ReleaseNotes 1.11 MB
Newer Older
1
2
3
4
This document summarizes new features and bugfixes in each stable
release of Tor. If you want to see more detailed descriptions of the
changes in each development snapshot, see the ChangeLog file.

5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
Changes in version 0.3.5.9 - 2019-12-09
  Tor 0.3.5.9 backports serveral fixes from later releases, including
  several that affect bridge users, relay stability, onion services,
  and much more.

  o Directory authority changes (backport from 0.4.1.5):
    - The directory authority "dizum" has a new IP address. Closes
      ticket 31406.

  o Major bugfixes (bridges, backport from 0.4.1.2-alpha):
    - Consider our directory information to have changed when our list
      of bridges changes. Previously, Tor would not re-compute the
      status of its directory information when bridges changed, and
      therefore would not realize that it was no longer able to build
      circuits. Fixes part of bug 29875.
    - Do not count previously configured working bridges towards our
      total of working bridges. Previously, when Tor's list of bridges
      changed, it would think that the old bridges were still usable,
      and delay fetching router descriptors for the new ones. Fixes part
      of bug 29875; bugfix on 0.3.0.1-alpha.

  o Major bugfixes (circuit build, guard, backport from 0.4.1.4-rc):
    - When considering upgrading circuits from "waiting for guard" to
      "open", always ignore circuits that are marked for close. Otherwise,
      we can end up in the situation where a subsystem is notified that
      a closing circuit has just opened, leading to undesirable
      behavior. Fixes bug 30871; bugfix on 0.3.0.1-alpha.

  o Major bugfixes (NSS, relay, backport from 0.4.0.4-rc):
    - When running with NSS, disable TLS 1.2 ciphersuites that use
      SHA384 for their PRF. Due to an NSS bug, the TLS key exporters for
      these ciphersuites don't work -- which caused relays to fail to
      handshake with one another when these ciphersuites were enabled.
      Fixes bug 29241; bugfix on 0.3.5.1-alpha.

  o Major bugfixes (Onion service reachability, backport from 0.4.1.3-alpha):
    - Properly clean up the introduction point map when circuits change
      purpose from onion service circuits to pathbias, measurement, or
      other circuit types. This should fix some service-side instances
      of introduction point failure. Fixes bug 29034; bugfix
      on 0.3.2.1-alpha.

  o Major bugfixes (onion service v3, backport from 0.4.1.1-alpha):
    - Fix an unreachable bug in which an introduction point could try to
      send an INTRODUCE_ACK with a status code that Trunnel would refuse
      to encode, leading the relay to assert(). We've consolidated the
      ABI values into Trunnel now. Fixes bug 30454; bugfix
      on 0.3.0.1-alpha.
    - Clients can now handle unknown status codes from INTRODUCE_ACK
      cells. (The NACK behavior will stay the same.) This will allow us
      to extend status codes in the future without breaking the normal
      client behavior. Fixes another part of bug 30454; bugfix
      on 0.3.0.1-alpha.

  o Major bugfixes (torrc parsing, backport from 0.4.2.2-alpha):
    - Stop ignoring torrc options after an %include directive, when the
      included directory ends with a file that does not contain any
      config options (but does contain comments or whitespace). Fixes
      bug 31408; bugfix on 0.3.1.1-alpha.

  o Major bugfixes (v3 onion services, backport from 0.4.2.3-alpha):
    - Onion services now always use the exact number of intro points
      configured with the HiddenServiceNumIntroductionPoints option (or
      fewer if nodes are excluded). Before, a service could sometimes
      pick more intro points than configured. Fixes bug 31548; bugfix
      on 0.3.2.1-alpha.

  o Minor features (address selection, backport from 0.4.0.3-alpha):
    - Treat the subnet 100.64.0.0/10 as public for some purposes;
      private for others. This subnet is the RFC 6598 (Carrier Grade
      NAT) IP range, and is deployed by many ISPs as an alternative to
      RFC 1918 that does not break existing internal networks. Tor now
      blocks SOCKS and control ports on these addresses and warns users
      if client ports or ExtORPorts are listening on a RFC 6598 address.
      Closes ticket 28525. Patch by Neel Chauhan.

  o Minor features (bandwidth authority, backport from 0.4.0.4-rc):
    - Make bandwidth authorities ignore relays that are reported in the
      bandwidth file with the flag "vote=0". This change allows us to
      report unmeasured relays for diagnostic reasons without including
      their bandwidth in the bandwidth authorities' vote. Closes
      ticket 29806.

  o Minor features (compile-time modules, backport from version 0.4.1.1-alpha):
    - Add a "--list-modules" command to print a list of which compile-
      time modules are enabled. Closes ticket 30452.

  o Minor features (continuous integration, backport from 0.4.0.4-rc):
    - On Travis Rust builds, cleanup Rust registry and refrain from
      caching the "target/" directory to speed up builds. Resolves
      issue 29962.

  o Minor features (continuous integration, backport from 0.4.0.5):
    - In Travis, tell timelimit to use stem's backtrace signals, and
      launch python directly from timelimit, so python receives the
      signals from timelimit, rather than make. Closes ticket 30117.

  o Minor features (continuous integration, backport from 0.4.1.1-alpha):
    - Remove sudo configuration lines from .travis.yml as they are no
      longer needed with current Travis build environment. Resolves
      issue 30213.

  o Minor features (continuous integration, backport from 0.4.1.4-rc):
    - Our Travis configuration now uses Chutney to run some network
      integration tests automatically. Closes ticket 29280.

  o Minor features (continuous integration, backport from 0.4.2.2-alpha):
    - When building on Appveyor and Travis, pass the "-k" flag to make,
      so that we are informed of all compilation failures, not just the
      first one or two. Closes ticket 31372.

  o Minor features (fallback directory list, backport from 0.4.1.4-rc):
    - Replace the 157 fallbacks originally introduced in Tor 0.3.5.6-rc
      in December 2018 (of which ~122 were still functional), with a
      list of 148 fallbacks (70 new, 78 existing, 79 removed) generated
      in June 2019. Closes ticket 28795.

  o Minor features (geoip, backport from 0.4.2.5):
    - Update geoip and geoip6 to the December 3 2019 Maxmind GeoLite2
      Country database. Closes ticket 32685.

  o Minor features (NSS, diagnostic, backport from 0.4.0.4-rc):
    - Try to log an error from NSS (if there is any) and a more useful
      description of our situation if we are using NSS and a call to
      SSL_ExportKeyingMaterial() fails. Diagnostic for ticket 29241.

  o Minor features (stem tests, backport from 0.4.2.1-alpha):
    - Change "make test-stem" so it only runs the stem tests that use
      tor. This change makes test-stem faster and more reliable. Closes
      ticket 31554.

  o Minor bugfixes (security, backport from 0.4.0.4-rc):
    - Verify in more places that we are not about to create a buffer
      with more than INT_MAX bytes, to avoid possible OOB access in the
      event of bugs. Fixes bug 30041; bugfix on 0.2.0.16. Found and
      fixed by Tobias Stoeckmann.
    - Fix a potential double free bug when reading huge bandwidth files.
      The issue is not exploitable in the current Tor network because
      the vulnerable code is only reached when directory authorities
      read bandwidth files, but bandwidth files come from a trusted
      source (usually the authorities themselves). Furthermore, the
      issue is only exploitable in rare (non-POSIX) 32-bit architectures,
      which are not used by any of the current authorities. Fixes bug
      30040; bugfix on 0.3.5.1-alpha. Bug found and fixed by
      Tobias Stoeckmann.

  o Minor bugfix (continuous integration, backport from 0.4.0.4-rc):
    - Reset coverage state on disk after Travis CI has finished. This
      should prevent future coverage merge errors from causing the test
      suite for the "process" subsystem to fail. The process subsystem
      was introduced in 0.4.0.1-alpha. Fixes bug 29036; bugfix
      on 0.2.9.15.
    - Terminate test-stem if it takes more than 9.5 minutes to run.
      (Travis terminates the job after 10 minutes of no output.)
      Diagnostic for 29437. Fixes bug 30011; bugfix on 0.3.5.4-alpha.

  o Minor bugfixes (Appveyor CI, backport from 0.4.2.2-alpha):
    - Avoid spurious errors when Appveyor CI fails before the install step.
      Fixes bug 31884; bugfix on 0.3.4.2-alpha.

  o Minor bugfixes (build system, backport form 0.4.2.1-alpha):
    - Do not include the deprecated <sys/sysctl.h> on Linux or Windows
      systems. Fixes bug 31673; bugfix on 0.2.5.4-alpha.

  o Minor bugfixes (C correctness, backport from 0.4.0.4-rc):
    - Fix an unlikely memory leak in consensus_diff_apply(). Fixes bug
      29824; bugfix on 0.3.1.1-alpha. This is Coverity warning
      CID 1444119.

  o Minor bugfixes (circuit isolation, backport from 0.4.1.3-alpha):
    - Fix a logic error that prevented the SessionGroup sub-option from
      being accepted. Fixes bug 22619; bugfix on 0.2.7.2-alpha.

  o Minor bugfixes (client, onion service v3, backport from 0.4.2.4-rc):
    - Fix a BUG() assertion that occurs within a very small race window
      between when a client intro circuit opens and when its descriptor
      gets cleaned up from the cache. The circuit is now closed early,
      which will trigger a re-fetch of the descriptor and continue the
      connection. Fixes bug 28970; bugfix on 0.3.2.1-alpha.

  o Minor bugfixes (clock skew detection, backport from 0.4.1.5):
    - Don't believe clock skew results from NETINFO cells that appear to
      arrive before we sent the VERSIONS cells they are responding to.
      Previously, we would accept them up to 3 minutes "in the past".
      Fixes bug 31343; bugfix on 0.2.4.4-alpha.

  o Minor bugfixes (compilation warning, backport from 0.4.1.5):
    - Fix a compilation warning on Windows about casting a function
      pointer for GetTickCount64(). Fixes bug 31374; bugfix
      on 0.2.9.1-alpha.

  o Minor bugfixes (compilation, backport from 0.4.0.2-alpha):
    - Silence a compiler warning in test-memwipe.c on OpenBSD. Fixes bug
      29145; bugfix on 0.2.9.3-alpha. Patch from Kris Katterjohn.

  o Minor bugfixes (compilation, backport from 0.4.1.5):
    - Avoid using labs() on time_t, which can cause compilation warnings
      on 64-bit Windows builds. Fixes bug 31343; bugfix on 0.2.4.4-alpha.

  o Minor bugfixes (compilation, backport from 0.4.2.1-alpha):
    - Suppress spurious float-conversion warnings from GCC when calling
      floating-point classifier functions on FreeBSD. Fixes part of bug
      31687; bugfix on 0.3.1.5-alpha.

  o Minor bugfixes (compilation, unusual configurations, backport from 0.4.1.1-alpha):
    - Avoid failures when building with the ALL_BUGS_ARE_FATAL option
      due to missing declarations of abort(), and prevent other such
      failures in the future. Fixes bug 30189; bugfix on 0.3.4.1-alpha.

  o Minor bugfixes (configuration, proxies, backport from 0.4.1.2-alpha):
    - Fix a bug that prevented us from supporting SOCKS5 proxies that
      want authentication along with configured (but unused!)
      ClientTransportPlugins. Fixes bug 29670; bugfix on 0.2.6.1-alpha.

  o Minor bugfixes (connections, backport from 0.4.2.3-rc):
    - Avoid trying to read data from closed connections, which can cause
      needless loops in Libevent and infinite loops in Shadow. Fixes bug
      30344; bugfix on 0.1.1.1-alpha.

  o Minor bugfixes (continuous integration, backport from 0.4.1.3-alpha):
    - Allow the test-stem job to fail in Travis, because it sometimes
      hangs. Fixes bug 30744; bugfix on 0.3.5.4-alpha.
    - Skip test_rebind on macOS in Travis, because it is unreliable on
      macOS on Travis. Fixes bug 30713; bugfix on 0.3.5.1-alpha.
    - Skip test_rebind when the TOR_SKIP_TEST_REBIND environment
      variable is set. Fixes bug 30713; bugfix on 0.3.5.1-alpha.

  o Minor bugfixes (crash on exit, backport from 0.4.1.4-rc):
    - Avoid a set of possible code paths that could try to use freed
      memory in routerlist_free() while Tor was exiting. Fixes bug
      31003; bugfix on 0.1.2.2-alpha.

  o Minor bugfixes (directory authorities, backport from 0.4.1.3-alpha):
    - Stop crashing after parsing an unknown descriptor purpose
      annotation. We think this bug can only be triggered by modifying a
      local file. Fixes bug 30781; bugfix on 0.2.0.8-alpha.

  o Minor bugfixes (directory authority, backport from 0.4.1.2-alpha):
    - Move the "bandwidth-file-headers" line in directory authority
      votes so that it conforms to dir-spec.txt. Fixes bug 30316; bugfix
      on 0.3.5.1-alpha.

  o Minor bugfixes (error handling, backport from 0.4.2.1-alpha):
    - On abort, try harder to flush the output buffers of log messages.
      On some platforms (macOS), log messages could be discarded when
      the process terminates. Fixes bug 31571; bugfix on 0.3.5.1-alpha.
    - Report the tor version whenever an assertion fails. Previously, we
      only reported the Tor version on some crashes, and some non-fatal
      assertions. Fixes bug 31571; bugfix on 0.3.5.1-alpha.

  o Minor bugfixes (FreeBSD, PF-based proxy, IPv6, backport from 0.4.2.1-alpha):
    - When extracting an IPv6 address from a PF-based proxy, verify that
      we are actually configured to receive an IPv6 address, and log an
      internal error if not. Fixes part of bug 31687; bugfix
      on 0.2.3.4-alpha.

  o Minor bugfixes (guards, backport from 0.4.2.1-alpha):
    - When tor is missing descriptors for some primary entry guards,
      make the log message less alarming. It's normal for descriptors to
      expire, as long as tor fetches new ones soon after. Fixes bug
      31657; bugfix on 0.3.3.1-alpha.

  o Minor bugfixes (logging, backport from 0.4.0.2-alpha):
    - Avoid logging that we are relaxing a circuit timeout when that
      timeout is fixed. Fixes bug 28698; bugfix on 0.2.4.7-alpha.

  o Minor bugfixes (logging, backport from 0.4.0.3-alpha):
    - Correct a misleading error message when IPv4Only or IPv6Only is
      used but the resolved address can not be interpreted as an address
      of the specified IP version. Fixes bug 13221; bugfix on
      0.2.3.9-alpha. Patch from Kris Katterjohn.
    - Log the correct port number for listening sockets when "auto" is
      used to let Tor pick the port number. Previously, port 0 was
      logged instead of the actual port number. Fixes bug 29144; bugfix
      on 0.3.5.1-alpha. Patch from Kris Katterjohn.
    - Stop logging a BUG() warning when Tor is waiting for exit
      descriptors. Fixes bug 28656; bugfix on 0.3.5.1-alpha.

  o Minor bugfixes (logging, backport from 0.4.1.1-alpha):
    - Do not log a warning when running with an OpenSSL version other
      than the one Tor was compiled with, if the two versions should be
      compatible. Previously, we would warn whenever the version was
      different. Fixes bug 30190; bugfix on 0.2.4.2-alpha.

  o Minor bugfixes (logging, backport from 0.4.2.1-alpha):
    - Change log level of message "Hash of session info was not as
      expected" to LOG_PROTOCOL_WARN. Fixes bug 12399; bugfix
      on 0.1.1.10-alpha.

  o Minor bugfixes (logging, backport from 0.4.2.2-alpha):
    - Rate-limit our the logging message about the obsolete .exit
      notation. Previously, there was no limit on this warning, which
      could potentially be triggered many times by a hostile website.
      Fixes bug 31466; bugfix on 0.2.2.1-alpha.

  o Minor bugfixes (logging, protocol violations, backport from 0.4.2.2-alpha):
    - Do not log a nonfatal assertion failure when receiving a VERSIONS
      cell on a connection using the obsolete v1 link protocol. Log a
      protocol_warn instead. Fixes bug 31107; bugfix on 0.2.4.4-alpha.

  o Minor bugfixes (mainloop, periodic events, in-process API, backport from 0.4.2.3-alpha):
    - Reset the periodic events' "enabled" flag when Tor is shut down
      cleanly. Previously, this flag was left on, which caused periodic
      events not to be re-enabled when Tor was relaunched in-process
      with tor_api.h after a shutdown. Fixes bug 32058; bugfix
      on 0.3.3.1-alpha.

  o Minor bugfixes (memory leak, backport from 0.4.1.1-alpha):
    - Avoid a minor memory leak that could occur on relays when failing
      to create a "keys" directory. Fixes bug 30148; bugfix
      on 0.3.3.1-alpha.

  o Minor bugfixes (memory leak, backport from 0.4.1.4-rc):
    - Fix a trivial memory leak when parsing an invalid value
      from a download schedule in the configuration. Fixes bug
      30894; bugfix on 0.3.4.1-alpha.

  o Minor bugfixes (memory management, backport from 0.4.0.3-alpha):
    - Refactor the shared random state's memory management so that it
      actually takes ownership of the shared random value pointers.
      Fixes bug 29706; bugfix on 0.2.9.1-alpha.

  o Minor bugfixes (memory management, testing, backport from 0.4.0.3-alpha):
    - Stop leaking parts of the shared random state in the shared-random
      unit tests. Fixes bug 29599; bugfix on 0.2.9.1-alpha.

  o Minor bugfixes (onion services, backport from 0.4.1.1-alpha):
    - Avoid a GCC 9.1.1 warning (and possible crash depending on libc
      implemenation) when failing to load an onion service client
      authorization file. Fixes bug 30475; bugfix on 0.3.5.1-alpha.

  o Minor bugfixes (out-of-memory handler, backport from 0.4.1.2-alpha):
    - When purging the DNS cache because of an out-of-memory condition,
      try purging just the older entries at first. Previously, we would
      always purge the whole thing. Fixes bug 29617; bugfix
      on 0.3.5.1-alpha.

  o Minor bugfixes (portability, backport from 0.4.1.2-alpha):
    - Avoid crashing in our tor_vasprintf() implementation on systems
      that define neither vasprintf() nor _vscprintf(). (This bug has
      been here long enough that we question whether people are running
      Tor on such systems, but we're applying the fix out of caution.)
      Fixes bug 30561; bugfix on 0.2.8.2-alpha. Found and fixed by
      Tobias Stoeckmann.

  o Minor bugfixes (relay, backport from 0.4.2.2-alpha):
    - Avoid crashing when starting with a corrupt keys directory where
      the old ntor key and the new ntor key are identical. Fixes bug
      30916; bugfix on 0.2.4.8-alpha.

  o Minor bugfixes (rust, backport from 0.4.0.5):
    - Abort on panic in all build profiles, instead of potentially
      unwinding into C code. Fixes bug 27199; bugfix on 0.3.3.1-alpha.

  o Minor bugfixes (rust, backport from 0.4.2.1-alpha):
    - Correctly exclude a redundant rust build job in Travis. Fixes bug
      31463; bugfix on 0.3.5.4-alpha.

  o Minor bugfixes (single onion services, backport from 0.4.0.3-alpha):
    - Allow connections to single onion services to remain idle without
      being disconnected. Previously, relays acting as rendezvous points
      for single onion services were mistakenly closing idle rendezvous
      circuits after 60 seconds, thinking that they were unused
      directory-fetching circuits that had served their purpose. Fixes
      bug 29665; bugfix on 0.2.1.26.

  o Minor bugfixes (stats, backport from 0.4.0.3-alpha):
    - When ExtraInfoStatistics is 0, stop including PaddingStatistics in
      relay and bridge extra-info documents. Fixes bug 29017; bugfix
      on 0.3.1.1-alpha.

  o Minor bugfixes (testing, backport from 0.4.0.3-alpha):
    - Downgrade some LOG_ERR messages in the address/* tests to
      warnings. The LOG_ERR messages were occurring when we had no
      configured network. We were failing the unit tests, because we
      backported 28668 to 0.3.5.8, but did not backport 29530. Fixes bug
      29530; bugfix on 0.3.5.8.
    - Fix our gcov wrapper script to look for object files at the
      correct locations. Fixes bug 29435; bugfix on 0.3.5.1-alpha.

  o Minor bugfixes (testing, backport from 0.4.0.4-rc):
    - Backport the 0.3.4 src/test/test-network.sh to 0.2.9. We need a
      recent test-network.sh to use new chutney features in CI. Fixes
      bug 29703; bugfix on 0.2.9.1-alpha.
    - Fix a test failure on Windows caused by an unexpected "BUG"
      warning in our tests for tor_gmtime_r(-1). Fixes bug 29922; bugfix
      on 0.2.9.3-alpha.

  o Minor bugfixes (testing, backport from 0.4.2.3-alpha):
    - When testing port rebinding, don't busy-wait for tor to log.
      Instead, actually sleep for a short time before polling again.
      Also improve the formatting of control commands and log messages.
      Fixes bug 31837; bugfix on 0.3.5.1-alpha.

  o Minor bugfixes (TLS protocol, backport form 0.4.0.4-rc):
    - When classifying a client's selection of TLS ciphers, if the
      client ciphers are not yet available, do not cache the result.
      Previously, we had cached the unavailability of the cipher list
      and never looked again, which in turn led us to assume that the
      client only supported the ancient V1 link protocol. This, in turn,
      was causing Stem integration tests to stall in some cases. Fixes
      bug 30021; bugfix on 0.2.4.8-alpha.

  o Minor bugfixes (tls, logging, backport from 0.4.2.3-alpha):
    - Log bugs about the TLS read buffer's length only once, rather than
      filling the logs with similar warnings. Fixes bug 31939; bugfix
      on 0.3.0.4-rc.

  o Minor bugfixes (v2 single onion services, backport from 0.4.2.1-alpha):
    - Always retry v2 single onion service intro and rend circuits with
      a 3-hop path. Previously, v2 single onion services used a 3-hop
      path when rendezvous circuits were retried after a remote or
      delayed failure, but a 1-hop path for immediate retries. Fixes bug
      23818; bugfix on 0.2.9.3-alpha.
    - Make v3 single onion services fall back to a 3-hop intro, when all
      intro points are unreachable via a 1-hop path. Previously, v3
      single onion services failed when all intro nodes were unreachable
      via a 1-hop path. Fixes bug 23507; bugfix on 0.3.2.1-alpha.

  o Minor bugfixes (Windows, CI, backport from 0.4.0.3-alpha):
    - Skip the Appveyor 32-bit Windows Server 2016 job, and 64-bit
      Windows Server 2012 R2 job. The remaining 2 jobs still provide
      coverage of 64/32-bit, and Windows Server 2016/2012 R2. Also set
      fast_finish, so failed jobs terminate the build immediately. Fixes
      bug 29601; bugfix on 0.3.5.4-alpha.

  o Documentation (backport from 0.4.2.1-alpha):
    - Use RFC 2397 data URL scheme to embed an image into tor-exit-
      notice.html so that operators no longer have to host it
      themselves. Closes ticket 31089.

  o Testing (backport from 0.4.1.2-alpha):
    - Specify torrc paths (with empty files) when launching tor in
      integration tests; refrain from reading user and system torrcs.
      Resolves issue 29702.

  o Testing (continuous integration, backport from 0.4.1.1-alpha):
    - In Travis, show stem's tor log after failure. Closes ticket 30234.

  o Testing (continuous integration, backport from 0.4.1.5):
    - In Travis, make stem log a controller trace to the console, and
      tail stem's tor log after failure. Closes ticket 30591.
    - In Travis, only run the stem tests that use a tor binary. Closes
      ticket 30694.

  o Testing (continuous integration, backport from 0.4.2.3-alpha):
    - Disable all but one Travis CI macOS build, to mitigate slow
      scheduling of Travis macOS jobs. Closes ticket 32177.
    - Run the chutney IPv6 networks as part of Travis CI. Closes
      ticket 30860.
    - Simplify the Travis CI build matrix, and optimise for build time.
      Closes ticket 31859.
    - Use Windows Server 2019 instead of Windows Server 2016 in our
      Appveyor builds. Closes ticket 32086.

  o Testing (continuous integration, backport from 0.4.2.4-rc):
    - Use Ubuntu Bionic images for our Travis CI builds, so we can get a
      recent version of coccinelle. But leave chutney on Ubuntu Trusty,
      until we can fix some Bionic permissions issues (see ticket
      32240). Related to ticket 31919.
    - Install the mingw OpenSSL package in Appveyor. This makes sure
      that the OpenSSL headers and libraries match in Tor's Appveyor
      builds. (This bug was triggered by an Appveyor image update.)
      Fixes bug 32449; bugfix on 0.3.5.6-rc.
    - In Travis, use Xcode 11.2 on macOS 10.14. Closes ticket 32241.

  o Testing (continuous integration, backport from 0.4.2.5):
    - Require C99 standards-conforming code in Travis CI, but allow GNU gcc
      extensions. Also activates clang's -Wtypedef-redefinition warnings.
      Build some jobs with -std=gnu99, and some jobs without.
      Closes ticket 32500.


478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
Changes in version 0.3.5.8 - 2019-02-21
  Tor 0.3.5.8 backports serveral fixes from later releases, including fixes
  for an annoying SOCKS-parsing bug that affected users in earlier 0.3.5.x
  releases.

  It also includes a fix for a medium-severity security bug affecting Tor
  0.3.2.1-alpha and later. All Tor instances running an affected release
  should upgrade to 0.3.3.12, 0.3.4.11, 0.3.5.8, or 0.4.0.2-alpha.

  o Major bugfixes (cell scheduler, KIST, security):
    - Make KIST consider the outbuf length when computing what it can
      put in the outbuf. Previously, KIST acted as though the outbuf
      were empty, which could lead to the outbuf becoming too full. It
      is possible that an attacker could exploit this bug to cause a Tor
      client or relay to run out of memory and crash. Fixes bug 29168;
      bugfix on 0.3.2.1-alpha. This issue is also being tracked as
      TROVE-2019-001 and CVE-2019-8955.

  o Major bugfixes (networking, backport from 0.4.0.2-alpha):
    - Gracefully handle empty username/password fields in SOCKS5
      username/password auth messsage and allow SOCKS5 handshake to
      continue. Previously, we had rejected these handshakes, breaking
      certain applications. Fixes bug 29175; bugfix on 0.3.5.1-alpha.

  o Minor features (compilation, backport from 0.4.0.2-alpha):
    - Compile correctly when OpenSSL is built with engine support
      disabled, or with deprecated APIs disabled. Closes ticket 29026.
      Patches from "Mangix".

  o Minor features (geoip):
    - Update geoip and geoip6 to the February 5 2019 Maxmind GeoLite2
      Country database. Closes ticket 29478.

  o Minor features (testing, backport from 0.4.0.2-alpha):
    - Treat all unexpected ERR and BUG messages as test failures. Closes
      ticket 28668.

  o Minor bugfixes (onion service v3, client, backport from 0.4.0.1-alpha):
    - Stop logging a "BUG()" warning and stacktrace when we find a SOCKS
      connection waiting for a descriptor that we actually have in the
      cache. It turns out that this can actually happen, though it is
      rare. Now, tor will recover and retry the descriptor. Fixes bug
      28669; bugfix on 0.3.2.4-alpha.

  o Minor bugfixes (IPv6, backport from 0.4.0.1-alpha):
    - Fix tor_ersatz_socketpair on IPv6-only systems. Previously, the
      IPv6 socket was bound using an address family of AF_INET instead
      of AF_INET6. Fixes bug 28995; bugfix on 0.3.5.1-alpha. Patch from
      Kris Katterjohn.

  o Minor bugfixes (build, compatibility, rust, backport from 0.4.0.2-alpha):
    - Update Cargo.lock file to match the version made by the latest
      version of Rust, so that "make distcheck" will pass again. Fixes
      bug 29244; bugfix on 0.3.3.4-alpha.

  o Minor bugfixes (client, clock skew, backport from 0.4.0.1-alpha):
    - Select guards even if the consensus has expired, as long as the
      consensus is still reasonably live. Fixes bug 24661; bugfix
      on 0.3.0.1-alpha.

  o Minor bugfixes (compilation, backport from 0.4.0.1-alpha):
    - Compile correctly on OpenBSD; previously, we were missing some
      headers required in order to detect it properly. Fixes bug 28938;
      bugfix on 0.3.5.1-alpha. Patch from Kris Katterjohn.

  o Minor bugfixes (documentation, backport from 0.4.0.2-alpha):
    - Describe the contents of the v3 onion service client authorization
      files correctly: They hold public keys, not private keys. Fixes
      bug 28979; bugfix on 0.3.5.1-alpha. Spotted by "Felixix".

  o Minor bugfixes (logging, backport from 0.4.0.1-alpha):
    - Rework rep_hist_log_link_protocol_counts() to iterate through all
      link protocol versions when logging incoming/outgoing connection
      counts. Tor no longer skips version 5, and we won't have to
      remember to update this function when new link protocol version is
      developed. Fixes bug 28920; bugfix on 0.2.6.10.

  o Minor bugfixes (logging, backport from 0.4.0.2-alpha):
    - Log more information at "warning" level when unable to read a
      private key; log more information at "info" level when unable to
      read a public key. We had warnings here before, but they were lost
      during our NSS work. Fixes bug 29042; bugfix on 0.3.5.1-alpha.

  o Minor bugfixes (misc, backport from 0.4.0.2-alpha):
    - The amount of total available physical memory is now determined
      using the sysctl identifier HW_PHYSMEM (rather than HW_USERMEM)
      when it is defined and a 64-bit variant is not available. Fixes
      bug 28981; bugfix on 0.2.5.4-alpha. Patch from Kris Katterjohn.

  o Minor bugfixes (onion services, backport from 0.4.0.2-alpha):
    - Avoid crashing if ClientOnionAuthDir (incorrectly) contains more
      than one private key for a hidden service. Fixes bug 29040; bugfix
      on 0.3.5.1-alpha.
    - In hs_cache_store_as_client() log an HSDesc we failed to parse at
      "debug" level. Tor used to log it as a warning, which caused very
      long log lines to appear for some users. Fixes bug 29135; bugfix
      on 0.3.2.1-alpha.
    - Stop logging "Tried to establish rendezvous on non-OR circuit..."
      as a warning. Instead, log it as a protocol warning, because there
      is nothing that relay operators can do to fix it. Fixes bug 29029;
      bugfix on 0.2.5.7-rc.

  o Minor bugfixes (tests, directory clients, backport from 0.4.0.1-alpha):
    - Mark outdated dirservers when Tor only has a reasonably live
      consensus. Fixes bug 28569; bugfix on 0.3.2.5-alpha.

  o Minor bugfixes (tests, backport from 0.4.0.2-alpha):
    - Detect and suppress "bug" warnings from the util/time test on
      Windows. Fixes bug 29161; bugfix on 0.2.9.3-alpha.
    - Do not log an error-level message if we fail to find an IPv6
      network interface from the unit tests. Fixes bug 29160; bugfix
      on 0.2.7.3-rc.

  o Minor bugfixes (usability, backport from 0.4.0.1-alpha):
    - Stop saying "Your Guard ..." in pathbias_measure_{use,close}_rate().
      Some users took this phrasing to mean that the mentioned guard was
      under their control or responsibility, which it is not. Fixes bug
      28895; bugfix on Tor 0.3.0.1-alpha.


598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
Changes in version 0.3.5.7 - 2019-01-07
  Tor 0.3.5.7 is the first stable release in its series; it includes
  compilation and portability fixes, and a fix for a severe problem
  affecting directory caches.

  The Tor 0.3.5 series includes several new features and performance
  improvements, including client authorization for v3 onion services,
  cleanups to bootstrap reporting, support for improved bandwidth-
  measurement tools, experimental support for NSS in place of OpenSSL,
  and much more. It also begins a full reorganization of Tor's code
  layout, for improved modularity and maintainability in the future.
  Finally, there is the usual set of performance improvements and
  bugfixes that we try to do in every release series.

  There are a couple of changes in the 0.3.5 that may affect
  compatibility. First, the default version for newly created onion
  services is now v3. Use the HiddenServiceVersion option if you want to
  override this. Second, some log messages related to bootstrapping have
  changed; if you use stem, you may need to update to the latest version
  so it will recognize them.

  We have designated 0.3.5 as a "long-term support" (LTS) series: we
  will continue to patch major bugs in typical configurations of 0.3.5
  until at least 1 Feb 2022. (We do not plan to provide long-term
  support for embedding, Rust support, NSS support, running a directory
  authority, or unsupported platforms. For these, you will need to stick
  with the latest stable release.)

  Below are the changes since 0.3.4.9. For a complete list of changes
  since 0.3.5.6-rc, see the ChangeLog file.

  o Major features (bootstrap):
    - Don't report directory progress until after a connection to a
      relay or bridge has succeeded. Previously, we'd report 80%
      progress based on cached directory information when we couldn't
      even connect to the network. Closes ticket 27169.

  o Major features (new code layout):
    - Nearly all of Tor's source code has been moved around into more
      logical places. The "common" directory is now divided into a set
      of libraries in "lib", and files in the "or" directory have been
      split into "core" (logic absolutely needed for onion routing),
      "feature" (independent modules in Tor), and "app" (to configure
      and invoke the rest of Tor). See doc/HACKING/CodeStructure.md for
      more information. Closes ticket 26481.

      This refactoring is not complete: although the libraries have been
      refactored to be acyclic, the main body of Tor is still too
      interconnected. We will attempt to improve this in the future.

  o Major features (onion services v3):
    - Implement onion service client authorization at the descriptor
      level: only authorized clients can decrypt a service's descriptor
      to find out how to contact it. A new torrc option was added to
      control this client side: ClientOnionAuthDir <path>. On the
      service side, if the "authorized_clients/" directory exists in the
      onion service directory path, client configurations are read from
      the files within. See the manpage for more details. Closes ticket
      27547. Patch done by Suphanat Chunhapanya (haxxpop).
    - Improve revision counter generation in next-gen onion services.
      Onion services can now scale by hosting multiple instances on
      different hosts without synchronization between them, which was
      previously impossible because descriptors would get rejected by
      HSDirs. Addresses ticket 25552.
    - Version 3 onion services can now use the per-service
      HiddenServiceExportCircuitID option to differentiate client
      circuits. It communicates with the service by using the HAProxy
      protocol to assign virtual IP addresses to inbound client
      circuits. Closes ticket 4700. Patch by Mahrud Sayrafi.

  o Major features (onion services, UI change):
    - For a newly created onion service, the default version is now 3.
      Tor still supports existing version 2 services, but the operator
      now needs to set "HiddenServiceVersion 2" in order to create a new
      version 2 service. For existing services, Tor now learns the
      version by reading the key file. Closes ticket 27215.

  o Major features (portability, cryptography, experimental, TLS):
    - Tor now has the option to compile with the NSS library instead of
      OpenSSL. This feature is experimental, and we expect that bugs may
      remain. It is mainly intended for environments where Tor's
      performance is not CPU-bound, and where NSS is already known to be
      installed. To try it out, configure Tor with the --enable-nss
      flag. Closes tickets 26631, 26815, and 26816.

      If you are experimenting with this option and using an old cached
      consensus, Tor may fail to start. To solve this, delete your
      "cached-consensus" and "cached-microdesc-consensus" files,
      (if present), and restart Tor.

  o Major features (relay, UI change):
    - Relays no longer run as exits by default. If the "ExitRelay"
      option is auto (or unset), and no exit policy is specified with
      ExitPolicy or ReducedExitPolicy, we now treat ExitRelay as 0.
      Previously in this case, we allowed exit traffic and logged a
      warning message. Closes ticket 21530. Patch by Neel Chauhan.
    - Tor now validates that the ContactInfo config option is valid UTF-
      8 when parsing torrc. Closes ticket 27428.

  o Major bugfixes (compilation):
    - Fix compilation on ARM (and other less-used CPUs) when compiling
      with OpenSSL before 1.1. Fixes bug 27781; bugfix on 0.3.4.1-alpha.

  o Major bugfixes (compilation, rust):
    - Rust tests can now build and run successfully with the
      --enable-fragile-hardening option enabled. Doing this currently
      requires the rust beta channel; it will be possible with stable
      rust once Rust version 1.31 is released. Patch from Alex Crichton.
      Fixes bugs 27272, 27273, and 27274. Bugfix on 0.3.1.1-alpha.

  o Major bugfixes (directory authority):
    - Actually check that the address we get from DirAuthority
      configuration line is valid IPv4. Explicitly disallow DirAuthority
      address to be a DNS hostname. Fixes bug 26488; bugfix
      on 0.1.2.10-rc.

  o Major bugfixes (embedding, main loop):
    - When DisableNetwork becomes set, actually disable periodic events
      that are already enabled. (Previously, we would refrain from
      enabling new ones, but we would leave the old ones turned on.)
      Fixes bug 28348; bugfix on 0.3.4.1-alpha.

  o Major bugfixes (main loop, bootstrap):
    - Make sure Tor bootstraps and works properly if only the
      ControlPort is set. Prior to this fix, Tor would only bootstrap
      when a client port was set (Socks, Trans, NATD, DNS or HTTPTunnel
      port). Fixes bug 27849; bugfix on 0.3.4.1-alpha.

Roger Dingledine's avatar
Roger Dingledine committed
726
727
728
729
730
731
732
  o Major bugfixes (onion service v3):
    - On an intro point for a version 3 onion service, stop closing
      introduction circuits on a NACK. This lets the client decide
      whether to reuse the circuit or discard it. Previously, we closed
      intro circuits when sending NACKs. Fixes bug 27841; bugfix on
      0.3.2.1-alpha. Patch by Neel Chaunan.

733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
  o Major bugfixes (OpenSSL, portability):
    - Fix our usage of named groups when running as a TLS 1.3 client in
      OpenSSL 1.1.1. Previously, we only initialized EC groups when
      running as a relay, which caused clients to fail to negotiate TLS
      1.3 with relays. Fixes bug 28245; bugfix on 0.2.9.15 (when TLS 1.3
      support was added).

  o Major bugfixes (relay bandwidth statistics):
    - When we close relayed circuits, report the data in the circuit
      queues as being written in our relay bandwidth stats. This
      mitigates guard discovery and other attacks that close circuits
      for the explicit purpose of noticing this discrepancy in
      statistics. Fixes bug 23512; bugfix on 0.0.8pre3.

  o Major bugfixes (relay):
    - When our write bandwidth limit is exhausted, stop writing on the
      connection. Previously, we had a typo in the code that would make
      us stop reading instead, leading to relay connections being stuck
      indefinitely and consuming kernel RAM. Fixes bug 28089; bugfix
      on 0.3.4.1-alpha.
    - Always reactivate linked connections in the main loop so long as
      any linked connection has been active. Previously, connections
      serving directory information wouldn't get reactivated after the
      first chunk of data was sent (usually 32KB), which would prevent
      clients from bootstrapping. Fixes bug 28912; bugfix on
      0.3.4.1-alpha. Patch by "cypherpunks3".

  o Major bugfixes (restart-in-process):
    - Fix a use-after-free error that could be caused by passing Tor an
      impossible set of options that would fail during options_act().
      Fixes bug 27708; bugfix on 0.3.3.1-alpha.

  o Minor features (admin tools):
    - Add a new --key-expiration option to print the expiration date of
      the signing cert in an ed25519_signing_cert file. Resolves
      issue 19506.

  o Minor features (build):
    - If you pass the "--enable-pic" option to configure, Tor will try
      to tell the compiler to build position-independent code suitable
      to link into a dynamic library. (The default remains -fPIE, for
      code suitable for a relocatable executable.) Closes ticket 23846.

  o Minor features (code correctness, testing):
    - Tor's build process now includes a "check-includes" make target to
      verify that no module of Tor relies on any headers from a higher-
      level module. We hope to use this feature over time to help
      refactor our codebase. Closes ticket 26447.

  o Minor features (code layout):
    - We have a new "lowest-level" error-handling API for use by code
      invoked from within the logging module. With this interface, the
      logging code is no longer at risk of calling into itself if a
      failure occurs while it is trying to log something. Closes
      ticket 26427.

  o Minor features (compilation):
    - When possible, place our warning flags in a separate file, to
      avoid flooding verbose build logs. Closes ticket 28924.
    - Tor's configure script now supports a --with-malloc= option to
      select your malloc implementation. Supported options are
      "tcmalloc", "jemalloc", "openbsd" (deprecated), and "system" (the
      default). Addresses part of ticket 20424. Based on a patch from
      Alex Xu.

  o Minor features (config):
    - The "auto" keyword in torrc is now case-insensitive. Closes
      ticket 26663.

  o Minor features (continuous integration):
    - Add a Travis CI build for --enable-nss on Linux gcc. Closes
      ticket 27751.
    - Add new CI job to Travis configuration to run stem-based
      integration tests. Closes ticket 27913.
    - Use the Travis Homebrew addon to install packages on macOS during
      Travis CI. The package list is the same, but the Homebrew addon
      does not do a `brew update` by default. Implements ticket 27738.
    - Report what program produced the mysterious core file that we
      occasionally see on Travis CI during make distcheck. Closes
      ticket 28024.
    - Don't do a distcheck with --disable-module-dirauth in Travis.
      Implements ticket 27252.
    - Install libcap-dev and libseccomp2-dev so these optional
      dependencies get tested on Travis CI. Closes ticket 26560.
    - Only run one online rust build in Travis, to reduce network
      errors. Skip offline rust builds on Travis for Linux gcc, because
      they're redundant. Implements ticket 27252.
    - Skip gcc on OSX in Travis CI, because it's rarely used. Skip a
      duplicate hardening-off build in Travis on Tor 0.2.9. Skip gcc on
      Linux with default settings, because all the non-default builds
      use gcc on Linux. Implements ticket 27252.

  o Minor features (continuous integration, Windows):
    - Always show the configure and test logs, and upload them as build
      artifacts, when building for Windows using Appveyor CI.
      Implements 28459.
    - Build tor on Windows Server 2012 R2 and Windows Server 2016 using
      Appveyor's CI. Closes ticket 28318.

  o Minor features (controller):
    - Emit CIRC_BW events as soon as we detect that we processed an
      invalid or otherwise dropped cell on a circuit. This allows
      vanguards and other controllers to react more quickly to dropped
      cells. Closes ticket 27678.
    - For purposes of CIRC_BW-based dropped cell detection, track half-
      closed stream ids, and allow their ENDs, SENDMEs, DATA and path
      bias check cells to arrive without counting it as dropped until
      either the END arrives, or the windows are empty. Closes
      ticket 25573.
    - Implement a 'GETINFO md/all' controller command to enable getting
      all known microdescriptors. Closes ticket 8323.
    - The GETINFO command now support an "uptime" argument, to return
      Tor's uptime in seconds. Closes ticket 25132.

  o Minor features (denial-of-service avoidance):
    - Make our OOM handler aware of the DNS cache so that it doesn't
      fill up the memory. This check is important for our DoS mitigation
      subsystem. Closes ticket 18642. Patch by Neel Chauhan.

  o Minor features (development):
    - Tor's makefile now supports running the "clippy" Rust style tool
      on our Rust code. Closes ticket 22156.

  o Minor features (directory authority):
    - There is no longer an artificial upper limit on the length of
      bandwidth lines. Closes ticket 26223.
    - When a bandwidth file is used to obtain the bandwidth measurements,
      include this bandwidth file headers in the votes. Closes
      ticket 3723.
    - Improved support for networks with only a single authority or a
      single fallback directory. Patch from Gabriel Somlo. Closes
      ticket 25928.

  o Minor features (embedding API):
    - The Tor controller API now supports a function to launch Tor with
      a preconstructed owning controller FD, so that embedding
      applications don't need to manage controller ports and
      authentication. Closes ticket 24204.
    - The Tor controller API now has a function that returns the name
      and version of the backend implementing the API. Closes
      ticket 26947.

  o Minor features (fallback directory list):
    - Replace the 150 fallbacks originally introduced in Tor
      0.3.3.1-alpha in January 2018 (of which ~115 were still
      functional), with a list of 157 fallbacks (92 new, 65 existing, 85
      removed) generated in December 2018. Closes ticket 24803.

  o Minor features (geoip):
    - Update geoip and geoip6 to the January 3 2019 Maxmind GeoLite2
      Country database. Closes ticket 29012.

  o Minor features (memory management):
    - Get Libevent to use the same memory allocator as Tor, by calling
      event_set_mem_functions() during initialization. Resolves
      ticket 8415.

  o Minor features (memory usage):
    - When not using them, store legacy TAP public onion keys in DER-
      encoded format, rather than as expanded public keys. This should
      save several megabytes on typical clients. Closes ticket 27246.

  o Minor features (OpenSSL bug workaround):
    - Work around a bug in OpenSSL 1.1.1a, which prevented the TLS 1.3
      key export function from handling long labels. When this bug is
      detected, Tor will disable TLS 1.3. We recommend upgrading to a
      version of OpenSSL without this bug when it becomes available.
      Closes ticket 28973.

  o Minor features (OpenSSL):
    - When possible, use RFC5869 HKDF implementation from OpenSSL rather
      than our own. Resolves ticket 19979.

  o Minor features (performance):
    - Remove about 96% of the work from the function that we run at
      startup to test our curve25519_basepoint implementation. Since
      this function has yet to find an actual failure, we now only run
      it for 8 iterations instead of 200. Based on our profile
      information, this change should save around 8% of our startup time
      on typical desktops, and may have a similar effect on other
      platforms. Closes ticket 28838.
    - Stop re-validating our hardcoded Diffie-Hellman parameters on
      every startup. Doing this wasted time and cycles, especially on
      low-powered devices. Closes ticket 28851.

  o Minor features (Rust, code quality):
    - Improve rust code quality in the rust protover implementation by
      making it more idiomatic. Includes changing an internal API to
      take &str instead of &String. Closes ticket 26492.

  o Minor features (testing):
    - Add scripts/test/chutney-git-bisect.sh, for bisecting using
      chutney. Implements ticket 27211.

  o Minor features (tor-resolve):
    - The tor-resolve utility can now be used with IPv6 SOCKS proxies.
      Side-effect of the refactoring for ticket 26526.

  o Minor features (UI):
    - Log each included configuration file or directory as we read it,
      to provide more visibility about where Tor is reading from. Patch
      from Unto Sten; closes ticket 27186.
    - Lower log level of "Scheduler type KIST has been enabled" to INFO.
      Closes ticket 26703.

  o Minor bugfixes (32-bit OSX and iOS, timing):
    - Fix an integer overflow bug in our optimized 32-bit millisecond-
      difference algorithm for 32-bit Apple platforms. Previously, it
      would overflow when calculating the difference between two times
      more than 47 days apart. Fixes part of bug 27139; bugfix
      on 0.3.4.1-alpha.
    - Improve the precision of our 32-bit millisecond difference
      algorithm for 32-bit Apple platforms. Fixes part of bug 27139;
      bugfix on 0.3.4.1-alpha.
    - Relax the tolerance on the mainloop/update_time_jumps test when
      running on 32-bit Apple platforms. Fixes part of bug 27139; bugfix
      on 0.3.4.1-alpha.

  o Minor bugfixes (bootstrap):
    - Try harder to get descriptors in non-exit test networks, by using
      the mid weight for the third hop when there are no exits. Fixes
      bug 27237; bugfix on 0.2.6.2-alpha.

  o Minor bugfixes (C correctness):
    - Avoid casting smartlist index to int implicitly, as it may trigger
      a warning (-Wshorten-64-to-32). Fixes bug 26282; bugfix on
      0.2.3.13-alpha, 0.2.7.1-alpha and 0.2.1.1-alpha.
    - Use time_t for all values in
      predicted_ports_prediction_time_remaining(). Rework the code that
      computes difference between durations/timestamps. Fixes bug 27165;
      bugfix on 0.3.1.1-alpha.

  o Minor bugfixes (client, memory usage):
    - When not running as a directory cache, there is no need to store
      the text of the current consensus networkstatus in RAM.
      Previously, however, clients would store it anyway, at a cost of
      over 5 MB. Now, they do not. Fixes bug 27247; bugfix
      on 0.3.0.1-alpha.

  o Minor bugfixes (client, ReachableAddresses):
    - Instead of adding a "reject *:*" line to ReachableAddresses when
      loading the configuration, add one to the policy after parsing it
      in parse_reachable_addresses(). This prevents extra "reject *.*"
      lines from accumulating on reloads. Fixes bug 20874; bugfix on
      0.1.1.5-alpha. Patch by Neel Chauhan.

  o Minor bugfixes (code quality):
    - Rename sandbox_getaddrinfo() and other functions to no longer
      misleadingly suggest that they are sandbox-only. Fixes bug 26525;
      bugfix on 0.2.7.1-alpha.

  o Minor bugfixes (code safety):
    - Rewrite our assertion macros so that they no longer suppress the
      compiler's -Wparentheses warnings. Fixes bug 27709; bugfix
      on 0.0.6.

  o Minor bugfixes (compilation):
    - Initialize a variable unconditionally in aes_new_cipher(), since
      some compilers cannot tell that we always initialize it before
      use. Fixes bug 28413; bugfix on 0.2.9.3-alpha.

  o Minor bugfixes (configuration):
    - Refuse to start with relative file paths and RunAsDaemon set
      (regression from the fix for bug 22731). Fixes bug 28298; bugfix
      on 0.3.3.1-alpha.

  o Minor bugfixes (configuration, Onion Services):
    - In rend_service_parse_port_config(), disallow any input to remain
      after address-port pair was parsed. This will catch address and
      port being whitespace-separated by mistake of the user. Fixes bug
      27044; bugfix on 0.2.9.10.

  o Minor bugfixes (connection, relay):
    - Avoid a logging a BUG() stacktrace when closing connection held
      open because the write side is rate limited but not the read side.
      Now, the connection read side is simply shut down until Tor is
      able to flush the connection and close it. Fixes bug 27750; bugfix
      on 0.3.4.1-alpha.

  o Minor bugfixes (continuous integration, Windows):
    - Stop reinstalling identical packages in our Windows CI. Fixes bug
      27464; bugfix on 0.3.4.1-alpha.
    - Install only the necessary mingw packages during our appveyor
      builds. This change makes the build a little faster, and prevents
      a conflict with a preinstalled mingw openssl that appveyor now
      ships. Fixes bugs 27765 and 27943; bugfix on 0.3.4.2-alpha.
    - Explicitly specify the path to the OpenSSL library and do not
      download OpenSSL from Pacman, but instead use the library that is
      already provided by AppVeyor. Fixes bug 28574; bugfix on master.
    - Manually configure the zstd compiler options, when building using
      mingw on Appveyor Windows CI. The MSYS2 mingw zstd package does
      not come with a pkg-config file. Fixes bug 28454; bugfix
      on 0.3.4.1-alpha.
    - Stop using an external OpenSSL install, and stop installing MSYS2
      packages, when building using mingw on Appveyor Windows CI. Fixes
      bug 28399; bugfix on 0.3.4.1-alpha.

  o Minor bugfixes (controller):
    - Consider all routerinfo errors other than "not a server" to be
      transient for the purpose of "GETINFO exit-policy/*" controller
      request. Print stacktrace in the unlikely case of failing to
      recompute routerinfo digest. Fixes bug 27034; bugfix
      on 0.3.4.1-alpha.

  o Minor bugfixes (correctness):
    - Fix an unreached code path where we checked the value of
      "hostname" inside send_resolved_hostname_cell(). Previously, we
      used it before checking it; now we check it first. Fixes bug
      28879; bugfix on 0.1.2.7-alpha.

  o Minor bugfixes (directory connection shutdown):
    - Avoid a double-close when shutting down a stalled directory
      connection. Fixes bug 26896; bugfix on 0.3.4.1-alpha.

  o Minor bugfixes (directory permissions):
    - When a user requests a group-readable DataDirectory, give it to
      them. Previously, when the DataDirectory and the CacheDirectory
      were the same, the default setting (0) for
      CacheDirectoryGroupReadable would override the setting for
      DataDirectoryGroupReadable. Fixes bug 26913; bugfix
      on 0.3.3.1-alpha.

  o Minor bugfixes (HTTP tunnel):
    - Fix a bug warning when closing an HTTP tunnel connection due to an
      HTTP request we couldn't handle. Fixes bug 26470; bugfix
      on 0.3.2.1-alpha.

  o Minor bugfixes (ipv6):
    - In addrs_in_same_network_family(), we choose the subnet size based
      on the IP version (IPv4 or IPv6). Previously, we chose a fixed
      subnet size of /16 for both IPv4 and IPv6 addresses. Fixes bug
      15518; bugfix on 0.2.3.1-alpha. Patch by Neel Chauhan.

  o Minor bugfixes (Linux seccomp2 sandbox):
    - Permit the "shutdown()" system call, which is apparently used by
      OpenSSL under some circumstances. Fixes bug 28183; bugfix
      on 0.2.5.1-alpha.

  o Minor bugfixes (logging):
    - Stop talking about the Named flag in log messages. Clients have
      ignored the Named flag since 0.3.2. Fixes bug 28441; bugfix
      on 0.3.2.1-alpha.
    - As a precaution, do an early return from log_addr_has_changed() if
      Tor is running as client. Also, log a stack trace for debugging as
      this function should only be called when Tor runs as server. Fixes
      bug 26892; bugfix on 0.1.1.9-alpha.
    - Refrain from mentioning bug 21018 in the logs, as it is already
      fixed. Fixes bug 25477; bugfix on 0.2.9.8.

  o Minor bugfixes (logging, documentation):
    - When SafeLogging is enabled, scrub IP address in
      channel_tls_process_netinfo_cell(). Also, add a note to manpage
      that scrubbing is not guaranteed on loglevels below Notice. Fixes
      bug 26882; bugfix on 0.2.4.10-alpha.

  o Minor bugfixes (memory leaks):
    - Fix a harmless memory leak in libtorrunner.a. Fixes bug 28419;
      bugfix on 0.3.3.1-alpha. Patch from Martin Kepplinger.
    - Fix a small memory leak when calling Tor with --dump-config. Fixes
      bug 27893; bugfix on 0.3.2.1-alpha.

  o Minor bugfixes (netflow padding):
    - Ensure circuitmux queues are empty before scheduling or sending
      padding. Fixes bug 25505; bugfix on 0.3.1.1-alpha.

  o Minor bugfixes (onion service v2):
    - Log at level "info", not "warning", in the case that we do not
      have a consensus when a .onion request comes in. This can happen
      normally while bootstrapping. Fixes bug 27040; bugfix
      on 0.2.8.2-alpha.

  o Minor bugfixes (onion service v3):
    - When deleting an ephemeral onion service (DEL_ONION), do not close
      any rendezvous circuits in order to let the existing client
      connections finish by themselves or closed by the application. The
      HS v2 is doing that already so now we have the same behavior for
      all versions. Fixes bug 28619; bugfix on 0.3.3.1-alpha.
    - Build the service descriptor's signing key certificate before
      uploading, so we always have a fresh one: leaving no chances for
      it to expire service side. Fixes bug 27838; bugfix
      on 0.3.2.1-alpha.
    - Stop dumping a stack trace when trying to connect to an intro
      point without having a descriptor for it. Fixes bug 27774; bugfix
      on 0.3.2.1-alpha.
    - When selecting a v3 rendezvous point, don't only look at the
      protover, but also check whether the curve25519 onion key is
      present. This way we avoid picking a relay that supports the v3
      rendezvous but for which we don't have the microdescriptor. Fixes
      bug 27797; bugfix on 0.3.2.1-alpha.
    - Close all SOCKS request (for the same .onion) if the newly fetched
      descriptor is unusable. Before that, we would close only the first
      one leaving the other hanging and let to time out by themselves.
      Fixes bug 27410; bugfix on 0.3.2.1-alpha.
    - When the onion service directory can't be created or has the wrong
      permissions, do not log a stack trace. Fixes bug 27335; bugfix
      on 0.3.2.1-alpha.
    - When replacing a descriptor in the client cache, make sure to
      close all client introduction circuits for the old descriptor, so
      we don't end up with unusable leftover circuits. Fixes bug 27471;
      bugfix on 0.3.2.1-alpha.

  o Minor bugfixes (OS compatibility):
    - Properly handle configuration changes that move a listener to/from
      wildcard IP address. If the first attempt to bind a socket fails,
      close the old listener and try binding the socket again. Fixes bug
      17873; bugfix on 0.0.8pre-1.

  o Minor bugfixes (performance)::
    - Rework node_is_a_configured_bridge() to no longer call
      node_get_all_orports(), which was performing too many memory
      allocations. Fixes bug 27224; bugfix on 0.2.3.9.

  o Minor bugfixes (protover):
    - Reject protocol names containing bytes other than alphanumeric
      characters and hyphens ([A-Za-z0-9-]). Fixes bug 27316; bugfix
      on 0.2.9.4-alpha.

  o Minor bugfixes (protover, rust):
    - Reject extra commas in version strings. Fixes bug 27197; bugfix
      on 0.3.3.3-alpha.
    - protover_all_supported() would attempt to allocate up to 16GB on
      some inputs, leading to a potential memory DoS. Fixes bug 27206;
      bugfix on 0.3.3.5-rc.
    - Compute protover votes correctly in the rust version of the
      protover code. Previously, the protover rewrite in 24031 allowed
      repeated votes from the same voter for the same protocol version
      to be counted multiple times in protover_compute_vote(). Fixes bug
      27649; bugfix on 0.3.3.5-rc.
    - Reject protover names that contain invalid characters. Fixes bug
      27687; bugfix on 0.3.3.1-alpha.

  o Minor bugfixes (relay shutdown, systemd):
    - Notify systemd of ShutdownWaitLength so it can be set to longer
      than systemd's TimeoutStopSec. In Tor's systemd service file, set
      TimeoutSec to 60 seconds to allow Tor some time to shut down.
      Fixes bug 28113; bugfix on 0.2.6.2-alpha.

  o Minor bugfixes (relay statistics):
    - Update relay descriptor on bandwidth changes only when the uptime
      is smaller than 24h, in order to reduce the efficiency of guard
      discovery attacks. Fixes bug 24104; bugfix on 0.1.1.6-alpha.

  o Minor bugfixes (relay):
    - Consider the fact that we'll be making direct connections to our
      entry and guard nodes when computing the fraction of nodes that
      have their descriptors. Also, if we are using bridges and there is
      at least one bridge with a full descriptor, treat the fraction of
      guards available as 100%. Fixes bug 25886; bugfix on 0.2.4.10-alpha.
      Patch by Neel Chauhan.
    - Update the message logged on relays when DirCache is disabled.
      Since 0.3.3.5-rc, authorities require DirCache (V2Dir) for the
      Guard flag. Fixes bug 24312; bugfix on 0.3.3.5-rc.

  o Minor bugfixes (testing):
    - Stop running stem's unit tests as part of "make test-stem", but
      continue to run stem's unit and online tests during "make test-
      stem-full". Fixes bug 28568; bugfix on 0.2.6.3-alpha.
    - Stop leaking memory in an entry guard unit test. Fixes bug 28554;
      bugfix on 0.3.0.1-alpha.
    - Make the hs_service tests use the same time source when creating
      the introduction point and when testing it. Now tests work better
      on very slow systems like ARM or Travis. Fixes bug 27810; bugfix
      on 0.3.2.1-alpha.
    - Revise the "conditionvar_timeout" test so that it succeeds even on
      heavily loaded systems where the test threads are not scheduled
      within 200 msec. Fixes bug 27073; bugfix on 0.2.6.3-alpha.
    - Fix two unit tests to work when HOME environment variable is not
      set. Fixes bug 27096; bugfix on 0.2.8.1-alpha.
    - If a unit test running in a subprocess exits abnormally or with a
      nonzero status code, treat the test as having failed, even if the
      test reported success. Without this fix, memory leaks don't cause
      the tests to fail, even with LeakSanitizer. Fixes bug 27658;
      bugfix on 0.2.2.4-alpha.
    - When logging a version mismatch in our openssl_version tests,
      report the actual offending version strings. Fixes bug 26152;
      bugfix on 0.2.9.1-alpha.
    - Fix forking tests on Windows when there is a space somewhere in
      the path. Fixes bug 26437; bugfix on 0.2.2.4-alpha.

  o Minor bugfixes (Windows):
    - Correctly identify Windows 8.1, Windows 10, and Windows Server
      2008 and later from their NT versions. Fixes bug 28096; bugfix on
      0.2.2.34; reported by Keifer Bly.
    - On recent Windows versions, the GetVersionEx() function may report
      an earlier Windows version than the running OS. To avoid user
      confusion, add "[or later]" to Tor's version string on affected
      versions of Windows. Fixes bug 28096; bugfix on 0.2.2.34; reported
      by Keifer Bly.
    - Remove Windows versions that were never supported by the
      GetVersionEx() function. Stop duplicating the latest Windows
      version in get_uname(). Fixes bug 28096; bugfix on 0.2.2.34;
      reported by Keifer Bly.

  o Code simplification and refactoring:
    - When parsing a port configuration, make it more obvious to static
      analyzer tools that we always initialize the address. Closes
      ticket 28881.
    - Divide more large Tor source files -- especially ones that span
      multiple areas of functionality -- into smaller parts, including
      onion.c and main.c. Closes ticket 26747.
    - Divide the "routerparse.c" module into separate modules for each
      group of parsed objects. Closes ticket 27924.
    - Move protover_rust.c to the same place protover.c was moved to.
      Closes ticket 27814.
    - Split directory.c into separate pieces for client, server, and
      common functionality. Closes ticket 26744.
    - Split the non-statistics-related parts from the rephist.c and
      geoip.c modules. Closes ticket 27892.
    - Split the router.c file into relay-only and shared components, to
      help with future modularization. Closes ticket 27864.
    - Divide the routerlist.c and dirserv.c modules into smaller parts.
      Closes ticket 27799.
    - 'updateFallbackDirs.py' now ignores the blacklist file, as it's not
      longer needed. Closes ticket 26502.
    - Include paths to header files within Tor are now qualified by
      directory within the top-level src directory.
    - Many structures have been removed from the centralized "or.h"
      header, and moved into their own headers. This will allow us to
      reduce the number of places in the code that rely on each
      structure's contents and layout. Closes ticket 26383.
    - Remove ATTR_NONNULL macro from codebase. Resolves ticket 26527.
    - Remove GetAdaptersAddresses_fn_t. The code that used it was
      removed as part of the 26481 refactor. Closes ticket 27467.
    - Rework Tor SOCKS server code to use Trunnel and benefit from
      autogenerated functions for parsing and generating SOCKS wire
      format. New implementation is cleaner, more maintainable and
      should be less prone to heartbleed-style vulnerabilities.
      Implements a significant fraction of ticket 3569.
    - Split sampled_guards_update_from_consensus() and
      select_entry_guard_for_circuit() into subfunctions. In
      entry_guards_update_primary() unite three smartlist enumerations
      into one and move smartlist comparison code out of the function.
      Closes ticket 21349.
    - Tor now assumes that you have standards-conformant stdint.h and
      inttypes.h headers when compiling. Closes ticket 26626.
    - Unify our bloom filter logic. Previously we had two copies of this
      code: one for routerlist filtering, and one for address set
      calculations. Closes ticket 26510.
    - Use the simpler strcmpstart() helper in
      rend_parse_v2_service_descriptor instead of strncmp(). Closes
      ticket 27630.
    - Utility functions that can perform a DNS lookup are now wholly
      separated from those that can't, in separate headers and C
      modules. Closes ticket 26526.

  o Documentation:
    - In the tor-resolve(1) manpage, fix the reference to socks-
      extensions.txt by adding a web URL. Resolves ticket 27853.
    - Mention that we require Python to be 2.7 or newer for some
      integration tests that we ship with Tor. Resolves ticket 27677.
    - Copy paragraph and URL to Tor's code of conduct document from
      CONTRIBUTING to new CODE_OF_CONDUCT file. Resolves ticket 26638.
    - Remove old instructions from INSTALL document. Closes ticket 26588.
    - Warn users that they should not include MyFamily line(s) in their
      torrc when running Tor bridge. Closes ticket 26908.

  o Removed features:
    - Tor no longer supports building with the dmalloc library. For
      debugging memory issues, we suggest using gperftools or msan
      instead. Closes ticket 26426.
    - Tor no longer attempts to run on Windows environments without the
      GetAdaptersAddresses() function. This function has existed since
      Windows XP, which is itself already older than we support.
    - Remove Tor2web functionality for version 2 onion services. The
      Tor2webMode and Tor2webRendezvousPoints options are now obsolete.
      (This feature was never shipped in vanilla Tor and it was only
      possible to use this feature by building the support at compile
      time. Tor2webMode is not implemented for version 3 onion services.)
      Closes ticket 26367.

  o Testing:
    - Increase logging and tag all log entries with timestamps in
      test_rebind.py. Provides diagnostics for issue 28229.

  o Code simplification and refactoring (shared random, dirauth):
    - Change many tor_assert() to use BUG() instead. The idea is to not
      crash a dirauth but rather scream loudly with a stacktrace and let
      it continue run. The shared random subsystem is very resilient and
      if anything wrong happens with it, at worst a non coherent value
      will be put in the vote and discarded by the other authorities.
      Closes ticket 19566.

  o Documentation (onion services):
    - Improve HSv3 client authorization by making some options more
      explicit and detailed. Closes ticket 28026. Patch by Mike Tigas.
    - Document in the man page that changing ClientOnionAuthDir value or
      adding a new file in the directory will not work at runtime upon
      sending a HUP if Sandbox 1. Closes ticket 28128.
    - Note in the man page that the only real way to fully revoke an
      onion service v3 client authorization is by restarting the tor
      process. Closes ticket 28275.


1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
Changes in version 0.3.4.9 - 2018-11-02
  Tor 0.3.4.9 is the second stable release in its series; it backports
  numerous fixes, including a fix for a bandwidth management bug that
  was causing memory exhaustion on relays. Anyone running an earlier
  version of Tor 0.3.4.9 should upgrade.

  o Major bugfixes (compilation, backport from 0.3.5.3-alpha):
    - Fix compilation on ARM (and other less-used CPUs) when compiling
      with OpenSSL before 1.1. Fixes bug 27781; bugfix on 0.3.4.1-alpha.

  o Major bugfixes (mainloop, bootstrap, backport from 0.3.5.3-alpha):
    - Make sure Tor bootstraps and works properly if only the
      ControlPort is set. Prior to this fix, Tor would only bootstrap
      when a client port was set (Socks, Trans, NATD, DNS or HTTPTunnel
      port). Fixes bug 27849; bugfix on 0.3.4.1-alpha.

  o Major bugfixes (relay, backport from 0.3.5.3-alpha):
    - When our write bandwidth limit is exhausted, stop writing on the
      connection. Previously, we had a typo in the code that would make
      us stop reading instead, leading to relay connections being stuck
      indefinitely and consuming kernel RAM. Fixes bug 28089; bugfix
      on 0.3.4.1-alpha.

  o Major bugfixes (restart-in-process, backport from 0.3.5.1-alpha):
    - Fix a use-after-free error that could be caused by passing Tor an
      impossible set of options that would fail during options_act().
      Fixes bug 27708; bugfix on 0.3.3.1-alpha.

  o Minor features (continuous integration, backport from 0.3.5.1-alpha):
    - Don't do a distcheck with --disable-module-dirauth in Travis.
      Implements ticket 27252.
    - Only run one online rust build in Travis, to reduce network
      errors. Skip offline rust builds on Travis for Linux gcc, because
      they're redundant. Implements ticket 27252.
    - Skip gcc on OSX in Travis CI, because it's rarely used. Skip a
      duplicate hardening-off build in Travis on Tor 0.2.9. Skip gcc on
      Linux with default settings, because all the non-default builds
      use gcc on Linux. Implements ticket 27252.

  o Minor features (continuous integration, backport from 0.3.5.3-alpha):
    - Use the Travis Homebrew addon to install packages on macOS during
      Travis CI. The package list is the same, but the Homebrew addon
      does not do a `brew update` by default. Implements ticket 27738.

  o Minor features (geoip):
    - Update geoip and geoip6 to the October 9 2018 Maxmind GeoLite2
      Country database. Closes ticket 27991.

  o Minor bugfixes (32-bit OSX and iOS, timing, backport from 0.3.5.2-alpha):
    - Fix an integer overflow bug in our optimized 32-bit millisecond-
      difference algorithm for 32-bit Apple platforms. Previously, it
      would overflow when calculating the difference between two times
      more than 47 days apart. Fixes part of bug 27139; bugfix
      on 0.3.4.1-alpha.
    - Improve the precision of our 32-bit millisecond difference
      algorithm for 32-bit Apple platforms. Fixes part of bug 27139;
      bugfix on 0.3.4.1-alpha.
    - Relax the tolerance on the mainloop/update_time_jumps test when
      running on 32-bit Apple platforms. Fixes part of bug 27139; bugfix
      on 0.3.4.1-alpha.

  o Minor bugfixes (C correctness, to appear in 0.3.5.4-alpha):
    - Avoid undefined behavior in an end-of-string check when parsing
      the BEGIN line in a directory object. Fixes bug 28202; bugfix
      on 0.2.0.3-alpha.

  o Minor bugfixes (CI, appveyor, to appear in 0.3.5.4-alpha):
    - Only install the necessary mingw packages during our appveyor
      builds. This change makes the build a little faster, and prevents
      a conflict with a preinstalled mingw openssl that appveyor now
      ships. Fixes bugs 27943 and 27765; bugfix on 0.3.4.2-alpha.

  o Minor bugfixes (code safety, backport from 0.3.5.3-alpha):
    - Rewrite our assertion macros so that they no longer suppress the
      compiler's -Wparentheses warnings. Fixes bug 27709; bugfix

  o Minor bugfixes (continuous integration, backport from 0.3.5.1-alpha):
    - Stop reinstalling identical packages in our Windows CI. Fixes bug
      27464; bugfix on 0.3.4.1-alpha.

  o Minor bugfixes (directory authority, to appear in 0.3.5.4-alpha):
    - Log additional info when we get a relay that shares an ed25519 ID
      with a different relay, instead making a BUG() warning. Fixes bug
      27800; bugfix on 0.3.2.1-alpha.

  o Minor bugfixes (directory connection shutdown, backport from 0.3.5.1-alpha):
    - Avoid a double-close when shutting down a stalled directory
      connection. Fixes bug 26896; bugfix on 0.3.4.1-alpha.

  o Minor bugfixes (HTTP tunnel, backport from 0.3.5.1-alpha):
    - Fix a bug warning when closing an HTTP tunnel connection due to an
      HTTP request we couldn't handle. Fixes bug 26470; bugfix
      on 0.3.2.1-alpha.

  o Minor bugfixes (netflow padding, backport from 0.3.5.1-alpha):
    - Ensure circuitmux queues are empty before scheduling or sending
      padding. Fixes bug 25505; bugfix on 0.3.1.1-alpha.

  o Minor bugfixes (onion service v3, backport from 0.3.5.1-alpha):
    - When the onion service directory can't be created or has the wrong
      permissions, do not log a stack trace. Fixes bug 27335; bugfix
      on 0.3.2.1-alpha.

  o Minor bugfixes (onion service v3, backport from 0.3.5.2-alpha):
    - Close all SOCKS request (for the same .onion) if the newly fetched
      descriptor is unusable. Before that, we would close only the first
      one leaving the other hanging and let to time out by themselves.
      Fixes bug 27410; bugfix on 0.3.2.1-alpha.

  o Minor bugfixes (onion service v3, backport from 0.3.5.3-alpha):
    - When selecting a v3 rendezvous point, don't only look at the
      protover, but also check whether the curve25519 onion key is
      present. This way we avoid picking a relay that supports the v3
      rendezvous but for which we don't have the microdescriptor. Fixes
      bug 27797; bugfix on 0.3.2.1-alpha.

  o Minor bugfixes (protover, backport from 0.3.5.3-alpha):
    - Reject protocol names containing bytes other than alphanumeric
      characters and hyphens ([A-Za-z0-9-]). Fixes bug 27316; bugfix
      on 0.2.9.4-alpha.

  o Minor bugfixes (rust, backport from 0.3.5.1-alpha):
    - Compute protover votes correctly in the rust version of the
      protover code. Previously, the protover rewrite in 24031 allowed
      repeated votes from the same voter for the same protocol version
      to be counted multiple times in protover_compute_vote(). Fixes bug
      27649; bugfix on 0.3.3.5-rc.
    - Reject protover names that contain invalid characters. Fixes bug
      27687; bugfix on 0.3.3.1-alpha.

  o Minor bugfixes (rust, backport from 0.3.5.2-alpha):
    - protover_all_supported() would attempt to allocate up to 16GB on
      some inputs, leading to a potential memory DoS. Fixes bug 27206;
      bugfix on 0.3.3.5-rc.

  o Minor bugfixes (rust, directory authority, to appear in 0.3.5.4-alpha):
    - Fix an API mismatch in the rust implementation of
      protover_compute_vote(). This bug could have caused crashes on any
      directory authorities running Tor with Rust (which we do not yet
      recommend). Fixes bug 27741; bugfix on 0.3.3.6.

  o Minor bugfixes (rust, to appear in 0.3.5.4-alpha):
    - Fix a potential null dereference in protover_all_supported(). Add
      a test for it. Fixes bug 27804; bugfix on 0.3.3.1-alpha.
    - Return a string that can be safely freed by C code, not one
      created by the rust allocator, in protover_all_supported(). Fixes
      bug 27740; bugfix on 0.3.3.1-alpha.

  o Minor bugfixes (testing, backport from 0.3.5.1-alpha):
    - If a unit test running in a subprocess exits abnormally or with a
      nonzero status code, treat the test as having failed, even if the
      test reported success. Without this fix, memory leaks don't cause
      the tests to fail, even with LeakSanitizer. Fixes bug 27658;
      bugfix on 0.2.2.4-alpha.

  o Minor bugfixes (testing, backport from 0.3.5.3-alpha):
    - Make the hs_service tests use the same time source when creating
      the introduction point and when testing it. Now tests work better
      on very slow systems like ARM or Travis. Fixes bug 27810; bugfix
      on 0.3.2.1-alpha.

  o Minor bugfixes (testing, to appear in 0.3.5.4-alpha):
    - Treat backtrace test failures as expected on BSD-derived systems
      (NetBSD, OpenBSD, and macOS/Darwin) until we solve bug 17808.
      (FreeBSD failures have been treated as expected since 18204 in
      0.2.8.) Fixes bug 27948; bugfix on 0.2.5.2-alpha.


1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
Changes in version 0.2.9.17 - 2018-09-10
  Tor 0.2.9.17 backports numerous bugfixes from later versions of Tor.

  o Minor features (compatibility, backport from 0.3.4.8):
    - Tell OpenSSL to maintain backward compatibility with previous
      RSA1024/DH1024 users in Tor. With OpenSSL 1.1.1-pre6, these
      ciphers are disabled by default. Closes ticket 27344.

  o Minor features (continuous integration, backport from 0.3.4.7-rc):
    - Enable macOS builds in our Travis CI configuration. Closes
      ticket 24629.
    - Install libcap-dev and libseccomp2-dev so these optional
      dependencies get tested on Travis CI. Closes ticket 26560.
    - Run asciidoc during Travis CI. Implements ticket 27087.
    - Use ccache in our Travis CI configuration. Closes ticket 26952.

  o Minor features (geoip):
    - Update geoip and geoip6 to the August 7 2018 Maxmind GeoLite2
      Country database. Closes ticket 27089.

  o Minor bugfixes (compilation, backport from 0.3.4.6-rc):
    - When compiling with --enable-openbsd-malloc or --enable-tcmalloc,
      tell the compiler not to include the system malloc implementation.
      Fixes bug 20424; bugfix on 0.2.0.20-rc.

  o Minor bugfixes (compilation, backport from 0.3.4.7-rc):
    - Silence a spurious compiler warning on the GetAdaptersAddresses
      function pointer cast. This issue is already fixed by 26481 in
      0.3.5 and later, by removing the lookup and cast. Fixes bug 27465;
      bugfix on 0.2.3.11-alpha.
    - Stop calling SetProcessDEPPolicy() on 64-bit Windows. It is not
      supported, and always fails. Some compilers warn about the
      function pointer cast on 64-bit Windows. Fixes bug 27461; bugfix
      on 0.2.2.23-alpha.

  o Minor bugfixes (compilation, windows, backport from 0.3.4.7-rc):
    - Don't link or search for pthreads when building for Windows, even
      if we are using build environment (like mingw) that provides a
      pthreads library. Fixes bug 27081; bugfix on 0.1.0.1-rc.

  o Minor bugfixes (continuous integration, backport from 0.3.4.6-rc):
    - Skip a pair of unreliable key generation tests on Windows, until
      the underlying issue in bug 26076 is resolved. Fixes bug 26830 and
      bug 26853; bugfix on 0.2.7.3-rc and 0.3.2.1-alpha respectively.

  o Minor bugfixes (continuous integration, backport from 0.3.4.7-rc):
    - Pass the module flags to distcheck configure, and log the flags
      before running configure. (Backported to 0.2.9 and later as a
      precaution.) Fixes bug 27088; bugfix on 0.3.4.1-alpha.

  o Minor bugfixes (continuous integration, backport from 0.3.4.8):
    - When a Travis build fails, and showing a log fails, keep trying to
      show the other logs. Fixes bug 27453; bugfix on 0.3.4.7-rc.
    - When we use echo in Travis, don't pass a --flag as the first
      argument. Fixes bug 27418; bugfix on 0.3.4.7-rc.

  o Minor bugfixes (directory authority, backport from 0.3.4.6-rc):
    - When voting for recommended versions, make sure that all of the
      versions are well-formed and parsable. Fixes bug 26485; bugfix
      on 0.1.1.6-alpha.

  o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.4.7-rc):
    - Fix a bug in out sandboxing rules for the openat() syscall.
      Previously, no openat() call would be permitted, which would break
      filesystem operations on recent glibc versions. Fixes bug 25440;
      bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto.

  o Minor bugfixes (onion services, backport from 0.3.4.8):
    - Silence a spurious compiler warning in
      rend_client_send_introduction(). Fixes bug 27463; bugfix
      on 0.1.1.2-alpha.

  o Minor bugfixes (single onion services, Tor2web, backport from 0.3.4.6-rc):
    - Log a protocol warning when single onion services or Tor2web clients
      fail to authenticate direct connections to relays.
      Fixes bug 26924; bugfix on 0.2.9.1-alpha.

  o Minor bugfixes (testing, backport from 0.3.4.6-rc):
    - Disable core dumps in test_bt.sh, to avoid failures in "make
      distcheck". Fixes bug 26787; bugfix on 0.2.5.2-alpha.

  o Minor bugfixes (testing, chutney, backport from 0.3.4.8):
    - Before running make test-network-all, delete old logs and test
      result files, to avoid spurious failures. Fixes bug 27295; bugfix
      on 0.2.7.3-rc.

  o Minor bugfixes (testing, openssl compatibility, backport from 0.3.4.7-rc):
    - Our "tortls/cert_matches_key" unit test no longer relies on
      OpenSSL internals. Previously, it relied on unsupported OpenSSL
      behavior in a way that caused it to crash with OpenSSL 1.0.2p.
      Fixes bug 27226; bugfix on 0.2.5.1-alpha.

  o Minor bugfixes (Windows, compilation, backport from 0.3.4.7-rc):
    - Silence a compilation warning on MSVC 2017 and clang-cl. Fixes bug
      27185; bugfix on 0.2.2.2-alpha.


Changes in version 0.3.2.12 - 2018-09-10
  Tor 0.3.2.12 backport numerous fixes from later versions of Tor.

  o Minor features (compatibility, backport from 0.3.4.8):
    - Tell OpenSSL to maintain backward compatibility with previous
      RSA1024/DH1024 users in Tor. With OpenSSL 1.1.1-pre6, these
      ciphers are disabled by default. Closes ticket 27344.

  o Minor features (continuous integration, backport from 0.3.4.7-rc):
    - Enable macOS builds in our Travis CI configuration. Closes
      ticket 24629.
    - Install libcap-dev and libseccomp2-dev so these optional
      dependencies get tested on Travis CI. Closes ticket 26560.
    - Run asciidoc during Travis CI. Implements ticket 27087.
    - Use ccache in our Travis CI configuration. Closes ticket 26952.

  o Minor features (continuous integration, rust, backport from 0.3.4.7-rc):
    - Use cargo cache in our Travis CI configuration. Closes
      ticket 26952.

  o Minor features (controller, backport from 0.3.4.6-rc):
    - The control port now exposes the list of HTTPTunnelPorts and
      ExtOrPorts via GETINFO net/listeners/httptunnel and
      net/listeners/extor respectively. Closes ticket 26647.

  o Minor features (directory authorities, backport from 0.3.4.7-rc):
    - Authorities no longer vote to make the subprotocol version
      "LinkAuth=1" a requirement: it is unsupportable with NSS, and
      hasn't been needed since Tor 0.3.0.1-alpha. Closes ticket 27286.

  o Minor features (geoip):
    - Update geoip and geoip6 to the August 7 2018 Maxmind GeoLite2
      Country database. Closes ticket 27089.

  o Minor bugfixes (compilation, backport from 0.3.4.6-rc):
    - When compiling with --enable-openbsd-malloc or --enable-tcmalloc,
      tell the compiler not to include the system malloc implementation.
      Fixes bug 20424; bugfix on 0.2.0.20-rc.
    - Don't try to use a pragma to temporarily disable the
      -Wunused-const-variable warning if the compiler doesn't support
      it. Fixes bug 26785; bugfix on 0.3.2.11.

  o Minor bugfixes (compilation, backport from 0.3.4.7-rc):
    - Silence a spurious compiler warning on the GetAdaptersAddresses
      function pointer cast. This issue is already fixed by 26481 in
      0.3.5 and later, by removing the lookup and cast. Fixes bug 27465;
      bugfix on 0.2.3.11-alpha.
    - Stop calling SetProcessDEPPolicy() on 64-bit Windows. It is not
      supported, and always fails. Some compilers warn about the
      function pointer cast on 64-bit Windows. Fixes bug 27461; bugfix
      on 0.2.2.23-alpha.

  o Minor bugfixes (compilation, windows, backport from 0.3.4.7-rc):
    - Don't link or search for pthreads when building for Windows, even
      if we are using build environment (like mingw) that provides a
      pthreads library. Fixes bug 27081; bugfix on 0.1.0.1-rc.

  o Minor bugfixes (continuous integration, backport from 0.3.4.6-rc):
    - Skip a pair of unreliable key generation tests on Windows, until
      the underlying issue in bug 26076 is resolved. Fixes bug 26830 and
      bug 26853; bugfix on 0.2.7.3-rc and 0.3.2.1-alpha respectively.

  o Minor bugfixes (continuous integration, backport from 0.3.4.7-rc):
    - Build with zstd on macOS. Fixes bug 27090; bugfix on 0.3.1.5-alpha.
    - Pass the module flags to distcheck configure, and log the flags
      before running configure. (Backported to 0.2.9 and later as a
      precaution.) Fixes bug 27088; bugfix on 0.3.4.1-alpha.

  o Minor bugfixes (continuous integration, backport from 0.3.4.8):
    - When a Travis build fails, and showing a log fails, keep trying to
      show the other logs. Fixes bug 27453; bugfix on 0.3.4.7-rc.
    - When we use echo in Travis, don't pass a --flag as the first
      argument. Fixes bug 27418; bugfix on 0.3.4.7-rc.

  o Minor bugfixes (directory authority, backport from 0.3.4.6-rc):
    - When voting for recommended versions, make sure that all of the
      versions are well-formed and parsable. Fixes bug 26485; bugfix
      on 0.1.1.6-alpha.

  o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.4.7-rc):
    - Fix a bug in out sandboxing rules for the openat() syscall.
      Previously, no openat() call would be permitted, which would break
      filesystem operations on recent glibc versions. Fixes bug 25440;
      bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto.

  o Minor bugfixes (logging, backport from 0.3.4.6-rc):
    - Improve the log message when connection initiators fail to
      authenticate direct connections to relays. Fixes bug 26927; bugfix
      on 0.3.0.1-alpha.

  o Minor bugfixes (onion services, backport from 0.3.4.7-rc):
    - Fix bug that causes services to not ever rotate their descriptors
      if they were getting SIGHUPed often. Fixes bug 26932; bugfix
      on 0.3.2.1-alpha.

  o Minor bugfixes (onion services, backport from 0.3.4.8):
    - Silence a spurious compiler warning in
      rend_client_send_introduction(). Fixes bug 27463; bugfix
      on 0.1.1.2-alpha.

  o Minor bugfixes (rust, backport from 0.3.4.7-rc):
    - Backport test_rust.sh from master. Fixes bug 26497; bugfix
      on 0.3.1.5-alpha.
    - Consistently use ../../.. as a fallback for $abs_top_srcdir in
      test_rust.sh. Fixes bug 27093; bugfix on 0.3.4.3-alpha.
    - Stop setting $CARGO_HOME. cargo will use the user's $CARGO_HOME, or
      $HOME/.cargo by default. Fixes bug 26497; bugfix on 0.3.1.5-alpha.

  o Minor bugfixes (single onion services, Tor2web, backport from 0.3.4.6-rc):
    - Log a protocol warning when single onion services or Tor2web clients
      fail to authenticate direct connections to relays.
      Fixes bug 26924; bugfix on 0.2.9.1-alpha.

  o Minor bugfixes (testing, backport from 0.3.4.6-rc):
    - Disable core dumps in test_bt.sh, to avoid failures in "make
      distcheck". Fixes bug 26787; bugfix on 0.2.5.2-alpha.

  o Minor bugfixes (testing, chutney, backport from 0.3.4.8):
    - When running make test-network-all, use the mixed+hs-v2 network.
      (A previous fix to chutney removed v3 onion services from the
      mixed+hs-v23 network, so seeing "mixed+hs-v23" in tests is
      confusing.) Fixes bug 27345; bugfix on 0.3.2.1-alpha.
    - Before running make test-network-all, delete old logs and test
      result files, to avoid spurious failures. Fixes bug 27295; bugfix
      on 0.2.7.3-rc.

  o Minor bugfixes (testing, openssl compatibility):
    - Our "tortls/cert_matches_key" unit test no longer relies on OpenSSL
      internals.  Previously, it relied on unsupported OpenSSL behavior in
      a way that caused it to crash with OpenSSL 1.0.2p. Fixes bug 27226;
      bugfix on 0.2.5.1-alpha.

  o Minor bugfixes (testing, openssl compatibility, backport from 0.3.4.7-rc):
    - Our "tortls/cert_matches_key" unit test no longer relies on
      OpenSSL internals. Previously, it relied on unsupported OpenSSL
      behavior in a way that caused it to crash with OpenSSL 1.0.2p.
      Fixes bug 27226; bugfix on 0.2.5.1-alpha.

  o Minor bugfixes (Windows, compilation, backport from 0.3.4.7-rc):
    - Silence a compilation warning on MSVC 2017 and clang-cl. Fixes bug
      27185; bugfix on 0.2.2.2-alpha.


Changes in version 0.3.3.10 - 2018-09-10
  Tor 0.3.3.10 backports numerous fixes from later versions of Tor.

  o Minor features (bug workaround, backport from 0.3.4.7-rc):
    - Compile correctly on systems that provide the C11 stdatomic.h
      header, but where C11 atomic functions don't actually compile.
      Closes ticket 26779; workaround for Debian issue 903709.

  o Minor features (compatibility, backport from 0.3.4.8):
    - Tell OpenSSL to maintain backward compatibility with previous
      RSA1024/DH1024 users in Tor. With OpenSSL 1.1.1-pre6, these
      ciphers are disabled by default. Closes ticket 27344.

  o Minor features (continuous integration, backport from 0.3.4.7-rc):
    - Backport Travis rust distcheck to 0.3.3. Closes ticket 24629.
    - Enable macOS builds in our Travis CI configuration. Closes
      ticket 24629.
    - Install libcap-dev and libseccomp2-dev so these optional
      dependencies get tested on Travis CI. Closes ticket 26560.
    - Run asciidoc during Travis CI. Implements ticket 27087.
    - Use ccache in our Travis CI configuration. Closes ticket 26952.

  o Minor features (continuous integration, rust, backport from 0.3.4.7-rc):
    - Use cargo cache in our Travis CI configuration. Closes
      ticket 26952.

  o Minor features (controller, backport from 0.3.4.6-rc):
    - The control port now exposes the list of HTTPTunnelPorts and
      ExtOrPorts via GETINFO net/listeners/httptunnel and
      net/listeners/extor respectively. Closes ticket 26647.

  o Minor features (directory authorities, backport from 0.3.4.7-rc):
    - Authorities no longer vote to make the subprotocol version
      "LinkAuth=1" a requirement: it is unsupportable with NSS, and
      hasn't been needed since Tor 0.3.0.1-alpha. Closes ticket 27286.

  o Minor features (geoip):
    - Update geoip and geoip6 to the August 7 2018 Maxmind GeoLite2
      Country database. Closes ticket 27089.

  o Minor bugfixes (compilation, backport from 0.3.4.6-rc):
    - When compiling with --enable-openbsd-malloc or --enable-tcmalloc,
      tell the compiler not to include the system malloc implementation.
      Fixes bug 20424; bugfix on 0.2.0.20-rc.
    - Don't try to use a pragma to temporarily disable the
      -Wunused-const-variable warning if the compiler doesn't support
      it. Fixes bug 26785; bugfix on 0.3.2.11.

  o Minor bugfixes (compilation, backport from 0.3.4.7-rc):
    - Silence a spurious compiler warning on the GetAdaptersAddresses
      function pointer cast. This issue is already fixed by 26481 in
      0.3.5 and later, by removing the lookup and cast. Fixes bug 27465;
      bugfix on 0.2.3.11-alpha.
    - Stop calling SetProcessDEPPolicy() on 64-bit Windows. It is not
      supported, and always fails. Some compilers warn about the
      function pointer cast on 64-bit Windows. Fixes bug 27461; bugfix
      on 0.2.2.23-alpha.

  o Minor bugfixes (compilation, windows, backport from 0.3.4.7-rc):
    - Don't link or search for pthreads when building for Windows, even
      if we are using build environment (like mingw) that provides a
      pthreads library. Fixes bug 27081; bugfix on 0.1.0.1-rc.

  o Minor bugfixes (continuous integration, backport from 0.3.4.6-rc):
    - Skip a pair of unreliable key generation tests on Windows, until
      the underlying issue in bug 26076 is resolved. Fixes bug 26830 and
      bug 26853; bugfix on 0.2.7.3-rc and 0.3.2.1-alpha respectively.

  o Minor bugfixes (continuous integration, backport from 0.3.4.7-rc):
    - Build with zstd on macOS. Fixes bug 27090; bugfix on 0.3.1.5-alpha.
    - Pass the module flags to distcheck configure, and log the flags
      before running configure. (Backported to 0.2.9 and later as a
      precaution.) Fixes bug 27088; bugfix on 0.3.4.1-alpha.

  o Minor bugfixes (continuous integration, backport from 0.3.4.8):
    - When a Travis build fails, and showing a log fails, keep trying to
      show the other logs. Fixes bug 27453; bugfix on 0.3.4.7-rc.
    - When we use echo in Travis, don't pass a --flag as the first
      argument. Fixes bug 27418; bugfix on 0.3.4.7-rc.

  o Minor bugfixes (directory authority, backport from 0.3.4.6-rc):
    - When voting for recommended versions, make sure that all of the
      versions are well-formed and parsable. Fixes bug 26485; bugfix
      on 0.1.1.6-alpha.

  o Minor bugfixes (in-process restart, backport from 0.3.4.7-rc):
    - Always call tor_free_all() when leaving tor_run_main(). When we
      did not, restarting tor in-process would cause an assertion
      failure. Fixes bug 26948; bugfix on 0.3.3.1-alpha.

  o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.4.7-rc):
    - Fix a bug in our sandboxing rules for the openat() syscall.
      Previously, no openat() call would be permitted, which would break
      filesystem operations on recent glibc versions. Fixes bug 25440;
      bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto.

  o Minor bugfixes (logging, backport from 0.3.4.6-rc):
    - Improve the log message when connection initiators fail to
      authenticate direct connections to relays. Fixes bug 26927; bugfix
      on 0.3.0.1-alpha.

  o Minor bugfixes (onion services, backport from 0.3.4.7-rc):
    - Fix bug that causes services to not ever rotate their descriptors
      if they were getting SIGHUPed often. Fixes bug 26932; bugfix
      on 0.3.2.1-alpha.

  o Minor bugfixes (onion services, backport from 0.3.4.8):
    - Silence a spurious compiler warning in
      rend_client_send_introduction(). Fixes bug 27463; bugfix
      on 0.1.1.2-alpha.

  o Minor bugfixes (portability, backport from 0.3.4.6-rc):
    - Work around two different bugs in the OS X 10.10 and later SDKs
      that would prevent us from successfully targeting earlier versions
      of OS X. Fixes bug 26876; bugfix on 0.3.3.1-alpha.

  o Minor bugfixes (portability, backport from 0.3.4.7-rc):
    - Fix compilation of the unit tests on GNU/Hurd, which does not
      define PATH_MAX. Fixes bug 26873; bugfix on 0.3.3.1-alpha. Patch
      from "paulusASol".

  o Minor bugfixes (rust, backport from 0.3.4.7-rc):
    - Backport test_rust.sh from master. Fixes bug 26497; bugfix
      on 0.3.1.5-alpha.
    - Consistently use ../../.. as a fallback for $abs_top_srcdir in
      test_rust.sh. Fixes bug 27093; bugfix on 0.3.4.3-alpha.
    - Protover parsing was accepting the presence of whitespace in
      version strings, which the C implementation would choke on, e.g.
      "Desc=1\t,2". Fixes bug 27177; bugfix on 0.3.3.5-rc.
    - Protover parsing was ignoring a 2nd hyphen and everything after
      it, accepting entries like "Link=1-5-foo". Fixes bug 27164; bugfix
      on 0.3.3.1-alpha.
    - Stop setting $CARGO_HOME. cargo will use the user's $CARGO_HOME, or
      $HOME/.cargo by default. Fixes bug 26497; bugfix on 0.3.1.5-alpha.
    - cd to ${abs_top_builddir}/src/rust before running cargo in
      src/test/test_rust.sh. This makes the working directory consistent
      between builds and tests. Fixes bug 26497; bugfix on 0.3.3.2-alpha.

  o Minor bugfixes (single onion services, Tor2web, backport from 0.3.4.6-rc):
    - Log a protocol warning when single onion services or Tor2web clients
      fail to authenticate direct connections to relays.
      Fixes bug 26924; bugfix on 0.2.9.1-alpha.

  o Minor bugfixes (testing, backport from 0.3.4.6-rc):
    - Disable core dumps in test_bt.sh, to avoid failures in "make
      distcheck". Fixes bug 26787; bugfix on 0.2.5.2-alpha.

  o Minor bugfixes (testing, chutney, backport from 0.3.4.8):
    - When running make test-network-all, use the mixed+hs-v2 network.
      (A previous fix to chutney removed v3 onion services from the
      mixed+hs-v23 network, so seeing "mixed+hs-v23" in tests is
      confusing.) Fixes bug 27345; bugfix on 0.3.2.1-alpha.
    - Before running make test-network-all, delete old logs and test
      result files, to avoid spurious failures. Fixes bug 27295; bugfix
      on 0.2.7.3-rc.

  o Minor bugfixes (testing, openssl compatibility, backport from 0.3.4.7-rc):
    - Our "tortls/cert_matches_key" unit test no longer relies on
      OpenSSL internals. Previously, it relied on unsupported OpenSSL
      behavior in a way that caused it to crash with OpenSSL 1.0.2p.
      Fixes bug 27226; bugfix on 0.2.5.1-alpha.

  o Minor bugfixes (v3 onion services, backport from 0.3.4.6-rc):
    - Stop sending ed25519 link specifiers in v3 onion service introduce
      cells and descriptors, when the rendezvous or introduction point
      doesn't support ed25519 link authentication. Fixes bug 26627;
      bugfix on 0.3.2.4-alpha.

  o Minor bugfixes (Windows, compilation, backport from 0.3.4.7-rc):
    - Silence a compilation warning on MSVC 2017 and clang-cl. Fixes bug
      27185; bugfix on 0.2.2.2-alpha.


Changes in version 0.3.4.8 - 2018-09-10
  Tor 0.3.4.8 is the first stable release in its series; it includes
  compilation and portability fixes.

  The Tor 0.3.4 series includes improvements for running Tor in
  low-power and embedded environments, which should help performance in
  general. We've begun work on better modularity, and included preliminary
  changes on the directory authority side to accommodate a new bandwidth
  measurement system.  We've also integrated more continuous-integration
  systems into our development process, and made corresponding changes to
  Tor's testing infrastructure.  Finally, we've continued to refine
  our anti-denial-of-service code.

  Below are the changes since 0.3.3.9. For a list of only the changes
  since 0.3.4.7-rc, see the ChangeLog file.

  o New system requirements:
    - Tor no longer tries to support old operating systems without
      mmap() or some local equivalent. Apparently, compilation on such
      systems has been broken for some time, without anybody noticing or
      complaining. Closes ticket 25398.

  o Major features (directory authority, modularization):
    - The directory authority subsystem has been modularized. The code
      is now located in src/or/dirauth/, and is compiled in by default.
      To disable the module, the configure option
      --disable-module-dirauth has been added. This module may be
      disabled by default in some future release. Closes ticket 25610.

  o Major features (main loop, CPU usage):
    - When Tor is disabled (via DisableNetwork or via hibernation), it
      no longer needs to run any per-second events. This change should
      make it easier for mobile applications to disable Tor while the
      device is sleeping, or Tor is not running. Closes ticket 26063.
    - Tor no longer enables all of its periodic events by default.
      Previously, Tor would enable all possible main loop events,
      regardless of whether it needed them. Furthermore, many of these
      events are now disabled when Tor is hibernating or DisableNetwork
      is set. This is a big step towards reducing client CPU usage by
      reducing the amount of wake-ups the daemon does. Closes tickets
      25376 and 25762.
    - The bandwidth-limitation logic has been refactored so that
      bandwidth calculations are performed on-demand, rather than every
      TokenBucketRefillInterval milliseconds. This change should improve
      the granularity of our bandwidth calculations, and limit the
      number of times that the Tor process needs to wake up when it is
      idle. Closes ticket 25373.
    - Move responsibility for many operations from a once-per-second
      callback to a callback that is only scheduled as needed. Moving
      this functionality has allowed us to disable the callback when
      Tor's network is disabled. Once enough items are removed from our
      once-per-second callback, we can eliminate it entirely to conserve
      CPU when idle. The functionality removed includes: closing
      connections, circuits, and channels (ticket 25932); consensus
      voting (25937); flushing log callbacks (25951); honoring delayed
      SIGNEWNYM requests (25949); rescanning the consensus cache
      (25931); saving the state file to disk (25948); warning relay
      operators about unreachable ports (25952); and keeping track of
      Tor's uptime (26009).

  o Minor features (accounting):
    - When Tor becomes dormant, it now uses a scheduled event to wake up
      at the right time. Previously, we would use the per-second timer
      to check whether to wake up, but we no longer have any per-second
      timers enabled when the network is disabled. Closes ticket 26064.

  o Minor features (bug workaround):
    - Compile correctly on systems that provide the C11 stdatomic.h
      header, but where C11 atomic functions don't actually compile.
      Closes ticket 26779; workaround for Debian issue 903709.

  o Minor features (code quality):
    - Add optional spell-checking for the Tor codebase, using the
      "misspell" program. To use this feature, run "make check-typos".
      Closes ticket 25024.

  o Minor features (compatibility):
    - Tell OpenSSL to maintain backward compatibility with previous
      RSA1024/DH1024 users in Tor. With OpenSSL 1.1.1-pre6, these
      ciphers are disabled by default. Closes ticket 27344.
    - Tor now detects versions of OpenSSL 1.1.0 and later compiled with
      the no-deprecated option, and builds correctly with them. Closes
      tickets 19429, 19981, and 25353.

  o Minor features (compilation):
    - When compiling with --enable-openbsd-malloc or --enable-tcmalloc,
      tell the compiler not to include the system malloc implementation.
      Fixes bug 20424; bugfix on 0.2.0.20-rc.
    - Don't try to use a pragma to temporarily disable the
      -Wunused-const-variable warning if the compiler doesn't support
      it. Fixes bug 26785; bugfix on 0.3.2.11.
    - When building Tor, prefer to use Python 3 over Python 2, and more
      recent (contemplated) versions over older ones. Closes
      ticket 26372.

  o Minor features (compression, zstd):
    - When running with zstd, Tor now considers using advanced functions
      that the zstd maintainers have labeled as potentially unstable. To
      prevent breakage, Tor will only use this functionality when the
      runtime version of the zstd library matches the version with which
      Tor was compiled. Closes ticket 25162.

  o Minor features (configuration):
    - The "DownloadSchedule" options have been renamed to end with
      "DownloadInitialDelay". The old names are still allowed, but will
      produce a warning. Comma-separated lists are still permitted for
      these options, but all values after the first are ignored (as they
      have been since 0.2.9). Closes ticket 23354.

  o Minor features (continuous integration):
    - Log the compiler path and version during Appveyor builds.
      Implements ticket 27449.
    - Show config.log and test-suite.log after failed Appveyor builds.
      Also upload the zipped full logs as a build artifact. Implements
      ticket 27430.
    - Backport Travis rust distcheck to 0.3.3. Closes ticket 24629.
    - Enable macOS builds in our Travis CI configuration. Closes
      ticket 24629.
    - Install libcap-dev and libseccomp2-dev so these optional
      dependencies get tested on Travis CI. Closes ticket 26560.
    - Only post Appveyor IRC notifications when the build fails.
      Implements ticket 27275.
    - Run asciidoc during Travis CI. Implements ticket 27087.
    - Use ccache in our Travis CI configuration. Closes ticket 26952.
    - Add the necessary configuration files for continuous integration
      testing on Windows, via the Appveyor platform. Closes ticket
      25549. Patches from Marcin Cieślak and Isis Lovecruft.

  o Minor features (continuous integration, rust):
    - Use cargo cache in our Travis CI configuration. Closes
      ticket 26952.

  o Minor features (control port):
    - Introduce GETINFO "current-time/{local,utc}" to return the local
      and UTC times respectively in ISO format. This helps a controller
      like Tor Browser detect a time-related error. Closes ticket 25511.
      Patch by Neel Chauhan.
    - Introduce new fields to the CIRC_BW event. There are two new
      fields in each of the read and written directions. The DELIVERED
      fields report the total valid data on the circuit, as measured by
      the payload sizes of verified and error-checked relay command
      cells. The OVERHEAD fields report the total unused bytes in each
      of these cells. Closes ticket 25903.

  o Minor features (controller):
    - The control port now exposes the list of HTTPTunnelPorts and
      ExtOrPorts via GETINFO net/listeners/httptunnel and
      net/listeners/extor respectively. Closes ticket 26647.

  o Minor features (directory authorities):
    - Stop warning about incomplete bw lines before the first complete
      bw line has been found, so that additional header lines can be
      ignored. Fixes bug 25960; bugfix on 0.2.2.1-alpha
    - Authorities no longer vote to make the subprotocol version
      "LinkAuth=1" a requirement: it is unsupportable with NSS, and
      hasn't been needed since Tor 0.3.0.1-alpha. Closes ticket 27286.

  o Minor features (directory authority):
    - Directory authorities now open their key-pinning files as O_SYNC,
      to limit their chances of accidentally writing partial lines.
      Closes ticket 23909.

  o Minor features (directory authority, forward compatibility):
    - Make the lines of the measured bandwidth file able to contain
      their entries in any order. Previously, the node_id entry needed
      to come first. Closes ticket 26004.

  o Minor features (entry guards):
    - Introduce a new torrc option NumPrimaryGuards for controlling the
      number of primary guards. Closes ticket 25843.

  o Minor features (geoip):
    - Update geoip and geoip6 to the August 7 2018 Maxmind GeoLite2
      Country database. Closes ticket 27089.

  o Minor features (performance):
    - Avoid a needless call to malloc() when processing an incoming
      relay cell. Closes ticket 24914.
    - Make our timing-wheel code run a tiny bit faster on 32-bit
      platforms, by preferring 32-bit math to 64-bit. Closes
      ticket 24688.
    - Avoid a needless malloc()/free() pair every time we handle an ntor
      handshake. Closes ticket 25150.

  o Minor features (Rust, portability):
    - Rust cross-compilation is now supported. Closes ticket 25895.

  o Minor features (testing):
    - Add a unit test for voting_schedule_get_start_of_next_interval().
      Closes ticket 26014, and helps make unit test coverage
      more deterministic.
    - A new unittests module specifically for testing the functions in
      the (new-ish) bridges.c module has been created with new
      unittests, raising the code coverage percentages. Closes 25425.
    - We now have improved testing for addressmap_get_virtual_address()
      function. This should improve our test coverage, and make our test
      coverage more deterministic. Closes ticket 25993.

  o Minor features (timekeeping, circuit scheduling):
    - When keeping track of how busy each circuit have been recently on
      a given connection, use coarse-grained monotonic timers rather
      than gettimeofday(). This change should marginally increase
      accuracy and performance. Implements part of ticket 25927.

  o Minor features (unit tests):
    - Test complete bandwidth measurements files, and test that
      incomplete bandwidth lines only give warnings when the end of the
      header has not been detected. Fixes bug 25947; bugfix
      on 0.2.2.1-alpha

  o Minor bugfixes (bandwidth management):
    - Consider ourselves "low on write bandwidth" if we have exhausted
      our write bandwidth some time in the last second. This was the
      documented behavior before, but the actual behavior was to change
      this value every TokenBucketRefillInterval. Fixes bug 25828;
      bugfix on 0.2.3.5-alpha.

  o Minor bugfixes (C correctness):
    - Add a missing lock acquisition in the shutdown code of the control
      subsystem. Fixes bug 25675; bugfix on 0.2.7.3-rc. Found by
      Coverity; this is CID 1433643.

  o Minor bugfixes (code style):
    - Fixed multiple includes of transports.h in src/or/connection.c
      Fixes bug 25261; bugfix on 0.2.5.1-alpha.
    - Remove the unused variable n_possible from the function
      channel_get_for_extend(). Fixes bug 25645; bugfix on 0.2.4.4-alpha

  o Minor bugfixes (compilation):
    - Silence a spurious compiler warning on the GetAdaptersAddresses
      function pointer cast. This issue is already fixed by 26481 in
      0.3.5 and later, by removing the lookup and cast. Fixes bug 27465;
      bugfix on 0.2.3.11-alpha.
    - Stop calling SetProcessDEPPolicy() on 64-bit Windows. It is not
      supported, and always fails. Some compilers warn about the
      function pointer cast on 64-bit Windows. Fixes bug 27461; bugfix
      on 0.2.2.23-alpha.
    - Fix a compilation warning on some versions of GCC when building
      code that calls routerinfo_get_my_routerinfo() twice, assuming
      that the second call will succeed if the first one did. Fixes bug
      26269; bugfix on 0.2.8.2-alpha.
    - Refrain from compiling unit testing related object files when
      --disable-unittests is set to configure script. Fixes bug 24891;
      bugfix on 0.2.5.1-alpha.
    - The --enable-fatal-warnings flag now affects Rust code as well.
      Closes ticket 26245.
    - Avoid a compiler warning when casting the return value of
      smartlist_len() to double with DEBUG_SMARTLIST enabled. Fixes bug
      26283; bugfix on 0.2.4.10-alpha.

  o Minor bugfixes (compilation, windows):
    - Don't link or search for pthreads when building for Windows, even
      if we are using build environment (like mingw) that provides a
      pthreads library. Fixes bug 27081; bugfix on 0.1.0.1-rc.

  o Minor bugfixes (continuous integration):
    - Build with zstd on macOS. Fixes bug 27090; bugfix on 0.3.1.5-alpha.
    - Skip a pair of unreliable key generation tests on Windows, until
      the underlying issue in bug 26076 is resolved. Fixes bug 26830 and
      bug 26853; bugfix on 0.2.7.3-rc and 0.3.2.1-alpha respectively.

  o Minor bugfixes (control port):
    - Respond with more human-readable error messages to GETINFO exit-
      policy/* requests. Also, let controller know if an error is
      transient (response code 551) or not (response code 552). Fixes
      bug 25852; bugfix on 0.2.8.1-alpha.
    - Parse the "HSADDRESS=" parameter in HSPOST commands properly.
      Previously, it was misparsed and ignored. Fixes bug 26523; bugfix
      on 0.3.3.1-alpha. Patch by "akwizgran".
    - Make CIRC_BW event reflect the total of all data sent on a
      circuit, including padding and dropped cells. Also fix a mis-
      counting bug when STREAM_BW events were enabled. Fixes bug 25400;
      bugfix on 0.2.5.2-alpha.

  o Minor bugfixes (correctness, flow control):
    - Upon receiving a stream-level SENDME cell, verify that our window
      has not grown too large. Fixes bug 26214; bugfix on svn
2184
      r54 (pre-0.0.1).
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428

  o Minor bugfixes (directory authority):
    - When voting for recommended versions, make sure that all of the
      versions are well-formed and parsable. Fixes bug 26485; bugfix
      on 0.1.1.6-alpha.

  o Minor bugfixes (directory client):
    - When unverified-consensus is verified, rename it to cached-
      consenus. Fixes bug 4187; bugfix on 0.2.0.3-alpha.
    - Fixed launching a certificate fetch always during the scheduled
      periodic consensus fetch by fetching only in those cases when
      consensus are waiting for certs. Fixes bug 24740; bugfix
      on 0.2.9.1-alpha.

  o Minor bugfixes (error reporting):
    - Improve tolerance for directory authorities with skewed clocks.
      Previously, an authority with a clock more than 60 seconds ahead
      could cause a client with a correct clock to warn that the
      client's clock was behind. Now the clocks of a majority of
      directory authorities have to be ahead of the client before this
      warning will occur. Fixes bug 25756; bugfix on 0.2.2.25-alpha.

  o Minor bugfixes (in-process restart):
    - Always call tor_free_all() when leaving tor_run_main(). When we
      did not, restarting tor in-process would cause an assertion
      failure. Fixes bug 26948; bugfix on 0.3.3.1-alpha.

  o Minor bugfixes (Linux seccomp2 sandbox):
    - Fix a bug in our sandboxing rules for the openat() syscall.
      Previously, no openat() call would be permitted, which would break
      filesystem operations on recent glibc versions. Fixes bug 25440;
      bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto.

  o Minor bugfixes (logging):
    - Improve the log message when connection initiators fail to
      authenticate direct connections to relays. Fixes bug 26927; bugfix
      on 0.3.0.1-alpha.

  o Minor bugfixes (onion services):
    - Silence a spurious compiler warning in
      rend_client_send_introduction(). Fixes bug 27463; bugfix
      on 0.1.1.2-alpha.
    - Fix bug that causes services to not ever rotate their descriptors
      if they were getting SIGHUPed often. Fixes bug 26932; bugfix
      on 0.3.2.1-alpha.
    - Recompute some consensus information after detecting a clock jump,
      or after transitioning from a non-live consensus to a live
      consensus. We do this to avoid having an outdated state, and
      miscalculating the index for next-generation onion services. Fixes
      bug 24977; bugfix on 0.3.2.1-alpha.

  o Minor bugfixes (portability):
    - Fix compilation of the unit tests on GNU/Hurd, which does not
      define PATH_MAX. Fixes bug 26873; bugfix on 0.3.3.1-alpha. Patch
      from "paulusASol".
    - Work around two different bugs in the OS X 10.10 and later SDKs
      that would prevent us from successfully targeting earlier versions
      of OS X. Fixes bug 26876; bugfix on 0.3.3.1-alpha.
    - Do not align mmap length, as it is not required by POSIX, and the
      getpagesize function is deprecated. Fixes bug 25399; bugfix
      on 0.1.1.23.

  o Minor bugfixes (portability, FreeBSD):
    - In have_enough_mem_for_dircache(), the variable DIRCACHE_MIN_MEM_MB
      does not stringify on FreeBSD, so we switch to tor_asprintf().
      Fixes bug 20887; bugfix on 0.2.8.1-alpha. Patch by Neel Chauhan.

  o Minor bugfixes (relay statistics):
    - When a relay is collecting internal statistics about how many
      create cell requests it has seen of each type, accurately count
      the requests from relays that temporarily fall out of the
      consensus. (To be extra conservative, we were already ignoring
      requests from clients in our counts, and we continue ignoring them
      here.) Fixes bug 24910; bugfix on 0.2.4.17-rc.

  o Minor bugfixes (rust):
    - Backport test_rust.sh from master. Fixes bug 26497; bugfix
      on 0.3.1.5-alpha.
    - Protover parsing was accepting the presence of whitespace in
      version strings, which the C implementation would choke on, e.g.
      "Desc=1\t,2". Fixes bug 27177; bugfix on 0.3.3.5-rc.
    - Protover parsing was ignoring a 2nd hyphen and everything after
      it, accepting entries like "Link=1-5-foo". Fixes bug 27164; bugfix
      on 0.3.3.1-alpha.
    - Stop setting $CARGO_HOME. cargo will use the user's $CARGO_HOME, or
      $HOME/.cargo by default. Fixes bug 26497; bugfix on 0.3.1.5-alpha.
    - cd to ${abs_top_builddir}/src/rust before running cargo in
      src/test/test_rust.sh. This makes the working directory consistent
      between builds and tests. Fixes bug 26497; bugfix on 0.3.3.2-alpha.

  o Minor bugfixes (single onion services, Tor2web):
    - Log a protocol warning when single onion services or Tor2web
      clients fail to authenticate direct connections to relays. Fixes
      bug 26924; bugfix on 0.2.9.1-alpha.

  o Minor bugfixes (test coverage tools):
    - Update our "cov-diff" script to handle output from the latest
      version of gcov, and to remove extraneous timestamp information
      from its output. Fixes bugs 26101 and 26102; bugfix
      on 0.2.5.1-alpha.

  o Minor bugfixes (testing):
    - Disable core dumps in test_bt.sh, to avoid failures in "make
      distcheck". Fixes bug 26787; bugfix on 0.2.5.2-alpha.
    - When testing workqueue event-cancellation, make sure that we
      actually cancel an event, and that cancel each event with equal
      probability. (It was previously possible, though extremely
      unlikely, for our event-canceling test not to cancel any events.)
      Fixes bug 26008; bugfix on 0.2.6.3-alpha.
    - Repeat part of the test in test_client_pick_intro() a number of
      times, to give it consistent coverage. Fixes bug 25996; bugfix
      on 0.3.2.1-alpha.
    - Remove randomness from the hs_common/responsible_hsdirs test, so
      that it always takes the same path through the function it tests.
      Fixes bug 25997; bugfix on 0.3.2.1-alpha.
    - Change the behavior of the "channel/outbound" test so that it
      never causes a 10-second rollover for the EWMA circuitmux code.
      Previously, this behavior would happen randomly, and result in
      fluctuating test coverage. Fixes bug 25994; bugfix
      on 0.3.3.1-alpha.
    - Use X509_new() to allocate certificates that will be freed later
      with X509_free(). Previously, some parts of the unit tests had
      used tor_malloc_zero(), which is incorrect, and which caused test
      failures on Windows when they were built with extra hardening.
      Fixes bugs 25943 and 25944; bugfix on 0.2.8.1-alpha. Patch by
      Marcin Cieślak.
    - While running the circuit_timeout test, fix the PRNG to a
      deterministic AES stream, so that the test coverage from this test
      will itself be deterministic. Fixes bug 25995; bugfix
      on 0.2.2.2-alpha.

  o Minor bugfixes (testing, bootstrap):
    - When calculating bootstrap progress, check exit policies and the
      exit flag. Previously, Tor would only check the exit flag, which
      caused race conditions in small and fast networks like chutney.
      Fixes bug 27236; bugfix on 0.2.6.3-alpha.

  o Minor bugfixes (testing, chutney):
    - When running make test-network-all, use the mixed+hs-v2 network.
      (A previous fix to chutney removed v3 onion services from the
      mixed+hs-v23 network, so seeing "mixed+hs-v23" in tests is
      confusing.) Fixes bug 27345; bugfix on 0.3.2.1-alpha.
    - Before running make test-network-all, delete old logs and test
      result files, to avoid spurious failures. Fixes bug 27295; bugfix
      on 0.2.7.3-rc.

  o Minor bugfixes (testing, openssl compatibility):
    - Our "tortls/cert_matches_key" unit test no longer relies on
      OpenSSL internals. Previously, it relied on unsupported OpenSSL
      behavior in a way that caused it to crash with OpenSSL 1.0.2p.
      Fixes bug 27226; bugfix on 0.2.5.1-alpha.

  o Minor bugfixes (v3 onion services):
    - Stop sending ed25519 link specifiers in v3 onion service introduce
      cells and descriptors, when the rendezvous or introduction point
      doesn't support ed25519 link authentication. Fixes bug 26627;
      bugfix on 0.3.2.4-alpha.

  o Minor bugfixes (vanguards):
    - Allow the last hop in a vanguard circuit to be the same as our
      first, to prevent the adversary from influencing guard node choice
      by choice of last hop. Also prevent the creation of A - B - A
      paths, or A - A paths, which are forbidden by relays. Fixes bug
      25870; bugfix on 0.3.3.1-alpha.

  o Minor bugfixes (Windows, compilation):
    - Silence a compilation warning on MSVC 2017 and clang-cl. Fixes bug
      27185; bugfix on 0.2.2.2-alpha.

  o Code simplification and refactoring:
    - Remove duplicate code in parse_{c,s}method_line and bootstrap
      their functionalities into a single function. Fixes bug 6236;
      bugfix on 0.2.3.6-alpha.
    - We remove the PortForwsrding and PortForwardingHelper options,
      related functions, and the port_forwarding tests. These options
      were used by the now-deprecated Vidalia to help ordinary users
      become Tor relays or bridges. Closes ticket 25409. Patch by
      Neel Chauhan.
    - In order to make the OR and dir checking function in router.c less
      confusing we renamed some functions and
      consider_testing_reachability() has been split into
      router_should_check_reachability() and
      router_do_reachability_checks(). Also we improved the documentation
      in some functions. Closes ticket 18918.
    - Initial work to isolate Libevent usage to a handful of modules in
      our codebase, to simplify our call structure, and so that we can
      more easily change event loops in the future if needed. Closes
      ticket 23750.
    - Introduce a function to call getsockname() and return tor_addr_t,
      to save a little complexity throughout the codebase. Closes
      ticket 18105.
    - Make hsdir_index in node_t a hsdir_index_t rather than a pointer
      as hsdir_index is always present. Also, we move hsdir_index_t into
      or.h. Closes ticket 23094. Patch by Neel Chauhan.
    - Merge functions used for describing nodes and suppress the
      functions that do not allocate memory for the output buffer
      string. NODE_DESC_BUF_LEN constant and format_node_description()
      function cannot be used externally from router.c module anymore.
      Closes ticket 25432. Patch by valentecaio.
    - Our main loop has been simplified so that all important operations
      happen inside events. Previously, some operations had to happen
      outside the event loop, to prevent infinite sequences of event
      activations. Closes ticket 25374.
    - Put a SHA1 public key digest in hs_service_intro_point_t, and use
      it in register_intro_circ() and service_intro_point_new(). This
      prevents the digest from being re-calculated each time. Closes
      ticket 23107. Patch by Neel Chauhan.
    - Refactor token-bucket implementations to use a common backend.
      Closes ticket 25766.
    - Remove extern declaration of stats_n_seconds_working variable from
      main, protecting its accesses with get_uptime() and reset_uptime()
      functions. Closes ticket 25081, patch by “valentecaio”.
    - Remove our previous logic for "cached gettimeofday()" -- our
      coarse monotonic timers are fast enough for this purpose, and far
      less error-prone. Implements part of ticket 25927.
    - Remove the return value for fascist_firewall_choose_address_base(),
      and sister functions such as fascist_firewall_choose_address_node()
      and fascist_firewall_choose_address_rs(). Also, while we're here,
      initialize the ap argument as leaving it uninitialized can pose a
      security hazard. Closes ticket 24734. Patch by Neel Chauhan.
    - Rename two fields of connection_t struct. timestamp_lastwritten is
      renamed to timestamp_last_write_allowed and timestamp_lastread is
      renamed to timestamp_last_read_allowed. Closes ticket 24714, patch
      by "valentecaio".
    - Since Tor requires C99, remove our old workaround code for libc
      implementations where free(NULL) doesn't work. Closes ticket 24484.
    - Use our standard rate-limiting code to deal with excessive
      libevent failures, rather than the hand-rolled logic we had
      before. Closes ticket 26016.
    - We remove the return value of node_get_prim_orport() and
      node_get_prim_dirport(), and introduce node_get_prim_orport() in
      node_ipv6_or_preferred() and node_ipv6_dir_preferred() in order to
      check for a null address. Closes ticket 23873. Patch by
      Neel Chauhan.
    - We switch to should_record_bridge_info() in
      geoip_note_client_seen() and options_need_geoip_info() instead of
      accessing the configuration values directly. Fixes bug 25290;
      bugfix on 0.2.1.6-alpha. Patch by Neel Chauhan.

  o Deprecated features:
    - As we are not recommending 0.2.5 anymore, we require relays that
      once had an ed25519 key associated with their RSA key to always
      have that key, instead of allowing them to drop back to a version
      that didn't support ed25519. This means they need to use a new RSA
2429
      key if they want to downgrade to an older version of tor without
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
      ed25519. Closes ticket 20522.

  o Removed features:
    - Directory authorities will no longer support voting according to
      any consensus method before consensus method 25. This keeps
      authorities compatible with all authorities running 0.2.9.8 and
      later, and does not break any clients or relays. Implements ticket
      24378 and proposal 290.
    - The PortForwarding and PortForwardingHelper features have been
      removed. The reasoning is, given that implementations of NAT
      traversal protocols within common consumer grade routers are
      frequently buggy, and that the target audience for a NAT punching
      feature is a perhaps less-technically-inclined relay operator,
      when the helper fails to setup traversal the problems are usually
      deep, ugly, and very router specific, making them horrendously
      impossible for technical support to reliable assist with, and thus
      resulting in frustration all around. Unfortunately, relay
      operators who would like to run relays behind NATs will need to
      become more familiar with the port forwarding configurations on
      their local router. Closes 25409.
    - The TestingEnableTbEmptyEvent option has been removed. It was used
      in testing simulations to measure how often connection buckets
      were emptied, in order to improve our scheduling, but it has not
      been actively used in years. Closes ticket 25760.
    - The old "round-robin" circuit multiplexer (circuitmux)
      implementation has been removed, along with a fairly large set of
      code that existed to support it. It has not been the default
      circuitmux since we introduced the "EWMA" circuitmux in 0.2.4.x,
      but it still required an unreasonable amount of memory and CPU.
      Closes ticket 25268.


2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
2703
2704
2705
2706
2707
2708
2709
2710
2711
2712
2713
Changes in version 0.3.3.9 - 2018-07-13
  Tor 0.3.3.9 moves to a new bridge authority, meaning people running
  bridge relays should upgrade.

  o Directory authority changes:
    - The "Bifroest" bridge authority has been retired; the new bridge
      authority is "Serge", and it is operated by George from the
      TorBSD project. Closes ticket 26771.


Changes in version 0.3.2.11 - 2018-07-13
  Tor 0.3.2.11 moves to a new bridge authority, meaning people running
  bridge relays should upgrade. We also take this opportunity to backport
  other minor fixes.

  o Directory authority changes:
    - The "Bifroest" bridge authority has been retired; the new bridge
      authority is "Serge", and it is operated by George from the
      TorBSD project. Closes ticket 26771.

  o Directory authority changes (backport from 0.3.3.7):
    - Add an IPv6 address for the "dannenberg" directory authority.
      Closes ticket 26343.

  o Major bugfixes (directory authorities, backport from 0.3.4.1-alpha):
    - When directory authorities read a zero-byte bandwidth file, they
      would previously log a warning with the contents of an
      uninitialised buffer. They now log a warning about the empty file
      instead. Fixes bug 26007; bugfix on 0.2.2.1-alpha.

  o Major bugfixes (onion service, backport from 0.3.4.1-alpha):
    - Correctly detect when onion services get disabled after HUP. Fixes
      bug 25761; bugfix on 0.3.2.1.

  o Minor features (sandbox, backport from 0.3.3.4-alpha):
    - Explicitly permit the poll() system call when the Linux
      seccomp2-based sandbox is enabled: apparently, some versions of
      libc use poll() when calling getpwnam(). Closes ticket 25313.

  o Minor feature (continuous integration, backport from 0.3.3.5-rc):
    - Update the Travis CI configuration to use the stable Rust channel,
      now that we have decided to require that. Closes ticket 25714.

  o Minor features (continuous integration, backport from 0.3.4.1-alpha):
    - Our .travis.yml configuration now includes support for testing the
      results of "make distcheck". (It's not uncommon for "make check"
      to pass but "make distcheck" to fail.) Closes ticket 25814.
    - Our Travis CI configuration now integrates with the Coveralls
      coverage analysis tool. Closes ticket 25818.

  o Minor features (relay, diagnostic, backport from 0.3.4.3-alpha):
    - Add several checks to detect whether Tor relays are uploading
      their descriptors without specifying why they regenerated them.
      Diagnostic for ticket 25686.

  o Minor features (compilation, backport from 0.3.4.4-rc):
    - When building Tor, prefer to use Python 3 over Python 2, and more
      recent (contemplated) versions over older ones. Closes
      ticket 26372.

  o Minor features (geoip):
    - Update geoip and geoip6 to the July 3 2018 Maxmind GeoLite2
      Country database. Closes ticket 26674.

  o Minor bugfixes (correctness, client, backport from 0.3.4.1-alpha):
    - Upon receiving a malformed connected cell, stop processing the
      cell immediately. Previously we would mark the connection for
      close, but continue processing the cell as if the connection were
      open. Fixes bug 26072; bugfix on 0.2.4.7-alpha.

  o Minor bugfixes (Linux seccomp2 sandbox, backport from 0.3.4.1-alpha):
    - Allow the nanosleep() system call, which glibc uses to implement
      sleep() and usleep(). Fixes bug 24969; bugfix on 0.2.5.1-alpha.

  o Minor bugfixes (testing, compatibility, backport from 0.3.4.4-rc):
    - When running the hs_ntor_ref.py test, make sure only to pass
      strings (rather than "bytes" objects) to the Python subprocess
      module. Python 3 on Windows seems to require this. Fixes bug
      26535; bugfix on 0.3.1.1-alpha.
    - When running the ntor_ref.py test, make sure only to pass strings
      (rather than "bytes" objects) to the Python subprocess module.
      Python 3 on Windows seems to require this. Fixes bug 26535; bugfix
      on 0.2.5.5-alpha.

  o Minor bugfixes (compatibility, openssl, backport from 0.3.4.2-alpha):
    - Work around a change in OpenSSL 1.1.1 where return values that
      would previously indicate "no password" now indicate an empty
      password. Without this workaround, Tor instances running with
      OpenSSL 1.1.1 would accept descriptors that other Tor instances
      would reject. Fixes bug 26116; bugfix on 0.2.5.16.

  o Minor bugfixes (documentation, backport from 0.3.3.5-rc):
    - Document that the PerConnBW{Rate,Burst} options will fall back to
      their corresponding consensus parameters only if those parameters
      are set. Previously we had claimed that these values would always
      be set in the consensus. Fixes bug 25296; bugfix on 0.2.2.7-alpha.

  o Minor bugfixes (compilation, backport from 0.3.4.4-rc):
    - Fix a compilation warning on some versions of GCC when building
      code that calls routerinfo_get_my_routerinfo() twice, assuming
      that the second call will succeed if the first one did. Fixes bug
      26269; bugfix on 0.2.8.2-alpha.

  o Minor bugfixes (client, backport from 0.3.4.1-alpha):
    - Don't consider Tor running as a client if the ControlPort is open,
      but no actual client ports are open. Fixes bug 26062; bugfix
      on 0.2.9.4-alpha.

  o Minor bugfixes (hardening, backport from 0.3.4.2-alpha):
    - Prevent a possible out-of-bounds smartlist read in
      protover_compute_vote(). Fixes bug 26196; bugfix on 0.2.9.4-alpha.

  o Minor bugfixes (C correctness, backport from 0.3.3.4-alpha):
    - Fix a very unlikely (impossible, we believe) null pointer
      dereference. Fixes bug 25629; bugfix on 0.2.9.15. Found by
      Coverity; this is CID 1430932.

  o Minor bugfixes (onion service, backport from 0.3.4.1-alpha):
    - Fix a memory leak when a v3 onion service is configured and gets a
      SIGHUP signal. Fixes bug 25901; bugfix on 0.3.2.1-alpha.
    - When parsing the descriptor signature, look for the token plus an
      extra white-space at the end. This is more correct but also will
      allow us to support new fields that might start with "signature".
      Fixes bug 26069; bugfix on 0.3.0.1-alpha.

  o Minor bugfixes (relay, backport from 0.3.4.3-alpha):
    - Relays now correctly block attempts to re-extend to the previous
      relay by Ed25519 identity. Previously they would warn in this
      case, but not actually reject the attempt. Fixes bug 26158; bugfix
      on 0.3.0.1-alpha.

  o Minor bugfixes (relay, crash, backport from 0.3.4.1-alpha):
    - Avoid a crash when running with DirPort set but ORPort turned off.
      Fixes a case of bug 23693; bugfix on 0.3.1.1-alpha.

  o Minor bugfixes (compilation, backport from 0.3.4.2-alpha):
    - Silence unused-const-variable warnings in zstd.h with some GCC
      versions. Fixes bug 26272; bugfix on 0.3.1.1-alpha.

  o Minor bugfixes (testing, backport from 0.3.3.4-alpha):
    - Avoid intermittent test failures due to a test that had relied on
      onion service introduction point creation finishing within 5
      seconds of real clock time. Fixes bug 25450; bugfix
      on 0.3.1.3-alpha.

  o Minor bugfixes (compilation, backport from 0.3.3.4-alpha):
    - Fix a C99 compliance issue in our configuration script that caused
      compilation issues when compiling Tor with certain versions of
      xtools. Fixes bug 25474; bugfix on 0.3.2.5-alpha.

  o Minor bugfixes (memory, correctness, backport from 0.3.4.4-rc):
    - Fix a number of small memory leaks identified by coverity. Fixes
      bug 26467; bugfix on numerous Tor versions.

  o Code simplification and refactoring (backport from 0.3.3.5-rc):
    - Move the list of default directory authorities to its own file.
      Closes ticket 24854. Patch by "beastr0".


Changes in version 0.2.9.16 - 2018-07-13
  Tor 0.2.9.16 moves to a new bridge authority, meaning people running
  bridge relays should upgrade. We also take this opportunity to backport
  other minor fixes.

  o Directory authority changes:
    - The "Bifroest" bridge authority has been retired; the new bridge
      authority is "Serge", and it is operated by George from the
      TorBSD project. Closes ticket 26771.

  o Directory authority changes (backport from 0.3.3.7):
    - Add an IPv6 address for the "dannenberg" directory authority.
      Closes ticket 26343.

  o Major bugfixes (directory authorities, backport from 0.3.4.1-alpha):
    - When directory authorities read a zero-byte bandwidth file, they
      would previously log a warning with the contents of an
      uninitialised buffer. They now log a warning about the empty file
      instead. Fixes bug 26007; bugfix on 0.2.2.1-alpha.

  o Minor features (sandbox, backport from 0.3.3.4-alpha):
    - Explicitly permit the poll() system call when the Linux
      seccomp2-based sandbox is enabled: apparently, some versions of
      libc use poll() when calling getpwnam(). Closes ticket 25313.

  o Minor features (continuous integration, backport from 0.3.4.1-alpha):
    - Our .travis.yml configuration now includes support for testing the
      results of "make distcheck". (It's not uncommon for "make check"
      to pass but "make distcheck" to fail.) Closes ticket 25814.
    - Our Travis CI configuration now integrates with the Coveralls
      coverage analysis tool. Closes ticket 25818.

  o Minor features (compilation, backport from 0.3.4.4-rc):
    - When building Tor, prefer to use Python 3 over Python 2, and more
      recent (contemplated) versions over older ones. Closes
      ticket 26372.

  o Minor features (geoip):
    - Update geoip and geoip6 to the July 3 2018 Maxmind GeoLite2
      Country database. Closes ticket 26674.

  o Minor bugfixes (correctness, client, backport from 0.3.4.1-alpha):
    - Upon receiving a malformed connected cell, stop processing the
      cell immediately. Previously we would mark the connection for
      close, but continue processing the cell as if the connection were
      open. Fixes bug 26072; bugfix on 0.2.4.7-alpha.

  o Minor bugfixes (Linux seccomp2 sandbox, backport from 0.3.4.1-alpha):
    - Allow the nanosleep() system call, which glibc uses to implement
      sleep() and usleep(). Fixes bug 24969; bugfix on 0.2.5.1-alpha.

  o Minor bugfixes (testing, compatibility, backport from 0.3.4.4-rc):
    - When running the ntor_ref.py test, make sure only to pass strings
      (rather than "bytes" objects) to the Python subprocess module.
      Python 3 on Windows seems to require this. Fixes bug 26535; bugfix
      on 0.2.5.5-alpha.

  o Minor bugfixes (compatibility, openssl, backport from 0.3.4.2-alpha):
    - Work around a change in OpenSSL 1.1.1 where return values that
      would previously indicate "no password" now indicate an empty
      password. Without this workaround, Tor instances running with
      OpenSSL 1.1.1 would accept descriptors that other Tor instances
      would reject. Fixes bug 26116; bugfix on 0.2.5.16.

  o Minor bugfixes (compilation, backport from 0.3.4.4-rc):
    - Fix a compilation warning on some versions of GCC when building
      code that calls routerinfo_get_my_routerinfo() twice, assuming
      that the second call will succeed if the first one did. Fixes bug
      26269; bugfix on 0.2.8.2-alpha.

  o Minor bugfixes (client, backport from 0.3.4.1-alpha):
    - Don't consider Tor running as a client if the ControlPort is open,
      but no actual client ports are open. Fixes bug 26062; bugfix
      on 0.2.9.4-alpha.

  o Minor bugfixes (hardening, backport from 0.3.4.2-alpha):
    - Prevent a possible out-of-bounds smartlist read in
      protover_compute_vote(). Fixes bug 26196; bugfix on 0.2.9.4-alpha.

  o Minor bugfixes (C correctness, backport from 0.3.3.4-alpha):
    - Fix a very unlikely (impossible, we believe) null pointer
      dereference. Fixes bug 25629; bugfix on 0.2.9.15. Found by
      Coverity; this is CID 1430932.

  o Minor bugfixes (memory, correctness, backport from 0.3.4.4-rc):
    - Fix a number of small memory leaks identified by coverity. Fixes
      bug 26467; bugfix on numerous Tor versions.

  o Code simplification and refactoring (backport from 0.3.3.5-rc):
    - Move the list of default directory authorities to its own file.
      Closes ticket 24854. Patch by "beastr0".


2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783
2784
2785
Changes in version 0.3.3.8 - 2018-07-09
  Tor 0.3.3.8 backports several changes from the 0.3.4.x series, including
  fixes for a memory leak affecting directory authorities.

  o Major bugfixes (directory authority, backport from 0.3.4.3-alpha):
    - Stop leaking memory on directory authorities when planning to
      vote. This bug was crashing authorities by exhausting their
      memory. Fixes bug 26435; bugfix on 0.3.3.6.

  o Major bugfixes (rust, testing, backport from 0.3.4.3-alpha):
    - Make sure that failing tests in Rust will actually cause the build
      to fail: previously, they were ignored. Fixes bug 26258; bugfix
      on 0.3.3.4-alpha.

  o Minor features (compilation, backport from 0.3.4.4-rc):
    - When building Tor, prefer to use Python 3 over Python 2, and more
      recent (contemplated) versions over older ones. Closes
      ticket 26372.

  o Minor features (geoip):
    - Update geoip and geoip6 to the July 3 2018 Maxmind GeoLite2
      Country database. Closes ticket 26674.

  o Minor features (relay, diagnostic, backport from 0.3.4.3-alpha):
    - Add several checks to detect whether Tor relays are uploading
      their descriptors without specifying why they regenerated them.
      Diagnostic for ticket 25686.

  o Minor bugfixes (circuit path selection, backport from 0.3.4.1-alpha):
    - Don't count path selection failures as circuit build failures.
      This change should eliminate cases where Tor blames its guard or
      the network for situations like insufficient microdescriptors
      and/or overly restrictive torrc settings. Fixes bug 25705; bugfix
      on 0.3.3.1-alpha.

  o Minor bugfixes (compilation, backport from 0.3.4.4-rc):
    - Fix a compilation warning on some versions of GCC when building
      code that calls routerinfo_get_my_routerinfo() twice, assuming
      that the second call will succeed if the first one did. Fixes bug
      26269; bugfix on 0.2.8.2-alpha.

  o Minor bugfixes (control port, backport from 0.3.4.4-rc):
    - Handle the HSADDRESS= argument to the HSPOST command properly.
      (Previously, this argument was misparsed and thus ignored.) Fixes
      bug 26523; bugfix on 0.3.3.1-alpha. Patch by "akwizgran".

  o Minor bugfixes (memory, correctness, backport from 0.3.4.4-rc):
    - Fix a number of small memory leaks identified by coverity. Fixes
      bug 26467; bugfix on numerous Tor versions.

  o Minor bugfixes (relay, backport from 0.3.4.3-alpha):
    - Relays now correctly block attempts to re-extend to the previous
      relay by Ed25519 identity. Previously they would warn in this
      case, but not actually reject the attempt. Fixes bug 26158; bugfix
      on 0.3.0.1-alpha.

  o Minor bugfixes (restart-in-process, backport from 0.3.4.1-alpha):
    - When shutting down, Tor now clears all the flags in the control.c
      module. This should prevent a bug where authentication cookies are
      not generated on restart. Fixes bug 25512; bugfix on 0.3.3.1-alpha.

  o Minor bugfixes (testing, compatibility, backport from 0.3.4.4-rc):
    - When running the hs_ntor_ref.py test, make sure only to pass
      strings (rather than "bytes" objects) to the Python subprocess
      module. Python 3 on Windows seems to require this. Fixes bug
      26535; bugfix on 0.3.1.1-alpha.
    - When running the ntor_ref.py test, make sure only to pass strings
      (rather than "bytes" objects) to the Python subprocess module.
      Python 3 on Windows seems to require this. Fixes bug 26535; bugfix
      on 0.2.5.5-alpha.


2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
Changes in version 0.3.3.7 - 2018-06-12
  Tor 0.3.3.7 backports several changes from the 0.3.4.x series, including
  fixes for bugs affecting compatibility and stability.

  o Directory authority changes:
    - Add an IPv6 address for the "dannenberg" directory authority.
      Closes ticket 26343.

  o Minor features (geoip):
    - Update geoip and geoip6 to the June 7 2018 Maxmind GeoLite2
      Country database. Closes ticket 26351.

  o Minor bugfixes (compatibility, openssl, backport from 0.3.4.2-alpha):
    - Work around a change in OpenSSL 1.1.1 where return values that
      would previously indicate "no password" now indicate an empty
      password. Without this workaround, Tor instances running with
      OpenSSL 1.1.1 would accept descriptors that other Tor instances
      would reject. Fixes bug 26116; bugfix on 0.2.5.16.

  o Minor bugfixes (compilation, backport from 0.3.4.2-alpha):
    - Silence unused-const-variable warnings in zstd.h with some GCC
      versions. Fixes bug 26272; bugfix on 0.3.1.1-alpha.

  o Minor bugfixes (controller, backport from 0.3.4.2-alpha):
    - Improve accuracy of the BUILDTIMEOUT_SET control port event's
      TIMEOUT_RATE and CLOSE_RATE fields. (We were previously
      miscounting the total number of circuits for these field values.)
      Fixes bug 26121; bugfix on 0.3.3.1-alpha.

  o Minor bugfixes (hardening, backport from 0.3.4.2-alpha):
    - Prevent a possible out-of-bounds smartlist read in
      protover_compute_vote(). Fixes bug 26196; bugfix on 0.2.9.4-alpha.

  o Minor bugfixes (path selection, backport from 0.3.4.1-alpha):
    - Only select relays when they have the descriptors we prefer to use
      for them. This change fixes a bug where we could select a relay
      because it had _some_ descriptor, but reject it later with a
      nonfatal assertion error because it didn't have the exact one we
      wanted. Fixes bugs 25691 and 25692; bugfix on 0.3.3.4-alpha.


2827
2828
2829
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
2869
2870
2871
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
2912
2913
2914
2915
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925
2926
2927
2928
2929
2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
2940
2941
2942
2943
2944
2945
2946
2947
2948
2949
2950
2951
2952
2953
2954
2955
2956
2957
2958
2959
2960
2961
2962
2963
2964
2965
2966
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981
2982
2983
2984
2985
2986
2987
2988
2989
2990
2991
2992
2993
2994
2995
2996
2997
2998
2999
3000
3001
3002
3003
3004
3005
3006
3007
3008
3009
3010
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042
3043
3044
3045
3046
3047
3048
3049
3050
3051
3052
3053
3054
3055
3056
3057
3058
3059
3060
3061
3062
3063
3064
Changes in version 0.3.3.6 - 2018-05-22
  Tor 0.3.3.6 is the first stable release in the 0.3.3 series. It
  backports several important fixes from the 0.3.4.1-alpha.

  The Tor 0.3.3 series includes controller support and other
  improvements for v3 onion services, official support for embedding Tor
  within other applications, and our first non-trivial module written in
  the Rust programming language. (Rust is still not enabled by default
  when building Tor.) And as usual, there are numerous other smaller
  bugfixes, features, and improvements.

  Below are the changes since 0.3.2.10. For a list of only the changes
  since 0.3.3.5-rc, see the ChangeLog file.

  o New system requirements:
    - When built with Rust, Tor now depends on version 0.2.39 of the
      libc crate. Closes tickets 25310 and 25664.

  o Major features (embedding):
    - There is now a documented stable API for programs that need to
      embed Tor. See tor_api.h for full documentation and known bugs.
      Closes ticket 23684.
    - Tor now has support for restarting in the same process.
      Controllers that run Tor using the "tor_api.h" interface can now
      restart Tor after Tor has exited. This support is incomplete,
      however: we fixed crash bugs that prevented it from working at
      all, but many bugs probably remain, including a possibility of
      security issues. Implements ticket 24581.

  o Major features (IPv6, directory documents):
    - Add consensus method 27, which adds IPv6 ORPorts to the microdesc
      consensus. This information makes it easier for IPv6 clients to
      bootstrap and choose reachable entry guards. Implements
      ticket 23826.
    - Add consensus method 28, which removes IPv6 ORPorts from
      microdescriptors. Now that the consensus contains IPv6 ORPorts,
      they are redundant in microdescs. This change will be used by Tor
      clients on 0.2.8.x and later. (That is to say, with all Tor
      clients that have IPv6 bootstrap and guard support.) Implements
      ticket 23828.
    - Expand the documentation for AuthDirHasIPv6Connectivity when it is
      set by different numbers of authorities. Fixes 23870
      on 0.2.4.1-alpha.

  o Major features (onion service v3, control port):
    - The control port now supports commands and events for v3 onion
      services. It is now possible to create ephemeral v3 services using
      ADD_ONION. Additionally, several events (HS_DESC, HS_DESC_CONTENT,
      CIRC and CIRC_MINOR) and commands (GETINFO, HSPOST, ADD_ONION and
      DEL_ONION) have been extended to support v3 onion services. Closes
      ticket 20699; implements proposal 284.

  o Major features (onion services):
    - Provide torrc options to pin the second and third hops of onion
      service circuits to a list of nodes. The option HSLayer2Guards
      pins the second hop, and the option HSLayer3Guards pins the third
      hop. These options are for use in conjunction with experiments
      with "vanguards" for preventing guard enumeration attacks. Closes
      ticket 13837.
    - When v3 onion service clients send introduce cells, they now
      include the IPv6 address of the rendezvous point, if it has one.
      Current v3 onion services running 0.3.2 ignore IPv6 addresses, but
      in future Tor versions, IPv6-only v3 single onion services will be
      able to use IPv6 addresses to connect directly to the rendezvous
      point. Closes ticket 23577. Patch by Neel Chauhan.

  o Major features (relay):
    - Implement an option, ReducedExitPolicy, to allow an Tor exit relay
      operator to use a more reasonable ("reduced") exit policy, rather
      than the default one. If you want to run an exit node without
      thinking too hard about which ports to allow, this one is for you.
      Closes ticket 13605. Patch from Neel Chauhan.

  o Major features (rust, portability, experimental):
    - Tor now ships with an optional implementation of one of its
      smaller modules (protover.c) in the Rust programming language. To
      try it out, install a Rust build environment, and configure Tor
      with "--enable-rust --enable-cargo-online-mode". This should not
      cause any user-visible changes, but should help us gain more
      experience with Rust, and plan future Rust integration work.
      Implementation by Chelsea Komlo. Closes ticket 22840.

  o Major bugfixes (directory authorities, security, backport from 0.3.4.1-alpha):
    - When directory authorities read a zero-byte bandwidth file, they
      would previously log a warning with the contents of an
      uninitialised buffer. They now log a warning about the empty file
      instead. Fixes bug 26007; bugfix on 0.2.2.1-alpha.

  o Major bugfixes (security, directory authority, denial-of-service):
    - Fix a bug that could have allowed an attacker to force a directory
      authority to use up all its RAM by passing it a maliciously
      crafted protocol versions string. Fixes bug 25517; bugfix on
      0.2.9.4-alpha. This issue is also tracked as TROVE-2018-005.

  o Major bugfixes (crash, backport from 0.3.4.1-alpha):
    - Avoid a rare assertion failure in the circuit build timeout code
      if we fail to allow any circuits to actually complete. Fixes bug
      25733; bugfix on 0.2.2.2-alpha.

  o Major bugfixes (netflow padding):
    - Stop adding unneeded channel padding right after we finish
      flushing to a connection that has been trying to flush for many
      seconds. Instead, treat all partial or complete flushes as
      activity on the channel, which will defer the time until we need
      to add padding. This fix should resolve confusing and scary log
      messages like "Channel padding timeout scheduled 221453ms in the
      past." Fixes bug 22212; bugfix on 0.3.1.1-alpha.

  o Major bugfixes (networking):
    - Tor will no longer reject IPv6 address strings from Tor Browser
      when they are passed as hostnames in SOCKS5 requests. Fixes bug
      25036, bugfix on Tor 0.3.1.2.

  o Major bugfixes (onion service, backport from 0.3.4.1-alpha):
    - Correctly detect when onion services get disabled after HUP. Fixes
      bug 25761; bugfix on 0.3.2.1.

  o Major bugfixes (performance, load balancing):
    - Directory authorities no longer vote in favor of the Guard flag
      for relays without directory support. Starting in Tor
      0.3.0.1-alpha, clients have been avoiding using such relays in the
      Guard position, leading to increasingly broken load balancing for
      the 5%-or-so of Guards that don't advertise directory support.
      Fixes bug 22310; bugfix on 0.3.0.6.

  o Major bugfixes (relay):
    - If we have failed to connect to a relay and received a connection
      refused, timeout, or similar error (at the TCP level), do not try
      that same address/port again for 60 seconds after the failure has
      occurred. Fixes bug 24767; bugfix on 0.0.6.

  o Major bugfixes (relay, denial of service, backport from 0.3.4.1-alpha):
    - Impose a limit on circuit cell queue size. The limit can be
      controlled by a consensus parameter. Fixes bug 25226; bugfix
      on 0.2.4.14-alpha.

  o Minor features (cleanup):
    - Tor now deletes the CookieAuthFile and ExtORPortCookieAuthFile
      when it stops. Closes ticket 23271.

  o Minor features (compatibility, backport from 0.3.4.1-alpha):
    - Avoid some compilation warnings with recent versions of LibreSSL.
      Closes ticket 26006.

  o Minor features (config options):
    - Change the way the default value for MaxMemInQueues is calculated.
      We now use 40% of the hardware RAM if the system has 8 GB RAM or
      more. Otherwise we use the former value of 75%. Closes
      ticket 24782.

  o Minor features (continuous integration):
    - Update the Travis CI configuration to use the stable Rust channel,
      now that we have decided to require that. Closes ticket 25714.

  o Minor features (continuous integration, backport from 0.3.4.1-alpha):
    - Our .travis.yml configuration now includes support for testing the
      results of "make distcheck". (It's not uncommon for "make check"
      to pass but "make distcheck" to fail.) Closes ticket 25814.
    - Our Travis CI configuration now integrates with the Coveralls
      coverage analysis tool. Closes ticket 25818.

  o Minor features (defensive programming):
    - Most of the functions in Tor that free objects have been replaced
      with macros that free the objects and set the corresponding
      pointers to NULL. This change should help prevent a large class of
      dangling pointer bugs. Closes ticket 24337.
    - Where possible, the tor_free() macro now only evaluates its input
      once. Part of ticket 24337.
    - Check that microdesc ed25519 ids are non-zero in
      node_get_ed25519_id() before returning them. Implements ticket
      24001, patch by "aruna1234".

  o Minor features (directory authority):
    - When directory authorities are unable to add signatures to a
      pending consensus, log the reason why. Closes ticket 24849.

  o Minor features (embedding):
    - Tor can now start with a preauthenticated control connection
      created by the process that launched it. This feature is meant for
      use by programs that want to launch and manage a Tor process
      without allowing other programs to manage it as well. For more
      information, see the __OwningControllerFD option documented in
      control-spec.txt. Closes ticket 23900.
    - On most errors that would cause Tor to exit, it now tries to
      return from the tor_main() function, rather than calling the
      system exit() function. Most users won't notice a difference here,
      but it should be significant for programs that run Tor inside a
      separate thread: they should now be able to survive Tor's exit
      conditions rather than having Tor shut down the entire process.
      Closes ticket 23848.
    - Applications that want to embed Tor can now tell Tor not to
      register any of its own POSIX signal handlers, using the
      __DisableSignalHandlers option. Closes ticket 24588.

  o Minor features (fallback directory list):
    - Avoid selecting fallbacks that change their IP addresses too
      often. Select more fallbacks by ignoring the Guard flag, and
      allowing lower cutoffs for the Running and V2Dir flags. Also allow
      a lower bandwidth, and a higher number of fallbacks per operator
      (5% of the list). Implements ticket 24785.
    - Update the fallback whitelist and blacklist based on opt-ins and
      relay changes. Closes tickets 22321, 24678, 22527, 24135,
      and 24695.

  o Minor features (fallback directory mirror configuration):
    - Add a nickname to each fallback in a C comment. This makes it
      easier for operators to find their relays, and allows stem to use
      nicknames to identify fallbacks. Implements ticket 24600.
    - Add a type and version header to the fallback directory mirror
      file. Also add a delimiter to the end of each fallback entry. This
      helps external parsers like stem and Relay Search. Implements
      ticket 24725.
    - Add an extrainfo cache flag for each fallback in a C comment. This
      allows stem to use fallbacks to fetch extra-info documents, rather
      than using authorities. Implements ticket 22759.
    - Add the generateFallbackDirLine.py script for automatically
      generating fallback directory mirror lines from relay fingerprints.
      No more typos! Add the lookupFallbackDirContact.py script for
      automatically looking up operator contact info from relay
      fingerprints. Implements ticket 24706, patch by teor and atagar.
    - Reject any fallback directory mirror that serves an expired
      consensus. Implements ticket 20942, patch by "minik".
    - Remove commas and equals signs from external string inputs to the
      fallback list. This avoids format confusion attacks. Implements
      ticket 24726.
    - Remove the "weight=10" line from fallback directory mirror
      entries. Ticket 24681 will maintain the current fallback weights
      by changing Tor's default fallback weight to 10. Implements
      ticket 24679.
    - Stop logging excessive information about fallback netblocks.
      Implements ticket 24791.

  o Minor features (forward-compatibility):
    - If a relay supports some link authentication protocol that we do
      not recognize, then include that relay's ed25519 key when telling
      other relays to extend to it. Previously, we treated future
      versions as if they were too old to support ed25519 link
      authentication. Closes ticket 20895.
3065
3066

  o Minor features (geoip):
3067
3068
3069
3070
3071
3072
3073
3074
3075
3076
3077
3078
3079
3080
3081
3082
3083
3084
3085
3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
3117
3118
3119
3120
3121
3122
3123
3124
3125
3126
3127
3128
3129
3130
3131
3132
3133
3134
3135
3136
3137
3138
3139
3140
3141
3142
3143
3144
3145
3146
3147
3148
3149
3150
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165
3166
3167
3168
3169
3170
3171
3172
3173
3174
3175
3176
3177
3178
3179
3180
3181
3182
3183
3184
    - Update geoip and geoip6 to the May 1 2018 Maxmind GeoLite2 Country
      database. Closes ticket 26104.

  o Minor features (heartbeat):
    - Add onion service information to our heartbeat logs, displaying
      stats about the activity of configured onion services. Closes
      ticket 24896.

  o Minor features (instrumentation, development):
    - Add the MainloopStats option to allow developers to get
      instrumentation information from the main event loop via the
      heartbeat messages. We hope to use this to improve Tor's behavior
      when it's trying to sleep. Closes ticket 24605.

  o Minor features (IPv6):
    - Make IPv6-only clients wait for microdescs for relays, even if we
      were previously using descriptors (or were using them as a bridge)
      and have a cached descriptor for them. Implements ticket 23827.
    - When a consensus has IPv6 ORPorts, make IPv6-only clients use
      them, rather than waiting to download microdescriptors. Implements
      ticket 23827.

  o Minor features (log messages):
    - Improve log message in the out-of-memory handler to include
      information about memory usage from the different compression
      backends. Closes ticket 25372.
    - Improve a warning message that happens when we fail to re-parse an
      old router because of an expired certificate. Closes ticket 20020.
    - Make the log more quantitative when we hit MaxMemInQueues
      threshold exposing some values. Closes ticket 24501.

  o Minor features (logging):
    - Clarify the log messages produced when getrandom() or a related
      entropy-generation mechanism gives an error. Closes ticket 25120.
    - Added support for the Android logging subsystem. Closes
      ticket 24362.

  o Minor features (performance):
    - Support predictive circuit building for onion service circuits
      with multiple layers of guards. Closes ticket 23101.
    - Use stdatomic.h where available, rather than mutexes, to implement
      atomic_counter_t. Closes ticket 23953.

  o Minor features (performance, 32-bit):
    - Improve performance on 32-bit systems by avoiding 64-bit division
      when calculating the timestamp in milliseconds for channel padding
      computations. Implements ticket 24613.
    - Improve performance on 32-bit systems by avoiding 64-bit division
      when timestamping cells and buffer chunks for OOM calculations.
      Implements ticket 24374.

  o Minor features (performance, OSX, iOS):
    - Use the mach_approximate_time() function (when available) to
      implement coarse monotonic time. Having a coarse time function
      should avoid a large number of system calls, and improve
      performance slightly, especially under load. Closes ticket 24427.

  o Minor features (performance, windows):
    - Improve performance on Windows Vista and Windows 7 by adjusting
      TCP send window size according to the recommendation from
      SIO_IDEAL_SEND_BACKLOG_QUERY. Closes ticket 22798. Patch
      from Vort.

  o Minor features (sandbox):
    - Explicitly permit the poll() system call when the Linux
      seccomp2-based sandbox is enabled: apparently, some versions of
      libc use poll() when calling getpwnam(). Closes ticket 25313.

  o Minor features (storage, configuration):
    - Users can store cached directory documents somewhere other than
      the DataDirectory by using the CacheDirectory option. Similarly,
      the storage location for relay's keys can be overridden with the
      KeyDirectory option. Closes ticket 22703.

  o Minor features (testing):
    - Add a "make test-rust" target to run the rust tests only. Closes
      ticket 25071.

  o Minor features (testing, debugging, embedding):
    - For development purposes, Tor now has a mode in which it runs for
      a few seconds, then stops, and starts again without exiting the
      process. This mode is meant to help us debug various issues with
      ticket 23847. To use this feature, compile with
      --enable-restart-debugging, and set the TOR_DEBUG_RESTART
      environment variable. This is expected to crash a lot, and is
      really meant for developers only. It will likely be removed in a
      future release. Implements ticket 24583.

  o Minor bugfixes (build, rust):
    - Fix output of autoconf checks to display success messages for Rust
      dependencies and a suitable rustc compiler version. Fixes bug
      24612; bugfix on 0.3.1.3-alpha.
    - Don't pass the --quiet option to cargo: it seems to suppress some
      errors, which is not what we want to do when building. Fixes bug
      24518; bugfix on 0.3.1.7.
    - Build correctly when building from outside Tor's source tree with
      the TOR_RUST_DEPENDENCIES option set. Fixes bug 22768; bugfix
      on 0.3.1.7.

  o Minor bugfixes (C correctness):
    - Fix a very unlikely (impossible, we believe) null pointer
      dereference. Fixes bug 25629; bugfix on 0.2.9.15. Found by
      Coverity; this is CID 1430932.

  o Minor bugfixes (channel, client):
    - Better identify client connection when reporting to the geoip
      client cache. Fixes bug 24904; bugfix on 0.3.1.7.

  o Minor bugfixes (circuit, cannibalization):
    - Don't cannibalize preemptively-built circuits if we no longer
      recognize their first hop. This situation can happen if our Guard
      relay went off the consensus after the circuit was created. Fixes
      bug 24469; bugfix on 0.0.6.

  o Minor bugfixes (client, backport from 0.3.4.1-alpha):
    - Don't consider Tor running as a client if the ControlPort is open,
      but no actual client ports are open. Fixes bug 26062; bugfix
      on 0.2.9.4-alpha.
3185

3186
3187
3188
3189
3190
3191
3192
3193
3194
3195
3196
3197
3198
3199
3200
3201
3202
3203
3204
3205
3206
3207
3208
3209
3210
3211
3212
3213
3214
3215
3216
3217
3218
3219
3220
3221
3222
3223
3224
3225
3226
3227
3228
3229
3230
3231
3232
3233
3234
3235
3236
3237
3238
3239
3240
3241
3242
3243
3244
3245
3246
3247
3248
3249
3250
3251
3252
3253
3254
3255
3256
3257
3258
3259
3260
3261
3262
3263
3264
3265
3266
3267
3268
3269
3270
3271
3272
3273
3274
3275
3276
3277
3278
3279
3280
3281
3282
3283
3284
3285
3286
3287
3288
3289
3290
3291
3292
3293
3294
3295
3296
3297
3298
3299
3300
3301
3302
3303
  o Minor bugfixes (compilation):
    - Fix a C99 compliance issue in our configuration script that caused
      compilation issues when compiling Tor with certain versions of
      xtools. Fixes bug 25474; bugfix on 0.3.2.5-alpha.

  o Minor bugfixes (controller):
    - Restore the correct operation of the RESOLVE command, which had
      been broken since we added the ability to enable/disable DNS on
      specific listener ports. Fixes bug 25617; bugfix on 0.2.9.3-alpha.
    - Avoid a (nonfatal) assertion failure when extending a one-hop
      circuit from the controller to become a multihop circuit. Fixes
      bug 24903; bugfix on 0.2.5.2-alpha.

  o Minor bugfixes (correctness):
    - Remove a nonworking, unnecessary check to see whether a circuit
      hop's identity digest was set when the circuit failed. Fixes bug
      24927; bugfix on 0.2.4.4-alpha.

  o Minor bugfixes (correctness, client, backport from 0.3.4.1-alpha):
    - Upon receiving a malformed connected cell, stop processing the
      cell immediately. Previously we would mark the connection for
      close, but continue processing the cell as if the connection were
      open. Fixes bug 26072; bugfix on 0.2.4.7-alpha.

  o Minor bugfixes (directory authorities, IPv6):
    - When creating a routerstatus (vote) from a routerinfo (descriptor),
      set the IPv6 address to the unspecified IPv6 address, and
      explicitly initialize the port to zero. Fixes bug 24488; bugfix
      on 0.2.4.1-alpha.

  o Minor bugfixes (documentation):
    - Document that the PerConnBW{Rate,Burst} options will fall back to
      their corresponding consensus parameters only if those parameters
      are set. Previously we had claimed that these values would always
      be set in the consensus. Fixes bug 25296; bugfix on 0.2.2.7-alpha.

  o Minor bugfixes (documentation, backport from 0.3.4.1-alpha):
    - Stop saying in the manual that clients cache ipv4 dns answers from
      exit relays. We haven't used them since 0.2.6.3-alpha, and in
      ticket 24050 we stopped even caching them as of 0.3.2.6-alpha, but
      we forgot to say so in the man page. Fixes bug 26052; bugfix
      on 0.3.2.6-alpha.

  o Minor bugfixes (exit relay DNS retries):
    - Re-attempt timed-out DNS queries 3 times before failure, since our
      timeout is 5 seconds for them, but clients wait 10-15. Also allow
      slightly more timeouts per resolver when an exit has multiple
      resolvers configured. Fixes bug 21394; bugfix on 0.3.1.9.

  o Minor bugfixes (fallback directory mirrors):
    - Make updateFallbackDirs.py search harder for python. (Some OSs
      don't put it in /usr/bin.) Fixes bug 24708; bugfix
      on 0.2.8.1-alpha.

  o Minor bugfixes (hibernation, bandwidth accounting, shutdown):
    - When hibernating, close connections normally and allow them to
      flush. Fixes bug 23571; bugfix on 0.2.4.7-alpha. Also fixes
      bug 7267.
    - Do not attempt to launch self-reachability tests when entering
      hibernation. Fixes a case of bug 12062; bugfix on 0.0.9pre5.
    - Resolve several bugs related to descriptor fetching on bridge
      clients with bandwidth accounting enabled. (This combination is
      not recommended!) Fixes a case of bug 12062; bugfix
      on 0.2.0.3-alpha.
    - When hibernating, do not attempt to launch DNS checks. Fixes a
      case of bug 12062; bugfix on 0.1.2.2-alpha.
    - When hibernating, do not try to upload or download descriptors.
      Fixes a case of bug 12062; bugfix on 0.0.9pre5.

  o Minor bugfixes (IPv6, bridges):
    - Tor now always sets IPv6 preferences for bridges. Fixes bug 24573;
      bugfix on 0.2.8.2-alpha.
    - Tor now sets IPv6 address in the routerstatus as well as in the
      router descriptors when updating addresses for a bridge. Closes
      ticket 24572; bugfix on 0.2.4.5-alpha. Patch by "ffmancera".

  o Minor bugfixes (Linux seccomp2 sandbox):
    - When running with the sandbox enabled, reload configuration files
      correctly even when %include was used. Previously we would crash.
      Fixes bug 22605; bugfix on 0.3.1. Patch from Daniel Pinto.

  o Minor bugfixes (Linux seccomp2 sandbox, backport from 0.3.4.1-alpha):
    - Allow the nanosleep() system call, which glibc uses to implement
      sleep() and usleep(). Fixes bug 24969; bugfix on 0.2.5.1-alpha.

  o Minor bugfixes (logging):
    - Fix a (mostly harmless) race condition when invoking
      LOG_PROTOCOL_WARN message from a subthread while the torrc options
      are changing. Fixes bug 23954; bugfix on 0.1.1.9-alpha.

  o Minor bugfixes (man page, SocksPort):
    - Remove dead code from the old "SocksSocket" option, and rename
      SocksSocketsGroupWritable to UnixSocksGroupWritable. The old
      option still works, but is deprecated. Fixes bug 24343; bugfix
      on 0.2.6.3.

  o Minor bugfixes (memory leaks):
    - Avoid possible at-exit memory leaks related to use of Libevent's
      event_base_once() function. (This function tends to leak memory if
      the event_base is closed before the event fires.) Fixes bug 24584;
      bugfix on 0.2.8.1-alpha.
    - Fix a harmless memory leak in tor-resolve. Fixes bug 24582; bugfix
      on 0.2.1.1-alpha.

  o Minor bugfixes (network IPv6 test):
    - Tor's test scripts now check if "ping -6 ::1" works when the user
      runs "make test-network-all". Fixes bug 24677; bugfix on
      0.2.9.3-alpha. Patch by "ffmancera".

  o Minor bugfixes (networking):
    - string_is_valid_hostname() will not consider IP strings to be
      valid hostnames. Fixes bug 25055; bugfix on Tor 0.2.5.5.

  o Minor bugfixes (onion service v3):
    - Avoid an assertion failure when the next onion service descriptor
      rotation type is out of sync with the consensus's valid-after
      time. Instead, log a warning message with extra information, so we
      can better hunt down the cause of this assertion. Fixes bug 25306;
3304
3305
      bugfix on 0.3.2.1-alpha.

3306
3307
3308
3309
3310
3311
3312
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
3334
3335
3336
3337
3338
3339
3340
3341
3342
3343
3344
3345
  o Minor bugfixes (onion service, backport from 0.3.4.1-alpha):
    - Fix a memory leak when a v3 onion service is configured and gets a
      SIGHUP signal. Fixes bug 25901; bugfix on 0.3.2.1-alpha.
    - When parsing the descriptor signature, look for the token plus an
      extra white-space at the end. This is more correct but also will
      allow us to support new fields that might start with "signature".
      Fixes bug 26069; bugfix on 0.3.0.1-alpha.

  o Minor bugfixes (onion services):
    - If we are configured to offer a single onion service, don't log
      long-term established one hop rendezvous points in the heartbeat.
      Fixes bug 25116; bugfix on 0.2.9.6-rc.

  o Minor bugfixes (performance):
    - Reduce the number of circuits that will be opened at once during
      the circuit build timeout phase. This is done by increasing the
      idle timeout to 3 minutes, and lowering the maximum number of
      concurrent learning circuits to 10. Fixes bug 24769; bugfix
      on 0.3.1.1-alpha.
    - Avoid calling protocol_list_supports_protocol() from inside tight
      loops when running with cached routerinfo_t objects. Instead,
      summarize the relevant protocols as flags in the routerinfo_t, as
      we do for routerstatus_t objects. This change simplifies our code
      a little, and saves a large amount of short-term memory allocation
      operations. Fixes bug 25008; bugfix on 0.2.9.4-alpha.

  o Minor bugfixes (performance, timeouts):
    - Consider circuits for timeout as soon as they complete a hop. This
      is more accurate than applying the timeout in
      circuit_expire_building() because that function is only called
      once per second, which is now too slow for typical timeouts on the
      current network. Fixes bug 23114; bugfix on 0.2.2.2-alpha.
    - Use onion service circuits (and other circuits longer than 3 hops)
      to calculate a circuit build timeout. Previously, Tor only
      calculated its build timeout based on circuits that planned to be
      exactly 3 hops long. With this change, we include measurements
      from all circuits at the point where they complete their third
      hop. Fixes bug 23100; bugfix on 0.2.2.2-alpha.

  o Minor bugfixes (relay, crash, backport from 0.3.4.1-alpha):
3346
    - Avoid a crash when running with DirPort set but ORPort turned off.
3347
3348
3349
3350
3351
3352
3353
      Fixes a case of bug 23693; bugfix on 0.3.1.1-alpha.

  o Minor bugfixes (Rust FFI):
    - Fix a minor memory leak which would happen whenever the C code
      would call the Rust implementation of
      protover_get_supported_protocols(). This was due to the C version
      returning a static string, whereas the Rust version newly allocated
Nick Mathewson's avatar
Nick Mathewson committed
3354
      a CString to pass across the FFI boundary. Consequently, the C
3355
3356
3357
3358
3359
3360
3361
3362
3363
3364
3365
3366
3367
3368
3369
3370
3371
3372
3373
3374
3375
3376
3377
3378
3379
3380
3381
3382
3383
3384
3385
3386
3387
3388
3389
3390
3391
3392
3393
3394
3395
3396
3397
3398
3399
3400
3401
3402
3403
3404
3405
3406
3407
3408
3409
3410
3411
3412
3413
3414
3415
3416
3417
3418
3419
3420
3421
3422
3423
3424
3425
3426
3427
3428
3429
3430
3431
3432
3433
3434
3435
3436
3437
3438
3439
3440
3441
3442
3443
3444
3445
3446
3447
3448
3449
3450
3451
3452
3453
3454
3455
3456
3457
3458
3459
      code was not expecting to need to free() what it was given. Fixes
      bug 25127; bugfix on 0.3.2.1-alpha.

  o Minor bugfixes (spelling):
    - Use the "misspell" tool to detect and fix typos throughout the
      source code. Fixes bug 23650; bugfix on various versions of Tor.
      Patch from Deepesh Pathak.

  o Minor bugfixes (testing):
    - Avoid intermittent test failures due to a test that had relied on
      onion service introduction point creation finishing within 5
      seconds of real clock time. Fixes bug 25450; bugfix
      on 0.3.1.3-alpha.
    - Give out Exit flags in bootstrapping networks. Fixes bug 24137;
      bugfix on 0.2.3.1-alpha.

  o Minor bugfixes (unit test, monotonic time):
    - Increase a constant (1msec to 10msec) in the monotonic time test
      that makes sure the nsec/usec/msec times read are synchronized.
      This change was needed to accommodate slow systems like armel or
      when the clock_gettime() is not a VDSO on the running kernel.
      Fixes bug 25113; bugfix on 0.2.9.1.

  o Code simplification and refactoring:
    - Move the list of default directory authorities to its own file.
      Closes ticket 24854. Patch by "beastr0".
    - Remove the old (deterministic) directory retry logic entirely:
      We've used exponential backoff exclusively for some time. Closes
      ticket 23814.
    - Remove the unused nodelist_recompute_all_hsdir_indices(). Closes
      ticket 25108.
    - Remove a series of counters used to track circuit extend attempts
      and connection status but that in reality we aren't using for
      anything other than stats logged by a SIGUSR1 signal. Closes
      ticket 25163.
    - Remove /usr/athena from search path in configure.ac. Closes
      ticket 24363.
    - Remove duplicate code in node_has_curve25519_onion_key() and
      node_get_curve25519_onion_key(), and add a check for a zero
      microdesc curve25519 onion key. Closes ticket 23966, patch by
      "aruna1234" and teor.
    - Rewrite channel_rsa_id_group_set_badness to reduce temporary
      memory allocations with large numbers of OR connections (e.g.
      relays). Closes ticket 24119.
    - Separate the function that deletes ephemeral files when Tor
      stops gracefully.
    - Small changes to Tor's buf_t API to make it suitable for use as a
      general-purpose safe string constructor. Closes ticket 22342.
    - Switch -Wnormalized=id to -Wnormalized=nfkc in configure.ac to
      avoid source code identifier confusion. Closes ticket 24467.
    - The tor_git_revision[] constant no longer needs to be redeclared
      by everything that links against the rest of Tor. Done as part of
      ticket 23845, to simplify our external API.
    - We make extend_info_from_node() use node_get_curve25519_onion_key()
      introduced in ticket 23577 to access the curve25519 public keys
      rather than accessing it directly. Closes ticket 23760. Patch by
      Neel Chauhan.
    - Add a function to log channels' scheduler state changes to aid
      debugging efforts. Closes ticket 24531.

  o Documentation:
    - Improved the documentation of AccountingStart parameter. Closes
      ticket 23635.
    - Update the documentation for "Log" to include the current list of
      logging domains. Closes ticket 25378.
    - Add documentation on how to build tor with Rust dependencies
      without having to be online. Closes ticket 22907; bugfix
      on 0.3.0.3-alpha.
    - Clarify the behavior of RelayBandwidth{Rate,Burst} with client
      traffic. Closes ticket 24318.
    - Document that OutboundBindAddress doesn't apply to DNS requests.
      Closes ticket 22145. Patch from Aruna Maurya.

  o Code simplification and refactoring (channels):
    - Remove the incoming and outgoing channel queues. These were never
      used, but still took up a step in our fast path.
    - The majority of the channel unit tests have been rewritten and the
      code coverage has now been raised to 83.6% for channel.c. Closes
      ticket 23709.
    - Remove other dead code from the channel subsystem: All together,
      this cleanup has removed more than 1500 lines of code overall and
      adding very little except for unit test.

  o Code simplification and refactoring (circuit rendezvous):
    - Split the client-side rendezvous circuit lookup into two
      functions: one that returns only established circuits and another
      that returns all kinds of circuits. Closes ticket 23459.

  o Code simplification and refactoring (controller):
    - Make most of the variables in networkstatus_getinfo_by_purpose()
      const. Implements ticket 24489.

  o Documentation (backport from 0.3.4.1-alpha):
    - Correct an IPv6 error in the documentation for ExitPolicy. Closes
      ticket 25857. Patch from "CTassisF".

  o Documentation (man page):
    - The HiddenServiceVersion torrc option accepts only one number:
      either version 2 or 3. Closes ticket 25026; bugfix
      on 0.3.2.2-alpha.

  o Documentation (manpage, denial of service):
    - Provide more detail about the denial-of-service options, by
      listing each mitigation and explaining how they relate. Closes
      ticket 25248.
3460
3461
3462
3463
3464
3465
3466
3467
3468
3469
3470
3471
3472
3473
3474
3475


Changes in version 0.3.1.10 - 2018-03-03
  Tor 0.3.1.10 backports a number of bugfixes, including important fixes for
  security issues.

  It includes an important security fix for a remote crash attack
  against directory authorities, tracked as TROVE-2018-001.

  This release also backports our new system for improved resistance to
  denial-of-service attacks against relays.

  This release also fixes several minor bugs and annoyances from
  earlier releases.

  All directory authorities should upgrade to one of the versions
3476
  released today. Relays running 0.3.1.x may wish to update to one of
3477
3478
3479
  the versions released today, for the DoS mitigations.

  Please note: according to our release calendar, Tor 0.3.1 will no
3480
  longer be supported after 1 July 2018. If you will be running Tor
3481
3482
3483
3484
3485
3486
3487
3488
3489
3490
3491
3492
3493
3494
3495
3496
3497
3498
3499
3500
3501
3502
3503
3504
3505
3506
3507
3508
3509
3510
3511
3512
3513
3514
3515
3516
3517
3518
3519
3520
3521
3522
3523
3524
3525
3526
3527
3528
3529
3530
3531
3532
3533
3534
3535
3536
3537
3538
3539
3540
3541
3542
3543
3544
3545
3546
3547
3548
3549
3550
3551
3552
3553
3554
3555
3556
3557
3558
3559
3560
3561
3562
3563
3564
3565
3566
3567
3568
3569
3570
3571
3572
3573
3574
3575
3576
3577
3578
3579
3580
3581
3582
3583
3584
3585
3586
3587
3588
3589
3590
3591
3592
3593
3594
3595
3596
3597
3598
3599
3600
3601
3602
3603
3604
3605
3606
3607
3608
3609
3610
3611
3612
3613
3614
3615
3616
3617
3618
3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
3643
3644
3645
3646
3647
3648
3649
3650
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
3663
3664
3665
3666
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677
3678
3679
3680
3681
3682
3683
  after that date, you should make sure to plan to upgrade to the latest
  stable version, or downgrade to 0.2.9 (which will receive long-term
  support).

  o Major bugfixes (denial-of-service, directory authority, backport from 0.3.3.3-alpha):
    - Fix a protocol-list handling bug that could be used to remotely crash
      directory authorities with a null-pointer exception. Fixes bug 25074;
      bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2018-001 and
      CVE-2018-0490.

  o Major features (denial-of-service mitigation, backport from 0.3.3.2-alpha):
    - Give relays some defenses against the recent network overload. We
      start with three defenses (default parameters in parentheses).
      First: if a single client address makes too many concurrent
      connections (>100), hang up on further connections. Second: if a
      single client address makes circuits too quickly (more than 3 per
      second, with an allowed burst of 90) while also having too many
      connections open (3), refuse new create cells for the next while
      (1-2 hours). Third: if a client asks to establish a rendezvous
      point to you directly, ignore the request. These defenses can be
      manually controlled by new torrc options, but relays will also
      take guidance from consensus parameters, so there's no need to
      configure anything manually. Implements ticket 24902.

  o Minor features (linux seccomp2 sandbox, backport from 0.3.2.5-alpha):
    - Update the sandbox rules so that they should now work correctly
      with Glibc 2.26. Closes ticket 24315.

  o Major bugfixes (onion services, retry behavior, backport from 0.3.3.1-alpha):
    - Fix an "off by 2" error in counting rendezvous failures on the
      onion service side. While we thought we would stop the rendezvous
      attempt after one failed circuit, we were actually making three
      circuit attempts before giving up. Now switch to a default of 2,
      and allow the consensus parameter "hs_service_max_rdv_failures" to
      override. Fixes bug 24895; bugfix on 0.0.6.

  o Major bugfixes (protocol versions, backport from 0.3.3.2-alpha):
    - Add Link pro