Tor (Expert Bundle) Changelog

What's new in Tor (Expert Bundle) 0.4.7.8

Jul 13, 2022

This version fixes several bugfixes including a High severity security issue categorized as a Denial of Service. Everyone running an earlier version should upgrade to this version.
Major bugfixes (congestion control, TROVE-2022-001):
Fix a scenario where RTT estimation can become wedged, seriously degrading congestion control performance on all circuits. This impacts clients, onion services, and relays, and can be triggered remotely by a malicious endpoint. Tracked as CVE-2022-33903. Fixes bug 40626; bugfix on 0.4.7.5-alpha.
Minor features (fallbackdir):
Regenerate fallback directories generated on June 17, 2022.
Minor features (geoip data):
Update the geoip files to match the IPFire Location Database, as retrieved on 2022/06/17.
Minor bugfixes (linux seccomp2 sandbox):
Allow the rseq system call in the sandbox. This solves a crash issue with glibc 2.35 on Linux. Patch from pmu-ipf. Fixes bug 40601; bugfix on 0.3.5.11.
Minor bugfixes (logging):
Demote a harmless warn log message about finding a second hop to from warn level to info level, if we do not have enough descriptors yet. Leave it at notice level for other cases. Fixes bug 40603; bugfix on 0.4.7.1-alpha.
Demote a notice log message about "Unexpected path length" to info level. These cases seem to happen arbitrarily, and we likely will never find all of them before the switch to arti. Fixes bug 40612; bugfix on 0.4.7.5-alpha.
Minor bugfixes (relay, logging):
Demote a harmless XOFF log message to from notice level to info level. Fixes bug 40620; bugfix on 0.4.7.5-alpha.

New in Tor (Expert Bundle) 0.4.7.7 (May 31, 2022)

New in Tor (Expert Bundle) 0.4.7.5 Alpha (Apr 27, 2022)

Major bugfixes (onion service, congestion control):
Fix the onion service upload case where the congestion control
parameters were not added to the right object. Fixes bug 40586;
bugfix on 0.4.7.4-alpha.
Major bugfixes (relay, DNS):
Lower the DNS timeout from 3 attempts at 5 seconds each to 2
attempts at 1 seconds each. Two new consensus parameters were
added to control these values. This change should improve observed
performance under DNS load; see ticket for more details. Fixes bug
40312; bugfix on 0.3.5.1-alpha.
Minor features (control port):
Provide congestion control fields on CIRC_BW and STREAM control
port events, for use by sbws. Closes ticket 40568.
Minor features (fallbackdir):
Regenerate fallback directories generated on March 25, 2022.
Minor features (geoip data):
Update the geoip files to match the IPFire Location Database, as
retrieved on 2022/03/25.
Minor bugfixes (DNSPort, dormant mode):
A request on the DNSPort now wakes up a dormant tor. Fixes bug
40577; bugfix on 0.3.5.1-alpha.
Minor bugfixes (metrics port, onion service):
Fix the metrics with a port label to be unique. Before this, all
ports of an onion service would be on the same line which violates
the Prometheus rules of unique labels. Fixes bug 40581; bugfix
on 0.4.5.1-alpha.
Minor bugfixes (onion service congestion control):
Avoid a non-fatal assertion failure in the case where we fail to
set up congestion control on a rendezvous circuit. This could
happen naturally if a cache entry expired at an unexpected time.
Fixes bug 40576; bugfix on 0.4.7.4-alpha.
Minor bugfixes (onion service, client):
Fix a rare but fatal assertion failure due to a guard subsystem
recursion triggered by the onion service client. Fixes bug 40579;
bugfix on 0.3.5.1-alpha.
Minor bugfixes (relay, overload):
Decide whether to signal overload based on a fraction and
assessment period of ntor handshake drops. Previously, a single
drop could trigger an overload state, which caused many false
positives. Fixes bug 40560; bugfix on 0.4.7.1-alpha.

New in Tor (Expert Bundle) 0.4.7.4 Alpha (Mar 14, 2022)

This version contains the negotiation congestion control work which is the final part needed before going stable. There are also various bugfixes including two major ones detailed below. Last, the Exit notice page layout has been modernized but the text is unchanged. We recommend that all relay operators running any previous alpha upgrade to this one.
Major features (relay, client, onion services):
Implement RTT-based congestion control for exits and onion services, from Proposal 324. Disabled by default. Enabled by the 'cc_alg' consensus parameter. Closes ticket 40444.
Major bugfixes (client):
Stop caching TCP connect failures to relays/bridges when we initiated the connection as a client. Now we only cache connect failures as a relay or bridge when we initiated them because of an EXTEND request. Declining to re-attempt the client-based connections could cause problems when we lose connectivity and try to reconnect. Fixes bug 40499; bugfix on 0.3.3.4-alpha.
Major bugfixes (relay, overload):
Do not trigger a general overload on DNS timeout. Even after fixing 40527, some code remained that triggered the overload. Fixes bug 40564; bugfix on 0.4.7.1-alpha.
Minor feature (authority, relay):
Reject End-Of-Life relays running version 0.3.5.x. Closes ticket 40559.
Minor features (fallbackdir):
Regenerate fallback directories generated on February 25, 2022.
Minor features (geoip data):
Update the geoip files to match the IPFire Location Database, as retrieved on 2022/02/25.
Minor bugfix (logging):
Update a log notice dead URL to a working one. Fixes bug 40544; bugfix on 0.3.5.1-alpha.
Minor bugfix (relay):
Remove the HSDir and HSIntro onion service v2 protocol versions so relay stop advertising that they support them. Fixes bug 40509; bugfix on 0.3.5.17.
Minor bugfixes (cell scheduling):
Avoid writing empty payload with NSS write.
Don't attempt to write 0 bytes after a cell scheduling loop. No empty payload was put on the wire. Fixes bug 40548; bugfix on 0.3.5.1-alpha.
Minor bugfixes (compilation):
Resume being able to build on old / esoteric gcc versions. Fixes bug 40550; bugfix on 0.4.7.1-alpha.
Minor bugfixes (compiler warnings):
Fix couple compiler warnings on latest Ubuntu Jammy. Fixes bug 40516; bugfix on 0.3.5.1-alpha.
Documentation:
Provide an improved version of the tor-exit-notice.html file for exit relays to use as a landing page. The text is unchanged, but the page design and layout are significantly modernized, and several links are fixed. Patch from "n_user"; closes ticket 40529.

New in Tor (Expert Bundle) 0.4.6.10 (Mar 14, 2022)

New in Tor (Expert Bundle) 0.4.5.9 (Jun 22, 2021)

Major bugfixes (security):
Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on half-closed streamsPreviously, clients failed to validate which hop sent these cells: this would allow a relay on a circuit to end a stream that wasn't actually built with itFixes bug 40389; bugfix on 0.3.5.1-alphaThis issue is also tracked as TROVE-2021- 003 and CVE-2021-34548.
Major bugfixes (security, defense-in-depth):
Detect more failure conditions from the OpenSSL RNG codePreviously, we would detect errors from a missing RNG implementation, but not failures from the RNG code itselfFortunately, it appears those failures do not happen in practice when Tor is using OpenSSL's default RNG implementationFixes bug 40390; bugfix on 0.2.8.1-alphaThis issue is also tracked as TROVE-2021-004Reported by Jann Horn at Google's Project Zero.
Major bugfixes (security, denial of service):
Resist a hashtable-based CPU denial-of-service attack against relaysPreviously we used a naive unkeyed hash function to look up circuits in a circuitmux objectAn attacker could exploit this to construct circuits with chosen circuit IDs, to create collisions and make the hash table inefficientNow we use a SipHash construction here insteadFixes bug 40391; bugfix on 0.2.4.4-alphaThis issue is also tracked as TROVE-2021-005 and CVE-2021-34549Reported by Jann Horn from Google's Project Zero.
Fix an out-of-bounds memory access in v3 onion service descriptor parsingAn attacker could exploit this bug by crafting an onion service descriptor that would crash any client that tried to visit itFixes bug 40392; bugfix on 0.3.0.1-alphaThis issue is also tracked as TROVE-2021-006 and CVE-2021-34550Reported by Sergei Glazunov from Google's Project Zero.
Major features (control port, onion services):
Add controller support for creating version 3 onion services with client authorizationPreviously, only v2 onion services could be created with client authorizationCloses ticket 40084Patch by Neel Chauhan.
Major features (directory authority):
When voting on a relay with a Sybil-like appearance, add the Sybil flag when clearing out the other flagsThis lets a relay operator know why their relay hasn't been included in the consensusCloses ticket 40255Patch by Neel Chauhan.
Major features (metrics):
Relays now report how overloaded they are in their extrainfo documentsThis information is controlled with the OverloadStatistics torrc option, and it will be used to improve decisions about the network's load balancingImplements proposal 328; closes ticket 40222.
Major features (relay, denial of service):
Add a new DoS subsystem feature to control the rate of client connections for relaysCloses ticket 40253.
Major features (statistics):
Relays now publish statistics about the number of v3 onion services and volume of v3 onion service traffic, in the same manner they already do for v2 onionsCloses ticket 23126.
Major bugfixes (circuit build timeout):
Improve the accuracy of our circuit build timeout calculation for 60%, 70%, and 80% build rates for various guard choicesWe now use a maximum likelihood estimator for Pareto parameters of the circuit build time distribution, instead of a "right-censored estimator"This causes clients to ignore circuits that never finish building in their timeout calculationsPreviously, clients were counting such unfinished circuits as having the highest possible build time value, when in reality these circuits most likely just contain relays that are offlineWe also now wait a bit longer to let circuits complete for measurement purposes, lower the minimum possible effective timeout from 1.5 seconds to 10ms, and increase the resolution of the circuit build time histogram from 50ms bin widths to 10ms bin widthsAdditionally, we alter our estimate Xm by taking the maximum of the top 10 most common build time values of the 10ms histogram, and compute Xm as the average of theseFixes bug 40168; bugfix on 0.2.2.14-alpha.
Remove max_time calculation and associated warning from circuit build timeout 'alpha' parameter estimation, as this is no longer needed by our new estimator from 40168Fixes bug 34088; bugfix on 0.2.2.9-alpha.
Major bugfixes (signing key):
In the tor-gencert utility, give an informative error message if the passphrase given in `--create-identity-key` is too shortFixes bug 40189; bugfix on 0.2.0.1-alphaPatch by Neel Chauhan.
Minor features (bridge):
We now announce the URL to Tor's new bridge status at https://bridges.torproject.org/ when Tor is configured to run as a bridge relayCloses ticket 30477.
Minor features (build system):
New "make lsp" command to auto generate the compile_commands.json file used by the ccls serverThe "bear" program is needed for thisCloses ticket 40227.
Minor features (client):
Clients now check whether their streams are attempting to re-enter the Tor network (i.eto send Tor traffic over Tor), and close them preemptively if they think exit relays will refuse them for this reasonSee ticket 2667 for detailsCloses ticket 40271.
Minor features (command line):
Add long format name "--torrc-file" equivalent to the existing command-line option "-f"Closes ticket 40324Patch by Daniel Pinto.
Minor features (command-line interface):
Add build informations to `tor --version` in order to ease reproducible buildsCloses ticket 32102.
When parsing command-line flags that take an optional argument, treat the argument as absent if it would start with a '-' characterArguments in that form are not intelligible for any of our optional-argument flagsCloses ticket 40223.
Allow a relay operator to list the ed25519 keys on the command line by adding the `rsa` and `ed25519` arguments to the --list-fingerprint flag to show the respective RSA and ed25519 relay fingerprintCloses ticket 33632Patch by Neel Chauhan.
Minor features (compatibility):
Remove an assertion function related to TLS renegotiationIt was used nowhere outside the unit tests, and it was breaking compilation with recent alpha releases of OpenSSL 3.0.0Closes ticket 40399.
Minor features (control port, stream handling):
Add the stream ID to the event line in the ADDRMAP control eventCloses ticket 40249Patch by Neel Chauhan.
Minor features (dormant mode):
Add a new 'DormantTimeoutEnabled' option to allow coarse-grained control over whether the client ever becomes dormant from inactivityMost people won't need thisCloses ticket 40228.
Add a new 'DormantTimeoutEnabled' option for coarse-grained control over whether the client can become dormant from inactivityMost people won't need thisCloses ticket 40228.
Minor features (geoip data):
Update the geoip files to match the IPFire Location Database, as retrieved on 2021/06/10.
Minor features (logging):
Edit heartbeat log messages so that more of them begin with the string "Heartbeat: "Closes ticket 40322; patch from 'cypherpunks'.
Change the DoS subsystem heartbeat line format to be more clear on what has been detected/rejected, and which option is disabled (if any)Closes ticket 40308.
In src/core/mainloop/mainloop.c and src/core/mainloop/connection.c, put brackets around IPv6 addresses in log messagesCloses ticket 40232Patch by Neel Chauhan.
Minor features (logging, diagnostic):
Log decompression failures at a higher severity level, since they can help provide missing context for other warning messagesWe rate-limit these messages, to avoid flooding the logs if they begin to occur frequentlyCloses ticket 40175.
Minor features (onion services):
Add a warning message when trying to connect to (no longer supported) v2 onion servicesCloses ticket 40373.
Minor features (performance, windows):
Use SRWLocks to implement locking on WindowsReplaces the "critical section" locking implementation with the faster SRWLocks, available since Windows VistaCloses ticket 17927Patch by Daniel Pinto.
Minor features (protocol, proxy support, defense in depth):
Close HAProxy connections if they somehow manage to send us data before we start readingCloses another case of ticket 40017.
Minor features (tests, portability):
Port the hs_build_address.py test script to work with recent versions of pythonCloses ticket 40213Patch from Samanta Navarro.
Minor features (vote document):
Add a "stats" line to directory authority votes, to report various statistics that authorities compute about the relaysThis will help us diagnose the network betterCloses ticket 40314.
Minor bugfixes (build):
The configure script now shows whether or not lzma and zstd have been used, not just if the enable flag was passed inFixes bug 40236; bugfix on 0.4.3.1-alpha.
Minor bugfixes (compatibility):
Fix a failure in the test cases when running on the "hppa" architecture, along with a related test that might fail on other architectures in the futureFixes bug 40274; bugfix on 0.2.5.1-alpha.
Minor bugfixes (compilation):
Fix a compilation warning about unused functions when building with a libc that lacks the GLOB_ALTDIRFUNC constantFixes bug 40354; bugfix on 0.4.5.1-alphaPatch by Daniel Pinto.
Minor bugfixes (consensus handling):
Avoid a set of bugs that could be caused by inconsistently preferring an out-of-date consensus stored in a stale directory cache over a more recent one stored on disk as the latest consensusFixes bug 40375; bugfix on 0.3.1.1-alpha.
Minor bugfixes (control, sandbox):
Allow the control command SAVECONF to succeed when the seccomp sandbox is enabled, and make SAVECONF keep only one backup file to simplify implementationPreviously SAVECONF allowed a large number of backup files, which made it incompatible with the sandboxFixes bug 40317; bugfix on 0.2.5.4-alphaPatch by Daniel Pinto.
Minor bugfixes (directory authorities, voting):
Add a new consensus method (31) to support any future changes that authorities decide to make to the value of bwweightscale or maxunmeasuredbwPreviously, there was a bug that prevented the authorities from parsing these consensus parameters correctly under most circumstancesFixes bug 19011; bugfix on 0.2.2.10-alpha.
Minor bugfixes (ipv6):
Allow non-SOCKSPorts to disable IPv4, IPv6, and PreferIPv4Some rare configurations might break, but in this case you can disable NoIPv4Traffic and NoIPv6Traffic as neededFixes bug 33607; bugfix on 0.4.1.1-alphaPatch by Neel Chauhan.
Minor bugfixes (key generation):
Do not require a valid torrc when using the `--keygen` argument to generate a signing keyThis allows us to generate keys on systems or users which may not run TorFixes bug 40235; bugfix on 0.2.7.2-alphaPatch by Neel Chauhan.
Minor bugfixes (logging, relay):
Emit a warning if an Address is found to be internal and tor can't use itFixes bug 40290; bugfix on 0.4.5.1-alpha.
Minor bugfixes (metrics port):
Fix a bug that made tor try to re-bind() on an already open MetricsPort every 60 secondsFixes bug 40370; bugfix on 0.4.5.1-alpha.
Minor bugfixes (onion services, logging):
Downgrade the severity of a few rendezvous circuit-related warnings from warning to infoFixes bug 40207; bugfix on 0.3.2.1-alphaPatch by Neel Chauhan.
Minor bugfixes (relay):
Reduce the compression level for data streaming from HIGH to LOWThis should reduce the CPU and memory burden for directory cachesFixes bug 40301; bugfix on 0.3.5.1-alpha.
Minor bugfixes (testing, BSD):
Fix pattern-matching errors when patterns expand to invalid paths on BSD systemsFixes bug 40318; bugfix on 0.4.5.1-alphaPatch by Daniel Pinto.
Code simplification and refactoring:
Remove the orconn_ext_or_id_map structure and related functions(Nothing outside of unit tests used them.) Closes ticket 33383Patch by Neel Chauhan.
Removed features:
Remove unneeded code for parsing private keys in directory documentsThis code was only used for client authentication in v2 onion services, which are now unsupportedCloses ticket 40374.
As of this release, Tor no longer supports the old v2 onion servicesThey were deprecated last July for security, and support will be removed entirely later this yearWe strongly encourage everybody to migrate to v3 onion servicesFor more information, see https://blog.torproject.org/v2-deprecation-timeline Closes ticket 40266(NOTE: We accidentally released an earlier version of the 0.4.6.1-alpha changelog without this entrySorry for the confusion!)
Code simplification and refactoring (metrics, DoS):
Move the DoS subsystem into the subsys manager, including its configuration optionsCloses ticket 40261.
Documentation (manual):
Move the ServerTransport* options to the "SERVER OPTIONS" sectionCloses issue 40331.
Indicate that the HiddenServiceStatistics option also applies to bridgesCloses ticket 40346.
Move the description of BridgeRecordUsageByCountry to the section "STATISTICS OPTIONS"Closes ticket 40323.
Removed features (relay):
Because DirPorts are only used on authorities, relays no longer advertise themSimilarly, self-testing for DirPorts has been disabled, since an unreachable DirPort is no reason for a relay not to advertise itself(Configuring a DirPort will still work, for now.) Closes ticket 40282.

New in Tor (Expert Bundle) 0.4.5.8 (Jun 6, 2021)

Changes in version 0458 - 2021-05-10:
Minor features (compatibility, Linux seccomp sandbox, backport from 0463-rc):
Add a workaround to enable the Linux sandbox to work correctly with Glibc 233 This version of Glibc has started using the fstatat() system call, which previously our sandbox did not allow Closes ticket 40382; see the ticket for a discussion of trade-offs
Minor features (compilation, backport from 0463-rc):
Make the autoconf script build correctly with autoconf versions 270 and later Closes part of ticket 40335
Minor features (fallback directory list, backport from 0462-alpha):
Regenerate the list of fallback directories to contain a new set of 200 relays Closes ticket 40265
Minor features (geoip data):
Update the geoip files to match the IPFire Location Database, as retrieved on 2021/05/07
Minor features (onion services):
Add warning message when connecting to now deprecated v2 onion services As announced, Tor 045x is the last series that will support v2 onions Closes ticket 40373
Minor bugfixes (bridge, pluggable transport, backport from 0462-alpha):
Fix a regression that made it impossible start Tor using a bridge line with a transport name and no fingerprint Fixes bug 40360; bugfix on 0454-rc
Minor bugfixes (build, cross-compilation, backport from 0463-rc):
Allow a custom "ar" for cross-compilation Our previous build script had used the $AR environment variable in most places, but it missed one Fixes bug 40369; bugfix on 0451-alpha
Minor bugfixes (channel, DoS, backport from 0462-alpha):
Fix a non-fatal BUG() message due to a too-early free of a string, when listing a client connection from the DoS defenses subsystem Fixes bug 40345; bugfix on 0434-rc
Minor bugfixes (compiler warnings, backport from 0463-rc):
Fix an indentation problem that led to a warning from GCC 1111 Fixes bug 40380; bugfix on 0301-alpha
Minor bugfixes (controller, backport from 0461-alpha):
Fix a "BUG" warning that would appear when a controller chooses the first hop for a circuit, and that circuit completes Fixes bug 40285; bugfix on 0321-alpha
Minor bugfixes (onion service, client, memory leak, backport from 0463-rc):
Fix a bug where an expired cached descriptor could get overwritten with a new one without freeing it, leading to a memory leak Fixes bug 40356; bugfix on 0351-alpha
Minor bugfixes (testing, BSD, backport from 0462-alpha):
Fix pattern-matching errors when patterns expand to invalid paths on BSD systems Fixes bug 40318; bugfix on 0451-alpha Patch by Daniel Pinto

New in Tor (Expert Bundle) 0.4.6.2 Alpha (Apr 27, 2021)

Minor features (client):
Clients now check whether their streams are attempting to re-enter the Tor network (i.e. to send Tor traffic over Tor), and close them preemptively if they think exit relays will refuse them for this reason. See ticket 2667 for details. Closes ticket 40271.
Minor features (command line):
Add long format name "--torrc-file" equivalent to the existing command-line option "-f". Closes ticket 40324. Patch by Daniel Pinto.
Minor features (dormant mode):
Add a new 'DormantTimeoutEnabled' option to allow coarse-grained control over whether the client ever becomes dormant from inactivity. Most people won't need this. Closes ticket 40228.
Minor features (fallback directory list):
Regenerate the list of fallback directories to contain a new set of 200 relays. Closes ticket 40265.
Minor features (geoip data):
Update the geoip files to match the IPFire Location Database, as retrieved on 2021/04/13.
Minor features (logging):
Edit heartbeat log messages so that more of them begin with the string "Heartbeat: ". Closes ticket 40322; patch from 'cypherpunks'.
Minor bugfixes (bridge, pluggable transport):
Fix a regression that made it impossible start Tor using a bridge line with a transport name and no fingerprint. Fixes bug 40360; bugfix on 0.4.5.4-rc.
Minor bugfixes (channel, DoS):
Fix a non-fatal BUG() message due to a too-early free of a string, when listing a client connection from the DoS defenses subsystem. Fixes bug 40345; bugfix on 0.4.3.4-rc.
Minor bugfixes (compilation):
Fix a compilation warning about unused functions when building with a libc that lacks the GLOB_ALTDIRFUNC constant. Fixes bug 40354; bugfix on 0.4.5.1-alpha. Patch by Daniel Pinto.
Minor bugfixes (configuration):
Fix pattern-matching for directories on all platforms when using %include options in configuration files. This patch also fixes compilation on musl libc based systems. Fixes bug 40141; bugfix on 0.4.5.1-alpha.
Minor bugfixes (relay):
Move the "overload-general" line from extrainfo to the server descriptor. Fixes bug 40364; bugfix on 0.4.6.1-alpha.
Minor bugfixes (testing, BSD):
Fix pattern-matching errors when patterns expand to invalid paths on BSD systems. Fixes bug 40318; bugfix on 0.4.5.1-alpha. Patch by Daniel Pinto.
Documentation (manual):
Move the ServerTransport* options to the "SERVER OPTIONS" section. Closes issue 40331.
Indicate that the HiddenServiceStatistics option also applies to bridges. Closes ticket 40346.
Move the description of BridgeRecordUsageByCountry to the section "STATISTICS OPTIONS". Closes ticket 40323.

New in Tor (Expert Bundle) 0.4.5.6 (Feb 25, 2021)

Major features (build):
When building Tor, first link all object files into a single static library. This may help with embedding Tor in other programs. Note that most Tor functions do not constitute a part of a stable or supported API: only those functions in tor_api.h should be used if embedding Tor. Closes ticket 40127.
Major features (metrics):
Introduce a new MetricsPort which exposes, through an HTTP interface, a series of metrics that tor collects at runtime. At the moment, the only supported output format is Prometheus data model. Closes ticket 40063. See the manual page for more information and security considerations.
Major features (relay, IPv6):
The torrc option Address now supports IPv6. This unifies our address discovery interface to support IPv4, IPv6, and hostnames. Closes ticket 33233.
Launch IPv4 and IPv6 ORPort self-test circuits on relays and bridges. Closes ticket 33222.
Relays now automatically bind on IPv6 for their ORPort, unless specified otherwise with the IPv4Only flag. Closes ticket 33246.
When a relay with IPv6 support is told to open a connection to another relay, and the extend cell lists both IPv4 and IPv6 addresses, the first relay now picks randomly which address to use. Closes ticket 33220.
Relays now track their IPv6 ORPort reachability separately from the reachability of their IPv4 ORPort. They will not publish a descriptor unless _both_ ports appear to be externally reachable. Closes ticket 34067.
Major features (tracing):
Add event-tracing library support for USDT and LTTng-UST, and a few tracepoints in the circuit subsystem. More will come incrementally. This feature is compiled out by default: it needs to be enabled at configure time. See documentation in doc/HACKING/Tracing.md. Closes ticket 32910.
Major bugfixes (directory cache, performance, windows):
Limit the number of items in the consensus diff cache to 64 on Windows. We hope this will mitigate an issue where Windows relay operators reported Tor using 100% CPU, while we investigate better solutions. Fixes bug 24857; bugfix on 0.3.1.1-alpha.
Major bugfixes (relay, windows):
Fix a bug in our implementation of condition variables on Windows. Previously, a relay on Windows would use 100% CPU after running for some time. Because of this change, Tor now require Windows Vista or later to build and run. Fixes bug 30187; bugfix on 0.2.6.3-alpha. (This bug became more serious in 0.3.1.1-alpha with the introduction of consensus diffs.) Patch by Daniel Pinto.
Major bugfixes (TLS, buffer):
When attempting to read N bytes on a TLS connection, really try to read all N bytes. Previously, Tor would stop reading after the first TLS record, which can be smaller than the N bytes requested, and not check for more data until the next mainloop event. Fixes bug 40006; bugfix on 0.1.0.5-rc.
Minor features (address discovery):
If no Address statements are found, relays now prioritize guessing their address by looking at the local interface instead of the local hostname. If the interface address can't be found, the local hostname is used. Closes ticket 33238.
Minor features (admin tools):
Add a new --format argument to -key-expiration option to allow specifying the time format of the expiration date. Adds Unix timestamp format support. Patch by Daniel Pinto. Closes ticket 30045.
Minor features (authority, logging):
Log more information for directory authority operators during the consensus voting process, and while processing relay descriptors. Closes ticket 40245.
Minor features (bootstrap reporting):
When reporting bootstrapping status on a relay, do not consider connections that have never been the target of an origin circuit. Previously, all connection failures were treated as potential bootstrapping failures, including connections that had been opened because of client requests. Closes ticket 25061.
Minor features (build):
When running the configure script, try to detect version mismatches between the OpenSSL headers and libraries, and suggest that the user should try "--with-openssl-dir". Closes 40138.
If the configure script has given any warnings, remind the user about them at the end of the script. Related to 40138.
Minor features (configuration):
Allow using wildcards (* and ?) with the %include option on configuration files. Closes ticket 25140. Patch by Daniel Pinto.
Allow the configuration options EntryNodes, ExcludeNodes, ExcludeExitNodes, ExitNodes, MiddleNodes, HSLayer2Nodes and HSLayer3Nodes to be specified multiple times. Closes ticket 28361. Patch by Daniel Pinto.
Minor features (control port):
Add a DROPTIMEOUTS command to drop circuit build timeout history and reset the current timeout. Closes ticket 40002.
When a stream enters the AP_CONN_STATE_CONTROLLER_WAIT status, send a control port event. Closes ticket 32190. Patch by Neel Chauhan.
Introduce GETINFO "stats/ntor/{assigned/requested}" and "stats/tap/{assigned/requested}" to get the NTor and TAP circuit onion handshake counts respectively. Closes ticket 28279. Patch by Neel Chauhan.
Minor features (control port, IPv6):
Tor relays now try to report to the controller when they are launching an IPv6 self-test. Closes ticket 34068.
Introduce "GETINFO address/v4" and "GETINFO address/v6" in the control port to fetch the Tor host's respective IPv4 or IPv6 address. We keep "GETINFO address" for backwards-compatibility. Closes ticket 40039. Patch by Neel Chauhan.
Minor features (directory authorities):
Add a new consensus method 30 that removes the unnecessary "=" padding from ntor-onion-key. Closes ticket 7869. Patch by Daniel Pinto.
Directory authorities now reject descriptors from relays running Tor versions from the obsolete 0.4.1 series. Resolves ticket 34357. Patch by Neel Chauhan.
The AssumeReachable option no longer stops directory authorities from checking whether other relays are running. A new AuthDirTestReachability option can be used to disable these checks. Closes ticket 34445.
When looking for possible Sybil attacks, also consider IPv6 addresses. Two routers are considered to have "the same" address by this metric if they are in the same /64 network. Patch from Maurice Pibouin. Closes ticket 7193.
Minor features (directory authorities, IPv6):
Make authorities add their IPv6 ORPort (if any) to the trusted servers list. Authorities previously added only their IPv4 addresses. Closes ticket 32822.
Minor features (documentation):
Mention the "!badexit" directive that can appear in an authority's approved-routers file, and update the description of the "!invalid" directive. Closes ticket 40188.
Minor features (ed25519, relay):
Save a relay's base64-encoded ed25519 identity key to the data directory in a file named fingerprint-ed25519. Closes ticket 30642. Patch by Neel Chauhan.
Minor features (heartbeat):
Include the total number of inbound and outbound IPv4 and IPv6 connections in the heartbeat message. Closes ticket 29113.
Minor features (IPv6, ExcludeNodes):
Handle IPv6 addresses in ExcludeNodes; previously they were ignored. Closes ticket 34065. Patch by Neel Chauhan.
Minor features (logging):
Add the running glibc version to the log, and the compiled glibc version to the library list returned when using --library-versions. Patch from Daniel Pinto. Closes ticket 40047.
Consider an HTTP 301 response to be an error (like a 404) when processing a directory response. Closes ticket 40053.
Log directory fetch statistics as a single line. Closes ticket 40159.
Provide more complete descriptions of our connections when logging about them. Closes ticket 40041.
When describing a relay in the logs, we now include its ed25519 identity. Closes ticket 22668.
Minor features (onion services):
Only overwrite an onion service's existing hostname file if its contents are wrong. This enables read-only onion-service directories. Resolves ticket 40062. Patch by Neel Chauhan.
Minor features (pluggable transports):
Add an OutboundBindAddressPT option to allow users to specify which IPv4 and IPv6 address pluggable transports should use for outgoing IP packets. Tor does not have a way to enforce that the pluggable transport honors this option, so each pluggable transport needs to implement support on its own. Closes ticket 5304.
Minor features (protocol, proxy support, defense in depth):
Respond more deliberately to misbehaving proxies that leave leftover data on their connections, so as to make Tor even less likely to allow the proxies to pass their data off as having come from a relay. Closes ticket 40017.
Minor features (relay address tracking):
We now store relay addresses for OR connections in a more logical way. Previously we would sometimes overwrite the actual address of a connection with a "canonical address", and then store the "real address" elsewhere to remember it. We now track the "canonical address" elsewhere for the cases where we need it, and leave the connection's address alone. Closes ticket 33898.
Minor features (relay):
If a relay is unable to discover its address, attempt to learn it from the NETINFO cell. Closes ticket 40022.
Log immediately when launching a relay self-check. Previously we would try to log before launching checks, or approximately when we intended to launch checks, but this tended to be error-prone. Closes ticket 34137.
Minor features (relay, address discovery):
If Address option is not found in torrc, attempt to learn our address with the configured ORPort address if any. Closes ticket 33236.
Minor features (relay, IPv6):
Add an AssumeReachableIPv6 option to disable self-checking IPv6 reachability. Closes part of ticket 33224.
Add new "assume-reachable" and "assume-reachable-ipv6" consensus parameters to be used in an emergency to tell relays that they should publish even if they cannot complete their ORPort self- checks. Closes ticket 34064 and part of 33224.
Allow relays to send IPv6-only extend cells. Closes ticket 33222.
Declare support for the Relay=3 subprotocol version. Closes ticket 33226.
When launching IPv6 ORPort self-test circuits, make sure that the second-last hop can initiate an IPv6 extend. Closes ticket 33222.
Minor features (safety):
Log a warning at startup if Tor is built with compile-time options that are likely to make it less stable or reliable. Closes ticket 18888.
Minor features (specification update):
Several fields in microdescriptors, router descriptors, and consensus documents that were formerly optional are now required. Implements proposal 315; closes ticket 40132.
Minor features (state management):
When loading the state file, remove entries from the statefile that have been obsolete for a long time. Ordinarily Tor preserves unrecognized entries in order to keep forward-compatibility, but these entries have not actually been used in any release since before 0.3.5.x. Closes ticket 40137.
Minor features (statistics, ipv6):
Relays now publish IPv6-specific counts of single-direction versus bidirectional relay connections. Closes ticket 33264.
Relays now publish their IPv6 read and write statistics over time, if statistics are enabled. Closes ticket 33263.
Minor features (subprotocol versions):
Use the new limitations on subprotocol versions due to proposal 318 to simplify our implementation. Part of ticket 40133.
Minor features (testing configuration):
The TestingTorNetwork option no longer implicitly sets AssumeReachable to 1. This change allows us to test relays' self- testing mechanisms, and to test authorities' relay-testing functionality. Closes ticket 34446.
Minor features (testing):
Added unit tests for channel_matches_target_addr_for_extend(). Closes Ticket 33919. Patch by MrSquanchee.
Minor bugfixes (circuit padding):
When circpad_send_padding_cell_for_callback is called, `is_padding_timer_scheduled` flag was not reset. Now it is set to 0 at the top of that function. Fixes bug 32671; bugfix on 0.4.0.1-alpha.
Add a per-circuit padding machine instance counter, so we can differentiate between shutdown requests for old machines on a circuit. Fixes bug 30992; bugfix on 0.4.1.1-alpha.
Add the ability to keep circuit padding machines if they match a set of circuit states or purposes. This allows us to have machines that start up under some conditions but don't shut down under others. We now use this mask to avoid starting up introduction circuit padding again after the machines have already completed. Fixes bug 32040; bugfix on 0.4.1.1-alpha.
Minor bugfixes (circuit, handshake):
In the v3 handshaking code, use connection_or_change_state() to change the state. Previously, we changed the state directly, but this did not pass the state change to the pubsub or channel objects, potentially leading to bugs. Fixes bug 32880; bugfix on 0.2.3.6-alpha. Patch by Neel Chauhan.
Minor bugfixes (compilation):
Change the linker flag ordering in our library search code so that it works for compilers that need the libraries to be listed in the right order. Fixes bug 33624; bugfix on 0.1.1.0-alpha.
Fix the "--enable-static-tor" switch to properly set the "-static" compile option onto the tor binary only. Fixes bug 40111; bugfix on 0.2.3.1-alpha.
Minor bugfixes (configuration):
Exit Tor on a misconfiguration when the Bridge line is configured to use a transport but no corresponding ClientTransportPlugin can be found. Prior to this fix, Tor would attempt to connect to the bridge directly without using the transport, making it easier for adversaries to notice the bridge. Fixes bug 25528; bugfix on 0.2.6.1-alpha.
Minor bugfixes (control port):
Make sure we send the SOCKS request address in relay begin cells when a stream is attached with the purpose CIRCUIT_PURPOSE_CONTROLLER. Fixes bug 33124; bugfix on 0.0.5. Patch by Neel Chauhan.
Minor bugfixes (crash, relay, signing key):
Avoid assertion failures when we run Tor from the command line with `--key-expiration sign`, but an ORPort is not set. Fixes bug 40015; bugfix on 0.3.2.1-alpha. Patch by Neel Chauhan.
Minor bugfixes (logging):
Avoid a spurious log message about missing subprotocol versions, when the consensus that we're reading from is older than the current release. Previously we had made this message nonfatal, but in practice, it is never relevant when the consensus is older than the current release. Fixes bug 40281; bugfix on 0.4.0.1-alpha.
Remove trailing whitespace from control event log messages. Fixes bug 32178; bugfix on 0.1.1.1-alpha. Based on a patch by Amadeusz Pawlik.
Turn warning-level log message about SENDME failure into a debug- level message. (This event can happen naturally, and is no reason for concern). Fixes bug 40142; bugfix on 0.4.1.1-alpha.
When logging a rate-limited message about how many messages have been suppressed in the last N seconds, give an accurate value for N, rounded up to the nearest minute. Previously we would report the size of the rate-limiting interval, regardless of when the messages started to occur. Fixes bug 19431; bugfix on 0.2.2.16-alpha.
Minor bugfixes (onion services):
Avoid a non-fatal assertion in certain edge-cases when establishing a circuit to an onion service. Fixes bug 32666; bugfix on 0.3.0.3-alpha.
Minor bugfixes (rust, protocol versions):
Declare support for the onion service introduction point denial of service extensions when building with Rust. Fixes bug 34248; bugfix on 0.4.2.1-alpha.
Make Rust protocol version support checks consistent with the undocumented error behavior of the corresponding C code. Fixes bug 34251; bugfix on 0.3.3.5-rc.
Minor bugfixes (self-testing):
When receiving an incoming circuit, only accept it as evidence that we are reachable if the declared address of its channel is the same address we think that we have. Otherwise, it could be evidence that we're reachable on some other address. Fixes bug 20165; bugfix on 0.1.0.1-rc.
Minor bugfixes (spec conformance):
Use the correct key type when generating signing->link certificates. Fixes bug 40124; bugfix on 0.2.7.2-alpha.
Minor bugfixes (subprotocol versions):
Consistently reject extra commas, instead of only rejecting leading commas. Fixes bug 27194; bugfix on 0.2.9.4-alpha.
In summarize_protover_flags(), treat empty strings the same as NULL. This prevents protocols_known from being set. Previously, we treated empty strings as normal strings, which led to protocols_known being set. Fixes bug 34232; bugfix on 0.3.3.2-alpha. Patch by Neel Chauhan.
Code simplification and refactoring:
Add and use a set of functions to perform down-casts on constant connection and channel pointers. Closes ticket 40046.
Refactor our code that logs descriptions of connections, channels, and the peers on them, to use a single call path. This change enables us to refactor the data types that they use, and eliminates many confusing usages of those types. Closes ticket 40041.
Refactor some common node selection code into a single function. Closes ticket 34200.
Remove the now-redundant 'outbuf_flushlen' field from our connection type. It was previously used for an older version of our rate-limiting logic. Closes ticket 33097.
Rename "fascist_firewall_*" identifiers to "reachable_addr_*" instead, for consistency with other code. Closes ticket 18106.
Rename functions about "advertised" ports which are not in fact guaranteed to return the ports that have been advertised. Closes ticket 40055.
Split implementation of several command line options from options_init_from_torrc into smaller isolated functions. Patch by Daniel Pinto. Closes ticket 40102.
When an extend cell is missing an IPv4 or IPv6 address, fill in the address from the extend info. This is similar to what was done in ticket 33633 for ed25519 keys. Closes ticket 33816. Patch by Neel Chauhan.
Deprecated features:
The "non-builtin" argument to the "--dump-config" command is now deprecated. When it works, it behaves the same as "short", which you should use instead. Closes ticket 33398.
Documentation:
Replace URLs from our old bugtracker so that they refer to the new bugtracker and wiki. Closes ticket 40101.
Removed features:
We no longer ship or build a "tor.service" file for use with systemd. No distribution included this script unmodified, and we don't have the expertise ourselves to maintain this in a way that all the various systemd-based distributions can use. Closes ticket 30797.
We no longer ship support for the Android logging API. Modern versions of Android can use the syslog API instead. Closes ticket 32181.
The "optimistic data" feature is now always on; there is no longer an option to disable it from the torrc file or from the consensus directory. Closes part of 40139.
The "usecreatefast" network parameter is now removed; there is no longer an option for authorities to turn it off. Closes part of 40139.
Testing:
Add unit tests for bandwidth statistics manipulation functions. Closes ticket 33812. Patch by MrSquanchee.
Code simplification and refactoring (autoconf):
Remove autoconf checks for unused funcs and headers. Closes ticket 31699; Patch by @bduszel
Code simplification and refactoring (maintainer scripts):
Disable by default the pre-commit hook. Use the environment variable TOR_EXTRA_PRE_COMMIT_CHECKS in order to run it. Furthermore, stop running practracker in the pre-commit hook and make check-local. Closes ticket 40019.
Code simplification and refactoring (relay address):
Most of IPv4 representation was using "uint32_t". It has now been moved to use the internal "tor_addr_t" interface instead. This is so we can properly integrate IPv6 along IPv4 with common interfaces. Closes ticket 40043.
Documentation (manual page):
Move them from doc/ to doc/man/. Closes ticket 40044.
Describe the status of the "Sandbox" option more accurately. It is no longer "experimental", but it _is_ dependent on kernel and libc versions. Closes ticket 23378.
Documentation (tracing):
Document in depth the circuit subsystem trace events in the new doc/tracing/EventsCircuit.md. Closes ticket 40036.
Removed features (controller):
Remove the "GETINFO network-status" controller command. It has been deprecated since 0.3.1.1-alpha. Closes ticket 22473.

New in Tor (Expert Bundle) 0.4.4.6 (Nov 20, 2020)

New in Tor (Expert Bundle) 0.4.4.5 (Nov 20, 2020)

New in Tor (Expert Bundle) 0.4.4.2 Alpha (Jul 29, 2020)

Major bugfixes (NSS, security):
Fix a crash due to an out-of-bound memory access when Tor is compiled with NSS support. Fixes bug 33119; bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2020-001 and CVE-2020-15572.
Minor features (bootstrap reporting):
Report more detailed reasons for bootstrap failure when the failure happens due to a TLS error. Previously we would just call these errors "MISC" when they happened during read, and "DONE" when they happened during any other TLS operation. Closes ticket 32622.
Minor features (directory authority):
Authorities now recommend the protocol versions that are supported by Tor 0.3.5 and later. (Earlier versions of Tor have been deprecated since January of this year.) This recommendation will cause older clients and relays to give a warning on startup, or when they download a consensus directory. Closes ticket 32696.
Minor features (entry guards):
Reinstate support for GUARD NEW/UP/DOWN control port events. Closes ticket 40001.
Minor features (linux seccomp2 sandbox, portability):
Allow Tor to build on platforms where it doesn't know how to report which syscall caused the linux seccomp2 sandbox to fail. This change should make the sandbox code more portable to less common Linux architectures. Closes ticket 34382.
Permit the unlinkat() syscall, which some Libc implementations use to implement unlink(). Closes ticket 33346.
Minor bugfix (CI, Windows):
Use the correct 64-bit printf format when compiling with MINGW on Appveyor. Fixes bug 40026; bugfix on 0.3.5.5-alpha.
Minor bugfix (onion service v3 client):
Remove a BUG() warning that could occur naturally. Fixes bug 34087; bugfix on 0.3.2.1-alpha.
Minor bugfix (SOCKS, onion service client):
Detect v3 onion service addresses of the wrong length when returning the F6 ExtendedErrors code. Fixes bug 33873; bugfix on 0.4.3.1-alpha.
Minor bugfixes (compiler warnings):
Fix a compiler warning on platforms with 32-bit time_t values. Fixes bug 40028; bugfix on 0.3.2.8-rc.
Minor bugfixes (control port, onion service):
Consistently use 'address' in "Invalid v3 address" response to ONION_CLIENT_AUTH commands. Previously, we would sometimes say 'addr'. Fixes bug 40005; bugfix on 0.4.3.1-alpha.
Minor bugfixes (logging):
Downgrade a noisy log message that could occur naturally when receiving an extrainfo document that we no longer want. Fixes bug 16016; bugfix on 0.2.6.3-alpha.
Minor bugfixes (onion services v3):
Avoid a non-fatal assertion failure in certain edge-cases when opening an intro circuit as a client. Fixes bug 34084; bugfix on 0.3.2.1-alpha.
Deprecated features (onion service v2):
Add a deprecation warning for version 2 onion services. Closes ticket 40003.
Removed features (IPv6, revert):
Revert the change in the default value of ClientPreferIPv6OrPort: it breaks the torsocks use case. The SOCKS resolve command has no mechanism to ask for a specific address family (v4 or v6), and so prioritizing IPv6 when an IPv4 address is requested on the SOCKS interface resulted in a failure. Tor Browser explicitly sets PreferIPv6, so this should not affect the majority of our users. Closes ticket 33796; bugfix on 0.4.4.1-alpha.

New in Tor (Expert Bundle) 0.4.3.6 (Jul 29, 2020)

Major bugfixes (NSS, security, backport from 0.4.4.2-alpha):
Fix a crash due to an out-of-bound memory access when Tor is compiled with NSS support. Fixes bug 33119; bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2020-001 and CVE-2020-15572.
Minor bugfix (CI, Windows, backport from 0.4.4.2-alpha):
Use the correct 64-bit printf format when compiling with MINGW on Appveyor. Fixes bug 40026; bugfix on 0.3.5.5-alpha.
Minor bugfixes (client performance, backport from 0.4.4.1-alpha):
Resume use of preemptively-built circuits when UseEntryGuards is set to 0. We accidentally disabled this feature with that config setting, leading to slower load times. Fixes bug 34303; bugfix on 0.3.3.2-alpha.
Minor bugfixes (compiler warnings, backport from 0.4.4.2-alpha):
Fix a compiler warning on platforms with 32-bit time_t values. Fixes bug 40028; bugfix on 0.3.2.8-rc.
Minor bugfixes (linux seccomp sandbox, nss, backport from 0.4.4.1-alpha):
Fix a startup crash when tor is compiled with --enable-nss and sandbox support is enabled. Fixes bug 34130; bugfix on 0.3.5.1-alpha. Patch by Daniel Pinto.
Minor bugfixes (logging, backport from 0.4.4.2-alpha):
Downgrade a noisy log message that could occur naturally when receiving an extrainfo document that we no longer want. Fixes bug 16016; bugfix on 0.2.6.3-alpha.
Minor bugfixes (manual page, backport from 0.4.4.1-alpha):
Update the man page to reflect that MinUptimeHidServDirectoryV2 defaults to 96 hours. Fixes bug 34299; bugfix on 0.2.6.3-alpha.
Minor bugfixes (onion service v3, backport from 0.4.4.1-alpha):
Prevent an assert() that would occur when cleaning the client descriptor cache, and attempting to close circuits for a non- decrypted descriptor (lacking client authorization). Fixes bug 33458; bugfix on 0.4.2.1-alpha.
Minor bugfixes (portability, backport from 0.4.4.1-alpha):
Fix a portability error in the configure script, where we were using "==" instead of "=". Fixes bug 34233; bugfix on 0.4.3.5.
Minor bugfixes (relays, backport from 0.4.4.1-alpha):
Stop advertising incorrect IPv6 ORPorts in relay and bridge descriptors, when the IPv6 port was configured as "auto". Fixes bug 32588; bugfix on 0.2.3.9-alpha.
Documentation (backport from 0.4.4.1-alpha):
Fix several doxygen warnings related to imbalanced groups. Closes ticket 34255.

New in Tor (Expert Bundle) 0.4.2.6 (Feb 12, 2020)

Major bugfixes (linux seccomp sandbox, backport from 0.4.3.1-alpha):
Correct how we use libseccomp. Particularly, stop assuming that rules are applied in a particular order or that more rules are processed after the first match. Neither is the case! In libseccomp <2.4.0 this led to some rules having no effect. libseccomp 2.4.0 changed how rules are generated, leading to a different ordering, which in turn led to a fatal crash during startup. Fixes bug 29819; bugfix on 0.2.5.1-alpha. Patch by Peter Gerber.
Fix crash when reloading logging configuration while the experimental sandbox is enabled. Fixes bug 32841; bugfix on 0.4.1.7. Patch by Peter Gerber.
Minor bugfixes (correctness checks, backport from 0.4.3.1-alpha):
Use GCC/Clang's printf-checking feature to make sure that tor_assertf() arguments are correctly typed. Fixes bug 32765; bugfix on 0.4.1.1-alpha.
Minor bugfixes (logging, crash, backport from 0.4.3.1-alpha):
Avoid a possible crash when trying to log a (fatal) assertion failure about mismatched magic numbers in configuration objects. Fixes bug 32771; bugfix on 0.4.2.1-alpha.
Minor bugfixes (testing, backport from 0.4.3.1-alpha):
When TOR_DISABLE_PRACTRACKER is set, do not apply it to the test_practracker.sh script. Doing so caused a test failure. Fixes bug 32705; bugfix on 0.4.2.1-alpha.
When TOR_DISABLE_PRACTRACKER is set, log a notice to stderr when skipping practracker checks. Fixes bug 32705; bugfix on 0.4.2.1-alpha.
Minor bugfixes (windows service, backport from 0.4.3.1-alpha):
Initialize the publish/subscribe system when running as a windows service. Fixes bug 32778; bugfix on 0.4.1.1-alpha.
Testing (backport from 0.4.3.1-alpha):
Turn off Tor's Sandbox in Chutney jobs, and run those jobs on Ubuntu Bionic. Turning off the Sandbox is a work-around, until we fix the sandbox errors in 32722. Closes ticket 32240.
Re-enable the Travis CI macOS Chutney build, but don't let it prevent the Travis job from finishing. (The Travis macOS jobs are slow, so we don't want to have it delay the whole CI process.) Closes ticket 32629.
Testing (continuous integration, backport from 0.4.3.1-alpha):
Use zstd in our Travis Linux builds. Closes ticket 32242.

New in Tor (Expert Bundle) 0.4.2.5 (Jan 6, 2020)

Major features (directory authorities):
Directory authorities now reject relays running all currently deprecated release series. The currently supported release series are: 0.2.9, 0.3.5, 0.4.0, 0.4.1, and 0.4.2. Closes ticket 31549.
Major features (onion service v3, denial of service):
Add onion service introduction denial of service defenses. Intro points can now rate-limit client introduction requests, using parameters that can be sent by the service within the ESTABLISH_INTRO cell. If the cell extension for this is not used, the intro point will honor the consensus parameters. Closes ticket 30924.
Major bugfixes (circuit build, guard):
When considering upgrading circuits from "waiting for guard" to "open", always ignore circuits that are marked for close. Previously we could end up in the situation where a subsystem is notified of a circuit opening, but the circuit is still marked for close, leading to undesirable behavior. Fixes bug 30871; bugfix on 0.3.0.1-alpha.
Major bugfixes (crash, Linux, Android):
Tolerate systems (including some Android installations) where madvise and MADV_DONTDUMP are available at build-time, but not at run time. Previously, these systems would notice a failed syscall and abort. Fixes bug 31570; bugfix on 0.4.1.1-alpha.
Tolerate systems (including some Linux installations) where madvise and/or MADV_DONTFORK are available at build-time, but not at run time. Previously, these systems would notice a failed syscall and abort. Fixes bug 31696; bugfix on 0.4.1.1-alpha.
Major bugfixes (embedded Tor):
Avoid a possible crash when restarting Tor in embedded mode and enabling a different set of publish/subscribe messages. Fixes bug 31898; bugfix on 0.4.1.1-alpha.
Major bugfixes (relay):
Relays now respect their AccountingMax bandwidth again. When relays entered "soft" hibernation (which typically starts when we've hit 90% of our AccountingMax), we had stopped checking whether we should enter hard hibernation. Soft hibernation refuses new connections and new circuits, but the existing circuits can continue, meaning that relays could have exceeded their configured AccountingMax. Fixes bug 32108; bugfix on 0.4.0.1-alpha.
Major bugfixes (torrc parsing):
Stop ignoring torrc options after an %include directive, when the included directory ends with a file that does not contain any config options (but does contain comments or whitespace). Fixes bug 31408; bugfix on 0.3.1.1-alpha.
Major bugfixes (v3 onion services):
Onion services now always use the exact number of intro points configured with the HiddenServiceNumIntroductionPoints option (or fewer if nodes are excluded). Before, a service could sometimes pick more intro points than configured. Fixes bug 31548; bugfix on 0.3.2.1-alpha.
Minor feature (onion services, control port):
The ADD_ONION command's keyword "BEST" now defaults to ED25519-V3 (v3) onion services. Previously it defaulted to RSA1024 (v2). Closes ticket 29669.
Minor features (auto-formatting scripts):
When annotating C macros, never generate a line that our check- spaces script would reject. Closes ticket 31759.
When annotating C macros, try to remove cases of double-negation. Closes ticket 31779.
Minor features (best practices tracker):
Our best-practices tracker now integrates with our include-checker tool to keep track of how many layering violations we have not yet fixed. We hope to reduce this number over time to improve Tor's modularity. Closes ticket 31176.
Add a TOR_PRACTRACKER_OPTIONS variable for passing arguments to practracker from the environment. We may want this for continuous integration. Closes ticket 31309.
Give a warning rather than an error when a practracker exception is violated by a small amount, add a --list-overbroad option to practracker that lists exceptions that are stricter than they need to be, and provide an environment variable for disabling practracker. Closes ticket 30752.
Our best-practices tracker now looks at headers as well as C files. Closes ticket 31175.
Minor features (build system):
Make pkg-config use --prefix when cross-compiling, if PKG_CONFIG_PATH is not set. Closes ticket 32191.
Add --disable-manpage and --disable-html-manual options to configure script. This will enable shortening build times by not building documentation. Resolves issue 19381.
Minor features (compilation):
Log a more useful error message when we are compiling and one of the compile-time hardening options we have selected can be linked but not executed. Closes ticket 27530.
Minor features (configuration):
The configuration code has been extended to allow splitting configuration data across multiple objects. Previously, all configuration data needed to be kept in a single object, which tended to become bloated. Closes ticket 31240.
Minor features (continuous integration):
When building on Appveyor and Travis, pass the "-k" flag to make, so that we are informed of all compilation failures, not just the first one or two. Closes ticket 31372.
When running CI builds on Travis, put some random data in ~/.torrc, to make sure no tests are reading the Tor configuration file from its default location. Resolves issue 30102.
Minor features (debugging):
Log a nonfatal assertion failure if we encounter a configuration line whose command is "CLEAR" but which has a nonempty value. This should be impossible, according to the rules of our configuration line parsing. Closes ticket 31529.
Minor features (geoip):
Update geoip and geoip6 to the December 3 2019 Maxmind GeoLite2 Country database. Closes ticket 32685.
Minor features (git hooks):
Our pre-commit git hook now checks for a special file before running practracker, so that practracker only runs on branches that are based on master. Since the pre-push hook calls the pre- commit hook, practracker will also only run before pushes of branches based on master. Closes ticket 30979.
Minor features (git scripts):
Add a "--" command-line argument, to separate git-push-all.sh script arguments from arguments that are passed through to git push. Closes ticket 31314.
Add a -r <remote-name> argument to git-push-all.sh, so the script can push test branches to a personal remote. Closes ticket 31314.
Add a -t <test-branch-prefix> argument to git-merge-forward.sh and git-push-all.sh, which makes these scripts create, merge forward, and push test branches. Closes ticket 31314.
Add a -u argument to git-merge-forward.sh, so that the script can re-use existing test branches after a merge failure and fix. Closes ticket 31314.
Add a TOR_GIT_PUSH env var, which sets the default git push command and arguments for git-push-all.sh. Closes ticket 31314.
Add a TOR_PUSH_DELAY variable to git-push-all.sh, which makes the script push master and maint branches with a delay between each branch. These delays trigger the CI jobs in a set order, which should show the most likely failures first. Also make pushes atomic by default, and make the script pass any command-line arguments to git push. Closes ticket 29879.
Call the shellcheck script from the pre-commit hook. Closes ticket 30967.
Skip pushing test branches that are the same as a remote maint/release/master branch in git-push-all.sh by default. Add a -s argument, so git-push-all.sh can push all test branches. Closes ticket 31314.
Minor features (IPv6, logging):
Log IPv6 addresses as well as IPv4 addresses when describing routerinfos, routerstatuses, and nodes. Closes ticket 21003.
Minor features (maintenance scripts):
Add a Coccinelle script to detect bugs caused by incrementing or decrementing a variable inside a call to log_debug(). Since log_debug() is a macro whose arguments are conditionally evaluated, it is usually an error to do this. One such bug was 30628, in which SENDME cells were miscounted by a decrement operator inside a log_debug() call. Closes ticket 30743.
Minor features (onion service v3):
Do not allow single hop clients to fetch or post an HS descriptor from an HSDir. Closes ticket 24964.
Minor features (onion service):
Disallow single-hop clients at the introduction point. We've removed Tor2web support a while back and single-hop rendezvous attempts are blocked at the relays. This change should remove load off the network from spammy clients. Close ticket 24963.
Minor features (onion services v3):
Assist users who try to setup v2 client authorization in v3 onion services by pointing them to the right documentation. Closes ticket 28966.
Minor features (stem tests):
Change "make test-stem" so it only runs the stem tests that use tor. This change makes test-stem faster and more reliable. Closes ticket 31554.
Minor features (testing):
When running tests that attempt to look up hostnames, replace the libc name lookup functions with ones that do not actually touch the network. This way, the tests complete more quickly in the presence of a slow or missing DNS resolver. Closes ticket 31841.
Add a script to invoke "tor --dump-config" and "tor --verify-config" with various configuration options, and see whether tor's resulting configuration or error messages are what we expect. Use it for integration testing of our +Option and /Option flags. Closes ticket 31637.
Improve test coverage for our existing configuration parsing and management API. Closes ticket 30893.
Add integration tests to make sure that practracker gives the outputs we expect. Closes ticket 31477.
The practracker self-tests are now run as part of the Tor test suite. Closes ticket 31304.
Minor features (testing, continuous integration):
Disable all but one Travis CI macOS build, to mitigate slow scheduling of Travis macOS jobs. Closes ticket 32177.
Run the chutney IPv6 networks as part of Travis CI. Closes ticket 30860.
Simplify the Travis CI build matrix, and optimise for build time. Closes ticket 31859.
Use Windows Server 2019 instead of Windows Server 2016 in our Appveyor builds. Closes ticket 32086.
Minor features (token bucket):
Implement a generic token bucket that uses a single counter, for use in anti-DoS onion service work. Closes ticket 30687.
Minor bugfixes (Appveyor continuous integration):
Avoid spurious errors when Appveyor CI fails before the install step. Fixes bug 31884; bugfix on 0.3.4.2-alpha.
Minor bugfixes (best practices tracker):
Fix a few issues in the best-practices script, including tests, tab tolerance, error reporting, and directory-exclusion logic. Fixes bug 29746; bugfix on 0.4.1.1-alpha.
When running check-best-practices, only consider files in the src subdirectory. Previously we had recursively considered all subdirectories, which made us get confused by the temporary directories made by "make distcheck". Fixes bug 31578; bugfix on 0.4.1.1-alpha.
Minor bugfixes (build system):
Interpret "--disable-module-dirauth=no" correctly. Fixes bug 32124; bugfix on 0.3.4.1-alpha.
Interpret "--with-tcmalloc=no" correctly. Fixes bug 32124; bugfix on 0.2.0.20-rc.
Stop failing when jemalloc is requested, but tcmalloc is not found. Fixes bug 32124; bugfix on 0.3.5.1-alpha.
When pkg-config is not installed, or a library that depends on pkg-config is not found, tell the user what to do to fix the problem. Fixes bug 31922; bugfix on 0.3.1.1-alpha.
Do not include the deprecated <sys/sysctl.h> on Linux or Windows systems. Fixes bug 31673; bugfix on 0.2.5.4-alpha.
Minor bugfixes (chutney, makefiles, documentation):
"make test-network-all" now shows the warnings from each test- network.sh run on the console, so developers see new warnings early. We've also improved the documentation for this feature, and renamed a Makefile variable so the code is self-documenting. Fixes bug 30455; bugfix on 0.3.0.4-rc.
Minor bugfixes (client, onion service v3):
Fix a BUG() assertion that occurs within a very small race window between when a client intro circuit opens and when its descriptor gets cleaned up from the cache. The circuit is now closed early, which will trigger a re-fetch of the descriptor and continue the connection. Fixes bug 28970; bugfix on 0.3.2.1-alpha.
Minor bugfixes (code quality):
Fix "make check-includes" so it runs correctly on out-of-tree builds. Fixes bug 31335; bugfix on 0.3.5.1-alpha.
Minor bugfixes (compilation):
Add more stub functions to fix compilation on Android with link- time optimization when --disable-module-dirauth is used. Previously, these compilation settings would make the compiler look for functions that didn't exist. Fixes bug 31552; bugfix on 0.4.1.1-alpha.
Suppress spurious float-conversion warnings from GCC when calling floating-point classifier functions on FreeBSD. Fixes part of bug 31687; bugfix on 0.3.1.5-alpha.
Minor bugfixes (configuration):
Invalid floating-point values in the configuration file are now treated as errors in the configuration. Previously, they were ignored and treated as zero. Fixes bug 31475; bugfix on 0.0.1.
Minor bugfixes (connections):
Avoid trying to read data from closed connections, which can cause needless loops in Libevent and infinite loops in Shadow. Fixes bug 30344; bugfix on 0.1.1.1-alpha.
Minor bugfixes (controller protocol):
Fix the MAPADDRESS controller command to accept one or more arguments. Previously, it required two or more arguments, and ignored the first. Fixes bug 31772; bugfix on 0.4.1.1-alpha.
Minor bugfixes (coverity):
Add an assertion when parsing a BEGIN cell so that coverity can be sure that we are not about to dereference a NULL address. Fixes bug 31026; bugfix on 0.2.4.7-alpha. This is CID 1447296.
In our siphash implementation, when building for coverity, use memcpy in place of a switch statement, so that coverity can tell we are not accessing out-of-bounds memory. Fixes bug 31025; bugfix on 0.2.8.1-alpha. This is tracked as CID 1447293 and 1447295.
Fix several coverity warnings from our unit tests. Fixes bug 31030; bugfix on 0.2.4.1-alpha, 0.3.2.1-alpha, and 0.4.0.1-alpha.
Minor bugfixes (crash):
When running Tor with an option like --verify-config or --dump-config that does not start the event loop, avoid crashing if we try to exit early because of an error. Fixes bug 32407; bugfix on 0.3.3.1-alpha.
Minor bugfixes (developer tooling):
Only log git script changes in the post-merge script when the merge was to the master branch. Fixes bug 31040; bugfix on 0.4.1.1-alpha.
Minor bugfixes (directory authorities):
Return a distinct status when formatting annotations fails. Fixes bug 30780; bugfix on 0.2.0.8-alpha.
Minor bugfixes (error handling):
Always lock the backtrace buffer before it is used. Fixes bug 31734; bugfix on 0.2.5.3-alpha.
On abort, try harder to flush the output buffers of log messages. On some platforms (macOS), log messages could be discarded when the process terminates. Fixes bug 31571; bugfix on 0.3.5.1-alpha.
Report the tor version whenever an assertion fails. Previously, we only reported the Tor version on some crashes, and some non-fatal assertions. Fixes bug 31571; bugfix on 0.3.5.1-alpha.
When tor aborts due to an error, close log file descriptors before aborting. Closing the logs makes some OSes flush log file buffers, rather than deleting buffered log lines. Fixes bug 31594; bugfix on 0.2.5.2-alpha.
Minor bugfixes (FreeBSD, PF-based proxy, IPv6):
When extracting an IPv6 address from a PF-based proxy, verify that we are actually configured to receive an IPv6 address, and log an internal error if not. Fixes part of bug 31687; bugfix on 0.2.3.4-alpha.
Minor bugfixes (git hooks):
Remove a duplicate call to practracker from the pre-push hook. The pre-push hook already calls the pre-commit hook, which calls practracker. Fixes bug 31462; bugfix on 0.4.1.1-alpha.
Minor bugfixes (git scripts):
Stop hard-coding the bash path in the git scripts. Some OSes don't have bash in /usr/bin, others have an ancient bash at this path. Fixes bug 30840; bugfix on 0.4.0.1-alpha.
Stop hard-coding the tor master branch name and worktree path in the git scripts. Fixes bug 30841; bugfix on 0.4.0.1-alpha.
Allow git-push-all.sh to be run from any directory. Previously, the script only worked if run from an upstream worktree directory. Closes ticket 31678.
Minor bugfixes (guards):
When tor is missing descriptors for some primary entry guards, make the log message less alarming. It's normal for descriptors to expire, as long as tor fetches new ones soon after. Fixes bug 31657; bugfix on 0.3.3.1-alpha.
Minor bugfixes (ipv6):
Check for private IPv6 addresses alongside their IPv4 equivalents when authorities check descriptors. Previously, we only checked for private IPv4 addresses. Fixes bug 31088; bugfix on 0.2.3.21-rc. Patch by Neel Chauhan.
When parsing microdescriptors, we should check the IPv6 exit policy alongside IPv4. Previously, we checked both exit policies for only router info structures, while microdescriptors were IPv4-only. Fixes bug 27284; bugfix on 0.2.3.1-alpha. Patch by Neel Chauhan.
Minor bugfixes (logging):
Add a missing check for HAVE_PTHREAD_H, because the backtrace code uses mutexes. Fixes bug 31614; bugfix on 0.2.5.2-alpha.
Disable backtrace signal handlers when shutting down tor. Fixes bug 31614; bugfix on 0.2.5.2-alpha.
Rate-limit our the logging message about the obsolete .exit notation. Previously, there was no limit on this warning, which could potentially be triggered many times by a hostile website. Fixes bug 31466; bugfix on 0.2.2.1-alpha.
When initialising log domain masks, only set known log domains. Fixes bug 31854; bugfix on 0.2.1.1-alpha.
Change log level of message "Hash of session info was not as expected" to LOG_PROTOCOL_WARN. Fixes bug 12399; bugfix on 0.1.1.10-alpha.
Fix a code issue that would have broken our parsing of log domains as soon as we had 33 of them. Fortunately, we still only have 29. Fixes bug 31451; bugfix on 0.4.1.4-rc.
Minor bugfixes (logging, protocol violations):
Do not log a nonfatal assertion failure when receiving a VERSIONS cell on a connection using the obsolete v1 link protocol. Log a protocol_warn instead. Fixes bug 31107; bugfix on 0.2.4.4-alpha.
Minor bugfixes (mainloop, periodic events, in-process API):
Reset the periodic events' "enabled" flag when Tor is shut down cleanly. Previously, this flag was left on, which caused periodic events not to be re-enabled when Tor was relaunched in-process with tor_api.h after a shutdown. Fixes bug 32058; bugfix on 0.3.3.1-alpha.
Minor bugfixes (memory management):
Stop leaking a small amount of memory in nt_service_install(), in unreachable code. Fixes bug 30799; bugfix on 0.2.0.7-alpha. Patch by Xiaoyin Liu.
Minor bugfixes (modules):
Explain what the optional Directory Authority module is, and what happens when it is disabled. Fixes bug 31825; bugfix on 0.3.4.1-alpha.
Minor bugfixes (multithreading):
Avoid some undefined behaviour when freeing mutexes. Fixes bug 31736; bugfix on 0.0.7.
Minor bugfixes (networking, IP addresses):
When parsing addresses via Tor's internal DNS lookup API, reject IPv4 addresses in square brackets, and accept IPv6 addresses in square brackets. This change completes the work started in 23082, making address parsing consistent between tor's internal DNS lookup and address parsing APIs. Fixes bug 30721; bugfix on 0.2.1.5-alpha.
When parsing addresses via Tor's internal address:port parsing and DNS lookup APIs, require IPv6 addresses with ports to have square brackets. But allow IPv6 addresses without ports, whether or not they have square brackets. Fixes bug 30721; bugfix on 0.2.1.5-alpha.
Minor bugfixes (onion service v3):
When purging the client descriptor cache, close any introduction point circuits associated with purged cache entries. This avoids picking those circuits later when connecting to the same introduction points. Fixes bug 30921; bugfix on 0.3.2.1-alpha.
Minor bugfixes (onion services):
In the hs_ident_circuit_t data structure, remove the unused field circuit_type and the respective argument in hs_ident_circuit_new(). This field was set by clients (for introduction) and services (for introduction and rendezvous) but was never used afterwards. Fixes bug 31490; bugfix on 0.3.2.1-alpha. Patch by Neel Chauhan.
Minor bugfixes (operator tools):
Make tor-print-ed-signing-cert(1) print certificate expiration date in RFC 1123 and UNIX timestamp formats, to make output machine readable. Fixes bug 31012; bugfix on 0.3.5.1-alpha.
Minor bugfixes (process management):
Remove overly strict assertions that triggered when a pluggable transport failed to launch. Fixes bug 31091; bugfix on 0.4.0.1-alpha.
Remove an assertion in the Unix process backend. This assertion would trigger when we failed to find the executable for a child process. Fixes bug 31810; bugfix on 0.4.0.1-alpha.
Minor bugfixes (relay):
Avoid crashing when starting with a corrupt keys directory where the old ntor key and the new ntor key are identical. Fixes bug 30916; bugfix on 0.2.4.8-alpha.
Minor bugfixes (rust):
Correctly exclude a redundant rust build job in Travis. Fixes bug 31463; bugfix on 0.3.5.4-alpha.
Raise the minimum rustc version to 1.31.0, as checked by configure and CI. Fixes bug 31442; bugfix on 0.3.5.4-alpha.
Minor bugfixes (sendme, code structure):
Rename the trunnel SENDME file definition from sendme.trunnel to sendme_cell.trunnel to avoid having twice sendme.{c|h} in the repository. Fixes bug 30769; bugfix on 0.4.1.1-alpha.
Minor bugfixes (statistics):
Stop removing the ed25519 signature if the extra info file is too big. If the signature data was removed, but the keyword was kept, this could result in an unparseable extra info file. Fixes bug 30958; bugfix on 0.2.7.2-alpha.
Minor bugfixes (subsystems):
Make the subsystem init order match the subsystem module dependencies. Call windows process security APIs as early as possible. Initialize logging before network and time, so that network and time can use logging. Fixes bug 31615; bugfix on 0.4.0.1-alpha.
Minor bugfixes (testing):
Avoid intermittent test failures due to a test that had relied on inconsistent timing sources. Fixes bug 31995; bugfix on 0.3.1.3-alpha.
When testing port rebinding, don't busy-wait for tor to log. Instead, actually sleep for a short time before polling again. Also improve the formatting of control commands and log messages. Fixes bug 31837; bugfix on 0.3.5.1-alpha.
Teach the util/socketpair_ersatz test to work correctly when we have no network stack configured. Fixes bug 30804; bugfix on 0.2.5.1-alpha.
Minor bugfixes (tests, SunOS):
Avoid a map_anon_nofork test failure due to a signed/unsigned integer comparison. Fixes bug 31897; bugfix on 0.4.1.1-alpha.
Minor bugfixes (tls, logging):
Log bugs about the TLS read buffer's length only once, rather than filling the logs with similar warnings. Fixes bug 31939; bugfix on 0.3.0.4-rc.
Minor bugfixes (v2 single onion services):
Always retry v2 single onion service intro and rend circuits with a 3-hop path. Previously, v2 single onion services used a 3-hop path when rendezvous circuits were retried after a remote or delayed failure, but a 1-hop path for immediate retries. Fixes bug 23818; bugfix on 0.2.9.3-alpha.
Minor bugfixes (v3 onion services):
When cleaning up intro circuits for a v3 onion service, don't remove circuits that have an established or pending circuit, even if they ran out of retries. This way, we don't remove a circuit on its last retry. Fixes bug 31652; bugfix on 0.3.2.1-alpha.
Minor bugfixes (v3 single onion services):
Always retry v3 single onion service intro and rend circuits with a 3-hop path. Previously, v3 single onion services used a 3-hop path when rend circuits were retried after a remote or delayed failure, but a 1-hop path for immediate retries. Fixes bug 23818; bugfix on 0.3.2.1-alpha.
Make v3 single onion services fall back to a 3-hop intro, when all intro points are unreachable via a 1-hop path. Previously, v3 single onion services failed when all intro nodes were unreachable via a 1-hop path. Fixes bug 23507; bugfix on 0.3.2.1-alpha.
Code simplification and refactoring:
Refactor connection_control_process_inbuf() to reduce the size of a practracker exception. Closes ticket 31840.
Refactor the microdescs_parse_from_string() function into smaller pieces, for better comprehensibility. Closes ticket 31675.
Use SEVERITY_MASK_IDX() to find the LOG_* mask indexes in the unit tests and fuzzers, rather than using hard-coded values. Closes ticket 31334.
Interface for function `decrypt_desc_layer` cleaned up. Closes ticket 31589.
Documentation:
Correct the description of "GuardLifetime". Fixes bug 31189; bugfix on 0.3.0.1-alpha.
Make clear in the man page, in both the bandwidth section and the AccountingMax section, that Tor counts in powers of two, not powers of ten: 1 GByte is 1024*1024*1024 bytes, not one billion bytes. Resolves ticket 32106.
Document the signal-safe logging behaviour in the tor man page. Also add some comments to the relevant functions. Closes ticket 31839.
Explain why we can't destroy the backtrace buffer mutex. Explain why we don't need to destroy the log mutex. Closes ticket 31736.
The Tor source code repository now includes a (somewhat dated) description of Tor's modular architecture, in doc/HACKING/design. This is based on the old "tor-guts.git" repository, which we are adopting and superseding. Closes ticket 31849.
Improve documentation in circuit padding subsystem. Patch by Tobias Pulls. Closes ticket 31113.
Include an example usage for IPv6 ORPort in our sample torrc. Closes ticket 31320; patch from Ali Raheem.
Use RFC 2397 data URL scheme to embed an image into tor-exit- notice.html so that operators no longer have to host it themselves. Closes ticket 31089.
Removed features:
No longer include recommended package digests in votes as detailed in proposal 301. The RecommendedPackages torrc option is deprecated and will no longer have any effect. "package" lines will still be considered when computing consensuses for consensus methods that include them. (This change has no effect on the list of recommended Tor versions, which is still in use.) Closes ticket 29738.
Remove torctl.in from contrib/dist directory. Resolves ticket 30550.
Testing:
Require C99 standards-conforming code in Travis CI, but allow GNU gcc extensions. Also activates clang's -Wtypedef-redefinition warnings. Build some jobs with -std=gnu99, and some jobs without. Closes ticket 32500.
Run shellcheck for all non-third-party shell scripts that are shipped with Tor. Closes ticket 29533.
When checking shell scripts, ignore any user-created directories. Closes ticket 30967.
Code simplification and refactoring (config handling):
Extract our variable manipulation code from confparse.c to a new lower-level typedvar.h module. Closes ticket 30864.
Lower another layer of object management from confparse.c to a more general tool. Now typed structure members are accessible via an abstract type. Implements ticket 30914.
Move our backend logic for working with configuration and state files into a lower-level library, since it no longer depends on any tor-specific functionality. Closes ticket 31626.
Numerous simplifications in configuration-handling logic: remove duplicated macro definitions, replace magical names with flags, and refactor "TestingTorNetwork" to use the same default-option logic as the rest of Tor. Closes ticket 30935.
Replace our ad-hoc set of flags for configuration variables and configuration variable types with fine-grained orthogonal flags corresponding to the actual behavior we want. Closes ticket 31625.
Code simplification and refactoring (misc):
Eliminate some uses of lower-level control reply abstractions, primarily in the onion_helper functions. Closes ticket 30889.
Rework bootstrap tracking to use the new publish-subscribe subsystem. Closes ticket 29976.
Rewrite format_node_description() and router_get_verbose_nickname() to use strlcpy() and strlcat(). The previous implementation used memcpy() and pointer arithmetic, which was error-prone. Closes ticket 31545. This is CID 1452819.
Split extrainfo_dump_to_string() into smaller functions. Closes ticket 30956.
Use the ptrdiff_t type consistently for expressing variable offsets and pointer differences. Previously we incorrectly (but harmlessly) used int and sometimes off_t for these cases. Closes ticket 31532.
Use the subsystems mechanism to manage the main event loop code. Closes ticket 30806.
Various simplifications and minor improvements to the circuit padding machines. Patch by Tobias Pulls. Closes tickets 31112 and 31098.
Documentation (hard-coded directories):
Improve the documentation for the DirAuthority and FallbackDir torrc options. Closes ticket 30955.
Documentation (tor.1 man page):
Fix typo in tor.1 man page: the option is "--help", not "-help". Fixes bug 31008; bugfix on 0.2.2.9-alpha.
Testing (continuous integration):
Use Ubuntu Bionic images for our Travis CI builds, so we can get a recent version of coccinelle. But leave chutney on Ubuntu Trusty, until we can fix some Bionic permissions issues (see ticket 32240). Related to ticket 31919.
Install the mingw OpenSSL package in Appveyor. This makes sure that the OpenSSL headers and libraries match in Tor's Appveyor builds. (This bug was triggered by an Appveyor image update.) Fixes bug 32449; bugfix on 0.3.5.6-rc.
In Travis, use Xcode 11.2 on macOS 10.14. Closes ticket 32241.

New in Tor (Expert Bundle) 0.4.2.3 Alpha (Nov 15, 2019)

Major bugfixes (relay):
Relays now respect their AccountingMax bandwidth again. When relays entered "soft" hibernation (which typically starts when we've hit 90% of our AccountingMax), we had stopped checking whether we should enter hard hibernation. Soft hibernation refuses new connections and new circuits, but the existing circuits can continue, meaning that relays could have exceeded their configured AccountingMax. Fixes bug 32108; bugfix on 0.4.0.1-alpha.
Major bugfixes (v3 onion services):
Onion services now always use the exact number of intro points configured with the HiddenServiceNumIntroductionPoints option (or fewer if nodes are excluded). Before, a service could sometimes pick more intro points than configured. Fixes bug 31548; bugfix on 0.3.2.1-alpha.
Minor feature (onion services, control port):
The ADD_ONION command's keyword "BEST" now defaults to ED25519-V3 (v3) onion services. Previously it defaulted to RSA1024 (v2). Closes ticket 29669.
Minor features (testing):
When running tests that attempt to look up hostnames, replace the libc name lookup functions with ones that do not actually touch the network. This way, the tests complete more quickly in the presence of a slow or missing DNS resolver. Closes ticket 31841.
Minor features (testing, continuous integration):
Disable all but one Travis CI macOS build, to mitigate slow scheduling of Travis macOS jobs. Closes ticket 32177.
Run the chutney IPv6 networks as part of Travis CI. Closes ticket 30860.
Simplify the Travis CI build matrix, and optimise for build time. Closes ticket 31859.
Use Windows Server 2019 instead of Windows Server 2016 in our Appveyor builds. Closes ticket 32086.
Minor bugfixes (build system):
Interpret "--disable-module-dirauth=no" correctly. Fixes bug 32124; bugfix on 0.3.4.1-alpha.
Interpret "--with-tcmalloc=no" correctly. Fixes bug 32124; bugfix on 0.2.0.20-rc.
Stop failing when jemalloc is requested, but tcmalloc is not found. Fixes bug 32124; bugfix on 0.3.5.1-alpha.
When pkg-config is not installed, or a library that depends on pkg-config is not found, tell the user what to do to fix the problem. Fixes bug 31922; bugfix on 0.3.1.1-alpha.
Minor bugfixes (connections):
Avoid trying to read data from closed connections, which can cause needless loops in Libevent and infinite loops in Shadow. Fixes bug 30344; bugfix on 0.1.1.1-alpha.
Minor bugfixes (error handling):
Always lock the backtrace buffer before it is used. Fixes bug 31734; bugfix on 0.2.5.3-alpha.
Minor bugfixes (mainloop, periodic events, in-process API):
Reset the periodic events' "enabled" flag when Tor is shut down cleanly. Previously, this flag was left on, which caused periodic events not to be re-enabled when Tor was relaunched in-process with tor_api.h after a shutdown. Fixes bug 32058; bugfix on 0.3.3.1-alpha.
Minor bugfixes (process management):
Remove overly strict assertions that triggered when a pluggable transport failed to launch. Fixes bug 31091; bugfix on 0.4.0.1-alpha.
Remove an assertion in the Unix process backend. This assertion would trigger when we failed to find the executable for a child process. Fixes bug 31810; bugfix on 0.4.0.1-alpha.
Minor bugfixes (testing):
Avoid intermittent test failures due to a test that had relied on inconsistent timing sources. Fixes bug 31995; bugfix on 0.3.1.3-alpha.
When testing port rebinding, don't busy-wait for tor to log. Instead, actually sleep for a short time before polling again. Also improve the formatting of control commands and log messages. Fixes bug 31837; bugfix on 0.3.5.1-alpha.
Minor bugfixes (tls, logging):
Log bugs about the TLS read buffer's length only once, rather than filling the logs with similar warnings. Fixes bug 31939; bugfix on 0.3.0.4-rc.
Minor bugfixes (v3 onion services):
Fix an implicit conversion from ssize_t to size_t discovered by Coverity. Fixes bug 31682; bugfix on 0.4.2.1-alpha.
Fix a memory leak in an unlikely error code path when encoding HS DoS establish intro extension cell. Fixes bug 32063; bugfix on 0.4.2.1-alpha.
When cleaning up intro circuits for a v3 onion service, don't remove circuits that have an established or pending circuit, even if they ran out of retries. This way, we don't remove a circuit on its last retry. Fixes bug 31652; bugfix on 0.3.2.1-alpha.
Documentation:
Correct the description of "GuardLifetime". Fixes bug 31189; bugfix on 0.3.0.1-alpha.
Make clear in the man page, in both the bandwidth section and the AccountingMax section, that Tor counts in powers of two, not powers of ten: 1 GByte is 1024*1024*1024 bytes, not one billion bytes. Resolves ticket 32106.

New in Tor (Expert Bundle) 0.4.1.5 (Aug 21, 2019)

New in Tor (Expert Bundle) 0.4.0.5 (Jul 10, 2019)

Major features (battery management, client, dormant mode):
When Tor is running as a client, and it is unused for a long time, it can now enter a "dormant" state. When Tor is dormant, it avoids network and CPU activity until it is reawoken either by a user request or by a controller command. For more information, see the configuration options starting with "Dormant". Implements tickets 2149 and 28335.
The client's memory of whether it is "dormant", and how long it has spent idle, persists across invocations. Implements ticket 28624.
There is a DormantOnFirstStartup option that integrators can use if they expect that in many cases, Tor will be installed but not used.
Major features (bootstrap reporting):
When reporting bootstrap progress, report the first connection uniformly, regardless of whether it's a connection for building application circuits. This allows finer-grained reporting of early progress than previously possible, with the improvements of ticket 27169. Closes tickets 27167 and 27103. Addresses ticket 27308.
When reporting bootstrap progress, treat connecting to a proxy or pluggable transport as separate from having successfully used that proxy or pluggable transport to connect to a relay. Closes tickets 27100 and 28884.
Major features (circuit padding):
Implement preliminary support for the circuit padding portion of Proposal 254. The implementation supports Adaptive Padding (aka WTF-PAD) state machines for use between experimental clients and relays. Support is also provided for APE-style state machines that use probability distributions instead of histograms to specify inter-packet delay. At the moment, Tor does not provide any padding state machines that are used in normal operation: for now, this feature exists solely for experimentation. Closes ticket 28142.
Major features (refactoring):
Tor now uses an explicit list of its own subsystems when initializing and shutting down. Previously, these systems were managed implicitly in various places throughout the codebase. (There may still be some subsystems using the old system.) Closes ticket 28330.
Major bugfixes (cell scheduler, KIST, security):
Make KIST consider the outbuf length when computing what it can put in the outbuf. Previously, KIST acted as though the outbuf were empty, which could lead to the outbuf becoming too full. It is possible that an attacker could exploit this bug to cause a Tor client or relay to run out of memory and crash. Fixes bug 29168; bugfix on 0.3.2.1-alpha. This issue is also being tracked as TROVE-2019-001 and CVE-2019-8955.
Major bugfixes (networking):
Gracefully handle empty username/password fields in SOCKS5 username/password auth messsage and allow SOCKS5 handshake to continue. Previously, we had rejected these handshakes, breaking certain applications. Fixes bug 29175; bugfix on 0.3.5.1-alpha.
Major bugfixes (NSS, relay):
When running with NSS, disable TLS 1.2 ciphersuites that use SHA384 for their PRF. Due to an NSS bug, the TLS key exporters for these ciphersuites don't work -- which caused relays to fail to handshake with one another when these ciphersuites were enabled. Fixes bug 29241; bugfix on 0.3.5.1-alpha.
Major bugfixes (windows, startup):
When reading a consensus file from disk, detect whether it was written in text mode, and re-read it in text mode if so. Always write consensus files in binary mode so that we can map them into memory later. Previously, we had written in text mode, which confused us when we tried to map the file on windows. Fixes bug 28614; bugfix on 0.4.0.1-alpha.
Minor features (address selection):
Treat the subnet 100.64.0.0/10 as public for some purposes; private for others. This subnet is the RFC 6598 (Carrier Grade NAT) IP range, and is deployed by many ISPs as an alternative to RFC 1918 that does not break existing internal networks. Tor now blocks SOCKS and control ports on these addresses and warns users if client ports or ExtORPorts are listening on a RFC 6598 address. Closes ticket 28525. Patch by Neel Chauhan.
Minor features (bandwidth authority):
Make bandwidth authorities ignore relays that are reported in the bandwidth file with the flag "vote=0". This change allows us to report unmeasured relays for diagnostic reasons without including their bandwidth in the bandwidth authorities' vote. Closes ticket 29806.
When a directory authority is using a bandwidth file to obtain the bandwidth values that will be included in the next vote, serve this bandwidth file at /tor/status-vote/next/bandwidth. Closes ticket 21377.
Minor features (bootstrap reporting):
When reporting bootstrap progress, stop distinguishing between situations where only internal paths are available and situations where external paths are available. Previously, Tor would often erroneously report that it had only internal paths. Closes ticket 27402.
Minor features (compilation):
Compile correctly when OpenSSL is built with engine support disabled, or with deprecated APIs disabled. Closes ticket 29026. Patches from "Mangix".
Minor features (continuous integration):
On Travis Rust builds, cleanup Rust registry and refrain from caching the "target/" directory to speed up builds. Resolves issue 29962.
Log Python version during each Travis CI job. Resolves issue 28551.
In Travis, tell timelimit to use stem's backtrace signals, and launch python directly from timelimit, so python receives the signals from timelimit, rather than make. Closes ticket 30117.
Minor features (controller):
Add a DROPOWNERSHIP command to undo the effects of TAKEOWNERSHIP. Implements ticket 28843.
Minor features (developer tooling):
Check that bugfix versions in changes files look like Tor versions from the versions spec. Warn when bugfixes claim to be on a future release. Closes ticket 27761.
Provide a git pre-commit hook that disallows commiting if we have any failures in our code and changelog formatting checks. It is now available in scripts/maint/pre-commit.git-hook. Implements feature 28976.
Provide a git hook script to prevent "fixup!" and "squash!" commits from ending up in the master branch, as scripts/main/pre- push.git-hook. Closes ticket 27993.
Minor features (diagnostic):
Add more diagnostic log messages in an attempt to solve the issue of NUL bytes appearing in a microdescriptor cache. Related to ticket 28223.
Minor features (directory authority):
When a directory authority is using a bandwidth file to obtain bandwidth values, include the digest of that file in the vote. Closes ticket 26698.
Directory authorities support a new consensus algorithm, under which the family lines in microdescriptors are encoded in a canonical form. This change makes family lines more compressible in transit, and on the client. Closes ticket 28266; implements proposal 298.
Minor features (directory authority, relay):
Authorities now vote on a "StaleDesc" flag to indicate that a relay's descriptor is so old that the relay should upload again soon. Relays treat this flag as a signal to upload a new descriptor. This flag will eventually let us remove the 'published' date from routerstatus entries, and make our consensus diffs much smaller. Closes ticket 26770; implements proposal 293.
Minor features (dormant mode):
Add a DormantCanceledByStartup option to tell Tor that it should treat a startup event as cancelling any previous dormant state. Integrators should use this option with caution: it should only be used if Tor is being started because of something that the user did, and not if Tor is being automatically started in the background. Closes ticket 29357.
Minor features (fallback directory mirrors):
Update the fallback whitelist based on operator opt-ins and opt- outs. Closes ticket 24805, patch by Phoul.
Minor features (FreeBSD):
On FreeBSD-based systems, warn relay operators if the "net.inet.ip.random_id" sysctl (IP ID randomization) is disabled. Closes ticket 28518.
Minor features (geoip):
Update geoip and geoip6 to the April 2 2019 Maxmind GeoLite2 Country database. Closes ticket 29992.
Minor features (HTTP standards compliance):
Stop sending the header "Content-type: application/octet-stream" along with transparently compressed documents: this confused browsers. Closes ticket 28100.
Minor features (IPv6):
We add an option ClientAutoIPv6ORPort, to make clients randomly prefer a node's IPv4 or IPv6 ORPort. The random preference is set every time a node is loaded from a new consensus or bridge config. We expect that this option will enable clients to bootstrap more quickly without having to determine whether they support IPv4, IPv6, or both. Closes ticket 27490. Patch by Neel Chauhan.
When using addrs_in_same_network_family(), avoid choosing circuit paths that pass through the same IPv6 subnet more than once. Previously, we only checked IPv4 subnets. Closes ticket 24393. Patch by Neel Chauhan.
Minor features (log messages):
Improve log message in v3 onion services that could print out negative revision counters. Closes ticket 27707. Patch by "ffmancera".
Minor features (memory usage):
Save memory by storing microdescriptor family lists with a more compact representation. Closes ticket 27359.
Tor clients now use mmap() to read consensus files from disk, so that they no longer need keep the full text of a consensus in memory when parsing it or applying a diff. Closes ticket 27244.
Minor features (NSS, diagnostic):
Try to log an error from NSS (if there is any) and a more useful description of our situation if we are using NSS and a call to SSL_ExportKeyingMaterial() fails. Diagnostic for ticket 29241.
Minor features (parsing):
Directory authorities now validate that router descriptors and ExtraInfo documents are in a valid subset of UTF-8, and reject them if they are not. Closes ticket 27367.
Minor features (performance):
Cache the results of summarize_protocol_flags(), so that we don't have to parse the same protocol-versions string over and over. This should save us a huge number of malloc calls on startup, and may reduce memory fragmentation with some allocators. Closes ticket 27225.
Remove a needless memset() call from get_token_arguments, thereby speeding up the tokenization of directory objects by about 20%. Closes ticket 28852.
Replace parse_short_policy() with a faster implementation, to improve microdescriptor parsing time. Closes ticket 28853.
Speed up directory parsing a little by avoiding use of the non- inlined strcmp_len() function. Closes ticket 28856.
Speed up microdescriptor parsing by about 30%, to help improve startup time. Closes ticket 28839.
Minor features (pluggable transports):
Add support for emitting STATUS updates to Tor's control port from a pluggable transport process. Closes ticket 28846.
Add support for logging to Tor's logging subsystem from a pluggable transport process. Closes ticket 28180.
Minor features (process management):
Add a new process API for handling child processes. This new API allows Tor to have bi-directional communication with child processes on both Unix and Windows. Closes ticket 28179.
Use the subsystem manager to initialize and shut down the process module. Closes ticket 28847.
Minor features (relay):
When listing relay families, list them in canonical form including the relay's own identity, and try to give a more useful set of warnings. Part of ticket 28266 and proposal 298.
Minor features (required protocols):
Before exiting because of a missing required protocol, Tor will now check the publication time of the consensus, and not exit unless the consensus is newer than the Tor program's own release date. Previously, Tor would not check the consensus publication time, and so might exit because of a missing protocol that might no longer be required in a current consensus. Implements proposal 297; closes ticket 27735.
Minor features (testing):
Treat all unexpected ERR and BUG messages as test failures. Closes ticket 28668.
Allow a HeartbeatPeriod of less than 30 minutes in testing Tor networks. Closes ticket 28840. Patch by Rob Jansen.
Use the approx_time() function when setting the "Expires" header in directory replies, to make them more testable. Needed for ticket 30001.
Minor bugfixes (security):
Fix a potential double free bug when reading huge bandwidth files. The issue is not exploitable in the current Tor network because the vulnerable code is only reached when directory authorities read bandwidth files, but bandwidth files come from a trusted source (usually the authorities themselves). Furthermore, the issue is only exploitable in rare (non-POSIX) 32-bit architectures, which are not used by any of the current authorities. Fixes bug 30040; bugfix on 0.3.5.1-alpha. Bug found and fixed by Tobias Stoeckmann.
Verify in more places that we are not about to create a buffer with more than INT_MAX bytes, to avoid possible OOB access in the event of bugs. Fixes bug 30041; bugfix on 0.2.0.16. Found and fixed by Tobias Stoeckmann.
Minor bugfix (continuous integration):
Reset coverage state on disk after Travis CI has finished. This should prevent future coverage merge errors from causing the test suite for the "process" subsystem to fail. The process subsystem was introduced in 0.4.0.1-alpha. Fixes bug 29036; bugfix on 0.2.9.15.
Terminate test-stem if it takes more than 9.5 minutes to run. (Travis terminates the job after 10 minutes of no output.) Diagnostic for 29437. Fixes bug 30011; bugfix on 0.3.5.4-alpha.
Minor bugfixes (build, compatibility, rust):
Update Cargo.lock file to match the version made by the latest version of Rust, so that "make distcheck" will pass again. Fixes bug 29244; bugfix on 0.3.3.4-alpha.
Minor bugfixes (C correctness):
Fix an unlikely memory leak in consensus_diff_apply(). Fixes bug 29824; bugfix on 0.3.1.1-alpha. This is Coverity warning CID 1444119.
Minor bugfixes (client, clock skew):
Bootstrap successfully even when Tor's clock is behind the clocks on the authorities. Fixes bug 28591; bugfix on 0.2.0.9-alpha.
Select guards even if the consensus has expired, as long as the consensus is still reasonably live. Fixes bug 24661; bugfix on 0.3.0.1-alpha.
Minor bugfixes (compilation):
Fix compilation warnings in test_circuitpadding.c. Fixes bug 29169; bugfix on 0.4.0.1-alpha.
Silence a compiler warning in test-memwipe.c on OpenBSD. Fixes bug 29145; bugfix on 0.2.9.3-alpha. Patch from Kris Katterjohn.
Compile correctly on OpenBSD; previously, we were missing some headers required in order to detect it properly. Fixes bug 28938; bugfix on 0.3.5.1-alpha. Patch from Kris Katterjohn.
Minor bugfixes (directory clients):
Mark outdated dirservers when Tor only has a reasonably live consensus. Fixes bug 28569; bugfix on 0.3.2.5-alpha.
Minor bugfixes (directory mirrors):
Even when a directory mirror's clock is behind the clocks on the authorities, we now allow the mirror to serve "future" consensuses. Fixes bug 28654; bugfix on 0.3.0.1-alpha.
Minor bugfixes (DNS):
Gracefully handle an empty or absent resolve.conf file by falling back to using "localhost" as a DNS server (and hoping it works). Previously, we would just stop running as an exit. Fixes bug 21900; bugfix on 0.2.1.10-alpha.
Minor bugfixes (documentation):
Describe the contents of the v3 onion service client authorization files correctly: They hold public keys, not private keys. Fixes bug 28979; bugfix on 0.3.5.1-alpha. Spotted by "Felixix".
Minor bugfixes (guards):
In count_acceptable_nodes(), the minimum number is now one bridge or guard node, and two non-guard nodes for a circuit. Previously, we had added up the sum of all nodes with a descriptor, but that could cause us to build failing circuits when we had either too many bridges or not enough guard nodes. Fixes bug 25885; bugfix on 0.3.6.1-alpha. Patch by Neel Chauhan.
Minor bugfixes (IPv6):
Fix tor_ersatz_socketpair on IPv6-only systems. Previously, the IPv6 socket was bound using an address family of AF_INET instead of AF_INET6. Fixes bug 28995; bugfix on 0.3.5.1-alpha. Patch from Kris Katterjohn.
Minor bugfixes (linux seccomp sandbox):
Fix startup crash when experimental sandbox support is enabled. Fixes bug 29150; bugfix on 0.4.0.1-alpha. Patch by Peter Gerber.
Minor bugfixes (logging):
Correct a misleading error message when IPv4Only or IPv6Only is used but the resolved address can not be interpreted as an address of the specified IP version. Fixes bug 13221; bugfix on 0.2.3.9-alpha. Patch from Kris Katterjohn.
Log the correct port number for listening sockets when "auto" is used to let Tor pick the port number. Previously, port 0 was logged instead of the actual port number. Fixes bug 29144; bugfix on 0.3.5.1-alpha. Patch from Kris Katterjohn.
Stop logging a BUG() warning when Tor is waiting for exit descriptors. Fixes bug 28656; bugfix on 0.3.5.1-alpha.
Avoid logging that we are relaxing a circuit timeout when that timeout is fixed. Fixes bug 28698; bugfix on 0.2.4.7-alpha.
Log more information at "warning" level when unable to read a private key; log more information at "info" level when unable to read a public key. We had warnings here before, but they were lost during our NSS work. Fixes bug 29042; bugfix on 0.3.5.1-alpha.
Rework rep_hist_log_link_protocol_counts() to iterate through all link protocol versions when logging incoming/outgoing connection counts. Tor no longer skips version 5, and we won't have to remember to update this function when new link protocol version is developed. Fixes bug 28920; bugfix on 0.2.6.10.
Minor bugfixes (memory management):
Refactor the shared random state's memory management so that it actually takes ownership of the shared random value pointers. Fixes bug 29706; bugfix on 0.2.9.1-alpha.
Stop leaking parts of the shared random state in the shared-random unit tests. Fixes bug 29599; bugfix on 0.2.9.1-alpha.
Minor bugfixes (misc):
The amount of total available physical memory is now determined using the sysctl identifier HW_PHYSMEM (rather than HW_USERMEM) when it is defined and a 64-bit variant is not available. Fixes bug 28981; bugfix on 0.2.5.4-alpha. Patch from Kris Katterjohn.
Minor bugfixes (networking):
Introduce additional checks into tor_addr_parse() to reject certain incorrect inputs that previously were not detected. Fixes bug 23082; bugfix on 0.2.0.10-alpha.
Minor bugfixes (onion service v3, client):
Stop logging a "BUG()" warning and stacktrace when we find a SOCKS connection waiting for a descriptor that we actually have in the cache. It turns out that this can actually happen, though it is rare. Now, tor will recover and retry the descriptor. Fixes bug 28669; bugfix on 0.3.2.4-alpha.
Minor bugfixes (onion services):
Avoid crashing if ClientOnionAuthDir (incorrectly) contains more than one private key for a hidden service. Fixes bug 29040; bugfix on 0.3.5.1-alpha.
In hs_cache_store_as_client() log an HSDesc we failed to parse at "debug" level. Tor used to log it as a warning, which caused very long log lines to appear for some users. Fixes bug 29135; bugfix on 0.3.2.1-alpha.
Stop logging "Tried to establish rendezvous on non-OR circuit..." as a warning. Instead, log it as a protocol warning, because there is nothing that relay operators can do to fix it. Fixes bug 29029; bugfix on 0.2.5.7-rc.
Minor bugfixes (periodic events):
Refrain from calling routerlist_remove_old_routers() from check_descriptor_callback(). Instead, create a new hourly periodic event. Fixes bug 27929; bugfix on 0.2.8.1-alpha.
Minor bugfixes (pluggable transports):
Make sure that data is continously read from standard output and standard error pipes of a pluggable transport child-process, to avoid deadlocking when a pipe's buffer is full. Fixes bug 26360; bugfix on 0.2.3.6-alpha.
Minor bugfixes (rust):
Abort on panic in all build profiles, instead of potentially unwinding into C code. Fixes bug 27199; bugfix on 0.3.3.1-alpha.
Minor bugfixes (scheduler):
When re-adding channels to the pending list, check the correct channel's sched_heap_idx. This issue has had no effect in mainline Tor, but could have led to bugs down the road in improved versions of our circuit scheduling code. Fixes bug 29508; bugfix on 0.3.2.10.
Minor bugfixes (shellcheck):
Look for scripts in their correct locations during "make shellcheck". Previously we had looked in the wrong place during out-of-tree builds. Fixes bug 30263; bugfix on 0.4.0.1-alpha.
Minor bugfixes (single onion services):
Allow connections to single onion services to remain idle without being disconnected. Previously, relays acting as rendezvous points for single onion services were mistakenly closing idle rendezvous circuits after 60 seconds, thinking that they were unused directory-fetching circuits that had served their purpose. Fixes bug 29665; bugfix on 0.2.1.26.
Minor bugfixes (stats):
When ExtraInfoStatistics is 0, stop including PaddingStatistics in relay and bridge extra-info documents. Fixes bug 29017; bugfix on 0.3.1.1-alpha.
Minor bugfixes (testing):
Backport the 0.3.4 src/test/test-network.sh to 0.2.9. We need a recent test-network.sh to use new chutney features in CI. Fixes bug 29703; bugfix on 0.2.9.1-alpha.
Fix a test failure on Windows caused by an unexpected "BUG" warning in our tests for tor_gmtime_r(-1). Fixes bug 29922; bugfix on 0.2.9.3-alpha.
Downgrade some LOG_ERR messages in the address/* tests to warnings. The LOG_ERR messages were occurring when we had no configured network. We were failing the unit tests, because we backported 28668 to 0.3.5.8, but did not backport 29530. Fixes bug 29530; bugfix on 0.3.5.8.
Fix our gcov wrapper script to look for object files at the correct locations. Fixes bug 29435; bugfix on 0.3.5.1-alpha.
Decrease the false positive rate of stochastic probability distribution tests. Fixes bug 29693; bugfix on 0.4.0.1-alpha.
Fix intermittent failures on an adaptive padding test. Fixes one case of bug 29122; bugfix on 0.4.0.1-alpha.
Disable an unstable circuit-padding test that was failing intermittently because of an ill-defined small histogram. Such histograms will be allowed again after 29298 is implemented. Fixes a second case of bug 29122; bugfix on 0.4.0.1-alpha.
Detect and suppress "bug" warnings from the util/time test on Windows. Fixes bug 29161; bugfix on 0.2.9.3-alpha.
Do not log an error-level message if we fail to find an IPv6 network interface from the unit tests. Fixes bug 29160; bugfix on 0.2.7.3-rc.
Instead of relying on hs_free_all() to clean up all onion service objects in test_build_descriptors(), we now deallocate them one by one. This lets Coverity know that we are not leaking memory there and fixes CID 1442277. Fixes bug 28989; bugfix on 0.3.5.1-alpha.
Check the time in the "Expires" header using approx_time(). Fixes bug 30001; bugfix on 0.4.0.4-rc.
Minor bugfixes (TLS protocol):
When classifying a client's selection of TLS ciphers, if the client ciphers are not yet available, do not cache the result. Previously, we had cached the unavailability of the cipher list and never looked again, which in turn led us to assume that the client only supported the ancient V1 link protocol. This, in turn, was causing Stem integration tests to stall in some cases. Fixes bug 30021; bugfix on 0.2.4.8-alpha.
Minor bugfixes (UI):
Lower log level of unlink() errors during bootstrap. Fixes bug 29930; bugfix on 0.4.0.1-alpha.
Minor bugfixes (usability):
Stop saying "Your Guard ..." in pathbias_measure_{use,close}_rate(). Some users took this phrasing to mean that the mentioned guard was under their control or responsibility, which it is not. Fixes bug 28895; bugfix on Tor 0.3.0.1-alpha.
Minor bugfixes (Windows, CI):
Skip the Appveyor 32-bit Windows Server 2016 job, and 64-bit Windows Server 2012 R2 job. The remaining 2 jobs still provide coverage of 64/32-bit, and Windows Server 2016/2012 R2. Also set fast_finish, so failed jobs terminate the build immediately. Fixes bug 29601; bugfix on 0.3.5.4-alpha.
Code simplification and refactoring:
Introduce a connection_dir_buf_add() helper function that detects whether compression is in use, and adds a string accordingly. Resolves issue 28816.
Refactor handle_get_next_bandwidth() to use connection_dir_buf_add(). Implements ticket 29897.
Reimplement NETINFO cell parsing and generation to rely on trunnel-generated wire format handling code. Closes ticket 27325.
Remove unnecessary unsafe code from the Rust macro "cstr!". Closes ticket 28077.
Rework SOCKS wire format handling to rely on trunnel-generated parsing/generation code. Resolves ticket 27620.
Split out bootstrap progress reporting from control.c into a separate file. Part of ticket 27402.
The .may_include files that we use to describe our directory-by- directory dependency structure now describe a noncircular dependency graph over the directories that they cover. Our checkIncludes.py tool now enforces this noncircularity. Closes ticket 28362.
Documentation:
Clarify that Tor performs stream isolation among *Port listeners by default. Resolves issue 29121.
In the manpage entry describing MapAddress torrc setting, use example IP addresses from ranges specified for use in documentation by RFC 5737. Resolves issue 28623.
Mention that you cannot add a new onion service if Tor is already running with Sandbox enabled. Closes ticket 28560.
Improve ControlPort documentation. Mention that it accepts address:port pairs, and can be used multiple times. Closes ticket 28805.
Document the exact output of "tor --version". Closes ticket 28889.
Removed features:
Remove the old check-tor script. Resolves issue 29072.
Stop responding to the 'GETINFO status/version/num-concurring' and 'GETINFO status/version/num-versioning' control port commands, as those were deprecated back in 0.2.0.30. Also stop listing them in output of 'GETINFO info/names'. Resolves ticket 28757.
The scripts used to generate and maintain the list of fallback directories have been extracted into a new "fallback-scripts" repository. Closes ticket 27914.
Testing:
Run shellcheck for scripts in the in scripts/ directory. Closes ticket 28058.
Add unit tests for tokenize_string() and get_next_token() functions. Resolves ticket 27625.
Code simplification and refactoring (onion service v3):
Consolidate the authorized client descriptor cookie computation code from client and service into one function. Closes ticket 27549.
Code simplification and refactoring (shell scripts):
Cleanup scan-build.sh to silence shellcheck warnings. Closes ticket 28007.
Fix issues that shellcheck found in chutney-git-bisect.sh. Resolves ticket 28006.
Fix issues that shellcheck found in updateRustDependencies.sh. Resolves ticket 28012.
Fix shellcheck warnings in cov-diff script. Resolves issue 28009.
Fix shellcheck warnings in run_calltool.sh. Resolves ticket 28011.
Fix shellcheck warnings in run_trunnel.sh. Resolves issue 28010.
Fix shellcheck warnings in scripts/test/coverage. Resolves issue 28008.

New in Tor (Expert Bundle) 0.4.0.4 RC (Apr 15, 2019)

Major bugfixes (NSS, relay):
When running with NSS, disable TLS 1.2 ciphersuites that use SHA384 for their PRF. Due to an NSS bug, the TLS key exporters for these ciphersuites don't work -- which caused relays to fail to handshake with one another when these ciphersuites were enabled. Fixes bug 29241; bugfix on 0.3.5.1-alpha.
Minor features (bandwidth authority):
Make bandwidth authorities ignore relays that are reported in the bandwidth file with the flag "vote=0". This change allows us to report unmeasured relays for diagnostic reasons without including their bandwidth in the bandwidth authorities' vote. Closes ticket 29806.
When a directory authority is using a bandwidth file to obtain the bandwidth values that will be included in the next vote, serve this bandwidth file at /tor/status-vote/next/bandwidth. Closes ticket 21377.
Minor features (circuit padding):
Stop warning about undefined behavior in the probability distribution tests. Float division by zero may technically be undefined behavior in C, but it's well defined in IEEE 754. Partial backport of 29298. Closes ticket 29527; bugfix on 0.4.0.1-alpha.
Minor features (continuous integration):
On Travis Rust builds, cleanup Rust registry and refrain from caching the "target/" directory to speed up builds. Resolves issue 29962.
Minor features (dormant mode):
Add a DormantCanceledByStartup option to tell Tor that it should treat a startup event as cancelling any previous dormant state. Integrators should use this option with caution: it should only be used if Tor is being started because of something that the user did, and not if Tor is being automatically started in the background. Closes ticket 29357.
Minor features (geoip):
Update geoip and geoip6 to the April 2 2019 Maxmind GeoLite2 Country database. Closes ticket 29992.
Minor features (NSS, diagnostic):
Try to log an error from NSS (if there is any) and a more useful description of our situation if we are using NSS and a call to SSL_ExportKeyingMaterial() fails. Diagnostic for ticket 29241.
Minor bugfixes (security):
Fix a potential double free bug when reading huge bandwidth files. The issue is not exploitable in the current Tor network because the vulnerable code is only reached when directory authorities read bandwidth files, but bandwidth files come from a trusted source (usually the authorities themselves). Furthermore, the issue is only exploitable in rare (non-POSIX) 32-bit architectures, which are not used by any of the current authorities. Fixes bug 30040; bugfix on 0.3.5.1-alpha. Bug found and fixed by Tobias Stoeckmann.
Verify in more places that we are not about to create a buffer with more than INT_MAX bytes, to avoid possible OOB access in the event of bugs. Fixes bug 30041; bugfix on 0.2.0.16. Found and fixed by Tobias Stoeckmann.
Minor bugfix (continuous integration):
Reset coverage state on disk after Travis CI has finished. This should prevent future coverage merge errors from causing the test suite for the "process" subsystem to fail. The process subsystem was introduced in 0.4.0.1-alpha. Fixes bug 29036; bugfix on 0.2.9.15.
Terminate test-stem if it takes more than 9.5 minutes to run. (Travis terminates the job after 10 minutes of no output.) Diagnostic for 29437. Fixes bug 30011; bugfix on 0.3.5.4-alpha.
Minor bugfixes (bootstrap reporting):
During bootstrap reporting, correctly distinguish pluggable transports from plain proxies. Fixes bug 28925; bugfix on 0.4.0.1-alpha.
Minor bugfixes (C correctness):
Fix an unlikely memory leak in consensus_diff_apply(). Fixes bug 29824; bugfix on 0.3.1.1-alpha. This is Coverity warning CID 1444119.
Minor bugfixes (circuitpadding testing):
Minor tweaks to avoid rare test failures related to timers and monotonic time. Fixes bug 29500; bugfix on 0.4.0.1-alpha.
Minor bugfixes (directory authorities):
Actually include the bandwidth-file-digest line in directory authority votes. Fixes bug 29959; bugfix on 0.4.0.2-alpha.
Minor bugfixes (logging):
On Windows, when errors cause us to reload a consensus from disk, tell the user that we are retrying at log level "notice". Previously we only logged this information at "info", which was confusing because the errors themselves were logged at "warning". Improves previous fix for 28614. Fixes bug 30004; bugfix on 0.4.0.2-alpha.
Minor bugfixes (pluggable transports):
Restore old behavior when it comes to discovering the path of a given Pluggable Transport executable file. A change in 0.4.0.1-alpha had broken this behavior on paths containing a space. Fixes bug 29874; bugfix on 0.4.0.1-alpha.
Minor bugfixes (testing):
Backport the 0.3.4 src/test/test-network.sh to 0.2.9. We need a recent test-network.sh to use new chutney features in CI. Fixes bug 29703; bugfix on 0.2.9.1-alpha.
Fix a test failure on Windows caused by an unexpected "BUG" warning in our tests for tor_gmtime_r(-1). Fixes bug 29922; bugfix on 0.2.9.3-alpha.
Minor bugfixes (TLS protocol):
When classifying a client's selection of TLS ciphers, if the client ciphers are not yet available, do not cache the result. Previously, we had cached the unavailability of the cipher list and never looked again, which in turn led us to assume that the client only supported the ancient V1 link protocol. This, in turn, was causing Stem integration tests to stall in some cases. Fixes bug 30021; bugfix on 0.2.4.8-alpha.
Code simplification and refactoring:
Introduce a connection_dir_buf_add() helper function that detects whether compression is in use, and adds a string accordingly. Resolves issue 28816.
Refactor handle_get_next_bandwidth() to use connection_dir_buf_add(). Implements ticket 29897.
Documentation:
Clarify that Tor performs stream isolation among *Port listeners by default. Resolves issue 29121.

New in Tor (Expert Bundle) 0.3.5.7 Alpha (Jan 8, 2019)

New in Tor (Expert Bundle) 0.3.5.5 Alpha (Dec 12, 2018)

Major bugfixes (OpenSSL, portability):
Fix our usage of named groups when running as a TLS 1.3 client in OpenSSL 1.1.1. Previously, we only initialized EC groups when running as a relay, which caused clients to fail to negotiate TLS 1.3 with relays. Fixes bug 28245; bugfix on 0.2.9.15 (when TLS 1.3 support was added).
Minor features (geoip):
Update geoip and geoip6 to the November 6 2018 Maxmind GeoLite2 Country database. Closes ticket 28395.
Minor bugfixes (compilation):
Initialize a variable unconditionally in aes_new_cipher(), since some compilers cannot tell that we always initialize it before use. Fixes bug 28413; bugfix on 0.2.9.3-alpha.
Minor bugfixes (connection, relay):
Avoid a logging a BUG() stacktrace when closing connection held open because the write side is rate limited but not the read side. Now, the connection read side is simply shut down until Tor is able to flush the connection and close it. Fixes bug 27750; bugfix on 0.3.4.1-alpha.
Minor bugfixes (continuous integration, Windows):
Manually configure the zstd compiler options, when building using mingw on Appveyor Windows CI. The MSYS2 mingw zstd package does not come with a pkg-config file. Fixes bug 28454; bugfix on 0.3.4.1-alpha.
Stop using an external OpenSSL install, and stop installing MSYS2 packages, when building using mingw on Appveyor Windows CI. Fixes bug 28399; bugfix on 0.3.4.1-alpha.
Minor bugfixes (documentation):
Make Doxygen work again after the code movement in the 0.3.5 source tree. Fixes bug 28435; bugfix on 0.3.5.1-alpha.
Minor bugfixes (Linux seccomp2 sandbox):
Permit the "shutdown()" system call, which is apparently used by OpenSSL under some circumstances. Fixes bug 28183; bugfix on 0.2.5.1-alpha.
Minor bugfixes (logging):
Stop talking about the Named flag in log messages. Clients have ignored the Named flag since 0.3.2. Fixes bug 28441; bugfix on 0.3.2.1-alpha.
Minor bugfixes (memory leaks):
Fix a harmless memory leak in libtorrunner.a. Fixes bug 28419; bugfix on 0.3.3.1-alpha. Patch from Martin Kepplinger.
Minor bugfixes (onion services):
On an intro point for a version 3 onion service, stop closing introduction circuits on an NACK. This lets the client decide whether to reuse the circuit or discard it. Previously, we closed intro circuits when sending NACKs. Fixes bug 27841; bugfix on 0.3.2.1-alpha. Patch by Neel Chaunan.
When replacing a descriptor in the client cache, make sure to close all client introduction circuits for the old descriptor, so we don't end up with unusable leftover circuits. Fixes bug 27471; bugfix on 0.3.2.1-alpha.

New in Tor (Expert Bundle) 0.3.5.3 Alpha (Nov 19, 2018)

Major features (onion services):
Version 3 onion services can now use the per-service HiddenServiceExportCircuitID option to differentiate client circuits. It communicates with the service by using the HAProxy protocol to assign virtual IP addresses to inbound client circuits. Closes ticket 4700. Patch by Mahrud Sayrafi.
Major bugfixes (compilation):
Fix compilation on ARM (and other less-used CPUs) when compiling with OpenSSL before 1.1. Fixes bug 27781; bugfix on 0.3.4.1-alpha.
Major bugfixes (initialization, crash):
Fix an assertion crash that would stop Tor from starting up if it tried to activate a periodic event too early. Fixes bug 27861; bugfix on 0.3.5.1-alpha.
Major bugfixes (mainloop, bootstrap):
Make sure Tor bootstraps and works properly if only the ControlPort is set. Prior to this fix, Tor would only bootstrap when a client port was set (Socks, Trans, NATD, DNS or HTTPTunnel port). Fixes bug 27849; bugfix on 0.3.4.1-alpha.
Major bugfixes (relay):
When our write bandwidth limit is exhausted, stop writing on the connection. Previously, we had a typo in the code that would make us stop reading instead, leading to relay connections being stuck indefinitely and consuming kernel RAM. Fixes bug 28089; bugfix on 0.3.4.1-alpha.
Minor features (continuous integration):
Use the Travis Homebrew addon to install packages on macOS during Travis CI. The package list is the same, but the Homebrew addon does not do a `brew update` by default. Implements ticket 27738.
Report what program produced the mysterious core file that we occasionally see on Travis CI during make distcheck. Closes ticket 28024.
Minor features (geoip):
Update geoip and geoip6 to the October 9 2018 Maxmind GeoLite2 Country database. Closes ticket 27991.
Minor bugfixes (code safety):
Rewrite our assertion macros so that they no longer suppress the compiler's -Wparentheses warnings. Fixes bug 27709; bugfix on 0.0.6.
Minor bugfixes (compilation):
Compile the ed25519-donna code with a correct declaration of crypto_strongest_rand(). Previously, we built it with one type, but linked it against another in the unit tests, which caused compilation failures with LTO enabled. This could have caused other undefined behavior in the tests. Fixes bug 27728; bugfix on 0.3.5.1-alpha.
Minor bugfixes (compilation, netbsd):
Add a missing include back into procmon.c. Fixes bug 27990; bugfix on 0.3.5.1-alpha.
Minor bugfixes (continuous integration, appveyor):
Install only the necessary mingw packages during our appveyor builds. This change makes the build a little faster, and prevents a conflict with a preinstalled mingw openssl that appveyor now ships. Fixes bugs 27765 and 27943; bugfix on 0.3.4.2-alpha.
Minor bugfixes (directory permissions):
When a user requests a group-readable DataDirectory, give it to them. Previously, when the DataDirectory and the CacheDirectory were the same, the default setting (0) for CacheDirectoryGroupReadable would override the setting for DataDirectoryGroupReadable. Fixes bug 26913; bugfix on 0.3.3.1-alpha.
Minor bugfixes (memory leaks):
Fix a small memory leak when calling Tor with --dump-config. Fixes bug 27893; bugfix on 0.3.2.1-alpha.
Minor bugfixes (networking):
In retry_listeners_ports(), make sure that we're removing a member of old_conns smartlist at most once. Fixes bug 27808; bugfix on 0.3.5.1-alpha.
Refrain from attempting socket rebinding when old and new listeners are in different address families. Fixes bug 27928; bugfix on 0.3.5.1-alpha.
Minor bugfixes (onion service v3):
Stop dumping a stack trace when trying to connect to an intro point without having a descriptor for it. Fixes bug 27774; bugfix on 0.3.2.1-alpha.
Don't warn so loudly when Tor is unable to decode an onion descriptor. This can now happen as a normal use case if a client gets a descriptor with client authorization but the client is not authorized. Fixes bug 27550; bugfix on 0.3.5.1-alpha.
When selecting a v3 rendezvous point, don't only look at the protover, but also check whether the curve25519 onion key is present. This way we avoid picking a relay that supports the v3 rendezvous but for which we don't have the microdescriptor. Fixes bug 27797; bugfix on 0.3.2.1-alpha.
Minor bugfixes (protover):
Reject protocol names containing bytes other than alphanumeric characters and hyphens ([A-Za-z0-9-]). Fixes bug 27316; bugfix on 0.2.9.4-alpha.
Minor bugfixes (testing):
Make the hs_service tests use the same time source when creating the introduction point and when testing it. Now tests work better on very slow systems like ARM or Travis. Fixes bug 27810; bugfix on 0.3.2.1-alpha.
In test_rebind.py, check if the Python version is in the supported range. Fixes bug 27675; bugfix on 0.3.5.1-alpha.
Code simplification and refactoring:
Divide more large Tor source files -- especially ones that span multiple areas of functionality -- into smaller parts, including onion.c and main.c. Closes ticket 26747.
Divide the "routerparse.c" module into separate modules for each group of parsed objects. Closes ticket 27924.
Move protover_rust.c to the same place protover.c was moved to. Closes ticket 27814.
Split directory.c into separate pieces for client, server, and common functionality. Closes ticket 26744.
Split the non-statistics-related parts from the rephist.c and geoip.c modules. Closes ticket 27892.
Split the router.c file into relay-only and shared components, to help with future modularization. Closes ticket 27864.
Documentation:
In the tor-resolve(1) manpage, fix the reference to socks- extensions.txt by adding a web URL. Resolves ticket 27853.
Mention that we require Python to be 2.7 or newer for some integration tests that we ship with Tor. Resolves ticket 27677.

New in Tor (Expert Bundle) 0.3.4.8 (Sep 20, 2018)

New system requirements:
Tor no longer tries to support old operating systems without mmap() or some local equivalent. Apparently, compilation on such systems has been broken for some time, without anybody noticing or complaining. Closes ticket 25398.
Major features (directory authority, modularization):
The directory authority subsystem has been modularized. The code is now located in src/or/dirauth/, and is compiled in by default. To disable the module, the configure option --disable-module-dirauth has been added. This module may be disabled by default in some future release. Closes ticket 25610.
Major features (main loop, CPU usage):
When Tor is disabled (via DisableNetwork or via hibernation), it no longer needs to run any per-second events. This change should make it easier for mobile applications to disable Tor while the device is sleeping, or Tor is not running. Closes ticket 26063.
Tor no longer enables all of its periodic events by default. Previously, Tor would enable all possible main loop events, regardless of whether it needed them. Furthermore, many of these events are now disabled when Tor is hibernating or DisableNetwork is set. This is a big step towards reducing client CPU usage by reducing the amount of wake-ups the daemon does. Closes tickets 25376 and 25762.
The bandwidth-limitation logic has been refactored so that bandwidth calculations are performed on-demand, rather than every TokenBucketRefillInterval milliseconds. This change should improve the granularity of our bandwidth calculations, and limit the number of times that the Tor process needs to wake up when it is idle. Closes ticket 25373.
Move responsibility for many operations from a once-per-second callback to a callback that is only scheduled as needed. Moving this functionality has allowed us to disable the callback when Tor's network is disabled. Once enough items are removed from our once-per-second callback, we can eliminate it entirely to conserve CPU when idle. The functionality removed includes: closing connections, circuits, and channels (ticket 25932); consensus voting (25937); flushing log callbacks (25951); honoring delayed SIGNEWNYM requests (25949); rescanning the consensus cache (25931); saving the state file to disk (25948); warning relay operators about unreachable ports (25952); and keeping track of Tor's uptime (26009).
Minor features (accounting):
When Tor becomes dormant, it now uses a scheduled event to wake up at the right time. Previously, we would use the per-second timer to check whether to wake up, but we no longer have any per-second timers enabled when the network is disabled. Closes ticket 26064.
Minor features (bug workaround):
Compile correctly on systems that provide the C11 stdatomic.h header, but where C11 atomic functions don't actually compile. Closes ticket 26779; workaround for Debian issue 903709.
Minor features (code quality):
Add optional spell-checking for the Tor codebase, using the "misspell" program. To use this feature, run "make check-typos". Closes ticket 25024.
Minor features (compatibility):
Tell OpenSSL to maintain backward compatibility with previous RSA1024/DH1024 users in Tor. With OpenSSL 1.1.1-pre6, these ciphers are disabled by default. Closes ticket 27344.
Tor now detects versions of OpenSSL 1.1.0 and later compiled with the no-deprecated option, and builds correctly with them. Closes tickets 19429, 19981, and 25353.
Minor features (compilation):
When compiling with --enable-openbsd-malloc or --enable-tcmalloc, tell the compiler not to include the system malloc implementation. Fixes bug 20424; bugfix on 0.2.0.20-rc.
Don't try to use a pragma to temporarily disable the -Wunused-const-variable warning if the compiler doesn't support it. Fixes bug 26785; bugfix on 0.3.2.11.
When building Tor, prefer to use Python 3 over Python 2, and more recent (contemplated) versions over older ones. Closes ticket 26372.
Minor features (compression, zstd):
When running with zstd, Tor now considers using advanced functions that the zstd maintainers have labeled as potentially unstable. To prevent breakage, Tor will only use this functionality when the runtime version of the zstd library matches the version with which Tor was compiled. Closes ticket 25162.
Minor features (configuration):
The "DownloadSchedule" options have been renamed to end with "DownloadInitialDelay". The old names are still allowed, but will produce a warning. Comma-separated lists are still permitted for these options, but all values after the first are ignored (as they have been since 0.2.9). Closes ticket 23354.
Minor features (continuous integration):
Log the compiler path and version during Appveyor builds. Implements ticket 27449.
Show config.log and test-suite.log after failed Appveyor builds. Also upload the zipped full logs as a build artifact. Implements ticket 27430.
Backport Travis rust distcheck to 0.3.3. Closes ticket 24629.
Enable macOS builds in our Travis CI configuration. Closes ticket 24629.
Install libcap-dev and libseccomp2-dev so these optional dependencies get tested on Travis CI. Closes ticket 26560.
Only post Appveyor IRC notifications when the build fails. Implements ticket 27275.
Run asciidoc during Travis CI. Implements ticket 27087.
Use ccache in our Travis CI configuration. Closes ticket 26952.
Add the necessary configuration files for continuous integration testing on Windows, via the Appveyor platform. Closes ticket 25549. Patches from Marcin Cieślak and Isis Lovecruft.
Minor features (continuous integration, rust):
Use cargo cache in our Travis CI configuration. Closes ticket 26952.
Minor features (control port):
Introduce GETINFO "current-time/{local,utc}" to return the local and UTC times respectively in ISO format. This helps a controller like Tor Browser detect a time-related error. Closes ticket 25511. Patch by Neel Chauhan.
Introduce new fields to the CIRC_BW event. There are two new fields in each of the read and written directions. The DELIVERED fields report the total valid data on the circuit, as measured by the payload sizes of verified and error-checked relay command cells. The OVERHEAD fields report the total unused bytes in each of these cells. Closes ticket 25903.
Minor features (controller):
The control port now exposes the list of HTTPTunnelPorts and ExtOrPorts via GETINFO net/listeners/httptunnel and net/listeners/extor respectively. Closes ticket 26647.
Minor features (directory authorities):
Stop warning about incomplete bw lines before the first complete bw line has been found, so that additional header lines can be ignored. Fixes bug 25960; bugfix on 0.2.2.1-alpha
Authorities no longer vote to make the subprotocol version "LinkAuth=1" a requirement: it is unsupportable with NSS, and hasn't been needed since Tor 0.3.0.1-alpha. Closes ticket 27286.
Minor features (directory authority):
Directory authorities now open their key-pinning files as O_SYNC, to limit their chances of accidentally writing partial lines. Closes ticket 23909.
Minor features (directory authority, forward compatibility):
Make the lines of the measured bandwidth file able to contain their entries in any order. Previously, the node_id entry needed to come first. Closes ticket 26004.
Minor features (entry guards):
Introduce a new torrc option NumPrimaryGuards for controlling the number of primary guards. Closes ticket 25843.
Minor features (geoip):
Update geoip and geoip6 to the August 7 2018 Maxmind GeoLite2 Country database. Closes ticket 27089.
Minor features (performance):
Avoid a needless call to malloc() when processing an incoming relay cell. Closes ticket 24914.
Make our timing-wheel code run a tiny bit faster on 32-bit platforms, by preferring 32-bit math to 64-bit. Closes ticket 24688.
Avoid a needless malloc()/free() pair every time we handle an ntor handshake. Closes ticket 25150.
Minor features (Rust, portability):
Rust cross-compilation is now supported. Closes ticket 25895.
Minor features (testing):
Add a unit test for voting_schedule_get_start_of_next_interval(). Closes ticket 26014, and helps make unit test coverage more deterministic.
A new unittests module specifically for testing the functions in the (new-ish) bridges.c module has been created with new unittests, raising the code coverage percentages. Closes 25425.
We now have improved testing for addressmap_get_virtual_address() function. This should improve our test coverage, and make our test coverage more deterministic. Closes ticket 25993.
Minor features (timekeeping, circuit scheduling):
When keeping track of how busy each circuit have been recently on a given connection, use coarse-grained monotonic timers rather than gettimeofday(). This change should marginally increase accuracy and performance. Implements part of ticket 25927.
Minor features (unit tests):
Test complete bandwidth measurements files, and test that incomplete bandwidth lines only give warnings when the end of the header has not been detected. Fixes bug 25947; bugfix on 0.2.2.1-alpha
Minor bugfixes (bandwidth management):
Consider ourselves "low on write bandwidth" if we have exhausted our write bandwidth some time in the last second. This was the documented behavior before, but the actual behavior was to change this value every TokenBucketRefillInterval. Fixes bug 25828; bugfix on 0.2.3.5-alpha.
Minor bugfixes (C correctness):
Add a missing lock acquisition in the shutdown code of the control subsystem. Fixes bug 25675; bugfix on 0.2.7.3-rc. Found by Coverity; this is CID 1433643.
Minor bugfixes (code style):
Fixed multiple includes of transports.h in src/or/connection.c Fixes bug 25261; bugfix on 0.2.5.1-alpha.
Remove the unused variable n_possible from the function channel_get_for_extend(). Fixes bug 25645; bugfix on 0.2.4.4-alpha
Minor bugfixes (compilation):
Silence a spurious compiler warning on the GetAdaptersAddresses function pointer cast. This issue is already fixed by 26481 in 0.3.5 and later, by removing the lookup and cast. Fixes bug 27465; bugfix on 0.2.3.11-alpha.
Stop calling SetProcessDEPPolicy() on 64-bit Windows. It is not supported, and always fails. Some compilers warn about the function pointer cast on 64-bit Windows. Fixes bug 27461; bugfix on 0.2.2.23-alpha.
Fix a compilation warning on some versions of GCC when building code that calls routerinfo_get_my_routerinfo() twice, assuming that the second call will succeed if the first one did. Fixes bug 26269; bugfix on 0.2.8.2-alpha.
Refrain from compiling unit testing related object files when --disable-unittests is set to configure script. Fixes bug 24891; bugfix on 0.2.5.1-alpha.
The --enable-fatal-warnings flag now affects Rust code as well. Closes ticket 26245.
Avoid a compiler warning when casting the return value of smartlist_len() to double with DEBUG_SMARTLIST enabled. Fixes bug 26283; bugfix on 0.2.4.10-alpha.
Minor bugfixes (compilation, windows):
Don't link or search for pthreads when building for Windows, even if we are using build environment (like mingw) that provides a pthreads library. Fixes bug 27081; bugfix on 0.1.0.1-rc.
Minor bugfixes (continuous integration):
Build with zstd on macOS. Fixes bug 27090; bugfix on 0.3.1.5-alpha.
Skip a pair of unreliable key generation tests on Windows, until the underlying issue in bug 26076 is resolved. Fixes bug 26830 and bug 26853; bugfix on 0.2.7.3-rc and 0.3.2.1-alpha respectively.
Minor bugfixes (control port):
Respond with more human-readable error messages to GETINFO exit- policy/* requests. Also, let controller know if an error is transient (response code 551) or not (response code 552). Fixes bug 25852; bugfix on 0.2.8.1-alpha.
Parse the "HSADDRESS=" parameter in HSPOST commands properly. Previously, it was misparsed and ignored. Fixes bug 26523; bugfix on 0.3.3.1-alpha. Patch by "akwizgran".
Make CIRC_BW event reflect the total of all data sent on a circuit, including padding and dropped cells. Also fix a mis- counting bug when STREAM_BW events were enabled. Fixes bug 25400; bugfix on 0.2.5.2-alpha.
Minor bugfixes (correctness, flow control):
Upon receiving a stream-level SENDME cell, verify that our window has not grown too large. Fixes bug 26214; bugfix on svn r54 (pre-0.0.1)
Minor bugfixes (directory authority):
When voting for recommended versions, make sure that all of the versions are well-formed and parsable. Fixes bug 26485; bugfix on 0.1.1.6-alpha.
Minor bugfixes (directory client):
When unverified-consensus is verified, rename it to cached- consenus. Fixes bug 4187; bugfix on 0.2.0.3-alpha.
Fixed launching a certificate fetch always during the scheduled periodic consensus fetch by fetching only in those cases when consensus are waiting for certs. Fixes bug 24740; bugfix on 0.2.9.1-alpha.
Minor bugfixes (error reporting):
Improve tolerance for directory authorities with skewed clocks. Previously, an authority with a clock more than 60 seconds ahead could cause a client with a correct clock to warn that the client's clock was behind. Now the clocks of a majority of directory authorities have to be ahead of the client before this warning will occur. Fixes bug 25756; bugfix on 0.2.2.25-alpha.
Minor bugfixes (in-process restart):
Always call tor_free_all() when leaving tor_run_main(). When we did not, restarting tor in-process would cause an assertion failure. Fixes bug 26948; bugfix on 0.3.3.1-alpha.
Minor bugfixes (Linux seccomp2 sandbox):
Fix a bug in our sandboxing rules for the openat() syscall. Previously, no openat() call would be permitted, which would break filesystem operations on recent glibc versions. Fixes bug 25440; bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto.
Minor bugfixes (logging):
Improve the log message when connection initiators fail to authenticate direct connections to relays. Fixes bug 26927; bugfix on 0.3.0.1-alpha.
Minor bugfixes (onion services):
Silence a spurious compiler warning in rend_client_send_introduction(). Fixes bug 27463; bugfix on 0.1.1.2-alpha.
Fix bug that causes services to not ever rotate their descriptors if they were getting SIGHUPed often. Fixes bug 26932; bugfix on 0.3.2.1-alpha.
Recompute some consensus information after detecting a clock jump, or after transitioning from a non-live consensus to a live consensus. We do this to avoid having an outdated state, and miscalculating the index for next-generation onion services. Fixes bug 24977; bugfix on 0.3.2.1-alpha.
Minor bugfixes (portability):
Fix compilation of the unit tests on GNU/Hurd, which does not define PATH_MAX. Fixes bug 26873; bugfix on 0.3.3.1-alpha. Patch from "paulusASol".
Work around two different bugs in the OS X 10.10 and later SDKs that would prevent us from successfully targeting earlier versions of OS X. Fixes bug 26876; bugfix on 0.3.3.1-alpha.
Do not align mmap length, as it is not required by POSIX, and the getpagesize function is deprecated. Fixes bug 25399; bugfix on 0.1.1.23.
Minor bugfixes (portability, FreeBSD):
In have_enough_mem_for_dircache(), the variable DIRCACHE_MIN_MEM_MB does not stringify on FreeBSD, so we switch to tor_asprintf(). Fixes bug 20887; bugfix on 0.2.8.1-alpha. Patch by Neel Chauhan.
Minor bugfixes (relay statistics):
When a relay is collecting internal statistics about how many create cell requests it has seen of each type, accurately count the requests from relays that temporarily fall out of the consensus. (To be extra conservative, we were already ignoring requests from clients in our counts, and we continue ignoring them here.) Fixes bug 24910; bugfix on 0.2.4.17-rc.
Minor bugfixes (rust):
Backport test_rust.sh from master. Fixes bug 26497; bugfix on 0.3.1.5-alpha.
Protover parsing was accepting the presence of whitespace in version strings, which the C implementation would choke on, e.g. "Desc=1t,2". Fixes bug 27177; bugfix on 0.3.3.5-rc.
Protover parsing was ignoring a 2nd hyphen and everything after it, accepting entries like "Link=1-5-foo". Fixes bug 27164; bugfix on 0.3.3.1-alpha.
Stop setting $CARGO_HOME. cargo will use the user's $CARGO_HOME, or $HOME/.cargo by default. Fixes bug 26497; bugfix on 0.3.1.5-alpha.
cd to ${abs_top_builddir}/src/rust before running cargo in src/test/test_rust.sh. This makes the working directory consistent between builds and tests. Fixes bug 26497; bugfix on 0.3.3.2-alpha.
Minor bugfixes (single onion services, Tor2web):
Log a protocol warning when single onion services or Tor2web clients fail to authenticate direct connections to relays. Fixes bug 26924; bugfix on 0.2.9.1-alpha.
Minor bugfixes (test coverage tools):
Update our "cov-diff" script to handle output from the latest version of gcov, and to remove extraneous timestamp information from its output. Fixes bugs 26101 and 26102; bugfix on 0.2.5.1-alpha.
Minor bugfixes (testing):
Disable core dumps in test_bt.sh, to avoid failures in "make distcheck". Fixes bug 26787; bugfix on 0.2.5.2-alpha.
When testing workqueue event-cancellation, make sure that we actually cancel an event, and that cancel each event with equal probability. (It was previously possible, though extremely unlikely, for our event-canceling test not to cancel any events.) Fixes bug 26008; bugfix on 0.2.6.3-alpha.
Repeat part of the test in test_client_pick_intro() a number of times, to give it consistent coverage. Fixes bug 25996; bugfix on 0.3.2.1-alpha.
Remove randomness from the hs_common/responsible_hsdirs test, so that it always takes the same path through the function it tests. Fixes bug 25997; bugfix on 0.3.2.1-alpha.
Change the behavior of the "channel/outbound" test so that it never causes a 10-second rollover for the EWMA circuitmux code. Previously, this behavior would happen randomly, and result in fluctuating test coverage. Fixes bug 25994; bugfix on 0.3.3.1-alpha.
Use X509_new() to allocate certificates that will be freed later with X509_free(). Previously, some parts of the unit tests had used tor_malloc_zero(), which is incorrect, and which caused test failures on Windows when they were built with extra hardening. Fixes bugs 25943 and 25944; bugfix on 0.2.8.1-alpha. Patch by Marcin Cieślak.
While running the circuit_timeout test, fix the PRNG to a deterministic AES stream, so that the test coverage from this test will itself be deterministic. Fixes bug 25995; bugfix on 0.2.2.2-alpha.
Minor bugfixes (testing, bootstrap):
When calculating bootstrap progress, check exit policies and the exit flag. Previously, Tor would only check the exit flag, which caused race conditions in small and fast networks like chutney. Fixes bug 27236; bugfix on 0.2.6.3-alpha.
Minor bugfixes (testing, chutney):
When running make test-network-all, use the mixed+hs-v2 network. (A previous fix to chutney removed v3 onion services from the mixed+hs-v23 network, so seeing "mixed+hs-v23" in tests is confusing.) Fixes bug 27345; bugfix on 0.3.2.1-alpha.
Before running make test-network-all, delete old logs and test result files, to avoid spurious failures. Fixes bug 27295; bugfix on 0.2.7.3-rc.
Minor bugfixes (testing, openssl compatibility):
Our "tortls/cert_matches_key" unit test no longer relies on OpenSSL internals. Previously, it relied on unsupported OpenSSL behavior in a way that caused it to crash with OpenSSL 1.0.2p. Fixes bug 27226; bugfix on 0.2.5.1-alpha.
Minor bugfixes (v3 onion services):
Stop sending ed25519 link specifiers in v3 onion service introduce cells and descriptors, when the rendezvous or introduction point doesn't support ed25519 link authentication. Fixes bug 26627; bugfix on 0.3.2.4-alpha.
Minor bugfixes (vanguards):
Allow the last hop in a vanguard circuit to be the same as our first, to prevent the adversary from influencing guard node choice by choice of last hop. Also prevent the creation of A - B - A paths, or A - A paths, which are forbidden by relays. Fixes bug 25870; bugfix on 0.3.3.1-alpha.
Minor bugfixes (Windows, compilation):
Silence a compilation warning on MSVC 2017 and clang-cl. Fixes bug 27185; bugfix on 0.2.2.2-alpha.
Code simplification and refactoring:
Remove duplicate code in parse_{c,s}method_line and bootstrap their functionalities into a single function. Fixes bug 6236; bugfix on 0.2.3.6-alpha.
We remove the PortForwsrding and PortForwardingHelper options, related functions, and the port_forwarding tests. These options were used by the now-deprecated Vidalia to help ordinary users become Tor relays or bridges. Closes ticket 25409. Patch by Neel Chauhan.
In order to make the OR and dir checking function in router.c less confusing we renamed some functions and consider_testing_reachability() has been split into router_should_check_reachability() and router_do_reachability_checks(). Also we improved the documentation in some functions. Closes ticket 18918.
Initial work to isolate Libevent usage to a handful of modules in our codebase, to simplify our call structure, and so that we can more easily change event loops in the future if needed. Closes ticket 23750.
Introduce a function to call getsockname() and return tor_addr_t, to save a little complexity throughout the codebase. Closes ticket 18105.
Make hsdir_index in node_t a hsdir_index_t rather than a pointer as hsdir_index is always present. Also, we move hsdir_index_t into or.h. Closes ticket 23094. Patch by Neel Chauhan.
Merge functions used for describing nodes and suppress the functions that do not allocate memory for the output buffer string. NODE_DESC_BUF_LEN constant and format_node_description() function cannot be used externally from router.c module anymore. Closes ticket 25432. Patch by valentecaio.
Our main loop has been simplified so that all important operations happen inside events. Previously, some operations had to happen outside the event loop, to prevent infinite sequences of event activations. Closes ticket 25374.
Put a SHA1 public key digest in hs_service_intro_point_t, and use it in register_intro_circ() and service_intro_point_new(). This prevents the digest from being re-calculated each time. Closes ticket 23107. Patch by Neel Chauhan.
Refactor token-bucket implementations to use a common backend. Closes ticket 25766.
Remove extern declaration of stats_n_seconds_working variable from main, protecting its accesses with get_uptime() and reset_uptime() functions. Closes ticket 25081, patch by “valentecaio”.
Remove our previous logic for "cached gettimeofday()" -- our coarse monotonic timers are fast enough for this purpose, and far less error-prone. Implements part of ticket 25927.
Remove the return value for fascist_firewall_choose_address_base(), and sister functions such as fascist_firewall_choose_address_node() and fascist_firewall_choose_address_rs(). Also, while we're here, initialize the ap argument as leaving it uninitialized can pose a security hazard. Closes ticket 24734. Patch by Neel Chauhan.
Rename two fields of connection_t struct. timestamp_lastwritten is renamed to timestamp_last_write_allowed and timestamp_lastread is renamed to timestamp_last_read_allowed. Closes ticket 24714, patch by "valentecaio".
Since Tor requires C99, remove our old workaround code for libc implementations where free(NULL) doesn't work. Closes ticket 24484.
Use our standard rate-limiting code to deal with excessive libevent failures, rather than the hand-rolled logic we had before. Closes ticket 26016.
We remove the return value of node_get_prim_orport() and node_get_prim_dirport(), and introduce node_get_prim_orport() in node_ipv6_or_preferred() and node_ipv6_dir_preferred() in order to check for a null address. Closes ticket 23873. Patch by Neel Chauhan.
We switch to should_record_bridge_info() in geoip_note_client_seen() and options_need_geoip_info() instead of accessing the configuration values directly. Fixes bug 25290; bugfix on 0.2.1.6-alpha. Patch by Neel Chauhan.
Deprecated features:
As we are not recommending 0.2.5 anymore, we require relays that once had an ed25519 key associated with their RSA key to always have that key, instead of allowing them to drop back to a version that didn't support ed25519. This means they need to use a new RSA key if the want to downgrade to an older version of tor without ed25519. Closes ticket 20522.
Removed features:
Directory authorities will no longer support voting according to any consensus method before consensus method 25. This keeps authorities compatible with all authorities running 0.2.9.8 and later, and does not break any clients or relays. Implements ticket 24378 and proposal 290.
The PortForwarding and PortForwardingHelper features have been removed. The reasoning is, given that implementations of NAT traversal protocols within common consumer grade routers are frequently buggy, and that the target audience for a NAT punching feature is a perhaps less-technically-inclined relay operator, when the helper fails to setup traversal the problems are usually deep, ugly, and very router specific, making them horrendously impossible for technical support to reliable assist with, and thus resulting in frustration all around. Unfortunately, relay operators who would like to run relays behind NATs will need to become more familiar with the port forwarding configurations on their local router. Closes 25409.
The TestingEnableTbEmptyEvent option has been removed. It was used in testing simulations to measure how often connection buckets were emptied, in order to improve our scheduling, but it has not been actively used in years. Closes ticket 25760.
The old "round-robin" circuit multiplexer (circuitmux) implementation has been removed, along with a fairly large set of code that existed to support it. It has not been the default circuitmux since we introduced the "EWMA" circuitmux in 0.2.4.x, but it still required an unreasonable amount of memory and CPU. Closes ticket 25268.

New in Tor (Expert Bundle) 0.3.3.7 (Jun 26, 2018)

New in Tor (Expert Bundle) 0.3.3.5 RC (Apr 19, 2018)

Major bugfixes (security, protover, voting):
Revise Rust implementation of protover to use a more memory- efficient voting algorithm and corresponding data structures, thus avoiding a potential memory-based DoS attack where specially crafted protocol strings would expand to fill available memory. Fixes bug 24031; bugfix on 0.3.3.1-alpha.
Major bugfixes (performance, load balancing):
Directory authorities no longer vote in favor of the Guard flag for relays without directory support. Starting in Tor 0.3.0.1-alpha, clients have been avoiding using such relays in the Guard position, leading to increasingly broken load balancing for the 5%-or-so of Guards that don't advertise directory support. Fixes bug 22310; bugfix on 0.3.0.6.
Minor feature (continuous integration):
Update the Travis CI configuration to use the stable Rust channel, now that we have decided to require that. Closes ticket 25714.
Minor features (config options):
Change the way the default value for MaxMemInQueues is calculated. We now use 40% of the hardware RAM if the system has 8 GB RAM or more. Otherwise we use the former value of 75%. Closes ticket 24782.
Minor features (geoip):
Update geoip and geoip6 to the April 3 2018 Maxmind GeoLite2 Country database. Closes ticket 25718.
Minor bugfixes (client):
When using a listed relay as a bridge, and also using microdescriptors, and considering that relay as a non-bridge in a circuit, treat its microdescriptor as a valid source of information about that relay. This change should prevent a non- fatal assertion error. Fixes bug 25691; bugfix on 0.3.3.4-alpha.
Minor bugfixes (controller):
Restore the correct operation of the RESOLVE command, which had been broken since we added the ability to enable/disable DNS on specific listener ports. Fixes bug 25617; bugfix on 0.2.9.3-alpha.
Minor bugfixes (distribution, compilation, rust):
Build correctly when the rust dependencies submodule is loaded, but the TOR_RUST_DEPENDENCIES environment variable is not set. Fixes bug 25679; bugfix on 0.3.3.1-alpha.
Actually include all of our Rust source in our source distributions. (Previously, a few of the files were accidentally omitted.) Fixes bug 25732; bugfix on 0.3.3.2-alpha.
Minor bugfixes (documentation):
Document that the PerConnBW{Rate,Burst} options will fall back to their corresponding consensus parameters only if those parameters are set. Previously we had claimed that these values would always be set in the consensus. Fixes bug 25296; bugfix on 0.2.2.7-alpha.
Revert a misformatting issue in the ExitPolicy documentation. Fixes bug 25582; bugfix on 0.3.3.1-alpha.
Minor bugfixes (exit node DNS retries):
Re-attempt timed-out DNS queries 3 times before failure, since our timeout is 5 seconds for them, but clients wait 10-15. Also allow slightly more timeouts per resolver when an exit has multiple resolvers configured. Fixes bug 21394; bugfix on 0.3.1.9.
Minor bugfixes (onion services):
Re-instate counting the client HSDir fetch circuits against the MaxClientCircuitsPending rate limit. Fixes bug 24989; bugfix on 0.3.3.1-alpha.
Remove underscores from the _HSLayer{2,3}Nodes options. This expert-user configuration can now be enabled as HSLayer{2,3}Nodes. Fixes bug 25581; bugfix on 0.3.3.1-alpha
Code simplification and refactoring:
Move the list of default directory authorities to its own file. Closes ticket 24854. Patch by "beastr0".
Documentation (manpage, denial of service):
Provide more detail about the denial-of-service options, by listing each mitigation and explaining how they relate. Closes ticket 25248.

New in Tor (Expert Bundle) 0.3.3.3 Alpha (Mar 23, 2018)

Major bugfixes (denial-of-service, directory authority):
Fix a protocol-list handling bug that could be used to remotely crash directory authorities with a null-pointer exception. Fixes bug 25074; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2018-001 and CVE-2018-0490.
Minor features (compatibility, OpenSSL):
Tor will now support TLS1.3 once OpenSSL 1.1.1 is released. Previous versions of Tor would not have worked with OpenSSL 1.1.1, since they neither disabled TLS 1.3 nor enabled any of the ciphersuites it requires. Now we enable the TLS 1.3 ciphersuites. Closes ticket 24978.
Minor features (logging):
Clarify the log messages produced when getrandom() or a related entropy-generation mechanism gives an error. Closes ticket 25120.
Minor features (testing):
Add a "make test-rust" target to run the rust tests only. Closes ticket 25071.
Minor bugfixes (denial-of-service):
Fix a possible crash on malformed consensus. If a consensus had contained an unparseable protocol line, it could have made clients and relays crash with a null-pointer exception. To exploit this issue, however, an attacker would need to be able to subvert the directory authority system. Fixes bug 25251; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2018-004.
Minor bugfixes (DoS mitigation):
Add extra safety checks when refilling the circuit creation bucket to ensure we never set a value above the allowed maximum burst. Fixes bug 25202; bugfix on 0.3.3.2-alpha.
When a new consensus arrives, don't update our DoS-mitigation parameters if we aren't a public relay. Fixes bug 25223; bugfix on 0.3.3.2-alpha.
Minor bugfixes (man page, SocksPort):
Remove dead code from the old "SocksSocket" option, and rename SocksSocketsGroupWritable to UnixSocksGroupWritable. The old option still works, but is deprecated. Fixes bug 24343; bugfix on 0.2.6.3.
Minor bugfixes (performance):
Reduce the number of circuits that will be opened at once during the circuit build timeout phase. This is done by increasing the idle timeout to 3 minutes, and lowering the maximum number of concurrent learning circuits to 10. Fixes bug 24769; bugfix on 0.3.1.1-alpha.
Minor bugfixes (spec conformance):
Forbid "-0" as a protocol version. Fixes part of bug 25249; bugfix on 0.2.9.4-alpha.
Forbid UINT32_MAX as a protocol version. Fixes part of bug 25249; bugfix on 0.2.9.4-alpha.
Minor bugfixes (spec conformance, rust):
Resolve a denial-of-service issue caused by an infinite loop in the rust protover code. Fixes bug 25250, bugfix on 0.3.3.1-alpha. Also tracked as TROVE-2018-003.
Code simplification and refactoring:
Update the "rust dependencies" submodule to be a project-level repository, rather than a user repository. Closes ticket 25323.

New in Tor (Expert Bundle) 0.3.3.2 Alpha (Mar 2, 2018)

Major features (denial-of-service mitigation):
Give relays some defenses against the recent network overload. We start with three defenses (default parameters in parentheses). First: if a single client address makes too many concurrent connections (>100), hang up on further connections. Second: if a single client address makes circuits too quickly (more than 3 per second, with an allowed burst of 90) while also having too many connections open (3), refuse new create cells for the next while (1-2 hours). Third: if a client asks to establish a rendezvous point to you directly, ignore the request. These defenses can be manually controlled by new torrc options, but relays will also take guidance from consensus parameters, so there's no need to configure anything manually. Implements ticket 24902.
Major bugfixes (netflow padding):
Stop adding unneeded channel padding right after we finish flushing to a connection that has been trying to flush for many seconds. Instead, treat all partial or complete flushes as activity on the channel, which will defer the time until we need to add padding. This fix should resolve confusing and scary log messages like "Channel padding timeout scheduled 221453ms in the past." Fixes bug 22212; bugfix on 0.3.1.1-alpha.
Major bugfixes (protocol versions):
Add Link protocol version 5 to the supported protocols list. Fixes bug 25070; bugfix on 0.3.1.1-alpha.
Major bugfixes (scheduler, consensus):
The scheduler subsystem was failing to promptly notice changes in consensus parameters, making it harder to switch schedulers network-wide. Fixes bug 24975; bugfix on 0.3.2.1-alpha.
Minor features (denial-of-service avoidance):
Make our OOM handler aware of the geoip client history cache so it doesn't fill up the memory. This check is important for IPv6 and our DoS mitigation subsystem. Closes ticket 25122.
Minor features (directory authority):
When directory authorities are unable to add signatures to a pending consensus, log the reason why. Closes ticket 24849.
Minor features (geoip):
Update geoip and geoip6 to the February 7 2018 Maxmind GeoLite2 Country database.
Minor features (logging, diagnostic):
When logging a failure to create an onion service's descriptor, also log what the problem with the descriptor was. Diagnostic for ticket 24972.
Minor bugfix (channel connection):
Use the actual observed address of an incoming relay connection, not the canonical address of the relay from its descriptor, when making decisions about how to handle the incoming connection. Fixes bug 24952; bugfix on 0.2.4.11-alpha. Patch by "ffmancera".
Minor bugfix (directory authority):
Directory authorities, when refusing a descriptor from a rejected relay, now explicitly tell the relay (in its logs) to set a valid ContactInfo address and contact the bad-relays@ mailing list. Fixes bug 25170; bugfix on 0.2.9.1.
Minor bugfixes (all versions of Tor):
Use the "misspell" tool to detect and fix typos throughout the source code. Fixes bug 23650; bugfix on various versions of Tor. Patch from Deepesh Pathak.
Minor bugfixes (circuit, cannibalization):
Don't cannibalize preemptively-built circuits if we no longer recognize their first hop. This situation can happen if our Guard relay went off the consensus after the circuit was created. Fixes bug 24469; bugfix on 0.0.6.
Minor bugfixes (correctness):
Remove a nonworking, unnecessary check to see whether a circuit hop's identity digest was set when the circuit failed. Fixes bug 24927; bugfix on 0.2.4.4-alpha.
Minor bugfixes (logging):
Don't treat inability to store a cached consensus object as a bug: it can happen normally when we are out of disk space. Fixes bug 24859; bugfix on 0.3.1.1-alpha.
Fix a (mostly harmless) race condition when invoking LOG_PROTOCOL_WARN message from a subthread while the torrc options are changing. Fixes bug 23954; bugfix on 0.1.1.9-alpha.
Minor bugfixes (onion services):
Remove a BUG() statement when a client fetches an onion descriptor that has a lower revision counter than the one in its cache. This can happen in normal circumstances due to HSDir desync. Fixes bug 24976; bugfix on 0.3.2.1-alpha.
If we are configured to offer a single onion service, don't log long-term established one hop rendezvous points in the heartbeat. Fixes bug 25116; bugfix on 0.2.9.6-rc.
Minor bugfixes (performance):
Avoid calling protocol_list_supports_protocol() from inside tight loops when running with cached routerinfo_t objects. Instead, summarize the relevant protocols as flags in the routerinfo_t, as we do for routerstatus_t objects. This change simplifies our code a little, and saves a large amount of short-term memory allocation operations. Fixes bug 25008; bugfix on 0.2.9.4-alpha.
Minor bugfixes (Rust FFI):
Fix a minor memory leak which would happen whenever the C code would call the Rust implementation of protover_get_supported_protocols(). This was due to the C version returning a static string, whereas the Rust version newly allocated a CString to pass accross the FFI boundary. Consequently, the C code was not expecting to need to free() what it was given. Fixes bug 25127; bugfix on 0.3.2.1-alpha.
Minor bugfixes (scheduler, KIST):
Avoid adding the same channel twice in the KIST scheduler pending list, which would waste CPU cycles. Fixes bug 24700; bugfix on 0.3.2.1-alpha.
Minor bugfixes (unit test, monotonic time):
Increase a constant (1msec to 10msec) in the monotonic time test that makes sure the nsec/usec/msec times read are synchronized. This change was needed to accommodate slow systems like armel or when the clock_gettime() is not a VDSO on the running kernel. Fixes bug 25113; bugfix on 0.2.9.1.
Minor bugfixes (v3 onion services):
Look at the "HSRend" protocol version, not the "HSDir" protocol version, when deciding whether a consensus entry can support the v3 onion service protocol as a rendezvous point. Fixes bug 25105; bugfix on 0.3.2.1-alpha.
Code simplification and refactoring:
Remove the unused nodelist_recompute_all_hsdir_indices(). Closes ticket 25108.
Remove a series of counters used to track circuit extend attempts and connection status but that in reality we aren't using for anything other than stats logged by a SIGUSR1 signal. Closes ticket 25163.
Documentation (man page):
The HiddenServiceVersion torrc option accepts only one number: either version 2 or 3. Closes ticket 25026; bugfix on 0.3.2.2-alpha.

New in Tor (Expert Bundle) 0.3.2.9 Alpha (Feb 11, 2018)

New in Tor (Expert Bundle) 0.3.0.8 (Jun 14, 2017)

Major bugfixes (hidden service, relay, security, backport from 0.3.1.3-alpha
Fix a remotely triggerable assertion failure when a hidden service handles a malformed BEGIN cell. Fixes bug 22493, tracked as TROVE-2017-004 and as CVE-2017-0375; bugfix on 0.3.0.1-alpha.
Fix a remotely triggerable assertion failure caused by receiving a BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix on 0.2.2.1-alpha.
Major bugfixes (relay, link handshake, backport from 0.3.1.3-alpha):
When performing the v3 link handshake on a TLS connection, report that we have the x509 certificate that we actually used on that connection, even if we have changed certificates since that connection was first opened. Previously, we would claim to have used our most recent x509 link certificate, which would sometimes make the link handshake fail. Fixes one case of bug 22460; bugfix on 0.2.3.6-alpha.
Major bugfixes (relays, key management, backport from 0.3.1.3-alpha):
Regenerate link and authentication certificates whenever the key that signs them changes; also, regenerate link certificates whenever the signed key changes. Previously, these processes were only weakly coupled, and we relays could (for minutes to hours) wind up with an inconsistent set of keys and certificates, which other relays would not accept. Fixes two cases of bug 22460; bugfix on 0.3.0.1-alpha.
When sending an Ed25519 signing->link certificate in a CERTS cell, send the certificate that matches the x509 certificate that we used on the TLS connection. Previously, there was a race condition if the TLS context rotated after we began the TLS handshake but before we sent the CERTS cell. Fixes a case of bug 22460; bugfix on 0.3.0.1-alpha.
Major bugfixes (hidden service v3, backport from 0.3.1.1-alpha):
Stop rejecting v3 hidden service descriptors because their size did not match an old padding rule. Fixes bug 22447; bugfix on tor-0.3.0.1-alpha.
Minor features (fallback directory list, backport from 0.3.1.3-alpha):
Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in December 2016 (of which ~126 were still functional) with a list of 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May 2017. Resolves ticket 21564.
Minor bugfixes (configuration, backport from 0.3.1.1-alpha):
Do not crash when starting with LearnCircuitBuildTimeout 0. Fixes bug 22252; bugfix on 0.2.9.3-alpha.
Minor bugfixes (correctness, backport from 0.3.1.3-alpha):
Avoid undefined behavior when parsing IPv6 entries from the geoip6 file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
Minor bugfixes (link handshake, backport from 0.3.1.3-alpha):
Lower the lifetime of the RSA->Ed25519 cross-certificate to six months, and regenerate it when it is within one month of expiring. Previously, we had generated this certificate at startup with a ten-year lifetime, but that could lead to weird behavior when Tor was started with a grossly inaccurate clock. Mitigates bug 22466; mitigation on 0.3.0.1-alpha.
Minor bugfixes (memory leak, directory authority, backport from 0.3.1.2-alpha):
When directory authorities reject a router descriptor due to keypinning, free the router descriptor rather than leaking the memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha.

New in Tor (Expert Bundle) 0.2.9.10 (May 8, 2017)

Released on 2017-03-01
Major bugfixes (directory authority, 0.3.0.3-alpha):
During voting, when marking a relay as a probable sybil, do not clear its BadExit flag: sybils can still be bad in other ways too. (We still clear the other flags.) Fixes bug 21108; bugfix on 0.2.0.13-alpha.
Major bugfixes (IPv6 Exits, backport from 0.3.0.3-alpha):
Stop rejecting all IPv6 traffic on Exits whose exit policy rejects any IPv6 addresses. Instead, only reject a port over IPv6 if the exit policy rejects that port on more than an IPv6 /16 of addresses. This bug was made worse by 17027 in 0.2.8.1-alpha, which rejected a relay's own IPv6 address by default. Fixes bug 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha.
Major bugfixes (parsing, also in 0.3.0.4-rc):
Fix an integer underflow bug when comparing malformed Tor versions. This bug could crash Tor when built with --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor 0.2.9.8, which were built with -ftrapv by default. In other cases it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix on 0.0.8pre1. Found by OSS-Fuzz.
Minor features (directory authorities, also in 0.3.0.4-rc):
Directory authorities now reject descriptors that claim to be malformed versions of Tor. Helps prevent exploitation of bug 21278.
Reject version numbers with components that exceed INT32_MAX. Otherwise 32-bit and 64-bit platforms would behave inconsistently. Fixes bug 21450; bugfix on 0.0.8pre1.
Minor features (geoip):
Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 Country database.
Minor features (portability, compilation, backport from 0.3.0.3-alpha):
Autoconf now checks to determine if OpenSSL structures are opaque, instead of explicitly checking for OpenSSL version numbers. Part of ticket 21359.
Support building with recent LibreSSL code that uses opaque structures. Closes ticket 21359.
Minor bugfixes (code correctness, also in 0.3.0.4-rc):
Repair a couple of (unreachable or harmless) cases of the risky comparison-by-subtraction pattern that caused bug 21278.
Minor bugfixes (tor-resolve, backport from 0.3.0.3-alpha):
The tor-resolve command line tool now rejects hostnames over 255 characters in length. Previously, it would silently truncate them, which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5. Patch by "junglefowl".

New in Tor (Expert Bundle) 0.2.9.5 Alpha (Nov 8, 2016)

Major bugfixes (client performance):
Clients now respond to new application stream requests immediately when they arrive, rather than waiting up to one second before starting to handle them. Fixes part of bug 19969; bugfix on 0.2.8.1-alpha.
Major bugfixes (client reliability):
When Tor leaves standby because of a new application request, open circuits as needed to serve that request. Previously, we would potentially wait a very long time. Fixes part of bug 19969; bugfix on 0.2.8.1-alpha.
Major bugfixes (download scheduling):
When using an exponential backoff schedule, do not give up on downloading just because we have failed a bunch of times. Since each delay is longer than the last, retrying indefinitely won't hurt. Fixes bug 20536; bugfix on 0.2.9.1-alpha.
If a consensus expires while we are waiting for certificates to download, stop waiting for certificates.
If we stop waiting for certificates less than a minute after we started downloading them, do not consider the certificate download failure a separate failure. Fixes bug 20533; bugfix on 0.2.0.9-alpha.
Remove the maximum delay on exponential-backoff scheduling. Since we now allow an infinite number of failures (see ticket 20536), we must now allow the time to grow longer on each failure. Fixes part of bug 20534; bugfix on 0.2.9.1-alpha.
Make our initial download delays closer to those from 0.2.8. Fixes another part of bug 20534; bugfix on 0.2.9.1-alpha.
When determining when to download a directory object, handle times after 2038 if the operating system supports them. (Someday this will be important!) Fixes bug 20587; bugfix on 0.2.8.1-alpha.
When using exponential backoff in test networks, use a lower exponent, so the delays do not vary as much. This helps test networks bootstrap consistently. Fixes bug 20597; bugfix on 20499.
Minor features (geoip):
Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2 Country database.
Minor bugfixes (client directory scheduling):
Treat "relay too busy to answer request" as a failed request and a reason to back off on our retry frequency. This is safe now that exponential backoffs retry indefinitely, and avoids a bug where we would reset our download schedule erroneously. Fixes bug 20593; bugfix on 0.2.9.1-alpha.
Minor bugfixes (client, logging):
Remove a BUG warning in circuit_pick_extend_handshake(). Instead, assume all nodes support EXTEND2. Use ntor whenever a key is available. Fixes bug 20472; bugfix on 0.2.9.3-alpha.
On DNSPort, stop logging a BUG warning on a failed hostname lookup. Fixes bug 19869; bugfix on 0.2.9.1-alpha.
Minor bugfixes (hidden services):
When configuring hidden services, check every hidden service directory's permissions. Previously, we only checked the last hidden service. Fixes bug 20529; bugfix the work to fix 13942 in 0.2.6.2-alpha.
Minor bugfixes (portability):
Fix compilation with OpenSSL 1.1 and less commonly-used CPU architectures. Closes ticket 20588.
Use ECDHE ciphers instead of ECDH in tortls tests. LibreSSL has removed the ECDH ciphers which caused the tests to fail on platforms which use it. Fixes bug 20460; bugfix on 0.2.8.1-alpha.
Fix implicit conversion warnings under OpenSSL 1.1. Fixes bug 20551; bugfix on 0.2.1.1-alpha.
Minor bugfixes (relay bootstrap):
Ensure relays don't make multiple connections during bootstrap. Fixes bug 20591; bugfix on 0.2.8.1-alpha.
Minor bugfixes (relay):
Work around a memory leak in OpenSSL 1.1 when encoding public keys. Fixes bug 20553; bugfix on 0.0.2pre8.
Avoid a small memory leak when informing worker threads about rotated onion keys. Fixes bug 20401; bugfix on 0.2.6.3-alpha.
Do not try to parallelize workers more than 16x without the user explicitly configuring us to do so, even if we do detect more than 16 CPU cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha.
Minor bugfixes (single onion services):
Start correctly when creating a single onion service in a directory that did not previously exist. Fixes bug 20484; bugfix on 0.2.9.3-alpha.
Minor bugfixes (testing):
Avoid a unit test failure on systems with over 16 detectable CPU cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha.
Documentation:
Clarify that setting HiddenServiceNonAnonymousMode requires you to also set "SOCKSPort 0". Fixes bug 20487; bugfix on 0.2.9.3-alpha.
Module-level documentation for several more modules. Closes tickets 19287 and 19290.

New in Tor (Expert Bundle) 0.2.9.4 Alpha (Oct 18, 2016)

Major features (security fixes):
Prevent a class of security bugs caused by treating the contents of a buffer chunk as if they were a NUL-terminated string. At least one such bug seems to be present in all currently used versions of Tor, and would allow an attacker to remotely crash most Tor instances, especially those compiled with extra compiler hardening. With this defense in place, such bugs can't crash Tor, though we should still fix them as they occur. Closes ticket 20384 (TROVE-2016-10-001).
Major features (subprotocol versions):
Tor directory authorities now vote on a set of recommended subprotocol versions, and on a set of required subprotocol versions. Clients and relays that lack support for a _required_ subprotocol version will not start; those that lack support for a _recommended_ subprotocol version will warn the user to upgrade. Closes ticket 19958; implements part of proposal 264.
Tor now uses "subprotocol versions" to indicate compatibility. Previously, versions of Tor looked at the declared Tor version of a relay to tell whether they could use a given feature. Now, they should be able to rely on its declared subprotocol versions. This change allows compatible implementations of the Tor protocol(s) to exist without pretending to be 100% bug-compatible with particular releases of Tor itself. Closes ticket 19958; implements part of proposal 264.
Minor feature (fallback directories):
Remove broken fallbacks from the hard-coded fallback directory list. Closes ticket 20190; patch by teor.
Minor features (client, directory):
Since authorities now omit all routers that lack the Running and Valid flags, we assume that any relay listed in the consensus must have those flags. Closes ticket 20001; implements part of proposal 272.
Minor features (compilation, portability):
Compile correctly on MacOS 10.12 (aka "Sierra"). Closes ticket 20241.
Minor features (development tools, etags):
Teach the "make tags" Makefile target how to correctly find "MOCK_IMPL" function definitions. Patch from nherring; closes ticket 16869.
Minor features (geoip):
Update geoip and geoip6 to the October 4 2016 Maxmind GeoLite2 Country database.
Minor features (unix domain sockets):
When configuring a unix domain socket for a SocksPort, ControlPort, or Hidden service, you can now wrap the address in quotes, using C-style escapes inside the quotes. This allows unix domain socket paths to contain spaces.
Minor features (virtual addresses):
Increase the maximum number of bits for the IPv6 virtual network prefix from 16 to 104. In this way, the condition for address allocation is less restrictive. Closes ticket 20151; feature on 0.2.4.7-alpha.
Minor bugfixes (address discovery):
Stop reordering IP addresses returned by the OS. This makes it more likely that Tor will guess the same relay IP address every time. Fixes issue 20163; bugfix on 0.2.7.1-alpha, ticket 17027. Reported by René Mayrhofer, patch by "cypherpunks".
Minor bugfixes (client, unix domain sockets):
Disable IsolateClientAddr when using AF_UNIX backed SocksPorts as the client address is meaningless. Fixes bug 20261; bugfix on 0.2.6.3-alpha.
Minor bugfixes (compilation, OpenBSD):
Detect Libevent2 functions correctly on systems that provide libevent2, but where libevent1 is linked with -levent. Fixes bug 19904; bugfix on 0.2.2.24-alpha. Patch from Rubiate.
Minor bugfixes (configuration):
When parsing quoted configuration values from the torrc file, handle windows line endings correctly. Fixes bug 19167; bugfix on 0.2.0.16-alpha. Patch from "Pingl".
Minor bugfixes (getpass):
Defensively fix a non-triggerable heap corruption at do_getpass() to protect ourselves from mistakes in the future. Fixes bug #19223; bugfix on 0.2.7.3-rc. Bug found by Guido Vranken, patch by nherring.
Minor bugfixes (hidden service):
Allow hidden services to run on IPv6 addresses even when the IPv6Exit option is not set. Fixes bug 18357; bugfix on 0.2.4.7-alpha.
Documentation:
Add module-level internal documentation for 36 C files that previously didn't have a high-level overview. Closes ticket #20385.
Required libraries:
When building with OpenSSL, Tor now requires version 1.0.1 or later. OpenSSL 1.0.0 and earlier are no longer supported by the OpenSSL team, and should not be used. Closes ticket 20303.

New in Tor (Expert Bundle) 0.2.9.3 Alpha (Oct 18, 2016)

Major bugfixes (crash, also in 0.2.8.8):
Fix a complicated crash bug that could affect Tor clients configured to use bridges when replacing a networkstatus consensus in which one of their bridges was mentioned. OpenBSD users saw more crashes here, but all platforms were potentially affected. Fixes bug 20103; bugfix on 0.2.8.2-alpha.
Major bugfixes (relay, OOM handler, also in 0.2.8.8):
Fix a timing-dependent assertion failure that could occur when we tried to flush from a circuit after having freed its cells because of an out-of-memory condition. Fixes bug 20203; bugfix on 0.2.8.1-alpha. Thanks to "cypherpunks" for help diagnosing this one.
Major features (circuit building, security):
Authorities, relays and clients now require ntor keys in all descriptors, for all hops (except for rare hidden service protocol cases), for all circuits, and for all other roles. Part of ticket 19163.
Tor authorities, relays, and clients only use ntor, except for rare cases in the hidden service protocol. Part of ticket 19163.
Major features (single-hop "hidden" services):
Add experimental HiddenServiceSingleHopMode and HiddenServiceNonAnonymousMode options. When both are set to 1, every hidden service on a Tor instance becomes a non-anonymous Single Onion Service. Single Onions make one-hop (direct) connections to their introduction and renzedvous points. One-hop circuits make Single Onion servers easily locatable, but clients remain location-anonymous. This is compatible with the existing hidden service implementation, and works on the current tor network without any changes to older relays or clients. Implements proposal 260, completes ticket 17178. Patch by teor and asn.
Major features (resource management):
Tor can now notice it is about to run out of sockets, and preemptively close connections of lower priority. (This feature is off by default for now, since the current prioritizing method is yet not mature enough. You can enable it by setting "DisableOOSCheck 0", but watch out: it might close some sockets you would rather have it keep.) Closes ticket 18640.
Major bugfixes (circuit building):
Hidden service client-to-intro-point and service-to-rendezvous- point cicruits use the TAP key supplied by the protocol, to avoid epistemic attacks. Fixes bug 19163; bugfix on 0.2.4.18-rc.
Major bugfixes (compilation, OpenBSD):
Fix a Libevent-detection bug in our autoconf script that would prevent Tor from linking successfully on OpenBSD. Patch from rubiate. Fixes bug 19902; bugfix on 0.2.9.1-alpha.
Major bugfixes (hidden services):
Clients now require hidden services to include the TAP keys for their intro points in the hidden service descriptor. This prevents an inadvertent upgrade to ntor, which a malicious hidden service could use to distinguish clients by consensus version. Fixes bug 20012; bugfix on 0.2.4.8-alpha. Patch by teor.
Minor features (security, TLS):
Servers no longer support clients that without AES ciphersuites. (3DES is no longer considered an acceptable cipher.) We believe that no such Tor clients currently exist, since Tor has required OpenSSL 0.9.7 or later since 2009. Closes ticket 19998.
Minor feature (fallback directories):
Remove broken entries from the hard-coded fallback directory list. Closes ticket 20190; patch by teor.
Minor features (geoip, also in 0.2.8.8):
Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2 Country database.
Minor feature (port flags):
Add new flags to the *Port options to finer control over which requests are allowed. The flags are NoDNSRequest, NoOnionTraffic, and the synthetic flag OnionTrafficOnly, which is equivalent to NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. Closes enhancement 18693; patch by "teor".
Minor features (directory authority):
After voting, if the authorities decide that a relay is not "Valid", they no longer include it in the consensus at all. Closes ticket 20002; implements part of proposal 272.
Minor features (testing):
Disable memory protections on OpenBSD when performing our unit tests for memwipe(). The test deliberately invokes undefined behavior, and the OpenBSD protections interfere with this. Patch from "rubiate". Closes ticket 20066.
Minor features (testing, ipv6):
Add the single-onion and single-onion-ipv6 chutney targets to "make test-network-all". This requires a recent chutney version with the single onion network flavours (git c72a652 or later). Closes ticket 20072; patch by teor.
Add the hs-ipv6 chutney target to make test-network-all's IPv6 tests. Remove bridges+hs, as it's somewhat redundant. This requires a recent chutney version that supports IPv6 clients, relays, and authorities. Closes ticket 20069; patch by teor.
Minor features (Tor2web):
Make Tor2web clients respect ReachableAddresses. This feature was inadvertently enabled in 0.2.8.6, then removed by bugfix 19973 on 0.2.8.7. Implements feature 20034. Patch by teor.
Minor features (unit tests):
We've done significant work to make the unit tests run faster.
Our link-handshake unit tests now check that when invalid handshakes fail, they fail with the error messages we expected.
Our unit testing code that captures log messages no longer prevents them from being written out if the user asked for them (by passing --debug or --info or or --notice --warn to the "test" binary). This change prevents us from missing unexpected log messages simply because we were looking for others. Related to ticket 19999.
The unit tests now log all warning messages with the "BUG" flag. Previously, they only logged errors by default. This change will help us make our testing code more correct, and make sure that we only hit this code when we mean to. In the meantime, however, there will be more warnings in the unit test logs than before. This is preparatory work for ticket 19999.
The unit tests now treat any failure of a "tor_assert_nonfatal()" assertion as a test failure.
Minor bug fixes (circuits):
Use the CircuitBuildTimeout option whenever LearnCircuitBuildTimeout is disabled. Previously, we would respect the option when a user disabled it, but not when it was disabled because some other option was set. Fixes bug 20073; bugfix on 0.2.4.12-alpha. Patch by teor.
Minor bugfixes (allocation):
Change how we allocate memory for large chunks on buffers, to avoid a (currently impossible) integer overflow, and to waste less space when allocating unusually large chunks. Fixes bug 20081; bugfix on 0.2.0.16-alpha. Issue identified by Guido Vranken.
Always include orconfig.h before including any other C headers. Sometimes, it includes macros that affect the behavior of the standard headers. Fixes bug 19767; bugfix on 0.2.9.1-alpha (the first version to use AC_USE_SYSTEM_EXTENSIONS).
Fix a syntax error in the IF_BUG_ONCE__() macro in non-GCC- compatible compilers. Fixes bug 20141; bugfix on 0.2.9.1-alpha. Patch from Gisle Vanem.
Stop trying to build with Clang 4.0's -Wthread-safety warnings. They apparently require a set of annotations that we aren't currently using, and they create false positives in our pthreads wrappers. Fixes bug 20110; bugfix on 0.2.9.1-alpha.
Minor bugfixes (directory authority):
Die with a more useful error when the operator forgets to place the authority_signing_key file into the keys directory. This avoids an uninformative assert & traceback about having an invalid key. Fixes bug 20065; bugfix on 0.2.0.1-alpha.
When allowing private addresses, mark Exits that only exit to private locations as such. Fixes bug 20064; bugfix on 0.2.2.9-alpha.
Minor bugfixes (documentation):
Document the default PathsNeededToBuildCircuits value that's used by clients when the directory authorities don't set min_paths_for_circs_pct. Fixes bug 20117; bugfix on 02c320916e02 in tor-0.2.4.10-alpha. Patch by teor, reported by Jesse V.
Fix manual for the User option: it takes a username, not a UID. Fixes bug 19122; bugfix on 0.0.2pre16 (the first version to have a manpage!).
Minor bugfixes (hidden services):
Stop logging intro point details to the client log on certain error conditions. Fixed as part of bug 20012; bugfix on 0.2.4.8-alpha. Patch by teor.
Minor bugfixes (IPv6, testing):
Check for IPv6 correctly on Linux when running test networks. Fixes bug 19905; bugfix on 0.2.7.3-rc; patch by teor.
Minor bugfixes (Linux seccomp2 sandbox):
Add permission to run the sched_yield() and sigaltstack() system calls, in order to support versions of Tor compiled with asan or ubsan code that use these calls. Now "sandbox 1" and "--enable-expensive-hardening" should be compatible on more systems. Fixes bug 20063; bugfix on 0.2.5.1-alpha.
Minor bugfixes (logging):
When logging a message from the BUG() macro, be explicit about what we were asserting. Previously we were confusing what we were asserting with what the bug was. Fixes bug 20093; bugfix on 0.2.9.1-alpha.
When we are unable to remove the bw_accounting file, do not warn if the reason we couldn't remove it was that it didn't exist. Fixes bug 19964; bugfix on 0.2.5.4-alpha. Patch from 'pastly'.
Minor bugfixes (option parsing):
Count unix sockets when counting client listeners (SOCKS, Trans, NATD, and DNS). This has no user-visible behaviour changes: these options are set once, and never read. Required for correct behaviour in ticket 17178. Fixes bug 19677; bugfix on 0.2.6.3-alpha. Patch by teor.
Minor bugfixes (options):
Check the consistency of UseEntryGuards and EntryNodes more reliably. Fixes bug 20074; bugfix on tor- 0.2.4.12-alpha. Patch by teor.
Stop changing the configured value of UseEntryGuards on authorities and Tor2web clients. Fixes bug 20074; bugfix on commits 51fc6799 in tor-0.1.1.16-rc and acda1735 in tor-0.2.4.3- alpha. Patch by teor.
Minor bugfixes (Tor2web):
Prevent Tor2web clients running hidden services, these services are not anonymous due to the one-hop client paths. Fixes bug 19678. Patch by teor.
Minor bugfixes (unit tests):
Fix a shared-random unit test that was failing on big endian architectures due to internal representation of a integer copied to a buffer. The test is changed to take a full 32 bytes of data and use the output of a python script that make the COMMIT and REVEAL calculation according to the spec. Fixes bug 19977; bugfix on 0.2.9.1-alpha.
The tor_tls_server_info_callback unit test no longer crashes when debug-level logging is turned on. Fixes bug 20041; bugfix on 0.2.8.1-alpha.

New in Tor (Expert Bundle) 0.2.8.7 (Oct 18, 2016)

New in Tor (Expert Bundle) 0.2.9.2 Alpha (Oct 18, 2016)

Directory authority changes (also in 0.2.8.7):
The "Tonga" bridge authority has been retired; the new bridge authority is "Bifroest". Closes tickets 19728 and 19690.
Major bugfixes (client, security, also in 0.2.8.7):
Only use the ReachableAddresses option to restrict the first hop in a path. In earlier versions of 0.2.8.x, it would apply to every hop in the path, with a possible degradation in anonymity for anyone using an uncommon ReachableAddress setting. Fixes bug 19973; bugfix on 0.2.8.2-alpha.
Major features (user interface):
Tor now supports the ability to declare options deprecated, so that we can recommend that people stop using them. Previously, this was done in an ad-hoc way. Closes ticket 19820.
Major bugfixes (directory downloads):
Avoid resetting download status for consensuses hourly, since we already have another, smarter retry mechanism. Fixes bug 8625; bugfix on 0.2.0.9-alpha.
Minor features (config):
Warn users when descriptor and port addresses are inconsistent. Mitigates bug 13953; patch by teor.
Minor features (geoip):
Update geoip and geoip6 to the August 2 2016 Maxmind GeoLite2 Country database.
Minor features (user interface):
There is a new --list-deprecated-options command-line option to list all of the deprecated options. Implemented as part of ticket 19820.
Minor bugfixes (code style):
Fix an integer signedness conversion issue in the case conversion tables. Fixes bug 19168; bugfix on 0.2.1.11-alpha.
Minor bugfixes (compilation):
Build correctly on versions of libevent2 without support for evutil_secure_rng_add_bytes(). Fixes bug 19904; bugfix on 0.2.5.4-alpha.
Fix a compilation warning on GCC versions before 4.6. Our ENABLE_GCC_WARNING macro used the word "warning" as an argument, when it is also required as an argument to the compiler pragma. Fixes bug 19901; bugfix on 0.2.9.1-alpha.
Minor bugfixes (compilation, also in 0.2.8.7):
Remove an inappropriate "inline" in tortls.c that was causing warnings on older versions of GCC. Fixes bug 19903; bugfix on 0.2.8.1-alpha.
Minor bugfixes (fallback directories, also in 0.2.8.7):
Avoid logging a NULL string pointer when loading fallback directory information. Fixes bug 19947; bugfix on 0.2.4.7-alpha and 0.2.8.1-alpha. Report and patch by "rubiate".
Minor bugfixes (logging):
Log a more accurate message when we fail to dump a microdescriptor. Fixes bug 17758; bugfix on 0.2.2.8-alpha. Patch from Daniel Pinto.
Minor bugfixes (memory leak):
Fix a series of slow memory leaks related to parsing torrc files and options. Fixes bug 19466; bugfix on 0.2.1.6-alpha.
Deprecated features:
A number of DNS-cache-related sub-options for client ports are now deprecated for security reasons, and may be removed in a future version of Tor. (We believe that client-side DNS cacheing is a bad idea for anonymity, and you should not turn it on.) The options are: CacheDNS, CacheIPv4DNS, CacheIPv6DNS, UseDNSCache, UseIPv4Cache, and UseIPv6Cache.
A number of options are deprecated for security reasons, and may be removed in a future version of Tor. The options are: AllowDotExit, AllowInvalidNodes, AllowSingleHopCircuits, AllowSingleHopExits, ClientDNSRejectInternalAddresses, CloseHSClientCircuitsImmediatelyOnTimeout, CloseHSServiceRendCircuitsImmediatelyOnTimeout, ExcludeSingleHopRelays, FastFirstHopPK, TLSECGroup, UseNTorHandshake, and WarnUnsafeSocks.
The *ListenAddress options are now deprecated as unnecessary: the corresponding *Port options should be used instead. These options may someday be removed. The affected options are: ControlListenAddress, DNSListenAddress, DirListenAddress, NATDListenAddress, ORListenAddress, SocksListenAddress, and TransListenAddress.
Documentation:
Correct the IPv6 syntax in our documentation for the VirtualAddrNetworkIPv6 torrc option. Closes ticket 19743.
Removed code:
We no longer include the (dead, deprecated) bufferevent code in Tor. Closes ticket 19450. Based on a patch from U+039b.

New in Tor (Expert Bundle) 0.2.9.1 Alpha (Aug 16, 2016)

New system requirements:
Tor now requires Libevent version 2.0.10-stable or later. Older versions of Libevent have less efficient backends for several platforms, and lack the DNS code that we use for our server-side DNS support.
Tor now requires zlib version 1.2 or later, for security, efficiency, and (eventually) gzip support. (Back when we started, zlib 1.1 and zlib 1.0 were still found in the wild. 1.2 was released in 2003. We recommend the latest version.)
Major features (build, hardening):
Tor now builds with -ftrapv by default on compilers that support it. This option detects signed integer overflow (which C forbids), and turns it into a hard-failure. We do not apply this option to code that needs to run in constant time to avoid side-channels; instead, we use -fwrapv in that code. Closes ticket 17983.
When --enable-expensive-hardening is selected, stop applying the clang/gcc sanitizers to code that needs to run in constant time. Although we are aware of no introduced side-channels, we are not able to prove that there are none.
Major features (compilation):
Our big list of extra GCC warnings is now enabled by default when building with GCC (or with anything like Clang that claims to be GCC-compatible). To make all warnings into fatal compilation errors, pass --enable-fatal-warnings to configure.
Use the Autoconf macro AC_USE_SYSTEM_EXTENSIONS to automatically turn on C and POSIX extensions. (Previously, we attempted to do this on an ad hoc basis.)
Major features (directory authorities, hidden services):
Directory authorities can now perform the shared randomness protocol specified by proposal 250. Using this protocol, directory authorities generate a global fresh random value every day. In the future, this value will be used by hidden services to select HSDirs. This release implements the directory authority feature; the hidden service side will be implemented in the future as part of proposal 224.
Major features (downloading, random exponential backoff):
When we fail to download an object from a directory service, wait for an (exponentially increasing) randomized amount of time before retrying, rather than a fixed interval as we did before. This prevents a group of Tor instances from becoming too synchronized, or a single Tor instance from becoming too predictable, in its download schedule.
Major bugfixes (exit policies):
Avoid disclosing exit outbound bind addresses, configured port bind addresses, and local interface addresses in relay descriptors by default under ExitPolicyRejectPrivate. Instead, only reject these (otherwise unlisted) addresses if ExitPolicyRejectLocalInterfaces is set. Fixes bug 18456; bugfix on 0.2.7.2-alpha.
Major bugfixes (hidden service client):
Allow Tor clients with appropriate controllers to work with FetchHidServDescriptors set to 0. Previously, this option also disabled descriptor cache lookup, thus breaking hidden services entirely. Fixes bug 18704; bugfix on 0.2.0.20-rc.
Minor features (build, hardening):
Detect and work around a libclang_rt problem that would prevent clang from finding __mulodi4() on some 32-bit platforms, and thus keep -ftrapv from linking on those systems.
When building on a system without runtime support for the runtime hardening options, try to log a useful warning at configuration time, rather than an incomprehensible warning at link time. If expensive hardening was requested, this warning becomes an error.
Minor features (code safety):
In our integer-parsing functions, ensure that maxiumum value we give is no smaller than the minimum value. Closes ticket 19063; patch from U+039b.
Minor features (controller):
Implement new GETINFO queries for all downloads that use download_status_t to schedule retries. This allows controllers to examine the schedule for pending downloads.
Allow controllers to configure basic client authorization on hidden services when they create them with the ADD_ONION control command. Implements ticket 15588. Patch by "special".
Fire a STATUS_SERVER controller event whenever the hibernation status changes between "awake"/"soft"/"hard".
Minor features (directory authority):
Directory authorities now only give the Guard flag to a relay if they are also giving it the Stable flag. This change allows us to simplify path selection for clients. It should have minimal effect in practice, since >99% of Guards already have the Stable flag.
Directory authorities now write their v3-status-votes file out to disk earlier in the consensus process, so we have a record of the votes even if we abort the consensus process.
Minor features (hidden service):
Stop being so strict about the payload length of "rendezvous1" cells. We used to be locked in to the "TAP" handshake length, and now we can handle better handshakes like "ntor".
Minor features (infrastructure, time):
Tor now uses the operating system's monotonic timers (where available) for internal fine-grained timing. Previously we would look at the system clock, and then attempt to compensate for the clock running backwards.
Tor now includes an improved timer backend, so that we can efficiently support tens or hundreds of thousands of concurrent timers, as will be needed for some of our planned anti-traffic- analysis work. This code is based on William Ahern's "timeout.c" project, which implements a "tickless hierarchical timing wheel".
Minor features (logging):
Provide a more useful warning message when configured with an invalid Nickname. Closes ticket 18300; patch from "icanhasaccount".
When dumping unparseable router descriptors, optionally store them in separate files, named by digest, up to a configurable size limit. You can change the size limit by setting the MaxUnparseableDescSizeToLog option, and disable this feature by setting that option to 0.
Add a set of macros to check nonfatal assertions, for internal use. Migrating more of our checks to these should help us avoid needless crash bugs.
Minor features (performance):
Changer the "optimistic data" extension from "off by default" to "on by default". The default was ordinarily overridden by a consensus option, but when clients were bootstrapping for the first time, they would not have a consensus to get the option from. Changing this default When fetching a consensus for the first time, use optimistic data. This saves a round-trip during startup.
Minor features (relay, usability):
When the directory authorities refuse a bad relay's descriptor, encourage the relay operator to contact us. Many relay operators won't notice this line in their logs, but it's a win if even a few learn why we don't like what their relay was doing.
Minor features (testing):
Let backtrace tests work correctly under AddressSanitizer. Fixes part of bug 18934; bugfix on 0.2.5.2-alpha.
Move the test-network.sh script to chutney, and modify tor's test- network.sh to call the (newer) chutney version when available. Resolves ticket 19116.
Use the lcov convention for marking lines as unreachable, so that we don't count them when we're generating test coverage data. Update our coverage tools to understand this convention.
Minor bugfixes (bootstrap):
Remember the directory we fetched the consensus or previous certificates from, and use it to fetch future authority certificates. This change improves bootstrapping performance. Fixes bug 18963; bugfix on 0.2.8.1-alpha.
Minor bugfixes (build):
The test-stem and test-network makefile targets now depend only on the tor binary that they are testing. Previously, they depended on "make all". Fixes bug 18240; bugfix on 0.2.8.2-alpha.
Minor bugfixes (circuits):
Make sure extend_info_from_router() is only called on servers. Fixes bug 19639; bugfix on 0.2.8.1-alpha.
Minor bugfixes (compilation):
When building with Clang, use a full set of GCC warnings. (Previously, we included only a subset, because of the way we detected them.) Fixes bug 19216; bugfix on 0.2.0.1-alpha.
Minor bugfixes (directory authority):
Authorities now sort the "package" lines in their votes, for ease of debugging. (They are already sorted in consensus documents.) Fixes bug 18840; bugfix on 0.2.6.3-alpha.
When parsing a detached signature, make sure we use the length of the digest algorithm instead of an hardcoded DIGEST256_LEN in order to avoid comparing bytes out-of-bounds with a smaller digest length such as SHA1. Fixes bug 19066; bugfix on 0.2.2.6-alpha.
Minor bugfixes (documentation):
Document the --passphrase-fd option in the tor manpage. Fixes bug 19504; bugfix on 0.2.7.3-rc.
Fix the description of the --passphrase-fd option in the tor-gencert manpage. The option is used to pass the number of a file descriptor to read the passphrase from, not to read the file descriptor from. Fixes bug 19505; bugfix on 0.2.0.20-alpha.
Minor bugfixes (ephemeral hidden service):
When deleting an ephemeral hidden service, close its intro points even if they are not completely open. Fixes bug 18604; bugfix on 0.2.7.1-alpha.
Minor bugfixes (guard selection):
Use a single entry guard even if the NumEntryGuards consensus parameter is not provided. Fixes bug 17688; bugfix on 0.2.5.6-alpha.
Don't mark guards as unreachable if connection_connect() fails. That function fails for local reasons, so it shouldn't reveal anything about the status of the guard. Fixes bug 14334; bugfix on 0.2.3.10-alpha.
Minor bugfixes (hidden service client):
Increase the minimum number of internal circuits we preemptively build from 2 to 3, so a circuit is available when a client connects to another onion service. Fixes bug 13239; bugfix on 0.1.0.1-rc.
Minor bugfixes (logging):
When logging a directory ownership mismatch, log the owning username correctly. Fixes bug 19578; bugfix on 0.2.2.29-beta.
Minor bugfixes (memory leaks):
Fix a small, uncommon memory leak that could occur when reading a truncated ed25519 key file. Fixes bug 18956; bugfix on 0.2.6.1-alpha.
Minor bugfixes (testing):
Allow clients to retry HSDirs much faster in test networks. Fixes bug 19702; bugfix on 0.2.7.1-alpha.
Disable ASAN's detection of segmentation faults while running test_bt.sh, so that we can make sure that our own backtrace generation code works. Fixes another aspect of bug 18934; bugfix on 0.2.5.2-alpha.
Fix the test-network-all target on out-of-tree builds by using the correct path to the test driver script. Fixes bug 19421; bugfix on 0.2.7.3-rc.
Minor bugfixes (time):
Improve overflow checks in tv_udiff and tv_mdiff. Fixes bug 19483; bugfix on all released tor versions.
When computing the difference between two times in milliseconds, we now round to the nearest millisecond correctly. Previously, we could sometimes round in the wrong direction. Fixes bug 19428; bugfix on 0.2.2.2-alpha.
Minor bugfixes (user interface):
Display a more accurate number of suppressed messages in the log rate-limiter. Previously, there was a potential integer overflow in the counter. Now, if the number of messages hits a maximum, the rate-limiter doesn't count any further. Fixes bug 19435; bugfix on 0.2.4.11-alpha.
Fix a typo in the passphrase prompt for the ed25519 identity key. Fixes bug 19503; bugfix on 0.2.7.2-alpha.
Code simplification and refactoring:
Remove redundant declarations of the MIN macro. Closes ticket 18889.
Rename tor_dup_addr() to tor_addr_to_str_dup() to avoid confusion. Closes ticket 18462; patch from "icanhasaccount".
Split the 600-line directory_handle_command_get function into separate functions for different URL types.
Documentation:
Fix spelling of "--enable-tor2web-mode" in the manpage.
Removed features:
Remove support for "GET /tor/bytes.txt" DirPort request, and "GETINFO dir-usage" controller request, which were only available via a compile-time option in Tor anyway. Feature was added in 0.2.2.1-alpha.
There is no longer a compile-time option to disable support for TransPort. (If you don't want TransPort; just don't use it.) Patch from "U+039b".
Testing:
Run more workqueue tests as part of "make check". These had previously been implemented, but you needed to know special command-line options to enable them.
We now have unit tests for our code to reject zlib "compression bombs". (Fortunately, the code works fine.)

New in Tor (Expert Bundle) 0.2.8.6 (Aug 16, 2016)

New system requirements:
Tor no longer attempts to support platforms where the "time_t" type is unsigned. (To the best of our knowledge, only OpenVMS does this, and Tor has never actually built on OpenVMS.)
Tor no longer supports versions of OpenSSL with a broken implementation of counter mode. (This bug was present in OpenSSL 1.0.0, and was fixed in OpenSSL 1.0.0a.) Tor still detects, but no longer runs with, these versions.
Tor now uses Autoconf version 2.63 or later, and Automake 1.11 or later (released in 2008 and 2009 respectively). If you are building Tor from the git repository instead of from the source distribution, and your tools are older than this, you will need to upgrade.
Directory authority changes:
Update the V3 identity key for the dannenberg directory authority: it was changed on 18 November 2015.
Urras is no longer a directory authority.
Major features (directory system):
Include a trial list of default fallback directories, based on an opt-in survey of suitable relays. Doing this should make clients bootstrap more quickly and reliably, and reduce the load on the directory authorities. Closes ticket 15775. Candidates identified using an OnionOO script.
Previously only relays that explicitly opened a directory port (DirPort) accepted directory requests from clients. Now all relays, with and without a DirPort, accept and serve tunneled directory requests that they receive through their ORPort. You can disable this behavior using the new DirCache option.
When bootstrapping multiple consensus downloads at a time, use the first one that starts downloading, and close the rest. This reduces failures when authorities or fallback directories are slow or down. Together with the code for feature 15775, this feature should reduces failures due to fallback churn.
Major bugfixes (client, bootstrapping):
Check if bootstrap consensus downloads are still needed when the linked connection attaches. This prevents tor making unnecessary begindir-style connections, which are the only directory connections tor clients make since the fix for 18483 was merged.
Fix some edge cases where consensus download connections may not have been closed, even though they were not needed. Related to fix for 18809.
Make relays retry consensus downloads the correct number of times, rather than the more aggressive client retry count.
Major bugfixes (dns proxy mode, crash):
Avoid crashing when running as a DNS proxy. Fixes bug 16248; bugfix on 0.2.0.1-alpha.
Major bugfixes (ed25519, voting):
Actually enable support for authorities to match routers by their Ed25519 identities. Previously, the code had been written, but some debugging code that had accidentally been left in the codebase made it stay turned off. Fixes bug 17702; bugfix on 0.2.7.2-alpha.
When collating votes by Ed25519 identities, authorities now include a "NoEdConsensus" flag if the ed25519 value (or lack thereof) for a server does not reflect the majority consensus. Related to bug 17668; bugfix on 0.2.7.2-alpha.
When generating a vote with keypinning disabled, never include two entries for the same ed25519 identity. This bug was causing authorities to generate votes that they could not parse when a router violated key pinning by changing its RSA identity but keeping its Ed25519 identity. Fixes bug 17668; fixes part of bug 18318. Bugfix on 0.2.7.2-alpha.
Major bugfixes (key management):
If OpenSSL fails to generate an RSA key, do not retain a dangling pointer to the previous (uninitialized) key value. The impact here should be limited to a difficult-to-trigger crash, if OpenSSL is running an engine that makes key generation failures possible, or if OpenSSL runs out of memory. Fixes bug 19152; bugfix on 0.2.1.10-alpha.
Major bugfixes (security, client, DNS proxy):
Stop a crash that could occur when a client running with DNSPort received a query with multiple address types, and the first address type was not supported; bugfix on 0.2.5.4-alpha.
Major bugfixes (security, compilation):
Correctly detect compiler flags on systems where _FORTIFY_SOURCE is predefined. Previously, our use of -D_FORTIFY_SOURCE would cause a compiler warning, thereby making other checks fail, and needlessly disabling compiler-hardening support; bugfix on 0.2.3.17-beta.
Repair hardened builds under the clang compiler. Previously, our use of _FORTIFY_SOURCE would conflict with clang's address sanitizer. Fixes bug 14821; bugfix on 0.2.5.4-alpha.
Major bugfixes (security, pointers):
Avoid a difficult-to-trigger heap corruption attack when extending a smartlist to contain over 16GB of pointers. Fixes bug 18162; bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely.
Major bugfixes (testing):
Fix a bug that would block 'make test-network-all' on systems where IPv6 packets were lost. Fixes bug 19008; bugfix on 0.2.7.3-rc.
Major bugfixes (user interface):
Correctly give a warning in the cases where a relay is specified by nickname, and one such relay is found, but it is not officially Named. Fixes bug 19203; bugfix on 0.2.3.1-alpha.
Minor features (accounting):
Added two modes to the AccountingRule option: One for limiting only the number of bytes sent ("AccountingRule out"), and one for limiting only the number of bytes received ("AccountingRule in").
Minor features (bug-resistance):
Make Tor survive errors involving connections without a corresponding event object. Previously we'd fail with an assertion; now we produce a log message.
Use tor_snprintf() and tor_vsnprintf() even in external and low- level code, to harden against accidental failures to NUL- terminate. Found with Flawfinder.
Minor features (build):
Detect systems with FreeBSD-derived kernels (such as GNU/kFreeBSD) as having possible IPFW support.
Since our build process now uses "make distcheck", we no longer force "make dist" to depend on "make check".
Tor now builds once again with the recent OpenSSL 1.1 development branch (tested against 1.1.0-pre5 and 1.1.0-pre6-dev). We have been tracking OpenSSL 1.1 development as it has progressed, and fixing numerous compatibility issues as they arose.
When building manual pages, set the timezone to "UTC", so that the output is reproducible. Fixes bug 19558; bugfix on 0.2.2.9-alpha.
Minor features (clients):
Make clients, onion services, and bridge relays always use an encrypted begindir connection for directory requests.
Minor features (controller):
Add 'GETINFO exit-policy/reject-private/[default,relay]', so controllers can examine the the reject rules added by ExitPolicyRejectPrivate. This makes it easier for stem to display exit policies.
Adds the FallbackDir entries to 'GETINFO config/defaults'. Closes tickets 16774 and 17817.
New 'GETINFO hs/service/desc/id/' command to retrieve a hidden service descriptor from a service's local hidden service descriptor cache.
Minor features (crypto):
Add SHA3 and SHAKE support to crypto.c.
Add SHA512 support to crypto.c.
Improve performance when hashing non-multiple of 8 sized buffers, based on Andrew Moon's public domain SipHash-2-4 implementation. Fixes bug 17544; bugfix on 0.2.5.3-alpha.
Validate the hard-coded Diffie-Hellman parameters and ensure that p is a safe prime, and g is a suitable generator.
When allocating a digest state object, allocate no more space than we actually need. Previously, we would allocate as much space as the state for the largest algorithm would need. This change saves up to 672 bytes per circuit.
Minor features (directory downloads):
Add UseDefaultFallbackDirs, which enables any hard-coded fallback directory mirrors. The default is 1; set it to 0 to disable fallbacks.
Wait for busy authorities and fallback directories to become non- busy when bootstrapping. (A similar change was made in 6c443e987d for directory caches chosen from the consensus.)
Minor features (geoip):
Update geoip and geoip6 to the July 6 2016 Maxmind GeoLite2 Country database.
Minor features (hidden service directory):
Streamline relay-side hsdir handling: when relays consider whether to accept an uploaded hidden service descriptor, they no longer check whether they are one of the relays in the network that is "supposed" to handle that descriptor.
Minor features (IPv6):
Add ClientPreferIPv6DirPort, which is set to 0 by default. If set to 1, tor prefers IPv6 directory addresses.
Add ClientUseIPv4, which is set to 1 by default. If set to 0, tor avoids using IPv4 for client OR and directory connections.
Add address policy assume_action support for IPv6 addresses.
Add an argument 'ipv6=address:orport' to the DirAuthority and FallbackDir torrc options, to specify an IPv6 address for an authority or fallback directory. Add hard-coded ipv6 addresses for directory authorities that have them.
Allow users to configure directory authorities and fallback directory servers with IPv6 addresses and ORPorts. Resolves ticket 6027.
Limit IPv6 mask bits to 128.
Make tor_ersatz_socketpair work on IPv6-only systems. Fixes bug 17638; bugfix on 0.0.2pre8.
Try harder to obey the IP version restrictions "ClientUseIPv4 0", "ClientUseIPv6 0", "ClientPreferIPv6ORPort", and "ClientPreferIPv6DirPort". Closes ticket 17840;
Warn when comparing against an AF_UNSPEC address in a policy, it's almost always a bug. Closes ticket 17863;
routerset_parse now accepts IPv6 literal addresses. Fixes bug 17060; bugfix on 0.2.1.3-alpha.
Minor features (Linux seccomp2 sandbox):
Reject attempts to change our Address with "Sandbox 1" enabled. Changing Address with Sandbox turned on would never actually work, but previously it would fail in strange and confusing ways. Found while fixing 18548.
Minor features (logging):
When logging to syslog, allow a tag to be added to the syslog identity (the string prepended to every log message). The tag can be configured with SyslogIdentityTag and defaults to none. Setting it to "foo" will cause logs to be tagged as "Tor-foo".
Minor features (portability):
Use timingsafe_memcmp() where available.
Minor features (relay, address discovery):
Add a family argument to get_interface_addresses_raw() and subfunctions to make network interface address interogation more efficient. Now Tor can specifically ask for IPv4, IPv6 or both types of interfaces from the operating system.
When get_interface_address6_list(.,AF_UNSPEC,.) is called and fails to enumerate interface addresses using the platform-specific API, have it rely on the UDP socket fallback technique to try and find out what IP addresses (both IPv4 and IPv6) our machine has.
Minor features (replay cache):
The replay cache now uses SHA256 instead of SHA1.
Minor features (robustness):
Exit immediately with an error message if the code attempts to use Libevent without having initialized it. This should resolve some frequently-made mistakes in our unit tests.
Minor features (security, clock):
Warn when the system clock appears to move back in time (when the state file was last written in the future). Tor doesn't know that consensuses have expired if the clock is in the past.
Minor features (security, exit policies):
ExitPolicyRejectPrivate now rejects more private addresses by default. Specifically, it now rejects the relay's outbound bind addresses (if configured), and the relay's configured port addresses (such as ORPort and DirPort). Fixes bug 17027; bugfix on 0.2.0.11-alpha.
Minor features (security, memory erasure):
Make memwipe() do nothing when passed a NULL pointer or buffer of zero size. Check size argument to memwipe() for underflow. Fixes bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha.
Set the unused entries in a smartlist to NULL. This helped catch a (harmless) bug, and shouldn't affect performance too much.
Use SecureMemoryWipe() function to securely clean memory on Windows. Previously we'd use OpenSSL's OPENSSL_cleanse() function.
Use explicit_bzero or memset_s when present. Previously, we'd use OpenSSL's OPENSSL_cleanse() function.
Minor features (security, RNG):
Adjust Tor's use of OpenSSL's RNG APIs so that they absolutely, positively are not allowed to fail. Previously we depended on internal details of OpenSSL's behavior.
Never use the system entropy output directly for anything besides seeding the PRNG. When we want to generate important keys, instead of using system entropy directly, we now hash it with the PRNG stream. This may help resist certain attacks based on broken OS entropy implementations
Use modern system calls (like getentropy() or getrandom()) to generate strong entropy on platforms that have them.
Minor features (security, win32):
Set SO_EXCLUSIVEADDRUSE on Win32 to avoid a local port-stealing attack. Fixes bug 18123; bugfix on all tor versions.
Minor features (unix domain sockets):
Add a new per-socket option, RelaxDirModeCheck, to allow creating Unix domain sockets without checking the permissions on the parent directory. (Tor checks permissions by default because some operating systems only check permissions on the parent directory. However, some operating systems do look at permissions on the socket, and tor's default check is unneeded.)
Minor bugfixes (accounting):
The max bandwidth when using 'AccountRule sum' is now correctly logged. Fixes bug 18024; bugfix on 0.2.6.1-alpha.
Minor bugfixes (assert, portability):
Fix an assertion failure in memarea.c on systems where "long" is shorter than the size of a pointer. Fixes bug 18716; bugfix on 0.2.1.1-alpha.
Minor bugfixes (bootstrap):
Consistently use the consensus download schedule for authority certificates. Fixes bug 18816; bugfix on 0.2.4.13-alpha.
Minor bugfixes (build):
Avoid spurious failures from configure files related to calling exit(0) in TOR_SEARCH_LIBRARY. Fixes bug 18625; bugfix on 0.2.0.1-alpha.
Do not link the unit tests against both the testing and non- testing versions of the static libraries. Fixes bug 18490; bugfix on 0.2.7.1-alpha.
Resolve warnings when building on systems that are concerned with signed char. Fixes bug 18728; bugfix on 0.2.7.2-alpha and 0.2.6.1-alpha.
Silence spurious clang-scan warnings in the ed25519_donna code by explicitly initializing some objects. Fixes bug 18384; bugfix on 0.2.7.2-alpha.
When libscrypt.h is found, but no libscrypt library can be linked, treat libscrypt as absent. Fixes bug 19161; bugfix on 0.2.6.1-alpha.
Cause the unit tests to compile correctly on mingw64 versions that lack sscanf. Fixes bug 19213; bugfix on 0.2.7.1-alpha.
Don't try to use the pthread_condattr_setclock() function unless it actually exists. Fixes compilation on NetBSD-6.x. Fixes bug 17819; bugfix on 0.2.6.3-alpha.
Fix backtrace compilation on FreeBSD. Fixes bug 17827; bugfix on 0.2.5.2-alpha.
Fix search for libevent libraries on OpenBSD (and other systems that install libevent 1 and libevent 2 in parallel). Fixes bug 16651; bugfix on 0.1.0.7-rc.
Isolate environment variables meant for tests from the rest of the build system. Fixes bug 17818; bugfix on 0.2.7.3-rc.
Mark all object files that include micro-revision.i as depending on it, so as to make parallel builds more reliable. Fixes bug 17826; bugfix on 0.2.5.1-alpha.
Remove config.log only from make distclean, not from make clean. Fixes bug 17924; bugfix on 0.2.4.1-alpha.
Replace usage of 'INLINE' with 'inline'. Fixes bug 17804; bugfix on 0.0.2pre8.
Remove an #endif from configure.ac so that we correctly detect the presence of in6_addr.s6_addr32. Fixes bug 17923; bugfix on 0.2.0.13-alpha.
Minor bugfixes (client, bootstrap):
Count receipt of new microdescriptors as progress towards bootstrapping. Previously, with EntryNodes set, Tor might not successfully repopulate the guard set on bootstrapping. Fixes bug 16825; bugfix on 0.2.3.1-alpha.
Minor bugfixes (code correctness):
Fix a bad memory handling bug that would occur if we had queued a cell on a channel's incoming queue. Fortunately, we can't actually queue a cell like that as our code is constructed today, but it's best to avoid this kind of error, even if there isn't any code that triggers it today. Fixes bug 18570; bugfix on 0.2.4.4-alpha.
Assert that allocated memory held by the reputation code is freed according to its internal counters. Fixes bug 17753; bugfix on 0.1.1.1-alpha.
Assert when the TLS contexts fail to initialize. Fixes bug 17683; bugfix on 0.0.6.
Update to the latest version of Trunnel, which tries harder to avoid generating code that can invoke memcpy(p,NULL,0). Bug found by clang address sanitizer. Fixes bug 18373; bugfix on 0.2.7.2-alpha.
When closing an entry connection, generate a warning if we should have sent an end cell for it but we haven't. Fixes bug 17876; bugfix on 0.2.3.2-alpha.
Minor bugfixes (configuration):
Fix a tiny memory leak when parsing a port configuration ending in ":auto". Fixes bug 18374; bugfix on 0.2.3.3-alpha.
Minor bugfixes (containers):
If we somehow attempt to construct a heap with more than 1073741822 elements, avoid an integer overflow when maintaining the heap property. Fixes bug 18296; bugfix on 0.1.2.1-alpha.
Minor bugfixes (controller, microdescriptors):
Make GETINFO dir/status-vote/current/consensus conform to the control specification by returning "551 Could not open cached consensus..." when not caching consensuses. Fixes bug 18920; bugfix on 0.2.2.6-alpha.
Minor bugfixes (crypto):
Check the return value of HMAC() and assert on failure. Fixes bug 17658; bugfix on 0.2.3.6-alpha.
Minor bugfixes (directories):
When fetching extrainfo documents, compare their SHA256 digests and Ed25519 signing key certificates with the routerinfo that led us to fetch them, rather than with the most recent routerinfo. Otherwise we generate many spurious warnings about mismatches. Fixes bug 17150; bugfix on 0.2.7.2-alpha.
When generating a URL for a directory server on an IPv6 address, wrap the IPv6 address in square brackets. Fixes bug 18051; bugfix on 0.2.3.9-alpha.
Minor bugfixes (downloading):
Predict more correctly whether we'll be downloading over HTTP when we determine the maximum length of a URL. This should avoid a "BUG" warning about the Squid HTTP proxy and its URL limits. Fixes bug 19191.
Minor bugfixes (exit policies, security):
Refresh an exit relay's exit policy when interface addresses change. Previously, tor only refreshed the exit policy when the configured external address changed. Fixes bug 18208; bugfix on 0.2.7.3-rc.
Minor bugfixes (fallback directories):
Mark fallbacks as "too busy" when they return a 503 response, rather than just marking authorities. Fixes bug 17572; bugfix on 0.2.4.7-alpha.
When requesting extrainfo descriptors from a trusted directory server, check whether it is an authority or a fallback directory which supports extrainfo descriptors. Fixes bug 18489; bugfix on 0.2.4.7-alpha.
Minor bugfixes (hidden service, client):
Handle the case where the user makes several fast consecutive requests to the same .onion address. Previously, the first six requests would each trigger a descriptor fetch, each picking a directory (there are 6 overall) and the seventh one would fail because no directories were left, thereby triggering a close on all current directory connections asking for the hidden service. The solution here is to not close the connections if we have pending directory fetches. Fixes bug 15937; bugfix on 0.2.7.1-alpha.
Minor bugfixes (hidden service, control port):
Add the onion address to the HS_DESC event for the UPLOADED action both on success or failure. It was previously hardcoded with UNKNOWN. Fixes bug 16023; bugfix on 0.2.7.2-alpha.
Minor bugfixes (hidden service, directory):
Bridges now refuse "rendezvous2" (hidden service descriptor) publish attempts. Suggested by ticket 18332.
Minor bugfixes (IPv6):
Update the limits in max_dl_per_request for IPv6 address length. Fixes bug 17573; bugfix on 0.2.1.5-alpha.
Minor bugfixes (logging):
In log messages that include a function name, use __FUNCTION__ instead of __PRETTY_FUNCTION__. In GCC, these are synonymous, but with clang __PRETTY_FUNCTION__ has extra information we don't need. Fixes bug 16563; bugfix on 0.0.2pre8.
Remove needless quotes from a log message about unparseable addresses. Fixes bug 17843; bugfix on 0.2.3.3-alpha.
Scrub service name in "unrecognized service ID" log messages. Fixes bug 18600; bugfix on 0.2.4.11-alpha.
When logging information about an unparsable networkstatus vote or consensus, do not say "vote" when we mean consensus. Fixes bug 18368; bugfix on 0.2.0.8-alpha.
When we can't generate a signing key because OfflineMasterKey is set, do not imply that we should have been able to load it. Fixes bug 18133; bugfix on 0.2.7.2-alpha.
When logging a malformed hostname received through socks4, scrub it if SafeLogging says we should. Fixes bug 17419; bugfix on 0.1.1.16-rc.
Minor bugfixes (memory safety):
Avoid freeing an uninitialized pointer when opening a socket fails in get_interface_addresses_ioctl(). Fixes bug 18454; bugfix on 0.2.3.11-alpha. Reported by toralf and "cypherpunks", patch by teor.
Fix a memory leak in "tor --list-fingerprint". Fixes part of bug 18672; bugfix on 0.2.5.1-alpha.
Fix a memory leak in tor-gencert. Fixes part of bug 18672; bugfix on 0.2.0.1-alpha.
Minor bugfixes (pluggable transports):
Avoid reporting a spurious error when we decide that we don't need to terminate a pluggable transport because it has already exited. Fixes bug 18686; bugfix on 0.2.5.5-alpha.
Minor bugfixes (pointer arithmetic):
Fix a bug in memarea_alloc() that could have resulted in remote heap write access, if Tor had ever passed an unchecked size to memarea_alloc(). Fortunately, all the sizes we pass to memarea_alloc() are pre-checked to be less than 128 kilobytes. Fixes bug 19150; bugfix on 0.2.1.1-alpha.
Minor bugfixes (private directory):
Prevent a race condition when creating private directories. Fixes part of bug 17852; bugfix on 0.0.2pre13. Found with Flawfinder.
Minor bugfixes (relays):
Check that both the ORPort and DirPort (if present) are reachable before publishing a relay descriptor. Otherwise, relays publish a descriptor with DirPort 0 when the DirPort reachability test takes longer than the ORPort reachability test. Fixes bug 18050; bugfix on 0.1.0.1-rc.
Resolve some edge cases where we might launch an ORPort reachability check even when DisableNetwork is set. Noticed while fixing bug 18616; bugfix on 0.2.3.9-alpha.
Minor bugfixes (relays, hidden services):
Refuse connection requests to private OR addresses unless ExtendAllowPrivateAddresses is set. Previously, tor would connect, then refuse to send any cells to a private address. Fixes bugs 17674 and 8976; bugfix on 0.2.3.21-rc.
Minor bugfixes (security, hidden services):
Prevent hidden services connecting to client-supplied rendezvous addresses that are reserved as internal or multicast. Fixes bug 8976; bugfix on 0.2.3.21-rc.
Minor bugfixes (statistics):
Consistently check for overflow in round_*_to_next_multiple_of functions, and add unit tests with additional and maximal values. Fixes part of bug 13192; bugfix on 0.2.2.1-alpha.
Handle edge cases in the laplace functions: avoid division by zero, avoid taking the log of zero, and silence clang type conversion warnings using round and trunc. Add unit tests for edge cases with maximal values. Fixes part of bug 13192; bugfix on 0.2.6.2-alpha.
We now include consensus downloads via IPv6 in our directory- request statistics. Fixes bug 18460; bugfix on 0.2.3.14-alpha.
Minor bugfixes (test networks, IPv6):
Allow internal IPv6 addresses in descriptors in test networks. Fixes bug 17153; bugfix on 0.2.3.16-alpha.
Minor bugfixes (testing):
Check the full results of SHA256 and SHA512 digests in the unit tests. Bugfix on 0.2.2.4-alpha.
Fix a memory leak in the ntor test. Fixes bug 17778; bugfix on 0.2.4.8-alpha.
Fix a small memory leak that would occur when the TestingEnableCellStatsEvent option was turned on. Fixes bug 18673; bugfix on 0.2.5.2-alpha.
Make unit tests pass on IPv6-only systems, and systems without localhost addresses (like some FreeBSD jails). Fixes bug 17632; bugfix on 0.2.7.3-rc.
The test for log_heartbeat was incorrectly failing in timezones with non-integer offsets. Instead of comparing the end of the time string against a constant, compare it to the output of format_local_iso_time when given the correct input. Fixes bug 18039; bugfix on 0.2.5.4-alpha.
We no longer disable assertions in the unit tests when coverage is enabled. Instead, we require you to say --disable-asserts-in-tests to the configure script if you need assertions disabled in the unit tests (for example, if you want to perform branch coverage). Fixes bug 18242; bugfix on 0.2.7.1-alpha.
Minor bugfixes (time handling):
When correcting a corrupt 'struct tm' value, fill in the tm_wday field. Otherwise, our unit tests crash on Windows. Fixes bug 18977; bugfix on 0.2.2.25-alpha.
Avoid overflow in tor_timegm when parsing dates in and after 2038 on platforms with 32-bit time_t. Fixes bug 18479; bugfix on 0.0.2pre14.
Minor bugfixes (tor-gencert):
Correctly handle the case where an authority operator enters a passphrase but sends an EOF before sending a newline. Fixes bug 17443; bugfix on 0.2.0.20-rc.
Code simplification and refactoring:
Clean up a little duplicated code in crypto_expand_key_material_TAP(). Closes ticket 17587; patch from "pfrankw".
Decouple the list of streams waiting to be attached to circuits from the overall connection list. This change makes it possible to attach streams quickly while simplifying Tor's callgraph and avoiding O(N) scans of the entire connection list.
Extract the more complicated parts of circuit_mark_for_close() into a new function that we run periodically before circuits are freed. This change removes more than half of the functions currently in the "blob".
Move logging of redundant policy entries in policies_parse_exit_policy_internal into its own function. Closes ticket 17608; patch from "juce".
Quote all the string interpolations in configure.ac -- even those which we are pretty sure can't contain spaces.
Remove code for configuring OpenSSL dynamic locks; OpenSSL doesn't use them.
Remove specialized code for non-inplace AES_CTR. 99% of our AES is inplace, so there's no need to have a separate implementation for the non-inplace code.
Simplify return types for some crypto functions that can't actually fail.
When a direct directory request fails immediately on launch, instead of relaunching that request from inside the code that launches it, instead mark the connection for teardown. This change simplifies Tor's callback and prevents the directory-request launching code from invoking itself recursively.
Documentation:
Add a description of the correct use of the '--keygen' command- line option.
Change build messages to refer to "Fedora" instead of "Fedora Core", and "dnf" instead of "yum".
Document the contents of the 'datadir/keys' subdirectory in the manual page.
Document the minimum HeartbeatPeriod value.
Explain actual minima for BandwidthRate.
Fix a minor formatting typo in the manpage.
Mention torspec URL in the manpage and point the reader to it whenever we mention a document that belongs in torspce. Fixes issue 17392.
Stop recommending use of nicknames to identify relays in our MapAddress documentation.
Removed features:
Remove client-side support for connecting to Tor relays running versions of Tor before 0.2.3.6-alpha. These relays didn't support the v3 TLS handshake protocol, and are no longer allowed on the Tor network.
We no longer maintain an internal freelist in memarea.c. Allocators should be good enough to make this code unnecessary, and it's doubtful that it ever had any performance benefit.
Testing:
Add unit tests to check for common RNG failure modes, such as returning all zeroes, identical values, or incrementing values (OpenSSL's rand_predictable feature).
Always test both ed25519 backends, so that we can be sure that our batch-open replacement code works.
Cover dns_resolve_impl() in dns.c with unit tests.
Fix several warnings from clang's address sanitizer produced in the unit tests.
Log more information when the backtrace tests fail. Closes ticket 17892. Patch from "cypherpunks."
More unit tests for compat_libevent.c, procmon.c, tortls.c, util_format.c, directory.c, and options_validate.c.
Treat backtrace test failures as expected on FreeBSD until we solve bug 17808.
Unit tests for directory_handle_command_get.

New in Tor (Expert Bundle) 0.2.8.5 RC (Jul 7, 2016)

Directory authority changes:
Urras is no longer a directory authority. Closes ticket 19271.
Major bugfixes (heartbeat):
Fix a regression that would crash Tor when the periodic "heartbeat" log messages were disabled. Fixes bug 19454; bugfix on tor-0.2.8.1-alpha.
Minor features (build):
Tor now again builds with the recent OpenSSL 1.1 development branch (tested against 1.1.0-pre6-dev). Closes ticket 19499.
When building manual pages, set the timezone to "UTC", so that the output is reproducible. Fixes bug 19558; bugfix on 0.2.2.9-alpha. Patch from intrigeri.
Minor bugfixes (fallback directory selection):
Avoid errors during fallback selection if there are no eligible fallbacks. Fixes bug 19480; bugfix on 0.2.8.3-alpha.
Minor bugfixes (IPv6, microdescriptors):
Don't check node addresses when we only have a routerstatus. This allows IPv6-only clients to bootstrap by fetching microdescriptors from fallback directory mirrors. (The microdescriptor consensus has no IPv6 addresses in it.) Fixes bug 19608; bugfix on 0.2.8.2-alpha.
Minor bugfixes (logging):
Reduce pointlessly verbose log messages when directory servers can't be found. Fixes bug 18849; bugfix on 0.2.8.3-alpha and 0.2.8.1-alpha.
When a fallback directory changes its fingerprint from the hard- coded fingerprint, log a less severe, more explanatory log message. Fixes bug 18812; bugfix on 0.2.8.1-alpha.
Minor bugfixes (Linux seccomp2 sandboxing):
Allow statistics to be written to disk when "Sandbox 1" is enabled. Fixes bugs 19556 and 19957; bugfix on 0.2.5.1-alpha and 0.2.6.1-alpha respectively.
Minor bugfixes (user interface):
Remove a warning message "Service [scrubbed] not found after descriptor upload". This message appears when one uses HSPOST control command to upload a service descriptor. Since there is only a descriptor and no service, showing this message is pointless and confusing. Fixes bug 19464; bugfix on 0.2.7.2-alpha.
Fallback directory list:
Add a comment to the generated fallback directory list that explains how to comment out unsuitable fallbacks in a way that's compatible with the stem fallback parser.
Update fallback whitelist and blacklist based on relay operator emails. Blacklist unsuitable (non-working, over-volatile) fallbacks. Resolves ticket 19071.
Update hard-coded fallback list to remove unsuitable fallbacks. Resolves ticket 19071.

New in Tor (Expert Bundle) 0.2.9.1 Alpha (May 27, 2016)

Tor 0.2.8.3-alpha resolves several bugs, most of them introduced over the course of the 0.2.8 development cycle. It improves the behavior of directory clients, fixes several crash bugs, fixes a gap in compiler hardening, and allows the full integration test suite to run on more platforms.
Major bugfixes (security, client, DNS proxy): Stop a crash that could occur when a client running with DNSPort received a query with multiple address types, and the first address type was not supported. Found and fixed by Scott Dial. Fixes bug 18710; bugfix on 0.2.5.4-alpha. o Major bugfixes (security, compilation): Correctly detect compiler flags on systems where _FORTIFY_SOURCE is predefined. Previously, our use of -D_FORTIFY_SOURCE would cause a compiler warning, thereby making other checks fail, and needlessly disabling compiler-hardening support. Fixes one case of bug 18841; bugfix on 0.2.3.17-beta. Patch from "trudokal".
Major bugfixes (security, directory authorities): Fix a crash and out-of-bounds write during authority voting, when the list of relays includes duplicate ed25519 identity keys. Fixes bug 19032; bugfix on 0.2.8.2-alpha.
Major bugfixes (client, bootstrapping): Check if bootstrap consensus downloads are still needed when the linked connection attaches. This prevents tor making unnecessary begindir-style connections, which are the only directory connections tor clients make since the fix for 18483 was merged. Fix some edge cases where consensus download connections may not have been closed, even though they were not needed. Related to fix for 18809. Make relays retry consensus downloads the correct number of times, rather than the more aggressive client retry count. Fixes part of ticket 18809. Stop downloading consensuses when we have a consensus, even if we don't have all the certificates for it yet. Fixes bug 18809; bugfix on 0.2.8.1-alpha. Patches by arma and teor.
Major bugfixes (directory mirrors): Decide whether to advertise begindir support in the the same way we decide whether to advertise our DirPort. Allowing these decisions to become out-of-sync led to surprising behavior like advertising begindir support when hibernation made us not advertise a DirPort. Resolves bug 18616; bugfix on 0.2.8.1-alpha. Patch by teor.
Major bugfixes (IPv6 bridges, client): Actually use IPv6 addresses when selecting directory addresses for IPv6 bridges. Fixes bug 18921; bugfix on 0.2.8.1-alpha. Patch by "teor".
Major bugfixes (key management): If OpenSSL fails to generate an RSA key, do not retain a dangling pointer to the previous (uninitialized) key value. The impact here should be limited to a difficult-to-trigger crash, if OpenSSL is running an engine that makes key generation failures possible, or if OpenSSL runs out of memory. Fixes bug 19152; bugfix on .2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and Baishakhi Ray.
Major bugfixes (testing): Fix a bug that would block 'make test-network-all' on systems where IPv6 packets were lost. Fixes bug 19008; bugfix on tor-0.2.7.3-rc. Avoid "WSANOTINITIALISED" warnings in the unit tests. Fixes bug 18668; bugfix on 0.2.8.1-alpha. o Minor features (clients): Make clients, onion services, and bridge relays always use an encrypted begindir connection for directory requests. Resolves ticket 18483. Patch by "teor".
Minor features (fallback directory mirrors): Give each fallback the same weight for client selection; restrict fallbacks to one per operator; report fallback directory detail changes when rebuilding list; add new fallback directory mirrors to the whitelist; update fallback directories based on the latest OnionOO data; and any other minor simplifications and fixes. Closes tasks 17158, 17905, 18749, bug 18689, and fixes part of bug on 0.2.8.1-alpha; patch by "teor".
Minor features (geoip): Update geoip and geoip6 to the May 4 2016 Maxmind GeoLite2 Country database.
Minor bugfixes (assert, portability): Fix an assertion failure in memarea.c on systems where "long" is shorter than the size of a pointer. Fixes bug 18716; bugfix on 0.2.1.1-alpha.
Minor bugfixes (bootstrap): Consistently use the consensus download schedule for authority certificates. Fixes bug 18816; bugfix on 0.2.4.13-alpha.
Minor bugfixes (build): Remove a pair of redundant AM_CONDITIONAL declarations from configure.ac. Fixes one final case of bug 17744; bugfix on 0.2.8.2-alpha. Resolve warnings when building on systems that are concerned with signed char. Fixes bug 18728; bugfix on 0.2.7.2-alpha and 0.2.6.1-alpha. When libscrypt.h is found, but no libscrypt library can be linked, treat libscrypt as absent. Fixes bug 19161; bugfix on 0.2.6.1-alpha. o Minor bugfixes (client): Turn all TestingClientBootstrap* into non-testing torrc options. This changes simply renames them by removing "Testing" in front of them and they do not require TestingTorNetwork to be enabled anymore. Fixes bug 18481; bugfix on 0.2.8.1-alpha. Make directory node selection more reliable, mainly for IPv6-only clients and clients with few reachable addresses. Fixes bug 18929; bugfix on 0.2.8.1-alpha. Patch by "teor".
Minor bugfixes (controller, microdescriptors): Make GETINFO dir/status-vote/current/consensus conform to the control specification by returning "551 Could not open cached consensus..." when not caching consensuses. Fixes bug 18920; bugfix on 0.2.2.6-alpha.
Minor bugfixes (crypto, portability): The SHA3 and SHAKE routines now produce the correct output on Big Endian systems. No code calls either algorithm yet, so this is primarily a build fix. Fixes bug 18943; bugfix on 0.2.8.1-alpha. Tor now builds again with the recent OpenSSL 1.1 development branch (tested against 1.1.0-pre4 and 1.1.0-pre5-dev). Closes ticket 18286.
Minor bugfixes (directories): When fetching extrainfo documents, compare their SHA256 digests and Ed25519 signing key certificates with the routerinfo that led us to fetch them, rather than with the most recent routerinfo. Otherwise we generate many spurious warnings about mismatches. Fixes bug 17150; bugfix on 0.2.7.2-alpha.
Minor bugfixes (logging): When we can't generate a signing key because OfflineMasterKey is set, do not imply that we should have been able to load it. Fixes bug 18133; bugfix on 0.2.7.2-alpha. Stop periodic_event_dispatch() from blasting twelve lines per second at loglevel debug. Fixes bug 18729; fix on 0.2.8.1-alpha. When rejecting a misformed INTRODUCE2 cell, only log at PROTOCOL_WARN severity. Fixes bug 18761; bugfix on 0.2.8.2-alpha. o Minor bugfixes (pluggable transports): Avoid reporting a spurious error when we decide that we don't need to terminate a pluggable transport because it has already exited. Fixes bug 18686; bugfix on 0.2.5.5-alpha. o Minor bugfixes (pointer arithmetic): Fix a bug in memarea_alloc() that could have resulted in remote heap write access, if Tor had ever passed an unchecked size to memarea_alloc(). Fortunately, all the sizes we pass to memarea_alloc() are pre-checked to be less than 128 kilobytes. Fixes bug 19150; bugfix on 0.2.1.1-alpha. Bug found by Guido Vranken.
Minor bugfixes (relays): Consider more config options when relays decide whether to regenerate their descriptor. Fixes more of bug 12538; bugfix on 0.2.8.1-alpha. Resolve some edge cases where we might launch an ORPort reachability check even when DisableNetwork is set. Noticed while fixing bug 18616; bugfix on 0.2.3.9-alpha. o Minor bugfixes (statistics): We now include consensus downloads via IPv6 in our directory- request statistics. Fixes bug 18460; bugfix on 0.2.3.14-alpha
Minor bugfixes (testing): Allow directories in small networks to bootstrap by skipping DirPort checks when the consensus has no exits. Fixes bug 19003; bugfix on 0.2.8.1-alpha. Patch by teor. Fix a small memory leak that would occur when the TestingEnableCellStatsEvent option was turned on. Fixes bug 18673; bugfix on 0.2.5.2-alpha.
Minor bugfixes (time handling): When correcting a corrupt 'struct tm' value, fill in the tm_wday field. Otherwise, our unit tests crash on Windows. Fixes bug ; bugfix on 0.2.2.25-alpha. o Documentation: Document the contents of the 'datadir/keys' subdirectory in the manual page. Closes ticket 17621. Stop recommending use of nicknames to identify relays in our MapAddress documentation. Closes ticket 18312.

New in Tor (Expert Bundle) 0.2.4.15 RC (Jul 9, 2013)

New in Tor (Expert Bundle) 0.2.4.12 Alpha (Apr 30, 2013)

New in Tor (Expert Bundle) 0.2.4.11 Alpha (Apr 7, 2013)

New in Tor (Expert Bundle) 0.2.4.9 Alpha (Feb 9, 2013)

New in Tor (Expert Bundle) 0.2.4.7 Alpha (Jan 7, 2013)

New in Tor (Expert Bundle) 0.2.3.25 (Dec 4, 2012)

New in Tor (Expert Bundle) 0.2.2.39 (Sep 13, 2012)

New in Tor (Expert Bundle) 0.2.2.38 (Aug 31, 2012)

New in Tor (Expert Bundle) 0.2.2.36 (Jun 5, 2012)

Directory authority changes:
Change IP address for maatuska (v3 directory authority).
Change IP address for ides (v3 directory authority), and rename it to turtles.
Security fixes:
When building or running with any version of OpenSSL earlier than 0.9.8s or 1.0.0f, disable SSLv3 support. These OpenSSL versions have a bug (CVE-2011-4576) in which their block cipher padding includes uninitialized data, potentially leaking sensitive information to any peer with whom they make a SSLv3 connection. Tor does not use SSL v3 by default, but a hostile client or server could force an SSLv3 connection in order to gain information that they shouldn't have been able to get. The best solution here is to upgrade to OpenSSL 0.9.8s or 1.0.0f (or later). But when building or running with a non-upgraded OpenSSL, we disable SSLv3 entirely to make sure that the bug can't happen.
Never use a bridge or a controller-supplied node as an exit, even if its exit policy allows it. Found by wanoskarnet. Fixes bug 5342. Bugfix on 0.1.1.15-rc (for controller-purpose descriptors) and 0.2.0.3-alpha (for bridge-purpose descriptors).
Only build circuits if we have a sufficient threshold of the total descriptors that are marked in the consensus with the "Exit" flag. This mitigates an attack proposed by wanoskarnet, in which all of a client's bridges collude to restrict the exit nodes that the client knows about. Fixes bug 5343.
Provide controllers with a safer way to implement the cookie authentication mechanism. With the old method, if another locally running program could convince a controller that it was the Tor process, then that program could trick the contoller into telling it the contents of an arbitrary 32-byte file. The new "SAFECOOKIE" authentication method uses a challenge-response approach to prevent this attack. Fixes bug 5185; implements proposal 193.
Major bugfixes:
Avoid logging uninitialized data when unable to decode a hidden service descriptor cookie. Fixes bug 5647; bugfix on 0.2.1.5-alpha.
Avoid a client-side assertion failure when receiving an INTRODUCE2 cell on a general purpose circuit. Fixes bug 5644; bugfix on 0.2.1.6-alpha.
Fix builds when the path to sed, openssl, or sha1sum contains spaces, which is pretty common on Windows. Fixes bug 5065; bugfix on 0.2.2.1-alpha.
Correct our replacements for the timeradd() and timersub() functions on platforms that lack them (for example, Windows). The timersub() function is used when expiring circuits, while timeradd() is currently unused. Bug report and patch by Vektor. Fixes bug 4778; bugfix on 0.2.2.24-alpha.
Fix the SOCKET_OK test that we use to tell when socket creation fails so that it works on Win64. Fixes part of bug 4533; bugfix on 0.2.2.29-beta. Bug found by wanoskarnet.
Minor bugfixes:
Reject out-of-range times like 23:59:61 in parse_rfc1123_time().
Fixes bug 5346; bugfix on 0.0.8pre3.
Make our number-parsing functions always treat too-large values as an error, even when those values exceed the width of the underlying type. Previously, if the caller provided these functions with minima or maxima set to the extreme values of the underlying integer type, these functions would return those values on overflow rather than treating overflow as an error.
Fixes part of bug 5786; bugfix on 0.0.9.
Older Linux kernels erroneously respond to strange nmap behavior by having accept() return successfully with a zero-length socket. When this happens, just close the connection. Previously, we would try harder to learn the remote address: but there was no such remote address to learn, and our method for trying to learn it was incorrect. Fixes bugs 1240, 4745, and 4747. Bugfix on 0.1.0.3-rc. Reported and diagnosed by "r1eo".
Correct parsing of certain date types in parse_http_time().
Without this patch, If-Modified-Since would behave incorrectly. Fixes bug 5346; bugfix on 0.2.0.2-alpha. Patch from Esteban Manchado VelÃ¡zques.
Change the BridgePassword feature (part of the "bridge community" design, which is not yet implemented) to use a time-independent comparison. The old behavior might have allowed an adversary to use timing to guess the BridgePassword value. Fixes bug 5543; bugfix on 0.2.0.14-alpha.
Detect and reject certain misformed escape sequences in configuration values. Previously, these values would cause us to crash if received in a torrc file or over an authenticated control port. Bug found by Esteban Manchado VelÃ¡zquez, and independently by Robert Connolly from Matta Consulting who further noted that it allows a post-authentication heap overflow. Patch
by Alexander Schrijver. Fixes bugs 5090 and 5402 (CVE 2012-1668); bugfix on 0.2.0.16-alpha.
Fix a compile warning when using the --enable-openbsd-malloc configure option. Fixes bug 5340; bugfix on 0.2.0.20-rc.
During configure, detect when we're building with clang version 3.0 or lower and disable the -Wnormalized=id and -Woverride-init CFLAGS. clang doesn't support them yet.
When sending an HTTP/1.1 proxy request, include a Host header. Fixes bug 5593; bugfix on 0.2.2.1-alpha.
Fix a NULL-pointer dereference on a badly formed SETCIRCUITPURPOSE command. Found by mikeyc. Fixes bug 5796; bugfix on 0.2.2.9-alpha.
If we hit the error case where routerlist_insert() replaces an existing (old) server descriptor, make sure to remove that server descriptor from the old_routers list. Fix related to bug 1776. Bugfix on 0.2.2.18-alpha.
Minor bugfixes (documentation and log messages):
Fix a typo in a log message in rend_service_rendezvous_has_opened(). Fixes bug 4856; bugfix on Tor 0.0.6.
Update "ClientOnly" man page entry to explain that there isn't really any point to messing with it. Resolves ticket 5005.
Document the GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays
directory authority option (introduced in Tor 0.2.2.34).
Downgrade the "We're missing a certificate" message from notice to info: people kept mistaking it for a real problem, whereas it is seldom the problem even when we are failing to bootstrap. Fixes bug 5067; bugfix on 0.2.0.10-alpha.
Correctly spell "connect" in a log message on failure to create a controlsocket. Fixes bug 4803; bugfix on 0.2.2.26-beta.
Clarify the behavior of MaxCircuitDirtiness with hidden service circuits. Fixes issue 5259.
Minor features:
Directory authorities now reject versions of Tor older than 0.2.1.30, and Tor versions between 0.2.2.1-alpha and 0.2.2.20-alpha inclusive. These versions accounted for only a small fraction of the Tor network, and have numerous known security issues. Resolves issue 4788.
Update to the May 1 2012 Maxmind GeoLite Country database.
Feature removal:
When sending or relaying a RELAY_EARLY cell, we used to convert it to a RELAY cell if the connection was using the v1 link protocol. This was a workaround for older versions of Tor, which didn't handle RELAY_EARLY cells properly. Now that all supported versions can handle RELAY_EARLY cells, and now that we're enforcing the "no RELAY_EXTEND commands except in RELAY_EARLY cells" rule, remove this workaround. Addresses bug 4786.

New in Tor (Expert Bundle) 0.2.3.12 Alpha (Feb 15, 2012)

Major bugfixes:
Fix builds when the path to sed, openssl, or sha1sum contains spaces, which is pretty common on Windows. Fixes bug 5065; bugfix on 0.2.2.1-alpha.
Set the SO_REUSEADDR socket option before we call bind() on outgoing connections. This change should allow busy exit relays to stop running out of available sockets as quickly. Fixes bug 4950; bugfix on 0.2.2.26-beta.
Allow 0.2.3.x clients to use 0.2.2.x bridges. Previously the client would ask the bridge for microdescriptors, which are only supported in 0.2.3.x, and then fail to bootstrap when it didn't get the answers it wanted. Fixes bug 4013; bugfix on 0.2.3.2-alpha.
Avoid an assert when managed proxies like obfsproxy are configured, and we receive HUP signals or configuration values too rapidly. This situation happens most commonly when Vidalia tries to attach to Tor or tries to configure the Tor it's attached to. Fixes bug 5084; bugfix on 0.2.3.6-alpha.
Properly set up obfsproxy's environment when in managed mode. The Tor Browser Bundle needs LD_LIBRARY_PATH to be passed to obfsproxy, and when you run your Tor as a daemon, there's no HOME. Fixes bugs 5076 and 5082; bugfix on 0.2.3.6-alpha.
Minor features:
Use the dead_strip option when building Tor on OS X. This reduces binary size by almost 19% when linking openssl and libevent statically, which we do for Tor Browser Bundle.
Fix broken URLs in the sample torrc file, and tell readers about the OutboundBindAddress, ExitPolicyRejectPrivate, and PublishServerDescriptor options. Addresses bug 4652.
Update to the February 7 2012 Maxmind GeoLite Country database.
Minor bugfixes:
Downgrade the "We're missing a certificate" message from notice to info: people kept mistaking it for a real problem, whereas it is seldom the problem even when we are failing to bootstrap. Fixes bug 5067; bugfix on 0.2.0.10-alpha.
Don't put "TOR_PT_EXTENDED_SERVER_PORT=127.0.0.1:4200" in a managed pluggable transport server proxy's environment. Previously, we would put it there, even though Tor doesn't implement an 'extended server port' yet, and even though Tor almost certainly isn't listening at that address. For now, we set it to an empty string to avoid crashing older obfsproxies. Bugfix on 0.2.3.6-alpha.
Log the heartbeat message every HeartbeatPeriod seconds, not every HeartbeatPeriod + 1 seconds. Fixes bug 4942; bugfix on 0.2.3.1-alpha. Bug reported by Scott Bennett.
Calculate absolute paths correctly on Windows. Fixes bug 4973; bugfix on 0.2.3.11-alpha.
Update "ClientOnly" man page entry to explain that there isn't really any point to messing with it. Resolves ticket 5005.
Use the correct CVE number for CVE-2011-4576 in our comments and log messages. Found by "fermenthor". Resolves bug 5066; bugfix on 0.2.3.11-alpha.
Code simplifications and refactoring:
Use the _WIN32 macro throughout our code to detect Windows. (Previously we had used the obsolete 'WIN32' and the idiosyncratic 'MS_WINDOWS'.)

New in Tor (Expert Bundle) 0.2.3.10 Alpha (Dec 17, 2011)

New in Tor (Expert Bundle) 0.2.2.35 (Dec 17, 2011)

Major bugfixes:
Fix a heap overflow bug that could occur when trying to pull data into the first chunk of a buffer, when that chunk had already had some data drained from it. Fixes CVE-2011-2778; bugfix on 0.2.0.16-alpha. Reported by "Vektor".
Initialize Libevent with the EVENT_BASE_FLAG_NOLOCK flag enabled, so that it doesn't attempt to allocate a socketpair. This could cause some problems on Windows systems with overzealous firewalls. Fix for bug 4457; workaround for Libevent versions 2.0.1-alpha through 2.0.15-stable.
If we mark an OR connection for close based on a cell we process, don't process any further cells on it. We already avoid further reads on marked-for-close connections, but now we also discard the cells we'd already read. Fixes bug 4299; bugfix on 0.2.0.10-alpha, which was the first version where we might mark a connection for close based on processing a cell on it.
Correctly sanity-check that we don't underflow on a memory allocation (and then assert) for hidden service introduction point decryption. Bug discovered by Dan Rosenberg. Fixes bug 4410; bugfix on 0.2.1.5-alpha.
Fix a memory leak when we check whether a hidden service descriptor has any usable introduction points left. Fixes bug 4424. Bugfix on 0.2.2.25-alpha.
Don't crash when we're running as a relay and don't have a GeoIP file. Bugfix on 0.2.2.34; fixes bug 4340. This backports a fix we've had in the 0.2.3.x branch already.
When running as a client, do not print a misleading (and plain wrong) log message that we're collecting "directory request" statistics: clients don't collect statistics. Also don't create a useless (because empty) stats file in the stats/ directory. Fixes bug 4353; bugfix on 0.2.2.34.
Minor bugfixes:
Detect failure to initialize Libevent. This fix provides better detection for future instances of bug 4457.
Avoid frequent calls to the fairly expensive cull_wedged_cpuworkers function. This was eating up hideously large amounts of time on some busy servers. Fixes bug 4518; bugfix on 0.0.9.8.
Resolve an integer overflow bug in smartlist_ensure_capacity(). Fixes bug 4230; bugfix on Tor 0.1.0.1-rc. Based on a patch by Mansour Moufid.
Don't warn about unused log_mutex in log.c when building with --disable-threads using a recent GCC. Fixes bug 4437; bugfix on 0.1.0.6-rc which introduced --disable-threads.
When configuring, starting, or stopping an NT service, stop immediately after the service configuration attempt has succeeded or failed. Fixes bug 3963; bugfix on 0.2.0.7-alpha.
When sending a NETINFO cell, include the original address received for the other side, not its canonical address. Found by "troll_un"; fixes bug 4349; bugfix on 0.2.0.10-alpha.
Fix a typo in a hibernation-related log message. Fixes bug 4331; bugfix on 0.2.2.23-alpha; found by "tmpname0901".
Fix a memory leak in launch_direct_bridge_descriptor_fetch() that occurred when a client tried to fetch a descriptor for a bridge in ExcludeNodes. Fixes bug 4383; bugfix on 0.2.2.25-alpha.
Backport fixes for a pair of compilation warnings on Windows. Fixes bug 4521; bugfix on 0.2.2.28-beta and on 0.2.2.29-beta.
If we had ever tried to call tor_addr_to_str on an address of unknown type, we would have done a strdup on an uninitialized buffer. Now we won't. Fixes bug 4529; bugfix on 0.2.1.3-alpha. Reported by "troll_un".
Correctly detect and handle transient lookup failures from tor_addr_lookup. Fixes bug 4530; bugfix on 0.2.1.5-alpha. Reported by "troll_un".
Fix null-pointer access that could occur if TLS allocation failed. Fixes bug 4531; bugfix on 0.2.0.20-rc. Found by "troll_un".
Use tor_socket_t type for listener argument to accept(). Fixes bug 4535; bugfix on 0.2.2.28-beta. Found by "troll_un".
Minor features:
Add two new config options for directory authorities: AuthDirFastGuarantee sets a bandwidth threshold for guaranteeing the Fast flag, and AuthDirGuardBWGuarantee sets a bandwidth threshold that is always sufficient to satisfy the bandwidth requirement for the Guard flag. Now it will be easier for researchers to simulate Tor networks with different values. Resolves ticket 4484.
When Tor ignores a hidden service specified in its configuration, include the hidden service's directory in the warning message. Previously, we would only tell the user that some hidden service was ignored. Bugfix on 0.0.6; fixes bug 4426.
Update to the December 6 2011 Maxmind GeoLite Country database.
Packaging changes:
Make it easier to automate expert package builds on Windows, by removing an absolute path from makensis.exe command.

New in Tor (Expert Bundle) 0.2.3.9 Alpha (Dec 16, 2011)

Major features:
Clients can now connect to private bridges over IPv6. Bridges still need at least one IPv4 address in order to connect to other relays. Note that we don't yet handle the case where the user has two bridge lines for the same bridge (one IPv4, one IPv6). Implements parts of proposal 186.
New "DisableNetwork" config option to prevent Tor from launching any connections or accepting any connections except on a control port. Bundles and controllers can set this option before letting Tor talk to the rest of the network, for example to prevent any connections to a non-bridge address. Packages like Orbot can also use this option to instruct Tor to save power when the network is off.
Clients and bridges can now be configured to use a separate "transport" proxy. This approach makes the censorship arms race easier by allowing bridges to use protocol obfuscation plugins. It implements the "managed proxy" part of proposal 180 (ticket 3472).
When using OpenSSL 1.0.0 or later, use OpenSSL's counter mode implementation. It makes AES_CTR about 7% faster than our old one (which was about 10% faster than the one OpenSSL used to provide). Resolves ticket 4526.
Add a "tor2web mode" for clients that want to connect to hidden services non-anonymously (and possibly more quickly). As a safety measure to try to keep users from turning this on without knowing what they are doing, tor2web mode must be explicitly enabled at compile time, and a copy of Tor compiled to run in tor2web mode cannot be used as a normal Tor client. Implements feature 2553.
Add experimental support for running on Windows with IOCP and no kernel-space socket buffers. This feature is controlled by a new "UserspaceIOCPBuffers" config option (off by default), which has no effect unless Tor has been built with support for bufferevents, is running on Windows, and has enabled IOCP. This may, in the long run, help solve or mitigate bug 98.
Use a more secure consensus parameter voting algorithm. Now at least three directory authorities or a majority of them must vote on a given parameter before it will be included in the consensus. Implements proposal 178.
Major bugfixes:
Hidden services now ignore the timestamps on INTRODUCE2 cells. They used to check that the timestamp was within 30 minutes of their system clock, so they could cap the size of their replay-detection cache, but that approach unnecessarily refused service to clients with wrong clocks. Bugfix on 0.2.1.6-alpha, when the v3 intro-point protocol (the first one which sent a timestamp field in the INTRODUCE2 cell) was introduced; fixes bug 3460.
Only use the EVP interface when AES acceleration is enabled, to avoid a 5-7% performance regression. Resolves issue 4525; bugfix on 0.2.3.8-alpha.
Privacy/anonymity features (bridge detection):
Make bridge SSL certificates a bit more stealthy by using random serial numbers, in the same fashion as OpenSSL when generating self-signed certificates. Implements ticket 4584.
Introduce a new config option "DynamicDHGroups", enabled by default, which provides each bridge with a unique prime DH modulus to be used during SSL handshakes. This option attempts to help against censors who might use the Apache DH modulus as a static identifier for bridges. Addresses ticket 4548.
Minor features (new/different config options):
New configuration option "DisableDebuggerAttachment" (on by default) to prevent basic debugging attachment attempts by other processes. Supports Mac OS X and Gnu/Linux. Resolves ticket 3313.
Allow MapAddress directives to specify matches against super-domains, as in "MapAddress *.torproject.org *.torproject.org.torserver.exit". Implements issue 933.
Slightly change behavior of "list" options (that is, config options that can appear more than once) when they appear both in torrc and on the command line. Previously, the command-line options would be appended to the ones from torrc. Now, the command-line options override the torrc options entirely. This new behavior allows the user to override list options (like exit policies and ports to listen on) from the command line, rather than simply appending to the list.
You can get the old (appending) command-line behavior for "list" options by prefixing the option name with a "+".
You can remove all the values for a "list" option from the command line without adding any new ones by prefixing the option name with a "/".
Add experimental support for a "defaults" torrc file to be parsed before the regular torrc. Torrc options override the defaults file's options in the same way that the command line overrides the torrc.
The SAVECONF controller command saves only those options which differ between the current configuration and the defaults file. HUP reloads both files. (Note: This is an experimental feature; its behavior will probably be refined in future 0.2.3.x-alpha versions to better meet packagers' needs.)
Minor features:
Try to make the introductory warning message that Tor prints on startup more useful for actually finding help and information. Resolves ticket 2474.
Running "make version" now displays the version of Tor that we're about to build. Idea from katmagic; resolves issue 4400.
Expire old or over-used hidden service introduction points. Required by fix for bug 3460.
Move the replay-detection cache for the RSA-encrypted parts of INTRODUCE2 cells to the introduction point data structures. Previously, we would use one replay-detection cache per hidden service. Required by fix for bug 3460.
Reduce the lifetime of elements of hidden services' Diffie-Hellman public key replay-detection cache from 60 minutes to 5 minutes. This replay-detection cache is now used only to detect multiple INTRODUCE2 cells specifying the same rendezvous point, so we can avoid launching multiple simultaneous attempts to connect to it.
Minor bugfixes (on Tor 0.2.2.x and earlier):
Resolve an integer overflow bug in smartlist_ensure_capacity(). Fixes bug 4230; bugfix on Tor 0.1.0.1-rc. Based on a patch by Mansour Moufid.
Fix a minor formatting issue in one of tor-gencert's error messages. Fixes bug 4574.
Prevent a false positive from the check-spaces script, by disabling the "whitespace between function name and (" check for functions named 'op()'.
Fix a log message suggesting that people contact a non-existent email address. Fixes bug 3448.
Fix null-pointer access that could occur if TLS allocation failed. Fixes bug 4531; bugfix on 0.2.0.20-rc. Found by "troll_un".
Report a real bootstrap problem to the controller on router identity mismatch. Previously we just said "foo", which probably made a lot of sense at the time. Fixes bug 4169; bugfix on 0.2.1.1-alpha.
If we had ever tried to call tor_addr_to_str() on an address of unknown type, we would have done a strdup() on an uninitialized buffer. Now we won't. Fixes bug 4529; bugfix on 0.2.1.3-alpha. Reported by "troll_un".
Correctly detect and handle transient lookup failures from tor_addr_lookup(). Fixes bug 4530; bugfix on 0.2.1.5-alpha. Reported by "troll_un".
Use tor_socket_t type for listener argument to accept(). Fixes bug 4535; bugfix on 0.2.2.28-beta. Found by "troll_un".
Initialize conn->addr to a valid state in spawn_cpuworker(). Fixes bug 4532; found by "troll_un".
Minor bugfixes (on Tor 0.2.3.x):
Fix a compile warning in tor_inet_pton(). Bugfix on 0.2.3.8-alpha; fixes bug 4554.
Don't send two ESTABLISH_RENDEZVOUS cells when opening a new circuit for use as a hidden service client's rendezvous point. Fixes bugs 4641 and 4171; bugfix on 0.2.3.3-alpha. Diagnosed with help from wanoskarnet.
Restore behavior of overriding SocksPort, ORPort, and similar options from the command line. Bugfix on 0.2.3.3-alpha.
Build fixes:
Properly handle the case where the build-tree is not the same as the source tree when generating src/common/common_sha1.i, src/or/micro-revision.i, and src/or/or_sha1.i. Fixes bug 3953; bugfix on 0.2.0.1-alpha.
Code simplifications, cleanups, and refactorings:
Remove the pure attribute from all functions that used it previously. In many cases we assigned it incorrectly, because the functions might assert or call impure functions, and we don't have evidence that keeping the pure attribute is worthwhile. Implements changes suggested in ticket 4421.
Remove some dead code spotted by coverity. Fixes cid 432. Bugfix on 0.2.3.1-alpha, closes bug 4637.

New in Tor (Expert Bundle) 0.2.2.34-1 (Oct 31, 2011)

Privacy/anonymity fixes (clients):
Clients and bridges no longer send TLS certificate chains on outgoing OR
connections. Previously, each client or bridge would use the same cert chain
for all outgoing OR connections until its IP address changes, which allowed any
relay that the client or bridge contacted to determine which entry guards it is
using. Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
If a relay receives a CREATE_FAST cell on a TLS connection, it no longer
considers that connection as suitable for satisfying a circuit EXTEND request.
Now relays can protect clients from the CVE-2011-2768 issue even if the clients
haven't upgraded yet.
Directory authorities no longer assign the Guard flag to relays that
haven't upgraded to the above "refuse EXTEND requests to client connections"
fix. Now directory authorities can protect clients from the CVE-2011-2768 issue
even if neither the clients nor the relays have upgraded yet. There's a new
"GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays" config option to let us
transition smoothly, else tomorrow there would be no guard relays.
Privacy/anonymity fixes (bridge enumeration):
Bridge relays now do their directory fetches inside Tor TLS connections,
like all the other clients do, rather than connecting directly to the DirPort
like public relays do. Removes another avenue for enumerating bridges. Fixes
bug 4115; bugfix on 0.2.0.35.
Bridges relays now build circuits for themselves in a more similar way to
how clients build them. Removes another avenue for enumerating bridges. Fixes
bug 4124; bugfix on 0.2.0.3-alpha, when bridges were introduced.
Bridges now refuse CREATE or CREATE_FAST cells on OR connections that they
initiated. Relays could distinguish incoming bridge connections from client
connections, creating another avenue for enumerating bridges. Fixes
CVE-2011-2769. Bugfix on 0.2.0.3-alpha. Found by "frosty_un".
Major bugfixes:
Fix a crash bug when changing node restrictions while a DNS lookup is
in-progress. Fixes bug 4259; bugfix on 0.2.2.25-alpha. Bugfix by "Tey'".
Don't launch a useless circuit after failing to use one of a hidden
service's introduction points. Previously, we would launch a new introduction
circuit, but not set the hidden service which that circuit was intended to
connect to, so it would never actually be used. A different piece of code would
then create a new introduction circuit correctly. Bug reported by katmagic and
found by Sebastian Hahn. Bugfix on 0.2.1.13-alpha; fixes bug 4212.
Minor bugfixes:
Change an integer overflow check in the OpenBSD_Malloc code so that GCC is
less likely to eliminate it as impossible. Patch from Mansour Moufid. Fixes bug
4059.
When a hidden service turns an extra service-side introduction circuit into
a general-purpose circuit, free the rend_data and intro_key fields first, so we
won't leak memory if the circuit is cannibalized for use as another
service-side introduction circuit. Bugfix on 0.2.1.7-alpha; fixes bug
4251.
Bridges now skip DNS self-tests, to act a little more stealthily. Fixes
bug 4201; bugfix on 0.2.0.3-alpha, which first introduced bridges. Patch by
"warms0x".
Fix internal bug-checking logic that was supposed to catch failures in
digest generation so that it will fail more robustly if we ask for a
nonexistent algorithm. Found by Coverity Scan. Bugfix on 0.2.2.1-alpha; fixes
Coverity CID 479.
Report any failure in init_keys() calls launched because our IP address has
changed. Spotted by Coverity Scan. Bugfix on 0.1.1.4-alpha; fixes CID 484.
Minor bugfixes (log messages and documentation):
Remove a confusing dollar sign from the example fingerprint in the man
page, and also make the example fingerprint a valid one. Fixes bug 4309; bugfix
on 0.2.1.3-alpha.
The next version of Windows will be called Windows 8, and it has a major
version of 6, minor version of 2. Correctly identify that version instead of
calling it "Very recent version". Resolves ticket 4153; reported by
funkstar.
Downgrade log messages about circuit timeout calibration from "notice" to
"info": they don't require or suggest any human intervention. Patch from Tom
Lowenthal. Fixes bug 4063; bugfix on 0.2.2.14-alpha.
Minor features:
Turn on directory request statistics by default and include them in
extra-info descriptors. Don't break if we have no GeoIP database. Backported
from 0.2.3.1-alpha; implements ticket 3951.
Update to the October 4 2011 Maxmind GeoLite Country database.

New in Tor (Expert Bundle) 0.2.2.33-2 (Oct 1, 2011)

New in Tor (Expert Bundle) 0.2.2.33 (Sep 21, 2011)

Major bugfixes:
Avoid an assertion failure when reloading a configuration with TrackExitHosts changes. Found and fixed by 'laruldan'. Fixes bug 3923; bugfix on 0.2.2.25-alpha.
Minor features (security):
Check for replays of the public-key encrypted portion of an INTRODUCE1 cell, in addition to the current check for replays of the g^x value. This prevents a possible class of active attacks by an attacker who controls both an introduction point and a rendezvous point, and who uses the malleability of AES-CTR to alter the encrypted g^x portion of the INTRODUCE1 cell. We think that these attacks are infeasible (requiring the attacker to send on the order of zettabytes of altered cells in a short interval), but we'd rather block them off in case there are any classes of this attack that we missed. Reported by Willem Pinckaers.
Minor features:
Adjust the expiration time on our SSL session certificates to better match SSL certs seen in the wild. Resolves ticket 4014.
Change the default required uptime for a relay to be accepted as a HSDir (hidden service directory) from 24 hours to 25 hours. Improves on 0.2.0.10-alpha; resolves ticket 2649.
Add a VoteOnHidServDirectoriesV2 config option to allow directory authorities to abstain from voting on assignment of the HSDir consensus flag. Related to bug 2649.
Update to the September 6 2011 Maxmind GeoLite Country database.
Minor bugfixes (documentation and log messages):
Correct the man page to explain that HashedControlPassword and CookieAuthentication can both be set, in which case either method is sufficient to authenticate to Tor. Bugfix on 0.2.0.7-alpha, when we decided to allow these config options to both be set. Issue raised by bug 3898.
Demote the 'replay detected' log message emitted when a hidden service receives the same Diffie-Hellman public key in two different INTRODUCE2 cells to info level. A normal Tor client can cause that log message during its normal operation. Bugfix on 0.2.1.6-alpha; fixes part of bug 2442.
Demote the 'INTRODUCE2 cell is too {old,new}' log message to info level. There is nothing that a hidden service's operator can do to fix its clients' clocks. Bugfix on 0.2.1.6-alpha; fixes part of bug 2442.
Clarify a log message specifying the characters permitted in HiddenServiceAuthorizeClient client names. Previously, the log message said that "[A-Za-z0-9+-_]" were permitted; that could have given the impression that every ASCII character between "+" and "_" was permitted. Now we say "[A-Za-z0-9+_-]". Bugfix on 0.2.1.5-alpha.
Build fixes:
Provide a substitute implementation of lround() for MSVC, which apparently lacks it. Patch from Gisle Vanem.
Clean up some code issues that prevented Tor from building on older BSDs. Fixes bug 3894; reported by "grarpamp".
Search for a platform-specific version of "ar" when cross-compiling. Should fix builds on iOS. Resolves bug 3909, found by Marco Bonetti.

New in Tor (Expert Bundle) 0.2.2.21 Alpha (Jan 18, 2011)

Major bugfixes (security), alsincluded in 0.2.1.29:
Fix a heap overflow bug where an adversary could cause heap corruption. This bug probably allows remote code execution attacks. Reported by "debuger". Fixes CVE-2011-0427. Bugfix on 0.1.2.10-rc.
Prevent a denial-of-service attack by disallowing any zlib-compressed data whose compression factor is implausibly high. Fixes part of bug 2324; reported by "doorss".
Zerout a few more keys in memory before freeing them. Fixes bug 2384 and part of bug 2385. These key instances found by "cypherpunks", based on Andrew Case's report about being able tfind sensitive data in Tor's memory space if you have enough permissions. Bugfix on 0.0.2pre9.
Major bugfixes (crashes), alsincluded in 0.2.1.29:
Prevent calls tLibevent from inside Libevent log handlers. This had potential tcause a nasty set of crashes, especially if running Libevent with debug logging enabled, and running Tor with a controller watching for low-severity log messages. Bugfix on 0.1.0.2-rc. Fixes bug 2190.
Add a check for SIZE_T_MAX ttor_realloc() ttry tavoid underflow errors there too. Fixes the other part of bug 2324.
Fix a bug where we would assert if we ever had a cached-descriptors.new file (or another file read directly intmemory) of exactly SIZE_T_CEILING bytes. Fixes bug 2326; bugfix on 0.2.1.25. Found by doorss.
Fix some potential asserts and parsing issues with grossly malformed router caches. Fixes bug 2352; bugfix on Tor 0.2.1.27. Found by doorss.
Minor bugfixes (other), alsincluded in 0.2.1.29:
Fix a bug with handling misformed replies treverse DNS lookup requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related ta bug reported by doorss.
Fix compilation on mingw when a pthreads compatibility library has been installed. (We don't want tuse it, swe shouldn't be including pthread.h.) Fixes bug 2313; bugfix on 0.1.0.1-rc.
Fix a bug where we would declare that we had run out of virtual addresses when the address space was only half-exhausted. Bugfix on 0.1.2.1-alpha.
Correctly handle the case where AutomapHostsOnResolve is set but nvirtual addresses are available. Fixes bug 2328; bugfix on 0.1.2.1-alpha. Bug found by doorss.
Correctly handle wrapping around twhen we run out of virtual address space. Found by cypherpunks, bugfix on 0.2.0.5-alpha.
The 0.2.1.28 tarball was missing src/common/OpenBSD_malloc_Linux.c because we built it with a too-old version of automake. Thus that release broke ./configure --enable-openbsd-malloc, which is popular among really fast exit relays on Linux.
Minor features, alsincluded in 0.2.1.29:
Update tthe January 1 2011 Maxmind GeoLite Country database.
Introduce output size checks on all of our decryption functions.
Build changes, alsincluded in 0.2.1.29:
Tor does not build packages correctly with Automake 1.6 and earlier; added a check tMakefile.am tmake sure that we're building with Automake 1.7 or later.
Major bugfixes, new in 0.2.2.21-alpha:
Prevent crash/heap corruption when the cbtnummodes consensus parameter is set t0 or large values. Fixes bug 2317; bugfix on 0.2.2.14-alpha.
Major features, new in 0.2.2.21-alpha:
Introduce minimum/maximum values that clients will believe from the consensus. Now we'll have a better chance tavoid crashes or worse when a consensus param has a weird value.
Minor features, new in 0.2.2.21-alpha:
Make sure tdisable DirPort if running as a bridge. DirPorts aren't used on bridges, and it makes bridge scanning somewhat easier.
If writing the state file tdisk fails, wait up tan hour before retrying again, rather than trying again each second. Fixes bug 2346; bugfix on Tor 0.1.1.3-alpha.
Make Libevent log messages get delivered tcontrollers later, and not from inside the Libevent log handler. This prevents unsafe reentrant Libevent calls while still letting the log messages get through.
Detect platforms that brokenly use a signed size_t, and refuse tbuild there. Found and analyzed by doorss and rransom.
Fix a bunch of compile warnings revealed by mingw with gcc 4.5. Resolves bug 2314.
Minor bugfixes, new in 0.2.2.21-alpha:
Handle SOCKS messages longer than 128 bytes long correctly, rather than waiting forever for them tfinish. Fixes bug 2330; bugfix on 0.2.0.16-alpha. Found by doorss.
Add assertions tcheck for overflow in arguments tbase32_encode() and base32_decode(); fix a signed-unsigned comparison there too. These bugs are not actually reachable in Tor, but it's good tprevent future errors too. Found by doorss.
Correctly detect failures tcreate DNS requests when using Libevent versions before v2. (Before Libevent 2, we used our own evdns implementation. Its return values for Libevent's evdns_resolve_*() functions are not consistent with those from Libevent.) Fixes bug 2363; bugfix on 0.2.2.6-alpha. Found by "lodger".
Documentation, new in 0.2.2.21-alpha:
Document the default socks host and port (127.0.0.1:9050) for tor-resolve.

New in Tor (Expert Bundle) 0.2.1.29 Stable (Jan 18, 2011)

Major bugfixes (security):
Fix a heap overflow bug where an adversary could cause heap corruption. This bug probably allows remote code execution attacks. Reported by "debuger". Fixes CVE-2011-0427. Bugfix on 0.1.2.10-rc.
Prevent a denial-of-service attack by disallowing any zlib-compressed data whose compression factor is implausibly high. Fixes part of bug 2324; reported by "doorss".
Zerout a few more keys in memory before freeing them. Fixes bug 2384 and part of bug 2385. These key instances found by "cypherpunks", based on Andrew Case's report about being able tfind sensitive data in Tor's memory space if you have enough permissions. Bugfix on 0.0.2pre9.
Major bugfixes (crashes):
Prevent calls tLibevent from inside Libevent log handlers. This had potential tcause a nasty set of crashes, especially if running Libevent with debug logging enabled, and running Tor with a controller watching for low-severity log messages. Bugfix on 0.1.0.2-rc. Fixes bug 2190.
Add a check for SIZE_T_MAX ttor_realloc() ttry tavoid underflow errors there too. Fixes the other part of bug 2324.
Fix a bug where we would assert if we ever had a cached-descriptors.new file (or another file read directly intmemory) of exactly SIZE_T_CEILING bytes. Fixes bug 2326; bugfix on 0.2.1.25. Found by doorss.
Fix some potential asserts and parsing issues with grossly malformed router caches. Fixes bug 2352; bugfix on Tor 0.2.1.27. Found by doorss.
Minor bugfixes (other):
Fix a bug with handling misformed replies treverse DNS lookup requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related ta bug reported by doorss.
Fix compilation on mingw when a pthreads compatibility library has been installed. (We don't want tuse it, swe shouldn't be including pthread.h.) Fixes bug 2313; bugfix on 0.1.0.1-rc.
Fix a bug where we would declare that we had run out of virtual addresses when the address space was only half-exhausted. Bugfix on 0.1.2.1-alpha.
Correctly handle the case where AutomapHostsOnResolve is set but nvirtual addresses are available. Fixes bug 2328; bugfix on 0.1.2.1-alpha. Bug found by doorss.
Correctly handle wrapping around twhen we run out of virtual address space. Found by cypherpunks, bugfix on 0.2.0.5-alpha.
The 0.2.1.28 tarball was missing src/common/OpenBSD_malloc_Linux.c because we built it with a too-old version of automake. Thus that release broke ./configure --enable-openbsd-malloc, which is popular among really fast exit relays on Linux.
Minor features:
Update tthe January 1 2011 Maxmind GeoLite Country database.
Introduce output size checks on all of our decryption functions.
Build changes:
Tor does not build packages correctly with Automake 1.6 and earlier; added a check tMakefile.am tmake sure that we're building with Automake 1.7 or later.

New in Tor (Expert Bundle) 0.2.2.20 Alpha (Dec 21, 2010)

Major bugfixes:
Fix a remotely exploitable bug that could be used to crash instances of Tor remotely by overflowing on the heap. Remote-code execution hasn't been confirmed, but can't be ruled out. Everyone should upgrade. Bugfix on the 0.1.1 series and later.
Fix a bug that could break accounting on 64-bit systems with large time_t values, making them hibernate for impossibly long intervals. Fixes bug 2146. Bugfix on 0.0.9pre6.
Fix a logic error in directory_fetches_from_authorities() that would cause all _non_-exits refusing single-hop-like circuits to fetch from authorities, when we wanted to have _exits_ fetch from authorities. Fixes more of 2097. Bugfix on 0.2.2.16-alpha.
Fix a stream fairness bug that would cause newer streams on a given circuit to get preference when reading bytes from the origin or destination. Fixes bug 2210. This bug was introduced before the first Tor release, in svn revision r152.
Directory authority changes:
Change IP address and ports for gabelmoo (v3 directory authority).
Minor bugfixes:
Avoid crashes when AccountingMax is set on clients. Fixes bug 2235. Bugfix on 0.2.2.18-alpha.
Fix an off-by-one error in calculating some controller command argument lengths. Fortunately, this mistake is harmless since the controller code does redundant NUL termination too. Bugfix on 0.1.1.1-alpha.
Do not dereference NULL if a bridge fails to build its extra-info descriptor. Bugfix on 0.2.2.19-alpha.
Minor features:
Update to the December 1 2010 Maxmind GeoLite Country database.
Directory authorities now reject relays running any versions of Tor between 0.2.1.3-alpha and 0.2.1.18 inclusive; they have known bugs that keep RELAY_EARLY cells from working on rendezvous circuits. Followup to fix for bug 2081.
Directory authorities now reject relays running any version of Tor older than 0.2.0.26-rc. That version is the earliest that fetches current directory information correctly. Fixes bug 2156.
Report only the top 10 ports in exit-port stats in order not to exceed the maximum extra-info descriptor length of 50 KB. Implements task 2196.

New in Tor (Expert Bundle) 0.2.1.28 (Dec 21, 2010)

New in Tor (Expert Bundle) 0.2.1.21 Stable (Dec 29, 2009)

New in Tor (Expert Bundle) 0.2.1.19 Beta (Aug 18, 2009)

New in Tor (Expert Bundle) 0.2.0.35 (Jun 26, 2009)

New in Tor (Expert Bundle) 0.2.0.34 (Feb 10, 2009)

New in Tor (Expert Bundle) 0.2.0.6 Alpha / 0.1.2.16 (Aug 27, 2007)

New in Tor (Expert Bundle) 0.1.2.8 Beta (Mar 1, 2007)

o Major bugfixes (crashes):
- Stop crashing when the controller asks us to resetconf more than
one config option at once. (Vidalia 0.0.11 does this.)
- Fix a crash that happened on Win98 when we're given command-line
arguments: don't try to load NT service functions from advapi32.dll
except when we need them. (Bug introduced in 0.1.2.7-alpha;
resolves bug 389.)
- Fix a longstanding obscure crash bug that could occur when
we run out of DNS worker processes. (Resolves bug 390.)
o Major bugfixes (hidden services):
- Correctly detect whether hidden service descriptor downloads are
in-progress. (Suggested by Karsten Loesing; fixes bug 399.)
o Major bugfixes (accounting):
- When we start during an accounting interval before it's time to wake
up, remember to wake up at the correct time. (May fix bug 342.)
o Minor bugfixes (controller):
- Give the controller END_STREAM_REASON_DESTROY events _before_ we
clear the corresponding on_circuit variable, and remember later
that we don't need to send a redundant CLOSED event. (Resolves part
3 of bug 367.)
- Report events where a resolve succeeded or where we got a socks
protocol error correctly, rather than calling both of them
"INTERNAL".
- Change reported stream target addresses to IP consistently when
we finally get the IP from an exit node.
- Send log messages to the controller even if they happen to be very
long.
o Minor bugfixes (other):
- Display correct results when reporting which versions are
recommended, and how recommended they are. (Resolves bug 383.)
- Improve our estimates for directory bandwidth to be less random:
guess that an unrecognized directory will have the average bandwidth
from all known directories, not that it will have the average
bandwidth from those directories earlier than it on the list.
- If we start a server with ClientOnly 1, then set ClientOnly to 0
and hup, stop triggering an assert based on an empty onion_key.
- On platforms with no working mmap() equivalent, don't warn the
user when cached-routers doesn't exist.
- Warn the user when mmap() [or its equivalent] fails for some reason
other than file-not-found.
- Don't warn the user when cached-routers.new doesn't exist: that's
perfectly fine when starting up for the first time.
- When EntryNodes are configured, rebuild the guard list to contain,
in order: the EntryNodes that were guards before; the rest of the
EntryNodes; the nodes that were guards before.
- Mask out all signals in sub-threads; only the libevent signal
handler should be processing them. This should prevent some crashes
on some machines using pthreads. (Patch from coderman.)
- Fix switched arguments on memset in the implementation of
tor_munmap() for systems with no mmap() call.
- When Tor receives a router descriptor that it asked for, but
no longer wants (because it has received fresh networkstatuses
in the meantime), do not warn the user. Cache the descriptor if
we're a cache; drop it if we aren't.
- Make earlier entry guards _really_ get retried when the network
comes back online.
- On a malformed DNS reply, always give an error to the corresponding
DNS request.
- Build with recent libevents on platforms that do not define the
nonstandard types "u_int8_t" and friends.
o Minor features (controller):
- Warn the user when an application uses the obsolete binary v0
control protocol. We're planning to remove support for it during
the next development series, so it's good to give people some
advance warning.
- Add STREAM_BW events to report per-entry-stream bandwidth
use. (Patch from Robert Hogan.)
- Rate-limit SIGNEWNYM signals in response to controllers that
impolitely generate them for every single stream. (Patch from
mwenge; closes bug 394.)
- Make REMAP stream events have a SOURCE (cache or exit), and
make them generated in every case where we get a successful
connected or resolved cell.
o Minor bugfixes (performance):
- Call router_have_min_dir_info half as often. (This is showing up in
some profiles, but not others.)
- When using GCC, make log_debug never get called at all, and its
arguments never get evaluated, when no debug logs are configured.
(This is showing up in some profiles, but not others.)
o Minor features:
- Remove some never-implemented options. Mark PathlenCoinWeight as
obsolete.
- Implement proposal 106: Stop requiring clients to have well-formed
certificates; stop checking nicknames in certificates. (Clients
have certificates so that they can look like Tor servers, but in
the future we might want to allow them to look like regular TLS
clients instead. Nicknames in certificates serve no purpose other
than making our protocol easier to recognize on the wire.)
- Revise messages on handshake failure again to be even more clear about
which are incoming connections and which are outgoing.
- Discard any v1 directory info that's over 1 month old (for
directories) or over 1 week old (for running-routers lists).
- Do not warn when individual nodes in the configuration's EntryNodes,
ExitNodes, etc are down: warn only when all possible nodes
are down. (Fixes bug 348.)
- Always remove expired routers and networkstatus docs before checking
whether we have enough information to build circuits. (Fixes
bug 373.)
- Put a lower-bound on MaxAdvertisedBandwidth.

Tor (Expert Bundle) Changelog

What's new in Tor (Expert Bundle) 0.4.7.8

New in Tor (Expert Bundle) 0.4.7.7 (May 31, 2022)

New in Tor (Expert Bundle) 0.4.7.5 Alpha (Apr 27, 2022)

New in Tor (Expert Bundle) 0.4.7.4 Alpha (Mar 14, 2022)

New in Tor (Expert Bundle) 0.4.6.10 (Mar 14, 2022)

New in Tor (Expert Bundle) 0.4.5.9 (Jun 22, 2021)

New in Tor (Expert Bundle) 0.4.5.8 (Jun 6, 2021)

New in Tor (Expert Bundle) 0.4.6.2 Alpha (Apr 27, 2021)

New in Tor (Expert Bundle) 0.4.5.6 (Feb 25, 2021)

New in Tor (Expert Bundle) 0.4.4.6 (Nov 20, 2020)

New in Tor (Expert Bundle) 0.4.4.5 (Nov 20, 2020)

New in Tor (Expert Bundle) 0.4.4.2 Alpha (Jul 29, 2020)

New in Tor (Expert Bundle) 0.4.3.6 (Jul 29, 2020)

New in Tor (Expert Bundle) 0.4.2.6 (Feb 12, 2020)

New in Tor (Expert Bundle) 0.4.2.5 (Jan 6, 2020)

New in Tor (Expert Bundle) 0.4.2.3 Alpha (Nov 15, 2019)

New in Tor (Expert Bundle) 0.4.1.5 (Aug 21, 2019)

New in Tor (Expert Bundle) 0.4.0.5 (Jul 10, 2019)

New in Tor (Expert Bundle) 0.4.0.4 RC (Apr 15, 2019)

New in Tor (Expert Bundle) 0.3.5.7 Alpha (Jan 8, 2019)

New in Tor (Expert Bundle) 0.3.5.5 Alpha (Dec 12, 2018)

New in Tor (Expert Bundle) 0.3.5.3 Alpha (Nov 19, 2018)

New in Tor (Expert Bundle) 0.3.4.8 (Sep 20, 2018)

New in Tor (Expert Bundle) 0.3.3.7 (Jun 26, 2018)

New in Tor (Expert Bundle) 0.3.3.5 RC (Apr 19, 2018)

New in Tor (Expert Bundle) 0.3.3.3 Alpha (Mar 23, 2018)

New in Tor (Expert Bundle) 0.3.3.2 Alpha (Mar 2, 2018)

New in Tor (Expert Bundle) 0.3.2.9 Alpha (Feb 11, 2018)

New in Tor (Expert Bundle) 0.3.0.8 (Jun 14, 2017)

New in Tor (Expert Bundle) 0.2.9.10 (May 8, 2017)

New in Tor (Expert Bundle) 0.2.9.5 Alpha (Nov 8, 2016)

New in Tor (Expert Bundle) 0.2.9.4 Alpha (Oct 18, 2016)

New in Tor (Expert Bundle) 0.2.9.3 Alpha (Oct 18, 2016)

New in Tor (Expert Bundle) 0.2.8.7 (Oct 18, 2016)

New in Tor (Expert Bundle) 0.2.9.2 Alpha (Oct 18, 2016)

New in Tor (Expert Bundle) 0.2.9.1 Alpha (Aug 16, 2016)

New in Tor (Expert Bundle) 0.2.8.6 (Aug 16, 2016)

New in Tor (Expert Bundle) 0.2.8.5 RC (Jul 7, 2016)

New in Tor (Expert Bundle) 0.2.9.1 Alpha (May 27, 2016)

New in Tor (Expert Bundle) 0.2.4.15 RC (Jul 9, 2013)

New in Tor (Expert Bundle) 0.2.4.12 Alpha (Apr 30, 2013)

New in Tor (Expert Bundle) 0.2.4.11 Alpha (Apr 7, 2013)

New in Tor (Expert Bundle) 0.2.4.9 Alpha (Feb 9, 2013)

New in Tor (Expert Bundle) 0.2.4.7 Alpha (Jan 7, 2013)

New in Tor (Expert Bundle) 0.2.3.25 (Dec 4, 2012)

New in Tor (Expert Bundle) 0.2.2.39 (Sep 13, 2012)

New in Tor (Expert Bundle) 0.2.2.38 (Aug 31, 2012)

New in Tor (Expert Bundle) 0.2.2.36 (Jun 5, 2012)

New in Tor (Expert Bundle) 0.2.3.12 Alpha (Feb 15, 2012)

New in Tor (Expert Bundle) 0.2.3.10 Alpha (Dec 17, 2011)

New in Tor (Expert Bundle) 0.2.2.35 (Dec 17, 2011)

New in Tor (Expert Bundle) 0.2.3.9 Alpha (Dec 16, 2011)

New in Tor (Expert Bundle) 0.2.2.34-1 (Oct 31, 2011)

New in Tor (Expert Bundle) 0.2.2.33-2 (Oct 1, 2011)

New in Tor (Expert Bundle) 0.2.2.33 (Sep 21, 2011)

New in Tor (Expert Bundle) 0.2.2.21 Alpha (Jan 18, 2011)

New in Tor (Expert Bundle) 0.2.1.29 Stable (Jan 18, 2011)

New in Tor (Expert Bundle) 0.2.2.20 Alpha (Dec 21, 2010)

New in Tor (Expert Bundle) 0.2.1.28 (Dec 21, 2010)

New in Tor (Expert Bundle) 0.2.1.21 Stable (Dec 29, 2009)

New in Tor (Expert Bundle) 0.2.1.19 Beta (Aug 18, 2009)

New in Tor (Expert Bundle) 0.2.0.35 (Jun 26, 2009)

New in Tor (Expert Bundle) 0.2.0.34 (Feb 10, 2009)

New in Tor (Expert Bundle) 0.2.0.6 Alpha / 0.1.2.16 (Aug 27, 2007)

New in Tor (Expert Bundle) 0.1.2.8 Beta (Mar 1, 2007)

New in Tor (Expert Bundle) 0.1.2.7 Alpha (Feb 10, 2007)

New in Tor (Expert Bundle) 0.1.2.6 Alpha (Jan 10, 2007)