root cause of bug 22400; bugfix on 0.3.0.1-alpha.
  2416. o Minor features (bug mitigation, diagnostics, logging):
  2417. - Avoid an assertion failure, and log a better error message, when
  2418. unable to remove a file from the consensus cache on Windows.
  2419. Attempts to mitigate and diagnose bug 22752.
  2420. o Minor features (geoip):
  2421. - Update geoip and geoip6 to the June 8 2017 Maxmind GeoLite2
  2422. Country database.
  2423. o Minor bugfixes (compression):
  2424. - When compressing or decompressing a buffer, check for a failure to
  2425. create a compression object. Fixes bug 22626; bugfix
  2426. on 0.3.1.1-alpha.
  2427. - When decompressing a buffer, check for extra data after the end of
  2428. the compressed data. Fixes bug 22629; bugfix on 0.3.1.1-alpha.
  2429. - When decompressing an object received over an anonymous directory
  2430. connection, if we have already decompressed it using an acceptable
  2431. compression method, do not reject it for looking like an
  2432. unacceptable compression method. Fixes part of bug 22670; bugfix
  2433. on 0.3.1.1-alpha.
  2434. - When serving directory votes compressed with zlib, do not claim to
  2435. have compressed them with zstd. Fixes bug 22669; bugfix
  2436. on 0.3.1.1-alpha.
  2437. - When spooling compressed data to an output buffer, don't try to
  2438. spool more data when there is no more data to spool and we are not
  2439. trying to flush the input. Previously, we would sometimes launch
  2440. compression requests with nothing to do, which interferes with our
  2441. 22672 checks. Fixes bug 22719; bugfix on 0.2.0.16-alpha.
  2442. o Minor bugfixes (defensive programming):
  2443. - Detect and break out of infinite loops in our compression code. We
  2444. don't think that any such loops exist now, but it's best to be
  2445. safe. Closes ticket 22672.
  2446. - Fix a memset() off the end of an array when packing cells. This
  2447. bug should be harmless in practice, since the corrupted bytes are
  2448. still in the same structure, and are always padding bytes,
  2449. ignored, or immediately overwritten, depending on compiler
  2450. behavior. Nevertheless, because the memset()'s purpose is to make
  2451. sure that any other cell-handling bugs can't expose bytes to the
  2452. network, we need to fix it. Fixes bug 22737; bugfix on
  2453. 0.2.4.11-alpha. Fixes CID 1401591.
  2454. o Minor bugfixes (linux seccomp2 sandbox):
  2455. - Permit the fchmod system call, to avoid crashing on startup when
  2456. starting with the seccomp2 sandbox and an unexpected set of
  2457. permissions on the data directory or its contents. Fixes bug
  2458. 22516; bugfix on 0.2.5.4-alpha.
  2459. - Fix a crash in the LZMA module, when the sandbox was enabled, and
  2460. liblzma would allocate more than 16 MB of memory. We solve this by
  2461. bumping the mprotect() limit in the sandbox module from 16 MB to
  2462. 20 MB. Fixes bug 22751; bugfix on 0.3.1.1-alpha.
  2463. o Minor bugfixes (logging):
  2464. - When decompressing, do not warn if we fail to decompress using a
  2465. compression method that we merely guessed. Fixes part of bug
  2466. 22670; bugfix on 0.1.1.14-alpha.
  2467. - When decompressing, treat mismatch between content-encoding and
  2468. actual compression type as a protocol warning. Fixes part of bug
  2469. 22670; bugfix on 0.1.1.9-alpha.
  2470. - Downgrade "assigned_to_cpuworker failed" message to info-level
  2471. severity. In every case that can reach it, either a better warning
  2472. has already been logged, or no warning is warranted. Fixes bug
  2473. 22356; bugfix on 0.2.6.3-alpha.
  2474. - Demote a warn that was caused by libevent delays to info if
  2475. netflow padding is less than 4.5 seconds late, or to notice
  2476. if it is more (4.5 seconds is the amount of time that a netflow
  2477. record might be emitted after, if we chose the maximum timeout).
  2478. Fixes bug 22212; bugfix on 0.3.1.1-alpha.
  2479. o Minor bugfixes (process behavior):
  2480. - When exiting because of an error, always exit with a nonzero exit
  2481. status. Previously, we would fail to report an error in our exit
  2482. status in cases related to __OwningControllerProcess failure,
  2483. lockfile contention, and Ed25519 key initialization. Fixes bug
  2484. 22720; bugfix on versions 0.2.1.6-alpha, 0.2.2.28-beta, and
  2485. 0.2.7.2-alpha respectively. Reported by "f55jwk4f"; patch
  2486. from "huyvq".
  2487. o Documentation:
  2488. - Add a manpage description for the key-pinning-journal file. Closes
  2489. ticket 22347.
  2490. - Correctly note that bandwidth accounting values are stored in the
  2491. state file, and the bw_accounting file is now obsolete. Closes
  2492. ticket 16082.
  2493. - Document more of the files in the Tor data directory, including
  2494. cached-extrainfo, secret_onion_key{,_ntor}.old, hidserv-stats,
  2495. approved-routers, sr-random, and diff-cache. Found while fixing
  2496. ticket 22347.
  2497. Changes in version 0.3.0.9 - 2017-06-29
  2498. Tor 0.3.0.9 fixes a path selection bug that would allow a client
  2499. to use a guard that was in the same network family as a chosen exit
  2500. relay. This is a security regression; all clients running earlier
  2501. versions of 0.3.0.x or 0.3.1.x should upgrade to 0.3.0.9 or
  2502. 0.3.1.4-alpha.
  2503. This release also backports several other bugfixes from the 0.3.1.x
  2504. series.
  2505. o Major bugfixes (path selection, security, backport from 0.3.1.4-alpha):
  2506. - When choosing which guard to use for a circuit, avoid the exit's
  2507. family along with the exit itself. Previously, the new guard
  2508. selection logic avoided the exit, but did not consider its family.
  2509. Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked as TROVE-2017-
  2510. 006 and CVE-2017-0377.
  2511. o Major bugfixes (entry guards, backport from 0.3.1.1-alpha):
  2512. - Don't block bootstrapping when a primary bridge is offline and we
  2513. can't get its descriptor. Fixes bug 22325; fixes one case of bug
  2514. 21969; bugfix on 0.3.0.3-alpha.
  2515. o Major bugfixes (entry guards, backport from 0.3.1.4-alpha):
  2516. - When starting with an old consensus, do not add new en