12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960296129622963296429652966296729682969297029712972297329742975297629772978297929802981298229832984298529862987298829892990299129922993299429952996299729982999300030013002300330043005300630073008300930103011301230133014301530163017301830193020302130223023302430253026302730283029303030313032303330343035303630373038303930403041304230433044304530463047304830493050305130523053305430553056305730583059306030613062306330643065306630673068306930703071307230733074307530763077307830793080308130823083308430853086308730883089309030913092309330943095309630973098309931003101310231033104310531063107310831093110311131123113311431153116311731183119312031213122312331243125312631273128312931303131313231333134313531363137313831393140314131423143314431453146314731483149315031513152315331543155315631573158315931603161316231633164316531663167316831693170317131723173317431753176317731783179318031813182318331843185318631873188318931903191319231933194319531963197319831993200320132023203320432053206320732083209321032113212321332143215321632173218321932203221322232233224322532263227322832293230323132323233323432353236323732383239324032413242324332443245324632473248324932503251325232533254325532563257325832593260326132623263326432653266326732683269327032713272327332743275327632773278327932803281328232833284328532863287328832893290329132923293329432953296329732983299330033013302330333043305330633073308330933103311331233133314331533163317331833193320332133223323332433253326332733283329333033313332333333343335333633373338333933403341334233433344334533463347334833493350335133523353335433553356335733583359336033613362336333643365336633673368336933703371337233733374337533763377337833793380338133823383338433853386338733883389339033913392339333943395339633973398339934003401340234033404340534063407340834093410341134123413341434153416341734183419342034213422342334243425342634273428342934303431343234333434343534363437343834393440344134423443344434453446344734483449345034513452345334543455345634573458345934603461346234633464346534663467346834693470347134723473347434753476347734783479348034813482348334843485348634873488348934903491349234933494349534963497349834993500350135023503350435053506350735083509351035113512351335143515351635173518351935203521352235233524352535263527352835293530353135323533353435353536353735383539354035413542354335443545354635473548354935503551355235533554355535563557355835593560356135623563356435653566356735683569357035713572357335743575357635773578357935803581358235833584358535863587358835893590359135923593359435953596359735983599360036013602360336043605360636073608360936103611361236133614361536163617361836193620362136223623362436253626362736283629363036313632363336343635363636373638363936403641364236433644364536463647364836493650365136523653365436553656365736583659366036613662366336643665366636673668366936703671367236733674367536763677367836793680368136823683368436853686368736883689369036913692369336943695369636973698369937003701370237033704370537063707370837093710371137123713371437153716371737183719372037213722372337243725372637273728372937303731373237333734373537363737373837393740374137423743374437453746374737483749375037513752375337543755375637573758375937603761376237633764376537663767376837693770377137723773377437753776377737783779378037813782378337843785378637873788378937903791379237933794379537963797379837993800380138023803380438053806380738083809381038113812381338143815381638173818381938203821382238233824382538263827382838293830383138323833383438353836383738383839384038413842384338443845384638473848384938503851385238533854385538563857385838593860386138623863386438653866386738683869387038713872387338743875387638773878387938803881388238833884388538863887388838893890389138923893389438953896389738983899390039013902390339043905390639073908390939103911391239133914391539163917391839193920392139223923392439253926392739283929393039313932393339343935393639373938393939403941394239433944394539463947394839493950395139523953395439553956395739583959396039613962396339643965396639673968396939703971397239733974397539763977397839793980398139823983398439853986398739883989399039913992399339943995399639973998399940004001400240034004400540064007400840094010401140124013401440154016401740184019402040214022402340244025402640274028402940304031403240334034403540364037403840394040404140424043404440454046404740484049405040514052405340544055405640574058405940604061406240634064406540664067406840694070407140724073407440754076407740784079408040814082408340844085408640874088408940904091409240934094409540964097409840994100410141024103410441054106410741084109411041114112411341144115411641174118411941204121412241234124412541264127412841294130413141324133413441354136413741384139414041414142414341444145414641474148414941504151415241534154415541564157415841594160416141624163416441654166416741684169417041714172417341744175417641774178417941804181418241834184418541864187418841894190419141924193419441954196419741984199420042014202420342044205420642074208420942104211421242134214421542164217421842194220422142224223422442254226422742284229423042314232423342344235423642374238423942404241424242434244424542464247424842494250425142524253425442554256425742584259426042614262426342644265426642674268426942704271427242734274427542764277427842794280428142824283428442854286428742884289429042914292429342944295429642974298429943004301430243034304430543064307430843094310431143124313431443154316431743184319432043214322432343244325432643274328432943304331433243334334433543364337433843394340434143424343434443454346434743484349435043514352435343544355435643574358435943604361436243634364436543664367436843694370437143724373437443754376437743784379438043814382438343844385438643874388438943904391439243934394439543964397439843994400440144024403440444054406440744084409441044114412441344144415441644174418441944204421442244234424442544264427442844294430443144324433443444354436443744384439444044414442444344444445444644474448444944504451445244534454445544564457445844594460446144624463446444654466446744684469447044714472447344744475447644774478447944804481448244834484448544864487448844894490449144924493449444954496449744984499450045014502450345044505450645074508450945104511451245134514451545164517451845194520452145224523452445254526452745284529453045314532453345344535453645374538453945404541454245434544454545464547454845494550455145524553455445554556455745584559456045614562456345644565456645674568456945704571457245734574457545764577457845794580458145824583458445854586458745884589459045914592459345944595459645974598459946004601460246034604460546064607460846094610461146124613461446154616461746184619462046214622462346244625462646274628462946304631463246334634463546364637463846394640464146424643464446454646464746484649465046514652465346544655465646574658465946604661466246634664466546664667466846694670467146724673467446754676467746784679468046814682468346844685468646874688468946904691469246934694469546964697469846994700470147024703470447054706470747084709471047114712471347144715471647174718471947204721472247234724472547264727472847294730473147324733473447354736473747384739474047414742474347444745474647474748474947504751475247534754475547564757475847594760476147624763476447654766476747684769477047714772477347744775477647774778477947804781478247834784478547864787478847894790479147924793479447954796479747984799480048014802480348044805480648074808480948104811481248134814481548164817481848194820482148224823482448254826482748284829483048314832483348344835483648374838483948404841484248434844484548464847484848494850485148524853485448554856485748584859486048614862486348644865486648674868486948704871487248734874487548764877487848794880488148824883488448854886488748884889489048914892489348944895489648974898489949004901490249034904490549064907490849094910491149124913491449154916491749184919492049214922492349244925492649274928492949304931493249334934493549364937493849394940494149424943494449454946494749484949495049514952495349544955495649574958495949604961496249634964496549664967496849694970497149724973497449754976497749784979498049814982498349844985498649874988498949904991499249934994499549964997499849995000500150025003500450055006500750085009501050115012501350145015501650175018501950205021502250235024502550265027502850295030503150325033503450355036503750385039504050415042504350445045504650475048504950505051505250535054505550565057505850595060506150625063506450655066506750685069507050715072507350745075507650775078507950805081508250835084508550865087508850895090509150925093509450955096509750985099510051015102510351045105510651075108510951105111511251135114511551165117511851195120512151225123512451255126512751285129513051315132513351345135513651375138513951405141514251435144514551465147514851495150515151525153515451555156515751585159516051615162516351645165516651675168516951705171517251735174517551765177517851795180518151825183518451855186518751885189519051915192519351945195519651975198519952005201520252035204520552065207520852095210521152125213521452155216521752185219522052215222522352245225522652275228522952305231523252335234523552365237523852395240524152425243524452455246524752485249525052515252525352545255525652575258525952605261526252635264526552665267526852695270527152725273527452755276527752785279528052815282528352845285528652875288528952905291529252935294529552965297529852995300530153025303530453055306530753085309531053115312531353145315531653175318531953205321532253235324532553265327532853295330533153325333533453355336533753385339534053415342534353445345534653475348534953505351535253535354535553565357535853595360536153625363536453655366536753685369537053715372537353745375537653775378537953805381538253835384538553865387538853895390539153925393539453955396539753985399540054015402540354045405540654075408540954105411541254135414541554165417541854195420542154225423542454255426542754285429543054315432543354345435543654375438543954405441544254435444544554465447544854495450545154525453545454555456545754585459546054615462546354645465546654675468546954705471547254735474547554765477547854795480548154825483548454855486548754885489549054915492549354945495549654975498549955005501550255035504550555065507550855095510551155125513551455155516551755185519552055215522552355245525552655275528552955305531553255335534553555365537553855395540554155425543554455455546554755485549555055515552555355545555555655575558555955605561556255635564556555665567556855695570557155725573557455755576557755785579558055815582558355845585558655875588558955905591559255935594559555965597559855995600560156025603560456055606560756085609561056115612561356145615561656175618561956205621562256235624562556265627562856295630563156325633563456355636563756385639564056415642564356445645564656475648564956505651565256535654565556565657565856595660566156625663566456655666566756685669567056715672567356745675567656775678567956805681568256835684568556865687568856895690569156925693569456955696569756985699570057015702570357045705570657075708570957105711571257135714571557165717571857195720572157225723572457255726572757285729573057315732573357345735573657375738573957405741574257435744574557465747574857495750575157525753575457555756575757585759576057615762576357645765576657675768576957705771577257735774577557765777577857795780578157825783578457855786578757885789579057915792579357945795579657975798579958005801580258035804580558065807580858095810581158125813581458155816581758185819582058215822582358245825582658275828582958305831583258335834583558365837583858395840584158425843584458455846584758485849585058515852585358545855585658575858585958605861586258635864586558665867586858695870587158725873587458755876587758785879588058815882588358845885588658875888588958905891589258935894589558965897589858995900590159025903590459055906590759085909591059115912591359145915591659175918591959205921592259235924592559265927592859295930593159325933593459355936593759385939594059415942594359445945594659475948594959505951595259535954595559565957595859595960596159625963596459655966596759685969597059715972597359745975597659775978597959805981598259835984598559865987598859895990599159925993599459955996599759985999600060016002600360046005600660076008600960106011601260136014601560166017601860196020602160226023602460256026602760286029603060316032603360346035603660376038603960406041604260436044604560466047604860496050605160526053605460556056605760586059606060616062606360646065606660676068606960706071607260736074607560766077607860796080608160826083608460856086608760886089609060916092609360946095609660976098609961006101610261036104610561066107610861096110611161126113611461156116611761186119612061216122612361246125612661276128612961306131613261336134613561366137613861396140614161426143614461456146614761486149615061516152615361546155615661576158615961606161616261636164616561666167616861696170617161726173617461756176617761786179618061816182618361846185618661876188618961906191619261936194619561966197619861996200620162026203620462056206620762086209621062116212621362146215621662176218621962206221622262236224622562266227622862296230623162326233623462356236623762386239624062416242624362446245624662476248624962506251625262536254625562566257625862596260626162626263626462656266626762686269627062716272627362746275627662776278627962806281628262836284628562866287628862896290629162926293629462956296629762986299630063016302630363046305630663076308630963106311631263136314631563166317631863196320632163226323632463256326632763286329633063316332633363346335633663376338633963406341634263436344634563466347634863496350635163526353635463556356635763586359636063616362636363646365636663676368636963706371637263736374637563766377637863796380638163826383638463856386638763886389639063916392639363946395639663976398639964006401640264036404640564066407640864096410641164126413641464156416641764186419642064216422642364246425642664276428642964306431643264336434643564366437643864396440644164426443644464456446644764486449645064516452645364546455645664576458645964606461646264636464646564666467646864696470647164726473647464756476647764786479648064816482648364846485648664876488648964906491649264936494649564966497649864996500650165026503650465056506650765086509651065116512651365146515651665176518651965206521652265236524652565266527652865296530653165326533653465356536653765386539654065416542654365446545654665476548654965506551655265536554655565566557655865596560656165626563656465656566656765686569657065716572657365746575657665776578657965806581658265836584658565866587658865896590659165926593659465956596659765986599660066016602660366046605660666076608660966106611661266136614661566166617661866196620662166226623662466256626662766286629663066316632663366346635663666376638663966406641664266436644664566466647664866496650665166526653665466556656665766586659666066616662666366646665666666676668666966706671667266736674667566766677667866796680668166826683668466856686668766886689669066916692669366946695669666976698669967006701670267036704670567066707670867096710671167126713671467156716671767186719672067216722672367246725672667276728672967306731673267336734673567366737673867396740674167426743674467456746674767486749675067516752675367546755675667576758675967606761676267636764676567666767676867696770677167726773677467756776677767786779678067816782678367846785678667876788678967906791679267936794679567966797679867996800680168026803680468056806680768086809681068116812681368146815681668176818681968206821682268236824682568266827682868296830683168326833683468356836683768386839684068416842684368446845684668476848684968506851685268536854685568566857685868596860686168626863686468656866686768686869687068716872687368746875687668776878687968806881688268836884688568866887688868896890689168926893689468956896689768986899690069016902690369046905690669076908690969106911691269136914691569166917691869196920692169226923692469256926692769286929693069316932693369346935693669376938693969406941694269436944694569466947694869496950695169526953695469556956695769586959696069616962696369646965696669676968696969706971697269736974697569766977697869796980698169826983698469856986698769886989699069916992699369946995699669976998699970007001700270037004700570067007700870097010701170127013701470157016701770187019702070217022702370247025702670277028702970307031703270337034703570367037703870397040704170427043704470457046704770487049705070517052705370547055705670577058705970607061706270637064706570667067706870697070707170727073707470757076707770787079708070817082708370847085708670877088708970907091709270937094709570967097709870997100710171027103710471057106710771087109711071117112711371147115711671177118711971207121712271237124712571267127712871297130713171327133713471357136713771387139714071417142714371447145714671477148714971507151715271537154715571567157715871597160716171627163716471657166716771687169717071717172717371747175717671777178717971807181718271837184718571867187718871897190719171927193719471957196719771987199720072017202720372047205720672077208720972107211721272137214721572167217721872197220722172227223722472257226722772287229723072317232723372347235723672377238723972407241724272437244724572467247724872497250725172527253725472557256725772587259726072617262726372647265726672677268726972707271727272737274727572767277727872797280728172827283728472857286728772887289729072917292729372947295729672977298729973007301730273037304730573067307730873097310731173127313731473157316731773187319732073217322732373247325732673277328732973307331733273337334733573367337733873397340734173427343734473457346734773487349735073517352735373547355735673577358735973607361736273637364736573667367736873697370737173727373737473757376737773787379738073817382738373847385738673877388738973907391739273937394739573967397739873997400740174027403740474057406740774087409741074117412741374147415741674177418741974207421742274237424742574267427742874297430743174327433743474357436743774387439744074417442744374447445744674477448744974507451745274537454745574567457745874597460746174627463746474657466746774687469747074717472747374747475747674777478747974807481748274837484748574867487748874897490749174927493749474957496749774987499750075017502750375047505750675077508750975107511751275137514751575167517751875197520752175227523752475257526752775287529753075317532753375347535753675377538753975407541754275437544754575467547754875497550755175527553755475557556755775587559756075617562756375647565756675677568756975707571757275737574757575767577757875797580758175827583758475857586758775887589759075917592759375947595759675977598759976007601760276037604760576067607760876097610761176127613761476157616761776187619762076217622762376247625762676277628762976307631763276337634763576367637763876397640764176427643764476457646764776487649765076517652765376547655765676577658765976607661766276637664766576667667766876697670767176727673767476757676767776787679768076817682768376847685768676877688768976907691769276937694769576967697769876997700770177027703770477057706770777087709771077117712771377147715771677177718771977207721772277237724772577267727772877297730773177327733773477357736773777387739774077417742774377447745774677477748774977507751775277537754775577567757775877597760776177627763776477657766776777687769777077717772777377747775777677777778777977807781778277837784778577867787778877897790779177927793779477957796779777987799780078017802780378047805780678077808780978107811781278137814781578167817781878197820782178227823782478257826782778287829783078317832783378347835783678377838783978407841784278437844784578467847784878497850785178527853785478557856785778587859786078617862786378647865786678677868786978707871787278737874787578767877787878797880788178827883788478857886788778887889789078917892789378947895789678977898789979007901790279037904790579067907790879097910791179127913791479157916791779187919792079217922792379247925792679277928792979307931793279337934793579367937793879397940794179427943794479457946794779487949795079517952795379547955795679577958795979607961796279637964796579667967796879697970797179727973797479757976797779787979798079817982798379847985798679877988798979907991799279937994799579967997799879998000800180028003800480058006800780088009801080118012801380148015801680178018801980208021802280238024802580268027802880298030803180328033803480358036803780388039804080418042804380448045804680478048804980508051805280538054805580568057805880598060806180628063806480658066806780688069807080718072807380748075807680778078807980808081808280838084808580868087808880898090809180928093809480958096809780988099810081018102810381048105810681078108810981108111811281138114811581168117811881198120812181228123812481258126812781288129813081318132813381348135813681378138813981408141814281438144814581468147814881498150815181528153815481558156815781588159816081618162816381648165816681678168816981708171817281738174817581768177817881798180818181828183818481858186818781888189819081918192819381948195819681978198819982008201820282038204820582068207820882098210821182128213821482158216821782188219822082218222822382248225822682278228822982308231823282338234823582368237823882398240824182428243824482458246824782488249825082518252825382548255825682578258825982608261826282638264826582668267826882698270827182728273827482758276827782788279828082818282828382848285828682878288828982908291829282938294829582968297829882998300830183028303830483058306830783088309831083118312831383148315831683178318831983208321832283238324832583268327832883298330833183328333833483358336833783388339834083418342834383448345834683478348834983508351835283538354835583568357835883598360836183628363836483658366836783688369837083718372837383748375837683778378837983808381838283838384838583868387838883898390839183928393839483958396839783988399840084018402840384048405840684078408840984108411841284138414841584168417841884198420842184228423842484258426842784288429843084318432843384348435843684378438843984408441844284438444844584468447844884498450845184528453845484558456845784588459846084618462846384648465846684678468846984708471847284738474847584768477847884798480848184828483848484858486848784888489849084918492849384948495849684978498849985008501850285038504850585068507850885098510851185128513851485158516851785188519852085218522852385248525852685278528852985308531853285338534853585368537853885398540854185428543854485458546854785488549855085518552855385548555855685578558855985608561856285638564856585668567856885698570857185728573857485758576857785788579858085818582858385848585858685878588858985908591859285938594859585968597859885998600860186028603860486058606860786088609861086118612861386148615861686178618861986208621862286238624862586268627862886298630863186328633863486358636863786388639864086418642864386448645864686478648864986508651865286538654865586568657865886598660866186628663866486658666866786688669867086718672867386748675867686778678867986808681868286838684868586868687868886898690869186928693869486958696869786988699870087018702870387048705870687078708870987108711871287138714871587168717871887198720872187228723872487258726872787288729873087318732873387348735873687378738873987408741874287438744874587468747874887498750875187528753875487558756875787588759876087618762876387648765876687678768876987708771877287738774877587768777877887798780878187828783878487858786878787888789879087918792879387948795879687978798879988008801880288038804880588068807880888098810881188128813881488158816881788188819882088218822882388248825882688278828882988308831883288338834883588368837883888398840884188428843884488458846884788488849885088518852885388548855885688578858885988608861886288638864886588668867886888698870887188728873887488758876887788788879888088818882888388848885888688878888888988908891889288938894889588968897889888998900890189028903890489058906890789088909891089118912891389148915891689178918891989208921892289238924892589268927892889298930893189328933893489358936893789388939894089418942894389448945894689478948894989508951895289538954895589568957895889598960896189628963896489658966896789688969897089718972897389748975897689778978897989808981898289838984898589868987898889898990899189928993899489958996899789988999900090019002900390049005900690079008900990109011901290139014901590169017901890199020902190229023902490259026902790289029903090319032903390349035903690379038903990409041904290439044904590469047904890499050905190529053905490559056905790589059906090619062906390649065906690679068906990709071907290739074907590769077907890799080908190829083908490859086908790889089909090919092909390949095909690979098909991009101910291039104910591069107910891099110911191129113911491159116911791189119912091219122912391249125912691279128912991309131913291339134913591369137913891399140914191429143914491459146914791489149915091519152915391549155915691579158915991609161916291639164916591669167916891699170917191729173917491759176917791789179918091819182918391849185918691879188918991909191919291939194919591969197919891999200920192029203920492059206920792089209921092119212921392149215921692179218921992209221922292239224922592269227922892299230923192329233923492359236923792389239924092419242924392449245924692479248924992509251925292539254925592569257925892599260926192629263926492659266926792689269927092719272927392749275927692779278927992809281928292839284928592869287928892899290929192929293929492959296929792989299930093019302930393049305930693079308930993109311931293139314931593169317931893199320932193229323932493259326932793289329933093319332933393349335933693379338933993409341934293439344934593469347934893499350935193529353935493559356935793589359936093619362936393649365936693679368936993709371937293739374937593769377937893799380938193829383938493859386938793889389939093919392939393949395939693979398939994009401940294039404940594069407940894099410941194129413941494159416941794189419942094219422942394249425942694279428942994309431943294339434943594369437943894399440944194429443944494459446944794489449945094519452945394549455945694579458945994609461946294639464946594669467946894699470947194729473947494759476947794789479948094819482948394849485948694879488948994909491949294939494949594969497949894999500950195029503950495059506950795089509951095119512951395149515951695179518951995209521952295239524952595269527952895299530953195329533953495359536953795389539954095419542954395449545954695479548954995509551955295539554955595569557955895599560956195629563956495659566956795689569957095719572957395749575957695779578957995809581958295839584958595869587958895899590959195929593959495959596959795989599960096019602960396049605960696079608960996109611961296139614961596169617961896199620962196229623962496259626962796289629963096319632963396349635963696379638963996409641964296439644964596469647964896499650965196529653965496559656965796589659966096619662966396649665966696679668966996709671967296739674967596769677967896799680968196829683968496859686968796889689969096919692969396949695969696979698969997009701970297039704970597069707970897099710971197129713971497159716971797189719972097219722972397249725972697279728972997309731973297339734973597369737973897399740974197429743974497459746974797489749975097519752975397549755975697579758975997609761976297639764976597669767976897699770977197729773977497759776977797789779978097819782978397849785978697879788978997909791979297939794979597969797979897999800980198029803980498059806980798089809981098119812981398149815981698179818981998209821982298239824982598269827982898299830983198329833983498359836983798389839984098419842984398449845984698479848984998509851985298539854985598569857985898599860986198629863986498659866986798689869987098719872987398749875987698779878987998809881988298839884988598869887988898899890989198929893989498959896989798989899990099019902990399049905990699079908990999109911991299139914991599169917991899199920992199229923992499259926992799289929993099319932993399349935993699379938993999409941994299439944994599469947994899499950995199529953995499559956995799589959996099619962996399649965996699679968996999709971997299739974997599769977997899799980998199829983998499859986998799889989999099919992999399949995999699979998999910000100011000210003100041000510006100071000810009100101001110012100131001410015100161001710018100191002010021100221002310024100251002610027100281002910030100311003210033100341003510036100371003810039100401004110042100431004410045100461004710048100491005010051100521005310054100551005610057100581005910060100611006210063100641006510066100671006810069100701007110072100731007410075100761007710078100791008010081100821008310084100851008610087100881008910090100911009210093100941009510096100971009810099101001010110102101031010410105101061010710108101091011010111101121011310114101151011610117101181011910120101211012210123101241012510126101271012810129101301013110132101331013410135101361013710138101391014010141101421014310144101451014610147101481014910150101511015210153101541015510156101571015810159101601016110162101631016410165101661016710168101691017010171101721017310174101751017610177101781017910180101811018210183101841018510186101871018810189101901019110192101931019410195101961019710198101991020010201102021020310204102051020610207102081020910210102111021210213102141021510216102171021810219102201022110222102231022410225102261022710228102291023010231102321023310234102351023610237102381023910240102411024210243102441024510246102471024810249102501025110252102531025410255102561025710258102591026010261102621026310264102651026610267102681026910270102711027210273102741027510276102771027810279102801028110282102831028410285102861028710288102891029010291102921029310294102951029610297102981029910300103011030210303103041030510306103071030810309103101031110312103131031410315103161031710318103191032010321103221032310324103251032610327103281032910330103311033210333103341033510336103371033810339103401034110342103431034410345103461034710348103491035010351103521035310354103551035610357103581035910360103611036210363103641036510366103671036810369103701037110372103731037410375103761037710378103791038010381103821038310384103851038610387103881038910390103911039210393103941039510396103971039810399104001040110402104031040410405104061040710408104091041010411104121041310414104151041610417104181041910420104211042210423104241042510426104271042810429104301043110432104331043410435104361043710438104391044010441104421044310444104451044610447104481044910450104511045210453104541045510456104571045810459104601046110462104631046410465104661046710468104691047010471104721047310474104751047610477104781047910480104811048210483104841048510486104871048810489104901049110492104931049410495104961049710498104991050010501105021050310504105051050610507105081050910510105111051210513105141051510516105171051810519105201052110522105231052410525105261052710528105291053010531105321053310534105351053610537105381053910540105411054210543105441054510546105471054810549105501055110552105531055410555105561055710558105591056010561105621056310564105651056610567105681056910570105711057210573105741057510576105771057810579105801058110582105831058410585105861058710588105891059010591105921059310594105951059610597105981059910600106011060210603106041060510606106071060810609106101061110612106131061410615106161061710618106191062010621106221062310624106251062610627106281062910630106311063210633106341063510636106371063810639106401064110642106431064410645106461064710648106491065010651106521065310654106551065610657106581065910660106611066210663106641066510666106671066810669106701067110672106731067410675106761067710678106791068010681106821068310684106851068610687106881068910690106911069210693106941069510696106971069810699107001070110702107031070410705107061070710708107091071010711107121071310714107151071610717107181071910720107211072210723107241072510726107271072810729107301073110732107331073410735107361073710738107391074010741107421074310744107451074610747107481074910750107511075210753107541075510756107571075810759107601076110762107631076410765107661076710768107691077010771107721077310774107751077610777107781077910780107811078210783107841078510786107871078810789107901079110792107931079410795107961079710798107991080010801108021080310804108051080610807108081080910810108111081210813108141081510816108171081810819108201082110822108231082410825108261082710828108291083010831108321083310834108351083610837108381083910840108411084210843108441084510846108471084810849108501085110852108531085410855108561085710858108591086010861108621086310864108651086610867108681086910870108711087210873108741087510876108771087810879108801088110882108831088410885108861088710888108891089010891108921089310894108951089610897108981089910900109011090210903109041090510906109071090810909109101091110912109131091410915109161091710918109191092010921109221092310924109251092610927109281092910930109311093210933109341093510936109371093810939109401094110942109431094410945109461094710948109491095010951109521095310954109551095610957109581095910960109611096210963109641096510966109671096810969109701097110972109731097410975109761097710978109791098010981109821098310984109851098610987109881098910990109911099210993109941099510996109971099810999110001100111002110031100411005110061100711008110091101011011110121101311014110151101611017110181101911020110211102211023110241102511026110271102811029110301103111032110331103411035110361103711038110391104011041110421104311044110451104611047110481104911050110511105211053110541105511056110571105811059110601106111062110631106411065110661106711068110691107011071110721107311074110751107611077110781107911080110811108211083110841108511086110871108811089110901109111092110931109411095110961109711098110991110011101111021110311104111051110611107111081110911110111111111211113111141111511116111171111811119111201112111122111231112411125111261112711128111291113011131111321113311134111351113611137111381113911140111411114211143111441114511146111471114811149111501115111152111531115411155111561115711158111591116011161111621116311164111651116611167111681116911170111711117211173111741117511176111771117811179111801118111182111831118411185111861118711188111891119011191111921119311194111951119611197111981119911200112011120211203112041120511206112071120811209112101121111212112131121411215112161121711218112191122011221112221122311224112251122611227112281122911230112311123211233112341123511236112371123811239112401124111242112431124411245112461124711248112491125011251112521125311254112551125611257112581125911260112611126211263112641126511266112671126811269112701127111272112731127411275112761127711278112791128011281112821128311284112851128611287112881128911290112911129211293112941129511296112971129811299113001130111302113031130411305113061130711308113091131011311113121131311314113151131611317113181131911320113211132211323113241132511326113271132811329113301133111332113331133411335113361133711338113391134011341113421134311344113451134611347113481134911350113511135211353113541135511356113571135811359113601136111362113631136411365113661136711368113691137011371113721137311374113751137611377113781137911380113811138211383113841138511386113871138811389113901139111392113931139411395113961139711398113991140011401114021140311404114051140611407114081140911410114111141211413114141141511416114171141811419114201142111422114231142411425114261142711428114291143011431114321143311434114351143611437114381143911440114411144211443114441144511446114471144811449114501145111452114531145411455114561145711458114591146011461114621146311464114651146611467114681146911470114711147211473114741147511476114771147811479114801148111482114831148411485114861148711488114891149011491114921149311494114951149611497114981149911500115011150211503115041150511506115071150811509115101151111512115131151411515115161151711518115191152011521115221152311524115251152611527115281152911530115311153211533115341153511536115371153811539115401154111542115431154411545115461154711548115491155011551115521155311554115551155611557115581155911560115611156211563115641156511566115671156811569115701157111572115731157411575115761157711578115791158011581115821158311584115851158611587115881158911590115911159211593115941159511596115971159811599116001160111602116031160411605116061160711608116091161011611116121161311614116151161611617116181161911620116211162211623116241162511626116271162811629116301163111632116331163411635116361163711638116391164011641116421164311644116451164611647116481164911650116511165211653116541165511656116571165811659116601166111662116631166411665116661166711668116691167011671116721167311674116751167611677116781167911680116811168211683116841168511686116871168811689116901169111692116931169411695116961169711698116991170011701117021170311704117051170611707117081170911710117111171211713117141171511716117171171811719117201172111722117231172411725117261172711728117291173011731117321173311734117351173611737117381173911740117411174211743117441174511746117471174811749117501175111752117531175411755117561175711758117591176011761117621176311764117651176611767117681176911770117711177211773117741177511776117771177811779117801178111782117831178411785117861178711788117891179011791117921179311794117951179611797117981179911800118011180211803118041180511806118071180811809118101181111812118131181411815118161181711818118191182011821118221182311824118251182611827118281182911830118311183211833118341183511836118371183811839118401184111842118431184411845118461184711848118491185011851118521185311854118551185611857118581185911860118611186211863118641186511866118671186811869118701187111872118731187411875118761187711878118791188011881118821188311884118851188611887118881188911890118911189211893118941189511896118971189811899119001190111902119031190411905119061190711908119091191011911119121191311914119151191611917119181191911920119211192211923119241192511926119271192811929119301193111932119331193411935119361193711938119391194011941119421194311944119451194611947119481194911950119511195211953119541195511956119571195811959119601196111962119631196411965119661196711968119691197011971119721197311974119751197611977119781197911980119811198211983119841198511986119871198811989119901199111992119931199411995119961199711998119991200012001120021200312004120051200612007120081200912010120111201212013120141201512016120171201812019120201202112022120231202412025120261202712028120291203012031120321203312034120351203612037120381203912040120411204212043120441204512046120471204812049120501205112052120531205412055120561205712058120591206012061120621206312064120651206612067120681206912070120711207212073120741207512076120771207812079120801208112082120831208412085120861208712088120891209012091120921209312094120951209612097120981209912100121011210212103121041210512106121071210812109121101211112112121131211412115121161211712118121191212012121121221212312124121251212612127121281212912130121311213212133121341213512136121371213812139121401214112142121431214412145121461214712148121491215012151121521215312154121551215612157121581215912160121611216212163121641216512166121671216812169121701217112172121731217412175121761217712178121791218012181121821218312184121851218612187121881218912190121911219212193121941219512196121971219812199122001220112202122031220412205122061220712208122091221012211122121221312214122151221612217122181221912220122211222212223122241222512226122271222812229122301223112232122331223412235122361223712238122391224012241122421224312244122451224612247122481224912250122511225212253122541225512256122571225812259122601226112262122631226412265122661226712268122691227012271122721227312274122751227612277122781227912280122811228212283122841228512286122871228812289122901229112292122931229412295122961229712298122991230012301123021230312304123051230612307123081230912310123111231212313123141231512316123171231812319123201232112322123231232412325123261232712328123291233012331123321233312334123351233612337123381233912340123411234212343123441234512346123471234812349123501235112352123531235412355123561235712358123591236012361123621236312364123651236612367123681236912370123711237212373123741237512376123771237812379123801238112382123831238412385123861238712388123891239012391123921239312394123951239612397123981239912400124011240212403124041240512406124071240812409124101241112412124131241412415124161241712418124191242012421124221242312424124251242612427124281242912430124311243212433124341243512436124371243812439124401244112442124431244412445124461244712448124491245012451124521245312454124551245612457124581245912460124611246212463124641246512466124671246812469124701247112472124731247412475124761247712478124791248012481124821248312484124851248612487124881248912490124911249212493124941249512496124971249812499125001250112502125031250412505125061250712508125091251012511125121251312514125151251612517125181251912520125211252212523125241252512526125271252812529125301253112532125331253412535125361253712538125391254012541125421254312544125451254612547125481254912550125511255212553125541255512556125571255812559125601256112562125631256412565125661256712568125691257012571125721257312574125751257612577125781257912580125811258212583125841258512586125871258812589125901259112592125931259412595125961259712598125991260012601126021260312604126051260612607126081260912610126111261212613126141261512616126171261812619126201262112622126231262412625126261262712628126291263012631126321263312634126351263612637126381263912640126411264212643126441264512646126471264812649126501265112652126531265412655126561265712658126591266012661126621266312664126651266612667126681266912670126711267212673126741267512676126771267812679126801268112682126831268412685126861268712688126891269012691126921269312694126951269612697126981269912700127011270212703127041270512706127071270812709127101271112712127131271412715127161271712718127191272012721127221272312724127251272612727127281272912730127311273212733127341273512736127371273812739127401274112742127431274412745127461274712748127491275012751127521275312754127551275612757127581275912760127611276212763127641276512766127671276812769127701277112772127731277412775127761277712778127791278012781127821278312784127851278612787127881278912790127911279212793127941279512796127971279812799128001280112802128031280412805128061280712808128091281012811128121281312814128151281612817128181281912820128211282212823128241282512826128271282812829128301283112832128331283412835128361283712838128391284012841128421284312844128451284612847128481284912850128511285212853128541285512856128571285812859128601286112862128631286412865128661286712868128691287012871128721287312874128751287612877128781287912880128811288212883128841288512886128871288812889128901289112892128931289412895128961289712898128991290012901129021290312904129051290612907129081290912910129111291212913129141291512916129171291812919129201292112922129231292412925129261292712928129291293012931129321293312934129351293612937129381293912940129411294212943129441294512946129471294812949129501295112952129531295412955129561295712958129591296012961129621296312964129651296612967129681296912970129711297212973129741297512976129771297812979129801298112982129831298412985129861298712988129891299012991129921299312994129951299612997129981299913000130011300213003130041300513006130071300813009130101301113012130131301413015130161301713018130191302013021130221302313024130251302613027130281302913030130311303213033130341303513036130371303813039130401304113042130431304413045130461304713048130491305013051130521305313054130551305613057130581305913060130611306213063130641306513066130671306813069130701307113072130731307413075130761307713078130791308013081130821308313084130851308613087130881308913090130911309213093130941309513096130971309813099131001310113102131031310413105131061310713108131091311013111131121311313114131151311613117131181311913120131211312213123131241312513126131271312813129131301313113132131331313413135131361313713138131391314013141131421314313144131451314613147131481314913150131511315213153131541315513156131571315813159131601316113162131631316413165131661316713168131691317013171131721317313174131751317613177131781317913180131811318213183131841318513186131871318813189131901319113192131931319413195131961319713198131991320013201132021320313204132051320613207132081320913210132111321213213132141321513216132171321813219132201322113222132231322413225132261322713228132291323013231132321323313234132351323613237132381323913240132411324213243132441324513246132471324813249132501325113252132531325413255132561325713258132591326013261132621326313264132651326613267132681326913270132711327213273132741327513276132771327813279132801328113282132831328413285132861328713288132891329013291132921329313294132951329613297132981329913300133011330213303133041330513306133071330813309133101331113312133131331413315133161331713318133191332013321133221332313324133251332613327133281332913330133311333213333133341333513336133371333813339133401334113342133431334413345133461334713348133491335013351133521335313354133551335613357133581335913360133611336213363133641336513366133671336813369133701337113372133731337413375133761337713378133791338013381133821338313384133851338613387133881338913390133911339213393133941339513396133971339813399134001340113402134031340413405134061340713408134091341013411134121341313414134151341613417134181341913420134211342213423134241342513426134271342813429134301343113432134331343413435134361343713438134391344013441134421344313444134451344613447134481344913450134511345213453134541345513456134571345813459134601346113462134631346413465134661346713468134691347013471134721347313474134751347613477134781347913480134811348213483134841348513486134871348813489134901349113492134931349413495134961349713498134991350013501135021350313504135051350613507135081350913510135111351213513135141351513516135171351813519135201352113522135231352413525135261352713528135291353013531135321353313534135351353613537135381353913540135411354213543135441354513546135471354813549135501355113552135531355413555135561355713558135591356013561135621356313564135651356613567135681356913570135711357213573135741357513576135771357813579135801358113582135831358413585135861358713588135891359013591135921359313594135951359613597135981359913600136011360213603136041360513606136071360813609136101361113612136131361413615136161361713618136191362013621136221362313624136251362613627136281362913630136311363213633136341363513636136371363813639136401364113642136431364413645136461364713648136491365013651136521365313654136551365613657136581365913660136611366213663136641366513666136671366813669136701367113672136731367413675136761367713678136791368013681136821368313684136851368613687136881368913690136911369213693136941369513696136971369813699137001370113702137031370413705137061370713708137091371013711137121371313714137151371613717137181371913720137211372213723137241372513726137271372813729137301373113732137331373413735137361373713738137391374013741137421374313744137451374613747137481374913750137511375213753137541375513756137571375813759137601376113762137631376413765137661376713768137691377013771137721377313774137751377613777137781377913780137811378213783137841378513786137871378813789137901379113792137931379413795137961379713798137991380013801138021380313804138051380613807138081380913810138111381213813138141381513816138171381813819138201382113822138231382413825138261382713828138291383013831138321383313834138351383613837138381383913840138411384213843138441384513846138471384813849138501385113852138531385413855138561385713858138591386013861138621386313864138651386613867138681386913870138711387213873138741387513876138771387813879138801388113882138831388413885138861388713888138891389013891138921389313894138951389613897138981389913900139011390213903139041390513906139071390813909139101391113912139131391413915139161391713918139191392013921139221392313924139251392613927139281392913930139311393213933139341393513936139371393813939139401394113942139431394413945139461394713948139491395013951139521395313954139551395613957139581395913960139611396213963139641396513966139671396813969139701397113972139731397413975139761397713978139791398013981139821398313984139851398613987139881398913990139911399213993139941399513996139971399813999140001400114002140031400414005140061400714008140091401014011140121401314014140151401614017140181401914020140211402214023140241402514026140271402814029140301403114032140331403414035140361403714038140391404014041140421404314044140451404614047140481404914050140511405214053140541405514056140571405814059140601406114062140631406414065140661406714068140691407014071140721407314074140751407614077140781407914080140811408214083140841408514086140871408814089140901409114092140931409414095140961409714098140991410014101141021410314104141051410614107141081410914110141111411214113141141411514116141171411814119141201412114122141231412414125141261412714128141291413014131141321413314134141351413614137141381413914140141411414214143141441414514146141471414814149141501415114152141531415414155141561415714158141591416014161141621416314164141651416614167141681416914170141711417214173141741417514176141771417814179141801418114182141831418414185141861418714188141891419014191141921419314194141951419614197141981419914200142011420214203142041420514206142071420814209142101421114212142131421414215142161421714218142191422014221142221422314224142251422614227142281422914230142311423214233142341423514236142371423814239142401424114242142431424414245142461424714248142491425014251142521425314254142551425614257142581425914260142611426214263142641426514266142671426814269142701427114272142731427414275142761427714278142791428014281142821428314284142851428614287142881428914290142911429214293142941429514296142971429814299143001430114302143031430414305143061430714308143091431014311143121431314314143151431614317143181431914320143211432214323143241432514326143271432814329143301433114332143331433414335143361433714338143391434014341143421434314344143451434614347143481434914350143511435214353143541435514356143571435814359143601436114362143631436414365143661436714368143691437014371143721437314374143751437614377143781437914380143811438214383143841438514386143871438814389143901439114392143931439414395143961439714398143991440014401144021440314404144051440614407144081440914410144111441214413144141441514416144171441814419144201442114422144231442414425144261442714428144291443014431144321443314434144351443614437144381443914440144411444214443144441444514446144471444814449144501445114452144531445414455144561445714458144591446014461144621446314464144651446614467144681446914470144711447214473144741447514476144771447814479144801448114482144831448414485144861448714488144891449014491144921449314494144951449614497144981449914500145011450214503145041450514506145071450814509145101451114512145131451414515145161451714518145191452014521145221452314524145251452614527145281452914530145311453214533145341453514536145371453814539145401454114542145431454414545145461454714548145491455014551145521455314554145551455614557145581455914560145611456214563145641456514566145671456814569145701457114572145731457414575145761457714578145791458014581145821458314584145851458614587145881458914590145911459214593145941459514596145971459814599146001460114602146031460414605146061460714608146091461014611146121461314614146151461614617146181461914620146211462214623146241462514626146271462814629146301463114632146331463414635146361463714638146391464014641146421464314644146451464614647146481464914650146511465214653146541465514656146571465814659146601466114662146631466414665146661466714668146691467014671146721467314674146751467614677146781467914680146811468214683146841468514686146871468814689146901469114692146931469414695146961469714698146991470014701147021470314704147051470614707147081470914710147111471214713147141471514716147171471814719147201472114722147231472414725147261472714728147291473014731147321473314734147351473614737147381473914740147411474214743147441474514746147471474814749147501475114752147531475414755147561475714758147591476014761147621476314764147651476614767147681476914770147711477214773147741477514776147771477814779147801478114782147831478414785147861478714788147891479014791147921479314794147951479614797147981479914800148011480214803148041480514806148071480814809148101481114812148131481414815148161481714818148191482014821148221482314824148251482614827148281482914830148311483214833148341483514836148371483814839148401484114842148431484414845148461484714848148491485014851148521485314854148551485614857148581485914860148611486214863148641486514866148671486814869148701487114872148731487414875148761487714878148791488014881148821488314884148851488614887148881488914890148911489214893148941489514896148971489814899149001490114902149031490414905149061490714908149091491014911149121491314914149151491614917149181491914920149211492214923149241492514926149271492814929149301493114932149331493414935149361493714938149391494014941149421494314944149451494614947149481494914950149511495214953149541495514956149571495814959149601496114962149631496414965149661496714968149691497014971149721497314974149751497614977149781497914980149811498214983149841498514986149871498814989149901499114992149931499414995149961499714998149991500015001150021500315004150051500615007150081500915010150111501215013150141501515016150171501815019150201502115022150231502415025150261502715028150291503015031150321503315034150351503615037150381503915040150411504215043150441504515046150471504815049150501505115052150531505415055150561505715058150591506015061150621506315064150651506615067150681506915070150711507215073150741507515076150771507815079150801508115082150831508415085150861508715088150891509015091150921509315094150951509615097150981509915100151011510215103151041510515106151071510815109151101511115112151131511415115151161511715118151191512015121151221512315124151251512615127151281512915130151311513215133151341513515136151371513815139151401514115142151431514415145151461514715148151491515015151151521515315154151551515615157151581515915160151611516215163151641516515166151671516815169151701517115172151731517415175151761517715178151791518015181151821518315184151851518615187151881518915190151911519215193151941519515196151971519815199152001520115202152031520415205152061520715208152091521015211152121521315214152151521615217152181521915220152211522215223152241522515226152271522815229152301523115232152331523415235152361523715238152391524015241152421524315244152451524615247152481524915250152511525215253152541525515256152571525815259152601526115262152631526415265152661526715268152691527015271152721527315274152751527615277152781527915280152811528215283152841528515286152871528815289152901529115292152931529415295152961529715298152991530015301153021530315304153051530615307153081530915310153111531215313153141531515316153171531815319153201532115322153231532415325153261532715328153291533015331153321533315334153351533615337153381533915340153411534215343153441534515346153471534815349153501535115352153531535415355153561535715358153591536015361153621536315364153651536615367153681536915370153711537215373153741537515376153771537815379153801538115382153831538415385153861538715388153891539015391153921539315394153951539615397153981539915400154011540215403154041540515406154071540815409154101541115412154131541415415154161541715418154191542015421154221542315424154251542615427154281542915430154311543215433154341543515436154371543815439154401544115442154431544415445154461544715448154491545015451154521545315454154551545615457154581545915460154611546215463154641546515466154671546815469154701547115472154731547415475154761547715478154791548015481154821548315484154851548615487154881548915490154911549215493154941549515496154971549815499155001550115502155031550415505155061550715508155091551015511155121551315514155151551615517155181551915520155211552215523155241552515526155271552815529155301553115532155331553415535155361553715538155391554015541155421554315544155451554615547155481554915550155511555215553155541555515556155571555815559155601556115562155631556415565155661556715568155691557015571155721557315574155751557615577155781557915580155811558215583155841558515586155871558815589155901559115592155931559415595155961559715598155991560015601156021560315604156051560615607156081560915610156111561215613156141561515616156171561815619156201562115622156231562415625156261562715628156291563015631156321563315634156351563615637156381563915640156411564215643156441564515646156471564815649156501565115652156531565415655156561565715658156591566015661156621566315664156651566615667156681566915670156711567215673156741567515676156771567815679156801568115682156831568415685156861568715688156891569015691156921569315694156951569615697156981569915700157011570215703157041570515706157071570815709157101571115712157131571415715157161571715718157191572015721157221572315724157251572615727157281572915730157311573215733157341573515736157371573815739157401574115742157431574415745157461574715748157491575015751157521575315754157551575615757157581575915760157611576215763157641576515766157671576815769157701577115772157731577415775157761577715778157791578015781157821578315784157851578615787157881578915790157911579215793157941579515796157971579815799158001580115802158031580415805158061580715808158091581015811158121581315814158151581615817158181581915820158211582215823158241582515826158271582815829158301583115832158331583415835158361583715838158391584015841158421584315844158451584615847158481584915850158511585215853158541585515856158571585815859158601586115862158631586415865158661586715868158691587015871158721587315874158751587615877158781587915880158811588215883158841588515886158871588815889158901589115892158931589415895158961589715898158991590015901159021590315904159051590615907159081590915910159111591215913159141591515916159171591815919159201592115922159231592415925159261592715928159291593015931159321593315934159351593615937159381593915940159411594215943159441594515946159471594815949159501595115952159531595415955159561595715958159591596015961159621596315964159651596615967159681596915970159711597215973159741597515976159771597815979159801598115982159831598415985159861598715988159891599015991159921599315994159951599615997159981599916000160011600216003160041600516006160071600816009160101601116012160131601416015160161601716018160191602016021160221602316024160251602616027160281602916030160311603216033160341603516036160371603816039160401604116042160431604416045160461604716048160491605016051160521605316054160551605616057160581605916060160611606216063160641606516066160671606816069160701607116072160731607416075160761607716078160791608016081160821608316084160851608616087160881608916090160911609216093160941609516096160971609816099161001610116102161031610416105161061610716108161091611016111161121611316114161151611616117161181611916120161211612216123161241612516126161271612816129161301613116132161331613416135161361613716138161391614016141161421614316144161451614616147161481614916150161511615216153161541615516156161571615816159161601616116162161631616416165161661616716168161691617016171161721617316174161751617616177161781617916180161811618216183161841618516186161871618816189161901619116192161931619416195161961619716198161991620016201162021620316204162051620616207162081620916210162111621216213162141621516216162171621816219162201622116222162231622416225162261622716228162291623016231162321623316234162351623616237162381623916240162411624216243162441624516246162471624816249162501625116252162531625416255162561625716258162591626016261162621626316264162651626616267162681626916270162711627216273162741627516276162771627816279162801628116282162831628416285162861628716288162891629016291162921629316294162951629616297162981629916300163011630216303163041630516306163071630816309163101631116312163131631416315163161631716318163191632016321163221632316324163251632616327163281632916330163311633216333163341633516336163371633816339163401634116342163431634416345163461634716348163491635016351163521635316354163551635616357163581635916360163611636216363163641636516366163671636816369163701637116372163731637416375163761637716378163791638016381163821638316384163851638616387163881638916390163911639216393163941639516396163971639816399164001640116402164031640416405164061640716408164091641016411164121641316414164151641616417164181641916420164211642216423164241642516426164271642816429164301643116432164331643416435164361643716438164391644016441164421644316444164451644616447164481644916450164511645216453164541645516456164571645816459164601646116462164631646416465164661646716468164691647016471164721647316474164751647616477164781647916480164811648216483164841648516486164871648816489164901649116492164931649416495164961649716498164991650016501165021650316504165051650616507165081650916510165111651216513165141651516516165171651816519165201652116522165231652416525165261652716528165291653016531165321653316534165351653616537165381653916540165411654216543165441654516546165471654816549165501655116552165531655416555165561655716558165591656016561165621656316564165651656616567165681656916570165711657216573165741657516576165771657816579165801658116582165831658416585165861658716588165891659016591165921659316594165951659616597165981659916600166011660216603166041660516606166071660816609166101661116612166131661416615166161661716618166191662016621166221662316624166251662616627166281662916630166311663216633166341663516636166371663816639166401664116642166431664416645166461664716648166491665016651166521665316654166551665616657166581665916660166611666216663166641666516666166671666816669166701667116672166731667416675166761667716678166791668016681166821668316684166851668616687166881668916690166911669216693166941669516696166971669816699167001670116702167031670416705167061670716708167091671016711167121671316714167151671616717167181671916720167211672216723167241672516726167271672816729167301673116732167331673416735167361673716738167391674016741167421674316744167451674616747167481674916750167511675216753167541675516756167571675816759167601676116762167631676416765167661676716768167691677016771167721677316774167751677616777167781677916780167811678216783167841678516786167871678816789167901679116792167931679416795167961679716798167991680016801168021680316804168051680616807168081680916810168111681216813168141681516816168171681816819168201682116822168231682416825168261682716828168291683016831168321683316834168351683616837168381683916840168411684216843168441684516846168471684816849168501685116852168531685416855168561685716858168591686016861168621686316864168651686616867168681686916870168711687216873168741687516876168771687816879168801688116882168831688416885168861688716888168891689016891168921689316894168951689616897168981689916900169011690216903169041690516906169071690816909169101691116912169131691416915169161691716918169191692016921169221692316924169251692616927169281692916930169311693216933169341693516936169371693816939169401694116942169431694416945169461694716948169491695016951169521695316954169551695616957169581695916960169611696216963169641696516966169671696816969169701697116972169731697416975169761697716978169791698016981169821698316984169851698616987169881698916990169911699216993169941699516996169971699816999170001700117002170031700417005170061700717008170091701017011170121701317014170151701617017170181701917020170211702217023170241702517026170271702817029170301703117032170331703417035170361703717038170391704017041170421704317044170451704617047170481704917050170511705217053170541705517056170571705817059170601706117062170631706417065170661706717068170691707017071170721707317074170751707617077170781707917080170811708217083170841708517086170871708817089170901709117092170931709417095170961709717098170991710017101171021710317104171051710617107171081710917110171111711217113171141711517116171171711817119171201712117122171231712417125171261712717128171291713017131171321713317134171351713617137171381713917140171411714217143171441714517146171471714817149171501715117152171531715417155171561715717158171591716017161171621716317164171651716617167171681716917170171711717217173171741717517176171771717817179171801718117182171831718417185171861718717188171891719017191171921719317194171951719617197171981719917200172011720217203172041720517206172071720817209172101721117212172131721417215172161721717218172191722017221172221722317224172251722617227172281722917230172311723217233172341723517236172371723817239172401724117242172431724417245172461724717248172491725017251172521725317254172551725617257172581725917260172611726217263172641726517266172671726817269172701727117272172731727417275172761727717278172791728017281172821728317284172851728617287172881728917290172911729217293172941729517296172971729817299173001730117302173031730417305173061730717308173091731017311173121731317314173151731617317173181731917320173211732217323173241732517326173271732817329173301733117332173331733417335173361733717338173391734017341173421734317344173451734617347173481734917350173511735217353173541735517356173571735817359173601736117362173631736417365173661736717368173691737017371173721737317374173751737617377173781737917380173811738217383173841738517386173871738817389173901739117392173931739417395173961739717398173991740017401174021740317404174051740617407174081740917410174111741217413174141741517416174171741817419174201742117422174231742417425174261742717428174291743017431174321743317434174351743617437174381743917440174411744217443174441744517446174471744817449174501745117452174531745417455174561745717458174591746017461174621746317464174651746617467174681746917470174711747217473174741747517476174771747817479174801748117482174831748417485174861748717488174891749017491174921749317494174951749617497174981749917500175011750217503175041750517506175071750817509175101751117512175131751417515175161751717518175191752017521175221752317524175251752617527175281752917530175311753217533175341753517536175371753817539175401754117542175431754417545175461754717548175491755017551175521755317554175551755617557175581755917560175611756217563175641756517566175671756817569175701757117572175731757417575175761757717578175791758017581175821758317584175851758617587175881758917590175911759217593175941759517596175971759817599176001760117602176031760417605176061760717608176091761017611176121761317614176151761617617176181761917620176211762217623176241762517626176271762817629176301763117632176331763417635176361763717638176391764017641176421764317644176451764617647176481764917650176511765217653176541765517656176571765817659176601766117662176631766417665176661766717668176691767017671176721767317674176751767617677176781767917680176811768217683176841768517686176871768817689176901769117692176931769417695176961769717698176991770017701177021770317704177051770617707177081770917710177111771217713177141771517716177171771817719177201772117722177231772417725177261772717728177291773017731177321773317734177351773617737177381773917740177411774217743177441774517746177471774817749177501775117752177531775417755177561775717758177591776017761177621776317764177651776617767177681776917770 |
- This document summarizes new features and bugfixes in each stable release
- of Tor. If you want to see more detailed descriptions of the changes in
- each development snapshot, see the ChangeLog file.
- Changes in version 0.3.2.9 - 2018-01-09
- Tor 0.3.2.9 is the first stable release in the 0.3.2 series.
- The 0.3.2 series includes our long-anticipated new onion service
- design, with numerous security features. (For more information, see
- our blog post at https://blog.torproject.org/fall-harvest.) We also
- have a new circuit scheduler algorithm for improved performance on
- relays everywhere (see https://blog.torproject.org/kist-and-tell),
- along with many smaller features and bugfixes.
- Per our stable release policy, we plan to support each stable release
- series for at least the next nine months, or for three months after
- the first stable release of the next series: whichever is longer. If
- you need a release with long-term support, we recommend that you stay
- with the 0.2.9 series.
- Below is a list of the changes since 0.3.1.7. For a list of all
- changes since 0.3.2.8-rc, see the ChangeLog file.
- o Directory authority changes:
- - Add "Bastet" as a ninth directory authority to the default list.
- Closes ticket 23910.
- - The directory authority "Longclaw" has changed its IP address.
- Closes ticket 23592.
- - Remove longclaw's IPv6 address, as it will soon change. Authority
- IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves
- 3/8 directory authorities with IPv6 addresses, but there are also
- 52 fallback directory mirrors with IPv6 addresses. Resolves 19760.
- - Add an IPv6 address for the "bastet" directory authority. Closes
- ticket 24394.
- o Major features (next-generation onion services):
- - Tor now supports the next-generation onion services protocol for
- clients and services! As part of this release, the core of
- proposal 224 has been implemented and is available for
- experimentation and testing by our users. This newer version of
- onion services ("v3") features many improvements over the legacy
- system, including:
- a) Better crypto (replaced SHA1/DH/RSA1024
- with SHA3/ed25519/curve25519)
- b) Improved directory protocol, leaking much less information to
- directory servers.
- c) Improved directory protocol, with smaller surface for
- targeted attacks.
- d) Better onion address security against impersonation.
- e) More extensible introduction/rendezvous protocol.
- f) A cleaner and more modular codebase.
- You can identify a next-generation onion address by its length:
- they are 56 characters long, as in
- "4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad.onion".
- In the future, we will release more options and features for v3
- onion services, but we first need a testing period, so that the
- current codebase matures and becomes more robust. Planned features
- include: offline keys, advanced client authorization, improved
- guard algorithms, and statistics. For full details, see
- proposal 224.
- Legacy ("v2") onion services will still work for the foreseeable
- future, and will remain the default until this new codebase gets
- tested and hardened. Service operators who want to experiment with
- the new system can use the 'HiddenServiceVersion 3' torrc
- directive along with the regular onion service configuration
- options. For more information, see our blog post at
- "https://blog.torproject.org/fall-harvest". Enjoy!
- o Major feature (scheduler, channel):
- - Tor now uses new schedulers to decide which circuits should
- deliver cells first, in order to improve congestion at relays. The
- first type is called "KIST" ("Kernel Informed Socket Transport"),
- and is only available on Linux-like systems: it uses feedback from
- the kernel to prevent the kernel's TCP buffers from growing too
- full. The second new scheduler type is called "KISTLite": it
- behaves the same as KIST, but runs on systems without kernel
- support for inspecting TCP implementation details. The old
- scheduler is still available, under the name "Vanilla". To change
- the default scheduler preference order, use the new "Schedulers"
- option. (The default preference order is "KIST,KISTLite,Vanilla".)
- Matt Traudt implemented KIST, based on research by Rob Jansen,
- John Geddes, Christ Wacek, Micah Sherr, and Paul Syverson. For
- more information, see the design paper at
- http://www.robgjansen.com/publications/kist-sec2014.pdf and the
- followup implementation paper at https://arxiv.org/abs/1709.01044.
- Closes ticket 12541. For more information, see our blog post at
- "https://blog.torproject.org/kist-and-tell".
- o Major bugfixes (security, general):
- - Fix a denial of service bug where an attacker could use a
- malformed directory object to cause a Tor instance to pause while
- OpenSSL would try to read a passphrase from the terminal. (Tor
- instances run without a terminal, which is the case for most Tor
- packages, are not impacted.) Fixes bug 24246; bugfix on every
- version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
- Found by OSS-Fuzz as testcase 6360145429790720.
- o Major bugfixes (security, directory authority):
- - Fix a denial of service issue where an attacker could crash a
- directory authority using a malformed router descriptor. Fixes bug
- 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
- and CVE-2017-8820.
- o Major bugfixes (security, onion service v2):
- - Fix a use-after-free error that could crash v2 Tor onion services
- when they failed to open circuits while expiring introduction
- points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
- also tracked as TROVE-2017-013 and CVE-2017-8823.
- - When checking for replays in the INTRODUCE1 cell data for a
- (legacy) onion service, correctly detect replays in the RSA-
- encrypted part of the cell. We were previously checking for
- replays on the entire cell, but those can be circumvented due to
- the malleability of Tor's legacy hybrid encryption. This fix helps
- prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
- 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
- and CVE-2017-8819.
- o Major bugfixes (security, relay):
- - When running as a relay, make sure that we never build a path
- through ourselves, even in the case where we have somehow lost the
- version of our descriptor appearing in the consensus. Fixes part
- of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
- as TROVE-2017-012 and CVE-2017-8822.
- - When running as a relay, make sure that we never choose ourselves
- as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This
- issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
- o Major bugfixes (bootstrapping):
- - Fetch descriptors aggressively whenever we lack enough to build
- circuits, regardless of how many descriptors we are missing.
- Previously, we would delay launching the fetch when we had fewer
- than 15 missing descriptors, even if some of those descriptors
- were blocking circuits from building. Fixes bug 23985; bugfix on
- 0.1.1.11-alpha. The effects of this bug became worse in
- 0.3.0.3-alpha, when we began treating missing descriptors from our
- primary guards as a reason to delay circuits.
- - Don't try fetching microdescriptors from relays that have failed
- to deliver them in the past. Fixes bug 23817; bugfix
- on 0.3.0.1-alpha.
- o Major bugfixes (circuit prediction):
- - Fix circuit prediction logic so that a client doesn't treat a port
- as being "handled" by a circuit if that circuit already has
- isolation settings on it. This change should make Tor clients more
- responsive by improving their chances of having a pre-created
- circuit ready for use when a request arrives. Fixes bug 18859;
- bugfix on 0.2.3.3-alpha.
- o Major bugfixes (exit relays, DNS):
- - Fix an issue causing DNS to fail on high-bandwidth exit nodes,
- making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on
- 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for
- identifying and finding a workaround to this bug and to Moritz,
- Arthur Edelstein, and Roger for helping to track it down and
- analyze it.
- o Major bugfixes (relay, crash, assertion failure):
- - Fix a timing-based assertion failure that could occur when the
- circuit out-of-memory handler freed a connection's output buffer.
- Fixes bug 23690; bugfix on 0.2.6.1-alpha.
- o Major bugfixes (usability, control port):
- - Report trusted clock skew indications as bootstrap errors, so
- controllers can more easily alert users when their clocks are
- wrong. Fixes bug 23506; bugfix on 0.1.2.6-alpha.
- o Minor features (bridge):
- - Bridge relays can now set the BridgeDistribution config option to
- add a "bridge-distribution-request" line to their bridge
- descriptor, which tells BridgeDB how they'd like their bridge
- address to be given out. (Note that as of Oct 2017, BridgeDB does
- not yet implement this feature.) As a side benefit, this feature
- provides a way to distinguish bridge descriptors from non-bridge
- descriptors. Implements tickets 18329.
- - When handling the USERADDR command on an ExtOrPort, warn when the
- transports provides a USERADDR with no port. In a future version,
- USERADDR commands of this format may be rejected. Detects problems
- related to ticket 23080.
- o Minor features (bug detection):
- - Log a warning message with a stack trace for any attempt to call
- get_options() during option validation. This pattern has caused
- subtle bugs in the past. Closes ticket 22281.
- o Minor features (build, compilation):
- - The "check-changes" feature is now part of the "make check" tests;
- we'll use it to try to prevent misformed changes files from
- accumulating. Closes ticket 23564.
- - Tor builds should now fail if there are any mismatches between the
- C type representing a configuration variable and the C type the
- data-driven parser uses to store a value there. Previously, we
- needed to check these by hand, which sometimes led to mistakes.
- Closes ticket 23643.
- o Minor features (client):
- - You can now use Tor as a tunneled HTTP proxy: use the new
- HTTPTunnelPort option to open a port that accepts HTTP CONNECT
- requests. Closes ticket 22407.
- - Add an extra check to make sure that we always use the newer guard
- selection code for picking our guards. Closes ticket 22779.
- - When downloading (micro)descriptors, don't split the list into
- multiple requests unless we want at least 32 descriptors.
- Previously, we split at 4, not 32, which led to significant
- overhead in HTTP request size and degradation in compression
- performance. Closes ticket 23220.
- - Improve log messages when missing descriptors for primary guards.
- Resolves ticket 23670.
- o Minor features (command line):
- - Add a new commandline option, --key-expiration, which prints when
- the current signing key is going to expire. Implements ticket
- 17639; patch by Isis Lovecruft.
- o Minor features (control port):
- - If an application tries to use the control port as an HTTP proxy,
- respond with a meaningful "This is the Tor control port" message,
- and log the event. Closes ticket 1667. Patch from Ravi
- Chandra Padmala.
- - Provide better error message for GETINFO desc/(id|name) when not
- fetching router descriptors. Closes ticket 5847. Patch by
- Kevin Butler.
- - Add GETINFO "{desc,md}/download-enabled", to inform the controller
- whether Tor will try to download router descriptors and
- microdescriptors respectively. Closes ticket 22684.
- - Added new GETINFO targets "ip-to-country/{ipv4,ipv6}-available",
- so controllers can tell whether the geoip databases are loaded.
- Closes ticket 23237.
- - Adds a timestamp field to the CIRC_BW and STREAM_BW bandwidth
- events. Closes ticket 19254. Patch by "DonnchaC".
- o Minor features (development support):
- - Developers can now generate a call-graph for Tor using the
- "calltool" python program, which post-processes object dumps. It
- should work okay on many Linux and OSX platforms, and might work
- elsewhere too. To run it, install calltool from
- https://gitweb.torproject.org/user/nickm/calltool.git and run
- "make callgraph". Closes ticket 19307.
- o Minor features (directory authority):
- - Make the "Exit" flag assignment only depend on whether the exit
- policy allows connections to ports 80 and 443. Previously relays
- would get the Exit flag if they allowed connections to one of
- these ports and also port 6667. Resolves ticket 23637.
- o Minor features (ed25519):
- - Add validation function to checks for torsion components in
- ed25519 public keys, used by prop224 client-side code. Closes
- ticket 22006. Math help by Ian Goldberg.
- o Minor features (exit relay, DNS):
- - Improve the clarity and safety of the log message from evdns when
- receiving an apparently spoofed DNS reply. Closes ticket 3056.
- o Minor features (fallback directory mirrors):
- - The fallback directory list has been re-generated based on the
- current status of the network. Tor uses fallback directories to
- bootstrap when it doesn't yet have up-to-date directory
- information. Closes ticket 24801.
- - Make the default DirAuthorityFallbackRate 0.1, so that clients
- prefer to bootstrap from fallback directory mirrors. This is a
- follow-up to 24679, which removed weights from the default
- fallbacks. Implements ticket 24681.
- o Minor features (geoip):
- - Update geoip and geoip6 to the January 5 2018 Maxmind GeoLite2
- Country database.
- o Minor features (integration, hardening):
- - Add a new NoExec option to prevent Tor from running other
- programs. When this option is set to 1, Tor will never try to run
- another program, regardless of the settings of
- PortForwardingHelper, ClientTransportPlugin, or
- ServerTransportPlugin. Once NoExec is set, it cannot be disabled
- without restarting Tor. Closes ticket 22976.
- o Minor features (linux seccomp2 sandbox):
- - Update the sandbox rules so that they should now work correctly
- with Glibc 2.26. Closes ticket 24315.
- o Minor features (logging):
- - Provide better warnings when the getrandom() syscall fails. Closes
- ticket 24500.
- - Downgrade a pair of log messages that could occur when an exit's
- resolver gave us an unusual (but not forbidden) response. Closes
- ticket 24097.
- - Improve the message we log when re-enabling circuit build timeouts
- after having received a consensus. Closes ticket 20963.
- - Log more circuit information whenever we are about to try to
- package a relay cell on a circuit with a nonexistent n_chan.
- Attempt to diagnose ticket 8185.
- - Improve info-level log identification of particular circuits, to
- help with debugging. Closes ticket 23645.
- - Improve the warning message for specifying a relay by nickname.
- The previous message implied that nickname registration was still
- part of the Tor network design, which it isn't. Closes
- ticket 20488.
- - If the sandbox filter fails to load, suggest to the user that
- their kernel might not support seccomp2. Closes ticket 23090.
- o Minor features (onion service, circuit, logging):
- - Improve logging of many callsite in the circuit subsystem to print
- the circuit identifier(s).
- - Log when we cleanup an intro point from a service so we know when
- and for what reason it happened. Closes ticket 23604.
- o Minor features (portability):
- - Tor now compiles correctly on arm64 with libseccomp-dev installed.
- (It doesn't yet work with the sandbox enabled.) Closes
- ticket 24424.
- - Check at configure time whether uint8_t is the same type as
- unsigned char. Lots of existing code already makes this
- assumption, and there could be strict aliasing issues if the
- assumption is violated. Closes ticket 22410.
- o Minor features (relay):
- - When choosing which circuits can be expired as unused, consider
- circuits from clients even if those clients used regular CREATE
- cells to make them; and do not consider circuits from relays even
- if they were made with CREATE_FAST. Part of ticket 22805.
- - Reject attempts to use relative file paths when RunAsDaemon is
- set. Previously, Tor would accept these, but the directory-
- changing step of RunAsDaemon would give strange and/or confusing
- results. Closes ticket 22731.
- o Minor features (relay statistics):
- - Change relay bandwidth reporting stats interval from 4 hours to 24
- hours in order to reduce the efficiency of guard discovery
- attacks. Fixes ticket 23856.
- o Minor features (reverted deprecations):
- - The ClientDNSRejectInternalAddresses flag can once again be set in
- non-testing Tor networks, so long as they do not use the default
- directory authorities. This change also removes the deprecation of
- this flag from 0.2.9.2-alpha. Closes ticket 21031.
- o Minor features (robustness):
- - Change several fatal assertions when flushing buffers into non-
- fatal assertions, to prevent any recurrence of 23690.
- o Minor features (startup, safety):
- - When configured to write a PID file, Tor now exits if it is unable
- to do so. Previously, it would warn and continue. Closes
- ticket 20119.
- o Minor features (static analysis):
- - The BUG() macro has been changed slightly so that Coverity no
- longer complains about dead code if the bug is impossible. Closes
- ticket 23054.
- o Minor features (testing):
- - Our fuzzing tests now test the encrypted portions of v3 onion
- service descriptors. Implements more of 21509.
- - Add a unit test to make sure that our own generated platform
- string will be accepted by directory authorities. Closes
- ticket 22109.
- - The default chutney network tests now include tests for the v3
- onion service design. Make sure you have the latest version of
- chutney if you want to run these. Closes ticket 22437.
- - Add a unit test to verify that we can parse a hardcoded v2 onion
- service descriptor. Closes ticket 15554.
- o Minor bugfixes (address selection):
- - When the fascist_firewall_choose_address_ functions don't find a
- reachable address, set the returned address to the null address
- and port. This is a precautionary measure, because some callers do
- not check the return value. Fixes bug 24736; bugfix
- on 0.2.8.2-alpha.
- o Minor bugfixes (bootstrapping):
- - When warning about state file clock skew, report the correct
- direction for the detected skew. Fixes bug 23606; bugfix
- on 0.2.8.1-alpha.
- o Minor bugfixes (bridge clients, bootstrap):
- - Retry directory downloads when we get our first bridge descriptor
- during bootstrap or while reconnecting to the network. Keep
- retrying every time we get a bridge descriptor, until we have a
- reachable bridge. Fixes part of bug 24367; bugfix on 0.2.0.3-alpha.
- - Stop delaying bridge descriptor fetches when we have cached bridge
- descriptors. Instead, only delay bridge descriptor fetches when we
- have at least one reachable bridge. Fixes part of bug 24367;
- bugfix on 0.2.0.3-alpha.
- - Stop delaying directory fetches when we have cached bridge
- descriptors. Instead, only delay bridge descriptor fetches when
- all our bridges are definitely unreachable. Fixes part of bug
- 24367; bugfix on 0.2.0.3-alpha.
- o Minor bugfixes (bridge):
- - Overwrite the bridge address earlier in the process of retrieving
- its descriptor, to make sure we reach it on the configured
- address. Fixes bug 20532; bugfix on 0.2.0.10-alpha.
- o Minor bugfixes (build, compilation):
- - Fix a compilation warning when building with zstd support on
- 32-bit platforms. Fixes bug 23568; bugfix on 0.3.1.1-alpha. Found
- and fixed by Andreas Stieger.
- - When searching for OpenSSL, don't accept any OpenSSL library that
- lacks TLSv1_1_method(): Tor doesn't build with those versions.
- Additionally, look in /usr/local/opt/openssl, if it's present.
- These changes together repair the default build on OSX systems
- with Homebrew installed. Fixes bug 23602; bugfix on 0.2.7.2-alpha.
- - Fix a signed/unsigned comparison warning introduced by our fix to
- TROVE-2017-009. Fixes bug 24480; bugfix on 0.2.5.16.
- - Fix a memory leak warning in one of the libevent-related
- configuration tests that could occur when manually specifying
- -fsanitize=address. Fixes bug 24279; bugfix on 0.3.0.2-alpha.
- Found and patched by Alex Xu.
- - Fix unused-variable warnings in donna's Curve25519 SSE2 code.
- Fixes bug 22895; bugfix on 0.2.7.2-alpha.
- o Minor bugfixes (certificate handling):
- - Fix a time handling bug in Tor certificates set to expire after
- the year 2106. Fixes bug 23055; bugfix on 0.3.0.1-alpha. Found by
- Coverity as CID 1415728.
- o Minor bugfixes (client):
- - By default, do not enable storage of client-side DNS values. These
- values were unused by default previously, but they should not have
- been cached at all. Fixes bug 24050; bugfix on 0.2.6.3-alpha.
- o Minor bugfixes (client, usability):
- - Refrain from needlessly rejecting SOCKS5-with-hostnames and
- SOCKS4a requests that contain IP address strings, even when
- SafeSocks in enabled, as this prevents user from connecting to
- known IP addresses without relying on DNS for resolving. SafeSocks
- still rejects SOCKS connections that connect to IP addresses when
- those addresses are _not_ encoded as hostnames. Fixes bug 22461;
- bugfix on Tor 0.2.6.2-alpha.
- o Minor bugfixes (code correctness):
- - Call htons() in extend_cell_format() for encoding a 16-bit value.
- Previously we used ntohs(), which happens to behave the same on
- all the platforms we support, but which isn't really correct.
- Fixes bug 23106; bugfix on 0.2.4.8-alpha.
- - For defense-in-depth, make the controller's write_escaped_data()
- function robust to extremely long inputs. Fixes bug 19281; bugfix
- on 0.1.1.1-alpha. Reported by Guido Vranken.
- - Fix several places in our codebase where a C compiler would be
- likely to eliminate a check, based on assuming that undefined
- behavior had not happened elsewhere in the code. These cases are
- usually a sign of redundant checking or dubious arithmetic. Found
- by Georg Koppen using the "STACK" tool from Wang, Zeldovich,
- Kaashoek, and Solar-Lezama. Fixes bug 24423; bugfix on various
- Tor versions.
- o Minor bugfixes (compression):
- - Handle a pathological case when decompressing Zstandard data when
- the output buffer size is zero. Fixes bug 23551; bugfix
- on 0.3.1.1-alpha.
- o Minor bugfixes (consensus expiry):
- - Check for adequate directory information correctly. Previously, Tor
- would reconsider whether it had sufficient directory information
- every 2 minutes. Fixes bug 23091; bugfix on 0.2.0.19-alpha.
- o Minor bugfixes (control port, linux seccomp2 sandbox):
- - Avoid a crash when attempting to use the seccomp2 sandbox together
- with the OwningControllerProcess feature. Fixes bug 24198; bugfix
- on 0.2.5.1-alpha.
- o Minor bugfixes (control port, onion services):
- - Report "FAILED" instead of "UPLOAD_FAILED" "FAILED" for the
- HS_DESC event when a service is not able to upload a descriptor.
- Fixes bug 24230; bugfix on 0.2.7.1-alpha.
- o Minor bugfixes (directory cache):
- - Recover better from empty or corrupt files in the consensus cache
- directory. Fixes bug 24099; bugfix on 0.3.1.1-alpha.
- - When a consensus diff calculation is only partially successful,
- only record the successful parts as having succeeded. Partial
- success can happen if (for example) one compression method fails
- but the others succeed. Previously we misrecorded all the
- calculations as having succeeded, which would later cause a
- nonfatal assertion failure. Fixes bug 24086; bugfix
- on 0.3.1.1-alpha.
- o Minor bugfixes (directory client):
- - On failure to download directory information, delay retry attempts
- by a random amount based on the "decorrelated jitter" algorithm.
- Our previous delay algorithm tended to produce extra-long delays
- too easily. Fixes bug 23816; bugfix on 0.2.9.1-alpha.
- o Minor bugfixes (directory protocol):
- - Directory servers now include a "Date:" http header for response
- codes other than 200. Clients starting with a skewed clock and a
- recent consensus were getting "304 Not modified" responses from
- directory authorities, so without the Date header, the client
- would never hear about a wrong clock. Fixes bug 23499; bugfix
- on 0.0.8rc1.
- - Make clients wait for 6 seconds before trying to download a
- consensus from an authority. Fixes bug 17750; bugfix
- on 0.2.8.1-alpha.
- o Minor bugfixes (documentation):
- - Document better how to read gcov, and what our gcov postprocessing
- scripts do. Fixes bug 23739; bugfix on 0.2.9.1-alpha.
- - Fix manpage to not refer to the obsolete (and misspelled)
- UseEntryGuardsAsDirectoryGuards parameter in the description of
- NumDirectoryGuards. Fixes bug 23611; bugfix on 0.2.4.8-alpha.
- o Minor bugfixes (DoS-resistance):
- - If future code asks if there are any running bridges, without
- checking if bridges are enabled, log a BUG warning rather than
- crashing. Fixes bug 23524; bugfix on 0.3.0.1-alpha.
- o Minor bugfixes (entry guards):
- - Tor now updates its guard state when it reads a consensus
- regardless of whether it's missing descriptors. That makes tor use
- its primary guards to fetch descriptors in some edge cases where
- it would previously have used fallback directories. Fixes bug
- 23862; bugfix on 0.3.0.1-alpha.
- o Minor bugfixes (format strictness):
- - Restrict several data formats to decimal. Previously, the
- BuildTimeHistogram entries in the state file, the "bw=" entries in
- the bandwidth authority file, and the process IDs passed to the
- __OwningControllerProcess option could all be specified in hex or
- octal as well as in decimal. This was not an intentional feature.
- Fixes bug 22802; bugfixes on 0.2.2.1-alpha, 0.2.2.2-alpha,
- and 0.2.2.28-beta.
- o Minor bugfixes (heartbeat):
- - If we fail to write a heartbeat message, schedule a retry for the
- minimum heartbeat interval number of seconds in the future. Fixes
- bug 19476; bugfix on 0.2.3.1-alpha.
- o Minor bugfixes (logging):
- - Suppress a log notice when relay descriptors arrive. We already
- have a bootstrap progress for this so no need to log notice
- everytime tor receives relay descriptors. Microdescriptors behave
- the same. Fixes bug 23861; bugfix on 0.2.8.2-alpha.
- - Remove duplicate log messages regarding opening non-local
- SocksPorts upon parsing config and opening listeners at startup.
- Fixes bug 4019; bugfix on 0.2.3.3-alpha.
- - Use a more comprehensible log message when telling the user
- they've excluded every running exit node. Fixes bug 7890; bugfix
- on 0.2.2.25-alpha.
- - When logging the number of descriptors we intend to download per
- directory request, do not log a number higher than then the number
- of descriptors we're fetching in total. Fixes bug 19648; bugfix
- on 0.1.1.8-alpha.
- - When warning about a directory owned by the wrong user, log the
- actual name of the user owning the directory. Previously, we'd log
- the name of the process owner twice. Fixes bug 23487; bugfix
- on 0.2.9.1-alpha.
- - Fix some messages on unexpected errors from the seccomp2 library.
- Fixes bug 22750; bugfix on 0.2.5.1-alpha. Patch from "cypherpunks".
- - The tor specification says hop counts are 1-based, so fix two log
- messages that mistakenly logged 0-based hop counts. Fixes bug
- 18982; bugfix on 0.2.6.2-alpha and 0.2.4.5-alpha. Patch by teor.
- Credit to Xiaofan Li for reporting this issue.
- o Minor bugfixes (logging, relay shutdown, annoyance):
- - When a circuit is marked for close, do not attempt to package any
- cells for channels on that circuit. Previously, we would detect
- this condition lower in the call stack, when we noticed that the
- circuit had no attached channel, and log an annoying message.
- Fixes bug 8185; bugfix on 0.2.5.4-alpha.
- o Minor bugfixes (memory safety, defensive programming):
- - Clear the target address when node_get_prim_orport() returns
- early. Fixes bug 23874; bugfix on 0.2.8.2-alpha.
- o Minor bugfixes (memory usage):
- - When queuing DESTROY cells on a channel, only queue the circuit-id
- and reason fields: not the entire 514-byte cell. This fix should
- help mitigate any bugs or attacks that fill up these queues, and
- free more RAM for other uses. Fixes bug 24666; bugfix
- on 0.2.5.1-alpha.
- o Minor bugfixes (network layer):
- - When closing a connection via close_connection_immediately(), we
- mark it as "not blocked on bandwidth", to prevent later calls from
- trying to unblock it, and give it permission to read. This fixes a
- backtrace warning that can happen on relays under various
- circumstances. Fixes bug 24167; bugfix on 0.1.0.1-rc.
- o Minor bugfixes (onion services):
- - The introduction circuit was being timed out too quickly while
- waiting for the rendezvous circuit to complete. Keep the intro
- circuit around longer instead of timing out and reopening new ones
- constantly. Fixes bug 23681; bugfix on 0.2.4.8-alpha.
- - Rename the consensus parameter "hsdir-interval" to "hsdir_interval"
- so it matches dir-spec.txt. Fixes bug 24262; bugfix
- on 0.3.1.1-alpha.
- - When handling multiple SOCKS request for the same .onion address,
- only fetch the service descriptor once.
- - Avoid a possible double close of a circuit by the intro point on
- error of sending the INTRO_ESTABLISHED cell. Fixes bug 23610;
- bugfix on 0.3.0.1-alpha.
- - When reloading configured onion services, copy all information
- from the old service object. Previously, some data was omitted,
- causing delays in descriptor upload, and other bugs. Fixes bug
- 23790; bugfix on 0.2.1.9-alpha.
- o Minor bugfixes (path selection):
- - When selecting relays by bandwidth, avoid a rounding error that
- could sometimes cause load to be imbalanced incorrectly.
- Previously, we would always round upwards; now, we round towards
- the nearest integer. This had the biggest effect when a relay's
- weight adjustments should have given it weight 0, but it got
- weight 1 instead. Fixes bug 23318; bugfix on 0.2.4.3-alpha.
- - When calculating the fraction of nodes that have descriptors, and
- all nodes in the network have zero bandwidths, count the number of
- nodes instead. Fixes bug 23318; bugfix on 0.2.4.10-alpha.
- - Actually log the total bandwidth in compute_weighted_bandwidths().
- Fixes bug 24170; bugfix on 0.2.4.3-alpha.
- o Minor bugfixes (portability):
- - Stop using the PATH_MAX variable, which is not defined on GNU
- Hurd. Fixes bug 23098; bugfix on 0.3.1.1-alpha.
- - Fix a bug in the bit-counting parts of our timing-wheel code on
- MSVC. (Note that MSVC is still not a supported build platform, due
- to cryptographic timing channel risks.) Fixes bug 24633; bugfix
- on 0.2.9.1-alpha.
- o Minor bugfixes (relay):
- - When uploading our descriptor for the first time after startup,
- report the reason for uploading as "Tor just started" rather than
- leaving it blank. Fixes bug 22885; bugfix on 0.2.3.4-alpha.
- - Avoid unnecessary calls to directory_fetches_from_authorities() on
- relays, to prevent spurious address resolutions and descriptor
- rebuilds. This is a mitigation for bug 21789. Fixes bug 23470;
- bugfix on in 0.2.8.1-alpha.
- - Avoid a crash when transitioning from client mode to bridge mode.
- Previously, we would launch the worker threads whenever our
- "public server" mode changed, but not when our "server" mode
- changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha.
- o Minor bugfixes (testing):
- - Fix a spurious fuzzing-only use of an uninitialized value. Found
- by Brian Carpenter. Fixes bug 24082; bugfix on 0.3.0.3-alpha.
- - Test that IPv6-only clients can use microdescriptors when running
- "make test-network-all". Requires chutney master 61c28b9 or later.
- Closes ticket 24109.
- - Prevent scripts/test/coverage from attempting to move gcov output
- to the root directory. Fixes bug 23741; bugfix on 0.2.5.1-alpha.
- - Capture and detect several "Result does not fit" warnings in unit
- tests on platforms with 32-bit time_t. Fixes bug 21800; bugfix
- on 0.2.9.3-alpha.
- - Fix additional channelpadding unit test failures by using mocked
- time instead of actual time for all tests. Fixes bug 23608; bugfix
- on 0.3.1.1-alpha.
- - Fix a bug in our fuzzing mock replacement for crypto_pk_checksig(),
- to correctly handle cases where a caller gives it an RSA key of
- under 160 bits. (This is not actually a bug in Tor itself, but
- rather in our fuzzing code.) Fixes bug 24247; bugfix on
- 0.3.0.3-alpha. Found by OSS-Fuzz as issue 4177.
- - Fix a broken unit test for the OutboundAddress option: the parsing
- function was never returning an error on failure. Fixes bug 23366;
- bugfix on 0.3.0.3-alpha.
- - Fix a signed-integer overflow in the unit tests for
- dir/download_status_random_backoff, which was untriggered until we
- fixed bug 17750. Fixes bug 22924; bugfix on 0.2.9.1-alpha.
- o Minor bugfixes (usability, control port):
- - Stop making an unnecessary routerlist check in NETINFO clock skew
- detection; this was preventing clients from reporting NETINFO clock
- skew to controllers. Fixes bug 23532; bugfix on 0.2.4.4-alpha.
- o Code simplification and refactoring:
- - Remove various ways of testing circuits and connections for
- "clientness"; instead, favor channel_is_client(). Part of
- ticket 22805.
- - Extract the code for handling newly-open channels into a separate
- function from the general code to handle channel state
- transitions. This change simplifies our callgraph, reducing the
- size of the largest strongly connected component by roughly a
- factor of two. Closes ticket 22608.
- - Remove dead code for largely unused statistics on the number of
- times we've attempted various public key operations. Fixes bug
- 19871; bugfix on 0.1.2.4-alpha. Fix by Isis Lovecruft.
- - Remove several now-obsolete functions for asking about old
- variants directory authority status. Closes ticket 22311; patch
- from "huyvq".
- - Remove some of the code that once supported "Named" and "Unnamed"
- routers. Authorities no longer vote for these flags. Closes
- ticket 22215.
- - Rename the obsolete malleable hybrid_encrypt functions used in TAP
- and old hidden services, to indicate that they aren't suitable for
- new protocols or formats. Closes ticket 23026.
- - Replace our STRUCT_OFFSET() macro with offsetof(). Closes ticket
- 22521. Patch from Neel Chauhan.
- - Split the enormous circuit_send_next_onion_skin() function into
- multiple subfunctions. Closes ticket 22804.
- - Split the portions of the buffer.c module that handle particular
- protocols into separate modules. Part of ticket 23149.
- - Use our test macros more consistently, to produce more useful
- error messages when our unit tests fail. Add coccinelle patches to
- allow us to re-check for test macro uses. Closes ticket 22497.
- o Deprecated features:
- - The ReachableDirAddresses and ClientPreferIPv6DirPort options are
- now deprecated; they do not apply to relays, and they have had no
- effect on clients since 0.2.8.x. Closes ticket 19704.
- - Deprecate HTTPProxy/HTTPProxyAuthenticator config options. They
- only applies to direct unencrypted HTTP connections to your
- directory server, which your Tor probably isn't using. Closes
- ticket 20575.
- o Documentation:
- - Add notes in man page regarding OS support for the various
- scheduler types. Attempt to use less jargon in the scheduler
- section. Closes ticket 24254.
- - Clarify that the Address option is entirely about setting an
- advertised IPv4 address. Closes ticket 18891.
- - Clarify the manpage's use of the term "address" to clarify what
- kind of address is intended. Closes ticket 21405.
- - Document that onion service subdomains are allowed, and ignored.
- Closes ticket 18736.
- - Clarify in the manual that "Sandbox 1" is only supported on Linux
- kernels. Closes ticket 22677.
- - Document all values of PublishServerDescriptor in the manpage.
- Closes ticket 15645.
- - Improve the documentation for the directory port part of the
- DirAuthority line. Closes ticket 20152.
- - Restore documentation for the authorities' "approved-routers"
- file. Closes ticket 21148.
- o Removed features:
- - The AllowDotExit option has been removed as unsafe. It has been
- deprecated since 0.2.9.2-alpha. Closes ticket 23426.
- - The ClientDNSRejectInternalAddresses flag can no longer be set on
- non-testing networks. It has been deprecated since 0.2.9.2-alpha.
- Closes ticket 21031.
- - The controller API no longer includes an AUTHDIR_NEWDESCS event:
- nobody was using it any longer. Closes ticket 22377.
- Changes in version 0.3.1.9 - 2017-12-01:
- Tor 0.3.1.9 backports important security and stability fixes from the
- 0.3.2 development series. All Tor users should upgrade to this
- release, or to another of the releases coming out today.
- o Major bugfixes (security, backport from 0.3.2.6-alpha):
- - Fix a denial of service bug where an attacker could use a
- malformed directory object to cause a Tor instance to pause while
- OpenSSL would try to read a passphrase from the terminal. (Tor
- instances run without a terminal, which is the case for most Tor
- packages, are not impacted.) Fixes bug 24246; bugfix on every
- version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
- Found by OSS-Fuzz as testcase 6360145429790720.
- - Fix a denial of service issue where an attacker could crash a
- directory authority using a malformed router descriptor. Fixes bug
- 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
- and CVE-2017-8820.
- - When checking for replays in the INTRODUCE1 cell data for a
- (legacy) onion service, correctly detect replays in the RSA-
- encrypted part of the cell. We were previously checking for
- replays on the entire cell, but those can be circumvented due to
- the malleability of Tor's legacy hybrid encryption. This fix helps
- prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
- 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
- and CVE-2017-8819.
- o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha):
- - Fix a use-after-free error that could crash v2 Tor onion services
- when they failed to open circuits while expiring introduction
- points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
- also tracked as TROVE-2017-013 and CVE-2017-8823.
- o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
- - When running as a relay, make sure that we never build a path
- through ourselves, even in the case where we have somehow lost the
- version of our descriptor appearing in the consensus. Fixes part
- of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
- as TROVE-2017-012 and CVE-2017-8822.
- - When running as a relay, make sure that we never choose ourselves
- as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This
- issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
- o Major bugfixes (exit relays, DNS, backport from 0.3.2.4-alpha):
- - Fix an issue causing DNS to fail on high-bandwidth exit nodes,
- making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on
- 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for
- identifying and finding a workaround to this bug and to Moritz,
- Arthur Edelstein, and Roger for helping to track it down and
- analyze it.
- o Minor features (bridge):
- - Bridges now include notice in their descriptors that they are
- bridges, and notice of their distribution status, based on their
- publication settings. Implements ticket 18329. For more fine-
- grained control of how a bridge is distributed, upgrade to 0.3.2.x
- or later.
- o Minor features (directory authority, backport from 0.3.2.6-alpha):
- - Add an IPv6 address for the "bastet" directory authority. Closes
- ticket 24394.
- o Minor features (geoip):
- - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfix (relay address resolution, backport from 0.3.2.1-alpha):
- - Avoid unnecessary calls to directory_fetches_from_authorities() on
- relays, to prevent spurious address resolutions and descriptor
- rebuilds. This is a mitigation for bug 21789. Fixes bug 23470;
- bugfix on in 0.2.8.1-alpha.
- o Minor bugfixes (compilation, backport from 0.3.2.1-alpha):
- - Fix unused variable warnings in donna's Curve25519 SSE2 code.
- Fixes bug 22895; bugfix on 0.2.7.2-alpha.
- o Minor bugfixes (logging, relay shutdown, annoyance, backport from 0.3.2.2-alpha):
- - When a circuit is marked for close, do not attempt to package any
- cells for channels on that circuit. Previously, we would detect
- this condition lower in the call stack, when we noticed that the
- circuit had no attached channel, and log an annoying message.
- Fixes bug 8185; bugfix on 0.2.5.4-alpha.
- o Minor bugfixes (onion service, backport from 0.3.2.5-alpha):
- - Rename the consensus parameter "hsdir-interval" to "hsdir_interval"
- so it matches dir-spec.txt. Fixes bug 24262; bugfix
- on 0.3.1.1-alpha.
- o Minor bugfixes (relay, crash, backport from 0.3.2.4-alpha):
- - Avoid a crash when transitioning from client mode to bridge mode.
- Previously, we would launch the worker threads whenever our
- "public server" mode changed, but not when our "server" mode
- changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha.
- Changes in version 0.3.0.13 - 2017-12-01
- Tor 0.3.0.13 backports important security and stability bugfixes from
- later Tor releases. All Tor users should upgrade to this release, or
- to another of the releases coming out today.
- Note: the Tor 0.3.0 series will no longer be supported after 26 Jan
- 2018. If you need a release with long-term support, please stick with
- the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
- o Major bugfixes (security, backport from 0.3.2.6-alpha):
- - Fix a denial of service bug where an attacker could use a
- malformed directory object to cause a Tor instance to pause while
- OpenSSL would try to read a passphrase from the terminal. (Tor
- instances run without a terminal, which is the case for most Tor
- packages, are not impacted.) Fixes bug 24246; bugfix on every
- version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
- Found by OSS-Fuzz as testcase 6360145429790720.
- - Fix a denial of service issue where an attacker could crash a
- directory authority using a malformed router descriptor. Fixes bug
- 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
- and CVE-2017-8820.
- - When checking for replays in the INTRODUCE1 cell data for a
- (legacy) onion service, correctly detect replays in the RSA-
- encrypted part of the cell. We were previously checking for
- replays on the entire cell, but those can be circumvented due to
- the malleability of Tor's legacy hybrid encryption. This fix helps
- prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
- 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
- and CVE-2017-8819.
- o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha):
- - Fix a use-after-free error that could crash v2 Tor onion services
- when they failed to open circuits while expiring introduction
- points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
- also tracked as TROVE-2017-013 and CVE-2017-8823.
- o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
- - When running as a relay, make sure that we never build a path
- through ourselves, even in the case where we have somehow lost the
- version of our descriptor appearing in the consensus. Fixes part
- of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
- as TROVE-2017-012 and CVE-2017-8822.
- - When running as a relay, make sure that we never choose ourselves
- as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This
- issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
- o Major bugfixes (exit relays, DNS, backport from 0.3.2.4-alpha):
- - Fix an issue causing DNS to fail on high-bandwidth exit nodes,
- making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on
- 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for
- identifying and finding a workaround to this bug and to Moritz,
- Arthur Edelstein, and Roger for helping to track it down and
- analyze it.
- o Minor features (security, windows, backport from 0.3.1.1-alpha):
- - Enable a couple of pieces of Windows hardening: one
- (HeapEnableTerminationOnCorruption) that has been on-by-default
- since Windows 8, and unavailable before Windows 7; and one
- (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't
- affect us, but shouldn't do any harm. Closes ticket 21953.
- o Minor features (bridge, backport from 0.3.1.9):
- - Bridges now include notice in their descriptors that they are
- bridges, and notice of their distribution status, based on their
- publication settings. Implements ticket 18329. For more fine-
- grained control of how a bridge is distributed, upgrade to 0.3.2.x
- or later.
- o Minor features (directory authority, backport from 0.3.2.6-alpha):
- - Add an IPv6 address for the "bastet" directory authority. Closes
- ticket 24394.
- o Minor features (geoip):
- - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfix (relay address resolution, backport from 0.3.2.1-alpha):
- - Avoid unnecessary calls to directory_fetches_from_authorities() on
- relays, to prevent spurious address resolutions and descriptor
- rebuilds. This is a mitigation for bug 21789. Fixes bug 23470;
- bugfix on in 0.2.8.1-alpha.
- o Minor bugfixes (compilation, backport from 0.3.2.1-alpha):
- - Fix unused variable warnings in donna's Curve25519 SSE2 code.
- Fixes bug 22895; bugfix on 0.2.7.2-alpha.
- o Minor bugfixes (logging, relay shutdown, annoyance, backport from 0.3.2.2-alpha):
- - When a circuit is marked for close, do not attempt to package any
- cells for channels on that circuit. Previously, we would detect
- this condition lower in the call stack, when we noticed that the
- circuit had no attached channel, and log an annoying message.
- Fixes bug 8185; bugfix on 0.2.5.4-alpha.
- o Minor bugfixes (relay, crash, backport from 0.3.2.4-alpha):
- - Avoid a crash when transitioning from client mode to bridge mode.
- Previously, we would launch the worker threads whenever our
- "public server" mode changed, but not when our "server" mode
- changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha.
- o Minor bugfixes (testing, backport from 0.3.1.6-rc):
- - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291;
- bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij.
- Changes in version 0.2.9.14 - 2017-12-01
- Tor 0.3.0.13 backports important security and stability bugfixes from
- later Tor releases. All Tor users should upgrade to this release, or
- to another of the releases coming out today.
- o Major bugfixes (exit relays, DNS, backport from 0.3.2.4-alpha):
- - Fix an issue causing DNS to fail on high-bandwidth exit nodes,
- making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on
- 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for
- identifying and finding a workaround to this bug and to Moritz,
- Arthur Edelstein, and Roger for helping to track it down and
- analyze it.
- o Major bugfixes (security, backport from 0.3.2.6-alpha):
- - Fix a denial of service bug where an attacker could use a
- malformed directory object to cause a Tor instance to pause while
- OpenSSL would try to read a passphrase from the terminal. (Tor
- instances run without a terminal, which is the case for most Tor
- packages, are not impacted.) Fixes bug 24246; bugfix on every
- version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
- Found by OSS-Fuzz as testcase 6360145429790720.
- - Fix a denial of service issue where an attacker could crash a
- directory authority using a malformed router descriptor. Fixes bug
- 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
- and CVE-2017-8820.
- - When checking for replays in the INTRODUCE1 cell data for a
- (legacy) onion service, correctly detect replays in the RSA-
- encrypted part of the cell. We were previously checking for
- replays on the entire cell, but those can be circumvented due to
- the malleability of Tor's legacy hybrid encryption. This fix helps
- prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
- 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
- and CVE-2017-8819.
- o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha):
- - Fix a use-after-free error that could crash v2 Tor onion services
- when they failed to open circuits while expiring introduction
- points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
- also tracked as TROVE-2017-013 and CVE-2017-8823.
- o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
- - When running as a relay, make sure that we never build a path
- through ourselves, even in the case where we have somehow lost the
- version of our descriptor appearing in the consensus. Fixes part
- of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
- as TROVE-2017-012 and CVE-2017-8822.
- o Minor features (bridge, backport from 0.3.1.9):
- - Bridges now include notice in their descriptors that they are
- bridges, and notice of their distribution status, based on their
- publication settings. Implements ticket 18329. For more fine-
- grained control of how a bridge is distributed, upgrade to 0.3.2.x
- or later.
- o Minor features (directory authority, backport from 0.3.2.6-alpha):
- - Add an IPv6 address for the "bastet" directory authority. Closes
- ticket 24394.
- o Minor features (geoip):
- - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
- Country database.
- o Minor features (security, windows, backport from 0.3.1.1-alpha):
- - Enable a couple of pieces of Windows hardening: one
- (HeapEnableTerminationOnCorruption) that has been on-by-default
- since Windows 8, and unavailable before Windows 7; and one
- (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't
- affect us, but shouldn't do any harm. Closes ticket 21953.
- o Minor bugfix (relay address resolution, backport from 0.3.2.1-alpha):
- - Avoid unnecessary calls to directory_fetches_from_authorities() on
- relays, to prevent spurious address resolutions and descriptor
- rebuilds. This is a mitigation for bug 21789. Fixes bug 23470;
- bugfix on in 0.2.8.1-alpha.
- o Minor bugfixes (compilation, backport from 0.3.2.1-alpha):
- - Fix unused variable warnings in donna's Curve25519 SSE2 code.
- Fixes bug 22895; bugfix on 0.2.7.2-alpha.
- o Minor bugfixes (logging, relay shutdown, annoyance, backport from 0.3.2.2-alpha):
- - When a circuit is marked for close, do not attempt to package any
- cells for channels on that circuit. Previously, we would detect
- this condition lower in the call stack, when we noticed that the
- circuit had no attached channel, and log an annoying message.
- Fixes bug 8185; bugfix on 0.2.5.4-alpha.
- o Minor bugfixes (relay, crash, backport from 0.3.2.4-alpha):
- - Avoid a crash when transitioning from client mode to bridge mode.
- Previously, we would launch the worker threads whenever our
- "public server" mode changed, but not when our "server" mode
- changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha.
- o Minor bugfixes (testing, backport from 0.3.1.6-rc):
- - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291;
- bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij.
- Changes in version 0.2.8.17 - 2017-12-01
- Tor 0.2.8.17 backports important security and stability bugfixes from
- later Tor releases. All Tor users should upgrade to this release, or
- to another of the releases coming out today.
- Note: the Tor 0.2.8 series will no longer be supported after 1 Jan
- 2018. If you need a release with long-term support, please upgrade with
- the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
- o Major bugfixes (security, backport from 0.3.2.6-alpha):
- - Fix a denial of service bug where an attacker could use a
- malformed directory object to cause a Tor instance to pause while
- OpenSSL would try to read a passphrase from the terminal. (Tor
- instances run without a terminal, which is the case for most Tor
- packages, are not impacted.) Fixes bug 24246; bugfix on every
- version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
- Found by OSS-Fuzz as testcase 6360145429790720.
- - When checking for replays in the INTRODUCE1 cell data for a
- (legacy) onion service, correctly detect replays in the RSA-
- encrypted part of the cell. We were previously checking for
- replays on the entire cell, but those can be circumvented due to
- the malleability of Tor's legacy hybrid encryption. This fix helps
- prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
- 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
- and CVE-2017-8819.
- o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha):
- - Fix a use-after-free error that could crash v2 Tor onion services
- when they failed to open circuits while expiring introduction
- points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
- also tracked as TROVE-2017-013 and CVE-2017-8823.
- o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
- - When running as a relay, make sure that we never build a path through
- ourselves, even in the case where we have somehow lost the version of
- our descriptor appearing in the consensus. Fixes part of bug 21534;
- bugfix on 0.2.0.1-alpha. This issue is also tracked as TROVE-2017-012
- and CVE-2017-8822.
- o Minor features (bridge, backport from 0.3.1.9):
- - Bridges now include notice in their descriptors that they are
- bridges, and notice of their distribution status, based on their
- publication settings. Implements ticket 18329. For more fine-
- grained control of how a bridge is distributed, upgrade to 0.3.2.x
- or later.
- o Minor features (directory authority, backport from 0.3.2.6-alpha):
- - Add an IPv6 address for the "bastet" directory authority. Closes
- ticket 24394.
- o Minor features (geoip):
- - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (testing, backport from 0.3.1.6-rc):
- - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291;
- bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij.
- Changes in version 0.2.5.16 - 2017-12-01
- Tor 0.2.5.13 backports important security and stability bugfixes from
- later Tor releases. All Tor users should upgrade to this release, or
- to another of the releases coming out today.
- Note: the Tor 0.2.5 series will no longer be supported after 1 May
- 2018. If you need a release with long-term support, please upgrade to
- the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
- o Major bugfixes (security, backport from 0.3.2.6-alpha):
- - Fix a denial of service bug where an attacker could use a
- malformed directory object to cause a Tor instance to pause while
- OpenSSL would try to read a passphrase from the terminal. (Tor
- instances run without a terminal, which is the case for most Tor
- packages, are not impacted.) Fixes bug 24246; bugfix on every
- version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
- Found by OSS-Fuzz as testcase 6360145429790720.
- - When checking for replays in the INTRODUCE1 cell data for a
- (legacy) onion service, correctly detect replays in the RSA-
- encrypted part of the cell. We were previously checking for
- replays on the entire cell, but those can be circumvented due to
- the malleability of Tor's legacy hybrid encryption. This fix helps
- prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
- 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
- and CVE-2017-8819.
- o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
- - When running as a relay, make sure that we never build a path
- through ourselves, even in the case where we have somehow lost the
- version of our descriptor appearing in the consensus. Fixes part
- of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
- as TROVE-2017-012 and CVE-2017-8822.
- o Minor features (bridge, backport from 0.3.1.9):
- - Bridges now include notice in their descriptors that they are
- bridges, and notice of their distribution status, based on their
- publication settings. Implements ticket 18329. For more fine-
- grained control of how a bridge is distributed, upgrade to 0.3.2.x
- or later.
- o Minor features (geoip):
- - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
- Country database.
- Changes in version 0.2.5.15 - 2017-10-25
- Tor 0.2.5.15 backports a collection of bugfixes from later Tor release
- series. It also adds a new directory authority, Bastet.
- Note: the Tor 0.2.5 series will no longer be supported after 1 May
- 2018. If you need a release with long-term support, please upgrade to
- the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
- o Directory authority changes:
- - Add "Bastet" as a ninth directory authority to the default list.
- Closes ticket 23910.
- - The directory authority "Longclaw" has changed its IP address.
- Closes ticket 23592.
- o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha):
- - Avoid an assertion failure bug affecting our implementation of
- inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
- handling of "0xx" differs from what we had expected. Fixes bug
- 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007.
- o Minor features (geoip):
- - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (defensive programming, undefined behavior, backport from 0.3.1.4-alpha):
- - Fix a memset() off the end of an array when packing cells. This
- bug should be harmless in practice, since the corrupted bytes are
- still in the same structure, and are always padding bytes,
- ignored, or immediately overwritten, depending on compiler
- behavior. Nevertheless, because the memset()'s purpose is to make
- sure that any other cell-handling bugs can't expose bytes to the
- network, we need to fix it. Fixes bug 22737; bugfix on
- 0.2.4.11-alpha. Fixes CID 1401591.
- o Build features (backport from 0.3.1.5-alpha):
- - Tor's repository now includes a Travis Continuous Integration (CI)
- configuration file (.travis.yml). This is meant to help new
- developers and contributors who fork Tor to a Github repository be
- better able to test their changes, and understand what we expect
- to pass. To use this new build feature, you must fork Tor to your
- Github account, then go into the "Integrations" menu in the
- repository settings for your fork and enable Travis, then push
- your changes. Closes ticket 22636.
- Changes in version 0.2.8.16 - 2017-10-25
- Tor 0.2.8.16 backports a collection of bugfixes from later Tor release
- series, including a bugfix for a crash issue that had affected relays
- under memory pressure. It also adds a new directory authority, Bastet.
- Note: the Tor 0.2.8 series will no longer be supported after 1 Jan
- 2018. If you need a release with long-term support, please stick with
- the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
- o Directory authority changes:
- - Add "Bastet" as a ninth directory authority to the default list.
- Closes ticket 23910.
- - The directory authority "Longclaw" has changed its IP address.
- Closes ticket 23592.
- o Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha):
- - Fix a timing-based assertion failure that could occur when the
- circuit out-of-memory handler freed a connection's output buffer.
- Fixes bug 23690; bugfix on 0.2.6.1-alpha.
- o Minor features (directory authorities, backport from 0.3.2.2-alpha):
- - Remove longclaw's IPv6 address, as it will soon change. Authority
- IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves
- 3/8 directory authorities with IPv6 addresses, but there are also
- 52 fallback directory mirrors with IPv6 addresses. Resolves 19760.
- o Minor features (geoip):
- - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
- Country database.
- Changes in version 0.2.9.13 - 2017-10-25
- Tor 0.2.9.13 backports a collection of bugfixes from later Tor release
- series, including a bugfix for a crash issue that had affected relays
- under memory pressure. It also adds a new directory authority, Bastet.
- o Directory authority changes:
- - Add "Bastet" as a ninth directory authority to the default list.
- Closes ticket 23910.
- - The directory authority "Longclaw" has changed its IP address.
- Closes ticket 23592.
- o Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha):
- - Fix a timing-based assertion failure that could occur when the
- circuit out-of-memory handler freed a connection's output buffer.
- Fixes bug 23690; bugfix on 0.2.6.1-alpha.
- o Minor features (directory authorities, backport from 0.3.2.2-alpha):
- - Remove longclaw's IPv6 address, as it will soon change. Authority
- IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves
- 3/8 directory authorities with IPv6 addresses, but there are also
- 52 fallback directory mirrors with IPv6 addresses. Resolves 19760.
- o Minor features (geoip):
- - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (directory authority, backport from 0.3.1.5-alpha):
- - When a directory authority rejects a descriptor or extrainfo with
- a given digest, mark that digest as undownloadable, so that we do
- not attempt to download it again over and over. We previously
- tried to avoid downloading such descriptors by other means, but we
- didn't notice if we accidentally downloaded one anyway. This
- behavior became problematic in 0.2.7.2-alpha, when authorities
- began pinning Ed25519 keys. Fixes bug 22349; bugfix
- on 0.2.1.19-alpha.
- o Minor bugfixes (memory safety, backport from 0.3.2.3-alpha):
- - Clear the address when node_get_prim_orport() returns early.
- Fixes bug 23874; bugfix on 0.2.8.2-alpha.
- o Minor bugfixes (Windows service, backport from 0.3.1.6-rc):
- - When running as a Windows service, set the ID of the main thread
- correctly. Failure to do so made us fail to send log messages to
- the controller in 0.2.1.16-rc, slowed down controller event
- delivery in 0.2.7.3-rc and later, and crash with an assertion
- failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha.
- Patch and diagnosis from "Vort".
- Changes in version 0.3.0.12 - 2017-10-25
- Tor 0.3.0.12 backports a collection of bugfixes from later Tor release
- series, including a bugfix for a crash issue that had affected relays
- under memory pressure. It also adds a new directory authority, Bastet.
- Note: the Tor 0.3.0 series will no longer be supported after 26 Jan
- 2018. If you need a release with long-term support, please stick with
- the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
- o Directory authority changes:
- - Add "Bastet" as a ninth directory authority to the default list.
- Closes ticket 23910.
- - The directory authority "Longclaw" has changed its IP address.
- Closes ticket 23592.
- o Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha):
- - Fix a timing-based assertion failure that could occur when the
- circuit out-of-memory handler freed a connection's output buffer.
- Fixes bug 23690; bugfix on 0.2.6.1-alpha.
- o Minor features (directory authorities, backport from 0.3.2.2-alpha):
- - Remove longclaw's IPv6 address, as it will soon change. Authority
- IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves
- 3/8 directory authorities with IPv6 addresses, but there are also
- 52 fallback directory mirrors with IPv6 addresses. Resolves 19760.
- o Minor features (geoip):
- - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (directory authority, backport from 0.3.1.5-alpha):
- - When a directory authority rejects a descriptor or extrainfo with
- a given digest, mark that digest as undownloadable, so that we do
- not attempt to download it again over and over. We previously
- tried to avoid downloading such descriptors by other means, but we
- didn't notice if we accidentally downloaded one anyway. This
- behavior became problematic in 0.2.7.2-alpha, when authorities
- began pinning Ed25519 keys. Fixes bug 22349; bugfix
- on 0.2.1.19-alpha.
- o Minor bugfixes (hidden service, relay, backport from 0.3.2.2-alpha):
- - Avoid a possible double close of a circuit by the intro point on
- error of sending the INTRO_ESTABLISHED cell. Fixes bug 23610;
- bugfix on 0.3.0.1-alpha.
- o Minor bugfixes (memory safety, backport from 0.3.2.3-alpha):
- - Clear the address when node_get_prim_orport() returns early.
- Fixes bug 23874; bugfix on 0.2.8.2-alpha.
- o Minor bugfixes (Windows service, backport from 0.3.1.6-rc):
- - When running as a Windows service, set the ID of the main thread
- correctly. Failure to do so made us fail to send log messages to
- the controller in 0.2.1.16-rc, slowed down controller event
- delivery in 0.2.7.3-rc and later, and crash with an assertion
- failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha.
- Patch and diagnosis from "Vort".
- Changes in version 0.3.1.8 - 2017-10-25
- Tor 0.3.1.8 is the second stable release in the 0.3.1 series.
- It includes several bugfixes, including a bugfix for a crash issue
- that had affected relays under memory pressure. It also adds
- a new directory authority, Bastet.
- o Directory authority changes:
- - Add "Bastet" as a ninth directory authority to the default list.
- Closes ticket 23910.
- - The directory authority "Longclaw" has changed its IP address.
- Closes ticket 23592.
- o Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha):
- - Fix a timing-based assertion failure that could occur when the
- circuit out-of-memory handler freed a connection's output buffer.
- Fixes bug 23690; bugfix on 0.2.6.1-alpha.
- o Minor features (directory authorities, backport from 0.3.2.2-alpha):
- - Remove longclaw's IPv6 address, as it will soon change. Authority
- IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves
- 3/8 directory authorities with IPv6 addresses, but there are also
- 52 fallback directory mirrors with IPv6 addresses. Resolves 19760.
- o Minor features (geoip):
- - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (compilation, backport from 0.3.2.2-alpha):
- - Fix a compilation warning when building with zstd support on
- 32-bit platforms. Fixes bug 23568; bugfix on 0.3.1.1-alpha. Found
- and fixed by Andreas Stieger.
- o Minor bugfixes (compression, backport from 0.3.2.2-alpha):
- - Handle a pathological case when decompressing Zstandard data when
- the output buffer size is zero. Fixes bug 23551; bugfix
- on 0.3.1.1-alpha.
- o Minor bugfixes (directory authority, backport from 0.3.2.1-alpha):
- - Remove the length limit on HTTP status lines that authorities can
- send in their replies. Fixes bug 23499; bugfix on 0.3.1.6-rc.
- o Minor bugfixes (hidden service, relay, backport from 0.3.2.2-alpha):
- - Avoid a possible double close of a circuit by the intro point on
- error of sending the INTRO_ESTABLISHED cell. Fixes bug 23610;
- bugfix on 0.3.0.1-alpha.
- o Minor bugfixes (memory safety, backport from 0.3.2.3-alpha):
- - Clear the address when node_get_prim_orport() returns early.
- Fixes bug 23874; bugfix on 0.2.8.2-alpha.
- o Minor bugfixes (unit tests, backport from 0.3.2.2-alpha):
- - Fix additional channelpadding unit test failures by using mocked
- time instead of actual time for all tests. Fixes bug 23608; bugfix
- on 0.3.1.1-alpha.
- Changes in version 0.2.8.15 - 2017-09-18
- Tor 0.2.8.15 backports a collection of bugfixes from later
- Tor series.
- Most significantly, it includes a fix for TROVE-2017-008, a
- security bug that affects hidden services running with the
- SafeLogging option disabled. For more information, see
- https://trac.torproject.org/projects/tor/ticket/23490
- Note that Tor 0.2.8.x will no longer be supported after 1 Jan
- 2018. We suggest that you upgrade to the latest stable release if
- possible. If you can't, we recommend that you upgrade at least to
- 0.2.9, which will be supported until 2020.
- o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha):
- - Avoid an assertion failure bug affecting our implementation of
- inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
- handling of "0xx" differs from what we had expected. Fixes bug
- 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007.
- o Minor features:
- - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha):
- - Backport a fix for an "unused variable" warning that appeared
- in some versions of mingw. Fixes bug 22838; bugfix on
- 0.2.8.1-alpha.
- o Minor bugfixes (defensive programming, undefined behavior, backport from 0.3.1.4-alpha):
- - Fix a memset() off the end of an array when packing cells. This
- bug should be harmless in practice, since the corrupted bytes are
- still in the same structure, and are always padding bytes,
- ignored, or immediately overwritten, depending on compiler
- behavior. Nevertheless, because the memset()'s purpose is to make
- sure that any other cell-handling bugs can't expose bytes to the
- network, we need to fix it. Fixes bug 22737; bugfix on
- 0.2.4.11-alpha. Fixes CID 1401591.
- o Build features (backport from 0.3.1.5-alpha):
- - Tor's repository now includes a Travis Continuous Integration (CI)
- configuration file (.travis.yml). This is meant to help new
- developers and contributors who fork Tor to a Github repository be
- better able to test their changes, and understand what we expect
- to pass. To use this new build feature, you must fork Tor to your
- Github account, then go into the "Integrations" menu in the
- repository settings for your fork and enable Travis, then push
- your changes. Closes ticket 22636.
- Changes in version 0.2.9.12 - 2017-09-18
- Tor 0.2.9.12 backports a collection of bugfixes from later
- Tor series.
- Most significantly, it includes a fix for TROVE-2017-008, a
- security bug that affects hidden services running with the
- SafeLogging option disabled. For more information, see
- https://trac.torproject.org/projects/tor/ticket/23490
- o Major features (security, backport from 0.3.0.2-alpha):
- - Change the algorithm used to decide DNS TTLs on client and server
- side, to better resist DNS-based correlation attacks like the
- DefecTor attack of Greschbach, Pulls, Roberts, Winter, and
- Feamster. Now relays only return one of two possible DNS TTL
- values, and clients are willing to believe DNS TTL values up to 3
- hours long. Closes ticket 19769.
- o Major bugfixes (crash, directory connections, backport from 0.3.0.5-rc):
- - Fix a rare crash when sending a begin cell on a circuit whose
- linked directory connection had already been closed. Fixes bug
- 21576; bugfix on 0.2.9.3-alpha. Reported by Alec Muffett.
- o Major bugfixes (DNS, backport from 0.3.0.2-alpha):
- - Fix a bug that prevented exit nodes from caching DNS records for
- more than 60 seconds. Fixes bug 19025; bugfix on 0.2.4.7-alpha.
- o Major bugfixes (linux TPROXY support, backport from 0.3.1.1-alpha):
- - Fix a typo that had prevented TPROXY-based transparent proxying
- from working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha.
- Patch from "d4fq0fQAgoJ".
- o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha):
- - Avoid an assertion failure bug affecting our implementation of
- inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
- handling of "0xx" differs from what we had expected. Fixes bug
- 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007.
- o Minor features (code style, backport from 0.3.1.3-alpha):
- - Add "Falls through" comments to our codebase, in order to silence
- GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas
- Stieger. Closes ticket 22446.
- o Minor features (geoip):
- - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (bandwidth accounting, backport from 0.3.1.1-alpha):
- - Roll over monthly accounting at the configured hour and minute,
- rather than always at 00:00. Fixes bug 22245; bugfix on 0.0.9rc1.
- Found by Andrey Karpov with PVS-Studio.
- o Minor bugfixes (compilation, backport from 0.3.1.5-alpha):
- - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915;
- bugfix on 0.2.8.1-alpha.
- - Fix warnings when building with libscrypt and openssl scrypt support
- on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha.
- - When building with certain versions the mingw C header files, avoid
- float-conversion warnings when calling the C functions isfinite(),
- isnan(), and signbit(). Fixes bug 22801; bugfix on 0.2.8.1-alpha.
- o Minor bugfixes (compilation, backport from 0.3.1.7):
- - Avoid compiler warnings in the unit tests for running tor_sscanf()
- with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha.
- o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha):
- - Backport a fix for an "unused variable" warning that appeared
- in some versions of mingw. Fixes bug 22838; bugfix on
- 0.2.8.1-alpha.
- o Minor bugfixes (controller, backport from 0.3.1.7):
- - Do not crash when receiving a HSPOST command with an empty body.
- Fixes part of bug 22644; bugfix on 0.2.7.1-alpha.
- - Do not crash when receiving a POSTDESCRIPTOR command with an
- empty body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
- o Minor bugfixes (coverity build support, backport from 0.3.1.5-alpha):
- - Avoid Coverity build warnings related to our BUG() macro. By
- default, Coverity treats BUG() as the Linux kernel does: an
- instant abort(). We need to override that so our BUG() macro
- doesn't prevent Coverity from analyzing functions that use it.
- Fixes bug 23030; bugfix on 0.2.9.1-alpha.
- o Minor bugfixes (defensive programming, undefined behavior, backport from 0.3.1.4-alpha):
- - Fix a memset() off the end of an array when packing cells. This
- bug should be harmless in practice, since the corrupted bytes are
- still in the same structure, and are always padding bytes,
- ignored, or immediately overwritten, depending on compiler
- behavior. Nevertheless, because the memset()'s purpose is to make
- sure that any other cell-handling bugs can't expose bytes to the
- network, we need to fix it. Fixes bug 22737; bugfix on
- 0.2.4.11-alpha. Fixes CID 1401591.
- o Minor bugfixes (file limits, osx, backport from 0.3.1.5-alpha):
- - When setting the maximum number of connections allowed by the OS,
- always allow some extra file descriptors for other files. Fixes
- bug 22797; bugfix on 0.2.0.10-alpha.
- o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.5-alpha):
- - Avoid a sandbox failure when trying to re-bind to a socket and
- mark it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha.
- o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.4-alpha):
- - Permit the fchmod system call, to avoid crashing on startup when
- starting with the seccomp2 sandbox and an unexpected set of
- permissions on the data directory or its contents. Fixes bug
- 22516; bugfix on 0.2.5.4-alpha.
- o Minor bugfixes (relay, backport from 0.3.0.5-rc):
- - Avoid a double-marked-circuit warning that could happen when we
- receive DESTROY cells under heavy load. Fixes bug 20059; bugfix
- on 0.1.0.1-rc.
- o Minor bugfixes (voting consistency, backport from 0.3.1.1-alpha):
- - Reject version numbers with non-numeric prefixes (such as +, -, or
- whitespace). Disallowing whitespace prevents differential version
- parsing between POSIX-based and Windows platforms. Fixes bug 21507
- and part of 21508; bugfix on 0.0.8pre1.
- o Build features (backport from 0.3.1.5-alpha):
- - Tor's repository now includes a Travis Continuous Integration (CI)
- configuration file (.travis.yml). This is meant to help new
- developers and contributors who fork Tor to a Github repository be
- better able to test their changes, and understand what we expect
- to pass. To use this new build feature, you must fork Tor to your
- Github account, then go into the "Integrations" menu in the
- repository settings for your fork and enable Travis, then push
- your changes. Closes ticket 22636.
- Changes in version 0.3.0.11 - 2017-09-18
- Tor 0.3.0.11 backports a collection of bugfixes from Tor the 0.3.1
- series.
- Most significantly, it includes a fix for TROVE-2017-008, a
- security bug that affects hidden services running with the
- SafeLogging option disabled. For more information, see
- https://trac.torproject.org/projects/tor/ticket/23490
- o Minor features (code style, backport from 0.3.1.7):
- - Add "Falls through" comments to our codebase, in order to silence
- GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas
- Stieger. Closes ticket 22446.
- o Minor features:
- - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (compilation, backport from 0.3.1.7):
- - Avoid compiler warnings in the unit tests for calling tor_sscanf()
- with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha.
- o Minor bugfixes (controller, backport from 0.3.1.7):
- - Do not crash when receiving a HSPOST command with an empty body.
- Fixes part of bug 22644; bugfix on 0.2.7.1-alpha.
- - Do not crash when receiving a POSTDESCRIPTOR command with an empty
- body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
- o Minor bugfixes (file limits, osx, backport from 0.3.1.5-alpha):
- - When setting the maximum number of connections allowed by the OS,
- always allow some extra file descriptors for other files. Fixes
- bug 22797; bugfix on 0.2.0.10-alpha.
- o Minor bugfixes (logging, relay, backport from 0.3.1.6-rc):
- - Remove a forgotten debugging message when an introduction point
- successfully establishes a hidden service prop224 circuit with
- a client.
- - Change three other log_warn() for an introduction point to
- protocol warnings, because they can be failure from the network
- and are not relevant to the operator. Fixes bug 23078; bugfix on
- 0.3.0.1-alpha and 0.3.0.2-alpha.
- Changes in version 0.3.1.7 - 2017-09-18
- Tor 0.3.1.7 is the first stable release in the 0.3.1 series.
- With the 0.3.1 series, Tor now serves and downloads directory
- information in more compact formats, to save on bandwidth overhead. It
- also contains a new padding system to resist netflow-based traffic
- analysis, and experimental support for building parts of Tor in Rust
- (though no parts of Tor are in Rust yet). There are also numerous
- small features, bugfixes on earlier release series, and groundwork for
- the hidden services revamp of 0.3.2.
- This release also includes a fix for TROVE-2017-008, a security bug
- that affects hidden services running with the SafeLogging option
- disabled. For more information, see
- https://trac.torproject.org/projects/tor/ticket/23490
- Per our stable release policy, we plan to support each stable release
- series for at least the next nine months, or for three months after
- the first stable release of the next series: whichever is longer. If
- you need a release with long-term support, we recommend that you stay
- with the 0.2.9 series.
- Below is a list of the changes since 0.3.0. For a list of all
- changes since 0.3.1.6-rc, see the ChangeLog file.
- o New dependencies:
- - To build with zstd and lzma support, Tor now requires the
- pkg-config tool at build time.
- o Major bugfixes (security, hidden services, loggging):
- - Fix a bug where we could log uninitialized stack when a certain
- hidden service error occurred while SafeLogging was disabled.
- Fixes bug #23490; bugfix on 0.2.7.2-alpha.
- This is also tracked as TROVE-2017-008 and CVE-2017-0380.
- o Major features (build system, continuous integration):
- - Tor's repository now includes a Travis Continuous Integration (CI)
- configuration file (.travis.yml). This is meant to help new
- developers and contributors who fork Tor to a Github repository be
- better able to test their changes, and understand what we expect
- to pass. To use this new build feature, you must fork Tor to your
- Github account, then go into the "Integrations" menu in the
- repository settings for your fork and enable Travis, then push
- your changes. Closes ticket 22636.
- o Major features (directory protocol):
- - Tor relays and authorities can now serve clients an abbreviated
- version of the consensus document, containing only the changes
- since an older consensus document that the client holds. Clients
- now request these documents when available. When both client and
- server use this new protocol, they will use far less bandwidth (up
- to 94% less) to keep the client's consensus up-to-date. Implements
- proposal 140; closes ticket 13339. Based on work by Daniel Martí.
- - Tor can now compress directory traffic with lzma or with zstd
- compression algorithms, which can deliver better bandwidth
- performance. Because lzma is computationally expensive, it's only
- used for documents that can be compressed once and served many
- times. Support for these algorithms requires that tor is built
- with the libzstd and/or liblzma libraries available. Implements
- proposal 278; closes ticket 21662.
- - Relays now perform the more expensive compression operations, and
- consensus diff generation, in worker threads. This separation
- avoids delaying the main thread when a new consensus arrives.
- o Major features (experimental):
- - Tor can now build modules written in Rust. To turn this on, pass
- the "--enable-rust" flag to the configure script. It's not time to
- get excited yet: currently, there is no actual Rust functionality
- beyond some simple glue code, and a notice at startup to tell you
- that Rust is running. Still, we hope that programmers and
- packagers will try building Tor with Rust support, so that we can
- find issues and solve portability problems. Closes ticket 22106.
- o Major features (traffic analysis resistance):
- - Connections between clients and relays now send a padding cell in
- each direction every 1.5 to 9.5 seconds (tunable via consensus
- parameters). This padding will not resist specialized
- eavesdroppers, but it should be enough to make many ISPs' routine
- network flow logging less useful in traffic analysis against
- Tor users.
- Padding is negotiated using Tor's link protocol, so both relays
- and clients must upgrade for this to take effect. Clients may
- still send padding despite the relay's version by setting
- ConnectionPadding 1 in torrc, and may disable padding by setting
- ConnectionPadding 0 in torrc. Padding may be minimized for mobile
- users with the torrc option ReducedConnectionPadding. Implements
- Proposal 251 and Section 2 of Proposal 254; closes ticket 16861.
- - Relays will publish 24 hour totals of padding and non-padding cell
- counts to their extra-info descriptors, unless PaddingStatistics 0
- is set in torrc. These 24 hour totals are also rounded to
- multiples of 10000.
- o Major bugfixes (hidden service, relay, security):
- - Fix a remotely triggerable assertion failure when a hidden service
- handles a malformed BEGIN cell. Fixes bug 22493, tracked as
- TROVE-2017-004 and as CVE-2017-0375; bugfix on 0.3.0.1-alpha.
- - Fix a remotely triggerable assertion failure caused by receiving a
- BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
- 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
- on 0.2.2.1-alpha.
- o Major bugfixes (path selection, security):
- - When choosing which guard to use for a circuit, avoid the exit's
- family along with the exit itself. Previously, the new guard
- selection logic avoided the exit, but did not consider its family.
- Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked as TROVE-2017-
- 006 and CVE-2017-0377.
- o Major bugfixes (connection usage):
- - We use NETINFO cells to try to determine if both relays involved
- in a connection will agree on the canonical status of that
- connection. We prefer the connections where this is the case for
- extend cells, and try to close connections where relays disagree
- on their canonical status early. Also, we now prefer the oldest
- valid connection for extend cells. These two changes should reduce
- the number of long-term connections that are kept open between
- relays. Fixes bug 17604; bugfix on 0.2.5.5-alpha.
- - Relays now log hourly statistics (look for
- "channel_check_for_duplicates" lines) on the total number of
- connections to other relays. If the number of connections per
- relay is unexpectedly large, this log message is at notice level.
- Otherwise it is at info.
- o Major bugfixes (entry guards):
- - When starting with an old consensus, do not add new entry guards
- unless the consensus is "reasonably live" (under 1 day old). Fixes
- one root cause of bug 22400; bugfix on 0.3.0.1-alpha.
- - Don't block bootstrapping when a primary bridge is offline and we
- can't get its descriptor. Fixes bug 22325; fixes one case of bug
- 21969; bugfix on 0.3.0.3-alpha.
- o Major bugfixes (linux TPROXY support):
- - Fix a typo that had prevented TPROXY-based transparent proxying
- from working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha.
- Patch from "d4fq0fQAgoJ".
- o Major bugfixes (openbsd, denial-of-service):
- - Avoid an assertion failure bug affecting our implementation of
- inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
- handling of "0xx" differs from what we had expected. Fixes bug
- 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007.
- o Major bugfixes (relay, link handshake):
- - When performing the v3 link handshake on a TLS connection, report
- that we have the x509 certificate that we actually used on that
- connection, even if we have changed certificates since that
- connection was first opened. Previously, we would claim to have
- used our most recent x509 link certificate, which would sometimes
- make the link handshake fail. Fixes one case of bug 22460; bugfix
- on 0.2.3.6-alpha.
- o Major bugfixes (relays, key management):
- - Regenerate link and authentication certificates whenever the key
- that signs them changes; also, regenerate link certificates
- whenever the signed key changes. Previously, these processes were
- only weakly coupled, and we relays could (for minutes to hours)
- wind up with an inconsistent set of keys and certificates, which
- other relays would not accept. Fixes two cases of bug 22460;
- bugfix on 0.3.0.1-alpha.
- - When sending an Ed25519 signing->link certificate in a CERTS cell,
- send the certificate that matches the x509 certificate that we
- used on the TLS connection. Previously, there was a race condition
- if the TLS context rotated after we began the TLS handshake but
- before we sent the CERTS cell. Fixes a case of bug 22460; bugfix
- on 0.3.0.1-alpha.
- o Minor features (security, windows):
- - Enable a couple of pieces of Windows hardening: one
- (HeapEnableTerminationOnCorruption) that has been on-by-default
- since Windows 8, and unavailable before Windows 7; and one
- (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't
- affect us, but shouldn't do any harm. Closes ticket 21953.
- o Minor features (bridge authority):
- - Add "fingerprint" lines to the networkstatus-bridges file produced
- by bridge authorities. Closes ticket 22207.
- o Minor features (code style):
- - Add "Falls through" comments to our codebase, in order to silence
- GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas
- Stieger. Closes ticket 22446.
- o Minor features (config options):
- - Allow "%include" directives in torrc configuration files. These
- directives import the settings from other files, or from all the
- files in a directory. Closes ticket 1922. Code by Daniel Pinto.
- - Make SAVECONF return an error when overwriting a torrc that has
- includes. Using SAVECONF with the FORCE option will allow it to
- overwrite torrc even if includes are used. Related to ticket 1922.
- - Add "GETINFO config-can-saveconf" to tell controllers if SAVECONF
- will work without the FORCE option. Related to ticket 1922.
- o Minor features (controller):
- - Warn the first time that a controller requests data in the long-
- deprecated 'GETINFO network-status' format. Closes ticket 21703.
- o Minor features (defaults):
- - The default value for UseCreateFast is now 0: clients which
- haven't yet received a consensus document will now use a proper
- ntor handshake to talk to their directory servers whenever they
- can. Closes ticket 21407.
- - Onion key rotation and expiry intervals are now defined as a
- network consensus parameter, per proposal 274. The default
- lifetime of an onion key is increased from 7 to 28 days. Old onion
- keys will expire after 7 days by default. This change will make
- consensus diffs much smaller, and save significant bandwidth.
- Closes ticket 21641.
- o Minor features (defensive programming):
- - Create a pair of consensus parameters, nf_pad_tor2web and
- nf_pad_single_onion, to disable netflow padding in the consensus
- for non-anonymous connections in case the overhead is high. Closes
- ticket 17857.
- o Minor features (diagnostic):
- - Add a stack trace to the bug warnings that can be logged when
- trying to send an outgoing relay cell with n_chan == 0. Diagnostic
- attempt for bug 23105.
- - Add logging messages to try to diagnose a rare bug that seems to
- generate RSA->Ed25519 cross-certificates dated in the 1970s. We
- think this is happening because of incorrect system clocks, but
- we'd like to know for certain. Diagnostic for bug 22466.
- - Avoid an assertion failure, and log a better error message, when
- unable to remove a file from the consensus cache on Windows.
- Attempts to mitigate and diagnose bug 22752.
- o Minor features (directory authority):
- - Improve the message that authorities report to relays that present
- RSA/Ed25519 keypairs that conflict with previously pinned keys.
- Closes ticket 22348.
- o Minor features (directory cache, consensus diff):
- - Add a new MaxConsensusAgeForDiffs option to allow directory cache
- operators with low-resource environments to adjust the number of
- consensuses they'll store and generate diffs from. Most cache
- operators should leave it unchanged. Helps to work around
- bug 22883.
- o Minor features (fallback directory list):
- - Update the fallback directory mirror whitelist and blacklist based
- on operator emails. Closes task 21121.
- - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
- December 2016 (of which ~126 were still functional) with a list of
- 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May
- 2017. Resolves ticket 21564.
- o Minor features (geoip):
- - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
- Country database.
- o Minor features (hidden services, logging):
- - Log a message when a hidden service descriptor has fewer
- introduction points than specified in
- HiddenServiceNumIntroductionPoints. Closes tickets 21598.
- - Log a message when a hidden service reaches its introduction point
- circuit limit, and when that limit is reset. Follow up to ticket
- 21594; closes ticket 21622.
- - Warn user if multiple entries in EntryNodes and at least one
- HiddenService are used together. Pinning EntryNodes along with a
- hidden service can be possibly harmful; for instance see ticket
- 14917 or 21155. Closes ticket 21155.
- o Minor features (linux seccomp2 sandbox):
- - We now have a document storage backend compatible with the Linux
- seccomp2 sandbox. This backend is used for consensus documents and
- diffs between them; in the long term, we'd like to use it for
- unparseable directory material too. Closes ticket 21645
- - Increase the maximum allowed size passed to mprotect(PROT_WRITE)
- from 1MB to 16MB. This was necessary with the glibc allocator in
- order to allow worker threads to allocate more memory -- which in
- turn is necessary because of our new use of worker threads for
- compression. Closes ticket 22096.
- o Minor features (logging):
- - Log files are no longer created world-readable by default.
- (Previously, most distributors would store the logs in a non-
- world-readable location to prevent inappropriate access. This
- change is an extra precaution.) Closes ticket 21729; patch
- from toralf.
- o Minor features (performance):
- - Our Keccak (SHA-3) implementation now accesses memory more
- efficiently, especially on little-endian systems. Closes
- ticket 21737.
- - Add an O(1) implementation of channel_find_by_global_id(), to
- speed some controller functions.
- o Minor features (relay, configuration):
- - The MyFamily option may now be repeated as many times as desired,
- for relays that want to configure large families. Closes ticket
- 4998; patch by Daniel Pinto.
- o Minor features (relay, performance):
- - Always start relays with at least two worker threads, to prevent
- priority inversion on slow tasks. Part of the fix for bug 22883.
- - Allow background work to be queued with different priorities, so
- that a big pile of slow low-priority jobs will not starve out
- higher priority jobs. This lays the groundwork for a fix for
- bug 22883.
- o Minor features (safety):
- - Add an explicit check to extrainfo_parse_entry_from_string() for
- NULL inputs. We don't believe this can actually happen, but it may
- help silence a warning from the Clang analyzer. Closes
- ticket 21496.
- o Minor features (testing):
- - Add more tests for compression backend initialization. Closes
- ticket 22286.
- - Add a "--disable-memory-sentinels" feature to help with fuzzing.
- When Tor is compiled with this option, we disable a number of
- redundant memory-safety failsafes that are intended to stop bugs
- from becoming security issues. This makes it easier to hunt for
- bugs that would be security issues without the failsafes turned
- on. Closes ticket 21439.
- - Add a general event-tracing instrumentation support to Tor. This
- subsystem will enable developers and researchers to add fine-
- grained instrumentation to their Tor instances, for use when
- examining Tor network performance issues. There are no trace
- events yet, and event-tracing is off by default unless enabled at
- compile time. Implements ticket 13802.
- - Improve our version parsing tests: add tests for typical version
- components, add tests for invalid versions, including numeric
- range and non-numeric prefixes. Unit tests 21278, 21450, and
- 21507. Partially implements 21470.
- o Minor bugfixes (bandwidth accounting):
- - Roll over monthly accounting at the configured hour and minute,
- rather than always at 00:00. Fixes bug 22245; bugfix on 0.0.9rc1.
- Found by Andrey Karpov with PVS-Studio.
- o Minor bugfixes (code correctness):
- - Accurately identify client connections by their lack of peer
- authentication. This means that we bail out earlier if asked to
- extend to a client. Follow-up to 21407. Fixes bug 21406; bugfix
- on 0.2.4.23.
- o Minor bugfixes (compilation warnings):
- - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug
- 22915; bugfix on 0.2.8.1-alpha.
- - Fix warnings when building with libscrypt and openssl scrypt
- support on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha.
- - When building with certain versions of the mingw C header files,
- avoid float-conversion warnings when calling the C functions
- isfinite(), isnan(), and signbit(). Fixes bug 22801; bugfix
- on 0.2.8.1-alpha.
- o Minor bugfixes (compilation):
- - Avoid compiler warnings in the unit tests for calling tor_sscanf()
- with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha.
- o Minor bugfixes (compression):
- - When spooling compressed data to an output buffer, don't try to
- spool more data when there is no more data to spool and we are not
- trying to flush the input. Previously, we would sometimes launch
- compression requests with nothing to do, which interferes with our
- 22672 checks. Fixes bug 22719; bugfix on 0.2.0.16-alpha.
- o Minor bugfixes (configuration):
- - Do not crash when starting with LearnCircuitBuildTimeout 0. Fixes
- bug 22252; bugfix on 0.2.9.3-alpha.
- o Minor bugfixes (connection lifespan):
- - Allow more control over how long TLS connections are kept open:
- unify CircuitIdleTimeout and PredictedPortsRelevanceTime into a
- single option called CircuitsAvailableTimeout. Also, allow the
- consensus to control the default values for both this preference
- and the lifespan of relay-to-relay connections. Fixes bug 17592;
- bugfix on 0.2.5.5-alpha.
- - Increase the initial circuit build timeout testing frequency, to
- help ensure that ReducedConnectionPadding clients finish learning
- a timeout before their orconn would expire. The initial testing
- rate was set back in the days of TAP and before the Tor Browser
- updater, when we had to be much more careful about new clients
- making lots of circuits. With this change, a circuit build timeout
- is learned in about 15-20 minutes, instead of 100-120 minutes.
- o Minor bugfixes (controller):
- - Do not crash when receiving a HSPOST command with an empty body.
- Fixes part of bug 22644; bugfix on 0.2.7.1-alpha.
- - Do not crash when receiving a POSTDESCRIPTOR command with an empty
- body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
- - GETINFO onions/current and onions/detached no longer respond with
- 551 on empty lists. Fixes bug 21329; bugfix on 0.2.7.1-alpha.
- - Trigger HS descriptor events on the control port when the client
- fails to pick a hidden service directory for a hidden service.
- This can happen if all the hidden service directories are in
- ExcludeNodes, or they have all been queried within the last 15
- minutes. Fixes bug 22042; bugfix on 0.2.5.2-alpha.
- o Minor bugfixes (correctness):
- - Avoid undefined behavior when parsing IPv6 entries from the geoip6
- file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
- o Minor bugfixes (coverity build support):
- - Avoid Coverity build warnings related to our BUG() macro. By
- default, Coverity treats BUG() as the Linux kernel does: an
- instant abort(). We need to override that so our BUG() macro
- doesn't prevent Coverity from analyzing functions that use it.
- Fixes bug 23030; bugfix on 0.2.9.1-alpha.
- o Minor bugfixes (defensive programming):
- - Detect and break out of infinite loops in our compression code. We
- don't think that any such loops exist now, but it's best to be
- safe. Closes ticket 22672.
- - Fix a memset() off the end of an array when packing cells. This
- bug should be harmless in practice, since the corrupted bytes are
- still in the same structure, and are always padding bytes,
- ignored, or immediately overwritten, depending on compiler
- behavior. Nevertheless, because the memset()'s purpose is to make
- sure that any other cell-handling bugs can't expose bytes to the
- network, we need to fix it. Fixes bug 22737; bugfix on
- 0.2.4.11-alpha. Fixes CID 1401591.
- o Minor bugfixes (directory authority):
- - When a directory authority rejects a descriptor or extrainfo with
- a given digest, mark that digest as undownloadable, so that we do
- not attempt to download it again over and over. We previously
- tried to avoid downloading such descriptors by other means, but we
- didn't notice if we accidentally downloaded one anyway. This
- behavior became problematic in 0.2.7.2-alpha, when authorities
- began pinning Ed25519 keys. Fixes bug 22349; bugfix
- on 0.2.1.19-alpha.
- - When rejecting a router descriptor for running an obsolete version
- of Tor without ntor support, warn about the obsolete tor version,
- not the missing ntor key. Fixes bug 20270; bugfix on 0.2.9.3-alpha.
- - Prevent the shared randomness subsystem from asserting when
- initialized by a bridge authority with an incomplete configuration
- file. Fixes bug 21586; bugfix on 0.2.9.8.
- o Minor bugfixes (error reporting, windows):
- - When formatting Windows error messages, use the English format to
- avoid codepage issues. Fixes bug 22520; bugfix on 0.1.2.8-alpha.
- Patch from "Vort".
- o Minor bugfixes (exit-side DNS):
- - Fix an untriggerable assertion that checked the output of a
- libevent DNS error, so that the assertion actually behaves as
- expected. Fixes bug 22244; bugfix on 0.2.0.20-rc. Found by Andrey
- Karpov using PVS-Studio.
- o Minor bugfixes (fallback directories):
- - Make the usage example in updateFallbackDirs.py actually work, and
- explain what it does. Fixes bug 22270; bugfix on 0.3.0.3-alpha.
- - Decrease the guard flag average required to be a fallback. This
- allows us to keep relays that have their guard flag removed when
- they restart. Fixes bug 20913; bugfix on 0.2.8.1-alpha.
- - Decrease the minimum number of fallbacks to 100. Fixes bug 20913;
- bugfix on 0.2.8.1-alpha.
- - Make sure fallback directory mirrors have the same address, port,
- and relay identity key for at least 30 days before they are
- selected. Fixes bug 20913; bugfix on 0.2.8.1-alpha.
- o Minor bugfixes (file limits, osx):
- - When setting the maximum number of connections allowed by the OS,
- always allow some extra file descriptors for other files. Fixes
- bug 22797; bugfix on 0.2.0.10-alpha.
- o Minor bugfixes (hidden services):
- - Increase the number of circuits that a service is allowed to
- open over a specific period of time. The value was lower than it
- should be (8 vs 12) in the normal case of 3 introduction points.
- Fixes bug 22159; bugfix on 0.3.0.5-rc.
- - Fix a BUG warning during HSv3 descriptor decoding that could be
- cause by a specially crafted descriptor. Fixes bug 23233; bugfix
- on 0.3.0.1-alpha. Bug found by "haxxpop".
- - Stop printing a cryptic warning when a hidden service gets a
- request to connect to a virtual port that it hasn't configured.
- Fixes bug 16706; bugfix on 0.2.6.3-alpha.
- - Simplify hidden service descriptor creation by using an existing
- flag to check if an introduction point is established. Fixes bug
- 21599; bugfix on 0.2.7.2-alpha.
- o Minor bugfixes (link handshake):
- - Lower the lifetime of the RSA->Ed25519 cross-certificate to six
- months, and regenerate it when it is within one month of expiring.
- Previously, we had generated this certificate at startup with a
- ten-year lifetime, but that could lead to weird behavior when Tor
- was started with a grossly inaccurate clock. Mitigates bug 22466;
- mitigation on 0.3.0.1-alpha.
- o Minor bugfixes (linux seccomp2 sandbox):
- - Avoid a sandbox failure when trying to re-bind to a socket and
- mark it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha.
- - Permit the fchmod system call, to avoid crashing on startup when
- starting with the seccomp2 sandbox and an unexpected set of
- permissions on the data directory or its contents. Fixes bug
- 22516; bugfix on 0.2.5.4-alpha.
- o Minor bugfixes (logging):
- - When decompressing, do not warn if we fail to decompress using a
- compression method that we merely guessed. Fixes part of bug
- 22670; bugfix on 0.1.1.14-alpha.
- - When decompressing, treat mismatch between content-encoding and
- actual compression type as a protocol warning. Fixes part of bug
- 22670; bugfix on 0.1.1.9-alpha.
- - Downgrade "assigned_to_cpuworker failed" message to info-level
- severity. In every case that can reach it, either a better warning
- has already been logged, or no warning is warranted. Fixes bug
- 22356; bugfix on 0.2.6.3-alpha.
- - Log a better message when a directory authority replies to an
- upload with an unexpected status code. Fixes bug 11121; bugfix
- on 0.1.0.1-rc.
- - Downgrade a log statement about unexpected relay cells from "bug"
- to "protocol warning", because there is at least one use case
- where it can be triggered by a buggy tor implementation. Fixes bug
- 21293; bugfix on 0.1.1.14-alpha.
- o Minor bugfixes (logging, relay):
- - Remove a forgotten debugging message when an introduction point
- successfully establishes a hidden service prop224 circuit with
- a client.
- - Change three other log_warn() for an introduction point to
- protocol warnings, because they can be failure from the network
- and are not relevant to the operator. Fixes bug 23078; bugfix on
- 0.3.0.1-alpha and 0.3.0.2-alpha.
- o Minor bugfixes (relay):
- - Inform the geoip and rephist modules about all requests, even on
- relays that are only fetching microdescriptors. Fixes a bug
- related to 21585; bugfix on 0.3.0.1-alpha.
- o Minor bugfixes (memory leaks):
- - Fix a small memory leak at exit from the backtrace handler code.
- Fixes bug 21788; bugfix on 0.2.5.2-alpha. Patch from Daniel Pinto.
- - When directory authorities reject a router descriptor due to
- keypinning, free the router descriptor rather than leaking the
- memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha.
- - Fix a small memory leak when validating a configuration that uses
- two or more AF_UNIX sockets for the same port type. Fixes bug
- 23053; bugfix on 0.2.6.3-alpha. This is CID 1415725.
- o Minor bugfixes (process behavior):
- - When exiting because of an error, always exit with a nonzero exit
- status. Previously, we would fail to report an error in our exit
- status in cases related to __OwningControllerProcess failure,
- lockfile contention, and Ed25519 key initialization. Fixes bug
- 22720; bugfix on versions 0.2.1.6-alpha, 0.2.2.28-beta, and
- 0.2.7.2-alpha respectively. Reported by "f55jwk4f"; patch
- from "huyvq".
- o Minor bugfixes (robustness, error handling):
- - Improve our handling of the cases where OpenSSL encounters a
- memory error while encoding keys and certificates. We haven't
- observed these errors in the wild, but if they do happen, we now
- detect and respond better. Fixes bug 19418; bugfix on all versions
- of Tor. Reported by Guido Vranken.
- o Minor bugfixes (testing):
- - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291;
- bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij.
- - Use unbuffered I/O for utility functions around the
- process_handle_t type. This fixes unit test failures reported on
- OpenBSD and FreeBSD. Fixes bug 21654; bugfix on 0.2.3.1-alpha.
- - Make display of captured unit test log messages consistent. Fixes
- bug 21510; bugfix on 0.2.9.3-alpha.
- - Make test-network.sh always call chutney's test-network.sh.
- Previously, this only worked on systems which had bash installed,
- due to some bash-specific code in the script. Fixes bug 19699;
- bugfix on 0.3.0.4-rc. Follow-up to ticket 21581.
- - Fix a memory leak in the link-handshake/certs_ok_ed25519 test.
- Fixes bug 22803; bugfix on 0.3.0.1-alpha.
- - The unit tests now pass on systems where localhost is misconfigured
- to some IPv4 address other than 127.0.0.1. Fixes bug 6298; bugfix
- on 0.0.9pre2.
- o Minor bugfixes (voting consistency):
- - Reject version numbers with non-numeric prefixes (such as +, -, or
- whitespace). Disallowing whitespace prevents differential version
- parsing between POSIX-based and Windows platforms. Fixes bug 21507
- and part of 21508; bugfix on 0.0.8pre1.
- o Minor bugfixes (Windows service):
- - When running as a Windows service, set the ID of the main thread
- correctly. Failure to do so made us fail to send log messages to
- the controller in 0.2.1.16-rc, slowed down controller event
- delivery in 0.2.7.3-rc and later, and crash with an assertion
- failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha.
- Patch and diagnosis from "Vort".
- o Minor bugfixes (windows, relay):
- - Resolve "Failure from drain_fd: No error" warnings on Windows
- relays. Fixes bug 21540; bugfix on 0.2.6.3-alpha.
- o Code simplification and refactoring:
- - Break up the 630-line function connection_dir_client_reached_eof()
- into a dozen smaller functions. This change should help
- maintainability and readability of the client directory code.
- - Isolate our use of the openssl headers so that they are only
- included from our crypto wrapper modules, and from tests that
- examine those modules' internals. Closes ticket 21841.
- - Simplify our API to launch directory requests, making it more
- extensible and less error-prone. Now it's easier to add extra
- headers to directory requests. Closes ticket 21646.
- - Our base64 decoding functions no longer overestimate the output
- space that they need when parsing unpadded inputs. Closes
- ticket 17868.
- - Remove unused "ROUTER_ADDED_NOTIFY_GENERATOR" internal value.
- Resolves ticket 22213.
- - The logic that directory caches use to spool request to clients,
- serving them one part at a time so as not to allocate too much
- memory, has been refactored for consistency. Previously there was
- a separate spooling implementation per type of spoolable data. Now
- there is one common spooling implementation, with extensible data
- types. Closes ticket 21651.
- - Tor's compression module now supports multiple backends. Part of
- the implementation for proposal 278; closes ticket 21663.
- o Documentation:
- - Add a manpage description for the key-pinning-journal file. Closes
- ticket 22347.
- - Correctly note that bandwidth accounting values are stored in the
- state file, and the bw_accounting file is now obsolete. Closes
- ticket 16082.
- - Document more of the files in the Tor data directory, including
- cached-extrainfo, secret_onion_key{,_ntor}.old, hidserv-stats,
- approved-routers, sr-random, and diff-cache. Found while fixing
- ticket 22347.
- - Clarify the manpage for the (deprecated) torify script. Closes
- ticket 6892.
- - Clarify the behavior of the KeepAliveIsolateSOCKSAuth sub-option.
- Closes ticket 21873.
- - Correct documentation about the default DataDirectory value.
- Closes ticket 21151.
- - Document the default behavior of NumEntryGuards and
- NumDirectoryGuards correctly. Fixes bug 21715; bugfix
- on 0.3.0.1-alpha.
- - Document key=value pluggable transport arguments for Bridge lines
- in torrc. Fixes bug 20341; bugfix on 0.2.5.1-alpha.
- - Note that bandwidth-limiting options don't affect TCP headers or
- DNS. Closes ticket 17170.
- o Removed features (configuration options, all in ticket 22060):
- - These configuration options are now marked Obsolete, and no longer
- have any effect: AllowInvalidNodes, AllowSingleHopCircuits,
- AllowSingleHopExits, ExcludeSingleHopRelays, FastFirstHopPK,
- TLSECGroup, WarnUnsafeSocks. They were first marked as deprecated
- in 0.2.9.2-alpha and have now been removed. The previous default
- behavior is now always chosen; the previous (less secure) non-
- default behavior is now unavailable.
- - CloseHSClientCircuitsImmediatelyOnTimeout and
- CloseHSServiceRendCircuitsImmediatelyOnTimeout were deprecated in
- 0.2.9.2-alpha and now have been removed. HS circuits never close
- on circuit build timeout; they have a longer timeout period.
- - {Control,DNS,Dir,Socks,Trans,NATD,OR}ListenAddress were deprecated
- in 0.2.9.2-alpha and now have been removed. Use the ORPort option
- (and others) to configure listen-only and advertise-only addresses.
- o Removed features (tools):
- - We've removed the tor-checkkey tool from src/tools. Long ago, we
- used it to help people detect RSA keys that were generated by
- versions of Debian affected by CVE-2008-0166. But those keys have
- been out of circulation for ages, and this tool is no longer
- required. Closes ticket 21842.
- Changes in version 0.3.0.10 - 2017-08-02
- Tor 0.3.0.10 backports a collection of small-to-medium bugfixes
- from the current Tor alpha series. OpenBSD users and TPROXY users
- should upgrade; others are probably okay sticking with 0.3.0.9.
- o Major features (build system, continuous integration, backport from 0.3.1.5-alpha):
- - Tor's repository now includes a Travis Continuous Integration (CI)
- configuration file (.travis.yml). This is meant to help new
- developers and contributors who fork Tor to a Github repository be
- better able to test their changes, and understand what we expect
- to pass. To use this new build feature, you must fork Tor to your
- Github account, then go into the "Integrations" menu in the
- repository settings for your fork and enable Travis, then push
- your changes. Closes ticket 22636.
- o Major bugfixes (linux TPROXY support, backport from 0.3.1.1-alpha):
- - Fix a typo that had prevented TPROXY-based transparent proxying
- from working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha.
- Patch from "d4fq0fQAgoJ".
- o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha):
- - Avoid an assertion failure bug affecting our implementation of
- inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
- handling of "0xbar" differs from what we had expected. Fixes bug
- 22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007.
- o Minor features (backport from 0.3.1.5-alpha):
- - Update geoip and geoip6 to the July 4 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (bandwidth accounting, backport from 0.3.1.2-alpha):
- - Roll over monthly accounting at the configured hour and minute,
- rather than always at 00:00. Fixes bug 22245; bugfix on 0.0.9rc1.
- Found by Andrey Karpov with PVS-Studio.
- o Minor bugfixes (compilation warnings, backport from 0.3.1.5-alpha):
- - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915;
- bugfix on 0.2.8.1-alpha.
- - Fix warnings when building with libscrypt and openssl scrypt
- support on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha.
- - When building with certain versions of the mingw C header files,
- avoid float-conversion warnings when calling the C functions
- isfinite(), isnan(), and signbit(). Fixes bug 22801; bugfix
- on 0.2.8.1-alpha.
- o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha):
- - Backport a fix for an "unused variable" warning that appeared
- in some versions of mingw. Fixes bug 22838; bugfix on
- 0.2.8.1-alpha.
- o Minor bugfixes (coverity build support, backport from 0.3.1.5-alpha):
- - Avoid Coverity build warnings related to our BUG() macro. By
- default, Coverity treats BUG() as the Linux kernel does: an
- instant abort(). We need to override that so our BUG() macro
- doesn't prevent Coverity from analyzing functions that use it.
- Fixes bug 23030; bugfix on 0.2.9.1-alpha.
- o Minor bugfixes (directory authority, backport from 0.3.1.1-alpha):
- - When rejecting a router descriptor for running an obsolete version
- of Tor without ntor support, warn about the obsolete tor version,
- not the missing ntor key. Fixes bug 20270; bugfix on 0.2.9.3-alpha.
- o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.5-alpha):
- - Avoid a sandbox failure when trying to re-bind to a socket and
- mark it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha.
- o Minor bugfixes (unit tests, backport from 0.3.1.5-alpha)
- - Fix a memory leak in the link-handshake/certs_ok_ed25519 test.
- Fixes bug 22803; bugfix on 0.3.0.1-alpha.
- Changes in version 0.3.0.9 - 2017-06-29
- Tor 0.3.0.9 fixes a path selection bug that would allow a client
- to use a guard that was in the same network family as a chosen exit
- relay. This is a security regression; all clients running earlier
- versions of 0.3.0.x or 0.3.1.x should upgrade to 0.3.0.9 or
- 0.3.1.4-alpha.
- This release also backports several other bugfixes from the 0.3.1.x
- series.
- o Major bugfixes (path selection, security, backport from 0.3.1.4-alpha):
- - When choosing which guard to use for a circuit, avoid the exit's
- family along with the exit itself. Previously, the new guard
- selection logic avoided the exit, but did not consider its family.
- Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked as TROVE-2017-
- 006 and CVE-2017-0377.
- o Major bugfixes (entry guards, backport from 0.3.1.1-alpha):
- - Don't block bootstrapping when a primary bridge is offline and we
- can't get its descriptor. Fixes bug 22325; fixes one case of bug
- 21969; bugfix on 0.3.0.3-alpha.
- o Major bugfixes (entry guards, backport from 0.3.1.4-alpha):
- - When starting with an old consensus, do not add new entry guards
- unless the consensus is "reasonably live" (under 1 day old). Fixes
- one root cause of bug 22400; bugfix on 0.3.0.1-alpha.
- o Minor features (geoip):
- - Update geoip and geoip6 to the June 8 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (voting consistency, backport from 0.3.1.1-alpha):
- - Reject version numbers with non-numeric prefixes (such as +, -, or
- whitespace). Disallowing whitespace prevents differential version
- parsing between POSIX-based and Windows platforms. Fixes bug 21507
- and part of 21508; bugfix on 0.0.8pre1.
- o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.4-alpha):
- - Permit the fchmod system call, to avoid crashing on startup when
- starting with the seccomp2 sandbox and an unexpected set of
- permissions on the data directory or its contents. Fixes bug
- 22516; bugfix on 0.2.5.4-alpha.
- o Minor bugfixes (defensive programming, backport from 0.3.1.4-alpha):
- - Fix a memset() off the end of an array when packing cells. This
- bug should be harmless in practice, since the corrupted bytes are
- still in the same structure, and are always padding bytes,
- ignored, or immediately overwritten, depending on compiler
- behavior. Nevertheless, because the memset()'s purpose is to make
- sure that any other cell-handling bugs can't expose bytes to the
- network, we need to fix it. Fixes bug 22737; bugfix on
- 0.2.4.11-alpha. Fixes CID 1401591.
- Changes in version 0.3.0.8 - 2017-06-08
- Tor 0.3.0.8 fixes a pair of bugs that would allow an attacker to
- remotely crash a hidden service with an assertion failure. Anyone
- running a hidden service should upgrade to this version, or to some
- other version with fixes for TROVE-2017-004 and TROVE-2017-005.
- Tor 0.3.0.8 also includes fixes for several key management bugs
- that sometimes made relays unreliable, as well as several other
- bugfixes described below.
- o Major bugfixes (hidden service, relay, security, backport
- from 0.3.1.3-alpha):
- - Fix a remotely triggerable assertion failure when a hidden service
- handles a malformed BEGIN cell. Fixes bug 22493, tracked as
- TROVE-2017-004 and as CVE-2017-0375; bugfix on 0.3.0.1-alpha.
- - Fix a remotely triggerable assertion failure caused by receiving a
- BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
- 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
- on 0.2.2.1-alpha.
- o Major bugfixes (relay, link handshake, backport from 0.3.1.3-alpha):
- - When performing the v3 link handshake on a TLS connection, report
- that we have the x509 certificate that we actually used on that
- connection, even if we have changed certificates since that
- connection was first opened. Previously, we would claim to have
- used our most recent x509 link certificate, which would sometimes
- make the link handshake fail. Fixes one case of bug 22460; bugfix
- on 0.2.3.6-alpha.
- o Major bugfixes (relays, key management, backport from 0.3.1.3-alpha):
- - Regenerate link and authentication certificates whenever the key
- that signs them changes; also, regenerate link certificates
- whenever the signed key changes. Previously, these processes were
- only weakly coupled, and we relays could (for minutes to hours)
- wind up with an inconsistent set of keys and certificates, which
- other relays would not accept. Fixes two cases of bug 22460;
- bugfix on 0.3.0.1-alpha.
- - When sending an Ed25519 signing->link certificate in a CERTS cell,
- send the certificate that matches the x509 certificate that we
- used on the TLS connection. Previously, there was a race condition
- if the TLS context rotated after we began the TLS handshake but
- before we sent the CERTS cell. Fixes a case of bug 22460; bugfix
- on 0.3.0.1-alpha.
- o Major bugfixes (hidden service v3, backport from 0.3.1.1-alpha):
- - Stop rejecting v3 hidden service descriptors because their size
- did not match an old padding rule. Fixes bug 22447; bugfix on
- tor-0.3.0.1-alpha.
- o Minor features (fallback directory list, backport from 0.3.1.3-alpha):
- - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
- December 2016 (of which ~126 were still functional) with a list of
- 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May
- 2017. Resolves ticket 21564.
- o Minor bugfixes (configuration, backport from 0.3.1.1-alpha):
- - Do not crash when starting with LearnCircuitBuildTimeout 0. Fixes
- bug 22252; bugfix on 0.2.9.3-alpha.
- o Minor bugfixes (correctness, backport from 0.3.1.3-alpha):
- - Avoid undefined behavior when parsing IPv6 entries from the geoip6
- file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
- o Minor bugfixes (link handshake, backport from 0.3.1.3-alpha):
- - Lower the lifetime of the RSA->Ed25519 cross-certificate to six
- months, and regenerate it when it is within one month of expiring.
- Previously, we had generated this certificate at startup with a
- ten-year lifetime, but that could lead to weird behavior when Tor
- was started with a grossly inaccurate clock. Mitigates bug 22466;
- mitigation on 0.3.0.1-alpha.
- o Minor bugfixes (memory leak, directory authority, backport from
- 0.3.1.2-alpha):
- - When directory authorities reject a router descriptor due to
- keypinning, free the router descriptor rather than leaking the
- memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha.
- Changes in version 0.2.9.11 - 2017-06-08
- Tor 0.2.9.11 backports a fix for a bug that would allow an attacker to
- remotely crash a hidden service with an assertion failure. Anyone
- running a hidden service should upgrade to this version, or to some
- other version with fixes for TROVE-2017-005. (Versions before 0.3.0
- are not affected by TROVE-2017-004.)
- Tor 0.2.9.11 also backports fixes for several key management bugs
- that sometimes made relays unreliable, as well as several other
- bugfixes described below.
- o Major bugfixes (hidden service, relay, security, backport
- from 0.3.1.3-alpha):
- - Fix a remotely triggerable assertion failure caused by receiving a
- BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
- 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
- on 0.2.2.1-alpha.
- o Major bugfixes (relay, link handshake, backport from 0.3.1.3-alpha):
- - When performing the v3 link handshake on a TLS connection, report
- that we have the x509 certificate that we actually used on that
- connection, even if we have changed certificates since that
- connection was first opened. Previously, we would claim to have
- used our most recent x509 link certificate, which would sometimes
- make the link handshake fail. Fixes one case of bug 22460; bugfix
- on 0.2.3.6-alpha.
- o Minor features (fallback directory list, backport from 0.3.1.3-alpha):
- - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
- December 2016 (of which ~126 were still functional) with a list of
- 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May
- 2017. Resolves ticket 21564.
- o Minor features (future-proofing, backport from 0.3.0.7):
- - Tor no longer refuses to download microdescriptors or descriptors if
- they are listed as "published in the future". This change will
- eventually allow us to stop listing meaningful "published" dates
- in microdescriptor consensuses, and thereby allow us to reduce the
- resources required to download consensus diffs by over 50%.
- Implements part of ticket 21642; implements part of proposal 275.
- o Minor features (directory authorities, backport from 0.3.0.4-rc)
- - Directory authorities now reject relays running versions
- 0.2.9.1-alpha through 0.2.9.4-alpha, because those relays
- suffer from bug 20499 and don't keep their consensus cache
- up-to-date. Resolves ticket 20509.
- o Minor features (geoip):
- - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (control port, backport from 0.3.0.6):
- - The GETINFO extra-info/digest/<digest> command was broken because
- of a wrong base16 decode return value check, introduced when
- refactoring that API. Fixes bug 22034; bugfix on 0.2.9.1-alpha.
- o Minor bugfixes (correctness, backport from 0.3.1.3-alpha):
- - Avoid undefined behavior when parsing IPv6 entries from the geoip6
- file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
- o Minor bugfixes (Linux seccomp2 sandbox, backport from 0.3.0.7):
- - The getpid() system call is now permitted under the Linux seccomp2
- sandbox, to avoid crashing with versions of OpenSSL (and other
- libraries) that attempt to learn the process's PID by using the
- syscall rather than the VDSO code. Fixes bug 21943; bugfix
- on 0.2.5.1-alpha.
- o Minor bugfixes (memory leak, directory authority, backport
- from 0.3.1.2-alpha):
- - When directory authorities reject a router descriptor due to
- keypinning, free the router descriptor rather than leaking the
- memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha.
- Changes in version 0.2.8.14 - 2017-06-08
- Tor 0.2.7.8 backports a fix for a bug that would allow an attacker to
- remotely crash a hidden service with an assertion failure. Anyone
- running a hidden service should upgrade to this version, or to some
- other version with fixes for TROVE-2017-005. (Versions before 0.3.0
- are not affected by TROVE-2017-004.)
- o Major bugfixes (hidden service, relay, security):
- - Fix a remotely triggerable assertion failure caused by receiving a
- BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
- 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
- on 0.2.2.1-alpha.
- o Minor features (geoip):
- - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
- Country database.
- o Minor features (fallback directory list, backport from 0.3.1.3-alpha):
- - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
- December 2016 (of which ~126 were still functional) with a list of
- 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May
- 2017. Resolves ticket 21564.
- o Minor bugfixes (correctness):
- - Avoid undefined behavior when parsing IPv6 entries from the geoip6
- file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
- Changes in version 0.2.7.8 - 2017-06-08
- Tor 0.2.7.8 backports a fix for a bug that would allow an attacker to
- remotely crash a hidden service with an assertion failure. Anyone
- running a hidden service should upgrade to this version, or to some
- other version with fixes for TROVE-2017-005. (Versions before 0.3.0
- are not affected by TROVE-2017-004.)
- o Major bugfixes (hidden service, relay, security):
- - Fix a remotely triggerable assertion failure caused by receiving a
- BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
- 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
- on 0.2.2.1-alpha.
- o Minor features (geoip):
- - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (correctness):
- - Avoid undefined behavior when parsing IPv6 entries from the geoip6
- file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
- Changes in version 0.2.6.12 - 2017-06-08
- Tor 0.2.6.12 backports a fix for a bug that would allow an attacker to
- remotely crash a hidden service with an assertion failure. Anyone
- running a hidden service should upgrade to this version, or to some
- other version with fixes for TROVE-2017-005. (Versions before 0.3.0
- are not affected by TROVE-2017-004.)
- o Major bugfixes (hidden service, relay, security):
- - Fix a remotely triggerable assertion failure caused by receiving a
- BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
- 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
- on 0.2.2.1-alpha.
- o Minor features (geoip):
- - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (correctness):
- - Avoid undefined behavior when parsing IPv6 entries from the geoip6
- file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
- Changes in version 0.2.5.14 - 2017-06-08
- Tor 0.2.5.14 backports a fix for a bug that would allow an attacker to
- remotely crash a hidden service with an assertion failure. Anyone
- running a hidden service should upgrade to this version, or to some
- other version with fixes for TROVE-2017-005. (Versions before 0.3.0
- are not affected by TROVE-2017-004.)
- o Major bugfixes (hidden service, relay, security):
- - Fix a remotely triggerable assertion failure caused by receiving a
- BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
- 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
- on 0.2.2.1-alpha.
- o Minor features (geoip):
- - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (correctness):
- - Avoid undefined behavior when parsing IPv6 entries from the geoip6
- file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
- Changes in version 0.2.4.29 - 2017-06-08
- Tor 0.2.4.29 backports a fix for a bug that would allow an attacker to
- remotely crash a hidden service with an assertion failure. Anyone
- running a hidden service should upgrade to this version, or to some
- other version with fixes for TROVE-2017-005. (Versions before 0.3.0
- are not affected by TROVE-2017-004.)
- o Major bugfixes (hidden service, relay, security):
- - Fix a remotely triggerable assertion failure caused by receiving a
- BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
- 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
- on 0.2.2.1-alpha.
- o Minor features (geoip):
- - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (correctness):
- - Avoid undefined behavior when parsing IPv6 entries from the geoip6
- file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
- Changes in version 0.3.0.7 - 2017-05-15
- Tor 0.3.0.7 fixes a medium-severity security bug in earlier versions
- of Tor 0.3.0.x, where an attacker could cause a Tor relay process
- to exit. Relays running earlier versions of Tor 0.3.0.x should upgrade;
- clients are not affected.
- o Major bugfixes (hidden service directory, security):
- - Fix an assertion failure in the hidden service directory code, which
- could be used by an attacker to remotely cause a Tor relay process to
- exit. Relays running earlier versions of Tor 0.3.0.x should upgrade.
- should upgrade. This security issue is tracked as TROVE-2017-002.
- Fixes bug 22246; bugfix on 0.3.0.1-alpha.
- o Minor features:
- - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
- Country database.
- o Minor features (future-proofing):
- - Tor no longer refuses to download microdescriptors or descriptors
- if they are listed as "published in the future". This change will
- eventually allow us to stop listing meaningful "published" dates
- in microdescriptor consensuses, and thereby allow us to reduce the
- resources required to download consensus diffs by over 50%.
- Implements part of ticket 21642; implements part of proposal 275.
- o Minor bugfixes (Linux seccomp2 sandbox):
- - The getpid() system call is now permitted under the Linux seccomp2
- sandbox, to avoid crashing with versions of OpenSSL (and other
- libraries) that attempt to learn the process's PID by using the
- syscall rather than the VDSO code. Fixes bug 21943; bugfix
- on 0.2.5.1-alpha.
- Changes in version 0.3.0.6 - 2017-04-26
- Tor 0.3.0.6 is the first stable release of the Tor 0.3.0 series.
- With the 0.3.0 series, clients and relays now use Ed25519 keys to
- authenticate their link connections to relays, rather than the old
- RSA1024 keys that they used before. (Circuit crypto has been
- Curve25519-authenticated since 0.2.4.8-alpha.) We have also replaced
- the guard selection and replacement algorithm to behave more robustly
- in the presence of unreliable networks, and to resist guard-
- capture attacks.
- This series also includes numerous other small features and bugfixes,
- along with more groundwork for the upcoming hidden-services revamp.
- Per our stable release policy, we plan to support the Tor 0.3.0
- release series for at least the next nine months, or for three months
- after the first stable release of the 0.3.1 series: whichever is
- longer. If you need a release with long-term support, we recommend
- that you stay with the 0.2.9 series.
- Below are the changes since 0.2.9.10. For a list of only the changes
- since 0.3.0.5-rc, see the ChangeLog file.
- o Major features (directory authority, security):
- - The default for AuthDirPinKeys is now 1: directory authorities
- will reject relays where the RSA identity key matches a previously
- seen value, but the Ed25519 key has changed. Closes ticket 18319.
- o Major features (guard selection algorithm):
- - Tor's guard selection algorithm has been redesigned from the
- ground up, to better support unreliable networks and restrictive
- sets of entry nodes, and to better resist guard-capture attacks by
- hostile local networks. Implements proposal 271; closes
- ticket 19877.
- o Major features (next-generation hidden services):
- - Relays can now handle v3 ESTABLISH_INTRO cells as specified by
- prop224 aka "Next Generation Hidden Services". Service and clients
- don't use this functionality yet. Closes ticket 19043. Based on
- initial code by Alec Heifetz.
- - Relays now support the HSDir version 3 protocol, so that they can
- can store and serve v3 descriptors. This is part of the next-
- generation onion service work detailed in proposal 224. Closes
- ticket 17238.
- o Major features (protocol, ed25519 identity keys):
- - Clients now support including Ed25519 identity keys in the EXTEND2
- cells they generate. By default, this is controlled by a consensus
- parameter, currently disabled. You can turn this feature on for
- testing by setting ExtendByEd25519ID in your configuration. This
- might make your traffic appear different than the traffic
- generated by other users, however. Implements part of ticket
- 15056; part of proposal 220.
- - Relays now understand requests to extend to other relays by their
- Ed25519 identity keys. When an Ed25519 identity key is included in
- an EXTEND2 cell, the relay will only extend the circuit if the
- other relay can prove ownership of that identity. Implements part
- of ticket 15056; part of proposal 220.
- - Relays now use Ed25519 to prove their Ed25519 identities and to
- one another, and to clients. This algorithm is faster and more
- secure than the RSA-based handshake we've been doing until now.
- Implements the second big part of proposal 220; Closes
- ticket 15055.
- o Major features (security):
- - Change the algorithm used to decide DNS TTLs on client and server
- side, to better resist DNS-based correlation attacks like the
- DefecTor attack of Greschbach, Pulls, Roberts, Winter, and
- Feamster. Now relays only return one of two possible DNS TTL
- values, and clients are willing to believe DNS TTL values up to 3
- hours long. Closes ticket 19769.
- o Major bugfixes (client, onion service, also in 0.2.9.9):
- - Fix a client-side onion service reachability bug, where multiple
- socks requests to an onion service (or a single slow request)
- could cause us to mistakenly mark some of the service's
- introduction points as failed, and we cache that failure so
- eventually we run out and can't reach the service. Also resolves a
- mysterious "Remote server sent bogus reason code 65021" log
- warning. The bug was introduced in ticket 17218, where we tried to
- remember the circuit end reason as a uint16_t, which mangled
- negative values. Partially fixes bug 21056 and fixes bug 20307;
- bugfix on 0.2.8.1-alpha.
- o Major bugfixes (crash, directory connections):
- - Fix a rare crash when sending a begin cell on a circuit whose
- linked directory connection had already been closed. Fixes bug
- 21576; bugfix on 0.2.9.3-alpha. Reported by Alec Muffett.
- o Major bugfixes (directory authority):
- - During voting, when marking a relay as a probable sybil, do not
- clear its BadExit flag: sybils can still be bad in other ways
- too. (We still clear the other flags.) Fixes bug 21108; bugfix
- on 0.2.0.13-alpha.
- o Major bugfixes (DNS):
- - Fix a bug that prevented exit nodes from caching DNS records for
- more than 60 seconds. Fixes bug 19025; bugfix on 0.2.4.7-alpha.
- o Major bugfixes (IPv6 Exits):
- - Stop rejecting all IPv6 traffic on Exits whose exit policy rejects
- any IPv6 addresses. Instead, only reject a port over IPv6 if the
- exit policy rejects that port on more than an IPv6 /16 of
- addresses. This bug was made worse by 17027 in 0.2.8.1-alpha,
- which rejected a relay's own IPv6 address by default. Fixes bug
- 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha.
- o Major bugfixes (parsing):
- - Fix an integer underflow bug when comparing malformed Tor
- versions. This bug could crash Tor when built with
- --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
- 0.2.9.8, which were built with -ftrapv by default. In other cases
- it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
- on 0.0.8pre1. Found by OSS-Fuzz.
- - When parsing a malformed content-length field from an HTTP
- message, do not read off the end of the buffer. This bug was a
- potential remote denial-of-service attack against Tor clients and
- relays. A workaround was released in October 2016, to prevent this
- bug from crashing Tor. This is a fix for the underlying issue,
- which should no longer matter (if you applied the earlier patch).
- Fixes bug 20894; bugfix on 0.2.0.16-alpha. Bug found by fuzzing
- using AFL (http://lcamtuf.coredump.cx/afl/).
- o Major bugfixes (scheduler):
- - Actually compare circuit policies in ewma_cmp_cmux(). This bug
- caused the channel scheduler to behave more or less randomly,
- rather than preferring channels with higher-priority circuits.
- Fixes bug 20459; bugfix on 0.2.6.2-alpha.
- o Major bugfixes (security, also in 0.2.9.9):
- - Downgrade the "-ftrapv" option from "always on" to "only on when
- --enable-expensive-hardening is provided." This hardening option,
- like others, can turn survivable bugs into crashes--and having it
- on by default made a (relatively harmless) integer overflow bug
- into a denial-of-service bug. Fixes bug 21278 (TROVE-2017-001);
- bugfix on 0.2.9.1-alpha.
- o Minor feature (client):
- - Enable IPv6 traffic on the SocksPort by default. To disable this,
- a user will have to specify "NoIPv6Traffic". Closes ticket 21269.
- o Minor feature (fallback scripts):
- - Add a check_existing mode to updateFallbackDirs.py, which checks
- if fallbacks in the hard-coded list are working. Closes ticket
- 20174. Patch by haxxpop.
- o Minor feature (protocol versioning):
- - Add new protocol version for proposal 224. HSIntro now advertises
- version "3-4" and HSDir version "1-2". Fixes ticket 20656.
- o Minor features (ciphersuite selection):
- - Allow relays to accept a wider range of ciphersuites, including
- chacha20-poly1305 and AES-CCM. Closes the other part of 15426.
- - Clients now advertise a list of ciphersuites closer to the ones
- preferred by Firefox. Closes part of ticket 15426.
- o Minor features (controller):
- - Add "GETINFO sr/current" and "GETINFO sr/previous" keys, to expose
- shared-random values to the controller. Closes ticket 19925.
- - When HSFETCH arguments cannot be parsed, say "Invalid argument"
- rather than "unrecognized." Closes ticket 20389; patch from
- Ivan Markin.
- o Minor features (controller, configuration):
- - Each of the *Port options, such as SocksPort, ORPort, ControlPort,
- and so on, now comes with a __*Port variant that will not be saved
- to the torrc file by the controller's SAVECONF command. This
- change allows TorBrowser to set up a single-use domain socket for
- each time it launches Tor. Closes ticket 20956.
- - The GETCONF command can now query options that may only be
- meaningful in context-sensitive lists. This allows the controller
- to query the mixed SocksPort/__SocksPort style options introduced
- in feature 20956. Implements ticket 21300.
- o Minor features (diagnostic, directory client):
- - Warn when we find an unexpected inconsistency in directory
- download status objects. Prevents some negative consequences of
- bug 20593.
- o Minor features (directory authorities):
- - Directory authorities now reject descriptors that claim to be
- malformed versions of Tor. Helps prevent exploitation of
- bug 21278.
- - Reject version numbers with components that exceed INT32_MAX.
- Otherwise 32-bit and 64-bit platforms would behave inconsistently.
- Fixes bug 21450; bugfix on 0.0.8pre1.
- o Minor features (directory authority):
- - Add a new authority-only AuthDirTestEd25519LinkKeys option (on by
- default) to control whether authorities should try to probe relays
- by their Ed25519 link keys. This option will go away in a few
- releases--unless we encounter major trouble in our ed25519 link
- protocol rollout, in which case it will serve as a safety option.
- o Minor features (directory cache):
- - Relays and bridges will now refuse to serve the consensus they
- have if they know it is too old for a client to use. Closes
- ticket 20511.
- o Minor features (ed25519 link handshake):
- - Advertise support for the ed25519 link handshake using the
- subprotocol-versions mechanism, so that clients can tell which
- relays can identity themselves by Ed25519 ID. Closes ticket 20552.
- o Minor features (entry guards):
- - Add UseEntryGuards to TEST_OPTIONS_DEFAULT_VALUES in order to not
- break regression tests.
- - Require UseEntryGuards when UseBridges is set, in order to make
- sure bridges aren't bypassed. Resolves ticket 20502.
- o Minor features (fallback directories):
- - Allow 3 fallback relays per operator, which is safe now that we
- are choosing 200 fallback relays. Closes ticket 20912.
- - Annotate updateFallbackDirs.py with the bandwidth and consensus
- weight for each candidate fallback. Closes ticket 20878.
- - Display the relay fingerprint when downloading consensuses from
- fallbacks. Closes ticket 20908.
- - Exclude relays affected by bug 20499 from the fallback list.
- Exclude relays from the fallback list if they are running versions
- known to be affected by bug 20499, or if in our tests they deliver
- a stale consensus (i.e. one that expired more than 24 hours ago).
- Closes ticket 20539.
- - Make it easier to change the output sort order of fallbacks.
- Closes ticket 20822.
- - Reduce the minimum fallback bandwidth to 1 MByte/s. Part of
- ticket 18828.
- - Require fallback directories to have the same address and port for
- 7 days (now that we have enough relays with this stability).
- Relays whose OnionOO stability timer is reset on restart by bug
- 18050 should upgrade to Tor 0.2.8.7 or later, which has a fix for
- this issue. Closes ticket 20880; maintains short-term fix
- in 0.2.8.2-alpha.
- - Require fallbacks to have flags for 90% of the time (weighted
- decaying average), rather than 95%. This allows at least 73% of
- clients to bootstrap in the first 5 seconds without contacting an
- authority. Part of ticket 18828.
- - Select 200 fallback directories for each release. Closes
- ticket 20881.
- o Minor features (fingerprinting resistance, authentication):
- - Extend the length of RSA keys used for TLS link authentication to
- 2048 bits. (These weren't used for forward secrecy; for forward
- secrecy, we used P256.) Closes ticket 13752.
- o Minor features (geoip):
- - Update geoip and geoip6 to the April 4 2017 Maxmind GeoLite2
- Country database.
- o Minor features (geoip, also in 0.2.9.9):
- - Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2
- Country database.
- o Minor features (infrastructure):
- - Implement smartlist_add_strdup() function. Replaces the use of
- smartlist_add(sl, tor_strdup(str)). Closes ticket 20048.
- o Minor features (linting):
- - Enhance the changes file linter to warn on Tor versions that are
- prefixed with "tor-". Closes ticket 21096.
- o Minor features (logging):
- - In several places, describe unset ed25519 keys as "<unset>",
- rather than the scary "AAAAAAAA...AAA". Closes ticket 21037.
- o Minor features (portability, compilation):
- - Autoconf now checks to determine if OpenSSL structures are opaque,
- instead of explicitly checking for OpenSSL version numbers. Part
- of ticket 21359.
- - Support building with recent LibreSSL code that uses opaque
- structures. Closes ticket 21359.
- o Minor features (relay):
- - We now allow separation of exit and relay traffic to different
- source IP addresses, using the OutboundBindAddressExit and
- OutboundBindAddressOR options respectively. Closes ticket 17975.
- Written by Michael Sonntag.
- o Minor features (reliability, crash):
- - Try better to detect problems in buffers where they might grow (or
- think they have grown) over 2 GB in size. Diagnostic for
- bug 21369.
- o Minor features (testing):
- - During 'make test-network-all', if tor logs any warnings, ask
- chutney to output them. Requires a recent version of chutney with
- the 21572 patch. Implements 21570.
- o Minor bugfix (control protocol):
- - The reply to a "GETINFO config/names" request via the control
- protocol now spells the type "Dependent" correctly. This is a
- breaking change in the control protocol. (The field seems to be
- ignored by the most common known controllers.) Fixes bug 18146;
- bugfix on 0.1.1.4-alpha.
- - The GETINFO extra-info/digest/<digest> command was broken because
- of a wrong base16 decode return value check, introduced when
- refactoring that API. Fixes bug 22034; bugfix on 0.2.9.1-alpha.
- o Minor bugfix (logging):
- - Don't recommend the use of Tor2web in non-anonymous mode.
- Recommending Tor2web is a bad idea because the client loses all
- anonymity. Tor2web should only be used in specific cases by users
- who *know* and understand the issues. Fixes bug 21294; bugfix
- on 0.2.9.3-alpha.
- o Minor bugfixes (bug resilience):
- - Fix an unreachable size_t overflow in base64_decode(). Fixes bug
- 19222; bugfix on 0.2.0.9-alpha. Found by Guido Vranken; fixed by
- Hans Jerry Illikainen.
- o Minor bugfixes (build):
- - Replace obsolete Autoconf macros with their modern equivalent and
- prevent similar issues in the future. Fixes bug 20990; bugfix
- on 0.1.0.1-rc.
- o Minor bugfixes (certificate expiration time):
- - Avoid using link certificates that don't become valid till some
- time in the future. Fixes bug 21420; bugfix on 0.2.4.11-alpha
- o Minor bugfixes (client):
- - Always recover from failures in extend_info_from_node(), in an
- attempt to prevent any recurrence of bug 21242. Fixes bug 21372;
- bugfix on 0.2.3.1-alpha.
- - When clients that use bridges start up with a cached consensus on
- disk, they were ignoring it and downloading a new one. Now they
- use the cached one. Fixes bug 20269; bugfix on 0.2.3.12-alpha.
- o Minor bugfixes (code correctness):
- - Repair a couple of (unreachable or harmless) cases of the risky
- comparison-by-subtraction pattern that caused bug 21278.
- o Minor bugfixes (config):
- - Don't assert on startup when trying to get the options list and
- LearnCircuitBuildTimeout is set to 0: we are currently parsing the
- options so of course they aren't ready yet. Fixes bug 21062;
- bugfix on 0.2.9.3-alpha.
- o Minor bugfixes (configuration):
- - Accept non-space whitespace characters after the severity level in
- the `Log` option. Fixes bug 19965; bugfix on 0.2.1.1-alpha.
- - Support "TByte" and "TBytes" units in options given in bytes.
- "TB", "terabyte(s)", "TBit(s)" and "terabit(s)" were already
- supported. Fixes bug 20622; bugfix on 0.2.0.14-alpha.
- o Minor bugfixes (configure, autoconf):
- - Rename the configure option --enable-expensive-hardening to
- --enable-fragile-hardening. Expensive hardening makes the tor
- daemon abort when some kinds of issues are detected. Thus, it
- makes tor more at risk of remote crashes but safer against RCE or
- heartbleed bug category. We now try to explain this issue in a
- message from the configure script. Fixes bug 21290; bugfix
- on 0.2.5.4-alpha.
- o Minor bugfixes (consensus weight):
- - Add new consensus method that initializes bw weights to 1 instead
- of 0. This prevents a zero weight from making it all the way to
- the end (happens in small testing networks) and causing an error.
- Fixes bug 14881; bugfix on 0.2.2.17-alpha.
- o Minor bugfixes (crash prevention):
- - Fix an (currently untriggerable, but potentially dangerous) crash
- bug when base32-encoding inputs whose sizes are not a multiple of
- 5. Fixes bug 21894; bugfix on 0.2.9.1-alpha.
- o Minor bugfixes (dead code):
- - Remove a redundant check for PidFile changes at runtime in
- options_transition_allowed(): this check is already performed
- regardless of whether the sandbox is active. Fixes bug 21123;
- bugfix on 0.2.5.4-alpha.
- o Minor bugfixes (descriptors):
- - Correctly recognise downloaded full descriptors as valid, even
- when using microdescriptors as circuits. This affects clients with
- FetchUselessDescriptors set, and may affect directory authorities.
- Fixes bug 20839; bugfix on 0.2.3.2-alpha.
- o Minor bugfixes (directory mirrors):
- - Allow relays to use directory mirrors without a DirPort: these
- relays need to be contacted over their ORPorts using a begindir
- connection. Fixes one case of bug 20711; bugfix on 0.2.8.2-alpha.
- - Clarify the message logged when a remote relay is unexpectedly
- missing an ORPort or DirPort: users were confusing this with a
- local port. Fixes another case of bug 20711; bugfix
- on 0.2.8.2-alpha.
- o Minor bugfixes (directory system):
- - Bridges and relays now use microdescriptors (like clients do)
- rather than old-style router descriptors. Now bridges will blend
- in with clients in terms of the circuits they build. Fixes bug
- 6769; bugfix on 0.2.3.2-alpha.
- - Download all consensus flavors, descriptors, and authority
- certificates when FetchUselessDescriptors is set, regardless of
- whether tor is a directory cache or not. Fixes bug 20667; bugfix
- on all recent tor versions.
- o Minor bugfixes (documentation):
- - Update the tor manual page to document every option that can not
- be changed while tor is running. Fixes bug 21122.
- o Minor bugfixes (ed25519 certificates):
- - Correctly interpret ed25519 certificates that would expire some
- time after 19 Jan 2038. Fixes bug 20027; bugfix on 0.2.7.2-alpha.
- o Minor bugfixes (fallback directories):
- - Avoid checking fallback candidates' DirPorts if they are down in
- OnionOO. When a relay operator has multiple relays, this
- prioritizes relays that are up over relays that are down. Fixes
- bug 20926; bugfix on 0.2.8.3-alpha.
- - Stop failing when OUTPUT_COMMENTS is True in updateFallbackDirs.py.
- Fixes bug 20877; bugfix on 0.2.8.3-alpha.
- - Stop failing when a relay has no uptime data in
- updateFallbackDirs.py. Fixes bug 20945; bugfix on 0.2.8.1-alpha.
- o Minor bugfixes (hidden service):
- - Clean up the code for expiring intro points with no associated
- circuits. It was causing, rarely, a service with some expiring
- introduction points to not open enough additional introduction
- points. Fixes part of bug 21302; bugfix on 0.2.7.2-alpha.
- - Resolve two possible underflows which could lead to creating and
- closing a lot of introduction point circuits in a non-stop loop.
- Fixes bug 21302; bugfix on 0.2.7.2-alpha.
- - Stop setting the torrc option HiddenServiceStatistics to "0" just
- because we're not a bridge or relay. Instead, we preserve whatever
- value the user set (or didn't set). Fixes bug 21150; bugfix
- on 0.2.6.2-alpha.
- o Minor bugfixes (hidden services):
- - Make hidden services check for failed intro point connections,
- even when they have exceeded their intro point creation limit.
- Fixes bug 21596; bugfix on 0.2.7.2-alpha. Reported by Alec Muffett.
- - Make hidden services with 8 to 10 introduction points check for
- failed circuits immediately after startup. Previously, they would
- wait for 5 minutes before performing their first checks. Fixes bug
- 21594; bugfix on 0.2.3.9-alpha. Reported by Alec Muffett.
- - Stop ignoring misconfigured hidden services. Instead, refuse to
- start tor until the misconfigurations have been corrected. Fixes
- bug 20559; bugfix on multiple commits in 0.2.7.1-alpha
- and earlier.
- o Minor bugfixes (IPv6):
- - Make IPv6-using clients try harder to find an IPv6 directory
- server. Fixes bug 20999; bugfix on 0.2.8.2-alpha.
- - When IPv6 addresses have not been downloaded yet (microdesc
- consensus documents don't list relay IPv6 addresses), use hard-
- coded addresses for authorities, fallbacks, and configured
- bridges. Now IPv6-only clients can use microdescriptors. Fixes bug
- 20996; bugfix on b167e82 from 19608 in 0.2.8.5-alpha.
- o Minor bugfixes (memory leak at exit):
- - Fix a small harmless memory leak at exit of the previously unused
- RSA->Ed identity cross-certificate. Fixes bug 17779; bugfix
- on 0.2.7.2-alpha.
- o Minor bugfixes (onion services):
- - Allow the number of introduction points to be as low as 0, rather
- than as low as 3. Fixes bug 21033; bugfix on 0.2.7.2-alpha.
- o Minor bugfixes (portability):
- - Use "OpenBSD" compiler macro instead of "OPENBSD" or "__OpenBSD__".
- It is supported by OpenBSD itself, and also by most OpenBSD
- variants (such as Bitrig). Fixes bug 20980; bugfix
- on 0.1.2.1-alpha.
- o Minor bugfixes (portability, also in 0.2.9.9):
- - Avoid crashing when Tor is built using headers that contain
- CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel
- without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix
- on 0.2.9.1-alpha.
- - Fix Libevent detection on platforms without Libevent 1 headers
- installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha.
- o Minor bugfixes (relay):
- - Avoid a double-marked-circuit warning that could happen when we
- receive DESTROY cells under heavy load. Fixes bug 20059; bugfix
- on 0.1.0.1-rc.
- - Honor DataDirectoryGroupReadable when tor is a relay. Previously,
- initializing the keys would reset the DataDirectory to 0700
- instead of 0750 even if DataDirectoryGroupReadable was set to 1.
- Fixes bug 19953; bugfix on 0.0.2pre16. Patch by "redfish".
- o Minor bugfixes (testing):
- - Fix Raspbian build issues related to missing socket errno in
- test_util.c. Fixes bug 21116; bugfix on 0.2.8.2. Patch by "hein".
- - Remove undefined behavior from the backtrace generator by removing
- its signal handler. Fixes bug 21026; bugfix on 0.2.5.2-alpha.
- - Use bash in src/test/test-network.sh. This ensures we reliably
- call chutney's newer tools/test-network.sh when available. Fixes
- bug 21562; bugfix on 0.2.9.1-alpha.
- o Minor bugfixes (tor-resolve):
- - The tor-resolve command line tool now rejects hostnames over 255
- characters in length. Previously, it would silently truncate them,
- which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5.
- Patch by "junglefowl".
- o Minor bugfixes (unit tests):
- - Allow the unit tests to pass even when DNS lookups of bogus
- addresses do not fail as expected. Fixes bug 20862 and 20863;
- bugfix on unit tests introduced in 0.2.8.1-alpha
- through 0.2.9.4-alpha.
- o Minor bugfixes (util):
- - When finishing writing a file to disk, if we were about to replace
- the file with the temporary file created before and we fail to
- replace it, remove the temporary file so it doesn't stay on disk.
- Fixes bug 20646; bugfix on 0.2.0.7-alpha. Patch by fk.
- o Minor bugfixes (Windows services):
- - Be sure to initialize the monotonic time subsystem before using
- it, even when running as an NT service. Fixes bug 21356; bugfix
- on 0.2.9.1-alpha.
- o Minor bugfixes (Windows):
- - Check for getpagesize before using it to mmap files. This fixes
- compilation in some MinGW environments. Fixes bug 20530; bugfix on
- 0.1.2.1-alpha. Reported by "ice".
- o Code simplification and refactoring:
- - Abolish all global guard context in entrynodes.c; replace with new
- guard_selection_t structure as preparation for proposal 271.
- Closes ticket 19858.
- - Extract magic numbers in circuituse.c into defined variables.
- - Introduce rend_service_is_ephemeral() that tells if given onion
- service is ephemeral. Replace unclear NULL-checkings for service
- directory with this function. Closes ticket 20526.
- - Refactor circuit_is_available_for_use to remove unnecessary check.
- - Refactor circuit_predict_and_launch_new for readability and
- testability. Closes ticket 18873.
- - Refactor code to manipulate global_origin_circuit_list into
- separate functions. Closes ticket 20921.
- - Refactor large if statement in purpose_needs_anonymity to use
- switch statement instead. Closes part of ticket 20077.
- - Refactor the hashing API to return negative values for errors, as
- is done as throughout the codebase. Closes ticket 20717.
- - Remove data structures that were used to index or_connection
- objects by their RSA identity digests. These structures are fully
- redundant with the similar structures used in the
- channel abstraction.
- - Remove duplicate code in the channel_write_*cell() functions.
- Closes ticket 13827; patch from Pingl.
- - Remove redundant behavior of is_sensitive_dir_purpose, refactor to
- use only purpose_needs_anonymity. Closes part of ticket 20077.
- - The code to generate and parse EXTEND and EXTEND2 cells has been
- replaced with code automatically generated by the
- "trunnel" utility.
- o Documentation (formatting):
- - Clean up formatting of tor.1 man page and HTML doc, where <pre>
- blocks were incorrectly appearing. Closes ticket 20885.
- o Documentation (man page):
- - Clarify many options in tor.1 and add some min/max values for
- HiddenService options. Closes ticket 21058.
- o Documentation:
- - Change '1' to 'weight_scale' in consensus bw weights calculation
- comments, as that is reality. Closes ticket 20273. Patch
- from pastly.
- - Clarify that when ClientRejectInternalAddresses is enabled (which
- is the default), multicast DNS hostnames for machines on the local
- network (of the form *.local) are also rejected. Closes
- ticket 17070.
- - Correct the value for AuthDirGuardBWGuarantee in the manpage, from
- 250 KBytes to 2 MBytes. Fixes bug 20435; bugfix on 0.2.5.6-alpha.
- - Include the "TBits" unit in Tor's man page. Fixes part of bug
- 20622; bugfix on 0.2.5.1-alpha.
- - Small fixes to the fuzzing documentation. Closes ticket 21472.
- - Stop the man page from incorrectly stating that HiddenServiceDir
- must already exist. Fixes 20486.
- - Update the description of the directory server options in the
- manual page, to clarify that a relay no longer needs to set
- DirPort in order to be a directory cache. Closes ticket 21720.
- o Removed features:
- - The AuthDirMaxServersPerAuthAddr option no longer exists: The same
- limit for relays running on a single IP applies to authority IP
- addresses as well as to non-authority IP addresses. Closes
- ticket 20960.
- - The UseDirectoryGuards torrc option no longer exists: all users
- that use entry guards will also use directory guards. Related to
- proposal 271; implements part of ticket 20831.
- o Testing:
- - Add tests for networkstatus_compute_bw_weights_v10.
- - Add unit tests circuit_predict_and_launch_new.
- - Extract dummy_origin_circuit_new so it can be used by other
- test functions.
- - New unit tests for tor_htonll(). Closes ticket 19563. Patch
- from "overcaffeinated".
- - Perform the coding style checks when running the tests and fail
- when coding style violations are found. Closes ticket 5500.
- Changes in version 0.2.8.13 - 2017-03-03
- Tor 0.2.8.13 backports a security fix from later Tor
- releases. Anybody running Tor 0.2.8.12 or earlier should upgrade to this
- this release, if for some reason they cannot upgrade to a later
- release series, and if they build Tor with the --enable-expensive-hardening
- option.
- Note that support for Tor 0.2.8.x is ending next year: we will not issue
- any fixes for the Tor 0.2.8.x series after 1 Jan 2018. If you need
- a Tor release series with longer-term support, we recommend Tor 0.2.9.x.
- o Major bugfixes (parsing, backported from 0.3.0.4-rc):
- - Fix an integer underflow bug when comparing malformed Tor
- versions. This bug could crash Tor when built with
- --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
- 0.2.9.8, which were built with -ftrapv by default. In other cases
- it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
- on 0.0.8pre1. Found by OSS-Fuzz.
- o Minor features (geoip):
- - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
- Country database.
- Changes in version 0.2.7.7 - 2017-03-03
- Tor 0.2.7.7 backports a number of security fixes from later Tor
- releases. Anybody running Tor 0.2.7.6 or earlier should upgrade to
- this release, if for some reason they cannot upgrade to a later
- release series.
- Note that support for Tor 0.2.7.x is ending this year: we will not issue
- any fixes for the Tor 0.2.7.x series after 1 August 2017. If you need
- a Tor release series with longer-term support, we recommend Tor 0.2.9.x.
- o Directory authority changes (backport from 0.2.8.5-rc):
- - Urras is no longer a directory authority. Closes ticket 19271.
- o Directory authority changes (backport from 0.2.9.2-alpha):
- - The "Tonga" bridge authority has been retired; the new bridge
- authority is "Bifroest". Closes tickets 19728 and 19690.
- o Directory authority key updates (backport from 0.2.8.1-alpha):
- - Update the V3 identity key for the dannenberg directory authority:
- it was changed on 18 November 2015. Closes task 17906. Patch
- by "teor".
- o Major bugfixes (parsing, security, backport from 0.2.9.8):
- - Fix a bug in parsing that could cause clients to read a single
- byte past the end of an allocated region. This bug could be used
- to cause hardened clients (built with --enable-expensive-hardening)
- to crash if they tried to visit a hostile hidden service. Non-
- hardened clients are only affected depending on the details of
- their platform's memory allocator. Fixes bug 21018; bugfix on
- 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
- 2016-12-002 and as CVE-2016-1254.
- o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha):
- - Stop a crash that could occur when a client running with DNSPort
- received a query with multiple address types, and the first
- address type was not supported. Found and fixed by Scott Dial.
- Fixes bug 18710; bugfix on 0.2.5.4-alpha.
- - Prevent a class of security bugs caused by treating the contents
- of a buffer chunk as if they were a NUL-terminated string. At
- least one such bug seems to be present in all currently used
- versions of Tor, and would allow an attacker to remotely crash
- most Tor instances, especially those compiled with extra compiler
- hardening. With this defense in place, such bugs can't crash Tor,
- though we should still fix them as they occur. Closes ticket
- 20384 (TROVE-2016-10-001).
- o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha):
- - Avoid a difficult-to-trigger heap corruption attack when extending
- a smartlist to contain over 16GB of pointers. Fixes bug 18162;
- bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely.
- Reported by Guido Vranken.
- o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha):
- - Avoid crashing when running as a DNS proxy. Fixes bug 16248;
- bugfix on 0.2.0.1-alpha. Patch from "cypherpunks".
- o Major bugfixes (key management, backport from 0.2.8.3-alpha):
- - If OpenSSL fails to generate an RSA key, do not retain a dangling
- pointer to the previous (uninitialized) key value. The impact here
- should be limited to a difficult-to-trigger crash, if OpenSSL is
- running an engine that makes key generation failures possible, or
- if OpenSSL runs out of memory. Fixes bug 19152; bugfix on
- 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and
- Baishakhi Ray.
- o Major bugfixes (parsing, backported from 0.3.0.4-rc):
- - Fix an integer underflow bug when comparing malformed Tor
- versions. This bug could crash Tor when built with
- --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
- 0.2.9.8, which were built with -ftrapv by default. In other cases
- it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
- on 0.0.8pre1. Found by OSS-Fuzz.
- o Minor features (security, memory erasure, backport from 0.2.8.1-alpha):
- - Make memwipe() do nothing when passed a NULL pointer or buffer of
- zero size. Check size argument to memwipe() for underflow. Fixes
- bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk",
- patch by "teor".
- o Minor features (bug-resistance, backport from 0.2.8.2-alpha):
- - Make Tor survive errors involving connections without a
- corresponding event object. Previously we'd fail with an
- assertion; now we produce a log message. Related to bug 16248.
- o Minor features (geoip):
- - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
- Country database.
- Changes in version 0.2.6.11 - 2017-03-03
- Tor 0.2.6.11 backports a number of security fixes from later Tor
- releases. Anybody running Tor 0.2.6.10 or earlier should upgrade to
- this release, if for some reason they cannot upgrade to a later
- release series.
- Note that support for Tor 0.2.6.x is ending this year: we will not issue
- any fixes for the Tor 0.2.6.x series after 1 August 2017. If you need
- a Tor release series with longer-term support, we recommend Tor 0.2.9.x.
- o Directory authority changes (backport from 0.2.8.5-rc):
- - Urras is no longer a directory authority. Closes ticket 19271.
- o Directory authority changes (backport from 0.2.9.2-alpha):
- - The "Tonga" bridge authority has been retired; the new bridge
- authority is "Bifroest". Closes tickets 19728 and 19690.
- o Directory authority key updates (backport from 0.2.8.1-alpha):
- - Update the V3 identity key for the dannenberg directory authority:
- it was changed on 18 November 2015. Closes task 17906. Patch
- by "teor".
- o Major features (security fixes, backport from 0.2.9.4-alpha):
- - Prevent a class of security bugs caused by treating the contents
- of a buffer chunk as if they were a NUL-terminated string. At
- least one such bug seems to be present in all currently used
- versions of Tor, and would allow an attacker to remotely crash
- most Tor instances, especially those compiled with extra compiler
- hardening. With this defense in place, such bugs can't crash Tor,
- though we should still fix them as they occur. Closes ticket
- 20384 (TROVE-2016-10-001).
- o Major bugfixes (parsing, security, backport from 0.2.9.8):
- - Fix a bug in parsing that could cause clients to read a single
- byte past the end of an allocated region. This bug could be used
- to cause hardened clients (built with --enable-expensive-hardening)
- to crash if they tried to visit a hostile hidden service. Non-
- hardened clients are only affected depending on the details of
- their platform's memory allocator. Fixes bug 21018; bugfix on
- 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
- 2016-12-002 and as CVE-2016-1254.
- o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha):
- - Stop a crash that could occur when a client running with DNSPort
- received a query with multiple address types, and the first
- address type was not supported. Found and fixed by Scott Dial.
- Fixes bug 18710; bugfix on 0.2.5.4-alpha.
- o Major bugfixes (security, correctness, backport from 0.2.7.4-rc):
- - Fix an error that could cause us to read 4 bytes before the
- beginning of an openssl string. This bug could be used to cause
- Tor to crash on systems with unusual malloc implementations, or
- systems with unusual hardening installed. Fixes bug 17404; bugfix
- on 0.2.3.6-alpha.
- o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha):
- - Avoid a difficult-to-trigger heap corruption attack when extending
- a smartlist to contain over 16GB of pointers. Fixes bug 18162;
- bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely.
- Reported by Guido Vranken.
- o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha):
- - Avoid crashing when running as a DNS proxy. Fixes bug 16248;
- bugfix on 0.2.0.1-alpha. Patch from "cypherpunks".
- o Major bugfixes (guard selection, backport from 0.2.7.6):
- - Actually look at the Guard flag when selecting a new directory
- guard. When we implemented the directory guard design, we
- accidentally started treating all relays as if they have the Guard
- flag during guard selection, leading to weaker anonymity and worse
- performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered
- by Mohsen Imani.
- o Major bugfixes (key management, backport from 0.2.8.3-alpha):
- - If OpenSSL fails to generate an RSA key, do not retain a dangling
- pointer to the previous (uninitialized) key value. The impact here
- should be limited to a difficult-to-trigger crash, if OpenSSL is
- running an engine that makes key generation failures possible, or
- if OpenSSL runs out of memory. Fixes bug 19152; bugfix on
- 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and
- Baishakhi Ray.
- o Major bugfixes (parsing, backported from 0.3.0.4-rc):
- - Fix an integer underflow bug when comparing malformed Tor
- versions. This bug could crash Tor when built with
- --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
- 0.2.9.8, which were built with -ftrapv by default. In other cases
- it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
- on 0.0.8pre1. Found by OSS-Fuzz.
- o Minor features (security, memory erasure, backport from 0.2.8.1-alpha):
- - Make memwipe() do nothing when passed a NULL pointer or buffer of
- zero size. Check size argument to memwipe() for underflow. Fixes
- bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk",
- patch by "teor".
- o Minor features (bug-resistance, backport from 0.2.8.2-alpha):
- - Make Tor survive errors involving connections without a
- corresponding event object. Previously we'd fail with an
- assertion; now we produce a log message. Related to bug 16248.
- o Minor features (geoip):
- - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (compilation, backport from 0.2.7.6):
- - Fix a compilation warning with Clang 3.6: Do not check the
- presence of an address which can never be NULL. Fixes bug 17781.
- Changes in version 0.2.5.13 - 2017-03-03
- Tor 0.2.5.13 backports a number of security fixes from later Tor
- releases. Anybody running Tor 0.2.5.13 or earlier should upgrade to
- this release, if for some reason they cannot upgrade to a later
- release series.
- Note that support for Tor 0.2.5.x is ending next year: we will not issue
- any fixes for the Tor 0.2.5.x series after 1 May 2018. If you need
- a Tor release series with longer-term support, we recommend Tor 0.2.9.x.
- o Directory authority changes (backport from 0.2.8.5-rc):
- - Urras is no longer a directory authority. Closes ticket 19271.
- o Directory authority changes (backport from 0.2.9.2-alpha):
- - The "Tonga" bridge authority has been retired; the new bridge
- authority is "Bifroest". Closes tickets 19728 and 19690.
- o Directory authority key updates (backport from 0.2.8.1-alpha):
- - Update the V3 identity key for the dannenberg directory authority:
- it was changed on 18 November 2015. Closes task 17906. Patch
- by "teor".
- o Major features (security fixes, backport from 0.2.9.4-alpha):
- - Prevent a class of security bugs caused by treating the contents
- of a buffer chunk as if they were a NUL-terminated string. At
- least one such bug seems to be present in all currently used
- versions of Tor, and would allow an attacker to remotely crash
- most Tor instances, especially those compiled with extra compiler
- hardening. With this defense in place, such bugs can't crash Tor,
- though we should still fix them as they occur. Closes ticket
- 20384 (TROVE-2016-10-001).
- o Major bugfixes (parsing, security, backport from 0.2.9.8):
- - Fix a bug in parsing that could cause clients to read a single
- byte past the end of an allocated region. This bug could be used
- to cause hardened clients (built with --enable-expensive-hardening)
- to crash if they tried to visit a hostile hidden service. Non-
- hardened clients are only affected depending on the details of
- their platform's memory allocator. Fixes bug 21018; bugfix on
- 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
- 2016-12-002 and as CVE-2016-1254.
- o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha):
- - Stop a crash that could occur when a client running with DNSPort
- received a query with multiple address types, and the first
- address type was not supported. Found and fixed by Scott Dial.
- Fixes bug 18710; bugfix on 0.2.5.4-alpha.
- o Major bugfixes (security, correctness, backport from 0.2.7.4-rc):
- - Fix an error that could cause us to read 4 bytes before the
- beginning of an openssl string. This bug could be used to cause
- Tor to crash on systems with unusual malloc implementations, or
- systems with unusual hardening installed. Fixes bug 17404; bugfix
- on 0.2.3.6-alpha.
- o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha):
- - Avoid a difficult-to-trigger heap corruption attack when extending
- a smartlist to contain over 16GB of pointers. Fixes bug 18162;
- bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely.
- Reported by Guido Vranken.
- o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha):
- - Avoid crashing when running as a DNS proxy. Fixes bug 16248;
- bugfix on 0.2.0.1-alpha. Patch from "cypherpunks".
- o Major bugfixes (guard selection, backport from 0.2.7.6):
- - Actually look at the Guard flag when selecting a new directory
- guard. When we implemented the directory guard design, we
- accidentally started treating all relays as if they have the Guard
- flag during guard selection, leading to weaker anonymity and worse
- performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered
- by Mohsen Imani.
- o Major bugfixes (key management, backport from 0.2.8.3-alpha):
- - If OpenSSL fails to generate an RSA key, do not retain a dangling
- pointer to the previous (uninitialized) key value. The impact here
- should be limited to a difficult-to-trigger crash, if OpenSSL is
- running an engine that makes key generation failures possible, or
- if OpenSSL runs out of memory. Fixes bug 19152; bugfix on
- 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and
- Baishakhi Ray.
- o Major bugfixes (parsing, backported from 0.3.0.4-rc):
- - Fix an integer underflow bug when comparing malformed Tor
- versions. This bug could crash Tor when built with
- --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
- 0.2.9.8, which were built with -ftrapv by default. In other cases
- it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
- on 0.0.8pre1. Found by OSS-Fuzz.
- o Minor features (security, memory erasure, backport from 0.2.8.1-alpha):
- - Make memwipe() do nothing when passed a NULL pointer or buffer of
- zero size. Check size argument to memwipe() for underflow. Fixes
- bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk",
- patch by "teor".
- o Minor features (bug-resistance, backport from 0.2.8.2-alpha):
- - Make Tor survive errors involving connections without a
- corresponding event object. Previously we'd fail with an
- assertion; now we produce a log message. Related to bug 16248.
- o Minor features (geoip):
- - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (compilation, backport from 0.2.7.6):
- - Fix a compilation warning with Clang 3.6: Do not check the
- presence of an address which can never be NULL. Fixes bug 17781.
- o Minor bugfixes (crypto error-handling, backport from 0.2.7.2-alpha):
- - Check for failures from crypto_early_init, and refuse to continue.
- A previous typo meant that we could keep going with an
- uninitialized crypto library, and would have OpenSSL initialize
- its own PRNG. Fixes bug 16360; bugfix on 0.2.5.2-alpha, introduced
- when implementing ticket 4900. Patch by "teor".
- o Minor bugfixes (hidden service, backport from 0.2.7.1-alpha):
- - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on
- a client authorized hidden service. Fixes bug 15823; bugfix
- on 0.2.1.6-alpha.
- Changes in version 0.2.4.28 - 2017-03-03
- Tor 0.2.4.28 backports a number of security fixes from later Tor
- releases. Anybody running Tor 0.2.4.27 or earlier should upgrade to
- this release, if for some reason they cannot upgrade to a later
- release series.
- Note that support for Tor 0.2.4.x is ending soon: we will not issue
- any fixes for the Tor 0.2.4.x series after 1 August 2017. If you need
- a Tor release series with long-term support, we recommend Tor 0.2.9.x.
- o Directory authority changes (backport from 0.2.8.5-rc):
- - Urras is no longer a directory authority. Closes ticket 19271.
- o Directory authority changes (backport from 0.2.9.2-alpha):
- - The "Tonga" bridge authority has been retired; the new bridge
- authority is "Bifroest". Closes tickets 19728 and 19690.
- o Directory authority key updates (backport from 0.2.8.1-alpha):
- - Update the V3 identity key for the dannenberg directory authority:
- it was changed on 18 November 2015. Closes task 17906. Patch
- by "teor".
- o Major features (security fixes, backport from 0.2.9.4-alpha):
- - Prevent a class of security bugs caused by treating the contents
- of a buffer chunk as if they were a NUL-terminated string. At
- least one such bug seems to be present in all currently used
- versions of Tor, and would allow an attacker to remotely crash
- most Tor instances, especially those compiled with extra compiler
- hardening. With this defense in place, such bugs can't crash Tor,
- though we should still fix them as they occur. Closes ticket
- 20384 (TROVE-2016-10-001).
- o Major bugfixes (parsing, security, backport from 0.2.9.8):
- - Fix a bug in parsing that could cause clients to read a single
- byte past the end of an allocated region. This bug could be used
- to cause hardened clients (built with --enable-expensive-hardening)
- to crash if they tried to visit a hostile hidden service. Non-
- hardened clients are only affected depending on the details of
- their platform's memory allocator. Fixes bug 21018; bugfix on
- 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
- 2016-12-002 and as CVE-2016-1254.
- o Major bugfixes (security, correctness, backport from 0.2.7.4-rc):
- - Fix an error that could cause us to read 4 bytes before the
- beginning of an openssl string. This bug could be used to cause
- Tor to crash on systems with unusual malloc implementations, or
- systems with unusual hardening installed. Fixes bug 17404; bugfix
- on 0.2.3.6-alpha.
- o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha):
- - Avoid a difficult-to-trigger heap corruption attack when extending
- a smartlist to contain over 16GB of pointers. Fixes bug 18162;
- bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely.
- Reported by Guido Vranken.
- o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha):
- - Avoid crashing when running as a DNS proxy. Fixes bug 16248;
- bugfix on 0.2.0.1-alpha. Patch from "cypherpunks".
- o Major bugfixes (guard selection, backport from 0.2.7.6):
- - Actually look at the Guard flag when selecting a new directory
- guard. When we implemented the directory guard design, we
- accidentally started treating all relays as if they have the Guard
- flag during guard selection, leading to weaker anonymity and worse
- performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered
- by Mohsen Imani.
- o Major bugfixes (key management, backport from 0.2.8.3-alpha):
- - If OpenSSL fails to generate an RSA key, do not retain a dangling
- pointer to the previous (uninitialized) key value. The impact here
- should be limited to a difficult-to-trigger crash, if OpenSSL is
- running an engine that makes key generation failures possible, or
- if OpenSSL runs out of memory. Fixes bug 19152; bugfix on
- 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and
- Baishakhi Ray.
- o Major bugfixes (parsing, backported from 0.3.0.4-rc):
- - Fix an integer underflow bug when comparing malformed Tor
- versions. This bug could crash Tor when built with
- --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
- 0.2.9.8, which were built with -ftrapv by default. In other cases
- it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
- on 0.0.8pre1. Found by OSS-Fuzz.
- o Minor features (security, memory erasure, backport from 0.2.8.1-alpha):
- - Make memwipe() do nothing when passed a NULL pointer or buffer of
- zero size. Check size argument to memwipe() for underflow. Fixes
- bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk",
- patch by "teor".
- o Minor features (bug-resistance, backport from 0.2.8.2-alpha):
- - Make Tor survive errors involving connections without a
- corresponding event object. Previously we'd fail with an
- assertion; now we produce a log message. Related to bug 16248.
- o Minor features (DoS-resistance, backport from 0.2.7.1-alpha):
- - Make it harder for attackers to overload hidden services with
- introductions, by blocking multiple introduction requests on the
- same circuit. Resolves ticket 15515.
- o Minor features (geoip):
- - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (compilation, backport from 0.2.7.6):
- - Fix a compilation warning with Clang 3.6: Do not check the
- presence of an address which can never be NULL. Fixes bug 17781.
- o Minor bugfixes (hidden service, backport from 0.2.7.1-alpha):
- - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on
- a client authorized hidden service. Fixes bug 15823; bugfix
- on 0.2.1.6-alpha.
- Changes in version 0.2.9.10 - 2017-03-01
- Tor 0.2.9.10 backports a security fix from later Tor release. It also
- includes fixes for some major issues affecting directory authorities,
- LibreSSL compatibility, and IPv6 correctness.
- The Tor 0.2.9.x release series is now marked as a long-term-support
- series. We intend to backport security fixes to 0.2.9.x until at
- least January of 2020.
- o Major bugfixes (directory authority, 0.3.0.3-alpha):
- - During voting, when marking a relay as a probable sybil, do not
- clear its BadExit flag: sybils can still be bad in other ways
- too. (We still clear the other flags.) Fixes bug 21108; bugfix
- on 0.2.0.13-alpha.
- o Major bugfixes (IPv6 Exits, backport from 0.3.0.3-alpha):
- - Stop rejecting all IPv6 traffic on Exits whose exit policy rejects
- any IPv6 addresses. Instead, only reject a port over IPv6 if the
- exit policy rejects that port on more than an IPv6 /16 of
- addresses. This bug was made worse by 17027 in 0.2.8.1-alpha,
- which rejected a relay's own IPv6 address by default. Fixes bug
- 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha.
- o Major bugfixes (parsing, also in 0.3.0.4-rc):
- - Fix an integer underflow bug when comparing malformed Tor
- versions. This bug could crash Tor when built with
- --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
- 0.2.9.8, which were built with -ftrapv by default. In other cases
- it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
- on 0.0.8pre1. Found by OSS-Fuzz.
- o Minor features (directory authorities, also in 0.3.0.4-rc):
- - Directory authorities now reject descriptors that claim to be
- malformed versions of Tor. Helps prevent exploitation of
- bug 21278.
- - Reject version numbers with components that exceed INT32_MAX.
- Otherwise 32-bit and 64-bit platforms would behave inconsistently.
- Fixes bug 21450; bugfix on 0.0.8pre1.
- o Minor features (geoip):
- - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
- Country database.
- o Minor features (portability, compilation, backport from 0.3.0.3-alpha):
- - Autoconf now checks to determine if OpenSSL structures are opaque,
- instead of explicitly checking for OpenSSL version numbers. Part
- of ticket 21359.
- - Support building with recent LibreSSL code that uses opaque
- structures. Closes ticket 21359.
- o Minor bugfixes (code correctness, also in 0.3.0.4-rc):
- - Repair a couple of (unreachable or harmless) cases of the risky
- comparison-by-subtraction pattern that caused bug 21278.
- o Minor bugfixes (tor-resolve, backport from 0.3.0.3-alpha):
- - The tor-resolve command line tool now rejects hostnames over 255
- characters in length. Previously, it would silently truncate them,
- which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5.
- Patch by "junglefowl".
- Changes in version 0.2.9.9 - 2017-01-23
- Tor 0.2.9.9 fixes a denial-of-service bug where an attacker could
- cause relays and clients to crash, even if they were not built with
- the --enable-expensive-hardening option. This bug affects all 0.2.9.x
- versions, and also affects 0.3.0.1-alpha: all relays running an affected
- version should upgrade.
- This release also resolves a client-side onion service reachability
- bug, and resolves a pair of small portability issues.
- o Major bugfixes (security):
- - Downgrade the "-ftrapv" option from "always on" to "only on when
- --enable-expensive-hardening is provided." This hardening option,
- like others, can turn survivable bugs into crashes -- and having
- it on by default made a (relatively harmless) integer overflow bug
- into a denial-of-service bug. Fixes bug 21278 (TROVE-2017-001);
- bugfix on 0.2.9.1-alpha.
- o Major bugfixes (client, onion service):
- - Fix a client-side onion service reachability bug, where multiple
- socks requests to an onion service (or a single slow request)
- could cause us to mistakenly mark some of the service's
- introduction points as failed, and we cache that failure so
- eventually we run out and can't reach the service. Also resolves a
- mysterious "Remote server sent bogus reason code 65021" log
- warning. The bug was introduced in ticket 17218, where we tried to
- remember the circuit end reason as a uint16_t, which mangled
- negative values. Partially fixes bug 21056 and fixes bug 20307;
- bugfix on 0.2.8.1-alpha.
- o Minor features (geoip):
- - Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (portability):
- - Avoid crashing when Tor is built using headers that contain
- CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel
- without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix
- on 0.2.9.1-alpha.
- - Fix Libevent detection on platforms without Libevent 1 headers
- installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha.
- Changes in version 0.2.8.12 - 2016-12-19
- Tor 0.2.8.12 backports a fix for a medium-severity issue (bug 21018
- below) where Tor clients could crash when attempting to visit a
- hostile hidden service. Clients are recommended to upgrade as packages
- become available for their systems.
- It also includes an updated list of fallback directories, backported
- from 0.2.9.
- Now that the Tor 0.2.9 series is stable, only major bugfixes will be
- backported to 0.2.8 in the future.
- o Major bugfixes (parsing, security, backported from 0.2.9.8):
- - Fix a bug in parsing that could cause clients to read a single
- byte past the end of an allocated region. This bug could be used
- to cause hardened clients (built with --enable-expensive-hardening)
- to crash if they tried to visit a hostile hidden service. Non-
- hardened clients are only affected depending on the details of
- their platform's memory allocator. Fixes bug 21018; bugfix on
- 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
- 2016-12-002 and as CVE-2016-1254.
- o Minor features (fallback directory list, backported from 0.2.9.8):
- - Replace the 81 remaining fallbacks of the 100 originally
- introduced in Tor 0.2.8.3-alpha in March 2016, with a list of 177
- fallbacks (123 new, 54 existing, 27 removed) generated in December
- 2016. Resolves ticket 20170.
- o Minor features (geoip, backported from 0.2.9.7-rc):
- - Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2
- Country database.
- Changes in version 0.2.9.8 - 2016-12-19
- Tor 0.2.9.8 is the first stable release of the Tor 0.2.9 series.
- The Tor 0.2.9 series makes mandatory a number of security features
- that were formerly optional. It includes support for a new shared-
- randomness protocol that will form the basis for next generation
- hidden services, includes a single-hop hidden service mode for
- optimizing .onion services that don't actually want to be hidden,
- tries harder not to overload the directory authorities with excessive
- downloads, and supports a better protocol versioning scheme for
- improved compatibility with other implementations of the Tor protocol.
- And of course, there are numerous other bugfixes and improvements.
- This release also includes a fix for a medium-severity issue (bug
- 21018 below) where Tor clients could crash when attempting to visit a
- hostile hidden service. Clients are recommended to upgrade as packages
- become available for their systems.
- Below are listed the changes since Tor 0.2.8.11. For a list of
- changes since 0.2.9.7-rc, see the ChangeLog file.
- o New system requirements:
- - When building with OpenSSL, Tor now requires version 1.0.1 or
- later. OpenSSL 1.0.0 and earlier are no longer supported by the
- OpenSSL team, and should not be used. Closes ticket 20303.
- - Tor now requires Libevent version 2.0.10-stable or later. Older
- versions of Libevent have less efficient backends for several
- platforms, and lack the DNS code that we use for our server-side
- DNS support. This implements ticket 19554.
- - Tor now requires zlib version 1.2 or later, for security,
- efficiency, and (eventually) gzip support. (Back when we started,
- zlib 1.1 and zlib 1.0 were still found in the wild. 1.2 was
- released in 2003. We recommend the latest version.)
- o Deprecated features:
- - A number of DNS-cache-related sub-options for client ports are now
- deprecated for security reasons, and may be removed in a future
- version of Tor. (We believe that client-side DNS caching is a bad
- idea for anonymity, and you should not turn it on.) The options
- are: CacheDNS, CacheIPv4DNS, CacheIPv6DNS, UseDNSCache,
- UseIPv4Cache, and UseIPv6Cache.
- - A number of options are deprecated for security reasons, and may
- be removed in a future version of Tor. The options are:
- AllowDotExit, AllowInvalidNodes, AllowSingleHopCircuits,
- AllowSingleHopExits, ClientDNSRejectInternalAddresses,
- CloseHSClientCircuitsImmediatelyOnTimeout,
- CloseHSServiceRendCircuitsImmediatelyOnTimeout,
- ExcludeSingleHopRelays, FastFirstHopPK, TLSECGroup,
- UseNTorHandshake, and WarnUnsafeSocks.
- - The *ListenAddress options are now deprecated as unnecessary: the
- corresponding *Port options should be used instead. These options
- may someday be removed. The affected options are:
- ControlListenAddress, DNSListenAddress, DirListenAddress,
- NATDListenAddress, ORListenAddress, SocksListenAddress,
- and TransListenAddress.
- o Major bugfixes (parsing, security, new since 0.2.9.7-rc):
- - Fix a bug in parsing that could cause clients to read a single
- byte past the end of an allocated region. This bug could be used
- to cause hardened clients (built with --enable-expensive-hardening)
- to crash if they tried to visit a hostile hidden service. Non-
- hardened clients are only affected depending on the details of
- their platform's memory allocator. Fixes bug 21018; bugfix on
- 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
- 2016-12-002 and as CVE-2016-1254.
- o Major features (build, hardening):
- - Tor now builds with -ftrapv by default on compilers that support
- it. This option detects signed integer overflow (which C forbids),
- and turns it into a hard-failure. We do not apply this option to
- code that needs to run in constant time to avoid side-channels;
- instead, we use -fwrapv in that code. Closes ticket 17983.
- - When --enable-expensive-hardening is selected, stop applying the
- clang/gcc sanitizers to code that needs to run in constant time.
- Although we are aware of no introduced side-channels, we are not
- able to prove that there are none. Related to ticket 17983.
- o Major features (circuit building, security):
- - Authorities, relays, and clients now require ntor keys in all
- descriptors, for all hops (except for rare hidden service protocol
- cases), for all circuits, and for all other roles. Part of
- ticket 19163.
- - Authorities, relays, and clients only use ntor, except for
- rare cases in the hidden service protocol. Part of ticket 19163.
- o Major features (compilation):
- - Our big list of extra GCC warnings is now enabled by default when
- building with GCC (or with anything like Clang that claims to be
- GCC-compatible). To make all warnings into fatal compilation
- errors, pass --enable-fatal-warnings to configure. Closes
- ticket 19044.
- - Use the Autoconf macro AC_USE_SYSTEM_EXTENSIONS to automatically
- turn on C and POSIX extensions. (Previously, we attempted to do
- this on an ad hoc basis.) Closes ticket 19139.
- o Major features (directory authorities, hidden services):
- - Directory authorities can now perform the shared randomness
- protocol specified by proposal 250. Using this protocol, directory
- authorities generate a global fresh random value every day. In the
- future, this value will be used by hidden services to select
- HSDirs. This release implements the directory authority feature;
- the hidden service side will be implemented in the future as part
- of proposal 224. Resolves ticket 16943; implements proposal 250.
- o Major features (downloading, random exponential backoff):
- - When we fail to download an object from a directory service, wait
- for an (exponentially increasing) randomized amount of time before
- retrying, rather than a fixed interval as we did before. This
- prevents a group of Tor instances from becoming too synchronized,
- or a single Tor instance from becoming too predictable, in its
- download schedule. Closes ticket 15942.
- o Major features (resource management):
- - Tor can now notice it is about to run out of sockets, and
- preemptively close connections of lower priority. (This feature is
- off by default for now, since the current prioritizing method is
- yet not mature enough. You can enable it by setting
- "DisableOOSCheck 0", but watch out: it might close some sockets
- you would rather have it keep.) Closes ticket 18640.
- o Major features (single-hop "hidden" services):
- - Add experimental HiddenServiceSingleHopMode and
- HiddenServiceNonAnonymousMode options. When both are set to 1,
- every hidden service on that Tor instance becomes a non-anonymous
- Single Onion Service. Single Onions make one-hop (direct)
- connections to their introduction and rendezvous points. One-hop
- circuits make Single Onion servers easily locatable, but clients
- remain location-anonymous. This is compatible with the existing
- hidden service implementation, and works on the current Tor
- network without any changes to older relays or clients. Implements
- proposal 260, completes ticket 17178. Patch by teor and asn.
- o Major features (subprotocol versions):
- - Tor directory authorities now vote on a set of recommended
- "subprotocol versions", and on a set of required subprotocol
- versions. Clients and relays that lack support for a _required_
- subprotocol version will not start; those that lack support for a
- _recommended_ subprotocol version will warn the user to upgrade.
- This change allows compatible implementations of the Tor protocol(s)
- to exist without pretending to be 100% bug-compatible with
- particular releases of Tor itself. Closes ticket 19958; implements
- part of proposal 264.
- o Major bugfixes (circuit building):
- - Hidden service client-to-intro-point and service-to-rendezvous-
- point circuits use the TAP key supplied by the protocol, to avoid
- epistemic attacks. Fixes bug 19163; bugfix on 0.2.4.18-rc.
- o Major bugfixes (download scheduling):
- - Avoid resetting download status for consensuses hourly, since we
- already have another, smarter retry mechanism. Fixes bug 8625;
- bugfix on 0.2.0.9-alpha.
- - If a consensus expires while we are waiting for certificates to
- download, stop waiting for certificates.
- - If we stop waiting for certificates less than a minute after we
- started downloading them, do not consider the certificate download
- failure a separate failure. Fixes bug 20533; bugfix
- on 0.2.0.9-alpha.
- - When using exponential backoff in test networks, use a lower
- exponent, so the delays do not vary as much. This helps test
- networks bootstrap consistently. Fixes bug 20597; bugfix on 20499.
- o Major bugfixes (exit policies):
- - Avoid disclosing exit outbound bind addresses, configured port
- bind addresses, and local interface addresses in relay descriptors
- by default under ExitPolicyRejectPrivate. Instead, only reject
- these (otherwise unlisted) addresses if
- ExitPolicyRejectLocalInterfaces is set. Fixes bug 18456; bugfix on
- 0.2.7.2-alpha. Patch by teor.
- o Major bugfixes (hidden services):
- - Allow Tor clients with appropriate controllers to work with
- FetchHidServDescriptors set to 0. Previously, this option also
- disabled descriptor cache lookup, thus breaking hidden services
- entirely. Fixes bug 18704; bugfix on 0.2.0.20-rc. Patch by "twim".
- - Clients now require hidden services to include the TAP keys for
- their intro points in the hidden service descriptor. This prevents
- an inadvertent upgrade to ntor, which a malicious hidden service
- could use to distinguish clients by consensus version. Fixes bug
- 20012; bugfix on 0.2.4.8-alpha. Patch by teor.
- o Major bugfixes (relay, resolver, logging):
- - For relays that don't know their own address, avoid attempting a
- local hostname resolve for each descriptor we download. This
- will cut down on the number of "Success: chose address 'x.x.x.x'"
- log lines, and also avoid confusing clock jumps if the resolver
- is slow. Fixes bugs 20423 and 20610; bugfix on 0.2.8.1-alpha.
- o Minor features (port flags):
- - Add new flags to the *Port options to give finer control over which
- requests are allowed. The flags are NoDNSRequest, NoOnionTraffic,
- and the synthetic flag OnionTrafficOnly, which is equivalent to
- NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. Closes enhancement
- 18693; patch by "teor".
- o Minor features (build, hardening):
- - Detect and work around a libclang_rt problem that would prevent
- clang from finding __mulodi4() on some 32-bit platforms, and thus
- keep -ftrapv from linking on those systems. Closes ticket 19079.
- - When building on a system without runtime support for the runtime
- hardening options, try to log a useful warning at configuration
- time, rather than an incomprehensible warning at link time. If
- expensive hardening was requested, this warning becomes an error.
- Closes ticket 18895.
- o Minor features (client, directory):
- - Since authorities now omit all routers that lack the Running and
- Valid flags, we assume that any relay listed in the consensus must
- have those flags. Closes ticket 20001; implements part of
- proposal 272.
- o Minor features (code safety):
- - In our integer-parsing functions, ensure that the maximum value we
- allow is no smaller than the minimum value. Closes ticket 19063;
- patch from "U+039b".
- o Minor features (compilation, portability):
- - Compile correctly on MacOS 10.12 (aka "Sierra"). Closes
- ticket 20241.
- o Minor features (config):
- - Warn users when descriptor and port addresses are inconsistent.
- Mitigates bug 13953; patch by teor.
- o Minor features (controller):
- - Allow controllers to configure basic client authorization on
- hidden services when they create them with the ADD_ONION controller
- command. Implements ticket 15588. Patch by "special".
- - Fire a STATUS_SERVER controller event whenever the hibernation
- status changes between "awake"/"soft"/"hard". Closes ticket 18685.
- - Implement new GETINFO queries for all downloads that use
- download_status_t to schedule retries. This allows controllers to
- examine the schedule for pending downloads. Closes ticket 19323.
- o Minor features (development tools, etags):
- - Teach the "make tags" Makefile target how to correctly find
- "MOCK_IMPL" function definitions. Patch from nherring; closes
- ticket 16869.
- o Minor features (directory authority):
- - After voting, if the authorities decide that a relay is not
- "Valid", they no longer include it in the consensus at all. Closes
- ticket 20002; implements part of proposal 272.
- - Directory authorities now only give the Guard flag to a relay if
- they are also giving it the Stable flag. This change allows us to
- simplify path selection for clients. It should have minimal effect
- in practice, since >99% of Guards already have the Stable flag.
- Implements ticket 18624.
- - Directory authorities now write their v3-status-votes file out to
- disk earlier in the consensus process, so we have a record of the
- votes even if we abort the consensus process. Resolves
- ticket 19036.
- o Minor features (fallback directory list, new since 0.2.9.7-rc):
- - Replace the 81 remaining fallbacks of the 100 originally
- introduced in Tor 0.2.8.3-alpha in March 2016, with a list of 177
- fallbacks (123 new, 54 existing, 27 removed) generated in December
- 2016. Resolves ticket 20170.
- o Minor features (hidden service):
- - Stop being so strict about the payload length of "rendezvous1"
- cells. We used to be locked in to the "TAP" handshake length, and
- now we can handle better handshakes like "ntor". Resolves
- ticket 18998.
- o Minor features (infrastructure, time):
- - Tor now includes an improved timer backend, so that we can
- efficiently support tens or hundreds of thousands of concurrent
- timers, as will be needed for some of our planned anti-traffic-
- analysis work. This code is based on William Ahern's "timeout.c"
- project, which implements a "tickless hierarchical timing wheel".
- Closes ticket 18365.
- - Tor now uses the operating system's monotonic timers (where
- available) for internal fine-grained timing. Previously we would
- look at the system clock, and then attempt to compensate for the
- clock running backwards. Closes ticket 18908.
- o Minor features (logging):
- - Add a set of macros to check nonfatal assertions, for internal
- use. Migrating more of our checks to these should help us avoid
- needless crash bugs. Closes ticket 18613.
- - Provide a more useful warning message when configured with an
- invalid Nickname. Closes ticket 18300; patch from "icanhasaccount".
- - When dumping unparseable router descriptors, optionally store them
- in separate files, named by digest, up to a configurable size
- limit. You can change the size limit by setting the
- MaxUnparseableDescSizeToLog option, and disable this feature by
- setting that option to 0. Closes ticket 18322.
- o Minor features (performance):
- - Change the "optimistic data" extension from "off by default" to
- "on by default". The default was ordinarily overridden by a
- consensus option, but when clients were bootstrapping for the
- first time, they would not have a consensus to get the option
- from. Changing this default saves a round-trip during startup.
- Closes ticket 18815.
- o Minor features (relay, usability):
- - When the directory authorities refuse a bad relay's descriptor,
- encourage the relay operator to contact us. Many relay operators
- won't notice this line in their logs, but it's a win if even a few
- learn why we don't like what their relay was doing. Resolves
- ticket 18760.
- o Minor features (security, TLS):
- - Servers no longer support clients that lack AES ciphersuites.
- (3DES is no longer considered an acceptable cipher.) We believe
- that no such Tor clients currently exist, since Tor has required
- OpenSSL 0.9.7 or later since 2009. Closes ticket 19998.
- o Minor features (testing):
- - Disable memory protections on OpenBSD when performing our unit
- tests for memwipe(). The test deliberately invokes undefined
- behavior, and the OpenBSD protections interfere with this. Patch
- from "rubiate". Closes ticket 20066.
- - Move the test-network.sh script to chutney, and modify tor's test-
- network.sh to call the (newer) chutney version when available.
- Resolves ticket 19116. Patch by teor.
- - Use the lcov convention for marking lines as unreachable, so that
- we don't count them when we're generating test coverage data.
- Update our coverage tools to understand this convention. Closes
- ticket 16792.
- - Our link-handshake unit tests now check that when invalid
- handshakes fail, they fail with the error messages we expected.
- - Our unit testing code that captures log messages no longer
- prevents them from being written out if the user asked for them
- (by passing --debug or --info or --notice or --warn to the "test"
- binary). This change prevents us from missing unexpected log
- messages simply because we were looking for others. Related to
- ticket 19999.
- - The unit tests now log all warning messages with the "BUG" flag.
- Previously, they only logged errors by default. This change will
- help us make our testing code more correct, and make sure that we
- only hit this code when we mean to. In the meantime, however,
- there will be more warnings in the unit test logs than before.
- This is preparatory work for ticket 19999.
- - The unit tests now treat any failure of a "tor_assert_nonfatal()"
- assertion as a test failure.
- - We've done significant work to make the unit tests run faster.
- o Minor features (testing, ipv6):
- - Add the hs-ipv6 chutney target to make test-network-all's IPv6
- tests. Remove bridges+hs, as it's somewhat redundant. This
- requires a recent chutney version that supports IPv6 clients,
- relays, and authorities. Closes ticket 20069; patch by teor.
- - Add the single-onion and single-onion-ipv6 chutney targets to
- "make test-network-all". This requires a recent chutney version
- with the single onion network flavors (git c72a652 or later).
- Closes ticket 20072; patch by teor.
- o Minor features (Tor2web):
- - Make Tor2web clients respect ReachableAddresses. This feature was
- inadvertently enabled in 0.2.8.6, then removed by bugfix 19973 on
- 0.2.8.7. Implements feature 20034. Patch by teor.
- o Minor features (unix domain sockets):
- - When configuring a unix domain socket for a SocksPort,
- ControlPort, or Hidden service, you can now wrap the address in
- quotes, using C-style escapes inside the quotes. This allows unix
- domain socket paths to contain spaces. Resolves ticket 18753.
- o Minor features (user interface):
- - Tor now supports the ability to declare options deprecated, so
- that we can recommend that people stop using them. Previously, this
- was done in an ad-hoc way. There is a new --list-deprecated-options
- command-line option to list all of the deprecated options. Closes
- ticket 19820.
- o Minor features (virtual addresses):
- - Increase the maximum number of bits for the IPv6 virtual network
- prefix from 16 to 104. In this way, the condition for address
- allocation is less restrictive. Closes ticket 20151; feature
- on 0.2.4.7-alpha.
- o Minor bug fixes (circuits):
- - Use the CircuitBuildTimeout option whenever
- LearnCircuitBuildTimeout is disabled. Previously, we would respect
- the option when a user disabled it, but not when it was disabled
- because some other option was set. Fixes bug 20073; bugfix on
- 0.2.4.12-alpha. Patch by teor.
- o Minor bugfixes (build):
- - The current Git revision when building from a local repository is
- now detected correctly when using git worktrees. Fixes bug 20492;
- bugfix on 0.2.3.9-alpha.
- o Minor bugfixes (relay address discovery):
- - Stop reordering IP addresses returned by the OS. This makes it
- more likely that Tor will guess the same relay IP address every
- time. Fixes issue 20163; bugfix on 0.2.7.1-alpha, ticket 17027.
- Reported by René Mayrhofer, patch by "cypherpunks".
- o Minor bugfixes (memory allocation):
- - Change how we allocate memory for large chunks on buffers, to
- avoid a (currently impossible) integer overflow, and to waste less
- space when allocating unusually large chunks. Fixes bug 20081;
- bugfix on 0.2.0.16-alpha. Issue identified by Guido Vranken.
- o Minor bugfixes (bootstrap):
- - Remember the directory server we fetched the consensus or previous
- certificates from, and use it to fetch future authority
- certificates. This change improves bootstrapping performance.
- Fixes bug 18963; bugfix on 0.2.8.1-alpha.
- o Minor bugfixes (circuits):
- - Make sure extend_info_from_router() is only called on servers.
- Fixes bug 19639; bugfix on 0.2.8.1-alpha.
- o Minor bugfixes (client, fascistfirewall):
- - Avoid spurious warnings when ReachableAddresses or FascistFirewall
- is set. Fixes bug 20306; bugfix on 0.2.8.2-alpha.
- o Minor bugfixes (client, unix domain sockets):
- - Disable IsolateClientAddr when using AF_UNIX backed SocksPorts as
- the client address is meaningless. Fixes bug 20261; bugfix
- on 0.2.6.3-alpha.
- o Minor bugfixes (code style):
- - Fix an integer signedness conversion issue in the case conversion
- tables. Fixes bug 19168; bugfix on 0.2.1.11-alpha.
- o Minor bugfixes (compilation):
- - Build correctly on versions of libevent2 without support for
- evutil_secure_rng_add_bytes(). Fixes bug 19904; bugfix
- on 0.2.5.4-alpha.
- - When building with Clang, use a full set of GCC warnings.
- (Previously, we included only a subset, because of the way we
- detected them.) Fixes bug 19216; bugfix on 0.2.0.1-alpha.
- - Detect Libevent2 functions correctly on systems that provide
- libevent2, but where libevent1 is linked with -levent. Fixes bug
- 19904; bugfix on 0.2.2.24-alpha. Patch from Rubiate.
- - Run correctly when built on Windows build environments that
- require _vcsprintf(). Fixes bug 20560; bugfix on 0.2.2.11-alpha.
- o Minor bugfixes (configuration):
- - When parsing quoted configuration values from the torrc file,
- handle Windows line endings correctly. Fixes bug 19167; bugfix on
- 0.2.0.16-alpha. Patch from "Pingl".
- o Minor bugfixes (directory authority):
- - Authorities now sort the "package" lines in their votes, for ease
- of debugging. (They are already sorted in consensus documents.)
- Fixes bug 18840; bugfix on 0.2.6.3-alpha.
- - Die with a more useful error when the operator forgets to place
- the authority_signing_key file into the keys directory. This
- avoids an uninformative assert & traceback about having an invalid
- key. Fixes bug 20065; bugfix on 0.2.0.1-alpha.
- - When allowing private addresses, mark Exits that only exit to
- private locations as such. Fixes bug 20064; bugfix
- on 0.2.2.9-alpha.
- - When parsing a detached signature, make sure we use the length of
- the digest algorithm instead of a hardcoded DIGEST256_LEN in
- order to avoid comparing bytes out-of-bounds with a smaller digest
- length such as SHA1. Fixes bug 19066; bugfix on 0.2.2.6-alpha.
- o Minor bugfixes (getpass):
- - Defensively fix a non-triggerable heap corruption at do_getpass()
- to protect ourselves from mistakes in the future. Fixes bug
- 19223; bugfix on 0.2.7.3-rc. Bug found by Guido Vranken, patch
- by nherring.
- o Minor bugfixes (guard selection):
- - Don't mark guards as unreachable if connection_connect() fails.
- That function fails for local reasons, so it shouldn't reveal
- anything about the status of the guard. Fixes bug 14334; bugfix
- on 0.2.3.10-alpha.
- - Use a single entry guard even if the NumEntryGuards consensus
- parameter is not provided. Fixes bug 17688; bugfix
- on 0.2.5.6-alpha.
- o Minor bugfixes (hidden services):
- - Increase the minimum number of internal circuits we preemptively
- build from 2 to 3, so a circuit is available when a client
- connects to another onion service. Fixes bug 13239; bugfix
- on 0.1.0.1-rc.
- - Allow hidden services to run on IPv6 addresses even when the
- IPv6Exit option is not set. Fixes bug 18357; bugfix
- on 0.2.4.7-alpha.
- - Stop logging intro point details to the client log on certain
- error conditions. Fixed as part of bug 20012; bugfix on
- 0.2.4.8-alpha. Patch by teor.
- - When deleting an ephemeral hidden service, close its intro points
- even if they are not completely open. Fixes bug 18604; bugfix
- on 0.2.7.1-alpha.
- - When configuring hidden services, check every hidden service
- directory's permissions. Previously, we only checked the last
- hidden service. Fixes bug 20529; bugfix on 0.2.6.2-alpha.
- o Minor bugfixes (IPv6, testing):
- - Check for IPv6 correctly on Linux when running test networks.
- Fixes bug 19905; bugfix on 0.2.7.3-rc; patch by teor.
- o Minor bugfixes (Linux seccomp2 sandbox):
- - Add permission to run the sched_yield() and sigaltstack() system
- calls, in order to support versions of Tor compiled with asan or
- ubsan code that use these calls. Now "sandbox 1" and
- "--enable-expensive-hardening" should be compatible on more
- systems. Fixes bug 20063; bugfix on 0.2.5.1-alpha.
- o Minor bugfixes (logging):
- - Downgrade a harmless log message about the
- pending_entry_connections list from "warn" to "info". Mitigates
- bug 19926.
- - Log a more accurate message when we fail to dump a microdescriptor.
- Fixes bug 17758; bugfix on 0.2.2.8-alpha. Patch from Daniel Pinto.
- - When logging a directory ownership mismatch, log the owning
- username correctly. Fixes bug 19578; bugfix on 0.2.2.29-beta.
- - When we are unable to remove the bw_accounting file, do not warn
- if the reason we couldn't remove it was that it didn't exist.
- Fixes bug 19964; bugfix on 0.2.5.4-alpha. Patch from pastly.
- o Minor bugfixes (memory leak):
- - Fix a series of slow memory leaks related to parsing torrc files
- and options. Fixes bug 19466; bugfix on 0.2.1.6-alpha.
- - Avoid a small memory leak when informing worker threads about
- rotated onion keys. Fixes bug 20401; bugfix on 0.2.6.3-alpha.
- - Fix a small memory leak when receiving AF_UNIX connections on a
- SocksPort. Fixes bug 20716; bugfix on 0.2.6.3-alpha.
- - When moving a signed descriptor object from a source to an
- existing destination, free the allocated memory inside that
- destination object. Fixes bug 20715; bugfix on 0.2.8.3-alpha.
- - Fix a memory leak and use-after-free error when removing entries
- from the sandbox's getaddrinfo() cache. Fixes bug 20710; bugfix on
- 0.2.5.5-alpha. Patch from "cypherpunks".
- - Fix a small, uncommon memory leak that could occur when reading a
- truncated ed25519 key file. Fixes bug 18956; bugfix
- on 0.2.6.1-alpha.
- o Minor bugfixes (option parsing):
- - Count unix sockets when counting client listeners (SOCKS, Trans,
- NATD, and DNS). This has no user-visible behavior changes: these
- options are set once, and never read. Required for correct
- behavior in ticket 17178. Fixes bug 19677; bugfix on
- 0.2.6.3-alpha. Patch by teor.
- o Minor bugfixes (options):
- - Check the consistency of UseEntryGuards and EntryNodes more
- reliably. Fixes bug 20074; bugfix on 0.2.4.12-alpha. Patch
- by teor.
- - Stop changing the configured value of UseEntryGuards on
- authorities and Tor2web clients. Fixes bug 20074; bugfix on
- commits 51fc6799 in 0.1.1.16-rc and acda1735 in 0.2.4.3-alpha.
- Patch by teor.
- o Minor bugfixes (relay):
- - Ensure relays don't make multiple connections during bootstrap.
- Fixes bug 20591; bugfix on 0.2.8.1-alpha.
- - Do not try to parallelize workers more than 16x without the user
- explicitly configuring us to do so, even if we do detect more than
- 16 CPU cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha.
- o Minor bugfixes (testing):
- - The test-stem and test-network makefile targets now depend only on
- the tor binary that they are testing. Previously, they depended on
- "make all". Fixes bug 18240; bugfix on 0.2.8.2-alpha. Based on a
- patch from "cypherpunks".
- - Allow clients to retry HSDirs much faster in test networks. Fixes
- bug 19702; bugfix on 0.2.7.1-alpha. Patch by teor.
- - Avoid a unit test failure on systems with over 16 detectable CPU
- cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha.
- - Let backtrace tests work correctly under AddressSanitizer:
- disable ASAN's detection of segmentation faults while running
- test_bt.sh, so that we can make sure that our own backtrace
- generation code works. Fixes bug 18934; bugfix
- on 0.2.5.2-alpha. Patch from "cypherpunks".
- - Fix the test-network-all target on out-of-tree builds by using the
- correct path to the test driver script. Fixes bug 19421; bugfix
- on 0.2.7.3-rc.
- - Stop spurious failures in the local interface address discovery
- unit tests. Fixes bug 20634; bugfix on 0.2.8.1-alpha; patch by
- Neel Chauhan.
- - Use ECDHE ciphers instead of ECDH in tortls tests. LibreSSL has
- removed the ECDH ciphers which caused the tests to fail on
- platforms which use it. Fixes bug 20460; bugfix on 0.2.8.1-alpha.
- - The tor_tls_server_info_callback unit test no longer crashes when
- debug-level logging is turned on. Fixes bug 20041; bugfix
- on 0.2.8.1-alpha.
- o Minor bugfixes (time):
- - Improve overflow checks in tv_udiff and tv_mdiff. Fixes bug 19483;
- bugfix on all released tor versions.
- - When computing the difference between two times in milliseconds,
- we now round to the nearest millisecond correctly. Previously, we
- could sometimes round in the wrong direction. Fixes bug 19428;
- bugfix on 0.2.2.2-alpha.
- o Minor bugfixes (Tor2web):
- - Prevent Tor2web clients from running hidden services: these services
- are not anonymous due to the one-hop client paths. Fixes bug
- 19678. Patch by teor.
- o Minor bugfixes (user interface):
- - Display a more accurate number of suppressed messages in the log
- rate-limiter. Previously, there was a potential integer overflow
- in the counter. Now, if the number of messages hits a maximum, the
- rate-limiter doesn't count any further. Fixes bug 19435; bugfix
- on 0.2.4.11-alpha.
- - Fix a typo in the passphrase prompt for the ed25519 identity key.
- Fixes bug 19503; bugfix on 0.2.7.2-alpha.
- o Code simplification and refactoring:
- - Remove redundant declarations of the MIN macro. Closes
- ticket 18889.
- - Rename tor_dup_addr() to tor_addr_to_str_dup() to avoid confusion.
- Closes ticket 18462; patch from "icanhasaccount".
- - Split the 600-line directory_handle_command_get function into
- separate functions for different URL types. Closes ticket 16698.
- o Documentation:
- - Add module-level internal documentation for 36 C files that
- previously didn't have a high-level overview. Closes ticket 20385.
- - Correct the IPv6 syntax in our documentation for the
- VirtualAddrNetworkIPv6 torrc option. Closes ticket 19743.
- - Correct the minimum bandwidth value in torrc.sample, and queue a
- corresponding change for torrc.minimal. Closes ticket 20085.
- - Fix spelling of "--enable-tor2web-mode" in the manpage. Closes
- ticket 19153. Patch from "U+039b".
- - Module-level documentation for several more modules. Closes
- tickets 19287 and 19290.
- - Document the --passphrase-fd option in the tor manpage. Fixes bug
- 19504; bugfix on 0.2.7.3-rc.
- - Document the default PathsNeededToBuildCircuits value that's used
- by clients when the directory authorities don't set
- min_paths_for_circs_pct. Fixes bug 20117; bugfix on 0.2.4.10-alpha.
- Patch by teor, reported by Jesse V.
- - Fix manual for the User option: it takes a username, not a UID.
- Fixes bug 19122; bugfix on 0.0.2pre16 (the first version to have
- a manpage!).
- - Fix the description of the --passphrase-fd option in the
- tor-gencert manpage. The option is used to pass the number of a
- file descriptor to read the passphrase from, not to read the file
- descriptor from. Fixes bug 19505; bugfix on 0.2.0.20-alpha.
- o Removed code:
- - We no longer include the (dead, deprecated) bufferevent code in
- Tor. Closes ticket 19450. Based on a patch from "U+039b".
- o Removed features:
- - Remove support for "GET /tor/bytes.txt" DirPort request, and
- "GETINFO dir-usage" controller request, which were only available
- via a compile-time option in Tor anyway. Feature was added in
- 0.2.2.1-alpha. Resolves ticket 19035.
- - There is no longer a compile-time option to disable support for
- TransPort. (If you don't want TransPort, just don't use it.) Patch
- from "U+039b". Closes ticket 19449.
- o Testing:
- - Run more workqueue tests as part of "make check". These had
- previously been implemented, but you needed to know special
- command-line options to enable them.
- - We now have unit tests for our code to reject zlib "compression
- bombs". (Fortunately, the code works fine.)
- Changes in version 0.2.8.11 - 2016-12-08
- Tor 0.2.8.11 backports fixes for additional portability issues that
- could prevent Tor from building correctly on OSX Sierra, or with
- OpenSSL 1.1. Affected users should upgrade; others can safely stay
- with 0.2.8.10.
- o Minor bugfixes (portability):
- - Avoid compilation errors when building on OSX Sierra. Sierra began
- to support the getentropy() and clock_gettime() APIs, but created
- a few problems in doing so. Tor 0.2.9 has a more thorough set of
- workarounds; in 0.2.8, we are just using the /dev/urandom and mach
- monotonic time interfaces. Fixes bug 20865. Bugfix
- on 0.2.8.1-alpha.
- o Minor bugfixes (portability, backport from 0.2.9.5-alpha):
- - Fix compilation with OpenSSL 1.1 and less commonly-used CPU
- architectures. Closes ticket 20588.
- Changes in version 0.2.8.10 - 2016-12-02
- Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients
- unusable after they left standby mode. It also backports fixes for
- a few portability issues and a small but problematic memory leak.
- o Major bugfixes (client reliability, backport from 0.2.9.5-alpha):
- - When Tor leaves standby because of a new application request, open
- circuits as needed to serve that request. Previously, we would
- potentially wait a very long time. Fixes part of bug 19969; bugfix
- on 0.2.8.1-alpha.
- o Major bugfixes (client performance, backport from 0.2.9.5-alpha):
- - Clients now respond to new application stream requests immediately
- when they arrive, rather than waiting up to one second before
- starting to handle them. Fixes part of bug 19969; bugfix
- on 0.2.8.1-alpha.
- o Minor bugfixes (portability, backport from 0.2.9.6-rc):
- - Work around a bug in the OSX 10.12 SDK that would prevent us from
- successfully targeting earlier versions of OSX. Resolves
- ticket 20235.
- o Minor bugfixes (portability, backport from 0.2.9.5-alpha):
- - Fix implicit conversion warnings under OpenSSL 1.1. Fixes bug
- 20551; bugfix on 0.2.1.1-alpha.
- o Minor bugfixes (relay, backport from 0.2.9.5-alpha):
- - Work around a memory leak in OpenSSL 1.1 when encoding public
- keys. Fixes bug 20553; bugfix on 0.0.2pre8.
- o Minor features (geoip):
- - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2
- Country database.
- Changes in version 0.2.8.9 - 2016-10-17
- Tor 0.2.8.9 backports a fix for a security hole in previous versions
- of Tor that would allow a remote attacker to crash a Tor client,
- hidden service, relay, or authority. All Tor users should upgrade to
- this version, or to 0.2.9.4-alpha. Patches will be released for older
- versions of Tor.
- o Major features (security fixes, also in 0.2.9.4-alpha):
- - Prevent a class of security bugs caused by treating the contents
- of a buffer chunk as if they were a NUL-terminated string. At
- least one such bug seems to be present in all currently used
- versions of Tor, and would allow an attacker to remotely crash
- most Tor instances, especially those compiled with extra compiler
- hardening. With this defense in place, such bugs can't crash Tor,
- though we should still fix them as they occur. Closes ticket
- 20384 (TROVE-2016-10-001).
- o Minor features (geoip):
- - Update geoip and geoip6 to the October 4 2016 Maxmind GeoLite2
- Country database.
- Changes in version 0.2.8.8 - 2016-09-23
- Tor 0.2.8.8 fixes two crash bugs present in previous versions of the
- 0.2.8.x series. Relays running 0.2.8.x should upgrade, as should users
- who select public relays as their bridges.
- o Major bugfixes (crash):
- - Fix a complicated crash bug that could affect Tor clients
- configured to use bridges when replacing a networkstatus consensus
- in which one of their bridges was mentioned. OpenBSD users saw
- more crashes here, but all platforms were potentially affected.
- Fixes bug 20103; bugfix on 0.2.8.2-alpha.
- o Major bugfixes (relay, OOM handler):
- - Fix a timing-dependent assertion failure that could occur when we
- tried to flush from a circuit after having freed its cells because
- of an out-of-memory condition. Fixes bug 20203; bugfix on
- 0.2.8.1-alpha. Thanks to "cypherpunks" for help diagnosing
- this one.
- o Minor feature (fallback directories):
- - Remove broken fallbacks from the hard-coded fallback directory
- list. Closes ticket 20190; patch by teor.
- o Minor features (geoip):
- - Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2
- Country database.
- Changes in version 0.2.8.7 - 2016-08-24
- Tor 0.2.8.7 fixes an important bug related to the ReachableAddresses
- option in 0.2.8.6, and replaces a retiring bridge authority. Everyone
- who sets the ReachableAddresses option, and all bridges, are strongly
- encouraged to upgrade.
- o Directory authority changes:
- - The "Tonga" bridge authority has been retired; the new bridge
- authority is "Bifroest". Closes tickets 19728 and 19690.
- o Major bugfixes (client, security):
- - Only use the ReachableAddresses option to restrict the first hop
- in a path. In earlier versions of 0.2.8.x, it would apply to
- every hop in the path, with a possible degradation in anonymity
- for anyone using an uncommon ReachableAddress setting. Fixes bug
- 19973; bugfix on 0.2.8.2-alpha.
- o Minor features (geoip):
- - Update geoip and geoip6 to the August 2 2016 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (compilation):
- - Remove an inappropriate "inline" in tortls.c that was causing
- warnings on older versions of GCC. Fixes bug 19903; bugfix
- on 0.2.8.1-alpha.
- o Minor bugfixes (fallback directories):
- - Avoid logging a NULL string pointer when loading fallback
- directory information. Fixes bug 19947; bugfix on 0.2.4.7-alpha
- and 0.2.8.1-alpha. Report and patch by "rubiate".
- Changes in version 0.2.8.6 - 2016-08-02
- Tor 0.2.8.6 is the first stable version of the Tor 0.2.8 series.
- The Tor 0.2.8 series improves client bootstrapping performance,
- completes the authority-side implementation of improved identity
- keys for relays, and includes numerous bugfixes and performance
- improvements throughout the program. This release continues to
- improve the coverage of Tor's test suite. For a full list of
- changes since Tor 0.2.7, see the ReleaseNotes file.
- Below is a list of the changes since Tor 0.2.7.
- o New system requirements:
- - Tor no longer attempts to support platforms where the "time_t"
- type is unsigned. (To the best of our knowledge, only OpenVMS does
- this, and Tor has never actually built on OpenVMS.) Closes
- ticket 18184.
- - Tor no longer supports versions of OpenSSL with a broken
- implementation of counter mode. (This bug was present in OpenSSL
- 1.0.0, and was fixed in OpenSSL 1.0.0a.) Tor still detects, but no
- longer runs with, these versions.
- - Tor now uses Autoconf version 2.63 or later, and Automake 1.11 or
- later (released in 2008 and 2009 respectively). If you are
- building Tor from the git repository instead of from the source
- distribution, and your tools are older than this, you will need to
- upgrade. Closes ticket 17732.
- o Directory authority changes:
- - Update the V3 identity key for the dannenberg directory authority:
- it was changed on 18 November 2015. Closes task 17906. Patch
- by teor.
- - Urras is no longer a directory authority. Closes ticket 19271.
- o Major features (directory system):
- - Include a trial list of default fallback directories, based on an
- opt-in survey of suitable relays. Doing this should make clients
- bootstrap more quickly and reliably, and reduce the load on the
- directory authorities. Closes ticket 15775. Patch by teor.
- Candidates identified using an OnionOO script by weasel, teor,
- gsathya, and karsten.
- - Previously only relays that explicitly opened a directory port
- (DirPort) accepted directory requests from clients. Now all
- relays, with and without a DirPort, accept and serve tunneled
- directory requests that they receive through their ORPort. You can
- disable this behavior using the new DirCache option. Closes
- ticket 12538.
- - When bootstrapping multiple consensus downloads at a time, use the
- first one that starts downloading, and close the rest. This
- reduces failures when authorities or fallback directories are slow
- or down. Together with the code for feature 15775, this feature
- should reduces failures due to fallback churn. Implements ticket
- 4483. Patch by teor. Implements IPv4 portions of proposal 210 by
- mikeperry and teor.
- o Major features (security, Linux):
- - When Tor starts as root on Linux and is told to switch user ID, it
- can now retain the capability to bind to low ports. By default,
- Tor will do this only when it's switching user ID and some low
- ports have been configured. You can change this behavior with the
- new option KeepBindCapabilities. Closes ticket 8195.
- o Major bugfixes (client, bootstrapping):
- - Check if bootstrap consensus downloads are still needed when the
- linked connection attaches. This prevents tor making unnecessary
- begindir-style connections, which are the only directory
- connections tor clients make since the fix for 18483 was merged.
- - Fix some edge cases where consensus download connections may not
- have been closed, even though they were not needed. Related to fix
- for 18809.
- - Make relays retry consensus downloads the correct number of times,
- rather than the more aggressive client retry count. Fixes part of
- ticket 18809.
- o Major bugfixes (dns proxy mode, crash):
- - Avoid crashing when running as a DNS proxy. Fixes bug 16248;
- bugfix on 0.2.0.1-alpha. Patch from "cypherpunks".
- o Major bugfixes (ed25519, voting):
- - Actually enable support for authorities to match routers by their
- Ed25519 identities. Previously, the code had been written, but
- some debugging code that had accidentally been left in the
- codebase made it stay turned off. Fixes bug 17702; bugfix
- on 0.2.7.2-alpha.
- - When collating votes by Ed25519 identities, authorities now
- include a "NoEdConsensus" flag if the ed25519 value (or lack
- thereof) for a server does not reflect the majority consensus.
- Related to bug 17668; bugfix on 0.2.7.2-alpha.
- - When generating a vote with keypinning disabled, never include two
- entries for the same ed25519 identity. This bug was causing
- authorities to generate votes that they could not parse when a
- router violated key pinning by changing its RSA identity but
- keeping its Ed25519 identity. Fixes bug 17668; fixes part of bug
- 18318. Bugfix on 0.2.7.2-alpha.
- o Major bugfixes (key management):
- - If OpenSSL fails to generate an RSA key, do not retain a dangling
- pointer to the previous (uninitialized) key value. The impact here
- should be limited to a difficult-to-trigger crash, if OpenSSL is
- running an engine that makes key generation failures possible, or
- if OpenSSL runs out of memory. Fixes bug 19152; bugfix on
- 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and
- Baishakhi Ray.
- o Major bugfixes (security, client, DNS proxy):
- - Stop a crash that could occur when a client running with DNSPort
- received a query with multiple address types, and the first
- address type was not supported. Found and fixed by Scott Dial.
- Fixes bug 18710; bugfix on 0.2.5.4-alpha.
- o Major bugfixes (security, compilation):
- - Correctly detect compiler flags on systems where _FORTIFY_SOURCE
- is predefined. Previously, our use of -D_FORTIFY_SOURCE would
- cause a compiler warning, thereby making other checks fail, and
- needlessly disabling compiler-hardening support. Fixes one case of
- bug 18841; bugfix on 0.2.3.17-beta. Patch from "trudokal".
- - Repair hardened builds under the clang compiler. Previously, our
- use of _FORTIFY_SOURCE would conflict with clang's address
- sanitizer. Fixes bug 14821; bugfix on 0.2.5.4-alpha.
- o Major bugfixes (security, pointers):
- - Avoid a difficult-to-trigger heap corruption attack when extending
- a smartlist to contain over 16GB of pointers. Fixes bug 18162;
- bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely.
- Reported by Guido Vranken.
- o Major bugfixes (testing):
- - Fix a bug that would block 'make test-network-all' on systems where
- IPv6 packets were lost. Fixes bug 19008; bugfix on 0.2.7.3-rc.
- o Major bugfixes (user interface):
- - Correctly give a warning in the cases where a relay is specified
- by nickname, and one such relay is found, but it is not officially
- Named. Fixes bug 19203; bugfix on 0.2.3.1-alpha.
- o Minor features (accounting):
- - Added two modes to the AccountingRule option: One for limiting
- only the number of bytes sent ("AccountingRule out"), and one for
- limiting only the number of bytes received ("AccountingRule in").
- Closes ticket 15989; patch from "unixninja92".
- o Minor features (bug-resistance):
- - Make Tor survive errors involving connections without a
- corresponding event object. Previously we'd fail with an
- assertion; now we produce a log message. Related to bug 16248.
- - Use tor_snprintf() and tor_vsnprintf() even in external and low-
- level code, to harden against accidental failures to NUL-
- terminate. Part of ticket 17852. Patch from jsturgix. Found
- with Flawfinder.
- o Minor features (build):
- - Detect systems with FreeBSD-derived kernels (such as GNU/kFreeBSD)
- as having possible IPFW support. Closes ticket 18448. Patch from
- Steven Chamberlain.
- - Since our build process now uses "make distcheck", we no longer
- force "make dist" to depend on "make check". Closes ticket 17893;
- patch from "cypherpunks".
- - Tor now builds once again with the recent OpenSSL 1.1 development
- branch (tested against 1.1.0-pre5 and 1.1.0-pre6-dev). We have been
- tracking OpenSSL 1.1 development as it has progressed, and fixing
- numerous compatibility issues as they arose. See tickets
- 17549, 17921, 17984, 19499, and 18286.
- - When building manual pages, set the timezone to "UTC", so that the
- output is reproducible. Fixes bug 19558; bugfix on 0.2.2.9-alpha.
- Patch from intrigeri.
- o Minor features (clients):
- - Make clients, onion services, and bridge relays always use an
- encrypted begindir connection for directory requests. Resolves
- ticket 18483. Patch by teor.
- o Minor features (controller):
- - Add 'GETINFO exit-policy/reject-private/[default,relay]', so
- controllers can examine the the reject rules added by
- ExitPolicyRejectPrivate. This makes it easier for stem to display
- exit policies.
- - Adds the FallbackDir entries to 'GETINFO config/defaults'. Closes
- tickets 16774 and 17817. Patch by George Tankersley.
- - New 'GETINFO hs/service/desc/id/' command to retrieve a hidden
- service descriptor from a service's local hidden service
- descriptor cache. Closes ticket 14846.
- o Minor features (crypto):
- - Add SHA3 and SHAKE support to crypto.c. Closes ticket 17783.
- - Add SHA512 support to crypto.c. Closes ticket 17663; patch from
- George Tankersley.
- - Improve performance when hashing non-multiple of 8 sized buffers,
- based on Andrew Moon's public domain SipHash-2-4 implementation.
- Fixes bug 17544; bugfix on 0.2.5.3-alpha.
- - Validate the hard-coded Diffie-Hellman parameters and ensure that
- p is a safe prime, and g is a suitable generator. Closes
- ticket 18221.
- - When allocating a digest state object, allocate no more space than
- we actually need. Previously, we would allocate as much space as
- the state for the largest algorithm would need. This change saves
- up to 672 bytes per circuit. Closes ticket 17796.
- o Minor features (directory downloads):
- - Add UseDefaultFallbackDirs, which enables any hard-coded fallback
- directory mirrors. The default is 1; set it to 0 to disable
- fallbacks. Implements ticket 17576. Patch by teor.
- - Wait for busy authorities and fallback directories to become non-
- busy when bootstrapping. (A similar change was made in 6c443e987d
- for directory caches chosen from the consensus.) Closes ticket
- 17864; patch by teor.
- o Minor features (geoip):
- - Update geoip and geoip6 to the July 6 2016 Maxmind GeoLite2
- Country database.
- o Minor features (hidden service directory):
- - Streamline relay-side hsdir handling: when relays consider whether
- to accept an uploaded hidden service descriptor, they no longer
- check whether they are one of the relays in the network that is
- "supposed" to handle that descriptor. Implements ticket 18332.
- o Minor features (IPv6):
- - Add ClientPreferIPv6DirPort, which is set to 0 by default. If set
- to 1, tor prefers IPv6 directory addresses.
- - Add ClientUseIPv4, which is set to 1 by default. If set to 0, tor
- avoids using IPv4 for client OR and directory connections.
- - Add address policy assume_action support for IPv6 addresses.
- - Add an argument 'ipv6=address:orport' to the DirAuthority and
- FallbackDir torrc options, to specify an IPv6 address for an
- authority or fallback directory. Add hard-coded ipv6 addresses for
- directory authorities that have them. Closes ticket 17327; patch
- from Nick Mathewson and teor.
- - Allow users to configure directory authorities and fallback
- directory servers with IPv6 addresses and ORPorts. Resolves
- ticket 6027.
- - Limit IPv6 mask bits to 128.
- - Make tor_ersatz_socketpair work on IPv6-only systems. Fixes bug
- 17638; bugfix on 0.0.2pre8. Patch by teor.
- - Try harder to obey the IP version restrictions "ClientUseIPv4 0",
- "ClientUseIPv6 0", "ClientPreferIPv6ORPort", and
- "ClientPreferIPv6DirPort". Closes ticket 17840; patch by teor.
- - Warn when comparing against an AF_UNSPEC address in a policy, it's
- almost always a bug. Closes ticket 17863; patch by teor.
- - routerset_parse now accepts IPv6 literal addresses. Fixes bug
- 17060; bugfix on 0.2.1.3-alpha. Patch by teor.
- o Minor features (Linux seccomp2 sandbox):
- - Reject attempts to change our Address with "Sandbox 1" enabled.
- Changing Address with Sandbox turned on would never actually work,
- but previously it would fail in strange and confusing ways. Found
- while fixing 18548.
- o Minor features (logging):
- - When logging to syslog, allow a tag to be added to the syslog
- identity (the string prepended to every log message). The tag can
- be configured with SyslogIdentityTag and defaults to none. Setting
- it to "foo" will cause logs to be tagged as "Tor-foo". Closes
- ticket 17194.
- o Minor features (portability):
- - Use timingsafe_memcmp() where available. Closes ticket 17944;
- patch from <logan@hackers.mu>.
- o Minor features (relay, address discovery):
- - Add a family argument to get_interface_addresses_raw() and
- subfunctions to make network interface address interogation more
- efficient. Now Tor can specifically ask for IPv4, IPv6 or both
- types of interfaces from the operating system. Resolves
- ticket 17950.
- - When get_interface_address6_list(.,AF_UNSPEC,.) is called and
- fails to enumerate interface addresses using the platform-specific
- API, have it rely on the UDP socket fallback technique to try and
- find out what IP addresses (both IPv4 and IPv6) our machine has.
- Resolves ticket 17951.
- o Minor features (replay cache):
- - The replay cache now uses SHA256 instead of SHA1. Implements
- feature 8961. Patch by teor, issue reported by rransom.
- o Minor features (robustness):
- - Exit immediately with an error message if the code attempts to use
- Libevent without having initialized it. This should resolve some
- frequently-made mistakes in our unit tests. Closes ticket 18241.
- o Minor features (security, clock):
- - Warn when the system clock appears to move back in time (when the
- state file was last written in the future). Tor doesn't know that
- consensuses have expired if the clock is in the past. Patch by
- teor. Implements ticket 17188.
- o Minor features (security, exit policies):
- - ExitPolicyRejectPrivate now rejects more private addresses by
- default. Specifically, it now rejects the relay's outbound bind
- addresses (if configured), and the relay's configured port
- addresses (such as ORPort and DirPort). Fixes bug 17027; bugfix on
- 0.2.0.11-alpha. Patch by teor.
- o Minor features (security, memory erasure):
- - Make memwipe() do nothing when passed a NULL pointer or buffer of
- zero size. Check size argument to memwipe() for underflow. Fixes
- bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk",
- patch by teor.
- - Set the unused entries in a smartlist to NULL. This helped catch
- a (harmless) bug, and shouldn't affect performance too much.
- Implements ticket 17026.
- - Use SecureMemoryWipe() function to securely clean memory on
- Windows. Previously we'd use OpenSSL's OPENSSL_cleanse() function.
- Implements feature 17986.
- - Use explicit_bzero or memset_s when present. Previously, we'd use
- OpenSSL's OPENSSL_cleanse() function. Closes ticket 7419; patches
- from <logan@hackers.mu> and <selven@hackers.mu>.
- o Minor features (security, RNG):
- - Adjust Tor's use of OpenSSL's RNG APIs so that they absolutely,
- positively are not allowed to fail. Previously we depended on
- internal details of OpenSSL's behavior. Closes ticket 17686.
- - Never use the system entropy output directly for anything besides
- seeding the PRNG. When we want to generate important keys, instead
- of using system entropy directly, we now hash it with the PRNG
- stream. This may help resist certain attacks based on broken OS
- entropy implementations. Closes part of ticket 17694.
- - Use modern system calls (like getentropy() or getrandom()) to
- generate strong entropy on platforms that have them. Closes
- ticket 13696.
- o Minor features (security, win32):
- - Set SO_EXCLUSIVEADDRUSE on Win32 to avoid a local port-stealing
- attack. Fixes bug 18123; bugfix on all tor versions. Patch
- by teor.
- o Minor features (unix domain sockets):
- - Add a new per-socket option, RelaxDirModeCheck, to allow creating
- Unix domain sockets without checking the permissions on the parent
- directory. (Tor checks permissions by default because some
- operating systems only check permissions on the parent directory.
- However, some operating systems do look at permissions on the
- socket, and tor's default check is unneeded.) Closes ticket 18458.
- Patch by weasel.
- o Minor features (unix file permissions):
- - Defer creation of Unix sockets until after setuid. This avoids
- needing CAP_CHOWN and CAP_FOWNER when using systemd's
- CapabilityBoundingSet, or chown and fowner when using SELinux.
- Implements part of ticket 17562. Patch from Jamie Nguyen.
- - If any directory created by Tor is marked as group readable, the
- filesystem group is allowed to be either the default GID or the
- root user. Allowing root to read the DataDirectory prevents the
- need for CAP_READ_SEARCH when using systemd's
- CapabilityBoundingSet, or dac_read_search when using SELinux.
- Implements part of ticket 17562. Patch from Jamie Nguyen.
- - Introduce a new DataDirectoryGroupReadable option. If it is set to
- 1, the DataDirectory will be made readable by the default GID.
- Implements part of ticket 17562. Patch from Jamie Nguyen.
- o Minor bugfixes (accounting):
- - The max bandwidth when using 'AccountRule sum' is now correctly
- logged. Fixes bug 18024; bugfix on 0.2.6.1-alpha. Patch
- from "unixninja92".
- o Minor bugfixes (assert, portability):
- - Fix an assertion failure in memarea.c on systems where "long" is
- shorter than the size of a pointer. Fixes bug 18716; bugfix
- on 0.2.1.1-alpha.
- o Minor bugfixes (bootstrap):
- - Consistently use the consensus download schedule for authority
- certificates. Fixes bug 18816; bugfix on 0.2.4.13-alpha.
- o Minor bugfixes (build):
- - Avoid spurious failures from configure files related to calling
- exit(0) in TOR_SEARCH_LIBRARY. Fixes bug 18626; bugfix on
- 0.2.0.1-alpha. Patch from "cypherpunks".
- - Do not link the unit tests against both the testing and non-
- testing versions of the static libraries. Fixes bug 18490; bugfix
- on 0.2.7.1-alpha.
- - Resolve warnings when building on systems that are concerned with
- signed char. Fixes bug 18728; bugfix on 0.2.7.2-alpha
- and 0.2.6.1-alpha.
- - Silence spurious clang-scan warnings in the ed25519_donna code by
- explicitly initializing some objects. Fixes bug 18384; bugfix on
- 0.2.7.2-alpha. Patch by teor.
- - When libscrypt.h is found, but no libscrypt library can be linked,
- treat libscrypt as absent. Fixes bug 19161; bugfix
- on 0.2.6.1-alpha.
- - Cause the unit tests to compile correctly on mingw64 versions that
- lack sscanf. Fixes bug 19213; bugfix on 0.2.7.1-alpha.
- - Don't try to use the pthread_condattr_setclock() function unless
- it actually exists. Fixes compilation on NetBSD-6.x. Fixes bug
- 17819; bugfix on 0.2.6.3-alpha.
- - Fix backtrace compilation on FreeBSD. Fixes bug 17827; bugfix
- on 0.2.5.2-alpha.
- - Fix search for libevent libraries on OpenBSD (and other systems
- that install libevent 1 and libevent 2 in parallel). Fixes bug
- 16651; bugfix on 0.1.0.7-rc. Patch from "rubiate".
- - Isolate environment variables meant for tests from the rest of the
- build system. Fixes bug 17818; bugfix on 0.2.7.3-rc.
- - Mark all object files that include micro-revision.i as depending
- on it, so as to make parallel builds more reliable. Fixes bug
- 17826; bugfix on 0.2.5.1-alpha.
- - Remove config.log only from make distclean, not from make clean.
- Fixes bug 17924; bugfix on 0.2.4.1-alpha.
- - Replace usage of 'INLINE' with 'inline'. Fixes bug 17804; bugfix
- on 0.0.2pre8.
- - Remove an #endif from configure.ac so that we correctly detect the
- presence of in6_addr.s6_addr32. Fixes bug 17923; bugfix
- on 0.2.0.13-alpha.
- o Minor bugfixes (client, bootstrap):
- - Count receipt of new microdescriptors as progress towards
- bootstrapping. Previously, with EntryNodes set, Tor might not
- successfully repopulate the guard set on bootstrapping. Fixes bug
- 16825; bugfix on 0.2.3.1-alpha.
- o Minor bugfixes (code correctness):
- - Fix a bad memory handling bug that would occur if we had queued a
- cell on a channel's incoming queue. Fortunately, we can't actually
- queue a cell like that as our code is constructed today, but it's
- best to avoid this kind of error, even if there isn't any code
- that triggers it today. Fixes bug 18570; bugfix on 0.2.4.4-alpha.
- - Assert that allocated memory held by the reputation code is freed
- according to its internal counters. Fixes bug 17753; bugfix
- on 0.1.1.1-alpha.
- - Assert when the TLS contexts fail to initialize. Fixes bug 17683;
- bugfix on 0.0.6.
- - Update to the latest version of Trunnel, which tries harder to
- avoid generating code that can invoke memcpy(p,NULL,0). Bug found
- by clang address sanitizer. Fixes bug 18373; bugfix
- on 0.2.7.2-alpha.
- - When closing an entry connection, generate a warning if we should
- have sent an end cell for it but we haven't. Fixes bug 17876;
- bugfix on 0.2.3.2-alpha.
- o Minor bugfixes (configuration):
- - Fix a tiny memory leak when parsing a port configuration ending in
- ":auto". Fixes bug 18374; bugfix on 0.2.3.3-alpha.
- o Minor bugfixes (containers):
- - If we somehow attempt to construct a heap with more than
- 1073741822 elements, avoid an integer overflow when maintaining
- the heap property. Fixes bug 18296; bugfix on 0.1.2.1-alpha.
- o Minor bugfixes (controller, microdescriptors):
- - Make GETINFO dir/status-vote/current/consensus conform to the
- control specification by returning "551 Could not open cached
- consensus..." when not caching consensuses. Fixes bug 18920;
- bugfix on 0.2.2.6-alpha.
- o Minor bugfixes (crypto):
- - Check the return value of HMAC() and assert on failure. Fixes bug
- 17658; bugfix on 0.2.3.6-alpha. Patch by teor.
- o Minor bugfixes (directories):
- - When fetching extrainfo documents, compare their SHA256 digests
- and Ed25519 signing key certificates with the routerinfo that led
- us to fetch them, rather than with the most recent routerinfo.
- Otherwise we generate many spurious warnings about mismatches.
- Fixes bug 17150; bugfix on 0.2.7.2-alpha.
- - When generating a URL for a directory server on an IPv6 address,
- wrap the IPv6 address in square brackets. Fixes bug 18051; bugfix
- on 0.2.3.9-alpha. Patch from Malek.
- o Minor bugfixes (downloading):
- - Predict more correctly whether we'll be downloading over HTTP when
- we determine the maximum length of a URL. This should avoid a
- "BUG" warning about the Squid HTTP proxy and its URL limits. Fixes
- bug 19191.
- o Minor bugfixes (exit policies, security):
- - Refresh an exit relay's exit policy when interface addresses
- change. Previously, tor only refreshed the exit policy when the
- configured external address changed. Fixes bug 18208; bugfix on
- 0.2.7.3-rc. Patch by teor.
- o Minor bugfixes (fallback directories):
- - Mark fallbacks as "too busy" when they return a 503 response,
- rather than just marking authorities. Fixes bug 17572; bugfix on
- 0.2.4.7-alpha. Patch by teor.
- - When requesting extrainfo descriptors from a trusted directory
- server, check whether it is an authority or a fallback directory
- which supports extrainfo descriptors. Fixes bug 18489; bugfix on
- 0.2.4.7-alpha. Reported by atagar, patch by teor.
- o Minor bugfixes (hidden service, client):
- - Handle the case where the user makes several fast consecutive
- requests to the same .onion address. Previously, the first six
- requests would each trigger a descriptor fetch, each picking a
- directory (there are 6 overall) and the seventh one would fail
- because no directories were left, thereby triggering a close on
- all current directory connections asking for the hidden service.
- The solution here is to not close the connections if we have
- pending directory fetches. Fixes bug 15937; bugfix
- on 0.2.7.1-alpha.
- o Minor bugfixes (hidden service, control port):
- - Add the onion address to the HS_DESC event for the UPLOADED action
- both on success or failure. It was previously hardcoded with
- UNKNOWN. Fixes bug 16023; bugfix on 0.2.7.2-alpha.
- o Minor bugfixes (hidden service, directory):
- - Bridges now refuse "rendezvous2" (hidden service descriptor)
- publish attempts. Suggested by ticket 18332.
- o Minor bugfixes (IPv6):
- - Update the limits in max_dl_per_request for IPv6 address length.
- Fixes bug 17573; bugfix on 0.2.1.5-alpha.
- o Minor bugfixes (Linux seccomp2 sandbox):
- - Allow more syscalls when running with "Sandbox 1" enabled:
- sysinfo, getsockopt(SO_SNDBUF), and setsockopt(SO_SNDBUFFORCE). On
- some systems, these are required for Tor to start. Fixes bug
- 18397; bugfix on 0.2.5.1-alpha. Patch from Daniel Pinto.
- - Allow IPPROTO_UDP datagram sockets when running with "Sandbox 1",
- so that get_interface_address6_via_udp_socket_hack() can work.
- Fixes bug 19660; bugfix on 0.2.5.1-alpha.
- - Allow the setrlimit syscall, and the prlimit and prlimit64
- syscalls, which some libc implementations use under the hood.
- Fixes bug 15221; bugfix on 0.2.5.1-alpha.
- - Avoid a 10-second delay when starting as a client with "Sandbox 1"
- enabled and no DNS resolvers configured. This should help TAILS
- start up faster. Fixes bug 18548; bugfix on 0.2.5.1-alpha.
- - Fix a crash when using offline master ed25519 keys with the Linux
- seccomp2 sandbox enabled. Fixes bug 17675; bugfix on 0.2.7.3-rc.
- - Allow statistics to be written to disk when "Sandbox 1" is
- enabled. Fixes bugs 19556 and 19957; bugfix on 0.2.5.1-alpha and
- 0.2.6.1-alpha respectively.
- o Minor bugfixes (logging):
- - In log messages that include a function name, use __FUNCTION__
- instead of __PRETTY_FUNCTION__. In GCC, these are synonymous, but
- with clang __PRETTY_FUNCTION__ has extra information we don't
- need. Fixes bug 16563; bugfix on 0.0.2pre8. Fix by Tom van
- der Woerdt.
- - Remove needless quotes from a log message about unparseable
- addresses. Fixes bug 17843; bugfix on 0.2.3.3-alpha.
- - Scrub service name in "unrecognized service ID" log messages.
- Fixes bug 18600; bugfix on 0.2.4.11-alpha.
- - When logging information about an unparsable networkstatus vote or
- consensus, do not say "vote" when we mean consensus. Fixes bug
- 18368; bugfix on 0.2.0.8-alpha.
- - When we can't generate a signing key because OfflineMasterKey is
- set, do not imply that we should have been able to load it. Fixes
- bug 18133; bugfix on 0.2.7.2-alpha.
- - When logging a malformed hostname received through socks4, scrub
- it if SafeLogging says we should. Fixes bug 17419; bugfix
- on 0.1.1.16-rc.
- o Minor bugfixes (memory safety):
- - Avoid freeing an uninitialized pointer when opening a socket fails
- in get_interface_addresses_ioctl(). Fixes bug 18454; bugfix on
- 0.2.3.11-alpha. Reported by toralf and "cypherpunks", patch
- by teor.
- - Fix a memory leak in "tor --list-fingerprint". Fixes part of bug
- 18672; bugfix on 0.2.5.1-alpha.
- - Fix a memory leak in tor-gencert. Fixes part of bug 18672; bugfix
- on 0.2.0.1-alpha.
- o Minor bugfixes (pluggable transports):
- - Avoid reporting a spurious error when we decide that we don't need
- to terminate a pluggable transport because it has already exited.
- Fixes bug 18686; bugfix on 0.2.5.5-alpha.
- o Minor bugfixes (pointer arithmetic):
- - Fix a bug in memarea_alloc() that could have resulted in remote
- heap write access, if Tor had ever passed an unchecked size to
- memarea_alloc(). Fortunately, all the sizes we pass to
- memarea_alloc() are pre-checked to be less than 128 kilobytes.
- Fixes bug 19150; bugfix on 0.2.1.1-alpha. Bug found by
- Guido Vranken.
- o Minor bugfixes (private directory):
- - Prevent a race condition when creating private directories. Fixes
- part of bug 17852; bugfix on 0.0.2pre13. Part of ticket 17852.
- Patch from jsturgix. Found with Flawfinder.
- o Minor bugfixes (relays):
- - Check that both the ORPort and DirPort (if present) are reachable
- before publishing a relay descriptor. Otherwise, relays publish a
- descriptor with DirPort 0 when the DirPort reachability test takes
- longer than the ORPort reachability test. Fixes bug 18050; bugfix
- on 0.1.0.1-rc. Reported by "starlight", patch by teor.
- - Resolve some edge cases where we might launch an ORPort
- reachability check even when DisableNetwork is set. Noticed while
- fixing bug 18616; bugfix on 0.2.3.9-alpha.
- o Minor bugfixes (relays, hidden services):
- - Refuse connection requests to private OR addresses unless
- ExtendAllowPrivateAddresses is set. Previously, tor would connect,
- then refuse to send any cells to a private address. Fixes bugs
- 17674 and 8976; bugfix on 0.2.3.21-rc. Patch by teor.
- o Minor bugfixes (security, hidden services):
- - Prevent hidden services connecting to client-supplied rendezvous
- addresses that are reserved as internal or multicast. Fixes bug
- 8976; bugfix on 0.2.3.21-rc. Patch by dgoulet and teor.
- o Minor bugfixes (statistics):
- - Consistently check for overflow in round_*_to_next_multiple_of
- functions, and add unit tests with additional and maximal values.
- Fixes part of bug 13192; bugfix on 0.2.2.1-alpha.
- - Handle edge cases in the laplace functions: avoid division by
- zero, avoid taking the log of zero, and silence clang type
- conversion warnings using round and trunc. Add unit tests for edge
- cases with maximal values. Fixes part of bug 13192; bugfix
- on 0.2.6.2-alpha.
- - We now include consensus downloads via IPv6 in our directory-
- request statistics. Fixes bug 18460; bugfix on 0.2.3.14-alpha.
- o Minor bugfixes (test networks, IPv6):
- - Allow internal IPv6 addresses in descriptors in test networks.
- Fixes bug 17153; bugfix on 0.2.3.16-alpha. Patch by teor, reported
- by karsten.
- o Minor bugfixes (testing):
- - Check the full results of SHA256 and SHA512 digests in the unit
- tests. Bugfix on 0.2.2.4-alpha. Patch by teor.
- - Fix a memory leak in the ntor test. Fixes bug 17778; bugfix
- on 0.2.4.8-alpha.
- - Fix a small memory leak that would occur when the
- TestingEnableCellStatsEvent option was turned on. Fixes bug 18673;
- bugfix on 0.2.5.2-alpha.
- - Make unit tests pass on IPv6-only systems, and systems without
- localhost addresses (like some FreeBSD jails). Fixes bug 17632;
- bugfix on 0.2.7.3-rc. Patch by teor.
- - The test for log_heartbeat was incorrectly failing in timezones
- with non-integer offsets. Instead of comparing the end of the time
- string against a constant, compare it to the output of
- format_local_iso_time when given the correct input. Fixes bug
- 18039; bugfix on 0.2.5.4-alpha.
- - We no longer disable assertions in the unit tests when coverage is
- enabled. Instead, we require you to say --disable-asserts-in-tests
- to the configure script if you need assertions disabled in the
- unit tests (for example, if you want to perform branch coverage).
- Fixes bug 18242; bugfix on 0.2.7.1-alpha.
- o Minor bugfixes (time handling):
- - When correcting a corrupt 'struct tm' value, fill in the tm_wday
- field. Otherwise, our unit tests crash on Windows. Fixes bug
- 18977; bugfix on 0.2.2.25-alpha.
- - Avoid overflow in tor_timegm when parsing dates in and after 2038
- on platforms with 32-bit time_t. Fixes bug 18479; bugfix on
- 0.0.2pre14. Patch by teor.
- o Minor bugfixes (tor-gencert):
- - Correctly handle the case where an authority operator enters a
- passphrase but sends an EOF before sending a newline. Fixes bug
- 17443; bugfix on 0.2.0.20-rc. Found by junglefowl.
- o Code simplification and refactoring:
- - Clean up a little duplicated code in
- crypto_expand_key_material_TAP(). Closes ticket 17587; patch
- from "pfrankw".
- - Decouple the list of streams waiting to be attached to circuits
- from the overall connection list. This change makes it possible to
- attach streams quickly while simplifying Tor's callgraph and
- avoiding O(N) scans of the entire connection list. Closes
- ticket 17590.
- - Extract the more complicated parts of circuit_mark_for_close()
- into a new function that we run periodically before circuits are
- freed. This change removes more than half of the functions
- currently in the "blob". Closes ticket 17218.
- - Move logging of redundant policy entries in
- policies_parse_exit_policy_internal into its own function. Closes
- ticket 17608; patch from "juce".
- - Quote all the string interpolations in configure.ac -- even those
- which we are pretty sure can't contain spaces. Closes ticket
- 17744. Patch from zerosion.
- - Remove code for configuring OpenSSL dynamic locks; OpenSSL doesn't
- use them. Closes ticket 17926.
- - Remove specialized code for non-inplace AES_CTR. 99% of our AES is
- inplace, so there's no need to have a separate implementation for
- the non-inplace code. Closes ticket 18258. Patch from Malek.
- - Simplify return types for some crypto functions that can't
- actually fail. Patch from Hassan Alsibyani. Closes ticket 18259.
- - When a direct directory request fails immediately on launch,
- instead of relaunching that request from inside the code that
- launches it, instead mark the connection for teardown. This change
- simplifies Tor's callback and prevents the directory-request
- launching code from invoking itself recursively. Closes
- ticket 17589.
- o Documentation:
- - Add a description of the correct use of the '--keygen' command-
- line option. Closes ticket 17583; based on text by 's7r'.
- - Change build messages to refer to "Fedora" instead of "Fedora
- Core", and "dnf" instead of "yum". Closes tickets 18459 and 18426.
- Patches from "icanhasaccount" and "cypherpunks".
- - Document the contents of the 'datadir/keys' subdirectory in the
- manual page. Closes ticket 17621.
- - Document the minimum HeartbeatPeriod value. Closes ticket 15638.
- - Explain actual minima for BandwidthRate. Closes ticket 16382.
- - Fix a minor formatting typo in the manpage. Closes ticket 17791.
- - Mention torspec URL in the manpage and point the reader to it
- whenever we mention a document that belongs in torspce. Fixes
- issue 17392.
- - Stop recommending use of nicknames to identify relays in our
- MapAddress documentation. Closes ticket 18312.
- o Removed features:
- - Remove client-side support for connecting to Tor relays running
- versions of Tor before 0.2.3.6-alpha. These relays didn't support
- the v3 TLS handshake protocol, and are no longer allowed on the
- Tor network. Implements the client side of ticket 11150. Based on
- patches by Tom van der Woerdt.
- - We no longer maintain an internal freelist in memarea.c.
- Allocators should be good enough to make this code unnecessary,
- and it's doubtful that it ever had any performance benefit.
- o Testing:
- - Add unit tests to check for common RNG failure modes, such as
- returning all zeroes, identical values, or incrementing values
- (OpenSSL's rand_predictable feature). Patch by teor.
- - Always test both ed25519 backends, so that we can be sure that our
- batch-open replacement code works. Part of ticket 16794.
- - Cover dns_resolve_impl() in dns.c with unit tests. Implements a
- portion of ticket 16831.
- - Fix several warnings from clang's address sanitizer produced in
- the unit tests.
- - Log more information when the backtrace tests fail. Closes ticket
- 17892. Patch from "cypherpunks."
- - More unit tests for compat_libevent.c, procmon.c, tortls.c,
- util_format.c, directory.c, and options_validate.c. Closes tickets
- 17075, 17082, 17084, 17003, and 17076 respectively. Patches from
- Ola Bini.
- - Treat backtrace test failures as expected on FreeBSD until we
- solve bug 17808. Closes ticket 18204.
- - Unit tests for directory_handle_command_get. Closes ticket 17004.
- Patch from Reinaldo de Souza Jr.
- Changes in version 0.2.7.6 - 2015-12-10
- Tor version 0.2.7.6 fixes a major bug in entry guard selection, as
- well as a minor bug in hidden service reliability.
- o Major bugfixes (guard selection):
- - Actually look at the Guard flag when selecting a new directory
- guard. When we implemented the directory guard design, we
- accidentally started treating all relays as if they have the Guard
- flag during guard selection, leading to weaker anonymity and worse
- performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered
- by Mohsen Imani.
- o Minor features (geoip):
- - Update geoip and geoip6 to the December 1 2015 Maxmind GeoLite2
- Country database.
- o Minor bugfixes (compilation):
- - When checking for net/pfvar.h, include netinet/in.h if possible.
- This fixes transparent proxy detection on OpenBSD. Fixes bug
- 17551; bugfix on 0.1.2.1-alpha. Patch from "rubiate".
- - Fix a compilation warning with Clang 3.6: Do not check the
- presence of an address which can never be NULL. Fixes bug 17781.
- o Minor bugfixes (correctness):
- - When displaying an IPv6 exit policy, include the mask bits
- correctly even when the number is greater than 31. Fixes bug
- 16056; bugfix on 0.2.4.7-alpha. Patch from "gturner".
- - The wrong list was used when looking up expired intro points in a
- rend service object, causing what we think could be reachability
- issues for hidden services, and triggering a BUG log. Fixes bug
- 16702; bugfix on 0.2.7.2-alpha.
- - Fix undefined behavior in the tor_cert_checksig function. Fixes
- bug 17722; bugfix on 0.2.7.2-alpha.
- Changes in version 0.2.7.5 - 2015-11-20
- The Tor 0.2.7 release series is dedicated to the memory of Tor user
- and privacy advocate Caspar Bowden (1961-2015). Caspar worked
- tirelessly to advocate human rights regardless of national borders,
- and oppose the encroachments of mass surveillance. He opposed national
- exceptionalism, he brought clarity to legal and policy debates, he
- understood and predicted the impact of mass surveillance on the world,
- and he laid the groundwork for resisting it. While serving on the Tor
- Project's board of directors, he brought us his uncompromising focus
- on technical excellence in the service of humankind. Caspar was an
- inimitable force for good and a wonderful friend. He was kind,
- humorous, generous, gallant, and believed we should protect one
- another without exception. We honor him here for his ideals, his
- efforts, and his accomplishments. Please honor his memory with works
- that would make him proud.
- Tor 0.2.7.5 is the first stable release in the Tor 0.2.7 series.
- The 0.2.7 series adds a more secure identity key type for relays,
- improves cryptography performance, resolves several longstanding
- hidden-service performance issues, improves controller support for
- hidden services, and includes small bugfixes and performance
- improvements throughout the program. This release series also includes
- more tests than before, and significant simplifications to which parts
- of Tor invoke which others. For a full list of changes, see below.
- o New system requirements:
- - Tor no longer includes workarounds to support Libevent versions
- before 1.3e. Libevent 2.0 or later is recommended. Closes
- ticket 15248.
- - Tor no longer supports copies of OpenSSL that are missing support
- for Elliptic Curve Cryptography. (We began using ECC when
- available in 0.2.4.8-alpha, for more safe and efficient key
- negotiation.) In particular, support for at least one of P256 or
- P224 is now required, with manual configuration needed if only
- P224 is available. Resolves ticket 16140.
- - Tor no longer supports versions of OpenSSL before 1.0. (If you are
- on an operating system that has not upgraded to OpenSSL 1.0 or
- later, and you compile Tor from source, you will need to install a
- more recent OpenSSL to link Tor against.) These versions of
- OpenSSL are still supported by the OpenSSL, but the numerous
- cryptographic improvements in later OpenSSL releases makes them a
- clear choice. Resolves ticket 16034.
- o Major features (controller):
- - Add the ADD_ONION and DEL_ONION commands that allow the creation
- and management of hidden services via the controller. Closes
- ticket 6411.
- - New "GETINFO onions/current" and "GETINFO onions/detached"
- commands to get information about hidden services created via the
- controller. Part of ticket 6411.
- - New HSFETCH command to launch a request for a hidden service
- descriptor. Closes ticket 14847.
- - New HSPOST command to upload a hidden service descriptor. Closes
- ticket 3523. Patch by "DonnchaC".
- o Major features (Ed25519 identity keys, Proposal 220):
- - Add support for offline encrypted Ed25519 master keys. To use this
- feature on your tor relay, run "tor --keygen" to make a new master
- key (or to make a new signing key if you already have a master
- key). Closes ticket 13642.
- - All relays now maintain a stronger identity key, using the Ed25519
- elliptic curve signature format. This master key is designed so
- that it can be kept offline. Relays also generate an online
- signing key, and a set of other Ed25519 keys and certificates.
- These are all automatically regenerated and rotated as needed.
- Implements part of ticket 12498.
- - Directory authorities now vote on Ed25519 identity keys along with
- RSA1024 keys. Implements part of ticket 12498.
- - Directory authorities track which Ed25519 identity keys have been
- used with which RSA1024 identity keys, and do not allow them to
- vary freely. Implements part of ticket 12498.
- - Microdescriptors now include Ed25519 identity keys. Implements
- part of ticket 12498.
- - Add a --newpass option to allow changing or removing the
- passphrase of an encrypted key with tor --keygen. Implements part
- of ticket 16769.
- - Add a new OfflineMasterKey option to tell Tor never to try loading
- or generating a secret Ed25519 identity key. You can use this in
- combination with tor --keygen to manage offline and/or encrypted
- Ed25519 keys. Implements ticket 16944.
- - On receiving a HUP signal, check to see whether the Ed25519
- signing key has changed, and reload it if so. Closes ticket 16790.
- - Significant usability improvements for Ed25519 key management. Log
- messages are better, and the code can recover from far more
- failure conditions. Thanks to "s7r" for reporting and diagnosing
- so many of these!
- o Major features (ECC performance):
- - Improve the runtime speed of Ed25519 signature verification by
- using Ed25519-donna's batch verification support. Implements
- ticket 16533.
- - Improve the speed of Ed25519 operations and Curve25519 keypair
- generation when built targeting 32 bit x86 platforms with SSE2
- available. Implements ticket 16535.
- - Improve the runtime speed of Ed25519 operations by using the
- public-domain Ed25519-donna by Andrew M. ("floodyberry").
- Implements ticket 16467.
- - Improve the runtime speed of the ntor handshake by using an
- optimized curve25519 basepoint scalarmult implementation from the
- public-domain Ed25519-donna by Andrew M. ("floodyberry"), based on
- ideas by Adam Langley. Implements ticket 9663.
- o Major features (Hidden services):
- - Hidden services, if using the EntryNodes option, are required to
- use more than one EntryNode, in order to avoid a guard discovery
- attack. (This would only affect people who had configured hidden
- services and manually specified the EntryNodes option with a
- single entry-node. The impact was that it would be easy to
- remotely identify the guard node used by such a hidden service.
- See ticket for more information.) Fixes ticket 14917.
- - Add the torrc option HiddenServiceNumIntroductionPoints, to
- specify a fixed number of introduction points. Its maximum value
- is 10 and default is 3. Using this option can increase a hidden
- service's reliability under load, at the cost of making it more
- visible that the hidden service is facing extra load. Closes
- ticket 4862.
- - Remove the adaptive algorithm for choosing the number of
- introduction points, which used to change the number of
- introduction points (poorly) depending on the number of
- connections the HS sees. Closes ticket 4862.
- o Major features (onion key cross-certification):
- - Relay descriptors now include signatures of their own identity
- keys, made using the TAP and ntor onion keys. These signatures
- allow relays to prove ownership of their own onion keys. Because
- of this change, microdescriptors will no longer need to include
- RSA identity keys. Implements proposal 228; closes ticket 12499.
- o Major bugfixes (client-side privacy, also in 0.2.6.9):
- - Properly separate out each SOCKSPort when applying stream
- isolation. The error occurred because each port's session group
- was being overwritten by a default value when the listener
- connection was initialized. Fixes bug 16247; bugfix on
- 0.2.6.3-alpha. Patch by "jojelino".
- o Major bugfixes (hidden service clients, stability, also in 0.2.6.10):
- - Stop refusing to store updated hidden service descriptors on a
- client. This reverts commit 9407040c59218 (which indeed fixed bug
- 14219, but introduced a major hidden service reachability
- regression detailed in bug 16381). This is a temporary fix since
- we can live with the minor issue in bug 14219 (it just results in
- some load on the network) but the regression of 16381 is too much
- of a setback. First-round fix for bug 16381; bugfix
- on 0.2.6.3-alpha.
- o Major bugfixes (hidden services):
- - Revert commit that made directory authorities assign the HSDir
- flag to relays without a DirPort; this was bad because such relays
- can't handle BEGIN_DIR cells. Fixes bug 15850; bugfix
- on 0.2.6.3-alpha.
- - When cannibalizing a circuit for an introduction point, always
- extend to the chosen exit node (creating a 4 hop circuit).
- Previously Tor would use the current circuit exit node, which
- changed the original choice of introduction point, and could cause
- the hidden service to skip excluded introduction points or
- reconnect to a skipped introduction point. Fixes bug 16260; bugfix
- on 0.1.0.1-rc.
- o Major bugfixes (memory leaks):
- - Fix a memory leak in ed25519 batch signature checking. Fixes bug
- 17398; bugfix on 0.2.6.1-alpha.
- o Major bugfixes (open file limit):
- - The open file limit wasn't checked before calling
- tor_accept_socket_nonblocking(), which would make Tor exceed the
- limit. Now, before opening a new socket, Tor validates the open
- file limit just before, and if the max has been reached, return an
- error. Fixes bug 16288; bugfix on 0.1.1.1-alpha.
- o Major bugfixes (security, correctness):
- - Fix an error that could cause us to read 4 bytes before the
- beginning of an openssl string. This bug could be used to cause
- Tor to crash on systems with unusual malloc implementations, or
- systems with unusual hardening installed. Fixes bug 17404; bugfix
- on 0.2.3.6-alpha.
- o Major bugfixes (stability, also in 0.2.6.10):
- - Stop crashing with an assertion failure when parsing certain kinds
- of malformed or truncated microdescriptors. Fixes bug 16400;
- bugfix on 0.2.6.1-alpha. Found by "torkeln"; fix based on a patch
- by "cypherpunks_backup".
- - Stop random client-side assertion failures that could occur when
- connecting to a busy hidden service, or connecting to a hidden
- service while a NEWNYM is in progress. Fixes bug 16013; bugfix
- on 0.1.0.1-rc.
- o Minor features (client, SOCKS):
- - Add GroupWritable and WorldWritable options to unix-socket based
- SocksPort and ControlPort options. These options apply to a single
- socket, and override {Control,Socks}SocketsGroupWritable. Closes
- ticket 15220.
- - Relax the validation done to hostnames in SOCKS5 requests, and
- allow a single trailing '.' to cope with clients that pass FQDNs
- using that syntax to explicitly indicate that the domain name is
- fully-qualified. Fixes bug 16674; bugfix on 0.2.6.2-alpha.
- - Relax the validation of hostnames in SOCKS5 requests, allowing the
- character '_' to appear, in order to cope with domains observed in
- the wild that are serving non-RFC compliant records. Resolves
- ticket 16430.
- o Minor features (client-side privacy):
- - New KeepAliveIsolateSOCKSAuth option to indefinitely extend circuit
- lifespan when IsolateSOCKSAuth and streams with SOCKS
- authentication are attached to the circuit. This allows
- applications like TorBrowser to manage circuit lifetime on their
- own. Implements feature 15482.
- - When logging malformed hostnames from SOCKS5 requests, respect
- SafeLogging configuration. Fixes bug 16891; bugfix on 0.1.1.16-rc.
- o Minor features (clock-jump tolerance):
- - Recover better when our clock jumps back many hours, like might
- happen for Tails or Whonix users who start with a very wrong
- hardware clock, use Tor to discover a more accurate time, and then
- fix their clock. Resolves part of ticket 8766.
- o Minor features (command-line interface):
- - Make --hash-password imply --hush to prevent unnecessary noise.
- Closes ticket 15542. Patch from "cypherpunks".
- - Print a warning whenever we find a relative file path being used
- as torrc option. Resolves issue 14018.
- o Minor features (compilation):
- - Give a warning as early as possible when trying to build with an
- unsupported OpenSSL version. Closes ticket 16901.
- - Use C99 variadic macros when the compiler is not GCC. This avoids
- failing compilations on MSVC, and fixes a log-file-based race
- condition in our old workarounds. Original patch from Gisle Vanem.
- o Minor features (control protocol):
- - Support network-liveness GETINFO key and NETWORK_LIVENESS event in
- the control protocol. Resolves ticket 15358.
- o Minor features (controller):
- - Add DirAuthority lines for default directory authorities to the
- output of the "GETINFO config/defaults" command if not already
- present. Implements ticket 14840.
- - Controllers can now use "GETINFO hs/client/desc/id/..." to
- retrieve items from the client's hidden service descriptor cache.
- Closes ticket 14845.
- - Implement a new controller command "GETINFO status/fresh-relay-
- descs" to fetch a descriptor/extrainfo pair that was generated on
- demand just for the controller's use. Implements ticket 14784.
- o Minor features (directory authorities):
- - Directory authorities no longer vote against the "Fast", "Stable",
- and "HSDir" flags just because they were going to vote against
- "Running": if the consensus turns out to be that the router was
- running, then the authority's vote should count. Patch from Peter
- Retzlaff; closes issue 8712.
- o Minor features (directory authorities, security, also in 0.2.6.9):
- - The HSDir flag given by authorities now requires the Stable flag.
- For the current network, this results in going from 2887 to 2806
- HSDirs. Also, it makes it harder for an attacker to launch a sybil
- attack by raising the effort for a relay to become Stable to
- require at the very least 7 days, while maintaining the 96 hours
- uptime requirement for HSDir. Implements ticket 8243.
- o Minor features (DoS-resistance):
- - Make it harder for attackers to overload hidden services with
- introductions, by blocking multiple introduction requests on the
- same circuit. Resolves ticket 15515.
- o Minor features (geoip):
- - Update geoip and geoip6 to the October 9 2015 Maxmind GeoLite2
- Country database.
- o Minor features (hidden services):
- - Add the new options "HiddenServiceMaxStreams" and
- "HiddenServiceMaxStreamsCloseCircuit" to allow hidden services to
- limit the maximum number of simultaneous streams per circuit, and
- optionally tear down the circuit when the limit is exceeded. Part
- of ticket 16052.
- - Client now uses an introduction point failure cache to know when
- to fetch or keep a descriptor in their cache. Previously, failures
- were recorded implicitly, but not explicitly remembered. Closes
- ticket 16389.
- - Relays need to have the Fast flag to get the HSDir flag. As this
- is being written, we'll go from 2745 HSDirs down to 2342, a ~14%
- drop. This change should make some attacks against the hidden
- service directory system harder. Fixes ticket 15963.
- - Turn on hidden service statistics collection by setting the torrc
- option HiddenServiceStatistics to "1" by default. (This keeps
- track only of the fraction of traffic used by hidden services, and
- the total number of hidden services in existence.) Closes
- ticket 15254.
- - To avoid leaking HS popularity, don't cycle the introduction point
- when we've handled a fixed number of INTRODUCE2 cells but instead
- cycle it when a random number of introductions is reached, thus
- making it more difficult for an attacker to find out the amount of
- clients that have used the introduction point for a specific HS.
- Closes ticket 15745.
- o Minor features (logging):
- - Include the Tor version in all LD_BUG log messages, since people
- tend to cut and paste those into the bugtracker. Implements
- ticket 15026.
- o Minor features (pluggable transports):
- - When launching managed pluggable transports on Linux systems,
- attempt to have the kernel deliver a SIGTERM on tor exit if the
- pluggable transport process is still running. Resolves
- ticket 15471.
- - When launching managed pluggable transports, setup a valid open
- stdin in the child process that can be used to detect if tor has
- terminated. The "TOR_PT_EXIT_ON_STDIN_CLOSE" environment variable
- can be used by implementations to detect this new behavior.
- Resolves ticket 15435.
- o Minor bugfixes (torrc exit policies):
- - In each instance above, usage advice is provided to avoid the
- message. Resolves ticket 16069. Patch by "teor". Fixes part of bug
- 16069; bugfix on 0.2.4.7-alpha.
- - In torrc, "accept6 *" and "reject6 *" ExitPolicy lines now only
- produce IPv6 wildcard addresses. Previously they would produce
- both IPv4 and IPv6 wildcard addresses. Patch by "teor". Fixes part
- of bug 16069; bugfix on 0.2.4.7-alpha.
- - When parsing torrc ExitPolicies, we now issue an info-level
- message when expanding an "accept/reject *" line to include both
- IPv4 and IPv6 wildcard addresses. Related to ticket 16069.
- - When parsing torrc ExitPolicies, we now warn for a number of cases
- where the user's intent is likely to differ from Tor's actual
- behavior. These include: using an IPv4 address with an accept6 or
- reject6 line; using "private" on an accept6 or reject6 line; and
- including any ExitPolicy lines after accept *:* or reject *:*.
- Related to ticket 16069.
- o Minor bugfixes (command-line interface):
- - When "--quiet" is provided along with "--validate-config", do not
- write anything to stdout on success. Fixes bug 14994; bugfix
- on 0.2.3.3-alpha.
- - When complaining about bad arguments to "--dump-config", use
- stderr, not stdout.
- - Print usage information for --dump-config when it is used without
- an argument. Also, fix the error message to use different wording
- and add newline at the end. Fixes bug 15541; bugfix
- on 0.2.5.1-alpha.
- o Minor bugfixes (compilation):
- - Fix compilation of sandbox.c with musl-libc. Fixes bug 17347;
- bugfix on 0.2.5.1-alpha. Patch from 'jamestk'.
- - Repair compilation with the most recent (unreleased, alpha)
- vesions of OpenSSL 1.1. Fixes part of ticket 17237.
- o Minor bugfixes (compilation, also in 0.2.6.9):
- - Build with --enable-systemd correctly when libsystemd is
- installed, but systemd is not. Fixes bug 16164; bugfix on
- 0.2.6.3-alpha. Patch from Peter Palfrader.
- o Minor bugfixes (configuration, unit tests):
- - Only add the default fallback directories when the DirAuthorities,
- AlternateDirAuthority, and FallbackDir directory config options
- are set to their defaults. The default fallback directory list is
- currently empty, this fix will only change tor's behavior when it
- has default fallback directories. Includes unit tests for
- consider_adding_dir_servers(). Fixes bug 15642; bugfix on
- 90f6071d8dc0 in 0.2.4.7-alpha. Patch by "teor".
- o Minor bugfixes (controller):
- - Add the descriptor ID in each HS_DESC control event. It was
- missing, but specified in control-spec.txt. Fixes bug 15881;
- bugfix on 0.2.5.2-alpha.
- o Minor bugfixes (correctness):
- - For correctness, avoid modifying a constant string in
- handle_control_postdescriptor. Fixes bug 15546; bugfix
- on 0.1.1.16-rc.
- - Remove side-effects from tor_assert() calls. This was harmless,
- because we never disable assertions, but it is bad style and
- unnecessary. Fixes bug 15211; bugfix on 0.2.5.5, 0.2.2.36,
- and 0.2.0.10.
- - When calling channel_free_list(), avoid calling smartlist_remove()
- while inside a FOREACH loop. This partially reverts commit
- 17356fe7fd96af where the correct SMARTLIST_DEL_CURRENT was
- incorrectly removed. Fixes bug 16924; bugfix on 0.2.4.4-alpha.
- o Minor bugfixes (crypto error-handling, also in 0.2.6.10):
- - Check for failures from crypto_early_init, and refuse to continue.
- A previous typo meant that we could keep going with an
- uninitialized crypto library, and would have OpenSSL initialize
- its own PRNG. Fixes bug 16360; bugfix on 0.2.5.2-alpha, introduced
- when implementing ticket 4900. Patch by "teor".
- o Minor bugfixes (hidden service):
- - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on
- a client authorized hidden service. Fixes bug 15823; bugfix
- on 0.2.1.6-alpha.
- - Remove an extraneous newline character from the end of hidden
- service descriptors. Fixes bug 15296; bugfix on 0.2.0.10-alpha.
- o Minor bugfixes (Linux seccomp2 sandbox):
- - Use the sandbox in tor_open_cloexec whether or not O_CLOEXEC is
- defined. Patch by "teor". Fixes bug 16515; bugfix on 0.2.3.1-alpha.
- - Allow bridge authorities to run correctly under the seccomp2
- sandbox. Fixes bug 16964; bugfix on 0.2.5.1-alpha.
- - Add the "hidserv-stats" filename to our sandbox filter for the
- HiddenServiceStatistics option to work properly. Fixes bug 17354;
- bugfix on 0.2.6.2-alpha. Patch from David Goulet.
- o Minor bugfixes (Linux seccomp2 sandbox, also in 0.2.6.10):
- - Allow pipe() and pipe2() syscalls in the seccomp2 sandbox: we need
- these when eventfd2() support is missing. Fixes bug 16363; bugfix
- on 0.2.6.3-alpha. Patch from "teor".
- o Minor bugfixes (Linux seccomp2 sandbox, also in 0.2.6.9):
- - Allow systemd connections to work with the Linux seccomp2 sandbox
- code. Fixes bug 16212; bugfix on 0.2.6.2-alpha. Patch by
- Peter Palfrader.
- - Fix sandboxing to work when running as a relay, by allowing the
- renaming of secret_id_key, and allowing the eventfd2 and futex
- syscalls. Fixes bug 16244; bugfix on 0.2.6.1-alpha. Patch by
- Peter Palfrader.
- o Minor bugfixes (logging):
- - When building Tor under Clang, do not include an extra set of
- parentheses in log messages that include function names. Fixes bug
- 15269; bugfix on every released version of Tor when compiled with
- recent enough Clang.
- o Minor bugfixes (network):
- - When attempting to use fallback technique for network interface
- lookup, disregard loopback and multicast addresses since they are
- unsuitable for public communications.
- o Minor bugfixes (open file limit):
- - Fix set_max_file_descriptors() to set by default the max open file
- limit to the current limit when setrlimit() fails. Fixes bug
- 16274; bugfix on tor- 0.2.0.10-alpha. Patch by dgoulet.
- o Minor bugfixes (portability):
- - Check correctly for Windows socket errors in the workqueue
- backend. Fixes bug 16741; bugfix on 0.2.6.3-alpha.
- - Try harder to normalize the exit status of the Tor process to the
- standard-provided range. Fixes bug 16975; bugfix on every version
- of Tor ever.
- - Use libexecinfo on FreeBSD to enable backtrace support. Fixes part
- of bug 17151; bugfix on 0.2.5.2-alpha. Patch from Marcin Cieślak.
- o Minor bugfixes (relay):
- - Ensure that worker threads actually exit when a fatal error or
- shutdown is indicated. This fix doesn't currently affect the
- behavior of Tor, because Tor workers never indicates fatal error
- or shutdown except in the unit tests. Fixes bug 16868; bugfix
- on 0.2.6.3-alpha.
- - Fix a rarely-encountered memory leak when failing to initialize
- the thread pool. Fixes bug 16631; bugfix on 0.2.6.3-alpha. Patch
- from "cypherpunks".
- - Unblock threads before releasing the work queue mutex to ensure
- predictable scheduling behavior. Fixes bug 16644; bugfix
- on 0.2.6.3-alpha.
- o Minor bugfixes (security, exit policies):
- - ExitPolicyRejectPrivate now also rejects the relay's published
- IPv6 address (if any), and any publicly routable IPv4 or IPv6
- addresses on any local interfaces. ticket 17027. Patch by "teor".
- Fixes bug 17027; bugfix on 0.2.0.11-alpha.
- o Minor bugfixes (statistics):
- - Disregard the ConnDirectionStatistics torrc options when Tor is
- not a relay since in that mode of operation no sensible data is
- being collected and because Tor might run into measurement hiccups
- when running as a client for some time, then becoming a relay.
- Fixes bug 15604; bugfix on 0.2.2.35.
- o Minor bugfixes (systemd):
- - Tor's systemd unit file no longer contains extraneous spaces.
- These spaces would sometimes confuse tools like deb-systemd-
- helper. Fixes bug 16162; bugfix on 0.2.5.5-alpha.
- o Minor bugfixes (test networks):
- - When self-testing reachability, use ExtendAllowPrivateAddresses to
- determine if local/private addresses imply reachability. The
- previous fix used TestingTorNetwork, which implies
- ExtendAllowPrivateAddresses, but this excluded rare configurations
- where ExtendAllowPrivateAddresses is set but TestingTorNetwork is
- not. Fixes bug 15771; bugfix on 0.2.6.1-alpha. Patch by "teor",
- issue discovered by CJ Ess.
- o Minor bugfixes (tests, also in 0.2.6.9):
- - Fix a crash in the unit tests when built with MSVC2013. Fixes bug
- 16030; bugfix on 0.2.6.2-alpha. Patch from "NewEraCracker".
- o Code simplification and refactoring:
- - Change the function that's called when we need to retry all
- downloads so that it only reschedules the downloads to happen
- immediately, rather than launching them all at once itself. This
- further simplifies Tor's callgraph.
- - Define WINVER and _WIN32_WINNT centrally, in orconfig.h, in order
- to ensure they remain consistent and visible everywhere.
- - Move some format-parsing functions out of crypto.c and
- crypto_curve25519.c into crypto_format.c and/or util_format.c.
- - Move the client-only parts of init_keys() into a separate
- function. Closes ticket 16763.
- - Move the hacky fallback code out of get_interface_address6() into
- separate function and get it covered with unit-tests. Resolves
- ticket 14710.
- - Refactor hidden service client-side cache lookup to intelligently
- report its various failure cases, and disentangle failure cases
- involving a lack of introduction points. Closes ticket 14391.
- - Remove some vestigial workarounds for the MSVC6 compiler. We
- haven't supported that in ages.
- - Remove the unused "nulterminate" argument from buf_pullup().
- - Simplify the microdesc_free() implementation so that it no longer
- appears (to code analysis tools) to potentially invoke a huge
- suite of other microdesc functions.
- - Simply the control graph further by deferring the inner body of
- directory_all_unreachable() into a callback. Closes ticket 16762.
- - The link authentication code has been refactored for better
- testability and reliability. It now uses code generated with the
- "trunnel" binary encoding generator, to reduce the risk of bugs
- due to programmer error. Done as part of ticket 12498.
- - Treat the loss of an owning controller as equivalent to a SIGTERM
- signal. This removes a tiny amount of duplicated code, and
- simplifies our callgraph. Closes ticket 16788.
- - Use our own Base64 encoder instead of OpenSSL's, to allow more
- control over the output. Part of ticket 15652.
- - When generating an event to send to the controller, we no longer
- put the event over the network immediately. Instead, we queue
- these events, and use a Libevent callback to deliver them. This
- change simplifies Tor's callgraph by reducing the number of
- functions from which all other Tor functions are reachable. Closes
- ticket 16695.
- - Wrap Windows-only C files inside '#ifdef _WIN32' so that tools
- that try to scan or compile every file on Unix won't decide that
- they are broken.
- o Documentation:
- - Fix capitalization of SOCKS in sample torrc. Closes ticket 15609.
- - Improve the descriptions of statistics-related torrc options in
- the manpage to describe rationale and possible uses cases. Fixes
- issue 15550.
- - Improve the layout and formatting of ./configure --help messages.
- Closes ticket 15024. Patch from "cypherpunks".
- - Include a specific and (hopefully) accurate documentation of the
- torrc file's meta-format in doc/torrc_format.txt. This is mainly
- of interest to people writing programs to parse or generate torrc
- files. This document is not a commitment to long-term
- compatibility; some aspects of the current format are a bit
- ridiculous. Closes ticket 2325.
- - Include the TUNING document in our source tarball. It is referred
- to in the ChangeLog and an error message. Fixes bug 16929; bugfix
- on 0.2.6.1-alpha.
- - Note that HiddenServicePorts can take a unix domain socket. Closes
- ticket 17364.
- - Recommend a 40 GB example AccountingMax in torrc.sample rather
- than a 4 GB max. Closes ticket 16742.
- - Standardize on the term "server descriptor" in the manual page.
- Previously, we had used "router descriptor", "server descriptor",
- and "relay descriptor" interchangeably. Part of ticket 14987.
- - Advise users on how to configure separate IPv4 and IPv6 exit
- policies in the manpage and sample torrcs. Related to ticket 16069.
- - Fix an error in the manual page and comments for
- TestingDirAuthVoteHSDir[IsStrict], which suggested that a HSDir
- required "ORPort connectivity". While this is true, it is in no
- way unique to the HSDir flag. Of all the flags, only HSDirs need a
- DirPort configured in order for the authorities to assign that
- particular flag. Patch by "teor". Fixed as part of 14882; bugfix
- on 0.2.6.3-alpha.
- - Fix the usage message of tor-resolve(1) so that it no longer lists
- the removed -F option. Fixes bug 16913; bugfix on 0.2.2.28-beta.
- o Removed code:
- - Remove `USE_OPENSSL_BASE64` and the corresponding fallback code
- and always use the internal Base64 decoder. The internal decoder
- has been part of tor since 0.2.0.10-alpha, and no one should
- be using the OpenSSL one. Part of ticket 15652.
- - Remove the 'tor_strclear()' function; use memwipe() instead.
- Closes ticket 14922.
- - Remove the code that would try to aggressively flush controller
- connections while writing to them. This code was introduced in
- 0.1.2.7-alpha, in order to keep output buffers from exceeding
- their limits. But there is no longer a maximum output buffer size,
- and flushing data in this way caused some undesirable recursions
- in our call graph. Closes ticket 16480.
- - The internal pure-C tor-fw-helper tool is now removed from the Tor
- distribution, in favor of the pure-Go clone available from
- https://gitweb.torproject.org/tor-fw-helper.git/ . The libraries
- used by the C tor-fw-helper are not, in our opinion, very
- confidence- inspiring in their secure-programming techniques.
- Closes ticket 13338.
- o Removed features:
- - Remove the (seldom-used) DynamicDHGroups feature. For anti-
- fingerprinting we now recommend pluggable transports; for forward-
- secrecy in TLS, we now use the P-256 group. Closes ticket 13736.
- - Remove the HidServDirectoryV2 option. Now all relays offer to
- store hidden service descriptors. Related to 16543.
- - Remove the VoteOnHidServDirectoriesV2 option, since all
- authorities have long set it to 1. Closes ticket 16543.
- - Remove the undocumented "--digests" command-line option. It
- complicated our build process, caused subtle build issues on
- multiple platforms, and is now redundant since we started
- including git version identifiers. Closes ticket 14742.
- - Tor no longer contains checks for ancient directory cache versions
- that didn't know about microdescriptors.
- - Tor no longer contains workarounds for stat files generated by
- super-old versions of Tor that didn't choose guards sensibly.
- o Testing:
- - The test-network.sh script now supports performance testing.
- Requires corresponding chutney performance testing changes. Patch
- by "teor". Closes ticket 14175.
- - Add a new set of callgraph analysis scripts that use clang to
- produce a list of which Tor functions are reachable from which
- other Tor functions. We're planning to use these to help simplify
- our code structure by identifying illogical dependencies.
- - Add new 'test-full' and 'test-full-online' targets to run all
- tests, including integration tests with stem and chutney.
- - Autodetect CHUTNEY_PATH if the chutney and Tor sources are side-
- by-side in the same parent directory. Closes ticket 16903. Patch
- by "teor".
- - Document use of coverity, clang static analyzer, and clang dynamic
- undefined behavior and address sanitizers in doc/HACKING. Include
- detailed usage instructions in the blacklist. Patch by "teor".
- Closes ticket 15817.
- - Make "bridges+hs" the default test network. This tests almost all
- tor functionality during make test-network, while allowing tests
- to succeed on non-IPv6 systems. Requires chutney commit 396da92 in
- test-network-bridges-hs. Closes tickets 16945 (tor) and 16946
- (chutney). Patches by "teor".
- - Make the test-workqueue test work on Windows by initializing the
- network before we begin.
- - New make target (make test-network-all) to run multiple applicable
- chutney test cases. Patch from Teor; closes 16953.
- - Now that OpenSSL has its own scrypt implementation, add an unit
- test that checks for interoperability between libscrypt_scrypt()
- and OpenSSL's EVP_PBE_scrypt() so that we could not use libscrypt
- and rely on EVP_PBE_scrypt() whenever possible. Resolves
- ticket 16189.
- - The link authentication protocol code now has extensive tests.
- - The relay descriptor signature testing code now has
- extensive tests.
- - The test_workqueue program now runs faster, and is enabled by
- default as a part of "make check".
- - Unit test dns_resolve(), dns_clip_ttl() and dns_get_expiry_ttl()
- functions in dns.c. Implements a portion of ticket 16831.
- - Use environment variables rather than autoconf substitutions to
- send variables from the build system to the test scripts. This
- change should be easier to maintain, and cause 'make distcheck' to
- work better than before. Fixes bug 17148.
- - When building Tor with testing coverage enabled, run Chutney tests
- (if any) using the 'tor-cov' coverage binary.
- - When running test-network or test-stem, check for the absence of
- stem/chutney before doing any build operations.
- - Add a test to verify that the compiler does not eliminate our
- memwipe() implementation. Closes ticket 15377.
- - Add make rule `check-changes` to verify the format of changes
- files. Closes ticket 15180.
- - Add unit tests for control_event_is_interesting(). Add a compile-
- time check that the number of events doesn't exceed the capacity
- of control_event_t.event_mask. Closes ticket 15431, checks for
- bugs similar to 13085. Patch by "teor".
- - Command-line argument tests moved to Stem. Resolves ticket 14806.
- - Integrate the ntor, backtrace, and zero-length keys tests into the
- automake test suite. Closes ticket 15344.
- - Remove assertions during builds to determine Tor's test coverage.
- We don't want to trigger these even in assertions, so including
- them artificially makes our branch coverage look worse than it is.
- This patch provides the new test-stem-full and coverage-html-full
- configure options. Implements ticket 15400.
- - New TestingDirAuthVote{Exit,Guard,HSDir}IsStrict flags to
- explicitly manage co
|