./net/tor, Anonymizing overlay network for TCP

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2017Q1, Version: 0.3.0.8, Package name: tor-0.3.0.8, Maintainer: reezer

The simple version: Tor provides a distributed network of servers ("onion
routers"). Users bounce their TCP streams (web traffic, FTP, SSH, etc.) around
the routers. This makes it hard for recipients, observers, and even the onion
routers themselves to track the source of the stream.

The complex version: Onion Routing is a connection-oriented anonymizing
communication service. Users choose a source-routed path through a set of
nodes, and negotiate a "virtual circuit" through the network, in which each
node knows its predecessor and successor, but no others. Traffic flowing down
the circuit is unwrapped by a symmetric key at each node, which reveals the
downstream node.


Required to run:
[devel/libevent]

Required to build:
[textproc/asciidoc] [pkgtools/cwrappers]

Package options: doc

Master sites:

SHA1: c5e117ad3cc703cb870b7b8a147d6301ace235a7
RMD160: b71e3dc016eb43fa85d483a0893122e19df924a7
Filesize: 5660.981 KB

Version history: (Expand)


CVS history: (Expand)


   2017-06-21 20:24:51 by Benny Siegert | Files touched by this commit (2)
Log message:
Pullup ticket #5481 - requested by sevan
net/tor: security fix

Revisions pulled up:
- net/tor/Makefile                                              1.122
- net/tor/distinfo                                              1.82

---
   Module Name:    pkgsrc
   Committed By:   wiz
   Date:           Wed Jun 14 16:16:04 UTC 2017

   Modified Files:
           pkgsrc/net/tor: Makefile distinfo

   Log message:
   Updated tor to 0.3.0.8.

   Changes in version 0.3.0.8 - 2017-06-08
     Tor 0.3.0.8 fixes a pair of bugs that would allow an attacker to
     remotely crash a hidden service with an assertion failure. Anyone
     running a hidden service should upgrade to this version, or to some
     other version with fixes for TROVE-2017-004 and TROVE-2017-005.

     Tor 0.3.0.8 also includes fixes for several key management bugs
     that sometimes made relays unreliable, as well as several other
     bugfixes described below.

     o Major bugfixes (hidden service, relay, security, backport
       from 0.3.1.3-alpha):
       - Fix a remotely triggerable assertion failure when a hidden service
         handles a malformed BEGIN cell. Fixes bug 22493, tracked as
         TROVE-2017-004 and as CVE-2017-0375; bugfix on 0.3.0.1-alpha.
       - Fix a remotely triggerable assertion failure caused by receiving a
         BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
         22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
         on 0.2.2.1-alpha.

     o Major bugfixes (relay, link handshake, backport from 0.3.1.3-alpha):
       - When performing the v3 link handshake on a TLS connection, report
         that we have the x509 certificate that we actually used on that
         connection, even if we have changed certificates since that
         connection was first opened. Previously, we would claim to have
         used our most recent x509 link certificate, which would sometimes
         make the link handshake fail. Fixes one case of bug 22460; bugfix
         on 0.2.3.6-alpha.

     o Major bugfixes (relays, key management, backport from 0.3.1.3-alpha):
       - Regenerate link and authentication certificates whenever the key
         that signs them changes; also, regenerate link certificates
         whenever the signed key changes. Previously, these processes were
         only weakly coupled, and we relays could (for minutes to hours)
         wind up with an inconsistent set of keys and certificates, which
         other relays would not accept. Fixes two cases of bug 22460;
         bugfix on 0.3.0.1-alpha.
       - When sending an Ed25519 signing->link certificate in a CERTS cell,
         send the certificate that matches the x509 certificate that we
         used on the TLS connection. Previously, there was a race condition
         if the TLS context rotated after we began the TLS handshake but
         before we sent the CERTS cell. Fixes a case of bug 22460; bugfix
         on 0.3.0.1-alpha.

     o Major bugfixes (hidden service v3, backport from 0.3.1.1-alpha):
       - Stop rejecting v3 hidden service descriptors because their size
         did not match an old padding rule. Fixes bug 22447; bugfix on
         tor-0.3.0.1-alpha.

     o Minor features (fallback directory list, backport from 0.3.1.3-alpha):
       - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
         December 2016 (of which ~126 were still functional) with a list of
         151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May
         2017. Resolves ticket 21564.

     o Minor bugfixes (configuration, backport from 0.3.1.1-alpha):
       - Do not crash when starting with LearnCircuitBuildTimeout 0. Fixes
         bug 22252; bugfix on 0.2.9.3-alpha.

     o Minor bugfixes (correctness, backport from 0.3.1.3-alpha):
       - Avoid undefined behavior when parsing IPv6 entries from the geoip6
         file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.

     o Minor bugfixes (link handshake, backport from 0.3.1.3-alpha):
       - Lower the lifetime of the RSA->Ed25519 cross-certificate to six
         months, and regenerate it when it is within one month of expiring.
         Previously, we had generated this certificate at startup with a
         ten-year lifetime, but that could lead to weird behavior when Tor
         was started with a grossly inaccurate clock. Mitigates bug 22466;
         mitigation on 0.3.0.1-alpha.

     o Minor bugfixes (memory leak, directory authority, backport from
       0.3.1.2-alpha):
       - When directory authorities reject a router descriptor due to
         keypinning, free the router descriptor rather than leaking the
         memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha.
   2017-05-29 20:42:04 by Benny Siegert | Files touched by this commit (2)
Log message:
Pullup ticket #5452 - requested by sevan
net/tor: security fix

Revisions pulled up:
- net/tor/Makefile                                              1.121
- net/tor/distinfo                                              1.81

---
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Wed May 17 07:13:37 UTC 2017

   Modified Files:
           pkgsrc/net/tor: Makefile distinfo

   Log message:
   Changes in version 0.3.0.7 - 2017-05-15
     Tor 0.3.0.7 fixes a medium-severity security bug in earlier versions
     of Tor 0.3.0.x, where an attacker could cause a Tor relay process to
     exit. Relays running earlier versions of Tor 0.3.0.x should upgrade;
     clients are not affected.

     o Major bugfixes (hidden service directory, security):
       - Fix an assertion failure in the hidden service directory code,
         which could be used by an attacker to remotely cause a Tor relay
         process to exit. Relays running earlier versions of Tor 0.3.0.x
         should upgrade. This security issue is tracked as TROVE-2017-002.
         Fixes bug 22246; bugfix on 0.3.0.1-alpha.

     o Minor features:
       - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
         Country database.

     o Minor features (future-proofing):
       - Tor no longer refuses to download microdescriptors or descriptors
         if they are listed as "published in the future". This change will
         eventually allow us to stop listing meaningful "published" dates
         in microdescriptor consensuses, and thereby allow us to reduce the
         resources required to download consensus diffs by over 50%.
         Implements part of ticket 21642; implements part of proposal 275.

     o Minor bugfixes (Linux seccomp2 sandbox):
       - The getpid() system call is now permitted under the Linux seccomp2
         sandbox, to avoid crashing with versions of OpenSSL (and other
         libraries) that attempt to learn the process's PID by using the
         syscall rather than the VDSO code. Fixes bug 21943; bugfix
         on 0.2.5.1-alpha.
   2017-05-06 17:11:40 by Benny Siegert | Files touched by this commit (2) | Package updated
Log message:
Pullup ticket #5393 - requested by sevan
net/tor: point update (ensure package remains functional)

Revisions pulled up:
- net/tor/Makefile                                              1.119
- net/tor/distinfo                                              1.80

---
   Module Name:    pkgsrc
   Committed By:   wiz
   Date:           Tue May  2 11:16:02 UTC 2017

   Modified Files:
           pkgsrc/net/tor: Makefile distinfo

   Log message:
   Updated tor to 0.3.0.6.

   Changes in version 0.3.0.6 - 2017-04-26
     Tor 0.3.0.6 is the first stable release of the Tor 0.3.0 series.

     With the 0.3.0 series, clients and relays now use Ed25519 keys to
     authenticate their link connections to relays, rather than the old
     RSA1024 keys that they used before. (Circuit crypto has been
     Curve25519-authenticated since 0.2.4.8-alpha.) We have also replaced
     the guard selection and replacement algorithm to behave more robustly
     in the presence of unreliable networks, and to resist guard-
     capture attacks.

     This series also includes numerous other small features and bugfixes,
     along with more groundwork for the upcoming hidden-services revamp.

     Per our stable release policy, we plan to support the Tor 0.3.0
     release series for at least the next nine months, or for three months
     after the first stable release of the 0.3.1 series: whichever is
     longer. If you need a release with long-term support, we recommend
     that you stay with the 0.2.9 series.

     Below are the changes since 0.2.9.10. For a list of only the changes
     since 0.3.0.5-rc, see the ChangeLog file.

     o Major features (directory authority, security):
       - The default for AuthDirPinKeys is now 1: directory authorities
         will reject relays where the RSA identity key matches a previously
         seen value, but the Ed25519 key has changed. Closes ticket 18319.

     o Major features (guard selection algorithm):
       - Tor's guard selection algorithm has been redesigned from the
         ground up, to better support unreliable networks and restrictive
         sets of entry nodes, and to better resist guard-capture attacks by
         hostile local networks. Implements proposal 271; closes
         ticket 19877.

     o Major features (next-generation hidden services):
       - Relays can now handle v3 ESTABLISH_INTRO cells as specified by
         prop224 aka "Next Generation Hidden Services". Service and clients
         don't use this functionality yet. Closes ticket 19043. Based on
         initial code by Alec Heifetz.
       - Relays now support the HSDir version 3 protocol, so that they can
         can store and serve v3 descriptors. This is part of the next-
         generation onion service work detailled in proposal 224. Closes
         ticket 17238.

     o Major features (protocol, ed25519 identity keys):
       - Clients now support including Ed25519 identity keys in the EXTEND2
         cells they generate. By default, this is controlled by a consensus
         parameter, currently disabled. You can turn this feature on for
         testing by setting ExtendByEd25519ID in your configuration. This
         might make your traffic appear different than the traffic
         generated by other users, however. Implements part of ticket
         15056; part of proposal 220.
       - Relays now understand requests to extend to other relays by their
         Ed25519 identity keys. When an Ed25519 identity key is included in
         an EXTEND2 cell, the relay will only extend the circuit if the
         other relay can prove ownership of that identity. Implements part
         of ticket 15056; part of proposal 220.
       - Relays now use Ed25519 to prove their Ed25519 identities and to
         one another, and to clients. This algorithm is faster and more
         secure than the RSA-based handshake we've been doing until now.
         Implements the second big part of proposal 220; Closes
         ticket 15055.

     o Major features (security):
       - Change the algorithm used to decide DNS TTLs on client and server
         side, to better resist DNS-based correlation attacks like the
         DefecTor attack of Greschbach, Pulls, Roberts, Winter, and
         Feamster. Now relays only return one of two possible DNS TTL
         values, and clients are willing to believe DNS TTL values up to 3
         hours long. Closes ticket 19769.

     o Major bugfixes (client, onion service, also in 0.2.9.9):
       - Fix a client-side onion service reachability bug, where multiple
         socks requests to an onion service (or a single slow request)
         could cause us to mistakenly mark some of the service's
         introduction points as failed, and we cache that failure so
         eventually we run out and can't reach the service. Also resolves a
         mysterious "Remote server sent bogus reason code 65021" log
         warning. The bug was introduced in ticket 17218, where we tried to
         remember the circuit end reason as a uint16_t, which mangled
         negative values. Partially fixes bug 21056 and fixes bug 20307;
         bugfix on 0.2.8.1-alpha.

     o Major bugfixes (crash, directory connections):
       - Fix a rare crash when sending a begin cell on a circuit whose
         linked directory connection had already been closed. Fixes bug
         21576; bugfix on 0.2.9.3-alpha. Reported by Alec Muffett.

     o Major bugfixes (directory authority):
       - During voting, when marking a relay as a probable sybil, do not
         clear its BadExit flag: sybils can still be bad in other ways
         too. (We still clear the other flags.) Fixes bug 21108; bugfix
         on 0.2.0.13-alpha.

     o Major bugfixes (DNS):
       - Fix a bug that prevented exit nodes from caching DNS records for
         more than 60 seconds. Fixes bug 19025; bugfix on 0.2.4.7-alpha.

     o Major bugfixes (IPv6 Exits):
       - Stop rejecting all IPv6 traffic on Exits whose exit policy rejects
         any IPv6 addresses. Instead, only reject a port over IPv6 if the
         exit policy rejects that port on more than an IPv6 /16 of
         addresses. This bug was made worse by 17027 in 0.2.8.1-alpha,
         which rejected a relay's own IPv6 address by default. Fixes bug
         21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha.

     o Major bugfixes (parsing):
       - Fix an integer underflow bug when comparing malformed Tor
         versions. This bug could crash Tor when built with
         --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
         0.2.9.8, which were built with -ftrapv by default. In other cases
         it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
         on 0.0.8pre1. Found by OSS-Fuzz.
       - When parsing a malformed content-length field from an HTTP
         message, do not read off the end of the buffer. This bug was a
         potential remote denial-of-service attack against Tor clients and
         relays. A workaround was released in October 2016, to prevent this
         bug from crashing Tor. This is a fix for the underlying issue,
         which should no longer matter (if you applied the earlier patch).
         Fixes bug 20894; bugfix on 0.2.0.16-alpha. Bug found by fuzzing
         using AFL (http://lcamtuf.coredump.cx/afl/).

     o Major bugfixes (scheduler):
       - Actually compare circuit policies in ewma_cmp_cmux(). This bug
         caused the channel scheduler to behave more or less randomly,
         rather than preferring channels with higher-priority circuits.
         Fixes bug 20459; bugfix on 0.2.6.2-alpha.

     o Major bugfixes (security, also in 0.2.9.9):
       - Downgrade the "-ftrapv" option from "always on" to \ 
"only on when
         --enable-expensive-hardening is provided." This hardening option,
         like others, can turn survivable bugs into crashes--and having it
         on by default made a (relatively harmless) integer overflow bug
         into a denial-of-service bug. Fixes bug 21278 (TROVE-2017-001);
         bugfix on 0.2.9.1-alpha.

     o Minor feature (client):
       - Enable IPv6 traffic on the SocksPort by default. To disable this,
         a user will have to specify "NoIPv6Traffic". Closes ticket 21269.

     o Minor feature (fallback scripts):
       - Add a check_existing mode to updateFallbackDirs.py, which checks
         if fallbacks in the hard-coded list are working. Closes ticket
         20174. Patch by haxxpop.

     o Minor feature (protocol versioning):
       - Add new protocol version for proposal 224. HSIntro now advertises
         version "3-4" and HSDir version "1-2". Fixes ticket \ 
20656.

     o Minor features (ciphersuite selection):
       - Allow relays to accept a wider range of ciphersuites, including
         chacha20-poly1305 and AES-CCM. Closes the other part of 15426.
       - Clients now advertise a list of ciphersuites closer to the ones
         preferred by Firefox. Closes part of ticket 15426.

     o Minor features (controller):
       - Add "GETINFO sr/current" and "GETINFO sr/previous" \ 
keys, to expose
         shared-random values to the controller. Closes ticket 19925.
       - When HSFETCH arguments cannot be parsed, say "Invalid argument"
         rather than "unrecognized." Closes ticket 20389; patch from
         Ivan Markin.

     o Minor features (controller, configuration):
       - Each of the *Port options, such as SocksPort, ORPort, ControlPort,
         and so on, now comes with a __*Port variant that will not be saved
         to the torrc file by the controller's SAVECONF command. This
         change allows TorBrowser to set up a single-use domain socket for
         each time it launches Tor. Closes ticket 20956.
       - The GETCONF command can now query options that may only be
         meaningful in context-sensitive lists. This allows the controller
         to query the mixed SocksPort/__SocksPort style options introduced
         in feature 20956. Implements ticket 21300.

     o Minor features (diagnostic, directory client):
       - Warn when we find an unexpected inconsistency in directory
         download status objects. Prevents some negative consequences of
         bug 20593.

     o Minor features (directory authorities):
       - Directory authorities now reject descriptors that claim to be
         malformed versions of Tor. Helps prevent exploitation of
         bug 21278.
       - Reject version numbers with components that exceed INT32_MAX.
         Otherwise 32-bit and 64-bit platforms would behave inconsistently.
         Fixes bug 21450; bugfix on 0.0.8pre1.

     o Minor features (directory authority):
       - Add a new authority-only AuthDirTestEd25519LinkKeys option (on by
         default) to control whether authorities should try to probe relays
         by their Ed25519 link keys. This option will go away in a few
         releases--unless we encounter major trouble in our ed25519 link
         protocol rollout, in which case it will serve as a safety option.

     o Minor features (directory cache):
       - Relays and bridges will now refuse to serve the consensus they
         have if they know it is too old for a client to use. Closes
         ticket 20511.

     o Minor features (ed25519 link handshake):
       - Advertise support for the ed25519 link handshake using the
         subprotocol-versions mechanism, so that clients can tell which
         relays can identity themselves by Ed25519 ID. Closes ticket 20552.

     o Minor features (entry guards):
       - Add UseEntryGuards to TEST_OPTIONS_DEFAULT_VALUES in order to not
         break regression tests.
       - Require UseEntryGuards when UseBridges is set, in order to make
         sure bridges aren't bypassed. Resolves ticket 20502.

     o Minor features (fallback directories):
       - Allow 3 fallback relays per operator, which is safe now that we
         are choosing 200 fallback relays. Closes ticket 20912.
       - Annotate updateFallbackDirs.py with the bandwidth and consensus
         weight for each candidate fallback. Closes ticket 20878.
       - Display the relay fingerprint when downloading consensuses from
         fallbacks. Closes ticket 20908.
       - Exclude relays affected by bug 20499 from the fallback list.
         Exclude relays from the fallback list if they are running versions
         known to be affected by bug 20499, or if in our tests they deliver
         a stale consensus (i.e. one that expired more than 24 hours ago).
         Closes ticket 20539.
       - Make it easier to change the output sort order of fallbacks.
         Closes ticket 20822.
       - Reduce the minimum fallback bandwidth to 1 MByte/s. Part of
         ticket 18828.
       - Require fallback directories to have the same address and port for
         7 days (now that we have enough relays with this stability).
         Relays whose OnionOO stability timer is reset on restart by bug
         18050 should upgrade to Tor 0.2.8.7 or later, which has a fix for
         this issue. Closes ticket 20880; maintains short-term fix
         in 0.2.8.2-alpha.
       - Require fallbacks to have flags for 90% of the time (weighted
         decaying average), rather than 95%. This allows at least 73% of
         clients to bootstrap in the first 5 seconds without contacting an
         authority. Part of ticket 18828.
       - Select 200 fallback directories for each release. Closes
         ticket 20881.

     o Minor features (fingerprinting resistence, authentication):
       - Extend the length of RSA keys used for TLS link authentication to
         2048 bits. (These weren't used for forward secrecy; for forward
         secrecy, we used P256.) Closes ticket 13752.

     o Minor features (geoip):
       - Update geoip and geoip6 to the April 4 2017 Maxmind GeoLite2
         Country database.

     o Minor features (geoip, also in 0.2.9.9):
       - Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2
         Country database.

     o Minor features (infrastructure):
       - Implement smartlist_add_strdup() function. Replaces the use of
         smartlist_add(sl, tor_strdup(str)). Closes ticket 20048.

     o Minor features (linting):
       - Enhance the changes file linter to warn on Tor versions that are
         prefixed with "tor-". Closes ticket 21096.

     o Minor features (logging):
       - In several places, describe unset ed25519 keys as "<unset>",
         rather than the scary "AAAAAAAA...AAA". Closes ticket 21037.

     o Minor features (portability, compilation):
       - Autoconf now checks to determine if OpenSSL structures are opaque,
         instead of explicitly checking for OpenSSL version numbers. Part
         of ticket 21359.
       - Support building with recent LibreSSL code that uses opaque
         structures. Closes ticket 21359.

     o Minor features (relay):
       - We now allow separation of exit and relay traffic to different
         source IP addresses, using the OutboundBindAddressExit and
         OutboundBindAddressOR options respectively. Closes ticket 17975.
         Written by Michael Sonntag.

     o Minor features (reliability, crash):
       - Try better to detect problems in buffers where they might grow (or
         think they have grown) over 2 GB in size. Diagnostic for
         bug 21369.

     o Minor features (testing):
       - During 'make test-network-all', if tor logs any warnings, ask
         chutney to output them. Requires a recent version of chutney with
         the 21572 patch. Implements 21570.

     o Minor bugfix (control protocol):
       - The reply to a "GETINFO config/names" request via the control
         protocol now spells the type "Dependent" correctly. This is a
         breaking change in the control protocol. (The field seems to be
         ignored by the most common known controllers.) Fixes bug 18146;
         bugfix on 0.1.1.4-alpha.
       - The GETINFO extra-info/digest/<digest> command was broken because
         of a wrong base16 decode return value check, introduced when
         refactoring that API. Fixes bug 22034; bugfix on 0.2.9.1-alpha.

     o Minor bugfix (logging):
       - Don't recommend the use of Tor2web in non-anonymous mode.
         Recommending Tor2web is a bad idea because the client loses all
         anonymity. Tor2web should only be used in specific cases by users
         who *know* and understand the issues. Fixes bug 21294; bugfix
         on 0.2.9.3-alpha.

     o Minor bugfixes (bug resilience):
       - Fix an unreachable size_t overflow in base64_decode(). Fixes bug
         19222; bugfix on 0.2.0.9-alpha. Found by Guido Vranken; fixed by
         Hans Jerry Illikainen.

     o Minor bugfixes (build):
       - Replace obsolete Autoconf macros with their modern equivalent and
         prevent similar issues in the future. Fixes bug 20990; bugfix
         on 0.1.0.1-rc.

     o Minor bugfixes (certificate expiration time):
       - Avoid using link certificates that don't become valid till some
         time in the future. Fixes bug 21420; bugfix on 0.2.4.11-alpha

     o Minor bugfixes (client):
       - Always recover from failures in extend_info_from_node(), in an
         attempt to prevent any recurrence of bug 21242. Fixes bug 21372;
         bugfix on 0.2.3.1-alpha.
       - When clients that use bridges start up with a cached consensus on
         disk, they were ignoring it and downloading a new one. Now they
         use the cached one. Fixes bug 20269; bugfix on 0.2.3.12-alpha.

     o Minor bugfixes (code correctness):
       - Repair a couple of (unreachable or harmless) cases of the risky
         comparison-by-subtraction pattern that caused bug 21278.

     o Minor bugfixes (config):
       - Don't assert on startup when trying to get the options list and
         LearnCircuitBuildTimeout is set to 0: we are currently parsing the
         options so of course they aren't ready yet. Fixes bug 21062;
         bugfix on 0.2.9.3-alpha.

     o Minor bugfixes (configuration):
       - Accept non-space whitespace characters after the severity level in
         the `Log` option. Fixes bug 19965; bugfix on 0.2.1.1-alpha.
       - Support "TByte" and "TBytes" units in options given \ 
in bytes.
         "TB", "terabyte(s)", "TBit(s)" and \ 
"terabit(s)" were already
         supported. Fixes bug 20622; bugfix on 0.2.0.14-alpha.

     o Minor bugfixes (configure, autoconf):
       - Rename the configure option --enable-expensive-hardening to
         --enable-fragile-hardening. Expensive hardening makes the tor
         daemon abort when some kinds of issues are detected. Thus, it
         makes tor more at risk of remote crashes but safer against RCE or
         heartbleed bug category. We now try to explain this issue in a
         message from the configure script. Fixes bug 21290; bugfix
         on 0.2.5.4-alpha.

     o Minor bugfixes (consensus weight):
       - Add new consensus method that initializes bw weights to 1 instead
         of 0. This prevents a zero weight from making it all the way to
         the end (happens in small testing networks) and causing an error.
         Fixes bug 14881; bugfix on 0.2.2.17-alpha.

     o Minor bugfixes (crash prevention):
       - Fix an (currently untriggerable, but potentially dangerous) crash
         bug when base32-encoding inputs whose sizes are not a multiple of
         5. Fixes bug 21894; bugfix on 0.2.9.1-alpha.

     o Minor bugfixes (dead code):
       - Remove a redundant check for PidFile changes at runtime in
         options_transition_allowed(): this check is already performed
         regardless of whether the sandbox is active. Fixes bug 21123;
         bugfix on 0.2.5.4-alpha.

     o Minor bugfixes (descriptors):
       - Correctly recognise downloaded full descriptors as valid, even
         when using microdescriptors as circuits. This affects clients with
         FetchUselessDescriptors set, and may affect directory authorities.
         Fixes bug 20839; bugfix on 0.2.3.2-alpha.

     o Minor bugfixes (directory mirrors):
       - Allow relays to use directory mirrors without a DirPort: these
         relays need to be contacted over their ORPorts using a begindir
         connection. Fixes one case of bug 20711; bugfix on 0.2.8.2-alpha.
       - Clarify the message logged when a remote relay is unexpectedly
         missing an ORPort or DirPort: users were confusing this with a
         local port. Fixes another case of bug 20711; bugfix
         on 0.2.8.2-alpha.

     o Minor bugfixes (directory system):
       - Bridges and relays now use microdescriptors (like clients do)
         rather than old-style router descriptors. Now bridges will blend
         in with clients in terms of the circuits they build. Fixes bug
         6769; bugfix on 0.2.3.2-alpha.
       - Download all consensus flavors, descriptors, and authority
         certificates when FetchUselessDescriptors is set, regardless of
         whether tor is a directory cache or not. Fixes bug 20667; bugfix
         on all recent tor versions.

     o Minor bugfixes (documentation):
       - Update the tor manual page to document every option that can not
         be changed while tor is running. Fixes bug 21122.

     o Minor bugfixes (ed25519 certificates):
       - Correctly interpret ed25519 certificates that would expire some
         time after 19 Jan 2038. Fixes bug 20027; bugfix on 0.2.7.2-alpha.

     o Minor bugfixes (fallback directories):
       - Avoid checking fallback candidates' DirPorts if they are down in
         OnionOO. When a relay operator has multiple relays, this
         prioritizes relays that are up over relays that are down. Fixes
         bug 20926; bugfix on 0.2.8.3-alpha.
       - Stop failing when OUTPUT_COMMENTS is True in updateFallbackDirs.py.
         Fixes bug 20877; bugfix on 0.2.8.3-alpha.
       - Stop failing when a relay has no uptime data in
         updateFallbackDirs.py. Fixes bug 20945; bugfix on 0.2.8.1-alpha.

     o Minor bugfixes (hidden service):
       - Clean up the code for expiring intro points with no associated
         circuits. It was causing, rarely, a service with some expiring
         introduction points to not open enough additional introduction
         points. Fixes part of bug 21302; bugfix on 0.2.7.2-alpha.
       - Resolve two possible underflows which could lead to creating and
         closing a lot of introduction point circuits in a non-stop loop.
         Fixes bug 21302; bugfix on 0.2.7.2-alpha.
       - Stop setting the torrc option HiddenServiceStatistics to "0" just
         because we're not a bridge or relay. Instead, we preserve whatever
         value the user set (or didn't set). Fixes bug 21150; bugfix
         on 0.2.6.2-alpha.

     o Minor bugfixes (hidden services):
       - Make hidden services check for failed intro point connections,
         even when they have exceeded their intro point creation limit.
         Fixes bug 21596; bugfix on 0.2.7.2-alpha. Reported by Alec Muffett.
       - Make hidden services with 8 to 10 introduction points check for
         failed circuits immediately after startup. Previously, they would
         wait for 5 minutes before performing their first checks. Fixes bug
         21594; bugfix on 0.2.3.9-alpha. Reported by Alec Muffett.
       - Stop ignoring misconfigured hidden services. Instead, refuse to
         start tor until the misconfigurations have been corrected. Fixes
         bug 20559; bugfix on multiple commits in 0.2.7.1-alpha
         and earlier.

     o Minor bugfixes (IPv6):
       - Make IPv6-using clients try harder to find an IPv6 directory
         server. Fixes bug 20999; bugfix on 0.2.8.2-alpha.
       - When IPv6 addresses have not been downloaded yet (microdesc
         consensus documents don't list relay IPv6 addresses), use hard-
         coded addresses for authorities, fallbacks, and configured
         bridges. Now IPv6-only clients can use microdescriptors. Fixes bug
         20996; bugfix on b167e82 from 19608 in 0.2.8.5-alpha.

     o Minor bugfixes (memory leak at exit):
       - Fix a small harmless memory leak at exit of the previously unused
         RSA->Ed identity cross-certificate. Fixes bug 17779; bugfix
         on 0.2.7.2-alpha.

     o Minor bugfixes (onion services):
       - Allow the number of introduction points to be as low as 0, rather
         than as low as 3. Fixes bug 21033; bugfix on 0.2.7.2-alpha.

     o Minor bugfixes (portability):
       - Use "OpenBSD" compiler macro instead of "OPENBSD" \ 
or "__OpenBSD__".
         It is supported by OpenBSD itself, and also by most OpenBSD
         variants (such as Bitrig). Fixes bug 20980; bugfix
         on 0.1.2.1-alpha.

     o Minor bugfixes (portability, also in 0.2.9.9):
       - Avoid crashing when Tor is built using headers that contain
         CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel
         without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix
         on 0.2.9.1-alpha.
       - Fix Libevent detection on platforms without Libevent 1 headers
         installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha.

     o Minor bugfixes (relay):
       - Avoid a double-marked-circuit warning that could happen when we
         receive DESTROY cells under heavy load. Fixes bug 20059; bugfix
         on 0.1.0.1-rc.
       - Honor DataDirectoryGroupReadable when tor is a relay. Previously,
         initializing the keys would reset the DataDirectory to 0700
         instead of 0750 even if DataDirectoryGroupReadable was set to 1.
         Fixes bug 19953; bugfix on 0.0.2pre16. Patch by "redfish".

     o Minor bugfixes (testing):
       - Fix Raspbian build issues related to missing socket errno in
         test_util.c. Fixes bug 21116; bugfix on 0.2.8.2. Patch by "hein".
       - Remove undefined behavior from the backtrace generator by removing
         its signal handler. Fixes bug 21026; bugfix on 0.2.5.2-alpha.
       - Use bash in src/test/test-network.sh. This ensures we reliably
         call chutney's newer tools/test-network.sh when available. Fixes
         bug 21562; bugfix on 0.2.9.1-alpha.

     o Minor bugfixes (tor-resolve):
       - The tor-resolve command line tool now rejects hostnames over 255
         characters in length. Previously, it would silently truncate them,
         which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5.
         Patch by "junglefowl".

     o Minor bugfixes (unit tests):
       - Allow the unit tests to pass even when DNS lookups of bogus
         addresses do not fail as expected. Fixes bug 20862 and 20863;
         bugfix on unit tests introduced in 0.2.8.1-alpha
         through 0.2.9.4-alpha.

     o Minor bugfixes (util):
       - When finishing writing a file to disk, if we were about to replace
         the file with the temporary file created before and we fail to
         replace it, remove the temporary file so it doesn't stay on disk.
         Fixes bug 20646; bugfix on 0.2.0.7-alpha. Patch by fk.

     o Minor bugfixes (Windows services):
       - Be sure to initialize the monotonic time subsystem before using
         it, even when running as an NT service. Fixes bug 21356; bugfix
         on 0.2.9.1-alpha.

     o Minor bugfixes (Windows):
       - Check for getpagesize before using it to mmap files. This fixes
         compilation in some MinGW environments. Fixes bug 20530; bugfix on
         0.1.2.1-alpha. Reported by "ice".

     o Code simplification and refactoring:
       - Abolish all global guard context in entrynodes.c; replace with new
         guard_selection_t structure as preparation for proposal 271.
         Closes ticket 19858.
       - Extract magic numbers in circuituse.c into defined variables.
       - Introduce rend_service_is_ephemeral() that tells if given onion
         service is ephemeral. Replace unclear NULL-checkings for service
         directory with this function. Closes ticket 20526.
       - Refactor circuit_is_available_for_use to remove unnecessary check.
       - Refactor circuit_predict_and_launch_new for readability and
         testability. Closes ticket 18873.
       - Refactor code to manipulate global_origin_circuit_list into
         separate functions. Closes ticket 20921.
       - Refactor large if statement in purpose_needs_anonymity to use
         switch statement instead. Closes part of ticket 20077.
       - Refactor the hashing API to return negative values for errors, as
         is done as throughout the codebase. Closes ticket 20717.
       - Remove data structures that were used to index or_connection
         objects by their RSA identity digests. These structures are fully
         redundant with the similar structures used in the
         channel abstraction.
       - Remove duplicate code in the channel_write_*cell() functions.
         Closes ticket 13827; patch from Pingl.
       - Remove redundant behavior of is_sensitive_dir_purpose, refactor to
         use only purpose_needs_anonymity. Closes part of ticket 20077.
       - The code to generate and parse EXTEND and EXTEND2 cells has been
         replaced with code automatically generated by the
         "trunnel" utility.

     o Documentation (formatting):
       - Clean up formatting of tor.1 man page and HTML doc, where <pre>
         blocks were incorrectly appearing. Closes ticket 20885.

     o Documentation (man page):
       - Clarify many options in tor.1 and add some min/max values for
         HiddenService options. Closes ticket 21058.

     o Documentation:
       - Change '1' to 'weight_scale' in consensus bw weights calculation
         comments, as that is reality. Closes ticket 20273. Patch
         from pastly.
       - Clarify that when ClientRejectInternalAddresses is enabled (which
         is the default), multicast DNS hostnames for machines on the local
         network (of the form *.local) are also rejected. Closes
         ticket 17070.
       - Correct the value for AuthDirGuardBWGuarantee in the manpage, from
         250 KBytes to 2 MBytes. Fixes bug 20435; bugfix on 0.2.5.6-alpha.
       - Include the "TBits" unit in Tor's man page. Fixes part of bug
         20622; bugfix on 0.2.5.1-alpha.
       - Small fixes to the fuzzing documentation. Closes ticket 21472.
       - Stop the man page from incorrectly stating that HiddenServiceDir
         must already exist. Fixes 20486.
       - Update the description of the directory server options in the
         manual page, to clarify that a relay no longer needs to set
         DirPort in order to be a directory cache. Closes ticket 21720.

     o Removed features:
       - The AuthDirMaxServersPerAuthAddr option no longer exists: The same
         limit for relays running on a single IP applies to authority IP
         addresses as well as to non-authority IP addresses. Closes
         ticket 20960.
       - The UseDirectoryGuards torrc option no longer exists: all users
         that use entry guards will also use directory guards. Related to
         proposal 271; implements part of ticket 20831.

     o Testing:
       - Add tests for networkstatus_compute_bw_weights_v10.
       - Add unit tests circuit_predict_and_launch_new.
       - Extract dummy_origin_circuit_new so it can be used by other
         test functions.
       - New unit tests for tor_htonll(). Closes ticket 19563. Patch
         from "overcaffeinated".
       - Perform the coding style checks when running the tests and fail
         when coding style violations are found. Closes ticket 5500.