Loading ChangeLog +66 −62 Original line number Diff line number Diff line Changes in version 0.4.1.2-alpha - 2019-06-05 Tor 0.4.1.2-alpha resolves numerous bugs--some of them from the previous alpha, and some much older. It also contains minor testing improvements, and an improvement to the security of our authenticated sendme implementation. Tor 0.4.1.2-alpha resolves numerous bugs--some of them from the previous alpha, and some much older. It also contains minor testing improvements, and an improvement to the security of our authenticated sendme implementation. o Major bugfixes (bridges): - Consider our directory information to have changed when our list of bridges changes. Previously, Tor would not re-compute the status of its directory information when bridges changed, and therefore would not realize that it was no longer able to build circuits. Fixes part of bug 29875. - Do not count previously configured working bridges towards our total of working bridges. Previously, when Tor's list of bridges changed, it would think that the old bridges were still usable, and delay fetching router descriptors for the new ones. Fixes part of bug 29875; bugfix on 0.3.0.1-alpha. - Consider our directory information to have changed when our list of bridges changes. Previously, Tor would not re-compute the status of its directory information when bridges changed, and therefore would not realize that it was no longer able to build circuits. Fixes part of bug 29875. - Do not count previously configured working bridges towards our total of working bridges. Previously, when Tor's list of bridges changed, it would think that the old bridges were still usable, and delay fetching router descriptors for the new ones. Fixes part of bug 29875; bugfix on 0.3.0.1-alpha. o Major bugfixes (Flow Control, SENDME): - The decrement of the stream-level package window was done in a log_debug() statement meaning that if the debug logs were not enabled, the decrement would never happen and thus the window would be out of sync with the other end point. Fixes bug 30628; bugfix on 0.4.1.1-alpha. - The decrement of the stream-level package window was done in a log_debug() statement meaning that if the debug logs were not enabled, the decrement would never happen and thus the window would be out of sync with the other end point. Fixes bug 30628; bugfix on 0.4.1.1-alpha. o Major bugfixes (Onion service reachability): - Properly clean up the introduction point map and associated state when circuits change purpose from onion service circuits to pathbias, measurement, or other circuit types. This should fix some instances of introduction point failure. Fixes bug 29034; bugfix on 0.3.2.1-alpha. - Properly clean up the introduction point map and associated state when circuits change purpose from onion service circuits to pathbias, measurement, or other circuit types. This should fix some instances of introduction point failure. Fixes bug 29034; bugfix on 0.3.2.1-alpha. o Minor features (authenticated SENDME): - Ensure that there is enough randomness on every circuit to prevent an attacker from successfully predicting what SENDME cells they will need to send: at a random interval, if we have not send randomness already, leave some extra space at the end of a cell that we can fill with random bytes. Closes ticket 26846. - Ensure that there is enough randomness on every circuit to prevent an attacker from successfully predicting what SENDME cells they will need to send: at a random interval, if we have not send randomness already, leave some extra space at the end of a cell that we can fill with random bytes. Closes ticket 26846. o Minor features (continuous integration): - When running coverage builds on Travis, we now set TOR_TEST_RNG_SEED, to avoid RNG-based coverage differences. Part of ticket 28878. - When running coverage builds on Travis, we now set TOR_TEST_RNG_SEED, to avoid RNG-based coverage differences. Part of ticket 28878. o Minor features (maintenance): - Add a new "make autostyle" target that developers can use to apply all automatic Tor style and consistency conversions to the - Add a new "make autostyle" target that developers can use to apply all automatic Tor style and consistency conversions to the codebase. Closes ticket 30539. o Minor features (testing): - The circuitpadding tests now use a reproducible RNG implementation, so that if a test fails, we can learn why. Part of ticket 28878. - Tor's tests now support an environment variable, TOR_TEST_RNG_SEED, to set the RNG seed for tests that use a reproducible RNG. Part of ticket 28878. to set the RNG seed for tests that use a reproducible RNG. Part of ticket 28878. - When running tests in coverage mode, take additional care to make our coverage deterministic, so that we can accurately track changes in code coverage. Closes ticket 30519. our coverage deterministic, so that we can accurately track changes in code coverage. Closes ticket 30519. o Minor bugfixes (configuration, proxies): - Fix a bug that prevented us from supporting SOCKS5 proxies that want authentication along with configured (but unused!) - Fix a bug that prevented us from supporting SOCKS5 proxies that want authentication along with configured (but unused!) ClientTransportPlugins. Fixes bug 29670; bugfix on 0.2.6.1-alpha. o Minor bugfixes (controller): - POSTDESCRIPTOR requests should work again. Previously, they were broken if a "purpose=" flag was specified. Fixes bug 30580; bugfix on 0.4.1.1-alpha. broken if a "purpose=" flag was specified. Fixes bug 30580; bugfix on 0.4.1.1-alpha. - Repair the HSFETCH command so that it works again. Previously, it expected a body when it shouldn't have. Fixes bug 30646; bugfix on 0.4.1.1-alpha. expected a body when it shouldn't have. Fixes bug 30646; bugfix on 0.4.1.1-alpha. o Minor bugfixes (developer tooling): - Fix pre-push hook to refrain from rejecting fixup and squash commits when pushing to non-upstream git remote. Fixes bug 30286; bugfix on 0.4.0.1-alpha. - Fix pre-push hook to refrain from rejecting fixup and squash commits when pushing to non-upstream git remote. Fixes bug 30286; bugfix on 0.4.0.1-alpha. o Minor bugfixes (directory authority): - Move the "bandwidth-file-headers" line in directory authority votes so that it conforms to dir-spec.txt. Fixes bug 30316; bugfix on 0.3.5.1-alpha. - Move the "bandwidth-file-headers" line in directory authority votes so that it conforms to dir-spec.txt. Fixes bug 30316; bugfix on 0.3.5.1-alpha. o Minor bugfixes (NetBSD): - Fix usage of minherit() on NetBSD and other platforms that define Loading @@ -89,23 +91,25 @@ Changes in version 0.4.1.2-alpha - 2019-06-05 purge the whole thing. Fixes bug 29617; bugfix on 0.3.5.1-alpha. o Minor bugfixes (portability): - Avoid crashing in our tor_vasprintf() implementation on systems that define neither vasprintf() nor _vscprintf(). (This bug has been here long enough that we question whether people are running Tor on such systems, but we're applying the fix out of caution.) Fixes bug 30561; bugfix on 0.2.8.2-alpha. Found and fixed by Tobias Stoeckmann. - Avoid crashing in our tor_vasprintf() implementation on systems that define neither vasprintf() nor _vscprintf(). (This bug has been here long enough that we question whether people are running Tor on such systems, but we're applying the fix out of caution.) Fixes bug 30561; bugfix on 0.2.8.2-alpha. Found and fixed by Tobias Stoeckmann. o Minor bugfixes (shutdown, libevent, memory safety): - Avoid use-after-free bugs when shutting down, by making sure that we shut down libevent only after shutting down all of its users. We believe these are harmless in practice, since they only occur on the shutdown path, and do not involve any attacker-controlled data. Fixes bug 30629; bugfix on 0.4.1.1-alpha. - Avoid use-after-free bugs when shutting down, by making sure that we shut down libevent only after shutting down all of its users. We believe these are harmless in practice, since they only occur on the shutdown path, and do not involve any attacker-controlled data. Fixes bug 30629; bugfix on 0.4.1.1-alpha. o Minor bugfixes (static analysis): - Fix several spurious Coverity warnings about the unit tests, to lower our chances of missing any real warnings in the future. Fixes bug 30150; bugfix on 0.3.5.1-alpha and various other Tor versions. - Fix several spurious Coverity warnings about the unit tests, to lower our chances of missing any real warnings in the future. Fixes bug 30150; bugfix on 0.3.5.1-alpha and various other Tor versions. o Testing: - Specify torrc paths (with empty files) when launching tor in Loading
ChangeLog +66 −62 Original line number Diff line number Diff line Changes in version 0.4.1.2-alpha - 2019-06-05 Tor 0.4.1.2-alpha resolves numerous bugs--some of them from the previous alpha, and some much older. It also contains minor testing improvements, and an improvement to the security of our authenticated sendme implementation. Tor 0.4.1.2-alpha resolves numerous bugs--some of them from the previous alpha, and some much older. It also contains minor testing improvements, and an improvement to the security of our authenticated sendme implementation. o Major bugfixes (bridges): - Consider our directory information to have changed when our list of bridges changes. Previously, Tor would not re-compute the status of its directory information when bridges changed, and therefore would not realize that it was no longer able to build circuits. Fixes part of bug 29875. - Do not count previously configured working bridges towards our total of working bridges. Previously, when Tor's list of bridges changed, it would think that the old bridges were still usable, and delay fetching router descriptors for the new ones. Fixes part of bug 29875; bugfix on 0.3.0.1-alpha. - Consider our directory information to have changed when our list of bridges changes. Previously, Tor would not re-compute the status of its directory information when bridges changed, and therefore would not realize that it was no longer able to build circuits. Fixes part of bug 29875. - Do not count previously configured working bridges towards our total of working bridges. Previously, when Tor's list of bridges changed, it would think that the old bridges were still usable, and delay fetching router descriptors for the new ones. Fixes part of bug 29875; bugfix on 0.3.0.1-alpha. o Major bugfixes (Flow Control, SENDME): - The decrement of the stream-level package window was done in a log_debug() statement meaning that if the debug logs were not enabled, the decrement would never happen and thus the window would be out of sync with the other end point. Fixes bug 30628; bugfix on 0.4.1.1-alpha. - The decrement of the stream-level package window was done in a log_debug() statement meaning that if the debug logs were not enabled, the decrement would never happen and thus the window would be out of sync with the other end point. Fixes bug 30628; bugfix on 0.4.1.1-alpha. o Major bugfixes (Onion service reachability): - Properly clean up the introduction point map and associated state when circuits change purpose from onion service circuits to pathbias, measurement, or other circuit types. This should fix some instances of introduction point failure. Fixes bug 29034; bugfix on 0.3.2.1-alpha. - Properly clean up the introduction point map and associated state when circuits change purpose from onion service circuits to pathbias, measurement, or other circuit types. This should fix some instances of introduction point failure. Fixes bug 29034; bugfix on 0.3.2.1-alpha. o Minor features (authenticated SENDME): - Ensure that there is enough randomness on every circuit to prevent an attacker from successfully predicting what SENDME cells they will need to send: at a random interval, if we have not send randomness already, leave some extra space at the end of a cell that we can fill with random bytes. Closes ticket 26846. - Ensure that there is enough randomness on every circuit to prevent an attacker from successfully predicting what SENDME cells they will need to send: at a random interval, if we have not send randomness already, leave some extra space at the end of a cell that we can fill with random bytes. Closes ticket 26846. o Minor features (continuous integration): - When running coverage builds on Travis, we now set TOR_TEST_RNG_SEED, to avoid RNG-based coverage differences. Part of ticket 28878. - When running coverage builds on Travis, we now set TOR_TEST_RNG_SEED, to avoid RNG-based coverage differences. Part of ticket 28878. o Minor features (maintenance): - Add a new "make autostyle" target that developers can use to apply all automatic Tor style and consistency conversions to the - Add a new "make autostyle" target that developers can use to apply all automatic Tor style and consistency conversions to the codebase. Closes ticket 30539. o Minor features (testing): - The circuitpadding tests now use a reproducible RNG implementation, so that if a test fails, we can learn why. Part of ticket 28878. - Tor's tests now support an environment variable, TOR_TEST_RNG_SEED, to set the RNG seed for tests that use a reproducible RNG. Part of ticket 28878. to set the RNG seed for tests that use a reproducible RNG. Part of ticket 28878. - When running tests in coverage mode, take additional care to make our coverage deterministic, so that we can accurately track changes in code coverage. Closes ticket 30519. our coverage deterministic, so that we can accurately track changes in code coverage. Closes ticket 30519. o Minor bugfixes (configuration, proxies): - Fix a bug that prevented us from supporting SOCKS5 proxies that want authentication along with configured (but unused!) - Fix a bug that prevented us from supporting SOCKS5 proxies that want authentication along with configured (but unused!) ClientTransportPlugins. Fixes bug 29670; bugfix on 0.2.6.1-alpha. o Minor bugfixes (controller): - POSTDESCRIPTOR requests should work again. Previously, they were broken if a "purpose=" flag was specified. Fixes bug 30580; bugfix on 0.4.1.1-alpha. broken if a "purpose=" flag was specified. Fixes bug 30580; bugfix on 0.4.1.1-alpha. - Repair the HSFETCH command so that it works again. Previously, it expected a body when it shouldn't have. Fixes bug 30646; bugfix on 0.4.1.1-alpha. expected a body when it shouldn't have. Fixes bug 30646; bugfix on 0.4.1.1-alpha. o Minor bugfixes (developer tooling): - Fix pre-push hook to refrain from rejecting fixup and squash commits when pushing to non-upstream git remote. Fixes bug 30286; bugfix on 0.4.0.1-alpha. - Fix pre-push hook to refrain from rejecting fixup and squash commits when pushing to non-upstream git remote. Fixes bug 30286; bugfix on 0.4.0.1-alpha. o Minor bugfixes (directory authority): - Move the "bandwidth-file-headers" line in directory authority votes so that it conforms to dir-spec.txt. Fixes bug 30316; bugfix on 0.3.5.1-alpha. - Move the "bandwidth-file-headers" line in directory authority votes so that it conforms to dir-spec.txt. Fixes bug 30316; bugfix on 0.3.5.1-alpha. o Minor bugfixes (NetBSD): - Fix usage of minherit() on NetBSD and other platforms that define Loading @@ -89,23 +91,25 @@ Changes in version 0.4.1.2-alpha - 2019-06-05 purge the whole thing. Fixes bug 29617; bugfix on 0.3.5.1-alpha. o Minor bugfixes (portability): - Avoid crashing in our tor_vasprintf() implementation on systems that define neither vasprintf() nor _vscprintf(). (This bug has been here long enough that we question whether people are running Tor on such systems, but we're applying the fix out of caution.) Fixes bug 30561; bugfix on 0.2.8.2-alpha. Found and fixed by Tobias Stoeckmann. - Avoid crashing in our tor_vasprintf() implementation on systems that define neither vasprintf() nor _vscprintf(). (This bug has been here long enough that we question whether people are running Tor on such systems, but we're applying the fix out of caution.) Fixes bug 30561; bugfix on 0.2.8.2-alpha. Found and fixed by Tobias Stoeckmann. o Minor bugfixes (shutdown, libevent, memory safety): - Avoid use-after-free bugs when shutting down, by making sure that we shut down libevent only after shutting down all of its users. We believe these are harmless in practice, since they only occur on the shutdown path, and do not involve any attacker-controlled data. Fixes bug 30629; bugfix on 0.4.1.1-alpha. - Avoid use-after-free bugs when shutting down, by making sure that we shut down libevent only after shutting down all of its users. We believe these are harmless in practice, since they only occur on the shutdown path, and do not involve any attacker-controlled data. Fixes bug 30629; bugfix on 0.4.1.1-alpha. o Minor bugfixes (static analysis): - Fix several spurious Coverity warnings about the unit tests, to lower our chances of missing any real warnings in the future. Fixes bug 30150; bugfix on 0.3.5.1-alpha and various other Tor versions. - Fix several spurious Coverity warnings about the unit tests, to lower our chances of missing any real warnings in the future. Fixes bug 30150; bugfix on 0.3.5.1-alpha and various other Tor versions. o Testing: - Specify torrc paths (with empty files) when launching tor in
