start folding in the changes files

ChangeLog

@@ -1,3 +1,229 @@
+Changes in version 0.2.3.16-alpha - 2012-06-0?
+  o Major bugfixes (general):
+    - Work around a bug in OpenSSL that broke renegotiation with TLS
+      1.1 and TLS 1.2. Without this workaround, all attempts to speak
+      the v2 Tor connection protocol when both sides were using OpenSSL
+      1.0.1 would fail. Resolves ticket 6033.
+    - When waiting for a client to renegotiate, don't allow it to add
+      any bytes to the input buffer. This fixes a potential DoS issue.
+      Fixes bugs 5934 and 6007; bugfix on 0.2.0.20-rc.
+    - Pass correct OR address to managed proxies (like obfsproxy),
+      even when ORListenAddress is used. Fixes bug 4865; bugfix on
+      0.2.3.9-alpha.
+    - The advertised platform of a router now includes only its operating
+      system's name (e.g., "Linux", "Darwin", "Windows 7"), and not its
+      service pack level (for Windows) or its CPU architecture (for Unix).
+      We also no longer include the "git-XYZ" tag in the version. Resolves
+      part of bug 2988.
+
+  o Major bugfixes (clients):
+    - If we are unable to find any exit that supports our predicted ports,
+      stop calling them predicted, so that we don't loop and build
+      hopeless circuits indefinitely. Fixes bug 3296; bugfix on 0.0.9pre6,
+      which introduced predicted ports.
+    - Fix an edge case where if we fetch or publish a hidden service
+      descriptor, we might build a 4-hop circuit and then use that circuit
+      for exiting afterwards -- even if the new last hop doesn't obey our
+      ExitNodes config option. Fixes bug 5283; bugfix on 0.2.0.10-alpha.
+    - Check at each new consensus whether our entry guards were picked
+      long enough ago that we should rotate them. Previously, we only
+      did this check at startup, which could lead to us holding a guard
+      indefinitely. Fixes bug 5380; bugfix on 0.2.1.14-rc.
+    - When fetching a bridge descriptor from a bridge authority,
+      always do so anonymously, whether we have been able to open
+      circuits or not. Partial fix for bug 1938; bugfix on 2.0.7-alpha.
+      This behavior makes it *safer* to use UpdateBridgesFromAuthority,
+      but we'll need to wait for bug 6010 before it's actually usable.
+
+  o Major bugfixes (directory authorities):
+    - When computing weight parameters, behave more robustly in the
+      presence of a bad bwweightscale value. Previously, the authorities
+      would crash if they agreed on a sufficiently broken weight_scale
+      value: now, they use a reasonable default and carry on. Partial
+      fix for 5786; bugfix on 0.2.2.17-alpha.
+    - Check more thoroughly to prevent a rogue authority from
+      double-voting on any consensus directory parameter. Previously,
+      authorities would crash in this case if the total number of
+      votes for any parameter exceeded the number of active voters,
+      but would let it pass otherwise. Partial fix for bug 5786; bugfix
+      on 0.2.2.2-alpha.
+
+  o Minor features:
+    - Rate-limit log messages when asked to connect anonymously to
+      a private address. When these hit, they tended to hit fast and
+      often. Also, don't bother trying to connect to addresses that we
+      are sure will resolve to 127.0.0.1: getting 127.0.0.1 in a directory
+      reply makes us think we have been lied to, even when the address the
+      client tried to connect to was "localhost." Resolves ticket 2822.
+    - Allow packagers to insert an extra string in server descriptor
+      platform lines by setting the preprocessor variable TOR_BUILD_TAG.
+      Resolves the rest of ticket 2988.
+    - Raise the threshold of server descriptors needed (75%) and exit
+      server descriptors needed (50%) before we will declare ourselves
+      bootstrapped. This will make clients start building circuits a
+      little later, but makes the initially constructed circuits less
+      skewed and less in conflict with further directory fetches. Fixes
+      ticket 3196.
+    - Close any connection that sends unrecognized junk before the
+      handshake. Solves an issue noted in bug 4369.
+    - Improve log messages about managed transports. Resolves ticket 5070.
+    - Tag a bridge's descriptor as "never to be sent unencrypted".
+      This shouldn't matter, since bridges don't open non-anonymous
+      connections to the bridge authority and don't allow unencrypted
+      directory connections from clients, but we might as well make
+      sure. Closes bug 5139.
+    - Expose our view of whether we have gone dormant to the controller,
+      via a new "GETINFO dormant" value. Torbutton and other controllers
+      can use this to avoid doing periodic requests through Tor while
+      it's dormant (bug 4718). Fixes bug 5954.
+    - Tell GCC and Clang to check for any errors in format strings passed
+      to the tor_v*(print|scan)f functions.
+    - Update to the May 1 2012 Maxmind GeoLite Country database.
+
+  o Minor bugfixes (already included in 0.2.2.36):
+    - Reject out-of-range times like 23:59:61 in parse_rfc1123_time().
+      Fixes bug 5346; bugfix on 0.0.8pre3.
+    - Correct parsing of certain date types in parse_http_time().
+      Without this patch, If-Modified-Since would behave
+      incorrectly. Fixes bug 5346; bugfix on 0.2.0.2-alpha. Patch from
+      Esteban Manchado Velázques.
+    - Make our number-parsing functions always treat too-large values
+      as an error, even when those values exceed the width of the
+      underlying type. Previously, if the caller provided these
+      functions with minima or maxima set to the extreme values of the
+      underlying integer type, these functions would return those
+      values on overflow rather than treating overflow as an error.
+      Fixes part of bug 5786; bugfix on 0.0.9.
+    - If we hit the error case where routerlist_insert() replaces an
+      existing (old) server descriptor, make sure to remove that
+      server descriptor from the old_routers list. Fix related to bug
+      1776. Bugfix on 0.2.2.18-alpha.
+    - Clarify the behavior of MaxCircuitDirtiness with hidden service
+      circuits. Fixes issue 5259.
+
+  o Minor bugfixes (coding cleanup, on 0.2.2.x and earlier):
+    - Prevent a null-pointer dereference when receiving a data cell
+      for a nonexistent stream when the circuit in question has an
+      empty deliver window. We don't believe this is triggerable,
+      since we don't currently allow deliver windows to become empty,
+      but the logic is tricky enough that it's better to make the code
+      robust. Fixes bug 5541; bugfix on 0.0.2pre14.
+    - Fix a memory leak when trying to launch a DNS request when the
+      network is disabled or the nameservers are unconfigurable. Fixes
+      bug 5916; bugfix on Tor 0.1.2.1-alpha (for the unconfigurable
+      nameserver case) and on 0.2.3.9-alpha (for the DisableNetwork case).
+    - Don't hold a windows file handle open for every file mapping;
+      the file mapping handle is sufficient. Fixes bug 5951; bugfix on
+      0.1.2.1-alpha.
+    - Avoid O(n^2) performance characteristics when parsing a large
+      extrainfo cache. Fixes bug 5828; bugfix on 0.2.0.1-alpha.
+    - Format more doubles with %f, not %lf. Patch from grarpamp to make
+      Tor build correctly on older BSDs again. Fixes bug 3894; bugfix on
+      Tor 0.2.0.8-alpha.
+    - Make our replacement implementation of strtok_r() compatible with
+      the standard behavior of strtok_r(). Patch by nils. Fixes bug 5091;
+      bugfix on 0.2.2.1-alpha.
+    - Fix a NULL-pointer dereference on a badly formed
+      SETCIRCUITPURPOSE command. Found by mikeyc. Fixes bug 5796;
+      bugfix on 0.2.2.9-alpha.
+    - Fix a build warning with Clang 3.1 related to our use of vasprint.
+      Fixes bug 5969. Bugfix on 0.2.2.11-alpha.
+    - Defensively refactor rend_mid_rendezvous() so that protocol
+      violations and length checks happen in the beginning. Fixes
+      bug 5645.
+    - Set _WIN32_WINNT to 0x0501 consistently throughout the code, so
+      that IPv6 stuff will compile on MSVC, and compilation issues
+      will be easier to track down. Fixes bug 5861.
+
+  o Minor bugfixes (correctness, on 0.2.2.x and earlier):
+    - Exit nodes now correctly report EADDRINUSE and EADDRNOTAVAIL as
+      resource exhaustion, so that clients can adjust their load to
+      try other exits. Fixes bug 4710; bugfix on 0.1.0.1-rc, which
+      started using END_STREAM_REASON_RESOURCELIMIT.
+    - Don't check for whether the address we're using for outbound
+      connections has changed until after the outbound connection has
+      completed. On Windows, getsockname() doesn't succeed until the
+      connection is finished. Fixes bug 5374; bugfix on 0.1.1.14-alpha.
+    - If the configuration tries to set MyFamily on a bridge, refuse to
+      do so, and warn about the security implications. Fixes bug 4657;
+      bugfix on 0.2.0.3-alpha.
+    - If the client fails to set a reasonable set of ciphersuites
+      during its v2 handshake renegotiation, allow the renegotiation to
+      continue nevertheless (i.e. send all the required certificates).
+      Fixes bug 4591; bugfix on 0.2.0.20-rc.
+    - When we receive a SIGHUP and the controller __ReloadTorrcOnSIGHUP
+      option is set to 0 (which Vidalia version 0.2.16 now does when
+      a SAVECONF attempt fails), perform other actions that SIGHUP
+      usually causes (like reopening the logs). Fixes bug 5095; bugfix
+      on 0.2.1.9-alpha.
+    - If we fail to write a microdescriptor to the disk cache, do not
+      continue replacing the old microdescriptor file. Fixes bug 2954;
+      bugfix on 0.2.2.6-alpha.
+    - Exit nodes don't need to fetch certificates for authorities that
+      they don't recognize; only directory authorities, bridges,
+      and caches need to do that. Fixes part of bug 2297; bugfix on
+      0.2.2.11-alpha.
+    - Correctly handle checking the permissions on the parent
+      directory of a control socket in the root directory. Bug found
+      by Esteban Manchado Velázquez. Fixes bug 5089; bugfix on Tor
+      0.2.2.26-beta.
+    - When told to add a bridge with the same digest as a preexisting
+      bridge but a different addr:port, change the addr:port as
+      requested. Previously we would not notice the change. Fixes half
+      of bug 5603; fix on 0.2.2.26-beta.
+    - End AUTHCHALLENGE error messages (in the control protocol) with
+      a CRLF. Fixes bug 5760; bugfix on 0.2.2.36 and 0.2.3.13-alpha.
+
+  o Minor bugfixes (on 0.2.3.x):
+    - Turn an assertion (that the number of handshakes received as a
+      server is not < 1) into a warning. Fixes bug 4873; bugfix on
+      0.2.3.1-alpha.
+    - Format IPv4 addresses correctly in ADDRMAP events. (Previously,
+      we had reversed them when the answer was cached.) Fixes bug
+      5723; bugfix on 0.2.3.1-alpha.
+    - Work correctly on Linux systems with accept4 support advertised in
+      their headers, but without accept4 support in the kernel. Fix
+      by murb. Fixes bug 5762; bugfix on 0.2.3.1-alpha.
+    - When told to add a bridge with the same addr:port as a preexisting
+      bridge but a different transport, change the transport as
+      requested. Previously we would not notice the change. Fixes half
+      of bug 5603; fix on 0.2.3.2-alpha.
+    - Avoid a "double-reply" warning when replying to a SOCKS request
+      with a parse error. Patch from Fabian Keil. Fixes bug 4108;
+      bugfix on 0.2.3.4-alpha.
+    - Fix a bug where a bridge authority crashes if it has seen no
+      directory requests when it's time to write statistics to disk.
+      Fixes bug 5891; bugfix on 0.2.3.6-alpha. Also fixes bug 5508 in
+      a better way.
+    - Don't try to open non-control listeners when DisableNetwork is set.
+      Previousy, we'd open all listeners, then immediately close them.
+      Fixes bug 5604; bugfix on 0.2.3.9-alpha.
+    - Don't abort the managed proxy protocol if the managed proxy
+      sends us an unrecognized line; ignore it instead. Fixes bug
+      5910; bugfix on 0.2.3.9-alpha.
+    - Fix a compile warning in crypto.c when compiling with clang 3.1.
+      Fixes bug 5969, bugfix on 0.2.3.9-alpha.
+    - Fix a compilation issue on GNU Hurd, which doesn't have PATH_MAX.
+      Fixes bug 5355; bugfix on 0.2.3.11-alpha.
+    - Remove bogus definition of "_WIN32" from src/win32/orconfig.h, to
+      unbreak the MSVC build. Fies bug 5858; bugfix on 0.2.3.12-alpha.
+    - Resolve numerous small warnings and build issues with MSVC. Resolves
+      bug 5859.
+
+  o Documentation fixes:
+    - Improve the manual's documentation for the NT Service command-line
+      options. Addresses ticket 3964.
+    - Clarify SessionGroup documentation slightly; resolves ticket 5437.
+    - Document the changes to the ORPort and DirPort options, and the
+      fact that {OR/Dir}ListenAddress is now unnecessary (and
+      therefore deprecated). Resolves ticket 5597.
+
+  o Removed files:
+    - Remove the torrc.bridge file: we don't use it for anything, and
+      it had become badly desynchronized from torrc.sample. Resolves
+      bug 5622.
+
+
 Changes in version 0.2.2.36 - 2012-05-24
   Tor 0.2.2.36 updates the addresses for two of the eight directory
   authorities, fixes some potential anonymity and security issues,

changes/bug1938

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - When fetching a bridge descriptor from a bridge authority,
-      always do so anonymously, whether we have been able to open
-      circuits or not. Partial fix for bug 1938; bugfix on 2.0.7-alpha.

changes/bug2297-related

@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - Exit nodes don't need to fetch certificates for authorities that
-      they don't recognize; only directory authorities, bridges, and
-      caches need to do that. Fix related to bug 2297; bugfix on
-      0.2.2.11-alpha.
-

changes/bug2822.1

@@ -1,5 +0,0 @@
-  o Minor features:
-
-    - Rate-limit log messages when asked to connect anonymously to a private
-      address. When these hit, they tended to hit fast and often. Partial
-      fix for bug 2822.

changes/bug2822.2

@@ -1,6 +0,0 @@
-  o Minor features:
-
-    - Don't bother trying to connect to addresses that we are sure will
-      resolve to 127.0.0.1: Getting 127.0.0.1 in a reply makes us think
-      we have been lied to, even when the address the client tried to
-      connect to was "localhost." Partial fix for bug 2822.

changes/bug2954_more

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - If we fail to write a microdescriptor to disk, do not continue
-      replacing the old microdescriptor file. Fix for bug 2954; bugfix
-      on 0.2.2.6-alpha.

changes/bug2988

@@ -1,10 +0,0 @@
-  o Minor features:
-    - The advertised platform of a router now includes only its
-      operating system's name (e.g., "Linux", "Darwin", "Windows 7"),
-      and not its service pack level (for Windows), or its CPU
-      architecture (for Unix). This is part of ticket 2988.
-    - Do not include the (git-XYZ) tag in published server descriptor
-      platform lines. This is part of ticket 2988.
-    - Allow packagers to insert an extra string in server descriptor
-      platform lines by setting the preprocessor variable TOR_BUILD_TAG.
-      This is part of ticket 2988.

changes/bug3196

@@ -1,7 +0,0 @@
-  o Minor features:
-    - Raise the threshold of server descriptors needed (75%) and exit
-      server descriptors needed (50%) before we will declare ourselves
-      bootstrapped. This will make clients declare completion a little
-      later, but makes the initially constructed circuits less weird
-      and less in conflict with directory connections. Fixes ticket
-      #3196.

changes/bug3296

@@ -1,5 +0,0 @@
-  o Major bugfixes:
-    - If we are unable to find any exit that supports our predicted
-      ports, stop calling them predicted, so that we don't loop and
-      build hopeless circuits indefinitely. Fix for bug 3296; bugfix
-      on 0.0.9pre6, which introduced predicted ports.

changes/bug3894_fmt_doubles

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Format more doubles with %f, not %lf. Patch from grarpamp to make
-      Tor build correctly on older BSDs again. Fixes bug 3894; bugfix on
-      Tor 0.2.0.8-alpha.

changes/bug3894_more

@@ -1,4 +0,0 @@
-  o Build fixes:
-    - Clean up some code issues that prevented Tor from building on older
-      BSDs.  Fixes bug 3894; reported by grarpamp.
-      

changes/bug3964

@@ -1,4 +0,0 @@
-  o Documentation fixes:
-    - Improve the manual's documentation for the NT Service command-line
-      options. Addresses bug 3964.
-

changes/bug4108

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Avoid a "double-reply" warning when replying to a SOCKS request
-      with a parse error. Patch from Fabian Keil. Fix for bug 4108;
-      bugfix on 0.2.3.4-alpha.

changes/bug4369

@@ -1,3 +0,0 @@
-  o Minor features:
-    - Close any connection that sends unrecognized junk before the
-      handshake.  Solves an issue noted in bug 4369.

changes/bug4591

@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - If the client fails to set a reasonable set of ciphersuites
-      during its v2 handshake renegotiation, allow the renegotiation
-      to continue nevertheless (i.e., send all the required
-      certificates). Fix for bug 4591; bugfix on 0.2.0.20-rc.
-

changes/bug4657

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - If the configuration tries to set MyFamily on a bridge, refuse to
-      do so, and warn about the security implications. Fix for bug 4657;
-      bugfix on 0.2.0.3-alpha.

changes/bug4710

@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Exit nodes now correcly report EADDRINUSE and EADDRNOTAVAIL as
-      resource exhaustion, so that clients can adjust their load to
-      try other exits. Fix for bug 4710; bugfix on 0.1.0.1-rc, which
-      started using END_STREAM_REASON_RESOURCELIMIT.

changes/bug4865

@@ -1,4 +0,0 @@
-  o Major bugfixes:
-    - Pass correct OR address to managed proxies, even when
-      ORListenAddress is used. Fixes bug #4865; bugfix on
-      0.2.3.9-alpha.

changes/bug4873

@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Turn an assertion (that the number of handshakes received as a
-      server is not < 1) into a warning. Bug 4873.

changes/bug5070

@@ -1,3 +0,0 @@
-  o Minor features:
-    - Improve log messages about managed transports. Resolves ticket
-      5070.

changes/bug5089

@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Correctly handle checking the permissions on the parent
-      directory of a control socket in the root directory. Bug found
-      by Esteban Manchado Velázquez. Fix for bug 5089; bugfix on Tor
-      0.2.2.26-beta.

changes/bug5091

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Make our replacement implementation of strtok_r compatible with
-      the standard behavior of strtok_r. Patch by nils. Fixes bug
-      5091; bugfix on 0.2.2.1-alpha.

changes/bug5095

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - When we receive a SIGHUP and the controller-use __ReloadTorrcOnSIGHUP
-      option is set to 0, perform other actions that SIGHUP usually causes
-      (like reopening the logs). Fixes bug 5095; bugfix on 0.2.1.9-alpha.

changes/bug5139

@@ -1,6 +0,0 @@
-  o Minor features (bridges):
-    - Tag a bridge's descriptor as "never to be sent
-      unencrypted". This shouldn't matter, since bridges don't open
-      non-anonymous connections to the bridge authority and don't
-      allow unencrypted directory connections from clients, but we
-      might as well make sure. Closes bug 5139.

changes/bug5259

@@ -1,3 +0,0 @@
-  o Documentation fixes:
-    - Clarify the behavior of MaxCircuitDirtiness with hidden service
-      circuits. Fix for issue 5259.

changes/bug5283

@@ -1,6 +0,0 @@
-  o Major bugfixes:
-    - Fix an edge case where if we fetch or publish a hidden service
-      descriptor, we might build a 4-hop circuit and then use that circuit
-      for exiting afterwards -- even if the new last hop doesn't obey our
-      ExitNodes config option. Fixes bug 5283; bugfix on 0.2.0.10-alpha.
-

changes/bug5346

@@ -1,8 +0,0 @@
-  o Minor bugfixes:
-    - Correct parsing of certain date types in parse_http_time().
-      Without this patch, If-Modified-Since would behave
-      incorrectly. Fix for bug 5346; bugfix on 0.2.0.2-alpha. Patch from
-      Esteban Manchado Velázques.
-    - Reject out-of-range times like 23:59:61. Fix for bug 5346;
-      bugfix on 0.0.8pre3.
-

changes/bug5355

@@ -1,4 +0,0 @@
-  o Major bugfixes:
-    - Fix a compilation issue on GNU Hurd, which doesn't have PATH_MAX. Fixes
-      bug 5355; bugfix on 0.2.3.11-alpha.
-

changes/bug5374

@@ -1,7 +0,0 @@
-  o Minor bugfixes:
-
-    - Don't check for whether the address we're using for outbound
-      connections has changed until after the outbound connection has
-      completed. On Windows, getsockname() doesn't succeed until the
-      connection is finished. Fix for bug 5374; bugfix on
-      0.1.1.14-alpha.

changes/bug5380

@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Check our entry guards for having been picked too long ago when
-      we get a new consensus. (Previously, we only did this check at
-      startup, which could lead to us holding a guard indefinitely,
-      and give weird results.) Fixes bug 5380; bugfix on 0.2.1.14-rc.

changes/bug5437

@@ -1,3 +0,0 @@
-  o Documentation fixes:
-    - Clarify SessionGroup documentation slightly; resolves bug 5437.
-

changes/bug5541

@@ -1,8 +0,0 @@
-  o Minor bugfixes:
-    - Prevent a null-pointer dereference when receiving a data cell
-      for a nonexistent stream when the circuit in question has an
-      empty deliver window. We don't believe this is triggerable,
-      since we don't currently allow deliver windows to become empty,
-      but the logic is tricky enough that it's better to make the code
-      robust. Fixes bug 5541; bugfix on 0.0.2pre14.
-

changes/bug5597

@@ -1,4 +0,0 @@
-  o Documentation:
-    - Document the changes to the ORPort and DirPort options, and the
-      fact that {OR/Dir}ListenAddress is now unnecessary (and
-      therefore deprecated).

changes/bug5603

@@ -1,9 +0,0 @@
-  o Minor bugfixes:
-    - When told to add a bridge with the same addr:port as a
-      preexisting bridge but a different transport, change the
-      transport as requested. Previously we would not notice the
-      change. Fix for bug 5603; fix on 0.2.3.2-alpha.
-    - When told to add a bridge with the same digest as a
-      preexisting bridge but a different addr:port, change the
-      addr:port as requested. Previously we would not notice the
-      change. Fix for bug 5603; fix on 0.2.2.26-beta.

changes/bug5604

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Don't try to open non-control listeners when DisableNetwork is set.
-      Previousy, we'd open all listeners, then immediately close them.
-      Fixes bug 5604; bugfix on 0.2.3.9-alpha.

changes/bug5622

@@ -1,4 +0,0 @@
-  o Removed files:
-    - Remove the torrc.bridge file: we don't use it for anything, and
-      it had become badly desynchronized from torrc.sample.  Resolves
-      bug 5622.

changes/bug5645

@@ -1,5 +0,0 @@
-  o Code refactoring:
-    - Defensively refactor rend_mid_rendezvous() so that protocol
-      violations and length checks happen in the beginning. Fixes bug
-      5645.
-

changes/bug5723

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Format IPv4 addresses correctly in ADDRMAP events. (Previously,
-      we had reversed them when the answer was cached.) Fixes bug
-      5723; bugfix on 0.2.3.1-alpha.

changes/bug5760

@@ -1,3 +0,0 @@
-  o Major bugfixes:
-    - End AUTHCHALLENGE error response messages with a CRLF. Fixes bug 5760;
-      bugfix on 0.2.3.16-alpha, and backported to maint-0.2.2

changes/bug5762

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Work correctly on Linux systems with accept4 support advertised in
-      their headers, but without accept4 support in the kernel. Fix
-      by murb. Fixes bug 5762; bugfix on 0.2.3.1-alpha.

changes/bug5786_nocrash

@@ -1,7 +0,0 @@
-  o Major bugfixes (directory authorties):
-    - When computing weight parameters, behave more robustly in the
-      presence of a bad bwweightscale value.  Previously, the
-      authorities would crash if they agreed on a sufficiently browken
-      weight_scale value: now, they use a reasonable default and carry
-      on. Partial fix for 5786; bugfix on 0.2.2.17-alpha.
-

changes/bug5786_nodups

@@ -1,7 +0,0 @@
-  o Major bugfixes (directory authority):
-    - Check more thoroughly to prevent a rogue authority from
-      double-voting on any consensus directory parameter.  Previously,
-      authorities would crash in this case if the total number of votes
-      for any parameter exceeded the number of active voters, but would
-      let it pass otherwise.  Partial fix for bug 5786; bugfix on
-      0.2.2.2-alpha.

changes/bug5786_range

@@ -1,8 +0,0 @@
-  o Minor bugfixes:
-    - Make our number-parsing functions always treat too-large values
-      as an error, even when those values exceed the width of the
-      underlying type. Previously, if the caller provided these
-      functions with minima or maxima set to the extreme values of the
-      underlying integer type, these functions would return those
-      values on overflow rather than treating overflow as an error.
-      Fix for part of bug 5786; bugfix on Tor 0.0.9.

changes/bug5796

@@ -1,4 +0,0 @@
-  o Minor bugfixes (controller):
-    - Fix a NULL-pointer derefernce on a badly formed
-      SETCIRCUITPURPOSE command. Found by mikeyc. Fixes bug 5796;
-      bugfix on 0.2.2.9-alpha.

changes/bug5828

@@ -1,3 +0,0 @@
-  o Minor bugfixes (performance):
-    - Avoid O(n^2) performance characteristics when parsing a large
-      extrainfo cache. Fixes bug 5828; bugfix on 0.2.0.1-alpha.

changes/bug5858

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Remove bogus definition of "_WIN32" from src/win32/orconfig.h, to
-      unbreak the MSVC build. Fies bug 5858; bugfix on 0.2.3.12-alpha.
-

changes/bug5859

@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Resolve numerous small warnings and build issues with MSVC. Resolves
-      bug 5859.

changes/bug5861

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Set _WIN32_WINNT to 0x0501 consistently throughout the code, so
-      that IPv6 stuff will compile on MSVC, and compilation issues
-      will be easier to track down. Fix for bug 5861.

changes/bug5891

@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Fix a bug where a bridge authority crashes if it has seen no
-      directory requests when it's time to write statistics to disk.
-      Fixes bug 5891.  Also fixes bug 5508 in a better way.
-

changes/bug5910

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Don't abort the managed proxy protocol if the managed proxy
-      sends us an unrecognized line; ignore it instead. Fixes bug
-      5910; bugfix on 0.2.3.9-alpha.

changes/bug5916

@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - Fix a memory leak when trying to launch a DNS request when the
-      network is disabled or the nameservers are unconfigurable.  Fix
-      for bug 5916; bugfix on Tor 0.1.2.1-alpha (for the
-      unconfigurable nameserver case) and on 0.2.3.9-alpha (for the
-      DisableNetwork case).

changes/bug5954

@@ -1,5 +0,0 @@
-  o Minor features (controller):
-    - Expose our view of whether we have gone dormant to the
-      controller, via a new "GETINFO dormant" value. Due to bug 4718,
-      torbutton needs this to avoid excessive version checking. Fixes
-      bug 5954.

changes/bug5969

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix a compile warning in crypto.c when compiling with clang 3.1.
-      Fixes bug 5969, bugfix on 0.2.3.9-alpha.
-

changes/bug5969_022

@@ -1,7 +0,0 @@
-  o Minor bugfixes
-    - Fix a build warning with Clang 3.1 related to our use of vasprint.
-      Fix for bug 5969. Bugfix on 0.2.2.11-alpha.
-
-  o Compilation improvements:
-    - Tell GCC and Clang to check for any errors in format strings passed
-      to the tor_v*(print|scan)f functions.

changes/bug6007

@@ -1,5 +0,0 @@
-  o Major bugfixes (security):
-    - When waiting for a client to renegotiate, don't allow it to add
-      any bytes to the input buffer. This fixes a DoS issue. Fix for
-      bugs 6007 and 5934; bugfix on 0.2.0.20-rc.
-

changes/bug6033

@@ -1,6 +0,0 @@
-  o Major bugfixes:
-    - Work around a bug in OpenSSL that broke renegotiation with
-      TLS 1.1 and TLS 1.2.  Without this workaround, all attempts
-      to speak the v2 Tor network protocol when both sides were
-      using OpenSSL 1.0.1 would fail.  Fix for bug 6033, which is
-      not a bug in Tor.

changes/close_file_handle

@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Don't hold a windows file handle open for every file mapping;
-      the file mapping handle is sufficient. Fix for bug 5951; bugfix on
-      0.1.2.1-alpha.

changes/geoip-may2012

@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the May 1 2012 Maxmind GeoLite Country database.
-

changes/getfilesize_64

@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - On Windows, correctly detect errors and large file sizes from
-      GetFileSize. Fixes bug 5957; bugfix on Tor 0.1.2.1-alpha.

changes/routerlist_ins_replace

@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - If we hit the error case where routerlist_insert() replaces an
-      existing (old) server descriptor, make sure to remove that
-      server descriptor from the old_routers list. Fix related to bug
-      1776. Bugfix on 0.2.2.18-alpha.