[tor-commits] [translation/mat-gui_completed] Update translations for mat-gui_completed
commit a93a252c61e776ecc05ca596947a17fced09ea5c Author: Translation commit botDate: Thu Feb 11 09:46:58 2016 + Update translations for mat-gui_completed --- mat-gui.pot | 132 ++-- ru.po | 15 +++ 2 files changed, 74 insertions(+), 73 deletions(-) diff --git a/mat-gui.pot b/mat-gui.pot index abeeb75..a24897c 100644 --- a/mat-gui.pot +++ b/mat-gui.pot @@ -7,8 +7,8 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-12-16 15:03+0100\n" -"PO-Revision-Date: 2015-12-17 09:29+\n" +"POT-Creation-Date: 2016-02-10 23:06+0100\n" +"PO-Revision-Date: 2016-02-11 09:31+\n" "Last-Translator: carolyn \n" "Language-Team: English (http://www.transifex.com/otf/torproject/language/en/)\n" "MIME-Version: 1.0\n" @@ -17,171 +17,171 @@ msgstr "" "Language: en\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -#: mat-gui:64 mat-gui:415 mat-gui:438 +#: mat-gui:66 mat-gui:422 mat-gui:445 msgid "Ready" msgstr "Ready" -#: mat-gui:133 +#: mat-gui:136 msgid "Choose files" msgstr "Choose files" -#: mat-gui:141 -msgid "All files" -msgstr "All files" - -#: mat-gui:147 +#: mat-gui:144 msgid "Supported files" msgstr "Supported files" -#: mat-gui:164 mat-gui:359 mat-gui:410 mat-gui:434 mat-gui:436 -#: data/mat.glade:480 +#: mat-gui:151 +msgid "All files" +msgstr "All files" + +#: mat-gui:167 mat-gui:366 mat-gui:417 mat-gui:441 mat-gui:443 +#: data/mat.glade:200 msgid "Clean" msgstr "Clean" -#: mat-gui:165 +#: mat-gui:168 msgid "No metadata found" msgstr "No metadata found" -#: mat-gui:167 mat-gui:412 +#: mat-gui:170 mat-gui:419 msgid "Dirty" msgstr "Dirty" -#: mat-gui:172 +#: mat-gui:176 #, python-format msgid "%s's metadata" msgstr "%s's metadata" -#: mat-gui:183 +#: mat-gui:187 msgid "Trash your meta, keep your data" msgstr "Trash your meta, keep your data" -#: mat-gui:188 +#: mat-gui:192 msgid "Website" msgstr "Website" -#: mat-gui:214 +#: mat-gui:219 msgid "Preferences" msgstr "Preferences" -#: mat-gui:227 +#: mat-gui:232 msgid "Reduce PDF quality" msgstr "Reduce PDF quality" -#: mat-gui:230 +#: mat-gui:235 msgid "Reduce the produced PDF size and quality" msgstr "Reduce the produced PDF size and quality" -#: mat-gui:233 -msgid "Add unsupported file to archives" -msgstr "Add unsupported file to archives" +#: mat-gui:238 +msgid "Remove unsupported file from archives" +msgstr "Remove unsupported file from archives" -#: mat-gui:236 -msgid "Add non-supported (and so non-anonymised) file to output archive" -msgstr "Add non-supported (and so non-anonymised) file to output archive" +#: mat-gui:241 +msgid "Remove non-supported (and so non-anonymised) file from output archive" +msgstr "Remove non-supported (and so non-anonymised) file from output archive" -#: mat-gui:275 +#: mat-gui:280 msgid "Unknown" msgstr "Unknown" -#: mat-gui:318 +#: mat-gui:325 msgid "Not-supported" msgstr "Not-supported" -#: mat-gui:332 +#: mat-gui:339 msgid "Harmless fileformat" msgstr "Harmless fileformat" -#: mat-gui:334 +#: mat-gui:341 msgid "Cant read file" msgstr "Cant read file" -#: mat-gui:336 +#: mat-gui:343 msgid "Fileformat not supported" msgstr "Fileformat not supported" -#: mat-gui:339 +#: mat-gui:346 msgid "These files can not be processed:" msgstr "These files can not be processed:" -#: mat-gui:344 mat-gui:373 data/mat.glade:519 +#: mat-gui:351 mat-gui:380 data/mat.glade:239 msgid "Filename" msgstr "Filename" -#: mat-gui:346 +#: mat-gui:353 msgid "Reason" msgstr "Reason" -#: mat-gui:358 +#: mat-gui:365 msgid "Non-supported files in archive" msgstr "Non-supported files in archive" -#: mat-gui:372 +#: mat-gui:379 msgid "Include" msgstr "Include" -#: mat-gui:390 +#: mat-gui:397 #, python-format msgid "MAT is not able to clean the following files, found in the %s archive" msgstr "MAT is not able to clean the following files, found in the %s archive" -#: mat-gui:406 +#: mat-gui:413 #, python-format msgid "Checking %s" msgstr "Checking %s" -#: mat-gui:421 +#: mat-gui:428 #, python-format msgid "Cleaning %s" msgstr "Cleaning %s" -#: data/mat.glade:26 data/mat.glade:196 +#: data/mat.glade:46 +msgid "_File" +msgstr "_File" + +#: data/mat.glade:95 +msgid "_Edit" +msgstr "_Edit" + +#: data/mat.glade:141 +msgid "_Help" +msgstr "_Help" + +#: data/mat.glade:187 +msgid "Add" +msgstr "Add" + +#: data/mat.glade:256 +msgid "State" +msgstr "State" + +#: data/mat.glade:294 data/mat.glade:467 msgid "Metadata" msgstr "Metadata" -#: data/mat.glade:85 +#: data/mat.glade:354 msgid "Name" msgstr "Name" -#: data/mat.glade:99 +#: data/mat.glade:368 msgid "Content" msgstr "Content" -#: data/mat.glade:129 +#: data/mat.glade:398 msgid "Supported formats" msgstr "Supported formats" -#: data/mat.glade:185 +#: data/mat.glade:456 msgid "Support" msgstr "Support"
[tor-commits] [tor-browser-bundle/maint-5.5] Release preparations for 5.5.2
commit 7a36dbece35a307675f396a019dccf6e431efb44 Author: Georg KoppenDate: Thu Feb 11 08:58:38 2016 + Release preparations for 5.5.2 --- Bundle-Data/Docs/ChangeLog.txt| 5 + gitian/versions | 8 tools/update-responses/config.yml | 12 ++-- 3 files changed, 15 insertions(+), 10 deletions(-) diff --git a/Bundle-Data/Docs/ChangeLog.txt b/Bundle-Data/Docs/ChangeLog.txt index 525d2b3..e257d11 100644 --- a/Bundle-Data/Docs/ChangeLog.txt +++ b/Bundle-Data/Docs/ChangeLog.txt @@ -1,3 +1,8 @@ +Tor Browser 5.5.2 -- February 12 2016 + * All Platforms + * Update Firefox to 38.6.1esr + * Update NoScript to 2.9.0.3 + Tor Browser 5.5.1 -- February 4 2016 * All Platforms * Bug 18168: Don't clear an iframe's window.name (fix of #16620) diff --git a/gitian/versions b/gitian/versions index 26e8cd2..334b6cc 100755 --- a/gitian/versions +++ b/gitian/versions @@ -7,11 +7,11 @@ BUILD_PT_BUNDLES=1 VERIFY_TAGS=1 -FIREFOX_VERSION=38.6.0esr +FIREFOX_VERSION=38.6.1esr TORBROWSER_UPDATE_CHANNEL=release -TORBROWSER_TAG=tor-browser-${FIREFOX_VERSION}-5.5-1-build3 +TORBROWSER_TAG=tor-browser-${FIREFOX_VERSION}-5.5-1-build1 TOR_TAG=tor-0.2.7.6 TORLAUNCHER_TAG=0.2.7.8 TORBUTTON_TAG=1.9.4.3 @@ -59,7 +59,7 @@ GO_VER=1.4.2 ## File names for the source packages OPENSSL_PACKAGE=openssl-${OPENSSL_VER}.tar.gz GMP_PACKAGE=gmp-${GMP_VER}.tar.bz2 -NOSCRIPT_PACKAGE=noscript_security_suite-2.9.0.2-sm+fx+fn.xpi +NOSCRIPT_PACKAGE=noscript_security_suite-2.9.0.3-fx+fn+sm.xpi TOOLCHAIN4_PACKAGE=x86_64-apple-darwin10.tar.xz TOOLCHAIN4_OLD_PACKAGE=multiarch-darwin11-cctools127.2-gcc42-5666.3-llvmgcc42-2336.1-Linux-120724.tar.xz OSXSDK_PACKAGE=MacOSX10.7.sdk.tar.gz @@ -90,7 +90,7 @@ OSXSDK_HASH=da77bb0003fcca5ea8c4e8cb2da8828ded750c54afdcac29ec6f3b46ad5e3adf OSXSDK_OLD_HASH=6602d8d5ddb371fbc02e2a5967d9bd0cd7358d46f9417753c8234b923f2ea6fc TOOLCHAIN4_HASH=7b71bfe02820409b994c5c33a7eab81a81c72550f5da85ff7af70da3da244645 TOOLCHAIN4_OLD_HASH=65c1b2d302358a6b95a26c6828a66908a199276193bb0b268f2dcc1a997731e9 -NOSCRIPT_HASH=f3c9dec710e02d809fa85ac76750e5f074656105c1bde03d400cb597b2eb1fba +NOSCRIPT_HASH=097298d5004c1f384f3af508cb1915921145f0f962e78c977a62f405bd7eb2d9 MSVCR100_HASH=1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067 PYCRYPTO_HASH=f2ce1e989b272cfcb677616763e0a2e7ec659effa67a88aa92b3a65528f60a3c ARGPARSE_HASH=ddaf4b0a618335a32b6664d4ae038a1de8fbada3b25033f9021510ed2b3941a4 diff --git a/tools/update-responses/config.yml b/tools/update-responses/config.yml index 470ee06..922cf7c 100644 --- a/tools/update-responses/config.yml +++ b/tools/update-responses/config.yml @@ -10,15 +10,15 @@ build_targets: osx64: Darwin_x86_64-gcc3 channels: alpha: 5.5a6 -release: 5.5.1 +release: 5.5.2 versions: -5.5.1: -platformVersion: 38.6.0 -detailsURL: https://blog.torproject.org/blog/tor-browser-551-released -download_url: https://www.torproject.org/dist/torbrowser/5.5.1 +5.5.2: +platformVersion: 38.6.1 +detailsURL: https://blog.torproject.org/blog/tor-browser-552-released +download_url: https://www.torproject.org/dist/torbrowser/5.5.2 incremental_from: - - 5.0.7 - 5.5 + - 5.5.1 migrate_archs: osx32: osx64 osx32: ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] fixes from reading 266; and ask a question
commit 585b1c34ebe238f8b1737e623fbb8ab3279a019a Author: Roger DingledineDate: Fri Feb 12 01:25:03 2016 -0500 fixes from reading 266; and ask a question --- proposals/266-removing-current-obsolete-clients.txt | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/proposals/266-removing-current-obsolete-clients.txt b/proposals/266-removing-current-obsolete-clients.txt index 3d8a6c3..7a490be 100644 --- a/proposals/266-removing-current-obsolete-clients.txt +++ b/proposals/266-removing-current-obsolete-clients.txt @@ -101,7 +101,7 @@ Status: Draft would be at their worst when they focus on authorities, or when they act in synchrony to all strike at once. - One goal of this proposal is to ensure that future clients to not + One goal of this proposal is to ensure that future clients do not become zombies at all; and that ancient clients become slow zombies at worst. @@ -130,7 +130,7 @@ Status: Draft in 0.2.2, gabelmoo has moved and turtles has shut down. The authorities Faravahar and longclaw are new. The authorities moria1, tor26, dizum, dannenberg, urras, maatuska and maatuska would all get - hit here.) + hit here.) [two maatuskas? -RD] (We could simply remove the renegotiation-detection code entirely, and reply to all connections with an immediate VERSIONS cell. The @@ -150,13 +150,13 @@ Status: Draft we could detect these versions by: Looking for use of a TAP handshake from an IP not associated -with with any known relay, or on a connection where the client +with any known relay, or on a connection where the client did not authenticate. (This could be from a bridge, but clients don't build circuits that go to an IntroPoint or RendPoint directly after a bridge.) This would still result in clients not having directories, however, - and retrying once an hours. + and retrying once an hour. 3. Ideas that might work @@ -189,7 +189,7 @@ Status: Draft consensus documents. Later, if we want to disable all Tor versions before today, we can change the consensus algorithm so that the consensus (or perhaps only the microdesc consensus) is spelled with - 'f' lines instead of 'f' lines. This will create a consensus which + 'f' lines instead of 's' lines. This will create a consensus which older clients and relays parse as having all nodes down, which will make them not connect to the network at all. @@ -202,3 +202,4 @@ Status: Draft from downloading new consensuses. [This proposal would result in the quietest shutdown.] + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-bundle/hardened-builds] Bumping nightly versions
commit 9290a2b337628c0059c8f07d2c3b5874ea643260 Author: Georg KoppenDate: Thu Feb 11 10:54:50 2016 + Bumping nightly versions --- gitian/versions.nightly | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gitian/versions.nightly b/gitian/versions.nightly index da44ecb..8ee7a2d 100755 --- a/gitian/versions.nightly +++ b/gitian/versions.nightly @@ -14,7 +14,7 @@ MULTI_LINGUAL=1 VERIFY_TAGS=0 -FIREFOX_VERSION=38.6.0esr +FIREFOX_VERSION=38.6.1esr TORBROWSER_UPDATE_CHANNEL=default @@ -65,7 +65,7 @@ GO_VER=1.4.2 ## File names for the source packages OPENSSL_PACKAGE=openssl-${OPENSSL_VER}.tar.gz GMP_PACKAGE=gmp-${GMP_VER}.tar.bz2 -NOSCRIPT_PACKAGE=noscript_security_suite-2.9.0.2-sm+fx+fn.xpi +NOSCRIPT_PACKAGE=noscript_security_suite-2.9.0.3-fx+fn+sm.xpi TOOLCHAIN4_PACKAGE=x86_64-apple-darwin10.tar.xz TOOLCHAIN4_OLD_PACKAGE=multiarch-darwin11-cctools127.2-gcc42-5666.3-llvmgcc42-2336.1-Linux-120724.tar.xz OSXSDK_PACKAGE=MacOSX10.7.sdk.tar.gz @@ -94,7 +94,7 @@ OSXSDK_HASH=da77bb0003fcca5ea8c4e8cb2da8828ded750c54afdcac29ec6f3b46ad5e3adf OSXSDK_OLD_HASH=6602d8d5ddb371fbc02e2a5967d9bd0cd7358d46f9417753c8234b923f2ea6fc TOOLCHAIN4_HASH=7b71bfe02820409b994c5c33a7eab81a81c72550f5da85ff7af70da3da244645 TOOLCHAIN4_OLD_HASH=65c1b2d302358a6b95a26c6828a66908a199276193bb0b268f2dcc1a997731e9 -NOSCRIPT_HASH=f3c9dec710e02d809fa85ac76750e5f074656105c1bde03d400cb597b2eb1fba +NOSCRIPT_HASH=097298d5004c1f384f3af508cb1915921145f0f962e78c977a62f405bd7eb2d9 MSVCR100_HASH=1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067 PYCRYPTO_HASH=f2ce1e989b272cfcb677616763e0a2e7ec659effa67a88aa92b3a65528f60a3c ARGPARSE_HASH=ddaf4b0a618335a32b6664d4ae038a1de8fbada3b25033f9021510ed2b3941a4 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-bundle/hardened-builds] Release preparations for 6.0a2-hardened
commit 7bc69717608f8be105594efa95d7bf7ccdc80077 Author: Georg KoppenDate: Fri Feb 12 06:56:49 2016 + Release preparations for 6.0a2-hardened --- Bundle-Data/Docs/ChangeLog.txt| 16 gitian/versions.alpha | 6 +++--- tools/update-responses/config.yml | 12 ++-- 3 files changed, 25 insertions(+), 9 deletions(-) diff --git a/Bundle-Data/Docs/ChangeLog.txt b/Bundle-Data/Docs/ChangeLog.txt index 4210100..d2b7420 100644 --- a/Bundle-Data/Docs/ChangeLog.txt +++ b/Bundle-Data/Docs/ChangeLog.txt @@ -1,3 +1,19 @@ +Tor Browser 6.0a2-hardened -- February 15 2016 + * All Platforms + * Update Firefox to 38.6.1esr + * Update NoScript to 2.9.0.3 + * Bug 18168: Don't clear an iframe's window.name (fix of #16620) + * Bug 18137: Add two new obfs4 default bridges + * Windows + * Bug 18169: Whitelist zh-CN UI font + * OSX + * Bug 18172: Add Emoji support + * Linux + * Bug 18172: Add Emoji support + * Build System + * Linux + * Bug 15578: Switch to Debian Wheezy guest VMs (10.04 LTS is EOL) + Tor Browser 6.0a1-hardened -- January 27 2016 * All Platforms * Update Firefox to 38.6.0esr diff --git a/gitian/versions.alpha b/gitian/versions.alpha index 2921df9..42468c3 100755 --- a/gitian/versions.alpha +++ b/gitian/versions.alpha @@ -11,7 +11,7 @@ MULTI_LINGUAL=1 VERIFY_TAGS=1 -FIREFOX_VERSION=38.6.0esr +FIREFOX_VERSION=38.6.1esr TORBROWSER_UPDATE_CHANNEL=hardened @@ -62,7 +62,7 @@ GO_VER=1.4.2 ## File names for the source packages OPENSSL_PACKAGE=openssl-${OPENSSL_VER}.tar.gz GMP_PACKAGE=gmp-${GMP_VER}.tar.bz2 -NOSCRIPT_PACKAGE=noscript_security_suite-2.9.0.2-sm+fx+fn.xpi +NOSCRIPT_PACKAGE=noscript_security_suite-2.9.0.3-fx+fn+sm.xpi TOOLCHAIN4_PACKAGE=x86_64-apple-darwin10.tar.xz TOOLCHAIN4_OLD_PACKAGE=multiarch-darwin11-cctools127.2-gcc42-5666.3-llvmgcc42-2336.1-Linux-120724.tar.xz OSXSDK_PACKAGE=MacOSX10.7.sdk.tar.gz @@ -91,7 +91,7 @@ OSXSDK_HASH=da77bb0003fcca5ea8c4e8cb2da8828ded750c54afdcac29ec6f3b46ad5e3adf OSXSDK_OLD_HASH=6602d8d5ddb371fbc02e2a5967d9bd0cd7358d46f9417753c8234b923f2ea6fc TOOLCHAIN4_HASH=7b71bfe02820409b994c5c33a7eab81a81c72550f5da85ff7af70da3da244645 TOOLCHAIN4_OLD_HASH=65c1b2d302358a6b95a26c6828a66908a199276193bb0b268f2dcc1a997731e9 -NOSCRIPT_HASH=f3c9dec710e02d809fa85ac76750e5f074656105c1bde03d400cb597b2eb1fba +NOSCRIPT_HASH=097298d5004c1f384f3af508cb1915921145f0f962e78c977a62f405bd7eb2d9 MSVCR100_HASH=1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067 PYCRYPTO_HASH=f2ce1e989b272cfcb677616763e0a2e7ec659effa67a88aa92b3a65528f60a3c ARGPARSE_HASH=ddaf4b0a618335a32b6664d4ae038a1de8fbada3b25033f9021510ed2b3941a4 diff --git a/tools/update-responses/config.yml b/tools/update-responses/config.yml index c66cec5..7b59296 100644 --- a/tools/update-responses/config.yml +++ b/tools/update-responses/config.yml @@ -9,7 +9,7 @@ build_targets: osx32: Darwin_x86-gcc3 osx64: Darwin_x86_64-gcc3 channels: -hardened: 6.0a1-hardened +hardened: 6.0a2-hardened release: 5.0 versions: 5.0: @@ -23,12 +23,12 @@ versions: osx32: minSupportedOSVersion: 10.8 detailsURL: https://blog.torproject.org/blog/end-life-plan-tor-browser-32-bit-macs#updating -6.0a1-hardened: -platformVersion: 38.6.0 -detailsURL: https://blog.torproject.org/blog/tor-browser-60a1-hardened-released -download_url: https://www.torproject.org/dist/torbrowser/6.0a1-hardened +6.0a2-hardened: +platformVersion: 38.6.1 +detailsURL: https://blog.torproject.org/blog/tor-browser-60a2-hardened-released +download_url: https://www.torproject.org/dist/torbrowser/6.0a2-hardened incremental_from: - - 5.5a6-hardened + - 6.0a1-hardened migrate_archs: osx32: osx64 osx32: ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-bundle/hardened-builds] Bumping NSIS_TAG due to git stupidity
commit 7811605fe41861fb58f23aabd125767482aaee1d Author: Georg KoppenDate: Thu Feb 11 10:52:53 2016 + Bumping NSIS_TAG due to git stupidity --- gitian/gpg/tbb-windows-installer.gpg | Bin 53000 -> 107882 bytes gitian/versions.alpha| 2 +- gitian/versions.nightly | 2 +- 3 files changed, 2 insertions(+), 2 deletions(-) diff --git a/gitian/gpg/tbb-windows-installer.gpg b/gitian/gpg/tbb-windows-installer.gpg index 7193ea0..6923786 100644 Binary files a/gitian/gpg/tbb-windows-installer.gpg and b/gitian/gpg/tbb-windows-installer.gpg differ diff --git a/gitian/versions.alpha b/gitian/versions.alpha index ab6d062..2921df9 100755 --- a/gitian/versions.alpha +++ b/gitian/versions.alpha @@ -20,7 +20,7 @@ TOR_TAG=tor-0.2.7.6 TORLAUNCHER_TAG=0.2.8.3 TORBUTTON_TAG=1.9.5 HTTPSE_TAG=5.1.2 -NSIS_TAG=v0.3 +NSIS_TAG=v0.3.1 ZLIB_TAG=v1.2.8 LIBEVENT_TAG=release-2.0.22-stable MINGW_TAG=a883b47a45ff74ced41dfbd9f748d5c2c61f3c01 # due to bug 1156131 diff --git a/gitian/versions.nightly b/gitian/versions.nightly index 21838bc..da44ecb 100755 --- a/gitian/versions.nightly +++ b/gitian/versions.nightly @@ -23,7 +23,7 @@ TOR_TAG=master TORLAUNCHER_TAG=master TORBUTTON_TAG=master HTTPSE_TAG=master -NSIS_TAG=v0.3 +NSIS_TAG=v0.3.1 ZLIB_TAG=v1.2.8 LIBEVENT_TAG=release-2.0.22-stable MINGW_TAG=a883b47a45ff74ced41dfbd9f748d5c2c61f3c01 # due to bug 1156131 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] typo fixes while reading 264
commit 07677feb67dfe6bbefe515de0fbaf3c251edf2b4 Author: Roger DingledineDate: Fri Feb 12 02:06:16 2016 -0500 typo fixes while reading 264 --- proposals/264-subprotocol-versions.txt | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/proposals/264-subprotocol-versions.txt b/proposals/264-subprotocol-versions.txt index f8f5188..20174b9 100644 --- a/proposals/264-subprotocol-versions.txt +++ b/proposals/264-subprotocol-versions.txt @@ -17,7 +17,7 @@ Status: Open live Tor relay implementations, and that means that tying "features" to "tor version" won't work going forwards. - This proposal describes and alternative method that we can use to + This proposal describes an alternative method that we can use to simplify the advertisement and discovery of features, and the transition from one set of features to another. @@ -93,7 +93,7 @@ Status: Open Tor clients that want to use "v" lines should prefer those in microdescriptors if present, and ignore those in the consensus. - (Existing maintined client versions can be adapted to never look at + (Existing maintained client versions can be adapted to never look at "v" lines at all; the only versions that they still check for are ones not allowed on the network. The "v" line can be dropped from the consensus entirely when current clients have upgraded.) @@ -161,12 +161,12 @@ Status: Open LinkAuth protocols correspond to varieties of Authenticate cells used for the v3+ link protocools. - The currrent version is "1". + The current version is "1". 5.3. "Relay" The "relay" protocols are those used to handle CREATE cells, and - those that that handle the various RELAY cell types received after a + those that handle the various RELAY cell types received after a CREATE cell. (Except, relay cells used to manage introduction and rendezvous points are managed with the "HSMid" protocols.) @@ -219,7 +219,7 @@ Status: Open Describes features present or absent in microdescriptors. - Most features in descriptors don't require a "MircoDesc" update -- + Most features in descriptors don't require a "MicroDesc" update -- only those that need to someday be required. These correspond more or less with consensus methods. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-bundle/master] Bumping NSIS_TAG due to git stupidity
commit 4fdf888d8d829fe02ccbc3da5dba472c9d119dc9 Author: Georg KoppenDate: Thu Feb 11 10:52:53 2016 + Bumping NSIS_TAG due to git stupidity --- gitian/gpg/tbb-windows-installer.gpg | Bin 53000 -> 107882 bytes gitian/versions.alpha| 2 +- gitian/versions.nightly | 2 +- 3 files changed, 2 insertions(+), 2 deletions(-) diff --git a/gitian/gpg/tbb-windows-installer.gpg b/gitian/gpg/tbb-windows-installer.gpg index 7193ea0..6923786 100644 Binary files a/gitian/gpg/tbb-windows-installer.gpg and b/gitian/gpg/tbb-windows-installer.gpg differ diff --git a/gitian/versions.alpha b/gitian/versions.alpha index f73c7f5..88cb0cb 100755 --- a/gitian/versions.alpha +++ b/gitian/versions.alpha @@ -16,7 +16,7 @@ TOR_TAG=tor-0.2.7.6 TORLAUNCHER_TAG=0.2.9 TORBUTTON_TAG=1.9.5 HTTPSE_TAG=5.1.2 -NSIS_TAG=v0.3 +NSIS_TAG=v0.3.1 ZLIB_TAG=v1.2.8 LIBEVENT_TAG=release-2.0.22-stable MINGW_TAG=a883b47a45ff74ced41dfbd9f748d5c2c61f3c01 # due to bug 1156131 diff --git a/gitian/versions.nightly b/gitian/versions.nightly index 85c103d..2344d40 100755 --- a/gitian/versions.nightly +++ b/gitian/versions.nightly @@ -23,7 +23,7 @@ TOR_TAG=master TORLAUNCHER_TAG=master TORBUTTON_TAG=master HTTPSE_TAG=master -NSIS_TAG=v0.3 +NSIS_TAG=v0.3.1 ZLIB_TAG=v1.2.8 LIBEVENT_TAG=release-2.0.22-stable MINGW_TAG=a883b47a45ff74ced41dfbd9f748d5c2c61f3c01 # due to bug 1156131 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-bundle/master] Bumping nightly versions
commit 49aa47ca2d1a975a5e25a791873da40fbef82336 Author: Georg KoppenDate: Thu Feb 11 10:54:50 2016 + Bumping nightly versions --- gitian/versions.nightly | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gitian/versions.nightly b/gitian/versions.nightly index 2344d40..419263f 100755 --- a/gitian/versions.nightly +++ b/gitian/versions.nightly @@ -14,7 +14,7 @@ MULTI_LINGUAL=1 VERIFY_TAGS=0 -FIREFOX_VERSION=38.6.0esr +FIREFOX_VERSION=38.6.1esr TORBROWSER_UPDATE_CHANNEL=default @@ -65,7 +65,7 @@ GO_VER=1.4.2 ## File names for the source packages OPENSSL_PACKAGE=openssl-${OPENSSL_VER}.tar.gz GMP_PACKAGE=gmp-${GMP_VER}.tar.bz2 -NOSCRIPT_PACKAGE=noscript_security_suite-2.9.0.2-sm+fx+fn.xpi +NOSCRIPT_PACKAGE=noscript_security_suite-2.9.0.3-fx+fn+sm.xpi TOOLCHAIN4_PACKAGE=x86_64-apple-darwin10.tar.xz TOOLCHAIN4_OLD_PACKAGE=multiarch-darwin11-cctools127.2-gcc42-5666.3-llvmgcc42-2336.1-Linux-120724.tar.xz OSXSDK_PACKAGE=MacOSX10.7.sdk.tar.gz @@ -94,7 +94,7 @@ OSXSDK_HASH=da77bb0003fcca5ea8c4e8cb2da8828ded750c54afdcac29ec6f3b46ad5e3adf OSXSDK_OLD_HASH=6602d8d5ddb371fbc02e2a5967d9bd0cd7358d46f9417753c8234b923f2ea6fc TOOLCHAIN4_HASH=7b71bfe02820409b994c5c33a7eab81a81c72550f5da85ff7af70da3da244645 TOOLCHAIN4_OLD_HASH=65c1b2d302358a6b95a26c6828a66908a199276193bb0b268f2dcc1a997731e9 -NOSCRIPT_HASH=f3c9dec710e02d809fa85ac76750e5f074656105c1bde03d400cb597b2eb1fba +NOSCRIPT_HASH=097298d5004c1f384f3af508cb1915921145f0f962e78c977a62f405bd7eb2d9 MSVCR100_HASH=1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067 PYCRYPTO_HASH=f2ce1e989b272cfcb677616763e0a2e7ec659effa67a88aa92b3a65528f60a3c ARGPARSE_HASH=ddaf4b0a618335a32b6664d4ae038a1de8fbada3b25033f9021510ed2b3941a4 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [metrics-web/master] Fix mismatched transport checkboxes.
commit 8ced93341c0ca57310326cbc4acacdd87067aff6 Author: Karsten LoesingDate: Thu Feb 11 09:40:48 2016 +0100 Fix mismatched transport checkboxes. Fixes #18301, found by dcf. --- website/src/org/torproject/metrics/web/GraphServlet.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/website/src/org/torproject/metrics/web/GraphServlet.java b/website/src/org/torproject/metrics/web/GraphServlet.java index 4dfae9b..72f7f72 100644 --- a/website/src/org/torproject/metrics/web/GraphServlet.java +++ b/website/src/org/torproject/metrics/web/GraphServlet.java @@ -97,7 +97,8 @@ public class GraphServlet extends MetricServlet { { "websocket", "", "Flash proxy/websocket" }, { "fte", "", "FTE" }, { "meek", "", "meek" }, -{ "scramblesuit", "", "Unknown pluggable transport(s)" }, +{ "scramblesuit", "", "scramblesuit" }, +{ "", "", "Unknown pluggable transport(s)" }, { "", "", "Default OR protocol" } }); this.defaultParameters.put("version", new String[][] { { "v4", " selected", "IPv4" }, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/mat-gui] Update translations for mat-gui
commit 0dea2bb9df348aa738b990913bc097e90bd176b9 Author: Translation commit botDate: Thu Feb 11 14:45:33 2016 + Update translations for mat-gui --- tr.po | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tr.po b/tr.po index 8d49601..fcaebaa 100644 --- a/tr.po +++ b/tr.po @@ -4,7 +4,7 @@ # # Translators: # Güven ALBAYRAK , 2014 -# Kaya Zeren , 2015 +# Kaya Zeren , 2015-2016 # Ozancan KarataÅ , 2015 # Volkan Gezer , 2015-2016 # Yasin Ãzel , 2013 @@ -13,8 +13,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2016-02-10 23:06+0100\n" -"PO-Revision-Date: 2016-02-11 09:31+\n" -"Last-Translator: carolyn \n" +"PO-Revision-Date: 2016-02-11 14:25+\n" +"Last-Translator: Kaya Zeren \n" "Language-Team: Turkish (http://www.transifex.com/otf/torproject/language/tr/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -78,11 +78,11 @@ msgstr "OluÅturulan PDF dosyasının boyutunu ve kalitesini düÅür" #: mat-gui:238 msgid "Remove unsupported file from archives" -msgstr "" +msgstr "Desteklenmeyen dosyaları arÅivden çıkar" #: mat-gui:241 msgid "Remove non-supported (and so non-anonymised) file from output archive" -msgstr "" +msgstr "Desteklenmeyen (ve anonim olmayan) dosyaları çıkıŠarÅivinden çıkar" #: mat-gui:280 msgid "Unknown" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/mat-gui_completed] Update translations for mat-gui_completed
commit 0cae2b0d5e509f984ad728ee1b6dcd5caf5ea524 Author: Translation commit botDate: Thu Feb 11 14:45:38 2016 + Update translations for mat-gui_completed --- tr.po | 16 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tr.po b/tr.po index 63948d5..fcaebaa 100644 --- a/tr.po +++ b/tr.po @@ -4,7 +4,7 @@ # # Translators: # Güven ALBAYRAK , 2014 -# Kaya Zeren , 2015 +# Kaya Zeren , 2015-2016 # Ozancan KarataÅ , 2015 # Volkan Gezer , 2015-2016 # Yasin Ãzel , 2013 @@ -12,9 +12,9 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2016-01-03 20:54+0100\n" -"PO-Revision-Date: 2016-01-07 20:07+\n" -"Last-Translator: Volkan Gezer \n" +"POT-Creation-Date: 2016-02-10 23:06+0100\n" +"PO-Revision-Date: 2016-02-11 14:25+\n" +"Last-Translator: Kaya Zeren \n" "Language-Team: Turkish (http://www.transifex.com/otf/torproject/language/tr/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -77,12 +77,12 @@ msgid "Reduce the produced PDF size and quality" msgstr "OluÅturulan PDF dosyasının boyutunu ve kalitesini düÅür" #: mat-gui:238 -msgid "Add unsupported file to archives" -msgstr "Desteklenmeyen dosyaları arÅive ekle" +msgid "Remove unsupported file from archives" +msgstr "Desteklenmeyen dosyaları arÅivden çıkar" #: mat-gui:241 -msgid "Add non-supported (and so non-anonymised) file to output archive" -msgstr "Desteklenmeyen (ve anonimleÅtirilmemiÅ) dosyaları çıkıŠarÅivine ekle" +msgid "Remove non-supported (and so non-anonymised) file from output archive" +msgstr "Desteklenmeyen (ve anonim olmayan) dosyaları çıkıŠarÅivinden çıkar" #: mat-gui:280 msgid "Unknown" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-messenger-privproperties_completed] Update translations for tor-messenger-privproperties_completed
commit 44624746225246d6bfe7e7ce8ecc368a1bad4007 Author: Translation commit botDate: Thu Feb 11 14:46:45 2016 + Update translations for tor-messenger-privproperties_completed --- tr/priv.properties | 1 + 1 file changed, 1 insertion(+) diff --git a/tr/priv.properties b/tr/priv.properties index fe4f340..1caf0e6 100644 --- a/tr/priv.properties +++ b/tr/priv.properties @@ -1 +1,2 @@ priv.account=%S (%S) için kiÅisel anahtar oluÅturuluyor ... +priv.failed=Anahtar oluÅturulamadı: %S ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/mat-gui] Update translations for mat-gui
commit afbd8c21917f79d87678467369fa259b07829e8a Author: Translation commit botDate: Thu Feb 11 11:15:32 2016 + Update translations for mat-gui --- zh_TW.po | 9 + 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/zh_TW.po b/zh_TW.po index e0b5e4e..16903e9 100644 --- a/zh_TW.po +++ b/zh_TW.po @@ -3,6 +3,7 @@ # This file is distributed under the same license as the PACKAGE package. # # Translators: +# AgustÃn Wu , 2016 # Bobby Ho , 2014 # danfong , 2014 # Wen-Gan Li , 2015 @@ -12,8 +13,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2016-02-10 23:06+0100\n" -"PO-Revision-Date: 2016-02-11 09:31+\n" -"Last-Translator: carolyn \n" +"PO-Revision-Date: 2016-02-11 11:01+\n" +"Last-Translator: AgustÃn Wu \n" "Language-Team: Chinese (Taiwan) (http://www.transifex.com/otf/torproject/language/zh_TW/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -77,11 +78,11 @@ msgstr "æ¸å°ç¢çç PDF æªæ¡å¤§å°åå質" #: mat-gui:238 msgid "Remove unsupported file from archives" -msgstr "" +msgstr "å¾æªæ¡åº«ä¸ç§»é¤å·²ä¸è¢«æ¯æ´çæªæ¡" #: mat-gui:241 msgid "Remove non-supported (and so non-anonymised) file from output archive" -msgstr "" +msgstr "å¾è¼¸åºæªæ¡åº«ä¸å°ä¸è¢«æ¯æ´(以åä¸å ·å¿åæ§)çæªæ¡ç§»é¤" #: mat-gui:280 msgid "Unknown" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-bundle/hardened-builds] Revert "Revert "Bug 15578: drop our Python build""
commit faaed5b13cce8e4701fe3deb5894432415ed9cc9 Author: Georg KoppenDate: Thu Feb 11 13:04:37 2016 + Revert "Revert "Bug 15578: drop our Python build"" This reverts commit 92d04ecc79e97a3306e12807af289c434be5da00. --- gitian/descriptors/linux/gitian-bundle.yml | 7 +-- gitian/descriptors/linux/gitian-firefox.yml | 7 +-- gitian/descriptors/linux/gitian-utils.yml | 25 - gitian/fetch-inputs.sh | 7 ++- gitian/mkbundle-linux.sh| 6 -- gitian/verify-tags.sh | 5 ++--- gitian/versions | 5 - gitian/versions.alpha | 5 - gitian/versions.beta| 5 - gitian/versions.nightly | 5 - 10 files changed, 6 insertions(+), 71 deletions(-) diff --git a/gitian/descriptors/linux/gitian-bundle.yml b/gitian/descriptors/linux/gitian-bundle.yml index a9a0e36..ea754e7 100644 --- a/gitian/descriptors/linux/gitian-bundle.yml +++ b/gitian/descriptors/linux/gitian-bundle.yml @@ -13,6 +13,7 @@ packages: - "libxslt1.1" - "libxml2-utils" - "sqlite3" +- "python-lxml" reference_datetime: "2000-01-01 00:00:00" remotes: - "url": "https://git.torproject.org/tor-launcher.git; @@ -32,8 +33,6 @@ files: - "tor-browser-linux64-gbuilt.zip" - "tor-linux64-gbuilt.zip" - "pluggable-transports-linux64-gbuilt.zip" -- "python-linux64-utils.zip" -- "lxml-linux64-utils.zip" - "mar-tools-linux64.zip" - "torrc-defaults-appendix-linux" - "bridge_prefs.js" @@ -78,10 +77,6 @@ script: | mkdir -p ${TB_STAGE_DIR}/Browser/TorBrowser/Data/Browser/profile.meek-http-helper/extensions mkdir -p ${TB_STAGE_DIR}/Browser/TorBrowser/Data/Browser/Caches mkdir -p ${TB_STAGE_DIR}/Browser/TorBrowser/Docs/sources/ - # Preparing Python for HTTPS-Everywhere. - unzip -d $INSTDIR python-linux$GBUILD_BITS-utils.zip - export PATH=$INSTDIR/python/bin:$PATH - unzip -d $INSTDIR/python/lib/python2.7 lxml-linux$GBUILD_BITS-utils.zip # # Extract the MAR tools. unzip -d ~/build ~/build/mar-tools-linux${GBUILD_BITS}.zip diff --git a/gitian/descriptors/linux/gitian-firefox.yml b/gitian/descriptors/linux/gitian-firefox.yml index a0fc8e3..c49636a 100644 --- a/gitian/descriptors/linux/gitian-firefox.yml +++ b/gitian/descriptors/linux/gitian-firefox.yml @@ -16,6 +16,7 @@ packages: - "libgstreamer-plugins-base0.10-dev" - "libxt-dev" - "hardening-wrapper" +- "python-dev" # To pass configure since ESR 31. - "libpulse-dev" # We built GCC but not the libmpc2, thus we need to install it. @@ -29,7 +30,6 @@ remotes: files: - "binutils-linux64-utils.zip" - "gcc-linux64-utils.zip" -- "python-linux64-utils.zip" - "re-dzip.sh" - "dzip.sh" - "versions" @@ -47,11 +47,6 @@ script: | export DEB_BUILD_HARDENING_FORMAT=1 export DEB_BUILD_HARDENING_PIE=1 # - # Preparing Python for Tor Browser - unzip -d $INSTDIR python-linux$GBUILD_BITS-utils.zip - # TODO: We might want to have a smarter solution than hard-coding the version. - ln -sf $INSTDIR/python/bin/python2.7 $INSTDIR/python/bin/python - export PATH=$INSTDIR/python/bin:$PATH # Preparing Binutils and GCC for Tor Browser unzip -d $INSTDIR binutils-linux$GBUILD_BITS-utils.zip # Make sure gold is used with the hardening wrapper for full RELRO, see diff --git a/gitian/descriptors/linux/gitian-utils.yml b/gitian/descriptors/linux/gitian-utils.yml index 1e04b36..72ead1b 100644 --- a/gitian/descriptors/linux/gitian-utils.yml +++ b/gitian/descriptors/linux/gitian-utils.yml @@ -32,8 +32,6 @@ files: - "binutils.tar.bz2" - "gcc.tar.bz2" - "openssl.tar.gz" -- "python.tar.bz2" -- "lxml.tar.gz" - "gmp.tar.bz2" - "versions" - "dzip.sh" @@ -113,29 +111,7 @@ script: | make install cd .. - # Building Python - # Fx 24 ESR and HTTPS Everywhere >= 3.5 do not work with Python < 2.7 anymore. - # But 10.04 does only ship with Python 2.6. Thus, we compile 2.7 ourselves... - tar xjf python.tar.bz2 - cd Python-* - ./configure - make $MAKEOPTS altinstall prefix=$INSTDIR/python exec-prefix=$INSTDIR/python - cd .. - - # Building lxml - export LD_PRELOAD="" - tar xzf lxml.tar.gz - cd lxml-* - # Make sure we use our freshly built python binary here. Otherwise bad things - # may happen when we do so in the bundle step assembling the HTTPS-Everywhere - # rules. - $INSTDIR/python/bin/python2.7 setup.py build - cd build/lib* - export LD_PRELOAD=/usr/lib/faketime/libfaketime.so.1 - ~/build/dzip.sh lxml-$LXML_VER-linux$GBUILD_BITS-utils.zip lxml export LD_PRELOAD="" - cp *utils.zip $OUTDIR - cd ../../../ # Building GMP tar xjf gmp.tar.bz2 @@ -157,6 +133,5 @@ script: | ~/build/dzip.sh gcc-$GCC_VER-linux$GBUILD_BITS-utils.zip gcc ~/build/dzip.sh openssl-$OPENSSL_VER-linux$GBUILD_BITS-utils.zip openssl ~/build/dzip.sh libevent-${LIBEVENT_TAG#release-}-linux$GBUILD_BITS-utils.zip libevent - ~/build/dzip.sh
[tor-commits] [tor-browser-bundle/hardened-builds] Revert "Revert "Bug 15578: Switch Linux descriptors over to Wheezy""
commit b429deeb6d6cd749d11855cfec058e168cddfc3c Author: Georg KoppenDate: Thu Feb 11 13:04:11 2016 + Revert "Revert "Bug 15578: Switch Linux descriptors over to Wheezy"" This reverts commit a125e1c1bfc3babae9636750b4722b4ab7010ca3. --- gitian/Makefile| 2 +- gitian/README.build| 2 +- gitian/check-prerequisites.sh | 41 +++--- gitian/descriptors/linux/gitian-bundle.yml | 6 ++-- gitian/descriptors/linux/gitian-firefox.yml| 9 +++-- .../linux/gitian-pluggable-transports.yml | 7 ++-- gitian/descriptors/linux/gitian-tor.yml| 7 ++-- gitian/descriptors/linux/gitian-utils.yml | 38 +++- gitian/make-vms.sh | 29 +-- 9 files changed, 84 insertions(+), 57 deletions(-) diff --git a/gitian/Makefile b/gitian/Makefile index 5718d76..36b5ec3 100644 --- a/gitian/Makefile +++ b/gitian/Makefile @@ -119,7 +119,7 @@ clean-bundle: vmclean: rm -rf ../../gitian-builder/*.qcow2 rm -rf ../../gitian-builder/base-* - rm -rf ../../gitian-builder/target-{lucid,precise}* + rm -rf ../../gitian-builder/target-{lucid,wheezy,precise}* distclean: vmclean rm -rf ../../gitian-builder/inputs/* diff --git a/gitian/README.build b/gitian/README.build index f289791..4d01d6a 100644 --- a/gitian/README.build +++ b/gitian/README.build @@ -177,7 +177,7 @@ Known Issues and Quirks: where 'make vmclean' causes the rebuild of two VMs in a row.. This might trigger weird bugs in python-vm-builder.. To rebuild only one set of VMs, use either 'rm ../../gitian-builder/*precise*' (to remove the Windows/Mac - VMs) or 'rm ../../gitian-builder/*lucid*' (to remove the Linux VMs). + VMs) or 'rm ../../gitian-builder/*wheezy*' (to remove the Linux VMs). You probably want to make sure you have no stray qemu processes before rebuilding the VMs or starting a new build, too. 'killall qemu-kvm' is diff --git a/gitian/check-prerequisites.sh b/gitian/check-prerequisites.sh index cc16d0e..a5f8393 100755 --- a/gitian/check-prerequisites.sh +++ b/gitian/check-prerequisites.sh @@ -17,7 +17,7 @@ then VERSION=`cat /etc/issue | grep -Eo '[0-9]{2}' | head -1` if [ "$VERSION" -ge "14" ]; then -dpkg -s ruby apache2 git apt-cacher-ng python-vm-builder qemu-kvm virt-what lxc lxctl fakeroot faketime zip unzip subversion torsocks tor 2>/dev/null >/dev/null +dpkg -s ruby apache2 git apt-cacher-ng qemu-kvm virt-what lxc lxctl fakeroot faketime zip unzip subversion torsocks tor 2>/dev/null >/dev/null if [ $? -ne 0 ]; then @@ -25,7 +25,7 @@ then echo echo "Please run:" echo " sudo apt-get install torsocks tor" - echo " sudo torsocks apt-get install ruby apache2 git apt-cacher-ng python-vm-builder qemu-kvm virt-what lxc lxctl fakeroot faketime zip unzip subversion" + echo " sudo torsocks apt-get install ruby apache2 git apt-cacher-ng qemu-kvm virt-what lxc lxctl fakeroot faketime zip unzip subversion" exit 1 fi else @@ -45,28 +45,29 @@ then echo " sudo torsocks apt-get install ruby git apt-cacher-ng qemu-kvm virt-what lxc lxctl fakeroot zip unzip python-cheetah debootstrap parted kpartx rsync" exit 1 fi - - # python-vm-builder is special as we don't have a Debian package for it. - vmbuilder --help 2>/dev/null >/dev/null - if [ $? -ne 0 ]; - then -echo "The VM tool python-vm-builder is missing." -echo -echo "Please run" -echo 'torsocks wget -U "" http://archive.ubuntu.com/ubuntu/pool/universe/v/vm-builder/vm-builder_0.12.4+bzr489.orig.tar.gz' -echo 'echo "ec12e0070a007989561bfee5862c89a32c301992dd2771c4d5078ef1b3014f03 vm-builder_0.12.4+bzr489.orig.tar.gz" | sha256sum -c' -echo "# (verification -- must return OK)" -echo "tar -zxvf vm-builder_0.12.4+bzr489.orig.tar.gz" -echo "cd vm-builder-0.12.4+bzr489" -echo "sudo python setup.py install" -echo "cd .." -exit 1 - fi else echo "We need Debian or Ubuntu which seem to be missing. Aborting." exit 1 fi +# vmbuilder is special as we don't have a package for it yet. +# XXX: Make sure an already installed vmbuilder is recent enough. +vmbuilder --help 2>/dev/null >/dev/null +if [ $? -ne 0 ]; +then + echo "The VM tool python-vm-builder is missing." + echo + echo "Please run" + echo 'torsocks wget -U "" https://bugs.launchpad.net/ubuntu/+archive/primary/+files/vm-builder_0.12.4+bzr494.orig.tar.gz' + echo 'echo "76cbf8c52c391160b2641e7120dbade5afded713afaa6032f733a261f13e6a8e vm-builder_0.12.4+bzr494.orig.tar.gz" | sha256sum -c' + echo "# (verification -- must return OK)" + echo "tar -zxvf vm-builder_0.12.4+bzr494.orig.tar.gz" + echo "cd vm-builder-0.12.4+bzr494" + echo "sudo python setup.py install" + echo "cd .." + exit 1 +fi +
[tor-commits] [tor-browser-bundle/maint-5.5] Tag bump due to expired subkey
commit cb2b281c633e0ac815340063b46c551496214024 Author: Georg KoppenDate: Thu Feb 11 09:57:12 2016 + Tag bump due to expired subkey --- gitian/gpg/tbb-windows-installer.gpg | Bin 53000 -> 107882 bytes gitian/versions | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/gitian/gpg/tbb-windows-installer.gpg b/gitian/gpg/tbb-windows-installer.gpg index 7193ea0..6923786 100644 Binary files a/gitian/gpg/tbb-windows-installer.gpg and b/gitian/gpg/tbb-windows-installer.gpg differ diff --git a/gitian/versions b/gitian/versions index 334b6cc..7be32ff 100755 --- a/gitian/versions +++ b/gitian/versions @@ -16,7 +16,7 @@ TOR_TAG=tor-0.2.7.6 TORLAUNCHER_TAG=0.2.7.8 TORBUTTON_TAG=1.9.4.3 HTTPSE_TAG=5.1.2 -NSIS_TAG=v0.3 +NSIS_TAG=v0.3.1 ZLIB_TAG=v1.2.8 LIBEVENT_TAG=release-2.0.22-stable MINGW_TAG=a883b47a45ff74ced41dfbd9f748d5c2c61f3c01 # due to bug 1156131 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-messenger-privproperties_completed] Update translations for tor-messenger-privproperties_completed
commit 67eb12eade6050e59e52e802092dc9ca8b6a8a94 Author: Translation commit botDate: Thu Feb 11 10:46:45 2016 + Update translations for tor-messenger-privproperties_completed --- en_GB/priv.properties | 1 + 1 file changed, 1 insertion(+) diff --git a/en_GB/priv.properties b/en_GB/priv.properties index 98177ad..f8a9f15 100644 --- a/en_GB/priv.properties +++ b/en_GB/priv.properties @@ -1 +1,2 @@ priv.account=Generating private key for %S (%S) ... +priv.failed=Generating key failed: %S ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/mat-gui_completed] Update translations for mat-gui_completed
commit 3d8a7b3ddb37c07dc570136d565f5459d2db40a4 Author: Translation commit botDate: Thu Feb 11 10:45:37 2016 + Update translations for mat-gui_completed --- en_GB.po | 12 ++-- es.po| 16 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/en_GB.po b/en_GB.po index e8fef15..eeb591d 100644 --- a/en_GB.po +++ b/en_GB.po @@ -9,8 +9,8 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2016-01-03 20:54+0100\n" -"PO-Revision-Date: 2016-02-01 12:46+\n" +"POT-Creation-Date: 2016-02-10 23:06+0100\n" +"PO-Revision-Date: 2016-02-11 10:21+\n" "Last-Translator: Andi Chandler \n" "Language-Team: English (United Kingdom) (http://www.transifex.com/otf/torproject/language/en_GB/)\n" "MIME-Version: 1.0\n" @@ -74,12 +74,12 @@ msgid "Reduce the produced PDF size and quality" msgstr "Reduce the produced PDF size and quality" #: mat-gui:238 -msgid "Add unsupported file to archives" -msgstr "Add unsupported file to archives" +msgid "Remove unsupported file from archives" +msgstr "Remove unsupported file from archives" #: mat-gui:241 -msgid "Add non-supported (and so non-anonymised) file to output archive" -msgstr "Add non-supported (and so non-anonymised) file to output archive" +msgid "Remove non-supported (and so non-anonymised) file from output archive" +msgstr "Remove non-supported (and so non-anonymised) file from output archive" #: mat-gui:280 msgid "Unknown" diff --git a/es.po b/es.po index af996c4..8ab72ff 100644 --- a/es.po +++ b/es.po @@ -5,14 +5,14 @@ # Translators: # Edward Navarro, 2015 # Noel Torres , 2013 -# strel, 2013-2014 +# strel, 2013-2014,2016 msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2016-01-03 20:54+0100\n" -"PO-Revision-Date: 2015-12-18 18:36+\n" -"Last-Translator: Edward Navarro\n" +"POT-Creation-Date: 2016-02-10 23:06+0100\n" +"PO-Revision-Date: 2016-02-11 10:18+\n" +"Last-Translator: strel\n" "Language-Team: Spanish (http://www.transifex.com/otf/torproject/language/es/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -75,12 +75,12 @@ msgid "Reduce the produced PDF size and quality" msgstr "Reduce el tamaño y calidad del PDF producido" #: mat-gui:238 -msgid "Add unsupported file to archives" -msgstr "Añadir fichero no soportado a los archivos" +msgid "Remove unsupported file from archives" +msgstr "Eliminar fichero no soportado de los archivos" #: mat-gui:241 -msgid "Add non-supported (and so non-anonymised) file to output archive" -msgstr "Añade fichero no soportado (y no anonimizado) al archivo de salida" +msgid "Remove non-supported (and so non-anonymised) file from output archive" +msgstr "Eliminar fichero no soportado (y no anonimizado) del archivo de salida" #: mat-gui:280 msgid "Unknown" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/bridgedb_completed] Update translations for bridgedb_completed
commit 01849268da61849f18fe76555b555c7f0fe8acb5 Author: Translation commit botDate: Thu Feb 11 10:15:08 2016 + Update translations for bridgedb_completed --- ru/LC_MESSAGES/bridgedb.po | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/ru/LC_MESSAGES/bridgedb.po b/ru/LC_MESSAGES/bridgedb.po index 5d88c24..50f7c7a 100644 --- a/ru/LC_MESSAGES/bridgedb.po +++ b/ru/LC_MESSAGES/bridgedb.po @@ -4,6 +4,7 @@ # # Translators: # Andrey Yoker Ogurchikov , 2014 +# Antony A. Tolmachev , 2016 # Evgrafov Denis , 2014 # Eugene, 2013 # foo , 2014 @@ -20,8 +21,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB=bridgedb-reported,msgid=isis,sysrqb=isis'\n" "POT-Creation-Date: 2015-07-25 03:40+\n" -"PO-Revision-Date: 2015-11-04 04:21+\n" -"Last-Translator: vb[fbk \n" +"PO-Revision-Date: 2016-02-11 09:56+\n" +"Last-Translator: Antony A. Tolmachev \n" "Language-Team: Russian (http://www.transifex.com/otf/torproject/language/ru/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -144,7 +145,7 @@ msgstr "%sÐ%sÑоÑÑо дайÑе мне адÑеÑа моÑÑов!" #: bridgedb/https/templates/options.html:51 msgid "Advanced Options" -msgstr "ÐополниÑелÑнÑе наÑÑÑойки" +msgstr "РаÑÑиÑеннÑе наÑÑÑойки" #: bridgedb/https/templates/options.html:86 msgid "No" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/bridgedb] Update translations for bridgedb
commit c646e20de967000e256a416e7798b8305f722c2d Author: Translation commit botDate: Thu Feb 11 10:15:03 2016 + Update translations for bridgedb --- ru/LC_MESSAGES/bridgedb.po | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/ru/LC_MESSAGES/bridgedb.po b/ru/LC_MESSAGES/bridgedb.po index 5d88c24..50f7c7a 100644 --- a/ru/LC_MESSAGES/bridgedb.po +++ b/ru/LC_MESSAGES/bridgedb.po @@ -4,6 +4,7 @@ # # Translators: # Andrey Yoker Ogurchikov , 2014 +# Antony A. Tolmachev , 2016 # Evgrafov Denis , 2014 # Eugene, 2013 # foo , 2014 @@ -20,8 +21,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB=bridgedb-reported,msgid=isis,sysrqb=isis'\n" "POT-Creation-Date: 2015-07-25 03:40+\n" -"PO-Revision-Date: 2015-11-04 04:21+\n" -"Last-Translator: vb[fbk \n" +"PO-Revision-Date: 2016-02-11 09:56+\n" +"Last-Translator: Antony A. Tolmachev \n" "Language-Team: Russian (http://www.transifex.com/otf/torproject/language/ru/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -144,7 +145,7 @@ msgstr "%sÐ%sÑоÑÑо дайÑе мне адÑеÑа моÑÑов!" #: bridgedb/https/templates/options.html:51 msgid "Advanced Options" -msgstr "ÐополниÑелÑнÑе наÑÑÑойки" +msgstr "РаÑÑиÑеннÑе наÑÑÑойки" #: bridgedb/https/templates/options.html:86 msgid "No" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/mat-gui] Update translations for mat-gui
commit f3ca2ce5fc9a2895c0bb4fb8abff42a3ebd224cb Author: Translation commit botDate: Thu Feb 11 10:15:38 2016 + Update translations for mat-gui --- lt.po | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lt.po b/lt.po index e8b7c50..182fad5 100644 --- a/lt.po +++ b/lt.po @@ -3,14 +3,14 @@ # This file is distributed under the same license as the PACKAGE package. # # Translators: -# Moo, 2015 +# Moo, 2015-2016 msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2016-02-10 23:06+0100\n" -"PO-Revision-Date: 2016-02-11 09:31+\n" -"Last-Translator: carolyn \n" +"PO-Revision-Date: 2016-02-11 09:49+\n" +"Last-Translator: Moo\n" "Language-Team: Lithuanian (http://www.transifex.com/otf/torproject/language/lt/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -98,7 +98,7 @@ msgstr "" #: mat-gui:343 msgid "Fileformat not supported" -msgstr "" +msgstr "Failo formatas nepalaikomas" #: mat-gui:346 msgid "These files can not be processed:" @@ -128,12 +128,12 @@ msgstr "" #: mat-gui:413 #, python-format msgid "Checking %s" -msgstr "" +msgstr "Tikrinama %s" #: mat-gui:428 #, python-format msgid "Cleaning %s" -msgstr "" +msgstr "IÅ¡valoma %s" #: data/mat.glade:46 msgid "_File" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-bundle/master] Release preparations for 6.0a2
commit 499fecf76524da8f312279baac71e71979fc6c4b Author: Georg KoppenDate: Thu Feb 11 10:49:11 2016 + Release preparations for 6.0a2 --- Bundle-Data/Docs/ChangeLog.txt| 24 gitian/versions.alpha | 6 +++--- tools/update-responses/config.yml | 12 ++-- 3 files changed, 33 insertions(+), 9 deletions(-) diff --git a/Bundle-Data/Docs/ChangeLog.txt b/Bundle-Data/Docs/ChangeLog.txt index 5eabaa4..61df40c 100644 --- a/Bundle-Data/Docs/ChangeLog.txt +++ b/Bundle-Data/Docs/ChangeLog.txt @@ -1,3 +1,27 @@ +Tor Browser 6.0a2 -- February 15 2016 + * All Platforms + * Update Firefox to 38.6.1esr + * Update NoScript to 2.9.0.3 + * Bug 18168: Don't clear an iframe's window.name (fix of #16620) + * Bug 18137: Add two new obfs4 default bridges + * Windows + * Bug 18169: Whitelist zh-CN UI font + * OSX + * Bug 18172: Add Emoji support + * Linux + * Bug 18172: Add Emoji support + +Tor Browser 5.5.1 -- February 4 2016 + * All Platforms + * Bug 18168: Don't clear an iframe's window.name (fix of #16620) + * Bug 18137: Add two new obfs4 default bridges + * Windows + * Bug 18169: Whitelist zh-CN UI font + * OS X + * Bug 18172: Add Emoji support + * Linux + * Bug 18172: Add Emoji support + Tor Browser 6.0a1 -- January 27 2016 * All Platforms * Update Firefox to 38.6.0esr diff --git a/gitian/versions.alpha b/gitian/versions.alpha index 91854b8..f73c7f5 100755 --- a/gitian/versions.alpha +++ b/gitian/versions.alpha @@ -7,7 +7,7 @@ BUILD_PT_BUNDLES=1 VERIFY_TAGS=1 -FIREFOX_VERSION=38.6.0esr +FIREFOX_VERSION=38.6.1esr TORBROWSER_UPDATE_CHANNEL=alpha @@ -58,7 +58,7 @@ GO_VER=1.4.2 ## File names for the source packages OPENSSL_PACKAGE=openssl-${OPENSSL_VER}.tar.gz GMP_PACKAGE=gmp-${GMP_VER}.tar.bz2 -NOSCRIPT_PACKAGE=noscript_security_suite-2.9.0.2-sm+fx+fn.xpi +NOSCRIPT_PACKAGE=noscript_security_suite-2.9.0.3-fx+fn+sm.xpi TOOLCHAIN4_PACKAGE=x86_64-apple-darwin10.tar.xz TOOLCHAIN4_OLD_PACKAGE=multiarch-darwin11-cctools127.2-gcc42-5666.3-llvmgcc42-2336.1-Linux-120724.tar.xz OSXSDK_PACKAGE=MacOSX10.7.sdk.tar.gz @@ -87,7 +87,7 @@ OSXSDK_HASH=da77bb0003fcca5ea8c4e8cb2da8828ded750c54afdcac29ec6f3b46ad5e3adf OSXSDK_OLD_HASH=6602d8d5ddb371fbc02e2a5967d9bd0cd7358d46f9417753c8234b923f2ea6fc TOOLCHAIN4_HASH=7b71bfe02820409b994c5c33a7eab81a81c72550f5da85ff7af70da3da244645 TOOLCHAIN4_OLD_HASH=65c1b2d302358a6b95a26c6828a66908a199276193bb0b268f2dcc1a997731e9 -NOSCRIPT_HASH=f3c9dec710e02d809fa85ac76750e5f074656105c1bde03d400cb597b2eb1fba +NOSCRIPT_HASH=097298d5004c1f384f3af508cb1915921145f0f962e78c977a62f405bd7eb2d9 MSVCR100_HASH=1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067 PYCRYPTO_HASH=f2ce1e989b272cfcb677616763e0a2e7ec659effa67a88aa92b3a65528f60a3c ARGPARSE_HASH=ddaf4b0a618335a32b6664d4ae038a1de8fbada3b25033f9021510ed2b3941a4 diff --git a/tools/update-responses/config.yml b/tools/update-responses/config.yml index a0f5309..2827471 100644 --- a/tools/update-responses/config.yml +++ b/tools/update-responses/config.yml @@ -9,7 +9,7 @@ build_targets: osx32: Darwin_x86-gcc3 osx64: Darwin_x86_64-gcc3 channels: -alpha: 6.0a1 +alpha: 6.0a2 release: 5.5 versions: 5.5: @@ -23,12 +23,12 @@ versions: osx32: minSupportedOSVersion: 10.8 detailsURL: https://blog.torproject.org/blog/end-life-plan-tor-browser-32-bit-macs#updating -6.0a1: -platformVersion: 38.6.0 -detailsURL: https://blog.torproject.org/blog/tor-browser-60a1-released -download_url: https://www.torproject.org/dist/torbrowser/6.0a1 +6.0a2: +platformVersion: 38.6.1 +detailsURL: https://blog.torproject.org/blog/tor-browser-60a2-released +download_url: https://www.torproject.org/dist/torbrowser/6.0a2 incremental_from: - - 5.5a6 + - 6.0a1 migrate_archs: osx32: osx64 osx32: ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/mat-gui_completed] Update translations for mat-gui_completed
commit 0a6e018c42744be35fbcd7581c2decb5f932f219 Author: Translation commit botDate: Thu Feb 11 11:15:36 2016 + Update translations for mat-gui_completed --- zh_TW.po | 15 --- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/zh_TW.po b/zh_TW.po index 396b0bc..16903e9 100644 --- a/zh_TW.po +++ b/zh_TW.po @@ -3,6 +3,7 @@ # This file is distributed under the same license as the PACKAGE package. # # Translators: +# AgustÃn Wu , 2016 # Bobby Ho , 2014 # danfong , 2014 # Wen-Gan Li , 2015 @@ -11,9 +12,9 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2016-01-03 20:54+0100\n" -"PO-Revision-Date: 2015-12-22 12:44+\n" -"Last-Translator: Wen-Gan Li \n" +"POT-Creation-Date: 2016-02-10 23:06+0100\n" +"PO-Revision-Date: 2016-02-11 11:01+\n" +"Last-Translator: AgustÃn Wu \n" "Language-Team: Chinese (Taiwan) (http://www.transifex.com/otf/torproject/language/zh_TW/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -76,12 +77,12 @@ msgid "Reduce the produced PDF size and quality" msgstr "æ¸å°ç¢çç PDF æªæ¡å¤§å°åå質" #: mat-gui:238 -msgid "Add unsupported file to archives" -msgstr "æ°å¢ä¸æ¯æ´çæªæ¡å°å£ç¸®æª" +msgid "Remove unsupported file from archives" +msgstr "å¾æªæ¡åº«ä¸ç§»é¤å·²ä¸è¢«æ¯æ´çæªæ¡" #: mat-gui:241 -msgid "Add non-supported (and so non-anonymised) file to output archive" -msgstr "æ°å¢æªæ¯æ´ (ä¹æ²æå¿åç) æªæ¡å°è¼¸åºå£ç¸®æª" +msgid "Remove non-supported (and so non-anonymised) file from output archive" +msgstr "å¾è¼¸åºæªæ¡åº«ä¸å°ä¸è¢«æ¯æ´(以åä¸å ·å¿åæ§)çæªæ¡ç§»é¤" #: mat-gui:280 msgid "Unknown" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/mat-gui_completed] Update translations for mat-gui_completed
commit ac25916d66c75bba238fe4f7c250eb5c629ba04c Author: Translation commit botDate: Thu Feb 11 12:15:36 2016 + Update translations for mat-gui_completed --- fr_CA.po | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/fr_CA.po b/fr_CA.po index c38f200..d93f961 100644 --- a/fr_CA.po +++ b/fr_CA.po @@ -10,8 +10,8 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2016-01-03 20:54+0100\n" -"PO-Revision-Date: 2016-01-06 19:31+\n" +"POT-Creation-Date: 2016-02-10 23:06+0100\n" +"PO-Revision-Date: 2016-02-11 12:02+\n" "Last-Translator: Trans-fr\n" "Language-Team: French (Canada) (http://www.transifex.com/otf/torproject/language/fr_CA/)\n" "MIME-Version: 1.0\n" @@ -75,12 +75,12 @@ msgid "Reduce the produced PDF size and quality" msgstr "Réduire la taille et la qualité des PDF produits" #: mat-gui:238 -msgid "Add unsupported file to archives" -msgstr "Ajouter le(s) fichier(s) non pris en charge aux archives" +msgid "Remove unsupported file from archives" +msgstr "Retirer les fichiers non pris en charge des archives" #: mat-gui:241 -msgid "Add non-supported (and so non-anonymised) file to output archive" -msgstr "Ajouter le(s) fichier(s) non pris en charge (et donc non anonymisés) aux archives produites" +msgid "Remove non-supported (and so non-anonymised) file from output archive" +msgstr "Retirer les fichiers non pris en charge (et donc non anonymisés) du fichier compressé de sortie" #: mat-gui:280 msgid "Unknown" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/mat-gui] Update translations for mat-gui
commit 4e79bc64b1c25e86a7fefa42e5efcd29323da3fe Author: Translation commit botDate: Thu Feb 11 12:15:32 2016 + Update translations for mat-gui --- fr_CA.po | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/fr_CA.po b/fr_CA.po index 51d1480..d93f961 100644 --- a/fr_CA.po +++ b/fr_CA.po @@ -11,8 +11,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2016-02-10 23:06+0100\n" -"PO-Revision-Date: 2016-02-11 09:31+\n" -"Last-Translator: carolyn \n" +"PO-Revision-Date: 2016-02-11 12:02+\n" +"Last-Translator: Trans-fr\n" "Language-Team: French (Canada) (http://www.transifex.com/otf/torproject/language/fr_CA/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -76,11 +76,11 @@ msgstr "Réduire la taille et la qualité des PDF produits" #: mat-gui:238 msgid "Remove unsupported file from archives" -msgstr "" +msgstr "Retirer les fichiers non pris en charge des archives" #: mat-gui:241 msgid "Remove non-supported (and so non-anonymised) file from output archive" -msgstr "" +msgstr "Retirer les fichiers non pris en charge (et donc non anonymisés) du fichier compressé de sortie" #: mat-gui:280 msgid "Unknown" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-38.6.0esr-6.0-1] fixup! TB4: Tor Browser's Firefox preference overrides.
commit c924c0643ff7ac6c074f0aa87f5f2597aca3b969 Author: Georg KoppenDate: Thu Feb 4 09:15:10 2016 + fixup! TB4: Tor Browser's Firefox preference overrides. Bug 18172: Back out the Windows related part as we need a better fix for it. --- browser/app/profile/000-tor-browser.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index c022719..791e0d2 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -283,7 +283,7 @@ pref("font.name.sans-serif.ar", "Arial"); #endif #ifdef XP_WIN -pref("font.system.whitelist", "Arial, Batang, ë°í, Cambria Math, Courier New, Euphemia, Gautami, Georgia, Gulim, 굴림, GulimChe, 굴림체, Iskoola Pota, Kalinga, Kartika, Latha, Lucida Console, MS Gothic, ï¼ï¼³ ã´ã·ãã¯, MS Mincho, ï¼ï¼³ ææ, MS PGothic, ï¼ï¼³ ï¼°ã´ã·ãã¯, MS PMincho, ï¼ï¼³ ï¼°ææ, MV Boli, Malgun Gothic, Mangal, Meiryo, Meiryo UI, Microsoft Himalaya, Microsoft JhengHei, Microsoft JengHei UI, Microsoft YaHei, 微软é é», Microsoft YaHei UI, MingLiU, ç´°æé«, Noto Sans Buginese, Noto Sans Khmer, Noto Sans Lao, Noto Sans Myanmar, Noto Sans Yi, Nyala, PMingLiU, æ°ç´°æé«, Plantagenet Cherokee, Raavi, Segoe UI, Segoe UI Emoji, Shruti, SimSun, å®ä½, Sylfaen, Tahoma, Times New Roman, Tunga, Verdana, Vrinda, Yu Gothic UI"); +pref("font.system.whitelist", "Arial, Batang, ë°í, Cambria Math, Courier New, Euphemia, Gautami, Georgia, Gulim, 굴림, GulimChe, 굴림체, Iskoola Pota, Kalinga, Kartika, Latha, Lucida Console, MS Gothic, ï¼ï¼³ ã´ã·ãã¯, MS Mincho, ï¼ï¼³ ææ, MS PGothic, ï¼ï¼³ ï¼°ã´ã·ãã¯, MS PMincho, ï¼ï¼³ ï¼°ææ, MV Boli, Malgun Gothic, Mangal, Meiryo, Meiryo UI, Microsoft Himalaya, Microsoft JhengHei, Microsoft JengHei UI, Microsoft YaHei, 微软é é», Microsoft YaHei UI, MingLiU, ç´°æé«, Noto Sans Buginese, Noto Sans Khmer, Noto Sans Lao, Noto Sans Myanmar, Noto Sans Yi, Nyala, PMingLiU, æ°ç´°æé«, Plantagenet Cherokee, Raavi, Segoe UI, Shruti, SimSun, å®ä½, Sylfaen, Tahoma, Times New Roman, Tunga, Verdana, Vrinda, Yu Gothic UI"); #endif #ifdef XP_LINUX ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/mat-gui_completed] Update translations for mat-gui_completed
commit feecc153f98e2ed608a84068359f48673c4a3358 Author: Translation commit botDate: Thu Feb 11 13:15:37 2016 + Update translations for mat-gui_completed --- zh_CN.po | 134 +++ 1 file changed, 67 insertions(+), 67 deletions(-) diff --git a/zh_CN.po b/zh_CN.po index edc5c3b..bd783f5 100644 --- a/zh_CN.po +++ b/zh_CN.po @@ -4,13 +4,13 @@ # # Translators: # khi, 2013 -# YF , 2014-2015 +# YF , 2014-2016 msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-12-16 15:03+0100\n" -"PO-Revision-Date: 2015-12-17 23:53+\n" +"POT-Creation-Date: 2016-02-10 23:06+0100\n" +"PO-Revision-Date: 2016-02-11 13:07+\n" "Last-Translator: YF \n" "Language-Team: Chinese (China) (http://www.transifex.com/otf/torproject/language/zh_CN/)\n" "MIME-Version: 1.0\n" @@ -19,171 +19,171 @@ msgstr "" "Language: zh_CN\n" "Plural-Forms: nplurals=1; plural=0;\n" -#: mat-gui:64 mat-gui:415 mat-gui:438 +#: mat-gui:66 mat-gui:422 mat-gui:445 msgid "Ready" msgstr "åå¤" -#: mat-gui:133 +#: mat-gui:136 msgid "Choose files" msgstr "éæ©æ件" -#: mat-gui:141 -msgid "All files" -msgstr "å ¨é¨æ件" - -#: mat-gui:147 +#: mat-gui:144 msgid "Supported files" msgstr "æ¯ææ件" -#: mat-gui:164 mat-gui:359 mat-gui:410 mat-gui:434 mat-gui:436 -#: data/mat.glade:480 +#: mat-gui:151 +msgid "All files" +msgstr "å ¨é¨æ件" + +#: mat-gui:167 mat-gui:366 mat-gui:417 mat-gui:441 mat-gui:443 +#: data/mat.glade:200 msgid "Clean" msgstr "æ¸ é¤" -#: mat-gui:165 +#: mat-gui:168 msgid "No metadata found" msgstr "æªæ¾å°å æ°æ®" -#: mat-gui:167 mat-gui:412 +#: mat-gui:170 mat-gui:419 msgid "Dirty" msgstr "æ´æ°" -#: mat-gui:172 +#: mat-gui:176 #, python-format msgid "%s's metadata" msgstr "%s çå æ°æ®" -#: mat-gui:183 +#: mat-gui:187 msgid "Trash your meta, keep your data" msgstr "丢å¼å æ ç¾ï¼ä¿çæ°æ®" -#: mat-gui:188 +#: mat-gui:192 msgid "Website" msgstr "ç½ç«" -#: mat-gui:214 +#: mat-gui:219 msgid "Preferences" msgstr "é¦é项" -#: mat-gui:227 +#: mat-gui:232 msgid "Reduce PDF quality" msgstr "éä½ PDF è´¨é" -#: mat-gui:230 +#: mat-gui:235 msgid "Reduce the produced PDF size and quality" msgstr "éä½çæ PDF ç大å°åè´¨é" -#: mat-gui:233 -msgid "Add unsupported file to archives" -msgstr "å°ä¸æ¯æçæ件添å å°åæ¡£" +#: mat-gui:238 +msgid "Remove unsupported file from archives" +msgstr "ä»åæ¡£ä¸ç§»é¤ä¸æ¯æçæ件" -#: mat-gui:236 -msgid "Add non-supported (and so non-anonymised) file to output archive" -msgstr "å°ä¸æ¯æï¼ä¸éå¿ååï¼çæ件添å å°è¾åºåæ¡£" +#: mat-gui:241 +msgid "Remove non-supported (and so non-anonymised) file from output archive" +msgstr "ä»è¾åºåæ¡£ä¸ç§»é¤ä¸æ¯æï¼ä¸éå¿ååï¼çæ件" -#: mat-gui:275 +#: mat-gui:280 msgid "Unknown" msgstr "æªç¥" -#: mat-gui:318 +#: mat-gui:325 msgid "Not-supported" msgstr "ä¸æ¯æ" -#: mat-gui:332 +#: mat-gui:339 msgid "Harmless fileformat" msgstr "æ 害çæä»¶æ ¼å¼" -#: mat-gui:334 +#: mat-gui:341 msgid "Cant read file" msgstr "æ æ³è¯»åæ件" -#: mat-gui:336 +#: mat-gui:343 msgid "Fileformat not supported" msgstr "ä¸æ¯æçæä»¶æ ¼å¼" -#: mat-gui:339 +#: mat-gui:346 msgid "These files can not be processed:" msgstr "è¿äºæ件ä¸è½è¢«å¤ç:" -#: mat-gui:344 mat-gui:373 data/mat.glade:519 +#: mat-gui:351 mat-gui:380 data/mat.glade:239 msgid "Filename" msgstr "æ件å" -#: mat-gui:346 +#: mat-gui:353 msgid "Reason" msgstr "åå " -#: mat-gui:358 +#: mat-gui:365 msgid "Non-supported files in archive" msgstr "ä¸æ¯æå缩å å çæ件" -#: mat-gui:372 +#: mat-gui:379 msgid "Include" msgstr "å æ¬" -#: mat-gui:390 +#: mat-gui:397 #, python-format msgid "MAT is not able to clean the following files, found in the %s archive" msgstr "MAT ä¸è½æ¸ é¤ä¸åæ件ï¼åç°äº %s å缩æ件" -#: mat-gui:406 +#: mat-gui:413 #, python-format msgid "Checking %s" msgstr "æ£å¨æ£æ¥ %s" -#: mat-gui:421 +#: mat-gui:428 #, python-format msgid "Cleaning %s" msgstr "æ£å¨æ¸ é¤ %s" -#: data/mat.glade:26 data/mat.glade:196 +#: data/mat.glade:46 +msgid "_File" +msgstr "æ件(_F)" + +#: data/mat.glade:95 +msgid "_Edit" +msgstr "ç¼è¾(_E)" + +#: data/mat.glade:141 +msgid "_Help" +msgstr "帮å©(_H)" + +#: data/mat.glade:187 +msgid "Add" +msgstr "æ·»å " + +#: data/mat.glade:256 +msgid "State" +msgstr "ç¶æ" + +#: data/mat.glade:294 data/mat.glade:467 msgid "Metadata" msgstr "å æ°æ®" -#: data/mat.glade:85 +#: data/mat.glade:354 msgid "Name" msgstr "åå" -#: data/mat.glade:99 +#: data/mat.glade:368 msgid "Content" msgstr "å 容" -#: data/mat.glade:129 +#: data/mat.glade:398 msgid "Supported formats" msgstr "æ¯ææ ¼å¼" -#:
[tor-commits] [translation/mat-gui] Update translations for mat-gui
commit 4089bb590ce182f2cf1fc4d38424707023c67333 Author: Translation commit botDate: Thu Feb 11 13:15:32 2016 + Update translations for mat-gui --- zh_CN.po | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/zh_CN.po b/zh_CN.po index d55307c..bd783f5 100644 --- a/zh_CN.po +++ b/zh_CN.po @@ -4,14 +4,14 @@ # # Translators: # khi, 2013 -# YF , 2014-2015 +# YF , 2014-2016 msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2016-02-10 23:06+0100\n" -"PO-Revision-Date: 2016-02-11 09:31+\n" -"Last-Translator: carolyn \n" +"PO-Revision-Date: 2016-02-11 13:07+\n" +"Last-Translator: YF \n" "Language-Team: Chinese (China) (http://www.transifex.com/otf/torproject/language/zh_CN/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -75,11 +75,11 @@ msgstr "éä½çæ PDF ç大å°åè´¨é" #: mat-gui:238 msgid "Remove unsupported file from archives" -msgstr "" +msgstr "ä»åæ¡£ä¸ç§»é¤ä¸æ¯æçæ件" #: mat-gui:241 msgid "Remove non-supported (and so non-anonymised) file from output archive" -msgstr "" +msgstr "ä»è¾åºåæ¡£ä¸ç§»é¤ä¸æ¯æï¼ä¸éå¿ååï¼çæ件" #: mat-gui:280 msgid "Unknown" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix all doxygen warnings other than "X is not documented"
commit 1f679d4ae11cd976f5539bc4ddf36873132aeb00 Author: Nick MathewsonDate: Thu Feb 11 22:06:44 2016 -0500 Fix all doxygen warnings other than "X is not documented" --- src/or/config.c | 2 +- src/or/policies.c| 14 -- src/or/routerparse.c | 2 +- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/src/or/config.c b/src/or/config.c index d71cf6d..5273d5a 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -2693,7 +2693,7 @@ options_validate_cb(void *old_options, void *options, void *default_options, /** Log a warning message iff filepath is not absolute. * Warning message must contain option name option and - * an absolute path that filepath will resolve to. + * an absolute path that filepath will resolve to. * * In case filepath is absolute, do nothing. */ diff --git a/src/or/policies.c b/src/or/policies.c index 984ab6a..179230b 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -1703,19 +1703,21 @@ exit_policy_remove_redundancies(smartlist_t *dest) /** Reject private helper for policies_parse_exit_policy_internal: rejects * publicly routable addresses on this exit relay. * - * Add reject entries to the linked list *dest: - * - if configured_addresses is non-NULL, add entries that reject each - * tor_addr_t* in the list as a destination. - * - if reject_interface_addresses is true, add entries that reject each + * Add reject entries to the linked list *dest: + * + * if configured_addresses is non-NULL, add entries that reject each + * tor_addr_t in the list as a destination. + * if reject_interface_addresses is true, add entries that reject each * public IPv4 and IPv6 address of each interface on this machine. - * - if reject_configured_port_addresses is true, add entries that reject + * if reject_configured_port_addresses is true, add entries that reject * each IPv4 and IPv6 address configured for a port. + * * * IPv6 entries are only added if ipv6_exit is true. (All IPv6 addresses are * already blocked by policies_parse_exit_policy_internal if ipv6_exit is * false.) * - * The list *dest is created as needed. + * The list in dest is created as needed. */ void policies_parse_exit_policy_reject_private( diff --git a/src/or/routerparse.c b/src/or/routerparse.c index fafba96..3be43dc 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -3679,7 +3679,7 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos) * * Returns NULL on policy errors. * - * Set *malformed_list>/b> to true if the entire policy list should be + * Set *malformed_list to true if the entire policy list should be * discarded. Otherwise, set it to false, and only this item should be ignored * on error - the rest of the policy list can continue to be processed and * used. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] tiny tweaks to proposal 255 after reading
commit 0c14d27563e6cfb24ee2a11457f8b64b80512259 Author: Roger DingledineDate: Thu Feb 11 23:04:27 2016 -0500 tiny tweaks to proposal 255 after reading --- proposals/255-hs-load-balancing.txt | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/proposals/255-hs-load-balancing.txt b/proposals/255-hs-load-balancing.txt index eaab035..a19949c 100644 --- a/proposals/255-hs-load-balancing.txt +++ b/proposals/255-hs-load-balancing.txt @@ -101,7 +101,7 @@ is the minimal amount of data required to process the INTRODUCE2 cell on another machine. Before proposal 224 is implemented, this could consist of the -INTRODUCE2 cell payload, the key to decrypt the cell with if the cell +INTRODUCE2 cell payload, the key to decrypt the cell if the cell is not already decrypted (which may be preferable, for performance reasons), and data necessary for other machines to recognize what to do with the cell. @@ -136,7 +136,7 @@ INTRODUCE2 cell arrives at the node which published the descriptor, it does not immediately try to perform the rendezvous, but instead outputs this to the controller. Through an out-of-band process this message is relayed to a controller of another node of Bob's, and this transmits -the "PERFORM-RENDEZVOUS" command to that node. This node finally +the "PERFORM-RENDEZVOUS" command to that node. This node performs the rendezvous, and will continue to serve data to Alice, whose client will now not have to talk to the introduction point anymore. @@ -155,3 +155,4 @@ and to leave the actual load-balancing algorithm to the implementor of the controller. The developer of the tor implementation should not have to choose between a round-robin algorithm and something that could pull CPU load averages from a centralized monitoring system. + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] grammar/etc clarifications while reading proposal 260
commit b6b2d248ca9b51876eb841c545c6641c1697aac0 Author: Roger DingledineDate: Thu Feb 11 23:11:35 2016 -0500 grammar/etc clarifications while reading proposal 260 --- proposals/260-rend-single-onion.txt | 32 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/proposals/260-rend-single-onion.txt b/proposals/260-rend-single-onion.txt index fc01551..79990a8 100644 --- a/proposals/260-rend-single-onion.txt +++ b/proposals/260-rend-single-onion.txt @@ -29,10 +29,10 @@ Status: Draft 2. Motivation Rendezvous single onion services are best used by sites which: - * Donât require location anonymity + * Don't require location anonymity * Would appreciate lower latency or self-authenticated addresses * Would like to work with existing tor clients and relays - * Canât accept connections to an open ORPort + * Can't accept connections to an open ORPort Rendezvous single onion services have a few benefits over double onion services: @@ -61,7 +61,7 @@ Status: Draft * Connection latency is higher, as one-hop circuits are built to the introduction and rendezvous points. Single onion services perform one -extend to the single onion serviceâs ORPort only +extend to the single onion service's ORPort only It should also be noted that, while single onion services receive many incoming connections from different relays, rendezvous single onion @@ -99,8 +99,8 @@ Status: Draft further discussion of security issues.) (Please note that this proposal follows the hop counting conventions in the - tor source code. A circuit with a single connections between the client and - the endpoint is one-hop, a circuit with 4 connections (and 3 nodes) between + tor source code. A circuit with a single connection between the client and + the endpoint is one-hop; a circuit with 4 connections (and 3 nodes) between the client and endpoint is four-hop.) 5. Publishing a rendezvous single onion service @@ -109,11 +109,11 @@ Status: Draft group of tor instances) must: * Publish onion descriptors in the same manner as any onion service, -using three-hop circuits. This avoids service blocking by IP address, -proposal #224 (next-generation hidden services) avoids blocking by +using three-hop circuits. This avoids service blocking by IP address. +Proposal #224 (next-generation hidden services) avoids blocking by onion address. * Perform the rendezvous protocol in the same manner as a double -onion service, but make the intro and rendezvous connections one-hop. +onion service, but make the intro and rendezvous circuits one-hop. (This may allow intro and rendezvous points to block the service.) 5.1. Configuration options @@ -130,10 +130,10 @@ Status: Draft a Rendezvous Single Onion Service. (Default: 0) Because of the grave consequences of misconfiguration here, we have added - âNonAnonymousâ to the name of the torrc option. Furthermore, Tor MUST issue + 'NonAnonymous' to the name of the torrc option. Furthermore, Tor MUST issue a startup warning message to operators of the onion service if this feature is enabled. - [Should the name start with âNonAnonymousâ instead?] + [Should the name start with 'NonAnonymous' instead?] As RendezvousSingleOnionServiceNonAnonymousServer modifies the behaviour of every onion service on a tor instance, it is impossible to run hidden @@ -271,7 +271,7 @@ Status: Draft service, or continue with the rendezvous protocol. Running a rendezvous single onion service and single onion service allows - older clients to connect via rendezvous, and newer clients to connenct via + older clients to connect via rendezvous, and newer clients to connect via extend. This is useful for the transition period where not all clients support single onion services. @@ -319,7 +319,7 @@ Status: Draft 6.4 Predicted circuits We should look whether we can optimize further the predicted circuits that - Tor makes as a onion service for this mode. + Tor makes as an onion service for this mode. 8. Security Implications @@ -342,7 +342,7 @@ Status: Draft single onion services due to their benefits. This could increase the traffic on the tor network, therefore increasing anonymity overall. However, the unique behaviour of each type of onion service may still be - distinguishable from both the client and server ends of the connection. + distinguishable on both the client and server ends of the connection. 8.2 Hidden Service Designs can potentially be more secure @@ -352,9 +352,9 @@ Status: Draft 8.3 One-hop onion service paths may encourage more attacks - There's a possible second-order effect here since both encrypted - services and hidden services will have
[tor-commits] [torspec/master] renumber 260
commit 2d7a01399b49749a71d760818ef3f0c9c8799cf5 Author: Roger DingledineDate: Thu Feb 11 23:29:42 2016 -0500 renumber 260 --- proposals/260-rend-single-onion.txt | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/proposals/260-rend-single-onion.txt b/proposals/260-rend-single-onion.txt index 79990a8..48aa794 100644 --- a/proposals/260-rend-single-onion.txt +++ b/proposals/260-rend-single-onion.txt @@ -200,7 +200,7 @@ Status: Draft And turning off hidden service server preemptive circuits, which is currently unimplemented (#17360) -5.1.3 Recommended Additional Options: Security +5.1.4 Recommended Additional Options: Security We recommend that no other services are run on a rendezvous single onion service tor instance. Since tor runs as a client (and not a relay) by @@ -275,7 +275,7 @@ Status: Draft extend. This is useful for the transition period where not all clients support single onion services. -6.5. Proposal 255 ("Hidden Service Load Balancing") +6.6. Proposal 255 ("Hidden Service Load Balancing") This proposal is compatible with proposal 255. The onion service will perform the rendezvous protocol in the same manner as any other onion @@ -316,7 +316,7 @@ Status: Draft been performed. In addition, a potential drawback is overloading a busy single onion service. -6.4 Predicted circuits +7.4 Predicted circuits We should look whether we can optimize further the predicted circuits that Tor makes as an onion service for this mode. @@ -458,3 +458,4 @@ splitting described in section 8. Here are some initial ideas. This option is disabled in Tor Browser by default. Perhaps some users would be more comfortable enabling submission over an onion service, due to the additional security benefits. + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Split a long line
commit 7f9ac4957ca8f75a5e72db1c8a967b45d092d125 Author: Nick MathewsonDate: Thu Feb 11 12:13:02 2016 -0500 Split a long line --- src/or/connection.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/or/connection.c b/src/or/connection.c index f459a1b..c012018 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -2397,7 +2397,8 @@ retry_listener_ports(smartlist_t *old_conns, /* We don't need to be root to create a UNIX socket, so defer until after * setuid. */ const or_options_t *options = get_options(); -if (port->is_unix_addr && !geteuid() && (options->User) && strcmp(options->User, "root")) +if (port->is_unix_addr && !geteuid() && (options->User) && +strcmp(options->User, "root")) continue; #endif ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'weasel/bug18261'
commit bc7a5eeeda58c68b3c8434fd66c404aae269dbb0 Merge: c0a6c34 42e131e Author: Nick MathewsonDate: Thu Feb 11 12:12:02 2016 -0500 Merge remote-tracking branch 'weasel/bug18261' changes/bug18261| 6 ++ src/or/connection.c | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Rename circuit_about_to_free_{terminal -> atexit}
commit cae59b913f7daa154c6b1eb9083d1f582c8d2a1e Author: Nick MathewsonDate: Thu Feb 11 12:15:12 2016 -0500 Rename circuit_about_to_free_{terminal -> atexit} --- src/or/circuitlist.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index 9b7df75..ade371d 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -53,7 +53,7 @@ static void cpath_ref_decref(crypt_path_reference_t *cpath_ref); //static void circuit_set_rend_token(or_circuit_t *circ, int is_rend_circ, // const uint8_t *token); static void circuit_clear_rend_token(or_circuit_t *circ); -static void circuit_about_to_free_terminal(circuit_t *circ); +static void circuit_about_to_free_atexit(circuit_t *circ); static void circuit_about_to_free(circuit_t *circ); /* END VARIABLES / @@ -902,7 +902,7 @@ circuit_free_all(void) } } tmp->global_circuitlist_idx = -1; -circuit_about_to_free_terminal(tmp); +circuit_about_to_free_atexit(tmp); circuit_free(tmp); SMARTLIST_DEL_CURRENT(lst, tmp); } SMARTLIST_FOREACH_END(tmp); @@ -1752,7 +1752,7 @@ circuit_mark_for_close_, (circuit_t *circ, int reason, int line, * do circuitmux_detach_circuit() when appropriate. */ static void -circuit_about_to_free_terminal(circuit_t *circ) +circuit_about_to_free_atexit(circuit_t *circ) { if (circ->n_chan) { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix a segfault during startup
commit 42e131e9acca7c51fb220935deda5dc681004e3f Author: Peter PalfraderDate: Sat Feb 6 22:17:02 2016 +0100 Fix a segfault during startup If unix socket was configured as listener (such as a ControlSocket or a SocksPort unix socket), and tor was started as root but not configured to switch to another user, tor would segfault while trying to string compare a NULL value. Fixes bug 18261; bugfix on 0.2.8.1-alpha. Patch by weasel. --- changes/bug18261| 6 ++ src/or/connection.c | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/changes/bug18261 b/changes/bug18261 new file mode 100644 index 000..df4c74f --- /dev/null +++ b/changes/bug18261 @@ -0,0 +1,6 @@ + o Minor features (crypto): +- Fix a segfault during startup: If unix socket was configured as + listener (such as a ControlSocket or a SocksPort unix socket), and + tor was started as root but not configured to switch to another + user, tor would segfault while trying to string compare a NULL + value. Fixes bug 18261; bugfix on 0.2.8.1-alpha. Patch by weasel. diff --git a/src/or/connection.c b/src/or/connection.c index 123c33a..efd730f 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -2398,7 +2398,7 @@ retry_listener_ports(smartlist_t *old_conns, /* We don't need to be root to create a UNIX socket, so defer until after * setuid. */ const or_options_t *options = get_options(); -if (port->is_unix_addr && !geteuid() && strcmp(options->User, "root")) +if (port->is_unix_addr && !geteuid() && (options->User) && strcmp(options->User, "root")) continue; #endif ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] make check-spaces
commit 838d4dee121b311647ae4edd7e220436571c449c Author: Nick MathewsonDate: Thu Feb 11 12:50:55 2016 -0500 make check-spaces --- src/or/entrynodes.c| 5 +++-- src/or/or.h| 4 ++-- src/or/policies.c | 15 --- src/test/test_policy.c | 1 - 4 files changed, 13 insertions(+), 12 deletions(-) diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index a4b9350..95d9fec 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -2124,8 +2124,9 @@ launch_direct_bridge_descriptor_fetch(bridge_info_t *bridge) * it. If we */ if (!fascist_firewall_allows_address_addr(>addr, bridge->port, FIREWALL_OR_CONNECTION, 0)) { -log_notice(LD_CONFIG, "Tried to fetch a descriptor directly from a bridge, " - "but that bridge is not reachable through our firewall."); +log_notice(LD_CONFIG, "Tried to fetch a descriptor directly from a " + "bridge, but that bridge is not reachable through our " + "firewall."); return; } diff --git a/src/or/or.h b/src/or/or.h index 04bd42a..f438212 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -4092,8 +4092,8 @@ typedef struct { int ClientUseIPv6; /** If true, prefer an IPv6 OR port over an IPv4 one for entry node * connections. If auto, bridge clients prefer IPv6, and other clients - * prefer IPv4. Use fascist_firewall_prefer_ipv6_orport() instead of accessing - * this value directly. */ + * prefer IPv4. Use fascist_firewall_prefer_ipv6_orport() instead of + * accessing this value directly. */ int ClientPreferIPv6ORPort; /** If true, prefer an IPv6 directory port over an IPv4 one for direct * directory connections. If auto, bridge clients prefer IPv6, and other diff --git a/src/or/policies.c b/src/or/policies.c index faa39ad..984ab6a 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -421,7 +421,8 @@ fascist_firewall_allows_address(const tor_addr_t *addr, /** Is this client configured to use IPv6? */ -int fascist_firewall_use_ipv6(const or_options_t *options) +int +fascist_firewall_use_ipv6(const or_options_t *options) { /* Clients use IPv6 if it's set, or they use bridges, or they don't use * IPv4 */ @@ -513,14 +514,14 @@ fascist_firewall_allows_address_addr(const tor_addr_t *addr, uint16_t port, if (fw_connection == FIREWALL_OR_CONNECTION) { return fascist_firewall_allows_address(addr, port, -reachable_or_addr_policy, -pref_only, - fascist_firewall_prefer_ipv6_orport(options)); + reachable_or_addr_policy, + pref_only, + fascist_firewall_prefer_ipv6_orport(options)); } else if (fw_connection == FIREWALL_DIR_CONNECTION) { return fascist_firewall_allows_address(addr, port, -reachable_dir_addr_policy, -pref_only, - fascist_firewall_prefer_ipv6_dirport(options)); + reachable_dir_addr_policy, + pref_only, + fascist_firewall_prefer_ipv6_dirport(options)); } else { log_warn(LD_BUG, "Bad firewall_connection_t value %d.", fw_connection); diff --git a/src/test/test_policy.c b/src/test/test_policy.c index c044d9f..3688909 100644 --- a/src/test/test_policy.c +++ b/src/test/test_policy.c @@ -1546,7 +1546,6 @@ test_policies_fascist_firewall_choose_address(void *arg) FIREWALL_DIR_CONNECTION, 1) == _dir_ap); - /* In the default configuration (Auto / IPv6 off), bridge clients should * still use IPv6, and only prefer it for bridges configured with an IPv6 * address, regardless of ClientUseIPv6. */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.4] Make ensure_capacity a bit more pedantically correct
commit c2fd64846978290b0e7c7165d7658a5e704eee8f Author: Nick MathewsonDate: Thu Feb 11 12:54:52 2016 -0500 Make ensure_capacity a bit more pedantically correct Issues noted by cypherpunks on #18162 --- src/common/container.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/common/container.c b/src/common/container.c index 46d9c2e..b1431df 100644 --- a/src/common/container.c +++ b/src/common/container.c @@ -58,11 +58,16 @@ smartlist_clear(smartlist_t *sl) sl->num_used = 0; } +#if SIZE_MAX < INT_MAX +#error "We don't support systems where size_t is smaller than int." +#endif + /** Make sure that sl can hold at least size entries. */ static INLINE void smartlist_ensure_capacity(smartlist_t *sl, size_t size) { -#if SIZEOF_SIZE_T > SIZEOF_INT + /* Set MAX_CAPACITY to MIN(INT_MAX, SIZE_MAX / sizeof(void*)) */ +#if (SIZE_MAX/SIZEOF_VOID_P) > INT_MAX #define MAX_CAPACITY (INT_MAX) #else #define MAX_CAPACITY (int)((SIZE_MAX / (sizeof(void* ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.5] Make ensure_capacity a bit more pedantically correct
commit c2fd64846978290b0e7c7165d7658a5e704eee8f Author: Nick MathewsonDate: Thu Feb 11 12:54:52 2016 -0500 Make ensure_capacity a bit more pedantically correct Issues noted by cypherpunks on #18162 --- src/common/container.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/common/container.c b/src/common/container.c index 46d9c2e..b1431df 100644 --- a/src/common/container.c +++ b/src/common/container.c @@ -58,11 +58,16 @@ smartlist_clear(smartlist_t *sl) sl->num_used = 0; } +#if SIZE_MAX < INT_MAX +#error "We don't support systems where size_t is smaller than int." +#endif + /** Make sure that sl can hold at least size entries. */ static INLINE void smartlist_ensure_capacity(smartlist_t *sl, size_t size) { -#if SIZEOF_SIZE_T > SIZEOF_INT + /* Set MAX_CAPACITY to MIN(INT_MAX, SIZE_MAX / sizeof(void*)) */ +#if (SIZE_MAX/SIZEOF_VOID_P) > INT_MAX #define MAX_CAPACITY (INT_MAX) #else #define MAX_CAPACITY (int)((SIZE_MAX / (sizeof(void* ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.6] Merge branch 'maint-0.2.5' into maint-0.2.6
commit 740421af194b890c24242a834ed03ffc5c4c16ab Merge: 44ad3be ce289e2 Author: Nick MathewsonDate: Thu Feb 11 12:57:28 2016 -0500 Merge branch 'maint-0.2.5' into maint-0.2.6 changes/bug18162 | 7 +++ src/common/container.c | 37 - 2 files changed, 27 insertions(+), 17 deletions(-) diff --cc src/common/container.c index 864fd8a,c668068..76c129d --- a/src/common/container.c +++ b/src/common/container.c @@@ -66,28 -71,22 +71,25 @@@ smartlist_ensure_capacity(smartlist_t * #define MAX_CAPACITY (INT_MAX) #else #define MAX_CAPACITY (int)((SIZE_MAX / (sizeof(void* - #define ASSERT_CAPACITY #endif - if (size > sl->capacity) { - int higher = sl->capacity; ++ + tor_assert(size <= MAX_CAPACITY); + + if (size > (size_t) sl->capacity) { + size_t higher = (size_t) sl->capacity; if (PREDICT_UNLIKELY(size > MAX_CAPACITY/2)) { - #ifdef ASSERT_CAPACITY - /* We don't include this assertion when MAX_CAPACITY == INT_MAX, -* since int size; (size <= INT_MAX) makes analysis tools think we're -* doing something stupid. */ -- tor_assert(size <= MAX_CAPACITY); - #endif higher = MAX_CAPACITY; } else { while (size > higher) higher *= 2; } - sl->capacity = higher; + tor_assert(higher <= INT_MAX); /* Redundant */ + sl->capacity = (int) higher; -sl->list = tor_realloc(sl->list, sizeof(void*)*((size_t)sl->capacity)); +sl->list = tor_reallocarray(sl->list, sizeof(void *), +((size_t)sl->capacity)); } +#undef ASSERT_CAPACITY +#undef MAX_CAPACITY } /** Append element to the end of the list. */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.5] Merge branch 'maint-0.2.4' into maint-0.2.5
commit ce289e2cb5099a4abe4468049dc0d262b65bfa17 Merge: f06d9a9 ad95d64 Author: Nick MathewsonDate: Thu Feb 11 12:55:40 2016 -0500 Merge branch 'maint-0.2.4' into maint-0.2.5 changes/bug18162 | 7 +++ src/common/container.c | 29 +++-- 2 files changed, 26 insertions(+), 10 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.6] Merge branch 'maint-0.2.4' into maint-0.2.5
commit ce289e2cb5099a4abe4468049dc0d262b65bfa17 Merge: f06d9a9 ad95d64 Author: Nick MathewsonDate: Thu Feb 11 12:55:40 2016 -0500 Merge branch 'maint-0.2.4' into maint-0.2.5 changes/bug18162 | 7 +++ src/common/container.c | 29 +++-- 2 files changed, 26 insertions(+), 10 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.6] Merge branch 'bug18162_024' into maint-0.2.4
commit ad95d64fece2c6d2eddffc8fa5178c3ffccc0cd7 Merge: d5ac79e c2fd648 Author: Nick MathewsonDate: Thu Feb 11 12:55:25 2016 -0500 Merge branch 'bug18162_024' into maint-0.2.4 changes/bug18162 | 7 +++ src/common/container.c | 29 +++-- 2 files changed, 26 insertions(+), 10 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.4] Merge branch 'bug18162_024' into maint-0.2.4
commit ad95d64fece2c6d2eddffc8fa5178c3ffccc0cd7 Merge: d5ac79e c2fd648 Author: Nick MathewsonDate: Thu Feb 11 12:55:25 2016 -0500 Merge branch 'bug18162_024' into maint-0.2.4 changes/bug18162 | 7 +++ src/common/container.c | 29 +++-- 2 files changed, 26 insertions(+), 10 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.7] Merge branch 'maint-0.2.6' into maint-0.2.7
commit be6174f8f6aaaf8f990eb56c5cba16bc5ec0fcea Merge: d920cbb 740421a Author: Nick MathewsonDate: Thu Feb 11 13:01:46 2016 -0500 Merge branch 'maint-0.2.6' into maint-0.2.7 changes/bug18162 | 7 +++ src/common/container.c | 37 - 2 files changed, 27 insertions(+), 17 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.4] avoid integer overflow in and around smartlist_ensure_capacity.
commit bca7083e8285e8e6a4377076a7e432417eafc6d2 Author: Nick MathewsonDate: Wed Jan 27 12:26:02 2016 -0500 avoid integer overflow in and around smartlist_ensure_capacity. This closes bug 18162; bugfix on a45b1315909c9, which fixed a related issue long ago. In addition to the #18162 issues, this fixes a signed integer overflow in smarltist_add_all(), which is probably not so great either. --- changes/bug18162 | 7 +++ src/common/container.c | 22 +- 2 files changed, 20 insertions(+), 9 deletions(-) diff --git a/changes/bug18162 b/changes/bug18162 new file mode 100644 index 000..0844d6f --- /dev/null +++ b/changes/bug18162 @@ -0,0 +1,7 @@ + o Major bugfixes (security, pointers): + +- Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug #18162; + bugfix on Tor 0.1.1.11-alpha, which fixed a related bug + incompletely. Reported by Guido Vranken. + diff --git a/src/common/container.c b/src/common/container.c index eec497a..46d9c2e 100644 --- a/src/common/container.c +++ b/src/common/container.c @@ -60,15 +60,17 @@ smartlist_clear(smartlist_t *sl) /** Make sure that sl can hold at least size entries. */ static INLINE void -smartlist_ensure_capacity(smartlist_t *sl, int size) +smartlist_ensure_capacity(smartlist_t *sl, size_t size) { #if SIZEOF_SIZE_T > SIZEOF_INT #define MAX_CAPACITY (INT_MAX) #else #define MAX_CAPACITY (int)((SIZE_MAX / (sizeof(void* #endif - if (size > sl->capacity) { -int higher = sl->capacity; + tor_assert(size <= MAX_CAPACITY); + + if (size > (size_t) sl->capacity) { +size_t higher = (size_t) sl->capacity; if (PREDICT_UNLIKELY(size > MAX_CAPACITY/2)) { tor_assert(size <= MAX_CAPACITY); higher = MAX_CAPACITY; @@ -76,7 +78,8 @@ smartlist_ensure_capacity(smartlist_t *sl, int size) while (size > higher) higher *= 2; } -sl->capacity = higher; +tor_assert(higher <= INT_MAX); /* Redundant */ +sl->capacity = (int) higher; sl->list = tor_realloc(sl->list, sizeof(void*)*((size_t)sl->capacity)); } } @@ -85,7 +88,7 @@ smartlist_ensure_capacity(smartlist_t *sl, int size) void smartlist_add(smartlist_t *sl, void *element) { - smartlist_ensure_capacity(sl, sl->num_used+1); + smartlist_ensure_capacity(sl, ((size_t) sl->num_used)+1); sl->list[sl->num_used++] = element; } @@ -93,11 +96,12 @@ smartlist_add(smartlist_t *sl, void *element) void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2) { - int new_size = s1->num_used + s2->num_used; - tor_assert(new_size >= s1->num_used); /* check for overflow. */ + size_t new_size = (size_t)s1->num_used + (size_t)s2->num_used; + tor_assert(new_size >= (size_t) s1->num_used); /* check for overflow. */ smartlist_ensure_capacity(s1, new_size); memcpy(s1->list + s1->num_used, s2->list, s2->num_used*sizeof(void*)); - s1->num_used = new_size; + tor_assert(new_size <= INT_MAX); /* redundant. */ + s1->num_used = (int) new_size; } /** Remove all elements E from sl such that E==element. Preserve @@ -334,7 +338,7 @@ smartlist_insert(smartlist_t *sl, int idx, void *val) if (idx == sl->num_used) { smartlist_add(sl, val); } else { -smartlist_ensure_capacity(sl, sl->num_used+1); +smartlist_ensure_capacity(sl, ((size_t) sl->num_used)+1); /* Move other elements away */ if (idx < sl->num_used) memmove(sl->list + idx + 1, sl->list + idx, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.6] Make ensure_capacity a bit more pedantically correct
commit c2fd64846978290b0e7c7165d7658a5e704eee8f Author: Nick MathewsonDate: Thu Feb 11 12:54:52 2016 -0500 Make ensure_capacity a bit more pedantically correct Issues noted by cypherpunks on #18162 --- src/common/container.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/common/container.c b/src/common/container.c index 46d9c2e..b1431df 100644 --- a/src/common/container.c +++ b/src/common/container.c @@ -58,11 +58,16 @@ smartlist_clear(smartlist_t *sl) sl->num_used = 0; } +#if SIZE_MAX < INT_MAX +#error "We don't support systems where size_t is smaller than int." +#endif + /** Make sure that sl can hold at least size entries. */ static INLINE void smartlist_ensure_capacity(smartlist_t *sl, size_t size) { -#if SIZEOF_SIZE_T > SIZEOF_INT + /* Set MAX_CAPACITY to MIN(INT_MAX, SIZE_MAX / sizeof(void*)) */ +#if (SIZE_MAX/SIZEOF_VOID_P) > INT_MAX #define MAX_CAPACITY (INT_MAX) #else #define MAX_CAPACITY (int)((SIZE_MAX / (sizeof(void* ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.6] avoid integer overflow in and around smartlist_ensure_capacity.
commit bca7083e8285e8e6a4377076a7e432417eafc6d2 Author: Nick MathewsonDate: Wed Jan 27 12:26:02 2016 -0500 avoid integer overflow in and around smartlist_ensure_capacity. This closes bug 18162; bugfix on a45b1315909c9, which fixed a related issue long ago. In addition to the #18162 issues, this fixes a signed integer overflow in smarltist_add_all(), which is probably not so great either. --- changes/bug18162 | 7 +++ src/common/container.c | 22 +- 2 files changed, 20 insertions(+), 9 deletions(-) diff --git a/changes/bug18162 b/changes/bug18162 new file mode 100644 index 000..0844d6f --- /dev/null +++ b/changes/bug18162 @@ -0,0 +1,7 @@ + o Major bugfixes (security, pointers): + +- Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug #18162; + bugfix on Tor 0.1.1.11-alpha, which fixed a related bug + incompletely. Reported by Guido Vranken. + diff --git a/src/common/container.c b/src/common/container.c index eec497a..46d9c2e 100644 --- a/src/common/container.c +++ b/src/common/container.c @@ -60,15 +60,17 @@ smartlist_clear(smartlist_t *sl) /** Make sure that sl can hold at least size entries. */ static INLINE void -smartlist_ensure_capacity(smartlist_t *sl, int size) +smartlist_ensure_capacity(smartlist_t *sl, size_t size) { #if SIZEOF_SIZE_T > SIZEOF_INT #define MAX_CAPACITY (INT_MAX) #else #define MAX_CAPACITY (int)((SIZE_MAX / (sizeof(void* #endif - if (size > sl->capacity) { -int higher = sl->capacity; + tor_assert(size <= MAX_CAPACITY); + + if (size > (size_t) sl->capacity) { +size_t higher = (size_t) sl->capacity; if (PREDICT_UNLIKELY(size > MAX_CAPACITY/2)) { tor_assert(size <= MAX_CAPACITY); higher = MAX_CAPACITY; @@ -76,7 +78,8 @@ smartlist_ensure_capacity(smartlist_t *sl, int size) while (size > higher) higher *= 2; } -sl->capacity = higher; +tor_assert(higher <= INT_MAX); /* Redundant */ +sl->capacity = (int) higher; sl->list = tor_realloc(sl->list, sizeof(void*)*((size_t)sl->capacity)); } } @@ -85,7 +88,7 @@ smartlist_ensure_capacity(smartlist_t *sl, int size) void smartlist_add(smartlist_t *sl, void *element) { - smartlist_ensure_capacity(sl, sl->num_used+1); + smartlist_ensure_capacity(sl, ((size_t) sl->num_used)+1); sl->list[sl->num_used++] = element; } @@ -93,11 +96,12 @@ smartlist_add(smartlist_t *sl, void *element) void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2) { - int new_size = s1->num_used + s2->num_used; - tor_assert(new_size >= s1->num_used); /* check for overflow. */ + size_t new_size = (size_t)s1->num_used + (size_t)s2->num_used; + tor_assert(new_size >= (size_t) s1->num_used); /* check for overflow. */ smartlist_ensure_capacity(s1, new_size); memcpy(s1->list + s1->num_used, s2->list, s2->num_used*sizeof(void*)); - s1->num_used = new_size; + tor_assert(new_size <= INT_MAX); /* redundant. */ + s1->num_used = (int) new_size; } /** Remove all elements E from sl such that E==element. Preserve @@ -334,7 +338,7 @@ smartlist_insert(smartlist_t *sl, int idx, void *val) if (idx == sl->num_used) { smartlist_add(sl, val); } else { -smartlist_ensure_capacity(sl, sl->num_used+1); +smartlist_ensure_capacity(sl, ((size_t) sl->num_used)+1); /* Move other elements away */ if (idx < sl->num_used) memmove(sl->list + idx + 1, sl->list + idx, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.5] Merge branch 'bug18162_024' into maint-0.2.4
commit ad95d64fece2c6d2eddffc8fa5178c3ffccc0cd7 Merge: d5ac79e c2fd648 Author: Nick MathewsonDate: Thu Feb 11 12:55:25 2016 -0500 Merge branch 'bug18162_024' into maint-0.2.4 changes/bug18162 | 7 +++ src/common/container.c | 29 +++-- 2 files changed, 26 insertions(+), 10 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.7] Make ensure_capacity a bit more pedantically correct
commit c2fd64846978290b0e7c7165d7658a5e704eee8f Author: Nick MathewsonDate: Thu Feb 11 12:54:52 2016 -0500 Make ensure_capacity a bit more pedantically correct Issues noted by cypherpunks on #18162 --- src/common/container.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/common/container.c b/src/common/container.c index 46d9c2e..b1431df 100644 --- a/src/common/container.c +++ b/src/common/container.c @@ -58,11 +58,16 @@ smartlist_clear(smartlist_t *sl) sl->num_used = 0; } +#if SIZE_MAX < INT_MAX +#error "We don't support systems where size_t is smaller than int." +#endif + /** Make sure that sl can hold at least size entries. */ static INLINE void smartlist_ensure_capacity(smartlist_t *sl, size_t size) { -#if SIZEOF_SIZE_T > SIZEOF_INT + /* Set MAX_CAPACITY to MIN(INT_MAX, SIZE_MAX / sizeof(void*)) */ +#if (SIZE_MAX/SIZEOF_VOID_P) > INT_MAX #define MAX_CAPACITY (INT_MAX) #else #define MAX_CAPACITY (int)((SIZE_MAX / (sizeof(void* ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.7] avoid integer overflow in and around smartlist_ensure_capacity.
commit bca7083e8285e8e6a4377076a7e432417eafc6d2 Author: Nick MathewsonDate: Wed Jan 27 12:26:02 2016 -0500 avoid integer overflow in and around smartlist_ensure_capacity. This closes bug 18162; bugfix on a45b1315909c9, which fixed a related issue long ago. In addition to the #18162 issues, this fixes a signed integer overflow in smarltist_add_all(), which is probably not so great either. --- changes/bug18162 | 7 +++ src/common/container.c | 22 +- 2 files changed, 20 insertions(+), 9 deletions(-) diff --git a/changes/bug18162 b/changes/bug18162 new file mode 100644 index 000..0844d6f --- /dev/null +++ b/changes/bug18162 @@ -0,0 +1,7 @@ + o Major bugfixes (security, pointers): + +- Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug #18162; + bugfix on Tor 0.1.1.11-alpha, which fixed a related bug + incompletely. Reported by Guido Vranken. + diff --git a/src/common/container.c b/src/common/container.c index eec497a..46d9c2e 100644 --- a/src/common/container.c +++ b/src/common/container.c @@ -60,15 +60,17 @@ smartlist_clear(smartlist_t *sl) /** Make sure that sl can hold at least size entries. */ static INLINE void -smartlist_ensure_capacity(smartlist_t *sl, int size) +smartlist_ensure_capacity(smartlist_t *sl, size_t size) { #if SIZEOF_SIZE_T > SIZEOF_INT #define MAX_CAPACITY (INT_MAX) #else #define MAX_CAPACITY (int)((SIZE_MAX / (sizeof(void* #endif - if (size > sl->capacity) { -int higher = sl->capacity; + tor_assert(size <= MAX_CAPACITY); + + if (size > (size_t) sl->capacity) { +size_t higher = (size_t) sl->capacity; if (PREDICT_UNLIKELY(size > MAX_CAPACITY/2)) { tor_assert(size <= MAX_CAPACITY); higher = MAX_CAPACITY; @@ -76,7 +78,8 @@ smartlist_ensure_capacity(smartlist_t *sl, int size) while (size > higher) higher *= 2; } -sl->capacity = higher; +tor_assert(higher <= INT_MAX); /* Redundant */ +sl->capacity = (int) higher; sl->list = tor_realloc(sl->list, sizeof(void*)*((size_t)sl->capacity)); } } @@ -85,7 +88,7 @@ smartlist_ensure_capacity(smartlist_t *sl, int size) void smartlist_add(smartlist_t *sl, void *element) { - smartlist_ensure_capacity(sl, sl->num_used+1); + smartlist_ensure_capacity(sl, ((size_t) sl->num_used)+1); sl->list[sl->num_used++] = element; } @@ -93,11 +96,12 @@ smartlist_add(smartlist_t *sl, void *element) void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2) { - int new_size = s1->num_used + s2->num_used; - tor_assert(new_size >= s1->num_used); /* check for overflow. */ + size_t new_size = (size_t)s1->num_used + (size_t)s2->num_used; + tor_assert(new_size >= (size_t) s1->num_used); /* check for overflow. */ smartlist_ensure_capacity(s1, new_size); memcpy(s1->list + s1->num_used, s2->list, s2->num_used*sizeof(void*)); - s1->num_used = new_size; + tor_assert(new_size <= INT_MAX); /* redundant. */ + s1->num_used = (int) new_size; } /** Remove all elements E from sl such that E==element. Preserve @@ -334,7 +338,7 @@ smartlist_insert(smartlist_t *sl, int idx, void *val) if (idx == sl->num_used) { smartlist_add(sl, val); } else { -smartlist_ensure_capacity(sl, sl->num_used+1); +smartlist_ensure_capacity(sl, ((size_t) sl->num_used)+1); /* Move other elements away */ if (idx < sl->num_used) memmove(sl->list + idx + 1, sl->list + idx, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.5] avoid integer overflow in and around smartlist_ensure_capacity.
commit bca7083e8285e8e6a4377076a7e432417eafc6d2 Author: Nick MathewsonDate: Wed Jan 27 12:26:02 2016 -0500 avoid integer overflow in and around smartlist_ensure_capacity. This closes bug 18162; bugfix on a45b1315909c9, which fixed a related issue long ago. In addition to the #18162 issues, this fixes a signed integer overflow in smarltist_add_all(), which is probably not so great either. --- changes/bug18162 | 7 +++ src/common/container.c | 22 +- 2 files changed, 20 insertions(+), 9 deletions(-) diff --git a/changes/bug18162 b/changes/bug18162 new file mode 100644 index 000..0844d6f --- /dev/null +++ b/changes/bug18162 @@ -0,0 +1,7 @@ + o Major bugfixes (security, pointers): + +- Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug #18162; + bugfix on Tor 0.1.1.11-alpha, which fixed a related bug + incompletely. Reported by Guido Vranken. + diff --git a/src/common/container.c b/src/common/container.c index eec497a..46d9c2e 100644 --- a/src/common/container.c +++ b/src/common/container.c @@ -60,15 +60,17 @@ smartlist_clear(smartlist_t *sl) /** Make sure that sl can hold at least size entries. */ static INLINE void -smartlist_ensure_capacity(smartlist_t *sl, int size) +smartlist_ensure_capacity(smartlist_t *sl, size_t size) { #if SIZEOF_SIZE_T > SIZEOF_INT #define MAX_CAPACITY (INT_MAX) #else #define MAX_CAPACITY (int)((SIZE_MAX / (sizeof(void* #endif - if (size > sl->capacity) { -int higher = sl->capacity; + tor_assert(size <= MAX_CAPACITY); + + if (size > (size_t) sl->capacity) { +size_t higher = (size_t) sl->capacity; if (PREDICT_UNLIKELY(size > MAX_CAPACITY/2)) { tor_assert(size <= MAX_CAPACITY); higher = MAX_CAPACITY; @@ -76,7 +78,8 @@ smartlist_ensure_capacity(smartlist_t *sl, int size) while (size > higher) higher *= 2; } -sl->capacity = higher; +tor_assert(higher <= INT_MAX); /* Redundant */ +sl->capacity = (int) higher; sl->list = tor_realloc(sl->list, sizeof(void*)*((size_t)sl->capacity)); } } @@ -85,7 +88,7 @@ smartlist_ensure_capacity(smartlist_t *sl, int size) void smartlist_add(smartlist_t *sl, void *element) { - smartlist_ensure_capacity(sl, sl->num_used+1); + smartlist_ensure_capacity(sl, ((size_t) sl->num_used)+1); sl->list[sl->num_used++] = element; } @@ -93,11 +96,12 @@ smartlist_add(smartlist_t *sl, void *element) void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2) { - int new_size = s1->num_used + s2->num_used; - tor_assert(new_size >= s1->num_used); /* check for overflow. */ + size_t new_size = (size_t)s1->num_used + (size_t)s2->num_used; + tor_assert(new_size >= (size_t) s1->num_used); /* check for overflow. */ smartlist_ensure_capacity(s1, new_size); memcpy(s1->list + s1->num_used, s2->list, s2->num_used*sizeof(void*)); - s1->num_used = new_size; + tor_assert(new_size <= INT_MAX); /* redundant. */ + s1->num_used = (int) new_size; } /** Remove all elements E from sl such that E==element. Preserve @@ -334,7 +338,7 @@ smartlist_insert(smartlist_t *sl, int idx, void *val) if (idx == sl->num_used) { smartlist_add(sl, val); } else { -smartlist_ensure_capacity(sl, sl->num_used+1); +smartlist_ensure_capacity(sl, ((size_t) sl->num_used)+1); /* Move other elements away */ if (idx < sl->num_used) memmove(sl->list + idx + 1, sl->list + idx, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.7] Merge branch 'bug18162_024' into maint-0.2.4
commit ad95d64fece2c6d2eddffc8fa5178c3ffccc0cd7 Merge: d5ac79e c2fd648 Author: Nick MathewsonDate: Thu Feb 11 12:55:25 2016 -0500 Merge branch 'bug18162_024' into maint-0.2.4 changes/bug18162 | 7 +++ src/common/container.c | 29 +++-- 2 files changed, 26 insertions(+), 10 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'bug18162_024' into maint-0.2.4
commit ad95d64fece2c6d2eddffc8fa5178c3ffccc0cd7 Merge: d5ac79e c2fd648 Author: Nick MathewsonDate: Thu Feb 11 12:55:25 2016 -0500 Merge branch 'bug18162_024' into maint-0.2.4 changes/bug18162 | 7 +++ src/common/container.c | 29 +++-- 2 files changed, 26 insertions(+), 10 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Make ensure_capacity a bit more pedantically correct
commit c2fd64846978290b0e7c7165d7658a5e704eee8f Author: Nick MathewsonDate: Thu Feb 11 12:54:52 2016 -0500 Make ensure_capacity a bit more pedantically correct Issues noted by cypherpunks on #18162 --- src/common/container.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/common/container.c b/src/common/container.c index 46d9c2e..b1431df 100644 --- a/src/common/container.c +++ b/src/common/container.c @@ -58,11 +58,16 @@ smartlist_clear(smartlist_t *sl) sl->num_used = 0; } +#if SIZE_MAX < INT_MAX +#error "We don't support systems where size_t is smaller than int." +#endif + /** Make sure that sl can hold at least size entries. */ static INLINE void smartlist_ensure_capacity(smartlist_t *sl, size_t size) { -#if SIZEOF_SIZE_T > SIZEOF_INT + /* Set MAX_CAPACITY to MIN(INT_MAX, SIZE_MAX / sizeof(void*)) */ +#if (SIZE_MAX/SIZEOF_VOID_P) > INT_MAX #define MAX_CAPACITY (INT_MAX) #else #define MAX_CAPACITY (int)((SIZE_MAX / (sizeof(void* ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'maint-0.2.4' into maint-0.2.5
commit ce289e2cb5099a4abe4468049dc0d262b65bfa17 Merge: f06d9a9 ad95d64 Author: Nick MathewsonDate: Thu Feb 11 12:55:40 2016 -0500 Merge branch 'maint-0.2.4' into maint-0.2.5 changes/bug18162 | 7 +++ src/common/container.c | 29 +++-- 2 files changed, 26 insertions(+), 10 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.7] Merge branch 'maint-0.2.4' into maint-0.2.5
commit ce289e2cb5099a4abe4468049dc0d262b65bfa17 Merge: f06d9a9 ad95d64 Author: Nick MathewsonDate: Thu Feb 11 12:55:40 2016 -0500 Merge branch 'maint-0.2.4' into maint-0.2.5 changes/bug18162 | 7 +++ src/common/container.c | 29 +++-- 2 files changed, 26 insertions(+), 10 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] avoid integer overflow in and around smartlist_ensure_capacity.
commit bca7083e8285e8e6a4377076a7e432417eafc6d2 Author: Nick MathewsonDate: Wed Jan 27 12:26:02 2016 -0500 avoid integer overflow in and around smartlist_ensure_capacity. This closes bug 18162; bugfix on a45b1315909c9, which fixed a related issue long ago. In addition to the #18162 issues, this fixes a signed integer overflow in smarltist_add_all(), which is probably not so great either. --- changes/bug18162 | 7 +++ src/common/container.c | 22 +- 2 files changed, 20 insertions(+), 9 deletions(-) diff --git a/changes/bug18162 b/changes/bug18162 new file mode 100644 index 000..0844d6f --- /dev/null +++ b/changes/bug18162 @@ -0,0 +1,7 @@ + o Major bugfixes (security, pointers): + +- Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug #18162; + bugfix on Tor 0.1.1.11-alpha, which fixed a related bug + incompletely. Reported by Guido Vranken. + diff --git a/src/common/container.c b/src/common/container.c index eec497a..46d9c2e 100644 --- a/src/common/container.c +++ b/src/common/container.c @@ -60,15 +60,17 @@ smartlist_clear(smartlist_t *sl) /** Make sure that sl can hold at least size entries. */ static INLINE void -smartlist_ensure_capacity(smartlist_t *sl, int size) +smartlist_ensure_capacity(smartlist_t *sl, size_t size) { #if SIZEOF_SIZE_T > SIZEOF_INT #define MAX_CAPACITY (INT_MAX) #else #define MAX_CAPACITY (int)((SIZE_MAX / (sizeof(void* #endif - if (size > sl->capacity) { -int higher = sl->capacity; + tor_assert(size <= MAX_CAPACITY); + + if (size > (size_t) sl->capacity) { +size_t higher = (size_t) sl->capacity; if (PREDICT_UNLIKELY(size > MAX_CAPACITY/2)) { tor_assert(size <= MAX_CAPACITY); higher = MAX_CAPACITY; @@ -76,7 +78,8 @@ smartlist_ensure_capacity(smartlist_t *sl, int size) while (size > higher) higher *= 2; } -sl->capacity = higher; +tor_assert(higher <= INT_MAX); /* Redundant */ +sl->capacity = (int) higher; sl->list = tor_realloc(sl->list, sizeof(void*)*((size_t)sl->capacity)); } } @@ -85,7 +88,7 @@ smartlist_ensure_capacity(smartlist_t *sl, int size) void smartlist_add(smartlist_t *sl, void *element) { - smartlist_ensure_capacity(sl, sl->num_used+1); + smartlist_ensure_capacity(sl, ((size_t) sl->num_used)+1); sl->list[sl->num_used++] = element; } @@ -93,11 +96,12 @@ smartlist_add(smartlist_t *sl, void *element) void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2) { - int new_size = s1->num_used + s2->num_used; - tor_assert(new_size >= s1->num_used); /* check for overflow. */ + size_t new_size = (size_t)s1->num_used + (size_t)s2->num_used; + tor_assert(new_size >= (size_t) s1->num_used); /* check for overflow. */ smartlist_ensure_capacity(s1, new_size); memcpy(s1->list + s1->num_used, s2->list, s2->num_used*sizeof(void*)); - s1->num_used = new_size; + tor_assert(new_size <= INT_MAX); /* redundant. */ + s1->num_used = (int) new_size; } /** Remove all elements E from sl such that E==element. Preserve @@ -334,7 +338,7 @@ smartlist_insert(smartlist_t *sl, int idx, void *val) if (idx == sl->num_used) { smartlist_add(sl, val); } else { -smartlist_ensure_capacity(sl, sl->num_used+1); +smartlist_ensure_capacity(sl, ((size_t) sl->num_used)+1); /* Move other elements away */ if (idx < sl->num_used) memmove(sl->list + idx + 1, sl->list + idx, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'maint-0.2.7'
commit 7788ee43e519a8f39e3917c4161e7c635cd2ecd9 Merge: 838d4de be6174f Author: Nick MathewsonDate: Thu Feb 11 13:04:43 2016 -0500 Merge branch 'maint-0.2.7' changes/bug18162 | 7 +++ src/common/container.c | 36 +++- 2 files changed, 26 insertions(+), 17 deletions(-) diff --cc src/common/container.c index 9f40dfa,8c66bd8..2e42c9e --- a/src/common/container.c +++ b/src/common/container.c @@@ -59,11 -58,16 +59,16 @@@ smartlist_clear(smartlist_t *sl sl->num_used = 0; } + #if SIZE_MAX < INT_MAX + #error "We don't support systems where size_t is smaller than int." + #endif + /** Make sure that sl can hold at least size entries. */ -static INLINE void +static inline void - smartlist_ensure_capacity(smartlist_t *sl, int size) + smartlist_ensure_capacity(smartlist_t *sl, size_t size) { - #if SIZEOF_SIZE_T > SIZEOF_INT + /* Set MAX_CAPACITY to MIN(INT_MAX, SIZE_MAX / sizeof(void*)) */ + #if (SIZE_MAX/SIZEOF_VOID_P) > INT_MAX #define MAX_CAPACITY (INT_MAX) #else #define MAX_CAPACITY (int)((SIZE_MAX / (sizeof(void* @@@ -83,11 -83,10 +84,11 @@@ while (size > higher) higher *= 2; } -tor_assert(higher <= INT_MAX); /* Redundant */ -sl->capacity = (int) higher; sl->list = tor_reallocarray(sl->list, sizeof(void *), -((size_t)sl->capacity)); +((size_t)higher)); +memset(sl->list + sl->capacity, 0, + sizeof(void *) * (higher - sl->capacity)); - sl->capacity = higher; ++sl->capacity = (int) higher; } #undef ASSERT_CAPACITY #undef MAX_CAPACITY ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.7] Merge branch 'maint-0.2.5' into maint-0.2.6
commit 740421af194b890c24242a834ed03ffc5c4c16ab Merge: 44ad3be ce289e2 Author: Nick MathewsonDate: Thu Feb 11 12:57:28 2016 -0500 Merge branch 'maint-0.2.5' into maint-0.2.6 changes/bug18162 | 7 +++ src/common/container.c | 37 - 2 files changed, 27 insertions(+), 17 deletions(-) diff --cc src/common/container.c index 864fd8a,c668068..76c129d --- a/src/common/container.c +++ b/src/common/container.c @@@ -66,28 -71,22 +71,25 @@@ smartlist_ensure_capacity(smartlist_t * #define MAX_CAPACITY (INT_MAX) #else #define MAX_CAPACITY (int)((SIZE_MAX / (sizeof(void* - #define ASSERT_CAPACITY #endif - if (size > sl->capacity) { - int higher = sl->capacity; ++ + tor_assert(size <= MAX_CAPACITY); + + if (size > (size_t) sl->capacity) { + size_t higher = (size_t) sl->capacity; if (PREDICT_UNLIKELY(size > MAX_CAPACITY/2)) { - #ifdef ASSERT_CAPACITY - /* We don't include this assertion when MAX_CAPACITY == INT_MAX, -* since int size; (size <= INT_MAX) makes analysis tools think we're -* doing something stupid. */ -- tor_assert(size <= MAX_CAPACITY); - #endif higher = MAX_CAPACITY; } else { while (size > higher) higher *= 2; } - sl->capacity = higher; + tor_assert(higher <= INT_MAX); /* Redundant */ + sl->capacity = (int) higher; -sl->list = tor_realloc(sl->list, sizeof(void*)*((size_t)sl->capacity)); +sl->list = tor_reallocarray(sl->list, sizeof(void *), +((size_t)sl->capacity)); } +#undef ASSERT_CAPACITY +#undef MAX_CAPACITY } /** Append element to the end of the list. */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'maint-0.2.5' into maint-0.2.6
commit 740421af194b890c24242a834ed03ffc5c4c16ab Merge: 44ad3be ce289e2 Author: Nick MathewsonDate: Thu Feb 11 12:57:28 2016 -0500 Merge branch 'maint-0.2.5' into maint-0.2.6 changes/bug18162 | 7 +++ src/common/container.c | 37 - 2 files changed, 27 insertions(+), 17 deletions(-) diff --cc src/common/container.c index 864fd8a,c668068..76c129d --- a/src/common/container.c +++ b/src/common/container.c @@@ -66,28 -71,22 +71,25 @@@ smartlist_ensure_capacity(smartlist_t * #define MAX_CAPACITY (INT_MAX) #else #define MAX_CAPACITY (int)((SIZE_MAX / (sizeof(void* - #define ASSERT_CAPACITY #endif - if (size > sl->capacity) { - int higher = sl->capacity; ++ + tor_assert(size <= MAX_CAPACITY); + + if (size > (size_t) sl->capacity) { + size_t higher = (size_t) sl->capacity; if (PREDICT_UNLIKELY(size > MAX_CAPACITY/2)) { - #ifdef ASSERT_CAPACITY - /* We don't include this assertion when MAX_CAPACITY == INT_MAX, -* since int size; (size <= INT_MAX) makes analysis tools think we're -* doing something stupid. */ -- tor_assert(size <= MAX_CAPACITY); - #endif higher = MAX_CAPACITY; } else { while (size > higher) higher *= 2; } - sl->capacity = higher; + tor_assert(higher <= INT_MAX); /* Redundant */ + sl->capacity = (int) higher; -sl->list = tor_realloc(sl->list, sizeof(void*)*((size_t)sl->capacity)); +sl->list = tor_reallocarray(sl->list, sizeof(void *), +((size_t)sl->capacity)); } +#undef ASSERT_CAPACITY +#undef MAX_CAPACITY } /** Append element to the end of the list. */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'maint-0.2.6' into maint-0.2.7
commit be6174f8f6aaaf8f990eb56c5cba16bc5ec0fcea Merge: d920cbb 740421a Author: Nick MathewsonDate: Thu Feb 11 13:01:46 2016 -0500 Merge branch 'maint-0.2.6' into maint-0.2.7 changes/bug18162 | 7 +++ src/common/container.c | 37 - 2 files changed, 27 insertions(+), 17 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor_animation] Update translations for tor_animation
commit e360afe2965e119c99018e9431be8756c6994979 Author: Translation commit botDate: Thu Feb 11 18:16:00 2016 + Update translations for tor_animation --- tl_PH.srt | 56 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/tl_PH.srt b/tl_PH.srt index 5910259..61d0d6d 100644 --- a/tl_PH.srt +++ b/tl_PH.srt @@ -16,7 +16,7 @@ mga lugar na pinupuntahan natin, at mga binabasa natin. 5 00:00:13,280 --> 00:00:14,640 -Hayaan mo akong ipaliwanag ito sa iyo ng mas mabuti. +Hayaan mong ipaliwanag ko ito sa iyo ng mas mabuti. 6 00:00:14,920 --> 00:00:17,740 @@ -38,106 +38,106 @@ ang browser na ginagamit mo para mag surf sa web, at kung ano-ano pa tungkol sa iyo at sobra-sobra pa tungkol sa iyo. 10 -00:00:29,620 --> 00:00:32,460 +00:00:29,200 --> 00:00:31,500 na hindi mo naman talagang sadyang ibahagi sa mga taong hindi mo kilala 11 -00:00:32,920 --> 00:00:35,840 +00:00:31,700 --> 00:00:34,000 - na maaring gamitin ang impormasyon mo na kanila'y pakikinabangan. 12 -00:00:36,220 --> 00:00:38,120 -Pero lahat ng iyon ay maiiwasan sa pamamagitan ng Tor! +00:00:34,500 --> 00:00:37,000 +Maliban kung gumagamit ka ng Tor! 13 -00:00:39,140 --> 00:00:42,840 +00:00:37,140 --> 00:00:40,840 Pinoprotektahan ng Tor Browser ang ating palihim (privacy) at pagkakakilanlan (identity) sa Internet. 14 -00:00:43,560 --> 00:00:46,760 +00:00:41,560 --> 00:00:44,760 Pinapatibay at sinisigurado ng Tor ang iyong koneksyon sa pamamagitan ng tatlong patong ng encryption 15 -00:00:46,940 --> 00:00:51,760 +00:00:44,940 --> 00:00:49,760 at idinadaan ito sa tatlong kinusang-loob na mga servers sa iba't-ibang sulok ng mundo, 16 -00:00:52,280 --> 00:00:55,520 +00:00:50,280 --> 00:00:53,520 para magkaroon tayong nang paliham na komunikasyon sa Internet. 17 -00:00:58,560 --> 00:01:00,280 +00:00:56,560 --> 00:00:58,280 Pinoprotektahan din ng Tor ang ating mga data 18 -00:01:00,400 --> 00:01:03,900 +00:00:58,400 --> 00:01:01,900 laban sa patamaang-gobyerno (government-targeted) o patamaang-korporasyon (corporate-targeted) at pang-masang pamamahala (mass surveillance). 19 -00:01:04,880 --> 00:01:09,340 +00:01:02,880 --> 00:01:07,340 Baka nakatira ka sa isang bansa na strikto sa kalayaan na sinusubukang kontrolin at imahala (surveil) ang Internet. 20 -00:01:09,900 --> 00:01:13,800 +00:01:07,900 --> 00:01:11,800 O kaya nama'y ayaw mong pakinabangan ng malalaking korporasyon ang iyong personal na impormasyon. 21 -00:01:14,880 --> 00:01:17,640 +00:01:12,880 --> 00:01:15,640 Ginagawa ng Tor na magkakamukha ang mga gumagamit nito 22 -00:01:17,920 --> 00:01:20,800 +00:01:15,920 --> 00:01:18,800 na nililito ang sinumang namamahala o nanonood, at sa pamamagitan nito ikaw ay nagiging anonimo o hindi nakikilala. 23 -00:01:21,500 --> 00:01:24,980 +00:01:19,500 --> 00:01:22,980 Kaya, kapag mas maraming taong gumagamit ng Tor network, mas lumalakas ito 24 -00:01:25,140 --> 00:01:29,800 +00:01:23,140 --> 00:01:27,800 sapagkat mas madaling magtago sa pangkat o grupo ng tao na magkakamukha. 25 -00:01:30,700 --> 00:01:33,240 +00:01:28,700 --> 00:01:31,240 Maaring mong iwasan o sikutan ang pagsensura ng hindi pagaalala 26 -00:01:33,400 --> 00:01:36,100 +00:01:31,400 --> 00:01:34,100 tungkol sa pagaalam ng sensura kung ano ang ginagawa mo sa Internet. 27 -00:01:38,540 --> 00:01:41,440 +00:01:36,540 --> 00:01:39,440 Hindi ka susundan ng mga ads kahit saan ng ilang buwan, 28 -00:01:41,640 --> 00:01:43,300 +00:01:39,640 --> 00:01:41,300 simula nung una kang pumindot sa isang produkto. 29 -00:01:45,880 --> 00:01:49,380 +00:01:43,880 --> 00:01:47,380 Sa pagamit ng Tor, hindi ka man lang malaman ng mga sites na binisita mo kung sino ka, 30 -00:01:49,540 --> 00:01:51,760 +00:01:47,540 --> 00:01:49,760 kung saang parte ng mundo mo sila binisita, 31 -00:01:51,920 --> 00:01:53,920 +00:01:49,920 --> 00:01:51,920 kung hindi ka mag lologin at magkukusang magsabi. 32 -00:01:56,200 --> 00:01:57,840 +00:01:54,200 --> 00:01:55,840 Sa pag-download at paggamit ng Tor, 33 -00:01:58,200 --> 00:02:00,560 +00:01:56,200 --> 00:01:58,560 maproprotektahan mo din ang pagiging anonimo ng mga nangangailangang tao, 34 -00:02:00,880 --> 00:02:03,640 +00:01:58,880 --> 00:02:01,640 tulad ng activists, journalists at bloggers. 35 -00:02:04,000 --> 00:02:09,000 +00:02:02,000 --> 00:02:07,000 Kaya'y i-download mo na ang Tor at gamitin! O kaya'y magpatakbo ng relay! ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor_animation_completed] Update translations for tor_animation_completed
commit 3804c2f89578c92563545bad82c97af96a002cc2 Author: Translation commit botDate: Thu Feb 11 18:16:07 2016 + Update translations for tor_animation_completed --- tl_PH.srt | 56 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/tl_PH.srt b/tl_PH.srt index 5910259..61d0d6d 100644 --- a/tl_PH.srt +++ b/tl_PH.srt @@ -16,7 +16,7 @@ mga lugar na pinupuntahan natin, at mga binabasa natin. 5 00:00:13,280 --> 00:00:14,640 -Hayaan mo akong ipaliwanag ito sa iyo ng mas mabuti. +Hayaan mong ipaliwanag ko ito sa iyo ng mas mabuti. 6 00:00:14,920 --> 00:00:17,740 @@ -38,106 +38,106 @@ ang browser na ginagamit mo para mag surf sa web, at kung ano-ano pa tungkol sa iyo at sobra-sobra pa tungkol sa iyo. 10 -00:00:29,620 --> 00:00:32,460 +00:00:29,200 --> 00:00:31,500 na hindi mo naman talagang sadyang ibahagi sa mga taong hindi mo kilala 11 -00:00:32,920 --> 00:00:35,840 +00:00:31,700 --> 00:00:34,000 - na maaring gamitin ang impormasyon mo na kanila'y pakikinabangan. 12 -00:00:36,220 --> 00:00:38,120 -Pero lahat ng iyon ay maiiwasan sa pamamagitan ng Tor! +00:00:34,500 --> 00:00:37,000 +Maliban kung gumagamit ka ng Tor! 13 -00:00:39,140 --> 00:00:42,840 +00:00:37,140 --> 00:00:40,840 Pinoprotektahan ng Tor Browser ang ating palihim (privacy) at pagkakakilanlan (identity) sa Internet. 14 -00:00:43,560 --> 00:00:46,760 +00:00:41,560 --> 00:00:44,760 Pinapatibay at sinisigurado ng Tor ang iyong koneksyon sa pamamagitan ng tatlong patong ng encryption 15 -00:00:46,940 --> 00:00:51,760 +00:00:44,940 --> 00:00:49,760 at idinadaan ito sa tatlong kinusang-loob na mga servers sa iba't-ibang sulok ng mundo, 16 -00:00:52,280 --> 00:00:55,520 +00:00:50,280 --> 00:00:53,520 para magkaroon tayong nang paliham na komunikasyon sa Internet. 17 -00:00:58,560 --> 00:01:00,280 +00:00:56,560 --> 00:00:58,280 Pinoprotektahan din ng Tor ang ating mga data 18 -00:01:00,400 --> 00:01:03,900 +00:00:58,400 --> 00:01:01,900 laban sa patamaang-gobyerno (government-targeted) o patamaang-korporasyon (corporate-targeted) at pang-masang pamamahala (mass surveillance). 19 -00:01:04,880 --> 00:01:09,340 +00:01:02,880 --> 00:01:07,340 Baka nakatira ka sa isang bansa na strikto sa kalayaan na sinusubukang kontrolin at imahala (surveil) ang Internet. 20 -00:01:09,900 --> 00:01:13,800 +00:01:07,900 --> 00:01:11,800 O kaya nama'y ayaw mong pakinabangan ng malalaking korporasyon ang iyong personal na impormasyon. 21 -00:01:14,880 --> 00:01:17,640 +00:01:12,880 --> 00:01:15,640 Ginagawa ng Tor na magkakamukha ang mga gumagamit nito 22 -00:01:17,920 --> 00:01:20,800 +00:01:15,920 --> 00:01:18,800 na nililito ang sinumang namamahala o nanonood, at sa pamamagitan nito ikaw ay nagiging anonimo o hindi nakikilala. 23 -00:01:21,500 --> 00:01:24,980 +00:01:19,500 --> 00:01:22,980 Kaya, kapag mas maraming taong gumagamit ng Tor network, mas lumalakas ito 24 -00:01:25,140 --> 00:01:29,800 +00:01:23,140 --> 00:01:27,800 sapagkat mas madaling magtago sa pangkat o grupo ng tao na magkakamukha. 25 -00:01:30,700 --> 00:01:33,240 +00:01:28,700 --> 00:01:31,240 Maaring mong iwasan o sikutan ang pagsensura ng hindi pagaalala 26 -00:01:33,400 --> 00:01:36,100 +00:01:31,400 --> 00:01:34,100 tungkol sa pagaalam ng sensura kung ano ang ginagawa mo sa Internet. 27 -00:01:38,540 --> 00:01:41,440 +00:01:36,540 --> 00:01:39,440 Hindi ka susundan ng mga ads kahit saan ng ilang buwan, 28 -00:01:41,640 --> 00:01:43,300 +00:01:39,640 --> 00:01:41,300 simula nung una kang pumindot sa isang produkto. 29 -00:01:45,880 --> 00:01:49,380 +00:01:43,880 --> 00:01:47,380 Sa pagamit ng Tor, hindi ka man lang malaman ng mga sites na binisita mo kung sino ka, 30 -00:01:49,540 --> 00:01:51,760 +00:01:47,540 --> 00:01:49,760 kung saang parte ng mundo mo sila binisita, 31 -00:01:51,920 --> 00:01:53,920 +00:01:49,920 --> 00:01:51,920 kung hindi ka mag lologin at magkukusang magsabi. 32 -00:01:56,200 --> 00:01:57,840 +00:01:54,200 --> 00:01:55,840 Sa pag-download at paggamit ng Tor, 33 -00:01:58,200 --> 00:02:00,560 +00:01:56,200 --> 00:01:58,560 maproprotektahan mo din ang pagiging anonimo ng mga nangangailangang tao, 34 -00:02:00,880 --> 00:02:03,640 +00:01:58,880 --> 00:02:01,640 tulad ng activists, journalists at bloggers. 35 -00:02:04,000 --> 00:02:09,000 +00:02:02,000 --> 00:02:07,000 Kaya'y i-download mo na ang Tor at gamitin! O kaya'y magpatakbo ng relay! ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add another admonishment to WritingTests.md
commit 5a164d50bbfd66ef51408794d03c8db8071ddabb Author: Nick MathewsonDate: Thu Feb 11 13:17:21 2016 -0500 Add another admonishment to WritingTests.md --- doc/HACKING/WritingTests.md | 42 ++ 1 file changed, 42 insertions(+) diff --git a/doc/HACKING/WritingTests.md b/doc/HACKING/WritingTests.md index 42fba2d..4e98d3d 100644 --- a/doc/HACKING/WritingTests.md +++ b/doc/HACKING/WritingTests.md @@ -206,6 +206,48 @@ For example, `crypto_curve25519.h` contains: The `crypto_curve25519.c` file and the `test_crypto.c` file both define `CRYPTO_CURVE25519_PRIVATE`, so they can see this declaration. +### STOP! Does this test really test? + +When writing tests, it's not enough to just generate coverage on all the +lines of the code that you're testing: It's important to make sure that +the test _really tests_ the code. + +For example, here is a _bad_ test for the unlink() function (which is +supposed to remove a file). + +static void +test_unlink_badly(void *arg) +{ + (void) arg; + int r; + + const char *fname = get_fname("tmpfile"); + + /* If the file isn't there, unlink returns -1 and sets ENOENT */ + r = unlink(fname); + tt_int_op(n, OP_EQ, -1); + tt_int_op(errno, OP_EQ, ENOENT); + + /* If the file DOES exist, unlink returns 0. */ + write_str_to_file(fname, "hello world", 0); + r = unlink(fnme); + tt_int_op(r, OP_EQ, 0); + +done: + tor_free(contents); +} + + +This test might get very high coverage on unlink(). So why is it a +bad test? Because it doesn't check that unlink() *actually removes the +named file*! + +Remember, the purpose of a test is to succeed if the code does what +it's supposed to do, and fail otherwise. Try to design your tests so +that they check for the code's intended and documented functionality +as much as possible. + + ### Mock functions for testing in isolation Often we want to test that a function works right, but the function to ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/mat-gui] Update translations for mat-gui
commit 8805899f2bcd9817b1456e6ecdcefb71d616b175 Author: Translation commit botDate: Thu Feb 11 10:45:32 2016 + Update translations for mat-gui --- en_GB.po | 8 es.po| 10 +- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/en_GB.po b/en_GB.po index 8207355..eeb591d 100644 --- a/en_GB.po +++ b/en_GB.po @@ -10,8 +10,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2016-02-10 23:06+0100\n" -"PO-Revision-Date: 2016-02-11 09:31+\n" -"Last-Translator: carolyn \n" +"PO-Revision-Date: 2016-02-11 10:21+\n" +"Last-Translator: Andi Chandler \n" "Language-Team: English (United Kingdom) (http://www.transifex.com/otf/torproject/language/en_GB/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -75,11 +75,11 @@ msgstr "Reduce the produced PDF size and quality" #: mat-gui:238 msgid "Remove unsupported file from archives" -msgstr "" +msgstr "Remove unsupported file from archives" #: mat-gui:241 msgid "Remove non-supported (and so non-anonymised) file from output archive" -msgstr "" +msgstr "Remove non-supported (and so non-anonymised) file from output archive" #: mat-gui:280 msgid "Unknown" diff --git a/es.po b/es.po index ff5ecef..8ab72ff 100644 --- a/es.po +++ b/es.po @@ -5,14 +5,14 @@ # Translators: # Edward Navarro, 2015 # Noel Torres , 2013 -# strel, 2013-2014 +# strel, 2013-2014,2016 msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2016-02-10 23:06+0100\n" -"PO-Revision-Date: 2016-02-11 09:31+\n" -"Last-Translator: carolyn \n" +"PO-Revision-Date: 2016-02-11 10:18+\n" +"Last-Translator: strel\n" "Language-Team: Spanish (http://www.transifex.com/otf/torproject/language/es/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -76,11 +76,11 @@ msgstr "Reduce el tamaño y calidad del PDF producido" #: mat-gui:238 msgid "Remove unsupported file from archives" -msgstr "" +msgstr "Eliminar fichero no soportado de los archivos" #: mat-gui:241 msgid "Remove non-supported (and so non-anonymised) file from output archive" -msgstr "" +msgstr "Eliminar fichero no soportado (y no anonimizado) del archivo de salida" #: mat-gui:280 msgid "Unknown" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Use fascist firewall and ClientUseIPv4 for bridge clients
commit 3b8216f2155f224bf66497c71de4cecb55cd83e6 Author: teor (Tim Wilson-Brown)Date: Mon Jan 4 00:35:22 2016 +1100 Use fascist firewall and ClientUseIPv4 for bridge clients Bridge clients ignore ClientUseIPv6, acting as if it is always 1. This preserves existing behaviour. Make ClientPreferIPv6OR/DirPort auto by default: * Bridge clients prefer IPv6 by default. * Other clients prefer IPv4 by default. This preserves existing behaviour. --- doc/tor.1.txt | 16 +-- src/or/config.c| 49 ++-- src/or/connection.c| 20 +-- src/or/directory.c | 12 +- src/or/nodelist.c | 156 +--- src/or/nodelist.h | 5 +- src/or/or.h| 10 +- src/or/policies.c | 296 +++-- src/or/policies.h | 17 +-- src/or/routerlist.c| 8 +- src/test/test_entrynodes.c | 45 ++- src/test/test_policy.c | 154 +-- 12 files changed, 403 insertions(+), 385 deletions(-) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 26abef1..f201a61 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1500,19 +1500,21 @@ The following options are useful only for clients (that is, if in a **Bridge**, proxy, or pluggable transport line will try connecting over IPv6 even if **ClientUseIPv6** is set to 0. (Default: 0) -[[ClientPreferIPv6DirPort]] **ClientPreferIPv6DirPort** **0**|**1**:: +[[ClientPreferIPv6DirPort]] **ClientPreferIPv6DirPort** **0**|**1**|**auto**:: If this option is set to 1, Tor prefers a directory port with an IPv6 address over one with IPv4, for direct connections, if a given directory server has both. (Tor also prefers an IPv6 DirPort if IPv4Client is set to -0.) Other things may influence the choice. This option breaks a tie to the -favor of IPv6. (Default: 0) +0.) If this option is set to auto, Tor bridge clients prefer IPv6, and +other clients prefer IPv4. Other things may influence the choice. This +option breaks a tie to the favor of IPv6. (Default: auto) -[[ClientPreferIPv6ORPort]] **ClientPreferIPv6ORPort** **0**|**1**:: +[[ClientPreferIPv6ORPort]] **ClientPreferIPv6ORPort** **0**|**1**|**auto**:: If this option is set to 1, Tor prefers an OR port with an IPv6 address over one with IPv4 if a given entry node has both. (Tor also -prefers an IPv6 ORPort if IPv4Client is set to 0.) Other things may -influence the choice. This option breaks a tie to the favor of IPv6. -(Default: 0) +prefers an IPv6 ORPort if IPv4Client is set to 0.) If this option is set +to auto, Tor bridge clients prefer IPv6, and other clients prefer IPv4. +Other things may influence the choice. This option breaks a tie to the +favor of IPv6. (Default: auto) [[PathsNeededToBuildCircuits]] **PathsNeededToBuildCircuits** __NUM__:: Tor clients don't build circuits for user traffic until they know diff --git a/src/or/config.c b/src/or/config.c index d676c6e..caa01d1 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -190,8 +190,8 @@ static config_var_t option_vars_[] = { V(CircuitPriorityHalflife, DOUBLE, "-100.0"), /*negative:'Use default'*/ V(ClientDNSRejectInternalAddresses, BOOL,"1"), V(ClientOnly, BOOL, "0"), - V(ClientPreferIPv6ORPort, BOOL, "0"), - V(ClientPreferIPv6DirPort, BOOL, "0"), + V(ClientPreferIPv6ORPort, AUTOBOOL, "auto"), + V(ClientPreferIPv6DirPort, AUTOBOOL, "auto"), V(ClientRejectInternalAddresses, BOOL, "1"), V(ClientTransportPlugin, LINELIST, NULL), V(ClientUseIPv6, BOOL, "0"), @@ -3073,9 +3073,8 @@ options_validate(or_options_t *old_options, or_options_t *options, } } - /* Terminate Reachable*Addresses with reject *, but check if it has an - * IPv6 entry on the way through */ - int reachable_knows_ipv6 = 0; + /* Terminate Reachable*Addresses with reject * + */ for (i=0; i<3; i++) { config_line_t **linep = (i==0) ? >ReachableAddresses : @@ -3085,20 +3084,6 @@ options_validate(or_options_t *old_options, or_options_t *options, continue; /* We need to end with a reject *:*, not an implicit accept *:* */ for (;;) { - /* Check if the policy has an IPv6 entry, or uses IPv4-specific - * policies (and therefore we assume it's aware of IPv6). */ - if (!strcmpstart((*linep)->value, "accept6") || - !strcmpstart((*linep)->value, "reject6") || - !strstr((*linep)->value, "*6") || - strchr((*linep)->value, '[') || - !strcmpstart((*linep)->value, "accept4") || - !strcmpstart((*linep)->value, "reject4") || - !strstr((*linep)->value, "*4")) -reachable_knows_ipv6 = 1; - /* already has a reject all */ - if (!strcmp((*linep)->value, "reject *:*") || -
[tor-commits] [tor/master] Optimise reachability checks when iterating through relay lists
commit 772577b547aa5e6b13b89f465acf656cd08f2917 Author: teor (Tim Wilson-Brown)Date: Thu Jan 21 13:30:57 2016 +1100 Optimise reachability checks when iterating through relay lists Skip address checks on servers. Skip allowed-only address checks on non-bridge clients with IPv4. --- src/or/policies.c | 4 src/or/routerlist.c | 55 + 2 files changed, 51 insertions(+), 8 deletions(-) diff --git a/src/or/policies.c b/src/or/policies.c index 506edec..0dc4f96 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -323,6 +323,8 @@ firewall_is_fascist_impl(void) /** Return true iff the firewall options, including ClientUseIPv4 0 and * ClientUseIPv6 0, might block any OR address:port combination. + * Address preferences may still change which address is selected even if + * this function returns false. */ int firewall_is_fascist_or(void) @@ -332,6 +334,8 @@ firewall_is_fascist_or(void) /** Return true iff the firewall options, including ClientUseIPv4 0 and * ClientUseIPv6 0, might block any Dir address:port combination. + * Address preferences may still change which address is selected even if + * this function returns false. */ int firewall_is_fascist_dir(void) diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 247818d..9b8885e 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -1623,6 +1623,30 @@ router_picked_poor_directory_log(const routerstatus_t *rs) } \ STMT_END +/* When iterating through the routerlist, can OR address/port preference + * and reachability checks be skipped? + */ +static int +router_skip_or_reachability(const or_options_t *options, int try_ip_pref) +{ + /* Servers always have and prefer IPv4. + * And if clients are checking against the firewall for reachability only, + * but there's no firewall, don't bother checking */ + return server_mode(options) || (!try_ip_pref && !firewall_is_fascist_or()); +} + +/* When iterating through the routerlist, can Dir address/port preference + * and reachability checks be skipped? + */ +static int +router_skip_dir_reachability(const or_options_t *options, int try_ip_pref) +{ + /* Servers always have and prefer IPv4. + * And if clients are checking against the firewall for reachability only, + * but there's no firewall, don't bother checking */ + return server_mode(options) || (!try_ip_pref && !firewall_is_fascist_dir()); +} + /** Pick a random running valid directory server/mirror from our * routerlist. Arguments are as for router_pick_directory_server(), except: * @@ -1661,6 +1685,9 @@ router_pick_directory_server_impl(dirinfo_type_t type, int flags, overloaded_direct = smartlist_new(); overloaded_tunnel = smartlist_new(); + const int skip_or = router_skip_or_reachability(options, try_ip_pref); + const int skip_dir = router_skip_dir_reachability(options, try_ip_pref); + /* Find all the running dirservers we know about. */ SMARTLIST_FOREACH_BEGIN(nodelist_get_list(), const node_t *, node) { int is_trusted, is_trusted_extrainfo; @@ -1704,18 +1731,20 @@ router_pick_directory_server_impl(dirinfo_type_t type, int flags, is_overloaded = status->last_dir_503_at + DIR_503_TIMEOUT > now; -/* We use an IPv6 address if we have one and we prefer it. +/* Clients use IPv6 addresses if the server has one and the client + * prefers IPv6. * Add the router if its preferred address and port are reachable. * If we don't get any routers, we'll try again with the non-preferred * address for each router (if any). (To ensure correct load-balancing * we try routers that only have one address both times.) */ -if (!fascistfirewall || +if (!fascistfirewall || skip_or || fascist_firewall_allows_rs(status, FIREWALL_OR_CONNECTION, try_ip_pref)) smartlist_add(is_trusted ? trusted_tunnel : is_overloaded ? overloaded_tunnel : tunnel, (void*)node); -else if (fascist_firewall_allows_rs(status, FIREWALL_DIR_CONNECTION, +else if (skip_dir || + fascist_firewall_allows_rs(status, FIREWALL_DIR_CONNECTION, try_ip_pref)) smartlist_add(is_trusted ? trusted_direct : is_overloaded ? overloaded_direct : direct, (void*)node); @@ -1820,6 +1849,9 @@ router_pick_trusteddirserver_impl(const smartlist_t *sourcelist, overloaded_direct = smartlist_new(); overloaded_tunnel = smartlist_new(); + const int skip_or = router_skip_or_reachability(options, try_ip_pref); + const int skip_dir = router_skip_dir_reachability(options, try_ip_pref); + SMARTLIST_FOREACH_BEGIN(sourcelist, const dir_server_t *, d) { int is_overloaded = @@ -1845,17 +1877,19 @@ router_pick_trusteddirserver_impl(const smartlist_t
[tor-commits] [tor/master] Automatically use IPv6 when ClientUseIPv4 is 0
commit 77a9de0d48e61e6762e65f6099c9a424544eb0ad Author: teor (Tim Wilson-Brown)Date: Fri Jan 22 15:10:18 2016 +1100 Automatically use IPv6 when ClientUseIPv4 is 0 Consequential changes to log messages: * it's no longer possible to disable both IPv4 and IPv6, * refactor common string out of remaining log messages --- src/or/config.c| 16 src/or/policies.c | 6 -- src/test/test_entrynodes.c | 11 +++ src/test/test_policy.c | 16 +--- 4 files changed, 28 insertions(+), 21 deletions(-) diff --git a/src/or/config.c b/src/or/config.c index caa01d1..b9d9fb2 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -3108,20 +3108,20 @@ options_validate(or_options_t *old_options, or_options_t *options, /* We check if Reachable*Addresses blocks all addresses in * parse_reachable_addresses(). */ - if (options->ClientUseIPv4 == 0 && !fascist_firewall_use_ipv6(options)) -REJECT("Tor cannot connect to the Internet if ClientUseIPv4 is 0 and " - "ClientUseIPv6 is 0. Please set at least one of these options " - "to 1, or configure bridges."); + +#define WARN_PLEASE_USE_IPV6_LOG_MSG \ +"ClientPreferIPv6%sPort 1 is ignored unless tor is using IPv6. " \ +"Please set ClientUseIPv6 1, ClientUseIPv4 0, or configure bridges." if (!fascist_firewall_use_ipv6(options) && options->ClientPreferIPv6ORPort == 1) -log_warn(LD_CONFIG, "ClientPreferIPv6ORPort 1 is ignored unless " - "ClientUseIPv6 is also 1, or bridges are configured."); +log_warn(LD_CONFIG, WARN_PLEASE_USE_IPV6_LOG_MSG, "OR"); if (!fascist_firewall_use_ipv6(options) && options->ClientPreferIPv6DirPort == 1) -log_warn(LD_CONFIG, "ClientPreferIPv6DirPort 1 is ignored unless " - "ClientUseIPv6 is also 1, or bridges are configured."); +log_warn(LD_CONFIG, WARN_PLEASE_USE_IPV6_LOG_MSG, "Dir"); + +#undef WARN_PLEASE_USE_IPV6_LOG_MSG if (options->UseBridges && server_mode(options)) diff --git a/src/or/policies.c b/src/or/policies.c index 0dc4f96..734558d 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -420,11 +420,13 @@ fascist_firewall_allows_address(const tor_addr_t *addr, } /** Is this client configured to use IPv6? - * Clients use IPv6 if ClientUseIPv6 is 1, or UseBridges is 1. */ int fascist_firewall_use_ipv6(const or_options_t *options) { - return (options->ClientUseIPv6 == 1 || options->UseBridges == 1); + /* Clients use IPv6 if it's set, or they use bridges, or they don't use + * IPv4 */ + return (options->ClientUseIPv6 == 1 || options->UseBridges == 1 + || options->ClientUseIPv4 == 0); } /** Do we prefer to connect to IPv6, ignoring ClientPreferIPv6ORPort and diff --git a/src/test/test_entrynodes.c b/src/test/test_entrynodes.c index a0208b9..14baa8c 100644 --- a/src/test/test_entrynodes.c +++ b/src/test/test_entrynodes.c @@ -215,20 +215,23 @@ test_choose_random_entry_one_possible_guard(void *arg) * time, so we can't be sure we get the guard */ tt_assert(chosen_entry); - /* Check that we get the guard if it passes preferred address settings when - * they're auto */ + /* Check that we get a node if it is allowed but not preferred when settings + * are auto */ memset(_options, 0, sizeof(mocked_options)); mocked_options.ClientUseIPv4 = 1; mocked_options.ClientPreferIPv6ORPort = -1; chosen_entry = choose_random_entry(NULL); - tt_ptr_op(chosen_entry, OP_EQ, the_guard); + + /* We disable the guard check and the preferred address check at the same + * time, so we can't be sure we get the guard */ + tt_assert(chosen_entry); /* and with IPv6 active */ mocked_options.ClientUseIPv6 = 1; chosen_entry = choose_random_entry(NULL); - tt_ptr_op(chosen_entry, OP_EQ, the_guard); + tt_assert(chosen_entry); done: memset(_options, 0, sizeof(mocked_options)); diff --git a/src/test/test_policy.c b/src/test/test_policy.c index 1daa38e..2e87f13 100644 --- a/src/test/test_policy.c +++ b/src/test/test_policy.c @@ -1310,7 +1310,8 @@ test_policies_fascist_firewall_allows_address(void *arg) tt_assert(fascist_firewall_allows_address(_ipv6_addr, port, policy, 0, 0) == 0); - /* Test the function's address matching with everything off */ + /* Test the function's address matching with ClientUseIPv4 0. + * This means "use IPv6" regardless of the other settings. */ memset(_options, 0, sizeof(or_options_t)); mock_options.ClientUseIPv4 = 0; mock_options.ClientUseIPv6 = 0; @@ -1319,7 +1320,7 @@ test_policies_fascist_firewall_allows_address(void *arg) tt_assert(fascist_firewall_allows_address(_addr, port, policy, 0, 0) == 0); tt_assert(fascist_firewall_allows_address(_addr, port, policy, 0, 0) -== 0); +== 1); tt_assert(fascist_firewall_allows_address(_ipv4_addr, port, policy, 0, 0) == 0);
[tor-commits] [tor/master] Make bridge clients prefer the configured bridge address
commit c213f277cde00b258b159446f8d975026194c034 Author: teor (Tim Wilson-Brown)Date: Wed Feb 3 23:52:39 2016 +1100 Make bridge clients prefer the configured bridge address When ClientPreferIPv6ORPort is auto, bridges prefer the configured bridge ORPort address. Otherwise, they use the value of the option. Other clients prefer IPv4 ORPorts if ClientPreferIPv6ORPort is auto. When ClientPreferIPv6DirPort is auto, all clients prefer IPv4 DirPorts. --- doc/tor.1.txt | 12 ++-- src/or/entrynodes.c| 22 -- src/or/nodelist.c | 24 +++- src/or/policies.c | 18 +++--- src/test/test_entrynodes.c | 10 ++ src/test/test_policy.c | 25 +++-- 6 files changed, 61 insertions(+), 50 deletions(-) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 87d976b..4c9c53d 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1504,17 +1504,17 @@ The following options are useful only for clients (that is, if If this option is set to 1, Tor prefers a directory port with an IPv6 address over one with IPv4, for direct connections, if a given directory server has both. (Tor also prefers an IPv6 DirPort if IPv4Client is set to -0.) If this option is set to auto, Tor bridge clients prefer IPv6, and -other clients prefer IPv4. Other things may influence the choice. This -option breaks a tie to the favor of IPv6. (Default: auto) +0.) If this option is set to auto, clients prefer IPv4. Other things may +influence the choice. This option breaks a tie to the favor of IPv6. +(Default: auto) [[ClientPreferIPv6ORPort]] **ClientPreferIPv6ORPort** **0**|**1**|**auto**:: If this option is set to 1, Tor prefers an OR port with an IPv6 address over one with IPv4 if a given entry node has both. (Tor also prefers an IPv6 ORPort if IPv4Client is set to 0.) If this option is set -to auto, Tor bridge clients prefer IPv6, and other clients prefer IPv4. -Other things may influence the choice. This option breaks a tie to the -favor of IPv6. (Default: auto) +to auto, Tor bridge clients prefer the configured bridge address, and +other clients prefer IPv4. Other things may influence the choice. This +option breaks a tie to the favor of IPv6. (Default: auto) [[PathsNeededToBuildCircuits]] **PathsNeededToBuildCircuits** __NUM__:: Tor clients don't build circuits for user traffic until they know diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index d6bef65..a4b9350 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -2240,6 +2240,7 @@ rewrite_node_address_for_bridge(const bridge_info_t *bridge, node_t *node) * does so through an address from any source other than node_get_addr(). */ tor_addr_t addr; + const or_options_t *options = get_options(); if (node->ri) { routerinfo_t *ri = node->ri; @@ -2272,9 +2273,15 @@ rewrite_node_address_for_bridge(const bridge_info_t *bridge, node_t *node) } } -/* Mark which address to use based on which bridge_t we got. */ -node->ipv6_preferred = (tor_addr_family(>addr) == AF_INET6 && -!tor_addr_is_null(>ri->ipv6_addr)); +if (options->ClientPreferIPv6ORPort == -1) { + /* Mark which address to use based on which bridge_t we got. */ + node->ipv6_preferred = (tor_addr_family(>addr) == AF_INET6 && + !tor_addr_is_null(>ri->ipv6_addr)); +} else { + /* Mark which address to use based on user preference */ + node->ipv6_preferred = (fascist_firewall_prefer_ipv6_orport(options) && + !tor_addr_is_null(>ri->ipv6_addr)); +} /* XXXipv6 we lack support for falling back to another address for the same relay, warn the user */ @@ -2283,10 +2290,13 @@ rewrite_node_address_for_bridge(const bridge_info_t *bridge, node_t *node) node_get_pref_orport(node, ); log_notice(LD_CONFIG, "Bridge '%s' has both an IPv4 and an IPv6 address. " - "Will prefer using its %s address (%s).", + "Will prefer using its %s address (%s) based on %s.", ri->nickname, - tor_addr_family() == AF_INET6 ? "IPv6" : "IPv4", - fmt_addrport(, ap.port)); + node->ipv6_preferred ? "IPv6" : "IPv4", + fmt_addrport(, ap.port), + options->ClientPreferIPv6ORPort == -1 ? + "the configured Bridge address" : + "ClientPreferIPv6ORPort"); } } if (node->rs) { diff --git a/src/or/nodelist.c b/src/or/nodelist.c index d7cada9..23e9b0e 100644 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@ -981,10 +981,6 @@ node_has_ipv6_dirport(const node_t *node) * i) the node_t says that it prefers IPv6 * or * ii) the router has no IPv4 OR
[tor-commits] [tor/master] Choose OR Entry Guards using IPv4/IPv6 preferences
commit 268608c0a0605e596d1a884ee35d432c88bac38b Author: teor (Tim Wilson-Brown)Date: Fri Dec 18 11:28:54 2015 +1100 Choose OR Entry Guards using IPv4/IPv6 preferences Update unit tests. --- src/or/circuitbuild.c | 15 +++- src/or/or.h| 4 +- src/or/routerlist.c| 18 +++-- src/or/routerlist.h| 3 +- src/test/test_entrynodes.c | 93 +- 5 files changed, 108 insertions(+), 25 deletions(-) diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index d44fcd7..dcb9de3 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -1778,7 +1778,7 @@ pick_tor2web_rendezvous_node(router_crn_flags_t flags, router_add_running_nodes_to_smartlist(all_live_nodes, allow_invalid, 0, 0, 0, -need_desc); +need_desc, 0); /* Filter all_live_nodes to only add live *and* whitelisted RPs to * the list whitelisted_live_rps. */ @@ -2144,7 +2144,9 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state) const node_t *choice; smartlist_t *excluded; const or_options_t *options = get_options(); - router_crn_flags_t flags = CRN_NEED_GUARD|CRN_NEED_DESC; + /* If possible, choose an entry server with a preferred address, + * otherwise, choose one with an allowed address */ + router_crn_flags_t flags = CRN_NEED_GUARD|CRN_NEED_DESC|CRN_PREF_ADDR; const node_t *node; if (state && options->UseEntryGuards && @@ -2161,12 +2163,6 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state) * family. */ nodelist_add_node_and_family(excluded, node); } - /* Exclude all ORs that we can't reach through our firewall */ - smartlist_t *nodes = nodelist_get_list(); - SMARTLIST_FOREACH(nodes, const node_t *, node, { -if (!fascist_firewall_allows_node(node, FIREWALL_OR_CONNECTION, 0)) - smartlist_add(excluded, (void*)node); - }); /* and exclude current entry guards and their families, * unless we're in a test network, and excluding guards * would exclude all nodes (i.e. we're in an incredibly small tor network, @@ -2332,8 +2328,9 @@ extend_info_from_node(const node_t *node, int for_direct_connect) if (node->ri == NULL && (node->rs == NULL || node->md == NULL)) return NULL; + /* Choose a preferred address first, but fall back to an allowed address*/ if (for_direct_connect) -node_get_pref_orport(node, ); +fascist_firewall_choose_address_node(node, FIREWALL_OR_CONNECTION, 0, ); else node_get_prim_orport(node, ); diff --git a/src/or/or.h b/src/or/or.h index b1765d1..412789c 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -5221,7 +5221,9 @@ typedef enum { CRN_ALLOW_INVALID = 1<<3, /* not used, apparently. */ CRN_WEIGHT_AS_EXIT = 1<<5, - CRN_NEED_DESC = 1<<6 + CRN_NEED_DESC = 1<<6, + /* On clients, only provide nodes that satisfy ClientPreferIPv6OR */ + CRN_PREF_ADDR = 1<<7 } router_crn_flags_t; /** Return value for router_add_to_routerlist() and dirserv_add_descriptor() */ diff --git a/src/or/routerlist.c b/src/or/routerlist.c index c45854c..804ff29 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -1826,7 +1826,8 @@ routerlist_add_node_and_family(smartlist_t *sl, const routerinfo_t *router) void router_add_running_nodes_to_smartlist(smartlist_t *sl, int allow_invalid, int need_uptime, int need_capacity, - int need_guard, int need_desc) + int need_guard, int need_desc, + int pref_addr) { /* MOVE */ SMARTLIST_FOREACH_BEGIN(nodelist_get_list(), const node_t *, node) { if (!node->is_running || @@ -1838,6 +1839,9 @@ router_add_running_nodes_to_smartlist(smartlist_t *sl, int allow_invalid, continue; if (node_is_unreliable(node, need_uptime, need_capacity, need_guard)) continue; +/* Choose a node with a preferred OR address */ +if (!fascist_firewall_allows_node(node, FIREWALL_OR_CONNECTION, pref_addr)) + continue; smartlist_add(sl, (void *)node); } SMARTLIST_FOREACH_END(node); @@ -2299,6 +2303,10 @@ node_sl_choose_by_bandwidth(const smartlist_t *sl, * If CRN_NEED_DESC is set in flags, we only consider nodes that * have a routerinfo or microdescriptor -- that is, enough info to be * used to build a circuit. + * If CRN_PREF_ADDR is set in flags, we only consider nodes that + * have an address that is preferred by the ClientPreferIPv6ORPort setting + * (regardless of this flag, we exclude nodes that aren't allowed by the + * firewall, including ClientUseIPv4 0 and ClientUseIPv6 0). */ const node_t * router_choose_random_node(smartlist_t *excludedsmartlist, @@ -2311,6 +2319,7 @@
[tor-commits] [tor/master] Minor whitespace-only fix
commit 3a00215c35b01909a2db24132ab800298d61b647 Author: teor (Tim Wilson-Brown)Date: Thu Jan 21 12:57:28 2016 +1100 Minor whitespace-only fix --- src/or/connection.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/or/connection.c b/src/or/connection.c index 0420f26..63bfb2e 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -1732,8 +1732,7 @@ connection_connect_log_client_use_ip_version(const connection_t *conn) /* Only clients care about ClientUseIPv4/6, bail out early on servers, and * on connections we don't care about */ - if (server_mode(options) || !conn - || conn->type == CONN_TYPE_EXIT) { + if (server_mode(options) || !conn || conn->type == CONN_TYPE_EXIT) { return; } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Tor2Web: tell extend_info_from_node intro point connections are direct
commit 73fc67bc8906819a42ed44abe33179512f90a883 Author: teor (Tim Wilson-Brown)Date: Fri Jan 22 18:05:28 2016 +1100 Tor2Web: tell extend_info_from_node intro point connections are direct --- src/or/rendclient.c | 12 ++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/src/or/rendclient.c b/src/or/rendclient.c index d9cea53..dc05d6f 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -1366,11 +1366,19 @@ rend_client_get_random_intro_impl(const rend_cache_entry_t *entry, smartlist_del(usable_nodes, i); goto again; } +#ifdef ENABLE_TOR2WEB_MODE +new_extend_info = extend_info_from_node(node, options->Tor2webMode); +#else new_extend_info = extend_info_from_node(node, 0); +#endif if (!new_extend_info) { + const char *alternate_reason = ""; +#ifdef ENABLE_TOR2WEB_MODE + alternate_reason = ", or we cannot connect directly to it"; +#endif log_info(LD_REND, "We don't have a descriptor for the intro-point relay " - "'%s'; trying another.", - extend_info_describe(intro->extend_info)); + "'%s'%s; trying another.", + extend_info_describe(intro->extend_info), alternate_reason); smartlist_del(usable_nodes, i); goto again; } else { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Consistently format addresses in node_get_address_string
commit 4db5a35e669a03db33d04632349ec95022de53cf Author: teor (Tim Wilson-Brown)Date: Wed Jan 20 13:17:08 2016 +1100 Consistently format addresses in node_get_address_string Also, don't write to a buffer with length zero. --- src/or/nodelist.c | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/or/nodelist.c b/src/or/nodelist.c index c8f93bf..28d8741 100644 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@ -863,13 +863,13 @@ node_get_prim_addr_ipv4h(const node_t *node) void node_get_address_string(const node_t *node, char *buf, size_t len) { - if (node->ri) { -strlcpy(buf, fmt_addr32(node->ri->addr), len); - } else if (node->rs) { + uint32_t ipv4_addr = node_get_prim_addr_ipv4h(node); + + if (tor_addr_is_valid_ipv4h(ipv4_addr, 0)) { tor_addr_t addr; -tor_addr_from_ipv4h(, node->rs->addr); +tor_addr_from_ipv4h(, ipv4_addr); tor_addr_to_str(buf, , len, 0); - } else { + } else if (len > 0) { buf[0] = '\0'; } } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'teor/feature17840-v11-merged-v2'
commit ba2be81fc36ba6140247873799b747605fb07bd4 Merge: cae59b9 c213f27 Author: Nick MathewsonDate: Thu Feb 11 12:20:20 2016 -0500 Merge remote-tracking branch 'teor/feature17840-v11-merged-v2' changes/feature17840 | 9 + doc/tor.1.txt | 37 ++- src/common/address.c | 53 src/common/address.h | 21 ++ src/or/circuitbuild.c | 48 ++-- src/or/circuituse.c| 7 +- src/or/config.c| 30 +- src/or/connection.c| 74 - src/or/connection.h| 6 +- src/or/control.c | 18 +- src/or/directory.c | 251 src/or/directory.h | 4 +- src/or/entrynodes.c| 48 +++- src/or/nodelist.c | 307 +++- src/or/nodelist.h | 12 +- src/or/or.h| 29 +- src/or/policies.c | 695 +++-- src/or/policies.h | 54 +++- src/or/rendclient.c| 12 +- src/or/router.c| 31 +- src/or/routerlist.c| 332 +- src/or/routerlist.h| 5 +- src/test/test_entrynodes.c | 226 ++- src/test/test_policy.c | 536 ++ src/test/test_routerlist.c | 73 + 25 files changed, 2595 insertions(+), 323 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'feature17840-v11-squashed' into feature17840-v11-merged
commit c4cb4706c9bb1087584c9813b0ca97c261e6fd77 Merge: 42dea56 73fc67b Author: teor (Tim Wilson-Brown)Date: Fri Jan 29 07:37:06 2016 +1100 Merge branch 'feature17840-v11-squashed' into feature17840-v11-merged Conflicts: src/or/directory.c src/test/test_routerlist.c Fix minor conflicts. changes/feature17840 | 9 + doc/tor.1.txt | 39 ++- src/common/address.c | 53 src/common/address.h | 21 ++ src/or/circuitbuild.c | 48 ++-- src/or/circuituse.c| 7 +- src/or/config.c| 30 +- src/or/connection.c| 74 - src/or/connection.h| 6 +- src/or/control.c | 18 +- src/or/directory.c | 251 src/or/directory.h | 4 +- src/or/entrynodes.c| 26 +- src/or/nodelist.c | 309 +++- src/or/nodelist.h | 12 +- src/or/or.h| 29 +- src/or/policies.c | 699 +++-- src/or/policies.h | 54 +++- src/or/rendclient.c| 12 +- src/or/router.c| 31 +- src/or/routerlist.c| 332 - src/or/routerlist.h| 5 +- src/test/test_entrynodes.c | 218 +- src/test/test_policy.c | 531 ++ src/test/test_routerlist.c | 73 + 25 files changed, 2576 insertions(+), 315 deletions(-) diff --cc src/test/test_routerlist.c index 090a607,7ec6525..193e3fa --- a/src/test/test_routerlist.c +++ b/src/test/test_routerlist.c @@@ -1,35 -1,12 +1,36 @@@ /* Copyright (c) 2014, The Tor Project, Inc. */ /* See LICENSE for licensing information */ +#include "orconfig.h" +#include +#include + +#define DIRVOTE_PRIVATE +#define NETWORKSTATUS_PRIVATE #define ROUTERLIST_PRIVATE +#define TOR_UNIT_TESTING #include "or.h" -#include "routerlist.h" -#include "directory.h" +#include "config.h" + #include "connection.h" +#include "container.h" +#include "directory.h" +#include "dirvote.h" +#include "networkstatus.h" +#include "nodelist.h" +#include "policies.h" +#include "routerlist.h" +#include "routerparse.h" #include "test.h" +#include "test_dir_common.h" + +extern const char AUTHORITY_CERT_1[]; +extern const char AUTHORITY_SIGNKEY_1[]; +extern const char AUTHORITY_CERT_2[]; +extern const char AUTHORITY_SIGNKEY_2[]; +extern const char AUTHORITY_CERT_3[]; +extern const char AUTHORITY_SIGNKEY_3[]; + +void construct_consensus(const char **consensus_text_md); /* 4 digests + 3 sep + pre + post + NULL */ static char output[4*BASE64_DIGEST256_LEN+3+2+2+1]; @@@ -118,268 -95,84 +119,340 @@@ test_routerlist_launch_descriptor_downl smartlist_free(downloadable); } +void +construct_consensus(const char **consensus_text_md) +{ + networkstatus_t *vote = NULL; + networkstatus_t *v1 = NULL, *v2 = NULL, *v3 = NULL; + networkstatus_voter_info_t *voter = NULL; + authority_cert_t *cert1=NULL, *cert2=NULL, *cert3=NULL; + crypto_pk_t *sign_skey_1=NULL, *sign_skey_2=NULL, *sign_skey_3=NULL; + crypto_pk_t *sign_skey_leg=NULL; + time_t now = time(NULL); + smartlist_t *votes = NULL; + addr_policy_t *pol1 = NULL, *pol2 = NULL, *pol3 = NULL; + int n_vrs; + + tt_assert(!dir_common_authority_pk_init(, , , + _skey_1, _skey_2, + _skey_3)); + sign_skey_leg = pk_generate(4); + + dir_common_construct_vote_1(, cert1, sign_skey_1, + _common_gen_routerstatus_for_v3ns, + , _vrs, now, 1); + + tt_assert(v1); + tt_int_op(n_vrs, ==, 4); + tt_int_op(smartlist_len(v1->routerstatus_list), ==, 4); + + dir_common_construct_vote_2(, cert2, sign_skey_2, + _common_gen_routerstatus_for_v3ns, + , _vrs, now, 1); + + tt_assert(v2); + tt_int_op(n_vrs, ==, 4); + tt_int_op(smartlist_len(v2->routerstatus_list), ==, 4); + + dir_common_construct_vote_3(, cert3, sign_skey_3, + _common_gen_routerstatus_for_v3ns, + , _vrs, now, 1); + + tt_assert(v3); + tt_int_op(n_vrs, ==, 4); + tt_int_op(smartlist_len(v3->routerstatus_list), ==, 4); + + votes = smartlist_new(); + smartlist_add(votes, v1); + smartlist_add(votes, v2); + smartlist_add(votes, v3); + + *consensus_text_md = networkstatus_compute_consensus(votes, 3, + cert1->identity_key, + sign_skey_1, + "", + sign_skey_leg, + FLAV_MICRODESC); + + tt_assert(*consensus_text_md); + + done: + if (vote) +
[tor-commits] [tor/master] Make entry_guard_set_status consistent with entry_is_live
commit 4528f893163ad7ab27915451caf23b3a722413ce Author: teor (Tim Wilson-Brown)Date: Sun Jan 3 23:16:06 2016 +1100 Make entry_guard_set_status consistent with entry_is_live Check fascist_firewall_allows_node in entry_guard_set_status and return the same message as entry_is_live. --- src/or/entrynodes.c | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index 583b7ef..1ce44d1 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -87,7 +87,7 @@ get_entry_guards(void) /** Check whether the entry guard e is usable, given the directory * authorities' opinion about the router (stored in ri) and the user's - * configuration (in options). Set e-bad_since + * configuration (in options). Set e->bad_since * accordingly. Return true iff the entry guard's status changes. * * If it's not usable, set *reason to a static string explaining why. @@ -117,6 +117,9 @@ entry_guard_set_status(entry_guard_t *e, const node_t *node, *reason = "not recommended as a guard"; else if (routerset_contains_node(options->ExcludeNodes, node)) *reason = "excluded"; + /* We only care about OR connection connectivity for entry guards. */ + else if (!fascist_firewall_allows_node(node, FIREWALL_OR_CONNECTION, 0)) +*reason = "unreachable by config"; else if (e->path_bias_disabled) *reason = "path-biased"; ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Choose directory servers by IPv4/IPv6 preferences
commit e72cbf7a4e346f0d379961520db8bea7e9249f88 Author: teor (Tim Wilson-Brown)Date: Fri Dec 18 11:29:47 2015 +1100 Choose directory servers by IPv4/IPv6 preferences Add unit tests, refactor pick_directory functions. --- src/or/connection.c| 6 +- src/or/connection.h| 6 +- src/or/directory.c | 180 +++- src/or/routerlist.c| 224 +++-- src/or/routerlist.h| 2 + src/test/test_routerlist.c | 73 +++ 6 files changed, 375 insertions(+), 116 deletions(-) diff --git a/src/or/connection.c b/src/or/connection.c index 9765a8e..d59e07b 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -4252,10 +4252,10 @@ connection_write_to_buf_impl_,(const char *string, size_t len, /** Return a connection with given type, address, port, and purpose; * or NULL if no such connection exists (or if all such connections are marked * for close). */ -connection_t * -connection_get_by_type_addr_port_purpose(int type, +MOCK_IMPL(connection_t *, +connection_get_by_type_addr_port_purpose,(int type, const tor_addr_t *addr, uint16_t port, - int purpose) + int purpose)) { CONN_GET_TEMPLATE(conn, (conn->type == type && diff --git a/src/or/connection.h b/src/or/connection.h index 59ea6d8..ec5c394 100644 --- a/src/or/connection.h +++ b/src/or/connection.h @@ -186,9 +186,9 @@ connection_get_outbuf_len(connection_t *conn) connection_t *connection_get_by_global_id(uint64_t id); connection_t *connection_get_by_type(int type); -connection_t *connection_get_by_type_addr_port_purpose(int type, - const tor_addr_t *addr, - uint16_t port, int purpose); +MOCK_DECL(connection_t *,connection_get_by_type_addr_port_purpose,(int type, + const tor_addr_t *addr, + uint16_t port, int purpose)); connection_t *connection_get_by_type_state(int type, int state); connection_t *connection_get_by_type_state_rendquery(int type, int state, const char *rendquery); diff --git a/src/or/directory.c b/src/or/directory.c index d5531d8..438b5d8 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -82,18 +82,18 @@ static void dir_microdesc_download_failed(smartlist_t *failed, static void note_client_request(int purpose, int compressed, size_t bytes); static int client_likes_consensus(networkstatus_t *v, const char *want_url); -static void directory_initiate_command_rend(const tor_addr_t *addr, -uint16_t or_port, -uint16_t dir_port, -const char *digest, -uint8_t dir_purpose, -uint8_t router_purpose, -dir_indirection_t indirection, -const char *resource, -const char *payload, -size_t payload_len, -time_t if_modified_since, -const rend_data_t *rend_query); +static void directory_initiate_command_rend( + const tor_addr_port_t *or_addr_port, + const tor_addr_port_t *dir_addr_port, + const char *digest, + uint8_t dir_purpose, + uint8_t router_purpose, + dir_indirection_t indirection, + const char *resource, + const char *payload, + size_t payload_len, + time_t if_modified_since, + const rend_data_t *rend_query); /* START VARIABLES **/ @@ -624,8 +624,10 @@ directory_initiate_command_routerstatus_rend(const routerstatus_t *status, { const or_options_t *options = get_options(); const node_t *node; - tor_addr_t addr; + tor_addr_port_t use_or_ap, use_dir_ap; const int anonymized_connection = dirind_is_anon(indirection); + int have_or = 0, have_dir = 0; + node = node_get_by_id(status->identity_digest); if (!node && anonymized_connection) { @@ -634,7 +636,6 @@ directory_initiate_command_routerstatus_rend(const routerstatus_t *status,
[tor-commits] [tor/master] Fix *_get_all_orports to use ipv6_orport
commit 4460feaf2850ef0fb027a2d01786a5bbaee056dc Author: teor (Tim Wilson-Brown)Date: Tue Dec 22 10:42:09 2015 +1100 Fix *_get_all_orports to use ipv6_orport node_get_all_orports and router_get_all_orports incorrectly used or_port with IPv6 addresses. They now use ipv6_orport. Also refactor and remove duplicated code. --- src/common/address.c | 53 src/common/address.h | 21 +++ src/or/nodelist.c| 76 src/or/router.c | 26 +- 4 files changed, 140 insertions(+), 36 deletions(-) diff --git a/src/common/address.c b/src/common/address.c index 69a8098..19e9fdd 100644 --- a/src/common/address.c +++ b/src/common/address.c @@ -908,6 +908,59 @@ tor_addr_is_loopback(const tor_addr_t *addr) } } +/* Is addr valid? + * Checks that addr is non-NULL and not tor_addr_is_null(). + * If for_listening is true, IPv4 addr 0.0.0.0 is allowed. + * It means "bind to all addresses on the local machine". */ +int +tor_addr_is_valid(const tor_addr_t *addr, int for_listening) +{ + /* NULL addresses are invalid regardless of for_listening */ + if (addr == NULL) { +return 0; + } + + /* Only allow IPv4 0.0.0.0 for_listening. */ + if (for_listening && addr->family == AF_INET + && tor_addr_to_ipv4h(addr) == 0) { +return 1; + } + + /* Otherwise, the address is valid if it's not tor_addr_is_null() */ + return !tor_addr_is_null(addr); +} + +/* Is the network-order IPv4 address v4n_addr valid? + * Checks that addr is not zero. + * Except if for_listening is true, where IPv4 addr 0.0.0.0 is allowed. */ +int +tor_addr_is_valid_ipv4n(uint32_t v4n_addr, int for_listening) +{ + /* Any IPv4 address is valid with for_listening. */ + if (for_listening) { +return 1; + } + + /* Otherwise, zero addresses are invalid. */ + return v4n_addr != 0; +} + +/* Is port valid? + * Checks that port is not 0. + * Except if for_listening is true, where port 0 is allowed. + * It means "OS chooses a port". */ +int +tor_port_is_valid(uint16_t port, int for_listening) +{ + /* Any port value is valid with for_listening. */ + if (for_listening) { +return 1; + } + + /* Otherwise, zero ports are invalid. */ + return port != 0; +} + /** Set dest to equal the IPv4 address in v4addr (given in * network order). */ void diff --git a/src/common/address.h b/src/common/address.h index 684ba65..918b024 100644 --- a/src/common/address.h +++ b/src/common/address.h @@ -267,6 +267,27 @@ void tor_addr_from_in6(tor_addr_t *dest, const struct in6_addr *in6); int tor_addr_is_null(const tor_addr_t *addr); int tor_addr_is_loopback(const tor_addr_t *addr); +int tor_addr_is_valid(const tor_addr_t *addr, int for_listening); +int tor_addr_is_valid_ipv4n(uint32_t v4n_addr, int for_listening); +#define tor_addr_is_valid_ipv4h(v4h_addr, for_listening) \ +tor_addr_is_valid_ipv4n(htonl(v4h_addr), (for_listening)) +int tor_port_is_valid(uint16_t port, int for_listening); +/* Are addr and port both valid? */ +#define tor_addr_port_is_valid(addr, port, for_listening) \ +(tor_addr_is_valid((addr), (for_listening)) &&\ + tor_port_is_valid((port), (for_listening))) +/* Are ap->addr and ap->port both valid? */ +#define tor_addr_port_is_valid_ap(ap, for_listening) \ +tor_addr_port_is_valid(&(ap)->addr, (ap)->port, (for_listening)) +/* Are the network-order v4addr and port both valid? */ +#define tor_addr_port_is_valid_ipv4n(v4n_addr, port, for_listening) \ +(tor_addr_is_valid_ipv4n((v4n_addr), (for_listening)) &&\ + tor_port_is_valid((port), (for_listening))) +/* Are the host-order v4addr and port both valid? */ +#define tor_addr_port_is_valid_ipv4h(v4h_addr, port, for_listening) \ +(tor_addr_is_valid_ipv4h((v4h_addr), (for_listening)) &&\ + tor_port_is_valid((port), (for_listening))) + int tor_addr_port_split(int severity, const char *addrport, char **address_out, uint16_t *port_out); diff --git a/src/or/nodelist.c b/src/or/nodelist.c index fc27207..a1d99e9 100644 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@ -754,6 +754,40 @@ node_exit_policy_is_exact(const node_t *node, sa_family_t family) return 1; } +/* Check if the "addr" and port_field fields from r are a valid non-listening + * address/port. If so, set valid to true and add a newly allocated + * tor_addr_port_t containing "addr" and port_field to sl. + * "addr" is an IPv4 host-order address and port_field is a uint16_t. + * r is typically a routerinfo_t or routerstatus_t. + */ +#define SL_ADD_NEW_IPV4_AP(r, port_field, sl, valid) \ + STMT_BEGIN \ +if (tor_addr_port_is_valid_ipv4h((r)->addr, (r)->port_field, 0)) { \ + valid = 1; \ + tor_addr_port_t *ap = tor_malloc(sizeof(tor_addr_port_t)); \ + tor_addr_from_ipv4h(>addr, (r)->addr); \ + ap->port = (r)->port_field; \ +
[tor-commits] [tor/master] Log when IPv4/IPv6 restrictions or preferences weren't met
commit c3cc8e16e9655ffcaead811675c360b6764f2992 Author: teor (Tim Wilson-Brown)Date: Tue Dec 22 11:31:54 2015 +1100 Log when IPv4/IPv6 restrictions or preferences weren't met --- src/or/connection.c | 65 + src/or/directory.c | 12 +++--- src/or/routerlist.c | 49 3 files changed, 123 insertions(+), 3 deletions(-) diff --git a/src/or/connection.c b/src/or/connection.c index d59e07b..f252d2f 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -19,6 +19,7 @@ */ #define TOR_CHANNEL_INTERNAL_ #define CONNECTION_PRIVATE +#include "backtrace.h" #include "channel.h" #include "channeltls.h" #include "circuitbuild.h" @@ -1721,6 +1722,66 @@ connection_connect_sockaddr,(connection_t *conn, return inprogress ? 0 : 1; } +/* Log a message if connection violates ClientUseIPv4 0 or ClientUseIPv6 0. + * Log a less severe message if we couldn't conform to ClientPreferIPv6ORPort + * or ClientPreferIPv6ORPort. */ +static void +connection_connect_log_client_use_ip_version(const connection_t *conn) +{ + const or_options_t *options = get_options(); + + /* Only non-bridge clients care about ClientUseIPv4/6, bail out early on + * servers and bridge clients */ + if (options->UseBridges || server_mode(options) || !conn + || conn->type == CONN_TYPE_EXIT) { +return; + } + + /* We're only prepared to log OR and DIR connections here */ + if (conn->type != CONN_TYPE_OR && conn->type != CONN_TYPE_DIR) { +return; + } + + const int must_ipv4 = (options->ClientUseIPv6 == 0); + const int must_ipv6 = (options->ClientUseIPv4 == 0); + const int pref_ipv6 = (conn->type == CONN_TYPE_OR + ? nodelist_prefer_ipv6_orport(options) + : nodelist_prefer_ipv6_dirport(options)); + tor_addr_t real_addr; + tor_addr_make_null(_addr, AF_UNSPEC); + + /* OR conns keep the original address in real_addr, as addr gets overwritten + * with the descriptor address */ + if (conn->type == CONN_TYPE_OR) { +const or_connection_t *or_conn = TO_OR_CONN((connection_t *)conn); +tor_addr_copy(_addr, _conn->real_addr); + } else if (conn->type == CONN_TYPE_DIR) { +tor_addr_copy(_addr, >addr); + } + + /* Check if we broke a mandatory address family restriction */ + if ((must_ipv4 && tor_addr_family(_addr) == AF_INET6) + || (must_ipv6 && tor_addr_family(_addr) == AF_INET)) { +log_warn(LD_BUG, "%s connection to %s violated ClientUseIPv%s 0.", + conn->type == CONN_TYPE_OR ? "OR" : "Dir", + fmt_addr(_addr), + options->ClientUseIPv4 == 0 ? "4" : "6"); +log_backtrace(LOG_WARN, LD_BUG, "Address came from"); + } + + /* Check if we couldn't satisfy an address family preference */ + if ((!pref_ipv6 && tor_addr_family(_addr) == AF_INET6) + || (pref_ipv6 && tor_addr_family(_addr) == AF_INET)) { +log_info(LD_NET, "Connection to %s doesn't satisfy ClientPreferIPv6%sPort " + "%d, with ClientUseIPv4 %d and ClientUseIPv6 %d.", + fmt_addr(_addr), + conn->type == CONN_TYPE_OR ? "OR" : "Dir", + conn->type == CONN_TYPE_OR ? options->ClientPreferIPv6ORPort +: options->ClientPreferIPv6DirPort, + options->ClientUseIPv4, options->ClientUseIPv4); + } +} + /** Take conn, make a nonblocking socket; try to connect to * addr:port (port arrives in *host order*). If fail, return -1 and if * applicable put your best guess about errno into *socket_error. @@ -1745,6 +1806,10 @@ connection_connect(connection_t *conn, const char *address, const or_options_t *options = get_options(); int protocol_family; + /* Log if we didn't stick to ClientUseIPv4/6 or ClientPreferIPv6OR/DirPort + */ + connection_connect_log_client_use_ip_version(conn); + if (tor_addr_family(addr) == AF_INET6) protocol_family = PF_INET6; else diff --git a/src/or/directory.c b/src/or/directory.c index 438b5d8..20ffcee 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -4,6 +4,7 @@ /* See LICENSE for licensing information */ #include "or.h" +#include "backtrace.h" #include "buffers.h" #include "circuitbuild.h" #include "config.h" @@ -692,11 +693,13 @@ directory_initiate_command_routerstatus_rend(const routerstatus_t *status, /* We rejected both addresses. This isn't great. */ if (!have_or && !have_dir) { -log_info(LD_DIR, "Rejected both the OR and Dir address when launching a " - "directory connection to: IPv4 %s OR %d Dir %d IPv6 %s OR %d " - "Dir %d", fmt_addr32(status->addr), status->or_port, +log_warn(LD_BUG, "Rejected all OR and Dir addresses from %s when " + "launching a directory connection to: IPv4 %s OR %d Dir %d " + "IPv6 %s OR %d Dir %d", routerstatus_describe(status), + fmt_addr32(status->addr), status->or_port,
[tor-commits] [tor/master] Choose bridge addresses by IPv4/IPv6 preferences
commit 16486662038de53c482cd6f50a30505f2bf20453 Author: teor (Tim Wilson-Brown)Date: Sun Jan 3 18:20:37 2016 +1100 Choose bridge addresses by IPv4/IPv6 preferences --- src/or/directory.c | 176 src/or/directory.h | 4 +- src/or/entrynodes.c | 13 +++- src/or/router.c | 5 +- 4 files changed, 123 insertions(+), 75 deletions(-) diff --git a/src/or/directory.c b/src/or/directory.c index 20ffcee..665ba27 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -497,11 +497,14 @@ MOCK_IMPL(void, directory_get_from_dirserver, ( const node_t *node = choose_random_dirguard(type); if (node && node->ri) { /* every bridge has a routerinfo. */ -tor_addr_t addr; routerinfo_t *ri = node->ri; -node_get_addr(node, ); -directory_initiate_command(, - ri->or_port, 0/*no dirport*/, +/* clients always make OR connections to bridges */ +tor_addr_port_t or_ap; +/* we are willing to use a non-preferred address if we need to */ +fascist_firewall_choose_address_node(node, FIREWALL_OR_CONNECTION, 0, + _ap); +directory_initiate_command(_ap.addr, or_ap.port, + NULL, 0, /*no dirport*/ ri->cache_info.identity_digest, dir_purpose, router_purpose, @@ -610,6 +613,80 @@ dirind_is_anon(dir_indirection_t ind) return ind == DIRIND_ANON_DIRPORT || ind == DIRIND_ANONYMOUS; } +/* Choose reachable OR and Dir addresses and ports from status, copying them + * into use_or_ap and use_dir_ap. If indirection is anonymous, then we're + * connecting via another relay, so choose the primary IPv4 address and ports. + * + * status should have at least one reachable address, if we can't choose a + * reachable address, warn and return -1. Otherwise, return 0. + */ +static int +directory_choose_address_routerstatus(const routerstatus_t *status, + dir_indirection_t indirection, + tor_addr_port_t *use_or_ap, + tor_addr_port_t *use_dir_ap) +{ + tor_assert(status != NULL); + tor_assert(use_or_ap != NULL); + tor_assert(use_dir_ap != NULL); + + const int anonymized_connection = dirind_is_anon(indirection); + int have_or = 0, have_dir = 0; + + /* We expect status to have at least one reachable address if we're + * connecting to it directly. + * + * Therefore, we can simply use the other address if the one we want isn't + * allowed by the firewall. + * + * (When Tor uploads and downloads a hidden service descriptor, it uses + * DIRIND_ANONYMOUS, except for Tor2Web, which uses DIRIND_ONEHOP. + * So this code will only modify the address for Tor2Web's HS descriptor + * fetches. Even Single Onion Servers (NYI) use DIRIND_ANONYMOUS, to avoid + * HSDirs denying service by rejecting descriptors.) + */ + + /* Initialise the OR / Dir addresses */ + tor_addr_make_null(_or_ap->addr, AF_UNSPEC); + use_or_ap->port = 0; + tor_addr_make_null(_dir_ap->addr, AF_UNSPEC); + use_dir_ap->port = 0; + + if (anonymized_connection) { +/* Use the primary (IPv4) OR address if we're making an indirect + * connection. */ +tor_addr_from_ipv4h(_or_ap->addr, status->addr); +use_or_ap->port = status->or_port; +have_or = 1; + } else { +/* We use an IPv6 address if we have one and we prefer it. + * Use the preferred address and port if they are reachable, otherwise, + * use the alternate address and port (if any). + */ +have_or = fascist_firewall_choose_address_rs(status, + FIREWALL_OR_CONNECTION, 0, + use_or_ap); + } + + have_dir = fascist_firewall_choose_address_rs(status, +FIREWALL_DIR_CONNECTION, 0, +use_dir_ap); + + /* We rejected both addresses. This isn't great. */ + if (!have_or && !have_dir) { +log_warn(LD_BUG, "Rejected all OR and Dir addresses from %s when " + "launching a directory connection to: IPv4 %s OR %d Dir %d " + "IPv6 %s OR %d Dir %d", routerstatus_describe(status), + fmt_addr32(status->addr), status->or_port, + status->dir_port, fmt_addr(>ipv6_addr), + status->ipv6_orport, status->dir_port); +log_backtrace(LOG_WARN, LD_BUG, "Addresses came from"); +return -1; + } + + return 0; +} + /** Same as directory_initiate_command_routerstatus(), but accepts * rendezvous data to fetch a hidden service descriptor. */ void @@ -627,7 +704,8 @@ directory_initiate_command_routerstatus_rend(const routerstatus_t *status, const
[tor-commits] [tor/master] Add firewall_is_fascist_dir()
commit e991d642ec14d41df9da70442d99861bdb5bfb5b Author: teor (Tim Wilson-Brown)Date: Thu Jan 21 12:58:59 2016 +1100 Add firewall_is_fascist_dir() Refactor common parts of firewall_is_fascist_or(). --- src/or/policies.c | 32 +--- src/or/policies.h | 1 + 2 files changed, 26 insertions(+), 7 deletions(-) diff --git a/src/or/policies.c b/src/or/policies.c index ecc89da..506edec 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -307,18 +307,36 @@ parse_reachable_addresses(void) return ret; } -/** Return true iff the firewall options, including ClientUseIPv4 0 and - * ClientUseIPv6 0, might block any address:port combination. - */ -int -firewall_is_fascist_or(void) +/* Return true iff ClientUseIPv4 0 or ClientUseIPv6 0 might block any OR or Dir + * address:port combination. */ +static int +firewall_is_fascist_impl(void) { const or_options_t *options = get_options(); /* Assume every non-bridge relay has an IPv4 address. * Clients which use bridges may only know the IPv6 address of their * bridge. */ - return (reachable_or_addr_policy != NULL || options->ClientUseIPv4 == 0 - || (options->ClientUseIPv6 == 0 && options->UseBridges == 1)); + return (options->ClientUseIPv4 == 0 + || (!fascist_firewall_use_ipv6(options) + && options->UseBridges == 1)); +} + +/** Return true iff the firewall options, including ClientUseIPv4 0 and + * ClientUseIPv6 0, might block any OR address:port combination. + */ +int +firewall_is_fascist_or(void) +{ + return (reachable_or_addr_policy != NULL || firewall_is_fascist_impl()); +} + +/** Return true iff the firewall options, including ClientUseIPv4 0 and + * ClientUseIPv6 0, might block any Dir address:port combination. + */ +int +firewall_is_fascist_dir(void) +{ + return (reachable_dir_addr_policy != NULL || firewall_is_fascist_impl()); } /** Return true iff policy (possibly NULL) will allow a diff --git a/src/or/policies.h b/src/or/policies.h index ac4f7ea..65f10e2 100644 --- a/src/or/policies.h +++ b/src/or/policies.h @@ -30,6 +30,7 @@ typedef enum firewall_connection_t { typedef int exit_policy_parser_cfg_t; int firewall_is_fascist_or(void); +int firewall_is_fascist_dir(void); int fascist_firewall_use_ipv6(const or_options_t *options); int fascist_firewall_prefer_ipv6_orport(const or_options_t *options); int fascist_firewall_prefer_ipv6_dirport(const or_options_t *options); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add ClientUseIPv4 and ClientPreferIPv6DirPort torrc options
commit 2d33d192fc4dd0da2a2e038dd87b277f8e9b90de Author: teor (Tim Wilson-Brown)Date: Mon Dec 14 17:23:10 2015 +1100 Add ClientUseIPv4 and ClientPreferIPv6DirPort torrc options ClientUseIPv4 0 tells tor to avoid IPv4 client connections. ClientPreferIPv6DirPort 1 tells tor to prefer IPv6 directory connections. Refactor policy for IPv4/IPv6 preferences. Fix a bug where node->ipv6_preferred could become stale if ClientPreferIPv6ORPort was changed after the consensus was loaded. Update documentation, existing code, add unit tests. --- changes/feature17840 | 9 + doc/tor.1.txt | 33 +- src/or/circuitbuild.c | 14 +- src/or/config.c| 51 +++- src/or/connection.c| 2 + src/or/directory.c | 8 +- src/or/entrynodes.c| 8 +- src/or/nodelist.c | 263 +--- src/or/nodelist.h | 11 +- src/or/or.h| 21 +- src/or/policies.c | 735 ++--- src/or/policies.h | 62 +++- src/test/test_entrynodes.c | 97 ++ src/test/test_policy.c | 447 +++ 14 files changed, 1645 insertions(+), 116 deletions(-) diff --git a/changes/feature17840 b/changes/feature17840 new file mode 100644 index 000..b8b3b7f --- /dev/null +++ b/changes/feature17840 @@ -0,0 +1,9 @@ + o Minor feature (IPv6): +- Add ClientUseIPv4, which is set to 1 by default. If set to 0, tor + avoids using IPv4 for client OR and directory connections. +- Add ClientPreferIPv6DirPort, which is set to 0 by default. If set + to 1, tor prefers IPv6 directory addresses. +- Try harder to fulfil IP version restrictions ClientUseIPv4 0 and + ClientUseIPv6 0; and the preferences ClientPreferIPv6ORPort and + ClientPreferIPv6DirPort. + Closes ticket 17840; patch by "teor". diff --git a/doc/tor.1.txt b/doc/tor.1.txt index f173a97..26abef1 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -367,6 +367,7 @@ GENERAL OPTIONS authorities. By default, the directory authorities are also FallbackDirs. Specifying a FallbackDir replaces Tor's default hard-coded FallbackDirs (if any). +(See the **DirAuthority** entry for an explanation of each flag.) [[UseDefaultFallbackDirs]] **UseDefaultFallbackDirs** **0**|**1**:: Use Tor's default hard-coded FallbackDirs (if any). (When a @@ -391,6 +392,10 @@ GENERAL OPTIONS authority is listening for IPv6 connections on the indicated IPv6 address and OR Port. + + +Tor will contact the authority at __address__:__port__ (the DirPort) to +download directory documents. If an IPv6 address is supplied, Tor will +also download directory documents at the IPv6 address on the DirPort. + + + If no **DirAuthority** line is given, Tor will use the default directory authorities. NOTE: this option is intended for setting up a private Tor network with its own directory authorities. If you use it, you will be @@ -1483,17 +1488,31 @@ The following options are useful only for clients (that is, if If no defaults are available there, these options default to 20, .80, .60, and 100, respectively. +[[ClientUseIPv4]] **ClientUseIPv4** **0**|**1**:: +If this option is set to 0, Tor will avoid connecting to directory servers +and entry nodes over IPv4. Note that clients with an IPv4 +address in a **Bridge**, proxy, or pluggable transport line will try +connecting over IPv4 even if **ClientUseIPv4** is set to 0. (Default: 1) + [[ClientUseIPv6]] **ClientUseIPv6** **0**|**1**:: -If this option is set to 1, Tor might connect to entry nodes over -IPv6. Note that clients configured with an IPv6 address in a -**Bridge** line will try connecting over IPv6 even if -**ClientUseIPv6** is set to 0. (Default: 0) +If this option is set to 1, Tor might connect to directory servers or +entry nodes over IPv6. Note that clients configured with an IPv6 address +in a **Bridge**, proxy, or pluggable transport line will try connecting +over IPv6 even if **ClientUseIPv6** is set to 0. (Default: 0) + +[[ClientPreferIPv6DirPort]] **ClientPreferIPv6DirPort** **0**|**1**:: +If this option is set to 1, Tor prefers a directory port with an IPv6 +address over one with IPv4, for direct connections, if a given directory +server has both. (Tor also prefers an IPv6 DirPort if IPv4Client is set to +0.) Other things may influence the choice. This option breaks a tie to the +favor of IPv6. (Default: 0) [[ClientPreferIPv6ORPort]] **ClientPreferIPv6ORPort** **0**|**1**:: If this option is set to 1, Tor prefers an OR port with an IPv6 -address over one with IPv4 if a given entry node has both. Other -things may influence the choice. This option breaks a tie to the -favor of IPv6. (Default: 0) +address over one with IPv4 if a given entry node
[tor-commits] [tor/master] Return NULL from extend_info_from_node if the node has no allowed address
commit 1401117ff2bc5fc90df51d19c3c0d7abc439c34e Author: teor (Tim Wilson-Brown)Date: Fri Jan 22 17:43:24 2016 +1100 Return NULL from extend_info_from_node if the node has no allowed address Modify callers to correctly handle these new NULL returns: * fix assert in onion_extend_cpath * warn and discard circuit in circuit_get_open_circ_or_launch * warn, discard circuit, and tell controller in handle_control_extendcircuit --- src/or/circuitbuild.c | 35 +++ src/or/circuituse.c | 7 ++- src/or/control.c | 18 -- 3 files changed, 45 insertions(+), 15 deletions(-) diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index dcb9de3..daf0b2a 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -2241,9 +2241,11 @@ onion_extend_cpath(origin_circuit_t *circ) if (r) { /* If we're a client, use the preferred address rather than the primary address, for potentially connecting to an IPv6 OR - port. */ - info = extend_info_from_node(r, server_mode(get_options()) == 0); - tor_assert(info); + port. Servers always want the primary (IPv4) address. */ + int client = (server_mode(get_options()) == 0); + info = extend_info_from_node(r, client); + /* Clients can fail to find an allowed address */ + tor_assert(info || client); } } else { const node_t *r = @@ -2318,34 +2320,43 @@ extend_info_new(const char *nickname, const char *digest, * for_direct_connect is true, in which case the preferred * address is used instead. May return NULL if there is not enough * info about node to extend to it--for example, if there is no - * routerinfo_t or microdesc_t. + * routerinfo_t or microdesc_t, or if for_direct_connect is true and none of + * the node's addresses are allowed by tor's firewall and IP version config. **/ extend_info_t * extend_info_from_node(const node_t *node, int for_direct_connect) { tor_addr_port_t ap; + int valid_addr = 0; if (node->ri == NULL && (node->rs == NULL || node->md == NULL)) return NULL; - /* Choose a preferred address first, but fall back to an allowed address*/ + /* Choose a preferred address first, but fall back to an allowed address. + * choose_address returns 1 on success, but get_prim_orport returns 0. */ if (for_direct_connect) -fascist_firewall_choose_address_node(node, FIREWALL_OR_CONNECTION, 0, ); +valid_addr = fascist_firewall_choose_address_node(node, + FIREWALL_OR_CONNECTION, + 0, ); else -node_get_prim_orport(node, ); +valid_addr = !node_get_prim_orport(node, ); - log_debug(LD_CIRC, "using %s for %s", -fmt_addrport(, ap.port), -node->ri ? node->ri->nickname : node->rs->nickname); + if (valid_addr) +log_debug(LD_CIRC, "using %s for %s", + fmt_addrport(, ap.port), + node->ri ? node->ri->nickname : node->rs->nickname); + else +log_warn(LD_CIRC, "Could not choose valid address for %s", + node->ri ? node->ri->nickname : node->rs->nickname); - if (node->ri) + if (valid_addr && node->ri) return extend_info_new(node->ri->nickname, node->identity, node->ri->onion_pkey, node->ri->onion_curve25519_pkey, , ap.port); - else if (node->rs && node->md) + else if (valid_addr && node->rs && node->md) return extend_info_new(node->rs->nickname, node->identity, node->md->onion_pkey, diff --git a/src/or/circuituse.c b/src/or/circuituse.c index e742a56..4831f2b 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -2006,8 +2006,13 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, if (r && node_has_descriptor(r)) { /* We might want to connect to an IPv6 bridge for loading descriptors so we use the preferred address rather than - the primary. */ + the primary. */ extend_info = extend_info_from_node(r, conn->want_onehop ? 1 : 0); + if (!extend_info) { +log_warn(LD_CIRC,"Could not make a one-hop connection to %s. " + "Discarding this circuit.", conn->chosen_exit_name); +return -1; + } } else { log_debug(LD_DIR, "considering %d, %s", want_onehop, conn->chosen_exit_name); diff --git a/src/or/control.c b/src/or/control.c index 66182fe..2c0209e 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -2864,12 +2864,26 @@ handle_control_extendcircuit(control_connection_t *conn, uint32_t len, } /* now circ refers to something that is ready to be extended */ + int
[tor-commits] [tor/master] Add unit tests for ClientUseIPv[4, 6] and ClientPreferIPv6[OR, Dir]Port
commit 1dae4dac12de391a7aea7b375628a7898168cc12 Author: teor (Tim Wilson-Brown)Date: Fri Jan 29 09:12:07 2016 +1100 Add unit tests for ClientUseIPv[4,6] and ClientPreferIPv6[OR,Dir]Port --- src/test/test_options.c | 98 + 1 file changed, 98 insertions(+) diff --git a/src/test/test_options.c b/src/test/test_options.c index eb2d332..e15c881 100644 --- a/src/test/test_options.c +++ b/src/test/test_options.c @@ -1770,6 +1770,104 @@ test_options_validate__reachable_addresses(void *ignored) tt_str_op(msg, OP_EQ, SERVERS_REACHABLE_MSG); tor_free(msg); + free_options_test_data(tdata); + tdata = get_options_test_data("ClientUseIPv4 0\n" +"ORListenAddress 127.0.0.1:\n" +"ORPort 955\n" +"MaxClientCircuitsPending 1\n" +"ConnLimit 1\n" +"SchedulerHighWaterMark__ 42\n" +"SchedulerLowWaterMark__ 10\n"); + + ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, ); + tt_int_op(ret, OP_EQ, -1); + tt_str_op(msg, OP_EQ, SERVERS_REACHABLE_MSG); + tor_free(msg); + + /* Test IPv4-only clients setting IPv6 preferences */ + +#define WARN_PLEASE_USE_IPV6_OR_LOG_MSG \ +"ClientPreferIPv6ORPort 1 is ignored unless tor is using IPv6. " \ +"Please set ClientUseIPv6 1, ClientUseIPv4 0, or configure bridges.\n" + +#define WARN_PLEASE_USE_IPV6_DIR_LOG_MSG \ +"ClientPreferIPv6DirPort 1 is ignored unless tor is using IPv6. " \ +"Please set ClientUseIPv6 1, ClientUseIPv4 0, or configure bridges.\n" + + free_options_test_data(tdata); + tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES +"ClientUseIPv4 1\n" +"ClientUseIPv6 0\n" +"UseBridges 0\n" +"ClientPreferIPv6ORPort 1\n"); + + ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, ); + tt_int_op(ret, OP_EQ, 0); + expect_log_msg(WARN_PLEASE_USE_IPV6_OR_LOG_MSG); + tor_free(msg); + + free_options_test_data(tdata); + tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES +"ClientUseIPv4 1\n" +"ClientUseIPv6 0\n" +"UseBridges 0\n" +"ClientPreferIPv6DirPort 1\n"); + + ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, ); + tt_int_op(ret, OP_EQ, 0); + expect_log_msg(WARN_PLEASE_USE_IPV6_DIR_LOG_MSG); + tor_free(msg); + + /* Now test an IPv4/IPv6 client setting IPv6 preferences */ + + free_options_test_data(tdata); + tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES +"ClientUseIPv4 1\n" +"ClientUseIPv6 1\n" +"ClientPreferIPv6ORPort 1\n" +"ClientPreferIPv6DirPort 1\n"); + + ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, ); + tt_int_op(ret, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + + /* Now test an IPv6 client setting IPv6 preferences */ + + free_options_test_data(tdata); + tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES +"ClientUseIPv6 1\n" +"ClientPreferIPv6ORPort 1\n" +"ClientPreferIPv6DirPort 1\n"); + + ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, ); + tt_int_op(ret, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + + /* And an implicit (IPv4 disabled) IPv6 client setting IPv6 preferences */ + + free_options_test_data(tdata); + tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES +"ClientUseIPv4 0\n" +"ClientPreferIPv6ORPort 1\n" +"ClientPreferIPv6DirPort 1\n"); + + ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, ); + tt_int_op(ret, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + + /* And an implicit (bridge) client setting IPv6 preferences */ + + free_options_test_data(tdata); + tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES +"UseBridges 1\n" +"Bridge 127.0.0.1:12345\n" +"ClientPreferIPv6ORPort 1\n" +"ClientPreferIPv6DirPort 1\n"); + + ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, ); + tt_int_op(ret, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + done: teardown_capture_of_logs(previous_log); free_options_test_data(tdata); ___ tor-commits mailing list tor-commits@lists.torproject.org
[tor-commits] [tor/master] Add a helper to search for strings in the log, and change option tests to use this helper instead of looking at specific indices in the log list
commit 8627a40fbab223386c9d13bb63e4e5d52a795286 Author: Ola BiniDate: Fri Jan 29 11:38:54 2016 -0500 Add a helper to search for strings in the log, and change option tests to use this helper instead of looking at specific indices in the log list --- src/test/log_test_helpers.c | 17 + src/test/log_test_helpers.h | 1 + src/test/test_options.c | 159 ++-- 3 files changed, 97 insertions(+), 80 deletions(-) diff --git a/src/test/log_test_helpers.c b/src/test/log_test_helpers.c index 51b5f9b..88d28e1 100644 --- a/src/test/log_test_helpers.c +++ b/src/test/log_test_helpers.c @@ -83,6 +83,23 @@ mock_saved_logs(void) return saved_logs; } +int +mock_saved_log_has_message(const char *msg) +{ + int has_msg = 0; + if (saved_logs) { +SMARTLIST_FOREACH(saved_logs, mock_saved_log_entry_t *, m, + { +if (msg && m->generated_msg && +!strcmp(msg, m->generated_msg)) { + has_msg = 1; +} + }); + } + + return has_msg; +} + void mock_saving_logv(int severity, log_domain_mask_t domain, const char *funcname, const char *suffix, diff --git a/src/test/log_test_helpers.h b/src/test/log_test_helpers.h index af8e8a6..3a565c6 100644 --- a/src/test/log_test_helpers.h +++ b/src/test/log_test_helpers.h @@ -26,6 +26,7 @@ void teardown_capture_of_logs(int prev); const char *mock_saved_log_at(int ix); int mock_saved_severity_at(int ix); int mock_saved_log_number(void); +int mock_saved_log_has_message(const char *msg); #endif diff --git a/src/test/test_options.c b/src/test/test_options.c index e00c802..275fee2 100644 --- a/src/test/test_options.c +++ b/src/test/test_options.c @@ -367,6 +367,14 @@ free_options_test_data(options_test_data_t *td) tor_free(td); } +#define expect_log_msg(str) \ + tt_assert_msg(mock_saved_log_has_message(str), \ +"expected log to contain " # str); + +#define expect_no_log_msg(str) \ + tt_assert_msg(!mock_saved_log_has_message(str), \ +"expected log to not contain " # str); + static void test_options_validate__uname_for_server(void *ignored) { @@ -379,7 +387,7 @@ test_options_validate__uname_for_server(void *ignored) MOCK(get_uname, fixed_get_uname); fixed_get_uname_result = "Windows 95"; options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, ); - tt_str_op(mock_saved_log_at(0), OP_EQ, "Tor is running as a server, but you" + expect_log_msg("Tor is running as a server, but you" " are running Windows 95; this probably won't work. See https://www; ".torproject.org/docs/faq.html#BestOSForRelay for details.\n"); tor_free(msg); @@ -387,7 +395,7 @@ test_options_validate__uname_for_server(void *ignored) fixed_get_uname_result = "Windows 98"; mock_clean_saved_logs(); options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, ); - tt_str_op(mock_saved_log_at(0), OP_EQ, "Tor is running as a server, but you" + expect_log_msg("Tor is running as a server, but you" " are running Windows 98; this probably won't work. See https://www; ".torproject.org/docs/faq.html#BestOSForRelay for details.\n"); tor_free(msg); @@ -395,7 +403,7 @@ test_options_validate__uname_for_server(void *ignored) fixed_get_uname_result = "Windows Me"; mock_clean_saved_logs(); options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, ); - tt_str_op(mock_saved_log_at(0), OP_EQ, "Tor is running as a server, but you" + expect_log_msg("Tor is running as a server, but you" " are running Windows Me; this probably won't work. See https://www; ".torproject.org/docs/faq.html#BestOSForRelay for details.\n"); tor_free(msg); @@ -512,7 +520,7 @@ test_options_validate__contactinfo(void *ignored) ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, ); tt_int_op(ret, OP_EQ, -1); - tt_str_op(mock_saved_log_at(0), OP_EQ, + expect_log_msg( "Your ContactInfo config option is not" " set. Please consider setting it, so we can contact you if your" " server is misconfigured or something else goes wrong.\n"); @@ -524,7 +532,7 @@ test_options_validate__contactinfo(void *ignored) mock_clean_saved_logs(); ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, ); tt_int_op(ret, OP_EQ, -1); - tt_str_op(mock_saved_log_at(0), OP_NE, + expect_no_log_msg( "Your ContactInfo config option is not" " set. Please consider setting it, so we can contact you if your" " server is misconfigured or something else goes wrong.\n"); @@ -632,7 +640,7 @@ test_options_validate__authdir(void *ignored) tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Failed to resolve/guess local address. See logs for" "
[tor-commits] [tor/master] Fix existing options_validate unit tests for ClientUseIPv4
commit 13db39b8563b42cdf47b1feb546d33217c30c824 Author: teor (Tim Wilson-Brown)Date: Fri Jan 29 08:13:11 2016 +1100 Fix existing options_validate unit tests for ClientUseIPv4 --- src/test/test_options.c | 18 +- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/src/test/test_options.c b/src/test/test_options.c index 275fee2..35f9f67 100644 --- a/src/test/test_options.c +++ b/src/test/test_options.c @@ -327,6 +327,7 @@ fixed_get_uname(void) "V3AuthVoteDelay 20\n"\ "V3AuthDistDelay 20\n"\ "V3AuthNIntervalsValid 3\n" \ + "ClientUseIPv4 1\n" \ "VirtualAddrNetworkIPv4 127.192.0.0/10\n" \ "VirtualAddrNetworkIPv6 [FE80::]/10\n"\ "SchedulerHighWaterMark__ 42\n" \ @@ -1698,6 +1699,10 @@ test_options_validate__reachable_addresses(void *ignored) tt_str_op(tdata->opt->ReachableAddresses->value, OP_EQ, "*:82"); tor_free(msg); +#define SERVERS_REACHABLE_MSG "Servers must be able to freely connect to" \ + " the rest of the Internet, so they must not set Reachable*Addresses or" \ + " FascistFirewall or FirewallPorts or ClientUseIPv4 0." + free_options_test_data(tdata); tdata = get_options_test_data("ReachableAddresses *:82\n" "ORListenAddress 127.0.0.1:\n" @@ -1709,9 +1714,7 @@ test_options_validate__reachable_addresses(void *ignored) ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, ); tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, "Servers must be able to freely connect to the rest of" -" the Internet, so they must not set Reachable*Addresses or" -" FascistFirewall."); + tt_str_op(msg, OP_EQ, SERVERS_REACHABLE_MSG); tor_free(msg); free_options_test_data(tdata); @@ -1725,9 +1728,7 @@ test_options_validate__reachable_addresses(void *ignored) ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, ); tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, "Servers must be able to freely connect to the rest of" -" the Internet, so they must not set Reachable*Addresses or" -" FascistFirewall."); + tt_str_op(msg, OP_EQ, SERVERS_REACHABLE_MSG); tor_free(msg); free_options_test_data(tdata); @@ -1741,9 +1742,7 @@ test_options_validate__reachable_addresses(void *ignored) ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, ); tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, "Servers must be able to freely connect to the rest of" -" the Internet, so they must not set Reachable*Addresses or" -" FascistFirewall."); + tt_str_op(msg, OP_EQ, SERVERS_REACHABLE_MSG); tor_free(msg); done: @@ -1760,6 +1759,7 @@ test_options_validate__use_bridges(void *ignored) char *msg; options_test_data_t *tdata = get_options_test_data( "UseBridges 1\n" + "ClientUseIPv4 1\n" "ORListenAddress 127.0.0.1:\n" "ORPort 955\n" "MaxClientCircuitsPending 1\n" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Make bridge clients prefer the configured bridge address
commit b316c87bc90969b2bf724bc2dd695e3f362955b8 Author: teor (Tim Wilson-Brown)Date: Wed Feb 3 23:52:39 2016 +1100 Make bridge clients prefer the configured bridge address When ClientPreferIPv6ORPort is auto, bridges prefer the configured bridge ORPort address. Otherwise, they use the value of the option. Other clients prefer IPv4 ORPorts if ClientPreferIPv6ORPort is auto. When ClientPreferIPv6DirPort is auto, all clients prefer IPv4 DirPorts. --- doc/tor.1.txt | 12 ++-- src/or/entrynodes.c| 22 -- src/or/nodelist.c | 24 +++- src/or/policies.c | 18 +++--- src/test/test_entrynodes.c | 10 ++ src/test/test_policy.c | 25 +++-- 6 files changed, 61 insertions(+), 50 deletions(-) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 87d976b..4c9c53d 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1504,17 +1504,17 @@ The following options are useful only for clients (that is, if If this option is set to 1, Tor prefers a directory port with an IPv6 address over one with IPv4, for direct connections, if a given directory server has both. (Tor also prefers an IPv6 DirPort if IPv4Client is set to -0.) If this option is set to auto, Tor bridge clients prefer IPv6, and -other clients prefer IPv4. Other things may influence the choice. This -option breaks a tie to the favor of IPv6. (Default: auto) +0.) If this option is set to auto, clients prefer IPv4. Other things may +influence the choice. This option breaks a tie to the favor of IPv6. +(Default: auto) [[ClientPreferIPv6ORPort]] **ClientPreferIPv6ORPort** **0**|**1**|**auto**:: If this option is set to 1, Tor prefers an OR port with an IPv6 address over one with IPv4 if a given entry node has both. (Tor also prefers an IPv6 ORPort if IPv4Client is set to 0.) If this option is set -to auto, Tor bridge clients prefer IPv6, and other clients prefer IPv4. -Other things may influence the choice. This option breaks a tie to the -favor of IPv6. (Default: auto) +to auto, Tor bridge clients prefer the configured bridge address, and +other clients prefer IPv4. Other things may influence the choice. This +option breaks a tie to the favor of IPv6. (Default: auto) [[PathsNeededToBuildCircuits]] **PathsNeededToBuildCircuits** __NUM__:: Tor clients don't build circuits for user traffic until they know diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index d6bef65..a4b9350 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -2240,6 +2240,7 @@ rewrite_node_address_for_bridge(const bridge_info_t *bridge, node_t *node) * does so through an address from any source other than node_get_addr(). */ tor_addr_t addr; + const or_options_t *options = get_options(); if (node->ri) { routerinfo_t *ri = node->ri; @@ -2272,9 +2273,15 @@ rewrite_node_address_for_bridge(const bridge_info_t *bridge, node_t *node) } } -/* Mark which address to use based on which bridge_t we got. */ -node->ipv6_preferred = (tor_addr_family(>addr) == AF_INET6 && -!tor_addr_is_null(>ri->ipv6_addr)); +if (options->ClientPreferIPv6ORPort == -1) { + /* Mark which address to use based on which bridge_t we got. */ + node->ipv6_preferred = (tor_addr_family(>addr) == AF_INET6 && + !tor_addr_is_null(>ri->ipv6_addr)); +} else { + /* Mark which address to use based on user preference */ + node->ipv6_preferred = (fascist_firewall_prefer_ipv6_orport(options) && + !tor_addr_is_null(>ri->ipv6_addr)); +} /* XXXipv6 we lack support for falling back to another address for the same relay, warn the user */ @@ -2283,10 +2290,13 @@ rewrite_node_address_for_bridge(const bridge_info_t *bridge, node_t *node) node_get_pref_orport(node, ); log_notice(LD_CONFIG, "Bridge '%s' has both an IPv4 and an IPv6 address. " - "Will prefer using its %s address (%s).", + "Will prefer using its %s address (%s) based on %s.", ri->nickname, - tor_addr_family() == AF_INET6 ? "IPv6" : "IPv4", - fmt_addrport(, ap.port)); + node->ipv6_preferred ? "IPv6" : "IPv4", + fmt_addrport(, ap.port), + options->ClientPreferIPv6ORPort == -1 ? + "the configured Bridge address" : + "ClientPreferIPv6ORPort"); } } if (node->rs) { diff --git a/src/or/nodelist.c b/src/or/nodelist.c index d7cada9..23e9b0e 100644 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@ -981,10 +981,6 @@ node_has_ipv6_dirport(const node_t *node) * i) the node_t says that it prefers IPv6 * or * ii) the router has no IPv4 OR
[tor-commits] [tor/master] Merge branch 'feature17840-v11-tests_truncated'
commit 2b5ff5259408bf7dc17939c6f15eb9e1e68215fa Merge: ba2be81 b316c87 Author: Nick MathewsonDate: Thu Feb 11 12:45:51 2016 -0500 Merge branch 'feature17840-v11-tests_truncated' src/test/log_test_helpers.h | 1 + src/test/test_options.c | 124 2 files changed, 116 insertions(+), 9 deletions(-) diff --cc src/test/log_test_helpers.h index 298237d,3a565c6..02f31a5 --- a/src/test/log_test_helpers.h +++ b/src/test/log_test_helpers.h @@@ -23,33 -23,10 +23,34 @@@ void mock_clean_saved_logs(void) const smartlist_t *mock_saved_logs(void); int setup_capture_of_logs(int new_level); void teardown_capture_of_logs(int prev); -const char *mock_saved_log_at(int ix); -int mock_saved_severity_at(int ix); -int mock_saved_log_number(void); ++ int mock_saved_log_has_message(const char *msg); +int mock_saved_log_has_severity(int severity); +int mock_saved_log_has_entry(void); + +#define expect_log_msg(str) \ + tt_assert_msg(mock_saved_log_has_message(str), \ +"expected log to contain " # str); + +#define expect_no_log_msg(str) \ + tt_assert_msg(!mock_saved_log_has_message(str), \ +"expected log to not contain " # str); + +#define expect_log_severity(severity) \ + tt_assert_msg(mock_saved_log_has_severity(severity), \ +"expected log to contain severity " # severity); + +#define expect_no_log_severity(severity) \ + tt_assert_msg(!mock_saved_log_has_severity(severity), \ +"expected log to not contain severity " # severity); + +#define expect_log_entry() \ + tt_assert_msg(mock_saved_log_has_entry(), \ +"expected log to contain entries"); + +#define expect_no_log_entry() \ + tt_assert_msg(!mock_saved_log_has_entry(), \ +"expected log to not contain entries"); #endif ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Report malformed options in options_validate unit tests
commit 26f68a771c2d3df12d0dce20f37ee6549e16c920 Author: teor (Tim Wilson-Brown)Date: Fri Jan 29 08:15:14 2016 +1100 Report malformed options in options_validate unit tests --- src/test/test_options.c | 33 + 1 file changed, 29 insertions(+), 4 deletions(-) diff --git a/src/test/test_options.c b/src/test/test_options.c index 35f9f67..eb2d332 100644 --- a/src/test/test_options.c +++ b/src/test/test_options.c @@ -339,22 +339,47 @@ typedef struct { or_options_t *def_opt; } options_test_data_t; +static void free_options_test_data(options_test_data_t *td); + static options_test_data_t * get_options_test_data(const char *conf) { + int rv = -1; + char *msg = NULL; config_line_t *cl=NULL; options_test_data_t *result = tor_malloc(sizeof(options_test_data_t)); result->opt = options_new(); result->old_opt = options_new(); result->def_opt = options_new(); - config_get_lines(conf, , 1); - config_assign(_format, result->opt, cl, 0, 0, NULL); + rv = config_get_lines(conf, , 1); + tt_assert(rv == 0); + rv = config_assign(_format, result->opt, cl, 0, 0, ); + if (msg) { +/* Display the parse error message by comparing it with an empty string */ +tt_str_op(msg, OP_EQ, ""); + } + tt_assert(rv == 0); config_free_lines(cl); result->opt->LogTimeGranularity = 1; result->opt->TokenBucketRefillInterval = 1; - config_get_lines(TEST_OPTIONS_OLD_VALUES, , 1); - config_assign(_format, result->def_opt, cl, 0, 0, NULL); + rv = config_get_lines(TEST_OPTIONS_OLD_VALUES, , 1); + tt_assert(rv == 0); + rv = config_assign(_format, result->def_opt, cl, 0, 0, ); + if (msg) { +/* Display the parse error message by comparing it with an empty string */ +tt_str_op(msg, OP_EQ, ""); + } + tt_assert(rv == 0); + +done: config_free_lines(cl); + if (rv != 0) { +free_options_test_data(result); +result = NULL; +/* Callers expect a non-NULL result, so just die if we can't provide one. + */ +tor_assert(0); + } return result; } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add an assertion to tor_libevent_get_base()
commit c595f6d25e9cda58f5327c5806e2c9a534c454f9 Author: Nick MathewsonDate: Thu Feb 4 12:37:00 2016 -0500 Add an assertion to tor_libevent_get_base() Closes ticket 18241. --- changes/assert_event_base| 5 + src/common/compat_libevent.c | 1 + 2 files changed, 6 insertions(+) diff --git a/changes/assert_event_base b/changes/assert_event_base new file mode 100644 index 000..b887795 --- /dev/null +++ b/changes/assert_event_base @@ -0,0 +1,5 @@ + o Minor features (robustness): +- Exit immediately with an error message if the code attempts to + use libevent without having initialized it. This should resolve + some frequently-made mistakes in our unit tests. Closes ticket + 18241. diff --git a/src/common/compat_libevent.c b/src/common/compat_libevent.c index 29e5c5f..c367ee4 100644 --- a/src/common/compat_libevent.c +++ b/src/common/compat_libevent.c @@ -247,6 +247,7 @@ tor_libevent_initialize(tor_libevent_cfg *torcfg) MOCK_IMPL(struct event_base *, tor_libevent_get_base, (void)) { + tor_assert(the_event_base != NULL); return the_event_base; } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Check that the log mutex is initialised before trying to lock or unlock it
commit db72b509d17311d289b140afb3456376c5525ad7 Author: teor (Tim Wilson-Brown)Date: Fri Feb 5 14:08:58 2016 +1100 Check that the log mutex is initialised before trying to lock or unlock it --- src/common/log.c | 8 +++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/common/log.c b/src/common/log.c index 4a8a7b1..f71583f 100644 --- a/src/common/log.c +++ b/src/common/log.c @@ -149,10 +149,14 @@ static int pretty_fn_has_parens = 0; /** Lock the log_mutex to prevent others from changing the logfile_t list */ #define LOCK_LOGS() STMT_BEGIN \ + tor_assert(log_mutex_initialized);\ tor_mutex_acquire(_mutex);\ STMT_END /** Unlock the log_mutex */ -#define UNLOCK_LOGS() STMT_BEGIN tor_mutex_release(_mutex); STMT_END +#define UNLOCK_LOGS() STMT_BEGIN\ + tor_assert(log_mutex_initialized);\ + tor_mutex_release(_mutex);\ + STMT_END /** What's the lowest log level anybody cares about? Checking this lets us * bail out early from log_debug if we aren't debugging. */ @@ -482,6 +486,8 @@ logv,(int severity, log_domain_mask_t domain, const char *funcname, /* check that severity is sane. Overrunning the masks array leads to * interesting and hard to diagnose effects */ assert(severity >= LOG_ERR && severity <= LOG_DEBUG); + /* check that we've initialised the log mutex before we try to lock it */ + assert(log_mutex_initialized); LOCK_LOGS(); if ((! (domain & LD_NOCB)) && smartlist_len(pending_cb_messages)) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'check_log_mutex_uncherrypicked'
commit fed8c5199a9fbc91a7476323c145c59e9e30e30c Merge: 5a164d5 a7a98e2 Author: Nick MathewsonDate: Thu Feb 11 13:41:31 2016 -0500 Merge branch 'check_log_mutex_uncherrypicked' changes/assert_event_base| 5 + src/common/compat_libevent.c | 1 + src/common/log.c | 13 ++--- src/test/testing_common.c| 4 +++- 4 files changed, 19 insertions(+), 4 deletions(-) diff --cc src/test/testing_common.c index 9c7fca0,fc4e05c..da9969d --- a/src/test/testing_common.c +++ b/src/test/testing_common.c @@@ -238,13 -241,7 +241,12 @@@ main(int c, const char **v update_approx_time(time(NULL)); options = options_new(); tor_threads_init(); + + struct tor_libevent_cfg cfg; + memset(, 0, sizeof(cfg)); + tor_libevent_initialize(); + control_initialize_event_queue(); - init_logging(1); configure_backtrace_handler(get_version()); for (i_out = i = 1; i < c; ++i) { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Avoid calling log functions in logv when SMARTLIST_DEBUG is defined
commit add8acf42882a13af610ace6005d52544509a823 Author: teor (Tim Wilson-Brown)Date: Fri Feb 5 14:14:17 2016 +1100 Avoid calling log functions in logv when SMARTLIST_DEBUG is defined --- src/common/log.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/common/log.c b/src/common/log.c index f71583f..4779751 100644 --- a/src/common/log.c +++ b/src/common/log.c @@ -490,7 +490,8 @@ logv,(int severity, log_domain_mask_t domain, const char *funcname, assert(log_mutex_initialized); LOCK_LOGS(); - if ((! (domain & LD_NOCB)) && smartlist_len(pending_cb_messages)) + if ((! (domain & LD_NOCB)) && pending_cb_messages + && smartlist_len(pending_cb_messages)) flush_pending_log_callbacks(); if (queue_startup_messages && @@ -945,7 +946,7 @@ flush_pending_log_callbacks(void) smartlist_t *messages, *messages_tmp; LOCK_LOGS(); - if (0 == smartlist_len(pending_cb_messages)) { + if (!pending_cb_messages || 0 == smartlist_len(pending_cb_messages)) { UNLOCK_LOGS(); return; } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Initialise logging before trying to use it in unit tests
commit a7a98e27eadff634655a7845976adc7a23dcdc3f Author: teor (Tim Wilson-Brown)Date: Fri Feb 5 14:28:53 2016 +1100 Initialise logging before trying to use it in unit tests --- src/test/testing_common.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/test/testing_common.c b/src/test/testing_common.c index e20e9e6..fc4e05c 100644 --- a/src/test/testing_common.c +++ b/src/test/testing_common.c @@ -228,6 +228,9 @@ main(int c, const char **v) int loglevel = LOG_ERR; int accel_crypto = 0; + /* We must initialise logs before we call tor_assert() */ + init_logging(1); + #ifdef USE_DMALLOC { int r = CRYPTO_set_mem_ex_functions(tor_malloc_, tor_realloc_, tor_free_); @@ -239,7 +242,6 @@ main(int c, const char **v) options = options_new(); tor_threads_init(); control_initialize_event_queue(); - init_logging(1); configure_backtrace_handler(get_version()); for (i_out = i = 1; i < c; ++i) { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-aboutdialogdtd] Update translations for torbutton-aboutdialogdtd
commit 719c203e1417a3b5a5e5be7ccd93c2649aa202ff Author: Translation commit botDate: Thu Feb 11 18:46:05 2016 + Update translations for torbutton-aboutdialogdtd --- tl_PH/aboutdialog.dtd | 20 ++-- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/tl_PH/aboutdialog.dtd b/tl_PH/aboutdialog.dtd index 5099ad7..e957f74 100644 --- a/tl_PH/aboutdialog.dtd +++ b/tl_PH/aboutdialog.dtd @@ -1,19 +1,19 @@ - + - + - + - - + + - + - + - + - - + + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-openpgp-applet] Update translations for tails-openpgp-applet
commit 2f815869be34ac66970989732b264e737d69803e Author: Translation commit botDate: Thu Feb 11 18:46:49 2016 + Update translations for tails-openpgp-applet --- eu/openpgp-applet.pot | 13 +++-- 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/eu/openpgp-applet.pot b/eu/openpgp-applet.pot index 6dedc2c..235e795 100644 --- a/eu/openpgp-applet.pot +++ b/eu/openpgp-applet.pot @@ -3,13 +3,14 @@ # This file is distributed under the same license as the PACKAGE package. # # Translators: +# Iban , 2016 msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: ta...@boum.org\n" "POT-Creation-Date: 2015-08-10 15:55+0200\n" -"PO-Revision-Date: 2015-11-23 02:23+\n" -"Last-Translator: FULL NAME \n" +"PO-Revision-Date: 2016-02-11 18:28+\n" +"Last-Translator: Iban \n" "Language-Team: Basque (http://www.transifex.com/otf/torproject/language/eu/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -92,8 +93,8 @@ msgstr "Hatz-marka:" #: bin/openpgp-applet:447 msgid "User ID:" msgid_plural "User IDs:" -msgstr[0] "" -msgstr[1] "" +msgstr[0] "Erabiltzaile ID:" +msgstr[1] "Erabiltzaile ID-ak:" #: bin/openpgp-applet:476 msgid "None (Don't sign)" @@ -128,8 +129,8 @@ msgstr "Gako hauetaz fidatzen zara?" #: bin/openpgp-applet:603 msgid "The following selected key is not fully trusted:" msgid_plural "The following selected keys are not fully trusted:" -msgstr[0] "" -msgstr[1] "" +msgstr[0] "Hurrengo gako aukeratua ez da guztiz fidagarria:" +msgstr[1] "Hurrengo gako aukeratuak ez dira guztiz fidagarriak:" #: bin/openpgp-applet:621 msgid "Do you trust this key enough to use it anyway?" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits