Reformat the changelog

ChangeLog

@@ -1,58 +1,58 @@
 Changes in version 0.2.7.3-rc - 2015-09-2?
-
+  Tor 0.2.7.3-rc is the first release candidate in the 0.2.7 series. It
-  Tor 0.2.7.3-rc is the first release candidate in the 0.2.7 series.  It
   contains numerous usability fixes for Ed25519 keys, safeguards against
-  several misconfiguration problems, significant simplifications to Tor's
+  several misconfiguration problems, significant simplifications to
-  callgraph, and numerous bugfixes and small
+  Tor's callgraph, and numerous bugfixes and small features.
-  features.
 
   This is the most tested release of Tor to date. The unit tests cover
   39.40% of the code, and the integration tests (accessible with "make
-  test-full-online", requiring stem and chutney and a network connection)
+  test-full-online", requiring stem and chutney and a network
-  raise the coverage to XXX.
+  connection) raise the coverage to XXX.
 
   If this is your first time upgrading a relay to Tor 0.2.7, your Tor
-  relay will, by default, generate a new Ed25519 identity key.  If you
+  relay will, by default, generate a new Ed25519 identity key. If you
   would prefer to keep your Ed25519 identity key offline or encrypted
-  for improved security, you can do so by following the instructions at
+  for improved security, you can do so by following the instructions
-  XXX.
+  at XXX.
 
   o Major features (security, hidden services):
-    - Hidden services are required to use more than one EntryNode,
+    - Hidden services are required to use more than one EntryNode, to
-      to avoid a guard discovery attack. See ticket for more
+      avoid a guard discovery attack. See ticket for more information.
-      information. Fixes ticket 14917.
+      Fixes ticket 14917.
-
-  o Major features (relay, Ed25519):
-    - Significant usability improvements for Ed25519
-      key management. Log messages are better, and the code can recover
-      from far more failure conditions. Thanks to "s7r" for reporting
-      and diagnosing so many of these!
-    - On receiving a HUP signal, check to see whether the Ed25519
-      signing key has changed, and reload it if so. Closes ticket 16790.
 
   o Major features (ed25519 performance):
-    - Improve the speed of Ed25519 operations and Curve25519
+    - Improve the speed of Ed25519 operations and Curve25519 keypair
-      keypair generation when built targeting 32 bit x86 platforms with
+      generation when built targeting 32 bit x86 platforms with SSE2
-      SSE2 available. Implements ticket 16535.
+      available. Implements ticket 16535.
     - Improve the runtime speed of Ed25519 signature verification by
-      using Ed25519-donna's batch verification support. Implements ticket 16533.
+      using Ed25519-donna's batch verification support. Implements
+      ticket 16533.
 
   o Major features (performance testing):
     - The test-network.sh script now supports performance testing.
-      Requires corresponding chutney performance testing changes.
+      Requires corresponding chutney performance testing changes. Patch
-      Patch by "teor". Closes ticket 14175.
+      by "teor". Closes ticket 14175.
+
+  o Major features (relay, Ed25519):
+    - Significant usability improvements for Ed25519 key management. Log
+      messages are better, and the code can recover from far more
+      failure conditions. Thanks to "s7r" for reporting and diagnosing
+      so many of these!
+    - On receiving a HUP signal, check to see whether the Ed25519
+      signing key has changed, and reload it if so. Closes ticket 16790.
 
   o Major bugfixes (relay, Ed25519):
     - Avoid crashing on 'tor --keygen'. Fixes bug 16679; bugfix on
       0.2.7.2-alpha. Reported by "s7r".
-    - Improve handling of expired signing keys with offline master
+    - Improve handling of expired signing keys with offline master keys.
-      keys. Fixes bug 16685; bugfix on 0.2.7.2-alpha. Reported by "s7r".
+      Fixes bug 16685; bugfix on 0.2.7.2-alpha. Reported by "s7r".
 
   o Minor features (client-side privacy):
-    - New KeyAliveSOCKSAuth option to indefinitely extend circuit lifespan
+    - New KeyAliveSOCKSAuth option to indefinitely extend circuit
-      when IsolateSOCKSAuth and streams with SOCKS authentication are attached
+      lifespan when IsolateSOCKSAuth and streams with SOCKS
-      to the circuit.  This allows applications like TorBrowser to
+      authentication are attached to the circuit. This allows
-      manage circuit lifetime on their own. Implements feature 15482.
+      applications like TorBrowser to manage circuit lifetime on their
+      own. Implements feature 15482.
     - When logging malformed hostnames from SOCKS5 requests, respect
       SafeLogging configuration. Fixes bug 16891; bugfix on 0.1.1.16-rc.
 
@@ -73,79 +73,39 @@ Changes in version 0.2.7.3-rc - 2015-09-2?
       option HiddenServiceStatistics to "1" by default. Closes
       ticket 15254.
     - Client now uses an introduction point failure cache to know when
-      to fetch or keep a descriptor in their cache.  Previously,
+      to fetch or keep a descriptor in their cache. Previously, failures
-      failures were recorded implicitly, but not explicitly remembered.
+      were recorded implicitly, but not explicitly remembered. Closes
-      Closes ticket 16389.
+      ticket 16389.
 
   o Minor features (testing, authorities, documentation):
     - New TestingDirAuthVote{Exit,Guard,HSDir}IsStrict flags to
-      explicitly manage consensus flags in t3esting networks.
+      explicitly manage consensus flags in t3esting networks. Patch by
-      Patch by "robgjansen", modified by "teor". Implements part of
+      "robgjansen", modified by "teor". Implements part of ticket 14882.
-      ticket 14882.
 
   o Minor bugfixes (security, exit policies):
-    - ExitPolicyRejectPrivate now also rejects
+    - ExitPolicyRejectPrivate now also rejects the relay's published
-      the relay's published IPv6 address (if any), and any publicly
+      IPv6 address (if any), and any publicly routable IPv4 or IPv6
-      routable IPv4 or IPv6 addresses on any local interfacesn.
+      addresses on any local interfacesn. ticket 17027. Patch by "teor".
-      ticket 17027. Patch by "teor". Fixes bug 17027; bugfix on 0.2.0.11-alpha.
+      Fixes bug 17027; bugfix on 0.2.0.11-alpha.
-
-  o Minor bugfixes (portability):
-    - Try harder to normalize the exit status of the Tor process to the
-      standard-provided range. Fixes bug 16975; bugfix on every version
-      of Tor ever.
-    - Check correctly for windows socket errors in the workqueue
-      backend. Fixes bug 16741; bugfix on 0.2.6.3-alpha.
-    - Fix the behavior of crypto_rand_time_range() when told to consider times
-      before 1970. (These times were possible when running in a
-      simulated network environment where time()'s output starts at
-      zero.) Fixes bug 16980; bugfix on 0.2.7.1-alpha.
-
-  o Minor bugfixes (documentation):
-    - Fix the usage message of tor-resolve(1) so that it no longer lists
-      the removed -F option. Fixes bug 16913; bugfix on
-      0.2.2.28-beta.
-    - Fix an error in the manual page and comments for
-      TestingDirAuthVoteHSDir[IsStrict], which suggested that a HSDir
-      required "ORPort connectivity". While this is true, it is in no
-      way unique to the HSDir flag. Of all the flags, only HSDirs need a
-      DirPort configured in order for the authorities to assign that
-      particular flag. Patch by "teor". Fixed as part of 14882; bugfix on 0.2.6.3-alpha.
-
-  o Minor bugfixes (relay):
-    - Ensure that worker threads actually exit when a fatal error or
-      shutdown is indicated. This fix doesn't currently affect the behaviour
-      of Tor, because Tor workers never indicates fatal error or shutdown except
-      in the unit tests. Fixes bug 16868; bugfix on 0.2.6.3-alpha.
-
-  o Minor bugfixes (correctness):
-    - When calling channel_free_list(), avoid calling smartlist_remove()
-      while inside a FOREACH loop. This partially reverts commit
-      17356fe7fd96af where the correct SMARTLIST_DEL_CURRENT was
-      incorrectly removed. Fixes bug 16924; bugfix on 0.2.4.4-alpha.
 
   o Minor bug fixes (torrc exit policies):
-    - In torrc, "accept6 *" and "reject6 *" ExitPolicy lines now
+    - In torrc, "accept6 *" and "reject6 *" ExitPolicy lines now only
-  only produce IPv6 wildcard addresses.
+      produce IPv6 wildcard addresses. Previously they would produce
-      Previously they would produce both IPv4 and IPv6
+      both IPv4 and IPv6 wildcard addresses. Patch by "teor". Fixes part
-      wildcard addresses. Patch by "teor". Fixes part of bug 16069; bugfix on 0.2.4.7-alpha.
+      of bug 16069; bugfix on 0.2.4.7-alpha.
-    - When parsing torrc ExitPolicies, we now warn for a number of
+    - When parsing torrc ExitPolicies, we now warn for a number of cases
-      cases where the user's intent is likely to differ from Tor's
+      where the user's intent is likely to differ from Tor's actual
-      actual behavior. These include: using an IPv4 address
+      behavior. These include: using an IPv4 address with an accept6 or
-      with an accept6 or reject6 line; using "private" on an accept6
+      reject6 line; using "private" on an accept6 or reject6 line; and
-      or reject6 line; and including any ExitPolicy lines after
+      including any ExitPolicy lines after accept *:* or reject *:*.
-      accept *:* or reject *:*. Related to ticket 16069.
+      Related to ticket 16069.
     - When parsing torrc ExitPolicies, we now issue an info-level
       message: when expanding an "accept/reject *" line to include both
       IPv4 and IPv6 wildcard addresses. Related to ticket 16069.
-    - In each instance above, usage advice is provided to avoid the message.
+    - In each instance above, usage advice is provided to avoid the
-      Resolves ticket 16069. Patch by "teor". Fixes part of bug
+      message. Resolves ticket 16069. Patch by "teor". Fixes part of bug
       16069; bugfix on 0.2.4.7-alpha.
 
-  o Minor bugfixes (open file limit):
-    - Fix set_max_file_descriptors() to set by default the max open file
-      limit to the current limit when setrlimit() fails. Fixes bug 16274; bugfix on tor-
-      0.2.0.10-alpha. Patch by dgoulet.
-
   o Minor bugfixes (authority):
     - Don't assign "HSDir" to a router if it isn't Valid and Running.
       Fixes bug 16524; bugfix on 0.2.7.2-alpha.
@@ -157,8 +117,26 @@ Changes in version 0.2.7.3-rc - 2015-09-2?
       bug 16286; bugfix on 0.2.7.2-alpha.
 
   o Minor bugfixes (control port):
-    - Repair a warning and a spurious result when getting the maximum number of file descriptors
+    - Repair a warning and a spurious result when getting the maximum
-      from the controller. Fixes bug 16697; bugfix on 0.2.7.2-alpha.
+      number of file descriptors from the controller. Fixes bug 16697;
+      bugfix on 0.2.7.2-alpha.
+
+  o Minor bugfixes (correctness):
+    - When calling channel_free_list(), avoid calling smartlist_remove()
+      while inside a FOREACH loop. This partially reverts commit
+      17356fe7fd96af where the correct SMARTLIST_DEL_CURRENT was
+      incorrectly removed. Fixes bug 16924; bugfix on 0.2.4.4-alpha.
+
+  o Minor bugfixes (documentation):
+    - Fix the usage message of tor-resolve(1) so that it no longer lists
+      the removed -F option. Fixes bug 16913; bugfix on 0.2.2.28-beta.
+    - Fix an error in the manual page and comments for
+      TestingDirAuthVoteHSDir[IsStrict], which suggested that a HSDir
+      required "ORPort connectivity". While this is true, it is in no
+      way unique to the HSDir flag. Of all the flags, only HSDirs need a
+      DirPort configured in order for the authorities to assign that
+      particular flag. Patch by "teor". Fixed as part of 14882; bugfix
+      on 0.2.6.3-alpha.
 
   o Minor bugfixes (Ed25519):
     - Fix a memory leak when reading router descriptors with expired
@@ -170,13 +148,33 @@ Changes in version 0.2.7.3-rc - 2015-09-2?
     - Allow routers with ed25519 keys to run correctly under the
       seccomp2 sandbox. Fixes bug 16965; bugfix on 0.2.7.2-alpha.
 
+  o Minor bugfixes (open file limit):
+    - Fix set_max_file_descriptors() to set by default the max open file
+      limit to the current limit when setrlimit() fails. Fixes bug
+      16274; bugfix on tor- 0.2.0.10-alpha. Patch by dgoulet.
+
   o Minor bugfixes (portability):
+    - Try harder to normalize the exit status of the Tor process to the
+      standard-provided range. Fixes bug 16975; bugfix on every version
+      of Tor ever.
+    - Check correctly for windows socket errors in the workqueue
+      backend. Fixes bug 16741; bugfix on 0.2.6.3-alpha.
+    - Fix the behavior of crypto_rand_time_range() when told to consider
+      times before 1970. (These times were possible when running in a
+      simulated network environment where time()'s output starts at
+      zero.) Fixes bug 16980; bugfix on 0.2.7.1-alpha.
     - Restore correct operation of TLS client-cipher detection on
       OpenSSL 1.1. Fixes bug 14047; bugfix on 0.2.7.2-alpha.
 
   o Minor bugfixes (relay):
-    - Unblock threads before releasing the work queue mutex to ensure predictable
+    - Ensure that worker threads actually exit when a fatal error or
-      scheduling behavior. Fixes bug 16644; bugfix on 0.2.6.3-alpha.
+      shutdown is indicated. This fix doesn't currently affect the
+      behaviour of Tor, because Tor workers never indicates fatal error
+      or shutdown except in the unit tests. Fixes bug 16868; bugfix
+      on 0.2.6.3-alpha.
+    - Unblock threads before releasing the work queue mutex to ensure
+      predictable scheduling behavior. Fixes bug 16644; bugfix
+      on 0.2.6.3-alpha.
 
   o Code simplification and refactoring:
     - Change the function that's called when we need to retry all