commit 1f4971f78a71406a63191f3e6b99155ac169fad0
parent 41a422ec1eafd94e65a339d16e5cb903a233fa86
Author: David Goulet <dgoulet@torproject.org>
Date: Thu, 12 Feb 2026 09:29:04 -0500
release: Add 0.4.9.5 ChangeLog entry
Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat:
| M | ChangeLog | | | 226 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
1 file changed, 226 insertions(+), 0 deletions(-)
diff --git a/ChangeLog b/ChangeLog
@@ -1,3 +1,229 @@
+Changes in version 0.4.9.5 - 2026-02-12
+ This first stable release in the 0.4.9 series introduces a new
+ circuit-level encryption design for better client security, as well
+ as a more scalable way for large relay operators to annotate which
+ relays they run so clients can avoid using too many of them in a
+ single circuit.
+
+ o Major features (cryptography):
+ - Clients and relays can now negotiate Counter Galois Onion (CGO)
+ relay cryptography, as designed by Jean Paul Degabriele,
+ Alessandro Melloni, Jean-Pierre Münch, and Martijn Stam. CGO
+ provides improved resistance to several kinds of tagging attacks,
+ better forward secrecy, and better forgery resistance. Closes
+ ticket 41047. Implements proposal 359.
+
+ o Major features (path selection):
+ - Clients and relays now support "happy families", a system to
+ simplify relay family operation and improve directory performance.
+ With "happy families", relays in a family share a secret "family
+ key", which they use to prove their membership in the family.
+ Implements proposal 321; closes ticket 41009. Note that until
+ enough clients are upgraded, relay operators will still need to
+ configure MyFamily lists. But once clients no longer depend on
+ those lists, we will be able to remove them entirely, thereby
+ simplifying family operation, and making microdescriptor downloads
+ approximately 80% smaller. For more information, see
+ https://community.torproject.org/relay/setup/post-install/family-ids/
+
+ o Major bugfixes (conflux):
+ - Ensure conflux guards obey family and subnet restrictions. Fixes
+ bug 40976; bugfix on 0.4.8.1-alpha.
+
+ o Major bugfixes (controller events):
+ - Fix spikes occurring in bandwidth cache events on control connection.
+ Fixes bug 31524; bugfix on 0.0.9pre5.
+
+ o Major bugfixes (sandbox):
+ - Fix sandbox to work on architectures that use Linux's generic
+ syscall interface, extending support for AArch64 (ARM64) and
+ adding support for RISC-V, allowing test_include.sh and the
+ sandbox unit tests to pass on these systems even when building
+ with fragile hardening enabled. Fixes bugs 40465 and 40599; bugfix
+ on 0.2.5.1-alpha.
+
+ o Minor features (client security, reliability):
+ - When KeepaliveIsolateSOCKSAuth is keeping a circuit alive, expire
+ the circuit based on when it was last in use for any stream, not
+ (as we did before) based on when a stream was last attached to it.
+ Closes ticket 41157. Implements a minimal version of Proposal 368.
+
+ o Minor features (exit relays):
+ - Implement reevaluating new exit policy against existing
+ connections. This is controlled by new config option
+ ReevaluateExitPolicy, defaulting to 0. Closes ticket 40676.
+ - Implement a token-bucket based rate limiter for stream creation
+ and resolve request. It is configured by the DoSStream* family of
+ configuration options. Closes ticket 40736.
+ - Add Monero ports to the ReducedExitPolicy. Closes ticket 41168.
+
+ o Minor features (bridges):
+ - Save complete bridge lines to 'datadir/bridgelines'. Closes
+ ticket 29128.
+
+ o Minor features (client extensibility):
+ - Implement new HTTPTunnelPort features for interoperability with
+ Arti's HTTP CONNECT proxy. This work adds new headers to requests
+ to and replies from the HttpConnectPort, support for OPTIONS
+ requests, tightens the expected syntax for Proxy-Authorization,
+ and increases defense-in-depth against some kinds of cross-site
+ HTTP attacks. Closes ticket 41156. Implements proposal 365.
+ - Detect invalid SOCKS5 username/password combinations according to
+ new extended parameters syntax. (Currently, this rejects any
+ SOCKS5 username beginning with "<torS0X>", except for the username
+ "<torS0X>0". Such usernames are now reserved to communicate
+ additional parameters with other Tor implementations.) Implements
+ proposal 351.
+
+ o Minor features (sandboxing):
+ - Allow the fstatat64 and statx syscalls on i386 architecture when
+ glibc >= 2.33. On i386, glibc uses fstatat64 instead of newfstatat
+ for stat operations, and statx for time64 support. Without this,
+ SIGHUP configuration reload fails when using sandbox mode with
+ %include directives on i386 with Debian Bookworm or newer.
+ - Allow the lstat64 syscall on i386 architecture. This syscall is
+ used by glob() in glibc 2.36+ when processing %include directives
+ with directory patterns.
+
+ o Minor features (security):
+ - Increase the size of our finite-field Diffie Hellman TLS group
+ (which we should never actually use!) to 2048 bits. Part of
+ ticket 41067.
+ - Require TLS version 1.2 or later. (Version 1.3 support will be
+ required in the near future.) Part of ticket 41067.
+ - Update TLS 1.2 client cipher list to match current Firefox. Part
+ of ticket 41067.
+ - Verify needle is smaller than haystack before calling memmem.
+ Closes ticket 40854.
+
+ o Minor features (onion services):
+ - Add 3 more keywords to the ADD_ONION control command:
+ PoWDefensesEnabled, PoWQueueRate and PoWQueueBurst which correspond
+ to HiddenServicePoWDefensesEnabled, HiddenServicePoWQueueRate and
+ HiddenServicePoWQueueBurst from torrc.
+ - Reduce the minimum value of hsdir_interval to match recent tor-
+ spec change.
+
+ o Minor feature (directory authority):
+ - Introduce MinimalAcceptedServerVersion to allow configuring
+ the minimum accepted relay version without requiring a new tor
+ release. Closes ticket 40817.
+
+ o Minor features (metrics port):
+ - New metrics on the MetricsPort for the number of BUG() calls that
+ occurred at runtime. Fixes bugs 40839 and 41104; bugfix on
+ 0.4.7.1-alpha.
+ - Handle rephist tracking of ntor and ntor_v3 handshakes
+ individually such that MetricsPort exposes the correct values.
+ Fixes bug 40638; bugfix on 0.4.7.11.
+ - Add new metrics for relays on the MetricsPort namely the count of
+ drop cell, destroy cell and the number of circuit protocol
+ violation seen that lead to a circuit close. Closes ticket 40816.
+
+ o Minor features (forward-compatibility):
+ - We now correctly parse microdescriptors and router descriptors
+ that do not include TAP onion keys. (For backward compatibility,
+ authorities continue to require these keys.) Implements part of
+ proposal 350.
+
+ o Minor features (portability, android):
+ - Use /data/local/tmp for data storage on Android by default. Closes
+ ticket 40487. Patch from Hans-Christoph Steiner.
+
+ o Minor bugfixes (exit relays):
+ - Clip every returned DNS TTL to 60 (RESOLVED) in order to mitigate
+ an exit DNS cache oracle. Fixes bug 40979; bugfix on 0.3.5.1-alpha.
+
+ o Minor bugfixes (spec conformance):
+ - Set the length field correctly on RELAY_COMMAND_CONFLUX_SWITCH
+ messages. Previously, it was always set to the maximum value.
+ Fixes bug 41056; bugfix on 0.4.8.1-alpha.
+ - Do not treat "15" as a recognized remote END reason code.
+ Formerly, we treated it as synonymous with a local ENTRYPOLICY,
+ which isn't a valid remote code at all. Fixes bug 41171; bugfix
+ on 0.2.0.8-alpha.
+
+ o Minor bugfixes (tooling):
+ - Fix a false positive valgrind related to inspecting a bitfield
+ next to another uninitialized bitfield. Fixes bug 41182; bugfix
+ on 0.3.3.2-alpha.
+ - Fix minor warnings from newer versions of shellcheck and clang.
+ Fixes bug 41166; bugfix on 0.4.3.1-alpha and several
+ other versions.
+ - Fix a warning when compiling with GCC 14.2. Closes 41032.
+
+ o Minor bugfixes (threads):
+ - Make thread control POSIX compliant. Fixes bug 41109; bugfix
+ on 0.4.8.17.
+
+ o Minor bugfix (client DNS):
+ - Handle empty DNS reply without sending back an error and instead
+ send back NOERROR (RFC1035 error code 0x0). Fixes bug 40248;
+ bugfix on 0.3.5.1-alpha.
+
+ o Minor bugfixes (directory authorities):
+ - After we added layer-two vanguards, directory authorities wouldn't
+ think any of their vanguards were suitable for circuits, leading
+ to a "Failed to find node for hop #2 of our path. Discarding this
+ circuit." log message once per second from startup until they made
+ a fresh consensus. Now they look to their existing consensus on
+ startup, letting them build circuits properly from the beginning.
+ Fixes bug 40802; bugfix on 0.4.7.1-alpha.
+
+ o Minor bugfixes (tests):
+ - Fix a test failure with OpenSSL builds running at security level 1
+ or greater, which does not permit SHA-1 certificates. Fixes bug
+ 41021; bugfix on 0.2.8.1-alpha.
+
+ o Minor bugfixes (bridges):
+ - Don't warn when BridgeRelay is 1 and ExitRelay is explicitly set
+ to 0. Fixes bug 40884; bugfix on 0.4.8.3-rc.
+
+ o Minor bugfixes (conflux, client):
+ - Avoid a non fatal assert caused by data coming in on a conflux set
+ that is being freed during shutdown. Fixes bug 40870; bugfix
+ on 0.4.8.1-alpha.
+
+ o Minor bugfixes (testing network):
+ - Enabling TestingTorNetwork no longer forces fast hidden service
+ intro point rotation. This reduces noise and errors when using
+ hidden services with TestingTorNetwork enabled. Fixes bug 40922;
+ bugfix on 0.3.2.1-alpha.
+
+ o New system requirements:
+ - When built with LibreSSL, Tor now requires LibreSSL 3.7 or later.
+ Part of ticket 41059.
+ - When built with OpenSSL, Tor now requires OpenSSL 1.1.1 or later.
+ (We strongly recommend 3.0 or later, but still build with 1.1.1,
+ even though it is not supported by the OpenSSL team, due to its
+ presence in Debian oldstable.) Part of ticket 41059.
+
+ o Removed features (relays):
+ - Relays no longer support clients that falsely advertise TLS
+ ciphers they don't really support. (Clients have not done this
+ since 0.2.3.17-beta). Part of ticket 41031.
+ - Relays no longer support clients that require obsolete v1 and v2
+ link handshakes. (The v3 link handshake has been supported since
+ 0.2.3.6-alpha). Part of ticket 41031.
+ - Relays no longer support the obsolete TAP circuit extension
+ protocol. (For backward compatibility, however, relays still
+ continue to include TAP keys in their descriptors.) Implements
+ part of proposal 350.
+ - Relays no longer support the obsolete "RSA-SHA256-TLSSecret"
+ authentication method, which used a dangerously short RSA key, and
+ which required access TLS session internals. The current method
+ ("Ed25519-SHA256-RFC5705") has been supported since 0.3.0.1-alpha.
+ Closes ticket 41020.
+
+ o Removed features (directory authorities):
+ - Directory authorities no longer support consensus methods before
+ method 32. Closes ticket 40835.
+ - We include a new consensus method that removes support for
+ computing "package" lines in consensus documents. This feature was
+ never used, and support for including it in our votes was removed
+ in 0.4.2.1-alpha. Finishes implementation of proposal 301.
+
+
Changes in version 0.4.9.4-rc - 2026-01-28
Finally, the release candidate for the 0.4.9.x series. It consists of minor
features and several bugfixes. Nothing major has been added since the alpha.
