|
|
@@ -1,3 +1,118 @@
|
|
|
+Changes in version 0.4.1.2-alpha - 2019-06-05
|
|
|
+ Tor 0.4.1.2-alpha resolves numerous bugs--some of them from the previous
|
|
|
+ alpha, and some much older. It also contains minor testing improvements,
|
|
|
+ and an improvement to the security of our authenticated sendme
|
|
|
+ implementation.
|
|
|
+
|
|
|
+ o Major bugfixes (bridges):
|
|
|
+ - Consider our directory information to have changed when our list of
|
|
|
+ bridges changes. Previously, Tor would not re-compute the status of its
|
|
|
+ directory information when bridges changed, and therefore would not
|
|
|
+ realize that it was no longer able to build circuits. Fixes part of bug
|
|
|
+ 29875.
|
|
|
+ - Do not count previously configured working bridges towards our total of
|
|
|
+ working bridges. Previously, when Tor's list of bridges changed, it
|
|
|
+ would think that the old bridges were still usable, and delay fetching
|
|
|
+ router descriptors for the new ones. Fixes part of bug 29875; bugfix
|
|
|
+ on 0.3.0.1-alpha.
|
|
|
+
|
|
|
+ o Major bugfixes (Flow Control, SENDME):
|
|
|
+ - The decrement of the stream-level package window was done in a log_debug()
|
|
|
+ statement meaning that if the debug logs were not enabled, the decrement
|
|
|
+ would never happen and thus the window would be out of sync with the other
|
|
|
+ end point. Fixes bug 30628; bugfix on 0.4.1.1-alpha.
|
|
|
+
|
|
|
+ o Major bugfixes (Onion service reachability):
|
|
|
+ - Properly clean up the introduction point map and associated state when
|
|
|
+ circuits change purpose from onion service circuits to pathbias,
|
|
|
+ measurement, or other circuit types. This should fix some instances of
|
|
|
+ introduction point failure. Fixes bug 29034; bugfix on 0.3.2.1-alpha.
|
|
|
+
|
|
|
+ o Minor features (authenticated SENDME):
|
|
|
+ - Ensure that there is enough randomness on every circuit
|
|
|
+ to prevent an attacker from successfully predicting what SENDME cells
|
|
|
+ they will need to send: at a random interval, if we have not send
|
|
|
+ randomness already, leave some extra space at the end of a cell that
|
|
|
+ we can fill with random bytes. Closes ticket 26846.
|
|
|
+
|
|
|
+ o Minor features (continuous integration):
|
|
|
+ - When running coverage builds on Travis, we now set TOR_TEST_RNG_SEED,
|
|
|
+ to avoid RNG-based coverage differences.
|
|
|
+ Part of ticket 28878.
|
|
|
+
|
|
|
+ o Minor features (maintenance):
|
|
|
+ - Add a new "make autostyle" target that developers can use to
|
|
|
+ apply all automatic Tor style and consistency conversions to the
|
|
|
+ codebase. Closes ticket 30539.
|
|
|
+
|
|
|
+ o Minor features (testing):
|
|
|
+ - The circuitpadding tests now use a reproducible RNG implementation,
|
|
|
+ so that if a test fails, we can learn why. Part of ticket 28878.
|
|
|
+ - Tor's tests now support an environment variable, TOR_TEST_RNG_SEED,
|
|
|
+ to set the RNG seed for tests that use a reproducible RNG.
|
|
|
+ Part of ticket 28878.
|
|
|
+ - When running tests in coverage mode, take additional care to make
|
|
|
+ our coverage deterministic, so that we can accurately track changes in
|
|
|
+ code coverage. Closes ticket 30519.
|
|
|
+
|
|
|
+ o Minor bugfixes (configuration, proxies):
|
|
|
+ - Fix a bug that prevented us from supporting SOCKS5 proxies that want
|
|
|
+ authentication along with configured (but unused!)
|
|
|
+ ClientTransportPlugins. Fixes bug 29670; bugfix on 0.2.6.1-alpha.
|
|
|
+
|
|
|
+ o Minor bugfixes (controller):
|
|
|
+ - POSTDESCRIPTOR requests should work again. Previously, they were
|
|
|
+ broken if a "purpose=" flag was specified. Fixes bug 30580;
|
|
|
+ bugfix on 0.4.1.1-alpha.
|
|
|
+ - Repair the HSFETCH command so that it works again. Previously, it
|
|
|
+ expected a body when it shouldn't have. Fixes bug 30646; bugfix on
|
|
|
+ 0.4.1.1-alpha.
|
|
|
+
|
|
|
+ o Minor bugfixes (developer tooling):
|
|
|
+ - Fix pre-push hook to refrain from rejecting fixup and squash commits
|
|
|
+ when pushing to non-upstream git remote. Fixes bug 30286; bugfix on
|
|
|
+ 0.4.0.1-alpha.
|
|
|
+
|
|
|
+ o Minor bugfixes (directory authority):
|
|
|
+ - Move the "bandwidth-file-headers" line in directory authority votes
|
|
|
+ so that it conforms to dir-spec.txt. Fixes bug 30316; bugfix on
|
|
|
+ 0.3.5.1-alpha.
|
|
|
+
|
|
|
+ o Minor bugfixes (NetBSD):
|
|
|
+ - Fix usage of minherit() on NetBSD and other platforms that define
|
|
|
+ MAP_INHERIT_{ZERO,NONE} instead of INHERIT_{ZERO,NONE}. Fixes bug
|
|
|
+ 30614; bugfix on 0.4.0.2-alpha. Patch from Taylor Campbell.
|
|
|
+
|
|
|
+ o Minor bugfixes (out-of-memory handler):
|
|
|
+ - When purging the DNS cache because of an out-of-memory condition,
|
|
|
+ try purging just the older entries at first. Previously, we would
|
|
|
+ purge the whole thing. Fixes bug 29617; bugfix on 0.3.5.1-alpha.
|
|
|
+
|
|
|
+ o Minor bugfixes (portability):
|
|
|
+ - Avoid crashing in our tor_vasprintf() implementation on systems that
|
|
|
+ define neither vasprintf() nor _vscprintf(). (This bug has been here
|
|
|
+ long enough that we question whether people are running Tor on such
|
|
|
+ systems, but we're applying the fix out of caution.) Fixes bug 30561;
|
|
|
+ bugfix on 0.2.8.2-alpha. Found and fixed by Tobias Stoeckmann.
|
|
|
+
|
|
|
+ o Minor bugfixes (shutdown, libevent, memory safety):
|
|
|
+ - Avoid use-after-free bugs when shutting down, by making sure that we
|
|
|
+ shut down libevent only after shutting down all of its users. We
|
|
|
+ believe these are harmless in practice, since they only occur on the
|
|
|
+ shutdown path, and do not involve any attacker-controlled data. Fixes
|
|
|
+ bug 30629; bugfix on 0.4.1.1-alpha.
|
|
|
+
|
|
|
+ o Minor bugfixes (static analysis):
|
|
|
+ - Fix several spurious Coverity warnings about the unit tests, to lower our
|
|
|
+ chances of missing any real warnings in the future. Fixes bug 30150;
|
|
|
+ bugfix on 0.3.5.1-alpha and various other Tor versions.
|
|
|
+
|
|
|
+ o Testing:
|
|
|
+ - Specify torrc paths (with empty files) when launching tor in
|
|
|
+ integration tests; refrain from reading user and system torrcs.
|
|
|
+ Resolves issue 29702.
|
|
|
+
|
|
|
+
|
|
|
Changes in version 0.4.1.1-alpha - 2019-05-22
|
|
|
This is the first alpha in the 0.4.1.x series. It introduces
|
|
|
lightweight circuit padding to make some onion-service circuits harder
|
Nick Mathewson