Run format_changelog

This commit is contained in:
Nick Mathewson 2020-10-30 10:59:14 -04:00
parent e6d3836d96
commit 4c165aca04

578
ChangeLog
View File

@ -1,168 +1,161 @@
Changes in version 0.4.5.1-alpha - 2020-10-30 Changes in version 0.4.5.1-alpha - 2020-10-30
Tor 0.4.5.1-alpha is the first alpha release in the 0.4.5.x series. Tor 0.4.5.1-alpha is the first alpha release in the 0.4.5.x series. It
It improves support for IPv6, address discovery and self-testing, code improves support for IPv6, address discovery and self-testing, code
metrics and tracing. metrics and tracing.
Here are the changes since 0.4.4.5. Here are the changes since 0.4.4.5.
o Major features (IPv6, relay): - The "optimistic data" feature is now always on; there is no longer
- The torrc option Address now supports IPv6. By doing so, we've also an option to disable it from the torrc file or from the consensus
unified the interface to find our address to support IPv4, IPv6 and directory. Closes part of 40139. - The "usecreatefast" network
hostname. Closes ticket 33233. parameter is now removed; there is no longer an option for authorities
to turn it off. Closes part of 40139.
o Major features (relay, IPv6):
- Relays now automatically bind on IPv6 for their ORPort unless specified
otherwise with the IPv4Only flag. Closes ticket 33246.
o Major features (tracing):
- Add a tracing library with USDT and LTTng-UST support. Few tracepoints
were added in the circuit subsystem. More will come incrementally. This
feature is compiled out by default. It needs to be enabled at configure
time. See documentation in doc/HACKING/Tracing.md. Closes ticket 32910.
o Major features (IPv6, relay): o Major features (IPv6, relay):
- Launch IPv4 and IPv6 ORPort self-test circuits on relays and bridges. - The torrc option Address now supports IPv6. By doing so, we've
Closes ticket 33222. also unified the interface to find our address to support IPv4,
IPv6 and hostname. Closes ticket 33233.
- Launch IPv4 and IPv6 ORPort self-test circuits on relays and
bridges. Closes ticket 33222.
o Major features (metrics): o Major features (metrics):
- Introduce a new MetricsPort which exposes, through an HTTP GET /metrics, a - Introduce a new MetricsPort which exposes, through an HTTP GET
series of metrics that tor collects at runtime. At the moment, the only /metrics, a series of metrics that tor collects at runtime. At the
supported output format is Prometheus data model. Closes ticket 40063; moment, the only supported output format is Prometheus data model.
Closes ticket 40063;
o Major features (relay self-testing, IPv6): o Major features (relay self-testing, IPv6):
- Relays now track their IPv6 ORPort separately from the reachability of - Relays now track their IPv6 ORPort separately from the reachability
their IPv4 ORPort. They will not publish a descriptor unless _both_ of their IPv4 ORPort. They will not publish a descriptor unless
ports appear to be externally reachable. Closes ticket 34067. _both_ ports appear to be externally reachable. Closes
ticket 34067.
o Major features (relay, IPv6): o Major features (relay, IPv6):
- Relays now automatically bind on IPv6 for their ORPort unless
specified otherwise with the IPv4Only flag. Closes ticket 33246.
- When a relay with IPv6 support opens a connection to another - When a relay with IPv6 support opens a connection to another
relay, and the extend cell lists both IPv4 and IPv6 addresses, the relay, and the extend cell lists both IPv4 and IPv6 addresses, the
first relay now picks randomly which address to use. Closes first relay now picks randomly which address to use. Closes
ticket 33220. ticket 33220.
o Major features (tracing):
- Add a tracing library with USDT and LTTng-UST support. Few
tracepoints were added in the circuit subsystem. More will come
incrementally. This feature is compiled out by default. It needs
to be enabled at configure time. See documentation in
doc/HACKING/Tracing.md. Closes ticket 32910.
o Major bugfix (TLS, buffer): o Major bugfix (TLS, buffer):
- When attempting to read N bytes on a TLS connection, really try to read - When attempting to read N bytes on a TLS connection, really try to
those N bytes. Before that, Tor would stop reading after the first TLS read those N bytes. Before that, Tor would stop reading after the
record which can be smaller than N bytes even though more data was waiting first TLS record which can be smaller than N bytes even though
on the TLS connection socket. The remaining data would have been read at more data was waiting on the TLS connection socket. The remaining
the next mainloop event. Fixes bug 40006; bugfix on 0.1.0.5-rc. data would have been read at the next mainloop event. Fixes bug
40006; bugfix on 0.1.0.5-rc.
o Minor features (address discovery): o Minor features (address discovery):
- If no Address statements are found, relays now prioritize guessing their - If no Address statements are found, relays now prioritize guessing
address by looking at the local interface instead of the local hostname. their address by looking at the local interface instead of the
If the interface address can't be found, the local hostname is used. local hostname. If the interface address can't be found, the local
Closes ticket 33238. hostname is used. Closes ticket 33238.
o Minor features (admin tools):
- Add new --format argument to -key-expiration option to allow
specifying the time format of expiration date. Adds Unix timestamp
format support. Patch by Daniel Pinto. Closes ticket 30045.
o Minor features (authorities):
- Authorities now list a different set of protocols as required and
recommended. These lists are chosen so that only truly recommended
and/or required protocols are included, and so that clients using
0.2.9 or later will continue to work (even though they are not
supported), whereas only relays running 0.3.5 or later will meet
the requirements. Closes ticket 40162.
o Minor features (bootstrap reporting):
- When reporting bootstrapping status on a relay, do not consider
connections that have never been the target of an origin circuit.
Previously, all connection failures were treated as potential
bootstrapping failures, including those that had been opened
because of client requests. Closes ticket 25061.
o Minor features (build):
- If the configure script has given any warnings, remind the user
about them at the end of the script. Related to 40138.
- When running the configure script, try to detect version
mismatches between the openssl headers and libraries, and suggest
that the user should try "--with-openssl-dir". Closes 40138.
o Minor features (compilation):
- When building Tor, first link all object files into a single
static library. This may help with embedding Tor in other
programs. Note that most Tor functions do not constitute a part of
a stable or supported API: Only those functions in tor_api.h
should be used if embedding Tor. Closes ticket 40127.
o Minor features (configuration): o Minor features (configuration):
- Allow the using wildcards (* and ?) with the %include option on - Allow the using wildcards (* and ?) with the %include option on
configuration files. Closes ticket 25140. Patch by Daniel Pinto. configuration files. Closes ticket 25140. Patch by Daniel Pinto.
- Allows configuration options EntryNodes, ExcludeNodes, - Allows configuration options EntryNodes, ExcludeNodes,
ExcludeExitNodes, ExitNodes, MiddleNodes, HSLayer2Nodes and ExcludeExitNodes, ExitNodes, MiddleNodes, HSLayer2Nodes and
HSLayer3Nodes to be specified multiple times. Closes ticket HSLayer3Nodes to be specified multiple times. Closes ticket 28361.
28361. Patch by Daniel Pinto. Patch by Daniel Pinto.
o Minor features (control port):
- Add a DROPTIMEOUTS control port command to drop circuit build timeout
history and reset the timeout. Closes ticket 40002.
o Minor features (directory authorities):
- Create new consensus method that removes the unecessary = padding
from ntor-onion-key. Closes ticket 7869. Patch by Daniel Pinto.
o Minor features (relay):
- If a relay is unable to discover its address, attempt to learn it from the
NETINFO cell. Closes ticket 40022.
o Minor features (relay, address discovery):
- If Address is not found in torrc, attempt to learn our address with the
configured ORPort address if any. Closes ticket 33236.
o Minor features (admin tools):
- Add new --format argument to -key-expiration option to allow
specifying the time format of expiration date. Adds Unix
timestamp format support. Patch by Daniel Pinto. Closes
ticket 30045.
o Minor features (authorities):
- Authorities now list a different set of protocols as required and
recommended. These lists are chosen so that only truly recommended
and/or required protocols are included, and so that clients using 0.2.9
or later will continue to work (even though they are not supported),
whereas only relays running 0.3.5 or later will meet the requirements.
Closes ticket 40162.
o Minor features (bootstrap reporting):
- When reporting bootstrapping status on a relay, do not consider
connections that have never been the target of an origin circuit.
Previously, all connection failures were treated as potential
bootstrapping failures, including those that had been opened because of
client requests. Closes ticket 25061.
o Minor features (build):
- If the configure script has given any warnings, remind the user about
them at the end of the script. Related to 40138.
- When running the configure script, try to detect version mismatches
between the openssl headers and libraries, and suggest that the
user should try "--with-openssl-dir". Closes 40138.
o Minor features (compilation):
- When building Tor, first link all object files into a single
static library. This may help with embedding Tor in other
programs. Note that most Tor functions do not constitute a
part of a stable or supported API: Only those functions in
tor_api.h should be used if embedding Tor. Closes ticket
40127.
o Minor features (control port): o Minor features (control port):
- Add a DROPTIMEOUTS control port command to drop circuit build
timeout history and reset the timeout. Closes ticket 40002.
- When a stream enters the AP_CONN_STATE_CONTROLLER_WAIT status, - When a stream enters the AP_CONN_STATE_CONTROLLER_WAIT status,
send a control port event CONTROLLER_WAIT. Closes ticket 32190. send a control port event CONTROLLER_WAIT. Closes ticket 32190.
Patch by Neel Chauhan. Patch by Neel Chauhan.
o Minor features (control port, relay): o Minor features (control port, relay):
- Introduce "GETINFO address/v4" and "GETINFO address/v6" in the control - Introduce "GETINFO address/v4" and "GETINFO address/v6" in the
port to fetch the Tor host's respective IPv4 or IPv6 address. We keep control port to fetch the Tor host's respective IPv4 or IPv6
"GETINFO address" for backwords-compatibility which retains the current address. We keep "GETINFO address" for backwords-compatibility
behavior. Closes ticket 40039. Patch by Neel Chauhan. which retains the current behavior. Closes ticket 40039. Patch by
Neel Chauhan.
o Minor features (control port, rephist): o Minor features (control port, rephist):
- Introduce GETINFO "stats/ntor/{assigned/requested}" and - Introduce GETINFO "stats/ntor/{assigned/requested}" and
"stats/tap/{assigned/requested}" to get the NTorand TAP "stats/tap/{assigned/requested}" to get the NTorand TAP circuit
circuit onion handshake rephist values respectively. onion handshake rephist values respectively. Closes ticket 28279.
Closes ticket 28279. Patch by Neel Chauhan. Patch by Neel Chauhan.
o Minor features (controller, IPv6): o Minor features (controller, IPv6):
- Tor relays now try to report to the controller when they are launching - Tor relays now try to report to the controller when they are
an IPv6 self-test. Closes ticket 34068. launching an IPv6 self-test. Closes ticket 34068.
o Minor features (directory authorities): o Minor features (directory authorities):
- Create new consensus method that removes the unecessary = padding
from ntor-onion-key. Closes ticket 7869. Patch by Daniel Pinto.
- Directory authorities now reject descriptors from relays running - Directory authorities now reject descriptors from relays running
Tor versions from the 0.4.1 series, but still allow the 0.3.5 Tor versions from the 0.4.1 series, but still allow the 0.3.5
series. Resolves ticket 34357. Patch by Neel Chauhan. series. Resolves ticket 34357. Patch by Neel Chauhan.
o Minor features (directory authorities, IPv6): o Minor features (directory authorities, IPv6):
- Make authorities add their IPv6 ORPort (if any) to the trusted dir - Make authorities add their IPv6 ORPort (if any) to the trusted dir
servers list. Authorities currently add themselves to the trusted dir servers list. Authorities currently add themselves to the trusted
servers list, but they only add their IPv4 address and ports to the list. dir servers list, but they only add their IPv4 address and ports
Closes ticket 32822. to the list. Closes ticket 32822.
o Minor features (directory authority): o Minor features (directory authority):
- Make it possible to specify multiple ConsensusParams torrc lines. - Make it possible to specify multiple ConsensusParams torrc lines.
Now directory authority operators can for example put the main Now directory authority operators can for example put the main
ConsensusParams config in one torrc file and then add to it from ConsensusParams config in one torrc file and then add to it from a
a different torrc file. Closes ticket 40164. different torrc file. Closes ticket 40164.
- The AssumeReachable option no longer stops directory authorities - The AssumeReachable option no longer stops directory authorities
from checking whether other relays are running. A new from checking whether other relays are running. A new
AuthDirTestReachability option can be used to disable these checks. AuthDirTestReachability option can be used to disable these
Closes ticket 34445. checks. Closes ticket 34445.
- When looking for possible sybil attacks, also consider IPv6 addresses. - When looking for possible sybil attacks, also consider IPv6
Two routers are considered to have "the same" address by this metric addresses. Two routers are considered to have "the same" address
if they are in the same /64 network. Patch from Maurice Pibouin. Closes by this metric if they are in the same /64 network. Patch from
ticket 7193. Maurice Pibouin. Closes ticket 7193.
o Minor features (ed25519, relay): o Minor features (ed25519, relay):
- Save a relay's base64-encoded ed25519 identity key to the data - Save a relay's base64-encoded ed25519 identity key to the data
directory in a file named fingerprint-ed25519. Closes ticket 30642. directory in a file named fingerprint-ed25519. Closes ticket
Patch by Neel Chauhan. 30642. Patch by Neel Chauhan.
o Minor features (heartbeat): o Minor features (heartbeat):
- Include the total number of inbound and outbound IPv4 and IPv6 - Include the total number of inbound and outbound IPv4 and IPv6
@ -170,30 +163,31 @@ Changes in version 0.4.5.1-alpha - 2020-10-30
o Minor features (IPv6, ExcludeNodes): o Minor features (IPv6, ExcludeNodes):
- Make routerset_contains_router() capable of handling IPv6 - Make routerset_contains_router() capable of handling IPv6
addresses. This makes ExcludeNodes capable of excluding an addresses. This makes ExcludeNodes capable of excluding an IPv6
IPv6 adddress. Previously, ExcludeNodes ignored IPv6 adddress. Previously, ExcludeNodes ignored IPv6 addresses. Closes
addresses. Closes ticket 34065. Patch by Neel Chauhan. ticket 34065. Patch by Neel Chauhan.
o Minor features (IPv6, relay): o Minor features (IPv6, relay):
- Allow relays to send IPv6-only extend cells. Closes ticket 33222. - Allow relays to send IPv6-only extend cells. Closes ticket 33222.
- Declare support for the Relay=3 subprotocol version. Closes ticket 33226. - Declare support for the Relay=3 subprotocol version. Closes
ticket 33226.
- When launching IPv6 ORPort self-test circuits, make sure that the - When launching IPv6 ORPort self-test circuits, make sure that the
second-last hop can initiate an IPv6 extend. Closes ticket 33222. second-last hop can initiate an IPv6 extend. Closes ticket 33222.
o Minor features (logging): o Minor features (logging):
- Adds the running glibc version to the log. Also adds the - Adds the running glibc version to the log. Also adds the running
running and compiled glibc version to the library list and compiled glibc version to the library list returned when using
returned when using the flag --library-versions. Patch the flag --library-versions. Patch from Daniel Pinto. Closes
from Daniel Pinto. Closes ticket 40047; bugfix on ticket 40047; bugfix on 0.4.5.0-alpha-dev.
0.4.5.0-alpha-dev. - Consider 301 as an error like a 404 when processing the response
- Consider 301 as an error like a 404 when processing the response to a to a request for a group of server descriptors or an extrainfo
request for a group of server descriptors or an extrainfo documents. documents. Closes ticket 40053.
Closes ticket 40053. - Print directory fetch information a single line. Closes
- Print directory fetch information a single line. Closes ticket 40159. ticket 40159.
- Provide more complete descriptions of our connections when logging - Provide more complete descriptions of our connections when logging
about them. Closes ticket 40041. about them. Closes ticket 40041.
- When describing a relay in th elogs, we now include its ed25519 identity. - When describing a relay in th elogs, we now include its ed25519
Closes ticket 22668. identity. Closes ticket 22668.
o Minor features (onion services): o Minor features (onion services):
- When writing an onion service hostname file, first read it to make - When writing an onion service hostname file, first read it to make
@ -203,263 +197,269 @@ Changes in version 0.4.5.1-alpha - 2020-10-30
Neel Chauhan. Neel Chauhan.
o Minor features (pluggable transports): o Minor features (pluggable transports):
- Added option OutboundBindAddressPT to torrc. This option allows users to - Added option OutboundBindAddressPT to torrc. This option allows
specify which IPv4 and IPv6 address they want pluggable transports to use users to specify which IPv4 and IPv6 address they want pluggable
for outgoing IP packets. Tor does not have a way to enforce that the pluggable transports to use for outgoing IP packets. Tor does not have a way
transport honors this option so each pluggable transport will have to to enforce that the pluggable transport honors this option so each
implement support for this feature. Closes ticket 5304. pluggable transport will have to implement support for this
feature. Closes ticket 5304.
o Minor features (protocol simplification): o Minor features (protocol simplification):
- Tor no longer allows subprotocol versions larger than 63. Previously - Tor no longer allows subprotocol versions larger than 63.
versions up to UINT32_MAX were allowed, which significantly complicated Previously versions up to UINT32_MAX were allowed, which
our code. significantly complicated our code. Implements proposal 318;
Implements proposal 318; closes ticket 40133. closes ticket 40133.
o Minor features (relay address tracking): o Minor features (relay address tracking):
- We store relay addresses for OR connections in a more logical way. - We store relay addresses for OR connections in a more logical way.
Previously we would sometimes overwrite the actual address of a Previously we would sometimes overwrite the actual address of a
connection with a "canonical address", and then store the "real connection with a "canonical address", and then store the "real
address" elsewhere to remember it. We now track the "canonical address" address" elsewhere to remember it. We now track the "canonical
elsewhere for the cases where we need it, and leave the connection's address" elsewhere for the cases where we need it, and leave the
address alone. Closes ticket 33898. connection's address alone. Closes ticket 33898.
o Minor features (relay): o Minor features (relay):
- Log immediately when launching a relay self-check. Previously - If a relay is unable to discover its address, attempt to learn it
we would try to log before launching checks, or approximately from the NETINFO cell. Closes ticket 40022.
when we intended to launch checks, but this tended to be - Log immediately when launching a relay self-check. Previously we
error-prone. Closes ticket 34137. would try to log before launching checks, or approximately when we
intended to launch checks, but this tended to be error-prone.
Closes ticket 34137.
o Minor features (relay, address discovery):
- If Address is not found in torrc, attempt to learn our address
with the configured ORPort address if any. Closes ticket 33236.
o Minor features (relay, IPv6): o Minor features (relay, IPv6):
- Add an AssumeReachableIPv6 option to disable self-checking IPv6 - Add an AssumeReachableIPv6 option to disable self-checking IPv6
reachability. Closes part of ticket 33224. reachability. Closes part of ticket 33224.
- Add new "assume-reachable" and "assume-reachable-ipv6" parameters - Add new "assume-reachable" and "assume-reachable-ipv6" parameters
to be used in an emergency to tell relays that they should publish to be used in an emergency to tell relays that they should publish
even if they cannot complete their ORPort self-checks. even if they cannot complete their ORPort self-checks. Closes
Closes ticket 34064 and part of 33224. ticket 34064 and part of 33224.
o Minor features (specification update): o Minor features (specification update):
- Several fields in microdescriptors, router descriptors, and consensus - Several fields in microdescriptors, router descriptors, and
documents that were formerly optional are now required. Implements consensus documents that were formerly optional are now required.
proposal 315; closes ticket 40132. Implements proposal 315; closes ticket 40132.
o Minor features (state): o Minor features (state):
- When loading the state file, remove entries from the statefile that - When loading the state file, remove entries from the statefile
have been obsolete for a long time. Ordinarily Tor preserves that have been obsolete for a long time. Ordinarily Tor preserves
unrecognized entries in order to keep forward-compatibility, but unrecognized entries in order to keep forward-compatibility, but
these statefile entries have not actually been used in any release these statefile entries have not actually been used in any release
since before the 0.3.5.x. Closes ticket 40137. since before the 0.3.5.x. Closes ticket 40137.
o Minor features (statistics, ipv6): o Minor features (statistics, ipv6):
- Relays now publish IPv6-specific counts of single-direction - Relays now publish IPv6-specific counts of single-direction versus
versus bidirectional relay connections. bidirectional relay connections. Closes ticket 33264.
Closes ticket 33264.
- Relays now publish their IPv6 read and write statistics over time, - Relays now publish their IPv6 read and write statistics over time,
if statistics are enabled. if statistics are enabled. Closes ticket 33263.
Closes ticket 33263.
o Minor features (subprotocol versions): o Minor features (subprotocol versions):
- Use the new limitations on subprotocol versions due to proposal - Use the new limitations on subprotocol versions due to proposal
318 to simplify our implementation. Part of ticket 40133. 318 to simplify our implementation. Part of ticket 40133.
o Minor features (testing configuration): o Minor features (testing configuration):
- The TestingTorNetwork no longer implicitly sets AssumeReachable to 1. - The TestingTorNetwork no longer implicitly sets AssumeReachable to
This change will allow us to test relays' self-testing mechanisms, 1. This change will allow us to test relays' self-testing
and eventually to test authorities' relay-testing functionality. mechanisms, and eventually to test authorities' relay-testing
Closes ticket 34446. functionality. Closes ticket 34446.
o Minor features (testing): o Minor features (testing):
- Added unit tests for channel_matches_target_addr_for_extend(). - Added unit tests for channel_matches_target_addr_for_extend().
Closes Ticket 33919. Patch by MrSquanchee. Closes Ticket 33919. Patch by MrSquanchee.
o Minor bugfixes (logging): o Minor bugfixes (security):
- Remove a debug logging statement that uselessly spam the logs. Fixes bug - When completing a channel, relays now check more thoroughly to
40135; bugfix on 0.3.5.0-alpha. make sure that it matches any pending circuits before attaching
those circuits. Previously, address correctness and Ed25519
identities were not checked in this case, but only when extending
circuits on an existing channel. Fixes bug 40080; bugfix
on 0.2.7.2-alpha.
o Minor bugfixes (circuit padding): o Minor bugfixes (circuit padding):
- When circpad_send_padding_cell_for_callback is called, - When circpad_send_padding_cell_for_callback is called,
`is_padding_timer_scheduled` flag was not reset. Now it is set to 0 at `is_padding_timer_scheduled` flag was not reset. Now it is set to
the top of that function. Fixes bug 32671; bugfix on 0.4.0.1-alpha. 0 at the top of that function. Fixes bug 32671; bugfix
on 0.4.0.1-alpha.
- Add a per-circuit padding machine instance counter, so we can - Add a per-circuit padding machine instance counter, so we can
differentiate between shutdown requests for old machines on a circuit; differentiate between shutdown requests for old machines on a
Fixes bug 30992; bugfix on 0.4.1.1-alpha. circuit; Fixes bug 30992; bugfix on 0.4.1.1-alpha.
- Add the abilility to keep circuit padding machines if they match a set - Add the abilility to keep circuit padding machines if they match a
of circuit state or purposes. This allows us to have machines that start set of circuit state or purposes. This allows us to have machines
up under some conditions but don't shut down under others. We now that start up under some conditions but don't shut down under
use this mask to avoid starting up introduction circuit padding others. We now use this mask to avoid starting up introduction
again after the machines have already completed. Fixes bug 32040; circuit padding again after the machines have already completed.
bugfix on 0.4.1.1-alpha. Fixes bug 32040; bugfix on 0.4.1.1-alpha.
o Minor bugfixes (compatibility): o Minor bugfixes (compatibility):
- Strip '\r' characters when reading text files on Unix platforms. - Strip '\r' characters when reading text files on Unix platforms.
This should resolve an issue where a relay operator migrates a relay from This should resolve an issue where a relay operator migrates a
Windows to Unix, but does not change the line ending of Tor's various state relay from Windows to Unix, but does not change the line ending of
files to match the platform, the CRLF line endings from Windows ends up leaking Tor's various state files to match the platform, the CRLF line
into other files such as the extra-info document. Fixes bug 33781; bugfix on endings from Windows ends up leaking into other files such as the
0.0.9pre5. extra-info document. Fixes bug 33781; bugfix on 0.0.9pre5.
o Minor bugfixes (compilation): o Minor bugfixes (compilation):
- Fix compiler warnings that would occur when building with - Fix compiler warnings that would occur when building with
"--enable-all-bugs-are-fatal" and "--disable-module-relay" "--enable-all-bugs-are-fatal" and "--disable-module-relay" at the
at the same time. Fixes bug 40129; bugfix on 0.4.4.1-alpha. same time. Fixes bug 40129; bugfix on 0.4.4.1-alpha.
- Resolve a compilation warning that could occur in test_connection.c. - Resolve a compilation warning that could occur in
Fixes bug 40113; bugfix on 0.2.9.3-alpha. test_connection.c. Fixes bug 40113; bugfix on 0.2.9.3-alpha.
o Minor bugfixes (configuration): o Minor bugfixes (configuration):
- Fix bug where %including a pattern ending with */ would include files - Fix bug where %including a pattern ending with */ would include
and folders (instead of folders only) in versions of glibc < 2.19. files and folders (instead of folders only) in versions of glibc <
Fixes bug 40141; bugfix on 0.4.5.0-alpha-dev. Patch by Daniel Pinto. 2.19. Fixes bug 40141; bugfix on 0.4.5.0-alpha-dev. Patch by
Daniel Pinto.
o Minor bugfixes (logging): o Minor bugfixes (logging):
- When logging a rate-limited message about how many messages have been - Remove a debug logging statement that uselessly spam the logs.
suppressed in the last N seconds, give an accurate value for N, rounded Fixes bug 40135; bugfix on 0.3.5.0-alpha.
up to the nearest minute. Previously we would report the size of the - When logging a rate-limited message about how many messages have
rate-limiting interval, regardless of when the messages started to been suppressed in the last N seconds, give an accurate value for
occur. Fixes bug 19431; bugfix on 0.2.2.16-alpha. N, rounded up to the nearest minute. Previously we would report
the size of the rate-limiting interval, regardless of when the
messages started to occur. Fixes bug 19431; bugfix
on 0.2.2.16-alpha.
o Minor bugfixes (protover): o Minor bugfixes (protover):
- Consistently reject extra commas, instead of only rejecting leading commas. - Consistently reject extra commas, instead of only rejecting
Fixes bug 27194; bugfix on 0.2.9.4-alpha. leading commas. Fixes bug 27194; bugfix on 0.2.9.4-alpha.
o Minor bugfixes (relay configuration, crash): o Minor bugfixes (relay configuration, crash):
- Avoid a fatal assert() when failing to create a listener connection for an - Avoid a fatal assert() when failing to create a listener
address that was in use. Fixes bug 40073; bugfix on 0.3.5.1-alpha. connection for an address that was in use. Fixes bug 40073; bugfix
on 0.3.5.1-alpha.
o Minor bugfixes (rust, protocol versions): o Minor bugfixes (rust, protocol versions):
- Declare support for the onion service introduction point denial of - Declare support for the onion service introduction point denial of
service extensions, when building tor with Rust. service extensions, when building tor with Rust. Fixes bug 34248;
Fixes bug 34248; bugfix on 0.4.2.1-alpha. bugfix on 0.4.2.1-alpha.
- Make Rust protocol version support checks consistent with the - Make Rust protocol version support checks consistent with the
undocumented error behaviour of the corresponding C code. undocumented error behaviour of the corresponding C code. Fixes
Fixes bug 34251; bugfix on 0.3.3.5-rc. bug 34251; bugfix on 0.3.3.5-rc.
o Minor bugfixes (security):
- When completing a channel, relays now check more thoroughly to make
sure that it matches any pending circuits before attaching those
circuits. Previously, address correctness and Ed25519 identities were not
checked in this case, but only when extending circuits on an existing
channel. Fixes bug 40080; bugfix on 0.2.7.2-alpha.
o Minor bugfixes (self-testing): o Minor bugfixes (self-testing):
- When receiving an incoming circuit, only accept it as evidence that we - When receiving an incoming circuit, only accept it as evidence
are reachable if the declared address of its channel is the same that we are reachable if the declared address of its channel is
address we think that we have. Otherwise, it could be evidence that the same address we think that we have. Otherwise, it could be
we're reachable on some other address. Fixes bug 20165; bugfix on evidence that we're reachable on some other address. Fixes bug
0.1.0.1-rc. 20165; bugfix on 0.1.0.1-rc.
o Minor bugfixes (SOCKS, onion services): o Minor bugfixes (SOCKS, onion services):
- Make sure we send the SOCKS request address in relay begin cells when a - Make sure we send the SOCKS request address in relay begin cells
stream is attached with the purpose CIRCUIT_PURPOSE_CONTROLLER. Fixes bug when a stream is attached with the purpose
33124; bugfix on 0.0.5. Patch by Neel Chauhan. CIRCUIT_PURPOSE_CONTROLLER. Fixes bug 33124; bugfix on 0.0.5.
Patch by Neel Chauhan.
o Minor bugfixes (spec conformance): o Minor bugfixes (spec conformance):
- Use the correct key type when generating signing->link - Use the correct key type when generating signing->link
certificates. Fixes bug 40124; bugfix on 0.2.7.2-alpha. certificates. Fixes bug 40124; bugfix on 0.2.7.2-alpha.
o Minor bugfixes (string handling): o Minor bugfixes (string handling):
- In summarize_protover_flags(), treat empty strings the same as NULL. - In summarize_protover_flags(), treat empty strings the same as
This prevents protocols_known from being set. Previously, we treated NULL. This prevents protocols_known from being set. Previously, we
empty strings as normal strings, which led to protocols_known being treated empty strings as normal strings, which led to
set. Fixes bug 34232; bugfix on 0.3.3.2-alpha. Patch by Neel Chauhan. protocols_known being set. Fixes bug 34232; bugfix on
0.3.3.2-alpha. Patch by Neel Chauhan.
o Minor bugfixes (v2 onion services): o Minor bugfixes (v2 onion services):
- For HSFETCH commands on v2 onion services addresses, check the length of - For HSFETCH commands on v2 onion services addresses, check the
bytes decoded, not the base32 length. This takes the behavior introduced length of bytes decoded, not the base32 length. This takes the
in commit a517daa56f5848d25ba79617a1a7b82ed2b0a7c0 into consideration. behavior introduced in commit
Fixes bug 34400; bugfix on 0.4.1.1-alpha. Patch by Neel Chauhan. a517daa56f5848d25ba79617a1a7b82ed2b0a7c0 into consideration. Fixes
bug 34400; bugfix on 0.4.1.1-alpha. Patch by Neel Chauhan.
o Code simplification and refactoring:
- Add and use a set of functions to perform downcasts on constant
connection and channel pointers. Closes ticket 40046.
- Refactor our code that logs a descriptions of connections,
channels, and the peers on them, to use a single call path. This
change enables us to refactor the data types that they use, and
eliminate many confusing users of those types. Closes ticket 40041.
- Refactor some common node selection code into a single function.
Closes ticket 34200.
- Remove the now-redundant 'outbuf_flushlen' field from our
connection type. It was previously used for an older version of
our rate-limiting logic. Closes ticket 33097.
- Rename "fascist_firewall_*" identifiers to "reachable_addr_*"
instead, for consistency with other code. Closes ticket 18106.
- Rename functions about "advertised" ports which are not in fact
guaranteed to return the ports have been advertised. Closes
ticket 40055.
- Split implementation of several command line options from
options_init_from_torrc into smaller isolated functions. Patch by
Daniel Pinto. Closes ticket 40102.
- When an extend cell is missing an IPv4 or IPv6 address, fill in
the address from the extend info. This is similar to what was done
in ticket 33633 for ed25519 keys. Closes ticket 33816. Patch by
Neel Chauhan.
o Deprecated features:
- The "non-builtin" argument to the "--dump-config" command is now
deprecated. When it works, it behaves the same as "short", which
you should use instead. Closes ticket 33398.
o Documentation:
- Replace URLs from our old bugtracker so that they refer to the new
bugtracker and wiki. Closes ticket 40101.
o Removed features:
- We no longer ship or build a "tor.service" file for use with
systemd. No distribution included this script unmodified, and we
don't have the expertise ourselves to maintain this in a way that
all the various systemd-based distributions can use. Closes
ticket 30797.
- We no longer ship support for the Android logging API. Modern
versions of Android can use the syslog API instead. Closes
ticket 32181.
o Testing:
- Add unit tests for bandwidth statistics manipulation functions.
Closes ticket 33812. Patch by MrSquanchee.
o Code simplification and refactoring (autoconf): o Code simplification and refactoring (autoconf):
- Remove autoconf checks for unused funcs and headers. Closes ticket - Remove autoconf checks for unused funcs and headers. Closes ticket
31699; Patch by @bduszel 31699; Patch by @bduszel
o Code simplification and refactoring (maintainer scripts): o Code simplification and refactoring (maintainer scripts):
- Disable by default the pre-commit hook. Use the environment variable - Disable by default the pre-commit hook. Use the environment
TOR_EXTRA_PRE_COMMIT_CHECKS in order to run it. Furthermore, stop running variable TOR_EXTRA_PRE_COMMIT_CHECKS in order to run it.
practracker in the pre-commit hook and make check-local. Closes ticket Furthermore, stop running practracker in the pre-commit hook and
40019. make check-local. Closes ticket 40019.
o Code simplification and refactoring (relay address): o Code simplification and refactoring (relay address):
- Most of IPv4 representation was using "uint32_t". It has now been moved to - Most of IPv4 representation was using "uint32_t". It has now been
use the internal "tor_addr_t" interface instead. This is so we can moved to use the internal "tor_addr_t" interface instead. This is
properly integrate IPv6 along IPv4 with common interfaces. Closes ticket so we can properly integrate IPv6 along IPv4 with common
40043. interfaces. Closes ticket 40043.
o Code simplification and refactoring:
- Add and use a set of functions to perform downcasts on constant
connection and channel pointers. Closes ticket 40046.
- Refactor our code that logs a descriptions of connections, channels,
and the peers on them, to use a single call path. This change
enables us to refactor the data types that they use, and eliminate
many confusing users of those types. Closes ticket 40041.
- Refactor some common node selection code into a single function.
Closes ticket 34200.
- Remove the now-redundant 'outbuf_flushlen' field from our connection
type. It was previously used for an older version of our rate-limiting
logic. Closes ticket 33097.
- Rename "fascist_firewall_*" identifiers to "reachable_addr_*" instead,
for consistency with other code. Closes ticket 18106.
- Rename functions about "advertised" ports which are not in fact
guaranteed to return the ports have been advertised. Closes
ticket 40055.
- Split implementation of several command line options from
options_init_from_torrc into smaller isolated functions.
Patch by Daniel Pinto. Closes ticket 40102.
- When an extend cell is missing an IPv4 or IPv6 address, fill in the address
from the extend info. This is similar to what was done in ticket 33633 for
ed25519 keys. Closes ticket 33816. Patch by Neel Chauhan.
o Deprecated features:
- The "non-builtin" argument to the "--dump-config" command is now
deprecated. When it works, it behaves the same as "short", which
you should use instead. Closes ticket 33398.
o Documentation (manpages): o Documentation (manpages):
- Move them from doc/ to doc/man/. Closes ticket 40044. - Move them from doc/ to doc/man/. Closes ticket 40044.
o Documentation (manual page): o Documentation (manual page):
- Describe the status of the "Sandbox" option more accurately. It is no - Describe the status of the "Sandbox" option more accurately. It is
longer "experimental", but it _is_ dependent on kernel and libc no longer "experimental", but it _is_ dependent on kernel and libc
versions. Closes ticket 23378. versions. Closes ticket 23378.
o Documentation (tracing): o Documentation (tracing):
- Document in depth the circuit subsystem trace events in the new - Document in depth the circuit subsystem trace events in the new
doc/tracing/EventsCircuit.md. Closes ticket 40036. doc/tracing/EventsCircuit.md. Closes ticket 40036.
o Documentation:
- Replace URLs from our old bugtracker so that they refer to the
new bugtracker and wiki. Closes ticket 40101.
o Removed features (network parameters): o Removed features (network parameters):
- The "optimistic data" feature is now always on; there is no longer an
option to disable it from the torrc file or from the consensus
directory.
Closes part of 40139.
- The "usecreatefast" network parameter is now removed; there is no
longer an option for authorities to turn it off. Closes part of 40139.
o Removed features:
- We no longer ship or build a "tor.service" file for use with systemd.
No distribution included this script unmodified, and we don't have the
expertise ourselves to maintain this in a way that all the various
systemd-based distributions can use. Closes ticket 30797.
- We no longer ship support for the Android logging API. Modern
versions of Android can use the syslog API instead.
Closes ticket 32181.
o Testing (CI): o Testing (CI):
- Build tracing configure option into our CI. Closes ticket 40038. - Build tracing configure option into our CI. Closes ticket 40038.
o Testing (onion service v2): o Testing (onion service v2):
- Fix a rendezvous cache unit test that was triggering an underflow on the - Fix a rendezvous cache unit test that was triggering an underflow
global rend cache allocation. Fixes bug 40125; bugfix on on the global rend cache allocation. Fixes bug 40125; bugfix
0.2.8.1-alpha. on 0.2.8.1-alpha.
- Fix another rendezvous cache unit test that was triggering an underflow on the - Fix another rendezvous cache unit test that was triggering an
global rend cache allocation. Fixes bug 40126; bugfix on underflow on the global rend cache allocation. Fixes bug 40126;
0.2.8.1-alpha. bugfix on 0.2.8.1-alpha.
o Testing:
- Add unit tests for bandwidth statistics manipulation functions.
Closes ticket 33812. Patch by MrSquanchee.
Changes in version 0.4.4.5 - 2020-09-15 Changes in version 0.4.4.5 - 2020-09-15