ChangeLog 1.1 MB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716271727182719272027212722272327242725272627272728272927302731273227332734273527362737273827392740274127422743274427452746274727482749275027512752275327542755275627572758275927602761276227632764276527662767276827692770277127722773277427752776277727782779278027812782278327842785278627872788278927902791279227932794279527962797279827992800280128022803280428052806280728082809281028112812281328142815281628172818281928202821282228232824282528262827282828292830283128322833283428352836283728382839284028412842284328442845284628472848284928502851285228532854285528562857285828592860286128622863286428652866286728682869287028712872287328742875287628772878287928802881288228832884288528862887288828892890289128922893289428952896289728982899290029012902290329042905290629072908290929102911291229132914291529162917291829192920292129222923292429252926292729282929293029312932293329342935293629372938293929402941294229432944294529462947294829492950295129522953295429552956295729582959296029612962296329642965296629672968296929702971297229732974297529762977297829792980298129822983298429852986298729882989299029912992299329942995299629972998299930003001300230033004300530063007300830093010301130123013301430153016301730183019302030213022302330243025302630273028302930303031303230333034303530363037303830393040304130423043304430453046304730483049305030513052305330543055305630573058305930603061306230633064306530663067306830693070307130723073307430753076307730783079308030813082308330843085308630873088308930903091309230933094309530963097309830993100310131023103310431053106310731083109311031113112311331143115311631173118311931203121312231233124312531263127312831293130313131323133313431353136313731383139314031413142314331443145314631473148314931503151315231533154315531563157315831593160316131623163316431653166316731683169317031713172317331743175317631773178317931803181318231833184318531863187318831893190319131923193319431953196319731983199320032013202320332043205320632073208320932103211321232133214321532163217321832193220322132223223322432253226322732283229323032313232323332343235323632373238323932403241324232433244324532463247324832493250325132523253325432553256325732583259326032613262326332643265326632673268326932703271327232733274327532763277327832793280328132823283328432853286328732883289329032913292329332943295329632973298329933003301330233033304330533063307330833093310331133123313331433153316331733183319332033213322332333243325332633273328332933303331333233333334333533363337333833393340334133423343334433453346334733483349335033513352335333543355335633573358335933603361336233633364336533663367336833693370337133723373337433753376337733783379338033813382338333843385338633873388338933903391339233933394339533963397339833993400340134023403340434053406340734083409341034113412341334143415341634173418341934203421342234233424342534263427342834293430343134323433343434353436343734383439344034413442344334443445344634473448344934503451345234533454345534563457345834593460346134623463346434653466346734683469347034713472347334743475347634773478347934803481348234833484348534863487348834893490349134923493349434953496349734983499350035013502350335043505350635073508350935103511351235133514351535163517351835193520352135223523352435253526352735283529353035313532353335343535353635373538353935403541354235433544354535463547354835493550355135523553355435553556355735583559356035613562356335643565356635673568356935703571357235733574357535763577357835793580358135823583358435853586358735883589359035913592359335943595359635973598359936003601360236033604360536063607360836093610361136123613361436153616361736183619362036213622362336243625362636273628362936303631363236333634363536363637363836393640364136423643364436453646364736483649365036513652365336543655365636573658365936603661366236633664366536663667366836693670367136723673367436753676367736783679368036813682368336843685368636873688368936903691369236933694369536963697369836993700370137023703370437053706370737083709371037113712371337143715371637173718371937203721372237233724372537263727372837293730373137323733373437353736373737383739374037413742374337443745374637473748374937503751375237533754375537563757375837593760376137623763376437653766376737683769377037713772377337743775377637773778377937803781378237833784378537863787378837893790379137923793379437953796379737983799380038013802380338043805380638073808380938103811381238133814381538163817381838193820382138223823382438253826382738283829383038313832383338343835383638373838383938403841384238433844384538463847384838493850385138523853385438553856385738583859386038613862386338643865386638673868386938703871387238733874387538763877387838793880388138823883388438853886388738883889389038913892389338943895389638973898389939003901390239033904390539063907390839093910391139123913391439153916391739183919392039213922392339243925392639273928392939303931393239333934393539363937393839393940394139423943394439453946394739483949395039513952395339543955395639573958395939603961396239633964396539663967396839693970397139723973397439753976397739783979398039813982398339843985398639873988398939903991399239933994399539963997399839994000400140024003400440054006400740084009401040114012401340144015401640174018401940204021402240234024402540264027402840294030403140324033403440354036403740384039404040414042404340444045404640474048404940504051405240534054405540564057405840594060406140624063406440654066406740684069407040714072407340744075407640774078407940804081408240834084408540864087408840894090409140924093409440954096409740984099410041014102410341044105410641074108410941104111411241134114411541164117411841194120412141224123412441254126412741284129413041314132413341344135413641374138413941404141414241434144414541464147414841494150415141524153415441554156415741584159416041614162416341644165416641674168416941704171417241734174417541764177417841794180418141824183418441854186418741884189419041914192419341944195419641974198419942004201420242034204420542064207420842094210421142124213421442154216421742184219422042214222422342244225422642274228422942304231423242334234423542364237423842394240424142424243424442454246424742484249425042514252425342544255425642574258425942604261426242634264426542664267426842694270427142724273427442754276427742784279428042814282428342844285428642874288428942904291429242934294429542964297429842994300430143024303430443054306430743084309431043114312431343144315431643174318431943204321432243234324432543264327432843294330433143324333433443354336433743384339434043414342434343444345434643474348434943504351435243534354435543564357435843594360436143624363436443654366436743684369437043714372437343744375437643774378437943804381438243834384438543864387438843894390439143924393439443954396439743984399440044014402440344044405440644074408440944104411441244134414441544164417441844194420442144224423442444254426442744284429443044314432443344344435443644374438443944404441444244434444444544464447444844494450445144524453445444554456445744584459446044614462446344644465446644674468446944704471447244734474447544764477447844794480448144824483448444854486448744884489449044914492449344944495449644974498449945004501450245034504450545064507450845094510451145124513451445154516451745184519452045214522452345244525452645274528452945304531453245334534453545364537453845394540454145424543454445454546454745484549455045514552455345544555455645574558455945604561456245634564456545664567456845694570457145724573457445754576457745784579458045814582458345844585458645874588458945904591459245934594459545964597459845994600460146024603460446054606460746084609461046114612461346144615461646174618461946204621462246234624462546264627462846294630463146324633463446354636463746384639464046414642464346444645464646474648464946504651465246534654465546564657465846594660466146624663466446654666466746684669467046714672467346744675467646774678467946804681468246834684468546864687468846894690469146924693469446954696469746984699470047014702470347044705470647074708470947104711471247134714471547164717471847194720472147224723472447254726472747284729473047314732473347344735473647374738473947404741474247434744474547464747474847494750475147524753475447554756475747584759476047614762476347644765476647674768476947704771477247734774477547764777477847794780478147824783478447854786478747884789479047914792479347944795479647974798479948004801480248034804480548064807480848094810481148124813481448154816481748184819482048214822482348244825482648274828482948304831483248334834483548364837483848394840484148424843484448454846484748484849485048514852485348544855485648574858485948604861486248634864486548664867486848694870487148724873487448754876487748784879488048814882488348844885488648874888488948904891489248934894489548964897489848994900490149024903490449054906490749084909491049114912491349144915491649174918491949204921492249234924492549264927492849294930493149324933493449354936493749384939494049414942494349444945494649474948494949504951495249534954495549564957495849594960496149624963496449654966496749684969497049714972497349744975497649774978497949804981498249834984498549864987498849894990499149924993499449954996499749984999500050015002500350045005500650075008500950105011501250135014501550165017501850195020502150225023502450255026502750285029503050315032503350345035503650375038503950405041504250435044504550465047504850495050505150525053505450555056505750585059506050615062506350645065506650675068506950705071507250735074507550765077507850795080508150825083508450855086508750885089509050915092509350945095509650975098509951005101510251035104510551065107510851095110511151125113511451155116511751185119512051215122512351245125512651275128512951305131513251335134513551365137513851395140514151425143514451455146514751485149515051515152515351545155515651575158515951605161516251635164516551665167516851695170517151725173517451755176517751785179518051815182518351845185518651875188518951905191519251935194519551965197519851995200520152025203520452055206520752085209521052115212521352145215521652175218521952205221522252235224522552265227522852295230523152325233523452355236523752385239524052415242524352445245524652475248524952505251525252535254525552565257525852595260526152625263526452655266526752685269527052715272527352745275527652775278527952805281528252835284528552865287528852895290529152925293529452955296529752985299530053015302530353045305530653075308530953105311531253135314531553165317531853195320532153225323532453255326532753285329533053315332533353345335533653375338533953405341534253435344534553465347534853495350535153525353535453555356535753585359536053615362536353645365536653675368536953705371537253735374537553765377537853795380538153825383538453855386538753885389539053915392539353945395539653975398539954005401540254035404540554065407540854095410541154125413541454155416541754185419542054215422542354245425542654275428542954305431543254335434543554365437543854395440544154425443544454455446544754485449545054515452545354545455545654575458545954605461546254635464546554665467546854695470547154725473547454755476547754785479548054815482548354845485548654875488548954905491549254935494549554965497549854995500550155025503550455055506550755085509551055115512551355145515551655175518551955205521552255235524552555265527552855295530553155325533553455355536553755385539554055415542554355445545554655475548554955505551555255535554555555565557555855595560556155625563556455655566556755685569557055715572557355745575557655775578557955805581558255835584558555865587558855895590559155925593559455955596559755985599560056015602560356045605560656075608560956105611561256135614561556165617561856195620562156225623562456255626562756285629563056315632563356345635563656375638563956405641564256435644564556465647564856495650565156525653565456555656565756585659566056615662566356645665566656675668566956705671567256735674567556765677567856795680568156825683568456855686568756885689569056915692569356945695569656975698569957005701570257035704570557065707570857095710571157125713571457155716571757185719572057215722572357245725572657275728572957305731573257335734573557365737573857395740574157425743574457455746574757485749575057515752575357545755575657575758575957605761576257635764576557665767576857695770577157725773577457755776577757785779578057815782578357845785578657875788578957905791579257935794579557965797579857995800580158025803580458055806580758085809581058115812581358145815581658175818581958205821582258235824582558265827582858295830583158325833583458355836583758385839584058415842584358445845584658475848584958505851585258535854585558565857585858595860586158625863586458655866586758685869587058715872587358745875587658775878587958805881588258835884588558865887588858895890589158925893589458955896589758985899590059015902590359045905590659075908590959105911591259135914591559165917591859195920592159225923592459255926592759285929593059315932593359345935593659375938593959405941594259435944594559465947594859495950595159525953595459555956595759585959596059615962596359645965596659675968596959705971597259735974597559765977597859795980598159825983598459855986598759885989599059915992599359945995599659975998599960006001600260036004600560066007600860096010601160126013601460156016601760186019602060216022602360246025602660276028602960306031603260336034603560366037603860396040604160426043604460456046604760486049605060516052605360546055605660576058605960606061606260636064606560666067606860696070607160726073607460756076607760786079608060816082608360846085608660876088608960906091609260936094609560966097609860996100610161026103610461056106610761086109611061116112611361146115611661176118611961206121612261236124612561266127612861296130613161326133613461356136613761386139614061416142614361446145614661476148614961506151615261536154615561566157615861596160616161626163616461656166616761686169617061716172617361746175617661776178617961806181618261836184618561866187618861896190619161926193619461956196619761986199620062016202620362046205620662076208620962106211621262136214621562166217621862196220622162226223622462256226622762286229623062316232623362346235623662376238623962406241624262436244624562466247624862496250625162526253625462556256625762586259626062616262626362646265626662676268626962706271627262736274627562766277627862796280628162826283628462856286628762886289629062916292629362946295629662976298629963006301630263036304630563066307630863096310631163126313631463156316631763186319632063216322632363246325632663276328632963306331633263336334633563366337633863396340634163426343634463456346634763486349635063516352635363546355635663576358635963606361636263636364636563666367636863696370637163726373637463756376637763786379638063816382638363846385638663876388638963906391639263936394639563966397639863996400640164026403640464056406640764086409641064116412641364146415641664176418641964206421642264236424642564266427642864296430643164326433643464356436643764386439644064416442644364446445644664476448644964506451645264536454645564566457645864596460646164626463646464656466646764686469647064716472647364746475647664776478647964806481648264836484648564866487648864896490649164926493649464956496649764986499650065016502650365046505650665076508650965106511651265136514651565166517651865196520652165226523652465256526652765286529653065316532653365346535653665376538653965406541654265436544654565466547654865496550655165526553655465556556655765586559656065616562656365646565656665676568656965706571657265736574657565766577657865796580658165826583658465856586658765886589659065916592659365946595659665976598659966006601660266036604660566066607660866096610661166126613661466156616661766186619662066216622662366246625662666276628662966306631663266336634663566366637663866396640664166426643664466456646664766486649665066516652665366546655665666576658665966606661666266636664666566666667666866696670667166726673667466756676667766786679668066816682668366846685668666876688668966906691669266936694669566966697669866996700670167026703670467056706670767086709671067116712671367146715671667176718671967206721672267236724672567266727672867296730673167326733673467356736673767386739674067416742674367446745674667476748674967506751675267536754675567566757675867596760676167626763676467656766676767686769677067716772677367746775677667776778677967806781678267836784678567866787678867896790679167926793679467956796679767986799680068016802680368046805680668076808680968106811681268136814681568166817681868196820682168226823682468256826682768286829683068316832683368346835683668376838683968406841684268436844684568466847684868496850685168526853685468556856685768586859686068616862686368646865686668676868686968706871687268736874687568766877687868796880688168826883688468856886688768886889689068916892689368946895689668976898689969006901690269036904690569066907690869096910691169126913691469156916691769186919692069216922692369246925692669276928692969306931693269336934693569366937693869396940694169426943694469456946694769486949695069516952695369546955695669576958695969606961696269636964696569666967696869696970697169726973697469756976697769786979698069816982698369846985698669876988698969906991699269936994699569966997699869997000700170027003700470057006700770087009701070117012701370147015701670177018701970207021702270237024702570267027702870297030703170327033703470357036703770387039704070417042704370447045704670477048704970507051705270537054705570567057705870597060706170627063706470657066706770687069707070717072707370747075707670777078707970807081708270837084708570867087708870897090709170927093709470957096709770987099710071017102710371047105710671077108710971107111711271137114711571167117711871197120712171227123712471257126712771287129713071317132713371347135713671377138713971407141714271437144714571467147714871497150715171527153715471557156715771587159716071617162716371647165716671677168716971707171717271737174717571767177717871797180718171827183718471857186718771887189719071917192719371947195719671977198719972007201720272037204720572067207720872097210721172127213721472157216721772187219722072217222722372247225722672277228722972307231723272337234723572367237723872397240724172427243724472457246724772487249725072517252725372547255725672577258725972607261726272637264726572667267726872697270727172727273727472757276727772787279728072817282728372847285728672877288728972907291729272937294729572967297729872997300730173027303730473057306730773087309731073117312731373147315731673177318731973207321732273237324732573267327732873297330733173327333733473357336733773387339734073417342734373447345734673477348734973507351735273537354735573567357735873597360736173627363736473657366736773687369737073717372737373747375737673777378737973807381738273837384738573867387738873897390739173927393739473957396739773987399740074017402740374047405740674077408740974107411741274137414741574167417741874197420742174227423742474257426742774287429743074317432743374347435743674377438743974407441744274437444744574467447744874497450745174527453745474557456745774587459746074617462746374647465746674677468746974707471747274737474747574767477747874797480748174827483748474857486748774887489749074917492749374947495749674977498749975007501750275037504750575067507750875097510751175127513751475157516751775187519752075217522752375247525752675277528752975307531753275337534753575367537753875397540754175427543754475457546754775487549755075517552755375547555755675577558755975607561756275637564756575667567756875697570757175727573757475757576757775787579758075817582758375847585758675877588758975907591759275937594759575967597759875997600760176027603760476057606760776087609761076117612761376147615761676177618761976207621762276237624762576267627762876297630763176327633763476357636763776387639764076417642764376447645764676477648764976507651765276537654765576567657765876597660766176627663766476657666766776687669767076717672767376747675767676777678767976807681768276837684768576867687768876897690769176927693769476957696769776987699770077017702770377047705770677077708770977107711771277137714771577167717771877197720772177227723772477257726772777287729773077317732773377347735773677377738773977407741774277437744774577467747774877497750775177527753775477557756775777587759776077617762776377647765776677677768776977707771777277737774777577767777777877797780778177827783778477857786778777887789779077917792779377947795779677977798779978007801780278037804780578067807780878097810781178127813781478157816781778187819782078217822782378247825782678277828782978307831783278337834783578367837783878397840784178427843784478457846784778487849785078517852785378547855785678577858785978607861786278637864786578667867786878697870787178727873787478757876787778787879788078817882788378847885788678877888788978907891789278937894789578967897789878997900790179027903790479057906790779087909791079117912791379147915791679177918791979207921792279237924792579267927792879297930793179327933793479357936793779387939794079417942794379447945794679477948794979507951795279537954795579567957795879597960796179627963796479657966796779687969797079717972797379747975797679777978797979807981798279837984798579867987798879897990799179927993799479957996799779987999800080018002800380048005800680078008800980108011801280138014801580168017801880198020802180228023802480258026802780288029803080318032803380348035803680378038803980408041804280438044804580468047804880498050805180528053805480558056805780588059806080618062806380648065806680678068806980708071807280738074807580768077807880798080808180828083808480858086808780888089809080918092809380948095809680978098809981008101810281038104810581068107810881098110811181128113811481158116811781188119812081218122812381248125812681278128812981308131813281338134813581368137813881398140814181428143814481458146814781488149815081518152815381548155815681578158815981608161816281638164816581668167816881698170817181728173817481758176817781788179818081818182818381848185818681878188818981908191819281938194819581968197819881998200820182028203820482058206820782088209821082118212821382148215821682178218821982208221822282238224822582268227822882298230823182328233823482358236823782388239824082418242824382448245824682478248824982508251825282538254825582568257825882598260826182628263826482658266826782688269827082718272827382748275827682778278827982808281828282838284828582868287828882898290829182928293829482958296829782988299830083018302830383048305830683078308830983108311831283138314831583168317831883198320832183228323832483258326832783288329833083318332833383348335833683378338833983408341834283438344834583468347834883498350835183528353835483558356835783588359836083618362836383648365836683678368836983708371837283738374837583768377837883798380838183828383838483858386838783888389839083918392839383948395839683978398839984008401840284038404840584068407840884098410841184128413841484158416841784188419842084218422842384248425842684278428842984308431843284338434843584368437843884398440844184428443844484458446844784488449845084518452845384548455845684578458845984608461846284638464846584668467846884698470847184728473847484758476847784788479848084818482848384848485848684878488848984908491849284938494849584968497849884998500850185028503850485058506850785088509851085118512851385148515851685178518851985208521852285238524852585268527852885298530853185328533853485358536853785388539854085418542854385448545854685478548854985508551855285538554855585568557855885598560856185628563856485658566856785688569857085718572857385748575857685778578857985808581858285838584858585868587858885898590859185928593859485958596859785988599860086018602860386048605860686078608860986108611861286138614861586168617861886198620862186228623862486258626862786288629863086318632863386348635863686378638863986408641864286438644864586468647864886498650865186528653865486558656865786588659866086618662866386648665866686678668866986708671867286738674867586768677867886798680868186828683868486858686868786888689869086918692869386948695869686978698869987008701870287038704870587068707870887098710871187128713871487158716871787188719872087218722872387248725872687278728872987308731873287338734873587368737873887398740874187428743874487458746874787488749875087518752875387548755875687578758875987608761876287638764876587668767876887698770877187728773877487758776877787788779878087818782878387848785878687878788878987908791879287938794879587968797879887998800880188028803880488058806880788088809881088118812881388148815881688178818881988208821882288238824882588268827882888298830883188328833883488358836883788388839884088418842884388448845884688478848884988508851885288538854885588568857885888598860886188628863886488658866886788688869887088718872887388748875887688778878887988808881888288838884888588868887888888898890889188928893889488958896889788988899890089018902890389048905890689078908890989108911891289138914891589168917891889198920892189228923892489258926892789288929893089318932893389348935893689378938893989408941894289438944894589468947894889498950895189528953895489558956895789588959896089618962896389648965896689678968896989708971897289738974897589768977897889798980898189828983898489858986898789888989899089918992899389948995899689978998899990009001900290039004900590069007900890099010901190129013901490159016901790189019902090219022902390249025902690279028902990309031903290339034903590369037903890399040904190429043904490459046904790489049905090519052905390549055905690579058905990609061906290639064906590669067906890699070907190729073907490759076907790789079908090819082908390849085908690879088908990909091909290939094909590969097909890999100910191029103910491059106910791089109911091119112911391149115911691179118911991209121912291239124912591269127912891299130913191329133913491359136913791389139914091419142914391449145914691479148914991509151915291539154915591569157915891599160916191629163916491659166916791689169917091719172917391749175917691779178917991809181918291839184918591869187918891899190919191929193919491959196919791989199920092019202920392049205920692079208920992109211921292139214921592169217921892199220922192229223922492259226922792289229923092319232923392349235923692379238923992409241924292439244924592469247924892499250925192529253925492559256925792589259926092619262926392649265926692679268926992709271927292739274927592769277927892799280928192829283928492859286928792889289929092919292929392949295929692979298929993009301930293039304930593069307930893099310931193129313931493159316931793189319932093219322932393249325932693279328932993309331933293339334933593369337933893399340934193429343934493459346934793489349935093519352935393549355935693579358935993609361936293639364936593669367936893699370937193729373937493759376937793789379938093819382938393849385938693879388938993909391939293939394939593969397939893999400940194029403940494059406940794089409941094119412941394149415941694179418941994209421942294239424942594269427942894299430943194329433943494359436943794389439944094419442944394449445944694479448944994509451945294539454945594569457945894599460946194629463946494659466946794689469947094719472947394749475947694779478947994809481948294839484948594869487948894899490949194929493949494959496949794989499950095019502950395049505950695079508950995109511951295139514951595169517951895199520952195229523952495259526952795289529953095319532953395349535953695379538953995409541954295439544954595469547954895499550955195529553955495559556955795589559956095619562956395649565956695679568956995709571957295739574957595769577957895799580958195829583958495859586958795889589959095919592959395949595959695979598959996009601960296039604960596069607960896099610961196129613961496159616961796189619962096219622962396249625962696279628962996309631963296339634963596369637963896399640964196429643964496459646964796489649965096519652965396549655965696579658965996609661966296639664966596669667966896699670967196729673967496759676967796789679968096819682968396849685968696879688968996909691969296939694969596969697969896999700970197029703970497059706970797089709971097119712971397149715971697179718971997209721972297239724972597269727972897299730973197329733973497359736973797389739974097419742974397449745974697479748974997509751975297539754975597569757975897599760976197629763976497659766976797689769977097719772977397749775977697779778977997809781978297839784978597869787978897899790979197929793979497959796979797989799980098019802980398049805980698079808980998109811981298139814981598169817981898199820982198229823982498259826982798289829983098319832983398349835983698379838983998409841984298439844984598469847984898499850985198529853985498559856985798589859986098619862986398649865986698679868986998709871987298739874987598769877987898799880988198829883988498859886988798889889989098919892989398949895989698979898989999009901990299039904990599069907990899099910991199129913991499159916991799189919992099219922992399249925992699279928992999309931993299339934993599369937993899399940994199429943994499459946994799489949995099519952995399549955995699579958995999609961996299639964996599669967996899699970997199729973997499759976997799789979998099819982998399849985998699879988998999909991999299939994999599969997999899991000010001100021000310004100051000610007100081000910010100111001210013100141001510016100171001810019100201002110022100231002410025100261002710028100291003010031100321003310034100351003610037100381003910040100411004210043100441004510046100471004810049100501005110052100531005410055100561005710058100591006010061100621006310064100651006610067100681006910070100711007210073100741007510076100771007810079100801008110082100831008410085100861008710088100891009010091100921009310094100951009610097100981009910100101011010210103101041010510106101071010810109101101011110112101131011410115101161011710118101191012010121101221012310124101251012610127101281012910130101311013210133101341013510136101371013810139101401014110142101431014410145101461014710148101491015010151101521015310154101551015610157101581015910160101611016210163101641016510166101671016810169101701017110172101731017410175101761017710178101791018010181101821018310184101851018610187101881018910190101911019210193101941019510196101971019810199102001020110202102031020410205102061020710208102091021010211102121021310214102151021610217102181021910220102211022210223102241022510226102271022810229102301023110232102331023410235102361023710238102391024010241102421024310244102451024610247102481024910250102511025210253102541025510256102571025810259102601026110262102631026410265102661026710268102691027010271102721027310274102751027610277102781027910280102811028210283102841028510286102871028810289102901029110292102931029410295102961029710298102991030010301103021030310304103051030610307103081030910310103111031210313103141031510316103171031810319103201032110322103231032410325103261032710328103291033010331103321033310334103351033610337103381033910340103411034210343103441034510346103471034810349103501035110352103531035410355103561035710358103591036010361103621036310364103651036610367103681036910370103711037210373103741037510376103771037810379103801038110382103831038410385103861038710388103891039010391103921039310394103951039610397103981039910400104011040210403104041040510406104071040810409104101041110412104131041410415104161041710418104191042010421104221042310424104251042610427104281042910430104311043210433104341043510436104371043810439104401044110442104431044410445104461044710448104491045010451104521045310454104551045610457104581045910460104611046210463104641046510466104671046810469104701047110472104731047410475104761047710478104791048010481104821048310484104851048610487104881048910490104911049210493104941049510496104971049810499105001050110502105031050410505105061050710508105091051010511105121051310514105151051610517105181051910520105211052210523105241052510526105271052810529105301053110532105331053410535105361053710538105391054010541105421054310544105451054610547105481054910550105511055210553105541055510556105571055810559105601056110562105631056410565105661056710568105691057010571105721057310574105751057610577105781057910580105811058210583105841058510586105871058810589105901059110592105931059410595105961059710598105991060010601106021060310604106051060610607106081060910610106111061210613106141061510616106171061810619106201062110622106231062410625106261062710628106291063010631106321063310634106351063610637106381063910640106411064210643106441064510646106471064810649106501065110652106531065410655106561065710658106591066010661106621066310664106651066610667106681066910670106711067210673106741067510676106771067810679106801068110682106831068410685106861068710688106891069010691106921069310694106951069610697106981069910700107011070210703107041070510706107071070810709107101071110712107131071410715107161071710718107191072010721107221072310724107251072610727107281072910730107311073210733107341073510736107371073810739107401074110742107431074410745107461074710748107491075010751107521075310754107551075610757107581075910760107611076210763107641076510766107671076810769107701077110772107731077410775107761077710778107791078010781107821078310784107851078610787107881078910790107911079210793107941079510796107971079810799108001080110802108031080410805108061080710808108091081010811108121081310814108151081610817108181081910820108211082210823108241082510826108271082810829108301083110832108331083410835108361083710838108391084010841108421084310844108451084610847108481084910850108511085210853108541085510856108571085810859108601086110862108631086410865108661086710868108691087010871108721087310874108751087610877108781087910880108811088210883108841088510886108871088810889108901089110892108931089410895108961089710898108991090010901109021090310904109051090610907109081090910910109111091210913109141091510916109171091810919109201092110922109231092410925109261092710928109291093010931109321093310934109351093610937109381093910940109411094210943109441094510946109471094810949109501095110952109531095410955109561095710958109591096010961109621096310964109651096610967109681096910970109711097210973109741097510976109771097810979109801098110982109831098410985109861098710988109891099010991109921099310994109951099610997109981099911000110011100211003110041100511006110071100811009110101101111012110131101411015110161101711018110191102011021110221102311024110251102611027110281102911030110311103211033110341103511036110371103811039110401104111042110431104411045110461104711048110491105011051110521105311054110551105611057110581105911060110611106211063110641106511066110671106811069110701107111072110731107411075110761107711078110791108011081110821108311084110851108611087110881108911090110911109211093110941109511096110971109811099111001110111102111031110411105111061110711108111091111011111111121111311114111151111611117111181111911120111211112211123111241112511126111271112811129111301113111132111331113411135111361113711138111391114011141111421114311144111451114611147111481114911150111511115211153111541115511156111571115811159111601116111162111631116411165111661116711168111691117011171111721117311174111751117611177111781117911180111811118211183111841118511186111871118811189111901119111192111931119411195111961119711198111991120011201112021120311204112051120611207112081120911210112111121211213112141121511216112171121811219112201122111222112231122411225112261122711228112291123011231112321123311234112351123611237112381123911240112411124211243112441124511246112471124811249112501125111252112531125411255112561125711258112591126011261112621126311264112651126611267112681126911270112711127211273112741127511276112771127811279112801128111282112831128411285112861128711288112891129011291112921129311294112951129611297112981129911300113011130211303113041130511306113071130811309113101131111312113131131411315113161131711318113191132011321113221132311324113251132611327113281132911330113311133211333113341133511336113371133811339113401134111342113431134411345113461134711348113491135011351113521135311354113551135611357113581135911360113611136211363113641136511366113671136811369113701137111372113731137411375113761137711378113791138011381113821138311384113851138611387113881138911390113911139211393113941139511396113971139811399114001140111402114031140411405114061140711408114091141011411114121141311414114151141611417114181141911420114211142211423114241142511426114271142811429114301143111432114331143411435114361143711438114391144011441114421144311444114451144611447114481144911450114511145211453114541145511456114571145811459114601146111462114631146411465114661146711468114691147011471114721147311474114751147611477114781147911480114811148211483114841148511486114871148811489114901149111492114931149411495114961149711498114991150011501115021150311504115051150611507115081150911510115111151211513115141151511516115171151811519115201152111522115231152411525115261152711528115291153011531115321153311534115351153611537115381153911540115411154211543115441154511546115471154811549115501155111552115531155411555115561155711558115591156011561115621156311564115651156611567115681156911570115711157211573115741157511576115771157811579115801158111582115831158411585115861158711588115891159011591115921159311594115951159611597115981159911600116011160211603116041160511606116071160811609116101161111612116131161411615116161161711618116191162011621116221162311624116251162611627116281162911630116311163211633116341163511636116371163811639116401164111642116431164411645116461164711648116491165011651116521165311654116551165611657116581165911660116611166211663116641166511666116671166811669116701167111672116731167411675116761167711678116791168011681116821168311684116851168611687116881168911690116911169211693116941169511696116971169811699117001170111702117031170411705117061170711708117091171011711117121171311714117151171611717117181171911720117211172211723117241172511726117271172811729117301173111732117331173411735117361173711738117391174011741117421174311744117451174611747117481174911750117511175211753117541175511756117571175811759117601176111762117631176411765117661176711768117691177011771117721177311774117751177611777117781177911780117811178211783117841178511786117871178811789117901179111792117931179411795117961179711798117991180011801118021180311804118051180611807118081180911810118111181211813118141181511816118171181811819118201182111822118231182411825118261182711828118291183011831118321183311834118351183611837118381183911840118411184211843118441184511846118471184811849118501185111852118531185411855118561185711858118591186011861118621186311864118651186611867118681186911870118711187211873118741187511876118771187811879118801188111882118831188411885118861188711888118891189011891118921189311894118951189611897118981189911900119011190211903119041190511906119071190811909119101191111912119131191411915119161191711918119191192011921119221192311924119251192611927119281192911930119311193211933119341193511936119371193811939119401194111942119431194411945119461194711948119491195011951119521195311954119551195611957119581195911960119611196211963119641196511966119671196811969119701197111972119731197411975119761197711978119791198011981119821198311984119851198611987119881198911990119911199211993119941199511996119971199811999120001200112002120031200412005120061200712008120091201012011120121201312014120151201612017120181201912020120211202212023120241202512026120271202812029120301203112032120331203412035120361203712038120391204012041120421204312044120451204612047120481204912050120511205212053120541205512056120571205812059120601206112062120631206412065120661206712068120691207012071120721207312074120751207612077120781207912080120811208212083120841208512086120871208812089120901209112092120931209412095120961209712098120991210012101121021210312104121051210612107121081210912110121111211212113121141211512116121171211812119121201212112122121231212412125121261212712128121291213012131121321213312134121351213612137121381213912140121411214212143121441214512146121471214812149121501215112152121531215412155121561215712158121591216012161121621216312164121651216612167121681216912170121711217212173121741217512176121771217812179121801218112182121831218412185121861218712188121891219012191121921219312194121951219612197121981219912200122011220212203122041220512206122071220812209122101221112212122131221412215122161221712218122191222012221122221222312224122251222612227122281222912230122311223212233122341223512236122371223812239122401224112242122431224412245122461224712248122491225012251122521225312254122551225612257122581225912260122611226212263122641226512266122671226812269122701227112272122731227412275122761227712278122791228012281122821228312284122851228612287122881228912290122911229212293122941229512296122971229812299123001230112302123031230412305123061230712308123091231012311123121231312314123151231612317123181231912320123211232212323123241232512326123271232812329123301233112332123331233412335123361233712338123391234012341123421234312344123451234612347123481234912350123511235212353123541235512356123571235812359123601236112362123631236412365123661236712368123691237012371123721237312374123751237612377123781237912380123811238212383123841238512386123871238812389123901239112392123931239412395123961239712398123991240012401124021240312404124051240612407124081240912410124111241212413124141241512416124171241812419124201242112422124231242412425124261242712428124291243012431124321243312434124351243612437124381243912440124411244212443124441244512446124471244812449124501245112452124531245412455124561245712458124591246012461124621246312464124651246612467124681246912470124711247212473124741247512476124771247812479124801248112482124831248412485124861248712488124891249012491124921249312494124951249612497124981249912500125011250212503125041250512506125071250812509125101251112512125131251412515125161251712518125191252012521125221252312524125251252612527125281252912530125311253212533125341253512536125371253812539125401254112542125431254412545125461254712548125491255012551125521255312554125551255612557125581255912560125611256212563125641256512566125671256812569125701257112572125731257412575125761257712578125791258012581125821258312584125851258612587125881258912590125911259212593125941259512596125971259812599126001260112602126031260412605126061260712608126091261012611126121261312614126151261612617126181261912620126211262212623126241262512626126271262812629126301263112632126331263412635126361263712638126391264012641126421264312644126451264612647126481264912650126511265212653126541265512656126571265812659126601266112662126631266412665126661266712668126691267012671126721267312674126751267612677126781267912680126811268212683126841268512686126871268812689126901269112692126931269412695126961269712698126991270012701127021270312704127051270612707127081270912710127111271212713127141271512716127171271812719127201272112722127231272412725127261272712728127291273012731127321273312734127351273612737127381273912740127411274212743127441274512746127471274812749127501275112752127531275412755127561275712758127591276012761127621276312764127651276612767127681276912770127711277212773127741277512776127771277812779127801278112782127831278412785127861278712788127891279012791127921279312794127951279612797127981279912800128011280212803128041280512806128071280812809128101281112812128131281412815128161281712818128191282012821128221282312824128251282612827128281282912830128311283212833128341283512836128371283812839128401284112842128431284412845128461284712848128491285012851128521285312854128551285612857128581285912860128611286212863128641286512866128671286812869128701287112872128731287412875128761287712878128791288012881128821288312884128851288612887128881288912890128911289212893128941289512896128971289812899129001290112902129031290412905129061290712908129091291012911129121291312914129151291612917129181291912920129211292212923129241292512926129271292812929129301293112932129331293412935129361293712938129391294012941129421294312944129451294612947129481294912950129511295212953129541295512956129571295812959129601296112962129631296412965129661296712968129691297012971129721297312974129751297612977129781297912980129811298212983129841298512986129871298812989129901299112992129931299412995129961299712998129991300013001130021300313004130051300613007130081300913010130111301213013130141301513016130171301813019130201302113022130231302413025130261302713028130291303013031130321303313034130351303613037130381303913040130411304213043130441304513046130471304813049130501305113052130531305413055130561305713058130591306013061130621306313064130651306613067130681306913070130711307213073130741307513076130771307813079130801308113082130831308413085130861308713088130891309013091130921309313094130951309613097130981309913100131011310213103131041310513106131071310813109131101311113112131131311413115131161311713118131191312013121131221312313124131251312613127131281312913130131311313213133131341313513136131371313813139131401314113142131431314413145131461314713148131491315013151131521315313154131551315613157131581315913160131611316213163131641316513166131671316813169131701317113172131731317413175131761317713178131791318013181131821318313184131851318613187131881318913190131911319213193131941319513196131971319813199132001320113202132031320413205132061320713208132091321013211132121321313214132151321613217132181321913220132211322213223132241322513226132271322813229132301323113232132331323413235132361323713238132391324013241132421324313244132451324613247132481324913250132511325213253132541325513256132571325813259132601326113262132631326413265132661326713268132691327013271132721327313274132751327613277132781327913280132811328213283132841328513286132871328813289132901329113292132931329413295132961329713298132991330013301133021330313304133051330613307133081330913310133111331213313133141331513316133171331813319133201332113322133231332413325133261332713328133291333013331133321333313334133351333613337133381333913340133411334213343133441334513346133471334813349133501335113352133531335413355133561335713358133591336013361133621336313364133651336613367133681336913370133711337213373133741337513376133771337813379133801338113382133831338413385133861338713388133891339013391133921339313394133951339613397133981339913400134011340213403134041340513406134071340813409134101341113412134131341413415134161341713418134191342013421134221342313424134251342613427134281342913430134311343213433134341343513436134371343813439134401344113442134431344413445134461344713448134491345013451134521345313454134551345613457134581345913460134611346213463134641346513466134671346813469134701347113472134731347413475134761347713478134791348013481134821348313484134851348613487134881348913490134911349213493134941349513496134971349813499135001350113502135031350413505135061350713508135091351013511135121351313514135151351613517135181351913520135211352213523135241352513526135271352813529135301353113532135331353413535135361353713538135391354013541135421354313544135451354613547135481354913550135511355213553135541355513556135571355813559135601356113562135631356413565135661356713568135691357013571135721357313574135751357613577135781357913580135811358213583135841358513586135871358813589135901359113592135931359413595135961359713598135991360013601136021360313604136051360613607136081360913610136111361213613136141361513616136171361813619136201362113622136231362413625136261362713628136291363013631136321363313634136351363613637136381363913640136411364213643136441364513646136471364813649136501365113652136531365413655136561365713658136591366013661136621366313664136651366613667136681366913670136711367213673136741367513676136771367813679136801368113682136831368413685136861368713688136891369013691136921369313694136951369613697136981369913700137011370213703137041370513706137071370813709137101371113712137131371413715137161371713718137191372013721137221372313724137251372613727137281372913730137311373213733137341373513736137371373813739137401374113742137431374413745137461374713748137491375013751137521375313754137551375613757137581375913760137611376213763137641376513766137671376813769137701377113772137731377413775137761377713778137791378013781137821378313784137851378613787137881378913790137911379213793137941379513796137971379813799138001380113802138031380413805138061380713808138091381013811138121381313814138151381613817138181381913820138211382213823138241382513826138271382813829138301383113832138331383413835138361383713838138391384013841138421384313844138451384613847138481384913850138511385213853138541385513856138571385813859138601386113862138631386413865138661386713868138691387013871138721387313874138751387613877138781387913880138811388213883138841388513886138871388813889138901389113892138931389413895138961389713898138991390013901139021390313904139051390613907139081390913910139111391213913139141391513916139171391813919139201392113922139231392413925139261392713928139291393013931139321393313934139351393613937139381393913940139411394213943139441394513946139471394813949139501395113952139531395413955139561395713958139591396013961139621396313964139651396613967139681396913970139711397213973139741397513976139771397813979139801398113982139831398413985139861398713988139891399013991139921399313994139951399613997139981399914000140011400214003140041400514006140071400814009140101401114012140131401414015140161401714018140191402014021140221402314024140251402614027140281402914030140311403214033140341403514036140371403814039140401404114042140431404414045140461404714048140491405014051140521405314054140551405614057140581405914060140611406214063140641406514066140671406814069140701407114072140731407414075140761407714078140791408014081140821408314084140851408614087140881408914090140911409214093140941409514096140971409814099141001410114102141031410414105141061410714108141091411014111141121411314114141151411614117141181411914120141211412214123141241412514126141271412814129141301413114132141331413414135141361413714138141391414014141141421414314144141451414614147141481414914150141511415214153141541415514156141571415814159141601416114162141631416414165141661416714168141691417014171141721417314174141751417614177141781417914180141811418214183141841418514186141871418814189141901419114192141931419414195141961419714198141991420014201142021420314204142051420614207142081420914210142111421214213142141421514216142171421814219142201422114222142231422414225142261422714228142291423014231142321423314234142351423614237142381423914240142411424214243142441424514246142471424814249142501425114252142531425414255142561425714258142591426014261142621426314264142651426614267142681426914270142711427214273142741427514276142771427814279142801428114282142831428414285142861428714288142891429014291142921429314294142951429614297142981429914300143011430214303143041430514306143071430814309143101431114312143131431414315143161431714318143191432014321143221432314324143251432614327143281432914330143311433214333143341433514336143371433814339143401434114342143431434414345143461434714348143491435014351143521435314354143551435614357143581435914360143611436214363143641436514366143671436814369143701437114372143731437414375143761437714378143791438014381143821438314384143851438614387143881438914390143911439214393143941439514396143971439814399144001440114402144031440414405144061440714408144091441014411144121441314414144151441614417144181441914420144211442214423144241442514426144271442814429144301443114432144331443414435144361443714438144391444014441144421444314444144451444614447144481444914450144511445214453144541445514456144571445814459144601446114462144631446414465144661446714468144691447014471144721447314474144751447614477144781447914480144811448214483144841448514486144871448814489144901449114492144931449414495144961449714498144991450014501145021450314504145051450614507145081450914510145111451214513145141451514516145171451814519145201452114522145231452414525145261452714528145291453014531145321453314534145351453614537145381453914540145411454214543145441454514546145471454814549145501455114552145531455414555145561455714558145591456014561145621456314564145651456614567145681456914570145711457214573145741457514576145771457814579145801458114582145831458414585145861458714588145891459014591145921459314594145951459614597145981459914600146011460214603146041460514606146071460814609146101461114612146131461414615146161461714618146191462014621146221462314624146251462614627146281462914630146311463214633146341463514636146371463814639146401464114642146431464414645146461464714648146491465014651146521465314654146551465614657146581465914660146611466214663146641466514666146671466814669146701467114672146731467414675146761467714678146791468014681146821468314684146851468614687146881468914690146911469214693146941469514696146971469814699147001470114702147031470414705147061470714708147091471014711147121471314714147151471614717147181471914720147211472214723147241472514726147271472814729147301473114732147331473414735147361473714738147391474014741147421474314744147451474614747147481474914750147511475214753147541475514756147571475814759147601476114762147631476414765147661476714768147691477014771147721477314774147751477614777147781477914780147811478214783147841478514786147871478814789147901479114792147931479414795147961479714798147991480014801148021480314804148051480614807148081480914810148111481214813148141481514816148171481814819148201482114822148231482414825148261482714828148291483014831148321483314834148351483614837148381483914840148411484214843148441484514846148471484814849148501485114852148531485414855148561485714858148591486014861148621486314864148651486614867148681486914870148711487214873148741487514876148771487814879148801488114882148831488414885148861488714888148891489014891148921489314894148951489614897148981489914900149011490214903149041490514906149071490814909149101491114912149131491414915149161491714918149191492014921149221492314924149251492614927149281492914930149311493214933149341493514936149371493814939149401494114942149431494414945149461494714948149491495014951149521495314954149551495614957149581495914960149611496214963149641496514966149671496814969149701497114972149731497414975149761497714978149791498014981149821498314984149851498614987149881498914990149911499214993149941499514996149971499814999150001500115002150031500415005150061500715008150091501015011150121501315014150151501615017150181501915020150211502215023150241502515026150271502815029150301503115032150331503415035150361503715038150391504015041150421504315044150451504615047150481504915050150511505215053150541505515056150571505815059150601506115062150631506415065150661506715068150691507015071150721507315074150751507615077150781507915080150811508215083150841508515086150871508815089150901509115092150931509415095150961509715098150991510015101151021510315104151051510615107151081510915110151111511215113151141511515116151171511815119151201512115122151231512415125151261512715128151291513015131151321513315134151351513615137151381513915140151411514215143151441514515146151471514815149151501515115152151531515415155151561515715158151591516015161151621516315164151651516615167151681516915170151711517215173151741517515176151771517815179151801518115182151831518415185151861518715188151891519015191151921519315194151951519615197151981519915200152011520215203152041520515206152071520815209152101521115212152131521415215152161521715218152191522015221152221522315224152251522615227152281522915230152311523215233152341523515236152371523815239152401524115242152431524415245152461524715248152491525015251152521525315254152551525615257152581525915260152611526215263152641526515266152671526815269152701527115272152731527415275152761527715278152791528015281152821528315284152851528615287152881528915290152911529215293152941529515296152971529815299153001530115302153031530415305153061530715308153091531015311153121531315314153151531615317153181531915320153211532215323153241532515326153271532815329153301533115332153331533415335153361533715338153391534015341153421534315344153451534615347153481534915350153511535215353153541535515356153571535815359153601536115362153631536415365153661536715368153691537015371153721537315374153751537615377153781537915380153811538215383153841538515386153871538815389153901539115392153931539415395153961539715398153991540015401154021540315404154051540615407154081540915410154111541215413154141541515416154171541815419154201542115422154231542415425154261542715428154291543015431154321543315434154351543615437154381543915440154411544215443154441544515446154471544815449154501545115452154531545415455154561545715458154591546015461154621546315464154651546615467154681546915470154711547215473154741547515476154771547815479154801548115482154831548415485154861548715488154891549015491154921549315494154951549615497154981549915500155011550215503155041550515506155071550815509155101551115512155131551415515155161551715518155191552015521155221552315524155251552615527155281552915530155311553215533155341553515536155371553815539155401554115542155431554415545155461554715548155491555015551155521555315554155551555615557155581555915560155611556215563155641556515566155671556815569155701557115572155731557415575155761557715578155791558015581155821558315584155851558615587155881558915590155911559215593155941559515596155971559815599156001560115602156031560415605156061560715608156091561015611156121561315614156151561615617156181561915620156211562215623156241562515626156271562815629156301563115632156331563415635156361563715638156391564015641156421564315644156451564615647156481564915650156511565215653156541565515656156571565815659156601566115662156631566415665156661566715668156691567015671156721567315674156751567615677156781567915680156811568215683156841568515686156871568815689156901569115692156931569415695156961569715698156991570015701157021570315704157051570615707157081570915710157111571215713157141571515716157171571815719157201572115722157231572415725157261572715728157291573015731157321573315734157351573615737157381573915740157411574215743157441574515746157471574815749157501575115752157531575415755157561575715758157591576015761157621576315764157651576615767157681576915770157711577215773157741577515776157771577815779157801578115782157831578415785157861578715788157891579015791157921579315794157951579615797157981579915800158011580215803158041580515806158071580815809158101581115812158131581415815158161581715818158191582015821158221582315824158251582615827158281582915830158311583215833158341583515836158371583815839158401584115842158431584415845158461584715848158491585015851158521585315854158551585615857158581585915860158611586215863158641586515866158671586815869158701587115872158731587415875158761587715878158791588015881158821588315884158851588615887158881588915890158911589215893158941589515896158971589815899159001590115902159031590415905159061590715908159091591015911159121591315914159151591615917159181591915920159211592215923159241592515926159271592815929159301593115932159331593415935159361593715938159391594015941159421594315944159451594615947159481594915950159511595215953159541595515956159571595815959159601596115962159631596415965159661596715968159691597015971159721597315974159751597615977159781597915980159811598215983159841598515986159871598815989159901599115992159931599415995159961599715998159991600016001160021600316004160051600616007160081600916010160111601216013160141601516016160171601816019160201602116022160231602416025160261602716028160291603016031160321603316034160351603616037160381603916040160411604216043160441604516046160471604816049160501605116052160531605416055160561605716058160591606016061160621606316064160651606616067160681606916070160711607216073160741607516076160771607816079160801608116082160831608416085160861608716088160891609016091160921609316094160951609616097160981609916100161011610216103161041610516106161071610816109161101611116112161131611416115161161611716118161191612016121161221612316124161251612616127161281612916130161311613216133161341613516136161371613816139161401614116142161431614416145161461614716148161491615016151161521615316154161551615616157161581615916160161611616216163161641616516166161671616816169161701617116172161731617416175161761617716178161791618016181161821618316184161851618616187161881618916190161911619216193161941619516196161971619816199162001620116202162031620416205162061620716208162091621016211162121621316214162151621616217162181621916220162211622216223162241622516226162271622816229162301623116232162331623416235162361623716238162391624016241162421624316244162451624616247162481624916250162511625216253162541625516256162571625816259162601626116262162631626416265162661626716268162691627016271162721627316274162751627616277162781627916280162811628216283162841628516286162871628816289162901629116292162931629416295162961629716298162991630016301163021630316304163051630616307163081630916310163111631216313163141631516316163171631816319163201632116322163231632416325163261632716328163291633016331163321633316334163351633616337163381633916340163411634216343163441634516346163471634816349163501635116352163531635416355163561635716358163591636016361163621636316364163651636616367163681636916370163711637216373163741637516376163771637816379163801638116382163831638416385163861638716388163891639016391163921639316394163951639616397163981639916400164011640216403164041640516406164071640816409164101641116412164131641416415164161641716418164191642016421164221642316424164251642616427164281642916430164311643216433164341643516436164371643816439164401644116442164431644416445164461644716448164491645016451164521645316454164551645616457164581645916460164611646216463164641646516466164671646816469164701647116472164731647416475164761647716478164791648016481164821648316484164851648616487164881648916490164911649216493164941649516496164971649816499165001650116502165031650416505165061650716508165091651016511165121651316514165151651616517165181651916520165211652216523165241652516526165271652816529165301653116532165331653416535165361653716538165391654016541165421654316544165451654616547165481654916550165511655216553165541655516556165571655816559165601656116562165631656416565165661656716568165691657016571165721657316574165751657616577165781657916580165811658216583165841658516586165871658816589165901659116592165931659416595165961659716598165991660016601166021660316604166051660616607166081660916610166111661216613166141661516616166171661816619166201662116622166231662416625166261662716628166291663016631166321663316634166351663616637166381663916640166411664216643166441664516646166471664816649166501665116652166531665416655166561665716658166591666016661166621666316664166651666616667166681666916670166711667216673166741667516676166771667816679166801668116682166831668416685166861668716688166891669016691166921669316694166951669616697166981669916700167011670216703167041670516706167071670816709167101671116712167131671416715167161671716718167191672016721167221672316724167251672616727167281672916730167311673216733167341673516736167371673816739167401674116742167431674416745167461674716748167491675016751167521675316754167551675616757167581675916760167611676216763167641676516766167671676816769167701677116772167731677416775167761677716778167791678016781167821678316784167851678616787167881678916790167911679216793167941679516796167971679816799168001680116802168031680416805168061680716808168091681016811168121681316814168151681616817168181681916820168211682216823168241682516826168271682816829168301683116832168331683416835168361683716838168391684016841168421684316844168451684616847168481684916850168511685216853168541685516856168571685816859168601686116862168631686416865168661686716868168691687016871168721687316874168751687616877168781687916880168811688216883168841688516886168871688816889168901689116892168931689416895168961689716898168991690016901169021690316904169051690616907169081690916910169111691216913169141691516916169171691816919169201692116922169231692416925169261692716928169291693016931169321693316934169351693616937169381693916940169411694216943169441694516946169471694816949169501695116952169531695416955169561695716958169591696016961169621696316964169651696616967169681696916970169711697216973169741697516976169771697816979169801698116982169831698416985169861698716988169891699016991169921699316994169951699616997169981699917000170011700217003170041700517006170071700817009170101701117012170131701417015170161701717018170191702017021170221702317024170251702617027170281702917030170311703217033170341703517036170371703817039170401704117042170431704417045170461704717048170491705017051170521705317054170551705617057170581705917060170611706217063170641706517066170671706817069170701707117072170731707417075170761707717078170791708017081170821708317084170851708617087170881708917090170911709217093170941709517096170971709817099171001710117102171031710417105171061710717108171091711017111171121711317114171151711617117171181711917120171211712217123171241712517126171271712817129171301713117132171331713417135171361713717138171391714017141171421714317144171451714617147171481714917150171511715217153171541715517156171571715817159171601716117162171631716417165171661716717168171691717017171171721717317174171751717617177171781717917180171811718217183171841718517186171871718817189171901719117192171931719417195171961719717198171991720017201172021720317204172051720617207172081720917210172111721217213172141721517216172171721817219172201722117222172231722417225172261722717228172291723017231172321723317234172351723617237172381723917240172411724217243172441724517246172471724817249172501725117252172531725417255172561725717258172591726017261172621726317264172651726617267172681726917270172711727217273172741727517276172771727817279172801728117282172831728417285172861728717288172891729017291172921729317294172951729617297172981729917300173011730217303173041730517306173071730817309173101731117312173131731417315173161731717318173191732017321173221732317324173251732617327173281732917330173311733217333173341733517336173371733817339173401734117342173431734417345173461734717348173491735017351173521735317354173551735617357173581735917360173611736217363173641736517366173671736817369173701737117372173731737417375173761737717378173791738017381173821738317384173851738617387173881738917390173911739217393173941739517396173971739817399174001740117402174031740417405174061740717408174091741017411174121741317414174151741617417174181741917420174211742217423174241742517426174271742817429174301743117432174331743417435174361743717438174391744017441174421744317444174451744617447174481744917450174511745217453174541745517456174571745817459174601746117462174631746417465174661746717468174691747017471174721747317474174751747617477174781747917480174811748217483174841748517486174871748817489174901749117492174931749417495174961749717498174991750017501175021750317504175051750617507175081750917510175111751217513175141751517516175171751817519175201752117522175231752417525175261752717528175291753017531175321753317534175351753617537175381753917540175411754217543175441754517546175471754817549175501755117552175531755417555175561755717558175591756017561175621756317564175651756617567175681756917570175711757217573175741757517576175771757817579175801758117582175831758417585175861758717588175891759017591175921759317594175951759617597175981759917600176011760217603176041760517606176071760817609176101761117612176131761417615176161761717618176191762017621176221762317624176251762617627176281762917630176311763217633176341763517636176371763817639176401764117642176431764417645176461764717648176491765017651176521765317654176551765617657176581765917660176611766217663176641766517666176671766817669176701767117672176731767417675176761767717678176791768017681176821768317684176851768617687176881768917690176911769217693176941769517696176971769817699177001770117702177031770417705177061770717708177091771017711177121771317714177151771617717177181771917720177211772217723177241772517726177271772817729177301773117732177331773417735177361773717738177391774017741177421774317744177451774617747177481774917750177511775217753177541775517756177571775817759177601776117762177631776417765177661776717768177691777017771177721777317774177751777617777177781777917780177811778217783177841778517786177871778817789177901779117792177931779417795177961779717798177991780017801178021780317804178051780617807178081780917810178111781217813178141781517816178171781817819178201782117822178231782417825178261782717828178291783017831178321783317834178351783617837178381783917840178411784217843178441784517846178471784817849178501785117852178531785417855178561785717858178591786017861178621786317864178651786617867178681786917870178711787217873178741787517876178771787817879178801788117882178831788417885178861788717888178891789017891178921789317894178951789617897178981789917900179011790217903179041790517906179071790817909179101791117912179131791417915179161791717918179191792017921179221792317924179251792617927179281792917930179311793217933179341793517936179371793817939179401794117942179431794417945179461794717948179491795017951179521795317954179551795617957179581795917960179611796217963179641796517966179671796817969179701797117972179731797417975179761797717978179791798017981179821798317984179851798617987179881798917990179911799217993179941799517996179971799817999180001800118002180031800418005180061800718008180091801018011180121801318014180151801618017180181801918020180211802218023180241802518026180271802818029180301803118032180331803418035180361803718038180391804018041180421804318044180451804618047180481804918050180511805218053180541805518056180571805818059180601806118062180631806418065180661806718068180691807018071180721807318074180751807618077180781807918080180811808218083180841808518086180871808818089180901809118092180931809418095180961809718098180991810018101181021810318104181051810618107181081810918110181111811218113181141811518116181171811818119181201812118122181231812418125181261812718128181291813018131181321813318134181351813618137181381813918140181411814218143181441814518146181471814818149181501815118152181531815418155181561815718158181591816018161181621816318164181651816618167181681816918170181711817218173181741817518176181771817818179181801818118182181831818418185181861818718188181891819018191181921819318194181951819618197181981819918200182011820218203182041820518206182071820818209182101821118212182131821418215182161821718218182191822018221182221822318224182251822618227182281822918230182311823218233182341823518236182371823818239182401824118242182431824418245182461824718248182491825018251182521825318254182551825618257182581825918260182611826218263182641826518266182671826818269182701827118272182731827418275182761827718278182791828018281182821828318284182851828618287182881828918290182911829218293182941829518296182971829818299183001830118302183031830418305183061830718308183091831018311183121831318314183151831618317183181831918320183211832218323183241832518326183271832818329183301833118332183331833418335183361833718338183391834018341183421834318344183451834618347183481834918350183511835218353183541835518356183571835818359183601836118362183631836418365183661836718368183691837018371183721837318374183751837618377183781837918380183811838218383183841838518386183871838818389183901839118392183931839418395183961839718398183991840018401184021840318404184051840618407184081840918410184111841218413184141841518416184171841818419184201842118422184231842418425184261842718428184291843018431184321843318434184351843618437184381843918440184411844218443184441844518446184471844818449184501845118452184531845418455184561845718458184591846018461184621846318464184651846618467184681846918470184711847218473184741847518476184771847818479184801848118482184831848418485184861848718488184891849018491184921849318494184951849618497184981849918500185011850218503185041850518506185071850818509185101851118512185131851418515185161851718518185191852018521185221852318524185251852618527185281852918530185311853218533185341853518536185371853818539185401854118542185431854418545185461854718548185491855018551185521855318554185551855618557185581855918560185611856218563185641856518566185671856818569185701857118572185731857418575185761857718578185791858018581185821858318584185851858618587185881858918590185911859218593185941859518596185971859818599186001860118602186031860418605186061860718608186091861018611186121861318614186151861618617186181861918620186211862218623186241862518626186271862818629186301863118632186331863418635186361863718638186391864018641186421864318644186451864618647186481864918650186511865218653186541865518656186571865818659186601866118662186631866418665186661866718668186691867018671186721867318674186751867618677186781867918680186811868218683186841868518686186871868818689186901869118692186931869418695186961869718698186991870018701187021870318704187051870618707187081870918710187111871218713187141871518716187171871818719187201872118722187231872418725187261872718728187291873018731187321873318734187351873618737187381873918740187411874218743187441874518746187471874818749187501875118752187531875418755187561875718758187591876018761187621876318764187651876618767187681876918770187711877218773187741877518776187771877818779187801878118782187831878418785187861878718788187891879018791187921879318794187951879618797187981879918800188011880218803188041880518806188071880818809188101881118812188131881418815188161881718818188191882018821188221882318824188251882618827188281882918830188311883218833188341883518836188371883818839188401884118842188431884418845188461884718848188491885018851188521885318854188551885618857188581885918860188611886218863188641886518866188671886818869188701887118872188731887418875188761887718878188791888018881188821888318884188851888618887188881888918890188911889218893188941889518896188971889818899189001890118902189031890418905189061890718908189091891018911189121891318914189151891618917189181891918920189211892218923189241892518926189271892818929189301893118932189331893418935189361893718938189391894018941189421894318944189451894618947189481894918950189511895218953189541895518956189571895818959189601896118962189631896418965189661896718968189691897018971189721897318974189751897618977189781897918980189811898218983189841898518986189871898818989189901899118992189931899418995189961899718998189991900019001190021900319004190051900619007190081900919010190111901219013190141901519016190171901819019190201902119022190231902419025190261902719028190291903019031190321903319034190351903619037190381903919040190411904219043190441904519046190471904819049190501905119052190531905419055190561905719058190591906019061190621906319064190651906619067190681906919070190711907219073190741907519076190771907819079190801908119082190831908419085190861908719088190891909019091190921909319094190951909619097190981909919100191011910219103191041910519106191071910819109191101911119112191131911419115191161911719118191191912019121191221912319124191251912619127191281912919130191311913219133191341913519136191371913819139191401914119142191431914419145191461914719148191491915019151191521915319154191551915619157191581915919160191611916219163191641916519166191671916819169191701917119172191731917419175191761917719178191791918019181191821918319184191851918619187191881918919190191911919219193191941919519196191971919819199192001920119202192031920419205192061920719208192091921019211192121921319214192151921619217192181921919220192211922219223192241922519226192271922819229192301923119232192331923419235192361923719238192391924019241192421924319244192451924619247192481924919250192511925219253192541925519256192571925819259192601926119262192631926419265192661926719268192691927019271192721927319274192751927619277192781927919280192811928219283192841928519286192871928819289192901929119292192931929419295192961929719298192991930019301193021930319304193051930619307193081930919310193111931219313193141931519316193171931819319193201932119322193231932419325193261932719328193291933019331193321933319334193351933619337193381933919340193411934219343193441934519346193471934819349193501935119352193531935419355193561935719358193591936019361193621936319364193651936619367193681936919370193711937219373193741937519376193771937819379193801938119382193831938419385193861938719388193891939019391193921939319394193951939619397193981939919400194011940219403194041940519406194071940819409194101941119412194131941419415194161941719418194191942019421194221942319424194251942619427194281942919430194311943219433194341943519436194371943819439194401944119442194431944419445194461944719448194491945019451194521945319454194551945619457194581945919460194611946219463194641946519466194671946819469194701947119472194731947419475194761947719478194791948019481194821948319484194851948619487194881948919490194911949219493194941949519496194971949819499195001950119502195031950419505195061950719508195091951019511195121951319514195151951619517195181951919520195211952219523195241952519526195271952819529195301953119532195331953419535195361953719538195391954019541195421954319544195451954619547195481954919550195511955219553195541955519556195571955819559195601956119562195631956419565195661956719568195691957019571195721957319574195751957619577195781957919580195811958219583195841958519586195871958819589195901959119592195931959419595195961959719598195991960019601196021960319604196051960619607196081960919610196111961219613196141961519616196171961819619196201962119622196231962419625196261962719628196291963019631196321963319634196351963619637196381963919640196411964219643196441964519646196471964819649196501965119652196531965419655196561965719658196591966019661196621966319664196651966619667196681966919670196711967219673196741967519676196771967819679196801968119682196831968419685196861968719688196891969019691196921969319694196951969619697196981969919700197011970219703197041970519706197071970819709197101971119712197131971419715197161971719718197191972019721197221972319724197251972619727197281972919730197311973219733197341973519736197371973819739197401974119742197431974419745197461974719748197491975019751197521975319754197551975619757197581975919760197611976219763197641976519766197671976819769197701977119772197731977419775197761977719778197791978019781197821978319784197851978619787197881978919790197911979219793197941979519796197971979819799198001980119802198031980419805198061980719808198091981019811198121981319814198151981619817198181981919820198211982219823198241982519826198271982819829198301983119832198331983419835198361983719838198391984019841198421984319844198451984619847198481984919850198511985219853198541985519856198571985819859198601986119862198631986419865198661986719868198691987019871198721987319874198751987619877198781987919880198811988219883198841988519886198871988819889198901989119892198931989419895198961989719898198991990019901199021990319904199051990619907199081990919910199111991219913199141991519916199171991819919199201992119922199231992419925199261992719928199291993019931199321993319934199351993619937199381993919940199411994219943199441994519946199471994819949199501995119952199531995419955199561995719958199591996019961199621996319964199651996619967199681996919970199711997219973199741997519976199771997819979199801998119982199831998419985199861998719988199891999019991199921999319994199951999619997199981999920000200012000220003200042000520006200072000820009200102001120012200132001420015200162001720018200192002020021200222002320024200252002620027200282002920030200312003220033200342003520036200372003820039200402004120042200432004420045200462004720048200492005020051200522005320054200552005620057200582005920060200612006220063200642006520066200672006820069200702007120072200732007420075200762007720078200792008020081200822008320084200852008620087200882008920090200912009220093200942009520096200972009820099201002010120102201032010420105201062010720108201092011020111201122011320114201152011620117201182011920120201212012220123201242012520126201272012820129201302013120132201332013420135201362013720138201392014020141201422014320144201452014620147201482014920150201512015220153201542015520156201572015820159201602016120162201632016420165201662016720168201692017020171201722017320174201752017620177201782017920180201812018220183201842018520186201872018820189201902019120192201932019420195201962019720198201992020020201202022020320204202052020620207202082020920210202112021220213202142021520216202172021820219202202022120222202232022420225202262022720228202292023020231202322023320234202352023620237202382023920240202412024220243202442024520246202472024820249202502025120252202532025420255202562025720258202592026020261202622026320264202652026620267202682026920270202712027220273202742027520276202772027820279202802028120282202832028420285202862028720288202892029020291202922029320294202952029620297202982029920300203012030220303203042030520306203072030820309203102031120312203132031420315203162031720318203192032020321203222032320324203252032620327203282032920330203312033220333203342033520336203372033820339203402034120342203432034420345203462034720348203492035020351203522035320354203552035620357203582035920360203612036220363203642036520366203672036820369203702037120372203732037420375203762037720378203792038020381203822038320384203852038620387203882038920390203912039220393203942039520396203972039820399204002040120402204032040420405204062040720408204092041020411204122041320414204152041620417204182041920420204212042220423204242042520426204272042820429204302043120432204332043420435204362043720438204392044020441204422044320444204452044620447204482044920450204512045220453204542045520456204572045820459204602046120462204632046420465204662046720468204692047020471204722047320474204752047620477204782047920480204812048220483204842048520486204872048820489204902049120492204932049420495204962049720498204992050020501205022050320504205052050620507205082050920510205112051220513205142051520516205172051820519205202052120522205232052420525205262052720528205292053020531205322053320534205352053620537205382053920540205412054220543205442054520546205472054820549205502055120552205532055420555205562055720558205592056020561205622056320564205652056620567205682056920570205712057220573205742057520576205772057820579205802058120582205832058420585205862058720588205892059020591205922059320594205952059620597205982059920600206012060220603206042060520606206072060820609206102061120612206132061420615206162061720618206192062020621206222062320624206252062620627206282062920630206312063220633206342063520636206372063820639206402064120642206432064420645206462064720648206492065020651206522065320654206552065620657206582065920660206612066220663206642066520666206672066820669206702067120672206732067420675206762067720678206792068020681206822068320684206852068620687206882068920690206912069220693206942069520696206972069820699207002070120702207032070420705207062070720708207092071020711207122071320714207152071620717207182071920720207212072220723207242072520726207272072820729207302073120732207332073420735207362073720738207392074020741207422074320744207452074620747207482074920750207512075220753207542075520756207572075820759207602076120762207632076420765207662076720768207692077020771207722077320774207752077620777207782077920780207812078220783207842078520786207872078820789207902079120792207932079420795207962079720798207992080020801208022080320804208052080620807208082080920810208112081220813208142081520816208172081820819208202082120822208232082420825208262082720828208292083020831208322083320834208352083620837208382083920840208412084220843208442084520846208472084820849208502085120852208532085420855208562085720858208592086020861208622086320864208652086620867208682086920870208712087220873208742087520876208772087820879208802088120882208832088420885208862088720888208892089020891208922089320894208952089620897208982089920900209012090220903209042090520906209072090820909209102091120912209132091420915209162091720918209192092020921209222092320924209252092620927209282092920930209312093220933209342093520936209372093820939209402094120942209432094420945209462094720948209492095020951209522095320954209552095620957209582095920960209612096220963209642096520966209672096820969209702097120972209732097420975209762097720978209792098020981209822098320984209852098620987209882098920990209912099220993209942099520996209972099820999210002100121002210032100421005210062100721008210092101021011210122101321014210152101621017210182101921020210212102221023210242102521026210272102821029210302103121032210332103421035210362103721038210392104021041210422104321044210452104621047210482104921050210512105221053210542105521056210572105821059210602106121062210632106421065210662106721068210692107021071210722107321074210752107621077210782107921080210812108221083210842108521086210872108821089210902109121092210932109421095210962109721098210992110021101211022110321104211052110621107211082110921110211112111221113211142111521116211172111821119211202112121122211232112421125211262112721128211292113021131211322113321134211352113621137211382113921140211412114221143211442114521146211472114821149211502115121152211532115421155211562115721158211592116021161211622116321164211652116621167211682116921170211712117221173211742117521176211772117821179211802118121182211832118421185211862118721188211892119021191211922119321194211952119621197211982119921200212012120221203212042120521206212072120821209212102121121212212132121421215212162121721218212192122021221212222122321224212252122621227212282122921230212312123221233212342123521236212372123821239212402124121242212432124421245212462124721248212492125021251212522125321254212552125621257212582125921260212612126221263212642126521266212672126821269212702127121272212732127421275212762127721278212792128021281212822128321284212852128621287212882128921290212912129221293212942129521296212972129821299213002130121302213032130421305213062130721308213092131021311213122131321314213152131621317213182131921320213212132221323213242132521326213272132821329213302133121332213332133421335213362133721338213392134021341213422134321344213452134621347213482134921350213512135221353213542135521356213572135821359213602136121362213632136421365213662136721368213692137021371213722137321374213752137621377213782137921380213812138221383213842138521386213872138821389213902139121392213932139421395213962139721398213992140021401214022140321404214052140621407214082140921410214112141221413214142141521416214172141821419214202142121422214232142421425214262142721428214292143021431214322143321434214352143621437214382143921440214412144221443214442144521446214472144821449214502145121452214532145421455214562145721458214592146021461214622146321464214652146621467214682146921470214712147221473214742147521476214772147821479214802148121482214832148421485214862148721488214892149021491214922149321494214952149621497214982149921500215012150221503215042150521506215072150821509215102151121512215132151421515215162151721518215192152021521215222152321524215252152621527215282152921530215312153221533215342153521536215372153821539215402154121542215432154421545215462154721548215492155021551215522155321554215552155621557215582155921560215612156221563215642156521566215672156821569215702157121572215732157421575215762157721578215792158021581215822158321584215852158621587215882158921590215912159221593215942159521596215972159821599216002160121602216032160421605216062160721608216092161021611216122161321614216152161621617216182161921620216212162221623216242162521626216272162821629216302163121632216332163421635216362163721638216392164021641216422164321644216452164621647216482164921650216512165221653216542165521656216572165821659216602166121662216632166421665216662166721668216692167021671216722167321674216752167621677216782167921680216812168221683216842168521686216872168821689216902169121692216932169421695216962169721698216992170021701217022170321704217052170621707217082170921710217112171221713217142171521716217172171821719217202172121722217232172421725217262172721728217292173021731217322173321734217352173621737217382173921740217412174221743217442174521746217472174821749217502175121752217532175421755217562175721758217592176021761217622176321764217652176621767217682176921770217712177221773217742177521776217772177821779217802178121782217832178421785217862178721788217892179021791217922179321794217952179621797217982179921800218012180221803218042180521806218072180821809218102181121812218132181421815218162181721818218192182021821218222182321824218252182621827218282182921830218312183221833218342183521836218372183821839218402184121842218432184421845218462184721848218492185021851218522185321854218552185621857218582185921860218612186221863218642186521866218672186821869218702187121872218732187421875218762187721878218792188021881218822188321884218852188621887218882188921890218912189221893218942189521896218972189821899219002190121902219032190421905219062190721908219092191021911219122191321914219152191621917219182191921920219212192221923219242192521926219272192821929219302193121932219332193421935219362193721938219392194021941219422194321944219452194621947219482194921950219512195221953219542195521956219572195821959219602196121962219632196421965219662196721968219692197021971219722197321974219752197621977219782197921980219812198221983219842198521986219872198821989219902199121992219932199421995219962199721998219992200022001220022200322004220052200622007220082200922010220112201222013220142201522016220172201822019220202202122022220232202422025220262202722028220292203022031220322203322034220352203622037220382203922040220412204222043220442204522046220472204822049
  1. Changes in version 0.3.0.1-alpha - 2016-12-19
  2. Tor 0.3.0.1-alpha is the first alpha release in the 0.3.0 development
  3. series. It strengthens Tor's link and circuit handshakes by
  4. identifying relays by their Ed25519 keys, improves the algorithm that
  5. clients use to choose and maintain their list of guards, and includes
  6. additional backend support for the next-generation hidden service
  7. design. It also contains numerous other small features and
  8. improvements to security, correctness, and performance.
  9. Below are the changes since 0.2.9.8.
  10. o Major features (guard selection algorithm):
  11. - Tor's guard selection algorithm has been redesigned from the
  12. ground up, to better support unreliable networks and restrictive
  13. sets of entry nodes, and to better resist guard-capture attacks by
  14. hostile local networks. Implements proposal 271; closes
  15. ticket 19877.
  16. o Major features (next-generation hidden services):
  17. - Relays can now handle v3 ESTABLISH_INTRO cells as specified by
  18. prop224 aka "Next Generation Hidden Services". Service and clients
  19. don't use this functionality yet. Closes ticket 19043. Based on
  20. initial code by Alec Heifetz.
  21. - Relays now support the HSDir version 3 protocol, so that they can
  22. can store and serve v3 descriptors. This is part of the next-
  23. generation onion service work detailled in proposal 224. Closes
  24. ticket 17238.
  25. o Major features (protocol, ed25519 identity keys):
  26. - Relays now use Ed25519 to prove their Ed25519 identities and to
  27. one another, and to clients. This algorithm is faster and more
  28. secure than the RSA-based handshake we've been doing until now.
  29. Implements the second big part of proposal 220; Closes
  30. ticket 15055.
  31. - Clients now support including Ed25519 identity keys in the EXTEND2
  32. cells they generate. By default, this is controlled by a consensus
  33. parameter, currently disabled. You can turn this feature on for
  34. testing by setting ExtendByEd25519ID in your configuration. This
  35. might make your traffic appear different than the traffic
  36. generated by other users, however. Implements part of ticket
  37. 15056; part of proposal 220.
  38. - Relays now understand requests to extend to other relays by their
  39. Ed25519 identity keys. When an Ed25519 identity key is included in
  40. an EXTEND2 cell, the relay will only extend the circuit if the
  41. other relay can prove ownership of that identity. Implements part
  42. of ticket 15056; part of proposal 220.
  43. o Major bugfixes (scheduler):
  44. - Actually compare circuit policies in ewma_cmp_cmux(). This bug
  45. caused the channel scheduler to behave more or less randomly,
  46. rather than preferring channels with higher-priority circuits.
  47. Fixes bug 20459; bugfix on 0.2.6.2-alpha.
  48. o Minor features (controller):
  49. - When HSFETCH arguments cannot be parsed, say "Invalid argument"
  50. rather than "unrecognized." Closes ticket 20389; patch from
  51. Ivan Markin.
  52. o Minor features (diagnostic, directory client):
  53. - Warn when we find an unexpected inconsistency in directory
  54. download status objects. Prevents some negative consequences of
  55. bug 20593.
  56. o Minor features (directory authority):
  57. - Add a new authority-only AuthDirTestEd25519LinkKeys option (on by
  58. default) to control whether authorities should try to probe relays
  59. by their Ed25519 link keys. This option will go away in a few
  60. releases--unless we encounter major trouble in our ed25519 link
  61. protocol rollout, in which case it will serve as a safety option.
  62. o Minor features (directory cache):
  63. - Relays and bridges will now refuse to serve the consensus they
  64. have if they know it is too old for a client to use. Closes
  65. ticket 20511.
  66. o Minor features (ed25519 link handshake):
  67. - Advertise support for the ed25519 link handshake using the
  68. subprotocol-versions mechanism, so that clients can tell which
  69. relays can identity themselves by Ed25519 ID. Closes ticket 20552.
  70. o Minor features (fingerprinting resistence, authentication):
  71. - Extend the length of RSA keys used for TLS link authentication to
  72. 2048 bits. (These weren't used for forward secrecy; for forward
  73. secrecy, we used P256.) Closes ticket 13752.
  74. o Minor features (infrastructure):
  75. - Implement smartlist_add_strdup() function. Replaces the use of
  76. smartlist_add(sl, tor_strdup(str)). Closes ticket 20048.
  77. o Minor bugfixes (client):
  78. - When clients that use bridges start up with a cached consensus on
  79. disk, they were ignoring it and downloading a new one. Now they
  80. use the cached one. Fixes bug 20269; bugfix on 0.2.3.12-alpha.
  81. o Minor bugfixes (configuration):
  82. - Accept non-space whitespace characters after the severity level in
  83. the `Log` option. Fixes bug 19965; bugfix on 0.2.1.1-alpha.
  84. - Support "TByte" and "TBytes" units in options given in bytes.
  85. "TB", "terabyte(s)", "TBit(s)" and "terabit(s)" were already
  86. supported. Fixes bug 20622; bugfix on 0.2.0.14-alpha.
  87. o Minor bugfixes (consensus weight):
  88. - Add new consensus method that initializes bw weights to 1 instead
  89. of 0. This prevents a zero weight from making it all the way to
  90. the end (happens in small testing networks) and causing an error.
  91. Fixes bug 14881; bugfix on 0.2.2.17-alpha.
  92. o Minor bugfixes (descriptors):
  93. - Correctly recognise downloaded full descriptors as valid, even
  94. when using microdescriptors as circuits. This affects clients with
  95. FetchUselessDescriptors set, and may affect directory authorities.
  96. Fixes bug 20839; bugfix on 0.2.3.2-alpha.
  97. o Minor bugfixes (directory system):
  98. - Download all consensus flavors, descriptors, and authority
  99. certificates when FetchUselessDescriptors is set, regardless of
  100. whether tor is a directory cache or not. Fixes bug 20667; bugfix
  101. on all recent tor versions.
  102. - Bridges and relays now use microdescriptors (like clients do)
  103. rather than old-style router descriptors. Now bridges will blend
  104. in with clients in terms of the circuits they build. Fixes bug
  105. 6769; bugfix on 0.2.3.2-alpha.
  106. o Minor bugfixes (ed25519 certificates):
  107. - Correctly interpret ed25519 certificates that would expire some
  108. time after 19 Jan 2038. Fixes bug 20027; bugfix on 0.2.7.2-alpha.
  109. o Minor bugfixes (hidden services):
  110. - Stop ignoring misconfigured hidden services. Instead, refuse to
  111. start tor until the misconfigurations have been corrected. Fixes
  112. bug 20559; bugfix on multiple commits in 0.2.7.1-alpha
  113. and earlier.
  114. o Minor bugfixes (memory leak at exit):
  115. - Fix a small harmless memory leak at exit of the previously unused
  116. RSA->Ed identity cross-certificate. Fixes bug 17779; bugfix
  117. on 0.2.7.2-alpha.
  118. o Minor bugfixes (util):
  119. - When finishing writing a file to disk, if we were about to replace
  120. the file with the temporary file created before and we fail to
  121. replace it, remove the temporary file so it doesn't stay on disk.
  122. Fixes bug 20646; bugfix on tor-0.2.0.7-alpha. Patch by fk.
  123. o Minor bugfixes (Windows):
  124. - Check for getpagesize before using it to mmap files. This fixes
  125. compilation in some MinGW environments. Fixes bug 20530; bugfix on
  126. 0.1.2.1-alpha. Reported by "ice".
  127. o Code simplification and refactoring:
  128. - Abolish all global guard context in entrynodes.c; replace with new
  129. guard_selection_t structure as preparation for proposal 271.
  130. Closes ticket 19858.
  131. - Introduce rend_service_is_ephemeral() that tells if given onion
  132. service is ephemeral. Replace unclear NULL-checkings for service
  133. directory with this function. Closes ticket 20526.
  134. - Extract magic numbers in circuituse.c into defined variables.
  135. - Refactor circuit_is_available_for_use to remove unnecessary check.
  136. - Refactor circuit_predict_and_launch_new for readability and
  137. testability. Closes ticket 18873.
  138. - Refactor large if statement in purpose_needs_anonymity to use
  139. switch statement instead. Closes part of ticket 20077.
  140. - Refactor the hashing API to return negative values for errors, as
  141. is done as throughout the codebase. Closes ticket 20717.
  142. - Remove data structures that were used to index or_connection
  143. objects by their RSA identity digests. These structures are fully
  144. redundant with the similar structures used in the
  145. channel abstraction.
  146. - Remove duplicate code in the channel_write_*cell() functions.
  147. Closes ticket 13827; patch from Pingl.
  148. - Remove redundant behavior of is_sensitive_dir_purpose, refactor to
  149. use only purpose_needs_anonymity. Closes part of ticket 20077.
  150. - The code to generate and parse EXTEND and EXTEND2 cells has been
  151. replaced with code automatically generated by the
  152. "trunnel" utility.
  153. o Documentation:
  154. - Include the "TBits" unit in Tor's man page. Fixes part of bug
  155. 20622; bugfix on tor-0.2.5.1-alpha.
  156. - Change '1' to 'weight_scale' in consensus bw weights calculation
  157. comments, as that is reality. Closes ticket 20273. Patch
  158. from pastly.
  159. - Correct the value for AuthDirGuardBWGuarantee in the manpage, from
  160. 250 KBytes to 2 MBytes. Fixes bug 20435; bugfix
  161. on tor-0.2.5.6-alpha.
  162. - Stop the man page from incorrectly stating that HiddenServiceDir
  163. must already exist. Fixes 20486.
  164. - Clarify that when ClientRejectInternalAddresses is enabled (which
  165. is the default), multicast DNS hostnames for machines on the local
  166. network (of the form *.local) are also rejected. Closes
  167. ticket 17070.
  168. o Removed features:
  169. - The AuthDirMaxServersPerAuthAddr option no longer exists: The same
  170. limit for relays running on a single IP applies to authority IP
  171. addresses as well as to non-authority IP addresses. Closes
  172. ticket 20960.
  173. - The UseDirectoryGuards torrc option no longer exists: all users
  174. that use entry guards will also use directory guards. Related to
  175. proposal 271; implements part of ticket 20831.
  176. o Testing:
  177. - New unit tests for tor_htonll(). Closes ticket 19563. Patch
  178. from "overcaffeinated".
  179. - Perform the coding style checks when running the tests and fail
  180. when coding style violations are found. Closes ticket 5500.
  181. - Add tests for networkstatus_compute_bw_weights_v10.
  182. - Add unit tests circuit_predict_and_launch_new.
  183. - Extract dummy_origin_circuit_new so it can be used by other
  184. test functions.
  185. Changes in version 0.2.8.12 - 2016-12-19
  186. Tor 0.2.8.12 backports a fix for a medium-severity issue (bug 21018
  187. below) where Tor clients could crash when attempting to visit a
  188. hostile hidden service. Clients are recommended to upgrade as packages
  189. become available for their systems.
  190. It also includes an updated list of fallback directories, backported
  191. from 0.2.9.
  192. Now that the Tor 0.2.9 series is stable, only major bugfixes will be
  193. backported to 0.2.8 in the future.
  194. o Major bugfixes (parsing, security, backported from 0.2.9.8):
  195. - Fix a bug in parsing that could cause clients to read a single
  196. byte past the end of an allocated region. This bug could be used
  197. to cause hardened clients (built with --enable-expensive-hardening)
  198. to crash if they tried to visit a hostile hidden service. Non-
  199. hardened clients are only affected depending on the details of
  200. their platform's memory allocator. Fixes bug 21018; bugfix on
  201. 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
  202. 2016-12-002 and as CVE-2016-1254.
  203. o Minor features (fallback directory list, backported from 0.2.9.8):
  204. - Replace the 81 remaining fallbacks of the 100 originally
  205. introduced in Tor 0.2.8.3-alpha in March 2016, with a list of 177
  206. fallbacks (123 new, 54 existing, 27 removed) generated in December
  207. 2016. Resolves ticket 20170.
  208. o Minor features (geoip, backported from 0.2.9.7-rc):
  209. - Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2
  210. Country database.
  211. Changes in version 0.2.9.8 - 2016-12-19
  212. Tor 0.2.9.8 is the first stable release of the Tor 0.2.9 series.
  213. The Tor 0.2.9 series makes mandatory a number of security features
  214. that were formerly optional. It includes support for a new shared-
  215. randomness protocol that will form the basis for next generation
  216. hidden services, includes a single-hop hidden service mode for
  217. optimizing .onion services that don't actually want to be hidden,
  218. tries harder not to overload the directory authorities with excessive
  219. downloads, and supports a better protocol versioning scheme for
  220. improved compatibility with other implementations of the Tor protocol.
  221. And of course, there are numerous other bugfixes and improvements.
  222. This release also includes a fix for a medium-severity issue (bug
  223. 21018 below) where Tor clients could crash when attempting to visit a
  224. hostile hidden service. Clients are recommended to upgrade as packages
  225. become available for their systems.
  226. Below are the changes since 0.2.9.7-rc. For a list of all changes
  227. since 0.2.8, see the ReleaseNotes file.
  228. o Major bugfixes (parsing, security):
  229. - Fix a bug in parsing that could cause clients to read a single
  230. byte past the end of an allocated region. This bug could be used
  231. to cause hardened clients (built with --enable-expensive-hardening)
  232. to crash if they tried to visit a hostile hidden service. Non-
  233. hardened clients are only affected depending on the details of
  234. their platform's memory allocator. Fixes bug 21018; bugfix on
  235. 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
  236. 2016-12-002 and as CVE-2016-1254.
  237. o Minor features (fallback directory list):
  238. - Replace the 81 remaining fallbacks of the 100 originally
  239. introduced in Tor 0.2.8.3-alpha in March 2016, with a list of 177
  240. fallbacks (123 new, 54 existing, 27 removed) generated in December
  241. 2016. Resolves ticket 20170.
  242. Changes in version 0.2.9.7-rc - 2016-12-12
  243. Tor 0.2.9.7-rc fixes a few small bugs remaining in Tor 0.2.9.6-rc,
  244. including a few that had prevented tests from passing on
  245. some platforms.
  246. o Minor features (geoip):
  247. - Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2
  248. Country database.
  249. o Minor bugfix (build):
  250. - The current Git revision when building from a local repository is
  251. now detected correctly when using git worktrees. Fixes bug 20492;
  252. bugfix on 0.2.3.9-alpha.
  253. o Minor bugfixes (directory authority):
  254. - When computing old Tor protocol line version in protover, we were
  255. looking at 0.2.7.5 twice instead of a specific case for
  256. 0.2.9.1-alpha. Fixes bug 20810; bugfix on 0.2.9.4-alpha.
  257. o Minor bugfixes (download scheduling):
  258. - Resolve a "bug" warning when considering a download schedule whose
  259. delay had approached INT_MAX. Fixes 20875; bugfix on 0.2.9.5-alpha.
  260. o Minor bugfixes (logging):
  261. - Downgrade a harmless log message about the
  262. pending_entry_connections list from "warn" to "info". Mitigates
  263. bug 19926.
  264. o Minor bugfixes (memory leak):
  265. - Fix a small memory leak when receiving AF_UNIX connections on a
  266. SocksPort. Fixes bug 20716; bugfix on 0.2.6.3-alpha.
  267. - When moving a signed descriptor object from a source to an
  268. existing destination, free the allocated memory inside that
  269. destination object. Fixes bug 20715; bugfix on 0.2.8.3-alpha.
  270. o Minor bugfixes (memory leak, use-after-free, linux seccomp2 sandbox):
  271. - Fix a memory leak and use-after-free error when removing entries
  272. from the sandbox's getaddrinfo() cache. Fixes bug 20710; bugfix on
  273. 0.2.5.5-alpha. Patch from "cypherpunks".
  274. o Minor bugfixes (portability):
  275. - Use the correct spelling of MAC_OS_X_VERSION_10_12 on configure.ac
  276. Fixes bug 20935; bugfix on 0.2.9.6-rc.
  277. o Minor bugfixes (unit tests):
  278. - Stop expecting NetBSD unit tests to report success for ipfw. Part
  279. of a fix for bug 19960; bugfix on 0.2.9.5-alpha.
  280. - Fix tolerances in unit tests for monotonic time comparisons
  281. between nanoseconds and microseconds. Previously, we accepted a 10
  282. us difference only, which is not realistic on every platform's
  283. clock_gettime(). Fixes bug 19974; bugfix on 0.2.9.1-alpha.
  284. - Remove a double-free in the single onion service unit test. Stop
  285. ignoring a return value. Make future changes less error-prone.
  286. Fixes bug 20864; bugfix on 0.2.9.6-rc.
  287. Changes in version 0.2.8.11 - 2016-12-08
  288. Tor 0.2.8.11 backports fixes for additional portability issues that
  289. could prevent Tor from building correctly on OSX Sierra, or with
  290. OpenSSL 1.1. Affected users should upgrade; others can safely stay
  291. with 0.2.8.10.
  292. o Minor bugfixes (portability):
  293. - Avoid compilation errors when building on OSX Sierra. Sierra began
  294. to support the getentropy() and clock_gettime() APIs, but created
  295. a few problems in doing so. Tor 0.2.9 has a more thorough set of
  296. workarounds; in 0.2.8, we are just using the /dev/urandom and mach
  297. monotonic time interfaces. Fixes bug 20865. Bugfix
  298. on 0.2.8.1-alpha.
  299. o Minor bugfixes (portability, backport from 0.2.9.5-alpha):
  300. - Fix compilation with OpenSSL 1.1 and less commonly-used CPU
  301. architectures. Closes ticket 20588.
  302. Changes in version 0.2.8.10 - 2016-12-02
  303. Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients
  304. unusable after they left standby mode. It also backports fixes for
  305. a few portability issues and a small but problematic memory leak.
  306. o Major bugfixes (client reliability, backport from 0.2.9.5-alpha):
  307. - When Tor leaves standby because of a new application request, open
  308. circuits as needed to serve that request. Previously, we would
  309. potentially wait a very long time. Fixes part of bug 19969; bugfix
  310. on 0.2.8.1-alpha.
  311. o Major bugfixes (client performance, backport from 0.2.9.5-alpha):
  312. - Clients now respond to new application stream requests immediately
  313. when they arrive, rather than waiting up to one second before
  314. starting to handle them. Fixes part of bug 19969; bugfix
  315. on 0.2.8.1-alpha.
  316. o Minor bugfixes (portability, backport from 0.2.9.6-rc):
  317. - Work around a bug in the OSX 10.12 SDK that would prevent us from
  318. successfully targeting earlier versions of OSX. Resolves
  319. ticket 20235.
  320. o Minor bugfixes (portability, backport from 0.2.9.5-alpha):
  321. - Fix implicit conversion warnings under OpenSSL 1.1. Fixes bug
  322. 20551; bugfix on 0.2.1.1-alpha.
  323. o Minor bugfixes (relay, backport from 0.2.9.5-alpha):
  324. - Work around a memory leak in OpenSSL 1.1 when encoding public
  325. keys. Fixes bug 20553; bugfix on 0.0.2pre8.
  326. o Minor features (geoip):
  327. - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2
  328. Country database.
  329. Changes in version 0.2.9.6-rc - 2016-12-02
  330. Tor 0.2.9.6-rc fixes a few remaining bugs found in the previous alpha
  331. version. We hope that it will be ready to become stable soon, and we
  332. encourage everyone to test this release. If no showstopper bugs are
  333. found here, the next 0.2.9 release will be stable.
  334. o Major bugfixes (relay, resolver, logging):
  335. - For relays that don't know their own address, avoid attempting a
  336. local hostname resolve for each descriptor we download. This
  337. will cut down on the number of "Success: chose address 'x.x.x.x'"
  338. log lines, and also avoid confusing clock jumps if the resolver
  339. is slow. Fixes bugs 20423 and 20610; bugfix on 0.2.8.1-alpha.
  340. o Minor bugfixes (client, fascistfirewall):
  341. - Avoid spurious warnings when ReachableAddresses or FascistFirewall
  342. is set. Fixes bug 20306; bugfix on 0.2.8.2-alpha.
  343. o Minor bugfixes (hidden services):
  344. - Stop ignoring the anonymity status of saved keys for hidden
  345. services and single onion services when first starting tor.
  346. Instead, refuse to start tor if any hidden service key has been
  347. used in a different hidden service anonymity mode. Fixes bug
  348. 20638; bugfix on 17178 in 0.2.9.3-alpha; reported by ahf.
  349. o Minor bugfixes (portability):
  350. - Work around a bug in the OSX 10.12 SDK that would prevent us from
  351. successfully targeting earlier versions of OSX. Resolves
  352. ticket 20235.
  353. - Run correctly when built on Windows build environments that
  354. require _vcsprintf(). Fixes bug 20560; bugfix on 0.2.2.11-alpha.
  355. o Minor bugfixes (single onion services, Tor2web):
  356. - Stop complaining about long-term one-hop circuits deliberately
  357. created by single onion services and Tor2web. These log messages
  358. are intended to diagnose issue 8387, which relates to circuits
  359. hanging around forever for no reason. Fixes bug 20613; bugfix on
  360. 0.2.9.1-alpha. Reported by "pastly".
  361. o Minor bugfixes (unit tests):
  362. - Stop spurious failures in the local interface address discovery
  363. unit tests. Fixes bug 20634; bugfix on 0.2.8.1-alpha; patch by
  364. Neel Chauhan.
  365. o Documentation:
  366. - Correct the minimum bandwidth value in torrc.sample, and queue a
  367. corresponding change for torrc.minimal. Closes ticket 20085.
  368. Changes in version 0.2.9.5-alpha - 2016-11-08
  369. Tor 0.2.9.5-alpha fixes numerous bugs discovered in the previous alpha
  370. version. We believe one or two probably remain, and we encourage
  371. everyone to test this release.
  372. o Major bugfixes (client performance):
  373. - Clients now respond to new application stream requests immediately
  374. when they arrive, rather than waiting up to one second before
  375. starting to handle them. Fixes part of bug 19969; bugfix
  376. on 0.2.8.1-alpha.
  377. o Major bugfixes (client reliability):
  378. - When Tor leaves standby because of a new application request, open
  379. circuits as needed to serve that request. Previously, we would
  380. potentially wait a very long time. Fixes part of bug 19969; bugfix
  381. on 0.2.8.1-alpha.
  382. o Major bugfixes (download scheduling):
  383. - When using an exponential backoff schedule, do not give up on
  384. downloading just because we have failed a bunch of times. Since
  385. each delay is longer than the last, retrying indefinitely won't
  386. hurt. Fixes bug 20536; bugfix on 0.2.9.1-alpha.
  387. - If a consensus expires while we are waiting for certificates to
  388. download, stop waiting for certificates.
  389. - If we stop waiting for certificates less than a minute after we
  390. started downloading them, do not consider the certificate download
  391. failure a separate failure. Fixes bug 20533; bugfix
  392. on 0.2.0.9-alpha.
  393. - Remove the maximum delay on exponential-backoff scheduling. Since
  394. we now allow an infinite number of failures (see ticket 20536), we
  395. must now allow the time to grow longer on each failure. Fixes part
  396. of bug 20534; bugfix on 0.2.9.1-alpha.
  397. - Make our initial download delays closer to those from 0.2.8. Fixes
  398. another part of bug 20534; bugfix on 0.2.9.1-alpha.
  399. - When determining when to download a directory object, handle times
  400. after 2038 if the operating system supports them. (Someday this
  401. will be important!) Fixes bug 20587; bugfix on 0.2.8.1-alpha.
  402. - When using exponential backoff in test networks, use a lower
  403. exponent, so the delays do not vary as much. This helps test
  404. networks bootstrap consistently. Fixes bug 20597; bugfix on 20499.
  405. o Minor features (geoip):
  406. - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2
  407. Country database.
  408. o Minor bugfixes (client directory scheduling):
  409. - Treat "relay too busy to answer request" as a failed request and a
  410. reason to back off on our retry frequency. This is safe now that
  411. exponential backoffs retry indefinitely, and avoids a bug where we
  412. would reset our download schedule erroneously. Fixes bug 20593;
  413. bugfix on 0.2.9.1-alpha.
  414. o Minor bugfixes (client, logging):
  415. - Remove a BUG warning in circuit_pick_extend_handshake(). Instead,
  416. assume all nodes support EXTEND2. Use ntor whenever a key is
  417. available. Fixes bug 20472; bugfix on 0.2.9.3-alpha.
  418. - On DNSPort, stop logging a BUG warning on a failed hostname
  419. lookup. Fixes bug 19869; bugfix on 0.2.9.1-alpha.
  420. o Minor bugfixes (hidden services):
  421. - When configuring hidden services, check every hidden service
  422. directory's permissions. Previously, we only checked the last
  423. hidden service. Fixes bug 20529; bugfix the work to fix 13942
  424. in 0.2.6.2-alpha.
  425. o Minor bugfixes (portability):
  426. - Fix compilation with OpenSSL 1.1 and less commonly-used CPU
  427. architectures. Closes ticket 20588.
  428. - Use ECDHE ciphers instead of ECDH in tortls tests. LibreSSL has
  429. removed the ECDH ciphers which caused the tests to fail on
  430. platforms which use it. Fixes bug 20460; bugfix on 0.2.8.1-alpha.
  431. - Fix implicit conversion warnings under OpenSSL 1.1. Fixes bug
  432. 20551; bugfix on 0.2.1.1-alpha.
  433. o Minor bugfixes (relay bootstrap):
  434. - Ensure relays don't make multiple connections during bootstrap.
  435. Fixes bug 20591; bugfix on 0.2.8.1-alpha.
  436. o Minor bugfixes (relay):
  437. - Work around a memory leak in OpenSSL 1.1 when encoding public
  438. keys. Fixes bug 20553; bugfix on 0.0.2pre8.
  439. - Avoid a small memory leak when informing worker threads about
  440. rotated onion keys. Fixes bug 20401; bugfix on 0.2.6.3-alpha.
  441. - Do not try to parallelize workers more than 16x without the user
  442. explicitly configuring us to do so, even if we do detect more than
  443. 16 CPU cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha.
  444. o Minor bugfixes (single onion services):
  445. - Start correctly when creating a single onion service in a
  446. directory that did not previously exist. Fixes bug 20484; bugfix
  447. on 0.2.9.3-alpha.
  448. o Minor bugfixes (testing):
  449. - Avoid a unit test failure on systems with over 16 detectable CPU
  450. cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha.
  451. o Documentation:
  452. - Clarify that setting HiddenServiceNonAnonymousMode requires you to
  453. also set "SOCKSPort 0". Fixes bug 20487; bugfix on 0.2.9.3-alpha.
  454. - Module-level documentation for several more modules. Closes
  455. tickets 19287 and 19290.
  456. Changes in version 0.2.8.9 - 2016-10-17
  457. Tor 0.2.8.9 backports a fix for a security hole in previous versions
  458. of Tor that would allow a remote attacker to crash a Tor client,
  459. hidden service, relay, or authority. All Tor users should upgrade to
  460. this version, or to 0.2.9.4-alpha. Patches will be released for older
  461. versions of Tor.
  462. o Major features (security fixes, also in 0.2.9.4-alpha):
  463. - Prevent a class of security bugs caused by treating the contents
  464. of a buffer chunk as if they were a NUL-terminated string. At
  465. least one such bug seems to be present in all currently used
  466. versions of Tor, and would allow an attacker to remotely crash
  467. most Tor instances, especially those compiled with extra compiler
  468. hardening. With this defense in place, such bugs can't crash Tor,
  469. though we should still fix them as they occur. Closes ticket
  470. 20384 (TROVE-2016-10-001).
  471. o Minor features (geoip):
  472. - Update geoip and geoip6 to the October 4 2016 Maxmind GeoLite2
  473. Country database.
  474. Changes in version 0.2.9.4-alpha - 2016-10-17
  475. Tor 0.2.9.4-alpha fixes a security hole in previous versions of Tor
  476. that would allow a remote attacker to crash a Tor client, hidden
  477. service, relay, or authority. All Tor users should upgrade to this
  478. version, or to 0.2.8.9. Patches will be released for older versions
  479. of Tor.
  480. Tor 0.2.9.4-alpha also adds numerous small features and fix-ups to
  481. previous versions of Tor, including the implementation of a feature to
  482. future- proof the Tor ecosystem against protocol changes, some bug
  483. fixes necessary for Tor Browser to use unix domain sockets correctly,
  484. and several portability improvements. We anticipate that this will be
  485. the last alpha in the Tor 0.2.9 series, and that the next release will
  486. be a release candidate.
  487. o Major features (security fixes):
  488. - Prevent a class of security bugs caused by treating the contents
  489. of a buffer chunk as if they were a NUL-terminated string. At
  490. least one such bug seems to be present in all currently used
  491. versions of Tor, and would allow an attacker to remotely crash
  492. most Tor instances, especially those compiled with extra compiler
  493. hardening. With this defense in place, such bugs can't crash Tor,
  494. though we should still fix them as they occur. Closes ticket
  495. 20384 (TROVE-2016-10-001).
  496. o Major features (subprotocol versions):
  497. - Tor directory authorities now vote on a set of recommended
  498. subprotocol versions, and on a set of required subprotocol
  499. versions. Clients and relays that lack support for a _required_
  500. subprotocol version will not start; those that lack support for a
  501. _recommended_ subprotocol version will warn the user to upgrade.
  502. Closes ticket 19958; implements part of proposal 264.
  503. - Tor now uses "subprotocol versions" to indicate compatibility.
  504. Previously, versions of Tor looked at the declared Tor version of
  505. a relay to tell whether they could use a given feature. Now, they
  506. should be able to rely on its declared subprotocol versions. This
  507. change allows compatible implementations of the Tor protocol(s) to
  508. exist without pretending to be 100% bug-compatible with particular
  509. releases of Tor itself. Closes ticket 19958; implements part of
  510. proposal 264.
  511. o Minor feature (fallback directories):
  512. - Remove broken fallbacks from the hard-coded fallback directory
  513. list. Closes ticket 20190; patch by teor.
  514. o Minor features (client, directory):
  515. - Since authorities now omit all routers that lack the Running and
  516. Valid flags, we assume that any relay listed in the consensus must
  517. have those flags. Closes ticket 20001; implements part of
  518. proposal 272.
  519. o Minor features (compilation, portability):
  520. - Compile correctly on MacOS 10.12 (aka "Sierra"). Closes
  521. ticket 20241.
  522. o Minor features (development tools, etags):
  523. - Teach the "make tags" Makefile target how to correctly find
  524. "MOCK_IMPL" function definitions. Patch from nherring; closes
  525. ticket 16869.
  526. o Minor features (geoip):
  527. - Update geoip and geoip6 to the October 4 2016 Maxmind GeoLite2
  528. Country database.
  529. o Minor features (unix domain sockets):
  530. - When configuring a unix domain socket for a SocksPort,
  531. ControlPort, or Hidden service, you can now wrap the address in
  532. quotes, using C-style escapes inside the quotes. This allows unix
  533. domain socket paths to contain spaces.
  534. o Minor features (virtual addresses):
  535. - Increase the maximum number of bits for the IPv6 virtual network
  536. prefix from 16 to 104. In this way, the condition for address
  537. allocation is less restrictive. Closes ticket 20151; feature
  538. on 0.2.4.7-alpha.
  539. o Minor bugfixes (address discovery):
  540. - Stop reordering IP addresses returned by the OS. This makes it
  541. more likely that Tor will guess the same relay IP address every
  542. time. Fixes issue 20163; bugfix on 0.2.7.1-alpha, ticket 17027.
  543. Reported by René Mayrhofer, patch by "cypherpunks".
  544. o Minor bugfixes (client, unix domain sockets):
  545. - Disable IsolateClientAddr when using AF_UNIX backed SocksPorts as
  546. the client address is meaningless. Fixes bug 20261; bugfix
  547. on 0.2.6.3-alpha.
  548. o Minor bugfixes (compilation, OpenBSD):
  549. - Detect Libevent2 functions correctly on systems that provide
  550. libevent2, but where libevent1 is linked with -levent. Fixes bug
  551. 19904; bugfix on 0.2.2.24-alpha. Patch from Rubiate.
  552. o Minor bugfixes (configuration):
  553. - When parsing quoted configuration values from the torrc file,
  554. handle windows line endings correctly. Fixes bug 19167; bugfix on
  555. 0.2.0.16-alpha. Patch from "Pingl".
  556. o Minor bugfixes (getpass):
  557. - Defensively fix a non-triggerable heap corruption at do_getpass()
  558. to protect ourselves from mistakes in the future. Fixes bug
  559. 19223; bugfix on 0.2.7.3-rc. Bug found by Guido Vranken, patch
  560. by nherring.
  561. o Minor bugfixes (hidden service):
  562. - Allow hidden services to run on IPv6 addresses even when the
  563. IPv6Exit option is not set. Fixes bug 18357; bugfix
  564. on 0.2.4.7-alpha.
  565. o Documentation:
  566. - Add module-level internal documentation for 36 C files that
  567. previously didn't have a high-level overview. Closes ticket #20385.
  568. o Required libraries:
  569. - When building with OpenSSL, Tor now requires version 1.0.1 or
  570. later. OpenSSL 1.0.0 and earlier are no longer supported by the
  571. OpenSSL team, and should not be used. Closes ticket 20303.
  572. Changes in version 0.2.9.3-alpha - 2016-09-23
  573. Tor 0.2.9.3-alpha adds improved support for entities that want to make
  574. high-performance services available through the Tor .onion mechanism
  575. without themselves receiving anonymity as they host those services. It
  576. also tries harder to ensure that all steps on a circuit are using the
  577. strongest crypto possible, strengthens some TLS properties, and
  578. resolves several bugs -- including a pair of crash bugs from the 0.2.8
  579. series. Anybody running an earlier version of 0.2.9.x should upgrade.
  580. o Major bugfixes (crash, also in 0.2.8.8):
  581. - Fix a complicated crash bug that could affect Tor clients
  582. configured to use bridges when replacing a networkstatus consensus
  583. in which one of their bridges was mentioned. OpenBSD users saw
  584. more crashes here, but all platforms were potentially affected.
  585. Fixes bug 20103; bugfix on 0.2.8.2-alpha.
  586. o Major bugfixes (relay, OOM handler, also in 0.2.8.8):
  587. - Fix a timing-dependent assertion failure that could occur when we
  588. tried to flush from a circuit after having freed its cells because
  589. of an out-of-memory condition. Fixes bug 20203; bugfix on
  590. 0.2.8.1-alpha. Thanks to "cypherpunks" for help diagnosing
  591. this one.
  592. o Major features (circuit building, security):
  593. - Authorities, relays and clients now require ntor keys in all
  594. descriptors, for all hops (except for rare hidden service protocol
  595. cases), for all circuits, and for all other roles. Part of
  596. ticket 19163.
  597. - Tor authorities, relays, and clients only use ntor, except for
  598. rare cases in the hidden service protocol. Part of ticket 19163.
  599. o Major features (single-hop "hidden" services):
  600. - Add experimental HiddenServiceSingleHopMode and
  601. HiddenServiceNonAnonymousMode options. When both are set to 1,
  602. every hidden service on a Tor instance becomes a non-anonymous
  603. Single Onion Service. Single Onions make one-hop (direct)
  604. connections to their introduction and renzedvous points. One-hop
  605. circuits make Single Onion servers easily locatable, but clients
  606. remain location-anonymous. This is compatible with the existing
  607. hidden service implementation, and works on the current tor
  608. network without any changes to older relays or clients. Implements
  609. proposal 260, completes ticket 17178. Patch by teor and asn.
  610. o Major features (resource management):
  611. - Tor can now notice it is about to run out of sockets, and
  612. preemptively close connections of lower priority. (This feature is
  613. off by default for now, since the current prioritizing method is
  614. yet not mature enough. You can enable it by setting
  615. "DisableOOSCheck 0", but watch out: it might close some sockets
  616. you would rather have it keep.) Closes ticket 18640.
  617. o Major bugfixes (circuit building):
  618. - Hidden service client-to-intro-point and service-to-rendezvous-
  619. point circuits use the TAP key supplied by the protocol, to avoid
  620. epistemic attacks. Fixes bug 19163; bugfix on 0.2.4.18-rc.
  621. o Major bugfixes (compilation, OpenBSD):
  622. - Fix a Libevent-detection bug in our autoconf script that would
  623. prevent Tor from linking successfully on OpenBSD. Patch from
  624. rubiate. Fixes bug 19902; bugfix on 0.2.9.1-alpha.
  625. o Major bugfixes (hidden services):
  626. - Clients now require hidden services to include the TAP keys for
  627. their intro points in the hidden service descriptor. This prevents
  628. an inadvertent upgrade to ntor, which a malicious hidden service
  629. could use to distinguish clients by consensus version. Fixes bug
  630. 20012; bugfix on 0.2.4.8-alpha. Patch by teor.
  631. o Minor features (security, TLS):
  632. - Servers no longer support clients that without AES ciphersuites.
  633. (3DES is no longer considered an acceptable cipher.) We believe
  634. that no such Tor clients currently exist, since Tor has required
  635. OpenSSL 0.9.7 or later since 2009. Closes ticket 19998.
  636. o Minor feature (fallback directories):
  637. - Remove 8 fallbacks that are no longer suitable, leaving 81 of the
  638. 100 fallbacks originally introduced in Tor 0.2.8.2-alpha in March
  639. 2016. Closes ticket 20190; patch by teor.
  640. o Minor features (geoip, also in 0.2.8.8):
  641. - Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2
  642. Country database.
  643. o Minor feature (port flags):
  644. - Add new flags to the *Port options to finer control over which
  645. requests are allowed. The flags are NoDNSRequest, NoOnionTraffic,
  646. and the synthetic flag OnionTrafficOnly, which is equivalent to
  647. NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. Closes enhancement
  648. 18693; patch by "teor".
  649. o Minor features (directory authority):
  650. - After voting, if the authorities decide that a relay is not
  651. "Valid", they no longer include it in the consensus at all. Closes
  652. ticket 20002; implements part of proposal 272.
  653. o Minor features (testing):
  654. - Disable memory protections on OpenBSD when performing our unit
  655. tests for memwipe(). The test deliberately invokes undefined
  656. behavior, and the OpenBSD protections interfere with this. Patch
  657. from "rubiate". Closes ticket 20066.
  658. o Minor features (testing, ipv6):
  659. - Add the single-onion and single-onion-ipv6 chutney targets to
  660. "make test-network-all". This requires a recent chutney version
  661. with the single onion network flavours (git c72a652 or later).
  662. Closes ticket 20072; patch by teor.
  663. - Add the hs-ipv6 chutney target to make test-network-all's IPv6
  664. tests. Remove bridges+hs, as it's somewhat redundant. This
  665. requires a recent chutney version that supports IPv6 clients,
  666. relays, and authorities. Closes ticket 20069; patch by teor.
  667. o Minor features (Tor2web):
  668. - Make Tor2web clients respect ReachableAddresses. This feature was
  669. inadvertently enabled in 0.2.8.6, then removed by bugfix 19973 on
  670. 0.2.8.7. Implements feature 20034. Patch by teor.
  671. o Minor features (unit tests):
  672. - We've done significant work to make the unit tests run faster.
  673. - Our link-handshake unit tests now check that when invalid
  674. handshakes fail, they fail with the error messages we expected.
  675. - Our unit testing code that captures log messages no longer
  676. prevents them from being written out if the user asked for them
  677. (by passing --debug or --info or or --notice --warn to the "test"
  678. binary). This change prevents us from missing unexpected log
  679. messages simply because we were looking for others. Related to
  680. ticket 19999.
  681. - The unit tests now log all warning messages with the "BUG" flag.
  682. Previously, they only logged errors by default. This change will
  683. help us make our testing code more correct, and make sure that we
  684. only hit this code when we mean to. In the meantime, however,
  685. there will be more warnings in the unit test logs than before.
  686. This is preparatory work for ticket 19999.
  687. - The unit tests now treat any failure of a "tor_assert_nonfatal()"
  688. assertion as a test failure.
  689. o Minor bug fixes (circuits):
  690. - Use the CircuitBuildTimeout option whenever
  691. LearnCircuitBuildTimeout is disabled. Previously, we would respect
  692. the option when a user disabled it, but not when it was disabled
  693. because some other option was set. Fixes bug 20073; bugfix on
  694. 0.2.4.12-alpha. Patch by teor.
  695. o Minor bugfixes (allocation):
  696. - Change how we allocate memory for large chunks on buffers, to
  697. avoid a (currently impossible) integer overflow, and to waste less
  698. space when allocating unusually large chunks. Fixes bug 20081;
  699. bugfix on 0.2.0.16-alpha. Issue identified by Guido Vranken.
  700. - Always include orconfig.h before including any other C headers.
  701. Sometimes, it includes macros that affect the behavior of the
  702. standard headers. Fixes bug 19767; bugfix on 0.2.9.1-alpha (the
  703. first version to use AC_USE_SYSTEM_EXTENSIONS).
  704. - Fix a syntax error in the IF_BUG_ONCE__() macro in non-GCC-
  705. compatible compilers. Fixes bug 20141; bugfix on 0.2.9.1-alpha.
  706. Patch from Gisle Vanem.
  707. - Stop trying to build with Clang 4.0's -Wthread-safety warnings.
  708. They apparently require a set of annotations that we aren't
  709. currently using, and they create false positives in our pthreads
  710. wrappers. Fixes bug 20110; bugfix on 0.2.9.1-alpha.
  711. o Minor bugfixes (directory authority):
  712. - Die with a more useful error when the operator forgets to place
  713. the authority_signing_key file into the keys directory. This
  714. avoids an uninformative assert & traceback about having an invalid
  715. key. Fixes bug 20065; bugfix on 0.2.0.1-alpha.
  716. - When allowing private addresses, mark Exits that only exit to
  717. private locations as such. Fixes bug 20064; bugfix
  718. on 0.2.2.9-alpha.
  719. o Minor bugfixes (documentation):
  720. - Document the default PathsNeededToBuildCircuits value that's used
  721. by clients when the directory authorities don't set
  722. min_paths_for_circs_pct. Fixes bug 20117; bugfix on 02c320916e02
  723. in 0.2.4.10-alpha. Patch by teor, reported by Jesse V.
  724. - Fix manual for the User option: it takes a username, not a UID.
  725. Fixes bug 19122; bugfix on 0.0.2pre16 (the first version to have
  726. a manpage!).
  727. o Minor bugfixes (hidden services):
  728. - Stop logging intro point details to the client log on certain
  729. error conditions. Fixed as part of bug 20012; bugfix on
  730. 0.2.4.8-alpha. Patch by teor.
  731. o Minor bugfixes (IPv6, testing):
  732. - Check for IPv6 correctly on Linux when running test networks.
  733. Fixes bug 19905; bugfix on 0.2.7.3-rc; patch by teor.
  734. o Minor bugfixes (Linux seccomp2 sandbox):
  735. - Add permission to run the sched_yield() and sigaltstack() system
  736. calls, in order to support versions of Tor compiled with asan or
  737. ubsan code that use these calls. Now "sandbox 1" and
  738. "--enable-expensive-hardening" should be compatible on more
  739. systems. Fixes bug 20063; bugfix on 0.2.5.1-alpha.
  740. o Minor bugfixes (logging):
  741. - When logging a message from the BUG() macro, be explicit about
  742. what we were asserting. Previously we were confusing what we were
  743. asserting with what the bug was. Fixes bug 20093; bugfix
  744. on 0.2.9.1-alpha.
  745. - When we are unable to remove the bw_accounting file, do not warn
  746. if the reason we couldn't remove it was that it didn't exist.
  747. Fixes bug 19964; bugfix on 0.2.5.4-alpha. Patch from 'pastly'.
  748. o Minor bugfixes (option parsing):
  749. - Count unix sockets when counting client listeners (SOCKS, Trans,
  750. NATD, and DNS). This has no user-visible behaviour changes: these
  751. options are set once, and never read. Required for correct
  752. behaviour in ticket 17178. Fixes bug 19677; bugfix on
  753. 0.2.6.3-alpha. Patch by teor.
  754. o Minor bugfixes (options):
  755. - Check the consistency of UseEntryGuards and EntryNodes more
  756. reliably. Fixes bug 20074; bugfix on 0.2.4.12-alpha. Patch
  757. by teor.
  758. - Stop changing the configured value of UseEntryGuards on
  759. authorities and Tor2web clients. Fixes bug 20074; bugfix on
  760. commits 51fc6799 in 0.1.1.16-rc and acda1735 in 0.2.4.3-alpha.
  761. Patch by teor.
  762. o Minor bugfixes (Tor2web):
  763. - Prevent Tor2web clients running hidden services, these services
  764. are not anonymous due to the one-hop client paths. Fixes bug
  765. 19678. Patch by teor.
  766. o Minor bugfixes (unit tests):
  767. - Fix a shared-random unit test that was failing on big endian
  768. architectures due to internal representation of a integer copied
  769. to a buffer. The test is changed to take a full 32 bytes of data
  770. and use the output of a python script that make the COMMIT and
  771. REVEAL calculation according to the spec. Fixes bug 19977; bugfix
  772. on 0.2.9.1-alpha.
  773. - The tor_tls_server_info_callback unit test no longer crashes when
  774. debug-level logging is turned on. Fixes bug 20041; bugfix
  775. on 0.2.8.1-alpha.
  776. Changes in version 0.2.8.8 - 2016-09-23
  777. Tor 0.2.8.8 fixes two crash bugs present in previous versions of the
  778. 0.2.8.x series. Relays running 0.2.8.x should upgrade, as should users
  779. who select public relays as their bridges.
  780. o Major bugfixes (crash):
  781. - Fix a complicated crash bug that could affect Tor clients
  782. configured to use bridges when replacing a networkstatus consensus
  783. in which one of their bridges was mentioned. OpenBSD users saw
  784. more crashes here, but all platforms were potentially affected.
  785. Fixes bug 20103; bugfix on 0.2.8.2-alpha.
  786. o Major bugfixes (relay, OOM handler):
  787. - Fix a timing-dependent assertion failure that could occur when we
  788. tried to flush from a circuit after having freed its cells because
  789. of an out-of-memory condition. Fixes bug 20203; bugfix on
  790. 0.2.8.1-alpha. Thanks to "cypherpunks" for help diagnosing
  791. this one.
  792. o Minor feature (fallback directories):
  793. - Remove 8 fallbacks that are no longer suitable, leaving 81 of the
  794. 100 fallbacks originally introduced in Tor 0.2.8.2-alpha in March
  795. 2016. Closes ticket 20190; patch by teor.
  796. o Minor features (geoip):
  797. - Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2
  798. Country database.
  799. Changes in version 0.2.9.2-alpha - 2016-08-24
  800. Tor 0.2.9.2-alpha continues development of the 0.2.9 series with
  801. several new features and bugfixes. It also includes an important
  802. authority update and an important bugfix from 0.2.8.7. Everyone who
  803. sets the ReachableAddresses option, and all bridges, are strongly
  804. encouraged to upgrade to 0.2.8.7, or to 0.2.9.2-alpha.
  805. o Directory authority changes (also in 0.2.8.7):
  806. - The "Tonga" bridge authority has been retired; the new bridge
  807. authority is "Bifroest". Closes tickets 19728 and 19690.
  808. o Major bugfixes (client, security, also in 0.2.8.7):
  809. - Only use the ReachableAddresses option to restrict the first hop
  810. in a path. In earlier versions of 0.2.8.x, it would apply to
  811. every hop in the path, with a possible degradation in anonymity
  812. for anyone using an uncommon ReachableAddress setting. Fixes bug
  813. 19973; bugfix on 0.2.8.2-alpha.
  814. o Major features (user interface):
  815. - Tor now supports the ability to declare options deprecated, so
  816. that we can recommend that people stop using them. Previously,
  817. this was done in an ad-hoc way. Closes ticket 19820.
  818. o Major bugfixes (directory downloads):
  819. - Avoid resetting download status for consensuses hourly, since we
  820. already have another, smarter retry mechanism. Fixes bug 8625;
  821. bugfix on 0.2.0.9-alpha.
  822. o Minor features (config):
  823. - Warn users when descriptor and port addresses are inconsistent.
  824. Mitigates bug 13953; patch by teor.
  825. o Minor features (geoip):
  826. - Update geoip and geoip6 to the August 2 2016 Maxmind GeoLite2
  827. Country database.
  828. o Minor features (user interface):
  829. - There is a new --list-deprecated-options command-line option to
  830. list all of the deprecated options. Implemented as part of
  831. ticket 19820.
  832. o Minor bugfixes (code style):
  833. - Fix an integer signedness conversion issue in the case conversion
  834. tables. Fixes bug 19168; bugfix on 0.2.1.11-alpha.
  835. o Minor bugfixes (compilation):
  836. - Build correctly on versions of libevent2 without support for
  837. evutil_secure_rng_add_bytes(). Fixes bug 19904; bugfix
  838. on 0.2.5.4-alpha.
  839. - Fix a compilation warning on GCC versions before 4.6. Our
  840. ENABLE_GCC_WARNING macro used the word "warning" as an argument,
  841. when it is also required as an argument to the compiler pragma.
  842. Fixes bug 19901; bugfix on 0.2.9.1-alpha.
  843. o Minor bugfixes (compilation, also in 0.2.8.7):
  844. - Remove an inappropriate "inline" in tortls.c that was causing
  845. warnings on older versions of GCC. Fixes bug 19903; bugfix
  846. on 0.2.8.1-alpha.
  847. o Minor bugfixes (fallback directories, also in 0.2.8.7):
  848. - Avoid logging a NULL string pointer when loading fallback
  849. directory information. Fixes bug 19947; bugfix on 0.2.4.7-alpha
  850. and 0.2.8.1-alpha. Report and patch by "rubiate".
  851. o Minor bugfixes (logging):
  852. - Log a more accurate message when we fail to dump a microdescriptor.
  853. Fixes bug 17758; bugfix on 0.2.2.8-alpha. Patch from Daniel Pinto.
  854. o Minor bugfixes (memory leak):
  855. - Fix a series of slow memory leaks related to parsing torrc files
  856. and options. Fixes bug 19466; bugfix on 0.2.1.6-alpha.
  857. o Deprecated features:
  858. - A number of DNS-cache-related sub-options for client ports are now
  859. deprecated for security reasons, and may be removed in a future
  860. version of Tor. (We believe that client-side DNS cacheing is a bad
  861. idea for anonymity, and you should not turn it on.) The options
  862. are: CacheDNS, CacheIPv4DNS, CacheIPv6DNS, UseDNSCache,
  863. UseIPv4Cache, and UseIPv6Cache.
  864. - A number of options are deprecated for security reasons, and may
  865. be removed in a future version of Tor. The options are:
  866. AllowDotExit, AllowInvalidNodes, AllowSingleHopCircuits,
  867. AllowSingleHopExits, ClientDNSRejectInternalAddresses,
  868. CloseHSClientCircuitsImmediatelyOnTimeout,
  869. CloseHSServiceRendCircuitsImmediatelyOnTimeout,
  870. ExcludeSingleHopRelays, FastFirstHopPK, TLSECGroup,
  871. UseNTorHandshake, and WarnUnsafeSocks.
  872. - The *ListenAddress options are now deprecated as unnecessary: the
  873. corresponding *Port options should be used instead. These options
  874. may someday be removed. The affected options are:
  875. ControlListenAddress, DNSListenAddress, DirListenAddress,
  876. NATDListenAddress, ORListenAddress, SocksListenAddress,
  877. and TransListenAddress.
  878. o Documentation:
  879. - Correct the IPv6 syntax in our documentation for the
  880. VirtualAddrNetworkIPv6 torrc option. Closes ticket 19743.
  881. o Removed code:
  882. - We no longer include the (dead, deprecated) bufferevent code in
  883. Tor. Closes ticket 19450. Based on a patch from U+039b.
  884. Changes in version 0.2.8.7 - 2016-08-24
  885. Tor 0.2.8.7 fixes an important bug related to the ReachableAddresses
  886. option in 0.2.8.6, and replaces a retiring bridge authority. Everyone
  887. who sets the ReachableAddresses option, and all bridges, are strongly
  888. encouraged to upgrade.
  889. o Directory authority changes:
  890. - The "Tonga" bridge authority has been retired; the new bridge
  891. authority is "Bifroest". Closes tickets 19728 and 19690.
  892. o Major bugfixes (client, security):
  893. - Only use the ReachableAddresses option to restrict the first hop
  894. in a path. In earlier versions of 0.2.8.x, it would apply to
  895. every hop in the path, with a possible degradation in anonymity
  896. for anyone using an uncommon ReachableAddress setting. Fixes bug
  897. 19973; bugfix on 0.2.8.2-alpha.
  898. o Minor features (geoip):
  899. - Update geoip and geoip6 to the August 2 2016 Maxmind GeoLite2
  900. Country database.
  901. o Minor bugfixes (compilation):
  902. - Remove an inappropriate "inline" in tortls.c that was causing
  903. warnings on older versions of GCC. Fixes bug 19903; bugfix
  904. on 0.2.8.1-alpha.
  905. o Minor bugfixes (fallback directories):
  906. - Avoid logging a NULL string pointer when loading fallback
  907. directory information. Fixes bug 19947; bugfix on 0.2.4.7-alpha
  908. and 0.2.8.1-alpha. Report and patch by "rubiate".
  909. Changes in version 0.2.9.1-alpha - 2016-08-08
  910. Tor 0.2.9.1-alpha is the first alpha release in the 0.2.9 development
  911. series. It improves our support for hardened builds and compiler
  912. warnings, deploys some critical infrastructure for improvements to
  913. hidden services, includes a new timing backend that we hope to use for
  914. better support for traffic padding, makes it easier for programmers to
  915. log unexpected events, and contains other small improvements to
  916. security, correctness, and performance.
  917. Below are the changes since 0.2.8.6.
  918. o New system requirements:
  919. - Tor now requires Libevent version 2.0.10-stable or later. Older
  920. versions of Libevent have less efficient backends for several
  921. platforms, and lack the DNS code that we use for our server-side
  922. DNS support. This implements ticket 19554.
  923. - Tor now requires zlib version 1.2 or later, for security,
  924. efficiency, and (eventually) gzip support. (Back when we started,
  925. zlib 1.1 and zlib 1.0 were still found in the wild. 1.2 was
  926. released in 2003. We recommend the latest version.)
  927. o Major features (build, hardening):
  928. - Tor now builds with -ftrapv by default on compilers that support
  929. it. This option detects signed integer overflow (which C forbids),
  930. and turns it into a hard-failure. We do not apply this option to
  931. code that needs to run in constant time to avoid side-channels;
  932. instead, we use -fwrapv in that code. Closes ticket 17983.
  933. - When --enable-expensive-hardening is selected, stop applying the
  934. clang/gcc sanitizers to code that needs to run in constant time.
  935. Although we are aware of no introduced side-channels, we are not
  936. able to prove that there are none. Related to ticket 17983.
  937. o Major features (compilation):
  938. - Our big list of extra GCC warnings is now enabled by default when
  939. building with GCC (or with anything like Clang that claims to be
  940. GCC-compatible). To make all warnings into fatal compilation
  941. errors, pass --enable-fatal-warnings to configure. Closes
  942. ticket 19044.
  943. - Use the Autoconf macro AC_USE_SYSTEM_EXTENSIONS to automatically
  944. turn on C and POSIX extensions. (Previously, we attempted to do
  945. this on an ad hoc basis.) Closes ticket 19139.
  946. o Major features (directory authorities, hidden services):
  947. - Directory authorities can now perform the shared randomness
  948. protocol specified by proposal 250. Using this protocol, directory
  949. authorities generate a global fresh random value every day. In the
  950. future, this value will be used by hidden services to select
  951. HSDirs. This release implements the directory authority feature;
  952. the hidden service side will be implemented in the future as part
  953. of proposal 224. Resolves ticket 16943; implements proposal 250.
  954. o Major features (downloading, random exponential backoff):
  955. - When we fail to download an object from a directory service, wait
  956. for an (exponentially increasing) randomized amount of time before
  957. retrying, rather than a fixed interval as we did before. This
  958. prevents a group of Tor instances from becoming too synchronized,
  959. or a single Tor instance from becoming too predictable, in its
  960. download schedule. Closes ticket 15942.
  961. o Major bugfixes (exit policies):
  962. - Avoid disclosing exit outbound bind addresses, configured port
  963. bind addresses, and local interface addresses in relay descriptors
  964. by default under ExitPolicyRejectPrivate. Instead, only reject
  965. these (otherwise unlisted) addresses if
  966. ExitPolicyRejectLocalInterfaces is set. Fixes bug 18456; bugfix on
  967. 0.2.7.2-alpha. Patch by teor.
  968. o Major bugfixes (hidden service client):
  969. - Allow Tor clients with appropriate controllers to work with
  970. FetchHidServDescriptors set to 0. Previously, this option also
  971. disabled descriptor cache lookup, thus breaking hidden services
  972. entirely. Fixes bug 18704; bugfix on 0.2.0.20-rc. Patch by "twim".
  973. o Minor features (build, hardening):
  974. - Detect and work around a libclang_rt problem that would prevent
  975. clang from finding __mulodi4() on some 32-bit platforms, and thus
  976. keep -ftrapv from linking on those systems. Closes ticket 19079.
  977. - When building on a system without runtime support for the runtime
  978. hardening options, try to log a useful warning at configuration
  979. time, rather than an incomprehensible warning at link time. If
  980. expensive hardening was requested, this warning becomes an error.
  981. Closes ticket 18895.
  982. o Minor features (code safety):
  983. - In our integer-parsing functions, ensure that maxiumum value we
  984. give is no smaller than the minimum value. Closes ticket 19063;
  985. patch from U+039b.
  986. o Minor features (controller):
  987. - Implement new GETINFO queries for all downloads that use
  988. download_status_t to schedule retries. This allows controllers to
  989. examine the schedule for pending downloads. Closes ticket 19323.
  990. - Allow controllers to configure basic client authorization on
  991. hidden services when they create them with the ADD_ONION control
  992. command. Implements ticket 15588. Patch by "special".
  993. - Fire a STATUS_SERVER controller event whenever the hibernation
  994. status changes between "awake"/"soft"/"hard". Closes ticket 18685.
  995. o Minor features (directory authority):
  996. - Directory authorities now only give the Guard flag to a relay if
  997. they are also giving it the Stable flag. This change allows us to
  998. simplify path selection for clients. It should have minimal effect
  999. in practice, since >99% of Guards already have the Stable flag.
  1000. Implements ticket 18624.
  1001. - Directory authorities now write their v3-status-votes file out to
  1002. disk earlier in the consensus process, so we have a record of the
  1003. votes even if we abort the consensus process. Resolves
  1004. ticket 19036.
  1005. o Minor features (hidden service):
  1006. - Stop being so strict about the payload length of "rendezvous1"
  1007. cells. We used to be locked in to the "TAP" handshake length, and
  1008. now we can handle better handshakes like "ntor". Resolves
  1009. ticket 18998.
  1010. o Minor features (infrastructure, time):
  1011. - Tor now uses the operating system's monotonic timers (where
  1012. available) for internal fine-grained timing. Previously we would
  1013. look at the system clock, and then attempt to compensate for the
  1014. clock running backwards. Closes ticket 18908.
  1015. - Tor now includes an improved timer backend, so that we can
  1016. efficiently support tens or hundreds of thousands of concurrent
  1017. timers, as will be needed for some of our planned anti-traffic-
  1018. analysis work. This code is based on William Ahern's "timeout.c"
  1019. project, which implements a "tickless hierarchical timing wheel".
  1020. Closes ticket 18365.
  1021. o Minor features (logging):
  1022. - Provide a more useful warning message when configured with an
  1023. invalid Nickname. Closes ticket 18300; patch from "icanhasaccount".
  1024. - When dumping unparseable router descriptors, optionally store them
  1025. in separate files, named by digest, up to a configurable size
  1026. limit. You can change the size limit by setting the
  1027. MaxUnparseableDescSizeToLog option, and disable this feature by
  1028. setting that option to 0. Closes ticket 18322.
  1029. - Add a set of macros to check nonfatal assertions, for internal
  1030. use. Migrating more of our checks to these should help us avoid
  1031. needless crash bugs. Closes ticket 18613.
  1032. o Minor features (performance):
  1033. - Changer the "optimistic data" extension from "off by default" to
  1034. "on by default". The default was ordinarily overridden by a
  1035. consensus option, but when clients were bootstrapping for the
  1036. first time, they would not have a consensus to get the option
  1037. from. Changing this default When fetching a consensus for the
  1038. first time, use optimistic data. This saves a round-trip during
  1039. startup. Closes ticket 18815.
  1040. o Minor features (relay, usability):
  1041. - When the directory authorities refuse a bad relay's descriptor,
  1042. encourage the relay operator to contact us. Many relay operators
  1043. won't notice this line in their logs, but it's a win if even a few
  1044. learn why we don't like what their relay was doing. Resolves
  1045. ticket 18760.
  1046. o Minor features (testing):
  1047. - Let backtrace tests work correctly under AddressSanitizer. Fixes
  1048. part of bug 18934; bugfix on 0.2.5.2-alpha.
  1049. - Move the test-network.sh script to chutney, and modify tor's test-
  1050. network.sh to call the (newer) chutney version when available.
  1051. Resolves ticket 19116. Patch by teor.
  1052. - Use the lcov convention for marking lines as unreachable, so that
  1053. we don't count them when we're generating test coverage data.
  1054. Update our coverage tools to understand this convention. Closes
  1055. ticket 16792.
  1056. o Minor bugfixes (bootstrap):
  1057. - Remember the directory we fetched the consensus or previous
  1058. certificates from, and use it to fetch future authority
  1059. certificates. This change improves bootstrapping performance.
  1060. Fixes bug 18963; bugfix on 0.2.8.1-alpha.
  1061. o Minor bugfixes (build):
  1062. - The test-stem and test-network makefile targets now depend only on
  1063. the tor binary that they are testing. Previously, they depended on
  1064. "make all". Fixes bug 18240; bugfix on 0.2.8.2-alpha. Based on a
  1065. patch from "cypherpunks".
  1066. o Minor bugfixes (circuits):
  1067. - Make sure extend_info_from_router() is only called on servers.
  1068. Fixes bug 19639; bugfix on 0.2.8.1-alpha.
  1069. o Minor bugfixes (compilation):
  1070. - When building with Clang, use a full set of GCC warnings.
  1071. (Previously, we included only a subset, because of the way we
  1072. detected them.) Fixes bug 19216; bugfix on 0.2.0.1-alpha.
  1073. o Minor bugfixes (directory authority):
  1074. - Authorities now sort the "package" lines in their votes, for ease
  1075. of debugging. (They are already sorted in consensus documents.)
  1076. Fixes bug 18840; bugfix on 0.2.6.3-alpha.
  1077. - When parsing a detached signature, make sure we use the length of
  1078. the digest algorithm instead of an hardcoded DIGEST256_LEN in
  1079. order to avoid comparing bytes out-of-bounds with a smaller digest
  1080. length such as SHA1. Fixes bug 19066; bugfix on 0.2.2.6-alpha.
  1081. o Minor bugfixes (documentation):
  1082. - Document the --passphrase-fd option in the tor manpage. Fixes bug
  1083. 19504; bugfix on 0.2.7.3-rc.
  1084. - Fix the description of the --passphrase-fd option in the
  1085. tor-gencert manpage. The option is used to pass the number of a
  1086. file descriptor to read the passphrase from, not to read the file
  1087. descriptor from. Fixes bug 19505; bugfix on 0.2.0.20-alpha.
  1088. o Minor bugfixes (ephemeral hidden service):
  1089. - When deleting an ephemeral hidden service, close its intro points
  1090. even if they are not completely open. Fixes bug 18604; bugfix
  1091. on 0.2.7.1-alpha.
  1092. o Minor bugfixes (guard selection):
  1093. - Use a single entry guard even if the NumEntryGuards consensus
  1094. parameter is not provided. Fixes bug 17688; bugfix
  1095. on 0.2.5.6-alpha.
  1096. - Don't mark guards as unreachable if connection_connect() fails.
  1097. That function fails for local reasons, so it shouldn't reveal
  1098. anything about the status of the guard. Fixes bug 14334; bugfix
  1099. on 0.2.3.10-alpha.
  1100. o Minor bugfixes (hidden service client):
  1101. - Increase the minimum number of internal circuits we preemptively
  1102. build from 2 to 3, so a circuit is available when a client
  1103. connects to another onion service. Fixes bug 13239; bugfix
  1104. on 0.1.0.1-rc.
  1105. o Minor bugfixes (logging):
  1106. - When logging a directory ownership mismatch, log the owning
  1107. username correctly. Fixes bug 19578; bugfix on 0.2.2.29-beta.
  1108. o Minor bugfixes (memory leaks):
  1109. - Fix a small, uncommon memory leak that could occur when reading a
  1110. truncated ed25519 key file. Fixes bug 18956; bugfix
  1111. on 0.2.6.1-alpha.
  1112. o Minor bugfixes (testing):
  1113. - Allow clients to retry HSDirs much faster in test networks. Fixes
  1114. bug 19702; bugfix on 0.2.7.1-alpha. Patch by teor.
  1115. - Disable ASAN's detection of segmentation faults while running
  1116. test_bt.sh, so that we can make sure that our own backtrace
  1117. generation code works. Fixes another aspect of bug 18934; bugfix
  1118. on 0.2.5.2-alpha. Patch from "cypherpunks".
  1119. - Fix the test-network-all target on out-of-tree builds by using the
  1120. correct path to the test driver script. Fixes bug 19421; bugfix
  1121. on 0.2.7.3-rc.
  1122. o Minor bugfixes (time):
  1123. - Improve overflow checks in tv_udiff and tv_mdiff. Fixes bug 19483;
  1124. bugfix on all released tor versions.
  1125. - When computing the difference between two times in milliseconds,
  1126. we now round to the nearest millisecond correctly. Previously, we
  1127. could sometimes round in the wrong direction. Fixes bug 19428;
  1128. bugfix on 0.2.2.2-alpha.
  1129. o Minor bugfixes (user interface):
  1130. - Display a more accurate number of suppressed messages in the log
  1131. rate-limiter. Previously, there was a potential integer overflow
  1132. in the counter. Now, if the number of messages hits a maximum, the
  1133. rate-limiter doesn't count any further. Fixes bug 19435; bugfix
  1134. on 0.2.4.11-alpha.
  1135. - Fix a typo in the passphrase prompt for the ed25519 identity key.
  1136. Fixes bug 19503; bugfix on 0.2.7.2-alpha.
  1137. o Code simplification and refactoring:
  1138. - Remove redundant declarations of the MIN macro. Closes
  1139. ticket 18889.
  1140. - Rename tor_dup_addr() to tor_addr_to_str_dup() to avoid confusion.
  1141. Closes ticket 18462; patch from "icanhasaccount".
  1142. - Split the 600-line directory_handle_command_get function into
  1143. separate functions for different URL types. Closes ticket 16698.
  1144. o Documentation:
  1145. - Fix spelling of "--enable-tor2web-mode" in the manpage. Closes
  1146. ticket 19153. Patch from "U+039b".
  1147. o Removed features:
  1148. - Remove support for "GET /tor/bytes.txt" DirPort request, and
  1149. "GETINFO dir-usage" controller request, which were only available
  1150. via a compile-time option in Tor anyway. Feature was added in
  1151. 0.2.2.1-alpha. Resolves ticket 19035.
  1152. - There is no longer a compile-time option to disable support for
  1153. TransPort. (If you don't want TransPort; just don't use it.) Patch
  1154. from "U+039b". Closes ticket 19449.
  1155. o Testing:
  1156. - Run more workqueue tests as part of "make check". These had
  1157. previously been implemented, but you needed to know special
  1158. command-line options to enable them.
  1159. - We now have unit tests for our code to reject zlib "compression
  1160. bombs". (Fortunately, the code works fine.)
  1161. Changes in version 0.2.8.6 - 2016-08-02
  1162. Tor 0.2.8.6 is the first stable version of the Tor 0.2.8 series.
  1163. The Tor 0.2.8 series improves client bootstrapping performance,
  1164. completes the authority-side implementation of improved identity
  1165. keys for relays, and includes numerous bugfixes and performance
  1166. improvements throughout the program. This release continues to
  1167. improve the coverage of Tor's test suite. For a full list of
  1168. changes since Tor 0.2.7, see the ReleaseNotes file.
  1169. Changes since 0.2.8.5-rc:
  1170. o Minor features (geoip):
  1171. - Update geoip and geoip6 to the July 6 2016 Maxmind GeoLite2
  1172. Country database.
  1173. o Minor bugfixes (compilation):
  1174. - Fix a compilation warning in the unit tests on systems where char
  1175. is signed. Fixes bug 19682; bugfix on 0.2.8.1-alpha.
  1176. o Minor bugfixes (fallback directories):
  1177. - Remove 1 fallback that was on the hardcoded list, then opted-out,
  1178. leaving 89 of the 100 fallbacks originally introduced in Tor
  1179. 0.2.8.2-alpha in March 2016. Closes ticket 19782; patch by teor.
  1180. o Minor bugfixes (Linux seccomp2 sandbox):
  1181. - Allow more syscalls when running with "Sandbox 1" enabled:
  1182. sysinfo, getsockopt(SO_SNDBUF), and setsockopt(SO_SNDBUFFORCE). On
  1183. some systems, these are required for Tor to start. Fixes bug
  1184. 18397; bugfix on 0.2.5.1-alpha. Patch from Daniel Pinto.
  1185. - Allow IPPROTO_UDP datagram sockets when running with "Sandbox 1",
  1186. so that get_interface_address6_via_udp_socket_hack() can work.
  1187. Fixes bug 19660; bugfix on 0.2.5.1-alpha.
  1188. Changes in version 0.2.8.5-rc - 2016-07-07
  1189. Tor 0.2.8.5-rc is the second release candidate in the Tor 0.2.8
  1190. series. If we find no new bugs or regressions here, the first stable
  1191. 0.2.8 release will be identical to it. It has a few small bugfixes
  1192. against previous versions.
  1193. o Directory authority changes:
  1194. - Urras is no longer a directory authority. Closes ticket 19271.
  1195. o Major bugfixes (heartbeat):
  1196. - Fix a regression that would crash Tor when the periodic
  1197. "heartbeat" log messages were disabled. Fixes bug 19454; bugfix on
  1198. 0.2.8.1-alpha. Reported by "kubaku".
  1199. o Minor features (build):
  1200. - Tor now again builds with the recent OpenSSL 1.1 development
  1201. branch (tested against 1.1.0-pre6-dev). Closes ticket 19499.
  1202. - When building manual pages, set the timezone to "UTC", so that the
  1203. output is reproducible. Fixes bug 19558; bugfix on 0.2.2.9-alpha.
  1204. Patch from intrigeri.
  1205. o Minor bugfixes (fallback directory selection):
  1206. - Avoid errors during fallback selection if there are no eligible
  1207. fallbacks. Fixes bug 19480; bugfix on 0.2.8.3-alpha. Patch
  1208. by teor.
  1209. o Minor bugfixes (IPv6, microdescriptors):
  1210. - Don't check node addresses when we only have a routerstatus. This
  1211. allows IPv6-only clients to bootstrap by fetching microdescriptors
  1212. from fallback directory mirrors. (The microdescriptor consensus
  1213. has no IPv6 addresses in it.) Fixes bug 19608; bugfix
  1214. on 0.2.8.2-alpha.
  1215. o Minor bugfixes (logging):
  1216. - Reduce pointlessly verbose log messages when directory servers
  1217. can't be found. Fixes bug 18849; bugfix on 0.2.8.3-alpha and
  1218. 0.2.8.1-alpha. Patch by teor.
  1219. - When a fallback directory changes its fingerprint from the hard-
  1220. coded fingerprint, log a less severe, more explanatory log
  1221. message. Fixes bug 18812; bugfix on 0.2.8.1-alpha. Patch by teor.
  1222. o Minor bugfixes (Linux seccomp2 sandboxing):
  1223. - Allow statistics to be written to disk when "Sandbox 1" is
  1224. enabled. Fixes bugs 19556 and 19957; bugfix on 0.2.5.1-alpha and
  1225. 0.2.6.1-alpha respectively.
  1226. o Minor bugfixes (user interface):
  1227. - Remove a warning message "Service [scrubbed] not found after
  1228. descriptor upload". This message appears when one uses HSPOST
  1229. control command to upload a service descriptor. Since there is
  1230. only a descriptor and no service, showing this message is
  1231. pointless and confusing. Fixes bug 19464; bugfix on 0.2.7.2-alpha.
  1232. o Fallback directory list:
  1233. - Add a comment to the generated fallback directory list that
  1234. explains how to comment out unsuitable fallbacks in a way that's
  1235. compatible with the stem fallback parser.
  1236. - Update fallback whitelist and blacklist based on relay operator
  1237. emails. Blacklist unsuitable (non-working, over-volatile)
  1238. fallbacks. Resolves ticket 19071. Patch by teor.
  1239. - Remove 10 unsuitable fallbacks, leaving 90 of the 100 fallbacks
  1240. originally introduced in Tor 0.2.8.2-alpha in March 2016. Closes
  1241. ticket 19071; patch by teor.
  1242. Changes in version 0.2.8.4-rc - 2016-06-15
  1243. Tor 0.2.8.4-rc is the first release candidate in the Tor 0.2.8 series.
  1244. If we find no new bugs or regressions here, the first stable 0.2.8
  1245. release will be identical to it. It has a few small bugfixes against
  1246. previous versions.
  1247. o Major bugfixes (user interface):
  1248. - Correctly give a warning in the cases where a relay is specified
  1249. by nickname, and one such relay is found, but it is not officially
  1250. Named. Fixes bug 19203; bugfix on 0.2.3.1-alpha.
  1251. o Minor features (build):
  1252. - Tor now builds once again with the recent OpenSSL 1.1 development
  1253. branch (tested against 1.1.0-pre5 and 1.1.0-pre6-dev).
  1254. o Minor features (geoip):
  1255. - Update geoip and geoip6 to the June 7 2016 Maxmind GeoLite2
  1256. Country database.
  1257. o Minor bugfixes (compilation):
  1258. - Cause the unit tests to compile correctly on mingw64 versions that
  1259. lack sscanf. Fixes bug 19213; bugfix on 0.2.7.1-alpha.
  1260. o Minor bugfixes (downloading):
  1261. - Predict more correctly whether we'll be downloading over HTTP when
  1262. we determine the maximum length of a URL. This should avoid a
  1263. "BUG" warning about the Squid HTTP proxy and its URL limits. Fixes
  1264. bug 19191.
  1265. Changes in version 0.2.8.3-alpha - 2016-05-26
  1266. Tor 0.2.8.3-alpha resolves several bugs, most of them introduced over
  1267. the course of the 0.2.8 development cycle. It improves the behavior of
  1268. directory clients, fixes several crash bugs, fixes a gap in compiler
  1269. hardening, and allows the full integration test suite to run on
  1270. more platforms.
  1271. o Major bugfixes (security, client, DNS proxy):
  1272. - Stop a crash that could occur when a client running with DNSPort
  1273. received a query with multiple address types, and the first
  1274. address type was not supported. Found and fixed by Scott Dial.
  1275. Fixes bug 18710; bugfix on 0.2.5.4-alpha.
  1276. o Major bugfixes (security, compilation):
  1277. - Correctly detect compiler flags on systems where _FORTIFY_SOURCE
  1278. is predefined. Previously, our use of -D_FORTIFY_SOURCE would
  1279. cause a compiler warning, thereby making other checks fail, and
  1280. needlessly disabling compiler-hardening support. Fixes one case of
  1281. bug 18841; bugfix on 0.2.3.17-beta. Patch from "trudokal".
  1282. o Major bugfixes (security, directory authorities):
  1283. - Fix a crash and out-of-bounds write during authority voting, when
  1284. the list of relays includes duplicate ed25519 identity keys. Fixes
  1285. bug 19032; bugfix on 0.2.8.2-alpha.
  1286. o Major bugfixes (client, bootstrapping):
  1287. - Check if bootstrap consensus downloads are still needed when the
  1288. linked connection attaches. This prevents tor making unnecessary
  1289. begindir-style connections, which are the only directory
  1290. connections tor clients make since the fix for 18483 was merged.
  1291. - Fix some edge cases where consensus download connections may not
  1292. have been closed, even though they were not needed. Related to fix
  1293. for 18809.
  1294. - Make relays retry consensus downloads the correct number of times,
  1295. rather than the more aggressive client retry count. Fixes part of
  1296. ticket 18809.
  1297. - Stop downloading consensuses when we have a consensus, even if we
  1298. don't have all the certificates for it yet. Fixes bug 18809;
  1299. bugfix on 0.2.8.1-alpha. Patches by arma and teor.
  1300. o Major bugfixes (directory mirrors):
  1301. - Decide whether to advertise begindir support in the the same way
  1302. we decide whether to advertise our DirPort. Allowing these
  1303. decisions to become out-of-sync led to surprising behavior like
  1304. advertising begindir support when hibernation made us not
  1305. advertise a DirPort. Resolves bug 18616; bugfix on 0.2.8.1-alpha.
  1306. Patch by teor.
  1307. o Major bugfixes (IPv6 bridges, client):
  1308. - Actually use IPv6 addresses when selecting directory addresses for
  1309. IPv6 bridges. Fixes bug 18921; bugfix on 0.2.8.1-alpha. Patch
  1310. by "teor".
  1311. o Major bugfixes (key management):
  1312. - If OpenSSL fails to generate an RSA key, do not retain a dangling
  1313. pointer to the previous (uninitialized) key value. The impact here
  1314. should be limited to a difficult-to-trigger crash, if OpenSSL is
  1315. running an engine that makes key generation failures possible, or
  1316. if OpenSSL runs out of memory. Fixes bug 19152; bugfix on
  1317. 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and
  1318. Baishakhi Ray.
  1319. o Major bugfixes (testing):
  1320. - Fix a bug that would block 'make test-network-all' on systems where
  1321. IPv6 packets were lost. Fixes bug 19008; bugfix on 0.2.7.3-rc.
  1322. - Avoid "WSANOTINITIALISED" warnings in the unit tests. Fixes bug 18668;
  1323. bugfix on 0.2.8.1-alpha.
  1324. o Minor features (clients):
  1325. - Make clients, onion services, and bridge relays always use an
  1326. encrypted begindir connection for directory requests. Resolves
  1327. ticket 18483. Patch by "teor".
  1328. o Minor features (fallback directory mirrors):
  1329. - Give each fallback the same weight for client selection; restrict
  1330. fallbacks to one per operator; report fallback directory detail
  1331. changes when rebuilding list; add new fallback directory mirrors
  1332. to the whitelist; and many other minor simplifications and fixes.
  1333. Closes tasks 17905, 18749, bug 18689, and fixes part of bug 18812 on
  1334. 0.2.8.1-alpha; patch by "teor".
  1335. - Replace the 21 fallbacks generated in January 2016 and included in
  1336. Tor 0.2.8.1-alpha, with a list of 100 fallbacks generated in March
  1337. 2016. Closes task 17158; patch by "teor".
  1338. o Minor features (geoip):
  1339. - Update geoip and geoip6 to the May 4 2016 Maxmind GeoLite2
  1340. Country database.
  1341. o Minor bugfixes (assert, portability):
  1342. - Fix an assertion failure in memarea.c on systems where "long" is
  1343. shorter than the size of a pointer. Fixes bug 18716; bugfix
  1344. on 0.2.1.1-alpha.
  1345. o Minor bugfixes (bootstrap):
  1346. - Consistently use the consensus download schedule for authority
  1347. certificates. Fixes bug 18816; bugfix on 0.2.4.13-alpha.
  1348. o Minor bugfixes (build):
  1349. - Remove a pair of redundant AM_CONDITIONAL declarations from
  1350. configure.ac. Fixes one final case of bug 17744; bugfix
  1351. on 0.2.8.2-alpha.
  1352. - Resolve warnings when building on systems that are concerned with
  1353. signed char. Fixes bug 18728; bugfix on 0.2.7.2-alpha
  1354. and 0.2.6.1-alpha.
  1355. - When libscrypt.h is found, but no libscrypt library can be linked,
  1356. treat libscrypt as absent. Fixes bug 19161; bugfix
  1357. on 0.2.6.1-alpha.
  1358. o Minor bugfixes (client):
  1359. - Turn all TestingClientBootstrap* into non-testing torrc options.
  1360. This changes simply renames them by removing "Testing" in front of
  1361. them and they do not require TestingTorNetwork to be enabled
  1362. anymore. Fixes bug 18481; bugfix on 0.2.8.1-alpha.
  1363. - Make directory node selection more reliable, mainly for IPv6-only
  1364. clients and clients with few reachable addresses. Fixes bug 18929;
  1365. bugfix on 0.2.8.1-alpha. Patch by "teor".
  1366. o Minor bugfixes (controller, microdescriptors):
  1367. - Make GETINFO dir/status-vote/current/consensus conform to the
  1368. control specification by returning "551 Could not open cached
  1369. consensus..." when not caching consensuses. Fixes bug 18920;
  1370. bugfix on 0.2.2.6-alpha.
  1371. o Minor bugfixes (crypto, portability):
  1372. - The SHA3 and SHAKE routines now produce the correct output on Big
  1373. Endian systems. No code calls either algorithm yet, so this is
  1374. primarily a build fix. Fixes bug 18943; bugfix on 0.2.8.1-alpha.
  1375. - Tor now builds again with the recent OpenSSL 1.1 development
  1376. branch (tested against 1.1.0-pre4 and 1.1.0-pre5-dev). Closes
  1377. ticket 18286.
  1378. o Minor bugfixes (directories):
  1379. - When fetching extrainfo documents, compare their SHA256 digests
  1380. and Ed25519 signing key certificates with the routerinfo that led
  1381. us to fetch them, rather than with the most recent routerinfo.
  1382. Otherwise we generate many spurious warnings about mismatches.
  1383. Fixes bug 17150; bugfix on 0.2.7.2-alpha.
  1384. o Minor bugfixes (logging):
  1385. - When we can't generate a signing key because OfflineMasterKey is
  1386. set, do not imply that we should have been able to load it. Fixes
  1387. bug 18133; bugfix on 0.2.7.2-alpha.
  1388. - Stop periodic_event_dispatch() from blasting twelve lines per
  1389. second at loglevel debug. Fixes bug 18729; fix on 0.2.8.1-alpha.
  1390. - When rejecting a misformed INTRODUCE2 cell, only log at
  1391. PROTOCOL_WARN severity. Fixes bug 18761; bugfix on 0.2.8.2-alpha.
  1392. o Minor bugfixes (pluggable transports):
  1393. - Avoid reporting a spurious error when we decide that we don't need
  1394. to terminate a pluggable transport because it has already exited.
  1395. Fixes bug 18686; bugfix on 0.2.5.5-alpha.
  1396. o Minor bugfixes (pointer arithmetic):
  1397. - Fix a bug in memarea_alloc() that could have resulted in remote
  1398. heap write access, if Tor had ever passed an unchecked size to
  1399. memarea_alloc(). Fortunately, all the sizes we pass to
  1400. memarea_alloc() are pre-checked to be less than 128 kilobytes.
  1401. Fixes bug 19150; bugfix on 0.2.1.1-alpha. Bug found by
  1402. Guido Vranken.
  1403. o Minor bugfixes (relays):
  1404. - Consider more config options when relays decide whether to
  1405. regenerate their descriptor. Fixes more of bug 12538; bugfix
  1406. on 0.2.8.1-alpha.
  1407. - Resolve some edge cases where we might launch an ORPort
  1408. reachability check even when DisableNetwork is set. Noticed while
  1409. fixing bug 18616; bugfix on 0.2.3.9-alpha.
  1410. o Minor bugfixes (statistics):
  1411. - We now include consensus downloads via IPv6 in our directory-
  1412. request statistics. Fixes bug 18460; bugfix on 0.2.3.14-alpha.
  1413. o Minor bugfixes (testing):
  1414. - Allow directories in small networks to bootstrap by skipping
  1415. DirPort checks when the consensus has no exits. Fixes bug 19003;
  1416. bugfix on 0.2.8.1-alpha. Patch by teor.
  1417. - Fix a small memory leak that would occur when the
  1418. TestingEnableCellStatsEvent option was turned on. Fixes bug 18673;
  1419. bugfix on 0.2.5.2-alpha.
  1420. o Minor bugfixes (time handling):
  1421. - When correcting a corrupt 'struct tm' value, fill in the tm_wday
  1422. field. Otherwise, our unit tests crash on Windows. Fixes bug
  1423. 18977; bugfix on 0.2.2.25-alpha.
  1424. o Documentation:
  1425. - Document the contents of the 'datadir/keys' subdirectory in the
  1426. manual page. Closes ticket 17621.
  1427. - Stop recommending use of nicknames to identify relays in our
  1428. MapAddress documentation. Closes ticket 18312.
  1429. Changes in version 0.2.8.2-alpha - 2016-03-28
  1430. Tor 0.2.8.2-alpha is the second alpha in its series. It fixes numerous
  1431. bugs in earlier versions of Tor, including some that prevented
  1432. authorities using Tor 0.2.7.x from running correctly. IPv6 and
  1433. directory support should also be much improved.
  1434. o New system requirements:
  1435. - Tor no longer supports versions of OpenSSL with a broken
  1436. implementation of counter mode. (This bug was present in OpenSSL
  1437. 1.0.0, and was fixed in OpenSSL 1.0.0a.) Tor still detects, but no
  1438. longer runs with, these versions.
  1439. - Tor no longer attempts to support platforms where the "time_t"
  1440. type is unsigned. (To the best of our knowledge, only OpenVMS does
  1441. this, and Tor has never actually built on OpenVMS.) Closes
  1442. ticket 18184.
  1443. - Tor now uses Autoconf version 2.63 or later, and Automake 1.11 or
  1444. later (released in 2008 and 2009 respectively). If you are
  1445. building Tor from the git repository instead of from the source
  1446. distribution, and your tools are older than this, you will need to
  1447. upgrade. Closes ticket 17732.
  1448. o Major bugfixes (security, pointers):
  1449. - Avoid a difficult-to-trigger heap corruption attack when extending
  1450. a smartlist to contain over 16GB of pointers. Fixes bug 18162;
  1451. bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely.
  1452. Reported by Guido Vranken.
  1453. o Major bugfixes (bridges, pluggable transports):
  1454. - Modify the check for OR connections to private addresses. Allow
  1455. bridges on private addresses, including pluggable transports that
  1456. ignore the (potentially private) address in the bridge line. Fixes
  1457. bug 18517; bugfix on 0.2.8.1-alpha. Reported by gk, patch by teor.
  1458. o Major bugfixes (compilation):
  1459. - Repair hardened builds under the clang compiler. Previously, our
  1460. use of _FORTIFY_SOURCE would conflict with clang's address
  1461. sanitizer. Fixes bug 14821; bugfix on 0.2.5.4-alpha.
  1462. o Major bugfixes (crash on shutdown):
  1463. - Correctly handle detaching circuits from muxes when shutting down.
  1464. Fixes bug 18116; bugfix on 0.2.8.1-alpha.
  1465. - Fix an assert-on-exit bug related to counting memory usage in
  1466. rephist.c. Fixes bug 18651; bugfix on 0.2.8.1-alpha.
  1467. o Major bugfixes (crash on startup):
  1468. - Fix a segfault during startup: If a Unix domain socket was
  1469. configured as listener (such as a ControlSocket or a SocksPort
  1470. "unix:" socket), and tor was started as root but not configured to
  1471. switch to another user, tor would segfault while trying to string
  1472. compare a NULL value. Fixes bug 18261; bugfix on 0.2.8.1-alpha.
  1473. Patch by weasel.
  1474. o Major bugfixes (dns proxy mode, crash):
  1475. - Avoid crashing when running as a DNS proxy. Fixes bug 16248;
  1476. bugfix on 0.2.0.1-alpha. Patch from "cypherpunks".
  1477. o Major bugfixes (relays, bridge clients):
  1478. - Ensure relays always allow IPv4 OR and Dir connections. Ensure
  1479. bridge clients use the address configured in the bridge line.
  1480. Fixes bug 18348; bugfix on 0.2.8.1-alpha. Reported by sysrqb,
  1481. patch by teor.
  1482. o Major bugfixes (voting):
  1483. - Actually enable support for authorities to match routers by their
  1484. Ed25519 identities. Previously, the code had been written, but
  1485. some debugging code that had accidentally been left in the
  1486. codebase made it stay turned off. Fixes bug 17702; bugfix
  1487. on 0.2.7.2-alpha.
  1488. - When collating votes by Ed25519 identities, authorities now
  1489. include a "NoEdConsensus" flag if the ed25519 value (or lack
  1490. thereof) for a server does not reflect the majority consensus.
  1491. Related to bug 17668; bugfix on 0.2.7.2-alpha.
  1492. - When generating a vote with keypinning disabled, never include two
  1493. entries for the same ed25519 identity. This bug was causing
  1494. authorities to generate votes that they could not parse when a
  1495. router violated key pinning by changing its RSA identity but
  1496. keeping its Ed25519 identity. Fixes bug 17668; fixes part of bug
  1497. 18318. Bugfix on 0.2.7.2-alpha.
  1498. o Minor features (security, win32):
  1499. - Set SO_EXCLUSIVEADDRUSE on Win32 to avoid a local port-stealing
  1500. attack. Fixes bug 18123; bugfix on all tor versions. Patch
  1501. by teor.
  1502. o Minor features (bug-resistance):
  1503. - Make Tor survive errors involving connections without a
  1504. corresponding event object. Previously we'd fail with an
  1505. assertion; now we produce a log message. Related to bug 16248.
  1506. o Minor features (build):
  1507. - Detect systems with FreeBSD-derived kernels (such as GNU/kFreeBSD)
  1508. as having possible IPFW support. Closes ticket 18448. Patch from
  1509. Steven Chamberlain.
  1510. o Minor features (code hardening):
  1511. - Use tor_snprintf() and tor_vsnprintf() even in external and low-
  1512. level code, to harden against accidental failures to NUL-
  1513. terminate. Part of ticket 17852. Patch from jsturgix. Found
  1514. with Flawfinder.
  1515. o Minor features (crypto):
  1516. - Validate the hard-coded Diffie-Hellman parameters and ensure that
  1517. p is a safe prime, and g is a suitable generator. Closes
  1518. ticket 18221.
  1519. o Minor features (geoip):
  1520. - Update geoip and geoip6 to the March 3 2016 Maxmind GeoLite2
  1521. Country database.
  1522. o Minor features (hidden service directory):
  1523. - Streamline relay-side hsdir handling: when relays consider whether
  1524. to accept an uploaded hidden service descriptor, they no longer
  1525. check whether they are one of the relays in the network that is
  1526. "supposed" to handle that descriptor. Implements ticket 18332.
  1527. o Minor features (IPv6):
  1528. - Add ClientPreferIPv6DirPort, which is set to 0 by default. If set
  1529. to 1, tor prefers IPv6 directory addresses.
  1530. - Add ClientUseIPv4, which is set to 1 by default. If set to 0, tor
  1531. avoids using IPv4 for client OR and directory connections.
  1532. - Try harder to obey the IP version restrictions "ClientUseIPv4 0",
  1533. "ClientUseIPv6 0", "ClientPreferIPv6ORPort", and
  1534. "ClientPreferIPv6DirPort". Closes ticket 17840; patch by teor.
  1535. o Minor features (linux seccomp2 sandbox):
  1536. - Reject attempts to change our Address with "Sandbox 1" enabled.
  1537. Changing Address with Sandbox turned on would never actually work,
  1538. but previously it would fail in strange and confusing ways. Found
  1539. while fixing 18548.
  1540. o Minor features (robustness):
  1541. - Exit immediately with an error message if the code attempts to use
  1542. Libevent without having initialized it. This should resolve some
  1543. frequently-made mistakes in our unit tests. Closes ticket 18241.
  1544. o Minor features (unix domain sockets):
  1545. - Add a new per-socket option, RelaxDirModeCheck, to allow creating
  1546. Unix domain sockets without checking the permissions on the parent
  1547. directory. (Tor checks permissions by default because some
  1548. operating systems only check permissions on the parent directory.
  1549. However, some operating systems do look at permissions on the
  1550. socket, and tor's default check is unneeded.) Closes ticket 18458.
  1551. Patch by weasel.
  1552. o Minor bugfixes (exit policies, security):
  1553. - Refresh an exit relay's exit policy when interface addresses
  1554. change. Previously, tor only refreshed the exit policy when the
  1555. configured external address changed. Fixes bug 18208; bugfix on
  1556. 0.2.7.3-rc. Patch by teor.
  1557. o Minor bugfixes (security, hidden services):
  1558. - Prevent hidden services connecting to client-supplied rendezvous
  1559. addresses that are reserved as internal or multicast. Fixes bug
  1560. 8976; bugfix on 0.2.3.21-rc. Patch by dgoulet and teor.
  1561. o Minor bugfixes (build):
  1562. - Do not link the unit tests against both the testing and non-
  1563. testing versions of the static libraries. Fixes bug 18490; bugfix
  1564. on 0.2.7.1-alpha.
  1565. - Avoid spurious failures from configure files related to calling
  1566. exit(0) in TOR_SEARCH_LIBRARY. Fixes bug 18626; bugfix on
  1567. 0.2.0.1-alpha. Patch from "cypherpunks".
  1568. - Silence spurious clang-scan warnings in the ed25519_donna code by
  1569. explicitly initializing some objects. Fixes bug 18384; bugfix on
  1570. 0.2.7.2-alpha. Patch by teor.
  1571. o Minor bugfixes (client, bootstrap):
  1572. - Count receipt of new microdescriptors as progress towards
  1573. bootstrapping. Previously, with EntryNodes set, Tor might not
  1574. successfully repopulate the guard set on bootstrapping. Fixes bug
  1575. 16825; bugfix on 0.2.3.1-alpha.
  1576. o Minor bugfixes (code correctness):
  1577. - Update to the latest version of Trunnel, which tries harder to
  1578. avoid generating code that can invoke memcpy(p,NULL,0). Bug found
  1579. by clang address sanitizer. Fixes bug 18373; bugfix
  1580. on 0.2.7.2-alpha.
  1581. o Minor bugfixes (configuration):
  1582. - Fix a tiny memory leak when parsing a port configuration ending in
  1583. ":auto". Fixes bug 18374; bugfix on 0.2.3.3-alpha.
  1584. o Minor bugfixes (containers):
  1585. - If we somehow attempt to construct a heap with more than
  1586. 1073741822 elements, avoid an integer overflow when maintaining
  1587. the heap property. Fixes bug 18296; bugfix on 0.1.2.1-alpha.
  1588. o Minor bugfixes (correctness):
  1589. - Fix a bad memory handling bug that would occur if we had queued a
  1590. cell on a channel's incoming queue. Fortunately, we can't actually
  1591. queue a cell like that as our code is constructed today, but it's
  1592. best to avoid this kind of error, even if there isn't any code
  1593. that triggers it today. Fixes bug 18570; bugfix on 0.2.4.4-alpha.
  1594. o Minor bugfixes (directory):
  1595. - When generating a URL for a directory server on an IPv6 address,
  1596. wrap the IPv6 address in square brackets. Fixes bug 18051; bugfix
  1597. on 0.2.3.9-alpha. Patch from Malek.
  1598. o Minor bugfixes (fallback directory mirrors):
  1599. - When requesting extrainfo descriptors from a trusted directory
  1600. server, check whether it is an authority or a fallback directory
  1601. which supports extrainfo descriptors. Fixes bug 18489; bugfix on
  1602. 0.2.4.7-alpha. Reported by atagar, patch by teor.
  1603. o Minor bugfixes (hidden service, client):
  1604. - Handle the case where the user makes several fast consecutive
  1605. requests to the same .onion address. Previously, the first six
  1606. requests would each trigger a descriptor fetch, each picking a
  1607. directory (there are 6 overall) and the seventh one would fail
  1608. because no directories were left, thereby triggering a close on
  1609. all current directory connections asking for the hidden service.
  1610. The solution here is to not close the connections if we have
  1611. pending directory fetches. Fixes bug 15937; bugfix
  1612. on 0.2.7.1-alpha.
  1613. o Minor bugfixes (hidden service, control port):
  1614. - Add the onion address to the HS_DESC event for the UPLOADED action
  1615. both on success or failure. It was previously hardcoded with
  1616. UNKNOWN. Fixes bug 16023; bugfix on 0.2.7.2-alpha.
  1617. o Minor bugfixes (hidden service, directory):
  1618. - Bridges now refuse "rendezvous2" (hidden service descriptor)
  1619. publish attempts. Suggested by ticket 18332.
  1620. o Minor bugfixes (linux seccomp2 sandbox):
  1621. - Allow the setrlimit syscall, and the prlimit and prlimit64
  1622. syscalls, which some libc implementations use under the hood.
  1623. Fixes bug 15221; bugfix on 0.2.5.1-alpha.
  1624. - Avoid a 10-second delay when starting as a client with "Sandbox 1"
  1625. enabled and no DNS resolvers configured. This should help TAILS
  1626. start up faster. Fixes bug 18548; bugfix on 0.2.5.1-alpha.
  1627. - Fix the sandbox's interoperability with unix domain sockets under
  1628. setuid. Fixes bug 18253; bugfix on 0.2.8.1-alpha.
  1629. o Minor bugfixes (logging):
  1630. - When logging information about an unparsable networkstatus vote or
  1631. consensus, do not say "vote" when we mean consensus. Fixes bug
  1632. 18368; bugfix on 0.2.0.8-alpha.
  1633. - Scrub service name in "unrecognized service ID" log messages.
  1634. Fixes bug 18600; bugfix on 0.2.4.11-alpha.
  1635. - Downgrade logs and backtraces about IP versions to info-level.
  1636. Only log backtraces once each time tor runs. Assists in diagnosing
  1637. bug 18351; bugfix on 0.2.8.1-alpha. Reported by sysrqb and
  1638. Christian, patch by teor.
  1639. o Minor bugfixes (memory safety):
  1640. - Avoid freeing an uninitialized pointer when opening a socket fails
  1641. in get_interface_addresses_ioctl(). Fixes bug 18454; bugfix on
  1642. 0.2.3.11-alpha. Reported by toralf and "cypherpunks", patch
  1643. by teor.
  1644. - Correctly duplicate addresses in get_interface_address6_list().
  1645. Fixes bug 18454; bugfix on 0.2.8.1-alpha. Reported by toralf,
  1646. patch by "cypherpunks".
  1647. - Fix a memory leak in tor-gencert. Fixes part of bug 18672; bugfix
  1648. on 0.2.0.1-alpha.
  1649. - Fix a memory leak in "tor --list-fingerprint". Fixes part of bug
  1650. 18672; bugfix on 0.2.5.1-alpha.
  1651. o Minor bugfixes (private directory):
  1652. - Prevent a race condition when creating private directories. Fixes
  1653. part of bug 17852; bugfix on 0.0.2pre13. Part of ticket 17852.
  1654. Patch from jsturgix. Found with Flawfinder.
  1655. o Minor bugfixes (test networks, IPv6):
  1656. - Allow internal IPv6 addresses in descriptors in test networks.
  1657. Fixes bug 17153; bugfix on 0.2.3.16-alpha. Patch by teor, reported
  1658. by karsten.
  1659. o Minor bugfixes (testing):
  1660. - We no longer disable assertions in the unit tests when coverage is
  1661. enabled. Instead, we require you to say --disable-asserts-in-tests
  1662. to the configure script if you need assertions disabled in the
  1663. unit tests (for example, if you want to perform branch coverage).
  1664. Fixes bug 18242; bugfix on 0.2.7.1-alpha.
  1665. o Minor bugfixes (time parsing):
  1666. - Avoid overflow in tor_timegm when parsing dates in and after 2038
  1667. on platforms with 32-bit time_t. Fixes bug 18479; bugfix on
  1668. 0.0.2pre14. Patch by teor.
  1669. o Minor bugfixes (tor-gencert):
  1670. - Correctly handle the case where an authority operator enters a
  1671. passphrase but sends an EOF before sending a newline. Fixes bug
  1672. 17443; bugfix on 0.2.0.20-rc. Found by junglefowl.
  1673. o Code simplification and refactoring:
  1674. - Quote all the string interpolations in configure.ac -- even those
  1675. which we are pretty sure can't contain spaces. Closes ticket
  1676. 17744. Patch from zerosion.
  1677. - Remove specialized code for non-inplace AES_CTR. 99% of our AES is
  1678. inplace, so there's no need to have a separate implementation for
  1679. the non-inplace code. Closes ticket 18258. Patch from Malek.
  1680. - Simplify return types for some crypto functions that can't
  1681. actually fail. Patch from Hassan Alsibyani. Closes ticket 18259.
  1682. o Documentation:
  1683. - Change build messages to refer to "Fedora" instead of "Fedora
  1684. Core", and "dnf" instead of "yum". Closes tickets 18459 and 18426.
  1685. Patches from "icanhasaccount" and "cypherpunks".
  1686. o Removed features:
  1687. - We no longer maintain an internal freelist in memarea.c.
  1688. Allocators should be good enough to make this code unnecessary,
  1689. and it's doubtful that it ever had any performance benefit.
  1690. o Testing:
  1691. - Fix several warnings from clang's address sanitizer produced in
  1692. the unit tests.
  1693. - Treat backtrace test failures as expected on FreeBSD until we
  1694. solve bug 17808. Closes ticket 18204.
  1695. Changes in version 0.2.8.1-alpha - 2016-02-04
  1696. Tor 0.2.8.1-alpha is the first alpha release in its series. It
  1697. includes numerous small features and bugfixes against previous Tor
  1698. versions, and numerous small infrastructure improvements. The most
  1699. notable features are a set of improvements to the directory subsystem.
  1700. o Major features (security, Linux):
  1701. - When Tor starts as root on Linux and is told to switch user ID, it
  1702. can now retain the capability to bind to low ports. By default,
  1703. Tor will do this only when it's switching user ID and some low
  1704. ports have been configured. You can change this behavior with the
  1705. new option KeepBindCapabilities. Closes ticket 8195.
  1706. o Major features (directory system):
  1707. - When bootstrapping multiple consensus downloads at a time, use the
  1708. first one that starts downloading, and close the rest. This
  1709. reduces failures when authorities or fallback directories are slow
  1710. or down. Together with the code for feature 15775, this feature
  1711. should reduces failures due to fallback churn. Implements ticket
  1712. 4483. Patch by "teor". Implements IPv4 portions of proposal 210 by
  1713. "mikeperry" and "teor".
  1714. - Include a trial list of 21 default fallback directories, generated
  1715. in January 2016, based on an opt-in survey of suitable relays.
  1716. Doing this should make clients bootstrap more quickly and reliably,
  1717. and reduce the load on the directory authorities. Closes ticket
  1718. 15775. Patch by "teor".
  1719. Candidates identified using an OnionOO script by "weasel", "teor",
  1720. "gsathya", and "karsten".
  1721. - Previously only relays that explicitly opened a directory port
  1722. (DirPort) accepted directory requests from clients. Now all
  1723. relays, with and without a DirPort, accept and serve tunneled
  1724. directory requests that they receive through their ORPort. You can
  1725. disable this behavior using the new DirCache option. Closes
  1726. ticket 12538.
  1727. o Major key updates:
  1728. - Update the V3 identity key for the dannenberg directory authority:
  1729. it was changed on 18 November 2015. Closes task 17906. Patch
  1730. by "teor".
  1731. o Minor features (security, clock):
  1732. - Warn when the system clock appears to move back in time (when the
  1733. state file was last written in the future). Tor doesn't know that
  1734. consensuses have expired if the clock is in the past. Patch by
  1735. "teor". Implements ticket 17188.
  1736. o Minor features (security, exit policies):
  1737. - ExitPolicyRejectPrivate now rejects more private addresses by
  1738. default. Specifically, it now rejects the relay's outbound bind
  1739. addresses (if configured), and the relay's configured port
  1740. addresses (such as ORPort and DirPort). Fixes bug 17027; bugfix on
  1741. 0.2.0.11-alpha. Patch by "teor".
  1742. o Minor features (security, memory erasure):
  1743. - Set the unused entries in a smartlist to NULL. This helped catch
  1744. a (harmless) bug, and shouldn't affect performance too much.
  1745. Implements ticket 17026.
  1746. - Use SecureMemoryWipe() function to securely clean memory on
  1747. Windows. Previously we'd use OpenSSL's OPENSSL_cleanse() function.
  1748. Implements feature 17986.
  1749. - Use explicit_bzero or memset_s when present. Previously, we'd use
  1750. OpenSSL's OPENSSL_cleanse() function. Closes ticket 7419; patches
  1751. from <logan@hackers.mu> and <selven@hackers.mu>.
  1752. - Make memwipe() do nothing when passed a NULL pointer or buffer of
  1753. zero size. Check size argument to memwipe() for underflow. Fixes
  1754. bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk",
  1755. patch by "teor".
  1756. o Minor features (security, RNG):
  1757. - Adjust Tor's use of OpenSSL's RNG APIs so that they absolutely,
  1758. positively are not allowed to fail. Previously we depended on
  1759. internal details of OpenSSL's behavior. Closes ticket 17686.
  1760. - Never use the system entropy output directly for anything besides
  1761. seeding the PRNG. When we want to generate important keys, instead
  1762. of using system entropy directly, we now hash it with the PRNG
  1763. stream. This may help resist certain attacks based on broken OS
  1764. entropy implementations. Closes part of ticket 17694.
  1765. - Use modern system calls (like getentropy() or getrandom()) to
  1766. generate strong entropy on platforms that have them. Closes
  1767. ticket 13696.
  1768. o Minor features (accounting):
  1769. - Added two modes to the AccountingRule option: One for limiting
  1770. only the number of bytes sent ("AccountingRule out"), and one for
  1771. limiting only the number of bytes received ("AccountingRule in").
  1772. Closes ticket 15989; patch from "unixninja92".
  1773. o Minor features (build):
  1774. - Since our build process now uses "make distcheck", we no longer
  1775. force "make dist" to depend on "make check". Closes ticket 17893;
  1776. patch from "cypherpunks."
  1777. - Tor now builds successfully with the recent OpenSSL 1.1
  1778. development branch, and with the latest LibreSSL. Closes tickets
  1779. 17549, 17921, and 17984.
  1780. o Minor features (controller):
  1781. - Adds the FallbackDir entries to 'GETINFO config/defaults'. Closes
  1782. tickets 16774 and 17817. Patch by George Tankersley.
  1783. - New 'GETINFO hs/service/desc/id/' command to retrieve a hidden
  1784. service descriptor from a service's local hidden service
  1785. descriptor cache. Closes ticket 14846.
  1786. - Add 'GETINFO exit-policy/reject-private/[default,relay]', so
  1787. controllers can examine the the reject rules added by
  1788. ExitPolicyRejectPrivate. This makes it easier for stem to display
  1789. exit policies.
  1790. o Minor features (crypto):
  1791. - Add SHA512 support to crypto.c. Closes ticket 17663; patch from
  1792. George Tankersley.
  1793. - Add SHA3 and SHAKE support to crypto.c. Closes ticket 17783.
  1794. - When allocating a digest state object, allocate no more space than
  1795. we actually need. Previously, we would allocate as much space as
  1796. the state for the largest algorithm would need. This change saves
  1797. up to 672 bytes per circuit. Closes ticket 17796.
  1798. - Improve performance when hashing non-multiple of 8 sized buffers,
  1799. based on Andrew Moon's public domain SipHash-2-4 implementation.
  1800. Fixes bug 17544; bugfix on 0.2.5.3-alpha.
  1801. o Minor features (directory downloads):
  1802. - Wait for busy authorities and fallback directories to become non-
  1803. busy when bootstrapping. (A similar change was made in 6c443e987d
  1804. for directory caches chosen from the consensus.) Closes ticket
  1805. 17864; patch by "teor".
  1806. - Add UseDefaultFallbackDirs, which enables any hard-coded fallback
  1807. directory mirrors. The default is 1; set it to 0 to disable
  1808. fallbacks. Implements ticket 17576. Patch by "teor".
  1809. o Minor features (geoip):
  1810. - Update geoip and geoip6 to the January 5 2016 Maxmind GeoLite2
  1811. Country database.
  1812. o Minor features (IPv6):
  1813. - Add an argument 'ipv6=address:orport' to the DirAuthority and
  1814. FallbackDir torrc options, to specify an IPv6 address for an
  1815. authority or fallback directory. Add hard-coded ipv6 addresses for
  1816. directory authorities that have them. Closes ticket 17327; patch
  1817. from Nick Mathewson and "teor".
  1818. - Add address policy assume_action support for IPv6 addresses.
  1819. - Limit IPv6 mask bits to 128.
  1820. - Warn when comparing against an AF_UNSPEC address in a policy, it's
  1821. almost always a bug. Closes ticket 17863; patch by "teor".
  1822. - Allow users to configure directory authorities and fallback
  1823. directory servers with IPv6 addresses and ORPorts. Resolves
  1824. ticket 6027.
  1825. - routerset_parse now accepts IPv6 literal addresses. Fixes bug
  1826. 17060; bugfix on 0.2.1.3-alpha. Patch by "teor".
  1827. - Make tor_ersatz_socketpair work on IPv6-only systems. Fixes bug
  1828. 17638; bugfix on 0.0.2pre8. Patch by "teor".
  1829. o Minor features (logging):
  1830. - When logging to syslog, allow a tag to be added to the syslog
  1831. identity (the string prepended to every log message). The tag can
  1832. be configured with SyslogIdentityTag and defaults to none. Setting
  1833. it to "foo" will cause logs to be tagged as "Tor-foo". Closes
  1834. ticket 17194.
  1835. o Minor features (portability):
  1836. - Use timingsafe_memcmp() where available. Closes ticket 17944;
  1837. patch from <logan@hackers.mu>.
  1838. o Minor features (relay, address discovery):
  1839. - Add a family argument to get_interface_addresses_raw() and
  1840. subfunctions to make network interface address interogation more
  1841. efficient. Now Tor can specifically ask for IPv4, IPv6 or both
  1842. types of interfaces from the operating system. Resolves
  1843. ticket 17950.
  1844. - When get_interface_address6_list(.,AF_UNSPEC,.) is called and
  1845. fails to enumerate interface addresses using the platform-specific
  1846. API, have it rely on the UDP socket fallback technique to try and
  1847. find out what IP addresses (both IPv4 and IPv6) our machine has.
  1848. Resolves ticket 17951.
  1849. o Minor features (replay cache):
  1850. - The replay cache now uses SHA256 instead of SHA1. Implements
  1851. feature 8961. Patch by "teor", issue reported by "rransom".
  1852. o Minor features (unix file permissions):
  1853. - Defer creation of Unix sockets until after setuid. This avoids
  1854. needing CAP_CHOWN and CAP_FOWNER when using systemd's
  1855. CapabilityBoundingSet, or chown and fowner when using SELinux.
  1856. Implements part of ticket 17562. Patch from Jamie Nguyen.
  1857. - If any directory created by Tor is marked as group readable, the
  1858. filesystem group is allowed to be either the default GID or the
  1859. root user. Allowing root to read the DataDirectory prevents the
  1860. need for CAP_READ_SEARCH when using systemd's
  1861. CapabilityBoundingSet, or dac_read_search when using SELinux.
  1862. Implements part of ticket 17562. Patch from Jamie Nguyen.
  1863. - Introduce a new DataDirectoryGroupReadable option. If it is set to
  1864. 1, the DataDirectory will be made readable by the default GID.
  1865. Implements part of ticket 17562. Patch from Jamie Nguyen.
  1866. o Minor bugfixes (accounting):
  1867. - The max bandwidth when using 'AccountRule sum' is now correctly
  1868. logged. Fixes bug 18024; bugfix on 0.2.6.1-alpha. Patch
  1869. from "unixninja92".
  1870. o Minor bugfixes (code correctness):
  1871. - When closing an entry connection, generate a warning if we should
  1872. have sent an end cell for it but we haven't. Fixes bug 17876;
  1873. bugfix on 0.2.3.2-alpha.
  1874. - Assert that allocated memory held by the reputation code is freed
  1875. according to its internal counters. Fixes bug 17753; bugfix
  1876. on 0.1.1.1-alpha.
  1877. - Assert when the TLS contexts fail to initialize. Fixes bug 17683;
  1878. bugfix on 0.0.6.
  1879. o Minor bugfixes (compilation):
  1880. - Mark all object files that include micro-revision.i as depending
  1881. on it, so as to make parallel builds more reliable. Fixes bug
  1882. 17826; bugfix on 0.2.5.1-alpha.
  1883. - Don't try to use the pthread_condattr_setclock() function unless
  1884. it actually exists. Fixes compilation on NetBSD-6.x. Fixes bug
  1885. 17819; bugfix on 0.2.6.3-alpha.
  1886. - Fix backtrace compilation on FreeBSD. Fixes bug 17827; bugfix
  1887. on 0.2.5.2-alpha.
  1888. - Fix compilation of sandbox.c with musl-libc. Fixes bug 17347;
  1889. bugfix on 0.2.5.1-alpha. Patch from 'jamestk'.
  1890. - Fix search for libevent libraries on OpenBSD (and other systems
  1891. that install libevent 1 and libevent 2 in parallel). Fixes bug
  1892. 16651; bugfix on 0.1.0.7-rc. Patch from "rubiate".
  1893. - Isolate environment variables meant for tests from the rest of the
  1894. build system. Fixes bug 17818; bugfix on 0.2.7.3-rc.
  1895. - Replace usage of 'INLINE' with 'inline'. Fixes bug 17804; bugfix
  1896. on 0.0.2pre8.
  1897. - Remove config.log only from make distclean, not from make clean.
  1898. Fixes bug 17924; bugfix on 0.2.4.1-alpha.
  1899. o Minor bugfixes (crypto):
  1900. - Check the return value of HMAC() and assert on failure. Fixes bug
  1901. 17658; bugfix on 0.2.3.6-alpha. Patch by "teor".
  1902. o Minor bugfixes (fallback directories):
  1903. - Mark fallbacks as "too busy" when they return a 503 response,
  1904. rather than just marking authorities. Fixes bug 17572; bugfix on
  1905. 0.2.4.7-alpha. Patch by "teor".
  1906. o Minor bugfixes (IPv6):
  1907. - Update the limits in max_dl_per_request for IPv6 address length.
  1908. Fixes bug 17573; bugfix on 0.2.1.5-alpha.
  1909. o Minor bugfixes (linux seccomp2 sandbox):
  1910. - Fix a crash when using offline master ed25519 keys with the Linux
  1911. seccomp2 sandbox enabled. Fixes bug 17675; bugfix on 0.2.7.3-rc.
  1912. o Minor bugfixes (logging):
  1913. - In log messages that include a function name, use __FUNCTION__
  1914. instead of __PRETTY_FUNCTION__. In GCC, these are synonymous, but
  1915. with clang __PRETTY_FUNCTION__ has extra information we don't
  1916. need. Fixes bug 16563; bugfix on 0.0.2pre8. Fix by Tom van
  1917. der Woerdt.
  1918. - Remove needless quotes from a log message about unparseable
  1919. addresses. Fixes bug 17843; bugfix on 0.2.3.3-alpha.
  1920. o Minor bugfixes (portability):
  1921. - Remove an #endif from configure.ac so that we correctly detect the
  1922. presence of in6_addr.s6_addr32. Fixes bug 17923; bugfix
  1923. on 0.2.0.13-alpha.
  1924. o Minor bugfixes (relays):
  1925. - Check that both the ORPort and DirPort (if present) are reachable
  1926. before publishing a relay descriptor. Otherwise, relays publish a
  1927. descriptor with DirPort 0 when the DirPort reachability test takes
  1928. longer than the ORPort reachability test. Fixes bug 18050; bugfix
  1929. on 0.1.0.1-rc. Reported by "starlight", patch by "teor".
  1930. o Minor bugfixes (relays, hidden services):
  1931. - Refuse connection requests to private OR addresses unless
  1932. ExtendAllowPrivateAddresses is set. Previously, tor would connect,
  1933. then refuse to send any cells to a private address. Fixes bugs
  1934. 17674 and 8976; bugfix on 0.2.3.21-rc. Patch by "teor".
  1935. o Minor bugfixes (safe logging):
  1936. - When logging a malformed hostname received through socks4, scrub
  1937. it if SafeLogging says we should. Fixes bug 17419; bugfix
  1938. on 0.1.1.16-rc.
  1939. o Minor bugfixes (statistics code):
  1940. - Consistently check for overflow in round_*_to_next_multiple_of
  1941. functions, and add unit tests with additional and maximal values.
  1942. Fixes part of bug 13192; bugfix on 0.2.2.1-alpha.
  1943. - Handle edge cases in the laplace functions: avoid division by
  1944. zero, avoid taking the log of zero, and silence clang type
  1945. conversion warnings using round and trunc. Add unit tests for edge
  1946. cases with maximal values. Fixes part of bug 13192; bugfix
  1947. on 0.2.6.2-alpha.
  1948. o Minor bugfixes (testing):
  1949. - The test for log_heartbeat was incorrectly failing in timezones
  1950. with non-integer offsets. Instead of comparing the end of the time
  1951. string against a constant, compare it to the output of
  1952. format_local_iso_time when given the correct input. Fixes bug
  1953. 18039; bugfix on 0.2.5.4-alpha.
  1954. - Make unit tests pass on IPv6-only systems, and systems without
  1955. localhost addresses (like some FreeBSD jails). Fixes bug 17632;
  1956. bugfix on 0.2.7.3-rc. Patch by "teor".
  1957. - Fix a memory leak in the ntor test. Fixes bug 17778; bugfix
  1958. on 0.2.4.8-alpha.
  1959. - Check the full results of SHA256 and SHA512 digests in the unit
  1960. tests. Bugfix on 0.2.2.4-alpha. Patch by "teor".
  1961. o Code simplification and refactoring:
  1962. - Move logging of redundant policy entries in
  1963. policies_parse_exit_policy_internal into its own function. Closes
  1964. ticket 17608; patch from "juce".
  1965. - Extract the more complicated parts of circuit_mark_for_close()
  1966. into a new function that we run periodically before circuits are
  1967. freed. This change removes more than half of the functions
  1968. currently in the "blob". Closes ticket 17218.
  1969. - Clean up a little duplicated code in
  1970. crypto_expand_key_material_TAP(). Closes ticket 17587; patch
  1971. from "pfrankw".
  1972. - Decouple the list of streams waiting to be attached to circuits
  1973. from the overall connection list. This change makes it possible to
  1974. attach streams quickly while simplifying Tor's callgraph and
  1975. avoiding O(N) scans of the entire connection list. Closes
  1976. ticket 17590.
  1977. - When a direct directory request fails immediately on launch,
  1978. instead of relaunching that request from inside the code that
  1979. launches it, instead mark the connection for teardown. This change
  1980. simplifies Tor's callback and prevents the directory-request
  1981. launching code from invoking itself recursively. Closes
  1982. ticket 17589
  1983. - Remove code for configuring OpenSSL dynamic locks; OpenSSL doesn't
  1984. use them. Closes ticket 17926.
  1985. o Documentation:
  1986. - Add a description of the correct use of the '--keygen' command-
  1987. line option. Closes ticket 17583; based on text by 's7r'.
  1988. - Document the minimum HeartbeatPeriod value. Closes ticket 15638.
  1989. - Explain actual minima for BandwidthRate. Closes ticket 16382.
  1990. - Fix a minor formatting typo in the manpage. Closes ticket 17791.
  1991. - Mention torspec URL in the manpage and point the reader to it
  1992. whenever we mention a document that belongs in torspce. Fixes
  1993. issue 17392.
  1994. o Removed features:
  1995. - Remove client-side support for connecting to Tor relays running
  1996. versions of Tor before 0.2.3.6-alpha. These relays didn't support
  1997. the v3 TLS handshake protocol, and are no longer allowed on the
  1998. Tor network. Implements the client side of ticket 11150. Based on
  1999. patches by Tom van der Woerdt.
  2000. o Testing:
  2001. - Add unit tests to check for common RNG failure modes, such as
  2002. returning all zeroes, identical values, or incrementing values
  2003. (OpenSSL's rand_predictable feature). Patch by "teor".
  2004. - Log more information when the backtrace tests fail. Closes ticket
  2005. 17892. Patch from "cypherpunks."
  2006. - Always test both ed25519 backends, so that we can be sure that our
  2007. batch-open replacement code works. Part of ticket 16794.
  2008. - Cover dns_resolve_impl() in dns.c with unit tests. Implements a
  2009. portion of ticket 16831.
  2010. - More unit tests for compat_libevent.c, procmon.c, tortls.c,
  2011. util_format.c, directory.c, and options_validate.c. Closes tickets
  2012. 17075, 17082, 17084, 17003, and 17076 respectively. Patches from
  2013. Ola Bini.
  2014. - Unit tests for directory_handle_command_get. Closes ticket 17004.
  2015. Patch from Reinaldo de Souza Jr.
  2016. Changes in version 0.2.7.6 - 2015-12-10
  2017. Tor version 0.2.7.6 fixes a major bug in entry guard selection, as
  2018. well as a minor bug in hidden service reliability.
  2019. o Major bugfixes (guard selection):
  2020. - Actually look at the Guard flag when selecting a new directory
  2021. guard. When we implemented the directory guard design, we
  2022. accidentally started treating all relays as if they have the Guard
  2023. flag during guard selection, leading to weaker anonymity and worse
  2024. performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered
  2025. by Mohsen Imani.
  2026. o Minor features (geoip):
  2027. - Update geoip and geoip6 to the December 1 2015 Maxmind GeoLite2
  2028. Country database.
  2029. o Minor bugfixes (compilation):
  2030. - When checking for net/pfvar.h, include netinet/in.h if possible.
  2031. This fixes transparent proxy detection on OpenBSD. Fixes bug
  2032. 17551; bugfix on 0.1.2.1-alpha. Patch from "rubiate".
  2033. - Fix a compilation warning with Clang 3.6: Do not check the
  2034. presence of an address which can never be NULL. Fixes bug 17781.
  2035. o Minor bugfixes (correctness):
  2036. - When displaying an IPv6 exit policy, include the mask bits
  2037. correctly even when the number is greater than 31. Fixes bug
  2038. 16056; bugfix on 0.2.4.7-alpha. Patch from "gturner".
  2039. - The wrong list was used when looking up expired intro points in a
  2040. rend service object, causing what we think could be reachability
  2041. issues for hidden services, and triggering a BUG log. Fixes bug
  2042. 16702; bugfix on 0.2.7.2-alpha.
  2043. - Fix undefined behavior in the tor_cert_checksig function. Fixes
  2044. bug 17722; bugfix on 0.2.7.2-alpha.
  2045. Changes in version 0.2.7.5 - 2015-11-20
  2046. The Tor 0.2.7 release series is dedicated to the memory of Tor user
  2047. and privacy advocate Caspar Bowden (1961-2015). Caspar worked
  2048. tirelessly to advocate human rights regardless of national borders,
  2049. and oppose the encroachments of mass surveillance. He opposed national
  2050. exceptionalism, he brought clarity to legal and policy debates, he
  2051. understood and predicted the impact of mass surveillance on the world,
  2052. and he laid the groundwork for resisting it. While serving on the Tor
  2053. Project's board of directors, he brought us his uncompromising focus
  2054. on technical excellence in the service of humankind. Caspar was an
  2055. inimitable force for good and a wonderful friend. He was kind,
  2056. humorous, generous, gallant, and believed we should protect one
  2057. another without exception. We honor him here for his ideals, his
  2058. efforts, and his accomplishments. Please honor his memory with works
  2059. that would make him proud.
  2060. Tor 0.2.7.5 is the first stable release in the Tor 0.2.7 series.
  2061. The 0.2.7 series adds a more secure identity key type for relays,
  2062. improves cryptography performance, resolves several longstanding
  2063. hidden-service performance issues, improves controller support for
  2064. hidden services, and includes small bugfixes and performance
  2065. improvements throughout the program. This release series also includes
  2066. more tests than before, and significant simplifications to which parts
  2067. of Tor invoke which others.
  2068. (This release contains no code changes since 0.2.7.4-rc.)
  2069. Changes in version 0.2.7.4-rc - 2015-10-21
  2070. Tor 0.2.7.4-rc is the second release candidate in the 0.2.7 series. It
  2071. fixes some important memory leaks, and a scary-looking (but mostly
  2072. harmless in practice) invalid-read bug. It also has a few small
  2073. bugfixes, notably fixes for compilation and portability on different
  2074. platforms. If no further significant bounds are found, the next
  2075. release will the the official stable release.
  2076. o Major bugfixes (security, correctness):
  2077. - Fix an error that could cause us to read 4 bytes before the
  2078. beginning of an openssl string. This bug could be used to cause
  2079. Tor to crash on systems with unusual malloc implementations, or
  2080. systems with unusual hardening installed. Fixes bug 17404; bugfix
  2081. on 0.2.3.6-alpha.
  2082. o Major bugfixes (correctness):
  2083. - Fix a use-after-free bug in validate_intro_point_failure(). Fixes
  2084. bug 17401; bugfix on 0.2.7.3-rc.
  2085. o Major bugfixes (memory leaks):
  2086. - Fix a memory leak in ed25519 batch signature checking. Fixes bug
  2087. 17398; bugfix on 0.2.6.1-alpha.
  2088. - Fix a memory leak in rend_cache_failure_entry_free(). Fixes bug
  2089. 17402; bugfix on 0.2.7.3-rc.
  2090. - Fix a memory leak when reading an expired signing key from disk.
  2091. Fixes bug 17403; bugfix on 0.2.7.2-rc.
  2092. o Minor features (geoIP):
  2093. - Update geoip and geoip6 to the October 9 2015 Maxmind GeoLite2
  2094. Country database.
  2095. o Minor bugfixes (compilation):
  2096. - Repair compilation with the most recent (unreleased, alpha)
  2097. vesions of OpenSSL 1.1. Fixes part of ticket 17237.
  2098. - Fix an integer overflow warning in test_crypto_slow.c. Fixes bug
  2099. 17251; bugfix on 0.2.7.2-alpha.
  2100. - Fix compilation of sandbox.c with musl-libc. Fixes bug 17347;
  2101. bugfix on 0.2.5.1-alpha. Patch from 'jamestk'.
  2102. o Minor bugfixes (portability):
  2103. - Use libexecinfo on FreeBSD to enable backtrace support. Fixes
  2104. part of bug 17151; bugfix on 0.2.5.2-alpha. Patch from
  2105. Marcin Cieślak.
  2106. o Minor bugfixes (sandbox):
  2107. - Add the "hidserv-stats" filename to our sandbox filter for the
  2108. HiddenServiceStatistics option to work properly. Fixes bug 17354;
  2109. bugfix on 0.2.6.2-alpha. Patch from David Goulet.
  2110. o Minor bugfixes (testing):
  2111. - Add unit tests for get_interface_address* failure cases. Fixes bug
  2112. 17173; bugfix on 0.2.7.3-rc. Patch by fk/teor.
  2113. - Fix breakage when running 'make check' with BSD make. Fixes bug
  2114. 17154; bugfix on 0.2.7.3-rc. Patch by Marcin Cieślak.
  2115. - Make the get_ifaddrs_* unit tests more tolerant of different
  2116. network configurations. (Don't assume every test box has an IPv4
  2117. address, and don't assume every test box has a non-localhost
  2118. address.) Fixes bug 17255; bugfix on 0.2.7.3-rc. Patch by "teor".
  2119. - Skip backtrace tests when backtrace support is not compiled in.
  2120. Fixes part of bug 17151; bugfix on 0.2.7.1-alpha. Patch from
  2121. Marcin Cieślak.
  2122. o Documentation:
  2123. - Fix capitalization of SOCKS in sample torrc. Closes ticket 15609.
  2124. - Note that HiddenServicePorts can take a unix domain socket. Closes
  2125. ticket 17364.
  2126. Changes in version 0.2.7.3-rc - 2015-09-25
  2127. Tor 0.2.7.3-rc is the first release candidate in the 0.2.7 series. It
  2128. contains numerous usability fixes for Ed25519 keys, safeguards against
  2129. several misconfiguration problems, significant simplifications to
  2130. Tor's callgraph, and numerous bugfixes and small features.
  2131. This is the most tested release of Tor to date. The unit tests cover
  2132. 39.40% of the code, and the integration tests (accessible with "make
  2133. test-full-online", requiring stem and chutney and a network
  2134. connection) raise the coverage to 64.49%.
  2135. o Major features (security, hidden services):
  2136. - Hidden services, if using the EntryNodes option, are required to
  2137. use more than one EntryNode, in order to avoid a guard discovery
  2138. attack. (This would only affect people who had configured hidden
  2139. services and manually specified the EntryNodes option with a
  2140. single entry-node. The impact was that it would be easy to
  2141. remotely identify the guard node used by such a hidden service.
  2142. See ticket for more information.) Fixes ticket 14917.
  2143. o Major features (Ed25519 keys, keypinning):
  2144. - The key-pinning option on directory authorities is now advisory-
  2145. only by default. In a future version, or when the AuthDirPinKeys
  2146. option is set, pins are enforced again. Disabling key-pinning
  2147. seemed like a good idea so that we can survive the fallout of any
  2148. usability problems associated with Ed25519 keys. Closes
  2149. ticket 17135.
  2150. o Major features (Ed25519 performance):
  2151. - Improve the speed of Ed25519 operations and Curve25519 keypair
  2152. generation when built targeting 32 bit x86 platforms with SSE2
  2153. available. Implements ticket 16535.
  2154. - Improve the runtime speed of Ed25519 signature verification by
  2155. using Ed25519-donna's batch verification support. Implements
  2156. ticket 16533.
  2157. o Major features (performance testing):
  2158. - The test-network.sh script now supports performance testing.
  2159. Requires corresponding chutney performance testing changes. Patch
  2160. by "teor". Closes ticket 14175.
  2161. o Major features (relay, Ed25519):
  2162. - Significant usability improvements for Ed25519 key management. Log
  2163. messages are better, and the code can recover from far more
  2164. failure conditions. Thanks to "s7r" for reporting and diagnosing
  2165. so many of these!
  2166. - Add a new OfflineMasterKey option to tell Tor never to try loading
  2167. or generating a secret Ed25519 identity key. You can use this in
  2168. combination with tor --keygen to manage offline and/or encrypted
  2169. Ed25519 keys. Implements ticket 16944.
  2170. - Add a --newpass option to allow changing or removing the
  2171. passphrase of an encrypted key with tor --keygen. Implements part
  2172. of ticket 16769.
  2173. - On receiving a HUP signal, check to see whether the Ed25519
  2174. signing key has changed, and reload it if so. Closes ticket 16790.
  2175. o Major bugfixes (relay, Ed25519):
  2176. - Avoid crashing on 'tor --keygen'. Fixes bug 16679; bugfix on
  2177. 0.2.7.2-alpha. Reported by "s7r".
  2178. - Improve handling of expired signing keys with offline master keys.
  2179. Fixes bug 16685; bugfix on 0.2.7.2-alpha. Reported by "s7r".
  2180. o Minor features (client-side privacy):
  2181. - New KeepAliveIsolateSOCKSAuth option to indefinitely extend circuit
  2182. lifespan when IsolateSOCKSAuth and streams with SOCKS
  2183. authentication are attached to the circuit. This allows
  2184. applications like TorBrowser to manage circuit lifetime on their
  2185. own. Implements feature 15482.
  2186. - When logging malformed hostnames from SOCKS5 requests, respect
  2187. SafeLogging configuration. Fixes bug 16891; bugfix on 0.1.1.16-rc.
  2188. o Minor features (compilation):
  2189. - Give a warning as early as possible when trying to build with an
  2190. unsupported OpenSSL version. Closes ticket 16901.
  2191. - Fail during configure if we're trying to build against an OpenSSL
  2192. built without ECC support. Fixes bug 17109, bugfix on 0.2.7.1-alpha
  2193. which started requiring ECC.
  2194. o Minor features (geoip):
  2195. - Update geoip and geoip6 to the September 3 2015 Maxmind GeoLite2
  2196. Country database.
  2197. o Minor features (hidden services):
  2198. - Relays need to have the Fast flag to get the HSDir flag. As this
  2199. is being written, we'll go from 2745 HSDirs down to 2342, a ~14%
  2200. drop. This change should make some attacks against the hidden
  2201. service directory system harder. Fixes ticket 15963.
  2202. - Turn on hidden service statistics collection by setting the torrc
  2203. option HiddenServiceStatistics to "1" by default. (This keeps
  2204. track only of the fraction of traffic used by hidden services, and
  2205. the total number of hidden services in existence.) Closes
  2206. ticket 15254.
  2207. - Client now uses an introduction point failure cache to know when
  2208. to fetch or keep a descriptor in their cache. Previously, failures
  2209. were recorded implicitly, but not explicitly remembered. Closes
  2210. ticket 16389.
  2211. o Minor features (testing, authorities, documentation):
  2212. - New TestingDirAuthVote{Exit,Guard,HSDir}IsStrict flags to
  2213. explicitly manage consensus flags in testing networks. Patch by
  2214. "robgjansen", modified by "teor". Implements part of ticket 14882.
  2215. o Minor bugfixes (security, exit policies):
  2216. - ExitPolicyRejectPrivate now also rejects the relay's published
  2217. IPv6 address (if any), and any publicly routable IPv4 or IPv6
  2218. addresses on any local interfaces. ticket 17027. Patch by "teor".
  2219. Fixes bug 17027; bugfix on 0.2.0.11-alpha.
  2220. o Minor bug fixes (torrc exit policies):
  2221. - In torrc, "accept6 *" and "reject6 *" ExitPolicy lines now only
  2222. produce IPv6 wildcard addresses. Previously they would produce
  2223. both IPv4 and IPv6 wildcard addresses. Patch by "teor". Fixes part
  2224. of bug 16069; bugfix on 0.2.4.7-alpha.
  2225. - When parsing torrc ExitPolicies, we now warn for a number of cases
  2226. where the user's intent is likely to differ from Tor's actual
  2227. behavior. These include: using an IPv4 address with an accept6 or
  2228. reject6 line; using "private" on an accept6 or reject6 line; and
  2229. including any ExitPolicy lines after accept *:* or reject *:*.
  2230. Related to ticket 16069.
  2231. - When parsing torrc ExitPolicies, we now issue an info-level
  2232. message when expanding an "accept/reject *" line to include both
  2233. IPv4 and IPv6 wildcard addresses. Related to ticket 16069.
  2234. - In each instance above, usage advice is provided to avoid the
  2235. message. Resolves ticket 16069. Patch by "teor". Fixes part of bug
  2236. 16069; bugfix on 0.2.4.7-alpha.
  2237. o Minor bugfixes (authority):
  2238. - Don't assign "HSDir" to a router if it isn't Valid and Running.
  2239. Fixes bug 16524; bugfix on 0.2.7.2-alpha.
  2240. - Downgrade log messages about Ed25519 key issues if they are in old
  2241. cached router descriptors. Fixes part of bug 16286; bugfix
  2242. on 0.2.7.2-alpha.
  2243. - When we find an Ed25519 key issue in a cached descriptor, stop
  2244. saying the descriptor was just "uploaded". Fixes another part of
  2245. bug 16286; bugfix on 0.2.7.2-alpha.
  2246. o Minor bugfixes (control port):
  2247. - Repair a warning and a spurious result when getting the maximum
  2248. number of file descriptors from the controller. Fixes bug 16697;
  2249. bugfix on 0.2.7.2-alpha.
  2250. o Minor bugfixes (correctness):
  2251. - When calling channel_free_list(), avoid calling smartlist_remove()
  2252. while inside a FOREACH loop. This partially reverts commit
  2253. 17356fe7fd96af where the correct SMARTLIST_DEL_CURRENT was
  2254. incorrectly removed. Fixes bug 16924; bugfix on 0.2.4.4-alpha.
  2255. o Minor bugfixes (documentation):
  2256. - Advise users on how to configure separate IPv4 and IPv6 exit
  2257. policies in the manpage and sample torrcs. Related to ticket 16069.
  2258. - Fix the usage message of tor-resolve(1) so that it no longer lists
  2259. the removed -F option. Fixes bug 16913; bugfix on 0.2.2.28-beta.
  2260. - Fix an error in the manual page and comments for
  2261. TestingDirAuthVoteHSDir[IsStrict], which suggested that a HSDir
  2262. required "ORPort connectivity". While this is true, it is in no
  2263. way unique to the HSDir flag. Of all the flags, only HSDirs need a
  2264. DirPort configured in order for the authorities to assign that
  2265. particular flag. Patch by "teor". Fixed as part of 14882; bugfix
  2266. on 0.2.6.3-alpha.
  2267. o Minor bugfixes (Ed25519):
  2268. - Fix a memory leak when reading router descriptors with expired
  2269. Ed25519 certificates. Fixes bug 16539; bugfix on 0.2.7.2-alpha.
  2270. o Minor bugfixes (linux seccomp2 sandbox):
  2271. - Allow bridge authorities to run correctly under the seccomp2
  2272. sandbox. Fixes bug 16964; bugfix on 0.2.5.1-alpha.
  2273. - Allow routers with ed25519 keys to run correctly under the
  2274. seccomp2 sandbox. Fixes bug 16965; bugfix on 0.2.7.2-alpha.
  2275. o Minor bugfixes (open file limit):
  2276. - Fix set_max_file_descriptors() to set by default the max open file
  2277. limit to the current limit when setrlimit() fails. Fixes bug
  2278. 16274; bugfix on 0.2.0.10-alpha. Patch by dgoulet.
  2279. o Minor bugfixes (portability):
  2280. - Try harder to normalize the exit status of the Tor process to the
  2281. standard-provided range. Fixes bug 16975; bugfix on every version
  2282. of Tor ever.
  2283. - Check correctly for Windows socket errors in the workqueue
  2284. backend. Fixes bug 16741; bugfix on 0.2.6.3-alpha.
  2285. - Fix the behavior of crypto_rand_time_range() when told to consider
  2286. times before 1970. (These times were possible when running in a
  2287. simulated network environment where time()'s output starts at
  2288. zero.) Fixes bug 16980; bugfix on 0.2.7.1-alpha.
  2289. - Restore correct operation of TLS client-cipher detection on
  2290. OpenSSL 1.1. Fixes bug 14047; bugfix on 0.2.7.2-alpha.
  2291. o Minor bugfixes (relay):
  2292. - Ensure that worker threads actually exit when a fatal error or
  2293. shutdown is indicated. This fix doesn't currently affect the
  2294. behavior of Tor, because Tor workers never indicates fatal error
  2295. or shutdown except in the unit tests. Fixes bug 16868; bugfix
  2296. on 0.2.6.3-alpha.
  2297. - Unblock threads before releasing the work queue mutex to ensure
  2298. predictable scheduling behavior. Fixes bug 16644; bugfix
  2299. on 0.2.6.3-alpha.
  2300. o Code simplification and refactoring:
  2301. - Change the function that's called when we need to retry all
  2302. downloads so that it only reschedules the downloads to happen
  2303. immediately, rather than launching them all at once itself. This
  2304. further simplifies Tor's callgraph.
  2305. - Move some format-parsing functions out of crypto.c and
  2306. crypto_curve25519.c into crypto_format.c and/or util_format.c.
  2307. - Move the client-only parts of init_keys() into a separate
  2308. function. Closes ticket 16763.
  2309. - Simplify the microdesc_free() implementation so that it no longer
  2310. appears (to code analysis tools) to potentially invoke a huge
  2311. suite of other microdesc functions.
  2312. - Simply the control graph further by deferring the inner body of
  2313. directory_all_unreachable() into a callback. Closes ticket 16762.
  2314. - Treat the loss of an owning controller as equivalent to a SIGTERM
  2315. signal. This removes a tiny amount of duplicated code, and
  2316. simplifies our callgraph. Closes ticket 16788.
  2317. - When generating an event to send to the controller, we no longer
  2318. put the event over the network immediately. Instead, we queue
  2319. these events, and use a Libevent callback to deliver them. This
  2320. change simplifies Tor's callgraph by reducing the number of
  2321. functions from which all other Tor functions are reachable. Closes
  2322. ticket 16695.
  2323. - Wrap Windows-only C files inside '#ifdef _WIN32' so that tools
  2324. that try to scan or compile every file on Unix won't decide that
  2325. they are broken.
  2326. - Remove the unused "nulterminate" argument from buf_pullup().
  2327. o Documentation:
  2328. - Recommend a 40 GB example AccountingMax in torrc.sample rather
  2329. than a 4 GB max. Closes ticket 16742.
  2330. - Include the TUNING document in our source tarball. It is referred
  2331. to in the ChangeLog and an error message. Fixes bug 16929; bugfix
  2332. on 0.2.6.1-alpha.
  2333. o Removed code:
  2334. - The internal pure-C tor-fw-helper tool is now removed from the Tor
  2335. distribution, in favor of the pure-Go clone available from
  2336. https://gitweb.torproject.org/tor-fw-helper.git/ . The libraries
  2337. used by the C tor-fw-helper are not, in our opinion, very
  2338. confidence- inspiring in their secure-programming techniques.
  2339. Closes ticket 13338.
  2340. - Remove the code that would try to aggressively flush controller
  2341. connections while writing to them. This code was introduced in
  2342. 0.1.2.7-alpha, in order to keep output buffers from exceeding
  2343. their limits. But there is no longer a maximum output buffer size,
  2344. and flushing data in this way caused some undesirable recursions
  2345. in our call graph. Closes ticket 16480.
  2346. o Testing:
  2347. - Make "bridges+hs" the default test network. This tests almost all
  2348. tor functionality during make test-network, while allowing tests
  2349. to succeed on non-IPv6 systems. Requires chutney commit 396da92 in
  2350. test-network-bridges-hs. Closes tickets 16945 (tor) and 16946
  2351. (chutney). Patches by "teor".
  2352. - Autodetect CHUTNEY_PATH if the chutney and Tor sources are side-
  2353. by-side in the same parent directory. Closes ticket 16903. Patch
  2354. by "teor".
  2355. - Use environment variables rather than autoconf substitutions to
  2356. send variables from the build system to the test scripts. This
  2357. change should be easier to maintain, and cause 'make distcheck' to
  2358. work better than before. Fixes bug 17148.
  2359. - Add a new set of callgraph analysis scripts that use clang to
  2360. produce a list of which Tor functions are reachable from which
  2361. other Tor functions. We're planning to use these to help simplify
  2362. our code structure by identifying illogical dependencies.
  2363. - Add new 'test-full' and 'test-full-online' targets to run all
  2364. tests, including integration tests with stem and chutney.
  2365. - Make the test-workqueue test work on Windows by initializing the
  2366. network before we begin.
  2367. - New make target (make test-network-all) to run multiple applicable
  2368. chutney test cases. Patch from Teor; closes 16953.
  2369. - Unit test dns_resolve(), dns_clip_ttl() and dns_get_expiry_ttl()
  2370. functions in dns.c. Implements a portion of ticket 16831.
  2371. - When building Tor with testing coverage enabled, run Chutney tests
  2372. (if any) using the 'tor-cov' coverage binary.
  2373. - When running test-network or test-stem, check for the absence of
  2374. stem/chutney before doing any build operations.
  2375. Changes in version 0.2.7.2-alpha - 2015-07-27
  2376. This, the second alpha in the Tor 0.2.7 series, has a number of new
  2377. features, including a way to manually pick the number of introduction
  2378. points for hidden services, and the much stronger Ed25519 signing key
  2379. algorithm for regular Tor relays (including support for encrypted
  2380. offline identity keys in the new algorithm).
  2381. Support for Ed25519 on relays is currently limited to signing router
  2382. descriptors; later alphas in this series will extend Ed25519 key
  2383. support to more parts of the Tor protocol.
  2384. o Major features (Ed25519 identity keys, Proposal 220):
  2385. - All relays now maintain a stronger identity key, using the Ed25519
  2386. elliptic curve signature format. This master key is designed so
  2387. that it can be kept offline. Relays also generate an online
  2388. signing key, and a set of other Ed25519 keys and certificates.
  2389. These are all automatically regenerated and rotated as needed.
  2390. Implements part of ticket 12498.
  2391. - Directory authorities now vote on Ed25519 identity keys along with
  2392. RSA1024 keys. Implements part of ticket 12498.
  2393. - Directory authorities track which Ed25519 identity keys have been
  2394. used with which RSA1024 identity keys, and do not allow them to
  2395. vary freely. Implements part of ticket 12498.
  2396. - Microdescriptors now include Ed25519 identity keys. Implements
  2397. part of ticket 12498.
  2398. - Add support for offline encrypted Ed25519 master keys. To use this
  2399. feature on your tor relay, run "tor --keygen" to make a new master
  2400. key (or to make a new signing key if you already have a master
  2401. key). Closes ticket 13642.
  2402. o Major features (Hidden services):
  2403. - Add the torrc option HiddenServiceNumIntroductionPoints, to
  2404. specify a fixed number of introduction points. Its maximum value
  2405. is 10 and default is 3. Using this option can increase a hidden
  2406. service's reliability under load, at the cost of making it more
  2407. visible that the hidden service is facing extra load. Closes
  2408. ticket 4862.
  2409. - Remove the adaptive algorithm for choosing the number of
  2410. introduction points, which used to change the number of
  2411. introduction points (poorly) depending on the number of
  2412. connections the HS sees. Closes ticket 4862.
  2413. o Major features (onion key cross-certification):
  2414. - Relay descriptors now include signatures of their own identity
  2415. keys, made using the TAP and ntor onion keys. These signatures
  2416. allow relays to prove ownership of their own onion keys. Because
  2417. of this change, microdescriptors will no longer need to include
  2418. RSA identity keys. Implements proposal 228; closes ticket 12499.
  2419. o Major features (performance):
  2420. - Improve the runtime speed of Ed25519 operations by using the
  2421. public-domain Ed25519-donna by Andrew M. ("floodyberry").
  2422. Implements ticket 16467.
  2423. - Improve the runtime speed of the ntor handshake by using an
  2424. optimized curve25519 basepoint scalarmult implementation from the
  2425. public-domain Ed25519-donna by Andrew M. ("floodyberry"), based on
  2426. ideas by Adam Langley. Implements ticket 9663.
  2427. o Major bugfixes (client-side privacy, also in 0.2.6.9):
  2428. - Properly separate out each SOCKSPort when applying stream
  2429. isolation. The error occurred because each port's session group
  2430. was being overwritten by a default value when the listener
  2431. connection was initialized. Fixes bug 16247; bugfix on
  2432. 0.2.6.3-alpha. Patch by "jojelino".
  2433. o Major bugfixes (hidden service clients, stability, also in 0.2.6.10):
  2434. - Stop refusing to store updated hidden service descriptors on a
  2435. client. This reverts commit 9407040c59218 (which indeed fixed bug
  2436. 14219, but introduced a major hidden service reachability
  2437. regression detailed in bug 16381). This is a temporary fix since
  2438. we can live with the minor issue in bug 14219 (it just results in
  2439. some load on the network) but the regression of 16381 is too much
  2440. of a setback. First-round fix for bug 16381; bugfix
  2441. on 0.2.6.3-alpha.
  2442. o Major bugfixes (hidden services):
  2443. - When cannibalizing a circuit for an introduction point, always
  2444. extend to the chosen exit node (creating a 4 hop circuit).
  2445. Previously Tor would use the current circuit exit node, which
  2446. changed the original choice of introduction point, and could cause
  2447. the hidden service to skip excluded introduction points or
  2448. reconnect to a skipped introduction point. Fixes bug 16260; bugfix
  2449. on 0.1.0.1-rc.
  2450. o Major bugfixes (open file limit):
  2451. - The open file limit wasn't checked before calling
  2452. tor_accept_socket_nonblocking(), which would make Tor exceed the
  2453. limit. Now, before opening a new socket, Tor validates the open
  2454. file limit just before, and if the max has been reached, return an
  2455. error. Fixes bug 16288; bugfix on 0.1.1.1-alpha.
  2456. o Major bugfixes (stability, also in 0.2.6.10):
  2457. - Stop crashing with an assertion failure when parsing certain kinds
  2458. of malformed or truncated microdescriptors. Fixes bug 16400;
  2459. bugfix on 0.2.6.1-alpha. Found by "torkeln"; fix based on a patch
  2460. by "cypherpunks_backup".
  2461. - Stop random client-side assertion failures that could occur when
  2462. connecting to a busy hidden service, or connecting to a hidden
  2463. service while a NEWNYM is in progress. Fixes bug 16013; bugfix
  2464. on 0.1.0.1-rc.
  2465. o Minor features (directory authorities, security, also in 0.2.6.9):
  2466. - The HSDir flag given by authorities now requires the Stable flag.
  2467. For the current network, this results in going from 2887 to 2806
  2468. HSDirs. Also, it makes it harder for an attacker to launch a sybil
  2469. attack by raising the effort for a relay to become Stable to
  2470. require at the very least 7 days, while maintaining the 96 hours
  2471. uptime requirement for HSDir. Implements ticket 8243.
  2472. o Minor features (client):
  2473. - Relax the validation of hostnames in SOCKS5 requests, allowing the
  2474. character '_' to appear, in order to cope with domains observed in
  2475. the wild that are serving non-RFC compliant records. Resolves
  2476. ticket 16430.
  2477. - Relax the validation done to hostnames in SOCKS5 requests, and
  2478. allow a single trailing '.' to cope with clients that pass FQDNs
  2479. using that syntax to explicitly indicate that the domain name is
  2480. fully-qualified. Fixes bug 16674; bugfix on 0.2.6.2-alpha.
  2481. - Add GroupWritable and WorldWritable options to unix-socket based
  2482. SocksPort and ControlPort options. These options apply to a single
  2483. socket, and override {Control,Socks}SocketsGroupWritable. Closes
  2484. ticket 15220.
  2485. o Minor features (control protocol):
  2486. - Support network-liveness GETINFO key and NETWORK_LIVENESS event in
  2487. the control protocol. Resolves ticket 15358.
  2488. o Minor features (directory authorities):
  2489. - Directory authorities no longer vote against the "Fast", "Stable",
  2490. and "HSDir" flags just because they were going to vote against
  2491. "Running": if the consensus turns out to be that the router was
  2492. running, then the authority's vote should count. Patch from Peter
  2493. Retzlaff; closes issue 8712.
  2494. o Minor features (geoip, also in 0.2.6.10):
  2495. - Update geoip to the June 3 2015 Maxmind GeoLite2 Country database.
  2496. - Update geoip6 to the June 3 2015 Maxmind GeoLite2 Country database.
  2497. o Minor features (hidden services):
  2498. - Add the new options "HiddenServiceMaxStreams" and
  2499. "HiddenServiceMaxStreamsCloseCircuit" to allow hidden services to
  2500. limit the maximum number of simultaneous streams per circuit, and
  2501. optionally tear down the circuit when the limit is exceeded. Part
  2502. of ticket 16052.
  2503. o Minor features (portability):
  2504. - Use C99 variadic macros when the compiler is not GCC. This avoids
  2505. failing compilations on MSVC, and fixes a log-file-based race
  2506. condition in our old workarounds. Original patch from Gisle Vanem.
  2507. o Minor bugfixes (compilation, also in 0.2.6.9):
  2508. - Build with --enable-systemd correctly when libsystemd is
  2509. installed, but systemd is not. Fixes bug 16164; bugfix on
  2510. 0.2.6.3-alpha. Patch from Peter Palfrader.
  2511. o Minor bugfixes (controller):
  2512. - Add the descriptor ID in each HS_DESC control event. It was
  2513. missing, but specified in control-spec.txt. Fixes bug 15881;
  2514. bugfix on 0.2.5.2-alpha.
  2515. o Minor bugfixes (crypto error-handling, also in 0.2.6.10):
  2516. - Check for failures from crypto_early_init, and refuse to continue.
  2517. A previous typo meant that we could keep going with an
  2518. uninitialized crypto library, and would have OpenSSL initialize
  2519. its own PRNG. Fixes bug 16360; bugfix on 0.2.5.2-alpha, introduced
  2520. when implementing ticket 4900. Patch by "teor".
  2521. o Minor bugfixes (hidden services):
  2522. - Fix a crash when reloading configuration while at least one
  2523. configured and one ephemeral hidden service exists. Fixes bug
  2524. 16060; bugfix on 0.2.7.1-alpha.
  2525. - Avoid crashing with a double-free bug when we create an ephemeral
  2526. hidden service but adding it fails for some reason. Fixes bug
  2527. 16228; bugfix on 0.2.7.1-alpha.
  2528. o Minor bugfixes (Linux seccomp2 sandbox):
  2529. - Use the sandbox in tor_open_cloexec whether or not O_CLOEXEC is
  2530. defined. Patch by "teor". Fixes bug 16515; bugfix on 0.2.3.1-alpha.
  2531. o Minor bugfixes (Linux seccomp2 sandbox, also in 0.2.6.10):
  2532. - Allow pipe() and pipe2() syscalls in the seccomp2 sandbox: we need
  2533. these when eventfd2() support is missing. Fixes bug 16363; bugfix
  2534. on 0.2.6.3-alpha. Patch from "teor".
  2535. o Minor bugfixes (Linux seccomp2 sandbox, also in 0.2.6.9):
  2536. - Fix sandboxing to work when running as a relay, by allowing the
  2537. renaming of secret_id_key, and allowing the eventfd2 and futex
  2538. syscalls. Fixes bug 16244; bugfix on 0.2.6.1-alpha. Patch by
  2539. Peter Palfrader.
  2540. - Allow systemd connections to work with the Linux seccomp2 sandbox
  2541. code. Fixes bug 16212; bugfix on 0.2.6.2-alpha. Patch by
  2542. Peter Palfrader.
  2543. o Minor bugfixes (relay):
  2544. - Fix a rarely-encountered memory leak when failing to initialize
  2545. the thread pool. Fixes bug 16631; bugfix on 0.2.6.3-alpha. Patch
  2546. from "cypherpunks".
  2547. o Minor bugfixes (systemd):
  2548. - Fix an accidental formatting error that broke the systemd
  2549. configuration file. Fixes bug 16152; bugfix on 0.2.7.1-alpha.
  2550. - Tor's systemd unit file no longer contains extraneous spaces.
  2551. These spaces would sometimes confuse tools like deb-systemd-
  2552. helper. Fixes bug 16162; bugfix on 0.2.5.5-alpha.
  2553. o Minor bugfixes (tests):
  2554. - Use the configured Python executable when running test-stem-full.
  2555. Fixes bug 16470; bugfix on 0.2.7.1-alpha.
  2556. o Minor bugfixes (tests, also in 0.2.6.9):
  2557. - Fix a crash in the unit tests when built with MSVC2013. Fixes bug
  2558. 16030; bugfix on 0.2.6.2-alpha. Patch from "NewEraCracker".
  2559. o Minor bugfixes (threads, comments):
  2560. - Always initialize return value in compute_desc_id in rendcommon.c
  2561. Patch by "teor". Fixes part of bug 16115; bugfix on 0.2.7.1-alpha.
  2562. - Check for NULL values in getinfo_helper_onions(). Patch by "teor".
  2563. Fixes part of bug 16115; bugfix on 0.2.7.1-alpha.
  2564. - Remove undefined directive-in-macro in test_util_writepid clang
  2565. 3.7 complains that using a preprocessor directive inside a macro
  2566. invocation in test_util_writepid in test_util.c is undefined.
  2567. Patch by "teor". Fixes part of bug 16115; bugfix on 0.2.7.1-alpha.
  2568. o Code simplification and refactoring:
  2569. - Define WINVER and _WIN32_WINNT centrally, in orconfig.h, in order
  2570. to ensure they remain consistent and visible everywhere.
  2571. - Remove some vestigial workarounds for the MSVC6 compiler. We
  2572. haven't supported that in ages.
  2573. - The link authentication code has been refactored for better
  2574. testability and reliability. It now uses code generated with the
  2575. "trunnel" binary encoding generator, to reduce the risk of bugs
  2576. due to programmer error. Done as part of ticket 12498.
  2577. o Documentation:
  2578. - Include a specific and (hopefully) accurate documentation of the
  2579. torrc file's meta-format in doc/torrc_format.txt. This is mainly
  2580. of interest to people writing programs to parse or generate torrc
  2581. files. This document is not a commitment to long-term
  2582. compatibility; some aspects of the current format are a bit
  2583. ridiculous. Closes ticket 2325.
  2584. o Removed features:
  2585. - Tor no longer supports copies of OpenSSL that are missing support
  2586. for Elliptic Curve Cryptography. (We began using ECC when
  2587. available in 0.2.4.8-alpha, for more safe and efficient key
  2588. negotiation.) In particular, support for at least one of P256 or
  2589. P224 is now required, with manual configuration needed if only
  2590. P224 is available. Resolves ticket 16140.
  2591. - Tor no longer supports versions of OpenSSL before 1.0. (If you are
  2592. on an operating system that has not upgraded to OpenSSL 1.0 or
  2593. later, and you compile Tor from source, you will need to install a
  2594. more recent OpenSSL to link Tor against.) These versions of
  2595. OpenSSL are still supported by the OpenSSL, but the numerous
  2596. cryptographic improvements in later OpenSSL releases makes them a
  2597. clear choice. Resolves ticket 16034.
  2598. - Remove the HidServDirectoryV2 option. Now all relays offer to
  2599. store hidden service descriptors. Related to 16543.
  2600. - Remove the VoteOnHidServDirectoriesV2 option, since all
  2601. authorities have long set it to 1. Closes ticket 16543.
  2602. o Testing:
  2603. - Document use of coverity, clang static analyzer, and clang dynamic
  2604. undefined behavior and address sanitizers in doc/HACKING. Include
  2605. detailed usage instructions in the blacklist. Patch by "teor".
  2606. Closes ticket 15817.
  2607. - The link authentication protocol code now has extensive tests.
  2608. - The relay descriptor signature testing code now has
  2609. extensive tests.
  2610. - The test_workqueue program now runs faster, and is enabled by
  2611. default as a part of "make check".
  2612. - Now that OpenSSL has its own scrypt implementation, add an unit
  2613. test that checks for interoperability between libscrypt_scrypt()
  2614. and OpenSSL's EVP_PBE_scrypt() so that we could not use libscrypt
  2615. and rely on EVP_PBE_scrypt() whenever possible. Resolves
  2616. ticket 16189.
  2617. Changes in version 0.2.6.10 - 2015-07-12
  2618. Tor version 0.2.6.10 fixes some significant stability and hidden
  2619. service client bugs, bulletproofs the cryptography init process, and
  2620. fixes a bug when using the sandbox code with some older versions of
  2621. Linux. Everyone running an older version, especially an older version
  2622. of 0.2.6, should upgrade.
  2623. o Major bugfixes (hidden service clients, stability):
  2624. - Stop refusing to store updated hidden service descriptors on a
  2625. client. This reverts commit 9407040c59218 (which indeed fixed bug
  2626. 14219, but introduced a major hidden service reachability
  2627. regression detailed in bug 16381). This is a temporary fix since
  2628. we can live with the minor issue in bug 14219 (it just results in
  2629. some load on the network) but the regression of 16381 is too much
  2630. of a setback. First-round fix for bug 16381; bugfix
  2631. on 0.2.6.3-alpha.
  2632. o Major bugfixes (stability):
  2633. - Stop crashing with an assertion failure when parsing certain kinds
  2634. of malformed or truncated microdescriptors. Fixes bug 16400;
  2635. bugfix on 0.2.6.1-alpha. Found by "torkeln"; fix based on a patch
  2636. by "cypherpunks_backup".
  2637. - Stop random client-side assertion failures that could occur when
  2638. connecting to a busy hidden service, or connecting to a hidden
  2639. service while a NEWNYM is in progress. Fixes bug 16013; bugfix
  2640. on 0.1.0.1-rc.
  2641. o Minor features (geoip):
  2642. - Update geoip to the June 3 2015 Maxmind GeoLite2 Country database.
  2643. - Update geoip6 to the June 3 2015 Maxmind GeoLite2 Country database.
  2644. o Minor bugfixes (crypto error-handling):
  2645. - Check for failures from crypto_early_init, and refuse to continue.
  2646. A previous typo meant that we could keep going with an
  2647. uninitialized crypto library, and would have OpenSSL initialize
  2648. its own PRNG. Fixes bug 16360; bugfix on 0.2.5.2-alpha, introduced
  2649. when implementing ticket 4900. Patch by "teor".
  2650. o Minor bugfixes (Linux seccomp2 sandbox):
  2651. - Allow pipe() and pipe2() syscalls in the seccomp2 sandbox: we need
  2652. these when eventfd2() support is missing. Fixes bug 16363; bugfix
  2653. on 0.2.6.3-alpha. Patch from "teor".
  2654. Changes in version 0.2.6.9 - 2015-06-11
  2655. Tor 0.2.6.9 fixes a regression in the circuit isolation code, increases the
  2656. requirements for receiving an HSDir flag, and addresses some other small
  2657. bugs in the systemd and sandbox code. Clients using circuit isolation
  2658. should upgrade; all directory authorities should upgrade.
  2659. o Major bugfixes (client-side privacy):
  2660. - Properly separate out each SOCKSPort when applying stream
  2661. isolation. The error occurred because each port's session group was
  2662. being overwritten by a default value when the listener connection
  2663. was initialized. Fixes bug 16247; bugfix on 0.2.6.3-alpha. Patch
  2664. by "jojelino".
  2665. o Minor feature (directory authorities, security):
  2666. - The HSDir flag given by authorities now requires the Stable flag.
  2667. For the current network, this results in going from 2887 to 2806
  2668. HSDirs. Also, it makes it harder for an attacker to launch a sybil
  2669. attack by raising the effort for a relay to become Stable which
  2670. takes at the very least 7 days to do so and by keeping the 96
  2671. hours uptime requirement for HSDir. Implements ticket 8243.
  2672. o Minor bugfixes (compilation):
  2673. - Build with --enable-systemd correctly when libsystemd is
  2674. installed, but systemd is not. Fixes bug 16164; bugfix on
  2675. 0.2.6.3-alpha. Patch from Peter Palfrader.
  2676. o Minor bugfixes (Linux seccomp2 sandbox):
  2677. - Fix sandboxing to work when running as a relaymby renaming of
  2678. secret_id_key, and allowing the eventfd2 and futex syscalls. Fixes
  2679. bug 16244; bugfix on 0.2.6.1-alpha. Patch by Peter Palfrader.
  2680. - Allow systemd connections to work with the Linux seccomp2 sandbox
  2681. code. Fixes bug 16212; bugfix on 0.2.6.2-alpha. Patch by
  2682. Peter Palfrader.
  2683. o Minor bugfixes (tests):
  2684. - Fix a crash in the unit tests when built with MSVC2013. Fixes bug
  2685. 16030; bugfix on 0.2.6.2-alpha. Patch from "NewEraCracker".
  2686. Changes in version 0.2.6.8 - 2015-05-21
  2687. Tor 0.2.6.8 fixes a bit of dodgy code in parsing INTRODUCE2 cells, and
  2688. fixes an authority-side bug in assigning the HSDir flag. All directory
  2689. authorities should upgrade.
  2690. o Major bugfixes (hidden services, backport from 0.2.7.1-alpha):
  2691. - Revert commit that made directory authorities assign the HSDir
  2692. flag to relay without a DirPort; this was bad because such relays
  2693. can't handle BEGIN_DIR cells. Fixes bug 15850; bugfix
  2694. on 0.2.6.3-alpha.
  2695. o Minor bugfixes (hidden service, backport from 0.2.7.1-alpha):
  2696. - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on
  2697. a client authorized hidden service. Fixes bug 15823; bugfix
  2698. on 0.2.1.6-alpha.
  2699. o Minor features (geoip):
  2700. - Update geoip to the April 8 2015 Maxmind GeoLite2 Country database.
  2701. - Update geoip6 to the April 8 2015 Maxmind GeoLite2
  2702. Country database.
  2703. Changes in version 0.2.7.1-alpha - 2015-05-12
  2704. Tor 0.2.7.1-alpha is the first alpha release in its series. It
  2705. includes numerous small features and bugfixes against previous Tor
  2706. versions, and numerous small infrastructure improvements. The most
  2707. notable features are several new ways for controllers to interact with
  2708. the hidden services subsystem.
  2709. o New system requirements:
  2710. - Tor no longer includes workarounds to support Libevent versions
  2711. before 1.3e. Libevent 2.0 or later is recommended. Closes
  2712. ticket 15248.
  2713. o Major features (controller):
  2714. - Add the ADD_ONION and DEL_ONION commands that allow the creation
  2715. and management of hidden services via the controller. Closes
  2716. ticket 6411.
  2717. - New "GETINFO onions/current" and "GETINFO onions/detached"
  2718. commands to get information about hidden services created via the
  2719. controller. Part of ticket 6411.
  2720. - New HSFETCH command to launch a request for a hidden service
  2721. descriptor. Closes ticket 14847.
  2722. - New HSPOST command to upload a hidden service descriptor. Closes
  2723. ticket 3523. Patch by "DonnchaC".
  2724. o Major bugfixes (hidden services):
  2725. - Revert commit that made directory authorities assign the HSDir
  2726. flag to relay without a DirPort; this was bad because such relays
  2727. can't handle BEGIN_DIR cells. Fixes bug 15850; bugfix
  2728. on 0.2.6.3-alpha.
  2729. o Minor features (clock-jump tolerance):
  2730. - Recover better when our clock jumps back many hours, like might
  2731. happen for Tails or Whonix users who start with a very wrong
  2732. hardware clock, use Tor to discover a more accurate time, and then
  2733. fix their clock. Resolves part of ticket 8766.
  2734. o Minor features (command-line interface):
  2735. - Make --hash-password imply --hush to prevent unnecessary noise.
  2736. Closes ticket 15542. Patch from "cypherpunks".
  2737. - Print a warning whenever we find a relative file path being used
  2738. as torrc option. Resolves issue 14018.
  2739. o Minor features (controller):
  2740. - Add DirAuthority lines for default directory authorities to the
  2741. output of the "GETINFO config/defaults" command if not already
  2742. present. Implements ticket 14840.
  2743. - Controllers can now use "GETINFO hs/client/desc/id/..." to
  2744. retrieve items from the client's hidden service descriptor cache.
  2745. Closes ticket 14845.
  2746. - Implement a new controller command "GETINFO status/fresh-relay-
  2747. descs" to fetch a descriptor/extrainfo pair that was generated on
  2748. demand just for the controller's use. Implements ticket 14784.
  2749. o Minor features (DoS-resistance):
  2750. - Make it harder for attackers to overload hidden services with
  2751. introductions, by blocking multiple introduction requests on the
  2752. same circuit. Resolves ticket 15515.
  2753. o Minor features (geoip):
  2754. - Update geoip to the April 8 2015 Maxmind GeoLite2 Country database.
  2755. - Update geoip6 to the April 8 2015 Maxmind GeoLite2
  2756. Country database.
  2757. o Minor features (HS popularity countermeasure):
  2758. - To avoid leaking HS popularity, don't cycle the introduction point
  2759. when we've handled a fixed number of INTRODUCE2 cells but instead
  2760. cycle it when a random number of introductions is reached, thus
  2761. making it more difficult for an attacker to find out the amount of
  2762. clients that have used the introduction point for a specific HS.
  2763. Closes ticket 15745.
  2764. o Minor features (logging):
  2765. - Include the Tor version in all LD_BUG log messages, since people
  2766. tend to cut and paste those into the bugtracker. Implements
  2767. ticket 15026.
  2768. o Minor features (pluggable transports):
  2769. - When launching managed pluggable transports on Linux systems,
  2770. attempt to have the kernel deliver a SIGTERM on tor exit if the
  2771. pluggable transport process is still running. Resolves
  2772. ticket 15471.
  2773. - When launching managed pluggable transports, setup a valid open
  2774. stdin in the child process that can be used to detect if tor has
  2775. terminated. The "TOR_PT_EXIT_ON_STDIN_CLOSE" environment variable
  2776. can be used by implementations to detect this new behavior.
  2777. Resolves ticket 15435.
  2778. o Minor features (testing):
  2779. - Add a test to verify that the compiler does not eliminate our
  2780. memwipe() implementation. Closes ticket 15377.
  2781. - Add make rule `check-changes` to verify the format of changes
  2782. files. Closes ticket 15180.
  2783. - Add unit tests for control_event_is_interesting(). Add a compile-
  2784. time check that the number of events doesn't exceed the capacity
  2785. of control_event_t.event_mask. Closes ticket 15431, checks for
  2786. bugs similar to 13085. Patch by "teor".
  2787. - Command-line argument tests moved to Stem. Resolves ticket 14806.
  2788. - Integrate the ntor, backtrace, and zero-length keys tests into the
  2789. automake test suite. Closes ticket 15344.
  2790. - Remove assertions during builds to determine Tor's test coverage.
  2791. We don't want to trigger these even in assertions, so including
  2792. them artificially makes our branch coverage look worse than it is.
  2793. This patch provides the new test-stem-full and coverage-html-full
  2794. configure options. Implements ticket 15400.
  2795. o Minor bugfixes (build):
  2796. - Improve out-of-tree builds by making non-standard rules work and
  2797. clean up additional files and directories. Fixes bug 15053; bugfix
  2798. on 0.2.7.0-alpha.
  2799. o Minor bugfixes (command-line interface):
  2800. - When "--quiet" is provided along with "--validate-config", do not
  2801. write anything to stdout on success. Fixes bug 14994; bugfix
  2802. on 0.2.3.3-alpha.
  2803. - When complaining about bad arguments to "--dump-config", use
  2804. stderr, not stdout.
  2805. o Minor bugfixes (configuration, unit tests):
  2806. - Only add the default fallback directories when the DirAuthorities,
  2807. AlternateDirAuthority, and FallbackDir directory config options
  2808. are set to their defaults. The default fallback directory list is
  2809. currently empty, this fix will only change tor's behavior when it
  2810. has default fallback directories. Includes unit tests for
  2811. consider_adding_dir_servers(). Fixes bug 15642; bugfix on
  2812. 90f6071d8dc0 in 0.2.4.7-alpha. Patch by "teor".
  2813. o Minor bugfixes (correctness):
  2814. - For correctness, avoid modifying a constant string in
  2815. handle_control_postdescriptor. Fixes bug 15546; bugfix
  2816. on 0.1.1.16-rc.
  2817. - Remove side-effects from tor_assert() calls. This was harmless,
  2818. because we never disable assertions, but it is bad style and
  2819. unnecessary. Fixes bug 15211; bugfix on 0.2.5.5, 0.2.2.36,
  2820. and 0.2.0.10.
  2821. o Minor bugfixes (hidden service):
  2822. - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on
  2823. a client authorized hidden service. Fixes bug 15823; bugfix
  2824. on 0.2.1.6-alpha.
  2825. - Remove an extraneous newline character from the end of hidden
  2826. service descriptors. Fixes bug 15296; bugfix on 0.2.0.10-alpha.
  2827. o Minor bugfixes (interface):
  2828. - Print usage information for --dump-config when it is used without
  2829. an argument. Also, fix the error message to use different wording
  2830. and add newline at the end. Fixes bug 15541; bugfix
  2831. on 0.2.5.1-alpha.
  2832. o Minor bugfixes (logs):
  2833. - When building Tor under Clang, do not include an extra set of
  2834. parentheses in log messages that include function names. Fixes bug
  2835. 15269; bugfix on every released version of Tor when compiled with
  2836. recent enough Clang.
  2837. o Minor bugfixes (network):
  2838. - When attempting to use fallback technique for network interface
  2839. lookup, disregard loopback and multicast addresses since they are
  2840. unsuitable for public communications.
  2841. o Minor bugfixes (statistics):
  2842. - Disregard the ConnDirectionStatistics torrc options when Tor is
  2843. not a relay since in that mode of operation no sensible data is
  2844. being collected and because Tor might run into measurement hiccups
  2845. when running as a client for some time, then becoming a relay.
  2846. Fixes bug 15604; bugfix on 0.2.2.35.
  2847. o Minor bugfixes (test networks):
  2848. - When self-testing reachability, use ExtendAllowPrivateAddresses to
  2849. determine if local/private addresses imply reachability. The
  2850. previous fix used TestingTorNetwork, which implies
  2851. ExtendAllowPrivateAddresses, but this excluded rare configurations
  2852. where ExtendAllowPrivateAddresses is set but TestingTorNetwork is
  2853. not. Fixes bug 15771; bugfix on 0.2.6.1-alpha. Patch by "teor",
  2854. issue discovered by CJ Ess.
  2855. o Minor bugfixes (testing):
  2856. - Check for matching value in server response in ntor_ref.py. Fixes
  2857. bug 15591; bugfix on 0.2.4.8-alpha. Reported and fixed
  2858. by "joelanders".
  2859. - Set the severity correctly when testing
  2860. get_interface_addresses_ifaddrs() and
  2861. get_interface_addresses_win32(), so that the tests fail gracefully
  2862. instead of triggering an assertion. Fixes bug 15759; bugfix on
  2863. 0.2.6.3-alpha. Reported by Nicolas Derive.
  2864. o Code simplification and refactoring:
  2865. - Move the hacky fallback code out of get_interface_address6() into
  2866. separate function and get it covered with unit-tests. Resolves
  2867. ticket 14710.
  2868. - Refactor hidden service client-side cache lookup to intelligently
  2869. report its various failure cases, and disentangle failure cases
  2870. involving a lack of introduction points. Closes ticket 14391.
  2871. - Use our own Base64 encoder instead of OpenSSL's, to allow more
  2872. control over the output. Part of ticket 15652.
  2873. o Documentation:
  2874. - Improve the descriptions of statistics-related torrc options in
  2875. the manpage to describe rationale and possible uses cases. Fixes
  2876. issue 15550.
  2877. - Improve the layout and formatting of ./configure --help messages.
  2878. Closes ticket 15024. Patch from "cypherpunks".
  2879. - Standardize on the term "server descriptor" in the manual page.
  2880. Previously, we had used "router descriptor", "server descriptor",
  2881. and "relay descriptor" interchangeably. Part of ticket 14987.
  2882. o Removed code:
  2883. - Remove `USE_OPENSSL_BASE64` and the corresponding fallback code
  2884. and always use the internal Base64 decoder. The internal decoder
  2885. has been part of tor since 0.2.0.10-alpha, and no one should
  2886. be using the OpenSSL one. Part of ticket 15652.
  2887. - Remove the 'tor_strclear()' function; use memwipe() instead.
  2888. Closes ticket 14922.
  2889. o Removed features:
  2890. - Remove the (seldom-used) DynamicDHGroups feature. For anti-
  2891. fingerprinting we now recommend pluggable transports; for forward-
  2892. secrecy in TLS, we now use the P-256 group. Closes ticket 13736.
  2893. - Remove the undocumented "--digests" command-line option. It
  2894. complicated our build process, caused subtle build issues on
  2895. multiple platforms, and is now redundant since we started
  2896. including git version identifiers. Closes ticket 14742.
  2897. - Tor no longer contains checks for ancient directory cache versions
  2898. that didn't know about microdescriptors.
  2899. - Tor no longer contains workarounds for stat files generated by
  2900. super-old versions of Tor that didn't choose guards sensibly.
  2901. Changes in version 0.2.4.27 - 2015-04-06
  2902. Tor 0.2.4.27 backports two fixes from 0.2.6.7 for security issues that
  2903. could be used by an attacker to crash hidden services, or crash clients
  2904. visiting hidden services. Hidden services should upgrade as soon as
  2905. possible; clients should upgrade whenever packages become available.
  2906. This release also backports a simple improvement to make hidden
  2907. services a bit less vulnerable to denial-of-service attacks.
  2908. o Major bugfixes (security, hidden service):
  2909. - Fix an issue that would allow a malicious client to trigger an
  2910. assertion failure and halt a hidden service. Fixes bug 15600;
  2911. bugfix on 0.2.1.6-alpha. Reported by "disgleirio".
  2912. - Fix a bug that could cause a client to crash with an assertion
  2913. failure when parsing a malformed hidden service descriptor. Fixes
  2914. bug 15601; bugfix on 0.2.1.5-alpha. Found by "DonnchaC".
  2915. o Minor features (DoS-resistance, hidden service):
  2916. - Introduction points no longer allow multiple INTRODUCE1 cells to
  2917. arrive on the same circuit. This should make it more expensive for
  2918. attackers to overwhelm hidden services with introductions.
  2919. Resolves ticket 15515.
  2920. Changes in version 0.2.5.12 - 2015-04-06
  2921. Tor 0.2.5.12 backports two fixes from 0.2.6.7 for security issues that
  2922. could be used by an attacker to crash hidden services, or crash clients
  2923. visiting hidden services. Hidden services should upgrade as soon as
  2924. possible; clients should upgrade whenever packages become available.
  2925. This release also backports a simple improvement to make hidden
  2926. services a bit less vulnerable to denial-of-service attacks.
  2927. o Major bugfixes (security, hidden service):
  2928. - Fix an issue that would allow a malicious client to trigger an
  2929. assertion failure and halt a hidden service. Fixes bug 15600;
  2930. bugfix on 0.2.1.6-alpha. Reported by "disgleirio".
  2931. - Fix a bug that could cause a client to crash with an assertion
  2932. failure when parsing a malformed hidden service descriptor. Fixes
  2933. bug 15601; bugfix on 0.2.1.5-alpha. Found by "DonnchaC".
  2934. o Minor features (DoS-resistance, hidden service):
  2935. - Introduction points no longer allow multiple INTRODUCE1 cells to
  2936. arrive on the same circuit. This should make it more expensive for
  2937. attackers to overwhelm hidden services with introductions.
  2938. Resolves ticket 15515.
  2939. Changes in version 0.2.6.7 - 2015-04-06
  2940. Tor 0.2.6.7 fixes two security issues that could be used by an
  2941. attacker to crash hidden services, or crash clients visiting hidden
  2942. services. Hidden services should upgrade as soon as possible; clients
  2943. should upgrade whenever packages become available.
  2944. This release also contains two simple improvements to make hidden
  2945. services a bit less vulnerable to denial-of-service attacks.
  2946. o Major bugfixes (security, hidden service):
  2947. - Fix an issue that would allow a malicious client to trigger an
  2948. assertion failure and halt a hidden service. Fixes bug 15600;
  2949. bugfix on 0.2.1.6-alpha. Reported by "disgleirio".
  2950. - Fix a bug that could cause a client to crash with an assertion
  2951. failure when parsing a malformed hidden service descriptor. Fixes
  2952. bug 15601; bugfix on 0.2.1.5-alpha. Found by "DonnchaC".
  2953. o Minor features (DoS-resistance, hidden service):
  2954. - Introduction points no longer allow multiple INTRODUCE1 cells to
  2955. arrive on the same circuit. This should make it more expensive for
  2956. attackers to overwhelm hidden services with introductions.
  2957. Resolves ticket 15515.
  2958. - Decrease the amount of reattempts that a hidden service performs
  2959. when its rendezvous circuits fail. This reduces the computational
  2960. cost for running a hidden service under heavy load. Resolves
  2961. ticket 11447.
  2962. Changes in version 0.2.6.6 - 2015-03-24
  2963. Tor 0.2.6.6 is the first stable release in the 0.2.6 series.
  2964. It adds numerous safety, security, correctness, and performance
  2965. improvements. Client programs can be configured to use more kinds of
  2966. sockets, AutomapHosts works better, the multithreading backend is
  2967. improved, cell transmission is refactored, test coverage is much
  2968. higher, more denial-of-service attacks are handled, guard selection is
  2969. improved to handle long-term guards better, pluggable transports
  2970. should work a bit better, and some annoying hidden service performance
  2971. bugs should be addressed.
  2972. o Minor bugfixes (portability):
  2973. - Use the correct datatype in the SipHash-2-4 function to prevent
  2974. compilers from assuming any sort of alignment. Fixes bug 15436;
  2975. bugfix on 0.2.5.3-alpha.
  2976. Changes in version 0.2.6.5-rc - 2015-03-18
  2977. Tor 0.2.6.5-rc is the second and (hopefully) last release candidate in
  2978. the 0.2.6. It fixes a small number of bugs found in 0.2.6.4-rc.
  2979. o Major bugfixes (client):
  2980. - Avoid crashing when making certain configuration option changes on
  2981. clients. Fixes bug 15245; bugfix on 0.2.6.3-alpha. Reported
  2982. by "anonym".
  2983. o Major bugfixes (pluggable transports):
  2984. - Initialize the extended OR Port authentication cookie before
  2985. launching pluggable transports. This prevents a race condition
  2986. that occured when server-side pluggable transports would cache the
  2987. authentication cookie before it has been (re)generated. Fixes bug
  2988. 15240; bugfix on 0.2.5.1-alpha.
  2989. o Major bugfixes (portability):
  2990. - Do not crash on startup when running on Solaris. Fixes a bug
  2991. related to our fix for 9495; bugfix on 0.2.6.1-alpha. Reported
  2992. by "ruebezahl".
  2993. o Minor features (heartbeat):
  2994. - On relays, report how many connections we negotiated using each
  2995. version of the Tor link protocols. This information will let us
  2996. know if removing support for very old versions of the Tor
  2997. protocols is harming the network. Closes ticket 15212.
  2998. o Code simplification and refactoring:
  2999. - Refactor main loop to extract the 'loop' part. This makes it
  3000. easier to run Tor under Shadow. Closes ticket 15176.
  3001. Changes in version 0.2.5.11 - 2015-03-17
  3002. Tor 0.2.5.11 is the second stable release in the 0.2.5 series.
  3003. It backports several bugfixes from the 0.2.6 branch, including a
  3004. couple of medium-level security fixes for relays and exit nodes.
  3005. It also updates the list of directory authorities.
  3006. o Directory authority changes:
  3007. - Remove turtles as a directory authority.
  3008. - Add longclaw as a new (v3) directory authority. This implements
  3009. ticket 13296. This keeps the directory authority count at 9.
  3010. - The directory authority Faravahar has a new IP address. This
  3011. closes ticket 14487.
  3012. o Major bugfixes (crash, OSX, security):
  3013. - Fix a remote denial-of-service opportunity caused by a bug in
  3014. OSX's _strlcat_chk() function. Fixes bug 15205; bug first appeared
  3015. in OSX 10.9.
  3016. o Major bugfixes (relay, stability, possible security):
  3017. - Fix a bug that could lead to a relay crashing with an assertion
  3018. failure if a buffer of exactly the wrong layout was passed to
  3019. buf_pullup() at exactly the wrong time. Fixes bug 15083; bugfix on
  3020. 0.2.0.10-alpha. Patch from 'cypherpunks'.
  3021. - Do not assert if the 'data' pointer on a buffer is advanced to the
  3022. very end of the buffer; log a BUG message instead. Only assert if
  3023. it is past that point. Fixes bug 15083; bugfix on 0.2.0.10-alpha.
  3024. o Major bugfixes (exit node stability):
  3025. - Fix an assertion failure that could occur under high DNS load.
  3026. Fixes bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr";
  3027. diagnosed and fixed by "cypherpunks".
  3028. o Major bugfixes (Linux seccomp2 sandbox):
  3029. - Upon receiving sighup with the seccomp2 sandbox enabled, do not
  3030. crash during attempts to call wait4. Fixes bug 15088; bugfix on
  3031. 0.2.5.1-alpha. Patch from "sanic".
  3032. o Minor features (controller):
  3033. - New "GETINFO bw-event-cache" to get information about recent
  3034. bandwidth events. Closes ticket 14128. Useful for controllers to
  3035. get recent bandwidth history after the fix for ticket 13988.
  3036. o Minor features (geoip):
  3037. - Update geoip to the March 3 2015 Maxmind GeoLite2 Country database.
  3038. - Update geoip6 to the March 3 2015 Maxmind GeoLite2
  3039. Country database.
  3040. o Minor bugfixes (client, automapping):
  3041. - Avoid crashing on torrc lines for VirtualAddrNetworkIPv[4|6] when
  3042. no value follows the option. Fixes bug 14142; bugfix on
  3043. 0.2.4.7-alpha. Patch by "teor".
  3044. - Fix a memory leak when using AutomapHostsOnResolve. Fixes bug
  3045. 14195; bugfix on 0.1.0.1-rc.
  3046. o Minor bugfixes (compilation):
  3047. - Build without warnings with the stock OpenSSL srtp.h header, which
  3048. has a duplicate declaration of SSL_get_selected_srtp_profile().
  3049. Fixes bug 14220; this is OpenSSL's bug, not ours.
  3050. o Minor bugfixes (directory authority):
  3051. - Allow directory authorities to fetch more data from one another if
  3052. they find themselves missing lots of votes. Previously, they had
  3053. been bumping against the 10 MB queued data limit. Fixes bug 14261;
  3054. bugfix on 0.1.2.5-alpha.
  3055. - Enlarge the buffer to read bwauth generated files to avoid an
  3056. issue when parsing the file in dirserv_read_measured_bandwidths().
  3057. Fixes bug 14125; bugfix on 0.2.2.1-alpha.
  3058. o Minor bugfixes (statistics):
  3059. - Increase period over which bandwidth observations are aggregated
  3060. from 15 minutes to 4 hours. Fixes bug 13988; bugfix on 0.0.8pre1.
  3061. o Minor bugfixes (preventative security, C safety):
  3062. - When reading a hexadecimal, base-32, or base-64 encoded value from
  3063. a string, always overwrite the whole output buffer. This prevents
  3064. some bugs where we would look at (but fortunately, not reveal)
  3065. uninitialized memory on the stack. Fixes bug 14013; bugfix on all
  3066. versions of Tor.
  3067. Changes in version 0.2.4.26 - 2015-03-17
  3068. Tor 0.2.4.26 includes an updated list of directory authorities. It
  3069. also backports a couple of stability and security bugfixes from 0.2.5
  3070. and beyond.
  3071. o Directory authority changes:
  3072. - Remove turtles as a directory authority.
  3073. - Add longclaw as a new (v3) directory authority. This implements
  3074. ticket 13296. This keeps the directory authority count at 9.
  3075. - The directory authority Faravahar has a new IP address. This
  3076. closes ticket 14487.
  3077. o Major bugfixes (exit node stability, also in 0.2.6.3-alpha):
  3078. - Fix an assertion failure that could occur under high DNS load.
  3079. Fixes bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr";
  3080. diagnosed and fixed by "cypherpunks".
  3081. o Major bugfixes (relay, stability, possible security, also in 0.2.6.4-rc):
  3082. - Fix a bug that could lead to a relay crashing with an assertion
  3083. failure if a buffer of exactly the wrong layout was passed to
  3084. buf_pullup() at exactly the wrong time. Fixes bug 15083; bugfix on
  3085. 0.2.0.10-alpha. Patch from 'cypherpunks'.
  3086. - Do not assert if the 'data' pointer on a buffer is advanced to the
  3087. very end of the buffer; log a BUG message instead. Only assert if
  3088. it is past that point. Fixes bug 15083; bugfix on 0.2.0.10-alpha.
  3089. o Minor features (geoip):
  3090. - Update geoip to the March 3 2015 Maxmind GeoLite2 Country database.
  3091. - Update geoip6 to the March 3 2015 Maxmind GeoLite2
  3092. Country database.
  3093. Changes in version 0.2.6.4-rc - 2015-03-09
  3094. Tor 0.2.6.4-alpha fixes an issue in the directory code that an
  3095. attacker might be able to use in order to crash certain Tor
  3096. directories. It also resolves some minor issues left over from, or
  3097. introduced in, Tor 0.2.6.3-alpha or earlier.
  3098. o Major bugfixes (crash, OSX, security):
  3099. - Fix a remote denial-of-service opportunity caused by a bug in
  3100. OSX's _strlcat_chk() function. Fixes bug 15205; bug first appeared
  3101. in OSX 10.9.
  3102. o Major bugfixes (relay, stability, possible security):
  3103. - Fix a bug that could lead to a relay crashing with an assertion
  3104. failure if a buffer of exactly the wrong layout is passed to
  3105. buf_pullup() at exactly the wrong time. Fixes bug 15083; bugfix on
  3106. 0.2.0.10-alpha. Patch from "cypherpunks".
  3107. - Do not assert if the 'data' pointer on a buffer is advanced to the
  3108. very end of the buffer; log a BUG message instead. Only assert if
  3109. it is past that point. Fixes bug 15083; bugfix on 0.2.0.10-alpha.
  3110. o Major bugfixes (FreeBSD IPFW transparent proxy):
  3111. - Fix address detection with FreeBSD transparent proxies, when
  3112. "TransProxyType ipfw" is in use. Fixes bug 15064; bugfix
  3113. on 0.2.5.4-alpha.
  3114. o Major bugfixes (Linux seccomp2 sandbox):
  3115. - Pass IPPROTO_TCP rather than 0 to socket(), so that the Linux
  3116. seccomp2 sandbox doesn't fail. Fixes bug 14989; bugfix
  3117. on 0.2.6.3-alpha.
  3118. - Allow AF_UNIX hidden services to be used with the seccomp2
  3119. sandbox. Fixes bug 15003; bugfix on 0.2.6.3-alpha.
  3120. - Upon receiving sighup with the seccomp2 sandbox enabled, do not
  3121. crash during attempts to call wait4. Fixes bug 15088; bugfix on
  3122. 0.2.5.1-alpha. Patch from "sanic".
  3123. o Minor features (controller):
  3124. - Messages about problems in the bootstrap process now include
  3125. information about the server we were trying to connect to when we
  3126. noticed the problem. Closes ticket 15006.
  3127. o Minor features (geoip):
  3128. - Update geoip to the March 3 2015 Maxmind GeoLite2 Country database.
  3129. - Update geoip6 to the March 3 2015 Maxmind GeoLite2
  3130. Country database.
  3131. o Minor features (logs):
  3132. - Quiet some log messages in the heartbeat and at startup. Closes
  3133. ticket 14950.
  3134. o Minor bugfixes (certificate handling):
  3135. - If an authority operator accidentally makes a signing certificate
  3136. with a future publication time, do not discard its real signing
  3137. certificates. Fixes bug 11457; bugfix on 0.2.0.3-alpha.
  3138. - Remove any old authority certificates that have been superseded
  3139. for at least two days. Previously, we would keep superseded
  3140. certificates until they expired, if they were published close in
  3141. time to the certificate that superseded them. Fixes bug 11454;
  3142. bugfix on 0.2.1.8-alpha.
  3143. o Minor bugfixes (compilation):
  3144. - Fix a compilation warning on s390. Fixes bug 14988; bugfix
  3145. on 0.2.5.2-alpha.
  3146. - Fix a compilation warning on FreeBSD. Fixes bug 15151; bugfix
  3147. on 0.2.6.2-alpha.
  3148. o Minor bugfixes (testing):
  3149. - Fix endianness issues in unit test for resolve_my_address() to
  3150. have it pass on big endian systems. Fixes bug 14980; bugfix on
  3151. Tor 0.2.6.3-alpha.
  3152. - Avoid a side-effect in a tor_assert() in the unit tests. Fixes bug
  3153. 15188; bugfix on 0.1.2.3-alpha. Patch from Tom van der Woerdt.
  3154. - When running the new 'make test-stem' target, use the configured
  3155. python binary. Fixes bug 15037; bugfix on 0.2.6.3-alpha. Patch
  3156. from "cypherpunks".
  3157. - When running the zero-length-keys tests, do not use the default
  3158. torrc file. Fixes bug 15033; bugfix on 0.2.6.3-alpha. Reported
  3159. by "reezer".
  3160. o Directory authority IP change:
  3161. - The directory authority Faravahar has a new IP address. This
  3162. closes ticket 14487.
  3163. o Removed code:
  3164. - Remove some lingering dead code that once supported mempools.
  3165. Mempools were disabled by default in 0.2.5, and removed entirely
  3166. in 0.2.6.3-alpha. Closes more of ticket 14848; patch
  3167. by "cypherpunks".
  3168. Changes in version 0.2.6.3-alpha - 2015-02-19
  3169. Tor 0.2.6.3-alpha is the third (and hopefully final) alpha release in
  3170. the 0.2.6.x series. It introduces support for more kinds of sockets,
  3171. makes it harder to accidentally run an exit, improves our
  3172. multithreading backend, incorporates several fixes for the
  3173. AutomapHostsOnResolve option, and fixes numerous other bugs besides.
  3174. If no major regressions or security holes are found in this version,
  3175. the next version will be a release candidate.
  3176. o Deprecated versions:
  3177. - Tor relays older than 0.2.4.18-rc are no longer allowed to
  3178. advertise themselves on the network. Closes ticket 13555.
  3179. o Major features (security, unix domain sockets):
  3180. - Allow SocksPort to be an AF_UNIX Unix Domain Socket. Now high risk
  3181. applications can reach Tor without having to create AF_INET or
  3182. AF_INET6 sockets, meaning they can completely disable their
  3183. ability to make non-Tor network connections. To create a socket of
  3184. this type, use "SocksPort unix:/path/to/socket". Implements
  3185. ticket 12585.
  3186. - Support mapping hidden service virtual ports to AF_UNIX sockets.
  3187. The syntax is "HiddenServicePort 80 unix:/path/to/socket".
  3188. Implements ticket 11485.
  3189. o Major features (changed defaults):
  3190. - Prevent relay operators from unintentionally running exits: When a
  3191. relay is configured as an exit node, we now warn the user unless
  3192. the "ExitRelay" option is set to 1. We warn even more loudly if
  3193. the relay is configured with the default exit policy, since this
  3194. can indicate accidental misconfiguration. Setting "ExitRelay 0"
  3195. stops Tor from running as an exit relay. Closes ticket 10067.
  3196. o Major features (directory system):
  3197. - When downloading server- or microdescriptors from a directory
  3198. server, we no longer launch multiple simultaneous requests to the
  3199. same server. This reduces load on the directory servers,
  3200. especially when directory guards are in use. Closes ticket 9969.
  3201. - When downloading server- or microdescriptors over a tunneled
  3202. connection, do not limit the length of our requests to what the
  3203. Squid proxy is willing to handle. Part of ticket 9969.
  3204. - Authorities can now vote on the correct digests and latest
  3205. versions for different software packages. This allows packages
  3206. that include Tor to use the Tor authority system as a way to get
  3207. notified of updates and their correct digests. Implements proposal
  3208. 227. Closes ticket 10395.
  3209. o Major features (guards):
  3210. - Introduce the Guardfraction feature to improves load balancing on
  3211. guard nodes. Specifically, it aims to reduce the traffic gap that
  3212. guard nodes experience when they first get the Guard flag. This is
  3213. a required step if we want to increase the guard lifetime to 9
  3214. months or greater. Closes ticket 9321.
  3215. o Major features (performance):
  3216. - Make the CPU worker implementation more efficient by avoiding the
  3217. kernel and lengthening pipelines. The original implementation used
  3218. sockets to transfer data from the main thread to the workers, and
  3219. didn't allow any thread to be assigned more than a single piece of
  3220. work at once. The new implementation avoids communications
  3221. overhead by making requests in shared memory, avoiding kernel IO
  3222. where possible, and keeping more requests in flight at once.
  3223. Implements ticket 9682.
  3224. o Major features (relay):
  3225. - Raise the minimum acceptable configured bandwidth rate for bridges
  3226. to 50 KiB/sec and for relays to 75 KiB/sec. (The old values were
  3227. 20 KiB/sec.) Closes ticket 13822.
  3228. o Major bugfixes (exit node stability):
  3229. - Fix an assertion failure that could occur under high DNS load.
  3230. Fixes bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr";
  3231. diagnosed and fixed by "cypherpunks".
  3232. o Major bugfixes (mixed relay-client operation):
  3233. - When running as a relay and client at the same time (not
  3234. recommended), if we decide not to use a new guard because we want
  3235. to retry older guards, only close the locally-originating circuits
  3236. passing through that guard. Previously we would close all the
  3237. circuits through that guard. Fixes bug 9819; bugfix on
  3238. 0.2.1.1-alpha. Reported by "skruffy".
  3239. o Minor features (build):
  3240. - New --disable-system-torrc compile-time option to prevent Tor from
  3241. looking for the system-wide torrc or torrc-defaults files.
  3242. Resolves ticket 13037.
  3243. o Minor features (controller):
  3244. - Include SOCKS_USERNAME and SOCKS_PASSWORD values in controller
  3245. events so controllers can observe circuit isolation inputs. Closes
  3246. ticket 8405.
  3247. - ControlPort now supports the unix:/path/to/socket syntax as an
  3248. alternative to the ControlSocket option, for consistency with
  3249. SocksPort and HiddenServicePort. Closes ticket 14451.
  3250. - New "GETINFO bw-event-cache" to get information about recent
  3251. bandwidth events. Closes ticket 14128. Useful for controllers to
  3252. get recent bandwidth history after the fix for ticket 13988.
  3253. o Minor features (Denial of service resistance):
  3254. - Count the total number of bytes used storing hidden service
  3255. descriptors against the value of MaxMemInQueues. If we're low on
  3256. memory, and more than 20% of our memory is used holding hidden
  3257. service descriptors, free them until no more than 10% of our
  3258. memory holds hidden service descriptors. Free the least recently
  3259. fetched descriptors first. Resolves ticket 13806.
  3260. - When we have recently been under memory pressure (over 3/4 of
  3261. MaxMemInQueues is allocated), then allocate smaller zlib objects
  3262. for small requests. Closes ticket 11791.
  3263. o Minor features (geoip):
  3264. - Update geoip and geoip6 files to the January 7 2015 Maxmind
  3265. GeoLite2 Country database.
  3266. o Minor features (guard nodes):
  3267. - Reduce the time delay before saving guard status to disk from 10
  3268. minutes to 30 seconds (or from one hour to 10 minutes if
  3269. AvoidDiskWrites is set). Closes ticket 12485.
  3270. o Minor features (hidden service):
  3271. - Make Sybil attacks against hidden services harder by changing the
  3272. minimum time required to get the HSDir flag from 25 hours up to 96
  3273. hours. Addresses ticket 14149.
  3274. - New option "HiddenServiceAllowUnknownPorts" to allow hidden
  3275. services to disable the anti-scanning feature introduced in
  3276. 0.2.6.2-alpha. With this option not set, a connection to an
  3277. unlisted port closes the circuit. With this option set, only a
  3278. RELAY_DONE cell is sent. Closes ticket 14084.
  3279. o Minor features (interface):
  3280. - Implement "-f -" command-line option to read torrc configuration
  3281. from standard input, if you don't want to store the torrc file in
  3282. the file system. Implements feature 13865.
  3283. o Minor features (logging):
  3284. - Add a count of unique clients to the bridge heartbeat message.
  3285. Resolves ticket 6852.
  3286. - Suppress "router info incompatible with extra info" message when
  3287. reading extrainfo documents from cache. (This message got loud
  3288. around when we closed bug 9812 in 0.2.6.2-alpha.) Closes
  3289. ticket 13762.
  3290. - Elevate hidden service authorized-client message from DEBUG to
  3291. INFO. Closes ticket 14015.
  3292. o Minor features (stability):
  3293. - Add assertions in our hash-table iteration code to check for
  3294. corrupted values that could cause infinite loops. Closes
  3295. ticket 11737.
  3296. o Minor features (systemd):
  3297. - Various improvements and modernizations in systemd hardening
  3298. support. Closes ticket 13805. Patch from Craig Andrews.
  3299. o Minor features (testing networks):
  3300. - Drop the minimum RendPostPeriod on a testing network to 5 seconds,
  3301. and the default on a testing network to 2 minutes. Drop the
  3302. MIN_REND_INITIAL_POST_DELAY on a testing network to 5 seconds, but
  3303. keep the default on a testing network at 30 seconds. This reduces
  3304. HS bootstrap time to around 25 seconds. Also, change the default
  3305. time in test-network.sh to match. Closes ticket 13401. Patch
  3306. by "teor".
  3307. - Create TestingDirAuthVoteHSDir to correspond to
  3308. TestingDirAuthVoteExit/Guard. Ensures that authorities vote the
  3309. HSDir flag for the listed relays regardless of uptime or ORPort
  3310. connectivity. Respects the value of VoteOnHidServDirectoriesV2.
  3311. Partial implementation for ticket 14067. Patch by "teor".
  3312. o Minor features (tor2web mode):
  3313. - Introduce the config option Tor2webRendezvousPoints, which allows
  3314. clients in Tor2webMode to select a specific Rendezvous Point to be
  3315. used in HS circuits. This might allow better performance for
  3316. Tor2Web nodes. Implements ticket 12844.
  3317. o Minor bugfixes (client DNS):
  3318. - Report the correct cached DNS expiration times on SOCKS port or in
  3319. DNS replies. Previously, we would report everything as "never
  3320. expires." Fixes bug 14193; bugfix on 0.2.3.17-beta.
  3321. - Avoid a small memory leak when we find a cached answer for a
  3322. reverse DNS lookup in a client-side DNS cache. (Remember, client-
  3323. side DNS caching is off by default, and is not recommended.) Fixes
  3324. bug 14259; bugfix on 0.2.0.1-alpha.
  3325. o Minor bugfixes (client, automapping):
  3326. - Avoid crashing on torrc lines for VirtualAddrNetworkIPv[4|6] when
  3327. no value follows the option. Fixes bug 14142; bugfix on
  3328. 0.2.4.7-alpha. Patch by "teor".
  3329. - Fix a memory leak when using AutomapHostsOnResolve. Fixes bug
  3330. 14195; bugfix on 0.1.0.1-rc.
  3331. - Prevent changes to other options from removing the wildcard value
  3332. "." from "AutomapHostsSuffixes". Fixes bug 12509; bugfix
  3333. on 0.2.0.1-alpha.
  3334. - Allow MapAddress and AutomapHostsOnResolve to work together when
  3335. an address is mapped into another address type (like .onion) that
  3336. must be automapped at resolve time. Fixes bug 7555; bugfix
  3337. on 0.2.0.1-alpha.
  3338. o Minor bugfixes (client, bridges):
  3339. - When we are using bridges and we had a network connectivity
  3340. problem, only retry connecting to our currently configured
  3341. bridges, not all bridges we know about and remember using. Fixes
  3342. bug 14216; bugfix on 0.2.2.17-alpha.
  3343. o Minor bugfixes (client, IPv6):
  3344. - Reject socks requests to literal IPv6 addresses when IPv6Traffic
  3345. flag is not set; and not because the NoIPv4Traffic flag was set.
  3346. Previously we'd looked at the NoIPv4Traffic flag for both types of
  3347. literal addresses. Fixes bug 14280; bugfix on 0.2.4.7-alpha.
  3348. o Minor bugfixes (compilation):
  3349. - The address of an array in the middle of a structure will always
  3350. be non-NULL. clang recognises this and complains. Disable the
  3351. tautologous and redundant check to silence this warning. Fixes bug
  3352. 14001; bugfix on 0.2.1.2-alpha.
  3353. - Avoid warnings when building with systemd 209 or later. Fixes bug
  3354. 14072; bugfix on 0.2.6.2-alpha. Patch from "h.venev".
  3355. - Compile correctly with (unreleased) OpenSSL 1.1.0 headers.
  3356. Addresses ticket 14188.
  3357. - Build without warnings with the stock OpenSSL srtp.h header, which
  3358. has a duplicate declaration of SSL_get_selected_srtp_profile().
  3359. Fixes bug 14220; this is OpenSSL's bug, not ours.
  3360. - Do not compile any code related to Tor2Web mode when Tor2Web mode
  3361. is not enabled at compile time. Previously, this code was included
  3362. in a disabled state. See discussion on ticket 12844.
  3363. - Remove the --disable-threads configure option again. It was
  3364. accidentally partially reintroduced in 29ac883606d6d. Fixes bug
  3365. 14819; bugfix on 0.2.6.2-alpha.
  3366. o Minor bugfixes (controller):
  3367. - Report "down" in response to the "GETINFO entry-guards" command
  3368. when relays are down with an unreachable_since value. Previously,
  3369. we would report "up". Fixes bug 14184; bugfix on 0.1.2.2-alpha.
  3370. - Avoid crashing on a malformed EXTENDCIRCUIT command. Fixes bug
  3371. 14116; bugfix on 0.2.2.9-alpha.
  3372. - Add a code for the END_CIRC_REASON_IP_NOW_REDUNDANT circuit close
  3373. reason. Fixes bug 14207; bugfix on 0.2.6.2-alpha.
  3374. o Minor bugfixes (directory authority):
  3375. - Allow directory authorities to fetch more data from one another if
  3376. they find themselves missing lots of votes. Previously, they had
  3377. been bumping against the 10 MB queued data limit. Fixes bug 14261;
  3378. bugfix on 0.1.2.5-alpha.
  3379. - Do not attempt to download extrainfo documents which we will be
  3380. unable to validate with a matching server descriptor. Fixes bug
  3381. 13762; bugfix on 0.2.0.1-alpha.
  3382. - Fix a bug that was truncating AUTHDIR_NEWDESC events sent to the
  3383. control port. Fixes bug 14953; bugfix on 0.2.0.1-alpha.
  3384. - Enlarge the buffer to read bwauth generated files to avoid an
  3385. issue when parsing the file in dirserv_read_measured_bandwidths().
  3386. Fixes bug 14125; bugfix on 0.2.2.1-alpha.
  3387. o Minor bugfixes (file handling):
  3388. - Stop failing when key files are zero-length. Instead, generate new
  3389. keys, and overwrite the empty key files. Fixes bug 13111; bugfix
  3390. on all versions of Tor. Patch by "teor".
  3391. - Stop generating a fresh .old RSA onion key file when the .old file
  3392. is missing. Fixes part of 13111; bugfix on 0.0.6rc1.
  3393. - Avoid overwriting .old key files with empty key files.
  3394. - Skip loading zero-length extrainfo store, router store, stats,
  3395. state, and key files.
  3396. - Avoid crashing when trying to reload a torrc specified as a
  3397. relative path with RunAsDaemon turned on. Fixes bug 13397; bugfix
  3398. on 0.2.3.11-alpha.
  3399. o Minor bugfixes (hidden services):
  3400. - Close the introduction circuit when we have no more usable intro
  3401. points, instead of waiting for it to time out. This also ensures
  3402. that no follow-up HS descriptor fetch is triggered when the
  3403. circuit eventually times out. Fixes bug 14224; bugfix on 0.0.6.
  3404. - When fetching a hidden service descriptor for a down service that
  3405. was recently up, do not keep refetching until we try the same
  3406. replica twice in a row. Fixes bug 14219; bugfix on 0.2.0.10-alpha.
  3407. - Successfully launch Tor with a nonexistent hidden service
  3408. directory. Our fix for bug 13942 didn't catch this case. Fixes bug
  3409. 14106; bugfix on 0.2.6.2-alpha.
  3410. o Minor bugfixes (logging):
  3411. - Avoid crashing when there are more log domains than entries in
  3412. domain_list. Bugfix on 0.2.3.1-alpha.
  3413. - Add a string representation for LD_SCHED. Fixes bug 14740; bugfix
  3414. on 0.2.6.1-alpha.
  3415. - Don't log messages to stdout twice when starting up. Fixes bug
  3416. 13993; bugfix on 0.2.6.1-alpha.
  3417. o Minor bugfixes (parsing):
  3418. - Stop accepting milliseconds (or other junk) at the end of
  3419. descriptor publication times. Fixes bug 9286; bugfix on 0.0.2pre25.
  3420. - Support two-number and three-number version numbers correctly, in
  3421. case we change the Tor versioning system in the future. Fixes bug
  3422. 13661; bugfix on 0.0.8pre1.
  3423. o Minor bugfixes (path counting):
  3424. - When deciding whether the consensus lists any exit nodes, count
  3425. the number listed in the consensus, not the number we have
  3426. descriptors for. Fixes part of bug 14918; bugfix on 0.2.6.2-alpha.
  3427. - When deciding whether we have any exit nodes, only examine
  3428. ExitNodes when the ExitNodes option is actually set. Fixes part of
  3429. bug 14918; bugfix on 0.2.6.2-alpha.
  3430. - Get rid of redundant and possibly scary warnings that we are
  3431. missing directory information while we bootstrap. Fixes part of
  3432. bug 14918; bugfix on 0.2.6.2-alpha.
  3433. o Minor bugfixes (portability):
  3434. - Fix the ioctl()-based network interface lookup code so that it
  3435. will work on systems that have variable-length struct ifreq, for
  3436. example Mac OS X.
  3437. - Fix scheduler compilation on targets where char is unsigned. Fixes
  3438. bug 14764; bugfix on 0.2.6.2-alpha. Reported by Christian Kujau.
  3439. o Minor bugfixes (sandbox):
  3440. - Allow glibc fatal errors to be sent to stderr before Tor exits.
  3441. Previously, glibc would try to write them to /dev/tty, and the
  3442. sandbox would trap the call and make Tor exit prematurely. Fixes
  3443. bug 14759; bugfix on 0.2.5.1-alpha.
  3444. o Minor bugfixes (shutdown):
  3445. - When shutting down, always call event_del() on lingering read or
  3446. write events before freeing them. Otherwise, we risk double-frees
  3447. or read-after-frees in event_base_free(). Fixes bug 12985; bugfix
  3448. on 0.1.0.2-rc.
  3449. o Minor bugfixes (small memory leaks):
  3450. - Avoid leaking memory when using IPv6 virtual address mappings.
  3451. Fixes bug 14123; bugfix on 0.2.4.7-alpha. Patch by Tom van
  3452. der Woerdt.
  3453. o Minor bugfixes (statistics):
  3454. - Increase period over which bandwidth observations are aggregated
  3455. from 15 minutes to 4 hours. Fixes bug 13988; bugfix on 0.0.8pre1.
  3456. o Minor bugfixes (systemd support):
  3457. - Fix detection and operation of systemd watchdog. Fixes part of bug
  3458. 14141; bugfix on 0.2.6.2-alpha. Patch from Tomasz Torcz.
  3459. - Run correctly under systemd with the RunAsDaemon option set. Fixes
  3460. part of bug 14141; bugfix on 0.2.5.7-rc. Patch from Tomasz Torcz.
  3461. - Inform the systemd supervisor about more changes in the Tor
  3462. process status. Implements part of ticket 14141. Patch from
  3463. Tomasz Torcz.
  3464. - Cause the "--disable-systemd" option to actually disable systemd
  3465. support. Fixes bug 14350; bugfix on 0.2.6.2-alpha. Patch
  3466. from "blueness".
  3467. o Minor bugfixes (TLS):
  3468. - Check more thoroughly throughout the TLS code for possible
  3469. unlogged TLS errors. Possible diagnostic or fix for bug 13319.
  3470. o Minor bugfixes (transparent proxy):
  3471. - Use getsockname, not getsockopt, to retrieve the address for a
  3472. TPROXY-redirected connection. Fixes bug 13796; bugfix
  3473. on 0.2.5.2-alpha.
  3474. o Code simplification and refactoring:
  3475. - Move fields related to isolating and configuring client ports into
  3476. a shared structure. Previously, they were duplicated across
  3477. port_cfg_t, listener_connection_t, and edge_connection_t. Failure
  3478. to copy them correctly had been the cause of at least one bug in
  3479. the past. Closes ticket 8546.
  3480. - Refactor the get_interface_addresses_raw() doom-function into
  3481. multiple smaller and simpler subfunctions. Cover the resulting
  3482. subfunctions with unit-tests. Fixes a significant portion of
  3483. issue 12376.
  3484. - Remove workaround in dirserv_thinks_router_is_hs_dir() that was
  3485. only for version <= 0.2.2.24 which is now deprecated. Closes
  3486. ticket 14202.
  3487. - Remove a test for a long-defunct broken version-one
  3488. directory server.
  3489. o Documentation:
  3490. - Adding section on OpenBSD to our TUNING document. Thanks to mmcc
  3491. for writing the OpenBSD-specific tips. Resolves ticket 13702.
  3492. - Make the tor-resolve documentation match its help string and its
  3493. options. Resolves part of ticket 14325.
  3494. - Log a more useful error message from tor-resolve when failing to
  3495. look up a hidden service address. Resolves part of ticket 14325.
  3496. o Downgraded warnings:
  3497. - Don't warn when we've attempted to contact a relay using the wrong
  3498. ntor onion key. Closes ticket 9635.
  3499. o Removed features:
  3500. - To avoid confusion with the "ExitRelay" option, "ExitNode" is no
  3501. longer silently accepted as an alias for "ExitNodes".
  3502. - The --enable-mempool and --enable-buf-freelists options, which
  3503. were originally created to work around bad malloc implementations,
  3504. no longer exist. They were off-by-default in 0.2.5. Closes
  3505. ticket 14848.
  3506. o Testing:
  3507. - Make the checkdir/perms test complete successfully even if the
  3508. global umask is not 022. Fixes bug 14215; bugfix on 0.2.6.2-alpha.
  3509. - Test that tor does not fail when key files are zero-length. Check
  3510. that tor generates new keys, and overwrites the empty key files.
  3511. - Test that tor generates new keys when keys are missing
  3512. (existing behavior).
  3513. - Test that tor does not overwrite key files that already contain
  3514. data (existing behavior). Tests bug 13111. Patch by "teor".
  3515. - New "make test-stem" target to run stem integration tests.
  3516. Requires that the "STEM_SOURCE_DIR" environment variable be set.
  3517. Closes ticket 14107.
  3518. - Make the test_cmdline_args.py script work correctly on Windows.
  3519. Patch from Gisle Vanem.
  3520. - Move the slower unit tests into a new "./src/test/test-slow"
  3521. binary that can be run independently of the other tests. Closes
  3522. ticket 13243.
  3523. - Avoid undefined behavior when sampling huge values from the
  3524. Laplace distribution. This made unittests fail on Raspberry Pi.
  3525. Bug found by Device. Fixes bug 14090; bugfix on 0.2.6.2-alpha.
  3526. Changes in version 0.2.6.2-alpha - 2014-12-31
  3527. Tor 0.2.6.2-alpha is the second alpha release in the 0.2.6.x series.
  3528. It introduces a major new backend for deciding when to send cells on
  3529. channels, which should lead down the road to big performance
  3530. increases. It contains security and statistics features for better
  3531. work on hidden services, and numerous bugfixes.
  3532. This release contains many new unit tests, along with major
  3533. performance improvements for running testing networks using Chutney.
  3534. Thanks to a series of patches contributed by "teor", testing networks
  3535. should now bootstrap in seconds, rather than minutes.
  3536. o Major features (relay, infrastructure):
  3537. - Complete revision of the code that relays use to decide which cell
  3538. to send next. Formerly, we selected the best circuit to write on
  3539. each channel, but we didn't select among channels in any
  3540. sophisticated way. Now, we choose the best circuits globally from
  3541. among those whose channels are ready to deliver traffic.
  3542. This patch implements a new inter-cmux comparison API, a global
  3543. high/low watermark mechanism and a global scheduler loop for
  3544. transmission prioritization across all channels as well as among
  3545. circuits on one channel. This schedule is currently tuned to
  3546. (tolerantly) avoid making changes in network performance, but it
  3547. should form the basis for major circuit performance increases in
  3548. the future. Code by Andrea; tuning by Rob Jansen; implements
  3549. ticket 9262.
  3550. o Major features (hidden services):
  3551. - Make HS port scanning more difficult by immediately closing the
  3552. circuit when a user attempts to connect to a nonexistent port.
  3553. Closes ticket 13667.
  3554. - Add a HiddenServiceStatistics option that allows Tor relays to
  3555. gather and publish statistics about the overall size and volume of
  3556. hidden service usage. Specifically, when this option is turned on,
  3557. an HSDir will publish an approximate number of hidden services
  3558. that have published descriptors to it the past 24 hours. Also, if
  3559. a relay has acted as a hidden service rendezvous point, it will
  3560. publish the approximate amount of rendezvous cells it has relayed
  3561. the past 24 hours. The statistics themselves are obfuscated so
  3562. that the exact values cannot be derived. For more details see
  3563. proposal 238, "Better hidden service stats from Tor relays". This
  3564. feature is currently disabled by default. Implements feature 13192.
  3565. o Major bugfixes (client, automap):
  3566. - Repair automapping with IPv6 addresses. This automapping should
  3567. have worked previously, but one piece of debugging code that we
  3568. inserted to detect a regression actually caused the regression to
  3569. manifest itself again. Fixes bug 13811 and bug 12831; bugfix on
  3570. 0.2.4.7-alpha. Diagnosed and fixed by Francisco Blas
  3571. Izquierdo Riera.
  3572. o Major bugfixes (hidden services):
  3573. - When closing an introduction circuit that was opened in parallel
  3574. with others, don't mark the introduction point as unreachable.
  3575. Previously, the first successful connection to an introduction
  3576. point would make the other introduction points get marked as
  3577. having timed out. Fixes bug 13698; bugfix on 0.0.6rc2.
  3578. o Directory authority changes:
  3579. - Remove turtles as a directory authority.
  3580. - Add longclaw as a new (v3) directory authority. This implements
  3581. ticket 13296. This keeps the directory authority count at 9.
  3582. o Major removed features:
  3583. - Tor clients no longer support connecting to hidden services
  3584. running on Tor 0.2.2.x and earlier; the Support022HiddenServices
  3585. option has been removed. (There shouldn't be any hidden services
  3586. running these versions on the network.) Closes ticket 7803.
  3587. o Minor features (client):
  3588. - Validate hostnames in SOCKS5 requests more strictly. If SafeSocks
  3589. is enabled, reject requests with IP addresses as hostnames.
  3590. Resolves ticket 13315.
  3591. o Minor features (controller):
  3592. - Add a "SIGNAL HEARTBEAT" controller command that tells Tor to
  3593. write an unscheduled heartbeat message to the log. Implements
  3594. feature 9503.
  3595. o Minor features (geoip):
  3596. - Update geoip and geoip6 to the November 15 2014 Maxmind GeoLite2
  3597. Country database.
  3598. o Minor features (hidden services):
  3599. - When re-enabling the network, don't try to build introduction
  3600. circuits until we have successfully built a circuit. This makes
  3601. hidden services come up faster when the network is re-enabled.
  3602. Patch from "akwizgran". Closes ticket 13447.
  3603. - When we fail to retrieve a hidden service descriptor, send the
  3604. controller an "HS_DESC FAILED" controller event. Implements
  3605. feature 13212.
  3606. - New HiddenServiceDirGroupReadable option to cause hidden service
  3607. directories and hostname files to be created group-readable. Patch
  3608. from "anon", David Stainton, and "meejah". Closes ticket 11291.
  3609. o Minor features (systemd):
  3610. - Where supported, when running with systemd, report successful
  3611. startup to systemd. Part of ticket 11016. Patch by Michael Scherer.
  3612. - When running with systemd, support systemd watchdog messages. Part
  3613. of ticket 11016. Patch by Michael Scherer.
  3614. o Minor features (transparent proxy):
  3615. - Update the transparent proxy option checks to allow for both ipfw
  3616. and pf on OS X. Closes ticket 14002.
  3617. - Use the correct option when using IPv6 with transparent proxy
  3618. support on Linux. Resolves 13808. Patch by Francisco Blas
  3619. Izquierdo Riera.
  3620. o Minor bugfixes (preventative security, C safety):
  3621. - When reading a hexadecimal, base-32, or base-64 encoded value from
  3622. a string, always overwrite the whole output buffer. This prevents
  3623. some bugs where we would look at (but fortunately, not reveal)
  3624. uninitialized memory on the stack. Fixes bug 14013; bugfix on all
  3625. versions of Tor.
  3626. - Clear all memory targetted by tor_addr_{to,from}_sockaddr(), not
  3627. just the part that's used. This makes it harder for data leak bugs
  3628. to occur in the event of other programming failures. Resolves
  3629. ticket 14041.
  3630. o Minor bugfixes (client, microdescriptors):
  3631. - Use a full 256 bits of the SHA256 digest of a microdescriptor when
  3632. computing which microdescriptors to download. This keeps us from
  3633. erroneous download behavior if two microdescriptor digests ever
  3634. have the same first 160 bits. Fixes part of bug 13399; bugfix
  3635. on 0.2.3.1-alpha.
  3636. - Reset a router's status if its microdescriptor digest changes,
  3637. even if the first 160 bits remain the same. Fixes part of bug
  3638. 13399; bugfix on 0.2.3.1-alpha.
  3639. o Minor bugfixes (compilation):
  3640. - Silence clang warnings under --enable-expensive-hardening,
  3641. including implicit truncation of 64 bit values to 32 bit, const
  3642. char assignment to self, tautological compare, and additional
  3643. parentheses around equality tests. Fixes bug 13577; bugfix
  3644. on 0.2.5.4-alpha.
  3645. - Fix a clang warning about checking whether an address in the
  3646. middle of a structure is NULL. Fixes bug 14001; bugfix
  3647. on 0.2.1.2-alpha.
  3648. o Minor bugfixes (hidden services):
  3649. - Correctly send a controller event when we find that a rendezvous
  3650. circuit has finished. Fixes bug 13936; bugfix on 0.1.1.5-alpha.
  3651. - Pre-check directory permissions for new hidden-services to avoid
  3652. at least one case of "Bug: Acting on config options left us in a
  3653. broken state. Dying." Fixes bug 13942; bugfix on 0.0.6pre1.
  3654. - When adding a new hidden service (for example, via SETCONF), Tor
  3655. no longer congratulates the user for running a relay. Fixes bug
  3656. 13941; bugfix on 0.2.6.1-alpha.
  3657. - When fetching hidden service descriptors, we now check not only
  3658. for whether we got the hidden service we had in mind, but also
  3659. whether we got the particular descriptors we wanted. This prevents
  3660. a class of inefficient but annoying DoS attacks by hidden service
  3661. directories. Fixes bug 13214; bugfix on 0.2.1.6-alpha. Reported
  3662. by "special".
  3663. o Minor bugfixes (Linux seccomp2 sandbox):
  3664. - Make transparent proxy support work along with the seccomp2
  3665. sandbox. Fixes part of bug 13808; bugfix on 0.2.5.1-alpha. Patch
  3666. by Francisco Blas Izquierdo Riera.
  3667. - Fix a memory leak in tor-resolve when running with the sandbox
  3668. enabled. Fixes bug 14050; bugfix on 0.2.5.9-rc.
  3669. o Minor bugfixes (logging):
  3670. - Downgrade warnings about RSA signature failures to info log level.
  3671. Emit a warning when an extra info document is found incompatible
  3672. with a corresponding router descriptor. Fixes bug 9812; bugfix
  3673. on 0.0.6rc3.
  3674. - Make connection_ap_handshake_attach_circuit() log the circuit ID
  3675. correctly. Fixes bug 13701; bugfix on 0.0.6.
  3676. o Minor bugfixes (misc):
  3677. - Stop allowing invalid address patterns like "*/24" that contain
  3678. both a wildcard address and a bit prefix length. This affects all
  3679. our address-range parsing code. Fixes bug 7484; bugfix
  3680. on 0.0.2pre14.
  3681. o Minor bugfixes (testing networks, fast startup):
  3682. - Allow Tor to build circuits using a consensus with no exits. If
  3683. the consensus has no exits (typical of a bootstrapping test
  3684. network), allow Tor to build circuits once enough descriptors have
  3685. been downloaded. This assists in bootstrapping a testing Tor
  3686. network. Fixes bug 13718; bugfix on 0.2.4.10-alpha. Patch
  3687. by "teor".
  3688. - When V3AuthVotingInterval is low, give a lower If-Modified-Since
  3689. header to directory servers. This allows us to obtain consensuses
  3690. promptly when the consensus interval is very short. This assists
  3691. in bootstrapping a testing Tor network. Fixes parts of bugs 13718
  3692. and 13963; bugfix on 0.2.0.3-alpha. Patch by "teor".
  3693. - Stop assuming that private addresses are local when checking
  3694. reachability in a TestingTorNetwork. Instead, when testing, assume
  3695. all OR connections are remote. (This is necessary due to many test
  3696. scenarios running all relays on localhost.) This assists in
  3697. bootstrapping a testing Tor network. Fixes bug 13924; bugfix on
  3698. 0.1.0.1-rc. Patch by "teor".
  3699. - Avoid building exit circuits from a consensus with no exits. Now
  3700. thanks to our fix for 13718, we accept a no-exit network as not
  3701. wholly lost, but we need to remember not to try to build exit
  3702. circuits on it. Closes ticket 13814; patch by "teor".
  3703. - Stop requiring exits to have non-zero bandwithcapacity in a
  3704. TestingTorNetwork. Instead, when TestingMinExitFlagThreshold is 0,
  3705. ignore exit bandwidthcapacity. This assists in bootstrapping a
  3706. testing Tor network. Fixes parts of bugs 13718 and 13839; bugfix
  3707. on 0.2.0.3-alpha. Patch by "teor".
  3708. - Add "internal" to some bootstrap statuses when no exits are
  3709. available. If the consensus does not contain Exits, Tor will only
  3710. build internal circuits. In this case, relevant statuses will
  3711. contain the word "internal" as indicated in the Tor control-
  3712. spec.txt. When bootstrap completes, Tor will be ready to build
  3713. internal circuits. If a future consensus contains Exits, exit
  3714. circuits may become available. Fixes part of bug 13718; bugfix on
  3715. 0.2.4.10-alpha. Patch by "teor".
  3716. - Decrease minimum consensus interval to 10 seconds when
  3717. TestingTorNetwork is set, or 5 seconds for the first consensus.
  3718. Fix assumptions throughout the code that assume larger intervals.
  3719. Fixes bugs 13718 and 13823; bugfix on 0.2.0.3-alpha. Patch
  3720. by "teor".
  3721. - Avoid excluding guards from path building in minimal test
  3722. networks, when we're in a test network and excluding guards would
  3723. exclude all relays. This typically occurs in incredibly small tor
  3724. networks, and those using "TestingAuthVoteGuard *". Fixes part of
  3725. bug 13718; bugfix on 0.1.1.11-alpha. Patch by "teor".
  3726. o Code simplification and refactoring:
  3727. - Stop using can_complete_circuits as a global variable; access it
  3728. with a function instead.
  3729. - Avoid using operators directly as macro arguments: this lets us
  3730. apply coccinelle transformations to our codebase more directly.
  3731. Closes ticket 13172.
  3732. - Combine the functions used to parse ClientTransportPlugin and
  3733. ServerTransportPlugin into a single function. Closes ticket 6456.
  3734. - Add inline functions and convenience macros for inspecting channel
  3735. state. Refactor the code to use convenience macros instead of
  3736. checking channel state directly. Fixes issue 7356.
  3737. - Document all members of was_router_added_t and rename
  3738. ROUTER_WAS_NOT_NEW to ROUTER_IS_ALREADY_KNOWN to make it less
  3739. confusable with ROUTER_WAS_TOO_OLD. Fixes issue 13644.
  3740. - In connection_exit_begin_conn(), use END_CIRC_REASON_TORPROTOCOL
  3741. constant instead of hardcoded value. Fixes issue 13840.
  3742. - Refactor our generic strmap and digestmap types into a single
  3743. implementation, so that we can add a new digest256map
  3744. type trivially.
  3745. o Documentation:
  3746. - Document the bridge-authority-only 'networkstatus-bridges' file.
  3747. Closes ticket 13713; patch from "tom".
  3748. - Fix typo in PredictedPortsRelevanceTime option description in
  3749. manpage. Resolves issue 13707.
  3750. - Stop suggesting that users specify relays by nickname: it isn't a
  3751. good idea. Also, properly cross-reference how to specify relays in
  3752. all parts of manual documenting options that take a list of
  3753. relays. Closes ticket 13381.
  3754. - Clarify the HiddenServiceDir option description in manpage to make
  3755. it clear that relative paths are taken with respect to the current
  3756. working directory. Also clarify that this behavior is not
  3757. guaranteed to remain indefinitely. Fixes issue 13913.
  3758. o Testing:
  3759. - New tests for many parts of channel, relay, and circuitmux
  3760. functionality. Code by Andrea; part of 9262.
  3761. - New tests for parse_transport_line(). Part of ticket 6456.
  3762. - In the unit tests, use chgrp() to change the group of the unit
  3763. test temporary directory to the current user, so that the sticky
  3764. bit doesn't interfere with tests that check directory groups.
  3765. Closes 13678.
  3766. - Add unit tests for resolve_my_addr(). Part of ticket 12376; patch
  3767. by 'rl1987'.
  3768. Changes in version 0.2.6.1-alpha - 2014-10-30
  3769. Tor 0.2.6.1-alpha is the first release in the Tor 0.2.6.x series. It
  3770. includes numerous code cleanups and new tests, and fixes a large
  3771. number of annoying bugs. Out-of-memory conditions are handled better
  3772. than in 0.2.5, pluggable transports have improved proxy support, and
  3773. clients now use optimistic data for contacting hidden services. Also,
  3774. we are now more robust to changes in what we consider a parseable
  3775. directory object, so that tightening restrictions does not have a risk
  3776. of introducing infinite download loops.
  3777. This is the first alpha release in a new series, so expect there to be
  3778. bugs. Users who would rather test out a more stable branch should stay
  3779. with 0.2.5.x for now.
  3780. o New compiler and system requirements:
  3781. - Tor 0.2.6.x requires that your compiler support more of the C99
  3782. language standard than before. The 'configure' script now detects
  3783. whether your compiler supports C99 mid-block declarations and
  3784. designated initializers. If it does not, Tor will not compile.
  3785. We may revisit this requirement if it turns out that a significant
  3786. number of people need to build Tor with compilers that don't
  3787. bother implementing a 15-year-old standard. Closes ticket 13233.
  3788. - Tor no longer supports systems without threading support. When we
  3789. began working on Tor, there were several systems that didn't have
  3790. threads, or where the thread support wasn't able to run the
  3791. threads of a single process on multiple CPUs. That no longer
  3792. holds: every system where Tor needs to run well now has threading
  3793. support. Resolves ticket 12439.
  3794. o Removed platform support:
  3795. - We no longer include special code to build on Windows CE; as far
  3796. as we know, nobody has used Tor on Windows CE in a very long time.
  3797. Closes ticket 11446.
  3798. o Major features (bridges):
  3799. - Expose the outgoing upstream HTTP/SOCKS proxy to pluggable
  3800. transports if they are configured via the "TOR_PT_PROXY"
  3801. environment variable. Implements proposal 232. Resolves
  3802. ticket 8402.
  3803. o Major features (client performance, hidden services):
  3804. - Allow clients to use optimistic data when connecting to a hidden
  3805. service, which should remove a round-trip from hidden service
  3806. initialization. See proposal 181 for details. Implements
  3807. ticket 13211.
  3808. o Major features (directory system):
  3809. - Upon receiving an unparseable directory object, if its digest
  3810. matches what we expected, then don't try to download it again.
  3811. Previously, when we got a descriptor we didn't like, we would keep
  3812. trying to download it over and over. Closes ticket 11243.
  3813. o Major features (sample torrc):
  3814. - Add a new, infrequently-changed "torrc.minimal". This file is
  3815. similar to torrc.sample, but it will change as infrequently as
  3816. possible, for the benefit of users whose systems prompt them for
  3817. intervention whenever a default configuration file is changed.
  3818. Making this change allows us to update torrc.sample to be a more
  3819. generally useful "sample torrc".
  3820. o Major bugfixes (directory authorities):
  3821. - Do not assign the HSDir flag to relays if they are not Valid, or
  3822. currently hibernating. Fixes 12573; bugfix on 0.2.0.10-alpha.
  3823. o Major bugfixes (directory bandwidth performance):
  3824. - Don't flush the zlib buffer aggressively when compressing
  3825. directory information for clients. This should save about 7% of
  3826. the bandwidth currently used for compressed descriptors and
  3827. microdescriptors. Fixes bug 11787; bugfix on 0.1.1.23.
  3828. o Minor features (security, memory wiping):
  3829. - Ensure we securely wipe keys from memory after
  3830. crypto_digest_get_digest and init_curve25519_keypair_from_file
  3831. have finished using them. Resolves ticket 13477.
  3832. o Minor features (security, out-of-memory handling):
  3833. - When handling an out-of-memory condition, allocate less memory for
  3834. temporary data structures. Fixes issue 10115.
  3835. - When handling an out-of-memory condition, consider more types of
  3836. buffers, including those on directory connections, and zlib
  3837. buffers. Resolves ticket 11792.
  3838. o Minor features:
  3839. - When identity keypair is generated for first time, log a
  3840. congratulatory message that links to the new relay lifecycle
  3841. document. Implements feature 10427.
  3842. o Minor features (client):
  3843. - Clients are now willing to send optimistic data (before they
  3844. receive a 'connected' cell) to relays of any version. (Relays
  3845. without support for optimistic data are no longer supported on the
  3846. Tor network.) Resolves ticket 13153.
  3847. o Minor features (directory authorities):
  3848. - Don't list relays with a bandwidth estimate of 0 in the consensus.
  3849. Implements a feature proposed during discussion of bug 13000.
  3850. - In tor-gencert, report an error if the user provides the same
  3851. argument more than once.
  3852. - If a directory authority can't find a best consensus method in the
  3853. votes that it holds, it now falls back to its favorite consensus
  3854. method. Previously, it fell back to method 1. Neither of these is
  3855. likely to get enough signatures, but "fall back to favorite"
  3856. doesn't require us to maintain support an obsolete consensus
  3857. method. Implements part of proposal 215.
  3858. o Minor features (logging):
  3859. - On Unix-like systems, you can now use named pipes as the target of
  3860. the Log option, and other options that try to append to files.
  3861. Closes ticket 12061. Patch from "carlo von lynX".
  3862. - When opening a log file at startup, send it every log message that
  3863. we generated between startup and opening it. Previously, log
  3864. messages that were generated before opening the log file were only
  3865. logged to stdout. Closes ticket 6938.
  3866. - Add a TruncateLogFile option to overwrite logs instead of
  3867. appending to them. Closes ticket 5583.
  3868. o Minor features (portability, Solaris):
  3869. - Threads are no longer disabled by default on Solaris; we believe
  3870. that the versions of Solaris with broken threading support are all
  3871. obsolete by now. Resolves ticket 9495.
  3872. o Minor features (relay):
  3873. - Re-check our address after we detect a changed IP address from
  3874. getsockname(). This ensures that the controller command "GETINFO
  3875. address" will report the correct value. Resolves ticket 11582.
  3876. Patch from "ra".
  3877. - A new AccountingRule option lets Relays set whether they'd like
  3878. AccountingMax to be applied separately to inbound and outbound
  3879. traffic, or applied to the sum of inbound and outbound traffic.
  3880. Resolves ticket 961. Patch by "chobe".
  3881. o Minor features (testing networks):
  3882. - Add the TestingDirAuthVoteExit option, which lists nodes to assign
  3883. the "Exit" flag regardless of their uptime, bandwidth, or exit
  3884. policy. TestingTorNetwork must be set for this option to have any
  3885. effect. Previously, authorities would take up to 35 minutes to
  3886. give nodes the Exit flag in a test network. Partially implements
  3887. ticket 13161.
  3888. o Minor features (validation):
  3889. - Check all date/time values passed to tor_timegm and
  3890. parse_rfc1123_time for validity, taking leap years into account.
  3891. Improves HTTP header validation. Implemented with bug 13476.
  3892. - In correct_tm(), limit the range of values returned by system
  3893. localtime(_r) and gmtime(_r) to be between the years 1 and 8099.
  3894. This means we don't have to deal with negative or too large dates,
  3895. even if a clock is wrong. Otherwise we might fail to read a file
  3896. written by us which includes such a date. Fixes bug 13476.
  3897. o Minor bugfixes (bridge clients):
  3898. - When configured to use a bridge without an identity digest (not
  3899. recommended), avoid launching an extra channel to it when
  3900. bootstrapping. Fixes bug 7733; bugfix on 0.2.4.4-alpha.
  3901. o Minor bugfixes (bridges):
  3902. - When DisableNetwork is set, do not launch pluggable transport
  3903. plugins, and if any are running, terminate them. Fixes bug 13213;
  3904. bugfix on 0.2.3.6-alpha.
  3905. o Minor bugfixes (C correctness):
  3906. - Fix several instances of possible integer overflow/underflow/NaN.
  3907. Fixes bug 13104; bugfix on 0.2.3.1-alpha and later. Patches
  3908. from "teor".
  3909. - In circuit_build_times_calculate_timeout() in circuitstats.c,
  3910. avoid dividing by zero in the pareto calculations. This traps
  3911. under clang's "undefined-trap" sanitizer. Fixes bug 13290; bugfix
  3912. on 0.2.2.2-alpha.
  3913. - Fix an integer overflow in format_time_interval(). Fixes bug
  3914. 13393; bugfix on 0.2.0.10-alpha.
  3915. - Set the correct day of year value when the system's localtime(_r)
  3916. or gmtime(_r) functions fail to set struct tm. Not externally
  3917. visible. Fixes bug 13476; bugfix on 0.0.2pre14.
  3918. - Avoid unlikely signed integer overflow in tor_timegm on systems
  3919. with 32-bit time_t. Fixes bug 13476; bugfix on 0.0.2pre14.
  3920. o Minor bugfixes (client):
  3921. - Fix smartlist_choose_node_by_bandwidth() so that relays with the
  3922. BadExit flag are not considered worthy candidates. Fixes bug
  3923. 13066; bugfix on 0.1.2.3-alpha.
  3924. - Use the consensus schedule for downloading consensuses, and not
  3925. the generic schedule. Fixes bug 11679; bugfix on 0.2.2.6-alpha.
  3926. - Handle unsupported or malformed SOCKS5 requests properly by
  3927. responding with the appropriate error message before closing the
  3928. connection. Fixes bugs 12971 and 13314; bugfix on 0.0.2pre13.
  3929. o Minor bugfixes (client, torrc):
  3930. - Stop modifying the value of our DirReqStatistics torrc option just
  3931. because we're not a bridge or relay. This bug was causing Tor
  3932. Browser users to write "DirReqStatistics 0" in their torrc files
  3933. as if they had chosen to change the config. Fixes bug 4244; bugfix
  3934. on 0.2.3.1-alpha.
  3935. - When GeoIPExcludeUnknown is enabled, do not incorrectly decide
  3936. that our options have changed every time we SIGHUP. Fixes bug
  3937. 9801; bugfix on 0.2.4.10-alpha. Patch from "qwerty1".
  3938. o Minor bugfixes (controller):
  3939. - Return an error when the second or later arguments of the
  3940. "setevents" controller command are invalid events. Previously we
  3941. would return success while silently skipping invalid events. Fixes
  3942. bug 13205; bugfix on 0.2.3.2-alpha. Reported by "fpxnns".
  3943. o Minor bugfixes (directory system):
  3944. - Always believe that v3 directory authorities serve extra-info
  3945. documents, whether they advertise "caches-extra-info" or not.
  3946. Fixes part of bug 11683; bugfix on 0.2.0.1-alpha.
  3947. - When running as a v3 directory authority, advertise that you serve
  3948. extra-info documents so that clients who want them can find them
  3949. from you too. Fixes part of bug 11683; bugfix on 0.2.0.1-alpha.
  3950. - Check the BRIDGE_DIRINFO flag bitwise rather than using equality.
  3951. Previously, directories offering BRIDGE_DIRINFO and some other
  3952. flag (i.e. microdescriptors or extrainfo) would be ignored when
  3953. looking for bridges. Partially fixes bug 13163; bugfix
  3954. on 0.2.0.7-alpha.
  3955. o Minor bugfixes (networking):
  3956. - Check for orconns and use connection_or_close_for_error() rather
  3957. than connection_mark_for_close() directly in the getsockopt()
  3958. failure case of connection_handle_write_impl(). Fixes bug 11302;
  3959. bugfix on 0.2.4.4-alpha.
  3960. o Minor bugfixes (relay):
  3961. - When generating our family list, remove spaces from around the
  3962. entries. Fixes bug 12728; bugfix on 0.2.1.7-alpha.
  3963. - If our previous bandwidth estimate was 0 bytes, allow publishing a
  3964. new relay descriptor immediately. Fixes bug 13000; bugfix
  3965. on 0.1.1.6-alpha.
  3966. o Minor bugfixes (testing networks):
  3967. - Fix TestingDirAuthVoteGuard to properly give out Guard flags in a
  3968. testing network. Fixes bug 13064; bugfix on 0.2.5.2-alpha.
  3969. - Stop using the default authorities in networks which provide both
  3970. AlternateDirAuthority and AlternateBridgeAuthority. Partially
  3971. fixes bug 13163; bugfix on 0.2.0.13-alpha.
  3972. o Minor bugfixes (testing):
  3973. - Stop spawn test failures due to a race condition between the
  3974. SIGCHLD handler updating the process status, and the test reading
  3975. it. Fixes bug 13291; bugfix on 0.2.3.3-alpha.
  3976. o Minor bugfixes (testing, Windows):
  3977. - Avoid passing an extra backslash when creating a temporary
  3978. directory for running the unit tests on Windows. Fixes bug 12392;
  3979. bugfix on 0.2.2.25-alpha. Patch from Gisle Vanem.
  3980. o Minor bugfixes (windows):
  3981. - Remove code to special-case handling of NTE_BAD_KEYSET when
  3982. acquiring windows CryptoAPI context. This error can't actually
  3983. occur for the parameters we're providing. Fixes bug 10816; bugfix
  3984. on 0.0.2pre26.
  3985. o Minor bugfixes (zlib):
  3986. - Avoid truncating a zlib stream when trying to finalize it with an
  3987. empty output buffer. Fixes bug 11824; bugfix on 0.1.1.23.
  3988. o Build fixes:
  3989. - Allow our configure script to build correctly with autoconf 2.62
  3990. again. Fixes bug 12693; bugfix on 0.2.5.2-alpha.
  3991. - Improve the error message from ./configure to make it clear that
  3992. when asciidoc has not been found, the user will have to either add
  3993. --disable-asciidoc argument or install asciidoc. Resolves
  3994. ticket 13228.
  3995. o Code simplification and refactoring:
  3996. - Change the entry_is_live() function to take named bitfield
  3997. elements instead of an unnamed list of booleans. Closes
  3998. ticket 12202.
  3999. - Refactor and unit-test entry_is_time_to_retry() in entrynodes.c.
  4000. Resolves ticket 12205.
  4001. - Use calloc and reallocarray functions instead of multiply-
  4002. then-malloc. This makes it less likely for us to fall victim to an
  4003. integer overflow attack when allocating. Resolves ticket 12855.
  4004. - Use the standard macro name SIZE_MAX, instead of our
  4005. own SIZE_T_MAX.
  4006. - Document usage of the NO_DIRINFO and ALL_DIRINFO flags clearly in
  4007. functions which take them as arguments. Replace 0 with NO_DIRINFO
  4008. in a function call for clarity. Seeks to prevent future issues
  4009. like 13163.
  4010. - Avoid 4 null pointer errors under clang static analysis by using
  4011. tor_assert() to prove that the pointers aren't null. Fixes
  4012. bug 13284.
  4013. - Rework the API of policies_parse_exit_policy() to use a bitmask to
  4014. represent parsing options, instead of a confusing mess of
  4015. booleans. Resolves ticket 8197.
  4016. - Introduce a helper function to parse ExitPolicy in
  4017. or_options_t structure.
  4018. o Documentation:
  4019. - Add a doc/TUNING document with tips for handling large numbers of
  4020. TCP connections when running busy Tor relay. Update the warning
  4021. message to point to this file when running out of sockets
  4022. operating system is allowing to use simultaneously. Resolves
  4023. ticket 9708.
  4024. o Removed features:
  4025. - We no longer remind the user about configuration options that have
  4026. been obsolete since 0.2.3.x or earlier. Patch by Adrien Bak.
  4027. - Remove our old, non-weighted bandwidth-based node selection code.
  4028. Previously, we used it as a fallback when we couldn't perform
  4029. weighted bandwidth-based node selection. But that would only
  4030. happen in the cases where we had no consensus, or when we had a
  4031. consensus generated by buggy or ancient directory authorities. In
  4032. either case, it's better to use the more modern, better maintained
  4033. algorithm, with reasonable defaults for the weights. Closes
  4034. ticket 13126.
  4035. - Remove the --disable-curve25519 configure option. Relays and
  4036. clients now are required to support curve25519 and the
  4037. ntor handshake.
  4038. - The old "StrictEntryNodes" and "StrictExitNodes" options, which
  4039. used to be deprecated synonyms for "StrictNodes