Fold more things into the 0.2.6.2-alpha changelog

ChangeLog

@@ -18,6 +18,10 @@ Changes in version 0.2.6.2-alpha - 2014-12-??
       implements ticket 9262.
 
   o Major features (hidden services):
+    - Make HS port scanning more difficult by sending back REASON_DONE
+      if the exit policy didn't match. Furthermore, immediately close
+      the circuit to slow down port scanning attempts. Closes
+      ticket 13667.
     - Add a HiddenServiceStatistics option that allows Tor relays to
       gather and publish statistics the overall size and volume of
       hidden service usage. Specifically, when this option is turned on,
@@ -30,6 +34,13 @@ Changes in version 0.2.6.2-alpha - 2014-12-??
       proposal 238, "Better hidden service stats from Tor relays". This
       feature is currently disabled by default. Implements feature 13192.
 
+  o Major bugfixes (client, automap):
+    - Repair automapping with IPv6 addresses; this automapping should
+      have worked previously, but one piece of debugging code that we
+      inserted to detect a regression actually caused the regression to
+      manifest itself again. Fixes bug 13811; bugfix on 0.2.4.7-alpha.
+      Diagnosed and fixed by Francisco Blas Izquierdo Riera.
+
   o Major bugfixes (hidden services):
     - When closing an introduction circuit that was opened in parallel
       with others, don't mark the introduction point as unreachable.
@@ -37,6 +48,12 @@ Changes in version 0.2.6.2-alpha - 2014-12-??
       point would make the other introduction points get marked as
       having timed out. Fixes bug 13698; bugfix on 0.0.6rc2.
 
+  o Major removed features:
+    - Tor clients no longer support connecting to hidden services
+      running on Tor 0.2.2.x and earlier; the Support022HiddenServices
+      option has been removed. (There shouldn't be any hidden services
+      running these versions on the network.) Closes ticket 7803.
+
   o Minor features (client):
     - Validate hostnames in SOCKS5 requests more strictly. If SafeSocks
       is enabled, reject requests with IP addresses as hostnames.
@@ -63,9 +80,29 @@ Changes in version 0.2.6.2-alpha - 2014-12-??
       directories and hostname files to be created group-readable. Patch
       from "anon", David Stainton, and "meejah". Closes ticket 11291.
 
-  o Minor features (transparent firewall):
+  o Minor features (systemd):
+    - Where supported, when running with systemd, report successful
+      startup to systemd. Part of ticket 11016. Patch by Michael Scherer.
+    - When running with systemd, support systemd watchdog messages. Part
+      of ticket 11016. Patch by Michael Scherer.
+
+  o Minor features (transparent proxy):
     - Update the transparent proxy option checks to allow for both ipfw
       and pf on OS X. Closes ticket 14002.
+    - Use the correct option when using IPv6 with transparent proxy
+      support on Linux. Resolves 13808. Patch by Francisco Blas
+      Izquierdo Riera.
+
+  o Minor bugfixes (preventative security, C safety):
+    - When reading a hexadecimal, base-32, or base-64 encoded value from
+      a string, always overwrite the complete output buffer. This
+      prevents some bugs where we would look at (but fortunately, not
+      reveal) uninitialized memory on the stack. Fixes bug 14013; bugfix
+      on all versions of Tor.
+    - Clear all memory targetted by tor_addr_{to,from}_sockaddr(), not
+      just the part that's used. This makes it harder for data leak bugs
+      to occur in the event of other programming failures. Resolves
+      ticket 14041.
 
   o Minor bugfixes (client, micordescriptors):
     - Use a full 256 bits of the SHA256 digest of a microdescriptor when
@@ -103,6 +140,11 @@ Changes in version 0.2.6.2-alpha - 2014-12-??
       directories. Fixes bug 13214; bugfix on 0.2.1.6-alpha. Reported
       by "special".
 
+  o Minor bugfixes (Linux seccomp2 sandbox):
+    - Make transparent proxy support work along with the seccomp2
+      sandbox. Fixes part of bug 13808; bugfix on 0.2.5.1-alpha. Patch
+      by Francisco Blas Izquierdo Riera.
+
   o Minor bugfixes (logging):
     - Downgrade warnings about RSA signature failures to info log level.
       Emit a warning when extra info document is found incompatible with
@@ -118,6 +160,56 @@ Changes in version 0.2.6.2-alpha - 2014-12-??
       our address-range parsing code. Fixes bug 7484; bugfix
       on 0.0.2pre14.
 
+  o Minor bugfixes (testing networks):
+    - Allow Tor to build circuits using a consensus with no exits. If
+      the consensus has no exits (typical of a bootstrapping test
+      network), allow Tor to build circuits once enough descriptors have
+      been downloaded. This assists in bootstrapping a testing Tor
+      network. Fixes bug 13718; bugfix on 0.2.4.10-alpha. Patch
+      by "teor".
+    - When V3AuthVotingInterval is low, give a lower If-Modified-Since
+      header to directory servers. This allows us to obtain consensuses
+      promptly when the consensus interval is very short. This assists
+      in bootstrapping a testing Tor network. Fixes parts of bugs 13718
+      and 13963; bugfix on 0.2.0.3-alpha. Patch by "teor".
+    - Stop assuming that private addresses are local when checking
+      reachability in a TestingTorNetwork. Instead, when testing, assume
+      all OR connections are remote. (This is necessary due to many test
+      scenarios running all nodes on localhost.) This assists in
+      bootstrapping a testing Tor network. Fixes bug 13924; bugfix on
+      0.1.0.1-rc. Patch by "teor".
+    - Avoid building exit circuits from a consensus with no exits. Now
+      thanks to our fix for 13718, we accept a no-exit network as not
+      wholly lost, but we need to remember not to try to build exit
+      circuits on it. Closes ticket 13814; patch by "teor".
+    - Stop requiring exits to have non-zero bandwithcapacity in a
+      TestingTorNetwork. Instead, when TestingMinExitFlagThreshold is 0,
+      ignore exit bandwidthcapacity. This assists in bootstrapping a
+      testing Tor network. Fixes parts of bugs 13718 and 13839; bugfix
+      on 0.2.0.3-alpha. Patch by "teor".
+    - Add "internal" to some bootstrap statuses when no exits are
+      available. If the consensus does not contain Exits, Tor will only
+      build internal circuits. In this case, relevant statuses will
+      contain the word "internal" as indicated in the Tor control-
+      spec.txt. When bootstrap completes, Tor will be ready to handle an
+      application requesting an internal circuit to hidden services at
+      ".onion" addresses. If a future consensus contains Exits, exit
+      circuits may become available. Fixes part of bug 13718; bugfix on
+      0.2.4.10-alpha. Patch by "teor".
+    - Decrease minimum consensus interval to 10 seconds when
+      TestingTorNetwork is set, or 5 seconds for the first consensus.
+      Fix assumptions throughout the code that assume larger interval
+      values. This assists in quickly bootstrapping a testing Tor
+      network. Fixes bugs 13718 and 13823; bugfix on 0.2.0.3-alpha.
+      Patch by "teor".
+    - Avoid excluding guards from path building in minimal test
+      networks, when we're in a test network, and excluding guards would
+      exclude all nodes. This typically occurs in incredibly small tor
+      networks, and those using TestingAuthVoteGuard * This fix only
+      applies to minimal, testing tor networks, so it's no less secure.
+      Fixes part of bug 13718; bugfix on 0.1.1.11-alpha. Patch
+      by "teor".
+
   o Code simplification and refactoring:
     - Stop using can_complete_circuits as a global variable; access it
       with a function instead.
@@ -153,12 +245,10 @@ Changes in version 0.2.6.2-alpha - 2014-12-??
       good idea. Also, properly cross-reference how to specify nodes in
       all parts of the manual for options that take a list of nodes.
       Closes ticket 13381.
-
-  o Major removed features:
-    - Tor clients no longer support connecting to hidden services
-      running on Tor 0.2.2.x and earlier; the Support022HiddenServices
-      option has been removed. (There shouldn't be any hidden services
-      running these versions on the network.) Closes ticket 7803.
+    - Clarify HiddenServiceDir option description in manpage to make it
+      clear that relative paths are taken with respect to the current
+      working directory of Tor instance. Also clarify that this behavior
+      is not guaranteed to remain indefinitely. Fixes issue 13913.
 
   o Testing:
     - New tests for many parts of channel, relay, and circuit mux
@@ -168,6 +258,8 @@ Changes in version 0.2.6.2-alpha - 2014-12-??
       test temporary directory to the current user, so that the sticky
       bit doesn't interfere with tests that check directory groups.
       Closes 13678.
+    - Add unit tests for resolve_my_addr(). Part of ticket 12376; patch
+      by 'rl1987'.
 
 
 Changes in version 0.2.6.1-alpha - 2014-10-30

changes/bug13667

@@ -1,6 +0,0 @@
- o Major features (security, hidden services):
-   - Make HS port scanning more difficult by sending back REASON_DONE if the
-     exit policy didn't match. Furthermore, immediately close the circuit to
-     avoid other connection attempts on it from the possible attacker trying
-     multiple ports on that same circuits. Closes ticket 13667.
-

changes/bug13718-add-internal-bootstrap-statuses

@@ -1,9 +0,0 @@
-  o Minor bugfixes (Testing networks):
-    - Add "internal" to some bootstrap statuses when no exits are available.
-      If the consensus does not contain Exits, Tor will only build internal
-      circuits. In this case, relevant statuses will contain the word
-      "internal" as indicated in the Tor control-spec.txt. When bootstrap
-      completes, Tor will be ready to handle an application requesting an
-      internal circuit to hidden services at ".onion" addresses.
-      If a future consensus contains Exits, exit circuits may become available.
-      Fixes part of bug 13718; bugfix on 0.2.4.10-alpha. Patch by "teor".

changes/bug13718-avoid-excluding-guards

@@ -1,8 +0,0 @@
-  o Minor bugfixes (Test networks):
-    - Avoid excluding guards from path building in minimal test networks,
-      when we're in a test network, and excluding guards would exclude
-      all nodes. This typically occurs in incredibly small tor networks,
-      and those using TestingAuthVoteGuard *
-      This fix only applies to minimal, testing tor networks,
-      so it's no less secure.
-      Fixes part of bug 13718; bugfix on 0.1.1.11-alpha. Patch by "teor".

changes/bug13808

@@ -1,9 +0,0 @@
-  o Minor features (transparent proxy):
-    - Use the correct option when using IPv6 with transparent proxy
-      support on Linux.  Resolves 13808. Patch by Francisco Blas
-      Izquierdo Riera.
-
-  o Minor bugfixes (sandbox):
-    - Make transparent proxy support work along with the seccomp2
-      sandbox. Fixes part of bug 13808; bugfix on 0.2.5.1-alpha.
-      Patch by Francisco Blas Izquierdo Riera.

changes/bug13811

@@ -1,6 +0,0 @@
-  o Major bugfixes (client, automap):
-    - Repair automapping with IPv6 addresses; this automapping should
-      have worked previously, but one piece of debugging code that we
-      inserted to detect a regression actually caused the regression
-      to manifest itself again. Fixes bug 13811; bugfix on
-      0.2.4.7-alpha. Diagnosed and fixed by Francisco Blas Izquierdo Riera.

changes/bug13814-avoid-exit-paths-no-exits

@@ -1,8 +0,0 @@
-  o Minor features (Testing networks):
-    - Avoid building exit circuits from a consensus with no exits.
-      Now thanks to our fix for 13718,
-      we accept a no-exit network as not wholly lost, but
-      we need to remember not to try to build exit circuits on it.
-      Closes ticket 13814;
-      patch by "teor".
-

changes/bug13814-reachability-without-exits

@@ -1,9 +0,0 @@
-  o Minor bugfixes (Testing networks):
-    - Allow Tor to build circuits using a consensus with
-      no exits. If the consensus has no exits (typical of
-      a bootstrapping test network), allow Tor to build
-      circuits once enough descriptors have been
-      downloaded.
-      This assists in bootstrapping a testing Tor
-      network.
-      Fixes bug 13718; bugfix on 0.2.4.10-alpha. Patch by "teor".

changes/bug13823-decrease-consensus-interval

@@ -1,9 +0,0 @@
-  o Minor bugfixes (Testing networks):
-    - Decrease minimum consensus interval to 10 seconds
-      when TestingTorNetwork is set, or 5 seconds for
-      the first consensus.
-      Fix assumptions throughout the code that assume larger interval values.
-      This assists in quickly bootstrapping a testing
-      Tor network.
-      Fixes bugs 13718 and 13823; bugfix on 0.2.0.3-alpha.
-      Patch by "teor".

changes/bug13839-fix-TestingMinExitFlagThreshold

@@ -1,7 +0,0 @@
-  o Minor bugfixes (Testing networks)
-    - Stop requiring exits to have non-zero bandwithcapacity in a
-      TestingTorNetwork. Instead, when TestingMinExitFlagThreshold is 0,
-      ignore exit bandwidthcapacity.
-      This assists in bootstrapping a testing Tor network.
-      Fixes parts of bugs 13718 and 13839;
-      bugfix on 0.2.0.3-alpha. Patch by "teor".

changes/bug13913

@@ -1,7 +0,0 @@
-  o Documentation:
-    - Clarify HiddenServiceDir option description in manpage to make it
-      clear that relative paths are taken with respect to the current
-      working
-      directory of Tor instance. Also clarify that this behavior is
-      not guaranteed to remain indefinitely. Fixes
-      issue 13913.

changes/bug13924-fix-testing-reachability

@@ -1,7 +0,0 @@
-  o Minor bugfixes (Testing networks)
-    - Stop assuming that private addresses are local when checking
-      reachability in a TestingTorNetwork. Instead, when testing, assume
-      all OR connections are remote. (This is necessary due to many test
-      scenarios running all nodes on localhost.)
-      This assists in bootstrapping a testing Tor network.
-      Fixes bug 13924; bugfix on 0.1.0.1-rc. Patch by "teor".

changes/bug13963-decrease-if-modified-since-delay

@@ -1,8 +0,0 @@
-  o Minor bugfixes:
-    - When V3AuthVotingInterval is low, decrease the delay on the
-      If-Modified-Since header passed to directory servers.
-      This allows us to obtain consensuses promptly when the consensus
-      interval is very short.
-      This assists in bootstrapping a testing Tor network.
-      Fixes parts of bugs 13718 and 13963; bugfix on 0.2.0.3-alpha.
-      Patch by "teor".

changes/bug14013

@@ -1,6 +0,0 @@
-  o Major bugfixes:
-    - When reading a hexadecimal, base-32, or base-64 encoded value
-      from a string, always overwrite the complete output buffer. This
-      prevents some bugs where we would look at (but fortunately, not
-      reveal) uninitialized memory on the stack. Fixes bug 14013;
-      bugfix on all versions of Tor.

changes/bug14041

@@ -1,5 +0,0 @@
-  o Minor features (security):
-    - Clear all memory targetted by tor_addr_{to,from}_sockaddr(),
-      not just the part that's used. This makes it harder for data leak
-      bugs to occur in the event of other programming failures.
-      Resolves ticket 14041.

changes/resolvemyaddr-tests

@@ -1,3 +0,0 @@
-  o Testing:
-    - Add unit tests for resolve_my_addr(). Part of ticket 12376;
-      patch by 'rl1987'.

changes/ticket11016

@@ -1,6 +0,0 @@
-  o Minor features (systemd):
-    - Where supported, when running with systemd, report successful
-      startup to systemd. Part of ticket 11016. Patch by Michael
-      Scherer.
-    - When running with systemd, support systemd watchdog messages.
-      Part of ticket 11016. Patch by Michael Scherer.