release of Tor. If you want to see more detailed descriptions of the
changes in each development snapshot, see the ChangeLog file.
+Changes in version 0.4.1.5 - 2019-08-20
+ This is the first stable release in the 0.4.1.x series. This series
+ adds experimental circuit-level padding, authenticated SENDME cells to
+ defend against certain attacks, and several performance improvements
+ to save on CPU consumption. It fixes bugs in bootstrapping and v3
+ onion services. It also includes numerous smaller features and
+ bugfixes on earlier versions.
+
+ Per our support policy, we will support the 0.4.1.x series for nine
+ months, or until three months after the release of a stable 0.4.2.x:
+ whichever is longer. If you need longer-term support, please stick
+ with 0.3.5.x, which will we plan to support until Feb 2022.
+
+ Below are the changes since 0.4.0.5. For a list of only the changes
+ since 0.4.1.4-rc, see the ChangeLog file.
+
+ o Directory authority changes:
+ - The directory authority "dizum" has a new IP address. Closes
+ ticket 31406.
+
+ o Major features (circuit padding):
+ - Onion service clients now add padding cells at the start of their
+ INTRODUCE and RENDEZVOUS circuits, to make those circuits' traffic
+ look more like general purpose Exit traffic. The overhead for this
+ is 2 extra cells in each direction for RENDEZVOUS circuits, and 1
+ extra upstream cell and 10 downstream cells for INTRODUCE
+ circuits. This feature is only enabled when also supported by the
+ circuit's middle node. (Clients may specify fixed middle nodes
+ with the MiddleNodes option, and may force-disable this feature
+ with the CircuitPadding option.) Closes ticket 28634.
+
+ o Major features (code organization):
+ - Tor now includes a generic publish-subscribe message-passing
+ subsystem that we can use to organize intermodule dependencies. We
+ hope to use this to reduce dependencies between modules that don't
+ need to be related, and to generally simplify our codebase. Closes
+ ticket 28226.
+
+ o Major features (controller protocol):
+ - Controller commands are now parsed using a generalized parsing
+ subsystem. Previously, each controller command was responsible for
+ parsing its own input, which led to strange inconsistencies.
+ Closes ticket 30091.
+
+ o Major features (flow control):
+ - Implement authenticated SENDMEs as detailed in proposal 289. A
+ SENDME cell now includes the digest of the traffic that it
+ acknowledges, so that once an end point receives the SENDME, it
+ can confirm the other side's knowledge of the previous cells that
+ were sent, and prevent certain types of denial-of-service attacks.
+ This behavior is controlled by two new consensus parameters: see
+ the proposal for more details. Fixes ticket 26288.
+
+ o Major features (performance):
+ - Our node selection algorithm now excludes nodes in linear time.
+ Previously, the algorithm was quadratic, which could slow down
+ heavily used onion services. Closes ticket 30307.
+
+ o Major features (performance, RNG):
+ - Tor now constructs a fast secure pseudorandom number generator for
+ each thread, to use when performance is critical. This PRNG is
+ based on AES-CTR, using a buffering construction similar to
+ libottery and the (newer) OpenBSD arc4random() code. It
+ outperforms OpenSSL 1.1.1a's CSPRNG by roughly a factor of 100 for
+ small outputs. Although we believe it to be cryptographically
+ strong, we are only using it when necessary for performance.
+ Implements tickets 29023 and 29536.
+
+ o Major bugfixes (bridges):
+ - Consider our directory information to have changed when our list
+ of bridges changes. Previously, Tor would not re-compute the
+ status of its directory information when bridges changed, and
+ therefore would not realize that it was no longer able to build
+ circuits. Fixes part of bug 29875.
+ - Do not count previously configured working bridges towards our
+ total of working bridges. Previously, when Tor's list of bridges
+ changed, it would think that the old bridges were still usable,
+ and delay fetching router descriptors for the new ones. Fixes part
+ of bug 29875; bugfix on 0.3.0.1-alpha.
+
+ o Major bugfixes (circuit build, guard):
+ - When considering upgrading circuits from "waiting for guard" to
+ "open", always ignore circuits that are marked for close. Otherwise,
+ we can end up in the situation where a subsystem is notified that
+ a closing circuit has just opened, leading to undesirable
+ behavior. Fixes bug 30871; bugfix on 0.3.0.1-alpha.
+
+ o Major bugfixes (onion service reachability):
+ - Properly clean up the introduction point map when circuits change
+ purpose from onion service circuits to pathbias, measurement, or
+ other circuit types. This should fix some service-side instances
+ of introduction point failure. Fixes bug 29034; bugfix
+ on 0.3.2.1-alpha.
+
+ o Major bugfixes (onion service v3):
+ - Fix an unreachable bug in which an introduction point could try to
+ send an INTRODUCE_ACK with a status code that Trunnel would refuse
+ to encode, leading the relay to assert(). We've consolidated the
+ ABI values into Trunnel now. Fixes bug 30454; bugfix
+ on 0.3.0.1-alpha.
+ - Clients can now handle unknown status codes from INTRODUCE_ACK
+ cells. (The NACK behavior will stay the same.) This will allow us
+ to extend status codes in the future without breaking the normal
+ client behavior. Fixes another part of bug 30454; bugfix
+ on 0.3.0.1-alpha.
+
+ o Minor features (authenticated SENDME):
+ - Ensure that there is enough randomness on every circuit to prevent
+ an attacker from successfully predicting the hashes they will need
+ to include in authenticated SENDME cells. At a random interval, if
+ we have not sent randomness already, we now leave some extra space
+ at the end of a cell that we can fill with random bytes. Closes
+ ticket 26846.
+
+ o Minor features (circuit padding logging):
+ - Demote noisy client-side warn logs about circuit padding to protocol
+ warnings. Add additional log messages and circuit ID fields to help
+ with bug 30992 and any other future issues.
+
+ o Minor features (circuit padding):
+ - We now use a fast PRNG when scheduling circuit padding. Part of
+ ticket 28636.
+ - Allow the padding machine designer to pick the edges of their
+ histogram instead of trying to compute them automatically using an
+ exponential formula. Resolves some undefined behavior in the case
+ of small histograms and allows greater flexibility on machine
+ design. Closes ticket 29298; bugfix on 0.4.0.1-alpha.
+ - Allow circuit padding machines to hold a circuit open until they
+ are done padding it. Closes ticket 28780.
+
+ o Minor features (compile-time modules):
+ - Add a "--list-modules" command to print a list of which compile-
+ time modules are enabled. Closes ticket 30452.
+
+ o Minor features (continuous integration):
+ - Our Travis configuration now uses Chutney to run some network
+ integration tests automatically. Closes ticket 29280.
+ - When running coverage builds on Travis, we now set
+ TOR_TEST_RNG_SEED, to avoid RNG-based coverage differences. Part
+ of ticket 28878.
+ - Remove sudo configuration lines from .travis.yml as they are no
+ longer needed with current Travis build environment. Resolves
+ issue 30213.
+ - In Travis, show stem's tor log after failure. Closes ticket 30234.
+
+ o Minor features (controller):
+ - Add onion service version 3 support to the HSFETCH command.
+ Previously, only version 2 onion services were supported. Closes
+ ticket 25417. Patch by Neel Chauhan.
+
+ o Minor features (debugging):
+ - Introduce tor_assertf() and tor_assertf_nonfatal() to enable
+ logging of additional information during assert failure. Now we
+ can use format strings to include information for trouble
+ shooting. Resolves ticket 29662.
+
+ o Minor features (defense in depth):
+ - In smartlist_remove_keeporder(), set unused pointers to NULL, in
+ case a bug causes them to be used later. Closes ticket 30176.
+ Patch from Tobias Stoeckmann.
+ - Tor now uses a cryptographically strong PRNG even for decisions
+ that we do not believe are security-sensitive. Previously, for
+ performance reasons, we had used a trivially predictable linear
+ congruential generator algorithm for certain load-balancing and
+ statistical sampling decisions. Now we use our fast RNG in those
+ cases. Closes ticket 29542.
+
+ o Minor features (developer tools):
+ - Tor's "practracker" test script now checks for files and functions
+ that seem too long and complicated. Existing overlong functions
+ and files are accepted for now, but should eventually be
+ refactored. Closes ticket 29221.
+ - Add some scripts used for git maintenance to scripts/git. Closes
+ ticket 29391.
+ - Call practracker from pre-push and pre-commit git hooks to let
+ developers know if they made any code style violations. Closes
+ ticket 30051.
+ - Add a script to check that each header has a well-formed and
+ unique guard macro. Closes ticket 29756.
+
+ o Minor features (fallback directory list):
+ - Replace the 157 fallbacks originally introduced in Tor 0.3.5.6-rc
+ in December 2018 (of which ~122 were still functional), with a
+ list of 148 fallbacks (70 new, 78 existing, 79 removed) generated
+ in June 2019. Closes ticket 28795.
+
+ o Minor features (geoip):
+ - Update geoip and geoip6 to the June 10 2019 Maxmind GeoLite2
+ Country database. Closes ticket 30852.
+ - Update geoip and geoip6 to the May 13 2019 Maxmind GeoLite2
+ Country database. Closes ticket 30522.
+
+ o Minor features (HTTP tunnel):
+ - Return an informative web page when the HTTPTunnelPort is used as
+ an HTTP proxy. Closes ticket 27821, patch by "eighthave".
+
+ o Minor features (IPv6, v3 onion services):
+ - Make v3 onion services put IPv6 addresses in service descriptors.
+ Before this change, service descriptors only contained IPv4
+ addresses. Implements 26992.
+
+ o Minor features (logging):
+ - Give a more useful assertion failure message if we think we have
+ minherit() but we fail to make a region non-inheritable. Give a
+ compile-time warning if our support for minherit() is incomplete.
+ Closes ticket 30686.
+
+ o Minor features (maintenance):
+ - Add a new "make autostyle" target that developers can use to apply
+ all automatic Tor style and consistency conversions to the
+ codebase. Closes ticket 30539.
+
+ o Minor features (modularity):
+ - The "--disable-module-dirauth" compile-time option now disables
+ even more dirauth-only code. Closes ticket 30345.
+
+ o Minor features (performance):
+ - Use OpenSSL's implementations of SHA3 when available (in OpenSSL
+ 1.1.1 and later), since they tend to be faster than tiny-keccak.
+ Closes ticket 28837.
+
+ o Minor features (testing):
+ - The circuitpadding tests now use a reproducible RNG implementation,
+ so that if a test fails, we can learn why. Part of ticket 28878.
+ - Tor's tests now support an environment variable, TOR_TEST_RNG_SEED,
+ to set the RNG seed for tests that use a reproducible RNG. Part of
+ ticket 28878.
+ - When running tests in coverage mode, take additional care to make
+ our coverage deterministic, so that we can accurately track
+ changes in code coverage. Closes ticket 30519.
+ - Tor's unit test code now contains helper functions to replace the
+ PRNG with a deterministic or reproducible version for testing.
+ Previously, various tests implemented this in various ways.
+ Implements ticket 29732.
+ - We now have a script, cov-test-determinism.sh, to identify places
+ where our unit test coverage has become nondeterministic. Closes
+ ticket 29436.
+ - Check that representative subsets of values of `int` and `unsigned
+ int` can be represented by `void *`. Resolves issue 29537.
+
+ o Minor bugfixes (bridge authority):
+ - Bridge authorities now set bridges as running or non-running when
+ about to dump their status to a file. Previously, they set bridges
+ as running in response to a GETINFO command, but those shouldn't
+ modify data structures. Fixes bug 24490; bugfix on 0.2.0.13-alpha.
+ Patch by Neel Chauhan.
+
+ o Minor bugfixes (channel padding statistics):
+ - Channel padding write totals and padding-enabled totals are now
+ counted properly in relay extrainfo descriptors. Fixes bug 29231;
+ bugfix on 0.3.1.1-alpha.
+
+ o Minor bugfixes (circuit isolation):
+ - Fix a logic error that prevented the SessionGroup sub-option from
+ being accepted. Fixes bug 22619; bugfix on 0.2.7.2-alpha.
+
+ o Minor bugfixes (circuit padding):
+ - Add a "CircuitPadding" torrc option to disable circuit padding.
+ Fixes bug 28693; bugfix on 0.4.0.1-alpha.
+ - Allow circuit padding machines to specify that they do not
+ contribute much overhead, and provide consensus flags and torrc
+ options to force clients to only use these low overhead machines.
+ Fixes bug 29203; bugfix on 0.4.0.1-alpha.
+ - Provide a consensus parameter to fully disable circuit padding, to
+ be used in emergency network overload situations. Fixes bug 30173;
+ bugfix on 0.4.0.1-alpha.
+ - The circuit padding subsystem will no longer schedule padding if
+ dormant mode is enabled. Fixes bug 28636; bugfix on 0.4.0.1-alpha.
+ - Inspect a circuit-level cell queue before sending padding, to
+ avoid sending padding while too much data is already queued. Fixes
+ bug 29204; bugfix on 0.4.0.1-alpha.
+ - Avoid calling monotime_absolute_usec() in circuit padding machines
+ that do not use token removal or circuit RTT estimation. Fixes bug
+ 29085; bugfix on 0.4.0.1-alpha.
+
+ o Minor bugfixes (clock skew detection):
+ - Don't believe clock skew results from NETINFO cells that appear to
+ arrive before we sent the VERSIONS cells they are responding to.
+ Previously, we would accept them up to 3 minutes "in the past".
+ Fixes bug 31343; bugfix on 0.2.4.4-alpha.
+
+ o Minor bugfixes (compatibility, standards compliance):
+ - Fix a bug that would invoke undefined behavior on certain
+ operating systems when trying to asprintf() a string exactly
+ INT_MAX bytes long. We don't believe this is exploitable, but it's
+ better to fix it anyway. Fixes bug 31001; bugfix on 0.2.2.11-alpha.
+ Found and fixed by Tobias Stoeckmann.
+
+ o Minor bugfixes (compilation warning):
+ - Fix a compilation warning on Windows about casting a function
+ pointer for GetTickCount64(). Fixes bug 31374; bugfix on
+ 0.2.9.1-alpha.
+
+ o Minor bugfixes (compilation):
+ - Avoid using labs() on time_t, which can cause compilation warnings
+ on 64-bit Windows builds. Fixes bug 31343; bugfix on 0.2.4.4-alpha.
+
+ o Minor bugfixes (compilation, unusual configurations):
+ - Avoid failures when building with the ALL_BUGS_ARE_FATAL option
+ due to missing declarations of abort(), and prevent other such
+ failures in the future. Fixes bug 30189; bugfix on 0.3.4.1-alpha.
+
+ o Minor bugfixes (configuration, proxies):
+ - Fix a bug that prevented us from supporting SOCKS5 proxies that
+ want authentication along with configured (but unused!)
+ ClientTransportPlugins. Fixes bug 29670; bugfix on 0.2.6.1-alpha.
+
+ o Minor bugfixes (continuous integration):
+ - Allow the test-stem job to fail in Travis, because it sometimes
+ hangs. Fixes bug 30744; bugfix on 0.3.5.4-alpha.
+ - Skip test_rebind on macOS in Travis, because it is unreliable on
+ macOS on Travis. Fixes bug 30713; bugfix on 0.3.5.1-alpha.
+ - Skip test_rebind when the TOR_SKIP_TEST_REBIND environment
+ variable is set. Fixes bug 30713; bugfix on 0.3.5.1-alpha.
+
+ o Minor bugfixes (controller protocol):
+ - Teach the controller parser to distinguish an object preceded by
+ an argument list from one without. Previously, it couldn't
+ distinguish an argument list from the first line of a multiline
+ object. Fixes bug 29984; bugfix on 0.2.3.8-alpha.
+
+ o Minor bugfixes (crash on exit):
+ - Avoid a set of possible code paths that could try to use freed
+ memory in routerlist_free() while Tor was exiting. Fixes bug
+ 31003; bugfix on 0.1.2.2-alpha.
+
+ o Minor bugfixes (developer tooling):
+ - Fix pre-push hook to allow fixup and squash commits when pushing
+ to non-upstream git remote. Fixes bug 30286; bugfix
+ on 0.4.0.1-alpha.
+
+ o Minor bugfixes (directory authorities):
+ - Stop crashing after parsing an unknown descriptor purpose
+ annotation. We think this bug can only be triggered by modifying a
+ local file. Fixes bug 30781; bugfix on 0.2.0.8-alpha.
+ - Move the "bandwidth-file-headers" line in directory authority
+ votes so that it conforms to dir-spec.txt. Fixes bug 30316; bugfix
+ on 0.3.5.1-alpha.
+ - Directory authorities with IPv6 support now always mark themselves
+ as reachable via IPv6. Fixes bug 24338; bugfix on 0.2.4.1-alpha.
+ Patch by Neel Chauhan.
+
+ o Minor bugfixes (documentation):
+ - Improve the documentation for using MapAddress with ".exit". Fixes
+ bug 30109; bugfix on 0.1.0.1-rc.
+ - Improve the monotonic time module and function documentation to
+ explain what "monotonic" actually means, and document some results
+ that have surprised people. Fixes bug 29640; bugfix
+ on 0.2.9.1-alpha.
+ - Use proper formatting when providing an example on quoting options
+ that contain whitespace. Fixes bug 29635; bugfix on 0.2.3.18-rc.
+
+ o Minor bugfixes (logging):
+ - Do not log a warning when running with an OpenSSL version other
+ than the one Tor was compiled with, if the two versions should be
+ compatible. Previously, we would warn whenever the version was
+ different. Fixes bug 30190; bugfix on 0.2.4.2-alpha.
+ - Warn operators when the MyFamily option is set but ContactInfo is
+ missing, as the latter should be set too. Fixes bug 25110; bugfix
+ on 0.3.3.1-alpha.
+
+ o Minor bugfixes (memory leaks):
+ - Avoid a minor memory leak that could occur on relays when failing
+ to create a "keys" directory. Fixes bug 30148; bugfix
+ on 0.3.3.1-alpha.
+ - Fix a trivial memory leak when parsing an invalid value from a
+ download schedule in the configuration. Fixes bug 30894; bugfix
+ on 0.3.4.1-alpha.
+
+ o Minor bugfixes (NetBSD):
+ - Fix usage of minherit() on NetBSD and other platforms that define
+ MAP_INHERIT_{ZERO,NONE} instead of INHERIT_{ZERO,NONE}. Fixes bug
+ 30614; bugfix on 0.4.0.2-alpha. Patch from Taylor Campbell.
+
+ o Minor bugfixes (onion services):
+ - Avoid a GCC 9.1.1 warning (and possible crash depending on libc
+ implemenation) when failing to load an onion service client
+ authorization file. Fixes bug 30475; bugfix on 0.3.5.1-alpha.
+ - When refusing to launch a controller's HSFETCH request because of
+ rate-limiting, respond to the controller with a new response,
+ "QUERY_RATE_LIMITED". Previously, we would log QUERY_NO_HSDIR for
+ this case. Fixes bug 28269; bugfix on 0.3.1.1-alpha. Patch by
+ Neel Chauhan.
+ - When relaunching a circuit to a rendezvous service, mark the
+ circuit as needing high-uptime routers as appropriate. Fixes bug
+ 17357; bugfix on 0.1.0.1-rc. Patch by Neel Chauhan.
+ - Stop ignoring IPv6 link specifiers sent to v3 onion services.
+ (IPv6 support for v3 onion services is still incomplete: see
+ ticket 23493 for details.) Fixes bug 23588; bugfix on
+ 0.3.2.1-alpha. Patch by Neel Chauhan.
+
+ o Minor bugfixes (onion services, performance):
+ - When building circuits to onion services, call tor_addr_parse()
+ less often. Previously, we called tor_addr_parse() in
+ circuit_is_acceptable() even if its output wasn't used. This
+ change should improve performance when building circuits. Fixes
+ bug 22210; bugfix on 0.2.8.12. Patch by Neel Chauhan.
+
+ o Minor bugfixes (out-of-memory handler):
+ - When purging the DNS cache because of an out-of-memory condition,
+ try purging just the older entries at first. Previously, we would
+ always purge the whole thing. Fixes bug 29617; bugfix
+ on 0.3.5.1-alpha.
+
+ o Minor bugfixes (performance):
+ - When checking whether a node is a bridge, use a fast check to make
+ sure that its identity is set. Previously, we used a constant-time
+ check, which is not necessary in this case. Fixes bug 30308;
+ bugfix on 0.3.5.1-alpha.
+
+ o Minor bugfixes (pluggable transports):
+ - Tor now sets TOR_PT_EXIT_ON_STDIN_CLOSE=1 for client transports as
+ well as servers. Fixes bug 25614; bugfix on 0.2.7.1-alpha.
+
+ o Minor bugfixes (portability):
+ - Avoid crashing in our tor_vasprintf() implementation on systems
+ that define neither vasprintf() nor _vscprintf(). (This bug has
+ been here long enough that we question whether people are running
+ Tor on such systems, but we're applying the fix out of caution.)
+ Fixes bug 30561; bugfix on 0.2.8.2-alpha. Found and fixed by
+ Tobias Stoeckmann.
+
+ o Minor bugfixes (probability distributions):
+ - Refactor and improve parts of the probability distribution code
+ that made Coverity complain. Fixes bug 29805; bugfix
+ on 0.4.0.1-alpha.
+
+ o Minor bugfixes (python):
+ - Stop assuming that /usr/bin/python3 exists. For scripts that work
+ with python2, use /usr/bin/python. Otherwise, use /usr/bin/env
+ python3. Fixes bug 29913; bugfix on 0.2.5.3-alpha.
+
+ o Minor bugfixes (relay):
+ - When running as a relay, if IPv6Exit is set to 1 while ExitRelay
+ is auto, act as if ExitRelay is 1. Previously, we would ignore
+ IPv6Exit if ExitRelay was 0 or auto. Fixes bug 29613; bugfix on
+ 0.3.5.1-alpha. Patch by Neel Chauhan.
+
+ o Minor bugfixes (static analysis):
+ - Fix several spurious Coverity warnings about the unit tests, to
+ lower our chances of missing real warnings in the future. Fixes
+ bug 30150; bugfix on 0.3.5.1-alpha and various other Tor versions.
+
+ o Minor bugfixes (stats):
+ - When ExtraInfoStatistics is 0, stop including bandwidth usage
+ statistics, GeoIPFile hashes, ServerTransportPlugin lines, and
+ bridge statistics by country in extra-info documents. Fixes bug
+ 29018; bugfix on 0.2.4.1-alpha.
+
+ o Minor bugfixes (testing):
+ - Call setrlimit() to disable core dumps in test_bt_cl.c. Previously
+ we used `ulimit -c` in test_bt.sh, which violates POSIX shell
+ compatibility. Fixes bug 29061; bugfix on 0.3.5.1-alpha.
+ - Fix some incorrect code in the v3 onion service unit tests. Fixes
+ bug 29243; bugfix on 0.3.2.1-alpha.
+ - In the "routerkeys/*" tests, check the return values of mkdir()
+ for possible failures. Fixes bug 29939; bugfix on 0.2.7.2-alpha.
+ Found by Coverity as CID 1444254.
+ - Split test_utils_general() into several smaller test functions.
+ This makes it easier to perform resource deallocation on assert
+ failure, and fixes Coverity warnings CID 1444117 and CID 1444118.
+ Fixes bug 29823; bugfix on 0.2.9.1-alpha.
+
+ o Minor bugfixes (tor-resolve):
+ - Fix a memory leak in tor-resolve that could happen if Tor gave it
+ a malformed SOCKS response. (Memory leaks in tor-resolve don't
+ actually matter, but it's good to fix them anyway.) Fixes bug
+ 30151; bugfix on 0.4.0.1-alpha.
+
+ o Code simplification and refactoring:
+ - Abstract out the low-level formatting of replies on the control
+ port. Implements ticket 30007.
+ - Add several assertions in an attempt to fix some Coverity
+ warnings. Closes ticket 30149.
+ - Introduce a connection_dir_buf_add() helper function that checks
+ for compress_state of dir_connection_t and automatically writes a
+ string to directory connection with or without compression.
+ Resolves issue 28816.
+ - Make the base32_decode() API return the number of bytes written,
+ for consistency with base64_decode(). Closes ticket 28913.
+ - Move most relay-only periodic events out of mainloop.c into the
+ relay subsystem. Closes ticket 30414.
+ - Refactor and encapsulate parts of the codebase that manipulate
+ crypt_path_t objects. Resolves issue 30236.
+ - Refactor several places in our code that Coverity incorrectly
+ believed might have memory leaks. Closes ticket 30147.
+ - Remove redundant return values in crypto_format, and the
+ associated return value checks elsewhere in the code. Make the
+ implementations in crypto_format consistent, and remove redundant
+ code. Resolves ticket 29660.
+ - Rename tor_mem_is_zero() to fast_mem_is_zero(), to emphasize that
+ it is not a constant-time function. Closes ticket 30309.
+ - Replace hs_desc_link_specifier_t with link_specifier_t, and remove
+ all hs_desc_link_specifier_t-specific code. Fixes bug 22781;
+ bugfix on 0.3.2.1-alpha.
+ - Simplify v3 onion service link specifier handling code. Fixes bug
+ 23576; bugfix on 0.3.2.1-alpha.
+ - Split crypto_digest.c into NSS code, OpenSSL code, and shared
+ code. Resolves ticket 29108.
+ - Split control.c into several submodules, in preparation for
+ distributing its current responsibilities throughout the codebase.
+ Closes ticket 29894.
+ - Start to move responsibility for knowing about periodic events to
+ the appropriate subsystems, so that the mainloop doesn't need to
+ know all the periodic events in the rest of the codebase.
+ Implements tickets 30293 and 30294.
+
+ o Documentation:
+ - Mention URLs for Travis/Appveyor/Jenkins in ReleasingTor.md.
+ Closes ticket 30630.
+ - Document how to find git commits and tags for bug fixes in
+ CodingStandards.md. Update some file documentation. Closes
+ ticket 30261.
+
+ o Removed features:
+ - Remove the linux-tor-prio.sh script from contrib/operator-tools
+ directory. Resolves issue 29434.
+ - Remove the obsolete OpenSUSE initscript. Resolves issue 30076.
+ - Remove the obsolete script at contrib/dist/tor.sh.in. Resolves
+ issue 30075.
+
+ o Testing:
+ - Specify torrc paths (with empty files) when launching tor in
+ integration tests; refrain from reading user and system torrcs.
+ Resolves issue 29702.
+
+ o Code simplification and refactoring (shell scripts):
+ - Clean up many of our shell scripts to fix shellcheck warnings.
+ These include autogen.sh (ticket 26069), test_keygen.sh (ticket
+ 29062), test_switch_id.sh (ticket 29065), test_rebind.sh (ticket
+ 29063), src/test/fuzz/minimize.sh (ticket 30079), test_rust.sh
+ (ticket 29064), torify (ticket 29070), asciidoc-helper.sh (29926),
+ fuzz_multi.sh (30077), fuzz_static_testcases.sh (ticket 29059),
+ nagios-check-tor-authority-cert (ticket 29071),
+ src/test/fuzz/fixup_filenames.sh (ticket 30078), test-network.sh
+ (ticket 29060), test_key_expiration.sh (ticket 30002),
+ zero_length_keys.sh (ticket 29068), and test_workqueue_*.sh
+ (ticket 29067).
+
+ o Testing (chutney):
+ - In "make test-network-all", test IPv6-only v3 single onion
+ services, using the chutney network single-onion-v23-ipv6-md.
+ Closes ticket 27251.
+
+ o Testing (continuous integration):
+ - In Travis, make stem log a controller trace to the console, and tail
+ stem's tor log after failure. Closes ticket 30591.
+ - In Travis, only run the stem tests that use a tor binary.
+ Closes ticket 30694.
+
+
Changes in version 0.4.0.5 - 2019-05-02
This is the first stable release in the 0.4.0.x series. It contains
improvements for power management and bootstrap reporting, as well as
projects / thirdparty / tor.git / commitdiff
