Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2

Conflicts:
	changes/bug2190
	changes/forget-rend-descs-on-newnym

changes/all_descs

@@ -1,4 +0,0 @@
-  o Major bugfixes (bridge authority)
-    - Do not allow encrypte requests for "all" bridges to return all
-      bridges.
-

changes/bug1074-part2

@@ -1,6 +0,0 @@
-  o Major bugfixes:
-    - Stop sending a CLOCK_SKEW controller status event whenever
-      we fetch directory information from a relay that has a wrong clock.
-      Instead, only inform the controller when it's a trusted authority
-      that claims our clock is wrong. Bugfix on tor-0.1.2.6-alpha;
-      fixes the other half of bug 1074.

changes/bug1172

@@ -1,9 +0,0 @@
-  o Minor bugfixes:
-    - When we restart our relay, we might get a successful connection
-      from the outside before we've started our reachability tests,
-      triggering a warning: "ORPort found reachable, but I have no
-      routerinfo yet. Failing to inform controller of success." This
-      bug was harmless unless Tor is running under a controller
-      like Vidalia, in which case the controller would never get a
-      REACHABILITY_SUCCEEDED status event. Bugfix on 0.1.2.6-alpha;
-      fixes bug 1172.

changes/bug2190

@@ -1,11 +0,0 @@
-  o Minor bugfixes
-    - Prevent calls from Libevent from inside Libevent log handlers.
-      This had potential to cause a nasty set of crashes, especially if
-      running Libevent with debug logging enabled, and running Tor
-      with a controller watching for low-severity log messages.
-      Bugfix on 0.1.0.2-rc.  Fixes bug 2190.
-    - Make Libevent log messages get delievered to controllers later,
-      and not from inside the Libevent log handler.  This prevents
-      unsafe reentrant Libevent calls while still letting the log
-      messages get through.
-

changes/bug2305

@@ -1,5 +0,0 @@
-  o Build changes
-    - Tor does not build packages correctly with Automake 1.6 and earlier;
-      added a check to Makefile.am to make sure that we're building with
-      Automake 1.7 or later.
-

changes/bug2313

@@ -1,4 +0,0 @@
-  o Minor bugfixes
-    - Fix compilation on mingw when a pthreads compatibility library
-      has been installed.  (We don't want to use it, so we shouldn't
-      be including pthread.h.)  Fixes bug 2313; bugfix on 0.1.0.1-rc.

changes/bug2324

@@ -1,4 +0,0 @@
-  o Minor bugfixes
-    - Add a check for SIZE_T_MAX to tor_realloc to try to avoid
-      underflow errors there too.  Fixes bug 2324.
-

changes/bug2324_uncompress

@@ -1,5 +0,0 @@
-  o Major bugfixes (security):
-    - Prevent a DoS attack by disallowing any zlib-compressed data
-      whose compression factor is implausibly high.  Fixes the
-      second part of bug2324; found by doors.
-

changes/bug2326

@@ -1,6 +0,0 @@
-  o Minor bugfixes
-    - Fix a bug where we would assert if we ever had a
-      cached-descriptors.new file (or another file read directly into
-      memory) of exactly SIZE_T_CEILING bytes.  Found by doors; fixes
-      bug 2326; bugfix on 0.2.1.25.
-

changes/bug2328

@@ -1,9 +0,0 @@
-  o Minor bugfixes
-    - Fix a bug where we would declare that we had run out of virtual
-      addresses when the address space was only half-exhausted.  Bugfix
-      on 0.1.2.1-alpha.
-    - Correctly handle the case where AutomapHostsOnResolve is set but no
-      virtual addresses are available.  Fixes bug2328, bugfix on
-      0.1.2.1-alpha.  Bug found by doorss.
-    - Correctly handle wrapping around to when we run out of virtual address
-      space.  Found by cypherpunks, bugfix on 0.2.0.5-alpha.

changes/bug2332

@@ -1,4 +0,0 @@
-  o Minor bugfixes
-    - Fix a bug with handling misformed replies to reverse DNS lookup
-      requests in DNSPort.  Bugfix on Tor 0.2.0.1-alpha.  Related to a bug
-      reported by doorss.

changes/bug2352

@@ -1,6 +0,0 @@
-  o Minor bugfixes
-    - Fix some potential asserts and partsing issues with grossly
-      malformed router caches.  Fixes bug 2352.  Found by doorss.
-      Bugfix on Tor 0.2.1.27.
-
-

changes/bug2384

@@ -1,6 +0,0 @@
-  o Minor bugfixes
-    - Zero out a few more keys in memory before freeing them.  Fixes bug
-      2384 and part of bug 2385.  These key instances found by
-      "cypherpunks".  Bugfix on 0.0.2pre9.
-
-

changes/bug2408

@@ -1,6 +0,0 @@
-  o Major bugfixes
-    - Ignore and warn about "PublishServerDescriptor hidserv" torrc
-      options.  The 'hidserv' argument never controlled publication
-      of hidden service descriptors.  Bugfix on 0.2.0.1-alpha.
-
-

changes/bug2470

@@ -1,5 +0,0 @@
-  o Major bugfixes:
-    - If relays set RelayBandwidthBurst but not RelayBandwidthRate,
-      Tor would ignore their RelayBandwidthBurst setting,
-      potentially using more bandwidth than expected. Bugfix on
-      0.2.0.1-alpha. Reported by Paul Wouters. Fixes bug 2470.

changes/bug2475

@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned.
-      (None of the cases where we did this before were wrong, but by making
-      this change we can avoid warnings.)  Fixes bug2475; bugfix on
-      Tor 0.2.1.28.

changes/bug2629

@@ -1,5 +0,0 @@
-  o Minor bugfixes
-    - Fix a crash bug that could occur occasionally when a client was
-      configured with a large number of bridges.  Fixes bug 2629; bugfix
-      on 0.2.1.2-alpha.  Bugfix by trac user "shitlei".
-

changes/bug2750

@@ -1,6 +0,0 @@
-  o Minor bugfixes
-    - Correct the warning displayed when a rendezvous descriptor exceeds
-      the maximum size.  Fixes bug 2750; bugfix on 0.2.1.5-alpha.  Found
-      by John Brooks.
-
-

changes/bug2933

@@ -1,4 +0,0 @@
-  o Minor bugfixes
-    - Fix an uncommon assertion failure when running with DNSPort under
-      heavy load.  Fixes bug 2933; bugfix on 2.0.1-alpha.
-

changes/dhparam

@@ -1,3 +0,0 @@
-  o Minor features
-    - Adjust our TLS Diffie-Hellman parameters to match those used by
-      Apache's mod_ssl.

changes/forget-rend-descs-on-newnym

@@ -1,21 +0,0 @@
-  o Security fixes:
-    - Forget all hidden service descriptors cached as a client when
-      processing a SIGNAL NEWNYM command.  Fixes bug 3000.  Bugfix on
-      0.0.6.
-  o Major bugfixes:
-    - When we find that we have extended a hidden service's introduction
-      circuit to a relay which isn't listed as an introduction point in
-      the HS descriptor we currently have for the service, we now retry
-      one of the introduction points in the current HS descriptor.
-      Previously we would just give up.  Bugfix on 0.2.0.10-alpha; fixes
-      bugs 1024 and 1930.
-  o Minor bugfixes:
-    - Don't allow v0 hidden service authorities to act as clients.
-      Required by fix for bug 3000.
-    - Ignore SIGNAL NEWNYM commands on relay-only Tor instances.
-      Required by fix for bug 3000.
-  o Code simplifications and refactoring:
-    - Allow rend_client_send_introduction to fail without closing the
-      AP connection permanently.
-
-

changes/gabelmoo-newip

@@ -1,3 +0,0 @@
- o Directory authority changes:
-    - Change IP address and ports for gabelmoo (v3 directory authority).
-

changes/geoip-apr2011

@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the April 1 2011 Maxmind GeoLite Country database.
-

changes/geoip-dec2010

@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the December 1 2010 Maxmind GeoLite Country database.
-

changes/geoip-feb2011

@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the February 1 2011 Maxmind GeoLite Country database.
-

changes/geoip-jan2011

@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the January 1 2011 Maxmind GeoLite Country database.
-

changes/geoip-mar2011

@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the March 1 2011 Maxmind GeoLite Country database.
-

changes/ipv6_crash

@@ -1,4 +0,0 @@
-  o Major bugfixes:
-    - Fix a crash in parsing router descriptors containing IPv6
-      addresses.  This one crashed the directory authorities when somebody
-      fired up some experimental code. Bugfix on 0.2.1.3-alpha.

changes/mingw-openssl098m

@@ -1,3 +0,0 @@
- o Minor features
-   - Build correctly on mingw with more recent version of OpenSSL 0.9.8.
-     Patch from mingw-san.

changes/policy_summarize-assert

@@ -1,6 +0,0 @@
-  o Major bugfixes (security)
-    - Fix a bounds-checking error that could allow an attacker to
-      remotely crash a directory authority.  Found by piebeer.
-      Bugfix on 0.2.1.5-alpha.
-
-

changes/remove-website

@@ -1,5 +0,0 @@
-  o Removed files:
-    - Stop shipping the old doc/website/ directory in the tarball. We
-      changed the website format in late 2010, and what we shipped in
-      0.2.1.26 really wasn't that useful anyway.
-

changes/routerparse_maxima

@@ -1,4 +0,0 @@
-  o Minor bugfixes
-    - Check for and reject overly long directory certificates and
-      directory tokens before they have a chance to hit any
-      assertions. Bugfix on 0.2.1.28. Found by doorss.

changes/security_bug

@@ -1,5 +0,0 @@
-  o Major bugfixes:
-    - Fix a remotely exploitable bug that could be used to crash instances
-      of Tor remotely by overflowing on the heap.  Remove-code execution
-      hasn't been confirmed, but can't be ruled out.  Obviously, everyone
-      should upgrade.  Bugfix on the 0.1.1 series and later.

changes/tolen_asserts

@@ -1,8 +0,0 @@
-  o Major bugfixes (security)
-    - Fix a heap overflow bug where an adversary could cause heap
-      corruption.  This bug potentially allows remote code execution
-      attacks.  Found by debuger.  Fixes CVE-2011-0427.  Bugfix on
-      0.1.2.10-rc.
-  o Defensive programming
-    - Introduce output size checks on all of our decryption functions.
-

changes/torspec.git

@@ -1,5 +0,0 @@
-  o Packaging changes:
-    - Stop shipping the Tor specs files and development proposal documents
-      in the tarball. They are now in a separate git repository at
-      git://git.torproject.org/torspec.git
-

changes/zlib_aint_openssl

@@ -1,3 +0,0 @@
-  o Minor bugfixes
-    - When warning about missing zlib development packages, give the
-      correct package names.  Bugfix on 0.2.0.1-alpha.